1693 Label fCode_set; |
1693 Label fCode_set; |
1694 int mode = is_decipher ? VM_Version::CipherMode::decipher : VM_Version::CipherMode::cipher; |
1694 int mode = is_decipher ? VM_Version::CipherMode::decipher : VM_Version::CipherMode::cipher; |
1695 bool identical_dataBlk_len = (VM_Version::Cipher::_AES128_dataBlk == VM_Version::Cipher::_AES192_dataBlk) |
1695 bool identical_dataBlk_len = (VM_Version::Cipher::_AES128_dataBlk == VM_Version::Cipher::_AES192_dataBlk) |
1696 && (VM_Version::Cipher::_AES128_dataBlk == VM_Version::Cipher::_AES256_dataBlk); |
1696 && (VM_Version::Cipher::_AES128_dataBlk == VM_Version::Cipher::_AES256_dataBlk); |
1697 // Expanded key length is 44/52/60 * 4 bytes for AES-128/AES-192/AES-256. |
1697 // Expanded key length is 44/52/60 * 4 bytes for AES-128/AES-192/AES-256. |
1698 __ z_cghi(keylen, 52); |
1698 __ z_cghi(keylen, 52); // Check only once at the beginning. keylen and fCode may share the same register. |
|
1699 |
|
1700 __ z_lghi(fCode, VM_Version::Cipher::_AES128 + mode); |
|
1701 if (!identical_dataBlk_len) { |
|
1702 __ z_lghi(srclen, VM_Version::Cipher::_AES128_dataBlk); |
|
1703 } |
|
1704 __ z_brl(fCode_set); // keyLen < 52: AES128 |
|
1705 |
|
1706 __ z_lghi(fCode, VM_Version::Cipher::_AES192 + mode); |
|
1707 if (!identical_dataBlk_len) { |
|
1708 __ z_lghi(srclen, VM_Version::Cipher::_AES192_dataBlk); |
|
1709 } |
|
1710 __ z_bre(fCode_set); // keyLen == 52: AES192 |
1699 |
1711 |
1700 __ z_lghi(fCode, VM_Version::Cipher::_AES256 + mode); |
1712 __ z_lghi(fCode, VM_Version::Cipher::_AES256 + mode); |
1701 if (!identical_dataBlk_len) { |
1713 if (!identical_dataBlk_len) { |
1702 __ z_lghi(srclen, VM_Version::Cipher::_AES256_dataBlk); |
1714 __ z_lghi(srclen, VM_Version::Cipher::_AES256_dataBlk); |
1703 } |
1715 } |
1704 __ z_brh(fCode_set); // keyLen > 52: AES256 |
1716 // __ z_brh(fCode_set); // keyLen < 52: AES128 // fallthru |
1705 |
|
1706 __ z_lghi(fCode, VM_Version::Cipher::_AES192 + mode); |
|
1707 if (!identical_dataBlk_len) { |
|
1708 __ z_lghi(srclen, VM_Version::Cipher::_AES192_dataBlk); |
|
1709 } |
|
1710 __ z_bre(fCode_set); // keyLen == 52: AES192 |
|
1711 |
|
1712 __ z_lghi(fCode, VM_Version::Cipher::_AES128 + mode); |
|
1713 if (!identical_dataBlk_len) { |
|
1714 __ z_lghi(srclen, VM_Version::Cipher::_AES128_dataBlk); |
|
1715 } |
|
1716 // __ z_brl(fCode_set); // keyLen < 52: AES128 // fallthru |
|
1717 |
1717 |
1718 __ bind(fCode_set); |
1718 __ bind(fCode_set); |
1719 if (identical_dataBlk_len) { |
1719 if (identical_dataBlk_len) { |
1720 __ z_lghi(srclen, VM_Version::Cipher::_AES128_dataBlk); |
1720 __ z_lghi(srclen, VM_Version::Cipher::_AES128_dataBlk); |
1721 } |
1721 } |
1722 } |
1722 } |
1723 BLOCK_COMMENT("} Set fCode"); |
1723 BLOCK_COMMENT("} Set fCode"); |
1724 } |
1724 } |
1725 |
1725 |
1726 // Push a parameter block for the cipher/decipher instruction on the stack. |
1726 // Push a parameter block for the cipher/decipher instruction on the stack. |
|
1727 // Layout of the additional stack space allocated for AES_cipherBlockChaining: |
|
1728 // |
|
1729 // | | |
|
1730 // +--------+ <-- SP before expansion |
|
1731 // | | |
|
