aesencwide256kl

AES Encrypt Wide 256-bit Key Locker

AESENCWIDE256KL m128

Encrypts 8 blocks using 256-bit Key Locker handle.

Details

Encrypts 8 consecutive 128-bit blocks using AES in ECB mode with a 256-bit key loaded from a Key Locker handle. This instruction is part of the Key Locker extension and requires the handle at the memory operand to be a valid, initialized 512-bit Key Locker structure. The instruction reads plaintext from XMM0–XMM7, encrypts all blocks in parallel, and writes ciphertext back to XMM0–XMM7; ZF is set to 0 on success or 1 if the handle is invalid or key usage limit exceeded.

Pseudocode Operation

handle ← [mem128]
if (handle is invalid or usage_limit_exceeded) {
  ZF ← 1
} else {
  for i = 0 to 7:
    XMM[i] ← AES_Encrypt_256(XMM[i], key_from_handle)
  ZF ← 0
}

Example

AESENCWIDE256KL [rbp-16]

Encoding

Binary Layout
F3
+0
0F
+1
38
+2
D8
+3
ModRM
+4
 
Format Legacy
Opcode F3 0F 38 D8 !(11):010:bbb
Extension KEYLOCKER_WIDE

Operands

  • handle
    Mem

Reference (Intel® SDM)

Instruction Forms

Opcode Instruction Op/En 64/32-bit Mode CPUID Description
F3 0F 38 D8 !(11):010:bbb AESENCWIDE256KL m512, <XMM0-7> A V/V AES_WIDE Encrypt XMM0-7 using 256-bit AES key indicated by handle at m512 and store each resultant block back to its corresponding register.

Instruction Operand Encoding

Op/En Operand 1 Operand 2 Operand 3
A N/A ModRM:r/m (r) Implicit XMM0-7 (r, w)

Description

The AESENCWIDE256KL1 instruction performs 14 rounds of AES to encrypt each of the eight blocks in XMM0-7 using the 256-bit key indicated by the handle from the second operand. It replaces each input block in XMM0-7 with its corresponding encrypted block if the operation succeeds (e.g., does not run into a handle violation failure).

Operation

AESENCWIDE256KL
Handle := UnalignedLoad of 512 bit (SRC);      // Load is not guaranteed to be atomic.
Illegal Handle = (
HandleReservedBitSet (Handle) ||
(Handle[0] AND (CPL > 0)) ||
Handle [1] ||
HandleKeyType (Handle) != HANDLE_KEY_TYPE_AES256
);
IF (Illegal Handle)
THEN RFLAGS.ZF := 1;
ELSE
(UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey);
IF (Authentic == 0)
THEN RFLAGS.ZF := 1;
ELSE
XMM0 := AES256Encrypt (XMM0, UnwrappedKey) ;
XMM1 := AES256Encrypt (XMM1, UnwrappedKey) ;
XMM2 := AES256Encrypt (XMM2, UnwrappedKey) ;
XMM3 := AES256Encrypt (XMM3, UnwrappedKey) ;
XMM4 := AES256Encrypt (XMM4, UnwrappedKey) ;
XMM5 := AES256Encrypt (XMM5, UnwrappedKey) ;
XMM6 := AES256Encrypt (XMM6, UnwrappedKey) ;
XMM7 := AES256Encrypt (XMM7, UnwrappedKey) ;
RFLAGS.ZF := 0;
FI;
FI;
RFLAGS.OF, SF, AF, PF, CF := 0;





1.  Further details on Key Locker and usage of this instruction can be found here:
https://software.intel.com/content/www/us/en/develop/download/intel-key-locker-specification.html.


AESENCWIDE256KL—Perform 14 Rounds of AES Encryption Flow With Key Locker on 8 Blocks Using 256-Bit Key                            Vol. 2A 3-55

Intel C/C++ Compiler Intrinsic Equivalent

AESENCWIDE256KLunsigned char _mm_aesencwide256kl_u8(__m128i odata[8], const __m128i idata[8], const void* h);
Exceptions (All Operating Modes)
#UD                     If the LOCK prefix is used.
If CPUID.07H.00H:ECX.KEY_LOCKER[23] = 0.
If CR4.KL = 0.
If CPUID.19H:EBX.AESKLE[0] = 0.
If CR0.EM = 1.
If CR4.OSFXSR = 0.
If CPUID.19H:EBX.AES_WIDE[2] = 0.
#NM                    If CR0.TS = 1.
#PF                     If a page fault occurs.
#GP(0)                 If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit.
If the DS, ES, FS, or GS register is used to access memory and it contains a NULL segment
selector.
If the memory address is in a non-canonical form.
#SS(0)                 If a memory operand effective address is outside the SS segment limit.
If a memory address referencing the SS segment is in a non-canonical form.
AESENCWIDE256KL—Perform 14 Rounds of AES Encryption Flow With Key Locker on 8 Blocks Using 256-Bit Key                            Vol. 2A 3-56

Flags Affected

ZF is set to 0 if the operation succeeded and set to 1 if the operation failed due to a handle violation. The other arithmetic flags (OF, SF, AF, PF, CF) are cleared to 0.