From 0d4f4e5b01a1a57677c380b1223520f953eaaaf9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 14:32:47 +0800
Subject: [PATCH 01/56] Add option to disable built-in aes implementation.

For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 5 +++++
 library/aesce.c                  | 2 ++
 library/aesce.h                  | 5 +++++
 library/aesni.c                  | 2 ++
 library/aesni.h                  | 4 ++++
 library/padlock.c                | 2 ++
 library/padlock.h                | 5 ++++-
 7 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 719bbed8f..a086bfe5d 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4006,4 +4006,9 @@
  */
 //#define MBEDTLS_ECP_WITH_MPI_UINT
 
+/*
+ * Platform independent implementation for crypto algorithms.
+ */
+//#define MBEDTLS_AES_HAS_NO_BUILTIN /* Uncomment to disable built-in platform independent code of AES */
+
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index ed3cca11d..baa01dbd6 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,6 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * AES instruction support detection routine
  */
@@ -113,6 +114,7 @@ int mbedtls_aesce_has_support(void)
     return 1;
 #endif
 }
+#endif
 
 /* Single round of AESCE encryption */
 #define AESCE_ENCRYPT_ROUND                   \
diff --git a/library/aesce.h b/library/aesce.h
index b12bf76ba..b166e15c1 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -47,7 +47,12 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_aesce_has_support(void);
+#else
+#define /* no-check-names */ mbedtls_aesce_has_support() 1
+#endif
+
 
 /**
  * \brief          Internal AES-ECB block encryption and decryption
diff --git a/library/aesni.c b/library/aesni.c
index 9d1c0f135..b6d119179 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,6 +39,7 @@
 #include <immintrin.h>
 #endif
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * AES-NI support detection routine
  */
@@ -68,6 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
+#endif /* !MBEDTLS_AES_HAS_NO_BUILTIN */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index 82947e458..fa1f369ed 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -88,7 +88,11 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_aesni_has_support(unsigned int what);
+#else
+#define /* no-check-names */ mbedtls_aesni_has_support(what) 1
+#endif
 
 /**
  * \brief          Internal AES-NI AES-ECB block encryption and decryption
diff --git a/library/padlock.c b/library/padlock.c
index f42c40ff9..111b28cf8 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,6 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * PadLock detection routine
  */
@@ -62,6 +63,7 @@ int mbedtls_padlock_has_support(int feature)
 
     return flags & feature;
 }
+#endif
 
 /*
  * PadLock AES-ECB block en(de)cryption
diff --git a/library/padlock.h b/library/padlock.h
index b5f0d7d7a..10c1c6994 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -41,7 +41,6 @@
 /* Some versions of ASan result in errors about not enough registers */
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif
@@ -69,7 +68,11 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_padlock_has_support(int feature);
+#else
+#define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
+#endif
 
 /**
  * \brief          Internal PadLock AES-ECB block en(de)cryption

From d767cc4106f3a88f25fb6ada9010816e262e1e02 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 15:03:55 +0800
Subject: [PATCH 02/56] Add accelerator only tests.

The cases with runtime detection have been
covered by `full` configuration

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml          | 25 +++++++++++++++++++++++++
 tests/scripts/all.sh | 37 +++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index bf5ccd96e..7ed130aa9 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -129,6 +129,31 @@ jobs:
         - tests/scripts/travis-log-failure.sh
         - tests/context-info.sh
 
+    - name: Arm64 accelerators tests on arm64 host
+      os: linux
+      dist: focal
+      arch: arm64
+      addons:
+        apt:
+          packages:
+          - gcc
+      script:
+        # Do a manual build+test sequence rather than using all.sh.
+        #
+        # This is arm64 host only test for no runtime detection case. Internal
+        # and Open CI do not include Arm64 host, and they check if components
+        # are be tested. As result, it will always fail on `pre-test-check` in
+        # them.
+        - scripts/config.py unset MBEDTLS_AESNI_C
+        - scripts/config.py unset MBEDTLS_PADLOCK_C
+        - scripts/config.py set MBEDTLS_AESCE_C
+        - scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+        - make generated_files
+        - make
+        - programs/test/selftest
+        - tests/scripts/travis-log-failure.sh
+        - tests/context-info.sh
+
 after_failure:
 - tests/scripts/travis-log-failure.sh
 
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 97c01f303..8dd6b8cec 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,6 +4941,43 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
+component_test_aes_builtin_only () {
+    msg "Test: AES builtin only"
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py unset MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build: make, AES built-in only" # ~10s
+    make
+
+    msg "selftest: AES built-in only" # ~10s
+    programs/test/selftest
+}
+
+component_test_aes_aesni_only () {
+    msg "Test: AESNI only"
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build:  AESNI only" # ~10s
+    make
+
+    msg "selftest:  AESNI only" # ~10s
+    programs/test/selftest
+}
+
+component_test_aes_padlock_only () {
+    msg "Test: AES, VIA padlock only"
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build: AES, VIA padlock only" # ~10s
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+}
+
 ################################################################
 #### Termination
 ################################################################

From 2f26a599101613881767778164f21e4d6b79bfd9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 15:06:33 +0800
Subject: [PATCH 03/56] Add std output information for AESCE in gcm

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/gcm.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/gcm.c b/library/gcm.c
index a05e4c30f..d49725c69 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -884,6 +884,13 @@ int mbedtls_gcm_self_test(int verbose)
             mbedtls_printf("  GCM note: using AESNI.\n");
         } else
 #endif
+
+#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
+        if (mbedtls_aesce_has_support()) {
+            mbedtls_printf("  GCM note: using AESCE.\n");
+        } else
+#endif
+
         mbedtls_printf("  GCM note: built-in implementation.\n");
 #endif /* MBEDTLS_GCM_ALT */
     }

From 315fd30201d8866e15e28c9fb5f2b0cf22c47cd5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:19:54 +0800
Subject: [PATCH 04/56] Rename plain c disable option

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      | 2 +-
 include/mbedtls/mbedtls_config.h | 2 +-
 library/aesce.c                  | 2 +-
 library/aesce.h                  | 2 +-
 library/aesni.c                  | 4 ++--
 library/aesni.h                  | 2 +-
 library/padlock.c                | 2 +-
 library/padlock.h                | 2 +-
 tests/scripts/all.sh             | 6 +++---
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 7ed130aa9..04647be63 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+        - scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a086bfe5d..d5753ca2f 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4009,6 +4009,6 @@
 /*
  * Platform independent implementation for crypto algorithms.
  */
-//#define MBEDTLS_AES_HAS_NO_BUILTIN /* Uncomment to disable built-in platform independent code of AES */
+//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable built-in platform independent code of AES */
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index baa01dbd6..982cad693 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index b166e15c1..1b2edad41 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -47,7 +47,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index b6d119179..766b6713c 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_HAS_NO_BUILTIN */
+#endif /* !MBEDTLS_AES_HAS_NO_PLAIN_C */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index fa1f369ed..341350a1e 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -88,7 +88,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index 111b28cf8..eeb6368fa 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 10c1c6994..7ec960d7a 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -68,7 +68,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 8dd6b8cec..20ced44d4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4946,7 +4946,7 @@ component_test_aes_builtin_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py unset MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From 4d030f3acd1ea6062ee144c1912ab38bdca36265 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:25:18 +0800
Subject: [PATCH 05/56] Add check for no aes implementation provided

