]> git.ipfire.org Git - people/ms/strongswan.git/commit
projects / people / ms / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 93f0080) | patch
aesni: Avoid loading AES/GHASH round keys into local variables
authorMartin Willi <martin@revosec.ch>
Tue, 14 Apr 2015 10:38:18 +0000 (12:38 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 15 Apr 2015 11:44:40 +0000 (13:44 +0200)
commit37794878ccea66310391194daa26e7cb1ca0e85e
tree4d85951f1df7a19f5c98f06b1f2423ba1e2e97ddtree | snapshot
parent93f0080265a700ab9060783807b53c39e1b536b1commit | diff
aesni: Avoid loading AES/GHASH round keys into local variables

The performance impact is not measurable, as the compiler loads these variables
in xmm registers in unrolled loops anyway.

However, we avoid loading these sensitive keys onto the stack. This happens for
larger key schedules, where the register count is insufficient. If that key
material is not on the stack, we can avoid to wipe it explicitly after
crypto operations.
src/libstrongswan/plugins/aesni/aesni_cbc.c diff | blob | blame | history
src/libstrongswan/plugins/aesni/aesni_ccm.c diff | blob | blame | history
src/libstrongswan/plugins/aesni/aesni_cmac.c diff | blob | blame | history
src/libstrongswan/plugins/aesni/aesni_ctr.c diff | blob | blame | history
src/libstrongswan/plugins/aesni/aesni_gcm.c diff | blob | blame | history
src/libstrongswan/plugins/aesni/aesni_xcbc.c diff | blob | blame | history
Michael's strongswan development tree