1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or https://opensource.org/licenses/CDDL-1.0. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 25 #if defined(__x86_64) && defined(HAVE_AES) 26 27 #include <sys/simd.h> 28 #include <sys/types.h> 29 #include <sys/asm_linkage.h> 30 31 /* These functions are used to execute AES-NI instructions: */ 32 extern ASMABI int rijndael_key_setup_enc_intel(uint32_t rk[], 33 const uint32_t cipherKey[], uint64_t keyBits); 34 extern ASMABI int rijndael_key_setup_dec_intel(uint32_t rk[], 35 const uint32_t cipherKey[], uint64_t keyBits); 36 extern ASMABI void aes_encrypt_intel(const uint32_t rk[], int Nr, 37 const uint32_t pt[4], uint32_t ct[4]); 38 extern ASMABI void aes_decrypt_intel(const uint32_t rk[], int Nr, 39 const uint32_t ct[4], uint32_t pt[4]); 40 41 42 #include <aes/aes_impl.h> 43 44 /* 45 * Expand the 32-bit AES cipher key array into the encryption and decryption 46 * key schedules. 47 * 48 * Parameters: 49 * key AES key schedule to be initialized 50 * keyarr32 User key 51 * keyBits AES key size (128, 192, or 256 bits) 52 */ 53 static void 54 aes_aesni_generate(aes_key_t *key, const uint32_t *keyarr32, int keybits) 55 { 56 kfpu_begin(); 57 key->nr = rijndael_key_setup_enc_intel(&(key->encr_ks.ks32[0]), 58 keyarr32, keybits); 59 key->nr = rijndael_key_setup_dec_intel(&(key->decr_ks.ks32[0]), 60 keyarr32, keybits); 61 kfpu_end(); 62 } 63 64 /* 65 * Encrypt one block of data. The block is assumed to be an array 66 * of four uint32_t values, so copy for alignment (and byte-order 67 * reversal for little endian systems might be necessary on the 68 * input and output byte streams. 69 * The size of the key schedule depends on the number of rounds 70 * (which can be computed from the size of the key), i.e. 4*(Nr + 1). 71 * 72 * Parameters: 73 * rk Key schedule, of aes_ks_t (60 32-bit integers) 74 * Nr Number of rounds 75 * pt Input block (plain text) 76 * ct Output block (crypto text). Can overlap with pt 77 */ 78 static void 79 aes_aesni_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4], 80 uint32_t ct[4]) 81 { 82 kfpu_begin(); 83 aes_encrypt_intel(rk, Nr, pt, ct); 84 kfpu_end(); 85 } 86 87 /* 88 * Decrypt one block of data. The block is assumed to be an array 89 * of four uint32_t values, so copy for alignment (and byte-order 90 * reversal for little endian systems might be necessary on the 91 * input and output byte streams. 92 * The size of the key schedule depends on the number of rounds 93 * (which can be computed from the size of the key), i.e. 4*(Nr + 1). 94 * 95 * Parameters: 96 * rk Key schedule, of aes_ks_t (60 32-bit integers) 97 * Nr Number of rounds 98 * ct Input block (crypto text) 99 * pt Output block (plain text). Can overlap with pt 100 */ 101 static void 102 aes_aesni_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4], 103 uint32_t pt[4]) 104 { 105 kfpu_begin(); 106 aes_decrypt_intel(rk, Nr, ct, pt); 107 kfpu_end(); 108 } 109 110 static boolean_t 111 aes_aesni_will_work(void) 112 { 113 return (kfpu_allowed() && zfs_aes_available()); 114 } 115 116 const aes_impl_ops_t aes_aesni_impl = { 117 .generate = &aes_aesni_generate, 118 .encrypt = &aes_aesni_encrypt, 119 .decrypt = &aes_aesni_decrypt, 120 .is_supported = &aes_aesni_will_work, 121 .needs_byteswap = B_FALSE, 122 .name = "aesni" 123 }; 124 125 #endif /* defined(__x86_64) && defined(HAVE_AES) */ 126