propagate aes32esi-using setkey to ctr/gcm

aes256ctrstandalone-rv32/riscv32.c

@@ -18,6 +18,80 @@
 
 #include "new_instructions_support_k.h"
 
+static inline void aes256_Tsetkey_encrypt(const unsigned int key[], unsigned int *aes_edrk) {
+  unsigned int i = 0;
+  unsigned int rotl_aes_edrk;
+  unsigned int tmp8, tmp9, tmp10, tmp11;
+  unsigned int tmp12, tmp13, tmp14, tmp15;
+  unsigned int temp_lds;
+  unsigned int round = 0x00000001;
+
+  tmp8  = (key[0]);
+  aes_edrk[0] = tmp8;
+  tmp9  = (key[1]);
+  aes_edrk[1] = tmp9;
+  tmp10 = (key[2]);
+  aes_edrk[2] = tmp10;
+  tmp11 = (key[3]);
+  aes_edrk[3] = tmp11;
+  tmp12 = (key[4]);
+  aes_edrk[4] = tmp12;
+  tmp13 = (key[5]);
+  aes_edrk[5] = tmp13;
+  tmp14 = (key[6]);
+  aes_edrk[6] = tmp14;
+  tmp15 = (key[7]);
+  aes_edrk[7] = tmp15;
+
+  for( i = 8; i < 56; /* i+=8 */ )
+  {
+	tmp8 = tmp8 ^ round;
+	round = round << 1;
+	rotl_aes_edrk = rotr(tmp15,8);
+	tmp8 = aes32esi0(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi1(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi2(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi3(tmp8, rotl_aes_edrk);
+
+    aes_edrk[i++]   = tmp8;
+    tmp9  = tmp9  ^ tmp8;
+    aes_edrk[i++]   = tmp9;
+    tmp10 = tmp10 ^ tmp9;
+    aes_edrk[i++]  = tmp10;
+    tmp11 = tmp11 ^ tmp10;
+    aes_edrk[i++]  = tmp11;
+
+	tmp12 = aes32esi0(tmp12, tmp11);
+	tmp12 = aes32esi1(tmp12, tmp11);
+	tmp12 = aes32esi2(tmp12, tmp11);
+	tmp12 = aes32esi3(tmp12, tmp11);
+	
+    aes_edrk[i++]  = tmp12;
+    tmp13 = tmp13 ^ tmp12;
+    aes_edrk[i++]  = tmp13;
+    tmp14 = tmp14 ^ tmp13;
+    aes_edrk[i++]  = tmp14;
+    tmp15 = tmp15 ^ tmp14;
+    aes_edrk[i++]  = tmp15;
+  }
+
+  tmp8 = tmp8 ^ round;
+  round = round << 1;
+  rotl_aes_edrk = rotr(tmp15,8);
+  tmp8 = aes32esi0(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi1(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi2(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi3(tmp8, rotl_aes_edrk);
+  
+  aes_edrk[i++]   = tmp8;
+  tmp9  = tmp9  ^ tmp8;
+  aes_edrk[i++]   = tmp9;
+  tmp10 = tmp10 ^ tmp9;
+  aes_edrk[i++]  = tmp10;
+  tmp11 = tmp11 ^ tmp10;
+  aes_edrk[i++]  = tmp11;
+}
+
 #define AES_ROUND1T(TAB,I,X0,X1,X2,X3,Y0,Y1,Y2,Y3)		 \
   {								 \
     X0 = aes32esmi0(TAB[I++],Y0);				 \
@@ -252,7 +326,7 @@ const uint8_t *k
   uint32_t rkeys[64];
   uint64_t n2[2];
   uint64_t i, j;
-  aes256_setkey_encrypt(k, rkeys);
+  aes256_Tsetkey_encrypt(k, rkeys);
   /* n2 is in byte-reversed (i.e., native little endian)
      order to make increment/testing easier */
   n2[1] = _bswap64((*(uint64_t*)&n[8]));

aes256gcmv1standalone-rv32/encrypt.c

@@ -10,6 +10,80 @@
 
 #include "new_instructions_support_k.h"
 
