xref: /freebsd/sys/crypto/aesni/aeskeys_i386.S (revision 235610273e2b3b3db377961d3ac84f04ee86cf32)
15f270659SKonstantin Belousov/*-
25f270659SKonstantin Belousov* The white paper of AES-NI instructions can be downloaded from:
35f270659SKonstantin Belousov *   http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
45f270659SKonstantin Belousov *
55f270659SKonstantin Belousov * Copyright (C) 2008-2010, Intel Corporation
65f270659SKonstantin Belousov *    Author: Huang Ying <ying.huang@intel.com>
75f270659SKonstantin Belousov *            Vinodh Gopal <vinodh.gopal@intel.com>
85f270659SKonstantin Belousov *            Kahraman Akdemir
95f270659SKonstantin Belousov *
105f270659SKonstantin Belousov * Redistribution and use in source and binary forms, with or without
115f270659SKonstantin Belousov * modification, are permitted provided that the following
125f270659SKonstantin Belousov * conditions are met:
135f270659SKonstantin Belousov *
145f270659SKonstantin Belousov * - Redistributions of source code must retain the above copyright
155f270659SKonstantin Belousov *   notice, this list of conditions and the following disclaimer.
165f270659SKonstantin Belousov *
175f270659SKonstantin Belousov * - Redistributions in binary form must reproduce the above copyright
185f270659SKonstantin Belousov *   notice, this list of conditions and the following disclaimer in the
195f270659SKonstantin Belousov *   documentation and/or other materials provided with the
205f270659SKonstantin Belousov *   distribution.
215f270659SKonstantin Belousov *
225f270659SKonstantin Belousov * - Neither the name of Intel Corporation nor the names of its
235f270659SKonstantin Belousov *   contributors may be used to endorse or promote products
245f270659SKonstantin Belousov *   derived from this software without specific prior written
255f270659SKonstantin Belousov *   permission.
265f270659SKonstantin Belousov *
275f270659SKonstantin Belousov * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
285f270659SKonstantin Belousov * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
295f270659SKonstantin Belousov * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
305f270659SKonstantin Belousov * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
315f270659SKonstantin Belousov * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
325f270659SKonstantin Belousov * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
335f270659SKonstantin Belousov * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
345f270659SKonstantin Belousov * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
355f270659SKonstantin Belousov * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
365f270659SKonstantin Belousov * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
375f270659SKonstantin Belousov * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
385f270659SKonstantin Belousov */
395f270659SKonstantin Belousov
405f270659SKonstantin Belousov#include <machine/asmacros.h>
415f270659SKonstantin Belousov
425f270659SKonstantin Belousov	.text
435f270659SKonstantin Belousov
445f270659SKonstantin BelousovENTRY(_key_expansion_128)
455f270659SKonstantin Belousov_key_expansion_256a:
465f270659SKonstantin Belousov	.cfi_startproc
475f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm1,%xmm1
485f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
495f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
505f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
515f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
525f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
535f270659SKonstantin Belousov	movaps	%xmm0,(%edx)
545f270659SKonstantin Belousov	addl	$0x10,%edx
55*23561027SDimitry Andric	retl
565f270659SKonstantin Belousov	.cfi_endproc
575f270659SKonstantin BelousovEND(_key_expansion_128)
585f270659SKonstantin Belousov
595f270659SKonstantin BelousovENTRY(_key_expansion_192a)
605f270659SKonstantin Belousov	.cfi_startproc
615f270659SKonstantin Belousov	pshufd	$0b01010101,%xmm1,%xmm1
