aboutsummaryrefslogtreecommitdiffstats
path: root/src/block
Commit message (Collapse)AuthorAgeFilesLines
* Disable prefetch in AES for now. Problem: with iterative modes like CBC,lloyd2009-09-301-8/+0
| | | | | | | | the prefetch is called for each block of input, and so a total of (4096+256)/64 = 68 prefetches are executed for each block. This reduces performance of iterative modes dramatically. I'm not sure what the right approach for dealing with this is.
* Use prefetching in AES. Nominally, this will help somewhat with preventinglloyd2009-09-291-0/+8
| | | | | | | | | | timing attacks, since once all the TE/SE tables are entirely in cache then timing attacks against it become somewhat harder. However for this to be a full defense it would be necessary to ensure the tables were entirely loaded into cache, which is not guaranteed by the normal SSE prefetch instructions. (Or prefetch instructions for other CPUs, AFAIK). Much more importantly, it provides a 10% speedup.
* Remove add block from block/info.txtlloyd2009-09-291-6/+0
|
* Remove add blocks from block cipher info fileslloyd2009-09-2925-188/+0
|
* Use load_le instead of make_u32bit in Serpent x86 key schedule codelloyd2009-09-291-1/+1
|
* Indentation fixlloyd2009-09-211-13/+12
|
* Hoist creation of buffer in Lion encrypt looplloyd2009-08-311-4/+4
|
* Remove unneeded include in xtea.cpplloyd2009-08-271-1/+0
|
* Instead of each SSE2 implementation specifying which compilers + CPUs itlloyd2009-08-271-12/+0
| | | | | works on, have sse2_eng rely on a specific compiler/arch; each sse2 impl depends on the engine anyway, so they will only be loaded if OK.
* For handling the last few blocks in Serpent_SSE2, invoke encrypt_n withlloyd2009-08-121-12/+2
| | | | | however many blocks remain, rather than looping calling encrypt_n with a block size of 1 each time.
* Add SSE2 Serpent decryptionlloyd2009-08-122-1/+307
|
* Small code cleanups in SSE2 Serpentlloyd2009-08-122-192/+195
|
* Use SSE2 unpack instructions instead of unions for input/output conversion.lloyd2009-08-122-300/+263
| | | | | About 10% faster than previous. Currently 112 MiB/s in ECB mode, versus about 40 MiB/s in scalar mode, on my 2.4 GHz Core2
* Add full 4-way SSE2 Serpent encryption. Load/store operations are vialloyd2009-08-123-47/+290
| | | | | unions and can be made much faster using interleave operations I think. Currently ~2.5x faster in ECB or CTR mode on a Core2, which isn't too bad.
* Make encrypt_n public for all BlockCipher implementations - unlike thelloyd2009-08-1129-54/+331
| | | | | | enc/dec functions it replaces, these are public interfaces. Add the first bits of a SSE2 implementation of Serpent. Currently incomplete.
* Change the BlockCipher interface to support multi-block encryption andlloyd2009-08-1153-1299/+1641
| | | | | | | | | decryption. Currently only used for counter mode. Doesn't offer much advantage as-is (though might help slightly, in terms of cache effects), but allows for SIMD implementations to process multiple blocks in parallel when possible. Particularly thinking here of Serpent; TEA/XTEA also seem promising in this sense, as is Threefish once that is implemented as a standalone block cipher.
* Add 'Distributed under the terms of the Botan license' notices to the .Slloyd2009-08-111-13/+15
| | | | | files. Were missed by the automated script that added them to the cpp/h files, it appears.
* Add support for Dragonfly BSD (a fork of FreeBSD).lloyd2009-07-251-0/+1
| | | | Contributed by Patrick Georgi
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-154-11/+18
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* Some modules using asm were not marked with 'load_on asm_ok'; fixlloyd2009-07-071-1/+1
|
* CPU-specific engines are now only loaded if something depends on them,lloyd2009-07-071-0/+1
| | | | | | | | | | | | and all CPU-specific implementations now depend on the appropriate engine module. The most common problem before with this was that the SSE2 module was built, but the sole SSE2 code (SHA-1) was not (for instance, on an i686). This would cause a compile warning about the unused request object. Preventing unused engines from being built will also (very slightly) speed up the lookup process on most system.
