[thirdparty/openssl.git] / providers / implementations / ciphers / cipher_aes_xts_hw.c

/*
 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*
 * This file uses the low level AES functions (which are deprecated for
 * non-internal use) in order to implement provider AES ciphers.
 */
#include "internal/deprecated.h"

#include "cipher_aes_xts.h"

#define XTS_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key,                         \
                       fn_block_enc, fn_block_dec,                             \
                       fn_stream_enc, fn_stream_dec) {                         \
    size_t bytes = keylen / 2;                                                 \
    size_t bits = bytes * 8;                                                   \
                                                                               \
    if (ctx->enc) {                                                            \
        fn_set_enc_key(key, bits, &xctx->ks1.ks);                              \
        xctx->xts.block1 = (block128_f)fn_block_enc;                           \
    } else {                                                                   \
        fn_set_dec_key(key, bits, &xctx->ks1.ks);                              \
        xctx->xts.block1 = (block128_f)fn_block_dec;                           \
    }                                                                          \
    fn_set_enc_key(key + bytes, bits, &xctx->ks2.ks);                          \
    xctx->xts.block2 = (block128_f)fn_block_enc;                               \
    xctx->xts.key1 = &xctx->ks1;                                               \
    xctx->xts.key2 = &xctx->ks2;                                               \
    xctx->stream = ctx->enc ? fn_stream_enc : fn_stream_dec;                   \
}

static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx,
                                             const unsigned char *key,
                                             size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;
    OSSL_xts_stream_fn stream_enc = NULL;
    OSSL_xts_stream_fn stream_dec = NULL;

#ifdef AES_XTS_ASM
    stream_enc = AES_xts_encrypt;
    stream_dec = AES_xts_decrypt;
#endif /* AES_XTS_ASM */

#ifdef HWAES_CAPABLE
    if (HWAES_CAPABLE) {
# ifdef HWAES_xts_encrypt
        stream_enc = HWAES_xts_encrypt;
# endif /* HWAES_xts_encrypt */
# ifdef HWAES_xts_decrypt
        stream_dec = HWAES_xts_decrypt;
# endif /* HWAES_xts_decrypt */
        XTS_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key,
                       HWAES_encrypt, HWAES_decrypt,
                       stream_enc, stream_dec);
        return 1;
    } else
#endif /* HWAES_CAPABLE */

#ifdef BSAES_CAPABLE
    if (BSAES_CAPABLE) {
        stream_enc = ossl_bsaes_xts_encrypt;
        stream_dec = ossl_bsaes_xts_decrypt;
    } else
#endif /* BSAES_CAPABLE */
#ifdef VPAES_CAPABLE
    if (VPAES_CAPABLE) {
        XTS_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key,
                       vpaes_encrypt, vpaes_decrypt, stream_enc, stream_dec);
        return 1;
    } else
#endif /* VPAES_CAPABLE */
    {
        (void)0;
    }
    {
        XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key,
                       AES_encrypt, AES_decrypt, stream_enc, stream_dec);
    }
    return 1;
}

static void cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst,
                                      const PROV_CIPHER_CTX *src)
{
    PROV_AES_XTS_CTX *sctx = (PROV_AES_XTS_CTX *)src;
    PROV_AES_XTS_CTX *dctx = (PROV_AES_XTS_CTX *)dst;

    *dctx = *sctx;
    dctx->xts.key1 = &dctx->ks1.ks;
    dctx->xts.key2 = &dctx->ks2.ks;
}

#if defined(AESNI_CAPABLE)

static int cipher_hw_aesni_xts_initkey(PROV_CIPHER_CTX *ctx,
                                       const unsigned char *key, size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;

    XTS_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key,
                   aesni_encrypt, aesni_decrypt,
                   aesni_xts_encrypt, aesni_xts_decrypt);
    return 1;
}

# define PROV_CIPHER_HW_declare_xts()                                          \
static const PROV_CIPHER_HW aesni_xts = {                                      \
    cipher_hw_aesni_xts_initkey,                                               \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};
# define PROV_CIPHER_HW_select_xts()                                           \
if (AESNI_CAPABLE)                                                             \
    return &aesni_xts;