625f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
635f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
645f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
655f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
665f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
675f270659SKonstantin Belousov	movaps	%xmm2,%xmm5
685f270659SKonstantin Belousov	movaps	%xmm2,%xmm6
695f270659SKonstantin Belousov	pslldq	$4,%xmm5
705f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm0,%xmm3
715f270659SKonstantin Belousov	pxor	%xmm3,%xmm2
725f270659SKonstantin Belousov	pxor	%xmm5,%xmm2
735f270659SKonstantin Belousov	movaps	%xmm0,%xmm1
745f270659SKonstantin Belousov	shufps	$0b01000100,%xmm0,%xmm6
755f270659SKonstantin Belousov	movaps	%xmm6,(%edx)
765f270659SKonstantin Belousov	shufps	$0b01001110,%xmm2,%xmm1
775f270659SKonstantin Belousov	movaps	%xmm1,0x10(%edx)
785f270659SKonstantin Belousov	addl	$0x20,%edx
79*23561027SDimitry Andric	retl
805f270659SKonstantin Belousov	.cfi_endproc
815f270659SKonstantin BelousovEND(_key_expansion_192a)
825f270659SKonstantin Belousov
835f270659SKonstantin BelousovENTRY(_key_expansion_192b)
845f270659SKonstantin Belousov	.cfi_startproc
855f270659SKonstantin Belousov	pshufd	$0b01010101,%xmm1,%xmm1
865f270659SKonstantin Belousov	shufps	$0b00010000,%xmm0,%xmm4
875f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
885f270659SKonstantin Belousov	shufps	$0b10001100,%xmm0,%xmm4
895f270659SKonstantin Belousov	pxor	%xmm4,%xmm0
905f270659SKonstantin Belousov	pxor	%xmm1,%xmm0
915f270659SKonstantin Belousov	movaps	%xmm2,%xmm5
925f270659SKonstantin Belousov	pslldq	$4,%xmm5
935f270659SKonstantin Belousov	pshufd	$0b11111111,%xmm0,%xmm3
945f270659SKonstantin Belousov	pxor	%xmm3,%xmm2
955f270659SKonstantin Belousov	pxor	%xmm5,%xmm2
965f270659SKonstantin Belousov	movaps	%xmm0,(%edx)
975f270659SKonstantin Belousov	addl	$0x10,%edx
985f270659SKonstantin Belousov	retl
995f270659SKonstantin Belousov	.cfi_endproc
1005f270659SKonstantin BelousovEND(_key_expansion_192b)
1015f270659SKonstantin Belousov
1025f270659SKonstantin BelousovENTRY(_key_expansion_256b)
1035f270659SKonstantin Belousov	.cfi_startproc
1045f270659SKonstantin Belousov	pshufd	$0b10101010,%xmm1,%xmm1
1055f270659SKonstantin Belousov	shufps	$0b00010000,%xmm2,%xmm4
1065f270659SKonstantin Belousov	pxor	%xmm4,%xmm2
1075f270659SKonstantin Belousov	shufps	$0b10001100,%xmm2,%xmm4
1085f270659SKonstantin Belousov	pxor	%xmm4,%xmm2
1095f270659SKonstantin Belousov	pxor	%xmm1,%xmm2
1105f270659SKonstantin Belousov	movaps	%xmm2,(%edx)
1115f270659SKonstantin Belousov	addl	$0x10,%edx
1125f270659SKonstantin Belousov	retl
1135f270659SKonstantin Belousov	.cfi_endproc
1145f270659SKonstantin BelousovEND(_key_expansion_256b)
1155f270659SKonstantin Belousov
1165f270659SKonstantin BelousovENTRY(aesni_set_enckey)
1175f270659SKonstantin Belousov	.cfi_startproc
1185f270659SKonstantin Belousov	pushl	%ebp
1195f270659SKonstantin Belousov	.cfi_adjust_cfa_offset 4
1205f270659SKonstantin Belousov	movl	%esp,%ebp
1215f270659SKonstantin Belousov	movl	8(%ebp),%ecx
1225f270659SKonstantin Belousov	movl	12(%ebp),%edx
1235f270659SKonstantin Belousov	movups	(%ecx),%xmm0		# user key (first 16 bytes)
1245f270659SKonstantin Belousov	movaps	%xmm0,(%edx)
1255f270659SKonstantin Belousov	addl	$0x10,%edx		# key addr
1265f270659SKonstantin Belousov	pxor	%xmm4,%xmm4		# xmm4 is assumed 0 in _key_expansion_x
1275f270659SKonstantin Belousov	cmpl	$12,16(%ebp)		# rounds
1285f270659SKonstantin Belousov	jb	.Lenc_key128
1295f270659SKonstantin Belousov	je	.Lenc_key192
1305f270659SKonstantin Belousov	movups	0x10(%ecx),%xmm2	# other user key
1315f270659SKonstantin Belousov	movaps	%xmm2,(%edx)
1325f270659SKonstantin Belousov	addl	$0x10,%edx
1335f270659SKonstantin Belousov//	aeskeygenassist $0x1,%xmm2,%xmm1	# round 1
1345f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x01
1355f270659SKonstantin Belousov	call	_key_expansion_256a
1365f270659SKonstantin Belousov//	aeskeygenassist $0x1,%xmm0,%xmm1
1375f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x01
