1 /** 2 * \file aesce.h 3 * 4 * \brief Support hardware AES acceleration on Armv8-A processors with 5 * the Armv8-A Cryptographic Extension in AArch64 execution state. 6 * 7 * \warning These functions are only for internal use by other library 8 * functions; you must not call them directly. 9 */ 10 /* 11 * Copyright The Mbed TLS Contributors 12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 13 */ 14 #ifndef MBEDTLS_AESCE_H 15 #define MBEDTLS_AESCE_H 16 17 #include "mbedtls/build_info.h" 18 19 #include "mbedtls/aes.h" 20 21 22 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) 23 24 #define MBEDTLS_AESCE_HAVE_CODE 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 #if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) 31 32 extern signed char mbedtls_aesce_has_support_result; 33 34 /** 35 * \brief Internal function to detect the crypto extension in CPUs. 36 * 37 * \return 1 if CPU has support for the feature, 0 otherwise 38 */ 39 int mbedtls_aesce_has_support_impl(void); 40 41 #define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \ 42 mbedtls_aesce_has_support_impl() : \ 43 mbedtls_aesce_has_support_result) 44 45 #else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */ 46 47 /* If we are not on Linux, we can't detect support so assume that it's supported. 48 * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set. 49 */ 50 #define MBEDTLS_AESCE_HAS_SUPPORT() 1 51 52 #endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */ 53 54 /** 55 * \brief Internal AES-ECB block encryption and decryption 56 * 57 * \warning This assumes that the context specifies either 10, 12 or 14 58 * rounds and will behave incorrectly if this is not the case. 59 * 60 * \param ctx AES context 61 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 62 * \param input 16-byte input block 63 * \param output 16-byte output block 64 * 65 * \return 0 on success (cannot fail) 66 */ 67 int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, 68 int mode, 69 const unsigned char input[16], 70 unsigned char output[16]); 71 72 /** 73 * \brief Internal GCM multiplication: c = a * b in GF(2^128) 74 * 75 * \note This function is only for internal use by other library 76 * functions; you must not call it directly. 77 * 78 * \param c Result 79 * \param a First operand 80 * \param b Second operand 81 * 82 * \note Both operands and result are bit strings interpreted as 83 * elements of GF(2^128) as per the GCM spec. 84 */ 85 void mbedtls_aesce_gcm_mult(unsigned char c[16], 86 const unsigned char a[16], 87 const unsigned char b[16]); 88 89 90 /** 91 * \brief Internal round key inversion. This function computes 92 * decryption round keys from the encryption round keys. 93 * 94 * \param invkey Round keys for the equivalent inverse cipher 95 * \param fwdkey Original round keys (for encryption) 96 * \param nr Number of rounds (that is, number of round keys minus one) 97 */ 98 void mbedtls_aesce_inverse_key(unsigned char *invkey, 99 const unsigned char *fwdkey, 100 int nr); 101 102 /** 103 * \brief Internal key expansion for encryption 104 * 105 * \param rk Destination buffer where the round keys are written 106 * \param key Encryption key 107 * \param bits Key size in bits (must be 128, 192 or 256) 108 * 109 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH 110 */ 111 int mbedtls_aesce_setkey_enc(unsigned char *rk, 112 const unsigned char *key, 113 size_t bits); 114 115 #ifdef __cplusplus 116 } 117 #endif 118 119 #endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */ 120 121 #endif /* MBEDTLS_AESCE_H */ 122