# elif defined(SPARC_AES_CAPABLE)

static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx,
                                        const unsigned char *key, size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;
    OSSL_xts_stream_fn stream_enc = NULL;
    OSSL_xts_stream_fn stream_dec = NULL;

    /* Note: keylen is the size of 2 keys */
    switch (keylen) {
    case 32:
        stream_enc = aes128_t4_xts_encrypt;
        stream_dec = aes128_t4_xts_decrypt;
        break;
    case 64:
        stream_enc = aes256_t4_xts_encrypt;
        stream_dec = aes256_t4_xts_decrypt;
        break;
    default:
        return 0;
    }

    XTS_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key,
                   aes_t4_encrypt, aes_t4_decrypt,
                   stream_enc, stream_dec);
    return 1;
}

# define PROV_CIPHER_HW_declare_xts()                                          \
static const PROV_CIPHER_HW aes_xts_t4 = {                                     \
    cipher_hw_aes_xts_t4_initkey,                                              \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};
# define PROV_CIPHER_HW_select_xts()                                           \
if (SPARC_AES_CAPABLE)                                                         \
    return &aes_xts_t4;

#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64

static int cipher_hw_aes_xts_rv64i_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
                                                     const unsigned char *key,
                                                     size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;
    OSSL_xts_stream_fn stream_enc = NULL;
    OSSL_xts_stream_fn stream_dec = NULL;

    XTS_SET_KEY_FN(rv64i_zkne_set_encrypt_key, rv64i_zknd_set_decrypt_key,
                   rv64i_zkne_encrypt, rv64i_zknd_decrypt,
                   stream_enc, stream_dec);
    return 1;
}

static int cipher_hw_aes_xts_rv64i_zvbb_zvkg_zvkned_initkey(
    PROV_CIPHER_CTX *ctx, const unsigned char *key, size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;
    OSSL_xts_stream_fn stream_enc = NULL;
    OSSL_xts_stream_fn stream_dec = NULL;

    /* Zvkned only supports 128 and 256 bit keys. */
    if (keylen * 8 == 128 * 2 || keylen * 8 == 256 * 2) {
        XTS_SET_KEY_FN(rv64i_zvkned_set_encrypt_key,
                       rv64i_zvkned_set_decrypt_key, rv64i_zvkned_encrypt,
                       rv64i_zvkned_decrypt,
                       rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt,
                       rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt);
    } else {
        XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_encrypt_key,
                       rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
                       stream_enc, stream_dec);
    }
    return 1;
}

static int cipher_hw_aes_xts_rv64i_zvkned_initkey(PROV_CIPHER_CTX *ctx,
                                                  const unsigned char *key,
                                                  size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;
    OSSL_xts_stream_fn stream_enc = NULL;
    OSSL_xts_stream_fn stream_dec = NULL;

    /* Zvkned only supports 128 and 256 bit keys. */
    if (keylen * 8 == 128 * 2 || keylen * 8 == 256 * 2) {
        XTS_SET_KEY_FN(rv64i_zvkned_set_encrypt_key,
                       rv64i_zvkned_set_decrypt_key,
                       rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
                       stream_enc, stream_dec);
    } else {
        XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_encrypt_key,
                       rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
                       stream_enc, stream_dec);
    }
    return 1;
}

# define PROV_CIPHER_HW_declare_xts()                                          \
static const PROV_CIPHER_HW aes_xts_rv64i_zknd_zkne = {                        \
    cipher_hw_aes_xts_rv64i_zknd_zkne_initkey,                                 \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};                                                                             \
static const PROV_CIPHER_HW aes_xts_rv64i_zvkned = {                           \
    cipher_hw_aes_xts_rv64i_zvkned_initkey,                                    \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};                                                                             \
static const PROV_CIPHER_HW aes_xts_rv64i_zvbb_zvkg_zvkned = {                 \
    cipher_hw_aes_xts_rv64i_zvbb_zvkg_zvkned_initkey,                          \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};