1732 // : : alignment loss, 0..(AES_parmBlk_align-8) bytes |
|
1733 // | | |
|
1734 // +--------+ |
|
1735 // | | |
|
1736 // : : space for parameter block, size VM_Version::Cipher::_AES*_parmBlk_C |
|
1737 // | | |
|
1738 // +--------+ <-- parmBlk, octoword-aligned, start of parameter block |
|
1739 // | | |
|
1740 // : : additional stack space for spills etc., size AES_parmBlk_addspace, DW @ Z_SP not usable!!! |
|
1741 // | | |
|
1742 // +--------+ <-- Z_SP after expansion |
|
1743 |
|
1744 void generate_push_Block(int dataBlk_len, int parmBlk_len, int crypto_fCode, |
|
1745 Register parmBlk, Register keylen, Register fCode, Register cv, Register key) { |
|
1746 const int AES_parmBlk_align = 32; // octoword alignment. |
|
1747 const int AES_parmBlk_addspace = 24; // Must be sufficiently large to hold all spilled registers |
|
1748 // (currently 2) PLUS 1 DW for the frame pointer. |
|
1749 |
|
1750 const int cv_len = dataBlk_len; |
|
1751 const int key_len = parmBlk_len - cv_len; |
|
1752 // This len must be known at JIT compile time. Only then are we able to recalc the SP before resize. |
|
1753 // We buy this knowledge by wasting some (up to AES_parmBlk_align) bytes of stack space. |
|
1754 const int resize_len = cv_len + key_len + AES_parmBlk_align + AES_parmBlk_addspace; |
|
1755 |
|
1756 // Use parmBlk as temp reg here to hold the frame pointer. |
|
1757 __ resize_frame(-resize_len, parmBlk, true); |
|
1758 |
|
1759 // calculate parmBlk address from updated (resized) SP. |
|
1760 __ add2reg(parmBlk, resize_len - (cv_len + key_len), Z_SP); |
|
1761 __ z_nill(parmBlk, (~(AES_parmBlk_align-1)) & 0xffff); // Align parameter block. |
|
1762 |
|
1763 // There is room for stuff in the range [parmBlk-AES_parmBlk_addspace+8, parmBlk). |
|
1764 __ z_stg(keylen, -8, parmBlk); // Spill keylen for later use. |
|
1765 |
|
1766 // calculate (SP before resize) from updated SP. |
|
1767 __ add2reg(keylen, resize_len, Z_SP); // keylen holds prev SP for now. |
|
1768 __ z_stg(keylen, -16, parmBlk); // Spill prev SP for easy revert. |
|
1769 |
|
1770 __ z_mvc(0, cv_len-1, parmBlk, 0, cv); // Copy cv. |
|
1771 __ z_mvc(cv_len, key_len-1, parmBlk, 0, key); // Copy key. |
|
1772 __ z_lghi(fCode, crypto_fCode); |
|
1773 } |
|
1774 |
1727 // NOTE: |
1775 // NOTE: |
1728 // Before returning, the stub has to copy the chaining value from |
1776 // Before returning, the stub has to copy the chaining value from |
1729 // the parmBlk, where it was updated by the crypto instruction, back |
1777 // the parmBlk, where it was updated by the crypto instruction, back |
1730 // to the chaining value array the address of which was passed in the cv argument. |
1778 // to the chaining value array the address of which was passed in the cv argument. |
1731 // As all the available registers are used and modified by KMC, we need to save |
1779 // As all the available registers are used and modified by KMC, we need to save |
1732 // the key length across the KMC instruction. We do so by spilling it to the stack, |
1780 // the key length across the KMC instruction. We do so by spilling it to the stack, |
1733 // just preceding the parmBlk (at (parmBlk - 8)). |
