libsec: AES-NI support for amd64

Add assembler versions for aes_encrypt/aes_decrypt and the key
setup using AES-NI instruction set. This makes aes_encrypt and
aes_decrypt into function pointers which get initialized by
the first call to setupAESstate().

Note that the expanded round key words are *NOT* stored in big
endian order as with the portable implementation. For that reason
the AESstate.ekey and AESstate.dkey fields have been changed to
void* forcing an error when someone is accessing the roundkey
words. One offender was aesXCBmac, which doesnt appear to be
used and the code looks horrible so it has been deleted.

The AES-NI implementation is for amd64 only as it requires the
kernel to save/restore the FPU state across syscalls and
pagefaults.

2 files changed, 14 insertions, 18 deletions

diff --git a/sys/include/ape/libsec.h b/sys/include/ape/libsec.h
index 58e081891..bd4b352f7 100644
--- a/sys/include/ape/libsec.h
+++ b/sys/include/ape/libsec.h
@@ -32,27 +32,25 @@ struct AESstate
 	ulong	offset;
 	int	rounds;
 	int	keybytes;
+	void	*ekey;				/* expanded encryption round key */
+	void	*dkey;				/* expanded decryption round key */
 	uchar	key[AESmaxkey];			/* unexpanded key */
-	ulong	ekey[4*(AESmaxrounds + 1)];	/* encryption key */
-	ulong	dkey[4*(AESmaxrounds + 1)];	/* decryption key */
 	uchar	ivec[AESbsize];			/* initialization vector */
-	uchar	mackey[3 * AESbsize];	/* 3 XCBC mac 96 keys */
+	uchar	storage[512];			/* storage for expanded keys */
 };
 
 /* block ciphers */
-void	aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
-void	aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
+extern void (*aes_encrypt)(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
+extern void (*aes_decrypt)(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
+
+void	setupAESstate(AESstate *s, uchar key[], int nkey, uchar *ivec);
 
-void	setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec);
 void	aesCBCencrypt(uchar *p, int len, AESstate *s);
 void	aesCBCdecrypt(uchar *p, int len, AESstate *s);
 void	aesCFBencrypt(uchar *p, int len, AESstate *s);
 void	aesCFBdecrypt(uchar *p, int len, AESstate *s);
 void	aesOFBencrypt(uchar *p, int len, AESstate *s);
 
-void	setupAESXCBCstate(AESstate *s);
-uchar*	aesXCBCmac(uchar *p, int len, AESstate *s);
-
 typedef struct AESGCMstate AESGCMstate;
 struct AESGCMstate
 {
diff --git a/sys/include/libsec.h b/sys/include/libsec.h
index ccf5f24f3..b1616782f 100644
--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -24,27 +24,25 @@ struct AESstate
 	ulong	offset;
 	int	rounds;
 	int	keybytes;
+	void	*ekey;				/* expanded encryption round key */
+	void	*dkey;				/* expanded decryption round key */
 	uchar	key[AESmaxkey];			/* unexpanded key */
-	ulong	ekey[4*(AESmaxrounds + 1)];	/* encryption key */
-	ulong	dkey[4*(AESmaxrounds + 1)];	/* decryption key */
 	uchar	ivec[AESbsize];			/* initialization vector */
-	uchar	mackey[3 * AESbsize];	/* 3 XCBC mac 96 keys */
+	uchar	storage[512];			/* storage for expanded keys */
 };
 
 /* block ciphers */
-void	aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
-void	aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
+extern void (*aes_encrypt)(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
+extern void (*aes_decrypt)(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
+
+void	setupAESstate(AESstate *s, uchar key[], int nkey, uchar *ivec);
 
-void	setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec);
 void	aesCBCencrypt(uchar *p, int len, AESstate *s);
 void	aesCBCdecrypt(uchar *p, int len, AESstate *s);
 void	aesCFBencrypt(uchar *p, int len, AESstate *s);
 void	aesCFBdecrypt(uchar *p, int len, AESstate *s);
 void	aesOFBencrypt(uchar *p, int len, AESstate *s);
 
-void	setupAESXCBCstate(AESstate *s);
-uchar*	aesXCBCmac(uchar *p, int len, AESstate *s);
-
 typedef struct AESGCMstate AESGCMstate;
 struct AESGCMstate
 {