aes: replace inline ASM with ARMv8 intrinsics

.github/workflows/aes.yml

@@ -217,7 +217,7 @@ jobs:
       matrix:
         include:
           - target: aarch64-unknown-linux-gnu
-            rust: 1.65.0 # MSRV
+            rust: 1.72.0 # MSRV for `aes_armv8`
     runs-on: ubuntu-latest
     # Cross mounts only current package, i.e. by default it ignores workspace's Cargo.toml
     defaults:

aes/src/armv8.rs

@@ -14,7 +14,6 @@ pub(crate) mod hazmat;
 
 mod encdec;
 mod expand;
-mod intrinsics;
 #[cfg(test)]
 mod test_expand;
 

aes/src/armv8/encdec.rs

@@ -4,12 +4,6 @@ use crate::{Block, Block8};
 use cipher::inout::InOut;
 use core::arch::aarch64::*;
 
-// Stable "polyfills" for unstable core::arch::aarch64 intrinsics
-// TODO(tarcieri): remove when these intrinsics have been stabilized
-use super::intrinsics::{
-    vaesdq_u8, vaesdq_u8_and_vaesimcq_u8, vaeseq_u8, vaeseq_u8_and_vaesmcq_u8,
-};
-
 /// Perform AES encryption using the given expanded keys.
 #[target_feature(enable = "aes")]
 #[target_feature(enable = "neon")]
@@ -25,8 +19,11 @@ pub(super) unsafe fn encrypt1<const N: usize>(
     let mut state = vld1q_u8(in_ptr as *const u8);
 
     for k in expanded_keys.iter().take(rounds - 1) {
-        // AES single round encryption and mix columns
-        state = vaeseq_u8_and_vaesmcq_u8(state, *k);
+        // AES single round encryption
+        state = vaeseq_u8(state, *k);
+
+        // Mix columns
+        state = vaesmcq_u8(state);
     }
 
     // AES single round encryption
@@ -65,8 +62,11 @@ pub(super) unsafe fn encrypt8<const N: usize>(
 
     for k in expanded_keys.iter().take(rounds - 1) {
         for i in 0..8 {
-            // AES single round encryption and mix columns
-            state[i] = vaeseq_u8_and_vaesmcq_u8(state[i], *k);
+            // AES single round encryption
+            state[i] = vaeseq_u8(state[i], *k);
+
+            // Mix columns
+            state[i] = vaesmcq_u8(state[i]);
         }
     }
 
@@ -95,8 +95,11 @@ pub(super) unsafe fn decrypt1<const N: usize>(
     let mut state = vld1q_u8(in_ptr as *const u8);
 
     for k in expanded_keys.iter().take(rounds - 1) {
-        // AES single round decryption and inverse mix columns
-        state = vaesdq_u8_and_vaesimcq_u8(state, *k);
+        // AES single round decryption
+        state = vaesdq_u8(state, *k);
+
+        // Inverse mix columns
+        state = vaesimcq_u8(state);
     }
 
     // AES single round decryption
@@ -135,8 +138,11 @@ pub(super) unsafe fn decrypt8<const N: usize>(
 
     for k in expanded_keys.iter().take(rounds - 1) {
         for i in 0..8 {
-            // AES single round decryption and inverse mix columns
-            state[i] = vaesdq_u8_and_vaesimcq_u8(state[i], *k);
+            // AES single round decryption
+            state[i] = vaesdq_u8(state[i], *k);
+
+            // Inverse mix columns
+            state[i] = vaesimcq_u8(state[i]);
         }
     }
 

aes/src/armv8/expand.rs

@@ -2,10 +2,6 @@
 
 use core::{arch::aarch64::*, mem, slice};
 
-// Stable "polyfills" for unstable core::arch::aarch64 intrinsics
-// TODO(tarcieri): remove when these intrinsics have been stabilized
-use super::intrinsics::{vaeseq_u8, vaesimcq_u8};
-
 /// There are 4 AES words in a block.
 const BLOCK_WORDS: usize = 4;
 

aes/src/armv8/hazmat.rs

@@ -7,9 +7,6 @@
 use crate::{Block, Block8};
 use core::arch::aarch64::*;
 
-// Stable "polyfills" for unstable core::arch::aarch64 intrinsics
-use super::intrinsics::{vaesdq_u8, vaeseq_u8, vaesimcq_u8, vaesmcq_u8};
-
 /// AES cipher (encrypt) round function.
 #[allow(clippy::cast_ptr_alignment)]
 #[target_feature(enable = "aes")]