1781 // just preceding the parmBlk (at (parmBlk - 8)). |
1734 void generate_push_parmBlk(Register keylen, Register fCode, Register parmBlk, Register key, Register cv, bool is_decipher) { |
1782 void generate_push_parmBlk(Register keylen, Register fCode, Register parmBlk, Register key, Register cv, bool is_decipher) { |
1735 const int AES_parmBlk_align = 32; |
|
1736 const int AES_parmBlk_addspace = AES_parmBlk_align; // Must be multiple of AES_parmblk_align. |
|
1737 int cv_len, key_len; |
|
1738 int mode = is_decipher ? VM_Version::CipherMode::decipher : VM_Version::CipherMode::cipher; |
1783 int mode = is_decipher ? VM_Version::CipherMode::decipher : VM_Version::CipherMode::cipher; |
1739 Label parmBlk_128, parmBlk_192, parmBlk_256, parmBlk_set; |
1784 Label parmBlk_128, parmBlk_192, parmBlk_256, parmBlk_set; |
1740 |
1785 |
1741 BLOCK_COMMENT("push parmBlk {"); |
1786 BLOCK_COMMENT("push parmBlk {"); |
1742 if (VM_Version::has_Crypto_AES() ) { __ z_cghi(keylen, 52); } |
1787 if (VM_Version::has_Crypto_AES() ) { __ z_cghi(keylen, 52); } |
|
1788 if (VM_Version::has_Crypto_AES128()) { __ z_brl(parmBlk_128); } // keyLen < 52: AES128 |
|
1789 if (VM_Version::has_Crypto_AES192()) { __ z_bre(parmBlk_192); } // keyLen == 52: AES192 |
1743 if (VM_Version::has_Crypto_AES256()) { __ z_brh(parmBlk_256); } // keyLen > 52: AES256 |
1790 if (VM_Version::has_Crypto_AES256()) { __ z_brh(parmBlk_256); } // keyLen > 52: AES256 |
1744 if (VM_Version::has_Crypto_AES192()) { __ z_bre(parmBlk_192); } // keyLen == 52: AES192 |
|
1745 if (VM_Version::has_Crypto_AES128()) { __ z_brl(parmBlk_128); } // keyLen < 52: AES128 |
|
1746 |
1791 |
1747 // Security net: requested AES function not available on this CPU. |
1792 // Security net: requested AES function not available on this CPU. |
1748 // NOTE: |
1793 // NOTE: |
1749 // As of now (March 2015), this safety net is not required. JCE policy files limit the |
1794 // As of now (March 2015), this safety net is not required. JCE policy files limit the |
1750 // cryptographic strength of the keys used to 128 bit. If we have AES hardware support |
1795 // cryptographic strength of the keys used to 128 bit. If we have AES hardware support |
1751 // at all, we have at least AES-128. |
1796 // at all, we have at least AES-128. |
1752 __ stop_static("AES key strength not supported by CPU. Use -XX:-UseAES as remedy.", 0); |
1797 __ stop_static("AES key strength not supported by CPU. Use -XX:-UseAES as remedy.", 0); |
1753 |
1798 |
|
1799 if (VM_Version::has_Crypto_AES256()) { |
|
1800 __ bind(parmBlk_256); |
|
1801 generate_push_Block(VM_Version::Cipher::_AES256_dataBlk, |
|
1802 VM_Version::Cipher::_AES256_parmBlk_C, |
|
1803 VM_Version::Cipher::_AES256 + mode, |
|
1804 parmBlk, keylen, fCode, cv, key); |
|
1805 if (VM_Version::has_Crypto_AES128() || VM_Version::has_Crypto_AES192()) { |
|
1806 __ z_bru(parmBlk_set); // Fallthru otherwise. |
|
1807 } |
|
1808 } |
|
1809 |
|
1810 if (VM_Version::has_Crypto_AES192()) { |
|
1811 __ bind(parmBlk_192); |
|
1812 generate_push_Block(VM_Version::Cipher::_AES192_dataBlk, |
|
1813 VM_Version::Cipher::_AES192_parmBlk_C, |
|
