shithub: riscv

Download patch

ref: c021390e218066ca01828917dd940dff26ceff3b
parent: 77757dbdb197f09454c73e285439b810030b9414
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun Oct 29 17:49:24 EDT 2017

libsec: rewrite aex_xts_encrypt()/aes_xts_decrypt()

the previous implementation was not portable at all, assuming
little endian in gf_mulx() and that one can cast unaligned
pointers to ulong in xor128(). also the error code is likely
to be ignored, so better abort() when the length is not a
multiple of the AES block size.

we also pass in full AESstate structures now instead of
the expanded key longs, so that we do not need to hardcode
the number of rounds. this allows each indiviaul keys to
be bigger than 128 bit.