* Many source files included bit_ops.h when what was really desired waslloyd2009-05-1312-12/+12
| | | | | rotate.h, or when it was not needed at all. Remove or change the includes as needed.
* Clean up the GOST_2ROUND macro a bit. Put in do/while block so it is alloyd2009-04-071-7/+8
| | | | statement (at least as far as the calling code is concerned)
* Hide the declarations of the GOST sboxes inside the Param constructor sincelloyd2009-04-012-25/+26
| | | | | that is the only code that needs to see them. Record the name in the Param object.
* Simplify the XTEA key schedule code - there really is no reason tolloyd2009-03-311-29/+13
| | | | | precompute the deltas when they are just a few additions; removing the additions from the encrypt/decrypt rounds seems enough to me.
* Add support for multiple Sbox parameter sets in the GOST 28147-89 ↵lloyd2009-03-312-17/+71
| | | | | | | | implementation. In addition to the GOST 34.11 test parameters (used in Crypto++ among other things), the GOST 34.11 CryptoPro parameters (used in implementations of the GOST hash function) are now supported.
* Partially unroll the round structure, enough so that the subkey accesseslloyd2009-03-312-36/+40
| | | | | | | can be done directly, so there is no need to copy the key several times for the key schedule (since the GOST 'key schedule' is very simple and the access pattern can now be directly inserted into the code). Looks to be about 10% faster on my Core2, as well.
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-3062-737/+861
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* Compile fix: missing a commalloyd2009-03-271-1/+1
|
* GOST was using a completely non-standard set of sboxes. Change it to uselloyd2009-03-277-311/+152
| | | | | | | | | | | | | | | GostR3411_94_TestParamSet, this is compatible with the implementations in Crypto++ and OpenSSL. This is not backwards compatible, though once the implementation supports multiple param sets (which is required, unfortunately, for compatability with various standards by CryptoCom, who have defined not one but at least 4 (!!!) different sboxes to use with GOST), I may offer Botan's previous sbox set as an option. Since adding the GOST hash function (34.11) and signing algorithm (34.10) are on the long term agenda (request by Rickard Bondesson, as the Russian authorities want to use their local standards for their DNSSEC use), I renamed the block cipher class (which had been just 'GOST') to GOST_28147_89 to minimize future name clashes.
* Add comment showing likely future API for multi-block encryption in BlockCipherlloyd2008-11-211-0/+6
|
* Move MISTY1 tables from mist_tab.cpp to misty1.cpp - pretty smalllloyd2008-11-214-118/+106
|
* Add a comment WRT timing attacks on the AES implementationlloyd2008-11-191-0/+14
|
* Add a comment to BlockCipher mentionining the usefulness of extending itlloyd2008-11-181-0/+9
| | | | to support multiple blocks.
* Optimize AES decryption in the same manner as the last changes to AES ↵lloyd2008-11-172-41/+44
| | | | encryption.
* Optimize the first round of AES, currently in the encryption direction only.lloyd2008-11-172-37/+47
| | | | | | | | | | | This seems to have a significant impact on overall speed, now measuring on my Core2 Q6600: AES-128: 123.41 MiB/sec AES-192: 108.28 MiB/sec AES-256: 95.72 MiB/sec which is roughly 8-10% faster than before.
* Optimize AES decryption in the same way.lloyd2008-11-171-27/+34
|
* Fix indexing in EK_[4-7]lloyd2008-11-171-4/+4
|
* Move the loads of AES::EK to the top of the loop.lloyd2008-11-171-8/+18
| | | | | | | | | | | | Before: $ ./check --bench-algo=AES-128,AES-256 --seconds=10 AES-128: 101.99 MiB/sec AES-256: 78.30 MiB/sec After: $ ./check --bench-algo=AES-128,AES-256 --seconds=10 AES-128: 106.51 MiB/sec AES-256: 84.26 MiB/sec
* Format block comments for Doxygenlloyd2008-11-172-56/+64
|
* Remove redundent includeslloyd2008-11-091-2/+0
|
* Macro cleanuplloyd2008-11-091-2/+2
|
* Rename SymmetricAlgorithm::key to key_schedule to avoid many namelloyd2008-11-0952-54/+54
| | | | conflicts/collisions
* Split the last parts of the 'core' modulelloyd2008-11-081-0/+14
| | | | Add some missing info.txts
* Split ciphers into block and stream ciphers. Move base class headerslloyd2008-11-0889-0/+9145