1814 VM_Version::Cipher::_AES192 + mode, |
|
1815 parmBlk, keylen, fCode, cv, key); |
|
1816 if (VM_Version::has_Crypto_AES128()) { |
|
1817 __ z_bru(parmBlk_set); // Fallthru otherwise. |
|
1818 } |
|
1819 } |
|
1820 |
1754 if (VM_Version::has_Crypto_AES128()) { |
1821 if (VM_Version::has_Crypto_AES128()) { |
1755 __ bind(parmBlk_128); |
1822 __ bind(parmBlk_128); |
1756 cv_len = VM_Version::Cipher::_AES128_dataBlk; |
1823 generate_push_Block(VM_Version::Cipher::_AES128_dataBlk, |
1757 key_len = VM_Version::Cipher::_AES128_parmBlk_C - cv_len; |
1824 VM_Version::Cipher::_AES128_parmBlk_C, |
1758 __ z_lay(parmBlk, -(VM_Version::Cipher::_AES128_parmBlk_C+AES_parmBlk_align)+(AES_parmBlk_align-1), Z_SP); |
1825 VM_Version::Cipher::_AES128 + mode, |
1759 __ z_nill(parmBlk, (~(AES_parmBlk_align-1)) & 0xffff); // align parameter block |
1826 parmBlk, keylen, fCode, cv, key); |
1760 |
1827 // Fallthru |
1761 // Resize the frame to accommodate for the aligned parameter block and other stuff. |
|
1762 // There is room for stuff in the range [parmBlk-AES_parmBlk_addspace, parmBlk). |
|
1763 __ z_stg(keylen, -8, parmBlk); // Spill keylen for later use. |
|
1764 __ z_stg(Z_SP, -16, parmBlk); // Spill SP for easy revert. |
|
1765 __ z_aghi(parmBlk, -AES_parmBlk_addspace); // Additional space for keylen, etc.. |
|
1766 __ resize_frame_absolute(parmBlk, keylen, true); // Resize frame with parmBlk being the new SP. |
|
1767 __ z_aghi(parmBlk, AES_parmBlk_addspace); // Restore parameter block address. |
|
1768 |
|
1769 __ z_mvc(0, cv_len-1, parmBlk, 0, cv); // Copy cv. |
|
1770 __ z_mvc(cv_len, key_len-1, parmBlk, 0, key); // Copy key. |
|
1771 __ z_lghi(fCode, VM_Version::Cipher::_AES128 + mode); |
|
1772 if (VM_Version::has_Crypto_AES192() || VM_Version::has_Crypto_AES256()) { |
|
1773 __ z_bru(parmBlk_set); // Fallthru otherwise. |
|
1774 } |
|
1775 } |
|
1776 |
|
1777 if (VM_Version::has_Crypto_AES192()) { |
|
1778 __ bind(parmBlk_192); |
|
1779 cv_len = VM_Version::Cipher::_AES192_dataBlk; |
|
1780 key_len = VM_Version::Cipher::_AES192_parmBlk_C - cv_len; |
|
1781 __ z_lay(parmBlk, -(VM_Version::Cipher::_AES192_parmBlk_C+AES_parmBlk_align)+(AES_parmBlk_align-1), Z_SP); |
|
1782 __ z_nill(parmBlk, (~(AES_parmBlk_align-1)) & 0xffff); // Align parameter block. |
|
1783 |
|
1784 // Resize the frame to accommodate for the aligned parameter block and other stuff. |
|
1785 // There is room for stuff in the range [parmBlk-AES_parmBlk_addspace, parmBlk). |
|
1786 __ z_stg(keylen, -8, parmBlk); // Spill keylen for later use. |
|
1787 __ z_stg(Z_SP, -16, parmBlk); // Spill SP for easy revert. |
|
1788 __ z_aghi(parmBlk, -AES_parmBlk_addspace); // Additional space for keylen, etc.. |
|
1789 __ resize_frame_absolute(parmBlk, keylen, true); // Resize frame with parmBlk being the new SP. |
|
1790 __ z_aghi(parmBlk, AES_parmBlk_addspace); // Restore parameter block address. |
|
1791 |
|
1792 __ z_mvc(0, cv_len-1, parmBlk, 0, cv); // Copy cv. |
|
1793 __ z_mvc(cv_len, key_len-1, parmBlk, 0, key); // Copy key. |
|
1794 __ z_lghi(fCode, VM_Version::Cipher::_AES192 + mode); |
|
1795 if (VM_Version::has_Crypto_AES256()) { |
|
1796 __ z_bru(parmBlk_set); // Fallthru otherwise. |
