[Core] Implement SIMD for AesGcm in ARMv8

Linwenxuan04 · Linwenxuan04 · commit b32406190189 · 2026-03-23T18:26:52.000+08:00
diff --git a/Lagrange.Core/Utility/Cryptography/AesGcmProvider.cs b/Lagrange.Core/Utility/Cryptography/AesGcmProvider.cs
@@ -1,5 +1,6 @@
 using System.Buffers.Binary;
 using System.Runtime.CompilerServices;
+using System.Runtime.Intrinsics.Arm;
 using System.Runtime.Intrinsics.X86;
 using System.Security.Cryptography;
 
@@ -152,23 +153,22 @@ private unsafe void TransformBlockHardware(ReadOnlySpan<byte> input, Span<byte>
             }
             else if (System.Runtime.Intrinsics.Arm.Aes.IsSupported)
             {
-                /*var block = AdvSimd.LoadVector128(pInput);
-                var state = AdvSimd.LoadVector128(pRoundKey);
+                var state = AdvSimd.LoadVector128(pInput);
 
-                state = AdvSimd.Xor(block, state);
-
-                for (int round = 1; round < Nr; round++)
+                for (int round = 0; round < Nr - 1; round++)
                 {
                     var roundKey = AdvSimd.LoadVector128(pRoundKey + round * BlockSize);
                     state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, roundKey);
                     state = System.Runtime.Intrinsics.Arm.Aes.MixColumns(state);
                 }
 
-                var lastRoundKey = AdvSimd.LoadVector128(pRoundKey + Nr * BlockSize);
-                state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, lastRoundKey);
+                var penultimateKey = AdvSimd.LoadVector128(pRoundKey + (Nr - 1) * BlockSize);
+                state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, penultimateKey);
+
+                var lastKey = AdvSimd.LoadVector128(pRoundKey + Nr * BlockSize);
+                state = AdvSimd.Xor(state, lastKey);
 
-                AdvSimd.Store(pOutput, state);*/
-                TransformBlockSoftware(input, output); // Fallback to software implementation if ARM AES is not supported
+                AdvSimd.Store(pOutput, state);
             }
             else
             {

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`using System.Buffers.Binary;`
`2`	`2`	`using System.Runtime.CompilerServices;`
	`3`	`+using System.Runtime.Intrinsics.Arm;`
`3`	`4`	`using System.Runtime.Intrinsics.X86;`
`4`	`5`	`using System.Security.Cryptography;`
`5`	`6`
`@@ -152,23 +153,22 @@ private unsafe void TransformBlockHardware(ReadOnlySpan<byte> input, Span<byte>`
`152`	`153`	`}`
`153`	`154`	`else if (System.Runtime.Intrinsics.Arm.Aes.IsSupported)`
`154`	`155`	`{`
`155`		`- /*var block = AdvSimd.LoadVector128(pInput);`
`156`		`- var state = AdvSimd.LoadVector128(pRoundKey);`
	`156`	`+ var state = AdvSimd.LoadVector128(pInput);`
`157`	`157`
`158`		`- state = AdvSimd.Xor(block, state);`
`159`		`-`
`160`		`- for (int round = 1; round < Nr; round++)`
	`158`	`+ for (int round = 0; round < Nr - 1; round++)`
`161`	`159`	`{`
`162`	`160`	`var roundKey = AdvSimd.LoadVector128(pRoundKey + round * BlockSize);`
`163`	`161`	`state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, roundKey);`
`164`	`162`	`state = System.Runtime.Intrinsics.Arm.Aes.MixColumns(state);`
`165`	`163`	`}`
`166`	`164`
`167`		`- var lastRoundKey = AdvSimd.LoadVector128(pRoundKey + Nr * BlockSize);`
`168`		`- state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, lastRoundKey);`
	`165`	`+ var penultimateKey = AdvSimd.LoadVector128(pRoundKey + (Nr - 1) * BlockSize);`
	`166`	`+ state = System.Runtime.Intrinsics.Arm.Aes.Encrypt(state, penultimateKey);`
	`167`	`+`
	`168`	`+ var lastKey = AdvSimd.LoadVector128(pRoundKey + Nr * BlockSize);`
	`169`	`+ state = AdvSimd.Xor(state, lastKey);`
`169`	`170`
`170`		`- AdvSimd.Store(pOutput, state);*/`
`171`		`- TransformBlockSoftware(input, output); // Fallback to software implementation if ARM AES is not supported`
	`171`	`+ AdvSimd.Store(pOutput, state);`
`172`	`172`	`}`
`173`	`173`	`else`
`174`	`174`	`{`