[thirdparty/openssl.git] / include / crypto / ciphermode_platform.h

/*
 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#ifndef OSSL_CRYPTO_CIPHERMODE_PLATFORM_H
# define OSSL_CRYPTO_CIPHERMODE_PLATFORM_H

# include "openssl/aes.h"

# ifdef VPAES_ASM
int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
                          AES_KEY *key);
int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
                          AES_KEY *key);
void vpaes_encrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);
void vpaes_decrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);
void vpaes_cbc_encrypt(const unsigned char *in,
                       unsigned char *out,
                       size_t length,
                       const AES_KEY *key, unsigned char *ivec, int enc);
# endif /* VPAES_ASM */

# ifdef BSAES_ASM
void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
                       size_t length, const AES_KEY *key,
                       unsigned char ivec[16], int enc);
void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
                                size_t len, const AES_KEY *key,
                                const unsigned char ivec[16]);
void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
                       size_t len, const AES_KEY *key1,
                       const AES_KEY *key2, const unsigned char iv[16]);
void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
                       size_t len, const AES_KEY *key1,
                       const AES_KEY *key2, const unsigned char iv[16]);
# endif /* BSAES_ASM */

# ifdef AES_CTR_ASM
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                       size_t blocks, const AES_KEY *key,
                       const unsigned char ivec[AES_BLOCK_SIZE]);
# endif /*  AES_CTR_ASM */

# ifdef AES_XTS_ASM
void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
                     const AES_KEY *key1, const AES_KEY *key2,
                     const unsigned char iv[16]);
void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
                     const AES_KEY *key1, const AES_KEY *key2,
                     const unsigned char iv[16]);
# endif /* AES_XTS_ASM */

# if defined(OPENSSL_CPUID_OBJ)
#  if (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
#   include "ppc_arch.h"
#   ifdef VPAES_ASM
#    define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
#   endif
#   define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
#   define HWAES_set_encrypt_key aes_p8_set_encrypt_key
#   define HWAES_set_decrypt_key aes_p8_set_decrypt_key
#   define HWAES_encrypt aes_p8_encrypt
#   define HWAES_decrypt aes_p8_decrypt
#   define HWAES_cbc_encrypt aes_p8_cbc_encrypt
#   define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
#   define HWAES_xts_encrypt aes_p8_xts_encrypt
#   define HWAES_xts_decrypt aes_p8_xts_decrypt
#  endif /* PPC */

#  if (defined(__arm__) || defined(__arm) || defined(__aarch64__))
#   include "arm_arch.h"
#   if __ARM_MAX_ARCH__>=7
#    if defined(BSAES_ASM)
#     define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
#    endif
#    if defined(VPAES_ASM)
#     define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
#    endif
#    define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES)
#    define HWAES_set_encrypt_key aes_v8_set_encrypt_key
#    define HWAES_set_decrypt_key aes_v8_set_decrypt_key
#    define HWAES_encrypt aes_v8_encrypt
#    define HWAES_decrypt aes_v8_decrypt
#    define HWAES_cbc_encrypt aes_v8_cbc_encrypt
#    define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks
#   endif
#  endif
# endif /* OPENSSL_CPUID_OBJ */

# if     defined(AES_ASM) && !defined(I386_ONLY) &&      (  \
         ((defined(__i386)       || defined(__i386__)    || \
           defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
         defined(__x86_64)       || defined(__x86_64__)  || \
         defined(_M_AMD64)       || defined(_M_X64)      )

/* AES-NI section */

#  define AESNI_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
#  ifdef VPAES_ASM
#   define VPAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
#  endif
#  ifdef BSAES_ASM
#   define BSAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
#  endif

int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
                          AES_KEY *key);
int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
                          AES_KEY *key);

void aesni_encrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);
void aesni_decrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);

void aesni_ecb_encrypt(const unsigned char *in,
                       unsigned char *out,
                       size_t length, const AES_KEY *key, int enc);
void aesni_cbc_encrypt(const unsigned char *in,
                       unsigned char *out,
                       size_t length,
                       const AES_KEY *key, unsigned char *ivec, int enc);
#  ifndef OPENSSL_NO_OCB
void aesni_ocb_encrypt(const unsigned char *in, unsigned char *out,
                       size_t blocks, const void *key,
                       size_t start_block_num,
                       unsigned char offset_i[16],
                       const unsigned char L_[][16],
                       unsigned char checksum[16]);
void aesni_ocb_decrypt(const unsigned char *in, unsigned char *out,
                       size_t blocks, const void *key,
                       size_t start_block_num,
                       unsigned char offset_i[16],
                       const unsigned char L_[][16],
                       unsigned char checksum[16]);
#  endif /* OPENSSL_NO_OCB */

void aesni_ctr32_encrypt_blocks(const unsigned char *in,
                                unsigned char *out,
                                size_t blocks,
                                const void *key, const unsigned char *ivec);

