1 /**
2  * \file aesce.h
3  *
4  * \brief Support hardware AES acceleration on Armv8-A processors with
5  *        the Armv8-A Cryptographic Extension.
6  *
7  * \warning These functions are only for internal use by other library
8  *          functions; you must not call them directly.
9  */
10 /*
11  *  Copyright The Mbed TLS Contributors
12  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  */
14 #ifndef MBEDTLS_AESCE_H
15 #define MBEDTLS_AESCE_H
16 
17 #include "mbedtls/build_info.h"
18 #include "common.h"
19 
20 #include "mbedtls/aes.h"
21 
22 
23 #if defined(MBEDTLS_AESCE_C) \
24     && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_HAVE_NEON_INTRINSICS) \
25     && (defined(MBEDTLS_COMPILER_IS_GCC) || defined(__clang__) || defined(MSC_VER))
26 
27 /* MBEDTLS_AESCE_HAVE_CODE is defined if we have a suitable target platform, and a
28  * potentially suitable compiler (compiler version & flags are not checked when defining
29  * this). */
30 #define MBEDTLS_AESCE_HAVE_CODE
31 
32 #ifdef __cplusplus
33 extern "C" {
34 #endif
35 
36 #if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
37 
38 extern signed char mbedtls_aesce_has_support_result;
39 
40 /**
41  * \brief          Internal function to detect the crypto extension in CPUs.
42  *
43  * \return         1 if CPU has support for the feature, 0 otherwise
44  */
45 int mbedtls_aesce_has_support_impl(void);
46 
47 #define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \
48                                      mbedtls_aesce_has_support_impl() : \
49                                      mbedtls_aesce_has_support_result)
50 
51 #else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
52 
53 /* If we are not on Linux, we can't detect support so assume that it's supported.
54  * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
55  */
56 #define MBEDTLS_AESCE_HAS_SUPPORT() 1
57 
58 #endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
59 
60 /**
61  * \brief          Internal AES-ECB block encryption and decryption
62  *
63  * \warning        This assumes that the context specifies either 10, 12 or 14
64  *                 rounds and will behave incorrectly if this is not the case.
65  *
66  * \param ctx      AES context
67  * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
68  * \param input    16-byte input block
69  * \param output   16-byte output block
70  *
71  * \return         0 on success (cannot fail)
72  */
73 int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
74                             int mode,
75                             const unsigned char input[16],
76                             unsigned char output[16]);
77 
78 /**
79  * \brief          Internal GCM multiplication: c = a * b in GF(2^128)
80  *
81  * \note           This function is only for internal use by other library
82  *                 functions; you must not call it directly.
83  *
84  * \param c        Result
85  * \param a        First operand
86  * \param b        Second operand
87  *
88  * \note           Both operands and result are bit strings interpreted as
89  *                 elements of GF(2^128) as per the GCM spec.
90  */
91 void mbedtls_aesce_gcm_mult(unsigned char c[16],
92                             const unsigned char a[16],
93                             const unsigned char b[16]);
94 
95 
96 #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
97 /**
98  * \brief           Internal round key inversion. This function computes
99  *                  decryption round keys from the encryption round keys.
100  *
101  * \param invkey    Round keys for the equivalent inverse cipher
102  * \param fwdkey    Original round keys (for encryption)
103  * \param nr        Number of rounds (that is, number of round keys minus one)
104  */
105 void mbedtls_aesce_inverse_key(unsigned char *invkey,
106                                const unsigned char *fwdkey,
107                                int nr);
108 #endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
109 
110 /**
111  * \brief           Internal key expansion for encryption
112  *
113  * \param rk        Destination buffer where the round keys are written
114  * \param key       Encryption key
115  * \param bits      Key size in bits (must be 128, 192 or 256)
116  *
117  * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
118  */
119 int mbedtls_aesce_setkey_enc(unsigned char *rk,
120                              const unsigned char *key,
121                              size_t bits);
122 
123 #ifdef __cplusplus
124 }
125 #endif
126 
127 #else
128 
129 #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8_A)
130 #error "AES hardware acceleration not supported on this platform / compiler"
131 #endif
132 
133 #endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && MBEDTLS_HAVE_NEON_INTRINSICS &&
134           (MBEDTLS_COMPILER_IS_GCC || __clang__ || MSC_VER) */
135 
136 #endif /* MBEDTLS_AESCE_H */
137