From 78b58f65f1c94d7a5efbf191b4a6e8b6cc12ae66 Mon Sep 17 00:00:00 2001 From: Damjan Marion Date: Wed, 29 Jan 2020 10:31:26 +0100 Subject: [PATCH] crypto-native: don't expand aes-cbc keys twice Type: refactor Change-Id: If0d9ec70f9e8c228c39505864a4a73bf94b67479 Signed-off-by: Damjan Marion --- src/plugins/crypto_native/aes.h | 15 ++++++--------- src/plugins/crypto_native/aes_cbc.c | 3 +-- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/src/plugins/crypto_native/aes.h b/src/plugins/crypto_native/aes.h index d0923913034..d1b3104d981 100644 --- a/src/plugins/crypto_native/aes.h +++ b/src/plugins/crypto_native/aes.h @@ -196,23 +196,20 @@ aes_key_expand (__m128i * k, u8 * key, aes_key_size_t ks) static_always_inline void -aes_key_enc_to_dec (__m128i * k, aes_key_size_t ks) +aes_key_enc_to_dec (__m128i * ke, __m128i * kd, aes_key_size_t ks) { int rounds = AES_KEY_ROUNDS (ks); - __m128i r; - r = k[rounds]; - k[rounds] = k[0]; - k[0] = r; + kd[rounds] = ke[0]; + kd[0] = ke[rounds]; for (int i = 1; i < (rounds / 2); i++) { - r = k[rounds - i]; - k[rounds - i] = _mm_aesimc_si128 (k[i]); - k[i] = _mm_aesimc_si128 (r); + kd[rounds - i] = _mm_aesimc_si128 (ke[i]); + kd[i] = _mm_aesimc_si128 (ke[rounds - i]); } - k[rounds / 2] = _mm_aesimc_si128 (k[rounds / 2]); + kd[rounds / 2] = _mm_aesimc_si128 (ke[rounds / 2]); } #endif /* __aesni_h__ */ diff --git a/src/plugins/crypto_native/aes_cbc.c b/src/plugins/crypto_native/aes_cbc.c index c814b13725f..e60f53db92b 100644 --- a/src/plugins/crypto_native/aes_cbc.c +++ b/src/plugins/crypto_native/aes_cbc.c @@ -407,8 +407,7 @@ aesni_cbc_key_exp (vnet_crypto_key_t * key, aes_key_size_t ks) aes_cbc_key_data_t *kd; kd = clib_mem_alloc_aligned (sizeof (*kd), CLIB_CACHE_LINE_BYTES); aes_key_expand (e, key->data, ks); - aes_key_expand (d, key->data, ks); - aes_key_enc_to_dec (d, ks); + aes_key_enc_to_dec (e, d, ks); for (int i = 0; i < AES_KEY_ROUNDS (ks) + 1; i++) { #if __VAES__ -- 2.16.6