void aesni_xts_encrypt(const unsigned char *in,
                       unsigned char *out,
                       size_t length,
                       const AES_KEY *key1, const AES_KEY *key2,
                       const unsigned char iv[16]);

void aesni_xts_decrypt(const unsigned char *in,
                       unsigned char *out,
                       size_t length,
                       const AES_KEY *key1, const AES_KEY *key2,
                       const unsigned char iv[16]);

void aesni_ccm64_encrypt_blocks(const unsigned char *in,
                                unsigned char *out,
                                size_t blocks,
                                const void *key,
                                const unsigned char ivec[16],
                                unsigned char cmac[16]);

void aesni_ccm64_decrypt_blocks(const unsigned char *in,
                                unsigned char *out,
                                size_t blocks,
                                const void *key,
                                const unsigned char ivec[16],
                                unsigned char cmac[16]);

#  if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
size_t aesni_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len,
                         const void *key, unsigned char ivec[16], u64 *Xi);
size_t aesni_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len,
                         const void *key, unsigned char ivec[16], u64 *Xi);
void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in, size_t len);

#   define AES_GCM_ASM(ctx)    (ctx->ctr == aesni_ctr32_encrypt_blocks && \
                                ctx->gcm.ghash == gcm_ghash_avx)
#  endif


# elif defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))

/* Fujitsu SPARC64 X support */
extern unsigned int OPENSSL_sparcv9cap_P[];
#  include "sparc_arch.h"

#  ifndef OPENSSL_NO_CAMELLIA
#   define SPARC_CMLL_CAPABLE      (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
#   include "openssl/camellia.h"

void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
                     const CAMELLIA_KEY *key);
void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
                     const CAMELLIA_KEY *key);

void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                            size_t len, const CAMELLIA_KEY *key,
                            unsigned char *ivec);
void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                              size_t blocks, const CAMELLIA_KEY *key,
                              unsigned char *ivec);
void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                              size_t blocks, const CAMELLIA_KEY *key,
                              unsigned char *ivec);
#  endif /* OPENSSL_NO_CAMELLIA */


#  define SPARC_AES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_AES)
#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
#  define HWAES_CAPABLE           (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
#  define HWAES_set_encrypt_key aes_fx_set_encrypt_key
#  define HWAES_set_decrypt_key aes_fx_set_decrypt_key
#  define HWAES_encrypt aes_fx_encrypt
#  define HWAES_decrypt aes_fx_decrypt
#  define HWAES_cbc_encrypt aes_fx_cbc_encrypt
#  define HWAES_ctr32_encrypt_blocks aes_fx_ctr32_encrypt_blocks

void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
void aes_t4_set_decrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
                    const AES_KEY *key);
void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
                    const AES_KEY *key);
/*
 * Key-length specific subroutines were chosen for following reason.
 * Each SPARC T4 core can execute up to 8 threads which share core's
 * resources. Loading as much key material to registers allows to
 * minimize references to shared memory interface, as well as amount
 * of instructions in inner loops [much needed on T4]. But then having
 * non-key-length specific routines would require conditional branches
 * either in inner loops or on subroutines' entries. Former is hardly
 * acceptable, while latter means code size increase to size occupied
 * by multiple key-length specific subroutines, so why fight?
 */
void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
                           size_t len, const AES_KEY *key,
                           unsigned char *ivec);
void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                             size_t blocks, const AES_KEY *key,
                             unsigned char *ivec);
void aes192_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                             size_t blocks, const AES_KEY *key,
                             unsigned char *ivec);
void aes256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
                             size_t blocks, const AES_KEY *key,
                             unsigned char *ivec);
void aes128_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
                           size_t blocks, const AES_KEY *key1,
                           const AES_KEY *key2, const unsigned char *ivec);
void aes128_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
                           size_t blocks, const AES_KEY *key1,
                           const AES_KEY *key2, const unsigned char *ivec);
void aes256_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
                           size_t blocks, const AES_KEY *key1,
                           const AES_KEY *key2, const unsigned char *ivec);
void aes256_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
                           size_t blocks, const AES_KEY *key1,
                           const AES_KEY *key2, const unsigned char *ivec);

#  ifndef OPENSSL_NO_DES
#   include <openssl/des.h>
void des_t4_key_expand(const void *key, DES_key_schedule *ks);
void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
                             const DES_key_schedule ks[3], unsigned char iv[8]);
void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
                             const DES_key_schedule ks[3], unsigned char iv[8]);
void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
                        const DES_key_schedule *ks, unsigned char iv[8]);
void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
                        const DES_key_schedule *ks, unsigned char iv[8]);
#  endif /*  OPENSSL_NO_DES */

# elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
/* IBM S390X support */
#  include "s390x_arch.h"


/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
#  define S390X_AES_FC(keylen)  (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))

/* Most modes of operation need km for partial block processing. */
#  define S390X_aes_128_CAPABLE (OPENSSL_s390xcap_P.km[0] &  \
                                S390X_CAPBIT(S390X_AES_128))
#  define S390X_aes_192_CAPABLE (OPENSSL_s390xcap_P.km[0] &  \
                                S390X_CAPBIT(S390X_AES_192))
#  define S390X_aes_256_CAPABLE (OPENSSL_s390xcap_P.km[0] &  \
                                S390X_CAPBIT(S390X_AES_256))

