169a73acfSTomasz Kantecki /********************************************************************** 269a73acfSTomasz Kantecki Copyright(c) 2024 Intel Corporation All rights reserved. 369a73acfSTomasz Kantecki 469a73acfSTomasz Kantecki Redistribution and use in source and binary forms, with or without 569a73acfSTomasz Kantecki modification, are permitted provided that the following conditions 669a73acfSTomasz Kantecki are met: 769a73acfSTomasz Kantecki * Redistributions of source code must retain the above copyright 869a73acfSTomasz Kantecki notice, this list of conditions and the following disclaimer. 969a73acfSTomasz Kantecki * Redistributions in binary form must reproduce the above copyright 1069a73acfSTomasz Kantecki notice, this list of conditions and the following disclaimer in 1169a73acfSTomasz Kantecki the documentation and/or other materials provided with the 1269a73acfSTomasz Kantecki distribution. 1369a73acfSTomasz Kantecki * Neither the name of Intel Corporation nor the names of its 1469a73acfSTomasz Kantecki contributors may be used to endorse or promote products derived 1569a73acfSTomasz Kantecki from this software without specific prior written permission. 1669a73acfSTomasz Kantecki 1769a73acfSTomasz Kantecki THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 1869a73acfSTomasz Kantecki "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 1969a73acfSTomasz Kantecki LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 2069a73acfSTomasz Kantecki A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 2169a73acfSTomasz Kantecki OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 2269a73acfSTomasz Kantecki SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 2369a73acfSTomasz Kantecki LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2469a73acfSTomasz Kantecki DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2569a73acfSTomasz Kantecki THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2669a73acfSTomasz Kantecki (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 2769a73acfSTomasz Kantecki OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2869a73acfSTomasz Kantecki **********************************************************************/ 2969a73acfSTomasz Kantecki 3069a73acfSTomasz Kantecki /** 3169a73acfSTomasz Kantecki * @file aes_gcm_internal.h 3269a73acfSTomasz Kantecki * @brief AES GCM encryption/decryption internal function prototypes. 3369a73acfSTomasz Kantecki * 3469a73acfSTomasz Kantecki */ 3569a73acfSTomasz Kantecki 3669a73acfSTomasz Kantecki #ifndef _AES_GCM_INTERNAL_h 3769a73acfSTomasz Kantecki #define _AES_GCM_INTERNAL_h 3869a73acfSTomasz Kantecki 3969a73acfSTomasz Kantecki #include <stdint.h> 4069a73acfSTomasz Kantecki 4169a73acfSTomasz Kantecki #ifdef __cplusplus 4269a73acfSTomasz Kantecki extern "C" { 4369a73acfSTomasz Kantecki #endif 4469a73acfSTomasz Kantecki 4569a73acfSTomasz Kantecki /** 4669a73acfSTomasz Kantecki * @brief GCM-AES Encryption using 128 bit keys 4769a73acfSTomasz Kantecki * 4869a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 4969a73acfSTomasz Kantecki */ 5069a73acfSTomasz Kantecki void 51*5e6526eeSMarcel Cornu _aes_gcm_enc_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 52*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 5369a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 5469a73acfSTomasz Kantecki uint8_t const *in, //!< Plaintext input 5569a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for encryption 5669a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 5769a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 5869a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 5969a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 6069a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 6169a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 6269a73acfSTomasz Kantecki //!< 4 bytes). 6369a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 6469a73acfSTomasz Kantecki ); 6569a73acfSTomasz Kantecki 6669a73acfSTomasz Kantecki /** 6769a73acfSTomasz Kantecki * @brief GCM-AES Encryption using 256 bit keys 6869a73acfSTomasz Kantecki * 6969a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 7069a73acfSTomasz Kantecki */ 7169a73acfSTomasz Kantecki void 72*5e6526eeSMarcel Cornu _aes_gcm_enc_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 73*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 7469a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 7569a73acfSTomasz Kantecki uint8_t const *in, //!