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h   | 3 +++
 library/aesni.h   | 3 +++
 library/padlock.h | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/library/aesce.h b/library/aesce.h
index 1b2edad41..a67fc0d9c 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,6 +33,9 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
+#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
 #endif
 #endif
 
diff --git a/library/aesni.h b/library/aesni.h
index 341350a1e..1c960703f 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,6 +39,9 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
+#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
 #endif
 
 #if defined(MBEDTLS_AESNI_C)
diff --git a/library/padlock.h b/library/padlock.h
index 7ec960d7a..415838685 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,6 +47,10 @@
 
 #include <stdint.h>
 
+#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
+
 #define MBEDTLS_PADLOCK_RNG 0x000C
 #define MBEDTLS_PADLOCK_ACE 0x00C0
 #define MBEDTLS_PADLOCK_PHE 0x0C00

From 1b3ab36b5596cb90b328907f3b2d659e2aaa49eb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:27:00 +0800
Subject: [PATCH 06/56] Update comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index d5753ca2f..894ee7897 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4008,7 +4008,8 @@
 
 /*
  * Platform independent implementation for crypto algorithms.
+ * Disable plain c implementation for AES.
  */
-//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable built-in platform independent code of AES */
+//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable plain c implementation of AES */
 
 /** \} name SECTION: Module configuration options */

From 3fcf2b505341cc7204513c9dde5faffe18c4a1d9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 15:57:16 +0800
Subject: [PATCH 07/56] Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      | 2 +-
 include/mbedtls/mbedtls_config.h | 2 +-
 library/aesce.c                  | 2 +-
 library/aesce.h                  | 4 ++--
 library/aesni.c                  | 4 ++--
 library/aesni.h                  | 4 ++--
 library/padlock.c                | 2 +-
 library/padlock.h                | 4 ++--
 tests/scripts/all.sh             | 6 +++---
 9 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 04647be63..10d67ee2e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+        - scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 894ee7897..a1b564f28 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4010,6 +4010,6 @@
  * Platform independent implementation for crypto algorithms.
  * Disable plain c implementation for AES.
  */
-//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable plain c implementation of AES */
+//#define MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO /* Uncomment to disable plain c implementation of AES */
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index 982cad693..4b7e04819 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index a67fc0d9c..900eac713 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,7 +33,7 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 #endif
@@ -50,7 +50,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index 766b6713c..31321c43d 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_HAS_NO_PLAIN_C */
+#endif /* !MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index 1c960703f..1302a11f7 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,7 +39,7 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 #endif
@@ -91,7 +91,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index eeb6368fa..82b84bfb9 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 415838685..7356d01c4 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,7 +47,7 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 
@@ -72,7 +72,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 20ced44d4..3ded9d604 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4946,7 +4946,7 @@ component_test_aes_builtin_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py unset MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From 8840a8c5740671f6ce3b8b6996cec23be9e95217 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 10:18:50 +0800
Subject: [PATCH 08/56] fix wrong checks

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h   | 4 ++--
 library/aesni.h   | 4 ++--
 library/padlock.h | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/aesce.h b/library/aesce.h
index 900eac713..0af8f61ef 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,8 +33,8 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
 #endif
diff --git a/library/aesni.h b/library/aesni.h
index 1302a11f7..dddbf99b8 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,8 +39,8 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
 
diff --git a/library/padlock.h b/library/padlock.h
index 7356d01c4..3b20d4298 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,8 +47,8 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 
 #define MBEDTLS_PADLOCK_RNG 0x000C

From 3660623e59ee8ac9f0d4ec4bdd0f891424f074a5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 10:44:29 +0800
Subject: [PATCH 09/56] Rename plain c option and update comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      |  2 +-
 include/mbedtls/mbedtls_config.h | 10 ++++++++--
 library/aesce.c                  |  2 +-
 library/aesce.h                  |  4 ++--
 library/aesni.c                  |  4 ++--
 library/aesni.h                  |  4 ++--
 library/padlock.c                |  2 +-
 library/padlock.h                |  4 ++--
 tests/scripts/all.sh             |  8 ++++----
 9 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 10d67ee2e..26e6c578d 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+        - scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a1b564f28..5474060a7 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4008,8 +4008,14 @@
 
 /*
  * Platform independent implementation for crypto algorithms.
- * Disable plain c implementation for AES.
+ * Disable plain C implementation for AES.
+ *
+ * If the plain C implementation is enabled, and an implementation using a
+ * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
+ * detection will be used to select between them.
+ *
+ * If only one implementation is present, runtime detection will not be used.
  */
-//#define MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO /* Uncomment to disable plain c implementation of AES */
+//#define MBEDTLS_AES_USE_HARDWARE_ONLY
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index 4b7e04819..8aa07894f 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index 0af8f61ef..7e9c12a3c 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,7 +33,7 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
@@ -50,7 +50,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index 31321c43d..cc3a3b3f3 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO */
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index dddbf99b8..c17b61355 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,7 +39,7 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
@@ -91,7 +91,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index 82b84bfb9..001172200 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 3b20d4298..ad407f2ea 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,7 +47,7 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 
@@ -72,7 +72,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 3ded9d604..c2704a97f 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,12 +4941,12 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
-component_test_aes_builtin_only () {
+component_test_aes_donot_use_hardware () {
     msg "Test: AES builtin only"
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From d76ded046c60aaabbc66661c6cbd9292cddc416d Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 11:07:40 +0800
Subject: [PATCH 10/56] fix various issues

- unnecessary command
- extra blank and empty line

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml          | 1 -
 library/padlock.h    | 1 +
 tests/scripts/all.sh | 5 ++---
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 26e6c578d..75f4c6464 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -151,7 +151,6 @@ jobs:
         - make generated_files
         - make
         - programs/test/selftest
-        - tests/scripts/travis-log-failure.sh
         - tests/context-info.sh
 
 after_failure:
diff --git a/library/padlock.h b/library/padlock.h
index ad407f2ea..4de462ca0 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -41,6 +41,7 @@
 /* Some versions of ASan result in errors about not enough registers */
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
+
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c2704a97f..c34fe990c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4960,10 +4960,10 @@ component_test_aes_aesni_only () {
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build:  AESNI only" # ~10s
+    msg "build: AESNI only" # ~10s
     make
 
-    msg "selftest:  AESNI only" # ~10s
+    msg "selftest: AESNI only" # ~10s
     programs/test/selftest
 }
 
@@ -4975,7 +4975,6 @@ component_test_aes_padlock_only () {
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
-
 }
 
 ################################################################

From 4dfbb2e7476d93f0f20cedc1a180be6cc51166d2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sun, 23 Apr 2023 14:30:34 +0800
Subject: [PATCH 11/56] add changelog entry

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 ChangeLog.d/add-aes-hardware-only-option.txt

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
new file mode 100644
index 000000000..69db58ece
--- /dev/null
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -0,0 +1,6 @@
+Features
+   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When using
+     CPU-accelerated AES (e.g., Arm Crypto Extensions), this option disables
+     the plain C implementation and the run-time detection for the CPU feature,
+     which reduces code size and avoid the vulnerability of the plain C
+     implementation.

