17dcee0f8SGreg Tucker /********************************************************************** 269a73acfSTomasz Kantecki Copyright(c) 2011-2024 Intel Corporation All rights reserved. 37dcee0f8SGreg Tucker 47dcee0f8SGreg Tucker Redistribution and use in source and binary forms, with or without 57dcee0f8SGreg Tucker modification, are permitted provided that the following conditions 67dcee0f8SGreg Tucker are met: 77dcee0f8SGreg Tucker * Redistributions of source code must retain the above copyright 87dcee0f8SGreg Tucker notice, this list of conditions and the following disclaimer. 97dcee0f8SGreg Tucker * Redistributions in binary form must reproduce the above copyright 107dcee0f8SGreg Tucker notice, this list of conditions and the following disclaimer in 117dcee0f8SGreg Tucker the documentation and/or other materials provided with the 127dcee0f8SGreg Tucker distribution. 137dcee0f8SGreg Tucker * Neither the name of Intel Corporation nor the names of its 147dcee0f8SGreg Tucker contributors may be used to endorse or promote products derived 157dcee0f8SGreg Tucker from this software without specific prior written permission. 167dcee0f8SGreg Tucker 177dcee0f8SGreg Tucker THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 187dcee0f8SGreg Tucker "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 197dcee0f8SGreg Tucker LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 207dcee0f8SGreg Tucker A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 217dcee0f8SGreg Tucker OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 227dcee0f8SGreg Tucker SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 237dcee0f8SGreg Tucker LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 247dcee0f8SGreg Tucker DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 257dcee0f8SGreg Tucker THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 267dcee0f8SGreg Tucker (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 277dcee0f8SGreg Tucker OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 287dcee0f8SGreg Tucker **********************************************************************/ 297dcee0f8SGreg Tucker 3069a73acfSTomasz Kantecki #include "types.h" 3169a73acfSTomasz Kantecki 327dcee0f8SGreg Tucker /** 337dcee0f8SGreg Tucker * @file aes_gcm.h 347dcee0f8SGreg Tucker * @brief AES GCM encryption/decryption function prototypes. 357dcee0f8SGreg Tucker * 367dcee0f8SGreg Tucker * At build time there is an option to use non-temporal loads and stores 377dcee0f8SGreg Tucker * selected by defining the compile time option NT_LDST. The use of this option 387dcee0f8SGreg Tucker * places the following restriction on the gcm encryption functions: 397dcee0f8SGreg Tucker * 4086058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 417dcee0f8SGreg Tucker * 427dcee0f8SGreg Tucker * - When using the streaming API, all partial input buffers must be a multiple 430d66a472SGreg Tucker * of 64 bytes long except for the last input buffer. 447dcee0f8SGreg Tucker * 457dcee0f8SGreg Tucker * - In-place encryption/decryption is not recommended. 467dcee0f8SGreg Tucker * 477dcee0f8SGreg Tucker */ 487dcee0f8SGreg Tucker 497dcee0f8SGreg Tucker /* 507dcee0f8SGreg Tucker ; References: 517dcee0f8SGreg Tucker ; This code was derived and highly optimized from the code described in paper: 521de5344dSMarcel Cornu ; Vinodh Gopal et. al. Optimized Galois-Counter-Mode Implementation on Intel 531de5344dSMarcel Cornu Architecture Processors. August, 2010 547dcee0f8SGreg Tucker ; 557dcee0f8SGreg Tucker ; For the shift-based reductions used in this code, we used the method described in paper: 561de5344dSMarcel Cornu ; Shay Gueron, Michael E. Kounavis. Intel Carry-Less Multiplication Instruction and 571de5344dSMarcel Cornu its Usage for Computing the GCM Mode. January, 2010. 587dcee0f8SGreg Tucker ; 597dcee0f8SGreg Tucker ; 607dcee0f8SGreg Tucker ; 617dcee0f8SGreg Tucker ; Assumptions: Support for SSE4.1 or greater, AVX or AVX2 627dcee0f8SGreg Tucker ; 637dcee0f8SGreg Tucker ; 647dcee0f8SGreg Tucker ; iv: 657dcee0f8SGreg Tucker ; 0 1 2 3 667dcee0f8SGreg Tucker ; 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 677dcee0f8SGreg Tucker ; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 687dcee0f8SGreg Tucker ; | Salt (From the SA) | 697dcee0f8SGreg Tucker ; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 707dcee0f8SGreg Tucker ; | Initialization Vector | 717dcee0f8SGreg Tucker ; | (This is the sequence number from IPSec header) | 727dcee0f8SGreg Tucker ; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 737dcee0f8SGreg Tucker ; | 0x1 | 747dcee0f8SGreg Tucker ; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 757dcee0f8SGreg Tucker ; 767dcee0f8SGreg Tucker ; TLen: 777dcee0f8SGreg Tucker ; from the definition of the spec, TLen can only be 8, 12 or 16 bytes. 787dcee0f8SGreg Tucker ; 797dcee0f8SGreg Tucker */ 807dcee0f8SGreg Tucker #ifndef _AES_GCM_h 817dcee0f8SGreg Tucker #define _AES_GCM_h 827dcee0f8SGreg Tucker 837dcee0f8SGreg Tucker #include <stdint.h> 847dcee0f8SGreg Tucker 857dcee0f8SGreg Tucker #ifdef __cplusplus 867dcee0f8SGreg Tucker extern "C" { 877dcee0f8SGreg Tucker #endif 887dcee0f8SGreg Tucker 897a780406SMarcel Cornu /* 907a780406SMarcel Cornu * Define enums from API v2.24, so applications that were using this version 917a780406SMarcel Cornu * will still be compiled successfully. 927a780406SMarcel Cornu * This list does not need to be extended for new definitions. 937a780406SMarcel Cornu */ 947ba877e6SMarcel Cornu #ifndef NO_COMPAT_ISAL_CRYPTO_API_2_24 957ba877e6SMarcel Cornu /***** Previous hash constants and typedefs *****/ 967ba877e6SMarcel Cornu #define MAX_TAG_LEN ISAL_GCM_MAX_TAG_LEN 977ba877e6SMarcel Cornu 987a780406SMarcel Cornu #define GCM_IV_LEN (16) 997a780406SMarcel Cornu #define GCM_IV_DATA_LEN ISAL_GCM_IV_LEN 1007a780406SMarcel Cornu #define GCM_IV_END_MARK { 0x00, 0x00, 0x00, 0x01 }; 1017a780406SMarcel Cornu #define GCM_IV_END_START (12) 1027ba877e6SMarcel Cornu 1037ba877e6SMarcel Cornu #define GCM_128_KEY_LEN ISAL_GCM_128_KEY_LEN 1047ba877e6SMarcel Cornu #define GCM_256_KEY_LEN ISAL_GCM_256_KEY_LEN 1057ba877e6SMarcel Cornu 1067ba877e6SMarcel Cornu #define GCM_BLOCK_LEN ISAL_GCM_BLOCK_LEN 1077ba877e6SMarcel Cornu #define GCM_ENC_KEY_LEN ISAL_GCM_ENC_KEY_LEN 1087ba877e6SMarcel Cornu #define GCM_KEY_SETS ISAL_GCM_KEY_SETS 1097ba877e6SMarcel Cornu 1107ba877e6SMarcel Cornu #define GCM_MAX_LEN ISAL_GCM_MAX_LEN 1117ba877e6SMarcel Cornu 1127a780406SMarcel Cornu #define LONGEST_TESTED_AAD_LENGTH (2 * 1024) 1135e6526eeSMarcel Cornu 1145e6526eeSMarcel Cornu #define gcm_key_data isal_gcm_key_data 1155e6526eeSMarcel Cornu #define gcm_context_data isal_gcm_context_data 1167ba877e6SMarcel Cornu #endif /* !NO_COMPAT_ISAL_CRYPTO_API_2_24 */ 1177ba877e6SMarcel Cornu 1187dcee0f8SGreg Tucker /* Authenticated Tag Length in bytes. Valid values are 16 (most likely), 12 or 8. */ 1197ba877e6SMarcel Cornu #define ISAL_GCM_MAX_TAG_LEN (16) 1207dcee0f8SGreg Tucker // 1217a780406SMarcel Cornu // IV data is limited to 12 bytes. 1227dcee0f8SGreg Tucker // 1237a780406SMarcel Cornu #define ISAL_GCM_IV_LEN (12) 1247dcee0f8SGreg Tucker 1257dcee0f8SGreg Tucker // Key lengths of 128 and 256 supported 1267ba877e6SMarcel Cornu #define ISAL_GCM_128_KEY_LEN (16) 1277ba877e6SMarcel Cornu #define ISAL_GCM_256_KEY_LEN (32) 1287dcee0f8SGreg Tucker 1297ba877e6SMarcel Cornu #define ISAL_GCM_BLOCK_LEN 16 1307ba877e6SMarcel Cornu #define ISAL_GCM_ENC_KEY_LEN 16 1317ba877e6SMarcel Cornu #define ISAL_GCM_KEY_SETS (15) /*exp key + 14 exp round keys */ 132a1ba710fSGreg Tucker 1337ba877e6SMarcel Cornu #define ISAL_GCM_MAX_LEN UINT64_C(((1ULL << 39) - 256) - 1) 13475ef4190SMarcel Cornu 135a1ba710fSGreg Tucker /** 136a1ba710fSGreg Tucker * @brief holds intermediate key data needed to improve performance 1377dcee0f8SGreg Tucker * 138*38b5be90SPablo de Lara * isal_gcm_key_data hold internal key information used by gcm128 and gcm256. 