Add AES-NI

.github/workflows/main.yml

@@ -38,6 +38,7 @@ jobs:
           - { BUILDNAME: 'VALGRIND',             BUILDOPTIONS: '',                                                    BUILDSCRIPT: '.ci/valgrind.sh' }
           - { BUILDNAME: 'STOCK',                BUILDOPTIONS: '',                                                    BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'STOCK-MPI',            BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM',           BUILDSCRIPT: '.ci/run.sh' }
+          - { BUILDNAME: 'STOCK+AESNI',          BUILDOPTIONS: '-msse4.1 -maes',                                      BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'EASY',                 BUILDOPTIONS: '-DLTC_EASY',                                          BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'SMALL',                BUILDOPTIONS: '-DLTC_SMALL_CODE',                                    BUILDSCRIPT: '.ci/run.sh' }
           - { BUILDNAME: 'NOTABLES',             BUILDOPTIONS: '-DLTC_NO_TABLES',                                     BUILDSCRIPT: '.ci/run.sh' }

doc/crypt.tex

@@ -614,6 +614,10 @@ \subsection{Simple Encryption Demonstration}
      \hline SAFER+ & saferp\_desc &16 & 16, 24, 32 & 8, 12, 16 & 4 \\
      \hline AES & aes\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\
                 & aes\_enc\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\
+                & rijndael\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\
+                & rijndael\_enc\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\
+     \hline AES & aesni\_desc & 16 & 16, 24, 32 & 10, 12, 14 & 6 \\
+            (only on x86 with SSE4.1) &&&&& \\
      \hline Twofish & twofish\_desc & 16 & 16, 24, 32 & 16 & 7 \\
      \hline DES & des\_desc & 8 & 8 & 16 & 13 \\
      \hline 3DES (EDE mode) & des3\_desc & 8 & 16, 24 & 16 & 14 \\
@@ -639,24 +643,30 @@ \subsection{Notes}
 \begin{small}
 \begin{enumerate}
 \item
-For AES, (also known as Rijndael) there are four descriptors which complicate issues a little.  The descriptors
-rijndael\_desc and rijndael\_enc\_desc provide the cipher named \textit{rijndael}.  The descriptors aes\_desc and
-aes\_enc\_desc provide the cipher name \textit{aes}.  Functionally both \textit{rijndael} and \textit{aes} are the same cipher.  The
+For AES, (also known as Rijndael) there are multiple descriptors which complicate issues a little.  As of FIXME-version-next
+the library also integrates hardware-accelerated AES operations (e.g. AES-NI on amd64 with SSE4.1).  Therefor the functionality of
+the descriptors for the AES algorithm has changed.  The rijndael\_desc and rijndael\_enc\_desc descriptors provide the cipher
+named \textit{rijndael} which contains the software implementation of the algorithm.  The descriptors aes\_desc and aes\_enc\_desc
+provide the cipher named \textit{aes} and implement an auto-detection mechanism that chooses between the software-only \textit{rijndael}
+and the hardware-accelerated implementation.
+
+Functionally both \textit{rijndael} and \textit{aes} are the same cipher.  The
 only difference is when you call find\_cipher() you have to pass the correct name.  The cipher descriptors with \textit{enc}
 in the middle (e.g. rijndael\_enc\_desc) are related to an implementation of Rijndael with only the encryption routine
 and tables.  The decryption and self--test function pointers of both \textit{encrypt only} descriptors are set to \textbf{NULL} and
 should not be called.
 
 The \textit{encrypt only} descriptors are useful for applications that only use the encryption function of the cipher.  Algorithms such
-as EAX, PMAC and OMAC only require the encryption function.  So far this \textit{encrypt only} functionality has only been implemented for
-Rijndael as it makes the most sense for this cipher.
+as EAX, PMAC and OMAC or the CTR mode only require the encryption function.  So far this \textit{encrypt only} functionality has only
+been implemented for Rijndael as it makes the most sense for this cipher.
 
 \item
 Note that for \textit{DES} and \textit{3DES} they use 8 and 24 byte keys but only 7 and 21 [respectively] bytes of the keys are in
 fact used for the purposes of encryption.  My suggestion is just to use random 8/24 byte keys instead of trying to make a 8/24
 byte string from the real 7/21 byte key.
 
-For \textit{3DES} exists a two-key mode, that can be initialized by calling the setup function with a \textit{keylen} of 16. This results in the re-usage of key \textit{K1} as key \textit{K3}. This mode has been specified as \textit{Keying Option 2} in FIPS 46-3.
+For \textit{3DES} exists a two-key mode, that can be initialized by calling the setup function with a \textit{keylen} of 16.
+This results in the re-usage of key \textit{K1} as key \textit{K3}. This mode has been specified as \textit{Keying Option 2} in FIPS 46-3.
 