From 02b1519ab6f7ab297161a2212dd2d6cf95d1a71e Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sun, 23 Apr 2023 14:43:19 +0800
Subject: [PATCH 12/56] move accelerator checks to `aes.c`

Origin position is always validate due to conflict
between the guards in `aes.c` and module undef check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c     | 27 +++++++++++++++++++++++++++
 library/aesce.h   |  3 ---
 library/aesni.h   |  3 ---
 library/padlock.h |  4 ----
 4 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 6d718f461..d6ecdcca5 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -33,6 +33,33 @@
 #include "mbedtls/platform.h"
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+    defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
+#define MBEDTLS_HAVE_ARM64
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+    (defined(__amd64__) || defined(__x86_64__))   &&  \
+    !defined(MBEDTLS_HAVE_X86_64)
+#define MBEDTLS_HAVE_X86_64
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
+    !defined(MBEDTLS_HAVE_ASAN)
+#define MBEDTLS_HAVE_X86
+
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
 #if defined(MBEDTLS_PADLOCK_C)
 #include "padlock.h"
 #endif
diff --git a/library/aesce.h b/library/aesce.h
index 7e9c12a3c..fbf545649 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,9 +33,6 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
 #endif
 #endif
 
diff --git a/library/aesni.h b/library/aesni.h
index c17b61355..6b5afb9b5 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,9 +39,6 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
 #endif
 
 #if defined(MBEDTLS_AESNI_C)
diff --git a/library/padlock.h b/library/padlock.h
index 4de462ca0..c031f4bb5 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -48,10 +48,6 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
-
 #define MBEDTLS_PADLOCK_RNG 0x000C
 #define MBEDTLS_PADLOCK_ACE 0x00C0
 #define MBEDTLS_PADLOCK_PHE 0x0C00

From 9e3e3dd45bb761424c7370fdb7c1e0f6d72e7499 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 24 Apr 2023 17:19:38 +0800
Subject: [PATCH 13/56] Fix code-style  too-long line fail

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
index 69db58ece..2461479e6 100644
--- a/ChangeLog.d/add-aes-hardware-only-option.txt
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -1,6 +1,6 @@
 Features
-   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When using
-     CPU-accelerated AES (e.g., Arm Crypto Extensions), this option disables
-     the plain C implementation and the run-time detection for the CPU feature,
-     which reduces code size and avoid the vulnerability of the plain C
-     implementation.
+   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When
+     using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
+     disables the plain C implementation and the run-time detection for the
+     CPU feature, which reduces code size and avoid the vulnerability of the
+     plain C implementation.

From e77c4d95a737b80bf239b2ef8fa95a51b9c033e7 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 24 Apr 2023 17:26:44 +0800
Subject: [PATCH 14/56] Mention the crash risk without runtime detection

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 5474060a7..6fcd02561 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,6 +4015,7 @@
  * detection will be used to select between them.
  *
  * If only one implementation is present, runtime detection will not be used.
+ * This configuration will crash if running on the CPU without needed features.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 

From 69436818205d4c39eb63d06c9d1e66e557a94f2f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 25 Apr 2023 11:08:30 +0800
Subject: [PATCH 15/56] Improve error message and documents

- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 2 +-
 include/mbedtls/mbedtls_config.h             | 4 +++-
 library/aes.c                                | 6 +++---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
index 2461479e6..a185aff2a 100644
--- a/ChangeLog.d/add-aes-hardware-only-option.txt
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -2,5 +2,5 @@ Features
    * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When
      using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
      disables the plain C implementation and the run-time detection for the
-     CPU feature, which reduces code size and avoid the vulnerability of the
+     CPU feature, which reduces code size and avoids the vulnerability of the
      plain C implementation.
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 6fcd02561..46d3dc28c 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,7 +4015,9 @@
  * detection will be used to select between them.
  *
  * If only one implementation is present, runtime detection will not be used.
- * This configuration will crash if running on the CPU without needed features.
+ * This configuration will crash at runtime if running on a CPU without the
+ * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C,
+ * MBEDTLS_AESNI_C and/or MBEDTLS_PADLOCK_C is enabled & present in the build.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 
diff --git a/library/aes.c b/library/aes.c
index d6ecdcca5..00ba40c36 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -38,7 +38,7 @@
     defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
 #define MBEDTLS_HAVE_ARM64
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -47,7 +47,7 @@
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -56,7 +56,7 @@
 #define MBEDTLS_HAVE_X86
 
 #if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 

From 1414029ff0a0dba76186fb0be9270faafcb0d9cd Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 1 Aug 2023 12:57:52 +0800
Subject: [PATCH 16/56] improve document about hardware only

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 46d3dc28c..3dcaa4614 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4007,10 +4007,9 @@
 //#define MBEDTLS_ECP_WITH_MPI_UINT
 
 /*
- * Platform independent implementation for crypto algorithms.
  * Disable plain C implementation for AES.
  *
- * If the plain C implementation is enabled, and an implementation using a
+ * When the plain C implementation is enabled, and an implementation using a
  * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
  * detection will be used to select between them.
  *

From 69dd441eb5878446ce877ea4a4b70dac505a726f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 2 Aug 2023 17:42:00 +0800
Subject: [PATCH 17/56] Remove test_aes_*

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 35 -----------------------------------
 1 file changed, 35 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c34fe990c..dee03e950 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,41 +4941,6 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
-component_test_aes_donot_use_hardware () {
-    msg "Test: AES builtin only"
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: make, AES built-in only" # ~10s
-    make
-
-    msg "selftest: AES built-in only" # ~10s
-    programs/test/selftest
-}
-
-component_test_aes_aesni_only () {
-    msg "Test: AESNI only"
-    scripts/config.py set MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: AESNI only" # ~10s
-    make
-
-    msg "selftest: AESNI only" # ~10s
-    programs/test/selftest
-}
-
-component_test_aes_padlock_only () {
-    msg "Test: AES, VIA padlock only"
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py set MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: AES, VIA padlock only" # ~10s
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
-}
 
