delta/go-git.git/src/crypto/cipher, branch dev.inline github.com: golang/go crypto/{aes,cipher}: fix panic in CBC on s390x when src length is 0 2016-10-13T21:42:23+00:00 Michael Munday munday@ca.ibm.com 2016-10-13T21:08:54+00:00 61f1a38bcb52ad5e1753b43c405bb5b144b6966c Adds a test to check that block cipher modes accept a zero-length input. Fixes #17435. Change-Id: Ie093c4cdff756b5c2dcb79342e167b3de5622389 Reviewed-on: https://go-review.googlesource.com/31070 Run-TryBot: Michael Munday <munday@ca.ibm.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 
Adds a test to check that block cipher modes accept a zero-length
input.

Fixes #17435.

Change-Id: Ie093c4cdff756b5c2dcb79342e167b3de5622389
Reviewed-on: https://go-review.googlesource.com/31070
Run-TryBot: Michael Munday <munday@ca.ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
crypto/{aes,cipher}: add optimized implementation of AES-GCM for s390x 2016-10-05T15:37:53+00:00 Michael Munday munday@ca.ibm.com 2016-09-30T18:20:42+00:00 fb4f4f4e96058165c0e7be32aa9ce493515c22a3 Also adds two tests: one to exercise the counter incrementing code and one which checks the output of the optimized implementation against that of the generic implementation for large/unaligned data sizes. Uses the KIMD instruction for GHASH and the KMCTR instruction for AES in counter mode. AESGCMSeal1K 75.0MB/s ± 2% 1008.7MB/s ± 1% +1245.71% (p=0.000 n=10+10) AESGCMOpen1K 75.3MB/s ± 1% 1006.0MB/s ± 1% +1235.59% (p=0.000 n=10+9) AESGCMSeal8K 78.5MB/s ± 1% 1748.4MB/s ± 1% +2127.34% (p=0.000 n=9+10) AESGCMOpen8K 78.5MB/s ± 0% 1752.7MB/s ± 0% +2134.07% (p=0.000 n=10+9) Change-Id: I88dbcfcb5988104bfd290ae15a60a2721c1338be Reviewed-on: https://go-review.googlesource.com/30361 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
Also adds two tests: one to exercise the counter incrementing code
and one which checks the output of the optimized implementation
against that of the generic implementation for large/unaligned data
sizes.

Uses the KIMD instruction for GHASH and the KMCTR instruction for AES
in counter mode.

AESGCMSeal1K  75.0MB/s ± 2%  1008.7MB/s ± 1%  +1245.71%  (p=0.000 n=10+10)
AESGCMOpen1K  75.3MB/s ± 1%  1006.0MB/s ± 1%  +1235.59%   (p=0.000 n=10+9)
AESGCMSeal8K  78.5MB/s ± 1%  1748.4MB/s ± 1%  +2127.34%   (p=0.000 n=9+10)
AESGCMOpen8K  78.5MB/s ± 0%  1752.7MB/s ± 0%  +2134.07%   (p=0.000 n=10+9)

Change-Id: I88dbcfcb5988104bfd290ae15a60a2721c1338be
Reviewed-on: https://go-review.googlesource.com/30361
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
crypto/cipher: enforce message size limits for GCM. 2016-09-02T16:23:15+00:00 Adam Langley agl@golang.org 2016-09-01T23:00:25+00:00 210ac4d5e0fea2bfd4287b0865104bdaaeaffe05 The maximum input plaintext for GCM is 64GiB - 64. Since the GCM interface is one-shot, it's very hard to hit this in Go (one would need a 64GiB buffer in memory), but we should still enforce this limit. Thanks to Quan Nguyen for pointing it out. Change-Id: Icced47bf8d4d5dfbefa165cf13e893205c9577b8 Reviewed-on: https://go-review.googlesource.com/28410 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 
The maximum input plaintext for GCM is 64GiB - 64. Since the GCM
interface is one-shot, it's very hard to hit this in Go (one would need
a 64GiB buffer in memory), but we should still enforce this limit.

Thanks to Quan Nguyen for pointing it out.

