TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / 0fc9291f405157f935e0001622f91b759ce44be6 / . / lib / libmbedtls / mbedtls / library / aesce.h
blob: a14d085efa28ee7be653d8f401b8e33ad2da84da [file] [log] [blame]
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]1/**
2 * \file aesce.h
3 *
4 * \brief Support hardware AES acceleration on Armv8-A processors with
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]5 * the Armv8-A Cryptographic Extension.
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]6 *
7 * \warning These functions are only for internal use by other library
8 * functions; you must not call them directly.
9 */
10/*
11 * Copyright The Mbed TLS Contributors
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]13 */
14#ifndef MBEDTLS_AESCE_H
15#define MBEDTLS_AESCE_H
16
17#include "mbedtls/build_info.h"
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]18#include "common.h"
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]19
20#include "mbedtls/aes.h"
21
22
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]23#if defined(MBEDTLS_AESCE_C) \
24 && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_HAVE_NEON_INTRINSICS) \
25 && (defined(MBEDTLS_COMPILER_IS_GCC) || defined(__clang__) || defined(MSC_VER))
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]26
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]27/* MBEDTLS_AESCE_HAVE_CODE is defined if we have a suitable target platform, and a
28 * potentially suitable compiler (compiler version & flags are not checked when defining
29 * this). */
30#define MBEDTLS_AESCE_HAVE_CODE
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]31
32#ifdef __cplusplus
33extern "C" {
34#endif
35
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]36#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
37
38extern signed char mbedtls_aesce_has_support_result;
39
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]40/**
41 * \brief Internal function to detect the crypto extension in CPUs.
42 *
43 * \return 1 if CPU has support for the feature, 0 otherwise
44 */
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]45int mbedtls_aesce_has_support_impl(void);
46
47#define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \
48 mbedtls_aesce_has_support_impl() : \
49 mbedtls_aesce_has_support_result)
50
51#else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
52
53/* If we are not on Linux, we can't detect support so assume that it's supported.
54 * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
55 */
56#define MBEDTLS_AESCE_HAS_SUPPORT() 1
57
58#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]59
60/**
61 * \brief Internal AES-ECB block encryption and decryption
62 *
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]63 * \warning This assumes that the context specifies either 10, 12 or 14
64 * rounds and will behave incorrectly if this is not the case.
65 *
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]66 * \param ctx AES context
67 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
68 * \param input 16-byte input block
69 * \param output 16-byte output block
70 *
71 * \return 0 on success (cannot fail)
72 */
73int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx,
74 int mode,
75 const unsigned char input[16],
76 unsigned char output[16]);
77
78/**
79 * \brief Internal GCM multiplication: c = a * b in GF(2^128)
80 *
81 * \note This function is only for internal use by other library
82 * functions; you must not call it directly.
83 *
84 * \param c Result
85 * \param a First operand
86 * \param b Second operand
87 *
88 * \note Both operands and result are bit strings interpreted as
89 * elements of GF(2^128) as per the GCM spec.
90 */
91void mbedtls_aesce_gcm_mult(unsigned char c[16],
92 const unsigned char a[16],
93 const unsigned char b[16]);
94
95
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]96#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]97/**
98 * \brief Internal round key inversion. This function computes
99 * decryption round keys from the encryption round keys.
100 *
101 * \param invkey Round keys for the equivalent inverse cipher
102 * \param fwdkey Original round keys (for encryption)
103 * \param nr Number of rounds (that is, number of round keys minus one)
104 */
105void mbedtls_aesce_inverse_key(unsigned char *invkey,
106 const unsigned char *fwdkey,
107 int nr);
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]108#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]109
110/**
111 * \brief Internal key expansion for encryption
112 *
113 * \param rk Destination buffer where the round keys are written
114 * \param key Encryption key
115 * \param bits Key size in bits (must be 128, 192 or 256)
116 *
117 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
118 */
119int mbedtls_aesce_setkey_enc(unsigned char *rk,
120 const unsigned char *key,
121 size_t bits);
122
123#ifdef __cplusplus
124}
125#endif
126
Tom Van Eyckc1633172024-04-09 18:44:13 +0200[diff] [blame]127#else
128
129#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8_A)
130#error "AES hardware acceleration not supported on this platform / compiler"
131#endif
132
133#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && MBEDTLS_HAVE_NEON_INTRINSICS &&
134 (MBEDTLS_COMPILER_IS_GCC || __clang__ || MSC_VER) */
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]135
136#endif /* MBEDTLS_AESCE_H */