www.gitorious.org Git - gnutls:gnutls.git/blob - lib/accelerated/x86/aes-x86.c

1 /*

3 *

4 * Author: Nikos Mavrogiannopoulos

5 *

6 * This file is part of GnuTLS.

7 *

8 * The GnuTLS is free software; you can redistribute it and/or

9 * modify it under the terms of the GNU Lesser General Public License

10 * as published by the Free Software Foundation; either version 2.1 of

11 * the License, or (at your option) any later version.

12 *

13 * This library is distributed in the hope that it will be useful, but

14 * WITHOUT ANY WARRANTY; without even the implied warranty of

15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

16 * Lesser General Public License for more details.

17 *

18 * You should have received a copy of the GNU Lesser General Public License

19 * along with this program. If not, see <http://www.gnu.org/licenses/>

20 *

21 */

23 /*

24 * The following code is an implementation of the AES-128-CBC cipher

25 * using intel's AES instruction set.

26 */

28 #include <gnutls_errors.h>

29 #include <gnutls_int.h>

30 #include <gnutls/crypto.h>

31 #include <gnutls_errors.h>

32 #include <aes-x86.h>

33 #include <sha-x86.h>

34 #include <x86.h>

36 struct aes_ctx {

37 AES_KEY expanded_key;

38 uint8_t iv[16];

39 int enc;

40 };

42 unsigned int _gnutls_x86_cpuid_s[4];

44 static int

45 aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)

46 {

47 /* we use key size to distinguish */

48 if (algorithm != GNUTLS_CIPHER_AES_128_CBC

49 && algorithm != GNUTLS_CIPHER_AES_192_CBC

50 && algorithm != GNUTLS_CIPHER_AES_256_CBC)

51 return GNUTLS_E_INVALID_REQUEST;

53 *_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));

54 if (*_ctx == NULL) {

55 gnutls_assert();

56 return GNUTLS_E_MEMORY_ERROR;

57 }

59 ((struct aes_ctx *) (*_ctx))->enc = enc;

61 return 0;

62 }

64 static int

65 aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)

66 {

67 struct aes_ctx *ctx = _ctx;

68 int ret;

70 if (ctx->enc)

71 ret =

72 aesni_set_encrypt_key(userkey, keysize * 8,

73 ALIGN16(&ctx->expanded_key));

74 else

75 ret =

76 aesni_set_decrypt_key(userkey, keysize * 8,

77 ALIGN16(&ctx->expanded_key));

79 if (ret != 0)

80 return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);

82 return 0;

83 }

85 static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)

86 {

87 struct aes_ctx *ctx = _ctx;

89 memcpy(ctx->iv, iv, 16);

90 return 0;

91 }

93 static int

94 aes_encrypt(void *_ctx, const void *src, size_t src_size,

95 void *dst, size_t dst_size)

96 {

97 struct aes_ctx *ctx = _ctx;

99 aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),

100 ctx->iv, 1);

101 return 0;

102 }

103

104 static int

105 aes_decrypt(void *_ctx, const void *src, size_t src_size,

106 void *dst, size_t dst_size)

107 {

108 struct aes_ctx *ctx = _ctx;

109

110 aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),

111 ctx->iv, 0);

112

113 return 0;

114 }

115

116 static void aes_deinit(void *_ctx)

117 {

118 gnutls_free(_ctx);

119 }

120

121 static const gnutls_crypto_cipher_st cipher_struct = {

122 .init = aes_cipher_init,

123 .setkey = aes_cipher_setkey,

124 .setiv = aes_setiv,

125 .encrypt = aes_encrypt,

126 .decrypt = aes_decrypt,

127 .deinit = aes_deinit,

128 };

129

130 static unsigned check_optimized_aes(void)

131 {

132 return (_gnutls_x86_cpuid_s[2] & 0x2000000);

133 }

134

135 static unsigned check_ssse3(void)

136 {

137 return (_gnutls_x86_cpuid_s[2] & 0x0000200);

138 }

139

140 #ifdef ASM_X86_64

141 static unsigned check_pclmul(void)

142 {

143 return (_gnutls_x86_cpuid_s[2] & 0x2);

144 }

145 #endif

146

147 static unsigned check_intel_or_amd(void)

148 {

149 unsigned int a, b, c, d;

