TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b30adce7fd5c66e0bb35c2d882215c43ae3b32d2 / . / library / aesce.h
blob: 8d48c601bc5b568b1f2e9fae401a558140174e17 [file] [log] [blame]
Jerry Yu49231312023-01-10 16:57:21 +0800[diff] [blame]1/**
2 * \file aesce.h
3 *
Dave Rodgmanf918d422023-03-17 17:52:23 +0000[diff] [blame]4 * \brief Support hardware AES acceleration on Armv8-A processors with
5 * the Armv8-A Cryptographic Extension in AArch64 execution state.
Jerry Yu49231312023-01-10 16:57:21 +0800[diff] [blame]6 *
7 * \warning These functions are only for internal use by other library
8 * functions; you must not call them directly.
9 */
10/*
11 * Copyright The Mbed TLS Contributors
12 * SPDX-License-Identifier: Apache-2.0
13 *
14 * Licensed under the Apache License, Version 2.0 (the "License"); you may
15 * not use this file except in compliance with the License.
16 * You may obtain a copy of the License at
17 *
18 * http://www.apache.org/licenses/LICENSE-2.0
19 *
20 * Unless required by applicable law or agreed to in writing, software
21 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23 * See the License for the specific language governing permissions and
24 * limitations under the License.
25 */
26#ifndef MBEDTLS_AESCE_H
27#define MBEDTLS_AESCE_H
28
29#include "mbedtls/build_info.h"
30
31#include "mbedtls/aes.h"
32
Jerry Yu07d28d82023-03-20 18:12:36 +0800[diff] [blame]33#if !defined(MBEDTLS_HAVE_ARM64)
Jerry Yu61c4cfa2023-04-26 11:06:51 +0800[diff] [blame]34#if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
Jerry Yu07d28d82023-03-20 18:12:36 +0800[diff] [blame]35#define MBEDTLS_HAVE_ARM64
36#endif
37#endif
38
Jerry Yu49231312023-01-10 16:57:21 +0800[diff] [blame]39#if defined(MBEDTLS_HAVE_ARM64)
40
41#ifdef __cplusplus
42extern "C" {
43#endif
Jerry Yub95c7762023-01-10 16:59:51 +0800[diff] [blame]44
Dave Rodgman45661322023-08-04 12:31:58 +0100[diff] [blame]45#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
46
Dave Rodgmanb30adce2023-08-04 12:52:51 +0100[diff] [blame^]47extern signed char mbedtls_aesce_has_support_result;
Dave Rodgman45661322023-08-04 12:31:58 +0100[diff] [blame]48
Jerry Yub95c7762023-01-10 16:59:51 +0800[diff] [blame]49/**
Jerry Yuc8bcdc82023-02-21 14:49:02 +0800[diff] [blame]50 * \brief Internal function to detect the crypto extension in CPUs.
Jerry Yub95c7762023-01-10 16:59:51 +0800[diff] [blame]51 *
52 * \return 1 if CPU has support for the feature, 0 otherwise
53 */
Dave Rodgman45661322023-08-04 12:31:58 +0100[diff] [blame]54int mbedtls_aesce_has_support_impl(void);
Jerry Yu0d4f4e52023-03-31 14:32:47 +0800[diff] [blame]55
Dave Rodgmanb30adce2023-08-04 12:52:51 +0100[diff] [blame^]56#define mbedtls_aesce_has_support() (mbedtls_aesce_has_support_result == -1 ? \
Dave Rodgman45661322023-08-04 12:31:58 +0100[diff] [blame]57 mbedtls_aesce_has_support_impl() : \
58 mbedtls_aesce_has_support_result)
59
60#else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
61
62/* If we are not on Linux, we can't detect support so assume that it's supported.
63 * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
64 */
65#define mbedtls_aesce_has_support() 1
66
67#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
Jerry Yub95c7762023-01-10 16:59:51 +0800[diff] [blame]68
Jerry Yu2bb3d812023-01-10 17:38:26 +0800[diff] [blame]69/**
70 * \brief Internal AES-ECB block encryption and decryption
71 *
Dave Rodgman48fd2ab2023-06-16 09:36:50 +0100[diff] [blame]72 * \warning This assumes that the context specifies either 10, 12 or 14
73 * rounds and will behave incorrectly if this is not the case.
Dave Rodgman96fdfb82023-06-15 16:21:31 +0100[diff] [blame]74 *
Jerry Yu2bb3d812023-01-10 17:38:26 +0800[diff] [blame]75 * \param ctx AES context
76 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
77 * \param input 16-byte input block
78 * \param output 16-byte output block
79 *
80 * \return 0 on success (cannot fail)
81 */
82int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
83 int mode,
84 const unsigned char input[16],
85 unsigned char output[16]);
86
Jerry Yu3f2fb712023-01-10 17:05:42 +0800[diff] [blame]87/**
Jerry Yudf87a122023-01-10 18:17:15 +0800[diff] [blame]88 * \brief Internal GCM multiplication: c = a * b in GF(2^128)
89 *
90 * \note This function is only for internal use by other library
91 * functions; you must not call it directly.
92 *
93 * \param c Result
94 * \param a First operand
95 * \param b Second operand
96 *
97 * \note Both operands and result are bit strings interpreted as
98 * elements of GF(2^128) as per the GCM spec.
99 */
100void mbedtls_aesce_gcm_mult(unsigned char c[16],
101 const unsigned char a[16],
102 const unsigned char b[16]);
103
104
105/**
Jerry Yue096da12023-01-10 17:07:01 +0800[diff] [blame]106 * \brief Internal round key inversion. This function computes
107 * decryption round keys from the encryption round keys.
108 *
109 * \param invkey Round keys for the equivalent inverse cipher
110 * \param fwdkey Original round keys (for encryption)
111 * \param nr Number of rounds (that is, number of round keys minus one)
112 */
113void mbedtls_aesce_inverse_key(unsigned char *invkey,
114 const unsigned char *fwdkey,
115 int nr);
116
117/**
Jerry Yu3f2fb712023-01-10 17:05:42 +0800[diff] [blame]118 * \brief Internal key expansion for encryption
119 *
120 * \param rk Destination buffer where the round keys are written
121 * \param key Encryption key
122 * \param bits Key size in bits (must be 128, 192 or 256)
123 *
124 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
125 */
126int mbedtls_aesce_setkey_enc(unsigned char *rk,
127 const unsigned char *key,
128 size_t bits);
129
Jerry Yu49231312023-01-10 16:57:21 +0800[diff] [blame]130#ifdef __cplusplus
131}
132#endif
133
134#endif /* MBEDTLS_HAVE_ARM64 */
135
136#endif /* MBEDTLS_AESCE_H */