AESNI: Overhaul implementation selection

Have clearly separated code to: * determine whether the assembly-based implementation is available; * determine whether the intrinsics-based implementation is available; * select one of the available implementations if any. Now MBEDTLS_AESNI_HAVE_CODE can be the single interface for aes.c and aesni.c to determine which AESNI is built. Change the implementation selection: now, if both implementations are available, always prefer assembly. Before, the intrinsics were used if available. This preference is to minimize disruption, and will likely be revised in a later minor release. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-08-08 17:42:09 +03:00 · 2023-03-16 17:21:33 +01:00
parent 0de8f853f0
commit 9c682e724a
3 changed files with 37 additions and 20 deletions
--- a/library/aes.c
+++ b/library/aes.c
@@ -511,7 +511,7 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
 * i.e. an offset of 1 means 4 bytes and so on.
 */
 #if (defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)) ||        \
-    defined(MBEDTLS_HAVE_AESNI_INTRINSICS)
+    (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
 #define MAY_NEED_TO_ALIGN
 #endif
 static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
@@ -528,7 +528,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
    }
 #endif

-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_AESNI_INTRINSICS)
+#if defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2
    if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
        align_16_bytes = 1;
    }