Le 30/08/2024 à 18:42, Christophe Leroy a écrit :
Le 30/08/2024 à 18:14, Jason A. Donenfeld a écrit :
On Fri, Aug 30, 2024 at 05:57:08PM +0200, Christophe Leroy wrote:
- * r5: 8-byte counter input/output (saved on stack)
- * r14-r15: counter
- */
+SYM_FUNC_START(__arch_chacha20_blocks_nostack) + stwu r1, -96(r1) + stw r5, 20(r1) + stmw r14, 24(r1) + li r31, 4 + LWZX_LE r14, 0, r5 + LWZX_LE r15, r31, r5
Why swap endian on the counter?
Unlike the keys, the counter is passed to the function as an u8*, not as a u64*, so I thought it was raw data in little endian order, same as when using Sodium. Is it wrong ?
Hum ..... I looked again and it seems it is already a u32 *. Looks like I mis-read the 8-byte comment. Or I did it right in the begining then I swapped it at the same time as I swapped the keys after my first test when the selftest was using Sodium. I can't remember. I'll fix it.
Christophe