diff --git a/README.md b/README.md index 3088bdcac..599459548 100644 --- a/README.md +++ b/README.md @@ -150,6 +150,10 @@ If you have `libtommath` in a non-standard location: make CFLAGS="-DUSE_LTM -DLTM_DESC -I/opt/devel/ltm" EXTRALIBS="/opt/devel/ltm/libtommath.a" all +You want to enable AES-NI support, but compile the rest of the library without the requirement for SSE4.1: + + make CFLAGS=-DLTC_AES_NI CFLAGS_AES_NI="-maes -msse4.1" + ## Installation There exist several _install_ make-targets which are described in the table above. diff --git a/makefile b/makefile index 2d038207e..be847b759 100644 --- a/makefile +++ b/makefile @@ -56,6 +56,13 @@ ifneq ($V,1) endif ${silent} ${CC} ${LTC_CFLAGS} -DENCRYPT_ONLY -c $< -o $@ +#AES-NI support requires special compiler flags +src/ciphers/aes/aesni.o: src/ciphers/aes/aesni.c +ifneq ($V,1) + @echo " * ${CC} $@" ${silent_echo} +endif + ${silent} ${CC} ${LTC_CFLAGS} ${CFLAGS_AES_NI} -c $< -o $@ + .c.o: ifneq ($V,1) @echo " * ${CC} $@" ${silent_echo} diff --git a/makefile.mingw b/makefile.mingw index 4c9af5946..a53d4bccb 100644 --- a/makefile.mingw +++ b/makefile.mingw @@ -250,6 +250,10 @@ src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes.c $(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o +#SPECIAL: AES-NI support requires special compiler flags +src/ciphers/aes/aesni.o: src/ciphers/aes/aesni.c + $(CC) $(LTC_CFLAGS) $(CFLAGS_AES_NI) -c src/ciphers/aes/aesni.c -o src/ciphers/aes/aesni.o + #SPECIAL: these are the rules to make certain object files src/ciphers/aes/aes.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/twofish/twofish.o: src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c diff --git a/makefile.msvc b/makefile.msvc index ad65eb698..3fd839d5c 100644 --- a/makefile.msvc +++ b/makefile.msvc @@ -243,6 +243,10 @@ src/ciphers/aes/aes_enc.obj: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/aes/aes_enc_desc.obj: src/ciphers/aes/aes_desc.c $(CC) $(LTC_CFLAGS) /DENCRYPT_ONLY /c src/ciphers/aes/aes_desc.c /Fosrc/ciphers/aes/aes_enc_desc.obj +#SPECIAL: AES-NI support requires special compiler flags +src/ciphers/aes/aesni.obj: src/ciphers/aes/aesni.c + $(CC) $(LTC_CFLAGS) $(CFLAGS_AES_NI) /c src/ciphers/aes/aesni.c /Fosrc/ciphers/aes/aesni.obj + #SPECIAL: these are the rules to make certain object files src/ciphers/aes/aes.obj: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/twofish/twofish.obj: src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c diff --git a/makefile.shared b/makefile.shared index 310840c99..795bd3e5d 100644 --- a/makefile.shared +++ b/makefile.shared @@ -73,6 +73,10 @@ src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes_desc.c $(LTCOMPILE) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o +#AES-NI support requires special compiler flags +src/ciphers/aes/aesni.o: src/ciphers/aes/aesni.c + $(LTCOMPILE) $(LTC_CFLAGS) $(CFLAGS_AES_NI) $(CPPFLAGS) $(LTC_LDFLAGS) -c src/ciphers/aes/aesni.c -o src/ciphers/aes/aesni.o + .c.o: $(LTCOMPILE) $(LTC_CFLAGS) $(CPPFLAGS) $(LTC_LDFLAGS) -o $@ -c $< diff --git a/makefile.unix b/makefile.unix index a46736c28..226066148 100644 --- a/makefile.unix +++ b/makefile.unix @@ -264,6 +264,10 @@ src/ciphers/aes/aes_enc.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/aes/aes_enc_desc.o: src/ciphers/aes/aes_desc.c $(CC) $(LTC_CFLAGS) -DENCRYPT_ONLY -c src/ciphers/aes/aes_desc.c -o src/ciphers/aes/aes_enc_desc.o +#SPECIAL: AES-NI support requires special compiler flags +src/ciphers/aes/aesni.o: src/ciphers/aes/aesni.c + $(CC) $(LTC_CFLAGS) $(CFLAGS_AES_NI) -c src/ciphers/aes/aesni.c -o src/ciphers/aes/aesni.o + #SPECIAL: these are the rules to make certain object files src/ciphers/aes/aes.o: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/twofish/twofish.o: src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c diff --git a/src/ciphers/aes/aes_desc.c b/src/ciphers/aes/aes_desc.c index 4b930a5e9..5333f3636 100644 --- a/src/ciphers/aes/aes_desc.c +++ b/src/ciphers/aes/aes_desc.c @@ -49,7 +49,7 @@ const struct ltc_cipher_descriptor aes_enc_desc = #endif /* Code partially borrowed from https://software.intel.com/content/www/us/en/develop/articles/intel-sha-extensions.html */ -#if defined(LTC_HAS_AES_NI) +#if defined(LTC_AES_NI) static