139a1ba710fSGreg Tucker */ 140a1ba710fSGreg Tucker #ifdef __WIN32 141a1ba710fSGreg Tucker __declspec(align(16)) 142a1ba710fSGreg Tucker #endif /* WIN32 */ 1435e6526eeSMarcel Cornu struct isal_gcm_key_data { 1447ba877e6SMarcel Cornu uint8_t expanded_keys[ISAL_GCM_ENC_KEY_LEN * ISAL_GCM_KEY_SETS]; 1457ba877e6SMarcel Cornu uint8_t shifted_hkey_1[ISAL_GCM_ENC_KEY_LEN]; // store HashKey <<1 mod poly here 1467ba877e6SMarcel Cornu uint8_t shifted_hkey_2[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^2 <<1 mod poly here 1477ba877e6SMarcel Cornu uint8_t shifted_hkey_3[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^3 <<1 mod poly here 1487ba877e6SMarcel Cornu uint8_t shifted_hkey_4[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^4 <<1 mod poly here 1497ba877e6SMarcel Cornu uint8_t shifted_hkey_5[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^5 <<1 mod poly here 1507ba877e6SMarcel Cornu uint8_t shifted_hkey_6[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^6 <<1 mod poly here 1517ba877e6SMarcel Cornu uint8_t shifted_hkey_7[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^7 <<1 mod poly here 1527ba877e6SMarcel Cornu uint8_t shifted_hkey_8[ISAL_GCM_ENC_KEY_LEN]; // store HashKey^8 <<1 mod poly here 1537ba877e6SMarcel Cornu uint8_t shifted_hkey_1_k[ISAL_GCM_ENC_KEY_LEN]; // store XOR of High 64 bits 1547ba877e6SMarcel Cornu uint8_t shifted_hkey_2_k[ISAL_GCM_ENC_KEY_LEN]; // and Low 64b of HashKey^n <<1 mod poly 1557ba877e6SMarcel Cornu uint8_t shifted_hkey_3_k[ISAL_GCM_ENC_KEY_LEN]; // here (for Karatsuba purposes) 1567ba877e6SMarcel Cornu uint8_t shifted_hkey_4_k[ISAL_GCM_ENC_KEY_LEN]; 1577ba877e6SMarcel Cornu uint8_t shifted_hkey_5_k[ISAL_GCM_ENC_KEY_LEN]; 1587ba877e6SMarcel Cornu uint8_t shifted_hkey_6_k[ISAL_GCM_ENC_KEY_LEN]; 1597ba877e6SMarcel Cornu uint8_t shifted_hkey_7_k[ISAL_GCM_ENC_KEY_LEN]; 1607ba877e6SMarcel Cornu uint8_t shifted_hkey_8_k[ISAL_GCM_ENC_KEY_LEN]; 1617ba877e6SMarcel Cornu uint8_t shifted_hkey_n_k[ISAL_GCM_ENC_KEY_LEN * 1627ba877e6SMarcel Cornu (64 - 16)]; // Others vaes version needs 2x32 163a1ba710fSGreg Tucker } 16496f24e8cSPablo de Lara #if defined(__unix__) || (__MINGW32__) 165a1ba710fSGreg Tucker __attribute__((aligned(16))); 166a1ba710fSGreg Tucker #else 167a1ba710fSGreg Tucker ; 168a1ba710fSGreg Tucker #endif 169a1ba710fSGreg Tucker 170a1ba710fSGreg Tucker /** 171a1ba710fSGreg Tucker * @brief holds GCM operation context 172a1ba710fSGreg Tucker */ 1735e6526eeSMarcel Cornu struct isal_gcm_context_data { 174a1ba710fSGreg Tucker // init, update and finalize context data 1757ba877e6SMarcel Cornu uint8_t aad_hash[ISAL_GCM_BLOCK_LEN]; 176a1ba710fSGreg Tucker uint64_t aad_length; 177a1ba710fSGreg Tucker uint64_t in_length; 1787ba877e6SMarcel Cornu uint8_t partial_block_enc_key[ISAL_GCM_BLOCK_LEN]; 1797ba877e6SMarcel Cornu uint8_t orig_IV[ISAL_GCM_BLOCK_LEN]; 1807ba877e6SMarcel Cornu uint8_t current_counter[ISAL_GCM_BLOCK_LEN]; 181a1ba710fSGreg Tucker uint64_t partial_block_length; 182a1ba710fSGreg Tucker }; 183a1ba710fSGreg Tucker 184a1ba710fSGreg Tucker /* ------------------ New interface for separate expanded keys ------------ */ 185a1ba710fSGreg Tucker 186a1ba710fSGreg Tucker /** 1877dcee0f8SGreg Tucker * @brief GCM-AES Encryption using 128 bit keys 1887dcee0f8SGreg Tucker * 18969a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_128() instead. 1907dcee0f8SGreg Tucker * @requires SSE4.1 and AESNI 191a1ba710fSGreg Tucker */ 19269a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_128() instead.") 1931de5344dSMarcel Cornu void 1945e6526eeSMarcel Cornu aes_gcm_enc_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 1955e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 196a1ba710fSGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 197a1ba710fSGreg Tucker uint8_t const *in, //!< Plaintext input 198a1ba710fSGreg Tucker uint64_t len, //!< Length of data in Bytes for encryption 199a1ba710fSGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 200a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it. 201a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 202a1ba710fSGreg Tucker uint64_t aad_len, //!< Length of AAD 203a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 2041de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 2051de5344dSMarcel Cornu //!< 4 bytes). 206a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 207a1ba710fSGreg Tucker ); 208a1ba710fSGreg Tucker 209a1ba710fSGreg Tucker /** 210a1ba710fSGreg Tucker * @brief GCM-AES Encryption using 256 bit keys 211a1ba710fSGreg Tucker * 21269a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_256() instead. 213a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 214a1ba710fSGreg Tucker */ 21569a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_256() instead.") 2161de5344dSMarcel Cornu void 2175e6526eeSMarcel Cornu aes_gcm_enc_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 2185e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 219a1ba710fSGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 220a1ba710fSGreg Tucker uint8_t const *in, //!< Plaintext input 221a1ba710fSGreg Tucker uint64_t len, //!< Length of data in Bytes for encryption 222a1ba710fSGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 223a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it. 224a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 225a1ba710fSGreg Tucker uint64_t aad_len, //!< Length of AAD 226a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 2271de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 2281de5344dSMarcel Cornu //!< 4 bytes). 229a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 230a1ba710fSGreg Tucker ); 231a1ba710fSGreg Tucker 232a1ba710fSGreg Tucker /** 233a1ba710fSGreg Tucker * @brief GCM-AES Decryption using 128 bit keys 234a1ba710fSGreg Tucker * 23569a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_128() instead. 236a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 237a1ba710fSGreg Tucker */ 23869a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_128() instead.") 2391de5344dSMarcel Cornu void 2405e6526eeSMarcel Cornu aes_gcm_dec_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 2415e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 242a1ba710fSGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 243a1ba710fSGreg Tucker uint8_t const *in, //!< Ciphertext input 244a1ba710fSGreg Tucker uint64_t len, //!< Length of data in Bytes for decryption 245a1ba710fSGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 246a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it. 247a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 248a1ba710fSGreg Tucker uint64_t aad_len, //!< Length of AAD 249a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 2501de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 2511de5344dSMarcel Cornu //!< 4 bytes). 252a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 253a1ba710fSGreg Tucker ); 254a1ba710fSGreg Tucker 255a1ba710fSGreg Tucker /** 256a1ba710fSGreg Tucker * @brief GCM-AES Decryption using 128 bit keys 257a1ba710fSGreg Tucker * 25869a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_256() instead. 259a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 260a1ba710fSGreg Tucker */ 26169a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_256() instead.") 2621de5344dSMarcel Cornu void 2635e6526eeSMarcel Cornu aes_gcm_dec_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 2645e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 265a1ba710fSGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 266a1ba710fSGreg Tucker uint8_t const *in, //!< Ciphertext input 267a1ba710fSGreg Tucker uint64_t len, //!< Length of data in Bytes for decryption 268a1ba710fSGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 269a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it. 270a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 271a1ba710fSGreg Tucker uint64_t aad_len, //!< Length of AAD 272a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 2731de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 2741de5344dSMarcel Cornu //!< 4 bytes). 275a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 276a1ba710fSGreg Tucker ); 277a1ba710fSGreg Tucker 278a1ba710fSGreg Tucker /** 279a1ba710fSGreg Tucker * @brief Start a AES-GCM Encryption message 128 bit key 280a1ba710fSGreg Tucker * 28169a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_init_128() instead. 