This is the mail archive of the
mailing list for the GCC project.
Re: Power 8 in-core crypto not working as expected
> On Sep 7, 2017, at 10:35 AM, Jeffrey Walton <email@example.com> wrote:
> On Thu, Sep 7, 2017 at 4:38 AM, Segher Boessenkool
> <firstname.lastname@example.org> wrote:
>> On Thu, Sep 07, 2017 at 12:37:33AM -0400, Jeffrey Walton wrote:
>>> I have implementation for AES on Power 8 using GCC's built-ins. Its
>>> available for inspection and download at
>>> https://github.com/noloader/AES-Power8. The problem is, it does not
>>> arrive at the correct results on GCC112 (ppc64-le) or GCC119 (AIX, big
>> First see if you can get a *single* vcipher call to work as expected
>> (it is a single round of AES). Refer to Power ISA 3.0B and FIPS 197.
> Thanks Segher.
> We are using the key and subkey schedule from FIPS 197, Appendix A. We
> are using it because the key schedule is fully specified.
> We lack the known answers for a single round using a subkey like one
> specified in FIPS 197. IBM does not appear to provide them.
Known answers don't depend on hardware. If there is a documented single round known answer, and the hardware primitive is a single round with a supplied subkey, then that answer should apply.