 ################################################################
 #### Termination

From 1221a31cc475081ba7e517107431b8069d8330bc Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 16:09:07 +0800
Subject: [PATCH 18/56] Run aes tests only for test_aesni

That can reduce time of selftest

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index dee03e950..012e2a8e1 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3869,14 +3869,14 @@ component_test_aesni () { # ~ 60s
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
-    ./programs/test/selftest | grep "AESNI code" | grep -q "intrinsics"
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
 
     # test the asm implementation
     msg "AES tests, test assembly"
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
     # check that we built assembly - this should be built if the compiler does not support intrinsics
-    ./programs/test/selftest | grep "AESNI code" | grep -q "assembly"
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly"
 
     # test the plain C implementation
     scripts/config.py unset MBEDTLS_AESNI_C
@@ -3884,7 +3884,7 @@ component_test_aesni () { # ~ 60s
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
-    ./programs/test/selftest | not grep -q "AESNI code"
+    ./programs/test/selftest aes | not grep -q "AESNI code"
 }
 
 component_test_aes_only_128_bit_keys () {

From 17a9d2e412d74bb39b60d8cc08cfeb46d980ebcb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 16:14:18 +0800
Subject: [PATCH 19/56] Add MBEDTLS_AES_USE_HADWARE_ONLY for test_aesni

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 012e2a8e1..a3b720af2 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3862,6 +3862,7 @@ component_test_aesni () { # ~ 60s
 
     msg "build: default config with different AES implementations"
     scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     scripts/config.py set MBEDTLS_HAVE_ASM
 
     # test the intrinsics implementation
@@ -3880,6 +3881,7 @@ component_test_aesni () { # ~ 60s
 
     # test the plain C implementation
     scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, plain C"
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'

From 8a599c03fa63a37490137df66867c17c9d4c102f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:01:02 +0800
Subject: [PATCH 20/56] Add aesni only test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a3b720af2..c23222503 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3887,6 +3887,15 @@ component_test_aesni () { # ~ 60s
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
+
+    # test the intrinsics implementation
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI only"
+    make clean
+    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    # check that we built intrinsics - this should be used by default when supported by the compiler
+    ./programs/test/selftest aes | grep "AES note: using AESNI"
 }
 
 component_test_aes_only_128_bit_keys () {

From 193cbc03fe3c2683395fa080c84de0d8a19a3dae Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:06:29 +0800
Subject: [PATCH 21/56] Add aesce build  test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c23222503..cbd431cff 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3898,6 +3898,39 @@ component_test_aesni () { # ~ 60s
     ./programs/test/selftest aes | grep "AES note: using AESNI"
 }
 
+
+# For timebeing, no aarch64 gcc available in CI and no arm64 CI node.
+component_build_aes_aesce_armcc () {
+    msg "Build: AESCE test on arm64 platform without plain C."
+    scripts/config.py baremetal
+
+    # armc[56] don't support SHA-512 intrinsics
+    scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
+
+    # Stop armclang warning about feature detection for A64_CRYPTO.
+    # With this enabled, the library does build correctly under armclang,
+    # but in baremetal builds (as tested here), feature detection is
+    # unavailable, and the user is notified via a #warning. So enabling
+    # this feature would prevent us from building with -Werror on
+    # armclang. Tracked in #7198.
+    scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
+    scripts/config.py set MBEDTLS_HAVE_ASM
+
+    msg "AESCE, build with default configuration."
+    scripts/config.py set MBEDTLS_AESCE_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
+
+    msg "AESCE, build AESCE only"
+    scripts/config.py set MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
+}
+
+support_build_aes_aesce_armcc () {
+    support_build_armcc
+}
+
 component_test_aes_only_128_bit_keys () {
     msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH"
     scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH

From c935aa617b5ea999f9c381a056ec623754c068b9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:08:27 +0800
Subject: [PATCH 22/56] Add via padlock build test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index cbd431cff..d67b484b1 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3927,6 +3927,22 @@ component_build_aes_aesce_armcc () {
     armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
 }
 
+# For timebeing, no VIA Padlock platform available.
+component_build_aes_via_padlock () {
+
+    msg "AES:VIA PadLock, build with default configuration."
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+}
+
+support_build_aes_via_padlock_only () {
+    ( [ "$MBEDTLS_TEST_PLATFORM" == "Linux-x86_64" ] || \
+        [ "$MBEDTLS_TEST_PLATFORM" == "Linux-amd64" ] ) && \
+    [ "`dpkg --print-foreign-architectures`" == "i386" ]
+}
+
 support_build_aes_aesce_armcc () {
     support_build_armcc
 }

From 2700ef6bb0f5a237e2e446d4e5680ecd0ad14a38 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:13:52 +0800
Subject: [PATCH 23/56] Add aesce test string filter

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 75f4c6464..3a608f54e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -150,7 +150,7 @@ jobs:
         - scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
         - make generated_files
         - make
-        - programs/test/selftest
+        - programs/test/selftest aes | grep "using AESCE"
         - tests/context-info.sh
 
 after_failure:

From 29c91ba42d05e45fa91d154d1c246c7d3779412b Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 11:02:04 +0800
Subject: [PATCH 24/56] fix unreachable code warnings

