rpm/openssl-1_1
SHA256
1
0
Fork 0
forked from pool/openssl-1_1
Code Pull Requests Activity

Accepting request 1042984 from home:ohollmann:branches:security:tls

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1042984
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=124
This commit is contained in:
Pedro Monreal Gonzalez 2022-12-14 20:20:45 +00:00 committed by Git OBS Bridge
parent 0ce74d253b
commit 93c266235b
1 changed files with 45 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch
View File

@ -12,8 +12,8 @@ Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19182)
---
crypto/evp/e_aes.c | 179 +++++++++++++++++++++++++++++++----------------------
1 file changed, 107 insertions(+), 72 deletions(-)
crypto/evp/e_aes.c | 146 ++++++++++++++++++++++++++---------------------------
1 file changed, 74 insertions(+), 72 deletions(-)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@ -113,10 +113,11 @@ Reviewed-by: Paul Dale <pauli@openssl.org>
#endif
#if defined(OPENSSL_CPUID_OBJ) && ( \
@@ -3294,9 +3224,114 @@ static int aes_gcm_tls_cipher(EVP_CIPHER
@@ -3294,6 +3224,51 @@ static int aes_gcm_tls_cipher(EVP_CIPHER
return rv;
}
+#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+static size_t ppc_aes_gcm_crypt(const unsigned char *in, unsigned char *out, size_t len,
+ const void *key, unsigned char ivec[16], u64 *Xi, int encrypt)
+{
@ -159,72 +160,49 @@ Reviewed-by: Paul Dale <pauli@openssl.org>
+
+ return ndone;
+}
+
+#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+static int ppc_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
+ if (ctx->encrypt) {
+ if (gctx->ctr != NULL) {
+ size_t bulk = 0;
+
+ if (len >= AES_GCM_ENC_BYTES && AES_GCM_ASM_PPC(gctx)) {
+ size_t res = (16 - gctx->gcm.mres) % 16;
+
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
+ return 0;
+
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
+ gctx->gcm.key,
+ gctx->gcm.Yi.c, gctx->gcm.Xi.u, 1);
+
+ gctx->gcm.len.u[1] += bulk;
+ bulk += res;
+ }
+ if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in + bulk, out + bulk,
+ len - bulk, gctx->ctr))
+ return 0;
+ } else {
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
+ return 0;
+ }
+ } else {
+ if (gctx->ctr != NULL) {
+ size_t bulk = 0;
+
+ if (len >= AES_GCM_DEC_BYTES && AES_GCM_ASM_PPC(gctx)) {
+ size_t res = (16 - gctx->gcm.mres) % 16;
+
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
+ return -1;
+
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
+ gctx->gcm.key,
+ gctx->gcm.Yi.c, gctx->gcm.Xi.u, 0);
+
+ gctx->gcm.len.u[1] += bulk;
+ bulk += res;
+ }
+ if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in + bulk, out + bulk,
+ len - bulk, gctx->ctr))
+ return 0;
+ } else {
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
+ return 0;
+ }
+ }
+ return 1;
+}
+#endif
+
static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
+#if defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+ if (PPC_AES_GCM_CAPABLE)
+ return ppc_aes_gcm_cipher(ctx, out, in, len);
+#endif
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
/* If not set up, return error */
if (!gctx->key_set)
@@ -3325,6 +3300,20 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX
out + res, len - res,
gctx->gcm.key, gctx->gcm.Yi.c,
gctx->gcm.Xi.u);
+
+ gctx->gcm.len.u[1] += bulk;
+ bulk += res;
+ }
+#elif defined(AES_GCM_ASM_PPC) && defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+ if (PPC_AES_GCM_CAPABLE && len >= AES_GCM_ENC_BYTES && AES_GCM_ASM_PPC(gctx)) {
+ size_t res = (16 - gctx->gcm.mres) % 16;
+
+ if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
+ return -1;
+
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
+ gctx->gcm.key,
+ gctx->gcm.Yi.c, gctx->gcm.Xi.u, 1);
gctx->gcm.len.u[1] += bulk;
bulk += res;
}
@@ -3372,6 +3361,19 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX
gctx->gcm.len.u[1] += bulk;
bulk += res;
}
+#elif defined(AES_GCM_ASM_PPC) && defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+ if (PPC_AES_GCM_CAPABLE && len >= AES_GCM_DEC_BYTES && AES_GCM_ASM_PPC(gctx)) {
+ size_t res = (16 - gctx->gcm.mres) % 16;
+
+ if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
+ return -1;
+
+ bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
+ gctx->gcm.key,
+ gctx->gcm.Yi.c, gctx->gcm.Xi.u, 0);
+ gctx->gcm.len.u[1] += bulk;
+ bulk += res;
+ }
#endif
if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
in + bulk,