Skip to content

Commit

Permalink
Merge pull request #7569 from SparkiDev/riscv_aes_asm
Browse files Browse the repository at this point in the history
AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM
  • Loading branch information
dgarske authored Jun 6, 2024
2 parents 7ce9ebd + acd604d commit b69482f
Show file tree
Hide file tree
Showing 8 changed files with 9,788 additions and 71 deletions.
74 changes: 73 additions & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -2866,6 +2866,76 @@ if test "$ENABLED_ARMASM_INLINE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_INLINE"
fi

# RISC-V Assembly
AC_ARG_ENABLE([riscv-asm],
[AS_HELP_STRING([--enable-riscv-asm],[Enable wolfSSL RISC-V ASM support (default: disabled).])],
[ ENABLED_RISCV_ASM=$enableval ],
[ ENABLED_RISCV_ASM=no ]
)
if test "$ENABLED_RISCV_ASM" != "no" && test "$ENABLED_ASM" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_ASM"
ENABLED_AESGCM_STREAM=no # not yet implemented
AC_MSG_NOTICE([64bit RISC-V assembly for AES])
fi

ENABLED_RISCV_ASM_OPTS=$ENABLED_RISCV_ASM
for v in `echo $ENABLED_RISCV_ASM_OPTS | tr "," " "`
do
case $v in
yes)
;;
no)
;;
zbkb)
# PACK, REV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BIT_MANIPULATION"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BASE_BIT_MANIPULATION"
;;
zbb)
# REV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BASE_BIT_MANIPULATION"
;;
zbc|zbkc)
# CLMUL, CLMULH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_CARRYLESS"
;;
zkn|zkned)
# AES encrypt/decrpyt
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_SCALAR_CRYPTO_ASM"
;;
zvkg)
# VGMUL, VHHSH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_GCM"
;;
zvbc)
# VCLMUL, VCLMULH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_CARRYLESS"
;;
zvbb|zvkb)
# VBREV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_BASE_BIT_MANIPULATION"
;;
zvkned)
# Vector AES
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_CRYPTO_ASM"
;;
*)
AC_MSG_ERROR([Invalid RISC-V option [yes,zbkb,zbb,zbc,zbkc,zkn,zkned,zvkg,zvbc,zvbb,zvkb,zvkned]: $ENABLED_RISCV_ASM.])
break
;;
esac
done


# Xilinx hardened crypto
AC_ARG_ENABLE([xilinx],
[AS_HELP_STRING([--enable-xilinx],[Enable wolfSSL support for Xilinx hardened crypto(default: disabled)])],
Expand Down Expand Up @@ -8388,7 +8458,7 @@ if test "$ENABLED_LINUXKM_LKCAPI_REGISTER" != "none"
then
AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER"
if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_FIPS" = "no"; then
if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_RISCV_ASM" = "no" && test "$ENABLED_FIPS" = "no"; then
ENABLED_AESGCM_STREAM=yes
fi
Expand Down Expand Up @@ -9389,6 +9459,7 @@ AM_CONDITIONAL([BUILD_ARMASM],[test "x$ENABLED_ARMASM" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_INLINE],[test "x$ENABLED_ARMASM_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_CRYPTO],[test "x$ENABLED_ARMASM_CRYPTO" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_NEON],[test "x$ENABLED_ARMASM_NEON" = "xyes"])
AM_CONDITIONAL([BUILD_RISCV_ASM],[test "x$ENABLED_RISCV_ASM" = "xyes"])
AM_CONDITIONAL([BUILD_XILINX],[test "x$ENABLED_XILINX" = "xyes"])
AM_CONDITIONAL([BUILD_AESNI],[test "x$ENABLED_AESNI" = "xyes"])
AM_CONDITIONAL([BUILD_INTELASM],[test "x$ENABLED_INTELASM" = "xyes"])
Expand Down Expand Up @@ -10024,6 +10095,7 @@ fi
echo " * ARM ASM: $ENABLED_ARMASM"
echo " * ARM ASM SHA512/SHA3 Crypto $ENABLED_ARMASM_SHA3"
echo " * ARM ASM SM3/SM4 Crypto $ENABLED_ARMASM_CRYPTO_SM4"
echo " * RISC-V ASM $ENABLED_RISCV_ASM"
echo " * Write duplicate: $ENABLED_WRITEDUP"
echo " * Xilinx Hardware Acc.: $ENABLED_XILINX"
echo " * Inline Code: $ENABLED_INLINE"
Expand Down
11 changes: 10 additions & 1 deletion src/include.am
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,6 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON
endif BUILD_AES

if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
Expand All @@ -194,6 +193,11 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
endif
endif

if BUILD_RISCV_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-aes.c
endif BUILD_RISCV_ASM
endif BUILD_AES

if BUILD_SHA
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
endif
Expand Down Expand Up @@ -672,9 +676,14 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON

if BUILD_AFALG
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
endif BUILD_AFALG

if BUILD_RISCV_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-aes.c
endif BUILD_RISCV_ASM
endif BUILD_AES
endif !BUILD_FIPS_CURRENT

Expand Down
17 changes: 13 additions & 4 deletions wolfcrypt/benchmark/benchmark.c
Original file line number Diff line number Diff line change
Expand Up @@ -1972,6 +1972,9 @@ static word32 bench_size = BENCH_SIZE;
static int base2 = 1;
static int digest_stream = 1;
static int encrypt_only = 0;
#ifdef HAVE_AES_CBC
static int cipher_same_buffer = 0;
#endif

