diff options
author | Andy Polyakov <appro@openssl.org> | 2017-03-20 11:38:25 +0100 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2017-03-22 11:04:48 +0100 |
commit | 4150efdb76ac2548a1583e18ee0fafa2ac31b73c (patch) | |
tree | 81e683f350d7c306507b0be081d65c80c8fa34d1 /crypto | |
parent | 8ed92460b7a4a2a310f1b0dde6e36f9055f5b87b (diff) |
aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
Initial IV was disregarded on SHAEXT-capable processors. Amazingly
enough bulk AES128-SHA* talk-to-yourself tests were passing.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2992)
(cherry picked from commit 08d09628d2c9f3ef599399d8cad021a07ab98347)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/aes/asm/aesni-sha1-x86_64.pl | 1 | ||||
-rw-r--r-- | crypto/aes/asm/aesni-sha256-x86_64.pl | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl index 8c84260856..7a30e893fb 100644 --- a/crypto/aes/asm/aesni-sha1-x86_64.pl +++ b/crypto/aes/asm/aesni-sha1-x86_64.pl @@ -1702,6 +1702,7 @@ $code.=<<___; mov 240($key),$rounds sub $in0,$out movups ($key),$rndkey0 # $key[0] + movups ($ivp),$iv # load IV movups 16($key),$rndkey[0] # forward reference lea 112($key),$key # size optimization diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl index 72f44ecf62..588ade64ee 100644 --- a/crypto/aes/asm/aesni-sha256-x86_64.pl +++ b/crypto/aes/asm/aesni-sha256-x86_64.pl @@ -1299,6 +1299,7 @@ $code.=<<___; mov 240($key),$rounds sub $in0,$out movups ($key),$rndkey0 # $key[0] + movups ($ivp),$iv # load IV movups 16($key),$rndkey[0] # forward reference lea 112($key),$key # size optimization |