 \item
 Note that \textit{Twofish} has additional configuration options (Figure \ref{fig:twofishopts}) that take place at build time.  These options are found in

helper.pl

@@ -316,7 +316,7 @@ sub process_makefiles {
   my @t = qw();
   find({ no_chdir => 1, wanted => sub { push @t, $_ if $_ =~ /(common|no_prng|_tests?|test).c$/ } }, 'tests');
 
-  my @o = sort ('src/ciphers/aes/aes_enc.o', map { my $x = $_; $x =~ s/\.c$/.o/; $x } @c);
+  my @o = sort ('src/ciphers/aes/aes_enc.o', 'src/ciphers/aes/aes_enc_desc.o', map { my $x = $_; $x =~ s/\.c$/.o/; $x } @c);
   my $var_o = prepare_variable("OBJECTS", @o);
   my $var_h = prepare_variable("HEADERS_PUB", (sort @h));
   (my $var_obj = $var_o) =~ s/\.o\b/.obj/sg;

libtomcrypt_VS2008.vcproj

@@ -410,6 +410,10 @@
 					RelativePath="src\ciphers\aes\aes.c"
 					>
 				</File>
+				<File
+					RelativePath="src\ciphers\aes\aes_desc.c"
+					>
+				</File>
 				<File
 					RelativePath="src\ciphers\aes\aes_tab.c"
 					>
@@ -454,6 +458,10 @@
 						/>
 					</FileConfiguration>
 				</File>
+				<File
+					RelativePath="src\ciphers\aes\aesni.c"
+					>
+				</File>
 			</Filter>
 			<Filter
 				Name="safer"

makefile

@@ -46,6 +46,11 @@ LTC_EXTRALIBS += $(EXTRALIBS)
 
 #AES comes in two flavours... enc+dec and enc
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
+ifneq ($V,1)
+	@echo "   * ${CC} $@" ${silent_echo}
+endif
+	${silent} ${CC} ${LTC_CFLAGS} -DENCRYPT_ONLY -c $< -o $@
+src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes_desc.c
 ifneq ($V,1)
 	@echo "   * ${CC} $@" ${silent_echo}
 endif

makefile.mingw

@@ -35,7 +35,8 @@ LIBMAIN_I =libtomcrypt.dll.a
 LIBMAIN_D =libtomcrypt.dll
 
 #List of objects to compile (all goes to libtomcrypt.a)
-OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
+OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_desc.o src/ciphers/aes/aes_enc.o \
+src/ciphers/aes/aes_enc_desc.o src/ciphers/aes/aesni.o src/ciphers/anubis.o src/ciphers/blowfish.o \
 src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
 src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
 src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
@@ -246,6 +247,8 @@ default: $(LIBMAIN_S)
 #SPECIAL: AES comes in two flavours - enc+dec and enc-only
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 	$(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.o
+src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes.c
+	$(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o
 
 #SPECIAL: these are the rules to make certain object files
 src/ciphers/aes/aes.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c

makefile.msvc

@@ -28,7 +28,8 @@ VERSION=1.18.2-develop
 LIBMAIN_S =tomcrypt.lib
 
 #List of objects to compile (all goes to tomcrypt.lib)
-OBJECTS=src/ciphers/aes/aes.obj src/ciphers/aes/aes_enc.obj src/ciphers/anubis.obj src/ciphers/blowfish.obj \
+OBJECTS=src/ciphers/aes/aes.obj src/ciphers/aes/aes_desc.obj src/ciphers/aes/aes_enc.obj \
+src/ciphers/aes/aes_enc_desc.obj src/ciphers/aes/aesni.obj src/ciphers/anubis.obj src/ciphers/blowfish.obj \
 src/ciphers/camellia.obj src/ciphers/cast5.obj src/ciphers/des.obj src/ciphers/idea.obj src/ciphers/kasumi.obj \
 src/ciphers/khazad.obj src/ciphers/kseed.obj src/ciphers/multi2.obj src/ciphers/noekeon.obj src/ciphers/rc2.obj \
 src/ciphers/rc5.obj src/ciphers/rc6.obj src/ciphers/safer/safer.obj src/ciphers/safer/saferp.obj \
@@ -239,6 +240,8 @@ default: $(LIBMAIN_S)
 #SPECIAL: AES comes in two flavours - enc+dec and enc-only
 src/ciphers/aes/aes_enc.obj: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 	$(CC) $(LTC_CFLAGS) /DENCRYPT_ONLY /c src/ciphers/aes/aes.c /Fosrc/ciphers/aes/aes_enc.obj
+src/ciphers/aes/aes_enc_desc.obj: src/ciphers/aes/aes_desc.c
+	$(CC) $(LTC_CFLAGS) /DENCRYPT_ONLY /c src/ciphers/aes/aes_desc.c /Fosrc/ciphers/aes/aes_enc_desc.obj
 
