This is the mail archive of the mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Power 8 in-core crypto not working as expected

On Thu, Sep 7, 2017 at 4:38 AM, Segher Boessenkool
<> wrote:
> Hi!
> On Thu, Sep 07, 2017 at 12:37:33AM -0400, Jeffrey Walton wrote:
>> I have implementation for AES on Power 8 using GCC's built-ins. Its
>> available for inspection and download at
>> The problem is, it does not
>> arrive at the correct results on GCC112 (ppc64-le) or GCC119 (AIX, big
>> endian).
> First see if you can get a *single* vcipher call to work as expected
> (it is a single round of AES).  Refer to Power ISA 3.0B and FIPS 197.

Thanks Segher.

We are using the key and subkey schedule from FIPS 197, Appendix A. We
are using it because the key schedule is fully specified.

We lack the known answers for a single round using a subkey like one
specified in FIPS 197. IBM does not appear to provide them.

I've been trying to obtain a subkey schedule and known answers
per-round from IBM. I've been in touch with some folks at Linux
Technology Center. I have not been successful.

I don't have access to Power ISA 3.0B. It seems to be hidden behind a
Before I go down a rabbit hole of trying to obtain a membership, do
you know if the documents provide the information we need? I.e., the
fully specified key schedule and the known answers?

This sort of thing takes the fun out of computing.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]