+static inline void aes256_Tsetkey_encrypt(const unsigned int key[], unsigned int *aes_edrk) {
+  unsigned int i = 0;
+  unsigned int rotl_aes_edrk;
+  unsigned int tmp8, tmp9, tmp10, tmp11;
+  unsigned int tmp12, tmp13, tmp14, tmp15;
+  unsigned int temp_lds;
+  unsigned int round = 0x00000001;
+
+  tmp8  = (key[0]);
+  aes_edrk[0] = tmp8;
+  tmp9  = (key[1]);
+  aes_edrk[1] = tmp9;
+  tmp10 = (key[2]);
+  aes_edrk[2] = tmp10;
+  tmp11 = (key[3]);
+  aes_edrk[3] = tmp11;
+  tmp12 = (key[4]);
+  aes_edrk[4] = tmp12;
+  tmp13 = (key[5]);
+  aes_edrk[5] = tmp13;
+  tmp14 = (key[6]);
+  aes_edrk[6] = tmp14;
+  tmp15 = (key[7]);
+  aes_edrk[7] = tmp15;
+
+  for( i = 8; i < 56; /* i+=8 */ )
+  {
+	tmp8 = tmp8 ^ round;
+	round = round << 1;
+	rotl_aes_edrk = rotr(tmp15,8);
+	tmp8 = aes32esi0(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi1(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi2(tmp8, rotl_aes_edrk);
+	tmp8 = aes32esi3(tmp8, rotl_aes_edrk);
+
+    aes_edrk[i++]   = tmp8;
+    tmp9  = tmp9  ^ tmp8;
+    aes_edrk[i++]   = tmp9;
+    tmp10 = tmp10 ^ tmp9;
+    aes_edrk[i++]  = tmp10;
+    tmp11 = tmp11 ^ tmp10;
+    aes_edrk[i++]  = tmp11;
+
+	tmp12 = aes32esi0(tmp12, tmp11);
+	tmp12 = aes32esi1(tmp12, tmp11);
+	tmp12 = aes32esi2(tmp12, tmp11);
+	tmp12 = aes32esi3(tmp12, tmp11);
+	
+    aes_edrk[i++]  = tmp12;
+    tmp13 = tmp13 ^ tmp12;
+    aes_edrk[i++]  = tmp13;
+    tmp14 = tmp14 ^ tmp13;
+    aes_edrk[i++]  = tmp14;
+    tmp15 = tmp15 ^ tmp14;
+    aes_edrk[i++]  = tmp15;
+  }
+
+  tmp8 = tmp8 ^ round;
+  round = round << 1;
+  rotl_aes_edrk = rotr(tmp15,8);
+  tmp8 = aes32esi0(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi1(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi2(tmp8, rotl_aes_edrk);
+  tmp8 = aes32esi3(tmp8, rotl_aes_edrk);
+  
+  aes_edrk[i++]   = tmp8;
+  tmp9  = tmp9  ^ tmp8;
+  aes_edrk[i++]   = tmp9;
+  tmp10 = tmp10 ^ tmp9;
+  aes_edrk[i++]  = tmp10;
+  tmp11 = tmp11 ^ tmp10;
+  aes_edrk[i++]  = tmp11;
+}
+
 #define AES_ROUND1T(TAB,I,X0,X1,X2,X3,Y0,Y1,Y2,Y3)		 \
   {								 \
     X0 = aes32esmi0(TAB[I++],Y0);				 \
@@ -443,7 +517,7 @@ int crypto_aead_encrypt(
   unsigned char T[16];
   unsigned char accum[16];
   unsigned char fb[16];
-  aes256_setkey_encrypt(k, rkeys);
+  aes256_Tsetkey_encrypt(k, rkeys);
   for (i = 0;i < 12;i++) n2[i] = npub[i];
   for (i = 12; i < 16;i++) n2[i] = 0;
   memset(accum, 0, 16);
@@ -522,7 +596,7 @@ int crypto_aead_decrypt(
   unsigned char T[16];
   unsigned char accum[16];
   unsigned char fb[16];
-  aes256_setkey_encrypt(k, rkeys);
+  aes256_Tsetkey_encrypt(k, rkeys);
   for (i = 0;i < 12;i++) n2[i] = npub[i];
   for (i = 12; i < 16;i++) n2[i] = 0;
   memset(accum, 0, 16);