|
1797 } |
|
1798 } |
|
1799 |
|
1800 if (VM_Version::has_Crypto_AES256()) { |
|
1801 __ bind(parmBlk_256); |
|
1802 cv_len = VM_Version::Cipher::_AES256_dataBlk; |
|
1803 key_len = VM_Version::Cipher::_AES256_parmBlk_C - cv_len; |
|
1804 __ z_lay(parmBlk, -(VM_Version::Cipher::_AES256_parmBlk_C+AES_parmBlk_align)+(AES_parmBlk_align-1), Z_SP); |
|
1805 __ z_nill(parmBlk, (~(AES_parmBlk_align-1)) & 0xffff); // Align parameter block. |
|
1806 |
|
1807 // Resize the frame to accommodate for the aligned parameter block and other stuff. |
|
1808 // There is room for stuff in the range [parmBlk-AES_parmBlk_addspace, parmBlk). |
|
1809 __ z_stg(keylen, -8, parmBlk); // Spill keylen for later use. |
|
1810 __ z_stg(Z_SP, -16, parmBlk); // Spill SP for easy revert. |
|
1811 __ z_aghi(parmBlk, -AES_parmBlk_addspace); // Additional space for keylen, etc.. |
|
1812 __ resize_frame_absolute(parmBlk, keylen, true); // Resize frame with parmBlk being the new SP. |
|
1813 __ z_aghi(parmBlk, AES_parmBlk_addspace); // Restore parameter block address. |
|
1814 |
|
1815 __ z_mvc(0, cv_len-1, parmBlk, 0, cv); // Copy cv. |
|
1816 __ z_mvc(cv_len, key_len-1, parmBlk, 0, key); // Copy key. |
|
1817 __ z_lghi(fCode, VM_Version::Cipher::_AES256 + mode); |
|
1818 // __ z_bru(parmBlk_set); // fallthru |
|
1819 } |
1828 } |
1820 |
1829 |
1821 __ bind(parmBlk_set); |
1830 __ bind(parmBlk_set); |
1822 BLOCK_COMMENT("} push parmBlk"); |
1831 BLOCK_COMMENT("} push parmBlk"); |
1823 } |
1832 } |
1869 __ z_mvc(0, cv_len-1, cv, 0, parmBlk); // Copy cv. |
1878 __ z_mvc(0, cv_len-1, cv, 0, parmBlk); // Copy cv. |
1870 // __ z_bru(parmBlk_set); // fallthru |
1879 // __ z_bru(parmBlk_set); // fallthru |
1871 } |
1880 } |
1872 __ bind(parmBlk_set); |
1881 __ bind(parmBlk_set); |
1873 } |
1882 } |
1874 __ z_lg(Z_SP, -16, parmBlk); // Revert resize_frame_absolute. |
1883 __ z_lg(Z_SP, -16, parmBlk); // Revert resize_frame_absolute. Z_SP saved by push_parmBlk. |
1875 BLOCK_COMMENT("} pop parmBlk"); |
1884 BLOCK_COMMENT("} pop parmBlk"); |
|
1885 } |
|
1886 |
|
1887 // Compute AES encrypt/decrypt function. |
|
1888 void generate_AES_cipherBlock(bool is_decipher) { |
|
1889 // Incoming arguments. |
|
1890 Register from = Z_ARG1; // source byte array |
|
1891 Register to = Z_ARG2; // destination byte array |
|
1892 Register key = Z_ARG3; // expanded key array |
|
1893 |
|
1894 const Register keylen = Z_R0; // Temporarily (until fCode is set) holds the expanded key array length. |
|
1895 |
|
1896 // Register definitions as required by KM instruction. |
|
1897 const Register fCode = Z_R0; // crypto function code |
|
1898 const Register parmBlk = Z_R1; // parameter block address (points to crypto key) |
|
1899 const Register src = Z_ARG1; // Must be even reg (KM requirement). |
|
1900 const Register srclen = Z_ARG2; // Must be odd reg and pair with src. Overwrites destination address. |
|
1901 const Register dst = Z_ARG3; // Must be even reg (KM requirement). Overwrites expanded key address. |
|
1902 |
|
1903 // Read key len of expanded key (in 4-byte words). |
|
1904 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
|
1905 |
|
