1 files changed, 88 insertions, 0 deletions
diff --git a/src/crypto/isa-l/isa-l_crypto/aes/aarch64/xts_aes_256_enc.S b/src/crypto/isa-l/isa-l_crypto/aes/aarch64/xts_aes_256_enc.S
new file mode 100644
index 000000000..8e4088a4d
--- /dev/null
+++ b/src/crypto/isa-l/isa-l_crypto/aes/aarch64/xts_aes_256_enc.S
@@ -0,0 +1,88 @@
+/**********************************************************************
+  Copyright(c) 2021 Arm Corporation All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions
+  are met:
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in
+      the documentation and/or other materials provided with the
+      distribution.
+    * Neither the name of Arm Corporation nor the names of its
+      contributors may be used to endorse or promote products derived
+      from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+**********************************************************************/
+	.arch armv8-a+crypto
+	.text
+
+#include "xts_aes_256_common.S"
+#include "xts_aes_common.S"
+
+/* encrypt the tweak by tweak key (k2), and at the same time
+ * to expand encryption key (k1)
+ * even though two sets of keys share the same set of registers
+ * they never overlap at any given time (k2 is used once and discarded)
+ */
+.macro keyexp_and_encrypt_tweak iv:req,k2:req,k1:req
+	aes_key_expand	0,\k2
+	aes_enc_round	\iv,0
+	aes_enc_round	\iv,1
+	aes_key_expand	2
+	aes_key_expand	0,\k1,rcon2
+	aes_enc_round	\iv,2
+	aes_enc_round	\iv,3
+	aes_key_expand	4
+	aes_key_expand	2,rcon2
+	aes_enc_round	\iv,4
+	aes_enc_round	\iv,5
+	aes_key_expand	6
+	aes_key_expand	4,rcon2
+	aes_enc_round	\iv,6
+	aes_enc_round	\iv,7
+	aes_key_expand	8
+	aes_key_expand	6,rcon2
+	aes_enc_round	\iv,8
+	aes_enc_round	\iv,9
+	aes_key_expand	10
+	aes_key_expand	8,rcon2
+	aes_enc_round	\iv,10
+	aes_enc_round	\iv,11
+	aes_key_expand	12
+	aes_key_expand	10,rcon2
+	aes_enc_round	\iv,12
+	aes_enc_round	\iv,13
+	aes_key_expand	14
+	aes_key_expand	12,rcon2
+	aes_enc_round	\iv,14
+	aes_key_expand	14,rcon2
+.endm
+
+/*
+ * void XTS_AES_256_enc_ce(
+ *   uint8_t *k2,    //!<  key used for tweaking, 16 bytes
+ *   uint8_t *k1,    //!<  key used for decryption of tweaked ciphertext, 16 bytes
+ *   uint8_t *TW_initial,    //!<  initial tweak value, 16 bytes
+ *   uint64_t N, //!<  sector size, in bytes
+ *   const uint8_t *pt,  //!<  cleartext sector input data
+ *   uint8_t *ct //!<  ciphertext sector output data
+ *   );
+ */
+	.global XTS_AES_256_enc_ce
+        .type XTS_AES_256_enc_ce, %function
+XTS_AES_256_enc_ce:
+	xts_aes_crypt 0,keyexp_and_encrypt_tweak vIV0,key2,key1
+	.size   XTS_AES_256_enc_ce, .-XTS_AES_256_enc_ce