ia32-64/x86/encodekey128.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:svg="http://www.w3.org/2000/svg" xmlns:x86="http://www.felixcloutier.com/x86"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="style.css"></link><title>ENCODEKEY128
		— Encode 128-Bit Key With Key Locker</title></head><body><header><nav><ul><li><a href='index.html'>Index</a></li><li>December 2023</li></ul></nav></header><h1>ENCODEKEY128
		— Encode 128-Bit Key With Key Locker</h1>

<table>
<tr>
<th>Opcode/Instruction</th>
<th>Op/En</th>
<th>64/32-bit Mode</th>
<th>CPUID Feature Flag</th>
<th>Description</th></tr>
<tr>
<td>F3 0F 38 FA 11:rrr:bbb ENCODEKEY128 r32, r32, &lt;XMM0-2&gt;, &lt;XMM4-6&gt;</td>
<td>A</td>
<td>V/V</td>
<td>AESKLE</td>
<td>Wrap a 128-bit AES key from XMM0 into a key handle and output handle in XMM0—2.</td></tr></table>
<h2 id="instruction-operand-encoding">Instruction Operand Encoding<a class="anchor" href="#instruction-operand-encoding">
			¶
		</a></h2>
<table>
<tr>
<th>Op/En</th>
<th>Tuple</th>
<th>Operand 1</th>
<th>Operand 2</th>
<th>Operand 3</th>
<th>Operands 4—5</th>
<th>Operands 6—7</th></tr>
<tr>
<td>A</td>
<td>N/A</td>
<td>ModRM:reg (w)</td>
<td>ModRM:r/m (r)</td>
<td>Implicit XMM0 (r, w)</td>
<td>Implicit XMM1—2 (w)</td>
<td>Implicit XMM4—6 (w)</td></tr></table>
<h2 id="description">Description<a class="anchor" href="#description">
			¶
		</a></h2>
<p>The ENCODEKEY128<sup>1</sup> instruction wraps a 128-bit AES key from the implicit operand XMM0 into a key handle that is then stored in the implicit destination operands XMM0-2.</p>
<p>The explicit source operand specifies handle restrictions, if any.</p>
<p>The explicit destination operand is populated with information on the source of the key and its attributes. XMM4 through XMM6 are reserved for future usages and software should not rely upon them being zeroed.</p>
<h2 id="operation">Operation<a class="anchor" href="#operation">
			¶
		</a></h2>
<h4 id="encodekey128">ENCODEKEY128<a class="anchor" href="#encodekey128">
			¶
		</a></h4>
<pre>#GP (0) if a reserved bit<sup>2</sup> in SRC[31:0] is set
InputKey[127:0] := XMM0;
KeyMetadata[2:0] = SRC[2:0];
KeyMetadata[23:3] = 0;
    // Reserved for future usage
KeyMetadata[27:24] = 0;
    // KeyType is AES-128 (value of 0)
KeyMetadata[127:28] = 0;
    // Reserved for future usage
// KeyMetadata is the AAD input and InputKey is the Plaintext input for WrapKey128
Handle[383:0] := WrapKey128(InputKey[127:0], KeyMetadata[127:0], IWKey.Integrity Key[127:0], IWKey.Encryption Key[255:0]);
DEST[0] := IWKey.NoBackup;
DEST[4:1] := IWKey.KeySource[3:0];
DEST[31:5] = 0;
XMM0 := Handle[127:0]; // AAD
XMM1 := Handle[255:128]; // Integrity Tag
XMM2 := Handle[383:256]; // CipherText
/
XMM4 := 0;
/
XMM4 := 0;
R
XMM4 := 0;
e
XMM4 := 0;
s
XMM4 := 0;
e
XMM4 := 0;
r
XMM4 := 0;
v
XMM4 := 0;
e
XMM4 := 0;
d
XMM4 := 0;
f
XMM4 := 0;
o
XMM4 := 0;
r
XMM4 := 0;
f
XMM4 := 0;
u
