packages/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix SM4-XTS aarch64 assembly implementation bug

Browse Source
This commit is contained in:
Xu Yizhou 2024-01-31 15:35:50 +08:00
parent a36eeb879f
commit 66bbb385ec
2 changed files with 135 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
Backport-Fix-SM4-XTS-aarch64-assembly-implementation-bug.patch Normal file
View File

@ -0,0 +1,129 @@
From de6d5b002f8deffe39d3596e88e380eed1a3d6a4 Mon Sep 17 00:00:00 2001
From: Xu Yizhou <xuyizhou1@huawei.com>
Date: Thu, 18 Jan 2024 17:35:11 +0800
Subject: [PATCH] Fix SM4-XTS aarch64 assembly implementation bug
When macro VPSM4_CAPABLE or VPSM4_EX_CAPABLE is enabled,
the GB variant of the SM4-XTS algorithm will encounter errors when
encrypting or decrypting messages with a length greater than 16
bytes but less than 32 bytes.
The OpenSSL has similar issue, the corresponding
solutions can be found in this [PR]
(https://github.com/openssl/openssl/pull/23317).
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
---
crypto/sm4/asm/vpsm4-armv8.pl | 12 ++++++------
crypto/sm4/asm/vpsm4_ex-armv8.pl | 12 ++++++------
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/crypto/sm4/asm/vpsm4-armv8.pl b/crypto/sm4/asm/vpsm4-armv8.pl
index d30e78f..2bacf9c 100755
--- a/crypto/sm4/asm/vpsm4-armv8.pl
+++ b/crypto/sm4/asm/vpsm4-armv8.pl
@@ -1477,7 +1477,7 @@ $code.=<<___;
cmp $remain,0
b.eq .return${std}
-// This brance calculates the last two tweaks,
+// This brance calculates the last two tweaks,
// while the encryption/decryption length is larger than 32
.last_2blks_tweak${std}:
ld1 {@tweak[0].4s},[$ivp]
@@ -1489,13 +1489,13 @@ $code.=<<___;
b .check_dec${std}
-// This brance calculates the last two tweaks,
+// This brance calculates the last two tweaks,
// while the encryption/decryption length is equal to 32, who only need two tweaks
.only_2blks_tweak${std}:
mov @tweak[1].16b,@tweak[0].16b
___
&rev32_armeb(@tweak[1],@tweak[1]);
- &compute_tweak_vec(@tweak[1],@tweak[2]);
+ &compute_tweak_vec(@tweak[1],@tweak[2],$std);
$code.=<<___;
b .check_dec${std}
@@ -1505,12 +1505,12 @@ $code.=<<___;
.check_dec${std}:
// encryption:1 decryption:0
cmp $enc,1
- b.eq .prcess_last_2blks${std}
+ b.eq .process_last_2blks${std}
mov @vtmp[0].16B,@tweak[1].16b
mov @tweak[1].16B,@tweak[2].16b
mov @tweak[2].16B,@vtmp[0].16b
-.prcess_last_2blks${std}:
+.process_last_2blks${std}:
___
&rev32_armeb(@tweak[1],@tweak[1]);
&rev32_armeb(@tweak[2],@tweak[2]);
@@ -1532,7 +1532,7 @@ $code.=<<___;
strb $wtmp1,[$lastBlk,$remain]
strb $wtmp0,[$outp,$remain]
b.gt .loop${std}
- ld1 {@data[0].4s}, [$lastBlk]
+ ld1 {@data[0].4s}, [$lastBlk]
eor @data[0].16b, @data[0].16b, @tweak[2].16b
___
&rev32(@data[0],@data[0]);
diff --git a/crypto/sm4/asm/vpsm4_ex-armv8.pl b/crypto/sm4/asm/vpsm4_ex-armv8.pl
index f2d5b6d..727e0f2 100644
--- a/crypto/sm4/asm/vpsm4_ex-armv8.pl
+++ b/crypto/sm4/asm/vpsm4_ex-armv8.pl
@@ -1452,7 +1452,7 @@ $code.=<<___;
cmp $remain,0
b.eq .return${std}
-// This brance calculates the last two tweaks,
+// This brance calculates the last two tweaks,
// while the encryption/decryption length is larger than 32
.last_2blks_tweak${std}:
___
@@ -1463,13 +1463,13 @@ $code.=<<___;
b .check_dec${std}
-// This brance calculates the last two tweaks,
+// This brance calculates the last two tweaks,
// while the encryption/decryption length is equal to 32, who only need two tweaks
.only_2blks_tweak${std}:
mov @tweak[1].16b,@tweak[0].16b
___
&rev32_armeb(@tweak[1],@tweak[1]);
- &compute_tweak_vec(@tweak[1],@tweak[2]);
+ &compute_tweak_vec(@tweak[1],@tweak[2],$std);
$code.=<<___;
b .check_dec${std}
@@ -1479,12 +1479,12 @@ $code.=<<___;
.check_dec${std}:
// encryption:1 decryption:0
cmp $enc,1
- b.eq .prcess_last_2blks${std}
+ b.eq .process_last_2blks${std}
mov @vtmp[0].16B,@tweak[1].16b
mov @tweak[1].16B,@tweak[2].16b
mov @tweak[2].16B,@vtmp[0].16b
-.prcess_last_2blks${std}:
+.process_last_2blks${std}:
___
&rev32_armeb(@tweak[1],@tweak[1]);
&rev32_armeb(@tweak[2],@tweak[2]);
@@ -1506,7 +1506,7 @@ $code.=<<___;
strb $wtmp1,[$lastBlk,$remain]
strb $wtmp0,[$outp,$remain]
b.gt .loop${std}
- ld1 {@data[0].4s}, [$lastBlk]
+ ld1 {@data[0].4s}, [$lastBlk]
eor @data[0].16b, @data[0].16b, @tweak[2].16b
___
&rev32(@data[0],@data[0]);
--
2.27.0

6
openssl.spec
View File

@ -2,7 +2,7 @@
Name: openssl Name: openssl
Epoch: 1 Epoch: 1
Version: 3.0.9 Version: 3.0.9
Release: 5 Release: 6
Summary: Cryptography and SSL/TLS Toolkit Summary: Cryptography and SSL/TLS Toolkit
License: OpenSSL and SSLeay License: OpenSSL and SSLeay
URL: https://www.openssl.org/ URL: https://www.openssl.org/
@ -34,6 +34,7 @@ Patch22: Backport-support-decode-SM2-parameters.patch
Patch23: Feature-support-SM2-CMS-signature.patch Patch23: Feature-support-SM2-CMS-signature.patch
Patch24: Feature-use-default-id-if-SM2-id-is-not-set.patch Patch24: Feature-use-default-id-if-SM2-id-is-not-set.patch
Patch25: backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch Patch25: backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch
Patch26: Backport-Fix-SM4-XTS-aarch64-assembly-implementation-bug.patch
BuildRequires: gcc gcc-c++ perl make lksctp-tools-devel coreutils util-linux zlib-devel BuildRequires: gcc gcc-c++ perl make lksctp-tools-devel coreutils util-linux zlib-devel
Requires: coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
@ -234,6 +235,9 @@ make test || :
%ldconfig_scriptlets libs %ldconfig_scriptlets libs
%changelog %changelog
* Thu Jan 18 2024 Xu Yizhou <xuyizhou1@huawei.com> - 1:3.0.9-6
- Fix SM4-XTS aarch64 assembly implementation bug
* Fri Sep 22 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:3.0.9-5 * Fri Sep 22 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:3.0.9-5
- Backport some upstream patches - Backport some upstream patches