Change-Id: Icced47bf8d4d5dfbefa165cf13e893205c9577b8
Reviewed-on: https://go-review.googlesource.com/28410
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
crypto/cipher, math/big: fix example names 2016-08-16T14:36:32+00:00 Josh Bleecher Snyder josharian@gmail.com 2016-07-09T21:51:00+00:00 302dd7b71eb565c5460966292e434fc903362cb6 Fixes (legit) vet warnings. Fix some verb tenses while we're here. Updates #11041 Change-Id: I27e995f55b38f4cf584e97a67b8545e8247e83d6 Reviewed-on: https://go-review.googlesource.com/27122 Run-TryBot: Josh Bleecher Snyder <josharian@gmail.com> Reviewed-by: David Crawshaw <crawshaw@golang.org> 
Fixes (legit) vet warnings.
Fix some verb tenses while we're here.

Updates #11041

Change-Id: I27e995f55b38f4cf584e97a67b8545e8247e83d6
Reviewed-on: https://go-review.googlesource.com/27122
Run-TryBot: Josh Bleecher Snyder <josharian@gmail.com>
Reviewed-by: David Crawshaw <crawshaw@golang.org>
crypto/cipher: execute AES-GCM decryption example 2016-05-09T23:03:55+00:00 Tilman Dilo tilman.dilo@gmail.com 2016-05-09T21:37:07+00:00 9af83462c6f432b77a846a24b4d8efae9bdf0567 The decryption example for AES-GCM was not executed, hiding the fact that the provided ciphertext could not be authenticated. This commit adds the required output comment, replaces the ciphertext with a working example, and removes an unnecessary string conversion along the way. Change-Id: Ie6729ca76cf4a56c48b33fb3b39872105faa604b Reviewed-on: https://go-review.googlesource.com/22953 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
The decryption example for AES-GCM was not executed, hiding the fact
that the provided ciphertext could not be authenticated.

This commit adds the required output comment, replaces the ciphertext
with a working example, and removes an unnecessary string conversion
along the way.

Change-Id: Ie6729ca76cf4a56c48b33fb3b39872105faa604b
Reviewed-on: https://go-review.googlesource.com/22953
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
crypto/cipher, crypto/aes: add s390x implementation of AES-CTR 2016-04-29T21:17:31+00:00 Michael Munday munday@ca.ibm.com 2016-04-18T01:26:23+00:00 c717675c35cb436bdab62091a6288843aa1c863c This commit adds the new 'ctrAble' interface to the crypto/cipher package. The role of ctrAble is the same as gcmAble but for CTR instead of GCM. It allows block ciphers to provide optimized CTR implementations. The primary benefit of adding CTR support to the s390x AES implementation is that it allows us to encrypt the counter values in bulk, giving the cipher message instruction a larger chunk of data to work on per invocation. The xorBytes assembly is necessary because xorBytes becomes a bottleneck when CTR is done in this way. Hopefully it will be possible to remove this once s390x has migrated to the ssa backend. name old speed new speed delta AESCTR1K 160MB/s ± 6% 867MB/s ± 0% +442.42% (p=0.000 n=9+10) Change-Id: I1ae16b0ce0e2641d2bdc7d7eabc94dd35f6e9318 Reviewed-on: https://go-review.googlesource.com/22195 Reviewed-by: Adam Langley <agl@golang.org> 
This commit adds the new 'ctrAble' interface to the crypto/cipher
package. The role of ctrAble is the same as gcmAble but for CTR
instead of GCM. It allows block ciphers to provide optimized CTR
implementations.

The primary benefit of adding CTR support to the s390x AES
implementation is that it allows us to encrypt the counter values
in bulk, giving the cipher message instruction a larger chunk of
data to work on per invocation.

The xorBytes assembly is necessary because xorBytes becomes a
bottleneck when CTR is done in this way. Hopefully it will be
possible to remove this once s390x has migrated to the ssa
backend.

name      old speed     new speed     delta
AESCTR1K  160MB/s ± 6%  867MB/s ± 0%  +442.42%  (p=0.000 n=9+10)