< Plaintext input 7669a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for encryption 7769a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 7869a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 7969a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 8069a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 8169a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 8269a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 8369a73acfSTomasz Kantecki //!< 4 bytes). 8469a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 8569a73acfSTomasz Kantecki ); 8669a73acfSTomasz Kantecki 8769a73acfSTomasz Kantecki /** 8869a73acfSTomasz Kantecki * @brief GCM-AES Decryption using 128 bit keys 8969a73acfSTomasz Kantecki * 9069a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 9169a73acfSTomasz Kantecki */ 9269a73acfSTomasz Kantecki void 93*5e6526eeSMarcel Cornu _aes_gcm_dec_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 94*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 9569a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 9669a73acfSTomasz Kantecki uint8_t const *in, //!< Ciphertext input 9769a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for decryption 9869a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 9969a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 10069a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 10169a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 10269a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 10369a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 10469a73acfSTomasz Kantecki //!< 4 bytes). 10569a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 10669a73acfSTomasz Kantecki ); 10769a73acfSTomasz Kantecki 10869a73acfSTomasz Kantecki /** 10969a73acfSTomasz Kantecki * @brief GCM-AES Decryption using 128 bit keys 11069a73acfSTomasz Kantecki * 11169a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 11269a73acfSTomasz Kantecki */ 11369a73acfSTomasz Kantecki void 114*5e6526eeSMarcel Cornu _aes_gcm_dec_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 115*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 11669a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 11769a73acfSTomasz Kantecki uint8_t const *in, //!< Ciphertext input 11869a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for decryption 11969a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 12069a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 12169a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 12269a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 12369a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 12469a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple of 12569a73acfSTomasz Kantecki //!< 4 bytes). 12669a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 12769a73acfSTomasz Kantecki ); 12869a73acfSTomasz Kantecki 12969a73acfSTomasz Kantecki /** 13069a73acfSTomasz Kantecki * @brief Start a AES-GCM Encryption message 128 bit key 13169a73acfSTomasz Kantecki * 13269a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 13369a73acfSTomasz Kantecki */ 13469a73acfSTomasz Kantecki void 135*5e6526eeSMarcel Cornu _aes_gcm_init_128(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 136*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 13769a73acfSTomasz Kantecki uint8_t *iv, //!< Pointer to 12 byte IV structure 13869a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it 13969a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 14069a73acfSTomasz Kantecki uint64_t aad_len //!< Length of AAD 14169a73acfSTomasz Kantecki ); 14269a73acfSTomasz Kantecki 14369a73acfSTomasz Kantecki /** 14469a73acfSTomasz Kantecki * @brief Start a AES-GCM Encryption message 256 bit key 14569a73acfSTomasz Kantecki * 14669a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 14769a73acfSTomasz Kantecki */ 14869a73acfSTomasz Kantecki void 149*5e6526eeSMarcel Cornu _aes_gcm_init_256(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 150*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 15169a73acfSTomasz Kantecki uint8_t *iv, //!< Pointer to 12 byte IV structure 15269a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it 15369a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 15469a73acfSTomasz Kantecki uint64_t aad_len //!