From a89544226aee7d3fee1646feb779c0e04dda66e5 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue, 6 Feb 2018 04:39:39 +0100
Subject: accelerated: fix use of SSSE3 vpaes_encrypt

Previously we assumed that the nettle GCM internal functions
will use the provided ECB function for single block encryption.
Newer versions no longer operate that way. Ensure that we
are compatible with them.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
---
 lib/accelerated/x86/aes-gcm-x86-ssse3.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/accelerated/x86/aes-gcm-x86-ssse3.c b/lib/accelerated/x86/aes-gcm-x86-ssse3.c
index 1ca54164a9..f828f0a3b1 100644
--- a/lib/accelerated/x86/aes-gcm-x86-ssse3.c
+++ b/lib/accelerated/x86/aes-gcm-x86-ssse3.c
@@ -53,8 +53,14 @@ static void x86_aes_encrypt(void *_ctx,
 #endif
 {
 	AES_KEY *ctx = (void*)_ctx;
+	unsigned i;
+	unsigned blocks = (length+15) / 16;
 
-	vpaes_encrypt(src, dst, ctx);
+	for (i=0;i<blocks;i++) {
+		vpaes_encrypt(src, dst, ctx);
+		dst += 16;
+		src += 16;
+	}
 }
 
 #ifdef USE_NETTLE3
-- 
cgit v1.2.1