# define PROV_CIPHER_HW_select_xts()                                           \
if (RISCV_HAS_ZVBB() && RISCV_HAS_ZVKG() && RISCV_HAS_ZVKNED() &&              \
    riscv_vlen() >= 128)                                                       \
    return &aes_xts_rv64i_zvbb_zvkg_zvkned;                                    \
if (RISCV_HAS_ZVKNED() && riscv_vlen() >= 128)                                 \
    return &aes_xts_rv64i_zvkned;                                              \
else if (RISCV_HAS_ZKND_AND_ZKNE())                                            \
    return &aes_xts_rv64i_zknd_zkne;

#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32

static int cipher_hw_aes_xts_rv32i_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
                                                     const unsigned char *key,
                                                     size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;

    XTS_SET_KEY_FN(rv32i_zkne_set_encrypt_key, rv32i_zknd_zkne_set_decrypt_key,
                   rv32i_zkne_encrypt, rv32i_zknd_decrypt,
                   NULL, NULL);
    return 1;
}

static int cipher_hw_aes_xts_rv32i_zbkb_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
                                                         const unsigned char *key,
                                                         size_t keylen)
{
    PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx;

    XTS_SET_KEY_FN(rv32i_zbkb_zkne_set_encrypt_key, rv32i_zbkb_zknd_zkne_set_decrypt_key,
                   rv32i_zkne_encrypt, rv32i_zknd_decrypt,
                   NULL, NULL);
    return 1;
}

# define PROV_CIPHER_HW_declare_xts()                                          \
static const PROV_CIPHER_HW aes_xts_rv32i_zknd_zkne = {                        \
    cipher_hw_aes_xts_rv32i_zknd_zkne_initkey,                                 \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};                                                                             \
static const PROV_CIPHER_HW aes_xts_rv32i_zbkb_zknd_zkne = {                   \
    cipher_hw_aes_xts_rv32i_zbkb_zknd_zkne_initkey,                            \
    NULL,                                                                      \
    cipher_hw_aes_xts_copyctx                                                  \
};
# define PROV_CIPHER_HW_select_xts()                                           \
if (RISCV_HAS_ZBKB_AND_ZKND_AND_ZKNE())                                        \
    return &aes_xts_rv32i_zbkb_zknd_zkne;                                      \
if (RISCV_HAS_ZKND_AND_ZKNE())                                                 \
    return &aes_xts_rv32i_zknd_zkne;
# else
/* The generic case */
# define PROV_CIPHER_HW_declare_xts()
# define PROV_CIPHER_HW_select_xts()
#endif

