On Tue 09 Oct 2018 03:55:34 PM CEST, Daniel P. Berrangé wrote:
> On Tue, Oct 09, 2018 at 03:52:53PM +0200, Alberto Garcia wrote:
>> On Tue 09 Oct 2018 02:55:40 PM CEST, Daniel P. Berrangé wrote:
>> > -static void xts_mult_x(uint8_t *I)
>> > +static void xts_mult_x(xts_uint128 *I)
>> > {
>> > - int x;
>> > - uint8_t t, tt;
>> > + uint64_t tt;
>> >
>> > - for (x = t = 0; x < 16; x++) {
>> > - tt = I[x] >> 7;
>> > - I[x] = ((I[x] << 1) | t) & 0xFF;
>> > - t = tt;
>> > - }
>> > - if (tt) {
>> > - I[0] ^= 0x87;
>> > + tt = I->a >> 63;
>> > + I->a = I->a << 1;
>> > +
>> > + if (I->b >> 63) {
>> > + I->a ^= 0x87;
>> > }
>> > + I->b = (I->b << 1) | tt;
>> > }
>>
>> Does this work fine in big-endian CPUs?
>
> Hmm, that's a good question. I'd expect tests/test-crypto-xts to crash
> and burn if it doesn't, so guess I'll need to find somewhere to validate
> that.
I just tried in s390x:
/crypto/xts/t-1-key-32-ptx-32: **
ERROR:/home/berto/qemu/tests/test-crypto-xts.c:386:test_xts: assertion failed:
(memcmp(out, data->CTX, data->PTLEN) == 0)
Aborted
Berto
