xref: /aosp_15_r20/external/mbedtls/library/aesni.h (revision 62c56f9862f102b96d72393aff6076c951fb8148) 
1*62c56f98SSadaf Ebrahimi /**
2*62c56f98SSadaf Ebrahimi  * \file aesni.h
3*62c56f98SSadaf Ebrahimi  *
4*62c56f98SSadaf Ebrahimi  * \brief AES-NI for hardware AES acceleration on some Intel processors
5*62c56f98SSadaf Ebrahimi  *
6*62c56f98SSadaf Ebrahimi  * \warning These functions are only for internal use by other library
7*62c56f98SSadaf Ebrahimi  *          functions; you must not call them directly.
8*62c56f98SSadaf Ebrahimi  */
9*62c56f98SSadaf Ebrahimi /*
10*62c56f98SSadaf Ebrahimi  *  Copyright The Mbed TLS Contributors
11*62c56f98SSadaf Ebrahimi  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
12*62c56f98SSadaf Ebrahimi  */
13*62c56f98SSadaf Ebrahimi #ifndef MBEDTLS_AESNI_H
14*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_H
15*62c56f98SSadaf Ebrahimi 
16*62c56f98SSadaf Ebrahimi #include "mbedtls/build_info.h"
17*62c56f98SSadaf Ebrahimi 
18*62c56f98SSadaf Ebrahimi #include "mbedtls/aes.h"
19*62c56f98SSadaf Ebrahimi 
20*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_AES      0x02000000u
21*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_CLMUL    0x00000002u
22*62c56f98SSadaf Ebrahimi 
23*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AESNI_C) && \
24*62c56f98SSadaf Ebrahimi     (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86))
25*62c56f98SSadaf Ebrahimi 
26*62c56f98SSadaf Ebrahimi /* Can we do AESNI with intrinsics?
27*62c56f98SSadaf Ebrahimi  * (Only implemented with certain compilers, only for certain targets.)
28*62c56f98SSadaf Ebrahimi  */
29*62c56f98SSadaf Ebrahimi #undef MBEDTLS_AESNI_HAVE_INTRINSICS
30*62c56f98SSadaf Ebrahimi #if defined(_MSC_VER)
31*62c56f98SSadaf Ebrahimi /* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support
32*62c56f98SSadaf Ebrahimi  * VS 2013 and up for other reasons anyway, so no need to check the version. */
33*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_HAVE_INTRINSICS
34*62c56f98SSadaf Ebrahimi #endif
35*62c56f98SSadaf Ebrahimi /* GCC-like compilers: currently, we only support intrinsics if the requisite
36*62c56f98SSadaf Ebrahimi  * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2`
37*62c56f98SSadaf Ebrahimi  * or `clang -maes -mpclmul`). */
38*62c56f98SSadaf Ebrahimi #if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__)
39*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_HAVE_INTRINSICS
40*62c56f98SSadaf Ebrahimi #endif
41*62c56f98SSadaf Ebrahimi 
42*62c56f98SSadaf Ebrahimi /* Choose the implementation of AESNI, if one is available.
43*62c56f98SSadaf Ebrahimi  *
44*62c56f98SSadaf Ebrahimi  * Favor the intrinsics-based implementation if it's available, for better
45*62c56f98SSadaf Ebrahimi  * maintainability.
46*62c56f98SSadaf Ebrahimi  * Performance is about the same (see #7380).
47*62c56f98SSadaf Ebrahimi  * In the long run, we will likely remove the assembly implementation. */
48*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
49*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
50*62c56f98SSadaf Ebrahimi #elif defined(MBEDTLS_HAVE_ASM) && \
51*62c56f98SSadaf Ebrahimi     defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64)
52*62c56f98SSadaf Ebrahimi /* Can we do AESNI with inline assembly?
53*62c56f98SSadaf Ebrahimi  * (Only implemented with gas syntax, only for 64-bit.)
54*62c56f98SSadaf Ebrahimi  */
55*62c56f98SSadaf Ebrahimi #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
56*62c56f98SSadaf Ebrahimi #elif defined(__GNUC__)
57*62c56f98SSadaf Ebrahimi #   error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C"
58*62c56f98SSadaf Ebrahimi #else
59*62c56f98SSadaf Ebrahimi #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"
60*62c56f98SSadaf Ebrahimi #endif
61*62c56f98SSadaf Ebrahimi 
62*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_AESNI_HAVE_CODE)
63*62c56f98SSadaf Ebrahimi 
64*62c56f98SSadaf Ebrahimi #ifdef __cplusplus
65*62c56f98SSadaf Ebrahimi extern "C" {
66*62c56f98SSadaf Ebrahimi #endif
67*62c56f98SSadaf Ebrahimi 
68*62c56f98SSadaf Ebrahimi /**
69*62c56f98SSadaf Ebrahimi  * \brief          Internal function to detect the AES-NI feature in CPUs.
70*62c56f98SSadaf Ebrahimi  *
71*62c56f98SSadaf Ebrahimi  * \note           This function is only for internal use by other library
72*62c56f98SSadaf Ebrahimi  *                 functions; you must not call it directly.
73*62c56f98SSadaf Ebrahimi  *
74*62c56f98SSadaf Ebrahimi  * \param what     The feature to detect
75*62c56f98SSadaf Ebrahimi  *                 (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
76*62c56f98SSadaf Ebrahimi  *
77*62c56f98SSadaf Ebrahimi  * \return         1 if CPU has support for the feature, 0 otherwise
78*62c56f98SSadaf Ebrahimi  */
79*62c56f98SSadaf Ebrahimi #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
80*62c56f98SSadaf Ebrahimi int mbedtls_aesni_has_support(unsigned int what);
81*62c56f98SSadaf Ebrahimi #else
82*62c56f98SSadaf Ebrahimi #define mbedtls_aesni_has_support(what) 1
83*62c56f98SSadaf Ebrahimi #endif
84*62c56f98SSadaf Ebrahimi 
85*62c56f98SSadaf Ebrahimi /**
86*62c56f98SSadaf Ebrahimi  * \brief          Internal AES-NI AES-ECB block encryption and decryption
87*62c56f98SSadaf Ebrahimi  *
88*62c56f98SSadaf Ebrahimi  * \note           This function is only for internal use by other library
89*62c56f98SSadaf Ebrahimi  *                 functions; you must not call it directly.