static const PROV_CIPHER_HW aes_generic_xts = {
    cipher_hw_aes_xts_generic_initkey,
    NULL,
    cipher_hw_aes_xts_copyctx
};
PROV_CIPHER_HW_declare_xts()
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits)
{
    PROV_CIPHER_HW_select_xts()
    return &aes_generic_xts;
}
Commit	Line	Data
3a9f26f3	1	/*
b6461792	2	* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3a9f26f3 SL	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
c72fa255 MC	10	/*
	11	* This file uses the low level AES functions (which are deprecated for
	12	* non-internal use) in order to implement provider AES ciphers.
	13	*/
	14	#include "internal/deprecated.h"
	15
3a9f26f3 SL	16	#include "cipher_aes_xts.h"
	17
	18	#define XTS_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \
	19	fn_block_enc, fn_block_dec, \
	20	fn_stream_enc, fn_stream_dec) { \
	21	size_t bytes = keylen / 2; \
	22	size_t bits = bytes * 8; \
	23	\
	24	if (ctx->enc) { \
	25	fn_set_enc_key(key, bits, &xctx->ks1.ks); \
	26	xctx->xts.block1 = (block128_f)fn_block_enc; \
	27	} else { \
	28	fn_set_dec_key(key, bits, &xctx->ks1.ks); \
	29	xctx->xts.block1 = (block128_f)fn_block_dec; \
	30	} \
	31	fn_set_enc_key(key + bytes, bits, &xctx->ks2.ks); \
	32	xctx->xts.block2 = (block128_f)fn_block_enc; \
	33	xctx->xts.key1 = &xctx->ks1; \
	34	xctx->xts.key2 = &xctx->ks2; \
	35	xctx->stream = ctx->enc ? fn_stream_enc : fn_stream_dec; \
	36	}
	37
	38	static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx,
	39	const unsigned char *key,
	40	size_t keylen)
	41	{
	42	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	43	OSSL_xts_stream_fn stream_enc = NULL;
	44	OSSL_xts_stream_fn stream_dec = NULL;
	45
	46	#ifdef AES_XTS_ASM
	47	stream_enc = AES_xts_encrypt;
	48	stream_dec = AES_xts_decrypt;
	49	#endif /* AES_XTS_ASM */
	50
	51	#ifdef HWAES_CAPABLE
	52	if (HWAES_CAPABLE) {
	53	# ifdef HWAES_xts_encrypt
	54	stream_enc = HWAES_xts_encrypt;
	55	# endif /* HWAES_xts_encrypt */
	56	# ifdef HWAES_xts_decrypt
	57	stream_dec = HWAES_xts_decrypt;
	58	# endif /* HWAES_xts_decrypt */
	59	XTS_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key,
	60	HWAES_encrypt, HWAES_decrypt,
	61	stream_enc, stream_dec);
ec5059c3	62	return 1;
3a9f26f3 SL	63	} else
	64	#endif /* HWAES_CAPABLE */
	65
	66	#ifdef BSAES_CAPABLE
	67	if (BSAES_CAPABLE) {
3675334e P	68	stream_enc = ossl_bsaes_xts_encrypt;
3675334e P	69	stream_dec = ossl_bsaes_xts_decrypt;
4b51903d	70	} else
3a9f26f3	71	#endif /* BSAES_CAPABLE */
3a9f26f3 SL	72	#ifdef VPAES_CAPABLE
	73	if (VPAES_CAPABLE) {
	74	XTS_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key,
	75	vpaes_encrypt, vpaes_decrypt, stream_enc, stream_dec);
4b51903d	76	return 1;
3a9f26f3 SL	77	} else
3a9f26f3 SL	78	#endif /* VPAES_CAPABLE */
4b51903d SL	79	{
	80	(void)0;
	81	}
3a9f26f3 SL	82	{
	83	XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key,
	84	AES_encrypt, AES_decrypt, stream_enc, stream_dec);
	85	}
	86	return 1;
	87	}
	88
f75abcc0 SL	89	static void cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst,
	90	const PROV_CIPHER_CTX *src)
	91	{
	92	PROV_AES_XTS_CTX sctx = (PROV_AES_XTS_CTX )src;
	93	PROV_AES_XTS_CTX dctx = (PROV_AES_XTS_CTX )dst;
	94
	95	dctx = sctx;
	96	dctx->xts.key1 = &dctx->ks1.ks;
	97	dctx->xts.key2 = &dctx->ks2.ks;
	98	}
	99
3a9f26f3 SL	100	#if defined(AESNI_CAPABLE)
	101
	102	static int cipher_hw_aesni_xts_initkey(PROV_CIPHER_CTX *ctx,
	103	const unsigned char *key, size_t keylen)
	104	{
	105	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	106
