qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] target/riscv: Use existing lookup tables for AES MixColumns

From: Richard Henderson
Subject: Re: [PATCH] target/riscv: Use existing lookup tables for AES MixColumns
Date: Thu, 27 Jul 2023 09:40:42 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 
On 7/27/23 00:03, Ard Biesheuvel wrote:

@@ -606,8 +606,7 @@ static const uint32_t AES_Te4[256] = {
      0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
      0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
  };
-
-static const uint32_t AES_Td0[256] = {
+const uint32_t AES_Td0[256] = {


Don't drop the blank line.


@@ -62,18 +39,21 @@ static inline target_ulong aes32_operation(target_ulong 
shamt,
      if (enc) {
          so = AES_sbox[si];
          if (mix) {
-            mixed = aes_mixcolumn_byte(so, true);
+            mixed = AES_Te0[si];
          } else {
              mixed = so;
          }
      } else {
          so = AES_isbox[si];
          if (mix) {
-            mixed = aes_mixcolumn_byte(so, false);
+            mixed = AES_Td0[si];
          } else {
              mixed = so;
          }
      }
+    if (!HOST_BIG_ENDIAN && mix) {
+        mixed = bswap32(mixed);
+    }
      mixed = rol32(mixed, shamt);


Better as

    if (enc) {
        if (mix) {
            mixed = be32_to_cpu(AES_Te0[si]);
        } else {
            mixed = AES_sbox[si];
        }
    } else {
        ...
    }
    mixed = rol32(mixed, shamt);

But thanks for the update -- I had ignored rv32 when doing the other AES bits.

r~
reply via email to
[Prev in Thread] Current Thread [Next in Thread]