Use vpaes + conversion to setup CBC decrypt on NEON.
Our bsaes CBC decrypt implementation does not need a block128_f, so we
can just convert the key once and move on.
Bug: 256
Change-Id: Ie96571a479c74734a12318c2210066eb7be0971c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/37428
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/fipsmodule/cipher/e_aes.c b/crypto/fipsmodule/cipher/e_aes.c
index bc90649..685d2db 100644
--- a/crypto/fipsmodule/cipher/e_aes.c
+++ b/crypto/fipsmodule/cipher/e_aes.c
@@ -110,7 +110,10 @@
dat->stream.cbc = aes_hw_cbc_encrypt;
}
} else if (bsaes_capable() && mode == EVP_CIPH_CBC_MODE) {
- ret = aes_nohw_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+ ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+ if (ret == 0) {
+ vpaes_decrypt_key_to_bsaes(&dat->ks.ks, &dat->ks.ks);
+ }
// If |dat->stream.cbc| is provided, |dat->block| is never used.
dat->block = NULL;
dat->stream.cbc = bsaes_cbc_encrypt;
