1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
#include <stdint.h>
#include <minilib.h>
int main()
{
/*
* Test vector from QARMA paper (https://eprint.iacr.org/2016/444.pdf)
* to verify one computation of the pauth_computepac() function,
* which uses sbox2.
*
* Use PACGA, because it returns the most bits from ComputePAC.
* We still only get the most significant 32-bits of the result.
*/
static const uint64_t d[5] = {
0xfb623599da6e8127ull,
0x477d469dec0b8762ull,
0x84be85ce9804e94bull,
0xec2802d4e0a488e9ull,
0xc003b93999b33765ull & 0xffffffff00000000ull
};
uint64_t r;
asm("msr apgakeyhi_el1, %[w0]\n\t"
"msr apgakeylo_el1, %[k0]\n\t"
"pacga %[r], %[P], %[T]"
: [r] "=r"(r)
: [P] "r" (d[0]),
[T] "r" (d[1]),
[w0] "r" (d[2]),
[k0] "r" (d[3]));
if (r == d[4]) {
ml_printf("OK\n");
return 0;
} else {
ml_printf("FAIL: %lx != %lx\n", r, d[4]);
return 1;
}
}
|