1906 // Copy arguments to registers as required by crypto instruction. |
|
1907 __ z_lgr(parmBlk, key); // crypto key (in T_INT array). |
|
1908 __ lgr_if_needed(src, from); // Copy src address. Will not emit, src/from are identical. |
|
1909 __ z_lgr(dst, to); // Copy dst address, even register required. |
|
1910 |
|
1911 // Construct function code into fCode(Z_R0), data block length into srclen(Z_ARG2). |
|
1912 generate_load_AES_fCode(keylen, fCode, srclen, is_decipher); |
|
1913 |
|
1914 __ km(dst, src); // Cipher the message. |
|
1915 |
|
1916 __ z_br(Z_R14); |
1876 } |
1917 } |
1877 |
1918 |
1878 // Compute AES encrypt function. |
1919 // Compute AES encrypt function. |
1879 address generate_AES_encryptBlock(const char* name) { |
1920 address generate_AES_encryptBlock(const char* name) { |
1880 __ align(CodeEntryAlignment); |
1921 __ align(CodeEntryAlignment); |
1881 StubCodeMark mark(this, "StubRoutines", name); |
1922 StubCodeMark mark(this, "StubRoutines", name); |
1882 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
1923 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
1883 |
1924 |
1884 Register from = Z_ARG1; // source byte array |
1925 generate_AES_cipherBlock(false); |
1885 Register to = Z_ARG2; // destination byte array |
|
1886 Register key = Z_ARG3; // expanded key array |
|
1887 |
|
1888 const Register keylen = Z_R0; // Temporarily (until fCode is set) holds the expanded key array length. |
|
1889 const Register fCode = Z_R0; // crypto function code |
|
1890 const Register parmBlk = Z_R1; // parameter block address (points to crypto key) |
|
1891 const Register src = Z_ARG1; // is Z_R2 |
|
1892 const Register srclen = Z_ARG2; // Overwrites destination address. |
|
1893 const Register dst = Z_ARG3; // Overwrites expanded key address. |
|
1894 |
|
1895 // Read key len of expanded key (in 4-byte words). |
|
1896 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
|
1897 |
|
1898 // Copy arguments to registers as required by crypto instruction. |
|
1899 __ z_lgr(parmBlk, key); // crypto key (in T_INT array). |
|
1900 // __ z_lgr(src, from); // Copy not needed, src/from are identical. |
|
1901 __ z_lgr(dst, to); // Copy destination address to even register. |
|
1902 |
|
1903 // Construct function code in Z_R0, data block length in Z_ARG2. |
|
1904 generate_load_AES_fCode(keylen, fCode, srclen, false); |
|
1905 |
|
1906 __ km(dst, src); // Cipher the message. |
|
1907 |
|
1908 __ z_br(Z_R14); |
|
1909 |
1926 |
1910 return __ addr_at(start_off); |
1927 return __ addr_at(start_off); |
1911 } |
1928 } |
1912 |
1929 |
1913 // Compute AES decrypt function. |
1930 // Compute AES decrypt function. |
1914 address generate_AES_decryptBlock(const char* name) { |
1931 address generate_AES_decryptBlock(const char* name) { |
1915 __ align(CodeEntryAlignment); |
1932 __ align(CodeEntryAlignment); |
1916 StubCodeMark mark(this, "StubRoutines", name); |
1933 StubCodeMark mark(this, "StubRoutines", name); |
1917 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
1934 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
1918 |
1935 |
1919 Register from = Z_ARG1; // source byte array |
