module/icp/algs/aes/aes_impl_aesni.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or https://opensource.org/licenses/CDDL-1.0.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24
  25 #if defined(__x86_64) && defined(HAVE_AES)
  26
  27 #include <sys/simd.h>
  28 #include <sys/types.h>
  29 #include <sys/asm_linkage.h>
  30
  31 /* These functions are used to execute AES-NI instructions: */
  32 extern ASMABI int rijndael_key_setup_enc_intel(uint32_t rk[],
  33         const uint32_t cipherKey[], uint64_t keyBits);
  34 extern ASMABI int rijndael_key_setup_dec_intel(uint32_t rk[],
  35         const uint32_t cipherKey[], uint64_t keyBits);
  36 extern ASMABI void aes_encrypt_intel(const uint32_t rk[], int Nr,
  37         const uint32_t pt[4], uint32_t ct[4]);
  38 extern ASMABI void aes_decrypt_intel(const uint32_t rk[], int Nr,
  39         const uint32_t ct[4], uint32_t pt[4]);
  40
  41
  42 #include <aes/aes_impl.h>
  43
  44 /*
  45  * Expand the 32-bit AES cipher key array into the encryption and decryption
  46  * key schedules.
  47  *
  48  * Parameters:
  49  * key          AES key schedule to be initialized
  50  * keyarr32     User key
  51  * keyBits      AES key size (128, 192, or 256 bits)
  52  */
  53 static void
  54 aes_aesni_generate(aes_key_t *key, const uint32_t *keyarr32, int keybits)
  55 {
  56         kfpu_begin();
  57         key->nr = rijndael_key_setup_enc_intel(&(key->encr_ks.ks32[0]),
  58             keyarr32, keybits);
  59         key->nr = rijndael_key_setup_dec_intel(&(key->decr_ks.ks32[0]),
  60             keyarr32, keybits);
  61         kfpu_end();
  62 }
  63
  64 /*
  65  * Encrypt one block of data. The block is assumed to be an array
  66  * of four uint32_t values, so copy for alignment (and byte-order
  67  * reversal for little endian systems might be necessary on the
  68  * input and output byte streams.
  69  * The size of the key schedule depends on the number of rounds
  70  * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
  71  *
  72  * Parameters:
  73  * rk           Key schedule, of aes_ks_t (60 32-bit integers)
  74  * Nr           Number of rounds
  75  * pt           Input block (plain text)
  76  * ct           Output block (crypto text).  Can overlap with pt
  77  */
  78 static void
  79 aes_aesni_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4],
  80     uint32_t ct[4])
  81 {
  82         kfpu_begin();
  83         aes_encrypt_intel(rk, Nr, pt, ct);
  84         kfpu_end();
  85 }
  86
  87 /*
  88  * Decrypt one block of data. The block is assumed to be an array
  89  * of four uint32_t values, so copy for alignment (and byte-order
  90  * reversal for little endian systems might be necessary on the
  91  * input and output byte streams.
  92  * The size of the key schedule depends on the number of rounds
  93  * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
  94  *
  95  * Parameters:
  96  * rk           Key schedule, of aes_ks_t (60 32-bit integers)
  97  * Nr           Number of rounds
  98  * ct           Input block (crypto text)
  99  * pt           Output block (plain text). Can overlap with pt
 100  */
 101 static void
 102 aes_aesni_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4],
 103     uint32_t pt[4])
 104 {
 105         kfpu_begin();
 106         aes_decrypt_intel(rk, Nr, ct, pt);
 107         kfpu_end();
 108 }
 109
 110 static boolean_t
 111 aes_aesni_will_work(void)
 112 {
 113         return (kfpu_allowed() && zfs_aes_available());
 114 }
 115
 116 const aes_impl_ops_t aes_aesni_impl = {
 117         .generate = &aes_aesni_generate,
 118         .encrypt = &aes_aesni_encrypt,
 119         .decrypt = &aes_aesni_decrypt,
 120         .is_supported = &aes_aesni_will_work,
 121         .needs_byteswap = B_FALSE,
 122         .name = "aesni"
 123 };
 124
 125 #endif /* defined(__x86_64) && defined(HAVE_AES) */