 #SPECIAL: these are the rules to make certain object files
 src/ciphers/aes/aes.obj: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c

makefile.shared

@@ -70,6 +70,8 @@ endif
 #ciphers come in two flavours... enc+dec and enc
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 	$(LTCOMPILE) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.o
+src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes_desc.c
+	$(LTCOMPILE) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o
 
 .c.o:
 	$(LTCOMPILE) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -o $@ -c $<

makefile.unix

@@ -45,7 +45,8 @@ VERSION=1.18.2-develop
 LIBMAIN_S =libtomcrypt.a
 
 #List of objects to compile (all goes to libtomcrypt.a)
-OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
+OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_desc.o src/ciphers/aes/aes_enc.o \
+src/ciphers/aes/aes_enc_desc.o src/ciphers/aes/aesni.o src/ciphers/anubis.o src/ciphers/blowfish.o \
 src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
 src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
 src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
@@ -256,6 +257,8 @@ default: $(LIBMAIN_S)
 #SPECIAL: AES comes in two flavours - enc+dec and enc-only
 src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
 	$(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes.c -o src/ciphers/aes/aes_enc.o
+src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes_desc.c
+	$(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o
 
 #SPECIAL: these are the rules to make certain object files
 src/ciphers/aes/aes.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c

makefile_include.mk

@@ -126,7 +126,8 @@ endif # LTC_SMALL
 
 ifneq ($(findstring clang,$(CC)),)
 LTC_CFLAGS += -Wno-typedef-redefinition -Wno-tautological-compare -Wno-builtin-requires-header
-LTC_CFLAGS += -Wno-missing-field-initializers -Wno-missing-braces -Wno-incomplete-setjmp-declaration
+LTC_CFLAGS += -Wno-missing-field-initializers -Wno-missing-braces -Wno-incomplete-setjmp-declaration -Wno-cast-align
+LTC_CFLAGS += -Wno-declaration-after-statement
 endif
 ifneq ($(findstring mingw,$(CC)),)
 LTC_CFLAGS += -Wno-shadow -Wno-attributes
@@ -212,7 +213,8 @@ library: $(call print-help,library,Builds the library) $(LIBNAME)
 
 
 # List of objects to compile (all goes to libtomcrypt.a)
-OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_enc.o src/ciphers/anubis.o src/ciphers/blowfish.o \
+OBJECTS=src/ciphers/aes/aes.o src/ciphers/aes/aes_desc.o src/ciphers/aes/aes_enc.o \
+src/ciphers/aes/aes_enc_desc.o src/ciphers/aes/aesni.o src/ciphers/anubis.o src/ciphers/blowfish.o \
 src/ciphers/camellia.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/idea.o src/ciphers/kasumi.o \
 src/ciphers/khazad.o src/ciphers/kseed.o src/ciphers/multi2.o src/ciphers/noekeon.o src/ciphers/rc2.o \
 src/ciphers/rc5.o src/ciphers/rc6.o src/ciphers/safer/safer.o src/ciphers/safer/saferp.o \
@@ -426,6 +428,7 @@ src/hashes/sha2/sha512_224.o: src/hashes/sha2/sha512.c src/hashes/sha2/sha512_22
 src/hashes/sha2/sha512_256.o: src/hashes/sha2/sha512.c src/hashes/sha2/sha512_256.c
 src/hashes/whirl/whirl.o: src/hashes/whirl/whirl.c src/hashes/whirl/whirltab.c
 
+
 $(DOBJECTS): LTC_CFLAGS := -Itests $(LTC_CFLAGS)
 $(TOBJECTS): LTC_CFLAGS := -Itests $(LTC_CFLAGS)
 

sources.cmake

@@ -1,6 +1,8 @@
 set(SOURCES
 src/ciphers/aes/aes.c
+src/ciphers/aes/aes_desc.c
 src/ciphers/aes/aes_tab.c
+src/ciphers/aes/aesni.c
 src/ciphers/anubis.c
 src/ciphers/blowfish.c
 src/ciphers/camellia.c

src/ciphers/aes/aes.c

@@ -44,15 +44,6 @@ const struct ltc_cipher_descriptor rijndael_desc =
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
-const struct ltc_cipher_descriptor aes_desc =
-{
-    "aes",
-    6,
-    16, 32, 16, 10,
-    SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
 #else
 
 #define SETUP    rijndael_enc_setup
@@ -69,15 +60,6 @@ const struct ltc_cipher_descriptor rijndael_enc_desc =
     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
-const struct ltc_cipher_descriptor aes_enc_desc =
-{
-    "aes",
-    6,
-    16, 32, 16, 10,
-    SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
 #endif
 
 #define LTC_AES_TAB_C