1936 generate_AES_cipherBlock(true); |
1920 Register to = Z_ARG2; // destination byte array |
|
1921 Register key = Z_ARG3; // expanded key array, not preset at entry!!! |
|
1922 |
|
1923 const Register keylen = Z_R0; // Temporarily (until fCode is set) holds the expanded key array length. |
|
1924 const Register fCode = Z_R0; // crypto function code |
|
1925 const Register parmBlk = Z_R1; // parameter block address (points to crypto key) |
|
1926 const Register src = Z_ARG1; // is Z_R2 |
|
1927 const Register srclen = Z_ARG2; // Overwrites destination address. |
|
1928 const Register dst = Z_ARG3; // Overwrites key address. |
|
1929 |
|
1930 // Read key len of expanded key (in 4-byte words). |
|
1931 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
|
1932 |
|
1933 // Copy arguments to registers as required by crypto instruction. |
|
1934 __ z_lgr(parmBlk, key); // Copy crypto key address. |
|
1935 // __ z_lgr(src, from); // Copy not needed, src/from are identical. |
|
1936 __ z_lgr(dst, to); // Copy destination address to even register. |
|
1937 |
|
1938 // Construct function code in Z_R0, data block length in Z_ARG2. |
|
1939 generate_load_AES_fCode(keylen, fCode, srclen, true); |
|
1940 |
|
1941 __ km(dst, src); // Cipher the message. |
|
1942 |
|
1943 __ z_br(Z_R14); |
|
1944 |
1937 |
1945 return __ addr_at(start_off); |
1938 return __ addr_at(start_off); |
1946 } |
1939 } |
1947 |
1940 |
1948 // These stubs receive the addresses of the cryptographic key and of the chaining value as two separate |
1941 // These stubs receive the addresses of the cryptographic key and of the chaining value as two separate |
1979 |
1969 |
1980 // Read key len of expanded key (in 4-byte words). |
1970 // Read key len of expanded key (in 4-byte words). |
1981 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
1971 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
1982 |
1972 |
1983 // Construct parm block address in parmBlk (== Z_R1), copy cv and key to parm block. |
1973 // Construct parm block address in parmBlk (== Z_R1), copy cv and key to parm block. |
1984 // Construct function code in Z_R0. |
1974 // Construct function code in fCode (Z_R0). |
1985 generate_push_parmBlk(keylen, fCode, parmBlk, key, cv, false); |
1975 generate_push_parmBlk(keylen, fCode, parmBlk, key, cv, is_decipher); |
1986 |
1976 |
1987 // Prepare other registers for instruction. |
1977 // Prepare other registers for instruction. |
1988 // __ z_lgr(src, from); // Not needed, registers are the same. |
1978 __ lgr_if_needed(src, from); // Copy src address. Will not emit, src/from are identical. |
1989 __ z_lgr(dst, to); |
1979 __ z_lgr(dst, to); |
1990 __ z_llgfr(srclen, msglen); // We pass the offsets as ints, not as longs as required. |
1980 __ z_llgfr(srclen, msglen); // We pass the offsets as ints, not as longs as required. |
1991 |
1981 |
1992 __ kmc(dst, src); // Cipher the message. |
1982 __ kmc(dst, src); // Cipher the message. |
1993 |
1983 |
1994 generate_pop_parmBlk(keylen, parmBlk, key, cv); |
1984 generate_pop_parmBlk(keylen, parmBlk, key, cv); |
1995 |
1985 |
1996 __ z_llgfr(Z_RET, msglen); // We pass the offsets as ints, not as longs as required. |