	107	XTS_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key,
f407a9a9	108	aesni_encrypt, aesni_decrypt,
3a9f26f3 SL	109	aesni_xts_encrypt, aesni_xts_decrypt);
	110	return 1;
	111	}
	112
	113	# define PROV_CIPHER_HW_declare_xts() \
	114	static const PROV_CIPHER_HW aesni_xts = { \
	115	cipher_hw_aesni_xts_initkey, \
f75abcc0 SL	116	NULL, \
f75abcc0 SL	117	cipher_hw_aes_xts_copyctx \
3a9f26f3 SL	118	};
	119	# define PROV_CIPHER_HW_select_xts() \
	120	if (AESNI_CAPABLE) \
	121	return &aesni_xts;
	122
	123	# elif defined(SPARC_AES_CAPABLE)
	124
	125	static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx,
	126	const unsigned char *key, size_t keylen)
	127	{
	128	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	129	OSSL_xts_stream_fn stream_enc = NULL;
	130	OSSL_xts_stream_fn stream_dec = NULL;
	131
	132	/* Note: keylen is the size of 2 keys */
	133	switch (keylen) {
	134	case 32:
	135	stream_enc = aes128_t4_xts_encrypt;
	136	stream_dec = aes128_t4_xts_decrypt;
	137	break;
	138	case 64:
	139	stream_enc = aes256_t4_xts_encrypt;
	140	stream_dec = aes256_t4_xts_decrypt;
	141	break;
	142	default:
	143	return 0;
	144	}
	145
	146	XTS_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key,
	147	aes_t4_encrypt, aes_t4_decrypt,
	148	stream_enc, stream_dec);
	149	return 1;
	150	}
	151
	152	# define PROV_CIPHER_HW_declare_xts() \
	153	static const PROV_CIPHER_HW aes_xts_t4 = { \
	154	cipher_hw_aes_xts_t4_initkey, \
f75abcc0 SL	155	NULL, \
f75abcc0 SL	156	cipher_hw_aes_xts_copyctx \
3a9f26f3 SL	157	};
	158	# define PROV_CIPHER_HW_select_xts() \
	159	if (SPARC_AES_CAPABLE) \
	160	return &aes_xts_t4;
86c69fe8	161
347f05e8	162	#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
ee11118d HZZ	163
	164	static int cipher_hw_aes_xts_rv64i_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
	165	const unsigned char *key,
	166	size_t keylen)
	167	{
	168	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	169	OSSL_xts_stream_fn stream_enc = NULL;
	170	OSSL_xts_stream_fn stream_dec = NULL;
	171
	172	XTS_SET_KEY_FN(rv64i_zkne_set_encrypt_key, rv64i_zknd_set_decrypt_key,
	173	rv64i_zkne_encrypt, rv64i_zknd_decrypt,
	174	stream_enc, stream_dec);
	175	return 1;
	176	}
	177
3e56c0ef JS	178	static int cipher_hw_aes_xts_rv64i_zvbb_zvkg_zvkned_initkey(
	179	PROV_CIPHER_CTX ctx, const unsigned char key, size_t keylen)
	180	{
	181	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	182	OSSL_xts_stream_fn stream_enc = NULL;
	183	OSSL_xts_stream_fn stream_dec = NULL;
	184
	185	/* Zvkned only supports 128 and 256 bit keys. */
	186	if (keylen * 8 == 128 * 2 \|\| keylen * 8 == 256 * 2) {
	187	XTS_SET_KEY_FN(rv64i_zvkned_set_encrypt_key,
	188	rv64i_zvkned_set_decrypt_key, rv64i_zvkned_encrypt,
	189	rv64i_zvkned_decrypt,
	190	rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt,
	191	rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt);
	192	} else {
	193	XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_encrypt_key,
	194	rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
	195	stream_enc, stream_dec);
	196	}
	197	return 1;
	198	}
	199
f6631e38	200	static int cipher_hw_aes_xts_rv64i_zvkned_initkey(PROV_CIPHER_CTX *ctx,
3e56c0ef JS	201	const unsigned char *key,
3e56c0ef JS	202	size_t keylen)
f6631e38 CM	203	{
	204	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	205	OSSL_xts_stream_fn stream_enc = NULL;
	206	OSSL_xts_stream_fn stream_dec = NULL;
	207
	208	/* Zvkned only supports 128 and 256 bit keys. */
a5871e95	209	if (keylen * 8 == 128 * 2 \|\| keylen * 8 == 256 * 2) {
