botan.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add AES-192 using AES-NI. Tested OK with Intel's simulator.	lloyd	2009-11-10	1	-2/+0
\| \| \| \| \| \| \|	Currently requires SSE4.1 for _mm_extract_epi32 for the key schedule, it would be nice to remove this dependency, though all currently known/scheduled chips with AES-NI (Intel Westmere and Sandy Bridge, and AMD Bulldozer) are supposed to include SSE 4.1 so this is not a huge problem.
*	Rename CPUID::has_intel_aes to has_aes_intel, and add CPUID::has_aes_via,	lloyd	2009-11-10	1	-2/+2
\| \| \| \|	which is currently just a stub returning false.
*	Fix errors in the AES-256 key schedule for the AES-NI version. Now passes	lloyd	2009-11-10	1	-1/+1
\| \| \| \| \| \| \| \| \|	tests under Intel's emulator. Document and enable in the engine. Merge both versions to aes_intel.cpp - some shared code and much similiar structure which might be sharable via macros.
*	Add a new need_isa marker for info.txt that lets a module depend	lloyd	2009-11-06	1	-5/+5
\| \| \| \| \| \| \| \| \| \| \| \|	on a particular ISA extension rather than a list of CPUs. Much easier to edit and audit, too. Add markers on the AES-NI code and SHA-1/SSE2. Serpent and XTEA don't need it because they are generic and only depend on simd_32 which will silenty swap out a scalar version if SSE2/AltiVec isn't enabled (since it turns out on supersclar processors just doing 4 blocks in parallel can be a win even in GPRs). Add pentium3 to the list of CPUs with rdtsc, was missing. Odd!
*	Add a complete but untested AES-128 using the AES-NI intrinsics.	lloyd	2009-11-06	1	-10/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	From looking at how key gen works in particular, it seems easiest to provide only AES-128, AES-192, and AES-256 and not a general AES class that can accept any key length. This also has the bonus of allowing full loop unrolling which may be a win (how much so will depend on the latency/throughput of the AES instructions which is currently unknown). No block interleaving, though of course it works very nicely here, simply due to the desire to keep things simple until what is currently here can actually be tested. (Intel has an emulator that is supposed to work but just crashes on my machine...) I'm not entirely sure if byte swapping is required. Intel has a white paper out that suggests it isn't (and really it would have been stupid of them to not build this into the aes instructions), but who knows. If it turns out to be necessary there is a pretty fast bswap instruction for SSE anyway.
*	Stub for AES class using Intel's AES-NI instructions and an engine for	lloyd	2009-11-06	3	-0/+85
	providing it. Also stubs in the engine for VIA's AES instructions, but needs CPUID checking also.