282a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 283a1ba710fSGreg Tucker */ 28469a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_init_128() instead.") 2851de5344dSMarcel Cornu void 2865e6526eeSMarcel Cornu aes_gcm_init_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 2875e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 288a1ba710fSGreg Tucker uint8_t *iv, //!< Pointer to 12 byte IV structure 289a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it 290a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 291a1ba710fSGreg Tucker uint64_t aad_len //!< Length of AAD 292a1ba710fSGreg Tucker ); 293a1ba710fSGreg Tucker 294a1ba710fSGreg Tucker /** 295a1ba710fSGreg Tucker * @brief Start a AES-GCM Encryption message 256 bit key 296a1ba710fSGreg Tucker * 29769a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_init_256() instead. 298a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 299a1ba710fSGreg Tucker */ 30069a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_init_256() instead.") 3011de5344dSMarcel Cornu void 3025e6526eeSMarcel Cornu aes_gcm_init_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3035e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 304a1ba710fSGreg Tucker uint8_t *iv, //!< Pointer to 12 byte IV structure 305a1ba710fSGreg Tucker //!< Internally, library concates 0x00000001 value to it 306a1ba710fSGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 307a1ba710fSGreg Tucker uint64_t aad_len //!< Length of AAD 308a1ba710fSGreg Tucker ); 309a1ba710fSGreg Tucker 310a1ba710fSGreg Tucker /** 311a1ba710fSGreg Tucker * @brief Encrypt a block of a AES-128-GCM Encryption message 312a1ba710fSGreg Tucker * 31369a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_128_update() instead. 314a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 315a1ba710fSGreg Tucker */ 31669a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_128_update() instead.") 3171de5344dSMarcel Cornu void 3185e6526eeSMarcel Cornu aes_gcm_enc_128_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3195e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 320a1ba710fSGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 321a1ba710fSGreg Tucker const uint8_t *in, //!< Plaintext input 322a1ba710fSGreg Tucker uint64_t len //!< Length of data in Bytes for encryption 323a1ba710fSGreg Tucker ); 324a1ba710fSGreg Tucker 325a1ba710fSGreg Tucker /** 326a1ba710fSGreg Tucker * @brief Encrypt a block of a AES-256-GCM Encryption message 327a1ba710fSGreg Tucker * 32869a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_256_update() instead. 329a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 330a1ba710fSGreg Tucker */ 33169a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_256_update() instead.") 3321de5344dSMarcel Cornu void 3335e6526eeSMarcel Cornu aes_gcm_enc_256_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3345e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 335a1ba710fSGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 336a1ba710fSGreg Tucker const uint8_t *in, //!< Plaintext input 337a1ba710fSGreg Tucker uint64_t len //!< Length of data in Bytes for encryption 338a1ba710fSGreg Tucker ); 339a1ba710fSGreg Tucker 340a1ba710fSGreg Tucker /** 341a1ba710fSGreg Tucker * @brief Decrypt a block of a AES-128-GCM Encryption message 342a1ba710fSGreg Tucker * 34369a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_128_update() instead. 344a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 345a1ba710fSGreg Tucker */ 34669a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_128_update() instead.") 3471de5344dSMarcel Cornu void 3485e6526eeSMarcel Cornu aes_gcm_dec_128_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3495e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 350a1ba710fSGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 351a1ba710fSGreg Tucker const uint8_t *in, //!< Ciphertext input 352a1ba710fSGreg Tucker uint64_t len //!< Length of data in Bytes for decryption 353a1ba710fSGreg Tucker ); 354a1ba710fSGreg Tucker 355a1ba710fSGreg Tucker /** 356a1ba710fSGreg Tucker * @brief Decrypt a block of a AES-256-GCM Encryption message 357a1ba710fSGreg Tucker * 35869a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_256_update() instead. 359a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 360a1ba710fSGreg Tucker */ 36169a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_256_update() instead.") 3621de5344dSMarcel Cornu void 3635e6526eeSMarcel Cornu aes_gcm_dec_256_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3645e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 365a1ba710fSGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 366a1ba710fSGreg Tucker const uint8_t *in, //!< Ciphertext input 367a1ba710fSGreg Tucker uint64_t len //!< Length of data in Bytes for decryption 368a1ba710fSGreg Tucker ); 369a1ba710fSGreg Tucker 370a1ba710fSGreg Tucker /** 371a1ba710fSGreg Tucker * @brief End encryption of a AES-128-GCM Encryption message 372a1ba710fSGreg Tucker * 37369a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_128_finalize() instead. 374a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 375a1ba710fSGreg Tucker */ 37669a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_128_finalize() instead.") 3771de5344dSMarcel Cornu void 3785e6526eeSMarcel Cornu aes_gcm_enc_128_finalize(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3795e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 380a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 3811de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 3821de5344dSMarcel Cornu //!< multiple of 4 bytes). 383a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 384a1ba710fSGreg Tucker ); 385a1ba710fSGreg Tucker 386a1ba710fSGreg Tucker /** 387a1ba710fSGreg Tucker * @brief End encryption of a AES-256-GCM Encryption message 388a1ba710fSGreg Tucker * 38969a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_256_finalize() instead. 390a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 391a1ba710fSGreg Tucker */ 39269a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_256_finalize() instead.") 3931de5344dSMarcel Cornu void 3945e6526eeSMarcel Cornu aes_gcm_enc_256_finalize(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 3955e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 396a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 3971de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 3981de5344dSMarcel Cornu //!< multiple of 4 bytes). 399a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 400a1ba710fSGreg Tucker ); 401a1ba710fSGreg Tucker 402a1ba710fSGreg Tucker /** 403a1ba710fSGreg Tucker * @brief End decryption of a AES-128-GCM Encryption message 404a1ba710fSGreg Tucker * 40569a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_128_finalize() instead. 406a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 407a1ba710fSGreg Tucker */ 40869a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_128_finalize() instead.") 4091de5344dSMarcel Cornu void 4105e6526eeSMarcel Cornu aes_gcm_dec_128_finalize(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 4115e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 412a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 4131de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 4141de5344dSMarcel Cornu //!< multiple of 4 bytes). 415a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 416a1ba710fSGreg Tucker ); 417a1ba710fSGreg Tucker 418a1ba710fSGreg Tucker /** 419a1ba710fSGreg Tucker * @brief End decryption of a AES-256-GCM Encryption message 420a1ba710fSGreg Tucker * 42169a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_256_finalize() instead. 422a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 423a1ba710fSGreg Tucker */ 42469a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_256_finalize() instead.") 4251de5344dSMarcel Cornu void 4265e6526eeSMarcel Cornu aes_gcm_dec_256_finalize(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 4275e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 428a1ba710fSGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 4291de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 4301de5344dSMarcel Cornu //!