-
Notifications
You must be signed in to change notification settings - Fork 822
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AES XTS asm x64 MSVC #7424
AES XTS asm x64 MSVC #7424
Conversation
58ac50f
to
25168e7
Compare
IDE/WIN10/user_settings.h
Outdated
@@ -117,6 +117,7 @@ | |||
#define HAVE_FFDHE_6144 | |||
#define HAVE_FFDHE_8192 | |||
#define WOLFSSL_AES_OFB | |||
#define WOLFSSL_AES_XTS |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we should enable XTS mode in this section just because this is the default file we reference for the first 2 140-3 submissions as the "allowed" settings but XTS wasn't in either of those submissions. This would be more "ideal" if we want it in this file:
diff --git a/IDE/WIN10/user_settings.h b/IDE/WIN10/user_settings.h
index cc1c34ede..d0b6e727c 100644
--- a/IDE/WIN10/user_settings.h
+++ b/IDE/WIN10/user_settings.h
@@ -119,6 +119,9 @@
#define WOLFSSL_AES_OFB
#define FP_MAX_BITS 16384
#endif /* FIPS v5 */
+ #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 7)
+ #define WOLFSSL_AES_XTS
+ #endif
#else
/* Enables blinding mode, to prevent timing attacks */
#define WC_RSA_BLINDING
#endif /* FIPS v5 */
However for v6 (new submission with XTS) or v7 (fips-ready moving forward) we'll be referring to IDE/WIN-SRTP-KDF-140-3/ (which should already have XTS enabled for v6 or greater).
v5.2.0 -> first 140-3 submission (HAVE_FIPS_VERSION >= 5)
v5.2.1 -> second 140-3 submission (HAVE_FIPS_VERSION >= 5)
v6.0.0 -> third 140-3 submission (HAVE_FIPS_VERSION >= 6)
v7.0.0 -> fips-ready latest version (HAVE_FIPS_VERSION >= 7)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change made as described in diff.
25168e7
to
a1ae2b3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this has merge conflicts now.
IDE/WIN10/user_settings.h
Outdated
@@ -119,6 +119,9 @@ | |||
#define WOLFSSL_AES_OFB | |||
#define FP_MAX_BITS 16384 | |||
#endif /* FIPS v5 */ | |||
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 7) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be HAVE_FIPS_VERSION >= 6
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
Use assembly code for AES-XTS with MSVC for x64.
a1ae2b3
to
b87b521
Compare
retest this please |
AES XTS asm x64 MSVC
Description
Use assembly code for AES-XTS with MSVC for x64.
Testing
Jenkins
Checklist