15f270659SKonstantin Belousov/*- 25f270659SKonstantin Belousov* The white paper of AES-NI instructions can be downloaded from: 35f270659SKonstantin Belousov * http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf 45f270659SKonstantin Belousov * 55f270659SKonstantin Belousov * Copyright (C) 2008-2010, Intel Corporation 65f270659SKonstantin Belousov * Author: Huang Ying <ying.huang@intel.com> 75f270659SKonstantin Belousov * Vinodh Gopal <vinodh.gopal@intel.com> 85f270659SKonstantin Belousov * Kahraman Akdemir 95f270659SKonstantin Belousov * 105f270659SKonstantin Belousov * Redistribution and use in source and binary forms, with or without 115f270659SKonstantin Belousov * modification, are permitted provided that the following 125f270659SKonstantin Belousov * conditions are met: 135f270659SKonstantin Belousov * 145f270659SKonstantin Belousov * - Redistributions of source code must retain the above copyright 155f270659SKonstantin Belousov * notice, this list of conditions and the following disclaimer. 165f270659SKonstantin Belousov * 175f270659SKonstantin Belousov * - Redistributions in binary form must reproduce the above copyright 185f270659SKonstantin Belousov * notice, this list of conditions and the following disclaimer in the 195f270659SKonstantin Belousov * documentation and/or other materials provided with the 205f270659SKonstantin Belousov * distribution. 215f270659SKonstantin Belousov * 225f270659SKonstantin Belousov * - Neither the name of Intel Corporation nor the names of its 235f270659SKonstantin Belousov * contributors may be used to endorse or promote products 245f270659SKonstantin Belousov * derived from this software without specific prior written 255f270659SKonstantin Belousov * permission. 265f270659SKonstantin Belousov * 275f270659SKonstantin Belousov * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 285f270659SKonstantin Belousov * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 295f270659SKonstantin Belousov * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 305f270659SKonstantin Belousov * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 315f270659SKonstantin Belousov * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 325f270659SKonstantin Belousov * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 335f270659SKonstantin Belousov * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 345f270659SKonstantin Belousov * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 355f270659SKonstantin Belousov * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 365f270659SKonstantin Belousov * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 375f270659SKonstantin Belousov * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 385f270659SKonstantin Belousov */ 395f270659SKonstantin Belousov 405f270659SKonstantin Belousov#include <machine/asmacros.h> 415f270659SKonstantin Belousov 425f270659SKonstantin Belousov .text 435f270659SKonstantin Belousov 445f270659SKonstantin BelousovENTRY(_key_expansion_128) 455f270659SKonstantin Belousov_key_expansion_256a: 465f270659SKonstantin Belousov .cfi_startproc 475f270659SKonstantin Belousov pshufd $0b11111111,%xmm1,%xmm1 485f270659SKonstantin Belousov shufps $0b00010000,%xmm0,%xmm4 495f270659SKonstantin Belousov pxor %xmm4,%xmm0 505f270659SKonstantin Belousov shufps $0b10001100,%xmm0,%xmm4 515f270659SKonstantin Belousov pxor %xmm4,%xmm0 525f270659SKonstantin Belousov pxor %xmm1,%xmm0 535f270659SKonstantin Belousov movaps %xmm0,(%edx) 545f270659SKonstantin Belousov addl $0x10,%edx 55*23561027SDimitry Andric retl 565f270659SKonstantin Belousov .cfi_endproc 575f270659SKonstantin BelousovEND(_key_expansion_128) 585f270659SKonstantin Belousov 595f270659SKonstantin BelousovENTRY(_key_expansion_192a) 605f270659SKonstantin Belousov .cfi_startproc 615f270659SKonstantin Belousov pshufd $0b01010101,%xmm1,%xmm1 625f270659SKonstantin Belousov shufps $0b00010000,%xmm0,%xmm4 635f270659SKonstantin Belousov pxor %xmm4,%xmm0 645f270659SKonstantin Belousov shufps $0b10001100,%xmm0,%xmm4 655f270659SKonstantin Belousov pxor %xmm4,%xmm0 665f270659SKonstantin Belousov pxor %xmm1,%xmm0 675f270659SKonstantin Belousov movaps %xmm2,%xmm5 685f270659SKonstantin Belousov movaps %xmm2,%xmm6 695f270659SKonstantin Belousov pslldq $4,%xmm5 705f270659SKonstantin Belousov pshufd $0b11111111,%xmm0,%xmm3 715f270659SKonstantin Belousov pxor %xmm3,%xmm2 725f270659SKonstantin Belousov pxor %xmm5,%xmm2 735f270659SKonstantin Belousov movaps %xmm0,%xmm1 745f270659SKonstantin Belousov shufps $0b01000100,%xmm0,%xmm6 755f270659SKonstantin Belousov movaps %xmm6,(%edx) 765f270659SKonstantin Belousov shufps $0b01001110,%xmm2,%xmm1 775f270659SKonstantin Belousov movaps %xmm1,0x10(%edx) 785f270659SKonstantin Belousov addl $0x20,%edx 79*23561027SDimitry Andric retl 805f270659SKonstantin Belousov .cfi_endproc 815f270659SKonstantin BelousovEND(_key_expansion_192a) 825f270659SKonstantin Belousov 835f270659SKonstantin BelousovENTRY(_key_expansion_192b) 845f270659SKonstantin Belousov .cfi_startproc 855f270659SKonstantin Belousov pshufd $0b01010101,%xmm1,%xmm1 865f270659SKonstantin Belousov shufps $0b00010000,%xmm0,%xmm4 875f270659SKonstantin Belousov pxor %xmm4,%xmm0 885f270659SKonstantin Belousov shufps $0b10001100,%xmm0,%xmm4 895f270659SKonstantin Belousov pxor %xmm4,%xmm0 905f270659SKonstantin Belousov pxor %xmm1,%xmm0 915f270659SKonstantin Belousov movaps %xmm2,%xmm5 925f270659SKonstantin Belousov pslldq $4,%xmm5 935f270659SKonstantin Belousov pshufd $0b11111111,%xmm0,%xmm3 945f270659SKonstantin Belousov pxor %xmm3,%xmm2 955f270659SKonstantin Belousov pxor %xmm5,%xmm2 965f270659SKonstantin Belousov movaps %xmm0,(%edx) 975f270659SKonstantin Belousov addl $0x10,%edx 985f270659SKonstantin Belousov retl 995f270659SKonstantin Belousov .cfi_endproc 1005f270659SKonstantin BelousovEND(_key_expansion_192b) 1015f270659SKonstantin Belousov 1025f270659SKonstantin BelousovENTRY(_key_expansion_256b) 1035f270659SKonstantin Belousov .cfi_startproc 1045f270659SKonstantin Belousov pshufd $0b10101010,%xmm1,%xmm1 1055f270659SKonstantin Belousov shufps $0b00010000,%xmm2,%xmm4 1065f270659SKonstantin Belousov pxor %xmm4,%xmm2 1075f270659SKonstantin Belousov shufps $0b10001100,%xmm2,%xmm4 1085f270659SKonstantin Belousov pxor %xmm4,%xmm2 1095f270659SKonstantin Belousov pxor %xmm1,%xmm2 1105f270659SKonstantin Belousov movaps %xmm2,(%edx) 1115f270659SKonstantin Belousov addl $0x10,%edx 1125f270659SKonstantin Belousov retl 1135f270659SKonstantin Belousov .cfi_endproc 1145f270659SKonstantin BelousovEND(_key_expansion_256b) 1155f270659SKonstantin Belousov 1165f270659SKonstantin BelousovENTRY(aesni_set_enckey) 1175f270659SKonstantin Belousov .cfi_startproc 1185f270659SKonstantin Belousov pushl %ebp 1195f270659SKonstantin Belousov .cfi_adjust_cfa_offset 4 1205f270659SKonstantin Belousov movl %esp,%ebp 1215f270659SKonstantin Belousov movl 8(%ebp),%ecx 1225f270659SKonstantin Belousov movl 12(%ebp),%edx 1235f270659SKonstantin Belousov movups (%ecx),%xmm0 # user key (first 16 bytes) 1245f270659SKonstantin Belousov movaps %xmm0,(%edx) 1255f270659SKonstantin Belousov addl $0x10,%edx # key addr 1265f270659SKonstantin Belousov pxor %xmm4,%xmm4 # xmm4 is assumed 0 in _key_expansion_x 1275f270659SKonstantin Belousov cmpl $12,16(%ebp) # rounds 1285f270659SKonstantin Belousov jb .Lenc_key128 1295f270659SKonstantin Belousov je .Lenc_key192 1305f270659SKonstantin Belousov movups 0x10(%ecx),%xmm2 # other user key 1315f270659SKonstantin Belousov movaps %xmm2,(%edx) 1325f270659SKonstantin Belousov addl $0x10,%edx 1335f270659SKonstantin Belousov// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 1345f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 1355f270659SKonstantin Belousov call _key_expansion_256a 1365f270659SKonstantin Belousov// aeskeygenassist $0x1,%xmm0,%xmm1 1375f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 1385f270659SKonstantin Belousov call _key_expansion_256b 1395f270659SKonstantin Belousov// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 