< Length of AAD 15569a73acfSTomasz Kantecki ); 15669a73acfSTomasz Kantecki 15769a73acfSTomasz Kantecki /** 15869a73acfSTomasz Kantecki * @brief Encrypt a block of a AES-128-GCM Encryption message 15969a73acfSTomasz Kantecki * 16069a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 16169a73acfSTomasz Kantecki */ 16269a73acfSTomasz Kantecki void 163*5e6526eeSMarcel Cornu _aes_gcm_enc_128_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 164*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 16569a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 16669a73acfSTomasz Kantecki const uint8_t *in, //!< Plaintext input 16769a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for encryption 16869a73acfSTomasz Kantecki ); 16969a73acfSTomasz Kantecki 17069a73acfSTomasz Kantecki /** 17169a73acfSTomasz Kantecki * @brief Encrypt a block of a AES-256-GCM Encryption message 17269a73acfSTomasz Kantecki * 17369a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 17469a73acfSTomasz Kantecki */ 17569a73acfSTomasz Kantecki void 176*5e6526eeSMarcel Cornu _aes_gcm_enc_256_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 177*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 17869a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 17969a73acfSTomasz Kantecki const uint8_t *in, //!< Plaintext input 18069a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for encryption 18169a73acfSTomasz Kantecki ); 18269a73acfSTomasz Kantecki 18369a73acfSTomasz Kantecki /** 18469a73acfSTomasz Kantecki * @brief Decrypt a block of a AES-128-GCM Encryption message 18569a73acfSTomasz Kantecki * 18669a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 18769a73acfSTomasz Kantecki */ 18869a73acfSTomasz Kantecki void 189*5e6526eeSMarcel Cornu _aes_gcm_dec_128_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 190*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 19169a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 19269a73acfSTomasz Kantecki const uint8_t *in, //!< Ciphertext input 19369a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for decryption 19469a73acfSTomasz Kantecki ); 19569a73acfSTomasz Kantecki 19669a73acfSTomasz Kantecki /** 19769a73acfSTomasz Kantecki * @brief Decrypt a block of a AES-256-GCM Encryption message 19869a73acfSTomasz Kantecki * 19969a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 20069a73acfSTomasz Kantecki */ 20169a73acfSTomasz Kantecki void 202*5e6526eeSMarcel Cornu _aes_gcm_dec_256_update(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 203*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 20469a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 20569a73acfSTomasz Kantecki const uint8_t *in, //!< Ciphertext input 20669a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for decryption 20769a73acfSTomasz Kantecki ); 20869a73acfSTomasz Kantecki 20969a73acfSTomasz Kantecki /** 21069a73acfSTomasz Kantecki * @brief End encryption of a AES-128-GCM Encryption message 21169a73acfSTomasz Kantecki * 21269a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 21369a73acfSTomasz Kantecki */ 21469a73acfSTomasz Kantecki void 215*5e6526eeSMarcel Cornu _aes_gcm_enc_128_finalize( 216*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 217*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 21869a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 21969a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 22069a73acfSTomasz Kantecki //!< multiple of 4 bytes). 22169a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 22269a73acfSTomasz Kantecki ); 22369a73acfSTomasz Kantecki 22469a73acfSTomasz Kantecki /** 22569a73acfSTomasz Kantecki * @brief End encryption of a AES-256-GCM Encryption message 22669a73acfSTomasz Kantecki * 22769a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 22869a73acfSTomasz Kantecki */ 22969a73acfSTomasz Kantecki void 230*5e6526eeSMarcel Cornu _aes_gcm_enc_256_finalize( 231*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 232*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 23369a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 23469a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 23569a73acfSTomasz Kantecki //!< multiple of 4 bytes). 23669a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 23769a73acfSTomasz Kantecki ); 23869a73acfSTomasz Kantecki 23969a73acfSTomasz Kantecki /** 24069a73acfSTomasz Kantecki * @brief End decryption of a AES-128-GCM Encryption message 24169a73acfSTomasz Kantecki * 24269a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 24369a73acfSTomasz Kantecki */ 24469a73acfSTomasz Kantecki void 245*5e6526eeSMarcel Cornu _aes_gcm_dec_128_finalize( 246*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 247*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 24869a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 24969a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 25069a73acfSTomasz Kantecki //!