sys/crypto/aesni/aesencdec.h

   1 /*-
   2  * Copyright 2013 John-Mark Gurney <jmg@FreeBSD.org>
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  *
  14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  24  * SUCH DAMAGE.
  25  *
  26  * $FreeBSD$
  27  *
  28  */
  29
  30 #include <wmmintrin.h>
  31
  32 static inline void
  33 aesni_enc8(int rounds, const __m128i *keysched, __m128i a,
  34     __m128i b, __m128i c, __m128i d, __m128i e, __m128i f, __m128i g,
  35     __m128i h, __m128i out[8])
  36 {
  37         int i;
  38
  39         a ^= keysched[0];
  40         b ^= keysched[0];
  41         c ^= keysched[0];
  42         d ^= keysched[0];
  43         e ^= keysched[0];
  44         f ^= keysched[0];
  45         g ^= keysched[0];
  46         h ^= keysched[0];
  47
  48         for (i = 0; i < rounds; i++) {
  49                 a = _mm_aesenc_si128(a, keysched[i + 1]);
  50                 b = _mm_aesenc_si128(b, keysched[i + 1]);
  51                 c = _mm_aesenc_si128(c, keysched[i + 1]);
  52                 d = _mm_aesenc_si128(d, keysched[i + 1]);
  53                 e = _mm_aesenc_si128(e, keysched[i + 1]);
  54                 f = _mm_aesenc_si128(f, keysched[i + 1]);
  55                 g = _mm_aesenc_si128(g, keysched[i + 1]);
  56                 h = _mm_aesenc_si128(h, keysched[i + 1]);
  57         }
  58
  59         out[0] = _mm_aesenclast_si128(a, keysched[i + 1]);
  60         out[1] = _mm_aesenclast_si128(b, keysched[i + 1]);
  61         out[2] = _mm_aesenclast_si128(c, keysched[i + 1]);
  62         out[3] = _mm_aesenclast_si128(d, keysched[i + 1]);
  63         out[4] = _mm_aesenclast_si128(e, keysched[i + 1]);
  64         out[5] = _mm_aesenclast_si128(f, keysched[i + 1]);
  65         out[6] = _mm_aesenclast_si128(g, keysched[i + 1]);
  66         out[7] = _mm_aesenclast_si128(h, keysched[i + 1]);
  67 }
  68
  69 static inline void
  70 aesni_dec8(int rounds, const __m128i *keysched, __m128i a,
  71     __m128i b, __m128i c, __m128i d, __m128i e, __m128i f, __m128i g,
  72     __m128i h, __m128i out[8])
  73 {
  74         int i;
  75
  76         a ^= keysched[0];
  77         b ^= keysched[0];
  78         c ^= keysched[0];
  79         d ^= keysched[0];
  80         e ^= keysched[0];
  81         f ^= keysched[0];
  82         g ^= keysched[0];
  83         h ^= keysched[0];
  84
  85         for (i = 0; i < rounds; i++) {
  86                 a = _mm_aesdec_si128(a, keysched[i + 1]);
  87                 b = _mm_aesdec_si128(b, keysched[i + 1]);
  88                 c = _mm_aesdec_si128(c, keysched[i + 1]);
  89                 d = _mm_aesdec_si128(d, keysched[i + 1]);
  90                 e = _mm_aesdec_si128(e, keysched[i + 1]);
  91                 f = _mm_aesdec_si128(f, keysched[i + 1]);
  92                 g = _mm_aesdec_si128(g, keysched[i + 1]);
  93                 h = _mm_aesdec_si128(h, keysched[i + 1]);
  94         }
  95
  96         out[0] = _mm_aesdeclast_si128(a, keysched[i + 1]);
  97         out[1] = _mm_aesdeclast_si128(b, keysched[i + 1]);
  98         out[2] = _mm_aesdeclast_si128(c, keysched[i + 1]);
  99         out[3] = _mm_aesdeclast_si128(d, keysched[i + 1]);
 100         out[4] = _mm_aesdeclast_si128(e, keysched[i + 1]);
 101         out[5] = _mm_aesdeclast_si128(f, keysched[i + 1]);
 102         out[6] = _mm_aesdeclast_si128(g, keysched[i + 1]);
 103         out[7] = _mm_aesdeclast_si128(h, keysched[i + 1]);
 104 }
 105
 106 static inline __m128i
 107 aesni_enc(int rounds, const __m128i *keysched, const __m128i from)
 108 {
 109         __m128i tmp;
 110         int i;
 111
 112         tmp = from ^ keysched[0];
 113
 114         for (i = 0; i < rounds; i++)
 115                 tmp = _mm_aesenc_si128(tmp, keysched[i + 1]);
 116
 117         return _mm_aesenclast_si128(tmp, keysched[i + 1]);
 118 }
 119
 120 static inline __m128i
 121 aesni_dec(int rounds, const __m128i *keysched, const __m128i from)
 122 {
 123         __m128i tmp;
 124         int i;
 125
 126         tmp = from ^ keysched[0];
 127
 128         for (i = 0; i < rounds; i++)
 129                 tmp = _mm_aesdec_si128(tmp, keysched[i + 1]);
 130
 131         return _mm_aesdeclast_si128(tmp, keysched[i + 1]);
 132 }