#  define S390X_aes_128_cbc_CAPABLE     1       /* checked by callee */
#  define S390X_aes_192_cbc_CAPABLE     1
#  define S390X_aes_256_cbc_CAPABLE     1

#  define S390X_aes_128_ecb_CAPABLE     S390X_aes_128_CAPABLE
#  define S390X_aes_192_ecb_CAPABLE     S390X_aes_192_CAPABLE
#  define S390X_aes_256_ecb_CAPABLE     S390X_aes_256_CAPABLE

#  define S390X_aes_128_ofb_CAPABLE (S390X_aes_128_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmo[0] &        \
                                     S390X_CAPBIT(S390X_AES_128)))
#  define S390X_aes_192_ofb_CAPABLE (S390X_aes_192_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmo[0] &        \
                                     S390X_CAPBIT(S390X_AES_192)))
#  define S390X_aes_256_ofb_CAPABLE (S390X_aes_256_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmo[0] &        \
                                     S390X_CAPBIT(S390X_AES_256)))

#  define S390X_aes_128_cfb_CAPABLE (S390X_aes_128_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmf[0] &        \
                                     S390X_CAPBIT(S390X_AES_128)))
#  define S390X_aes_192_cfb_CAPABLE (S390X_aes_192_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmf[0] &        \
                                     S390X_CAPBIT(S390X_AES_192)))
#  define S390X_aes_256_cfb_CAPABLE (S390X_aes_256_CAPABLE &&           \
                                    (OPENSSL_s390xcap_P.kmf[0] &        \
                                     S390X_CAPBIT(S390X_AES_256)))
#  define S390X_aes_128_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] &       \
                                     S390X_CAPBIT(S390X_AES_128))
#  define S390X_aes_192_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] &       \
                                     S390X_CAPBIT(S390X_AES_192))
#  define S390X_aes_256_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] &       \
                                     S390X_CAPBIT(S390X_AES_256))
#  define S390X_aes_128_cfb1_CAPABLE    0
#  define S390X_aes_192_cfb1_CAPABLE    0
#  define S390X_aes_256_cfb1_CAPABLE    0

#  define S390X_aes_128_ctr_CAPABLE     1       /* checked by callee */
#  define S390X_aes_192_ctr_CAPABLE     1
#  define S390X_aes_256_ctr_CAPABLE     1

#  define S390X_aes_128_xts_CAPABLE     1       /* checked by callee */
#  define S390X_aes_256_xts_CAPABLE     1

# define S390X_aes_128_gcm_CAPABLE (S390X_aes_128_CAPABLE &&        \
                                    (OPENSSL_s390xcap_P.kma[0] &    \
                                     S390X_CAPBIT(S390X_AES_128)))
# define S390X_aes_192_gcm_CAPABLE (S390X_aes_192_CAPABLE &&        \
                                    (OPENSSL_s390xcap_P.kma[0] &    \
                                     S390X_CAPBIT(S390X_AES_192)))
# define S390X_aes_256_gcm_CAPABLE (S390X_aes_256_CAPABLE &&        \
                                    (OPENSSL_s390xcap_P.kma[0] &    \
                                     S390X_CAPBIT(S390X_AES_256)))

#  define S390X_aes_128_ccm_CAPABLE (S390X_aes_128_CAPABLE &&       \
                                    (OPENSSL_s390xcap_P.kmac[0] &   \
                                     S390X_CAPBIT(S390X_AES_128)))
#  define S390X_aes_192_ccm_CAPABLE (S390X_aes_192_CAPABLE &&       \
                                    (OPENSSL_s390xcap_P.kmac[0] &   \
                                     S390X_CAPBIT(S390X_AES_192)))
#  define S390X_aes_256_ccm_CAPABLE (S390X_aes_256_CAPABLE &&       \
                                    (OPENSSL_s390xcap_P.kmac[0] &   \
                                     S390X_CAPBIT(S390X_AES_256)))
#  define S390X_CCM_AAD_FLAG    0x40

#  ifndef OPENSSL_NO_OCB
#   define S390X_aes_128_ocb_CAPABLE    0
#   define S390X_aes_192_ocb_CAPABLE    0
#   define S390X_aes_256_ocb_CAPABLE    0
#  endif /* OPENSSL_NO_OCB */

#  ifndef OPENSSL_NO_SIV
#   define S390X_aes_128_siv_CAPABLE    0
#   define S390X_aes_192_siv_CAPABLE    0
#   define S390X_aes_256_siv_CAPABLE    0
#  endif /* OPENSSL_NO_SIV */

/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
#  define S390X_AES_FC(keylen)  (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
# endif