f6631e38 CM	210	XTS_SET_KEY_FN(rv64i_zvkned_set_encrypt_key,
	211	rv64i_zvkned_set_decrypt_key,
	212	rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
	213	stream_enc, stream_dec);
	214	} else {
94474e02 AB	215	XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_encrypt_key,
94474e02 AB	216	rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
f6631e38 CM	217	stream_enc, stream_dec);
	218	}
	219	return 1;
	220	}
	221
ee11118d HZZ	222	# define PROV_CIPHER_HW_declare_xts() \
	223	static const PROV_CIPHER_HW aes_xts_rv64i_zknd_zkne = { \
	224	cipher_hw_aes_xts_rv64i_zknd_zkne_initkey, \
	225	NULL, \
	226	cipher_hw_aes_xts_copyctx \
a5871e95	227	}; \
f6631e38 CM	228	static const PROV_CIPHER_HW aes_xts_rv64i_zvkned = { \
	229	cipher_hw_aes_xts_rv64i_zvkned_initkey, \
	230	NULL, \
	231	cipher_hw_aes_xts_copyctx \
3e56c0ef JS	232	}; \
	233	static const PROV_CIPHER_HW aes_xts_rv64i_zvbb_zvkg_zvkned = { \
	234	cipher_hw_aes_xts_rv64i_zvbb_zvkg_zvkned_initkey, \
	235	NULL, \
	236	cipher_hw_aes_xts_copyctx \
f6631e38 CM	237	};
f6631e38 CM	238
ee11118d	239	# define PROV_CIPHER_HW_select_xts() \
3e56c0ef JS	240	if (RISCV_HAS_ZVBB() && RISCV_HAS_ZVKG() && RISCV_HAS_ZVKNED() && \
	241	riscv_vlen() >= 128) \
	242	return &aes_xts_rv64i_zvbb_zvkg_zvkned; \
f6631e38 CM	243	if (RISCV_HAS_ZVKNED() && riscv_vlen() >= 128) \
	244	return &aes_xts_rv64i_zvkned; \
	245	else if (RISCV_HAS_ZKND_AND_ZKNE()) \
3e56c0ef	246	return &aes_xts_rv64i_zknd_zkne;
86c69fe8	247
347f05e8	248	#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
5ccee69b HZZ	249
	250	static int cipher_hw_aes_xts_rv32i_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
	251	const unsigned char *key,
	252	size_t keylen)
	253	{
	254	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	255
	256	XTS_SET_KEY_FN(rv32i_zkne_set_encrypt_key, rv32i_zknd_zkne_set_decrypt_key,
	257	rv32i_zkne_encrypt, rv32i_zknd_decrypt,
	258	NULL, NULL);
	259	return 1;
	260	}
	261
	262	static int cipher_hw_aes_xts_rv32i_zbkb_zknd_zkne_initkey(PROV_CIPHER_CTX *ctx,
	263	const unsigned char *key,
	264	size_t keylen)
	265	{
	266	PROV_AES_XTS_CTX xctx = (PROV_AES_XTS_CTX )ctx;
	267
	268	XTS_SET_KEY_FN(rv32i_zbkb_zkne_set_encrypt_key, rv32i_zbkb_zknd_zkne_set_decrypt_key,
	269	rv32i_zkne_encrypt, rv32i_zknd_decrypt,
	270	NULL, NULL);
	271	return 1;
	272	}
	273
	274	# define PROV_CIPHER_HW_declare_xts() \
	275	static const PROV_CIPHER_HW aes_xts_rv32i_zknd_zkne = { \
	276	cipher_hw_aes_xts_rv32i_zknd_zkne_initkey, \
	277	NULL, \
	278	cipher_hw_aes_xts_copyctx \
	279	}; \
	280	static const PROV_CIPHER_HW aes_xts_rv32i_zbkb_zknd_zkne = { \
	281	cipher_hw_aes_xts_rv32i_zbkb_zknd_zkne_initkey, \
	282	NULL, \
	283	cipher_hw_aes_xts_copyctx \
	284	};
	285	# define PROV_CIPHER_HW_select_xts() \
86c69fe8	286	if (RISCV_HAS_ZBKB_AND_ZKND_AND_ZKNE()) \
5ccee69b	287	return &aes_xts_rv32i_zbkb_zknd_zkne; \
d8fa4cf7	288	if (RISCV_HAS_ZKND_AND_ZKNE()) \
5ccee69b	289	return &aes_xts_rv32i_zknd_zkne;
3a9f26f3 SL	290	# else
	291	/* The generic case */
	292	# define PROV_CIPHER_HW_declare_xts()
	293	# define PROV_CIPHER_HW_select_xts()
	294	#endif
	295
	296	static const PROV_CIPHER_HW aes_generic_xts = {
	297	cipher_hw_aes_xts_generic_initkey,
f75abcc0 SL	298	NULL,
f75abcc0 SL	299	cipher_hw_aes_xts_copyctx
3a9f26f3 SL	300	};
3a9f26f3 SL	301	PROV_CIPHER_HW_declare_xts()
7d6766cb	302	const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits)
3a9f26f3 SL	303	{
	304	PROV_CIPHER_HW_select_xts()
	305	return &aes_generic_xts;
	306	}