Apply WolfSSL Poly1305 Aarch64 PR fix

Apply the wolfSSL/wolfssl#8275 PR fix. The original revert patch was here to fix mismatched tag when we are using ChaCha20 in TCP connection. See #183
expressvpn · Dec 11, 2024 · 9d88ec3 · 9d88ec3
1 parent 22e1d7d
commit 9d88ec3
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 691 deletions.
diff --git a/windows_32.yml b/windows_32.yml
@@ -12,7 +12,7 @@
         :source: "%HE_WOLFSSL_SOURCE%"
         :tag: "%HE_WOLFSSL_TAG%"
       :build:
-        - git apply ../../wolfssl/0001-revert-aarch64-poly1305-asm-improve-performance.patch
+        - git apply ../../wolfssl/0001-fix-poly1305-aarch64-corner-case.patch
         - git apply ../../wolfssl/0002-include-private-key-fields-for-kyber.patch
         - git apply ../../wolfssl/0003-make-kyber-mlkem-available.patch
         - git apply ../../wolfssl/0004-fix-kyber-mlkem-benchmark.patch

diff --git a/windows_64.yml b/windows_64.yml
@@ -12,7 +12,7 @@
         :source: "%HE_WOLFSSL_SOURCE%"
         :tag: "%HE_WOLFSSL_TAG%"
       :build:
-        - git apply ../../wolfssl/0001-revert-aarch64-poly1305-asm-improve-performance.patch
+        - git apply ../../wolfssl/0001-fix-poly1305-aarch64-corner-case.patch
         - git apply ../../wolfssl/0002-include-private-key-fields-for-kyber.patch
         - git apply ../../wolfssl/0003-make-kyber-mlkem-available.patch
         - git apply ../../wolfssl/0004-fix-kyber-mlkem-benchmark.patch

diff --git a/windows_arm64.yml b/windows_arm64.yml
@@ -12,7 +12,7 @@
         :source: "%HE_WOLFSSL_SOURCE%"
         :tag: "%HE_WOLFSSL_TAG%"
       :build:
-        - git apply ../../wolfssl/0001-revert-aarch64-poly1305-asm-improve-performance.patch
+        - git apply ../../wolfssl/0001-fix-poly1305-aarch64-corner-case.patch
         - git apply ../../wolfssl/0002-include-private-key-fields-for-kyber.patch
         - git apply ../../wolfssl/0003-make-kyber-mlkem-available.patch
         - git apply ../../wolfssl/0004-fix-kyber-mlkem-benchmark.patch

diff --git a/wolfssl/0001-fix-poly1305-aarch64-corner-case.patch b/wolfssl/0001-fix-poly1305-aarch64-corner-case.patch
@@ -0,0 +1,23 @@
+From c0f3b433b29ec21feb1a292990c1657d2dfab8f5 Mon Sep 17 00:00:00 2001
+From: Sean Parkinson <[email protected]>
+Date: Wed, 11 Dec 2024 12:49:21 +1000
+Subject: [PATCH] Aarch64 Poly1305: fix corner case
+
+Don't mask top 26 bits as it may have next bit set as reduction step was
+only approximate.
+---
+ wolfcrypt/src/port/arm/armv8-poly1305.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/wolfcrypt/src/port/arm/armv8-poly1305.c b/wolfcrypt/src/port/arm/armv8-poly1305.c
+index a258f3607b..fc0c39e638 100644
+--- a/wolfcrypt/src/port/arm/armv8-poly1305.c
++++ b/wolfcrypt/src/port/arm/armv8-poly1305.c
+@@ -146,7 +146,6 @@ static WC_INLINE void poly1305_blocks_aarch64_16(Poly1305* ctx,
+         "AND        x5, x10, x4, LSR #26\n\t"
+         "AND        x4, x4, x10\n\t"
+         "AND        x6, x6, x10\n\t"
+-        "AND        x8, x8, x10\n\t"
+         "STP        w4, w5, [%[ctx_h], #0]   \n\t"
+         "STP        w6, w7, [%[ctx_h], #8]   \n\t"
+         "STR        w8, [%[ctx_h], #16]   \n\t"