Merge pull request #9852 from SparkiDev/ppc64_asm_aes

PPC64 ASM: AES-ECB/CBC/CTR/GCM
This commit is contained in:
David Garske
2026-06-03 16:30:12 -07:00
committed by GitHub
7 changed files with 15691 additions and 29 deletions
+3
View File
@@ -869,6 +869,7 @@ WOLFSSL_PASSTHRU_ERR
WOLFSSL_PB
WOLFSSL_PEER_ADDRESS_CHANGES
WOLFSSL_PKCS11_RW_TOKENS
WOLFSSL_PPC64_ASM_AES_NO_HARDEN
WOLFSSL_PRCONNECT_PRO
WOLFSSL_PREFIX
WOLFSSL_PSA_NO_AES
@@ -977,6 +978,7 @@ XSECURE_CACHE_DISABLE
_ABI64
_ABIO64
_ARCH_PPC64
_ARCH_PWR8
_COMPILER_VERSION
_INTPTR_T_DECLARED
_LINUX_REFCOUNT_H
@@ -1005,6 +1007,7 @@ __32MZ2048ECM144__
__32MZ2048EFM144__
__ANDROID__
__APPLE__
__ARCH_PWR8
__ARCH_STRCASECMP_NO_REDIRECT
__ARCH_STRCMP_NO_REDIRECT
__ARCH_STRNCASECMP_NO_REDIRECT
+80 -10
View File
@@ -1432,6 +1432,11 @@ then
AC_MSG_ERROR([--enable-all-asm is incompatible with --disable-ppc32-asm])
fi
if test "$enable_ppc64_asm" = "no"
then
AC_MSG_ERROR([--enable-all-asm is incompatible with --disable-ppc64-asm])
fi
case "$host_cpu" in
*x86_64*|*amd64*)
if test "$enable_intelasm" = ""
@@ -1462,6 +1467,10 @@ then
fi
;;
*powerpc64*)
if test "$enable_ppc64_asm" = ""
then
enable_ppc64_asm=yes
fi
;;
*powerpc*)
if test "$enable_ppc32_asm" = ""
@@ -3934,21 +3943,70 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM"
AC_MSG_NOTICE([32-bit PowerPC assembly for SHA-256])
ENABLED_PPC32_ASM=yes
if test "$ENABLED_PPC32_ASM_INLINE" = "yes" || test "$ENABLED_PPC32_ASM_INLINE_REG" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_INLINE"
else
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM"
fi
if test "$ENABLED_PPC32_ASM_SMALL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_SMALL"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM_SMALL"
fi
if test "$ENABLED_PPC32_ASM_SPE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_SPE"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM_SPE"
fi
fi
if test "$ENABLED_PPC32_ASM_INLINE" = "yes" || test "$ENABLED_PPC32_ASM_INLINE_REG" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_INLINE"
# PPC64 Assembly
AC_ARG_ENABLE([ppc64-asm],
[AS_HELP_STRING([--enable-ppc64-asm],[Enable wolfSSL PowerPC 64-bit ASM support (default: disabled).])],
[ ENABLED_PPC64_ASM=$enableval ],
[ ENABLED_PPC64_ASM=no ]
)
if test "$ENABLED_PPC64_ASM" != "no" && test "$ENABLED_ASM" = "yes"
then
ENABLED_PPC64_ASM_OPTS=$ENABLED_PPC64_ASM
for v in `echo $ENABLED_PPC64_ASM_OPTS | tr "," " "`
do
case $v in
yes)
;;
inline)
ENABLED_PPC64_ASM_INLINE=yes
;;
inline-reg)
ENABLED_PPC64_ASM_INLINE_REG=yes
;;
small)
ENABLED_PPC64_ASM_SMALL=yes
;;
*)
AC_MSG_ERROR([Invalid RISC-V option [yes,inline,small]: $ENABLED_PPC64_ASM.])
