aarch64cryptolib's Introduction

AArch64cryptolib

Purpose

AArch64cryptolib is a from scratch implementation of cryptographic primitives aiming for optimal performance on Arm A-class cores.

The core concept of the AES-GCM implementations is to optimally schedule a "merged" AES-GCM kernel to make effective use of the available pipeline resources in existing CPUs.

Current optimisation targets:

LITTLE (Cortex-A53, Cortex-A55).
big (Cortex-A57, Cortex-A72, Cortex-A75, Cortex-A76 and Neoverse N1).
bigger (Neoverse V1).
biggereor3 (Neoverse V1).

Functionality

The library currently supports:

AES-GCM
- Encrypt and decrypt
- 128b, 192b, and 256b keys
- Bespoke IPsec variants which make some domain specific assumptions, and merges UDP checksum into AES-GCM decryption
AES-CBC
- Encrypt and decrypt
- 128b key
- SHA-1 and SHA-256 hash
- Chained cipher + auth

Structure

AArch64cryptolib consists of:

A header file (AArch64cryptolib.h) with the interface to the library
Top implementation files (AArch64cryptolib_aes_gcm.c, AArch64cryptolib_aes_cbc.c) which provide several C functions supporting the library
Several asm optimised functions (in AArch64cryptolib_* folders) which target big, bigger and LITTLE microarchitectures, and are included inline in AArch64cryptolib_*.c when the pertinent compilation flags are set

Usage

Source files

Users of AArch64cryptolib have to include AArch64cryptolib.h in their source file and use the API described in that file.

Building library

Native compilation with GCC basically need make
To cross compile, use CROSS flag and point it to your cross compiler. e.g. make CROSS=aarch64-linux-gnu-

Compiler flags

Select one of the code paths optimised for big or LITTLE CPU implementations:

OPT=little
OPT=big
OPT=bigger
OPT=biggereor3

Add extra compiler flags or override default flags:

EXTRA_CFLAGS=

Requirements

The implementation requires the Armv8a Cryptography Extensions. The biggereor3 implementation option requires the Armv8.2a SHA3 extension.

Restrictions

The choice of AES-GCM implementation is done at compile time.

License

SPDX BSD-3-Clause

See the included file 'LICENSE.md' for the license text.

Original Authors

Samuel Lee (AES-GCM)
Zbigniew Bodek (AES-CBC)

Maintainer

Ola Liljedahl ([email protected])

aarch64cryptolib's People

Contributors

Stargazers

Watchers

aarch64cryptolib's Issues

armv8_dec_aes_gcm_full never sets tag_byte_length

In the armv8_dec_aes_gcm_full, cipher_constants_t variable cc is declared. In the declaration, only the mode field is initialized to one of the function arguments. The tag_byte_length field is never explicitly set to a value. Looking through the call stack for armv8_dec_aes_gcm_full revealed that tag_byte_length is never set anywhere when that function is called. On line 2088 of AArch64cryptolib_aes_gcm.c, the tag_byte_length is used in some if conditions to do the actual authentication tag checking. Based on how cc is declared and that tag_byte_length is never set explicitly, the length will just be 0. None of the if conditions will be hit so no authentication tag checking occurs. The mismatch variable is initialized to 0 so the function returns that the authentication tag is good but in reality, the tag was never checked.

I also noticed that the tests provided don't cover armv8_dec_aes_gcm_full.

does this work on raspberry pi 3 64bit OS?

Hi,

I installed 64bit OS on raspberry pi 3.
However, tests are failed with illegal instructions.
Does this mean Raspberry Pi 3 doesn't support crypto extension?

pi@raspberrypi:~/AArch64cryptolib $ gdb ./aescbc_test_functional
GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "aarch64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./aescbc_test_functional...
(gdb) run ./test/testvectors__NIST_aescbc/CBCGFSbox128.rsp
Starting program: /home/pi/AArch64cryptolib/aescbc_test_functional ./test/testvectors__NIST_aescbc/CBCGFSbox128.rsp
Using reference file ./test/testvectors__NIST_aescbc/CBCGFSbox128.rsp

Program received signal SIGILL, Illegal instruction.
0x00000000004047b8 in armv8_expandkeys_enc_aes_cbc_128 () at aes_core.S:81

Recommend Projects

arm-software / aarch64cryptolib Goto Github PK