Change-Id: I1ae16b0ce0e2641d2bdc7d7eabc94dd35f6e9318
Reviewed-on: https://go-review.googlesource.com/22195
Reviewed-by: Adam Langley <agl@golang.org>
crypto/cipher, crypto/aes: add s390x implementation of AES-CBC 2016-04-29T21:17:09+00:00 Michael Munday munday@ca.ibm.com 2016-04-26T01:46:02+00:00 2f8475648a5500830561ea03960a1425e1ff0993 This commit adds the cbcEncAble and cbcDecAble interfaces that can be implemented by block ciphers that support an optimized implementation of CBC. This is similar to what is done for GCM with the gcmAble interface. The cbcEncAble, cbcDecAble and gcmAble interfaces all now have tests to ensure they are detected correctly in the cipher package. name old speed new speed delta AESCBCEncrypt1K 152MB/s ± 1% 1362MB/s ± 0% +795.59% (p=0.000 n=10+9) AESCBCDecrypt1K 143MB/s ± 1% 1362MB/s ± 0% +853.00% (p=0.000 n=10+9) Change-Id: I715f686ab3686b189a3dac02f86001178fa60580 Reviewed-on: https://go-review.googlesource.com/22523 Run-TryBot: Michael Munday <munday@ca.ibm.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> 
This commit adds the cbcEncAble and cbcDecAble interfaces that
can be implemented by block ciphers that support an optimized
implementation of CBC. This is similar to what is done for GCM
with the gcmAble interface.

The cbcEncAble, cbcDecAble and gcmAble interfaces all now have
tests to ensure they are detected correctly in the cipher
package.

name             old speed     new speed      delta
AESCBCEncrypt1K  152MB/s ± 1%  1362MB/s ± 0%  +795.59%   (p=0.000 n=10+9)
AESCBCDecrypt1K  143MB/s ± 1%  1362MB/s ± 0%  +853.00%   (p=0.000 n=10+9)

Change-Id: I715f686ab3686b189a3dac02f86001178fa60580
Reviewed-on: https://go-review.googlesource.com/22523
Run-TryBot: Michael Munday <munday@ca.ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
crypto/cipher: enable fastXORBytes on s390x 2016-04-14T18:26:09+00:00 Michael Munday munday@ca.ibm.com 2016-04-14T17:29:37+00:00 980146bfde2b4e2d62c537023c19670666fc0604 s390x can handle unaligned loads and stores of 64-bit values. Change-Id: Iae5621781e3ba56e27b4a1f4788772c86e4f6475 Reviewed-on: https://go-review.googlesource.com/22086 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> 
s390x can handle unaligned loads and stores of 64-bit values.

Change-Id: Iae5621781e3ba56e27b4a1f4788772c86e4f6475
Reviewed-on: https://go-review.googlesource.com/22086
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
all: use bytes.Equal, bytes.Contains and strings.Contains 2016-04-01T02:05:01+00:00 Dominik Honnef dominik@honnef.co 2016-04-01T01:49:43+00:00 1cb3044c9fcd88e1557eca1bf35845a4108bc1db Change-Id: Iba82a5bd3846f7ab038cc10ec72ff6bcd2c0b484 Reviewed-on: https://go-review.googlesource.com/21377 Run-TryBot: Dave Cheney <dave@cheney.net> Reviewed-by: Dave Cheney <dave@cheney.net> 
Change-Id: Iba82a5bd3846f7ab038cc10ec72ff6bcd2c0b484
Reviewed-on: https://go-review.googlesource.com/21377
Run-TryBot: Dave Cheney <dave@cheney.net>
Reviewed-by: Dave Cheney <dave@cheney.net>
crypto/cipher: xorBytes performance ppc64le/ppc64 2016-03-05T01:51:33+00:00 Lynn Boger laboger@linux.vnet.ibm.com 2016-02-16T22:05:56+00:00 8b51ee831518584ebe063ac972b3b2ab28637853 Update supportsUnaligned in xor.go to be true for GOARCH values ppc64le and ppc64. This allows the xor of long buffers to be done on double words (8 bytes) instead of a single byte at a time, which significantly improves performance. Fixes #14350 Change-Id: Iccc6b9d3df2e604a55f4c1e4890bdd3bb0d77ab0 Reviewed-on: https://go-review.googlesource.com/19519 Reviewed-by: Minux Ma <minux@golang.org> 
Update supportsUnaligned in xor.go to be true for
GOARCH values ppc64le and ppc64.  This allows the
xor of long buffers to be done on double words
(8 bytes) instead of a single byte at a time, which
significantly improves performance.

Fixes #14350

Change-Id: Iccc6b9d3df2e604a55f4c1e4890bdd3bb0d77ab0
Reviewed-on: https://go-review.googlesource.com/19519
Reviewed-by: Minux Ma <minux@golang.org>