4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
25 #if defined(__x86_64) && defined(HAVE_AES)
28 #include <sys/types.h>
30 /* These functions are used to execute AES-NI instructions: */
31 extern int rijndael_key_setup_enc_intel(uint32_t rk[],
32 const uint32_t cipherKey[], uint64_t keyBits);
33 extern int rijndael_key_setup_dec_intel(uint32_t rk[],
34 const uint32_t cipherKey[], uint64_t keyBits);
35 extern void aes_encrypt_intel(const uint32_t rk[], int Nr,
36 const uint32_t pt[4], uint32_t ct[4]);
37 extern void aes_decrypt_intel(const uint32_t rk[], int Nr,
38 const uint32_t ct[4], uint32_t pt[4]);
41 #include <aes/aes_impl.h>
44 * Expand the 32-bit AES cipher key array into the encryption and decryption
48 * key AES key schedule to be initialized
50 * keyBits AES key size (128, 192, or 256 bits)
53 aes_aesni_generate(aes_key_t *key, const uint32_t *keyarr32, int keybits)
56 key->nr = rijndael_key_setup_enc_intel(&(key->encr_ks.ks32[0]),
58 key->nr = rijndael_key_setup_dec_intel(&(key->decr_ks.ks32[0]),
64 * Encrypt one block of data. The block is assumed to be an array
65 * of four uint32_t values, so copy for alignment (and byte-order
66 * reversal for little endian systems might be necessary on the
67 * input and output byte streams.
68 * The size of the key schedule depends on the number of rounds
69 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
72 * rk Key schedule, of aes_ks_t (60 32-bit integers)
74 * pt Input block (plain text)
75 * ct Output block (crypto text). Can overlap with pt
78 aes_aesni_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4],
82 aes_encrypt_intel(rk, Nr, pt, ct);
87 * Decrypt one block of data. The block is assumed to be an array
88 * of four uint32_t values, so copy for alignment (and byte-order
89 * reversal for little endian systems might be necessary on the
90 * input and output byte streams.
91 * The size of the key schedule depends on the number of rounds
92 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
95 * rk Key schedule, of aes_ks_t (60 32-bit integers)
97 * ct Input block (crypto text)
98 * pt Output block (plain text). Can overlap with pt
101 aes_aesni_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4],
105 aes_decrypt_intel(rk, Nr, ct, pt);
110 aes_aesni_will_work(void)
112 return (kfpu_allowed() && zfs_aes_available());
115 const aes_impl_ops_t aes_aesni_impl = {
116 .generate = &aes_aesni_generate,
117 .encrypt = &aes_aesni_encrypt,
118 .decrypt = &aes_aesni_decrypt,
119 .is_supported = &aes_aesni_will_work,
120 .needs_byteswap = B_FALSE,
124 #endif /* defined(__x86_64) && defined(HAVE_AES) */