It is detected by clang with bellow patch
```
diff --git a/library/Makefile b/library/Makefile
index fdab4f4ba0..967f9e2e65 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -306,8 +306,8 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)

 .c.o:
        echo "  CC    $<"
-       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
+       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $(@:%.o=%.i) -E $<
+       $(CC) $(LOCAL_CFLAGS) -Wunreachable-code -Werror -Wno-unused-command-line-argument $(CFLAGS) -o $@ -c $(@:%.o=%.i)
 .PHONY: generated_files
 GENERATED_FILES = \
        error.c version_features.c \
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 00ba40c36..8afa7a65d 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -622,7 +622,9 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     unsigned int i;
+#endif
     uint32_t *RK;
 
     switch (keybits) {
@@ -656,6 +658,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
     }
@@ -722,6 +725,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 
     return 0;
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 }
 #endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
 
@@ -732,10 +736,14 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
-    int i, j, ret;
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+    int i, j;
+    uint32_t *SK;
+#endif
+    int ret;
     mbedtls_aes_context cty;
     uint32_t *RK;
-    uint32_t *SK;
+
 
     mbedtls_aes_init(&cty);
 
@@ -767,6 +775,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     SK = cty.buf + cty.rk_offset + cty.nr * 4;
 
     *RK++ = *SK++;
@@ -787,7 +796,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     *RK++ = *SK++;
     *RK++ = *SK++;
     *RK++ = *SK++;
-
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 exit:
     mbedtls_aes_free(&cty);
 
@@ -1095,11 +1104,14 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);
     } else {
         return mbedtls_internal_aes_decrypt(ctx, input, output);
     }
+#endif
+
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1899,7 +1911,11 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESCE.\n");
         } else
 #endif
-        mbedtls_printf("  AES note: built-in implementation.\n");
+        {
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+            mbedtls_printf("  AES note: built-in implementation.\n");
+#endif
+        }
 #endif /* MBEDTLS_AES_ALT */
     }
 

From b241db3e2630b80b8a1d17522b4fda9d2a643b88 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 16:28:22 +0800
Subject: [PATCH 25/56] remove padlock only mode

padlock depends on pure c implementation

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/padlock.c | 6 ++++--
 library/padlock.h | 4 ----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/library/padlock.c b/library/padlock.c
index 001172200..38d110e0b 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,10 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
+#endif
+
 /*
  * PadLock detection routine
  */
@@ -63,7 +66,6 @@ int mbedtls_padlock_has_support(int feature)
 
     return flags & feature;
 }
-#endif
 
 /*
  * PadLock AES-ECB block en(de)cryption
diff --git a/library/padlock.h b/library/padlock.h
index c031f4bb5..b5f0d7d7a 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -69,11 +69,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_padlock_has_support(int feature);
-#else
-#define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
-#endif
 
 /**
  * \brief          Internal PadLock AES-ECB block en(de)cryption

From fce351def82c1ed5b3135a887e3ada7f75f3fdc3 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 17:13:36 +0800
Subject: [PATCH 26/56] improve platform relative check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 8afa7a65d..4929235ec 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,27 +34,23 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+#if defined(MBEDTLS_HAVE_ASM) && \
     defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
-#define MBEDTLS_HAVE_ARM64
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+#if defined(MBEDTLS_HAVE_ASM) && \
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
-#define MBEDTLS_HAVE_X86_64
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
+#if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-#define MBEDTLS_HAVE_X86
-
 #if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 9c0b7d13bf71bea4ca8637c3b815f813f6b8cd85 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 17:25:59 +0800
Subject: [PATCH 27/56] Remove unnecessary name check tag

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h | 2 +-
 library/aesni.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/aesce.h b/library/aesce.h
index fbf545649..9b8b0bcd6 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -50,7 +50,7 @@ extern "C" {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesce_has_support(void);
 #else
-#define /* no-check-names */ mbedtls_aesce_has_support() 1
+#define mbedtls_aesce_has_support() 1
 #endif
 
 
diff --git a/library/aesni.h b/library/aesni.h
index 6b5afb9b5..f461ae288 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -91,7 +91,7 @@ extern "C" {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
-#define /* no-check-names */ mbedtls_aesni_has_support(what) 1
+#define mbedtls_aesni_has_support(what) 1
 #endif
 
 /**

From 7802f65a285eace5ada98a71e616dfd349e172ad Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 7 Aug 2023 10:38:50 +0800
Subject: [PATCH 28/56] Add negative test for aesni only

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index d67b484b1..9cc2ab181 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3896,6 +3896,7 @@ component_test_aesni () { # ~ 60s
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
     ./programs/test/selftest aes | grep "AES note: using AESNI"
+    ./programs/test/selftest aes | grep -v "AES note: built-in implementation."
 }
 
 

From 5fcdd6a28a26a6d565178b055b2cfd3fa86673e7 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 7 Aug 2023 15:32:58 +0800
Subject: [PATCH 29/56] remove unnecessary definition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4929235ec..7c5c80621 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,16 +34,14 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && \
-    defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
+#if defined(MBEDTLS_HAVE_ASM) && defined(__aarch64__)
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
 #if defined(MBEDTLS_HAVE_ASM) && \
-    (defined(__amd64__) || defined(__x86_64__))   &&  \
-    !defined(MBEDTLS_HAVE_X86_64)
+    (defined(__amd64__) || defined(__x86_64__))
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From c4508c07f6e1894478b1db0923d86cc64a770516 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 12:57:06 +0800
Subject: [PATCH 30/56] improve error message and config check for padlock

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 7c5c80621..668f1d1e3 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -49,8 +49,8 @@
 
 #if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
 #endif
 #endif
 

From a7de78d050aa62197e105d963af926a1b82a64bb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 12:57:35 +0800
Subject: [PATCH 31/56] improve test

- `grep '^flags' /proc/cpuino` does not work in my local machine inside script.
- `make test programs/sleftest ` causes `strings | grep ` fail.

For timebeing, I did not figure out the root cause.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9cc2ab181..8464599e4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3849,7 +3849,7 @@ support_test_aesni() {
     # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux
     (gcc -v 2>&1 | grep Target | grep -q x86_64) &&
         [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] &&
-        (grep '^flags' /proc/cpuinfo | grep -qw aes)
+        (lscpu | grep -qw aes)
 }
 
 component_test_aesni () { # ~ 60s
@@ -3868,14 +3868,14 @@ component_test_aesni () { # ~ 60s
     # test the intrinsics implementation
     msg "AES tests, test intrinsics"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
     ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
 
     # test the asm implementation
     msg "AES tests, test assembly"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
     # check that we built assembly - this should be built if the compiler does not support intrinsics
     ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly"
 
@@ -3884,19 +3884,23 @@ component_test_aesni () { # ~ 60s
     scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, plain C"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
+    make CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
+    strings ./programs/test/selftest | not grep -q "AES note: using AESNI"
+    strings ./programs/test/selftest | grep -q "AES note: built-in implementation."
 
     # test the intrinsics implementation
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, test AESNI only"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
-    # check that we built intrinsics - this should be used by default when supported by the compiler
-    ./programs/test/selftest aes | grep "AES note: using AESNI"
-    ./programs/test/selftest aes | grep -v "AES note: built-in implementation."
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    strings ./programs/test/selftest | grep -q "AES note: using AESNI"
