forked from wolfSSL/wolfssl
Wycheproof testing of Aarch64 ASM
Fix which bytes are incremented for AES-GCM - only 4 bytes are counter. Fix Curve25519 to reduce to below modulus at end.
This commit is contained in:
Sean Parkinson
@ -1611,7 +1611,7 @@ static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
"LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
|
||||
@ -1659,7 +1659,7 @@ static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"EOR v15.16b, v17.16b, v15.16b \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
@ -1929,7 +1929,7 @@ static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
"LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
|
||||
@ -1981,7 +1981,7 @@ static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"EOR v15.16b, v17.16b, v15.16b \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
@ -2262,7 +2262,7 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
"LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
|
||||
@ -2318,7 +2318,7 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"REV64 v13.16b, v13.16b \n" /* network order */
|
||||
"EOR v15.16b, v17.16b, v15.16b \n"
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"ADD v13.2d, v13.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
|
||||
"RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
|
||||
"EXT v13.16b, v13.16b, v13.16b, #8 \n"
|
||||
"REV64 v13.16b, v13.16b \n" /* revert from network order */
|
||||
@ -2684,7 +2684,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"1: \n"
|
||||
"REV64 v12.16b, v12.16b \n" /* network order */
|
||||
"EXT v12.16b, v12.16b, v12.16b, #8 \n"
|
||||
"ADD v12.2d, v12.2d, v14.2d \n" /* add 1 to counter */
|
||||
"ADD v12.4s, v12.4s, v14.4s \n" /* add 1 to counter */
|
||||
"EXT v12.16b, v12.16b, v12.16b, #8 \n"
|
||||
"REV64 v12.16b, v12.16b \n" /* revert from network order */
|
||||
"MOV v0.16b, v12.16b \n"
|
||||
@ -2750,7 +2750,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"1: \n"
|
||||
"REV64 v14.16b, v14.16b \n" /* network order */
|
||||
"EXT v14.16b, v14.16b, v14.16b, #8 \n"
|
||||
"ADD v14.2d, v14.2d, v16.2d \n" /* add 1 to counter */
|
||||
"ADD v14.4s, v14.4s, v16.4s \n" /* add 1 to counter */
|
||||
"EXT v14.16b, v14.16b, v14.16b, #8 \n"
|
||||
"REV64 v14.16b, v14.16b \n" /* revert from network order */
|
||||
"MOV v0.16b, v14.16b \n"
|
||||
@ -2821,7 +2821,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
"1: \n"
|
||||
"REV64 v17.16b, v17.16b \n" /* network order */
|
||||
"EXT v17.16b, v17.16b, v17.16b, #8 \n"
|
||||
"ADD v17.2d, v17.2d, v18.2d \n" /* add 1 to counter */
|
||||
"ADD v17.4s, v17.4s, v18.4s \n" /* add 1 to counter */
|
||||
"EXT v17.16b, v17.16b, v17.16b, #8 \n"
|
||||
"REV64 v17.16b, v17.16b \n" /* revert from network order */
|
||||
"MOV v0.16b, v17.16b \n"
|
||||
|
||||
@ -2907,6 +2907,17 @@ L_curve25519_inv_8:
|
||||
adcs x15, x15, xzr
|
||||
adcs x16, x16, xzr
|
||||
adc x17, x17, xzr
|
||||
adds x4, x14, x3
|
||||
adcs x4, x15, xzr
|
||||
adcs x4, x16, xzr
|
||||
adc x4, x17, xzr
|
||||
and x4, x3, x4, asr 63
|
||||
adds x14, x14, x4
|
||||
adcs x15, x15, xzr
|
||||
mov x4, #0x7fffffffffffffff
|
||||
adcs x16, x16, xzr
|
||||
adc x17, x17, xzr
|
||||
and x17, x17, x4
|
||||
# Store
|
||||
stp x14, x15, [x0]
|
||||
stp x16, x17, [x0, #16]
|
||||
|
||||
@ -2782,6 +2782,17 @@ int curve25519(byte* r, const byte* n, const byte* a)
|
||||
"adcs x15, x15, xzr\n\t"
|
||||
"adcs x16, x16, xzr\n\t"
|
||||
"adc x17, x17, xzr\n\t"
|
||||
"adds x4, x14, x3\n\t"
|
||||
"adcs x4, x15, xzr\n\t"
|
||||
"adcs x4, x16, xzr\n\t"
|
||||
"adc x4, x17, xzr\n\t"
|
||||
"and x4, x3, x4, asr 63\n\t"
|
||||
"adds x14, x14, x4\n\t"
|
||||
"adcs x15, x15, xzr\n\t"
|
||||
"mov x4, #0x7fffffffffffffff\n\t"
|
||||
"adcs x16, x16, xzr\n\t"
|
||||
"adc x17, x17, xzr\n\t"
|
||||
"and x17, x17, x4\n\t"
|
||||
/* Store */
|
||||
"stp x14, x15, [%x[r]]\n\t"
|
||||
"stp x16, x17, [%x[r], #16]\n\t"
|
||||
|
||||
Reference in New Issue
Block a user