Commit 1bc2b68916
Changed files (1)
lib
std
crypto
lib/std/crypto/ghash.zig
@@ -105,6 +105,17 @@ pub const Ghash = struct {
return product[0];
}
+ inline fn clmul_pmull(x: u64, y: u64) u64 {
+ const Vector = std.meta.Vector;
+ const product = asm (
+ \\ pmull %[out].1q, %[x].1d, %[y].1d
+ : [out] "=w" (-> Vector(2, u64))
+ : [x] "w" (@bitCast(Vector(2, u64), @as(u128, x))),
+ [y] "w" (@bitCast(Vector(2, u64), @as(u128, y)))
+ );
+ return product[0];
+ }
+
fn clmul_soft(x: u64, y: u64) u64 {
const x0 = x & 0x1111111111111111;
const x1 = x & 0x2222222222222222;
@@ -127,7 +138,14 @@ pub const Ghash = struct {
const has_pclmul = comptime std.Target.x86.featureSetHas(std.Target.current.cpu.features, .pclmul);
const has_avx = comptime std.Target.x86.featureSetHas(std.Target.current.cpu.features, .avx);
- const clmul = if (std.Target.current.cpu.arch == .x86_64 and has_pclmul and has_avx) clmul_pclmul else clmul_soft;
+ const has_armaes = comptime std.Target.aarch64.featureSetHas(std.Target.current.cpu.features, .aes);
+ const clmul = if (std.Target.current.cpu.arch == .x86_64 and has_pclmul and has_avx) impl: {
+ break :impl clmul_pclmul;
+ } else if (std.Target.current.cpu.arch == .aarch64 and has_armaes) impl: {
+ break :impl clmul_pmull;
+ } else impl: {
+ break :impl clmul_soft;
+ };
fn blocks(st: *Ghash, msg: []const u8) void {
assert(msg.len % 16 == 0); // GHASH blocks() expects full blocks