+    strings ./programs/test/selftest | not grep -q "AES note: built-in implementation."
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+
 }
 
 

From 76a51b99b6996106b4fd4d28390d69ba2d8f3bcc Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 16:03:55 +0800
Subject: [PATCH 32/56] replace strings command with grep

`strings | grep` will fail some time.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 8464599e4..508f0b05a 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3887,8 +3887,8 @@ component_test_aesni () { # ~ 60s
     make CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
-    strings ./programs/test/selftest | not grep -q "AES note: using AESNI"
-    strings ./programs/test/selftest | grep -q "AES note: built-in implementation."
+    not grep -q "AES note: using AESNI" ./programs/test/selftest
+    grep -q "AES note: built-in implementation." ./programs/test/selftest
 
     # test the intrinsics implementation
     scripts/config.py set MBEDTLS_AESNI_C
@@ -3896,10 +3896,11 @@ component_test_aesni () { # ~ 60s
     msg "AES tests, test AESNI only"
     make clean
     make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
-    strings ./programs/test/selftest | grep -q "AES note: using AESNI"
-    strings ./programs/test/selftest | not grep -q "AES note: built-in implementation."
     ./programs/test/selftest aes | grep -q "AES note: using AESNI"
     ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+
 
 }
 

From ba42b076f96f75deec965fc646ef068bc5cca670 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 12:53:26 +0800
Subject: [PATCH 33/56] Remove asm check for aarch64 aesce

we implement it with aesce intrinsic. No asm needed.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 668f1d1e3..bf7d6cb4c 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,7 +34,7 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__aarch64__)
+#if defined(__aarch64__)
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 13696bb07ba5a5de04ceef2857ad1f95bded8de4 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 13:36:32 +0800
Subject: [PATCH 34/56] improve check config option for i386

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/check_config.h | 4 ----
 library/aes.c                  | 7 +++++--
 library/padlock.c              | 4 ----
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7a8797107..e4fbb17d7 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -412,10 +412,6 @@
 #error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
-#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
 #error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
 #endif
diff --git a/library/aes.c b/library/aes.c
index bf7d6cb4c..52e361a28 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -47,11 +47,14 @@
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
-    !defined(MBEDTLS_HAVE_ASAN)
+#if defined(__i386__)
 #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
 #endif
+
+#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
+#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
+#endif
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C)
diff --git a/library/padlock.c b/library/padlock.c
index 38d110e0b..f42c40ff9 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,10 +33,6 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
-#endif
-
 /*
  * PadLock detection routine
  */

From 8189f3294589f246f9810683242018c8f5c9caca Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 13:53:41 +0800
Subject: [PATCH 35/56] improve aesni check for x86_64

`MBEDTLS_AESNI_C` does not depends on `MBEDTLS_HAVE_ASM`
when intrinsic is available.

And compiler relative checks only work on x86_64, it should
be only checked on x86_64.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c   |  3 +--
 library/aesni.h | 12 +++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 52e361a28..4cb9ce1c1 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -40,8 +40,7 @@
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && \
-    (defined(__amd64__) || defined(__x86_64__))
+#if defined(__amd64__) || defined(__x86_64__)
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
diff --git a/library/aesni.h b/library/aesni.h
index f461ae288..da97023cb 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -35,13 +35,13 @@
 /* Can we do AESNI with inline assembly?
  * (Only implemented with gas syntax, only for 64-bit.)
  */
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
-    (defined(__amd64__) || defined(__x86_64__))   &&  \
-    !defined(MBEDTLS_HAVE_X86_64)
+#if !defined(MBEDTLS_HAVE_X86_64) && \
+    (defined(__amd64__) || defined(__x86_64__) || \
+    defined(_M_X64) || defined(_M_AMD64))
 #define MBEDTLS_HAVE_X86_64
 #endif
 
-#if defined(MBEDTLS_AESNI_C)
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
 
 /* Can we do AESNI with intrinsics?
  * (Only implemented with certain compilers, only for certain targets.)
@@ -67,8 +67,10 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_X86_64)
+#elif defined(MBEDTLS_HAVE_ASM)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#else
+#error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"
 #endif
 
 #if defined(MBEDTLS_AESNI_HAVE_CODE)

From 240bb11171886b4ae36484c45a69c9623809758f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 11 Aug 2023 10:45:35 +0800
Subject: [PATCH 36/56] Add gnu check for aseni assembly code

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aesni.h b/library/aesni.h
index da97023cb..dc6444270 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -67,7 +67,7 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_ASM)
+#elif defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"

From e62ff095690ff0f45764f9e19c7973567f59f64f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 14:15:00 +0800
Subject: [PATCH 37/56] Restore aesni for i386

intrinsic code can be work on i386 also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c   |  9 +++++----
 library/aesni.h | 11 +++++++++--
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4cb9ce1c1..ebacc671a 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -40,15 +40,16 @@
 #endif
 #endif
 
-#if defined(__amd64__) || defined(__x86_64__)
+#if defined(__amd64__) || defined(__x86_64__) || \
+    defined(_M_X64) || defined(_M_AMD64)
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(__i386__)
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
+#if defined(__i386__) || defined(_M_IX86)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_AESNI_C)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
diff --git a/library/aesni.h b/library/aesni.h
index dc6444270..1cf01ec9e 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -41,7 +41,13 @@
 #define MBEDTLS_HAVE_X86_64
 #endif
 
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+#if !defined(MBEDTLS_HAVE_X86) && \
+    (defined(__i386__) || defined(_M_IX86))
+#define MBEDTLS_HAVE_X86
+#endif
+
+#if defined(MBEDTLS_AESNI_C) && \
+    (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86))
 
 /* Can we do AESNI with intrinsics?
  * (Only implemented with certain compilers, only for certain targets.)
@@ -67,7 +73,8 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__)
+#elif defined(MBEDTLS_HAVE_ASM) && \
+    defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"

From cc068ae6312ac7cb788abbbf3b3c3e0a78040840 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 16:07:57 +0800
Subject: [PATCH 38/56] fix `-Werror=return-type` when runtime detection
 enabled and plain c disabled

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/library/aes.c b/library/aes.c
index ebacc671a..4ea4d2267 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -655,6 +655,13 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+/* When runtime detection enabled and plain C is disabled, compiler
+   reports `-Werror=return-type`. */
+#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
+#endif
+
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
@@ -1101,6 +1108,13 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
+/* When runtime detection enabled and plain C is disabled, compiler
+   reports `-Werror=return-type`. */
+#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
+#endif
+
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);

From c628486cd93aa6ea50755e8afe059fd5ebb54664 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 16:08:42 +0800
Subject: [PATCH 39/56] enable runtime detection when padlock enabled and plain
 c disabled

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.c | 3 ++-
 library/aesni.h | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/aesni.c b/library/aesni.c
index cc3a3b3f3..427c2fdc6 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,8 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
+    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
 /*
  * AES-NI support detection routine
  */
diff --git a/library/aesni.h b/library/aesni.h
index 1cf01ec9e..9e0790572 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -97,7 +97,8 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
+    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define mbedtls_aesni_has_support(what) 1

From b6d39c2f8cba00eca52bc8d1081b7ddbb2c44b29 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 15:11:48 +0800
Subject: [PATCH 40/56] Add aesni test for i386

