xref: /freebsd/sys/crypto/aesni/aeskeys_amd64.S (revision 682d5a87e51966939710fb52cc4e8fbb7bff04b5) 
15f270659SKonstantin Belousov/*-
25f270659SKonstantin Belousov* The white paper of AES-NI instructions can be downloaded from:
35f270659SKonstantin Belousov *   http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
45f270659SKonstantin Belousov *
55f270659SKonstantin Belousov * Copyright (C) 2008-2010, Intel Corporation
65f270659SKonstantin Belousov *    Author: Huang Ying <ying.huang@intel.com>
75f270659SKonstantin Belousov *            Vinodh Gopal <vinodh.gopal@intel.com>
85f270659SKonstantin Belousov *            Kahraman Akdemir
95f270659SKonstantin Belousov *
105f270659SKonstantin Belousov * Redistribution and use in source and binary forms, with or without
115f270659SKonstantin Belousov * modification, are permitted provided that the following
125f270659SKonstantin Belousov * conditions are met:
135f270659SKonstantin Belousov *
145f270659SKonstantin Belousov * - Redistributions of source code must retain the above copyright
155f270659SKonstantin Belousov *   notice, this list of conditions and the following disclaimer.
165f270659SKonstantin Belousov *
175f270659SKonstantin Belousov * - Redistributions in binary form must reproduce the above copyright
185f270659SKonstantin Belousov *   notice, this list of conditions and the following disclaimer in the
195f270659SKonstantin Belousov *   documentation and/or other materials provided with the
205f270659SKonstantin Belousov *   distribution.
215f270659SKonstantin Belousov *
225f270659SKonstantin Belousov * - Neither the name of Intel Corporation nor the names of its
235f270659SKonstantin Belousov *   contributors may be used to endorse or promote products
245f270659SKonstantin Belousov *   derived from this software without specific prior written
255f270659SKonstantin Belousov *   permission.
265f270659SKonstantin Belousov *
275f270659SKonstantin Belousov * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
285f270659SKonstantin Belousov * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
295f270659SKonstantin Belousov * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
305f270659SKonstantin Belousov * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
315f270659SKonstantin Belousov * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
325f270659SKonstantin Belousov * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
335f270659SKonstantin Belousov * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
345f270659SKonstantin Belousov * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
355f270659SKonstantin Belousov * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
365f270659SKonstantin Belousov * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
375f270659SKonstantin Belousov * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
385f270659SKonstantin Belousov */
395f270659SKonstantin Belousov
405f270659SKonstantin Belousov#include <machine/asmacros.h>
415f270659SKonstantin Belousov
425f270659SKonstantin Belousov	.text
435f270659SKonstantin Belousov
445f270659SKonstantin BelousovENTRY(_key_expansion_128)
455f270659SKonstantin Belousov_key_expansion_256a:
465f270659SKonstantin Belousov	.cfi_startproc
475f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm1,%xmm1
485f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
495f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
505f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
515f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
525f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
535f270659SKonstantin Belousov	movaps	%xmm0,(%rsi)
545f270659SKonstantin Belousov	addq	$0x10,%rsi
555f270659SKonstantin Belousov	retq
565f270659SKonstantin Belousov	.cfi_endproc
575f270659SKonstantin BelousovEND(_key_expansion_128)
585f270659SKonstantin Belousov
595f270659SKonstantin BelousovENTRY(_key_expansion_192a)
605f270659SKonstantin Belousov	.cfi_startproc
615f270659SKonstantin Belousov	pshufd	$0b01010101,%xmm1,%xmm1
625f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
635f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
645f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
655f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
665f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
675f270659SKonstantin Belousov	movaps	%xmm2,%xmm5
685f270659SKonstantin Belousov	movaps	%xmm2,%xmm6
