1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
diff --git a/lib/accelerated/intel/aes-x86.c b/lib/accelerated/intel/aes-x86.c
index 6801e7e..ff5b714 100644
--- a/lib/accelerated/intel/aes-x86.c
+++ b/lib/accelerated/intel/aes-x86.c
@@ -40,6 +40,10 @@ struct aes_ctx
uint8_t iv[16];
};
+#define AESNI_MIN_ALIGN 16
+#define AESNI_ALIGN(x) \
+ ((void *)(((size_t)(x)+AESNI_MIN_ALIGN-1)&~(AESNI_MIN_ALIGN-1)))
+
static int
aes_cipher_init (gnutls_cipher_algorithm_t algorithm, void **_ctx)
{
@@ -69,11 +73,11 @@ aes_cipher_setkey (void *_ctx, const void *userkey, size_t keysize)
struct aes_ctx *ctx = _ctx;
int ret;
- ret = aesni_set_encrypt_key (userkey, keysize * 8, &ctx->expanded_key);
+ ret = aesni_set_encrypt_key (userkey, keysize * 8, AESNI_ALIGN(&ctx->expanded_key));
if (ret != 0)
return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
- ret = aesni_set_decrypt_key (userkey, keysize * 8, &ctx->expanded_key_dec);
+ ret = aesni_set_decrypt_key (userkey, keysize * 8, AESNI_ALIGN(&ctx->expanded_key_dec));
if (ret != 0)
return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
@@ -95,7 +99,7 @@ aes_encrypt (void *_ctx, const void *src, size_t src_size,
{
struct aes_ctx *ctx = _ctx;
- aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key, ctx->iv, 1);
+ aesni_cbc_encrypt (src, dst, src_size, AESNI_ALIGN(&ctx->expanded_key), ctx->iv, 1);
return 0;
}
@@ -105,7 +109,7 @@ aes_decrypt (void *_ctx, const void *src, size_t src_size,
{
struct aes_ctx *ctx = _ctx;
- aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key_dec, ctx->iv, 0);
+ aesni_cbc_encrypt (src, dst, src_size, AESNI_ALIGN(&ctx->expanded_key_dec), ctx->iv, 0);
return 0;
}
diff --git a/lib/accelerated/intel/aes-x86.h b/lib/accelerated/intel/aes-x86.h
index 8f49ff3..20a169e 100644
--- a/lib/accelerated/intel/aes-x86.h
+++ b/lib/accelerated/intel/aes-x86.h
@@ -11,10 +11,11 @@ void register_x86_crypto (void);
# define ALIGN16
#endif
+#define AES_KEY_ALIGN_SIZE 8
#define AES_MAXNR 14
typedef struct
{
- uint32_t ALIGN16 rd_key[4 * (AES_MAXNR + 1)];
+ uint32_t rd_key[4 * (AES_MAXNR + 1)+AES_KEY_ALIGN_SIZE];
int rounds;
} AES_KEY;
|