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 56 ++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 54 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 508f0b05a..ee639f71a 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3900,11 +3900,63 @@ component_test_aesni () { # ~ 60s
     ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
     grep -q "AES note: using AESNI" ./programs/test/selftest
     not grep -q "AES note: built-in implementation." ./programs/test/selftest
-
-
 }
 
 
+
+support_test_aesni_m32() {
+    support_test_m32_o0 && (lscpu | grep -qw aes)
+}
+
+component_test_aesni_m32 () { # ~ 60s
+    # This tests are duplicated from component_test_aesni for i386 target
+    #
+    # AESNI intrinsic code supports i386 and assembly code does not support it.
+
+    msg "build: default config with different AES implementations"
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    scripts/config.py set MBEDTLS_HAVE_ASM
+
+    # test the intrinsics implementation
+    msg "AES tests, test intrinsics"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    # check that we built intrinsics - this should be used by default when supported by the compiler
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    grep -q "AES note: built-in implementation." ./programs/test/selftest
+    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    grep -q mbedtls_aesni_has_support ./programs/test/selftest
+
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI and VIA Padlock enabled"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    grep -q mbedtls_aesni_has_support ./programs/test/selftest
+
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI only"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+    not grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    not grep -q mbedtls_aesni_has_support ./programs/test/selftest
+}
+
 # For timebeing, no aarch64 gcc available in CI and no arm64 CI node.
 component_build_aes_aesce_armcc () {
     msg "Build: AESCE test on arm64 platform without plain C."

From 506759f5cedcdc8288220476d1d297d239b2b0e2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:11:22 +0800
Subject: [PATCH 41/56] fix build fail for via padlock test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index ee639f71a..4fccdf1d6 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3989,9 +3989,11 @@ component_build_aes_aesce_armcc () {
 component_build_aes_via_padlock () {
 
     msg "AES:VIA PadLock, build with default configuration."
+    scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+    grep -q mbedtls_padlock_has_support ./programs/test/selftest
 
 }
 

From 3ce0398d1db329fbd88f217af6f7b5087b3abc35 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:22:18 +0800
Subject: [PATCH 42/56] Add compiler cflags error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/aesni.h b/library/aesni.h
index 9e0790572..93d9f0a13 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -76,6 +76,8 @@
 #elif defined(MBEDTLS_HAVE_ASM) && \
     defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#elif defined(__GNUC__)
+#   error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C"
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"
 #endif

From 516cf27d45cfb3e44960641e0924ca0a8461360f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:33:32 +0800
Subject: [PATCH 43/56] fix msvc build fail on i386 target

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4ea4d2267..38ecd821a 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -71,7 +71,7 @@
 
 #if !defined(MBEDTLS_AES_ALT)
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
 static int aes_padlock_ace = -1;
 #endif
 
@@ -578,7 +578,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 #if defined(MAY_NEED_TO_ALIGN)
     int align_16_bytes = 0;
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace == -1) {
         aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE);
     }
@@ -1102,7 +1102,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace > 0) {
         return mbedtls_padlock_xcryptecb(ctx, mode, input, output);
     }
@@ -1148,7 +1148,7 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
         return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
     }
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace > 0) {
         if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) {
             return 0;
@@ -1900,7 +1900,7 @@ int mbedtls_aes_self_test(int verbose)
 #if defined(MBEDTLS_AES_ALT)
         mbedtls_printf("  AES note: alternative implementation.\n");
 #else /* MBEDTLS_AES_ALT */
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
         if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
             mbedtls_printf("  AES note: using VIA Padlock.\n");
         } else

From bdd96b9adf5107c1e47fee26ec82fa118bffc790 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:34:27 +0800
Subject: [PATCH 44/56] disable aesni for componets without cpu modifiers

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 4fccdf1d6..9f64be2e7 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4272,6 +4272,7 @@ component_test_m32_o0 () {
     # build) and not the i386-specific inline assembly.
     msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
     scripts/config.py full
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, make, gcc -O0 (ASan build)"
@@ -4289,6 +4290,7 @@ component_test_m32_o2 () {
     # and go faster for tests.
     msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
     scripts/config.py full
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, make, gcc -O2 (ASan build)"
@@ -4304,6 +4306,7 @@ support_test_m32_o2 () {
 component_test_m32_everest () {
     msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
     scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
@@ -4757,6 +4760,7 @@ component_test_tls13_only_record_size_limit () {
 
 component_build_mingw () {
     msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
 
     # note Make tests only builds the tests, but doesn't run them

From 35b59d78056cea346d0cf3e3095a9689a3219831 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 10:34:15 +0800
Subject: [PATCH 45/56] exclude arm64ec mode for aesni

AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/aesni.h b/library/aesni.h
index 93d9f0a13..d0daaefb3 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -37,7 +37,8 @@
  */
 #if !defined(MBEDTLS_HAVE_X86_64) && \
     (defined(__amd64__) || defined(__x86_64__) || \
-    defined(_M_X64) || defined(_M_AMD64))
+    defined(_M_X64) || defined(_M_AMD64)) && \
+    !defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_X86_64
 #endif
 

From 2319af0d648045b973a502e287c6929063507e1d Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 10:38:57 +0800
Subject: [PATCH 46/56] Change the order of runtime detection

If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 38ecd821a..6ee9971d8 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1900,11 +1900,6 @@ int mbedtls_aes_self_test(int verbose)
 #if defined(MBEDTLS_AES_ALT)
         mbedtls_printf("  AES note: alternative implementation.\n");
 #else /* MBEDTLS_AES_ALT */
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
-        if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
-            mbedtls_printf("  AES note: using VIA Padlock.\n");
-        } else
-#endif
 #if defined(MBEDTLS_AESNI_HAVE_CODE)
 #if MBEDTLS_AESNI_HAVE_CODE == 1
         mbedtls_printf("  AES note: AESNI code present (assembly implementation).\n");
@@ -1917,6 +1912,11 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESNI.\n");
         } else
 #endif
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+        if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
+            mbedtls_printf("  AES note: using VIA Padlock.\n");
+        } else
+#endif
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
         if (mbedtls_aesce_has_support()) {
             mbedtls_printf("  AES note: using AESCE.\n");

From 9e628621b4e4ef95825d89552dc5444bb31158c2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 11:20:09 +0800
Subject: [PATCH 47/56] Add via padlock detection macro

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c     | 14 +++++++-------
 library/padlock.h |  2 ++
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 6ee9971d8..b99a8db92 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -71,7 +71,7 @@
 
 #if !defined(MBEDTLS_AES_ALT)
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
 static int aes_padlock_ace = -1;
 #endif
 
@@ -578,7 +578,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 #if defined(MAY_NEED_TO_ALIGN)
     int align_16_bytes = 0;
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace == -1) {
         aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE);
     }
@@ -1102,7 +1102,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace > 0) {
         return mbedtls_padlock_xcryptecb(ctx, mode, input, output);
     }
@@ -1110,8 +1110,8 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
 
 /* When runtime detection enabled and plain C is disabled, compiler
    reports `-Werror=return-type`. */
-#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) && defined(MBEDTLS_AESNI_HAVE_CODE)
     return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
 #endif
 
@@ -1148,7 +1148,7 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
         return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
     }
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace > 0) {
