aes: Implement ARMv9 backend

Author: silvanshade

.github/workflows/aes.yml

@@ -310,6 +310,37 @@ jobs:
       - run: cross test --package aes --target ${{ matrix.target }} --features hazmat
       - run: cross test --package aes --target ${{ matrix.target }} --all-features
 
+  armv9:
+    strategy:
+      matrix:
+        include:
+          - target: aarch64-unknown-linux-gnu
+            rustflags: ''
+            rust: 1.85.0 # MSRV
+          - target: aarch64-unknown-linux-gnu
+            rustflags: '-Ctarget-cpu=fujitsu-monaka -Ctarget-feature=+sve2-aes'
+            rust: nightly
+          - target: aarch64-unknown-linux-gnu
+            rustflags: '-Ctarget-cpu=fujitsu-monaka -Ctarget-feature=+sve2-aes --cfg=armv9_sve2_aes'
+            rust: nightly
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: .
+    steps:
+      - uses: actions/checkout@v4
+      - uses: RustCrypto/actions/cargo-cache@master
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - run: cargo install cross --git https://github.com/cross-rs/cross --rev e281947ca900da425e4ecea7483cfde646c8a1ea
+        env:
+          RUSTFLAGS: "-Dwarnings -Astatic-mut-refs"
+      - run: cross test --package aes --target ${{ matrix.target }}
+        env:
+          RUSTFLAGS: "-Dwarnings ${{ matrix.rustflags }}"
+
   clippy:
     env:
       RUSTFLAGS: "-Dwarnings --cfg aes_compact"

aes/Cargo.toml

@@ -31,7 +31,13 @@ hazmat = [] # Expose cryptographically hazardous APIs
 
 [lints.rust.unexpected_cfgs]
 level = "warn"
-check-cfg = ["cfg(aes_compact)", "cfg(aes_force_soft)", "cfg(aes_avx256_disable)", "cfg(aes_avx512_disable)"]
+check-cfg = [
+    "cfg(aes_compact)",
+    "cfg(aes_force_soft)",
+    "cfg(aes_avx256_disable)",
+    "cfg(aes_avx512_disable)",
+    "cfg(armv9_sve2_aes)",
+]
 
 [package.metadata.docs.rs]
 all-features = true

aes/src/armv8.rs

@@ -12,8 +12,8 @@
 #[cfg(feature = "hazmat")]
 pub(crate) mod hazmat;
 
-mod encdec;
-mod expand;
+pub(crate) mod encdec;
+pub(crate) mod expand;
 #[cfg(test)]
 mod test_expand;
 

aes/src/armv8/encdec.rs

@@ -13,7 +13,7 @@ use core::{arch::aarch64::*, mem};
 
 /// Perform AES encryption using the given expanded keys.
 #[target_feature(enable = "aes")]
-pub(super) unsafe fn encrypt<const KEYS: usize>(
+pub(crate) unsafe fn encrypt<const KEYS: usize>(
     keys: &[uint8x16_t; KEYS],
     block: InOut<'_, '_, Block>,
 ) {
@@ -38,7 +38,7 @@ pub(super) unsafe fn encrypt<const KEYS: usize>(
 
 /// Perform AES decryption using the given expanded keys.
 #[target_feature(enable = "aes")]
-pub(super) unsafe fn decrypt<const KEYS: usize>(
+pub(crate) unsafe fn decrypt<const KEYS: usize>(
     keys: &[uint8x16_t; KEYS],
     block: InOut<'_, '_, Block>,
 ) {

aes/src/armv8/expand.rs

@@ -57,7 +57,7 @@ pub unsafe fn expand_key<const L: usize, const N: usize>(key: &[u8; L]) -> [uint
 /// This is the reverse of the encryption keys, with the Inverse Mix Columns
 /// operation applied to all but the first and last expanded key.
 #[target_feature(enable = "aes")]
-pub(super) unsafe fn inv_expanded_keys<const N: usize>(keys: &[uint8x16_t; N]) -> [uint8x16_t; N] {
+pub unsafe fn inv_expanded_keys<const N: usize>(keys: &[uint8x16_t; N]) -> [uint8x16_t; N] {
     assert!(N == 11 || N == 13 || N == 15);
 
     let mut inv_keys: [uint8x16_t; N] = core::mem::zeroed();