Avoid using package specific variables when there is a one to one
correspondance to cpu feature support exported by internal/cpu.
This makes it clearer which cpu feature is referenced.
Another advantage is that internal/cpu variables are padded to avoid
false sharing and memory and cache usage is shared by multiple packages.
Change-Id: Ieadfc2f2f65f83f947aa8a5efc869aa85d89615d
Reviewed-on: https://go-review.googlesource.com/126597
Run-TryBot: Martin Möhrmann <moehrmann@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
AnyOverlap and InexactOverlap implement checks for the aliasing
requirements defined by the crypto/cipher interfaces. Apply them to all
implementations as the actual requirement could be architecture-dependent
and user code should not rely on undefined behavior.
Updates golang/go#21624
Change-Id: I465de02fb3fec4e0c6f1fdee1ef6ae7ed5abff10
Reviewed-on: https://go-review.googlesource.com/112236
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
These are triggering vet errors when vendored into std.
Change-Id: Ied8158941d176129c76509acff7314a6a483c9f9
Reviewed-on: https://go-review.googlesource.com/113176
Run-TryBot: Michael Munday <mike.munday@ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The code (especially assembly implementations) should be able to
handle this scenario.
Change-Id: I68c6a5b8a099a23a87bfcb5f7246a2134f82bb9e
Reviewed-on: https://go-review.googlesource.com/112977
Run-TryBot: Michael Munday <mike.munday@ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
CL 110355 switched out the adhoc cpu feature detection for x/sys/cpu, in
doing so the AVX2 check was broken. The assembly code uses MULX which is
part of BMI2.
Updates golang/go#24843
Change-Id: I4719b8ff3211eb1c823099512e593e540d6f3be8
GitHub-Last-Rev: 70542b53cd
GitHub-Pull-Request: golang/crypto#44
Reviewed-on: https://go-review.googlesource.com/110796
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
This exposes the chacha20 stream cipher to the entire x/crypto
package, and in particular to the SSH package, which uses separate,
unauthenticated chacha20 encryption for packet lengths.
Change-Id: I0b705482128f0657c09292370f03d08b588f7fec
Reviewed-on: https://go-review.googlesource.com/87075
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The previous name did not have the '_test.go' suffix and so was
always built.
Change-Id: I2d18d0ba5c863ac7f0dd0465ebafba4e022faa14
Reviewed-on: https://go-review.googlesource.com/35875
Run-TryBot: Michael Munday <munday@ca.ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The file was originally added in 2016.
Change-Id: I1b5c01400fb73e83f39c086ea1235a948d27308d
Reviewed-on: https://go-review.googlesource.com/35874
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This change detects BMI2 usability as an additional condition
to examine the usability of AVX2 version algorithm, fixes
the crash on the platfrom which supports AVX2 but not support BMI2.
Change-Id: I5438d4ec84265c79a51c1439265a33b1be04878a
Reviewed-on: https://go-review.googlesource.com/34852
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The names of the constant values were previously not scoped to the
package and |andMask| could collide with the variable of the same name
in the AES-GCM assembly.
Change-Id: I9387a6cace71a585ad2fe2afcc8436d44bde0917
Reviewed-on: https://go-review.googlesource.com/31265
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The SSE code of chacha20poly1305 used PINSRB and PEXTRQ, which are only available
on machines supporting SSE4.1.
Fixesgolang/go#17464
Change-Id: Ic7313433cb21f9a3709d23b50ab58ac1d87957af
Reviewed-on: https://go-review.googlesource.com/31187
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This change adds a package, chacha20poly1305, which implements the
ChaCha20-Poly1305 AEAD from RFC 7539. This AEAD has several attractive
features:
1. It's naturally constant time. AES-GCM needs either dedicated
hardware or extreme effort to be fast and constant-time, while
this design is easy to make constant-time.
2. It's fast on modern processors: it runs at 1GB/s on my IvyBrige
system.
3. It's seeing significant use in TLS. (A change for crypto/tls is
forthcoming.)
This change merges two CLs:
https://go-review.googlesource.com/#/c/24717https://go-review.googlesource.com/#/c/26691
I took the amd64-optimised AEAD implementation from the former because
it was significantly faster. But the structure of the change is taken
from the latter.
This version will be checked into x/crypto. This package will then be
vendored into the stdlib so that it can be used from crypto/tls.
Change-Id: I5a60587958b7afeec81ca1091e603a7e8517000b
Reviewed-on: https://go-review.googlesource.com/30728
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Filippo Valsorda
Neven Sajko
Martin Möhrmann
Adam Langley
Michael Munday
Tom Thorogood
Andreas Auernhammer
Han-Wen Nienhuys
Filippo Valsorda
Michael Munday
Lion Yang
Mikio Hara
Shenghou Ma
Alex Vaghin
Brad Fitzpatrick