On Tue, Jun 30, 2020 at 12:29 PM Jeffrey Walton noloader@gmail.com wrote:

One small comment for aes_encrypt and aes_decrypt... src and dst are

usually user supplied buffers. Using lxvd2x to load a vector may produce incorrect results if the user is feeding a stream to an encryptor or decryptor that is not naturally aligned to that of an unsigned int. (On the other hand, Nettle controls the round keys array so lxvd2x should be fine.)

Instead of lxvd2x and friends for the user's buffers you should consider using lvx and doing the lvsl thing to fix the data in the registers.

Jeff

I considered using lvx and lvsl to load the user's buffers but lxvd2x loads unaligned data properly as well as making the loading process simpler. I tested loading data that was not aligned at 1 byte and so lxvd2x handled it properly. Let me know if I miss something.