# if defined(HWAES_CAPABLE)
int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits,
                          AES_KEY *key);
int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits,
                          AES_KEY *key);
void HWAES_encrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);
void HWAES_decrypt(const unsigned char *in, unsigned char *out,
                   const AES_KEY *key);
void HWAES_cbc_encrypt(const unsigned char *in, unsigned char *out,
                       size_t length, const AES_KEY *key,
                       unsigned char *ivec, const int enc);
void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
                                size_t len, const AES_KEY *key,
                                const unsigned char ivec[16]);
void HWAES_xts_encrypt(const unsigned char *inp, unsigned char *out,
                       size_t len, const AES_KEY *key1,
                       const AES_KEY *key2, const unsigned char iv[16]);
void HWAES_xts_decrypt(const unsigned char *inp, unsigned char *out,
                       size_t len, const AES_KEY *key1,
                       const AES_KEY *key2, const unsigned char iv[16]);
#  ifndef OPENSSL_NO_OCB
#   ifdef HWAES_ocb_encrypt
void HWAES_ocb_encrypt(const unsigned char *in, unsigned char *out,
                       size_t blocks, const void *key,
                       size_t start_block_num,
                       unsigned char offset_i[16],
                       const unsigned char L_[][16],
                       unsigned char checksum[16]);
#   else
#     define HWAES_ocb_encrypt ((ocb128_f)NULL)
#   endif
#   ifdef HWAES_ocb_decrypt
void HWAES_ocb_decrypt(const unsigned char *in, unsigned char *out,
                       size_t blocks, const void *key,
                       size_t start_block_num,
                       unsigned char offset_i[16],
                       const unsigned char L_[][16],
                       unsigned char checksum[16]);
#   else
#     define HWAES_ocb_decrypt ((ocb128_f)NULL)
#   endif
#  endif /* OPENSSL_NO_OCB */