< multiple of 4 bytes). 431a1ba710fSGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 432a1ba710fSGreg Tucker ); 433a1ba710fSGreg Tucker 434a1ba710fSGreg Tucker /** 435a1ba710fSGreg Tucker * @brief Pre-processes GCM key data 128 bit 436a1ba710fSGreg Tucker * 437a1ba710fSGreg Tucker * Prefills the gcm key data with key values for each round and 438a1ba710fSGreg Tucker * the initial sub hash key for tag encoding 439a1ba710fSGreg Tucker * 44069a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_pre_128() instead. 441a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 442a1ba710fSGreg Tucker */ 44369a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_pre_128() instead.") 4441de5344dSMarcel Cornu void 4451de5344dSMarcel Cornu aes_gcm_pre_128(const void *key, //!< Pointer to key data 4465e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 447a1ba710fSGreg Tucker ); 448a1ba710fSGreg Tucker 449a1ba710fSGreg Tucker /** 450a1ba710fSGreg Tucker * @brief Pre-processes GCM key data 128 bit 451a1ba710fSGreg Tucker * 452a1ba710fSGreg Tucker * Prefills the gcm key data with key values for each round and 453a1ba710fSGreg Tucker * the initial sub hash key for tag encoding 454a1ba710fSGreg Tucker * 45569a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_pre_256() instead. 456a1ba710fSGreg Tucker * @requires SSE4.1 and AESNI 457a1ba710fSGreg Tucker */ 45869a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_pre_256() instead.") 4591de5344dSMarcel Cornu void 4601de5344dSMarcel Cornu aes_gcm_pre_256(const void *key, //!< Pointer to key data 4615e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 462a1ba710fSGreg Tucker ); 463a1ba710fSGreg Tucker 46428e22039SGreg Tucker /* ---- NT versions ---- */ 46528e22039SGreg Tucker /** 46628e22039SGreg Tucker * @brief GCM-AES Encryption using 128 bit keys, Non-temporal data 46728e22039SGreg Tucker * 46828e22039SGreg Tucker * Non-temporal version of encrypt has additional restrictions: 46986058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 47028e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 47128e22039SGreg Tucker * 47269a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_128_nt() instead. 47328e22039SGreg Tucker * @requires SSE4.1 and AESNI 47428e22039SGreg Tucker */ 47569a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_128_nt() instead.") 4761de5344dSMarcel Cornu void 4775e6526eeSMarcel Cornu aes_gcm_enc_128_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 4785e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 47928e22039SGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 48028e22039SGreg Tucker uint8_t const *in, //!< Plaintext input 48128e22039SGreg Tucker uint64_t len, //!< Length of data in Bytes for encryption 48228e22039SGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 48328e22039SGreg Tucker //!< Internally, library concates 0x00000001 value to it. 48428e22039SGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 48528e22039SGreg Tucker uint64_t aad_len, //!< Length of AAD 48628e22039SGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 4871de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 4881de5344dSMarcel Cornu //!< of 4 bytes). 48928e22039SGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 49028e22039SGreg Tucker ); 49128e22039SGreg Tucker 49228e22039SGreg Tucker /** 49328e22039SGreg Tucker * @brief GCM-AES Encryption using 256 bit keys, Non-temporal data 49428e22039SGreg Tucker * 49528e22039SGreg Tucker * Non-temporal version of encrypt has additional restrictions: 49686058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 49728e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 49828e22039SGreg Tucker * 49969a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_256_nt() instead. 50028e22039SGreg Tucker * @requires SSE4.1 and AESNI 50128e22039SGreg Tucker */ 50269a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_256_nt() instead.") 5031de5344dSMarcel Cornu void 5045e6526eeSMarcel Cornu aes_gcm_enc_256_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 5055e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 50628e22039SGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 50728e22039SGreg Tucker uint8_t const *in, //!< Plaintext input 50828e22039SGreg Tucker uint64_t len, //!< Length of data in Bytes for encryption 50928e22039SGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 51028e22039SGreg Tucker //!< Internally, library concates 0x00000001 value to it. 51128e22039SGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 51228e22039SGreg Tucker uint64_t aad_len, //!< Length of AAD 51328e22039SGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 5141de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 5151de5344dSMarcel Cornu //!< of 4 bytes). 51628e22039SGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 51728e22039SGreg Tucker ); 51828e22039SGreg Tucker 51928e22039SGreg Tucker /** 52028e22039SGreg Tucker * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 52128e22039SGreg Tucker * 52228e22039SGreg Tucker * Non-temporal version of decrypt has additional restrictions: 52386058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 52428e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 52528e22039SGreg Tucker * 52669a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_128_nt() instead. 52728e22039SGreg Tucker * @requires SSE4.1 and AESNI 52828e22039SGreg Tucker */ 52969a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_128_nt() instead.") 5301de5344dSMarcel Cornu void 5315e6526eeSMarcel Cornu aes_gcm_dec_128_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 5325e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 53328e22039SGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 53428e22039SGreg Tucker uint8_t const *in, //!< Ciphertext input 53528e22039SGreg Tucker uint64_t len, //!< Length of data in Bytes for decryption 53628e22039SGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 53728e22039SGreg Tucker //!< Internally, library concates 0x00000001 value to it. 53828e22039SGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 53928e22039SGreg Tucker uint64_t aad_len, //!< Length of AAD 54028e22039SGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 5411de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 5421de5344dSMarcel Cornu //!< of 4 bytes). 54328e22039SGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 54428e22039SGreg Tucker ); 54528e22039SGreg Tucker 54628e22039SGreg Tucker /** 54728e22039SGreg Tucker * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 54828e22039SGreg Tucker * 54928e22039SGreg Tucker * Non-temporal version of decrypt has additional restrictions: 55086058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 55128e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 55228e22039SGreg Tucker * 55369a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_256_nt() instead. 55428e22039SGreg Tucker * @requires SSE4.1 and AESNI 55528e22039SGreg Tucker */ 55669a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_256_nt() instead.") 5571de5344dSMarcel Cornu void 5585e6526eeSMarcel Cornu aes_gcm_dec_256_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 5595e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 56028e22039SGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 56128e22039SGreg Tucker uint8_t const *in, //!< Ciphertext input 56228e22039SGreg Tucker uint64_t len, //!< Length of data in Bytes for decryption 56328e22039SGreg Tucker uint8_t *iv, //!< iv pointer to 12 byte IV structure. 56428e22039SGreg Tucker //!< Internally, library concates 0x00000001 value to it. 56528e22039SGreg Tucker uint8_t const *aad, //!< Additional Authentication Data (AAD) 56628e22039SGreg Tucker uint64_t aad_len, //!< Length of AAD 56728e22039SGreg Tucker uint8_t *auth_tag, //!< Authenticated Tag output 5681de5344dSMarcel Cornu uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 5691de5344dSMarcel Cornu //!< of 4 bytes). 57028e22039SGreg Tucker //!