1385f270659SKonstantin Belousov	call	_key_expansion_256b
1395f270659SKonstantin Belousov//	aeskeygenassist $0x2,%xmm2,%xmm1	# round 2
1405f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x02
1415f270659SKonstantin Belousov	call	_key_expansion_256a
1425f270659SKonstantin Belousov//	aeskeygenassist $0x2,%xmm0,%xmm1
1435f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x02
1445f270659SKonstantin Belousov	call	_key_expansion_256b
1455f270659SKonstantin Belousov//	aeskeygenassist $0x4,%xmm2,%xmm1	# round 3
1465f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x04
1475f270659SKonstantin Belousov	call	_key_expansion_256a
1485f270659SKonstantin Belousov//	aeskeygenassist $0x4,%xmm0,%xmm1
1495f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x04
1505f270659SKonstantin Belousov	call	_key_expansion_256b
1515f270659SKonstantin Belousov//	aeskeygenassist $0x8,%xmm2,%xmm1	# round 4
1525f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x08
1535f270659SKonstantin Belousov	call	_key_expansion_256a
1545f270659SKonstantin Belousov//	aeskeygenassist $0x8,%xmm0,%xmm1
1555f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x08
1565f270659SKonstantin Belousov	call	_key_expansion_256b
1575f270659SKonstantin Belousov//	aeskeygenassist $0x10,%xmm2,%xmm1	# round 5
1585f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x10
1595f270659SKonstantin Belousov	call	_key_expansion_256a
1605f270659SKonstantin Belousov//	aeskeygenassist $0x10,%xmm0,%xmm1
1615f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x10
1625f270659SKonstantin Belousov	call	_key_expansion_256b
1635f270659SKonstantin Belousov//	aeskeygenassist $0x20,%xmm2,%xmm1	# round 6
1645f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
1655f270659SKonstantin Belousov	call	_key_expansion_256a
1665f270659SKonstantin Belousov//	aeskeygenassist $0x20,%xmm0,%xmm1
1675f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
1685f270659SKonstantin Belousov	call	_key_expansion_256b
1695f270659SKonstantin Belousov//	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
1705f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
1715f270659SKonstantin Belousov	call	_key_expansion_256a
1725f270659SKonstantin Belousov	.cfi_adjust_cfa_offset -4
1735f270659SKonstantin Belousov	leave
1745f270659SKonstantin Belousov	retl
1755f270659SKonstantin Belousov.Lenc_key192:
1765f270659SKonstantin Belousov	movq	0x10(%ecx),%xmm2		# other user key
1775f270659SKonstantin Belousov//	aeskeygenassist $0x1,%xmm2,%xmm1	# round 1
1785f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x01
1795f270659SKonstantin Belousov	call	_key_expansion_192a
1805f270659SKonstantin Belousov//	aeskeygenassist $0x2,%xmm2,%xmm1	# round 2
1815f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x02
1825f270659SKonstantin Belousov	call	_key_expansion_192b
1835f270659SKonstantin Belousov//	aeskeygenassist $0x4,%xmm2,%xmm1	# round 3
1845f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x04
1855f270659SKonstantin Belousov	call	_key_expansion_192a
1865f270659SKonstantin Belousov//	aeskeygenassist $0x8,%xmm2,%xmm1	# round 4
1875f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x08
1885f270659SKonstantin Belousov	call	_key_expansion_192b
1895f270659SKonstantin Belousov//	aeskeygenassist $0x10,%xmm2,%xmm1	# round 5
1905f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x10
1915f270659SKonstantin Belousov	call	_key_expansion_192a
1925f270659SKonstantin Belousov//	aeskeygenassist $0x20,%xmm2,%xmm1	# round 6
1935f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x20
1945f270659SKonstantin Belousov	call	_key_expansion_192b
1955f270659SKonstantin Belousov//	aeskeygenassist $0x40,%xmm2,%xmm1	# round 7
1965f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x40
1975f270659SKonstantin Belousov	call	_key_expansion_192a
1985f270659SKonstantin Belousov//	aeskeygenassist $0x80,%xmm2,%xmm1	# round 8
1995f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xca,0x80
2005f270659SKonstantin Belousov	call	_key_expansion_192b
