Cross Reference: /freebsd-current/sys/crypto/openssl/ossl_aes

History log of /freebsd-current/sys/crypto/openssl/ossl_aes_gcm.h
Revision	Date	Author	Comments
# 44f8e1e8	29-Nov-2023	Mark Johnston <markj@FreeBSD.org>	ossl: Add support for armv7 OpenSSL provides implementations of several AES modes which use bitslicing and can be accelerated on CPUs which support the NEON extension. This patch adds arm platform support to ossl(4) and provides an AES-CBC implementation, though bsaes_cbc_encrypt() only implements decryption. The real goal is to provide an accelerated AES-GCM implementation; this will be added in a subsequent patch. Initially derived from https://reviews.freebsd.org/D37420. Reviewed by: jhb Sponsored by: Klara, Inc. Sponsored by: Stormshield MFC after: 3 months Differential Revision: https://reviews.freebsd.org/D41304
# 9d5a47e1	02-Jun-2023	Mark Johnston <markj@FreeBSD.org>	ossl: Provide a fallback definition of __uint128_t when needed This is required on i386. The patch has no functional change, since AES-GCM isn't implemented for that platform. Fixes: 9a3444d91c70 ("ossl: Add a VAES-based AES-GCM implementation for amd64") Reported by: Jenkins
# 9a3444d9	02-Jun-2023	Mark Johnston <markj@FreeBSD.org>	ossl: Add a VAES-based AES-GCM implementation for amd64 aes-gcm-avx512.S is generated from OpenSSL 3.1 and implements AES-GCM. ossl_x86.c detects whether the CPU implements the required AVX512 instructions; if not, the ossl(4) module does not provide an AES-GCM implementation. The VAES implementation increases throughput for all buffer sizes in both directions, up to 2x for sufficiently large buffers. The "process" implementation is in two parts: a generic OCF layer in ossl_aes.c that calls a set of MD functions to do the heavy lifting. The intent there is to make it possible to add other implementations for other platforms, e.g., to reduce the diff required for D37421. A follow-up commit will add a fallback path to legacy AES-NI, so that ossl(4) can be used in preference to aesni(4) on all amd64 platforms. In the long term we would like to replace aesni(4) and armv8crypto(4) with ossl(4). Note, currently this implementation will not be selected by default since aesni(4) and ossl(4) return the same probe priority for crypto sessions, and the opencrypto framework selects the first registered implementation to break a tie. Since aesni(4) is compiled into the kernel, aesni(4) wins. A separate change may modify ossl(4) to have priority. Sponsored by: Stormshield Sponsored by: Klara, Inc. Reviewed by: jhb MFC after: 3 months Differential Revision: https://reviews.freebsd.org/D39783