695f270659SKonstantin Belousov	pslldq	$4,%xmm5
705f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm0,%xmm3
715f270659SKonstantin Belousov	pxor	%xmm3,%xmm2
725f270659SKonstantin Belousov	pxor	%xmm5,%xmm2
735f270659SKonstantin Belousov	movaps	%xmm0,%xmm1
745f270659SKonstantin Belousov	shufps	$0b01000100,%xmm0,%xmm6
755f270659SKonstantin Belousov	movaps	%xmm6,(%rsi)
765f270659SKonstantin Belousov	shufps	$0b01001110,%xmm2,%xmm1
775f270659SKonstantin Belousov	movaps	%xmm1,0x10(%rsi)
785f270659SKonstantin Belousov	addq	$0x20,%rsi
795f270659SKonstantin Belousov	retq
805f270659SKonstantin Belousov	.cfi_endproc
815f270659SKonstantin BelousovEND(_key_expansion_192a)
825f270659SKonstantin Belousov
835f270659SKonstantin BelousovENTRY(_key_expansion_192b)
845f270659SKonstantin Belousov	.cfi_startproc
855f270659SKonstantin Belousov	pshufd	$0b01010101,%xmm1,%xmm1
865f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
875f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
885f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
895f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
905f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
915f270659SKonstantin Belousov	movaps	%xmm2,%xmm5
925f270659SKonstantin Belousov	pslldq	$4,%xmm5
935f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm0,%xmm3
945f270659SKonstantin Belousov	pxor	%xmm3,%xmm2
955f270659SKonstantin Belousov	pxor	%xmm5,%xmm2
965f270659SKonstantin Belousov	movaps	%xmm0,(%rsi)
975f270659SKonstantin Belousov	addq	$0x10,%rsi
985f270659SKonstantin Belousov	retq
995f270659SKonstantin Belousov	.cfi_endproc
1005f270659SKonstantin BelousovEND(_key_expansion_192b)
1015f270659SKonstantin Belousov
1025f270659SKonstantin BelousovENTRY(_key_expansion_256b)
1035f270659SKonstantin Belousov	.cfi_startproc
1045f270659SKonstantin Belousov	pshufd	$0b10101010,%xmm1,%xmm1
1055f270659SKonstantin Belousov	shufps	$0b00010000,%xmm2,%xmm4
1065f270659SKonstantin Belousov	pxor	%xmm4,%xmm2
1075f270659SKonstantin Belousov	shufps	$0b10001100,%xmm2,%xmm4
1085f270659SKonstantin Belousov	pxor	%xmm4,%xmm2
1095f270659SKonstantin Belousov	pxor	%xmm1,%xmm2
1105f270659SKonstantin Belousov	movaps	%xmm2,(%rsi)
1115f270659SKonstantin Belousov	addq	$0x10,%rsi
1125f270659SKonstantin Belousov	retq
1135f270659SKonstantin Belousov	.cfi_endproc
1145f270659SKonstantin BelousovEND(_key_expansion_256b)
1155f270659SKonstantin Belousov
1165f270659SKonstantin BelousovENTRY(aesni_set_enckey)
1175f270659SKonstantin Belousov	.cfi_startproc
1185f270659SKonstantin Belousov	movups	(%rdi),%xmm0		# user key (first 16 bytes)
1195f270659SKonstantin Belousov	movaps	%xmm0,(%rsi)
1205f270659SKonstantin Belousov	addq	$0x10,%rsi		# key addr
1215f270659SKonstantin Belousov	pxor	%xmm4,%xmm4		# xmm4 is assumed 0 in _key_expansion_x
1225f270659SKonstantin Belousov	cmpl	$12,%edx
1235f270659SKonstantin Belousov	jb	.Lenc_key128
1245f270659SKonstantin Belousov	je	.Lenc_key192
1255f270659SKonstantin Belousov	movups	0x10(%rdi),%xmm2	# other user key
1265f270659SKonstantin Belousov	movaps	%xmm2,(%rsi)
1275f270659SKonstantin Belousov	addq	$0x10,%rsi
128*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x1,%xmm2,%xmm1	# round 1
1295f270659SKonstantin Belousov	call	_key_expansion_256a
130*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x1,%xmm0,%xmm1
1315f270659SKonstantin Belousov	call	_key_expansion_256b
132*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x2,%xmm2,%xmm1	# round 2
1335f270659SKonstantin Belousov	call	_key_expansion_256a
134*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x2,%xmm0,%xmm1
1355f270659SKonstantin Belousov	call	_key_expansion_256b
136*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x4,%xmm2,%xmm1	# round 3
1375f270659SKonstantin Belousov	call	_key_expansion_256a
138*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x4,%xmm0,%xmm1
1395f270659SKonstantin Belousov	call	_key_expansion_256b
140*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x8,%xmm2,%xmm1	# round 4
1415f270659SKonstantin Belousov	call	_key_expansion_256a
142*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x8,%xmm0,%xmm1
1435f270659SKonstantin Belousov	call	_key_expansion_256b
144*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x10,%xmm2,%xmm1	# round 5
1455f270659SKonstantin Belousov	call	_key_expansion_256a
146*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x10,%xmm0,%xmm1
