1 // SPDX-License-Identifier: BSD-2-Clause
2 /*
3 * Copyright (c) 2017, Linaro Limited
4 */
5
6 #include <crypto/ghash-ce-core.h>
7 #include <io.h>
8 #include <tomcrypt_arm_neon.h>
9 #include <tomcrypt.h>
10 #include <utee_defines.h>
11
12 /**
13 GCM multiply by H
14 @param gcm The GCM state which holds the H value
15 @param I The value to multiply H by
16 */
gcm_mult_h(gcm_state * gcm,unsigned char * I)17 void gcm_mult_h(gcm_state *gcm, unsigned char *I)
18 {
19 struct tomcrypt_arm_neon_state state;
20 const uint8_t zeroes[TEE_AES_BLOCK_SIZE] = { 0 };
21 uint64_t k[2];
22 uint64_t a;
23 uint64_t b;
24 uint64_t dg[2];
25
26 b = get_be64(gcm->H);
27 a = get_be64(gcm->H + 8);
28
29 k[0] = (a << 1) | (b >> 63);
30 k[1] = (b << 1) | (a >> 63);
31 if (b >> 63)
32 k[1] ^= 0xc200000000000000UL;
33
34 dg[1] = get_be64(I);
35 dg[0] = get_be64(I + 8);
36
37 tomcrypt_arm_neon_enable(&state);
38 #ifdef _CFG_CORE_LTC_HWSUPP_PMULL
39 pmull_ghash_update_p64(1, dg, zeroes, k, NULL);
40 #else
41 pmull_ghash_update_p8(1, dg, zeroes, k, NULL);
42 #endif
43 tomcrypt_arm_neon_disable(&state);
44
45 put_be64(I, dg[1]);
46 put_be64(I + 8, dg[0]);
47 }
48
49