break
;;
esac
done
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC64_ASM"
AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
AC_MSG_NOTICE([64-bit PowerPC assembly for AES])
ENABLED_PPC64_ASM=yes
fi
if test "$ENABLED_PPC64_ASM_INLINE" = "yes" || test "$ENABLED_PPC64_ASM_INLINE_REG" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC64_ASM_INLINE"
else
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC64_ASM"
fi
if test "$ENABLED_PPC32_ASM_SMALL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_SMALL"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM_SMALL"
fi
if test "$ENABLED_PPC32_ASM_SPE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC32_ASM_SPE"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC32_ASM_SPE"
if test "$ENABLED_PPC64_ASM_SMALL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PPC64_ASM_SMALL"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_PPC64_ASM_SMALL"
fi
# Xilinx hardened crypto
AC_ARG_ENABLE([xilinx],
[AS_HELP_STRING([--enable-xilinx],[Enable wolfSSL support for Xilinx hardened crypto(default: disabled)])],
@@ -12219,6 +12277,9 @@ AM_CONDITIONAL([BUILD_RISCV_ASM],[test "x$ENABLED_RISCV_ASM" = "xyes"])
AM_CONDITIONAL([BUILD_PPC32_ASM],[test "x$ENABLED_PPC32_ASM" = "xyes"])
AM_CONDITIONAL([BUILD_PPC32_ASM_INLINE],[test "x$ENABLED_PPC32_ASM_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_PPC32_ASM_INLINE_REG],[test "x$ENABLED_PPC32_ASM_INLINE_REG" = "xyes"])
AM_CONDITIONAL([BUILD_PPC64_ASM],[test "x$ENABLED_PPC64_ASM" = "xyes"])
AM_CONDITIONAL([BUILD_PPC64_ASM_INLINE],[test "x$ENABLED_PPC64_ASM_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_PPC64_ASM_INLINE_REG],[test "x$ENABLED_PPC64_ASM_INLINE_REG" = "xyes"])
AM_CONDITIONAL([BUILD_XILINX],[test "x$ENABLED_XILINX" = "xyes"])
AM_CONDITIONAL([BUILD_AESNI],[test "x$ENABLED_AESNI" = "xyes"])
AM_CONDITIONAL([BUILD_INTELASM],[test "x$ENABLED_INTELASM" = "xyes"])
@@ -12925,6 +12986,15 @@ then
ENABLED_PPC32_ASM="inline C Reg"
fi
echo " * PPC32 ASM $ENABLED_PPC32_ASM"
if test "$ENABLED_PPC64_ASM_INLINE" = "yes"
then
ENABLED_PPC64_ASM="inline C"
fi
if test "$ENABLED_PPC64_ASM_INLINE_REG" = "yes"
then
ENABLED_PPC64_ASM="inline C Reg"
fi
echo " * PPC64 ASM $ENABLED_PPC64_ASM"
echo " * Write duplicate: $ENABLED_WRITEDUP"
echo " * Xilinx Hardware Acc.: $ENABLED_XILINX"
echo " * C89: $ENABLED_C89"
+24
View File
@@ -247,6 +247,14 @@ endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON
if BUILD_PPC64_ASM
if BUILD_PPC64_ASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm.S
endif !BUILD_PPC64_ASM_INLINE
endif BUILD_PPC64_ASM
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
if BUILD_X86_ASM
@@ -512,6 +520,14 @@ endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON
endif BUILD_AES
if BUILD_PPC64_ASM
if BUILD_PPC64_ASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm.S
endif !BUILD_PPC64_ASM_INLINE
endif BUILD_PPC64_ASM
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
if BUILD_X86_ASM
@@ -1390,6 +1406,14 @@ endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON
if BUILD_PPC64_ASM
if BUILD_PPC64_ASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/ppc64/ppc64-aes-asm.S
endif !BUILD_PPC64_ASM_INLINE
endif BUILD_PPC64_ASM
if BUILD_AFALG
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
endif BUILD_AFALG
+262 -19
View File
@@ -977,6 +977,30 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(Aes* aes, const byte* inBlock,
}
#endif /* HAVE_AES_DECRYPT && WOLFSSL_AES_DIRECT */
#elif defined(WOLFSSL_PPC64_ASM)
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESCCM) || \
defined(WOLFSSL_AESGCM_STREAM) || defined(HAVE_AESGCM)
static WARN_UNUSED_RESULT int wc_AesEncrypt(Aes* aes, const byte* inBlock,
byte* outBlock)
{
AES_ECB_encrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
(int)aes->rounds);
return 0;
