Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM #7569

Merged
merged 1 commit into from
Jun 6, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 73 additions & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -2866,6 +2866,76 @@ if test "$ENABLED_ARMASM_INLINE" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_INLINE"
fi

# RISC-V Assembly
AC_ARG_ENABLE([riscv-asm],
[AS_HELP_STRING([--enable-riscv-asm],[Enable wolfSSL RISC-V ASM support (default: disabled).])],
[ ENABLED_RISCV_ASM=$enableval ],
[ ENABLED_RISCV_ASM=no ]
)
if test "$ENABLED_RISCV_ASM" != "no" && test "$ENABLED_ASM" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_ASM"
ENABLED_AESGCM_STREAM=no # not yet implemented
AC_MSG_NOTICE([64bit RISC-V assembly for AES])
fi

ENABLED_RISCV_ASM_OPTS=$ENABLED_RISCV_ASM
for v in `echo $ENABLED_RISCV_ASM_OPTS | tr "," " "`
do
case $v in
yes)
;;
no)
;;
zbkb)
# PACK, REV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BIT_MANIPULATION"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BASE_BIT_MANIPULATION"
;;
zbb)
# REV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_BASE_BIT_MANIPULATION"
;;
zbc|zbkc)
# CLMUL, CLMULH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_CARRYLESS"
;;
zkn|zkned)
# AES encrypt/decrpyt
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_SCALAR_CRYPTO_ASM"
;;
zvkg)
# VGMUL, VHHSH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_GCM"
;;
zvbc)
# VCLMUL, VCLMULH
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_CARRYLESS"
;;
zvbb|zvkb)
# VBREV8
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_BASE_BIT_MANIPULATION"
;;
zvkned)
# Vector AES
ENABLED_RISCV_ASM=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RISCV_VECTOR_CRYPTO_ASM"
;;
*)
AC_MSG_ERROR([Invalid RISC-V option [yes,zbkb,zbb,zbc,zbkc,zkn,zkned,zvkg,zvbc,zvbb,zvkb,zvkned]: $ENABLED_RISCV_ASM.])
break
;;
esac
done


# Xilinx hardened crypto
AC_ARG_ENABLE([xilinx],
[AS_HELP_STRING([--enable-xilinx],[Enable wolfSSL support for Xilinx hardened crypto(default: disabled)])],
Expand Down Expand Up @@ -8361,7 +8431,7 @@ if test "$ENABLED_LINUXKM_LKCAPI_REGISTER" != "none"
then
AM_CFLAGS="$AM_CFLAGS -DLINUXKM_LKCAPI_REGISTER"

if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_FIPS" = "no"; then
if test "$ENABLED_AESGCM" != "no" && test "$ENABLED_AESGCM_STREAM" = "no" && test "$ENABLED_ARMASM" = "no" && test "$ENABLED_RISCV_ASM" = "no" && test "$ENABLED_FIPS" = "no"; then
ENABLED_AESGCM_STREAM=yes
fi

Expand Down Expand Up @@ -9362,6 +9432,7 @@ AM_CONDITIONAL([BUILD_ARMASM],[test "x$ENABLED_ARMASM" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_INLINE],[test "x$ENABLED_ARMASM_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_CRYPTO],[test "x$ENABLED_ARMASM_CRYPTO" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_NEON],[test "x$ENABLED_ARMASM_NEON" = "xyes"])
AM_CONDITIONAL([BUILD_RISCV_ASM],[test "x$ENABLED_RISCV_ASM" = "xyes"])
AM_CONDITIONAL([BUILD_XILINX],[test "x$ENABLED_XILINX" = "xyes"])
AM_CONDITIONAL([BUILD_AESNI],[test "x$ENABLED_AESNI" = "xyes"])
AM_CONDITIONAL([BUILD_INTELASM],[test "x$ENABLED_INTELASM" = "xyes"])
Expand Down Expand Up @@ -9997,6 +10068,7 @@ fi
echo " * ARM ASM: $ENABLED_ARMASM"
echo " * ARM ASM SHA512/SHA3 Crypto $ENABLED_ARMASM_SHA3"
echo " * ARM ASM SM3/SM4 Crypto $ENABLED_ARMASM_CRYPTO_SM4"
echo " * RISC-V ASM $ENABLED_RISCV_ASM"
echo " * Write duplicate: $ENABLED_WRITEDUP"
echo " * Xilinx Hardware Acc.: $ENABLED_XILINX"
echo " * Inline Code: $ENABLED_INLINE"
Expand Down
11 changes: 10 additions & 1 deletion src/include.am
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,6 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON
endif BUILD_AES

if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
Expand All @@ -194,6 +193,11 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
endif
endif

if BUILD_RISCV_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-aes.c
endif BUILD_RISCV_ASM
endif BUILD_AES

if BUILD_SHA
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
endif
Expand Down Expand Up @@ -672,9 +676,14 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
endif !BUILD_ARMASM_NEON

if BUILD_AFALG
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
endif BUILD_AFALG

if BUILD_RISCV_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/riscv/riscv-64-aes.c
endif BUILD_RISCV_ASM
endif BUILD_AES
endif !BUILD_FIPS_CURRENT

Expand Down
17 changes: 13 additions & 4 deletions wolfcrypt/benchmark/benchmark.c
Original file line number Diff line number Diff line change
Expand Up @@ -1972,6 +1972,9 @@ static word32 bench_size = BENCH_SIZE;
static int base2 = 1;
static int digest_stream = 1;
static int encrypt_only = 0;
#ifdef HAVE_AES_CBC
static int cipher_same_buffer = 0;
#endif