2015f270659SKonstantin Belousov	leave
2025f270659SKonstantin Belousov	.cfi_adjust_cfa_offset -4
2035f270659SKonstantin Belousov	retl
2045f270659SKonstantin Belousov.Lenc_key128:
2055f270659SKonstantin Belousov//	aeskeygenassist $0x1,%xmm0,%xmm1	# round 1
2065f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x01
2075f270659SKonstantin Belousov	call	_key_expansion_128
2085f270659SKonstantin Belousov//	aeskeygenassist $0x2,%xmm0,%xmm1	# round 2
2095f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x02
2105f270659SKonstantin Belousov	call	_key_expansion_128
2115f270659SKonstantin Belousov//	aeskeygenassist $0x4,%xmm0,%xmm1	# round 3
2125f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x04
2135f270659SKonstantin Belousov	call	_key_expansion_128
2145f270659SKonstantin Belousov//	aeskeygenassist $0x8,%xmm0,%xmm1	# round 4
2155f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x08
2165f270659SKonstantin Belousov	call	_key_expansion_128
2175f270659SKonstantin Belousov//	aeskeygenassist $0x10,%xmm0,%xmm1	# round 5
2185f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x10
2195f270659SKonstantin Belousov	call	_key_expansion_128
2205f270659SKonstantin Belousov//	aeskeygenassist $0x20,%xmm0,%xmm1	# round 6
2215f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x20
2225f270659SKonstantin Belousov	call	_key_expansion_128
2235f270659SKonstantin Belousov//	aeskeygenassist $0x40,%xmm0,%xmm1	# round 7
2245f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x40
2255f270659SKonstantin Belousov	call	_key_expansion_128
2265f270659SKonstantin Belousov//	aeskeygenassist $0x80,%xmm0,%xmm1	# round 8
2275f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x80
2285f270659SKonstantin Belousov	call	_key_expansion_128
2295f270659SKonstantin Belousov//	aeskeygenassist $0x1b,%xmm0,%xmm1	# round 9
2305f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x1b
2315f270659SKonstantin Belousov	call	_key_expansion_128
2325f270659SKonstantin Belousov//	aeskeygenassist $0x36,%xmm0,%xmm1	# round 10
2335f270659SKonstantin Belousov	.byte	0x66,0x0f,0x3a,0xdf,0xc8,0x36
2345f270659SKonstantin Belousov	call	_key_expansion_128
2355f270659SKonstantin Belousov	leave
2365f270659SKonstantin Belousov	.cfi_adjust_cfa_offset -4
2375f270659SKonstantin Belousov	retl
2385f270659SKonstantin Belousov	.cfi_endproc
2395f270659SKonstantin BelousovEND(aesni_set_enckey)
2405f270659SKonstantin Belousov
2415f270659SKonstantin BelousovENTRY(aesni_set_deckey)
2425f270659SKonstantin Belousov	.cfi_startproc
2435f270659SKonstantin Belousov	pushl	%ebp
2445f270659SKonstantin Belousov	.cfi_adjust_cfa_offset 4
2455f270659SKonstantin Belousov	movl	%esp,%ebp
2465f270659SKonstantin Belousov	movl	16(%ebp),%eax	/* rounds */
2475f270659SKonstantin Belousov	movl	%eax,%ecx
2485f270659SKonstantin Belousov	shll	$4,%ecx
2495f270659SKonstantin Belousov	addl	8(%ebp),%ecx	/* encrypt_schedule last quad */
2505f270659SKonstantin Belousov	movl	12(%ebp),%edx	/* decrypt_schedule */
2515f270659SKonstantin Belousov	movdqa	(%ecx),%xmm0
2525f270659SKonstantin Belousov	movdqa	%xmm0,(%edx)
2535f270659SKonstantin Belousov	decl	%eax
2545f270659SKonstantin Belousov1:
2555f270659SKonstantin Belousov	addl	$0x10,%edx
2565f270659SKonstantin Belousov	subl	$0x10,%ecx
2575f270659SKonstantin Belousov//	aesimc	(%ecx),%xmm1
2585f270659SKonstantin Belousov	.byte	0x66,0x0f,0x38,0xdb,0x09
2595f270659SKonstantin Belousov	movdqa	%xmm1,(%edx)
2605f270659SKonstantin Belousov	decl	%eax
2615f270659SKonstantin Belousov	jne	1b
2625f270659SKonstantin Belousov
2635f270659SKonstantin Belousov	addl	$0x10,%edx
2645f270659SKonstantin Belousov	subl	$0x10,%ecx
2655f270659SKonstantin Belousov	movdqa	(%ecx),%xmm0
2665f270659SKonstantin Belousov	movdqa	%xmm0,(%edx)
2675f270659SKonstantin Belousov	leave
2685f270659SKonstantin Belousov	.cfi_adjust_cfa_offset -4
2695f270659SKonstantin Belousov	retl
2705f270659SKonstantin Belousov	.cfi_endproc
2715f270659SKonstantin BelousovEND(aesni_set_deckey)
2725f270659SKonstantin Belousov
2735f270659SKonstantin Belousov	.ident	"$FreeBSD$"
274