-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/08/14 01:06, Denis Krienbühl wrote: > I did that and got the following results: > > (gdb) p key $1 = (const uint8_t *) 0xbfa8a85c "" > > (gdb) p rkeys $2 = (__m128i *) 0x8a8b7c8 Thanks, that's exactly what I was hoping to see. The problem is that the SSE instructions used require the AES round keys to be stored aligned to 16-byte boundaries, and the malloc on your system is providing unaligned allocations. Can you try the attached patch? In a clean source tree, # patch < rkeys-align.patch # make all and then you should find that it works again. - -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iEYEARECAAYFAlQ145kACgkQOM7KaQxqam4z8ACdHZ9lOrEoKKrAm4G2ucfM3XbJ bLQAni51EQ3YfuDHbfkwbbcGNrlzj0Qt =ripw -----END PGP SIGNATURE-----
Index: libcperciva/crypto/crypto_aes_aesni.c
===================================================================
--- libcperciva/crypto/crypto_aes_aesni.c (revision 177)
+++ libcperciva/crypto/crypto_aes_aesni.c (working copy)
@@ -13,7 +13,8 @@
/* Expanded-key structure. */
struct crypto_aes_key_aesni {
- __m128i rkeys[15];
+ uint8_t rkeys_buf[15 * sizeof(__m128i) + (sizeof(__m128i) - 1)];
+ __m128i * rkeys;
size_t nr;
};
@@ -143,11 +144,17 @@
crypto_aes_key_expand_aesni(const uint8_t * key, size_t len)
{
struct crypto_aes_key_aesni * kexp;
+ size_t rkey_offset;
/* Allocate structure. */
if ((kexp = malloc(sizeof(struct crypto_aes_key_aesni))) == NULL)
goto err0;
+ /* Figure out where to put the round keys. */
+ rkey_offset = (uintptr_t)(&kexp->rkeys_buf[0]) % sizeof(__m128i);
+ rkey_offset = (sizeof(__m128i) - rkey_offset) % sizeof(__m128i);
+ kexp->rkeys = &kexp->rkeys_buf[rkey_offset];
+
/* Compute round keys. */
if (len == 16) {
kexp->nr = 10;
Attachment:
rkeys-align.patch.sig
Description: Binary data