#ifdef MULTI_VALUE_STATISTICS
static int minimum_runs = 0;
Expand Down Expand Up @@ -4138,6 +4141,8 @@ static void bench_aescbc_internal(int useDeviceID,
const byte* iv, const char* encLabel,
const char* decLabel)
{
const byte* in = bench_cipher;
byte* out = bench_plain;
int ret = 0, i, count = 0, times, pending = 0;
WC_DECLARE_ARRAY(enc, Aes, BENCH_MAX_PENDING,
sizeof(Aes), HEAP_HINT);
Expand All @@ -4162,6 +4167,10 @@ static void bench_aescbc_internal(int useDeviceID,
}
}

if (cipher_same_buffer) {
in = bench_plain;
}

bench_stats_start(&count, &start);
do {
for (times = 0; times < numBlocks || pending > 0; ) {
Expand All @@ -4171,8 +4180,7 @@ static void bench_aescbc_internal(int useDeviceID,
for (i = 0; i < BENCH_MAX_PENDING; i++) {
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(enc[i]), 0,
&times, numBlocks, &pending)) {
ret = wc_AesCbcEncrypt(enc[i], bench_plain, bench_cipher,
bench_size);
ret = wc_AesCbcEncrypt(enc[i], out, in, bench_size);

if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(enc[i]),
0, &times, &pending)) {
Expand Down Expand Up @@ -4221,8 +4229,7 @@ static void bench_aescbc_internal(int useDeviceID,
for (i = 0; i < BENCH_MAX_PENDING; i++) {
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(enc[i]), 0,
&times, numBlocks, &pending)) {
ret = wc_AesCbcDecrypt(enc[i], bench_cipher, bench_plain,
bench_size);
ret = wc_AesCbcDecrypt(enc[i], out, in, bench_size);

if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(enc[i]),
0, &times, &pending)) {
Expand Down Expand Up @@ -4860,6 +4867,8 @@ static void bench_aesecb_internal(int useDeviceID,

#endif /* HAVE_AES_DECRYPT */

(void)decLabel;

exit:

if (WC_ARRAY_OK(enc)) {
Expand Down
27 changes: 25 additions & 2 deletions wolfcrypt/src/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfcrypt/src/misc.c>
#endif

#ifndef WOLFSSL_ARMASM
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_RISCV_ASM)

#ifdef WOLFSSL_IMX6_CAAM_BLOB
/* case of possibly not using hardware acceleration for AES but using key
Expand Down Expand Up @@ -967,6 +967,9 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
/* implemented in wolfcrypt/src/port/psa/psa_aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#else

/* using wolfCrypt software implementation */
Expand Down Expand Up @@ -4317,6 +4320,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)

#endif /* NEED_AES_TABLES */

#ifndef WOLFSSL_RISCV_ASM
/* Software AES - SetKey */
static WARN_UNUSED_RESULT int wc_AesSetKeyLocal(
Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir,
Expand Down Expand Up @@ -4630,6 +4634,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);

} /* wc_AesSetKey() */
#endif

#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
/* AES-CTR and AES-DIRECT need to use this for key setup */
Expand Down Expand Up @@ -6171,7 +6176,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif /* NEED_AES_CTR_SOFT */

#endif /* WOLFSSL_AES_COUNTER */
#endif /* !WOLFSSL_ARMASM */
#endif /* !WOLFSSL_ARMASM && ! WOLFSSL_RISCV_ASM */


/*
Expand Down Expand Up @@ -6221,6 +6226,9 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
#ifdef WOLFSSL_ARMASM
/* implementation is located in wolfcrypt/src/port/arm/armv8-aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#elif defined(WOLFSSL_AFALG)
/* implemented in wolfcrypt/src/port/afalg/afalg_aes.c */

Expand Down Expand Up @@ -10478,6 +10486,9 @@ int wc_AesCcmCheckTagSize(int sz)
#ifdef WOLFSSL_ARMASM
/* implementation located in wolfcrypt/src/port/arm/armv8-aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implementation located in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#elif defined(HAVE_COLDFIRE_SEC)
#error "Coldfire SEC doesn't currently support AES-CCM mode"

Expand Down Expand Up @@ -11375,6 +11386,9 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize)
#elif defined(WOLFSSL_DEVCRYPTO_AES)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/riscv/riscv-64-aes.c */

#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)

/* Software AES - ECB */
Expand Down Expand Up @@ -12613,12 +12627,21 @@ static WARN_UNUSED_RESULT int _AesXtsHelper(
}

xorbuf(out, in, totalSz);
#ifndef WOLFSSL_RISCV_ASM
if (dir == AES_ENCRYPTION) {
return _AesEcbEncrypt(aes, out, out, totalSz);
}
else {
return _AesEcbDecrypt(aes, out, out, totalSz);
}
#else
if (dir == AES_ENCRYPTION) {
return wc_AesEcbEncrypt(aes, out, out, totalSz);
}
else {
return wc_AesEcbDecrypt(aes, out, out, totalSz);
}
#endif
}
#endif /* HAVE_AES_ECB */

Expand Down
Loading

0 comments on commit b69482f

Please sign in to comment.