}
#endif
#if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
static WARN_UNUSED_RESULT int wc_AesDecrypt(Aes* aes, const byte* inBlock,
byte* outBlock)
{
AES_ECB_decrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
(int)aes->rounds);
return 0;
}
#endif /* HAVE_AES_DECRYPT && WOLFSSL_AES_DIRECT */
#elif defined(FREESCALE_MMCAU)
/* Freescale mmCAU hardware AES support for Direct, CBC, CCM, GCM modes
* through the CAU/mmCAU library. Documentation located in
@@ -1285,12 +1309,14 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(Aes* aes, const byte* inBlock,
#if !defined(WOLFSSL_ESP32_CRYPT) || \
(defined(NO_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
defined(NEED_AES_HW_FALLBACK))
#ifndef WOLFSSL_PPC64_ASM
static const FLASH_QUALIFIER word32 rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000,
0x10000000, 0x20000000, 0x40000000, 0x80000000,
0x1B000000, 0x36000000,
/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
};
#endif
#endif /* ESP32 */
#endif /* __aarch64__ || !WOLFSSL_ARMASM */
@@ -4637,6 +4663,102 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(Aes* aes, const byte* inBlock,
return AesSetKey(aes, userKey, keylen, iv, dir);
}
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
/* AES-CTR and AES-DIRECT need to use this for key setup */
/* This function allows key sizes that are not 128/192/256 bits */
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
if (aes == NULL) {
return BAD_FUNC_ARG;
}
if (keylen > sizeof(aes->key)) {
return BAD_FUNC_ARG;
}
return AesSetKey(aes, userKey, keylen, iv, dir);
}
#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
#elif defined(WOLFSSL_PPC64_ASM)
static int AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
defined(WOLFSSL_AES_CTS)
aes->left = 0;
#endif
aes->keylen = (int)keylen;
aes->rounds = (keylen/4) + 6;
AES_set_encrypt_key(userKey, keylen * 8, (byte*)aes->key);
#ifdef HAVE_AES_DECRYPT
if (dir == AES_DECRYPTION) {
AES_invert_key((byte*)aes->key, aes->rounds);
}
#else
(void)dir;
#endif
return wc_AesSetIV(aes, iv);
}
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
if ((aes == NULL) || (userKey == NULL)) {
return BAD_FUNC_ARG;
}
switch (keylen) {
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
defined(WOLFSSL_AES_128)
case 16:
#endif
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
defined(WOLFSSL_AES_192)
case 24:
#endif
#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
defined(WOLFSSL_AES_256)
case 32:
#endif
break;
default:
return BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_CB
if (aes->devId != INVALID_DEVID) {
#ifdef WOLF_CRYPTO_CB_AES_SETKEY
int ret = wc_CryptoCb_AesSetKey(aes, userKey, keylen);
if (ret == 0) {
/* Callback succeeded - SE owns the key */
aes->keylen = (int)keylen;
if (iv != NULL)
XMEMCPY(aes->reg, iv, WC_AES_BLOCK_SIZE);
else
XMEMSET(aes->reg, 0, WC_AES_BLOCK_SIZE);
return 0;
}
else if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
aes->devCtx = NULL;
return ret;
}
/* CRYPTOCB_UNAVAILABLE: continue to software setup */
#endif
/* Standard CryptoCB path - copy key to devKey for encrypt/decrypt offload */
if (keylen > sizeof(aes->devKey)) {
return BAD_FUNC_ARG;
}
XMEMCPY(aes->devKey, userKey, keylen);
}
#endif
return AesSetKey(aes, userKey, keylen, iv, dir);
}
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
/* AES-CTR and AES-DIRECT need to use this for key setup */
/* This function allows key sizes that are not 128/192/256 bits */
@@ -6598,7 +6720,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
word32 blocks;
int ret;
#endif
@@ -6611,7 +6733,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return 0;
}
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
blocks = sz / WC_AES_BLOCK_SIZE;
#endif
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
