1 /* SPDX-License-Identifier: Apache-2.0 OR BSD-2-Clause */
3 // This file is dual-licensed, meaning that you can use it under your
4 // choice of either of the following two licenses:
6 // Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
8 // Licensed under the Apache License 2.0 (the "License"). You can obtain
9 // a copy in the file LICENSE in the source distribution or at
10 // https://www.openssl.org/source/license.html
14 // Copyright (c) 2023, Christoph Müllner <christoph.muellner@vrull.eu>
15 // Copyright (c) 2023, Phoebe Chen <phoebe.chen@sifive.com>
16 // Copyright (c) 2023, Jerry Shih <jerry.shih@sifive.com>
17 // Copyright 2024 Google LLC
18 // All rights reserved.
20 // Redistribution and use in source and binary forms, with or without
21 // modification, are permitted provided that the following conditions
23 // 1. Redistributions of source code must retain the above copyright
24 // notice, this list of conditions and the following disclaimer.
25 // 2. Redistributions in binary form must reproduce the above copyright
26 // notice, this list of conditions and the following disclaimer in the
27 // documentation and/or other materials provided with the distribution.
29 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
30 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
31 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
32 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
33 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
34 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
35 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
38 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
39 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41 // The generated code of this file depends on the following RISC-V extensions:
43 // - RISC-V Vector ('V') with VLEN >= 128
44 // - RISC-V Vector AES block cipher extension ('Zvkned')
46 #include <linux/linkage.h>
51 #include "aes-macros.S"
59 .macro __aes_crypt_zvkned enc, keylen
61 aes_crypt v16, \enc, \keylen
66 .macro aes_crypt_zvkned enc
67 aes_begin KEYP, 128f, 192f
68 __aes_crypt_zvkned \enc, 256
70 __aes_crypt_zvkned \enc, 128
72 __aes_crypt_zvkned \enc, 192
75 // void aes_encrypt_zvkned(const struct crypto_aes_ctx *key,
76 // const u8 in[16], u8 out[16]);
77 SYM_FUNC_START(aes_encrypt_zvkned)
79 SYM_FUNC_END(aes_encrypt_zvkned)
81 // Same prototype and calling convention as the encryption function
82 SYM_FUNC_START(aes_decrypt_zvkned)
84 SYM_FUNC_END(aes_decrypt_zvkned)
86 .macro __aes_ecb_crypt enc, keylen
88 // t0 is the remaining length in 32-bit words. It's a multiple of 4.
90 vsetvli t1, t0, e32, m8, ta, ma
91 sub t0, t0, t1 // Subtract number of words processed
92 slli t1, t1, 2 // Words to bytes
94 aes_crypt v16, \enc, \keylen
103 .macro aes_ecb_crypt enc
104 aes_begin KEYP, 128f, 192f
105 __aes_ecb_crypt \enc, 256
107 __aes_ecb_crypt \enc, 128
109 __aes_ecb_crypt \enc, 192
112 // void aes_ecb_encrypt_zvkned(const struct crypto_aes_ctx *key,
113 // const u8 *in, u8 *out, size_t len);
115 // |len| must be nonzero and a multiple of 16 (AES_BLOCK_SIZE).
116 SYM_FUNC_START(aes_ecb_encrypt_zvkned)
118 SYM_FUNC_END(aes_ecb_encrypt_zvkned)
120 // Same prototype and calling convention as the encryption function
121 SYM_FUNC_START(aes_ecb_decrypt_zvkned)
123 SYM_FUNC_END(aes_ecb_decrypt_zvkned)
125 .macro aes_cbc_encrypt keylen
126 vle32.v v16, (IVP) // Load IV
128 vle32.v v17, (INP) // Load plaintext block
129 vxor.vv v16, v16, v17 // XOR with IV or prev ciphertext block
130 aes_encrypt v16, \keylen // Encrypt
131 vse32.v v16, (OUTP) // Store ciphertext block
137 vse32.v v16, (IVP) // Store next IV
141 .macro aes_cbc_decrypt keylen
142 vle32.v v16, (IVP) // Load IV
144 vle32.v v17, (INP) // Load ciphertext block
145 vmv.v.v v18, v17 // Save ciphertext block
146 aes_decrypt v17, \keylen // Decrypt
147 vxor.vv v17, v17, v16 // XOR with IV or prev ciphertext block
148 vse32.v v17, (OUTP) // Store plaintext block
149 vmv.v.v v16, v18 // Next "IV" is prev ciphertext block
155 vse32.v v16, (IVP) // Store next IV
159 // void aes_cbc_encrypt_zvkned(const struct crypto_aes_ctx *key,
160 // const u8 *in, u8 *out, size_t len, u8 iv[16]);
162 // |len| must be nonzero and a multiple of 16 (AES_BLOCK_SIZE).
163 SYM_FUNC_START(aes_cbc_encrypt_zvkned)
164 aes_begin KEYP, 128f, 192f
170 SYM_FUNC_END(aes_cbc_encrypt_zvkned)
172 // Same prototype and calling convention as the encryption function
173 SYM_FUNC_START(aes_cbc_decrypt_zvkned)
174 aes_begin KEYP, 128f, 192f
180 SYM_FUNC_END(aes_cbc_decrypt_zvkned)