# endif /* HWAES_CAPABLE */

#endif /* OSSL_CRYPTO_CIPHERMODE_PLATFORM_H */
Commit	Line	Data
459b15d4 SL	1	/*
	2	* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
ae4186b0 DMSP	10	#ifndef OSSL_CRYPTO_CIPHERMODE_PLATFORM_H
ae4186b0 DMSP	11	# define OSSL_CRYPTO_CIPHERMODE_PLATFORM_H
e1178600 SL	12
e1178600 SL	13	# include "openssl/aes.h"
459b15d4 SL	14
	15	# ifdef VPAES_ASM
	16	int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
	17	AES_KEY *key);
	18	int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
	19	AES_KEY *key);
	20	void vpaes_encrypt(const unsigned char in, unsigned char out,
	21	const AES_KEY *key);
	22	void vpaes_decrypt(const unsigned char in, unsigned char out,
	23	const AES_KEY *key);
	24	void vpaes_cbc_encrypt(const unsigned char *in,
	25	unsigned char *out,
	26	size_t length,
	27	const AES_KEY key, unsigned char ivec, int enc);
	28	# endif /* VPAES_ASM */
	29
	30	# ifdef BSAES_ASM
	31	void bsaes_cbc_encrypt(const unsigned char in, unsigned char out,
	32	size_t length, const AES_KEY *key,
	33	unsigned char ivec[16], int enc);
	34	void bsaes_ctr32_encrypt_blocks(const unsigned char in, unsigned char out,
	35	size_t len, const AES_KEY *key,
	36	const unsigned char ivec[16]);
	37	void bsaes_xts_encrypt(const unsigned char inp, unsigned char out,
	38	size_t len, const AES_KEY *key1,
	39	const AES_KEY *key2, const unsigned char iv[16]);
	40	void bsaes_xts_decrypt(const unsigned char inp, unsigned char out,
	41	size_t len, const AES_KEY *key1,
	42	const AES_KEY *key2, const unsigned char iv[16]);
	43	# endif /* BSAES_ASM */
	44
	45	# ifdef AES_CTR_ASM
	46	void AES_ctr32_encrypt(const unsigned char in, unsigned char out,
	47	size_t blocks, const AES_KEY *key,
	48	const unsigned char ivec[AES_BLOCK_SIZE]);
	49	# endif /* AES_CTR_ASM */
	50
	51	# ifdef AES_XTS_ASM
	52	void AES_xts_encrypt(const unsigned char inp, unsigned char out, size_t len,
	53	const AES_KEY key1, const AES_KEY key2,
	54	const unsigned char iv[16]);
	55	void AES_xts_decrypt(const unsigned char inp, unsigned char out, size_t len,
	56	const AES_KEY key1, const AES_KEY key2,
	57	const unsigned char iv[16]);
	58	# endif /* AES_XTS_ASM */
	59
	60	# if defined(OPENSSL_CPUID_OBJ)
	61	# if (defined(__powerpc__) \|\| defined(__ppc__) \|\| defined(_ARCH_PPC))
	62	# include "ppc_arch.h"
	63	# ifdef VPAES_ASM
	64	# define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
	65	# endif
	66	# define HWAES_CAPABLE (OPENSSL_ppccap_P & PPC_CRYPTO207)
	67	# define HWAES_set_encrypt_key aes_p8_set_encrypt_key
	68	# define HWAES_set_decrypt_key aes_p8_set_decrypt_key
	69	# define HWAES_encrypt aes_p8_encrypt
	70	# define HWAES_decrypt aes_p8_decrypt
	71	# define HWAES_cbc_encrypt aes_p8_cbc_encrypt
	72	# define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
	73	# define HWAES_xts_encrypt aes_p8_xts_encrypt
	74	# define HWAES_xts_decrypt aes_p8_xts_decrypt
	75	# endif /* PPC */
	76
	77	# if (defined(__arm__) \|\| defined(__arm) \|\| defined(__aarch64__))
78	# include "arm_arch.h"
79	# if __ARM_MAX_ARCH__>=7
80	# if defined(BSAES_ASM)
81	# define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
82	# endif
83	# if defined(VPAES_ASM)
84	# define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
85	# endif
86	# define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES)
87	# define HWAES_set_encrypt_key aes_v8_set_encrypt_key
88	# define HWAES_set_decrypt_key aes_v8_set_decrypt_key
89	# define HWAES_encrypt aes_v8_encrypt
90	# define HWAES_decrypt aes_v8_decrypt
91	# define HWAES_cbc_encrypt aes_v8_cbc_encrypt
92	# define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks
93	# endif
94	# endif
95	# endif /* OPENSSL_CPUID_OBJ */
96
97	# if defined(AES_ASM) && !defined(I386_ONLY) && ( \
98	((defined(__i386) \|\| defined(__i386__) \|\| \
99	defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))\|\| \
100	defined(__x86_64) \|\| defined(__x86_64__) \|\| \
101	defined(_M_AMD64) \|\| defined(_M_X64) )
102
103	/* AES-NI section */
459b15d4 SL	104
	105	# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
	106	# ifdef VPAES_ASM
	107	# define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
	108	# endif
	109	# ifdef BSAES_ASM
	110	# define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
	111	# endif
	112
	113	int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
	114	AES_KEY *key);
	115	int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
	116	AES_KEY *key);
	117
	118	void aesni_encrypt(const unsigned char in, unsigned char out,
	119	const AES_KEY *key);
	120	void aesni_decrypt(const unsigned char in, unsigned char out,
	121	const AES_KEY *key);
	122
	123	void aesni_ecb_encrypt(const unsigned char *in,
	124	unsigned char *out,
	125	size_t length, const AES_KEY *key, int enc);
	126	void aesni_cbc_encrypt(const unsigned char *in,