#ifdef MULTI_VALUE_STATISTICS
static int minimum_runs = 0;
Expand Down Expand Up @@ -4138,6 +4141,8 @@ static void bench_aescbc_internal(int useDeviceID,
const byte* iv, const char* encLabel,
const char* decLabel)
{
const byte* in = bench_cipher;
byte* out = bench_plain;
int ret = 0, i, count = 0, times, pending = 0;
WC_DECLARE_ARRAY(enc, Aes, BENCH_MAX_PENDING,
sizeof(Aes), HEAP_HINT);
Expand All @@ -4162,6 +4167,10 @@ static void bench_aescbc_internal(int useDeviceID,
}
}

if (cipher_same_buffer) {
in = bench_plain;
}

bench_stats_start(&count, &start);
do {
for (times = 0; times < numBlocks || pending > 0; ) {
Expand All @@ -4171,8 +4180,7 @@ static void bench_aescbc_internal(int useDeviceID,
for (i = 0; i < BENCH_MAX_PENDING; i++) {
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(enc[i]), 0,
&times, numBlocks, &pending)) {
ret = wc_AesCbcEncrypt(enc[i], bench_plain, bench_cipher,
bench_size);
ret = wc_AesCbcEncrypt(enc[i], out, in, bench_size);

if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(enc[i]),
0, &times, &pending)) {
Expand Down Expand Up @@ -4221,8 +4229,7 @@ static void bench_aescbc_internal(int useDeviceID,
for (i = 0; i < BENCH_MAX_PENDING; i++) {
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(enc[i]), 0,
&times, numBlocks, &pending)) {
ret = wc_AesCbcDecrypt(enc[i], bench_cipher, bench_plain,
bench_size);
ret = wc_AesCbcDecrypt(enc[i], out, in, bench_size);

if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(enc[i]),
0, &times, &pending)) {
Expand Down Expand Up @@ -4860,6 +4867,8 @@ static void bench_aesecb_internal(int useDeviceID,

#endif /* HAVE_AES_DECRYPT */

(void)decLabel;

exit:

if (WC_ARRAY_OK(enc)) {
Expand Down
27 changes: 25 additions & 2 deletions wolfcrypt/src/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfcrypt/src/misc.c>
#endif

#ifndef WOLFSSL_ARMASM
#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_RISCV_ASM)

#ifdef WOLFSSL_IMX6_CAAM_BLOB
/* case of possibly not using hardware acceleration for AES but using key
Expand Down Expand Up @@ -967,6 +967,9 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
/* implemented in wolfcrypt/src/port/psa/psa_aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#else

/* using wolfCrypt software implementation */
Expand Down Expand Up @@ -4317,6 +4320,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)

#endif /* NEED_AES_TABLES */

#ifndef WOLFSSL_RISCV_ASM
/* Software AES - SetKey */
static WARN_UNUSED_RESULT int wc_AesSetKeyLocal(
Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir,
Expand Down Expand Up @@ -4630,6 +4634,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);

} /* wc_AesSetKey() */
#endif

#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
/* AES-CTR and AES-DIRECT need to use this for key setup */
Expand Down Expand Up @@ -6171,7 +6176,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
#endif /* NEED_AES_CTR_SOFT */

#endif /* WOLFSSL_AES_COUNTER */
#endif /* !WOLFSSL_ARMASM */
#endif /* !WOLFSSL_ARMASM && ! WOLFSSL_RISCV_ASM */


/*
Expand Down Expand Up @@ -6221,6 +6226,9 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
#ifdef WOLFSSL_ARMASM
/* implementation is located in wolfcrypt/src/port/arm/armv8-aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#elif defined(WOLFSSL_AFALG)
/* implemented in wolfcrypt/src/port/afalg/afalg_aes.c */

Expand Down Expand Up @@ -10478,6 +10486,9 @@ int wc_AesCcmCheckTagSize(int sz)
#ifdef WOLFSSL_ARMASM
/* implementation located in wolfcrypt/src/port/arm/armv8-aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implementation located in wolfcrypt/src/port/risc-v/riscv-64-aes.c */

#elif defined(HAVE_COLDFIRE_SEC)
#error "Coldfire SEC doesn't currently support AES-CCM mode"

Expand Down Expand Up @@ -11375,6 +11386,9 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize)
#elif defined(WOLFSSL_DEVCRYPTO_AES)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */

#elif defined(WOLFSSL_RISCV_ASM)
/* implemented in wolfcrypt/src/port/riscv/riscv-64-aes.c */

#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)

/* Software AES - ECB */
Expand Down Expand Up @@ -12613,12 +12627,21 @@ static WARN_UNUSED_RESULT int _AesXtsHelper(
}

xorbuf(out, in, totalSz);
#ifndef WOLFSSL_RISCV_ASM
if (dir == AES_ENCRYPTION) {
return _AesEcbEncrypt(aes, out, out, totalSz);
}
else {
return _AesEcbDecrypt(aes, out, out, totalSz);
}
#else
if (dir == AES_ENCRYPTION) {
return wc_AesEcbEncrypt(aes, out, out, totalSz);
}
else {
return wc_AesEcbDecrypt(aes, out, out, totalSz);
}
#endif
}
#endif /* HAVE_AES_ECB */

Expand Down
Loading
Loading