< Valid values are 16 (most likely), 12 or 8 57128e22039SGreg Tucker ); 57228e22039SGreg Tucker 57328e22039SGreg Tucker /** 57428e22039SGreg Tucker * @brief Encrypt a block of a AES-128-GCM Encryption message, Non-temporal data 57528e22039SGreg Tucker * 57628e22039SGreg Tucker * Non-temporal version of encrypt update has additional restrictions: 57786058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 5780d66a472SGreg Tucker * - All partial input buffers must be a multiple of 64 bytes long except for 57928e22039SGreg Tucker * the last input buffer. 58028e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 58128e22039SGreg Tucker * 58269a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_128_update_nt() instead. 58328e22039SGreg Tucker * @requires SSE4.1 and AESNI 58428e22039SGreg Tucker */ 58569a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_128_update_nt() instead.") 5861de5344dSMarcel Cornu void 5875e6526eeSMarcel Cornu aes_gcm_enc_128_update_nt( 5885e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 5895e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 59028e22039SGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 59128e22039SGreg Tucker const uint8_t *in, //!< Plaintext input 59228e22039SGreg Tucker uint64_t len //!< Length of data in Bytes for encryption 59328e22039SGreg Tucker ); 59428e22039SGreg Tucker 59528e22039SGreg Tucker /** 59628e22039SGreg Tucker * @brief Encrypt a block of a AES-256-GCM Encryption message, Non-temporal data 59728e22039SGreg Tucker * 59828e22039SGreg Tucker * Non-temporal version of encrypt update has additional restrictions: 59986058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 6000d66a472SGreg Tucker * - All partial input buffers must be a multiple of 64 bytes long except for 60128e22039SGreg Tucker * the last input buffer. 60228e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 60328e22039SGreg Tucker * 60469a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_enc_256_update_nt() instead. 60528e22039SGreg Tucker * @requires SSE4.1 and AESNI 60628e22039SGreg Tucker */ 60769a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_enc_256_update_nt() instead.") 6081de5344dSMarcel Cornu void 6095e6526eeSMarcel Cornu aes_gcm_enc_256_update_nt( 6105e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 6115e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 61228e22039SGreg Tucker uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 61328e22039SGreg Tucker const uint8_t *in, //!< Plaintext input 61428e22039SGreg Tucker uint64_t len //!< Length of data in Bytes for encryption 61528e22039SGreg Tucker ); 61628e22039SGreg Tucker 61728e22039SGreg Tucker /** 61828e22039SGreg Tucker * @brief Decrypt a block of a AES-128-GCM Encryption message, Non-temporal data 61928e22039SGreg Tucker * 62028e22039SGreg Tucker * Non-temporal version of decrypt update has additional restrictions: 62186058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 6220d66a472SGreg Tucker * - All partial input buffers must be a multiple of 64 bytes long except for 62328e22039SGreg Tucker * the last input buffer. 62428e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 62528e22039SGreg Tucker * 62669a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_128_update_nt() instead. 62728e22039SGreg Tucker * @requires SSE4.1 and AESNI 62828e22039SGreg Tucker */ 62969a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_128_update_nt() instead.") 6301de5344dSMarcel Cornu void 6315e6526eeSMarcel Cornu aes_gcm_dec_128_update_nt( 6325e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 6335e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 63428e22039SGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 63528e22039SGreg Tucker const uint8_t *in, //!< Ciphertext input 63628e22039SGreg Tucker uint64_t len //!< Length of data in Bytes for decryption 63728e22039SGreg Tucker ); 63828e22039SGreg Tucker 63928e22039SGreg Tucker /** 64028e22039SGreg Tucker * @brief Decrypt a block of a AES-256-GCM Encryption message, Non-temporal data 64128e22039SGreg Tucker * 64228e22039SGreg Tucker * Non-temporal version of decrypt update has additional restrictions: 64386058544SPablo de Lara * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 6440d66a472SGreg Tucker * - All partial input buffers must be a multiple of 64 bytes long except for 64528e22039SGreg Tucker * the last input buffer. 64628e22039SGreg Tucker * - In-place encryption/decryption is not recommended. Performance can be slow. 64728e22039SGreg Tucker * 64869a73acfSTomasz Kantecki * @deprecated Please use isal_aes_gcm_dec_256_update_nt() instead. 64928e22039SGreg Tucker * @requires SSE4.1 and AESNI 65028e22039SGreg Tucker */ 65169a73acfSTomasz Kantecki ISAL_DEPRECATED("Please use isal_aes_gcm_dec_256_update_nt() instead.") 6521de5344dSMarcel Cornu void 6535e6526eeSMarcel Cornu aes_gcm_dec_256_update_nt( 6545e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 6555e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 65628e22039SGreg Tucker uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 65728e22039SGreg Tucker const uint8_t *in, //!< Ciphertext input 65828e22039SGreg Tucker uint64_t len //!< Length of data in Bytes for decryption 65928e22039SGreg Tucker ); 66028e22039SGreg Tucker 66175ef4190SMarcel Cornu /** 66275ef4190SMarcel Cornu * @brief GCM-AES Encryption using 128 bit keys 66375ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 66475ef4190SMarcel Cornu * 66575ef4190SMarcel Cornu * @return Operation status 66675ef4190SMarcel Cornu * @retval 0 on success 66775ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 66875ef4190SMarcel Cornu */ 66975ef4190SMarcel Cornu int 67075ef4190SMarcel Cornu isal_aes_gcm_enc_128( 6715e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 6725e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 67375ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 67475ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 67575ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for encryption 67675ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 67775ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 67875ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 67975ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 68075ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 68175ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 68275ef4190SMarcel Cornu //!< 4 bytes). 68375ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 68475ef4190SMarcel Cornu ); 68575ef4190SMarcel Cornu 68675ef4190SMarcel Cornu /** 68775ef4190SMarcel Cornu * @brief GCM-AES Encryption using 256 bit keys 68875ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 68975ef4190SMarcel Cornu * 69075ef4190SMarcel Cornu * @return Operation status 69175ef4190SMarcel Cornu * @retval 0 on success 69275ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 69375ef4190SMarcel Cornu */ 69475ef4190SMarcel Cornu int 69575ef4190SMarcel Cornu isal_aes_gcm_enc_256( 6965e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 6975e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 69875ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 69975ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 70075ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for encryption 70175ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 70275ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 70375ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 70475ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 70575ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 70675ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 70775ef4190SMarcel Cornu //!< 4 bytes). 