1405f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 1415f270659SKonstantin Belousov call _key_expansion_256a 1425f270659SKonstantin Belousov// aeskeygenassist $0x2,%xmm0,%xmm1 1435f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 1445f270659SKonstantin Belousov call _key_expansion_256b 1455f270659SKonstantin Belousov// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 1465f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 1475f270659SKonstantin Belousov call _key_expansion_256a 1485f270659SKonstantin Belousov// aeskeygenassist $0x4,%xmm0,%xmm1 1495f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 1505f270659SKonstantin Belousov call _key_expansion_256b 1515f270659SKonstantin Belousov// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 1525f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 1535f270659SKonstantin Belousov call _key_expansion_256a 1545f270659SKonstantin Belousov// aeskeygenassist $0x8,%xmm0,%xmm1 1555f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 1565f270659SKonstantin Belousov call _key_expansion_256b 1575f270659SKonstantin Belousov// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 1585f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 1595f270659SKonstantin Belousov call _key_expansion_256a 1605f270659SKonstantin Belousov// aeskeygenassist $0x10,%xmm0,%xmm1 1615f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 1625f270659SKonstantin Belousov call _key_expansion_256b 1635f270659SKonstantin Belousov// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 1645f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 1655f270659SKonstantin Belousov call _key_expansion_256a 1665f270659SKonstantin Belousov// aeskeygenassist $0x20,%xmm0,%xmm1 1675f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 1685f270659SKonstantin Belousov call _key_expansion_256b 1695f270659SKonstantin Belousov// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 1705f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 1715f270659SKonstantin Belousov call _key_expansion_256a 1725f270659SKonstantin Belousov .cfi_adjust_cfa_offset -4 1735f270659SKonstantin Belousov leave 1745f270659SKonstantin Belousov retl 1755f270659SKonstantin Belousov.Lenc_key192: 1765f270659SKonstantin Belousov movq 0x10(%ecx),%xmm2 # other user key 1775f270659SKonstantin Belousov// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1 1785f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01 1795f270659SKonstantin Belousov call _key_expansion_192a 1805f270659SKonstantin Belousov// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2 1815f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02 1825f270659SKonstantin Belousov call _key_expansion_192b 1835f270659SKonstantin Belousov// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3 1845f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04 1855f270659SKonstantin Belousov call _key_expansion_192a 1865f270659SKonstantin Belousov// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4 1875f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08 1885f270659SKonstantin Belousov call _key_expansion_192b 1895f270659SKonstantin Belousov// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5 1905f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10 1915f270659SKonstantin Belousov call _key_expansion_192a 1925f270659SKonstantin Belousov// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6 1935f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 1945f270659SKonstantin Belousov call _key_expansion_192b 1955f270659SKonstantin Belousov// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 1965f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40 1975f270659SKonstantin Belousov call _key_expansion_192a 1985f270659SKonstantin Belousov// aeskeygenassist $0x80,%xmm2,%xmm1 # round 8 1995f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xca,0x80 2005f270659SKonstantin Belousov call _key_expansion_192b 2015f270659SKonstantin Belousov leave 2025f270659SKonstantin