	127	unsigned char *out,
	128	size_t length,
	129	const AES_KEY key, unsigned char ivec, int enc);
	130	# ifndef OPENSSL_NO_OCB
	131	void aesni_ocb_encrypt(const unsigned char in, unsigned char out,
	132	size_t blocks, const void *key,
	133	size_t start_block_num,
	134	unsigned char offset_i[16],
	135	const unsigned char L_[][16],
	136	unsigned char checksum[16]);
	137	void aesni_ocb_decrypt(const unsigned char in, unsigned char out,
	138	size_t blocks, const void *key,
	139	size_t start_block_num,
	140	unsigned char offset_i[16],
	141	const unsigned char L_[][16],
	142	unsigned char checksum[16]);
	143	# endif /* OPENSSL_NO_OCB */
	144
	145	void aesni_ctr32_encrypt_blocks(const unsigned char *in,
	146	unsigned char *out,
	147	size_t blocks,
	148	const void key, const unsigned char ivec);
	149
	150	void aesni_xts_encrypt(const unsigned char *in,
	151	unsigned char *out,
	152	size_t length,
	153	const AES_KEY key1, const AES_KEY key2,
	154	const unsigned char iv[16]);
	155
	156	void aesni_xts_decrypt(const unsigned char *in,
	157	unsigned char *out,
	158	size_t length,
	159	const AES_KEY key1, const AES_KEY key2,
	160	const unsigned char iv[16]);
	161
	162	void aesni_ccm64_encrypt_blocks(const unsigned char *in,
	163	unsigned char *out,
	164	size_t blocks,
	165	const void *key,
	166	const unsigned char ivec[16],
	167	unsigned char cmac[16]);
168
169	void aesni_ccm64_decrypt_blocks(const unsigned char *in,
170	unsigned char *out,
171	size_t blocks,
172	const void *key,
173	const unsigned char ivec[16],
174	unsigned char cmac[16]);
175
176	# if defined(__x86_64) \|\| defined(__x86_64__) \|\| defined(_M_AMD64) \|\| defined(_M_X64)
177	size_t aesni_gcm_encrypt(const unsigned char in, unsigned char out, size_t len,
178	const void key, unsigned char ivec[16], u64 Xi);
179	size_t aesni_gcm_decrypt(const unsigned char in, unsigned char out, size_t len,
180	const void key, unsigned char ivec[16], u64 Xi);
181	void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in, size_t len);
182
183	# define AES_GCM_ASM(ctx) (ctx->ctr == aesni_ctr32_encrypt_blocks && \
184	ctx->gcm.ghash == gcm_ghash_avx)
185	# endif
186
187
188	# elif defined(AES_ASM) && (defined(__sparc) \|\| defined(__sparc__))
189
190	/* Fujitsu SPARC64 X support */
191	extern unsigned int OPENSSL_sparcv9cap_P[];
192	# include "sparc_arch.h"
e1178600 SL	193
	194	# ifndef OPENSSL_NO_CAMELLIA
	195	# define SPARC_CMLL_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
2f9789f7	196	# include "openssl/camellia.h"
e1178600 SL	197
	198	void cmll_t4_set_key(const unsigned char key, int bits, CAMELLIA_KEY ks);
	199	void cmll_t4_encrypt(const unsigned char in, unsigned char out,
	200	const CAMELLIA_KEY *key);
	201	void cmll_t4_decrypt(const unsigned char in, unsigned char out,
	202	const CAMELLIA_KEY *key);
	203
	204	void cmll128_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	205	size_t len, const CAMELLIA_KEY *key,
	206	unsigned char *ivec);
	207	void cmll128_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	208	size_t len, const CAMELLIA_KEY *key,
	209	unsigned char *ivec);
	210	void cmll256_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	211	size_t len, const CAMELLIA_KEY *key,
	212	unsigned char *ivec);
	213	void cmll256_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	214	size_t len, const CAMELLIA_KEY *key,
	215	unsigned char *ivec);
	216	void cmll128_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	217	size_t blocks, const CAMELLIA_KEY *key,
	218	unsigned char *ivec);
	219	void cmll256_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	220	size_t blocks, const CAMELLIA_KEY *key,
	221	unsigned char *ivec);
	222	# endif /* OPENSSL_NO_CAMELLIA */
	223
	224
459b15d4	225	# define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES)
4a42e264	226	# define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES)
459b15d4 SL	227	# define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
	228	# define HWAES_set_encrypt_key aes_fx_set_encrypt_key
	229	# define HWAES_set_decrypt_key aes_fx_set_decrypt_key
	230	# define HWAES_encrypt aes_fx_encrypt
	231	# define HWAES_decrypt aes_fx_decrypt
	232	# define HWAES_cbc_encrypt aes_fx_cbc_encrypt
	233	# define HWAES_ctr32_encrypt_blocks aes_fx_ctr32_encrypt_blocks
	234
	235	void aes_t4_set_encrypt_key(const unsigned char key, int bits, AES_KEY ks);
	236	void aes_t4_set_decrypt_key(const unsigned char key, int bits, AES_KEY ks);
	237	void aes_t4_encrypt(const unsigned char in, unsigned char out,
	238	const AES_KEY *key);
	239	void aes_t4_decrypt(const unsigned char in, unsigned char out,
	240	const AES_KEY *key);
	241	/*
	242	* Key-length specific subroutines were chosen for following reason.
	243	* Each SPARC T4 core can execute up to 8 threads which share core's
