On Wed, Sep 6, 2017 at 11:37 PM, Jeffrey Walton <noloa...@gmail.com> wrote: > Hi Everyone, > > I'm on gcc rather than gcc-help because we need to talk with some GCC > devs who can help take this further. > > I have implementation for AES on Power 8 using GCC's built-ins. Its > available for inspection and download at > https://github.com/noloader/AES-Power8. The problem is, it does not > arrive at the correct results on GCC112 (ppc64-le) or GCC119 (AIX, big > endian). > > The source file is the reduced, minimal test case. It uses > pre-caclulated subkeys so we've removed that variable from the > equation. It also uses the null vector (string of 0's) as the message, > so that variable has been removed from the equation too. > > About all we are left with is loading a subkey, calling vcipher to > perform a single round of encryption, and assigning the result back to > a variable. Lather, rinse, repeat. > > For the crypto side of things I've consulted with Andy Polyakov of the > OpenSSL project. I believe we are doing everything we should be as far > as the crypto goes, including the subkey byte-swaps on LE machines. > Our subkey table is exactly the same as the one OpenSSL arrives at on > both LE and BE machines. > > Would someone familiar with the processor and knowledge of GCC > built-in's please take a look at things. Suggestions for our next > steps would be greatly appreciated. >
Have you inspected the generated assembly listing and machine instructions to be sure that they are correct? You can refer to the source for vmx-crypto (https://github.com/torvalds/linux/tree/master/drivers/crypto/vmx) in addition to that of OpenSSL. Are you trying to do a cleanroom implementation of this software? Full disclosure: despite my interest in the architecture I have not been able to get access to a POWER8 machine. A server costs about as much as a new car. Any account reseller recommendations or any other options you can think of? If you don't mind responding feel free to do it privately so it doesn't clutter this thread. Cheers, R0b0t1.