XMM4 := 0;
t
XMM4 := 0;
u
XMM4 := 0;
r
XMM4 := 0;
e
XMM4 := 0;
XMM4 := 0;
/
XMM5 := 0;
/
XMM5 := 0;
R
XMM5 := 0;
e
XMM5 := 0;
s
XMM5 := 0;
e
XMM5 := 0;
r
XMM5 := 0;
v
XMM5 := 0;
e
XMM5 := 0;
d
XMM5 := 0;
f
XMM5 := 0;
o
XMM5 := 0;
r
XMM5 := 0;
f
XMM5 := 0;
u
XMM5 := 0;
t
XMM5 := 0;
u
XMM5 := 0;
r
XMM5 := 0;
e
XMM5 := 0;
XMM5 := 0;
/
XMM6 := 0;
/
XMM6 := 0;
R
XMM6 := 0;
e
XMM6 := 0;
s
XMM6 := 0;
e
XMM6 := 0;
r
XMM6 := 0;
v
XMM6 := 0;
e
XMM6 := 0;
d
XMM6 := 0;
f
XMM6 := 0;
o
XMM6 := 0;
r
XMM6 := 0;
f
XMM6 := 0;
u
XMM6 := 0;
t
XMM6 := 0;
u
XMM6 := 0;
r
XMM6 := 0;
e
XMM6 := 0;
XMM6 := 0;
RFLAGS.OF, SF, ZF, AF, PF, CF := 0;
</pre>
<blockquote>
<p>2. SRC[31:3] are currently reserved for future usages. SRC[2], which indicates a no-decrypt restriction, is reserved if CPUID.19H:EAX[2] is 0. SRC[1], which indicates a no-encrypt restriction, is reserved if CPUID.19H:EAX[1] is 0. SRC[0], which indicates a CPL0-only restriction, is reserved if CPUID.19H:EAX[0] is 0.</p></blockquote>
<h2 id="flags-affected">Flags Affected<a class="anchor" href="#flags-affected">
			¶
		</a></h2>
<p>All arithmetic flags (OF, SF, ZF, AF, PF, CF) are cleared to 0. Although they are cleared for the currently defined operations, future extensions may report information in the flags.</p>
<p>1. Further details on Key Locker and usage of this instruction can be found here:</p>
<h3 id="https---software-intel-com-content-www-us-en-develop-download-intel-key-locker-specification-html-">https://software.intel.com/content/www/us/en/develop/download/intel-key-locker-specification.html.<a class="anchor" href="#https---software-intel-com-content-www-us-en-develop-download-intel-key-locker-specification-html-">
			¶
		</a></h3>
<h2 id="intel-c-c++-compiler-intrinsic-equivalent">Intel C/C++ Compiler Intrinsic Equivalent<a class="anchor" href="#intel-c-c++-compiler-intrinsic-equivalent">
			¶
		</a></h2>
<pre>ENCODEKEY128 unsigned int _mm_encodekey128_u32(unsigned int htype, __m128i key, void* h);
</pre>
<h2 id="exceptions--all-operating-modes-">Exceptions (All Operating Modes)<a class="anchor" href="#exceptions--all-operating-modes-">
			¶
		</a></h2>
<p>#GP If reserved bit is set in source register value.</p>
<p>#UD If the LOCK prefix is used.</p>
<p>If CPUID.07H:ECX.KL[bit 23] = 0.</p>
<p>If CR4.KL = 0.</p>
<p>If CPUID.19H:EBX.AESKLE[bit 0] = 0.</p>
<p>If CR0.EM = 1.</p>
<p>If CR4.OSFXSR = 0.</p>
<p>#NM If CR0.TS = 1.</p><footer><p>
		This UNOFFICIAL, mechanically-separated, non-verified reference is provided for convenience, but it may be
		inc<span style="opacity: 0.2">omp</span>lete or b<sub>r</sub>oke<sub>n</sub> in various obvious or non-obvious
		ways. Refer to <a href="https://software.intel.com/en-us/download/intel-64-and-ia-32-architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4">Intel® 64 and IA-32 Architectures Software Developer’s Manual</a> for anything serious.
	</p></footer></body></html>