@@ -6687,6 +6809,10 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
#endif
return 0;
#elif defined(WOLFSSL_PPC64_ASM)
AES_CBC_encrypt(in, out, sz, (const unsigned char*)aes->key,
aes->rounds, (unsigned char*)aes->reg);
return 0;
#else
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
/* Implemented in wolfcrypt/src/port/nxp/se050_port.c */
@@ -6788,7 +6914,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
/* Software AES - CBC Decrypt */
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
word32 blocks;
int ret;
#endif
@@ -6816,7 +6942,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
#endif
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
blocks = sz / WC_AES_BLOCK_SIZE;
#endif
if (sz % WC_AES_BLOCK_SIZE) {
@@ -6909,6 +7035,10 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif
#endif /* __aarch64__ || WOLFSSL_ARMASM_NO_HW_CRYPTO */
return 0;
#elif defined(WOLFSSL_PPC64_ASM)
AES_CBC_decrypt(in, out, sz, (const unsigned char*)aes->key,
aes->rounds, (unsigned char*)aes->reg);
return 0;
#else
VECTOR_REGISTERS_PUSH;
@@ -7266,7 +7396,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
!defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
byte scratch[WC_AES_BLOCK_SIZE];
#endif
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
int ret = 0;
#endif
word32 processed;
@@ -7389,6 +7519,47 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
#endif /* __aarch64__ || WOLFSSL_ARMASM_NO_HW_CRYPTO */
return 0;
#elif defined(WOLFSSL_PPC64_ASM)
{
word32 numBlocks;
byte* tmp = (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left;
/* consume any unused bytes left in aes->tmp */
while ((aes->left != 0) && (sz != 0)) {
*(out++) = *(in++) ^ *(tmp++);
aes->left--;
sz--;
}
/* do as many block size ops as possible */
numBlocks = sz / WC_AES_BLOCK_SIZE;
if (numBlocks > 0) {
AES_CTR_encrypt(in, out, numBlocks * WC_AES_BLOCK_SIZE,
(byte*)aes->key, aes->rounds, (byte*)aes->reg);
sz -= numBlocks * WC_AES_BLOCK_SIZE;
out += numBlocks * WC_AES_BLOCK_SIZE;
in += numBlocks * WC_AES_BLOCK_SIZE;
}
/* handle non block size remaining */
if (sz) {
byte zeros[WC_AES_BLOCK_SIZE] = { 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0 };
AES_CTR_encrypt(zeros, (byte*)aes->tmp,
WC_AES_BLOCK_SIZE, (byte*)aes->key, aes->rounds,
(byte*)aes->reg);
aes->left = WC_AES_BLOCK_SIZE;
tmp = (byte*)aes->tmp;
while (sz--) {
*(out++) = *(in++) ^ *(tmp++);
aes->left--;
}
}
}
return 0;
#else
VECTOR_REGISTERS_PUSH;
@@ -7640,6 +7811,13 @@ void GenerateM0(Gcm* gcm)
}
}
#if defined(WOLFSSL_PPC64_ASM)
for (i = 1; i < 256; i++) {
word64* m64 = (word64*)gcm->M0[i];
m64[0] = ByteReverseWord64(m64[0]);
m64[1] = ByteReverseWord64(m64[1]);
}
#endif
XMEMSET(m[0], 0, WC_AES_BLOCK_SIZE);
}
@@ -7725,7 +7903,6 @@ void GenerateM0(Gcm* gcm)
#endif
}
#endif
}
#endif /* GCM_TABLE */
@@ -8125,6 +8302,37 @@ static void GCM_gmult_len_armasm_C(
#elif defined(WOLFSSL_ARMASM)
#define GCM_GMULT_LEN(gcm, x, a, len) \
GCM_gmult_len_NEON(x, (const byte*)((gcm)->H), a, len)
#elif defined(WOLFSSL_PPC64_ASM)
static void GCM_gmult_len_armasm_C(
byte* x, const byte* h, const unsigned char* a, unsigned long len)
{
byte Z[AES_BLOCK_SIZE];
byte V[AES_BLOCK_SIZE];
int i;
int j;
while (len >= AES_BLOCK_SIZE) {
xorbuf(x, a, AES_BLOCK_SIZE);
XMEMSET(Z, 0, AES_BLOCK_SIZE);
XMEMCPY(V, x, AES_BLOCK_SIZE);
for (i = 0; i < AES_BLOCK_SIZE; i++) {
byte y = h[i];
for (j = 0; j < 8; j++) {
if (y & 0x80) {
xorbuf(Z, V, AES_BLOCK_SIZE);
}
RIGHTSHIFTX(V);
y = y << 1;
}
}
XMEMCPY(x, Z, AES_BLOCK_SIZE);
len -= AES_BLOCK_SIZE;
a += AES_BLOCK_SIZE;
}
}
#define GCM_GMULT_LEN(gcm, x, a, len) \
GCM_gmult_len_armasm_C(x, (gcm)->H, a, len)
#endif
#elif defined(GCM_TABLE)
@@ -8138,6 +8346,9 @@ static void GCM_gmult_len_armasm_C(
#define GCM_GMULT_LEN(gcm, x, a, len) \
GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
#endif
#elif defined(WOLFSSL_PPC64_ASM)
