Multi-vector AES single round decryption
The AESD instruction reads a 16-byte state array from each 128-bit segment of the two or four first source vectors, together with a round key from the indexed 128-bit segment of the corresponding 512-bit portion of the second source vector. Each state array undergoes a single round of the AddRoundKey(), InvShiftRows(), and InvSubBytes() transformations in accordance with the AES standard. Each updated state array is destructively placed in the corresponding segment of the two or four first source vectors.
When the vector length is less than 512 bits, the most significant bits of the index are ignored to select the indexed 128-bit segment of the second source vector. This instruction is unpredicated.
This instruction is legal in Streaming SVE mode if both FEAT_SSVE_AES and FEAT_SVE_AES2 are implemented.
It has encodings from 2 classes: Two registers and Four registers
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| 0 | 1 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 1 | i2 | 0 | 1 | 0 | 1 | 1 | 1 | 0 | 1 | 1 | Zm | Zdn | 0 | ||||||||
| size | op | o2 | o3 | ||||||||||||||||||||||||||||
if !IsFeatureImplemented(FEAT_SVE_AES2) then EndOfDecode(Decode_UNDEF); constant integer m = UInt(Zm); constant integer dn = UInt(Zdn:'0'); integer index = UInt(i2); constant integer nreg = 2;
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| 0 | 1 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 1 | i2 | 1 | 1 | 0 | 1 | 1 | 1 | 0 | 1 | 1 | Zm | Zdn | 0 | 0 | |||||||
| size | op | o2 | opc3 | ||||||||||||||||||||||||||||
if !IsFeatureImplemented(FEAT_SVE_AES2) then EndOfDecode(Decode_UNDEF); constant integer m = UInt(Zm); constant integer dn = UInt(Zdn:'00'); integer index = UInt(i2); constant integer nreg = 4;
| <Zdn2> |
Is the name of the second scalable vector register of the destination and first source multi-vector group, encoded as "Zdn" times 2 plus 1. |
| <Zm> |
Is the name of the second source scalable vector register, encoded in the "Zm" field. |
| <index> |
Is the round key index, in the range 0 to 3, encoded in the "i2" field. |
| <Zdn4> |
Is the name of the fourth scalable vector register of the destination and first source multi-vector group, encoded as "Zdn" times 4 plus 3. |
if IsFeatureImplemented(FEAT_SSVE_AES) then CheckSVEEnabled(); else CheckNonStreamingSVEEnabled(); constant integer VL = CurrentVL; if VL == 128 then index = 0; if VL == 256 then index = index MOD 2; constant integer segments = VL DIV 128; constant bits(VL) operand2 = Z[m, VL]; array [0..3] of bits(VL) results; for r = 0 to nreg-1 constant bits(VL) operand1 = Z[dn + r, VL]; for s = 0 to segments-1 constant integer keyindex = (s - (s MOD 4)) + index; constant bits(128) res = Elem[operand1, s, 128] EOR Elem[operand2, keyindex, 128]; Elem[results[r], s, 128] = AESInvSubBytes(AESInvShiftRows(res)); for r = 0 to nreg-1 Z[dn + r, VL] = results[r];
If PSTATE.DIT is 1:
Internal version only: aarchmrs v2024-12_rel, pseudocode v2024-12_rel ; Build timestamp: 2024-12-15T22:18
Copyright © 2010-2024 Arm Limited or its affiliates. All rights reserved. This document is Non-Confidential.