aesencwide256kl
AES Encrypt Wide 256-bit Key Locker
Encrypts 8 blocks using 256-bit Key Locker handle.
Details
Encrypts 8 consecutive 128-bit blocks using AES in ECB mode with a 256-bit key loaded from a Key Locker handle. This instruction is part of the Key Locker extension and requires the handle at the memory operand to be a valid, initialized 512-bit Key Locker structure. The instruction reads plaintext from XMM0–XMM7, encrypts all blocks in parallel, and writes ciphertext back to XMM0–XMM7; ZF is set to 0 on success or 1 if the handle is invalid or key usage limit exceeded.
Pseudocode Operation
handle ← [mem128]
if (handle is invalid or usage_limit_exceeded) {
ZF ← 1
} else {
for i = 0 to 7:
XMM[i] ← AES_Encrypt_256(XMM[i], key_from_handle)
ZF ← 0
}
Example
Encoding
Operands
-
handle
Mem
Reference (Intel® SDM)
Instruction Forms
| Opcode | Instruction | Op/En | 64/32-bit Mode | CPUID | Description |
|---|---|---|---|---|---|
| F3 0F 38 D8 !(11):010:bbb | AESENCWIDE256KL m512, <XMM0-7> | A | V/V | AES_WIDE | Encrypt XMM0-7 using 256-bit AES key indicated by handle at m512 and store each resultant block back to its corresponding register. |
Instruction Operand Encoding
| Op/En | Operand 1 | Operand 2 | Operand 3 |
|---|---|---|---|
| A | N/A | ModRM:r/m (r) | Implicit XMM0-7 (r, w) |
Description
Operation
AESENCWIDE256KL Handle := UnalignedLoad of 512 bit (SRC); // Load is not guaranteed to be atomic. Illegal Handle = ( HandleReservedBitSet (Handle) || (Handle[0] AND (CPL > 0)) || Handle [1] || HandleKeyType (Handle) != HANDLE_KEY_TYPE_AES256 ); IF (Illegal Handle) THEN RFLAGS.ZF := 1; ELSE (UnwrappedKey, Authentic) := UnwrapKeyAndAuthenticate512 (Handle[511:0], IWKey); IF (Authentic == 0) THEN RFLAGS.ZF := 1; ELSE XMM0 := AES256Encrypt (XMM0, UnwrappedKey) ; XMM1 := AES256Encrypt (XMM1, UnwrappedKey) ; XMM2 := AES256Encrypt (XMM2, UnwrappedKey) ; XMM3 := AES256Encrypt (XMM3, UnwrappedKey) ; XMM4 := AES256Encrypt (XMM4, UnwrappedKey) ; XMM5 := AES256Encrypt (XMM5, UnwrappedKey) ; XMM6 := AES256Encrypt (XMM6, UnwrappedKey) ; XMM7 := AES256Encrypt (XMM7, UnwrappedKey) ; RFLAGS.ZF := 0; FI; FI; RFLAGS.OF, SF, AF, PF, CF := 0; 1. Further details on Key Locker and usage of this instruction can be found here: https://software.intel.com/content/www/us/en/develop/download/intel-key-locker-specification.html. AESENCWIDE256KL—Perform 14 Rounds of AES Encryption Flow With Key Locker on 8 Blocks Using 256-Bit Key Vol. 2A 3-55
Intel C/C++ Compiler Intrinsic Equivalent
AESENCWIDE256KLunsigned char _mm_aesencwide256kl_u8(__m128i odata[8], const __m128i idata[8], const void* h); Exceptions (All Operating Modes) #UD If the LOCK prefix is used. If CPUID.07H.00H:ECX.KEY_LOCKER[23] = 0. If CR4.KL = 0. If CPUID.19H:EBX.AESKLE[0] = 0. If CR0.EM = 1. If CR4.OSFXSR = 0. If CPUID.19H:EBX.AES_WIDE[2] = 0. #NM If CR0.TS = 1. #PF If a page fault occurs. #GP(0) If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit. If the DS, ES, FS, or GS register is used to access memory and it contains a NULL segment selector. If the memory address is in a non-canonical form. #SS(0) If a memory operand effective address is outside the SS segment limit. If a memory address referencing the SS segment is in a non-canonical form. AESENCWIDE256KL—Perform 14 Rounds of AES Encryption Flow With Key Locker on 8 Blocks Using 256-Bit Key Vol. 2A 3-56
Flags Affected
ZF is set to 0 if the operation succeeded and set to 1 if the operation failed due to a handle violation. The other arithmetic flags (OF, SF, AF, PF, CF) are cleared to 0.