#define GCM_GMULT_LEN(gcm, x, a, len) \
GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
#else
ALIGN16 static const byte R[256][2] = {
{0x00, 0x00}, {0x01, 0xc2}, {0x03, 0x84}, {0x02, 0x46},
@@ -8400,7 +8611,7 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
#endif /* WOLFSSL_AESGCM_STREAM */
/* end GCM_TABLE */
#elif defined(GCM_TABLE_4BIT)
/* ARM assembly */
#if defined(WOLFSSL_ARMASM) && (defined(__aarch64__) || \
defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
#if !defined(WOLFSSL_ARMASM_NO_NEON) && defined(__aarch64__)
@@ -8414,6 +8625,14 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
#define GMULT(x, m) \
GCM_gmult(x, (const byte**)m)
#endif
/* PPC64 assembly */
#elif defined(WOLFSSL_PPC64_ASM)
#define GCM_GMULT_LEN(gcm, x, a, len) \
GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
#define GMULT(x, m) \
GCM_gmult(x, (const byte**)m)
#else
/* remainder = x^7 + x^2 + x^1 + 1 => 0xe1
* R shifts right a reverse bit pair of bytes such that:
@@ -9928,7 +10147,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
#endif /* STM32_CRYPTO_AES_GCM */
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
#ifdef WOLFSSL_AESNI
/* For performance reasons, this code needs to be not inlined. */
WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
@@ -10048,8 +10267,9 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
return ret;
}
#elif defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
static int AES_GCM_encrypt_ARM(Aes* aes, byte* out, const byte* in,
#elif (defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)) || \
defined(WOLFSSL_PPC64_ASM)
static int AES_GCM_encrypt_ASM(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
@@ -10305,10 +10525,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#endif /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
#if defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
{
ret = AES_GCM_encrypt_ARM(aes, out, in, sz, iv, ivSz, authTag,
ret = AES_GCM_encrypt_ASM(aes, out, in, sz, iv, ivSz, authTag,
authTagSz, authIn, authInSz);
}
#endif /* __aarch64__ || WOLFSSL_ARMASM_NO_HW_CRYPTO */
#elif defined(WOLFSSL_PPC64_ASM)
ret = AES_GCM_encrypt_ASM(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
authIn, authInSz);
#else
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
@@ -10653,7 +10876,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
#endif /* STM32_CRYPTO_AES_GCM */
#if !defined(WOLFSSL_ARMASM)
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PPC64_ASM)
#ifdef WOLFSSL_AESNI
/* For performance reasons, this code needs to be not inlined. */
int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
@@ -10802,8 +11025,9 @@ int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
#endif
return ret;
}
#elif defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
static int AES_GCM_decrypt_ARM(Aes* aes, byte* out, const byte* in,
#elif (defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)) || \
defined(WOLFSSL_PPC64_ASM)
static int AES_GCM_decrypt_ASM(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz, const byte* authTag,
word32 authTagSz, const byte* authIn, word32 authInSz)
{
@@ -11057,10 +11281,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#endif /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
#if defined(__aarch64__) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
{
ret = AES_GCM_decrypt_ARM(aes, out, in, sz, iv, ivSz, authTag,
ret = AES_GCM_decrypt_ASM(aes, out, in, sz, iv, ivSz, authTag,
authTagSz, authIn, authInSz);
}
#endif /* __aarch64__ || WOLFSSL_ARMASM_NO_HW_CRYPTO */
#elif defined(WOLFSSL_PPC64_ASM)
{
ret = AES_GCM_decrypt_ASM(aes, out, in, sz, iv, ivSz, authTag,
authTagSz, authIn, authInSz);
}
#else
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
@@ -14233,6 +14462,9 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