< multiple of 4 bytes). 25169a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 25269a73acfSTomasz Kantecki ); 25369a73acfSTomasz Kantecki 25469a73acfSTomasz Kantecki /** 25569a73acfSTomasz Kantecki * @brief End decryption of a AES-256-GCM Encryption message 25669a73acfSTomasz Kantecki * 25769a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 25869a73acfSTomasz Kantecki */ 25969a73acfSTomasz Kantecki void 260*5e6526eeSMarcel Cornu _aes_gcm_dec_256_finalize( 261*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 262*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 26369a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 26469a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a 26569a73acfSTomasz Kantecki //!< multiple of 4 bytes). 26669a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 26769a73acfSTomasz Kantecki ); 26869a73acfSTomasz Kantecki 26969a73acfSTomasz Kantecki /** 27069a73acfSTomasz Kantecki * @brief Pre-processes GCM key data 128 bit 27169a73acfSTomasz Kantecki * 27269a73acfSTomasz Kantecki * Prefills the gcm key data with key values for each round and 27369a73acfSTomasz Kantecki * the initial sub hash key for tag encoding 27469a73acfSTomasz Kantecki * 27569a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 27669a73acfSTomasz Kantecki */ 27769a73acfSTomasz Kantecki void 27869a73acfSTomasz Kantecki _aes_gcm_pre_128(const void *key, //!< Pointer to key data 279*5e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 28069a73acfSTomasz Kantecki ); 28169a73acfSTomasz Kantecki 28269a73acfSTomasz Kantecki /** 28369a73acfSTomasz Kantecki * @brief Pre-processes GCM key data 128 bit 28469a73acfSTomasz Kantecki * 28569a73acfSTomasz Kantecki * Prefills the gcm key data with key values for each round and 28669a73acfSTomasz Kantecki * the initial sub hash key for tag encoding 28769a73acfSTomasz Kantecki * 28869a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 28969a73acfSTomasz Kantecki */ 29069a73acfSTomasz Kantecki void 29169a73acfSTomasz Kantecki _aes_gcm_pre_256(const void *key, //!< Pointer to key data 292*5e6526eeSMarcel Cornu struct isal_gcm_key_data *key_data //!< GCM expanded key data 29369a73acfSTomasz Kantecki ); 29469a73acfSTomasz Kantecki 29569a73acfSTomasz Kantecki /* ---- NT versions ---- */ 29669a73acfSTomasz Kantecki /** 29769a73acfSTomasz Kantecki * @brief GCM-AES Encryption using 128 bit keys, Non-temporal data 29869a73acfSTomasz Kantecki * 29969a73acfSTomasz Kantecki * Non-temporal version of encrypt has additional restrictions: 30069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 30169a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 30269a73acfSTomasz Kantecki * 30369a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 30469a73acfSTomasz Kantecki */ 30569a73acfSTomasz Kantecki void 306*5e6526eeSMarcel Cornu _aes_gcm_enc_128_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 307*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 30869a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 30969a73acfSTomasz Kantecki uint8_t const *in, //!< Plaintext input 31069a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for encryption 31169a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 31269a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 31369a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 31469a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 31569a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 31669a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 31769a73acfSTomasz Kantecki //!< of 4 bytes). 31869a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 31969a73acfSTomasz Kantecki ); 32069a73acfSTomasz Kantecki 32169a73acfSTomasz Kantecki /** 32269a73acfSTomasz Kantecki * @brief GCM-AES Encryption using 256 bit keys, Non-temporal data 32369a73acfSTomasz Kantecki * 32469a73acfSTomasz Kantecki * Non-temporal version of encrypt has additional restrictions: 32569a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 32669a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 32769a73acfSTomasz Kantecki * 32869a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 32969a73acfSTomasz Kantecki */ 33069a73acfSTomasz Kantecki void 331*5e6526eeSMarcel Cornu _aes_gcm_enc_256_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 332*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 33369a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed 33469a73acfSTomasz Kantecki uint8_t const *in, //!