70875ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 70975ef4190SMarcel Cornu ); 71075ef4190SMarcel Cornu 71175ef4190SMarcel Cornu /** 71275ef4190SMarcel Cornu * @brief GCM-AES Decryption using 128 bit keys 71375ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 71475ef4190SMarcel Cornu * 71575ef4190SMarcel Cornu * @return Operation status 71675ef4190SMarcel Cornu * @retval 0 on success 71775ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 71875ef4190SMarcel Cornu */ 71975ef4190SMarcel Cornu int 72075ef4190SMarcel Cornu isal_aes_gcm_dec_128( 7215e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 7225e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 72375ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 72475ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 72575ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for decryption 72675ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 72775ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 72875ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 72975ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 73075ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 73175ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 73275ef4190SMarcel Cornu //!< 4 bytes). 73375ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 73475ef4190SMarcel Cornu ); 73575ef4190SMarcel Cornu 73675ef4190SMarcel Cornu /** 73775ef4190SMarcel Cornu * @brief GCM-AES Decryption using 128 bit keys 73875ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 73975ef4190SMarcel Cornu * 74075ef4190SMarcel Cornu * @return Operation status 74175ef4190SMarcel Cornu * @retval 0 on success 74275ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 74375ef4190SMarcel Cornu */ 74475ef4190SMarcel Cornu int 74575ef4190SMarcel Cornu isal_aes_gcm_dec_256( 7465e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 7475e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 74875ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 74975ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 75075ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for decryption 75175ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 75275ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 75375ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 75475ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 75575ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 75675ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 75775ef4190SMarcel Cornu //!< 4 bytes). 75875ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 75975ef4190SMarcel Cornu ); 76075ef4190SMarcel Cornu 76175ef4190SMarcel Cornu /** 76275ef4190SMarcel Cornu * @brief Start a AES-GCM Encryption message 128 bit key 76375ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 76475ef4190SMarcel Cornu * 76575ef4190SMarcel Cornu * @return Operation status 76675ef4190SMarcel Cornu * @retval 0 on success 76775ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 76875ef4190SMarcel Cornu */ 76975ef4190SMarcel Cornu int 7705e6526eeSMarcel Cornu isal_aes_gcm_init_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 7715e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 77275ef4190SMarcel Cornu const uint8_t *iv, //!< Pointer to 12 byte IV structure 77375ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it 77475ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 77575ef4190SMarcel Cornu const uint64_t aad_len //!< Length of AAD 77675ef4190SMarcel Cornu ); 77775ef4190SMarcel Cornu 77875ef4190SMarcel Cornu /** 77975ef4190SMarcel Cornu * @brief Start a AES-GCM Encryption message 256 bit key 78075ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 78175ef4190SMarcel Cornu * 78275ef4190SMarcel Cornu * @return Operation status 78375ef4190SMarcel Cornu * @retval 0 on success 78475ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 78575ef4190SMarcel Cornu */ 78675ef4190SMarcel Cornu int 7875e6526eeSMarcel Cornu isal_aes_gcm_init_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 7885e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 78975ef4190SMarcel Cornu const uint8_t *iv, //!< Pointer to 12 byte IV structure 79075ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it 79175ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 79275ef4190SMarcel Cornu const uint64_t aad_len //!< Length of AAD 79375ef4190SMarcel Cornu ); 79475ef4190SMarcel Cornu 79575ef4190SMarcel Cornu /** 79675ef4190SMarcel Cornu * @brief Encrypt a block of a AES-128-GCM Encryption message 79775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 79875ef4190SMarcel Cornu * 79975ef4190SMarcel Cornu * @return Operation status 80075ef4190SMarcel Cornu * @retval 0 on success 80175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 80275ef4190SMarcel Cornu */ 80375ef4190SMarcel Cornu int 8045e6526eeSMarcel Cornu isal_aes_gcm_enc_128_update( 8055e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8065e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 80775ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 80875ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 80975ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for encryption 81075ef4190SMarcel Cornu ); 81175ef4190SMarcel Cornu 81275ef4190SMarcel Cornu /** 81375ef4190SMarcel Cornu * @brief Encrypt a block of a AES-256-GCM Encryption message 81475ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 81575ef4190SMarcel Cornu * 81675ef4190SMarcel Cornu * @return Operation status 81775ef4190SMarcel Cornu * @retval 0 on success 81875ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 81975ef4190SMarcel Cornu */ 82075ef4190SMarcel Cornu int 8215e6526eeSMarcel Cornu isal_aes_gcm_enc_256_update( 8225e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8235e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 82475ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 82575ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 82675ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for encryption 82775ef4190SMarcel Cornu ); 82875ef4190SMarcel Cornu 82975ef4190SMarcel Cornu /** 83075ef4190SMarcel Cornu * @brief Decrypt a block of a AES-128-GCM Encryption message 83175ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 83275ef4190SMarcel Cornu * 83375ef4190SMarcel Cornu * @return Operation status 83475ef4190SMarcel Cornu * @retval 0 on success 83575ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 83675ef4190SMarcel Cornu */ 83775ef4190SMarcel Cornu int 8385e6526eeSMarcel Cornu isal_aes_gcm_dec_128_update( 8395e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8405e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 84175ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 84275ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 84375ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for decryption 84475ef4190SMarcel Cornu ); 84575ef4190SMarcel Cornu 84675ef4190SMarcel Cornu /** 84775ef4190SMarcel Cornu * @brief Decrypt a block of a AES-256-GCM Encryption message 84875ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 84975ef4190SMarcel Cornu * 85075ef4190SMarcel Cornu * @return Operation status 85175ef4190SMarcel Cornu * @retval 0 on success 85275ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 85375ef4190SMarcel Cornu */ 85475ef4190SMarcel Cornu int 8555e6526eeSMarcel Cornu isal_aes_gcm_dec_256_update( 8565e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8575e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 85875ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 85975ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 86075ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for decryption 86175ef4190SMarcel Cornu ); 86275ef4190SMarcel Cornu 86375ef4190SMarcel Cornu /** 86475ef4190SMarcel Cornu * @brief End encryption of a AES-128-GCM Encryption message 86575ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 86675ef4190SMarcel Cornu * 86775ef4190SMarcel Cornu * @return Operation status 86875ef4190SMarcel Cornu * @retval 0 on success 86975ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 87075ef4190SMarcel Cornu */ 87175ef4190SMarcel Cornu int 87275ef4190SMarcel Cornu isal_aes_gcm_enc_128_finalize( 8735e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8745e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 87575ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 87675ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 87775ef4190SMarcel Cornu //!< multiple of 4 bytes). 