aes->rounds);
}
#endif
#elif defined(WOLFSSL_PPC64_ASM)
AES_ECB_encrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds);
ret = 0;
#else
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
@@ -14325,6 +14557,9 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
aes->rounds);
}
#endif
#elif defined(WOLFSSL_PPC64_ASM)
AES_ECB_decrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds);
ret = 0;
#else
#ifdef WOLFSSL_AESNI
if (aes->use_aesni) {
@@ -15584,8 +15819,8 @@ static WARN_UNUSED_RESULT int _AesXtsHelper(
*/
/* Software AES - XTS Encrypt */
#if !defined(WOLFSSL_ARMASM) || (!defined(__aarch64__) && \
defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
#if (!defined(WOLFSSL_ARMASM) || (!defined(__aarch64__) && \
defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))) && !defined(WOLFSSL_PPC64_ASM)
static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
word32 sz,
byte *i);
@@ -15825,6 +16060,10 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
ret = 0;
}
#endif
#elif defined(WOLFSSL_PPC64_ASM)
AES_XTS_encrypt(in, out, sz, i, (byte*)xaes->aes.key,
(byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
ret = 0;
#else
ret = AesXtsEncrypt_sw(xaes, out, in, sz, i);
#endif
@@ -16043,8 +16282,8 @@ int wc_AesXtsEncryptFinal(XtsAes* xaes, byte* out, const byte* in, word32 sz,
*/
/* Software AES - XTS Decrypt */
#if !defined(WOLFSSL_ARMASM) || (!defined(__aarch64__) && \
defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
#if (!defined(WOLFSSL_ARMASM) || (!defined(__aarch64__) && \
defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))) && !defined(WOLFSSL_PPC64_ASM)
static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
word32 sz, byte *i);
@@ -16302,6 +16541,10 @@ int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
ret = 0;
}
#endif
#elif defined(WOLFSSL_PPC64_ASM)
AES_XTS_decrypt(in, out, sz, i, (byte*)xaes->aes.key,
(byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
ret = 0;
#else
ret = AesXtsDecrypt_sw(xaes, out, in, sz, i);
#endif
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
+47
View File
@@ -1112,6 +1112,53 @@ WOLFSSL_LOCAL void AES_XTS_decrypt_AARCH32(const byte* in, byte* out,
#endif /* !__aarch64__ && !WOLFSSL_ARMASM_NO_HW_CRYPTO */
#endif /* WOLFSSL_ARMASM */
#if defined(WOLFSSL_PPC64_ASM)
WOLFSSL_LOCAL void AES_set_encrypt_key(const unsigned char* key, word32 len,
unsigned char* ks);
WOLFSSL_LOCAL void AES_invert_key(unsigned char* ks, word32 rounds);
WOLFSSL_LOCAL void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr);
WOLFSSL_LOCAL void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr);
WOLFSSL_LOCAL void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
WOLFSSL_LOCAL void AES_CBC_decrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
WOLFSSL_LOCAL void AES_CTR_encrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
/* in pre-C2x C, constness conflicts for dimensioned arrays can't be resolved.
*/
WOLFSSL_LOCAL void GCM_gmult_len(byte* x, const byte** m,
const unsigned char* data, unsigned long len);
#endif
WOLFSSL_LOCAL void AES_GCM_encrypt(const unsigned char* in, unsigned char* out,
unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
#if defined(BUILDING_WOLFSSL)
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesSetKeyDirect(Aes* aes,
const byte* key,
word32 len,
const byte* iv, int dir);
#else
WOLFSSL_API int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
#endif
#if defined(WOLFSSL_AES_XTS)
WOLFSSL_LOCAL void AES_XTS_encrypt(const byte* in, byte* out, word32 sz,
const byte* i, byte* key, byte* key2, byte* tmp, int nr);
WOLFSSL_LOCAL void AES_XTS_decrypt(const byte* in, byte* out, word32 sz,
const byte* i, byte* key, byte* key2, byte* tmp, int nr);
#endif
#endif /* WOLFSSL_PPC64_ASM */
#ifdef __cplusplus
} /* extern "C" */
#endif