         if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) {
             return 0;
@@ -1912,7 +1912,7 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESNI.\n");
         } else
 #endif
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
         if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
             mbedtls_printf("  AES note: using VIA Padlock.\n");
         } else
diff --git a/library/padlock.h b/library/padlock.h
index b5f0d7d7a..ae5c48654 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -42,6 +42,8 @@
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
 
+#define MBEDTLS_VIA_PADLOCK_HAVE_CODE
+
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif

From 1b4c7eda8066d24704987190c3e4bace871c451a Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 11:25:17 +0800
Subject: [PATCH 48/56] add hardware only check for padlock

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index b99a8db92..968cd3138 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -52,7 +52,8 @@
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
+#if defined(MBEDTLS_PADLOCK_C) && \
+    (!defined(MBEDTLS_HAVE_ASM) || defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
 #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
 #endif
 #endif

From f258d17acda9da2c0dfb6bc3a4969433029ed66a Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 12:39:00 +0800
Subject: [PATCH 49/56] remove aesni + padlock - plain c tests

This test is not valid for padlock depends
on plain c

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9f64be2e7..a64c09efa 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3930,19 +3930,6 @@ component_test_aesni_m32 () { # ~ 60s
     grep -q "AES note: using VIA Padlock" ./programs/test/selftest
     grep -q mbedtls_aesni_has_support ./programs/test/selftest
 
-    scripts/config.py set MBEDTLS_AESNI_C
-    scripts/config.py set MBEDTLS_PADLOCK_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "AES tests, test AESNI and VIA Padlock enabled"
-    make clean
-    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
-    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
-    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
-    grep -q "AES note: using AESNI" ./programs/test/selftest
-    not grep -q "AES note: built-in implementation." ./programs/test/selftest
-    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
-    grep -q mbedtls_aesni_has_support ./programs/test/selftest
-
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY

From e9c6b53e74e2a316a6d3651b99fd0c4f6a7d37fb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 13:53:38 +0800
Subject: [PATCH 50/56] remove return-type when runtime detection enabled
 without plain c

This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 968cd3138..7a6f2d91c 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -656,13 +656,6 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
-/* When runtime detection enabled and plain C is disabled, compiler
-   reports `-Werror=return-type`. */
-#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
-    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
-#endif
-
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
@@ -1109,13 +1102,6 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-/* When runtime detection enabled and plain C is disabled, compiler
-   reports `-Werror=return-type`. */
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) && defined(MBEDTLS_AESNI_HAVE_CODE)
-    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
-#endif
-
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);

From 6c6b9f602c8b3673f0f453d4b0b0c1159454eced Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 16:53:01 +0800
Subject: [PATCH 51/56] Change document to match real status

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 3dcaa4614..2c04ea739 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,8 +4015,8 @@
  *
  * If only one implementation is present, runtime detection will not be used.
  * This configuration will crash at runtime if running on a CPU without the
- * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C,
- * MBEDTLS_AESNI_C and/or MBEDTLS_PADLOCK_C is enabled & present in the build.
+ * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
+ * and/or MBEDTLS_AESNI_C is enabled & present in the build.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 

From 3a0f044bdef4bd9556ede02ca9ce2039a92489b2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 17:06:21 +0800
Subject: [PATCH 52/56] improve readability

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 7a6f2d91c..5a2213733 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -620,9 +620,6 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    unsigned int i;
-#endif
     uint32_t *RK;
 
     switch (keybits) {
@@ -657,14 +654,14 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 #endif
 
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    for (i = 0; i < (keybits >> 5); i++) {
+    for (unsigned int i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
     }
 
     switch (ctx->nr) {
         case 10:
 
-            for (i = 0; i < 10; i++, RK += 4) {
+            for (unsigned int i = 0; i < 10; i++, RK += 4) {
                 RK[4]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] <<  8) ^
@@ -680,7 +677,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
         case 12:
 
-            for (i = 0; i < 8; i++, RK += 6) {
+            for (unsigned int i = 0; i < 8; i++, RK += 6) {
                 RK[6]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] <<  8) ^
@@ -697,7 +694,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 
         case 14:
 
-            for (i = 0; i < 7; i++, RK += 8) {
+            for (unsigned int i = 0; i < 7; i++, RK += 8) {
                 RK[8]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] <<  8) ^
@@ -735,7 +732,6 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    int i, j;
     uint32_t *SK;
 #endif
     int ret;
@@ -780,9 +776,9 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     *RK++ = *SK++;
     *RK++ = *SK++;
     *RK++ = *SK++;
-
-    for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) {
-        for (j = 0; j < 4; j++, SK++) {
+    SK -= 8;
+    for (int i = ctx->nr - 1; i > 0; i--, SK -= 8) {
+        for (int j = 0; j < 4; j++, SK++) {
             *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^
                     AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^
                     AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^

From 9608447545c5c7b72439a865a3b8c81406467f82 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 18:10:45 +0800
Subject: [PATCH 53/56] replace padlock_c with padlock_have_code

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 5a2213733..888ac0f29 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -567,7 +567,7 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
  * Note that the offset is in units of elements of buf, i.e. 32-bit words,
  * i.e. an offset of 1 means 4 bytes and so on.
  */
-#if (defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)) ||        \
+#if (defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)) ||        \
     (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
 #define MAY_NEED_TO_ALIGN
 #endif

From 372f7a04d0c346c086c4077bf9dd5f323f7d681f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:26:25 +0800
Subject: [PATCH 54/56] Add missing check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 888ac0f29..1e1039b3a 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -41,7 +41,7 @@
 #endif
 
 #if defined(__amd64__) || defined(__x86_64__) || \
-    defined(_M_X64) || defined(_M_AMD64)
+    ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 61fc5ed5f316cec0a6b7439c198b0de580f910e5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:28:48 +0800
Subject: [PATCH 55/56] improve readability of error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 1e1039b3a..63b36c54c 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -52,10 +52,15 @@
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && \
-    (!defined(MBEDTLS_HAVE_ASM) || defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
+#if defined(MBEDTLS_PADLOCK_C)
+#if !defined(MBEDTLS_HAVE_ASM)
 #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
 #endif
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY cannot be defined when " \
+    "MBEDTLS_PADLOCK_C is set"
+#endif
+#endif
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C)

From 0a6272d6c9f84d8397cf7d0cb3a8000558a01112 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:35:59 +0800
Subject: [PATCH 56/56] revert padlock from aesni module

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.c | 3 +--
 library/aesni.h | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/aesni.c b/library/aesni.c
index 427c2fdc6..cc3a3b3f3 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,8 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
-    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES-NI support detection routine
  */
diff --git a/library/aesni.h b/library/aesni.h
index d0daaefb3..332a0f072 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -100,8 +100,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
-    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define mbedtls_aesni_has_support(what) 1