87875ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 87975ef4190SMarcel Cornu ); 88075ef4190SMarcel Cornu 88175ef4190SMarcel Cornu /** 88275ef4190SMarcel Cornu * @brief End encryption of a AES-256-GCM Encryption message 88375ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 88475ef4190SMarcel Cornu * 88575ef4190SMarcel Cornu * @return Operation status 88675ef4190SMarcel Cornu * @retval 0 on success 88775ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 88875ef4190SMarcel Cornu */ 88975ef4190SMarcel Cornu int 89075ef4190SMarcel Cornu isal_aes_gcm_enc_256_finalize( 8915e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 8925e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 89375ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 89475ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 89575ef4190SMarcel Cornu //!< multiple of 4 bytes). 89675ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 89775ef4190SMarcel Cornu ); 89875ef4190SMarcel Cornu 89975ef4190SMarcel Cornu /** 90075ef4190SMarcel Cornu * @brief End decryption of a AES-128-GCM Encryption message 90175ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 90275ef4190SMarcel Cornu * 90375ef4190SMarcel Cornu * @return Operation status 90475ef4190SMarcel Cornu * @retval 0 on success 90575ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 90675ef4190SMarcel Cornu */ 90775ef4190SMarcel Cornu int 90875ef4190SMarcel Cornu isal_aes_gcm_dec_128_finalize( 9095e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 9105e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 91175ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 91275ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 91375ef4190SMarcel Cornu //!< multiple of 4 bytes). 91475ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 91575ef4190SMarcel Cornu ); 91675ef4190SMarcel Cornu 91775ef4190SMarcel Cornu /** 91875ef4190SMarcel Cornu * @brief End decryption of a AES-256-GCM Encryption message 91975ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 92075ef4190SMarcel Cornu * 92175ef4190SMarcel Cornu * @return Operation status 92275ef4190SMarcel Cornu * @retval 0 on success 92375ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 92475ef4190SMarcel Cornu */ 92575ef4190SMarcel Cornu int 92675ef4190SMarcel Cornu isal_aes_gcm_dec_256_finalize( 9275e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 9285e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 92975ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 93075ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 93175ef4190SMarcel Cornu //!< multiple of 4 bytes). 93275ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 93375ef4190SMarcel Cornu ); 93475ef4190SMarcel Cornu 93575ef4190SMarcel Cornu /** 93675ef4190SMarcel Cornu * @brief Pre-processes GCM key data 128 bit 93775ef4190SMarcel Cornu * 93875ef4190SMarcel Cornu * Prefills the gcm key data with key values for each round and 93975ef4190SMarcel Cornu * the initial sub hash key for tag encoding 94075ef4190SMarcel Cornu * 94175ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 94275ef4190SMarcel Cornu * 94375ef4190SMarcel Cornu * @return Operation status 94475ef4190SMarcel Cornu * @retval 0 on success 94575ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 94675ef4190SMarcel Cornu */ 94775ef4190SMarcel Cornu int 94869a73acfSTomasz Kantecki isal_aes_gcm_pre_128(const void *key, //!< Pointer to key data 9495e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 95075ef4190SMarcel Cornu ); 95175ef4190SMarcel Cornu 95275ef4190SMarcel Cornu /** 95369a73acfSTomasz Kantecki * @brief Pre-processes GCM key data 256 bit 95475ef4190SMarcel Cornu * 95575ef4190SMarcel Cornu * Prefills the gcm key data with key values for each round and 95675ef4190SMarcel Cornu * the initial sub hash key for tag encoding 95775ef4190SMarcel Cornu * 95875ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 95975ef4190SMarcel Cornu * 96075ef4190SMarcel Cornu * @return Operation status 96175ef4190SMarcel Cornu * @retval 0 on success 96275ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 96375ef4190SMarcel Cornu */ 96475ef4190SMarcel Cornu int 96569a73acfSTomasz Kantecki isal_aes_gcm_pre_256(const void *key, //!< Pointer to key data 9665e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 96775ef4190SMarcel Cornu ); 96875ef4190SMarcel Cornu 96975ef4190SMarcel Cornu /* ---- NT versions ---- */ 97075ef4190SMarcel Cornu /** 97175ef4190SMarcel Cornu * @brief GCM-AES Encryption using 128 bit keys, Non-temporal data 97275ef4190SMarcel Cornu * 97375ef4190SMarcel Cornu * Non-temporal version of encrypt has additional restrictions: 97475ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 97575ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 97675ef4190SMarcel Cornu * 97775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 97875ef4190SMarcel Cornu * 97975ef4190SMarcel Cornu * @return Operation status 98075ef4190SMarcel Cornu * @retval 0 on success 98175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 98275ef4190SMarcel Cornu */ 98375ef4190SMarcel Cornu int 98475ef4190SMarcel Cornu isal_aes_gcm_enc_128_nt( 9855e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 9865e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 98775ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 98875ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 98975ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for encryption 99075ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 99175ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 99275ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 99375ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 99475ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 99575ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 99675ef4190SMarcel Cornu //!< of 4 bytes). 99775ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 99875ef4190SMarcel Cornu ); 99975ef4190SMarcel Cornu 100075ef4190SMarcel Cornu /** 100175ef4190SMarcel Cornu * @brief GCM-AES Encryption using 256 bit keys, Non-temporal data 100275ef4190SMarcel Cornu * 100375ef4190SMarcel Cornu * Non-temporal version of encrypt has additional restrictions: 100475ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 100575ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 100675ef4190SMarcel Cornu * 100775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 100875ef4190SMarcel Cornu * 100975ef4190SMarcel Cornu * @return Operation status 101075ef4190SMarcel Cornu * @retval 0 on success 101175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 101275ef4190SMarcel Cornu */ 101375ef4190SMarcel Cornu int 101475ef4190SMarcel Cornu isal_aes_gcm_enc_256_nt( 10155e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 10165e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 101775ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 101875ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 101975ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for encryption 102075ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 102175ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 102275ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 102375ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 102475ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 102575ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 102675ef4190SMarcel Cornu //!< of 4 bytes). 102775ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 102875ef4190SMarcel Cornu ); 102975ef4190SMarcel Cornu 103075ef4190SMarcel Cornu /** 103175ef4190SMarcel Cornu * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 103275ef4190SMarcel Cornu * 103375ef4190SMarcel Cornu * Non-temporal version of decrypt has additional restrictions: 103475ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 103575ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 103675ef4190SMarcel Cornu * 103775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 103875ef4190SMarcel Cornu * 103975ef4190SMarcel Cornu * @return Operation status 104075ef4190SMarcel Cornu * @retval 0 on success 104175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 104275ef4190SMarcel Cornu */ 104375ef4190SMarcel Cornu int 104475ef4190SMarcel Cornu isal_aes_gcm_dec_128_nt( 10455e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 10465e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 104775ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 104875ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 104975ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for decryption 105075ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 105175ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 105275ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 105375ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 105475ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 105575ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 105675ef4190SMarcel Cornu //!