From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH 6/6] crypto: arm/aes-ce - update IV after partial final CTR block
Date: Thu, 14 Feb 2019 00:03:55 -0800 [thread overview]
Message-ID: <20190214080355.8112-7-ebiggers@kernel.org> (raw)
In-Reply-To: <20190214080355.8112-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Make the arm ctr-aes-ce algorithm update the IV buffer to contain the
next counter after processing a partial final block, rather than leave
it as the last counter. This makes ctr-aes-ce pass the updated AES-CTR
tests. This change also makes the code match the arm64 version in
arch/arm64/crypto/aes-modes.S more closely.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
arch/arm/crypto/aes-ce-core.S | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/arch/arm/crypto/aes-ce-core.S b/arch/arm/crypto/aes-ce-core.S
index ba8e6a32fdc9..bc53bcaa772e 100644
--- a/arch/arm/crypto/aes-ce-core.S
+++ b/arch/arm/crypto/aes-ce-core.S
@@ -317,25 +317,27 @@ ENTRY(ce_aes_ctr_encrypt)
.Lctrloop:
vmov q0, q6
bl aes_encrypt
- subs r4, r4, #1
- bmi .Lctrtailblock @ blocks < 0 means tail block
- vld1.8 {q3}, [r1]!
- veor q3, q0, q3
- vst1.8 {q3}, [r0]!
adds r6, r6, #1 @ increment BE ctr
rev ip, r6
vmov s27, ip
bcs .Lctrcarry
- teq r4, #0
+
+.Lctrcarrydone:
+ subs r4, r4, #1
+ bmi .Lctrtailblock @ blocks < 0 means tail block
+ vld1.8 {q3}, [r1]!
+ veor q3, q0, q3
+ vst1.8 {q3}, [r0]!
bne .Lctrloop
+
.Lctrout:
- vst1.8 {q6}, [r5]
+ vst1.8 {q6}, [r5] @ return next CTR value
pop {r4-r6, pc}
.Lctrtailblock:
- vst1.8 {q0}, [r0, :64] @ return just the key stream
- pop {r4-r6, pc}
+ vst1.8 {q0}, [r0, :64] @ return the key stream
+ b .Lctrout
.Lctrcarry:
.irp sreg, s26, s25, s24
@@ -344,11 +346,9 @@ ENTRY(ce_aes_ctr_encrypt)
adds ip, ip, #1
rev ip, ip
vmov \sreg, ip
- bcc 0f
+ bcc .Lctrcarrydone
.endr
-0: teq r4, #0
- beq .Lctrout
- b .Lctrloop
+ b .Lctrcarrydone
ENDPROC(ce_aes_ctr_encrypt)
/*
--
2.20.1
next prev parent reply other threads:[~2019-02-14 8:04 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-14 8:03 [PATCH 0/6] crypto: test that CBC and CTR update the IV Eric Biggers
2019-02-14 8:03 ` [PATCH 1/6] crypto: testmgr - remove extra bytes from 3DES-CTR IVs Eric Biggers
2019-02-14 8:03 ` [PATCH 2/6] crypto: testmgr - support checking skcipher output IV Eric Biggers
2019-02-14 8:03 ` [PATCH 3/6] crypto: testmgr - add iv_out to all CBC test vectors Eric Biggers
2019-02-14 8:03 ` [PATCH 4/6] crypto: testmgr - add iv_out to all CTR " Eric Biggers
2019-02-14 8:03 ` [PATCH 5/6] crypto: arm64/aes-blk - update IV after partial final CTR block Eric Biggers
2019-02-14 8:14 ` Ard Biesheuvel
2019-02-14 8:28 ` Eric Biggers
2019-02-14 8:33 ` Ard Biesheuvel
2019-02-14 8:43 ` Eric Biggers
2019-02-14 8:03 ` Eric Biggers [this message]
2019-02-22 12:00 ` [PATCH 0/6] crypto: test that CBC and CTR update the IV Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190214080355.8112-7-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.