LTC_INLINE int s_aesni_is_supported(void) { static int initialized = 0, is_supported = 0; @@ -57,7 +57,7 @@ static LTC_INLINE int s_aesni_is_supported(void) if (initialized == 0) { int a, b, c, d; - /* Look for CPUID.1.0.ECX[25] + /* Look for CPUID.1.0.ECX[19] (SSE4.1) and CPUID.1.0.ECX[25] (AES-NI) * EAX = 1, ECX = 0 */ a = 1; @@ -68,7 +68,7 @@ static LTC_INLINE int s_aesni_is_supported(void) :"a"(a), "c"(c) ); - is_supported = ((c >> 25) & 1); + is_supported = ((c >> 19) & 1) && ((c >> 25) & 1); initialized = 1; } @@ -93,7 +93,7 @@ int aesni_is_supported(void) */ int AES_SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) { -#ifdef LTC_HAS_AES_NI +#ifdef LTC_AES_NI if (s_aesni_is_supported()) { return aesni_setup(key, keylen, num_rounds, skey); } @@ -111,7 +111,7 @@ int AES_SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_ke */ int AES_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey) { -#ifdef LTC_HAS_AES_NI +#ifdef LTC_AES_NI if (s_aesni_is_supported()) { return aesni_ecb_encrypt(pt, ct, skey); } @@ -130,7 +130,7 @@ int AES_ENC(const unsigned char *pt, unsigned char *ct, const symmetric_key *ske */ int AES_DEC(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey) { -#ifdef LTC_HAS_AES_NI +#ifdef LTC_AES_NI if (s_aesni_is_supported()) { return aesni_ecb_decrypt(ct, pt, skey); } diff --git a/src/ciphers/aes/aesni.c b/src/ciphers/aes/aesni.c index 113aaf676..2a5f95af5 100644 --- a/src/ciphers/aes/aesni.c +++ b/src/ciphers/aes/aesni.c @@ -9,7 +9,7 @@ #include "tomcrypt_private.h" -#if defined(LTC_HAS_AES_NI) +#if defined(LTC_AES_NI) const struct ltc_cipher_descriptor aesni_desc = { diff --git a/src/headers/tomcrypt_cfg.h b/src/headers/tomcrypt_cfg.h index 3d90d03cc..2a2b8aa87 100644 --- a/src/headers/tomcrypt_cfg.h +++ b/src/headers/tomcrypt_cfg.h @@ -91,11 +91,6 @@ LTC_EXPORT int LTC_CALL XSTRCMP(const char *s1, const char *s2); #define ENDIAN_LITTLE #define ENDIAN_64BITWORD #define LTC_FAST - #if defined(__SSE4_1__) - #if __SSE4_1__ == 1 - #define LTC_AMD64_SSE4_1 - #endif - #endif #endif /* detect PPC32 */ diff --git a/src/headers/tomcrypt_cipher.h b/src/headers/tomcrypt_cipher.h index aeee34355..fe2a4c292 100644 --- a/src/headers/tomcrypt_cipher.h +++ b/src/headers/tomcrypt_cipher.h @@ -719,7 +719,7 @@ extern const struct ltc_cipher_descriptor rijndael_desc; extern const struct ltc_cipher_descriptor rijndael_enc_desc; #endif -#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1) +#if defined(LTC_AES_NI) int aesni_is_supported(void); int aesni_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey); int aesni_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey); diff --git a/src/headers/tomcrypt_custom.h b/src/headers/tomcrypt_custom.h index e10779280..e344f574f 100644 --- a/src/headers/tomcrypt_custom.h +++ b/src/headers/tomcrypt_custom.h @@ -179,9 +179,6 @@ #define LTC_RC6 #define LTC_SAFERP #define LTC_RIJNDAEL -#ifndef LTC_NO_AES_NI - #define LTC_AES_NI -#endif #define LTC_XTEA /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */ diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h index 041bdd639..2b898a2be 100644 --- a/src/headers/tomcrypt_private.h +++ b/src/headers/tomcrypt_private.h @@ -98,10 +98,6 @@ typedef struct /* tomcrypt_cipher.h */ -#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1) -#define LTC_HAS_AES_NI -#endif - void blowfish_enc(ulong32 *data, unsigned long blocks, const symmetric_key *skey); int blowfish_expand(const unsigned char *key, int keylen, const unsigned char *data, int datalen, diff --git a/src/misc/crypt/crypt.c b/src/misc/crypt/crypt.c index 81f00dbf9..f26730c8e 100644 --- a/src/misc/crypt/crypt.c +++ b/src/misc/crypt/crypt.c @@ -422,7 +422,7 @@ const char *crypt_build_settings = #if defined(LTC_ADLER32) " ADLER32 " #endif -#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1) +#if defined(LTC_AES_NI) " AES-NI " #endif #if defined(LTC_BASE64) diff --git a/tests/cipher_hash_test.c b/tests/cipher_hash_test.c index 431a7648c..70d708c5f 100644 --- a/tests/cipher_hash_test.c +++ b/tests/cipher_hash_test.c @@ -14,7 +14,7 @@ int cipher_hash_test(void) } /* explicit AES-NI test */ -#if defined(LTC_HAS_AES_NI) +#if defined(LTC_AES_NI) if (aesni_is_supported()) { DO(aesni_test()); }