]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
reorganized source files.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 14 Dec 2013 18:56:58 +0000 (19:56 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 14 Dec 2013 18:56:58 +0000 (19:56 +0100)
19 files changed:
lib/accelerated/accelerated.c
lib/accelerated/x86/Makefile.am
lib/accelerated/x86/aes-cbc-x86-aesni.c [new file with mode: 0644]
lib/accelerated/x86/aes-cbc-x86-ssse3.c [new file with mode: 0644]
lib/accelerated/x86/aes-gcm-padlock.c
lib/accelerated/x86/aes-gcm-x86-aesni.c
lib/accelerated/x86/aes-gcm-x86-pclmul.c
lib/accelerated/x86/aes-gcm-x86-ssse3.c
lib/accelerated/x86/aes-padlock.c
lib/accelerated/x86/aes-padlock.h
lib/accelerated/x86/aes-x86.c [deleted file]
lib/accelerated/x86/aes-x86.h
lib/accelerated/x86/hmac-padlock.c
lib/accelerated/x86/hmac-x86-ssse3.c
lib/accelerated/x86/sha-padlock.c
lib/accelerated/x86/sha-padlock.h
lib/accelerated/x86/sha-x86-ssse3.c
lib/accelerated/x86/sha-x86.h
lib/accelerated/x86/x86-common.c [new file with mode: 0644]

index 86983746a3e82c4857b6a11265e32f6094cace35..7ad1cb5b287c3df168e4bae89e01e6ab1da50a21 100644 (file)
@@ -32,7 +32,6 @@ void _gnutls_register_accel_crypto(void)
 #if defined(ASM_X86)
        if (gnutls_have_cpuid() != 0) {
                register_x86_crypto();
-               register_padlock_crypto();
        }
 #endif
 
index 5e8f825782e2830e5618cc5cd31cbe477b5c8086..e38551cd301c2ba8843aa5fcc2cdf70ed8046cc3 100644 (file)
@@ -35,9 +35,9 @@ EXTRA_DIST = README license.txt files.mk
 
 noinst_LTLIBRARIES = libx86.la
 
-libx86_la_SOURCES = sha-padlock.c hmac-padlock.c aes-x86.c aes-padlock.c aes-gcm-padlock.c \
+libx86_la_SOURCES = sha-padlock.c hmac-padlock.c x86-common.c aes-padlock.c aes-gcm-padlock.c \
        aes-padlock.h aes-x86.h x86.h sha-padlock.h sha-x86-ssse3.c sha-x86.h hmac-x86-ssse3.c \
-       aes-gcm-x86-ssse3.c aes-gcm-x86-aesni.c
+       aes-gcm-x86-ssse3.c aes-gcm-x86-aesni.c aes-cbc-x86-ssse3.c aes-cbc-x86-aesni.c
 
