From jussi.kivilinna at iki.fi  Sun Feb  4 20:35:07 2024
From: jussi.kivilinna at iki.fi (Jussi Kivilinna)
Date: Sun,  4 Feb 2024 21:35:07 +0200
Subject: [PATCH] rijndael-s390x: fix AES256-XTS feature mask
Message-ID: <20240204193508.2372873-1-jussi.kivilinna@iki.fi>

* cipher/rijndael-s390x.c (_gcry_aes_s390x_setup_acceleration): Fix
AES256-XTS feature mask.
--

Implementation was checking for plain AES256 HW-acceleration instead of
AES256-XTS mode acceleration.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 cipher/rijndael-s390x.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cipher/rijndael-s390x.c b/cipher/rijndael-s390x.c
index e50537ed..0a26020e 100644
--- a/cipher/rijndael-s390x.c
+++ b/cipher/rijndael-s390x.c
@@ -1058,7 +1058,7 @@ int _gcry_aes_s390x_setup_acceleration(RIJNDAEL_context *ctx,
       func = KM_FUNCTION_AES_256;
       func_xts = KM_FUNCTION_XTS_AES_256;
       func_mask = km_function_to_mask(KM_FUNCTION_AES_256);
-      func_xts_mask = km_function_to_mask(KM_FUNCTION_AES_256);
+      func_xts_mask = km_function_to_mask(KM_FUNCTION_XTS_AES_256);
       break;
     }
 
-- 
2.40.1



From jussi.kivilinna at iki.fi  Sun Feb  4 20:35:08 2024
From: jussi.kivilinna at iki.fi (Jussi Kivilinna)
Date: Sun,  4 Feb 2024 21:35:08 +0200
Subject: [PATCH] Fix Kyber segfaulting on Win64
In-Reply-To: <20240204193508.2372873-1-jussi.kivilinna@iki.fi>
References: <20240204193508.2372873-1-jussi.kivilinna@iki.fi>
Message-ID: <20240204193508.2372873-2-jussi.kivilinna@iki.fi>

* cipher/kyber.c (prg, pkprf): Cast variadic parameters to expected
types ('void *' and 'size_t').
--

Mismatch of variadic parameter integer types (int vs size_t) caused
shake256v to segfault on Win64.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 cipher/kyber.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/cipher/kyber.c b/cipher/kyber.c
index 1018cde6..c93ab812 100644
--- a/cipher/kyber.c
+++ b/cipher/kyber.c
@@ -381,8 +381,14 @@ static void kyber_shake128_absorb (keccak_state *state,
 #define xof_close(STATE) shake128_close(STATE)
 #define xof_absorb(STATE, SEED, X, Y) kyber_shake128_absorb(STATE, SEED, X, Y)
 #define xof_squeezeblocks(OUT, OUTBLOCKS, STATE) shake128_squeeze(STATE, OUT, SHAKE128_RATE * OUTBLOCKS)
-#define prf(OUT, OUTBYTES, KEY, NONCE) shake256v(OUT, OUTBYTES, KEY, KYBER_SYMBYTES, &nonce, 1, NULL, 0)
-#define rkprf(OUT, KEY, INPUT) shake256v(OUT, KYBER_SSBYTES, KEY, KYBER_SYMBYTES, INPUT, KYBER_CIPHERTEXTBYTES, NULL, 0)
+#define prf(OUT, OUTBYTES, KEY, NONCE) \
+  shake256v(OUT, OUTBYTES, (void *)(KEY), (size_t)KYBER_SYMBYTES, \
+			   (void *)&(NONCE), (size_t)1, \
+			   NULL, (size_t)0)
+#define rkprf(OUT, KEY, INPUT) \
+  shake256v(OUT, KYBER_SSBYTES, (void *)(KEY), (size_t)KYBER_SYMBYTES, \
+				(void *)(INPUT), (size_t)KYBER_CIPHERTEXTBYTES, \
+				NULL, (size_t)0)
 
 #include "kyber-common.c"
 
-- 
2.40.1