	244	* resources. Loading as much key material to registers allows to
	245	* minimize references to shared memory interface, as well as amount
	246	* of instructions in inner loops [much needed on T4]. But then having
	247	* non-key-length specific routines would require conditional branches
	248	* either in inner loops or on subroutines' entries. Former is hardly
	249	* acceptable, while latter means code size increase to size occupied
	250	* by multiple key-length specific subroutines, so why fight?
	251	*/
	252	void aes128_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	253	size_t len, const AES_KEY *key,
	254	unsigned char *ivec);
	255	void aes128_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	256	size_t len, const AES_KEY *key,
	257	unsigned char *ivec);
	258	void aes192_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	259	size_t len, const AES_KEY *key,
	260	unsigned char *ivec);
	261	void aes192_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	262	size_t len, const AES_KEY *key,
	263	unsigned char *ivec);
	264	void aes256_t4_cbc_encrypt(const unsigned char in, unsigned char out,
	265	size_t len, const AES_KEY *key,
	266	unsigned char *ivec);
	267	void aes256_t4_cbc_decrypt(const unsigned char in, unsigned char out,
	268	size_t len, const AES_KEY *key,
	269	unsigned char *ivec);
	270	void aes128_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	271	size_t blocks, const AES_KEY *key,
	272	unsigned char *ivec);
	273	void aes192_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	274	size_t blocks, const AES_KEY *key,
	275	unsigned char *ivec);
	276	void aes256_t4_ctr32_encrypt(const unsigned char in, unsigned char out,
	277	size_t blocks, const AES_KEY *key,
	278	unsigned char *ivec);
	279	void aes128_t4_xts_encrypt(const unsigned char in, unsigned char out,
	280	size_t blocks, const AES_KEY *key1,
	281	const AES_KEY key2, const unsigned char ivec);
	282	void aes128_t4_xts_decrypt(const unsigned char in, unsigned char out,
	283	size_t blocks, const AES_KEY *key1,
	284	const AES_KEY key2, const unsigned char ivec);
	285	void aes256_t4_xts_encrypt(const unsigned char in, unsigned char out,
	286	size_t blocks, const AES_KEY *key1,
	287	const AES_KEY key2, const unsigned char ivec);
	288	void aes256_t4_xts_decrypt(const unsigned char in, unsigned char out,
	289	size_t blocks, const AES_KEY *key1,
	290	const AES_KEY key2, const unsigned char ivec);
291
dd11c5f0 SL	292	# ifndef OPENSSL_NO_DES
	293	# include <openssl/des.h>
	294	void des_t4_key_expand(const void key, DES_key_schedule ks);
	295	void des_t4_ede3_cbc_encrypt(const void inp, void out, size_t len,
	296	const DES_key_schedule ks[3], unsigned char iv[8]);
	297	void des_t4_ede3_cbc_decrypt(const void inp, void out, size_t len,
	298	const DES_key_schedule ks[3], unsigned char iv[8]);
e3f3ee44 SL	299	void des_t4_cbc_encrypt(const void inp, void out, size_t len,
	300	const DES_key_schedule *ks, unsigned char iv[8]);
	301	void des_t4_cbc_decrypt(const void inp, void out, size_t len,
	302	const DES_key_schedule *ks, unsigned char iv[8]);
dd11c5f0 SL	303	# endif /* OPENSSL_NO_DES */
dd11c5f0 SL	304
459b15d4 SL	305	# elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
	306	/* IBM S390X support */
	307	# include "s390x_arch.h"
	308
	309
	310	/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
	311	# define S390X_AES_FC(keylen) (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
	312
	313	/* Most modes of operation need km for partial block processing. */
	314	# define S390X_aes_128_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
	315	S390X_CAPBIT(S390X_AES_128))
	316	# define S390X_aes_192_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
	317	S390X_CAPBIT(S390X_AES_192))
	318	# define S390X_aes_256_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
	319	S390X_CAPBIT(S390X_AES_256))
	320
dd6b2706 P	321	# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
	322	# define S390X_aes_192_cbc_CAPABLE 1
	323	# define S390X_aes_256_cbc_CAPABLE 1
459b15d4	324
dd6b2706 P	325	# define S390X_aes_128_ecb_CAPABLE S390X_aes_128_CAPABLE
	326	# define S390X_aes_192_ecb_CAPABLE S390X_aes_192_CAPABLE
	327	# define S390X_aes_256_ecb_CAPABLE S390X_aes_256_CAPABLE
459b15d4	328
dd6b2706 P	329	# define S390X_aes_128_ofb_CAPABLE (S390X_aes_128_CAPABLE && \
dd6b2706 P	330	(OPENSSL_s390xcap_P.kmo[0] & \
459b15d4	331	S390X_CAPBIT(S390X_AES_128)))
dd6b2706 P	332	# define S390X_aes_192_ofb_CAPABLE (S390X_aes_192_CAPABLE && \
dd6b2706 P	333	(OPENSSL_s390xcap_P.kmo[0] & \
459b15d4	334	S390X_CAPBIT(S390X_AES_192)))
dd6b2706 P	335	# define S390X_aes_256_ofb_CAPABLE (S390X_aes_256_CAPABLE && \
dd6b2706 P	336	(OPENSSL_s390xcap_P.kmo[0] & \
459b15d4 SL	337	S390X_CAPBIT(S390X_AES_256)))
459b15d4 SL	338
dd6b2706 P	339	# define S390X_aes_128_cfb_CAPABLE (S390X_aes_128_CAPABLE && \