< Plaintext input 33569a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for encryption 33669a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 33769a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 33869a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 33969a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 34069a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 34169a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 34269a73acfSTomasz Kantecki //!< of 4 bytes). 34369a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 34469a73acfSTomasz Kantecki ); 34569a73acfSTomasz Kantecki 34669a73acfSTomasz Kantecki /** 34769a73acfSTomasz Kantecki * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 34869a73acfSTomasz Kantecki * 34969a73acfSTomasz Kantecki * Non-temporal version of decrypt has additional restrictions: 35069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 35169a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 35269a73acfSTomasz Kantecki * 35369a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 35469a73acfSTomasz Kantecki */ 35569a73acfSTomasz Kantecki void 356*5e6526eeSMarcel Cornu _aes_gcm_dec_128_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 357*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 35869a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 35969a73acfSTomasz Kantecki uint8_t const *in, //!< Ciphertext input 36069a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for decryption 36169a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 36269a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 36369a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 36469a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 36569a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 36669a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 36769a73acfSTomasz Kantecki //!< of 4 bytes). 36869a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 36969a73acfSTomasz Kantecki ); 37069a73acfSTomasz Kantecki 37169a73acfSTomasz Kantecki /** 37269a73acfSTomasz Kantecki * @brief GCM-AES Decryption using 128 bit keys, Non-temporal data 37369a73acfSTomasz Kantecki * 37469a73acfSTomasz Kantecki * Non-temporal version of decrypt has additional restrictions: 37569a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 37669a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 37769a73acfSTomasz Kantecki * 37869a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 37969a73acfSTomasz Kantecki */ 38069a73acfSTomasz Kantecki void 381*5e6526eeSMarcel Cornu _aes_gcm_dec_256_nt(const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 382*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 38369a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed 38469a73acfSTomasz Kantecki uint8_t const *in, //!< Ciphertext input 38569a73acfSTomasz Kantecki uint64_t len, //!< Length of data in Bytes for decryption 38669a73acfSTomasz Kantecki uint8_t *iv, //!< iv pointer to 12 byte IV structure. 38769a73acfSTomasz Kantecki //!< Internally, library concates 0x00000001 value to it. 38869a73acfSTomasz Kantecki uint8_t const *aad, //!< Additional Authentication Data (AAD) 38969a73acfSTomasz Kantecki uint64_t aad_len, //!< Length of AAD 39069a73acfSTomasz Kantecki uint8_t *auth_tag, //!< Authenticated Tag output 39169a73acfSTomasz Kantecki uint64_t auth_tag_len //!< Authenticated Tag Length in bytes (must be a multiple 39269a73acfSTomasz Kantecki //!< of 4 bytes). 39369a73acfSTomasz Kantecki //!< Valid values are 16 (most likely), 12 or 8 39469a73acfSTomasz Kantecki ); 39569a73acfSTomasz Kantecki 39669a73acfSTomasz Kantecki /** 39769a73acfSTomasz Kantecki * @brief Encrypt a block of a AES-128-GCM Encryption message, Non-temporal data 39869a73acfSTomasz Kantecki * 39969a73acfSTomasz Kantecki * Non-temporal version of encrypt update has additional restrictions: 40069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 40169a73acfSTomasz Kantecki * - All partial input buffers must be a multiple of 64 bytes long except for 40269a73acfSTomasz Kantecki * the last input buffer. 40369a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 40469a73acfSTomasz Kantecki * 40569a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 40669a73acfSTomasz Kantecki */ 40769a73acfSTomasz Kantecki void 408*5e6526eeSMarcel Cornu _aes_gcm_enc_128_update_nt( 409*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 410*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 41169a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 41269a73acfSTomasz Kantecki const uint8_t *in, //!