90*62c56f98SSadaf Ebrahimi  *
91*62c56f98SSadaf Ebrahimi  * \param ctx      AES context
92*62c56f98SSadaf Ebrahimi  * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
93*62c56f98SSadaf Ebrahimi  * \param input    16-byte input block
94*62c56f98SSadaf Ebrahimi  * \param output   16-byte output block
95*62c56f98SSadaf Ebrahimi  *
96*62c56f98SSadaf Ebrahimi  * \return         0 on success (cannot fail)
97*62c56f98SSadaf Ebrahimi  */
98*62c56f98SSadaf Ebrahimi int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
99*62c56f98SSadaf Ebrahimi                             int mode,
100*62c56f98SSadaf Ebrahimi                             const unsigned char input[16],
101*62c56f98SSadaf Ebrahimi                             unsigned char output[16]);
102*62c56f98SSadaf Ebrahimi 
103*62c56f98SSadaf Ebrahimi /**
104*62c56f98SSadaf Ebrahimi  * \brief          Internal GCM multiplication: c = a * b in GF(2^128)
105*62c56f98SSadaf Ebrahimi  *
106*62c56f98SSadaf Ebrahimi  * \note           This function is only for internal use by other library
107*62c56f98SSadaf Ebrahimi  *                 functions; you must not call it directly.
108*62c56f98SSadaf Ebrahimi  *
109*62c56f98SSadaf Ebrahimi  * \param c        Result
110*62c56f98SSadaf Ebrahimi  * \param a        First operand
111*62c56f98SSadaf Ebrahimi  * \param b        Second operand
112*62c56f98SSadaf Ebrahimi  *
113*62c56f98SSadaf Ebrahimi  * \note           Both operands and result are bit strings interpreted as
114*62c56f98SSadaf Ebrahimi  *                 elements of GF(2^128) as per the GCM spec.
115*62c56f98SSadaf Ebrahimi  */
116*62c56f98SSadaf Ebrahimi void mbedtls_aesni_gcm_mult(unsigned char c[16],
117*62c56f98SSadaf Ebrahimi                             const unsigned char a[16],
118*62c56f98SSadaf Ebrahimi                             const unsigned char b[16]);
119*62c56f98SSadaf Ebrahimi 
120*62c56f98SSadaf Ebrahimi /**
121*62c56f98SSadaf Ebrahimi  * \brief           Internal round key inversion. This function computes
122*62c56f98SSadaf Ebrahimi  *                  decryption round keys from the encryption round keys.
123*62c56f98SSadaf Ebrahimi  *
124*62c56f98SSadaf Ebrahimi  * \note            This function is only for internal use by other library
125*62c56f98SSadaf Ebrahimi  *                  functions; you must not call it directly.
126*62c56f98SSadaf Ebrahimi  *
127*62c56f98SSadaf Ebrahimi  * \param invkey    Round keys for the equivalent inverse cipher
128*62c56f98SSadaf Ebrahimi  * \param fwdkey    Original round keys (for encryption)
129*62c56f98SSadaf Ebrahimi  * \param nr        Number of rounds (that is, number of round keys minus one)
130*62c56f98SSadaf Ebrahimi  */
131*62c56f98SSadaf Ebrahimi void mbedtls_aesni_inverse_key(unsigned char *invkey,
132*62c56f98SSadaf Ebrahimi                                const unsigned char *fwdkey,
133*62c56f98SSadaf Ebrahimi                                int nr);
134*62c56f98SSadaf Ebrahimi 
135*62c56f98SSadaf Ebrahimi /**
136*62c56f98SSadaf Ebrahimi  * \brief           Internal key expansion for encryption
137*62c56f98SSadaf Ebrahimi  *
138*62c56f98SSadaf Ebrahimi  * \note            This function is only for internal use by other library
139*62c56f98SSadaf Ebrahimi  *                  functions; you must not call it directly.
140*62c56f98SSadaf Ebrahimi  *
141*62c56f98SSadaf Ebrahimi  * \param rk        Destination buffer where the round keys are written
142*62c56f98SSadaf Ebrahimi  * \param key       Encryption key
143*62c56f98SSadaf Ebrahimi  * \param bits      Key size in bits (must be 128, 192 or 256)
144*62c56f98SSadaf Ebrahimi  *
145*62c56f98SSadaf Ebrahimi  * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
146*62c56f98SSadaf Ebrahimi  */
147*62c56f98SSadaf Ebrahimi int mbedtls_aesni_setkey_enc(unsigned char *rk,
148*62c56f98SSadaf Ebrahimi                              const unsigned char *key,
149*62c56f98SSadaf Ebrahimi                              size_t bits);
150*62c56f98SSadaf Ebrahimi 
151*62c56f98SSadaf Ebrahimi #ifdef __cplusplus
152*62c56f98SSadaf Ebrahimi }
153*62c56f98SSadaf Ebrahimi #endif
154*62c56f98SSadaf Ebrahimi 
155*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AESNI_HAVE_CODE */
156*62c56f98SSadaf Ebrahimi #endif  /* MBEDTLS_AESNI_C */
157*62c56f98SSadaf Ebrahimi 
158*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_AESNI_H */
159