diff options
| author | Andy Polyakov <appro@openssl.org> | 2011-10-14 09:15:19 +0000 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2011-10-14 09:15:19 +0000 |
| commit | 9ee5916d9768ccc8dd3117f5cbafe8aad826d309 (patch) | |
| tree | 27a774e60cf6b613f27e8dd6ca7d05736ddbcc15 /crypto | |
| parent | af9b610ceff61c7a5103f4d3ac33c1caa98e7b5f (diff) | |
| download | openssl-9ee5916d9768ccc8dd3117f5cbafe8aad826d309.tar.gz | |
aesni-x86[_64].pl: fix bug in CCM code.
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/aes/asm/aesni-x86.pl | 9 | ||||
| -rw-r--r-- | crypto/aes/asm/aesni-x86_64.pl | 7 |
2 files changed, 7 insertions, 9 deletions
diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl index f95bf520d3..3dc345b585 100644 --- a/crypto/aes/asm/aesni-x86.pl +++ b/crypto/aes/asm/aesni-x86.pl @@ -612,9 +612,10 @@ if ($PREFIX eq "aesni") { &shr ($rounds,1); &lea ($key_,&DWP(0,$key)); + &movdqa ($inout3,&QWP(0,"esp")); &movdqa ($inout0,$ivec); &mov ($rounds_,$rounds); - &movdqa ($inout3,&QWP(0,"esp")); + &pshufb ($ivec,$inout3); &set_label("ccm64_enc_outer"); &$movekey ($rndkey0,&QWP(0,$key_)); @@ -638,7 +639,6 @@ if ($PREFIX eq "aesni") { &aesenc ($cmac,$rndkey0); &$movekey ($rndkey0,&QWP(0,$key)); &jnz (&label("ccm64_enc2_loop")); - &pshufb ($ivec,$inout3); &aesenc ($inout0,$rndkey1); &aesenc ($cmac,$rndkey1); &paddq ($ivec,&QWP(16,"esp")); @@ -651,7 +651,7 @@ if ($PREFIX eq "aesni") { &movdqa ($inout0,$ivec); &movups (&QWP(0,$out),$in0); # save output &lea ($out,&DWP(16,$out)); - &pshufb ($ivec,$inout3); + &pshufb ($inout0,$inout3); &jnz (&label("ccm64_enc_outer")); &mov ("esp",&DWP(48,"esp")); @@ -702,7 +702,6 @@ if ($PREFIX eq "aesni") { { &call ("_aesni_encrypt1"); } &movups ($in0,&QWP(0,$inp)); # load inp &paddq ($ivec,&QWP(16,"esp")); - &pshufb ($ivec,$inout3); &lea ($inp,&QWP(16,$inp)); &jmp (&label("ccm64_dec_outer")); @@ -712,6 +711,7 @@ if ($PREFIX eq "aesni") { &mov ($rounds,$rounds_); &movups (&QWP(0,$out),$in0); # save output &lea ($out,&DWP(16,$out)); + &pshufb ($inout0,$inout3); &sub ($len,1); &jz (&label("ccm64_dec_break")); @@ -739,7 +739,6 @@ if ($PREFIX eq "aesni") { &paddq ($ivec,&QWP(16,"esp")); &aesenc ($inout0,$rndkey1); &aesenc ($cmac,$rndkey1); - &pshufb ($ivec,$inout3); &lea ($inp,&QWP(16,$inp)); &aesenclast ($inout0,$rndkey0); &aesenclast ($cmac,$rndkey0); diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl index 98c0dd55bf..499f3b3f42 100644 --- a/crypto/aes/asm/aesni-x86_64.pl +++ b/crypto/aes/asm/aesni-x86_64.pl @@ -849,6 +849,7 @@ $code.=<<___; movdqu ($cmac),$inout1 movdqa $iv,$inout0 mov $rounds,$rnds_ + pshufb $bswap_mask,$iv jmp .Lccm64_enc_outer .align 16 .Lccm64_enc_outer: @@ -873,7 +874,6 @@ $code.=<<___; aesenc $rndkey0,$inout1 $movkey 0($key),$rndkey0 jnz .Lccm64_enc2_loop - pshufb $bswap_mask,$iv aesenc $rndkey1,$inout0 aesenc $rndkey1,$inout1 paddq $increment,$iv @@ -886,7 +886,7 @@ $code.=<<___; movdqa $iv,$inout0 movups $in0,($out) # save output lea 16($out),$out - pshufb $bswap_mask,$iv + pshufb $bswap_mask,$inout0 jnz .Lccm64_enc_outer movups $inout1,($cmac) @@ -934,7 +934,6 @@ ___ $code.=<<___; movups ($inp),$in0 # load inp paddq $increment,$iv - pshufb $bswap_mask,$iv lea 16($inp),$inp jmp .Lccm64_dec_outer .align 16 @@ -944,6 +943,7 @@ $code.=<<___; mov $rnds_,$rounds movups $in0,($out) # save output lea 16($out),$out + pshufb $bswap_mask,$inout0 sub \$1,$len jz .Lccm64_dec_break @@ -971,7 +971,6 @@ $code.=<<___; paddq $increment,$iv aesenc $rndkey1,$inout0 aesenc $rndkey1,$inout1 - pshufb $bswap_mask,$iv lea 16($inp),$inp aesenclast $rndkey0,$inout0 aesenclast $rndkey0,$inout1 |