< Plaintext input 41369a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for encryption 41469a73acfSTomasz Kantecki ); 41569a73acfSTomasz Kantecki 41669a73acfSTomasz Kantecki /** 41769a73acfSTomasz Kantecki * @brief Encrypt a block of a AES-256-GCM Encryption message, Non-temporal data 41869a73acfSTomasz Kantecki * 41969a73acfSTomasz Kantecki * Non-temporal version of encrypt update has additional restrictions: 42069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 42169a73acfSTomasz Kantecki * - All partial input buffers must be a multiple of 64 bytes long except for 42269a73acfSTomasz Kantecki * the last input buffer. 42369a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 42469a73acfSTomasz Kantecki * 42569a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 42669a73acfSTomasz Kantecki */ 42769a73acfSTomasz Kantecki void 428*5e6526eeSMarcel Cornu _aes_gcm_enc_256_update_nt( 429*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 430*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 43169a73acfSTomasz Kantecki uint8_t *out, //!< Ciphertext output. Encrypt in-place is allowed. 43269a73acfSTomasz Kantecki const uint8_t *in, //!< Plaintext input 43369a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for encryption 43469a73acfSTomasz Kantecki ); 43569a73acfSTomasz Kantecki 43669a73acfSTomasz Kantecki /** 43769a73acfSTomasz Kantecki * @brief Decrypt a block of a AES-128-GCM Encryption message, Non-temporal data 43869a73acfSTomasz Kantecki * 43969a73acfSTomasz Kantecki * Non-temporal version of decrypt update has additional restrictions: 44069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 44169a73acfSTomasz Kantecki * - All partial input buffers must be a multiple of 64 bytes long except for 44269a73acfSTomasz Kantecki * the last input buffer. 44369a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 44469a73acfSTomasz Kantecki * 44569a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 44669a73acfSTomasz Kantecki */ 44769a73acfSTomasz Kantecki void 448*5e6526eeSMarcel Cornu _aes_gcm_dec_128_update_nt( 449*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 450*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 45169a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 45269a73acfSTomasz Kantecki const uint8_t *in, //!< Ciphertext input 45369a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for decryption 45469a73acfSTomasz Kantecki ); 45569a73acfSTomasz Kantecki 45669a73acfSTomasz Kantecki /** 45769a73acfSTomasz Kantecki * @brief Decrypt a block of a AES-256-GCM Encryption message, Non-temporal data 45869a73acfSTomasz Kantecki * 45969a73acfSTomasz Kantecki * Non-temporal version of decrypt update has additional restrictions: 46069a73acfSTomasz Kantecki * - The plaintext and ciphertext buffers must be aligned on a 64 byte boundary. 46169a73acfSTomasz Kantecki * - All partial input buffers must be a multiple of 64 bytes long except for 46269a73acfSTomasz Kantecki * the last input buffer. 46369a73acfSTomasz Kantecki * - In-place encryption/decryption is not recommended. Performance can be slow. 46469a73acfSTomasz Kantecki * 46569a73acfSTomasz Kantecki * @requires SSE4.1 and AESNI 46669a73acfSTomasz Kantecki */ 46769a73acfSTomasz Kantecki void 468*5e6526eeSMarcel Cornu _aes_gcm_dec_256_update_nt( 469*5e6526eeSMarcel Cornu const struct isal_gcm_key_data *key_data, //!< GCM expanded key data 470*5e6526eeSMarcel Cornu struct isal_gcm_context_data *context_data, //!< GCM operation context data 47169a73acfSTomasz Kantecki uint8_t *out, //!< Plaintext output. Decrypt in-place is allowed. 47269a73acfSTomasz Kantecki const uint8_t *in, //!< Ciphertext input 47369a73acfSTomasz Kantecki uint64_t len //!< Length of data in Bytes for decryption 47469a73acfSTomasz Kantecki ); 47569a73acfSTomasz Kantecki 47669a73acfSTomasz Kantecki void 477*5e6526eeSMarcel Cornu _aes_gcm_precomp_128(struct isal_gcm_key_data *key_data); 47869a73acfSTomasz Kantecki 47969a73acfSTomasz Kantecki void 480*5e6526eeSMarcel Cornu _aes_gcm_precomp_256(struct isal_gcm_key_data *key_data); 48169a73acfSTomasz Kantecki 48269a73acfSTomasz Kantecki #ifdef __cplusplus 48369a73acfSTomasz Kantecki } 48469a73acfSTomasz Kantecki #endif //__cplusplus 48569a73acfSTomasz Kantecki #endif // ifndef _AES_GCM_INTERNAL_h 486