1475f270659SKonstantin Belousov	call	_key_expansion_256b
148*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x20,%xmm2,%xmm1	# round 6
1495f270659SKonstantin Belousov	call	_key_expansion_256a
150*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x20,%xmm0,%xmm1
1515f270659SKonstantin Belousov	call	_key_expansion_256b
152*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
1535f270659SKonstantin Belousov	call	_key_expansion_256a
1545f270659SKonstantin Belousov	retq
1555f270659SKonstantin Belousov.Lenc_key192:
1565f270659SKonstantin Belousov	movq	0x10(%rdi),%xmm2		# other user key
157*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x1,%xmm2,%xmm1	# round 1
1585f270659SKonstantin Belousov	call	_key_expansion_192a
159*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x2,%xmm2,%xmm1	# round 2
1605f270659SKonstantin Belousov	call	_key_expansion_192b
161*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x4,%xmm2,%xmm1	# round 3
1625f270659SKonstantin Belousov	call	_key_expansion_192a
163*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x8,%xmm2,%xmm1	# round 4
1645f270659SKonstantin Belousov	call	_key_expansion_192b
165*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x10,%xmm2,%xmm1	# round 5
1665f270659SKonstantin Belousov	call	_key_expansion_192a
167*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x20,%xmm2,%xmm1	# round 6
1685f270659SKonstantin Belousov	call	_key_expansion_192b
169*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
1705f270659SKonstantin Belousov	call	_key_expansion_192a
171*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x80,%xmm2,%xmm1	# round 8
1725f270659SKonstantin Belousov	call	_key_expansion_192b
1735f270659SKonstantin Belousov	retq
1745f270659SKonstantin Belousov.Lenc_key128:
175*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x1,%xmm0,%xmm1	# round 1
1765f270659SKonstantin Belousov	call	_key_expansion_128
177*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x2,%xmm0,%xmm1	# round 2
1785f270659SKonstantin Belousov	call	_key_expansion_128
179*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x4,%xmm0,%xmm1	# round 3
1805f270659SKonstantin Belousov	call	_key_expansion_128
181*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x8,%xmm0,%xmm1	# round 4
1825f270659SKonstantin Belousov	call	_key_expansion_128
183*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x10,%xmm0,%xmm1	# round 5
1845f270659SKonstantin Belousov	call	_key_expansion_128
185*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x20,%xmm0,%xmm1	# round 6
1865f270659SKonstantin Belousov	call	_key_expansion_128
187*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x40,%xmm0,%xmm1	# round 7
1885f270659SKonstantin Belousov	call	_key_expansion_128
189*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x80,%xmm0,%xmm1	# round 8
1905f270659SKonstantin Belousov	call	_key_expansion_128
191*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x1b,%xmm0,%xmm1	# round 9
1925f270659SKonstantin Belousov	call	_key_expansion_128
193*ff6c7bf5SJohn-Mark Gurney	aeskeygenassist $0x36,%xmm0,%xmm1	# round 10
1945f270659SKonstantin Belousov	call	_key_expansion_128
1955f270659SKonstantin Belousov	retq
1965f270659SKonstantin Belousov	.cfi_endproc
1975f270659SKonstantin BelousovEND(aesni_set_enckey)
1985f270659SKonstantin Belousov
1995f270659SKonstantin BelousovENTRY(aesni_set_deckey)
2005f270659SKonstantin Belousov	.cfi_startproc
2015f270659SKonstantin Belousov	movslq	%edx,%rax
2025f270659SKonstantin Belousov	shlq	$4,%rax
2035f270659SKonstantin Belousov	addq	%rax,%rdi
2045f270659SKonstantin Belousov	movdqa	(%rdi),%xmm0
2055f270659SKonstantin Belousov	movdqa	%xmm0,(%rsi)
2065f270659SKonstantin Belousov	decl	%edx
2075f270659SKonstantin Belousov1:
2085f270659SKonstantin Belousov	addq	$0x10,%rsi
2095f270659SKonstantin Belousov	subq	$0x10,%rdi
210*ff6c7bf5SJohn-Mark Gurney	aesimc	(%rdi),%xmm1
2115f270659SKonstantin Belousov	movdqa	%xmm1,(%rsi)
2125f270659SKonstantin Belousov	decl	%edx
2135f270659SKonstantin Belousov	jne	1b
2145f270659SKonstantin Belousov
2155f270659SKonstantin Belousov	addq	$0x10,%rsi
2165f270659SKonstantin Belousov	subq	$0x10,%rdi
2175f270659SKonstantin Belousov	movdqa	(%rdi),%xmm0
2185f270659SKonstantin Belousov	movdqa	%xmm0,(%rsi)
2195f270659SKonstantin Belousov	retq
2205f270659SKonstantin Belousov	.cfi_endproc
2215f270659SKonstantin BelousovEND(aesni_set_deckey)
222