Merge pull request wolfSSL#9671 from SparkiDev/aes_gcm_arm32_hw_crypto_set_key_unaligned

dgarske · web-flow · commit 2971c7024bd8 · 2026-02-18T10:54:42.000-08:00
ARM32 HW Crypto: AES-GCM set key unaligned key
diff --git a/wolfcrypt/src/port/arm/armv8-32-aes-asm.S b/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
@@ -3914,7 +3914,8 @@ L_aes_ctr_encrypt_arm32_crypto_done:
 AES_GCM_set_key_AARCH32:
 	vpush	{d8, d9}
 	vld1.8	{q0}, [r0]
-	vldm	r1!, {q1-q4}
+	vld1.8	{q1, q2}, [r1]!
+	vld1.8	{q3, q4}, [r1]!
 	aese.8	q0, q1
 	aesmc.8	q0, q0
 	aese.8	q0, q2
@@ -3923,7 +3924,8 @@ AES_GCM_set_key_AARCH32:
 	aesmc.8	q0, q0
 	aese.8	q0, q4
 	aesmc.8	q0, q0
-	vldm	r1!, {q1-q4}
+	vld1.8	{q1, q2}, [r1]!
+	vld1.8	{q3, q4}, [r1]!
 	aese.8	q0, q1
 	aesmc.8	q0, q0
 	aese.8	q0, q2
@@ -3933,25 +3935,25 @@ AES_GCM_set_key_AARCH32:
 	aese.8	q0, q4
 	aesmc.8	q0, q0
 	subs	r3, r3, #10
-	vld1.32	{q1, q2}, [r1]!
+	vld1.8	{q1, q2}, [r1]!
 	aese.8	q0, q1
 	aesmc.8	q0, q0
 	aese.8	q0, q2
 	beq	L_aes_gcm_set_key_arm32_crypto_round_done
-	vld1.32	{q1, q2}, [r1]!
+	vld1.8	{q1, q2}, [r1]!
 	subs	r3, r3, #2
 	aesmc.8	q0, q0
 	aese.8	q0, q1
 	aesmc.8	q0, q0
 	aese.8	q0, q2
 	beq	L_aes_gcm_set_key_arm32_crypto_round_done
-	vld1.32	{q1, q2}, [r1]!
+	vld1.8	{q1, q2}, [r1]!
 	aesmc.8	q0, q0
 	aese.8	q0, q1
 	aesmc.8	q0, q0
 	aese.8	q0, q2
 L_aes_gcm_set_key_arm32_crypto_round_done:
-	vld1.32	{q1}, [r1]
+	vld1.8	{q1}, [r1]
 	veor	q0, q0, q1
 	vmov.i8	q1, #0x55
 	vshl.u8	q2, q0, #1
diff --git a/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c b/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
@@ -4219,7 +4219,8 @@ WC_OMIT_FRAME_POINTER void AES_GCM_set_key_AARCH32(const byte* nonce,
 
     __asm__ __volatile__ (
         "vld1.8	{q0}, [%[nonce]]\n\t"
-        "vldm	%[key]!, {q1-q4}\n\t"
+        "vld1.8	{q1-q2}, [%[key]]!\n\t"
+        "vld1.8	{q3-q4}, [%[key]]!\n\t"
         "aese.8	q0, q1\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q2\n\t"
@@ -4228,7 +4229,8 @@ WC_OMIT_FRAME_POINTER void AES_GCM_set_key_AARCH32(const byte* nonce,
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q4\n\t"
         "aesmc.8	q0, q0\n\t"
-        "vldm	%[key]!, {q1-q4}\n\t"
+        "vld1.8	{q1-q2}, [%[key]]!\n\t"
+        "vld1.8	{q3-q4}, [%[key]]!\n\t"
         "aese.8	q0, q1\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q2\n\t"
@@ -4238,26 +4240,26 @@ WC_OMIT_FRAME_POINTER void AES_GCM_set_key_AARCH32(const byte* nonce,
         "aese.8	q0, q4\n\t"
         "aesmc.8	q0, q0\n\t"
         "subs	%[nr], %[nr], #10\n\t"
-        "vld1.32	{q1-q2}, [%[key]]!\n\t"
+        "vld1.8	{q1-q2}, [%[key]]!\n\t"
         "aese.8	q0, q1\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q2\n\t"
         "beq	L_aes_gcm_set_key_arm32_crypto_round_done_%=\n\t"
-        "vld1.32	{q1-q2}, [%[key]]!\n\t"
+        "vld1.8	{q1-q2}, [%[key]]!\n\t"
         "subs	%[nr], %[nr], #2\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q1\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q2\n\t"
         "beq	L_aes_gcm_set_key_arm32_crypto_round_done_%=\n\t"
-        "vld1.32	{q1-q2}, [%[key]]!\n\t"
+        "vld1.8	{q1-q2}, [%[key]]!\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q1\n\t"
         "aesmc.8	q0, q0\n\t"
         "aese.8	q0, q2\n\t"
         "\n"
     "L_aes_gcm_set_key_arm32_crypto_round_done_%=: \n\t"
-        "vld1.32	{q1}, [%[key]]\n\t"
+        "vld1.8	{q1}, [%[key]]\n\t"
         "veor	q0, q0, q1\n\t"
         "vmov.i8	q1, #0x55\n\t"
         "vshl.u8	q2, q0, #1\n\t"