 include files.mk
 
diff --git a/lib/accelerated/x86/aes-cbc-x86-aesni.c b/lib/accelerated/x86/aes-cbc-x86-aesni.c
new file mode 100644 (file)
index 0000000..6d4526f
--- /dev/null
@@ -0,0 +1,132 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include <gnutls_errors.h>
+#include <gnutls_int.h>
+#include <gnutls/crypto.h>
+#include <gnutls_errors.h>
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86.h>
+
+struct aes_ctx {
+       AES_KEY expanded_key;
+       uint8_t iv[16];
+       int enc;
+};
+
+unsigned int _gnutls_x86_cpuid_s[4];
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+       /* we use key size to distinguish */
+       if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+           && algorithm != GNUTLS_CIPHER_AES_192_CBC
+           && algorithm != GNUTLS_CIPHER_AES_256_CBC)
+               return GNUTLS_E_INVALID_REQUEST;
+
+       *_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
+       if (*_ctx == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_MEMORY_ERROR;
+       }
+
+       ((struct aes_ctx *) (*_ctx))->enc = enc;
+
+       return 0;
+}
+
+static int
+aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+       struct aes_ctx *ctx = _ctx;
+       int ret;
+
+       if (ctx->enc)
+               ret =
+                   aesni_set_encrypt_key(userkey, keysize * 8,
+                                         ALIGN16(&ctx->expanded_key));
+       else
+               ret =
+                   aesni_set_decrypt_key(userkey, keysize * 8,
+                                         ALIGN16(&ctx->expanded_key));
+
+       if (ret != 0)
+               return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+       return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       memcpy(ctx->iv, iv, 16);
+       return 0;
+}
+
+static int
+aes_encrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+                         ctx->iv, 1);
+       return 0;
+}
+
+static int
+aes_decrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+                         ctx->iv, 0);
+
+       return 0;
+}
+
+static void aes_deinit(void *_ctx)
+{
+       struct aes_ctx *ctx = _ctx;
+       
+       zeroize_temp_key(ctx, sizeof(*ctx));
+       gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aesni_x86 = {
+       .init = aes_cipher_init,
+       .setkey = aes_cipher_setkey,
+       .setiv = aes_setiv,
+       .encrypt = aes_encrypt,
+       .decrypt = aes_decrypt,
+       .deinit = aes_deinit,
+};
+
diff --git a/lib/accelerated/x86/aes-cbc-x86-ssse3.c b/lib/accelerated/x86/aes-cbc-x86-ssse3.c
new file mode 100644 (file)
index 0000000..ff24578
--- /dev/null
@@ -0,0 +1,133 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include <gnutls_errors.h>
+#include <gnutls_int.h>
+#include <gnutls/crypto.h>
+#include <gnutls_errors.h>
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86.h>
+
+struct aes_ctx {
+       AES_KEY expanded_key;
+       uint8_t iv[16];
+       int enc;
+};
+
+unsigned int _gnutls_x86_cpuid_s[4];
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+       /* we use key size to distinguish */
+       if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+           && algorithm != GNUTLS_CIPHER_AES_192_CBC
+           && algorithm != GNUTLS_CIPHER_AES_256_CBC)
+               return GNUTLS_E_INVALID_REQUEST;
+
+       *_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
+       if (*_ctx == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_MEMORY_ERROR;
+       }
+
+       ((struct aes_ctx *) (*_ctx))->enc = enc;
+
+       return 0;
+}
+
+static int
+aes_ssse3_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+       struct aes_ctx *ctx = _ctx;
+       int ret;
+
+       if (ctx->enc)
+               ret =
+                   vpaes_set_encrypt_key(userkey, keysize * 8,
+                                         ALIGN16(&ctx->expanded_key));
+       else
+               ret =
+                   vpaes_set_decrypt_key(userkey, keysize * 8,
+                                         ALIGN16(&ctx->expanded_key));
+
+       if (ret != 0)
+               return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
+
+       return 0;
+}
+
+static int
+aes_ssse3_encrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+                         ctx->iv, 1);
+       return 0;
+}
+
+static int
+aes_ssse3_decrypt(void *_ctx, const void *src, size_t src_size,
+           void *dst, size_t dst_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
+                         ctx->iv, 0);
+
+       return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+       struct aes_ctx *ctx = _ctx;
+
+       memcpy(ctx->iv, iv, 16);
+       return 0;
+}
+
+static void aes_deinit(void *_ctx)
+{
+       struct aes_ctx *ctx = _ctx;
+       
+       zeroize_temp_key(ctx, sizeof(*ctx));
+       gnutls_free(ctx);
+}
+
+
+const gnutls_crypto_cipher_st _gnutls_aes_ssse3 = {
+       .init = aes_cipher_init,
+       .setkey = aes_ssse3_cipher_setkey,
+       .setiv = aes_setiv,
+       .encrypt = aes_ssse3_encrypt,
+       .decrypt = aes_ssse3_decrypt,
+       .deinit = aes_deinit,
+};
+
index 1c58656192e1237d8cd057aae32243ac640a29c7..4b49521fd92018d8fc6ec6229357bfad4240dbf0 100644 (file)
@@ -153,7 +153,7 @@ static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
        GCM_DIGEST(ctx, padlock_aes_encrypt, tagsize, tag);
 }
 
-const gnutls_crypto_cipher_st aes_gcm_padlock_struct = {
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_padlock = {
        .init = aes_gcm_cipher_init,
        .setkey = aes_gcm_cipher_setkey,
        .setiv = aes_gcm_setiv,
index 2651cd3fe42b8e603a342ef207aadfa6a1749901..55bc5b0fabaaaab421cdabf04d773282789e80f2 100644 (file)
@@ -147,7 +147,7 @@ static void aes_gcm_deinit(void *_ctx)
        gnutls_free(ctx);
 }
 
-const gnutls_crypto_cipher_st aes_gcm_x86_aesni = {
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_aesni = {
        .init = aes_gcm_cipher_init,
        .setkey = aes_gcm_cipher_setkey,
        .setiv = aes_gcm_setiv,
index d1249c6a0081b13e21a5e4201984ffaa97b5895c..c5f23b5abef8dfa75044fb4dab9734da6ec916ec 100644 (file)
@@ -258,7 +258,7 @@ static void aes_gcm_tag(void *_ctx, void *tag, size_t tagsize)
        memcpy(tag, ctx->gcm.Xi.c, MIN(GCM_BLOCK_SIZE, tagsize));
 }
 
-const gnutls_crypto_cipher_st aes_gcm_pclmul = {
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul = {
        .init = aes_gcm_cipher_init,
        .setkey = aes_gcm_cipher_setkey,
        .setiv = aes_gcm_setiv,
index 845bb3db60369b162054451e918210338760967a..68332387cc0382d4cb5f6b1ef529fd2e4f347aff 100644 (file)
@@ -146,7 +146,7 @@ static void aes_gcm_deinit(void *_ctx)
        gnutls_free(ctx);
 }
 
-const gnutls_crypto_cipher_st aes_gcm_x86_ssse3 = {
+const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_ssse3 = {
        .init = aes_gcm_cipher_init,
        .setkey = aes_gcm_cipher_setkey,
        .setiv = aes_gcm_setiv,
index e9d7f526be4f16a3129a4ddd64c34808cf4a1e74..adc7e00394630de51118167d0e042897d9efa38a 100644 (file)
@@ -32,8 +32,8 @@
 #include <aes-x86.h>
 #include <x86.h>
 #ifdef HAVE_LIBNETTLE
-#include <nettle/aes.h>                /* for key generation in 192 and 256 bits */
-#include <sha-padlock.h>
+# include <nettle/aes.h>               /* for key generation in 192 and 256 bits */
+# include <sha-padlock.h>
 #endif
 #include <aes-padlock.h>
 
@@ -157,7 +157,7 @@ static void aes_deinit(void *_ctx)
        gnutls_free(ctx);
 }
 
-static const gnutls_crypto_cipher_st aes_padlock_struct = {
+const gnutls_crypto_cipher_st _gnutls_aes_padlock = {
        .init = aes_cipher_init,
        .setkey = padlock_aes_cipher_setkey,
        .setiv = aes_setiv,
@@ -166,228 +166,3 @@ static const gnutls_crypto_cipher_st aes_padlock_struct = {
        .deinit = aes_deinit,
 };
 
-static int check_padlock(void)
-{
-       unsigned int edx = padlock_capability();
-
-       return ((edx & (0x3 << 6)) == (0x3 << 6));
-}
-
-static int check_phe(void)
-{
-       unsigned int edx = padlock_capability();
-
-       return ((edx & (0x3 << 10)) == (0x3 << 10));
-}
-
-/* We are actually checking for SHA512 */
-static int check_phe_sha512(void)
-{
-       unsigned int edx = padlock_capability();
-
-       return ((edx & (0x3 << 25)) == (0x3 << 25));
-}
-
-static int check_phe_partial(void)
-{
-       const char *text = "test and test";
-       uint32_t iv[5] = { 0x67452301UL, 0xEFCDAB89UL,
-               0x98BADCFEUL, 0x10325476UL, 0xC3D2E1F0UL
-       };
-
-       padlock_sha1_blocks(iv, text, sizeof(text) - 1);
-       padlock_sha1_blocks(iv, text, sizeof(text) - 1);
-
-       if (iv[0] == 0x9096E2D8UL && iv[1] == 0xA33074EEUL &&
-           iv[2] == 0xCDBEE447UL && iv[3] == 0xEC7979D2UL &&
-           iv[4] == 0x9D3FF5CFUL)
-               return 1;
-       else
-               return 0;
-}
-
-static unsigned check_via(void)
-{
-       unsigned int a, b, c, d;
-       gnutls_cpuid(0, &a, &b, &c, &d);
-
-       if ((memcmp(&b, "Cent", 4) == 0 &&
-            memcmp(&d, "aurH", 4) == 0 && memcmp(&c, "auls", 4) == 0)) {
-               return 1;
-       }
-
-       return 0;
-}
-
-void register_padlock_crypto(void)
-{
-       int ret, phe;
-
-       if (check_via() == 0)
-               return;
-       if (check_padlock()) {
-               _gnutls_debug_log
-                   ("Padlock AES accelerator was detected\n");
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_128_CBC, 80, &aes_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               /* register GCM ciphers */
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_128_GCM, 80,
-                    &aes_gcm_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-#ifdef HAVE_LIBNETTLE
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_192_CBC, 80, &aes_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_256_CBC, 80, &aes_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_256_GCM, 80,
-                    &aes_gcm_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-#endif
-       }
-#ifdef HAVE_LIBNETTLE
-       phe = check_phe();
-
-       if (phe && check_phe_partial()) {
-               _gnutls_debug_log
-                   ("Padlock SHA1 and SHA256 (partial) accelerator was detected\n");
-               if (check_phe_sha512()) {
-                       _gnutls_debug_log
-                           ("Padlock SHA512 (partial) accelerator was detected\n");
-                       ret =
-                           gnutls_crypto_single_digest_register
-                           (GNUTLS_DIG_SHA384, 80,
-                            &sha_padlock_nano_struct);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-                       ret =
-                           gnutls_crypto_single_digest_register
-                           (GNUTLS_DIG_SHA512, 80,
-                            &sha_padlock_nano_struct);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-                       ret =
-                           gnutls_crypto_single_mac_register
-                           (GNUTLS_MAC_SHA384, 80,
-                            &hmac_sha_padlock_nano_struct);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-                       ret =
-                           gnutls_crypto_single_mac_register
-                           (GNUTLS_MAC_SHA512, 80,
-                            &hmac_sha_padlock_nano_struct);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
-                                                        80,
-                                                        &sha_padlock_nano_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
-                                                        80,
-                                                        &sha_padlock_nano_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
-                                                        80,
-                                                        &sha_padlock_nano_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
-                                                     80,
-                                                     &hmac_sha_padlock_nano_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               /* we don't register MAC_SHA224 because it is not used by TLS */
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
-                                                     80,
-                                                     &hmac_sha_padlock_nano_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-       } else if (phe) {
-               /* Original padlock PHE. Does not support incremental operations.
-                */
-               _gnutls_debug_log
-                   ("Padlock SHA1 and SHA256 accelerator was detected\n");
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
-                                                        80,
-                                                        &sha_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
-                                                        80,
-                                                        &sha_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
-                                                     80,
-                                                     &hmac_sha_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
-                                                     80,
-                                                     &hmac_sha_padlock_struct);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-       }
-#endif
-
-       return;
-}
index 851b40b6f90377b645944a0b47790e7c8ce6029c..43a2f029a2451ec5cdd69f14a906113ad18e5a87 100644 (file)
@@ -27,9 +27,10 @@ struct padlock_ctx {
        int enc;
 };
 
-extern const gnutls_crypto_cipher_st aes_gcm_padlock_struct;
-extern const gnutls_crypto_mac_st hmac_sha_padlock_struct;
-extern const gnutls_crypto_digest_st sha_padlock_struct;
+extern const gnutls_crypto_cipher_st _gnutls_aes_padlock;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_padlock;
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock;
+extern const gnutls_crypto_digest_st _gnutls_sha_padlock;
 
 int padlock_aes_cipher_setkey(void *_ctx, const void *userkey,
                              size_t keysize);
diff --git a/lib/accelerated/x86/aes-x86.c b/lib/accelerated/x86/aes-x86.c
deleted file mode 100644 (file)
index dcac4f0..0000000
+++ /dev/null
@@ -1,413 +0,0 @@
-/*
- * Copyright (C) 2011-2012 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * The GnuTLS is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-/*
- * The following code is an implementation of the AES-128-CBC cipher
- * using intel's AES instruction set. 
- */
-
-#include <gnutls_errors.h>
-#include <gnutls_int.h>
-#include <gnutls/crypto.h>
-#include <gnutls_errors.h>
-#include <aes-x86.h>
-#include <sha-x86.h>
-#include <x86.h>
-
-struct aes_ctx {
-       AES_KEY expanded_key;
-       uint8_t iv[16];
-       int enc;
-};
-
-unsigned int _gnutls_x86_cpuid_s[4];
-
-static int
-aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
-{
-       /* we use key size to distinguish */
-       if (algorithm != GNUTLS_CIPHER_AES_128_CBC
-           && algorithm != GNUTLS_CIPHER_AES_192_CBC
-           && algorithm != GNUTLS_CIPHER_AES_256_CBC)
-               return GNUTLS_E_INVALID_REQUEST;
-
-       *_ctx = gnutls_calloc(1, sizeof(struct aes_ctx));
-       if (*_ctx == NULL) {
-               gnutls_assert();
-               return GNUTLS_E_MEMORY_ERROR;
-       }
-
-       ((struct aes_ctx *) (*_ctx))->enc = enc;
-
-       return 0;
-}
-
-static int
-aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
-{
-       struct aes_ctx *ctx = _ctx;
-       int ret;
-
-       if (ctx->enc)
-               ret =
-                   aesni_set_encrypt_key(userkey, keysize * 8,
-                                         ALIGN16(&ctx->expanded_key));
-       else
-               ret =
-                   aesni_set_decrypt_key(userkey, keysize * 8,
-                                         ALIGN16(&ctx->expanded_key));
-
-       if (ret != 0)
-               return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
-
-       return 0;
-}
-
-static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
-{
-       struct aes_ctx *ctx = _ctx;
-
-       memcpy(ctx->iv, iv, 16);
-       return 0;
-}
-
-static int
-aes_encrypt(void *_ctx, const void *src, size_t src_size,
-           void *dst, size_t dst_size)
-{
-       struct aes_ctx *ctx = _ctx;
-
-       aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
-                         ctx->iv, 1);
-       return 0;
-}
-
-static int
-aes_decrypt(void *_ctx, const void *src, size_t src_size,
-           void *dst, size_t dst_size)
-{
-       struct aes_ctx *ctx = _ctx;
-
-       aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
-                         ctx->iv, 0);
-
-       return 0;
-}
-
-static void aes_deinit(void *_ctx)
-{
-       struct aes_ctx *ctx = _ctx;
-       
-       zeroize_temp_key(ctx, sizeof(*ctx));
-       gnutls_free(ctx);
-}
-
-static const gnutls_crypto_cipher_st aesni_x86 = {
-       .init = aes_cipher_init,
-       .setkey = aes_cipher_setkey,
-       .setiv = aes_setiv,
-       .encrypt = aes_encrypt,
-       .decrypt = aes_decrypt,
-       .deinit = aes_deinit,
-};
-
-static int
-aes_ssse3_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
-{
-       struct aes_ctx *ctx = _ctx;
-       int ret;
-
-       if (ctx->enc)
-               ret =
-                   vpaes_set_encrypt_key(userkey, keysize * 8,
-                                         ALIGN16(&ctx->expanded_key));
-       else
-               ret =
-                   vpaes_set_decrypt_key(userkey, keysize * 8,
-                                         ALIGN16(&ctx->expanded_key));
-
-       if (ret != 0)
-               return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
-
-       return 0;
-}
-
-static int
-aes_ssse3_encrypt(void *_ctx, const void *src, size_t src_size,
-           void *dst, size_t dst_size)
-{
-       struct aes_ctx *ctx = _ctx;
-
-       vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
-                         ctx->iv, 1);
-       return 0;
-}
-
-static int
-aes_ssse3_decrypt(void *_ctx, const void *src, size_t src_size,
-           void *dst, size_t dst_size)
-{
-       struct aes_ctx *ctx = _ctx;
-
-       vpaes_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key),
-                         ctx->iv, 0);
-
-       return 0;
-}
-
-static const gnutls_crypto_cipher_st aes_ssse3 = {
-       .init = aes_cipher_init,
-       .setkey = aes_ssse3_cipher_setkey,
-       .setiv = aes_setiv,
-       .encrypt = aes_ssse3_encrypt,
-       .decrypt = aes_ssse3_decrypt,
-       .deinit = aes_deinit,
-};
-
-static unsigned check_optimized_aes(void)
-{
-       return (_gnutls_x86_cpuid_s[2] & 0x2000000);
-}
-
-static unsigned check_ssse3(void)
-{
-       return (_gnutls_x86_cpuid_s[2] & 0x0000200);
-}
-
-#ifdef ASM_X86_64
-static unsigned check_pclmul(void)
-{
-       return (_gnutls_x86_cpuid_s[2] & 0x2);
-}
-#endif
-
-static unsigned check_intel_or_amd(void)
-{
-       unsigned int a, b, c, d;
-       gnutls_cpuid(0, &a, &b, &c, &d);
-
-       if ((memcmp(&b, "Genu", 4) == 0 &&
-            memcmp(&d, "ineI", 4) == 0 &&
-            memcmp(&c, "ntel", 4) == 0) ||
-           (memcmp(&b, "Auth", 4) == 0 &&
-            memcmp(&d, "enti", 4) == 0 && memcmp(&c, "cAMD", 4) == 0)) {
-               return 1;
-       }
-
-       return 0;
-}
-
-void register_x86_crypto(void)
-{
-       int ret;
-
-       if (check_intel_or_amd() == 0)
-               return;
-
-       gnutls_cpuid(1, &_gnutls_x86_cpuid_s[0], &_gnutls_x86_cpuid_s[1], 
-               &_gnutls_x86_cpuid_s[2], &_gnutls_x86_cpuid_s[3]);
-       
-       if (check_ssse3()) {
-               _gnutls_debug_log("Intel SSSE3 was detected\n");
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_128_GCM, 90,
-                    &aes_gcm_x86_ssse3);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_256_GCM, 90,
-                    &aes_gcm_x86_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_128_CBC, 90, &aes_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_192_CBC, 90, &aes_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_256_CBC, 90, &aes_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
-                                                        80,
-                                                        &sha_x86_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
-                                                        80,
-                                                        &sha_x86_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
-                                                        80,
-                                                        &sha_x86_ssse3);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA1,
-                                                        80,
-                                                        &hmac_sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA224,
-                                                        80,
-                                                        &hmac_sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA256,
-                                                        80,
-                                                        &hmac_sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-
-#ifdef ENABLE_SHA512
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
-                                                        80,
-                                                        &sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-
-               ret =
-                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
-                                                        80,
-                                                        &sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA384,
-                                                        80,
-                                                        &hmac_sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-
-               ret =
-                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA512,
-                                                        80,
-                                                        &hmac_sha_x86_ssse3);
-               if (ret < 0)
-                       gnutls_assert();
-#endif
-       }
-
-       if (check_optimized_aes()) {
-               _gnutls_debug_log("Intel AES accelerator was detected\n");
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_128_CBC, 80, &aesni_x86);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_192_CBC, 80, &aesni_x86);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-
-               ret =
-                   gnutls_crypto_single_cipher_register
-                   (GNUTLS_CIPHER_AES_256_CBC, 80, &aesni_x86);
-               if (ret < 0) {
-                       gnutls_assert();
-               }
-#ifdef ASM_X86_64
-               if (check_pclmul()) {
-                       /* register GCM ciphers */
-                       _gnutls_debug_log
-                           ("Intel GCM accelerator was detected\n");
-                       ret =
-                           gnutls_crypto_single_cipher_register
-                           (GNUTLS_CIPHER_AES_128_GCM, 80,
-                            &aes_gcm_pclmul);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-                       ret =
-                           gnutls_crypto_single_cipher_register
-                           (GNUTLS_CIPHER_AES_256_GCM, 80,
-                            &aes_gcm_pclmul);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-               } else {
-                       ret =
-                           gnutls_crypto_single_cipher_register
-                           (GNUTLS_CIPHER_AES_128_GCM, 80,
-                            &aes_gcm_x86_aesni);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-                       ret =
-                           gnutls_crypto_single_cipher_register
-                           (GNUTLS_CIPHER_AES_256_GCM, 80,
-                            &aes_gcm_x86_aesni);
-                       if (ret < 0) {
-                               gnutls_assert();
-                       }
-
-
-               }
-#endif
-       }
-
-       /* convert _gnutls_x86_cpuid_s the way openssl asm expects it */
-       _gnutls_x86_cpuid_s[1] = _gnutls_x86_cpuid_s[2];
-
-       return;
-}
index 3a63d818c344b1374c13bed9e164df9bd8f13a9e..c0e56e31a836c97b93ab71d39c2a1f0ee713e507 100644 (file)
@@ -4,7 +4,6 @@
 #include <gnutls_int.h>
 
 void register_x86_crypto(void);
-void register_padlock_crypto(void);
 
 #define ALIGN16(x) \
         ((void *)(((ptrdiff_t)(x)+(ptrdiff_t)0x0f)&~((ptrdiff_t)0x0f)))
@@ -43,8 +42,10 @@ void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
 void vpaes_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
 void vpaes_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
 
-extern const gnutls_crypto_cipher_st aes_gcm_pclmul;
-extern const gnutls_crypto_cipher_st aes_gcm_x86_ssse3;
-extern const gnutls_crypto_cipher_st aes_gcm_x86_aesni;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_pclmul;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_ssse3;
+extern const gnutls_crypto_cipher_st _gnutls_aes_gcm_x86_aesni;
+extern const gnutls_crypto_cipher_st _gnutls_aes_ssse3;
+extern const gnutls_crypto_cipher_st _gnutls_aesni_x86;
 
 #endif
index 265203f22836a535e8f3197c293265b1dbbe5501..e516c385d987466d21990a6174512ce806c8c873 100644 (file)
@@ -327,7 +327,7 @@ wrap_padlock_hmac_fast(gnutls_mac_algorithm_t algo,
        return 0;
 }
 
-const gnutls_crypto_mac_st hmac_sha_padlock_struct = {
+const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock = {
        .init = NULL,
        .setkey = NULL,
        .setnonce = NULL,
@@ -337,7 +337,7 @@ const gnutls_crypto_mac_st hmac_sha_padlock_struct = {
        .fast = wrap_padlock_hmac_fast
 };
 
-const gnutls_crypto_mac_st hmac_sha_padlock_nano_struct = {
+const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock_nano = {
        .init = wrap_padlock_hmac_init,
        .setkey = wrap_padlock_hmac_setkey,
        .setnonce = NULL,
index 3058ad67f2631650671f684df034f910ed51974e..0d5004d30c741b7568c5f311cb42988b54892e19 100644 (file)
@@ -287,7 +287,7 @@ static int wrap_x86_hmac_fast(gnutls_mac_algorithm_t algo,
        return 0;
 }
 
-const gnutls_crypto_mac_st hmac_sha_x86_ssse3 = {
+const gnutls_crypto_mac_st _gnutls_hmac_sha_x86_ssse3 = {
        .init = wrap_x86_hmac_init,
        .setkey = wrap_x86_hmac_setkey,
        .setnonce = NULL,
index f568ab1039d75ded23b4a02282c0d6bc4c909cd2..3875cfca43cadd9467a22a12c1e7b97286bb3ff9 100644 (file)
@@ -358,7 +358,7 @@ const struct nettle_hash padlock_sha256 = NN_HASH(sha256, padlock_sha256_update,
 const struct nettle_hash padlock_sha384 = NN_HASH(sha384, padlock_sha512_update, padlock_sha512_digest, SHA384);
 const struct nettle_hash padlock_sha512 = NN_HASH(sha512, padlock_sha512_update, padlock_sha512_digest, SHA512);
 
-const gnutls_crypto_digest_st sha_padlock_struct = {
+const gnutls_crypto_digest_st _gnutls_sha_padlock = {
        .init = NULL,
        .hash = NULL,
        .output = NULL,
@@ -366,7 +366,7 @@ const gnutls_crypto_digest_st sha_padlock_struct = {
        .fast = wrap_padlock_hash_fast
 };
 
-const gnutls_crypto_digest_st sha_padlock_nano_struct = {
+const gnutls_crypto_digest_st _gnutls_sha_padlock_nano = {
        .init = wrap_padlock_hash_init,
        .hash = wrap_padlock_hash_update,
        .output = wrap_padlock_hash_output,
index 30d3ccec28213ceb6b501c814468af3f08820b68..5cbe1d13b003ceb558c2f93f43dcb97c872847f7 100644 (file)
@@ -30,7 +30,7 @@ extern const struct nettle_hash padlock_sha256;
 extern const struct nettle_hash padlock_sha384;
 extern const struct nettle_hash padlock_sha512;
 
-extern const gnutls_crypto_mac_st hmac_sha_padlock_nano_struct;
-extern const gnutls_crypto_digest_st sha_padlock_nano_struct;
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_padlock_nano;
+extern const gnutls_crypto_digest_st _gnutls_sha_padlock_nano;
 
 #endif
index 29dcd2dbd272e45f702d3c3aed71c832f79aaecb..25b347b585619f03d131c12baa6f5c90e5ee0ccf 100644 (file)
@@ -356,7 +356,7 @@ const struct nettle_hash x86_sha512 =
 NN_HASH(sha512, x86_sha512_update, sha512_digest, SHA512);
 #endif
 
-const gnutls_crypto_digest_st sha_x86_ssse3 = {
+const gnutls_crypto_digest_st _gnutls_sha_x86_ssse3 = {
        .init = wrap_x86_hash_init,
        .hash = wrap_x86_hash_update,
        .output = wrap_x86_hash_output,
index 55994dce9e52a5153346effc8aff844ccbcaafb5..330421253892a39ed8c0ab8f355421bebefcf95d 100644 (file)
@@ -16,7 +16,7 @@ void x86_sha1_update(struct sha1_ctx *ctx, size_t length, const uint8_t * data);
 void x86_sha256_update(struct sha256_ctx *ctx, size_t length, const uint8_t * data);
 void x86_sha512_update(struct sha512_ctx *ctx, size_t length, const uint8_t * data);
 
-extern const gnutls_crypto_digest_st sha_x86_ssse3;
-extern const gnutls_crypto_mac_st hmac_sha_x86_ssse3;
+extern const gnutls_crypto_digest_st _gnutls_sha_x86_ssse3;
+extern const gnutls_crypto_mac_st _gnutls_hmac_sha_x86_ssse3;
 
 #endif
diff --git a/lib/accelerated/x86/x86-common.c b/lib/accelerated/x86/x86-common.c
new file mode 100644 (file)
index 0000000..4d556c8
--- /dev/null
@@ -0,0 +1,505 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using intel's AES instruction set. 
+ */
+
+#include <gnutls_errors.h>
+#include <gnutls_int.h>
+#include <gnutls/crypto.h>
+#include <gnutls_errors.h>
+#include <aes-x86.h>
+#include <sha-x86.h>
+#include <x86.h>
+#ifdef HAVE_LIBNETTLE
+# include <nettle/aes.h>               /* for key generation in 192 and 256 bits */
+# include <sha-padlock.h>
+#endif
+#include <aes-padlock.h>
+
+unsigned int _gnutls_x86_cpuid_s[4];
+
+static unsigned check_optimized_aes(void)
+{
+       return (_gnutls_x86_cpuid_s[2] & 0x2000000);
+}
+
+static unsigned check_ssse3(void)
+{
+       return (_gnutls_x86_cpuid_s[2] & 0x0000200);
+}
+
+#ifdef ASM_X86_64
+static unsigned check_pclmul(void)
+{
+       return (_gnutls_x86_cpuid_s[2] & 0x2);
+}
+#endif
+
+static int check_padlock(void)
+{
+       unsigned int edx = padlock_capability();
+
+       return ((edx & (0x3 << 6)) == (0x3 << 6));
+}
+
+static int check_phe(void)
+{
+       unsigned int edx = padlock_capability();
+
+       return ((edx & (0x3 << 10)) == (0x3 << 10));
+}
+
+/* We are actually checking for SHA512 */
+static int check_phe_sha512(void)
+{
+       unsigned int edx = padlock_capability();
+
+       return ((edx & (0x3 << 25)) == (0x3 << 25));
+}
+
+static int check_phe_partial(void)
+{
+       const char *text = "test and test";
+       uint32_t iv[5] = { 0x67452301UL, 0xEFCDAB89UL,
+               0x98BADCFEUL, 0x10325476UL, 0xC3D2E1F0UL
+       };
+
+       padlock_sha1_blocks(iv, text, sizeof(text) - 1);
+       padlock_sha1_blocks(iv, text, sizeof(text) - 1);
+
+       if (iv[0] == 0x9096E2D8UL && iv[1] == 0xA33074EEUL &&
+           iv[2] == 0xCDBEE447UL && iv[3] == 0xEC7979D2UL &&
+           iv[4] == 0x9D3FF5CFUL)
+               return 1;
+       else
+               return 0;
+}
+
+static unsigned check_via(void)
+{
+       unsigned int a, b, c, d;
+       gnutls_cpuid(0, &a, &b, &c, &d);
+
+       if ((memcmp(&b, "Cent", 4) == 0 &&
+            memcmp(&d, "aurH", 4) == 0 && memcmp(&c, "auls", 4) == 0)) {
+               return 1;
+       }
+
+       return 0;
+}
+
+static unsigned check_intel_or_amd(void)
+{
+       unsigned int a, b, c, d;
+       gnutls_cpuid(0, &a, &b, &c, &d);
+
+       if ((memcmp(&b, "Genu", 4) == 0 &&
+            memcmp(&d, "ineI", 4) == 0 &&
+            memcmp(&c, "ntel", 4) == 0) ||
+           (memcmp(&b, "Auth", 4) == 0 &&
+            memcmp(&d, "enti", 4) == 0 && memcmp(&c, "cAMD", 4) == 0)) {
+               return 1;
+       }
+
+       return 0;
+}
+
+static
+void register_x86_intel_crypto(void)
+{
+       int ret;
+
+       if (check_intel_or_amd() == 0)
+               return;
+
+       gnutls_cpuid(1, &_gnutls_x86_cpuid_s[0], &_gnutls_x86_cpuid_s[1], 
+               &_gnutls_x86_cpuid_s[2], &_gnutls_x86_cpuid_s[3]);
+       
+       if (check_ssse3()) {
+               _gnutls_debug_log("Intel SSSE3 was detected\n");
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_128_GCM, 90,
+                    &_gnutls_aes_gcm_x86_ssse3);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_256_GCM, 90,
+                    &_gnutls_aes_gcm_x86_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_192_CBC, 90, &_gnutls_aes_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+                                                        80,
+                                                        &_gnutls_sha_x86_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+                                                        80,
+                                                        &_gnutls_sha_x86_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+                                                        80,
+                                                        &_gnutls_sha_x86_ssse3);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA1,
+                                                        80,
+                                                        &_gnutls_hmac_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA224,
+                                                        80,
+                                                        &_gnutls_hmac_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA256,
+                                                        80,
+                                                        &_gnutls_hmac_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+
+#ifdef ENABLE_SHA512
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
+                                                        80,
+                                                        &_gnutls_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
+                                                        80,
+                                                        &_gnutls_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA384,
+                                                        80,
+                                                        &_gnutls_hmac_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_DIG_SHA512,
+                                                        80,
+                                                        &_gnutls_hmac_sha_x86_ssse3);
+               if (ret < 0)
+                       gnutls_assert();
+#endif
+       }
+
+       if (check_optimized_aes()) {
+               _gnutls_debug_log("Intel AES accelerator was detected\n");
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aesni_x86);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aesni_x86);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aesni_x86);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+#ifdef ASM_X86_64
+               if (check_pclmul()) {
+                       /* register GCM ciphers */
+                       _gnutls_debug_log
+                           ("Intel GCM accelerator was detected\n");
+                       ret =
+                           gnutls_crypto_single_cipher_register
+                           (GNUTLS_CIPHER_AES_128_GCM, 80,
+                            &_gnutls_aes_gcm_pclmul);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+                       ret =
+                           gnutls_crypto_single_cipher_register
+                           (GNUTLS_CIPHER_AES_256_GCM, 80,
+                            &_gnutls_aes_gcm_pclmul);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+               } else {
+                       ret =
+                           gnutls_crypto_single_cipher_register
+                           (GNUTLS_CIPHER_AES_128_GCM, 80,
+                            &_gnutls_aes_gcm_x86_aesni);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+                       ret =
+                           gnutls_crypto_single_cipher_register
+                           (GNUTLS_CIPHER_AES_256_GCM, 80,
+                            &_gnutls_aes_gcm_x86_aesni);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+
+               }
+#endif
+       }
+
+       /* convert _gnutls_x86_cpuid_s the way openssl asm expects it */
+       _gnutls_x86_cpuid_s[1] = _gnutls_x86_cpuid_s[2];
+
+       return;
+}
+
+static
+void register_x86_padlock_crypto(void)
+{
+       int ret, phe;
+
+       if (check_via() == 0)
+               return;
+       if (check_padlock()) {
+               _gnutls_debug_log
+                   ("Padlock AES accelerator was detected\n");
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aes_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               /* register GCM ciphers */
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_128_GCM, 80,
+                    &_gnutls_aes_gcm_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+#ifdef HAVE_LIBNETTLE
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aes_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aes_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_cipher_register
+                   (GNUTLS_CIPHER_AES_256_GCM, 80,
+                    &_gnutls_aes_gcm_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+#endif
+       }
+#ifdef HAVE_LIBNETTLE
+       phe = check_phe();
+
+       if (phe && check_phe_partial()) {
+               _gnutls_debug_log
+                   ("Padlock SHA1 and SHA256 (partial) accelerator was detected\n");
+               if (check_phe_sha512()) {
+                       _gnutls_debug_log
+                           ("Padlock SHA512 (partial) accelerator was detected\n");
+                       ret =
+                           gnutls_crypto_single_digest_register
+                           (GNUTLS_DIG_SHA384, 80,
+                            &_gnutls_sha_padlock_nano);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+                       ret =
+                           gnutls_crypto_single_digest_register
+                           (GNUTLS_DIG_SHA512, 80,
+                            &_gnutls_sha_padlock_nano);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+                       ret =
+                           gnutls_crypto_single_mac_register
+                           (GNUTLS_MAC_SHA384, 80,
+                            &_gnutls_hmac_sha_padlock_nano);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+
+                       ret =
+                           gnutls_crypto_single_mac_register
+                           (GNUTLS_MAC_SHA512, 80,
+                            &_gnutls_hmac_sha_padlock_nano);
+                       if (ret < 0) {
+                               gnutls_assert();
+                       }
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+                                                        80,
+                                                        &_gnutls_sha_padlock_nano);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
+                                                        80,
+                                                        &_gnutls_sha_padlock_nano);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+                                                        80,
+                                                        &_gnutls_sha_padlock_nano);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+                                                     80,
+                                                     &_gnutls_hmac_sha_padlock_nano);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               /* we don't register MAC_SHA224 because it is not used by TLS */
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+                                                     80,
+                                                     &_gnutls_hmac_sha_padlock_nano);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+       } else if (phe) {
+               /* Original padlock PHE. Does not support incremental operations.
+                */
+               _gnutls_debug_log
+                   ("Padlock SHA1 and SHA256 accelerator was detected\n");
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
+                                                        80,
+                                                        &_gnutls_sha_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
+                                                        80,
+                                                        &_gnutls_sha_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
+                                                     80,
+                                                     &_gnutls_hmac_sha_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+
+               ret =
+                   gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
+                                                     80,
+                                                     &_gnutls_hmac_sha_padlock);
+               if (ret < 0) {
+                       gnutls_assert();
+               }
+       }
+#endif
+
+       return;
+}
+
+void register_x86_crypto(void)
+{
+       register_x86_intel_crypto();
+       register_x86_padlock_crypto();
+}
+