AES single round decryption
The AESD instruction reads a 16-byte state array from each 128-bit segment of the first source vector, together with a round key from the corresponding 128-bit segment of the second source vector. Each state array undergoes a single round of the AddRoundKey(), InvSubBytes() and InvShiftRows() transformations in accordance with the AES standard. Each updated state array is destructively placed in the corresponding segment of the first source vector. This instruction is unpredicated.
ID_AA64ZFR0_EL1.AES indicates whether this instruction is implemented.
This instruction is illegal when executed in Streaming SVE mode, unless FEAT_SME_FA64 is implemented and enabled.
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| 0 | 1 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 0 | 0 | 1 | Zm | Zdn | ||||||||
| size<1> | size<0> | ||||||||||||||||||||||||||||||
if !HaveSVE() || !HaveSVE2AES() then UNDEFINED; integer m = UInt(Zm); integer dn = UInt(Zdn);
| <Zdn> |
Is the name of the first source and destination scalable vector register, encoded in the "Zdn" field. |
| <Zm> |
Is the name of the second source scalable vector register, encoded in the "Zm" field. |
CheckNonStreamingSVEEnabled(); constant integer VL = CurrentVL; constant integer segments = VL DIV 128; bits(VL) operand1 = Z[dn, VL]; bits(VL) operand2 = Z[m, VL]; bits(VL) result; result = operand1 EOR operand2; for s = 0 to segments-1 Elem[result, s, 128] = AESInvSubBytes(AESInvShiftRows(Elem[result, s, 128])); Z[dn, VL] = result;
If PSTATE.DIT is 1:
Internal version only: aarchmrs v2023-12_rel, pseudocode v2023-12_rel, sve v2023-12_rel ; Build timestamp: 2023-12-15T16:46
Copyright © 2010-2023 Arm Limited or its affiliates. All rights reserved. This document is Non-Confidential.