1986 __ z_llgfr(Z_RET, msglen); // We pass the offsets as ints, not as longs as required. |
1997 __ z_br(Z_R14); |
1987 __ z_br(Z_R14); |
|
1988 } |
|
1989 |
|
1990 // Compute chained AES encrypt function. |
|
1991 address generate_cipherBlockChaining_AES_encrypt(const char* name) { |
|
1992 __ align(CodeEntryAlignment); |
|
1993 StubCodeMark mark(this, "StubRoutines", name); |
|
1994 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
|
1995 |
|
1996 generate_AES_cipherBlockChaining(false); |
1998 |
1997 |
1999 return __ addr_at(start_off); |
1998 return __ addr_at(start_off); |
2000 } |
1999 } |
2001 |
2000 |
2002 // Compute chained AES encrypt function. |
2001 // Compute chained AES encrypt function. |
2003 address generate_cipherBlockChaining_AES_decrypt(const char* name) { |
2002 address generate_cipherBlockChaining_AES_decrypt(const char* name) { |
2004 __ align(CodeEntryAlignment); |
2003 __ align(CodeEntryAlignment); |
2005 StubCodeMark mark(this, "StubRoutines", name); |
2004 StubCodeMark mark(this, "StubRoutines", name); |
2006 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
2005 unsigned int start_off = __ offset(); // Remember stub start address (is rtn value). |
2007 |
2006 |
2008 Register from = Z_ARG1; // source byte array (ciphered) |
2007 generate_AES_cipherBlockChaining(true); |
2009 Register to = Z_ARG2; // destination byte array (clear text) |
|
2010 Register key = Z_ARG3; // expanded key array, not preset at entry!!! |
|
2011 Register cv = Z_ARG4; // chaining value |
|
2012 const Register msglen = Z_ARG5; // Total length of the msg to be encrypted. Value must be returned |
|
2013 // in Z_RET upon completion of this stub. |
|
2014 |
|
2015 const Register keylen = Z_R0; // Expanded key length, as read from key array. Temp only. |
|
2016 const Register fCode = Z_R0; // crypto function code |
|
2017 const Register parmBlk = Z_R1; // parameter block address (points to crypto key) |
|
2018 const Register src = Z_ARG1; // is Z_R2 |
|
2019 const Register srclen = Z_ARG2; // Overwrites destination address. |
|
2020 const Register dst = Z_ARG3; // Overwrites key address. |
|
2021 |
|
2022 // Read key len of expanded key (in 4-byte words). |
|
2023 __ z_lgf(keylen, Address(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT))); |
|
2024 |
|
2025 // Construct parm block address in parmBlk (== Z_R1), copy cv and key to parm block. |
|
2026 // Construct function code in Z_R0. |
|
2027 generate_push_parmBlk(keylen, fCode, parmBlk, key, cv, true); |
|
2028 |
|
2029 // Prepare other registers for instruction. |
|
2030 // __ z_lgr(src, from); // Not needed, registers are the same. |
|
2031 __ z_lgr(dst, to); |
|
2032 __ z_llgfr(srclen, msglen); // We pass the offsets as ints, not as longs as required. |
|
2033 |
|
2034 __ kmc(dst, src); // Decipher the message. |
|
2035 |
|
2036 generate_pop_parmBlk(keylen, parmBlk, key, cv); |
|
2037 |
|
2038 __ z_llgfr(Z_RET, msglen); // We pass the offsets as ints, not as longs as required. |
|
2039 __ z_br(Z_R14); |
|
2040 |
2008 |
2041 return __ addr_at(start_off); |
2009 return __ addr_at(start_off); |
2042 } |
2010 } |
2043 |
2011 |
2044 |
2012 |