RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 06:47:35 +00:00
Code Issues Activity Actions

LibCrypto: Avoid branching in galois_multiply()

Browse source 
This makes GHash a little more than twice as fast.
This commit is contained in:
Ali Mohammad Pur 2024-01-03 16:26:18 +03:30 committed by Andreas Kling
parent 27a294547d
commit b1297a267c
1 changed files with 7 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

15
Userland/Libraries/LibCrypto/Authentication/GHash.cpp
View file

@ -92,13 +92,13 @@ void galois_multiply(u32 (&z)[4], const u32 (&_x)[4], const u32 (&_y)[4])
u32 y[4] { _y[0], _y[1], _y[2], _y[3] }; u32 y[4] { _y[0], _y[1], _y[2], _y[3] };
__builtin_memset(z, 0, sizeof(z)); __builtin_memset(z, 0, sizeof(z));
#pragma GCC unroll 16
for (ssize_t i = 127; i > -1; --i) { for (ssize_t i = 127; i > -1; --i) {
if ((y[3 - (i / 32)] >> (i % 32)) & 1) { auto r = -((y[3 - (i / 32)] >> (i % 32)) & 1);
z[0] ^= x[0]; z[0] ^= x[0] & r;
z[1] ^= x[1]; z[1] ^= x[1] & r;
z[2] ^= x[2]; z[2] ^= x[2] & r;
z[3] ^= x[3]; z[3] ^= x[3] & r;
}
auto a0 = x[0] & 1; auto a0 = x[0] & 1;
x[0] >>= 1; x[0] >>= 1;
auto a1 = x[1] & 1; auto a1 = x[1] & 1;
@ -111,8 +111,7 @@ void galois_multiply(u32 (&z)[4], const u32 (&_x)[4], const u32 (&_y)[4])
x[3] >>= 1; x[3] >>= 1;
x[3] |= a2 << 31; x[3] |= a2 << 31;
if (a3) x[0] ^= 0xe1000000 & -a3;
x[0] ^= 0xe1000000;
} }
} }