< of 4 bytes). 105775ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 105875ef4190SMarcel Cornu ); 105975ef4190SMarcel Cornu 106075ef4190SMarcel Cornu /** 106175ef4190SMarcel Cornu * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 106275ef4190SMarcel Cornu * 106375ef4190SMarcel Cornu * Non-temporal version of decrypt has additional restrictions: 106475ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 106575ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 106675ef4190SMarcel Cornu * 106775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 106875ef4190SMarcel Cornu * 106975ef4190SMarcel Cornu * @return Operation status 107075ef4190SMarcel Cornu * @retval 0 on success 107175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 107275ef4190SMarcel Cornu */ 107375ef4190SMarcel Cornu int 107475ef4190SMarcel Cornu isal_aes_gcm_dec_256_nt( 10755e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 10765e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 107775ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 107875ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 107975ef4190SMarcel Cornu const uint64_t len, //!< Length of data in Bytes for decryption 108075ef4190SMarcel Cornu const uint8_t *iv, //!< iv pointer to 12 byte IV structure. 108175ef4190SMarcel Cornu //!< Internally, library concates 0x00000001 value to it. 108275ef4190SMarcel Cornu const uint8_t *aad, //!< Additional Authenticated Data (AAD) 108375ef4190SMarcel Cornu const uint64_t aad_len, //!< Length of AAD 108475ef4190SMarcel Cornu uint8_t *auth_tag, //!< Authenticated Tag output 108575ef4190SMarcel Cornu const uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 108675ef4190SMarcel Cornu //!< of 4 bytes). 108775ef4190SMarcel Cornu //!< Valid values are 16 (most likely), 12 or 8 108875ef4190SMarcel Cornu ); 108975ef4190SMarcel Cornu 109075ef4190SMarcel Cornu /** 109175ef4190SMarcel Cornu * @brief Encrypt a block of a AES-128-GCM Encryption message, Non-temporal data 109275ef4190SMarcel Cornu * 109375ef4190SMarcel Cornu * Non-temporal version of encrypt update has additional restrictions: 109475ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 109575ef4190SMarcel Cornu * - All partial input buffers must be a multiple of 64 bytes long except for 109675ef4190SMarcel Cornu * the last input buffer. 109775ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 109875ef4190SMarcel Cornu * 109975ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 110075ef4190SMarcel Cornu * 110175ef4190SMarcel Cornu * @return Operation status 110275ef4190SMarcel Cornu * @retval 0 on success 110375ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 110475ef4190SMarcel Cornu */ 110575ef4190SMarcel Cornu int 110675ef4190SMarcel Cornu isal_aes_gcm_enc_128_update_nt( 11075e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 11085e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 110975ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 111075ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 111175ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for encryption 111275ef4190SMarcel Cornu ); 111375ef4190SMarcel Cornu 111475ef4190SMarcel Cornu /** 111575ef4190SMarcel Cornu * @brief Encrypt a block of a AES-256-GCM Encryption message, Non-temporal data 111675ef4190SMarcel Cornu * 111775ef4190SMarcel Cornu * Non-temporal version of encrypt update has additional restrictions: 111875ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 111975ef4190SMarcel Cornu * - All partial input buffers must be a multiple of 64 bytes long except for 112075ef4190SMarcel Cornu * the last input buffer. 112175ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 112275ef4190SMarcel Cornu * 112375ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 112475ef4190SMarcel Cornu * 112575ef4190SMarcel Cornu * @return Operation status 112675ef4190SMarcel Cornu * @retval 0 on success 112775ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 112875ef4190SMarcel Cornu */ 112975ef4190SMarcel Cornu int 113075ef4190SMarcel Cornu isal_aes_gcm_enc_256_update_nt( 11315e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 11325e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 113375ef4190SMarcel Cornu uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 113475ef4190SMarcel Cornu const uint8_t *in, //!< Plaintext input 113575ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for encryption 113675ef4190SMarcel Cornu ); 113775ef4190SMarcel Cornu 113875ef4190SMarcel Cornu /** 113975ef4190SMarcel Cornu * @brief Decrypt a block of a AES-128-GCM Encryption message, Non-temporal data 114075ef4190SMarcel Cornu * 114175ef4190SMarcel Cornu * Non-temporal version of decrypt update has additional restrictions: 114275ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 114375ef4190SMarcel Cornu * - All partial input buffers must be a multiple of 64 bytes long except for 114475ef4190SMarcel Cornu * the last input buffer. 114575ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 114675ef4190SMarcel Cornu * 114775ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 114875ef4190SMarcel Cornu * 114975ef4190SMarcel Cornu * @return Operation status 115075ef4190SMarcel Cornu * @retval 0 on success 115175ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 115275ef4190SMarcel Cornu */ 115375ef4190SMarcel Cornu int 115475ef4190SMarcel Cornu isal_aes_gcm_dec_128_update_nt( 11555e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 11565e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 115775ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 115875ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 115975ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for decryption 116075ef4190SMarcel Cornu ); 116175ef4190SMarcel Cornu 116275ef4190SMarcel Cornu /** 116375ef4190SMarcel Cornu * @brief Decrypt a block of a AES-256-GCM Encryption message, Non-temporal data 116475ef4190SMarcel Cornu * 116575ef4190SMarcel Cornu * Non-temporal version of decrypt update has additional restrictions: 116675ef4190SMarcel Cornu * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 116775ef4190SMarcel Cornu * - All partial input buffers must be a multiple of 64 bytes long except for 116875ef4190SMarcel Cornu * the last input buffer. 116975ef4190SMarcel Cornu * - In-place encryption/decryption is not recommended. Performance can be slow. 117075ef4190SMarcel Cornu * 117175ef4190SMarcel Cornu * @requires AES extensions and SSE4.1 for x86 or ASIMD for ARM 117275ef4190SMarcel Cornu * 117375ef4190SMarcel Cornu * @return Operation status 117475ef4190SMarcel Cornu * @retval 0 on success 117575ef4190SMarcel Cornu * @retval Non-zero \a ISAL_CRYPTO_ERR on failure 117675ef4190SMarcel Cornu */ 117775ef4190SMarcel Cornu int 117875ef4190SMarcel Cornu isal_aes_gcm_dec_256_update_nt( 11795e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 11805e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 118175ef4190SMarcel Cornu uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 118275ef4190SMarcel Cornu const uint8_t *in, //!< Ciphertext input 118375ef4190SMarcel Cornu const uint64_t len //!< Length of data in Bytes for decryption 118475ef4190SMarcel Cornu ); 118575ef4190SMarcel Cornu 11867dcee0f8SGreg Tucker #ifdef __cplusplus 11877dcee0f8SGreg Tucker } 11887dcee0f8SGreg Tucker #endif //__cplusplus 11897dcee0f8SGreg Tucker #endif // ifndef _AES_GCM_h 1190