Belousov .cfi_adjust_cfa_offset -4 2035f270659SKonstantin Belousov retl 2045f270659SKonstantin Belousov.Lenc_key128: 2055f270659SKonstantin Belousov// aeskeygenassist $0x1,%xmm0,%xmm1 # round 1 2065f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01 2075f270659SKonstantin Belousov call _key_expansion_128 2085f270659SKonstantin Belousov// aeskeygenassist $0x2,%xmm0,%xmm1 # round 2 2095f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02 2105f270659SKonstantin Belousov call _key_expansion_128 2115f270659SKonstantin Belousov// aeskeygenassist $0x4,%xmm0,%xmm1 # round 3 2125f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04 2135f270659SKonstantin Belousov call _key_expansion_128 2145f270659SKonstantin Belousov// aeskeygenassist $0x8,%xmm0,%xmm1 # round 4 2155f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08 2165f270659SKonstantin Belousov call _key_expansion_128 2175f270659SKonstantin Belousov// aeskeygenassist $0x10,%xmm0,%xmm1 # round 5 2185f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10 2195f270659SKonstantin Belousov call _key_expansion_128 2205f270659SKonstantin Belousov// aeskeygenassist $0x20,%xmm0,%xmm1 # round 6 2215f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 2225f270659SKonstantin Belousov call _key_expansion_128 2235f270659SKonstantin Belousov// aeskeygenassist $0x40,%xmm0,%xmm1 # round 7 2245f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x40 2255f270659SKonstantin Belousov call _key_expansion_128 2265f270659SKonstantin Belousov// aeskeygenassist $0x80,%xmm0,%xmm1 # round 8 2275f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x80 2285f270659SKonstantin Belousov call _key_expansion_128 2295f270659SKonstantin Belousov// aeskeygenassist $0x1b,%xmm0,%xmm1 # round 9 2305f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x1b 2315f270659SKonstantin Belousov call _key_expansion_128 2325f270659SKonstantin Belousov// aeskeygenassist $0x36,%xmm0,%xmm1 # round 10 2335f270659SKonstantin Belousov .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x36 2345f270659SKonstantin Belousov call _key_expansion_128 2355f270659SKonstantin Belousov leave 2365f270659SKonstantin Belousov .cfi_adjust_cfa_offset -4 2375f270659SKonstantin Belousov retl 2385f270659SKonstantin Belousov .cfi_endproc 2395f270659SKonstantin BelousovEND(aesni_set_enckey) 2405f270659SKonstantin Belousov 2415f270659SKonstantin BelousovENTRY(aesni_set_deckey) 2425f270659SKonstantin Belousov .cfi_startproc 2435f270659SKonstantin Belousov pushl %ebp 2445f270659SKonstantin Belousov .cfi_adjust_cfa_offset 4 2455f270659SKonstantin Belousov movl %esp,%ebp 2465f270659SKonstantin Belousov movl 16(%ebp),%eax /* rounds */ 2475f270659SKonstantin Belousov movl %eax,%ecx 2485f270659SKonstantin Belousov shll $4,%ecx 2495f270659SKonstantin Belousov addl 8(%ebp),%ecx /* encrypt_schedule last quad */ 2505f270659SKonstantin Belousov movl 12(%ebp),%edx /* decrypt_schedule */ 2515f270659SKonstantin Belousov movdqa (%ecx),%xmm0 2525f270659SKonstantin Belousov movdqa %xmm0,(%edx) 2535f270659SKonstantin Belousov decl %eax 2545f270659SKonstantin Belousov1: 2555f270659SKonstantin Belousov addl $0x10,%edx 2565f270659SKonstantin Belousov subl $0x10,%ecx 2575f270659SKonstantin Belousov// aesimc (%ecx),%xmm1 2585f270659SKonstantin Belousov .byte 0x66,0x0f,0x38,0xdb,0x09 2595f270659SKonstantin Belousov movdqa %xmm1,(%edx) 2605f270659SKonstantin Belousov decl %eax 2615f270659SKonstantin Belousov jne 1b 2625f270659SKonstantin Belousov 2635f270659SKonstantin Belousov addl $0x10,%edx 2645f270659SKonstantin Belousov subl $0x10,%ecx 2655f270659SKonstantin Belousov movdqa (%ecx),%xmm0 2665f270659SKonstantin Belousov movdqa %xmm0,(%edx) 2675f270659SKonstantin Belousov leave 2685f270659SKonstantin Belousov .cfi_adjust_cfa_offset -4 2695f270659SKonstantin Belousov retl 2705f270659SKonstantin Belousov .cfi_endproc 2715f270659SKonstantin BelousovEND(aesni_set_deckey) 2725f270659SKonstantin Belousov 2735f270659SKonstantin Belousov .ident "$FreeBSD$" 274