150 gnutls_cpuid(0, &a, &b, &c, &d);

151

152 if ((memcmp(&b, "Genu", 4) == 0 &&

153 memcmp(&d, "ineI", 4) == 0 &&

154 memcmp(&c, "ntel", 4) == 0) ||

155 (memcmp(&b, "Auth", 4) == 0 &&

156 memcmp(&d, "enti", 4) == 0 && memcmp(&c, "cAMD", 4) == 0)) {

157 return 1;

158 }

159

160 return 0;

161 }

162

163 void register_x86_crypto(void)

164 {

165 int ret;

166

167 if (check_intel_or_amd() == 0)

168 return;

169

170 gnutls_cpuid(1, &_gnutls_x86_cpuid_s[0], &_gnutls_x86_cpuid_s[1],

171 &_gnutls_x86_cpuid_s[2], &_gnutls_x86_cpuid_s[3]);

172

173 if (check_ssse3()) {

174 _gnutls_debug_log("Intel SSSE3 was detected\n");

175

176 ret =

177 gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,

178 80,

179 &sha_x86_struct);

180 if (ret < 0) {

181 gnutls_assert();

182 }

183

184 ret =

185 gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,

186 80,

187 &sha_x86_struct);

188 if (ret < 0) {

189 gnutls_assert();

190 }

191

192 ret =

193 gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,

194 80,

195 &sha_x86_struct);

196 if (ret < 0) {

197 gnutls_assert();

198 }

199

200

201 ret =

202 gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA1,

203 80,

204 &hmac_sha_x86_struct);

205 if (ret < 0)

206 gnutls_assert();

207

208 ret =

209 gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA224,

210 80,

211 &hmac_sha_x86_struct);

212 if (ret < 0)

213 gnutls_assert();

214

215 ret =

216 gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA256,

217 80,

218 &hmac_sha_x86_struct);

219 if (ret < 0)

220 gnutls_assert();

221

222 #ifdef ENABLE_SHA512

223 ret =

224 gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,

225 80,

226 &sha_x86_struct);

227 if (ret < 0)

228 gnutls_assert();

229

230 ret =

231 gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,

232 80,

233 &sha_x86_struct);

234 if (ret < 0)

235 gnutls_assert();

236 ret =

237 gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA384,

238 80,

239 &hmac_sha_x86_struct);

240 if (ret < 0)

241 gnutls_assert();

242

243 ret =

244 gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA512,

245 80,

246 &hmac_sha_x86_struct);

247 if (ret < 0)

248 gnutls_assert();

249 #endif

250 }

251

252 if (check_optimized_aes()) {

253 _gnutls_debug_log("Intel AES accelerator was detected\n");

254 ret =

255 gnutls_crypto_single_cipher_register

256 (GNUTLS_CIPHER_AES_128_CBC, 80, &cipher_struct);

257 if (ret < 0) {

258 gnutls_assert();

259 }

260

261 ret =

262 gnutls_crypto_single_cipher_register

263 (GNUTLS_CIPHER_AES_192_CBC, 80, &cipher_struct);

264 if (ret < 0) {

265 gnutls_assert();

266 }

267

268 ret =

269 gnutls_crypto_single_cipher_register

270 (GNUTLS_CIPHER_AES_256_CBC, 80, &cipher_struct);

271 if (ret < 0) {

272 gnutls_assert();

273 }

274 #ifdef ASM_X86_64

275 if (check_pclmul()) {

276 /* register GCM ciphers */

277 _gnutls_debug_log

278 ("Intel GCM accelerator was detected\n");

279 ret =

280 gnutls_crypto_single_cipher_register

281 (GNUTLS_CIPHER_AES_128_GCM, 80,

282 &aes_gcm_struct);

283 if (ret < 0) {

284 gnutls_assert();

285 }

286

287 ret =

288 gnutls_crypto_single_cipher_register

289 (GNUTLS_CIPHER_AES_256_GCM, 80,

290 &aes_gcm_struct);

291 if (ret < 0) {

292 gnutls_assert();

293 }

294 }

295 #endif

296 }

297

298 /* convert _gnutls_x86_cpuid_s the way openssl asm expects it */

299 _gnutls_x86_cpuid_s[1] = _gnutls_x86_cpuid_s[2];

300

301 return;

302 }