dd6b2706 P	340	(OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	341	S390X_CAPBIT(S390X_AES_128)))
dd6b2706 P	342	# define S390X_aes_192_cfb_CAPABLE (S390X_aes_192_CAPABLE && \
dd6b2706 P	343	(OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	344	S390X_CAPBIT(S390X_AES_192)))
dd6b2706 P	345	# define S390X_aes_256_cfb_CAPABLE (S390X_aes_256_CAPABLE && \
dd6b2706 P	346	(OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	347	S390X_CAPBIT(S390X_AES_256)))
dd6b2706	348	# define S390X_aes_128_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	349	S390X_CAPBIT(S390X_AES_128))
dd6b2706	350	# define S390X_aes_192_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	351	S390X_CAPBIT(S390X_AES_192))
dd6b2706	352	# define S390X_aes_256_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
459b15d4	353	S390X_CAPBIT(S390X_AES_256))
dd6b2706 P	354	# define S390X_aes_128_cfb1_CAPABLE 0
	355	# define S390X_aes_192_cfb1_CAPABLE 0
	356	# define S390X_aes_256_cfb1_CAPABLE 0
459b15d4	357
dd6b2706 P	358	# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
	359	# define S390X_aes_192_ctr_CAPABLE 1
	360	# define S390X_aes_256_ctr_CAPABLE 1
459b15d4	361
dd6b2706 P	362	# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
dd6b2706 P	363	# define S390X_aes_256_xts_CAPABLE 1
459b15d4	364
05f4eb2d SL	365	# define S390X_aes_128_gcm_CAPABLE (S390X_aes_128_CAPABLE && \
05f4eb2d SL	366	(OPENSSL_s390xcap_P.kma[0] & \
459b15d4	367	S390X_CAPBIT(S390X_AES_128)))
05f4eb2d SL	368	# define S390X_aes_192_gcm_CAPABLE (S390X_aes_192_CAPABLE && \
05f4eb2d SL	369	(OPENSSL_s390xcap_P.kma[0] & \
459b15d4	370	S390X_CAPBIT(S390X_AES_192)))
05f4eb2d SL	371	# define S390X_aes_256_gcm_CAPABLE (S390X_aes_256_CAPABLE && \
	372	(OPENSSL_s390xcap_P.kma[0] & \
	373	S390X_CAPBIT(S390X_AES_256)))
	374
	375	# define S390X_aes_128_ccm_CAPABLE (S390X_aes_128_CAPABLE && \
	376	(OPENSSL_s390xcap_P.kmac[0] & \
	377	S390X_CAPBIT(S390X_AES_128)))
	378	# define S390X_aes_192_ccm_CAPABLE (S390X_aes_192_CAPABLE && \
	379	(OPENSSL_s390xcap_P.kmac[0] & \
	380	S390X_CAPBIT(S390X_AES_192)))
	381	# define S390X_aes_256_ccm_CAPABLE (S390X_aes_256_CAPABLE && \
	382	(OPENSSL_s390xcap_P.kmac[0] & \
459b15d4	383	S390X_CAPBIT(S390X_AES_256)))
dd6b2706	384	# define S390X_CCM_AAD_FLAG 0x40
459b15d4 SL	385
459b15d4 SL	386	# ifndef OPENSSL_NO_OCB
dd6b2706 P	387	# define S390X_aes_128_ocb_CAPABLE 0
	388	# define S390X_aes_192_ocb_CAPABLE 0
	389	# define S390X_aes_256_ocb_CAPABLE 0
459b15d4 SL	390	# endif /* OPENSSL_NO_OCB */
	391
	392	# ifndef OPENSSL_NO_SIV
	393	# define S390X_aes_128_siv_CAPABLE 0
	394	# define S390X_aes_192_siv_CAPABLE 0
	395	# define S390X_aes_256_siv_CAPABLE 0
	396	# endif /* OPENSSL_NO_SIV */
	397
	398	/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
	399	# define S390X_AES_FC(keylen) (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
	400	# endif
	401
	402	# if defined(HWAES_CAPABLE)
	403	int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits,
	404	AES_KEY *key);
	405	int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits,
	406	AES_KEY *key);
	407	void HWAES_encrypt(const unsigned char in, unsigned char out,
	408	const AES_KEY *key);
	409	void HWAES_decrypt(const unsigned char in, unsigned char out,
	410	const AES_KEY *key);
	411	void HWAES_cbc_encrypt(const unsigned char in, unsigned char out,
	412	size_t length, const AES_KEY *key,
	413	unsigned char *ivec, const int enc);
	414	void HWAES_ctr32_encrypt_blocks(const unsigned char in, unsigned char out,
	415	size_t len, const AES_KEY *key,
	416	const unsigned char ivec[16]);
	417	void HWAES_xts_encrypt(const unsigned char inp, unsigned char out,
	418	size_t len, const AES_KEY *key1,
	419	const AES_KEY *key2, const unsigned char iv[16]);
	420	void HWAES_xts_decrypt(const unsigned char inp, unsigned char out,
	421	size_t len, const AES_KEY *key1,
	422	const AES_KEY *key2, const unsigned char iv[16]);
	423	# ifndef OPENSSL_NO_OCB
	424	# ifdef HWAES_ocb_encrypt
	425	void HWAES_ocb_encrypt(const unsigned char in, unsigned char out,
	426	size_t blocks, const void *key,
	427	size_t start_block_num,
	428	unsigned char offset_i[16],
	429	const unsigned char L_[][16],
	430	unsigned char checksum[16]);
	431	# else
	432	# define HWAES_ocb_encrypt ((ocb128_f)NULL)
	433	# endif
	434	# ifdef HWAES_ocb_decrypt
	435	void HWAES_ocb_decrypt(const unsigned char in, unsigned char out,
	436	size_t blocks, const void *key,
	437	size_t start_block_num,
	438	unsigned char offset_i[16],
	439	const unsigned char L_[][16],
	440	unsigned char checksum[16]);
	441	# else
	442	# define HWAES_ocb_decrypt ((ocb128_f)NULL)
	443	# endif
	444	# endif /* OPENSSL_NO_OCB */
	445
	446	# endif /* HWAES_CAPABLE */
	447
ae4186b0	448	#endif /* OSSL_CRYPTO_CIPHERMODE_PLATFORM_H */