Commit 3538d40a authored by Rémy Oudompheng's avatar Rémy Oudompheng Committed by Adam Langley

crypto/aes: eliminate some bounds checking and manual truncation.

By converting array indices to uint8, they are automatically
constrained in the array range, and the binary AND with 0xff
is no longer needed anymore.

Before:  aes.BenchmarkEncrypt    363 ns/op
After:   aes.BenchmarkEncrypt    273 ns/op

R=golang-dev, gri, agl
CC=golang-dev, remy
https://golang.org/cl/5450084
parent b9ccd077
...@@ -348,3 +348,17 @@ func TestCipherDecrypt(t *testing.T) { ...@@ -348,3 +348,17 @@ func TestCipherDecrypt(t *testing.T) {
} }
} }
} }
func BenchmarkEncrypt(b *testing.B) {
b.StopTimer()
tt := encryptTests[0]
c, err := NewCipher(tt.key)
if err != nil {
panic("NewCipher")
}
out := make([]byte, len(tt.in))
b.StartTimer()
for i := 0; i < b.N; i++ {
c.Encrypt(out, tt.in)
}
}
...@@ -56,10 +56,10 @@ func encryptBlock(xk []uint32, dst, src []byte) { ...@@ -56,10 +56,10 @@ func encryptBlock(xk []uint32, dst, src []byte) {
nr := len(xk)/4 - 2 // - 2: one above, one more below nr := len(xk)/4 - 2 // - 2: one above, one more below
k := 4 k := 4
for r := 0; r < nr; r++ { for r := 0; r < nr; r++ {
t0 = xk[k+0] ^ te[0][s0>>24] ^ te[1][s1>>16&0xff] ^ te[2][s2>>8&0xff] ^ te[3][s3&0xff] t0 = xk[k+0] ^ te[0][uint8(s0>>24)] ^ te[1][uint8(s1>>16)] ^ te[2][uint8(s2>>8)] ^ te[3][uint8(s3)]
t1 = xk[k+1] ^ te[0][s1>>24] ^ te[1][s2>>16&0xff] ^ te[2][s3>>8&0xff] ^ te[3][s0&0xff] t1 = xk[k+1] ^ te[0][uint8(s1>>24)] ^ te[1][uint8(s2>>16)] ^ te[2][uint8(s3>>8)] ^ te[3][uint8(s0)]
t2 = xk[k+2] ^ te[0][s2>>24] ^ te[1][s3>>16&0xff] ^ te[2][s0>>8&0xff] ^ te[3][s1&0xff] t2 = xk[k+2] ^ te[0][uint8(s2>>24)] ^ te[1][uint8(s3>>16)] ^ te[2][uint8(s0>>8)] ^ te[3][uint8(s1)]
t3 = xk[k+3] ^ te[0][s3>>24] ^ te[1][s0>>16&0xff] ^ te[2][s1>>8&0xff] ^ te[3][s2&0xff] t3 = xk[k+3] ^ te[0][uint8(s3>>24)] ^ te[1][uint8(s0>>16)] ^ te[2][uint8(s1>>8)] ^ te[3][uint8(s2)]
k += 4 k += 4
s0, s1, s2, s3 = t0, t1, t2, t3 s0, s1, s2, s3 = t0, t1, t2, t3
} }
...@@ -101,10 +101,10 @@ func decryptBlock(xk []uint32, dst, src []byte) { ...@@ -101,10 +101,10 @@ func decryptBlock(xk []uint32, dst, src []byte) {
nr := len(xk)/4 - 2 // - 2: one above, one more below nr := len(xk)/4 - 2 // - 2: one above, one more below
k := 4 k := 4
for r := 0; r < nr; r++ { for r := 0; r < nr; r++ {
t0 = xk[k+0] ^ td[0][s0>>24] ^ td[1][s3>>16&0xff] ^ td[2][s2>>8&0xff] ^ td[3][s1&0xff] t0 = xk[k+0] ^ td[0][uint8(s0>>24)] ^ td[1][uint8(s3>>16)] ^ td[2][uint8(s2>>8)] ^ td[3][uint8(s1)]
t1 = xk[k+1] ^ td[0][s1>>24] ^ td[1][s0>>16&0xff] ^ td[2][s3>>8&0xff] ^ td[3][s2&0xff] t1 = xk[k+1] ^ td[0][uint8(s1>>24)] ^ td[1][uint8(s0>>16)] ^ td[2][uint8(s3>>8)] ^ td[3][uint8(s2)]
t2 = xk[k+2] ^ td[0][s2>>24] ^ td[1][s1>>16&0xff] ^ td[2][s0>>8&0xff] ^ td[3][s3&0xff] t2 = xk[k+2] ^ td[0][uint8(s2>>24)] ^ td[1][uint8(s1>>16)] ^ td[2][uint8(s0>>8)] ^ td[3][uint8(s3)]
t3 = xk[k+3] ^ td[0][s3>>24] ^ td[1][s2>>16&0xff] ^ td[2][s1>>8&0xff] ^ td[3][s0&0xff] t3 = xk[k+3] ^ td[0][uint8(s3>>24)] ^ td[1][uint8(s2>>16)] ^ td[2][uint8(s1>>8)] ^ td[3][uint8(s0)]
k += 4 k += 4
s0, s1, s2, s3 = t0, t1, t2, t3 s0, s1, s2, s3 = t0, t1, t2, t3
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment