summaryrefslogtreecommitdiffstats
path: root/src/plugins/crypto_native/aes_gcm.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/crypto_native/aes_gcm.c')
-rw-r--r--src/plugins/crypto_native/aes_gcm.c271
1 files changed, 134 insertions, 137 deletions
diff --git a/src/plugins/crypto_native/aes_gcm.c b/src/plugins/crypto_native/aes_gcm.c
index d0f57da1e09..8bd5d29a1ad 100644
--- a/src/plugins/crypto_native/aes_gcm.c
+++ b/src/plugins/crypto_native/aes_gcm.c
@@ -35,7 +35,7 @@ typedef struct
} aes_gcm_key_data_t;
static_always_inline void
-aesni_gcm_load (u8x16 * d, u8x16u * inv, int n, int n_bytes)
+aes_gcm_load (u8x16 * d, u8x16u * inv, int n, int n_bytes)
{
for (int i = 0; i < n - 1; i++)
d[i] = inv[i];
@@ -43,7 +43,7 @@ aesni_gcm_load (u8x16 * d, u8x16u * inv, int n, int n_bytes)
}
static_always_inline void
-aesni_gcm_store (u8x16 * d, u8x16u * outv, int n, int n_bytes)
+aes_gcm_store (u8x16 * d, u8x16u * outv, int n, int n_bytes)
{
for (int i = 0; i < n - 1; i++)
outv[i] = d[i];
@@ -54,8 +54,8 @@ aesni_gcm_store (u8x16 * d, u8x16u * outv, int n, int n_bytes)
}
static_always_inline void
-aesni_gcm_enc_first_round (u8x16 * r, u32x4 * Y, u32 * ctr, u8x16 k,
- int n_blocks)
+aes_gcm_enc_first_round (u8x16 * r, u32x4 * Y, u32 * ctr, u8x16 k,
+ int n_blocks)
{
static const u32x4 last_byte_one = { 0, 0, 0, 1 << 24 };
@@ -79,28 +79,28 @@ aesni_gcm_enc_first_round (u8x16 * r, u32x4 * Y, u32 * ctr, u8x16 k,
}
static_always_inline void
-aesni_gcm_enc_round (u8x16 * r, u8x16 k, int n_blocks)
+aes_gcm_enc_round (u8x16 * r, u8x16 k, int n_blocks)
{
for (int i = 0; i < n_blocks; i++)
r[i] = aes_enc_round (r[i], k);
}
static_always_inline void
-aesni_gcm_enc_last_round (u8x16 * r, u8x16 * d, u8x16 const *k,
- int rounds, int n_blocks)
+aes_gcm_enc_last_round (u8x16 * r, u8x16 * d, u8x16 const *k,
+ int rounds, int n_blocks)
{
/* additional ronuds for AES-192 and AES-256 */
for (int i = 10; i < rounds; i++)
- aesni_gcm_enc_round (r, k[i], n_blocks);
+ aes_gcm_enc_round (r, k[i], n_blocks);
for (int i = 0; i < n_blocks; i++)
d[i] ^= aes_enc_last_round (r[i], k[rounds]);
}
static_always_inline u8x16
-aesni_gcm_ghash_blocks (u8x16 T, aes_gcm_key_data_t * kd,
- u8x16u * in, int n_blocks)
+aes_gcm_ghash_blocks (u8x16 T, aes_gcm_key_data_t * kd,
+ u8x16u * in, int n_blocks)
{
ghash_data_t _gd, *gd = &_gd;
const u8x16 *Hi = kd->Hi + n_blocks - 1;
@@ -113,33 +113,33 @@ aesni_gcm_ghash_blocks (u8x16 T, aes_gcm_key_data_t * kd,
}
static_always_inline u8x16
-aesni_gcm_ghash (u8x16 T, aes_gcm_key_data_t * kd, u8x16u * in, u32 n_left)
+aes_gcm_ghash (u8x16 T, aes_gcm_key_data_t * kd, u8x16u * in, u32 n_left)
{
while (n_left >= 128)
{
- T = aesni_gcm_ghash_blocks (T, kd, in, 8);
+ T = aes_gcm_ghash_blocks (T, kd, in, 8);
n_left -= 128;
in += 8;
}
if (n_left >= 64)
{
- T = aesni_gcm_ghash_blocks (T, kd, in, 4);
+ T = aes_gcm_ghash_blocks (T, kd, in, 4);
n_left -= 64;
in += 4;
}
if (n_left >= 32)
{
- T = aesni_gcm_ghash_blocks (T, kd, in, 2);
+ T = aes_gcm_ghash_blocks (T, kd, in, 2);
n_left -= 32;
in += 2;
}
if (n_left >= 16)
{
- T = aesni_gcm_ghash_blocks (T, kd, in, 1);
+ T = aes_gcm_ghash_blocks (T, kd, in, 1);
n_left -= 16;
in += 1;
}
@@ -153,10 +153,10 @@ aesni_gcm_ghash (u8x16 T, aes_gcm_key_data_t * kd, u8x16u * in, u32 n_left)
}
static_always_inline u8x16
-aesni_gcm_calc (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
- u32x4 * Y, u32 * ctr, u8x16u * inv, u8x16u * outv,
- int rounds, int n, int last_block_bytes, int with_ghash,
- int is_encrypt)
+aes_gcm_calc (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
+ u32x4 * Y, u32 * ctr, u8x16u * inv, u8x16u * outv,
+ int rounds, int n, int last_block_bytes, int with_ghash,
+ int is_encrypt)
{
u8x16 r[n];
ghash_data_t _gd = { }, *gd = &_gd;
@@ -166,44 +166,44 @@ aesni_gcm_calc (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
clib_prefetch_load (inv + 4);
/* AES rounds 0 and 1 */
- aesni_gcm_enc_first_round (r, Y, ctr, rk[0], n);
- aesni_gcm_enc_round (r, rk[1], n);
+ aes_gcm_enc_first_round (r, Y, ctr, rk[0], n);
+ aes_gcm_enc_round (r, rk[1], n);
/* load data - decrypt round */
if (is_encrypt == 0)
- aesni_gcm_load (d, inv, n, last_block_bytes);
+ aes_gcm_load (d, inv, n, last_block_bytes);
/* GHASH multiply block 1 */
if (with_ghash)
ghash_mul_first (gd, u8x16_reflect (d[didx++]) ^ T, kd->Hi[--hidx]);
/* AES rounds 2 and 3 */
- aesni_gcm_enc_round (r, rk[2], n);
- aesni_gcm_enc_round (r, rk[3], n);
+ aes_gcm_enc_round (r, rk[2], n);
+ aes_gcm_enc_round (r, rk[3], n);
/* GHASH multiply block 2 */
if (with_ghash && hidx)
ghash_mul_next (gd, u8x16_reflect (d[didx++]), kd->Hi[--hidx]);
/* AES rounds 4 and 5 */
- aesni_gcm_enc_round (r, rk[4], n);
- aesni_gcm_enc_round (r, rk[5], n);
+ aes_gcm_enc_round (r, rk[4], n);
+ aes_gcm_enc_round (r, rk[5], n);
/* GHASH multiply block 3 */
if (with_ghash && hidx)
ghash_mul_next (gd, u8x16_reflect (d[didx++]), kd->Hi[--hidx]);
/* AES rounds 6 and 7 */
- aesni_gcm_enc_round (r, rk[6], n);
- aesni_gcm_enc_round (r, rk[7], n);
+ aes_gcm_enc_round (r, rk[6], n);
+ aes_gcm_enc_round (r, rk[7], n);
/* GHASH multiply block 4 */
if (with_ghash && hidx)
ghash_mul_next (gd, u8x16_reflect (d[didx++]), kd->Hi[--hidx]);
/* AES rounds 8 and 9 */
- aesni_gcm_enc_round (r, rk[8], n);
- aesni_gcm_enc_round (r, rk[9], n);
+ aes_gcm_enc_round (r, rk[8], n);
+ aes_gcm_enc_round (r, rk[9], n);
/* GHASH reduce 1st step */
if (with_ghash)
@@ -211,17 +211,17 @@ aesni_gcm_calc (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
/* load data - encrypt round */
if (is_encrypt)
- aesni_gcm_load (d, inv, n, last_block_bytes);
+ aes_gcm_load (d, inv, n, last_block_bytes);
/* GHASH reduce 2nd step */
if (with_ghash)
ghash_reduce2 (gd);
/* AES last round(s) */
- aesni_gcm_enc_last_round (r, d, rk, rounds, n);
+ aes_gcm_enc_last_round (r, d, rk, rounds, n);
/* store data */
- aesni_gcm_store (d, outv, n, last_block_bytes);
+ aes_gcm_store (d, outv, n, last_block_bytes);
/* GHASH final step */
if (with_ghash)
@@ -231,119 +231,119 @@ aesni_gcm_calc (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
}
static_always_inline u8x16
-aesni_gcm_calc_double (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
- u32x4 * Y, u32 * ctr, u8x16u * inv, u8x16u * outv,
- int rounds, int is_encrypt)
+aes_gcm_calc_double (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
+ u32x4 * Y, u32 * ctr, u8x16u * inv, u8x16u * outv,
+ int rounds, int is_encrypt)
{
u8x16 r[4];
ghash_data_t _gd, *gd = &_gd;
const u8x16 *rk = (u8x16 *) kd->Ke;
/* AES rounds 0 and 1 */
- aesni_gcm_enc_first_round (r, Y, ctr, rk[0], 4);
- aesni_gcm_enc_round (r, rk[1], 4);
+ aes_gcm_enc_first_round (r, Y, ctr, rk[0], 4);
+ aes_gcm_enc_round (r, rk[1], 4);
/* load 4 blocks of data - decrypt round */
if (is_encrypt == 0)
- aesni_gcm_load (d, inv, 4, 0);
+ aes_gcm_load (d, inv, 4, 0);
/* GHASH multiply block 0 */
ghash_mul_first (gd, u8x16_reflect (d[0]) ^ T, kd->Hi[7]);
/* AES rounds 2 and 3 */
- aesni_gcm_enc_round (r, rk[2], 4);
- aesni_gcm_enc_round (r, rk[3], 4);
+ aes_gcm_enc_round (r, rk[2], 4);
+ aes_gcm_enc_round (r, rk[3], 4);
/* GHASH multiply block 1 */
ghash_mul_next (gd, u8x16_reflect (d[1]), kd->Hi[6]);
/* AES rounds 4 and 5 */
- aesni_gcm_enc_round (r, rk[4], 4);
- aesni_gcm_enc_round (r, rk[5], 4);
+ aes_gcm_enc_round (r, rk[4], 4);
+ aes_gcm_enc_round (r, rk[5], 4);
/* GHASH multiply block 2 */
ghash_mul_next (gd, u8x16_reflect (d[2]), kd->Hi[5]);
/* AES rounds 6 and 7 */
- aesni_gcm_enc_round (r, rk[6], 4);
- aesni_gcm_enc_round (r, rk[7], 4);
+ aes_gcm_enc_round (r, rk[6], 4);
+ aes_gcm_enc_round (r, rk[7], 4);
/* GHASH multiply block 3 */
ghash_mul_next (gd, u8x16_reflect (d[3]), kd->Hi[4]);
/* AES rounds 8 and 9 */
- aesni_gcm_enc_round (r, rk[8], 4);
- aesni_gcm_enc_round (r, rk[9], 4);
+ aes_gcm_enc_round (r, rk[8], 4);
+ aes_gcm_enc_round (r, rk[9], 4);
/* load 4 blocks of data - encrypt round */
if (is_encrypt)
- aesni_gcm_load (d, inv, 4, 0);
+ aes_gcm_load (d, inv, 4, 0);
/* AES last round(s) */
- aesni_gcm_enc_last_round (r, d, rk, rounds, 4);
+ aes_gcm_enc_last_round (r, d, rk, rounds, 4);
/* store 4 blocks of data */
- aesni_gcm_store (d, outv, 4, 0);
+ aes_gcm_store (d, outv, 4, 0);
/* load next 4 blocks of data data - decrypt round */
if (is_encrypt == 0)
- aesni_gcm_load (d, inv + 4, 4, 0);
+ aes_gcm_load (d, inv + 4, 4, 0);
/* GHASH multiply block 4 */
ghash_mul_next (gd, u8x16_reflect (d[0]), kd->Hi[3]);
/* AES rounds 0, 1 and 2 */
- aesni_gcm_enc_first_round (r, Y, ctr, rk[0], 4);
- aesni_gcm_enc_round (r, rk[1], 4);
- aesni_gcm_enc_round (r, rk[2], 4);
+ aes_gcm_enc_first_round (r, Y, ctr, rk[0], 4);
+ aes_gcm_enc_round (r, rk[1], 4);
+ aes_gcm_enc_round (r, rk[2], 4);
/* GHASH multiply block 5 */
ghash_mul_next (gd, u8x16_reflect (d[1]), kd->Hi[2]);
/* AES rounds 3 and 4 */
- aesni_gcm_enc_round (r, rk[3], 4);
- aesni_gcm_enc_round (r, rk[4], 4);
+ aes_gcm_enc_round (r, rk[3], 4);
+ aes_gcm_enc_round (r, rk[4], 4);
/* GHASH multiply block 6 */
ghash_mul_next (gd, u8x16_reflect (d[2]), kd->Hi[1]);
/* AES rounds 5 and 6 */
- aesni_gcm_enc_round (r, rk[5], 4);
- aesni_gcm_enc_round (r, rk[6], 4);
+ aes_gcm_enc_round (r, rk[5], 4);
+ aes_gcm_enc_round (r, rk[6], 4);
/* GHASH multiply block 7 */
ghash_mul_next (gd, u8x16_reflect (d[3]), kd->Hi[0]);
/* AES rounds 7 and 8 */
- aesni_gcm_enc_round (r, rk[7], 4);
- aesni_gcm_enc_round (r, rk[8], 4);
+ aes_gcm_enc_round (r, rk[7], 4);
+ aes_gcm_enc_round (r, rk[8], 4);
/* GHASH reduce 1st step */
ghash_reduce (gd);
/* AES round 9 */
- aesni_gcm_enc_round (r, rk[9], 4);
+ aes_gcm_enc_round (r, rk[9], 4);
/* load data - encrypt round */
if (is_encrypt)
- aesni_gcm_load (d, inv + 4, 4, 0);
+ aes_gcm_load (d, inv + 4, 4, 0);
/* GHASH reduce 2nd step */
ghash_reduce2 (gd);
/* AES last round(s) */
- aesni_gcm_enc_last_round (r, d, rk, rounds, 4);
+ aes_gcm_enc_last_round (r, d, rk, rounds, 4);
/* store data */
- aesni_gcm_store (d, outv + 4, 4, 0);
+ aes_gcm_store (d, outv + 4, 4, 0);
/* GHASH final step */
return ghash_final (gd);
}
static_always_inline u8x16
-aesni_gcm_ghash_last (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
- int n_blocks, int n_bytes)
+aes_gcm_ghash_last (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
+ int n_blocks, int n_bytes)
{
ghash_data_t _gd, *gd = &_gd;
@@ -364,8 +364,8 @@ aesni_gcm_ghash_last (u8x16 T, aes_gcm_key_data_t * kd, u8x16 * d,
static_always_inline u8x16
-aesni_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
- u8x16u * outv, u32 n_left, int rounds)
+aes_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
+ u8x16u * outv, u32 n_left, int rounds)
{
u8x16 d[4];
u32 ctr = 1;
@@ -378,35 +378,35 @@ aesni_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
if (n_left > 48)
{
n_left &= 0x0f;
- aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, n_left,
- /* with_ghash */ 0, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 4, n_left);
+ aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, n_left,
+ /* with_ghash */ 0, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 4, n_left);
}
else if (n_left > 32)
{
n_left &= 0x0f;
- aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3, n_left,
- /* with_ghash */ 0, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 3, n_left);
+ aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3, n_left,
+ /* with_ghash */ 0, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 3, n_left);
}
else if (n_left > 16)
{
n_left &= 0x0f;
- aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2, n_left,
- /* with_ghash */ 0, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 2, n_left);
+ aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2, n_left,
+ /* with_ghash */ 0, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 2, n_left);
}
else
{
n_left &= 0x0f;
- aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
- /* with_ghash */ 0, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 1, n_left);
+ aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
+ /* with_ghash */ 0, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 1, n_left);
}
}
- aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0,
- /* with_ghash */ 0, /* is_encrypt */ 1);
+ aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0,
+ /* with_ghash */ 0, /* is_encrypt */ 1);
/* next */
n_left -= 64;
@@ -415,8 +415,8 @@ aesni_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
while (n_left >= 128)
{
- T = aesni_gcm_calc_double (T, kd, d, &Y, &ctr, inv, outv, rounds,
- /* is_encrypt */ 1);
+ T = aes_gcm_calc_double (T, kd, d, &Y, &ctr, inv, outv, rounds,
+ /* is_encrypt */ 1);
/* next */
n_left -= 128;
@@ -426,8 +426,8 @@ aesni_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
if (n_left >= 64)
{
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0,
- /* with_ghash */ 1, /* is_encrypt */ 1);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0,
+ /* with_ghash */ 1, /* is_encrypt */ 1);
/* next */
n_left -= 64;
@@ -436,49 +436,49 @@ aesni_gcm_enc (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
}
if (n_left == 0)
- return aesni_gcm_ghash_last (T, kd, d, 4, 0);
+ return aes_gcm_ghash_last (T, kd, d, 4, 0);
if (n_left > 48)
{
n_left &= 0x0f;
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, n_left,
- /* with_ghash */ 1, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 4, n_left);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, n_left,
+ /* with_ghash */ 1, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 4, n_left);
}
if (n_left > 32)
{
n_left &= 0x0f;
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3, n_left,
- /* with_ghash */ 1, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 3, n_left);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3, n_left,
+ /* with_ghash */ 1, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 3, n_left);
}
if (n_left > 16)
{
n_left &= 0x0f;
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2, n_left,
- /* with_ghash */ 1, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 2, n_left);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2, n_left,
+ /* with_ghash */ 1, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 2, n_left);
}
n_left &= 0x0f;
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
- /* with_ghash */ 1, /* is_encrypt */ 1);
- return aesni_gcm_ghash_last (T, kd, d, 1, n_left);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
+ /* with_ghash */ 1, /* is_encrypt */ 1);
+ return aes_gcm_ghash_last (T, kd, d, 1, n_left);
}
static_always_inline u8x16
-aesni_gcm_dec (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
- u8x16u * outv, u32 n_left, int rounds)
+aes_gcm_dec (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
+ u8x16u * outv, u32 n_left, int rounds)
{
u8x16 d[8];
u32 ctr = 1;
while (n_left >= 128)
{
- T = aesni_gcm_calc_double (T, kd, d, &Y, &ctr, inv, outv, rounds,
- /* is_encrypt */ 0);
+ T = aes_gcm_calc_double (T, kd, d, &Y, &ctr, inv, outv, rounds,
+ /* is_encrypt */ 0);
/* next */
n_left -= 128;
@@ -488,7 +488,7 @@ aesni_gcm_dec (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
if (n_left >= 64)
{
- T = aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0, 1, 0);
+ T = aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4, 0, 1, 0);
/* next */
n_left -= 64;
@@ -500,22 +500,19 @@ aesni_gcm_dec (u8x16 T, aes_gcm_key_data_t * kd, u32x4 Y, u8x16u * inv,
return T;
if (n_left > 48)
- return aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4,
- n_left - 48,
- /* with_ghash */ 1, /* is_encrypt */ 0);
+ return aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 4,
+ n_left - 48, /* with_ghash */ 1, /* is_encrypt */ 0);
if (n_left > 32)
- return aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3,
- n_left - 32,
- /* with_ghash */ 1, /* is_encrypt */ 0);
+ return aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 3,
+ n_left - 32, /* with_ghash */ 1, /* is_encrypt */ 0);
if (n_left > 16)
- return aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2,
- n_left - 16,
- /* with_ghash */ 1, /* is_encrypt */ 0);
+ return aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 2,
+ n_left - 16, /* with_ghash */ 1, /* is_encrypt */ 0);
- return aesni_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
- /* with_ghash */ 1, /* is_encrypt */ 0);
+ return aes_gcm_calc (T, kd, d, &Y, &ctr, inv, outv, rounds, 1, n_left,
+ /* with_ghash */ 1, /* is_encrypt */ 0);
}
static_always_inline int
@@ -534,11 +531,11 @@ aes_gcm (u8x16u * in, u8x16u * out, u8x16u * addt, u8x16u * iv, u8x16u * tag,
/* calculate ghash for AAD - optimized for ipsec common cases */
if (aad_bytes == 8)
- T = aesni_gcm_ghash (T, kd, addt, 8);
+ T = aes_gcm_ghash (T, kd, addt, 8);
else if (aad_bytes == 12)
- T = aesni_gcm_ghash (T, kd, addt, 12);
+ T = aes_gcm_ghash (T, kd, addt, 12);
else
- T = aesni_gcm_ghash (T, kd, addt, aad_bytes);
+ T = aes_gcm_ghash (T, kd, addt, aad_bytes);
/* initalize counter */
Y0 = (u32x4) aes_load_partial (iv, 12);
@@ -546,9 +543,9 @@ aes_gcm (u8x16u * in, u8x16u * out, u8x16u * addt, u8x16u * iv, u8x16u * tag,
/* ghash and encrypt/edcrypt */
if (is_encrypt)
- T = aesni_gcm_enc (T, kd, Y0, in, out, data_bytes, aes_rounds);
+ T = aes_gcm_enc (T, kd, Y0, in, out, data_bytes, aes_rounds);
else
- T = aesni_gcm_dec (T, kd, Y0, in, out, data_bytes, aes_rounds);
+ T = aes_gcm_dec (T, kd, Y0, in, out, data_bytes, aes_rounds);
clib_prefetch_load (tag);
@@ -594,8 +591,8 @@ aes_gcm (u8x16u * in, u8x16u * out, u8x16u * addt, u8x16u * iv, u8x16u * tag,
}
static_always_inline u32
-aesni_ops_enc_aes_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[],
- u32 n_ops, aes_key_size_t ks)
+aes_ops_enc_aes_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[],
+ u32 n_ops, aes_key_size_t ks)
{
crypto_native_main_t *cm = &crypto_native_main;
vnet_crypto_op_t *op = ops[0];
@@ -620,8 +617,8 @@ next:
}
static_always_inline u32
-aesni_ops_dec_aes_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[],
- u32 n_ops, aes_key_size_t ks)
+aes_ops_dec_aes_gcm (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
+ aes_key_size_t ks)
{
crypto_native_main_t *cm = &crypto_native_main;
vnet_crypto_op_t *op = ops[0];
@@ -656,7 +653,7 @@ next:
}
static_always_inline void *
-aesni_gcm_key_exp (vnet_crypto_key_t * key, aes_key_size_t ks)
+aes_gcm_key_exp (vnet_crypto_key_t * key, aes_key_size_t ks)
{
aes_gcm_key_data_t *kd;
u8x16 H;
@@ -673,19 +670,19 @@ aesni_gcm_key_exp (vnet_crypto_key_t * key, aes_key_size_t ks)
return kd;
}
-#define foreach_aesni_gcm_handler_type _(128) _(192) _(256)
+#define foreach_aes_gcm_handler_type _(128) _(192) _(256)
#define _(x) \
-static u32 aesni_ops_dec_aes_gcm_##x \
+static u32 aes_ops_dec_aes_gcm_##x \
(vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops) \
-{ return aesni_ops_dec_aes_gcm (vm, ops, n_ops, AES_KEY_##x); } \
-static u32 aesni_ops_enc_aes_gcm_##x \
+{ return aes_ops_dec_aes_gcm (vm, ops, n_ops, AES_KEY_##x); } \
+static u32 aes_ops_enc_aes_gcm_##x \
(vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops) \
-{ return aesni_ops_enc_aes_gcm (vm, ops, n_ops, AES_KEY_##x); } \
-static void * aesni_gcm_key_exp_##x (vnet_crypto_key_t *key) \
-{ return aesni_gcm_key_exp (key, AES_KEY_##x); }
+{ return aes_ops_enc_aes_gcm (vm, ops, n_ops, AES_KEY_##x); } \
+static void * aes_gcm_key_exp_##x (vnet_crypto_key_t *key) \
+{ return aes_gcm_key_exp (key, AES_KEY_##x); }
-foreach_aesni_gcm_handler_type;
+foreach_aes_gcm_handler_type;
#undef _
clib_error_t *
@@ -706,12 +703,12 @@ crypto_native_aes_gcm_init_sse42 (vlib_main_t * vm)
#define _(x) \
vnet_crypto_register_ops_handler (vm, cm->crypto_engine_index, \
VNET_CRYPTO_OP_AES_##x##_GCM_ENC, \
- aesni_ops_enc_aes_gcm_##x); \
+ aes_ops_enc_aes_gcm_##x); \
vnet_crypto_register_ops_handler (vm, cm->crypto_engine_index, \
VNET_CRYPTO_OP_AES_##x##_GCM_DEC, \
- aesni_ops_dec_aes_gcm_##x); \
- cm->key_fn[VNET_CRYPTO_ALG_AES_##x##_GCM] = aesni_gcm_key_exp_##x;
- foreach_aesni_gcm_handler_type;
+ aes_ops_dec_aes_gcm_##x); \
+ cm->key_fn[VNET_CRYPTO_ALG_AES_##x##_GCM] = aes_gcm_key_exp_##x;
+ foreach_aes_gcm_handler_type;
#undef _
return 0;
}