Commit 5c600465 authored by Andy Polyakov's avatar Andy Polyakov
Browse files

e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. 

PR: 3002
parent cbd64894

crypto/evp/e_aes_cbc_hmac_sha1.c

+3 −2
Original line number Diff line number Diff line
@@ -327,10 +327,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 


				if (res!=SHA_CBLOCK) continue;



				mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));

				/* j is not incremented yet */

				mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));

				data->u[SHA_LBLOCK-1] |= bitlen&mask;

				sha1_block_data_order(&key->md,data,1);

				mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));

				mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));

				pmac->u[0] |= key->md.h0 & mask;

				pmac->u[1] |= key->md.h1 & mask;

				pmac->u[2] |= key->md.h2 & mask;