[nss-softokn] - Bug 709517 intel_aes_decrypt_cbc_256 doesn't work correctly when input and output buffers are the
Elio Maldonado
emaldonado at fedoraproject.org
Tue Jun 14 19:00:11 UTC 2011
commit d844d7963f3e52fdc272cca89e1a24405761760e
Author: Elio Maldonado <emaldona at dhcp-225.sjc.redhat.com>
Date: Tue Jun 14 11:54:21 2011 -0700
- Bug 709517 intel_aes_decrypt_cbc_256 doesn't work correctly when input and output buffers are the same
- Fix aes.s to read the next IV from the buffer before it overwrites it with the plain text
in the minor loop for the 256 bit aes operation.
bz709517.patch | 20 ++++++++++++++++++++
1 files changed, 20 insertions(+), 0 deletions(-)
---
diff --git a/bz709517.patch b/bz709517.patch
new file mode 100644
index 0000000..6322c24
--- /dev/null
+++ b/bz709517.patch
@@ -0,0 +1,20 @@
+? .rijndael.h.swp
+? patch
+Index: intel-aes.s
+===================================================================
+RCS file: /cvsroot/mozilla/security/nss/lib/freebl/intel-aes.s,v
+retrieving revision 1.3.2.1
+diff -u -p -r1.3.2.1 intel-aes.s
+--- intel-aes.s 18 Nov 2010 01:31:18 -0000 1.3.2.1
++++ intel-aes.s 1 Jun 2011 22:58:18 -0000
+@@ -1654,8 +1654,8 @@ intel_aes_decrypt_cbc_256:
+ .byte 0x66,0x41,0x0f,0x38,0xdf,0xc8 /* aesdeclast %xmm8, %xmm1 */
+ movdqu 112(%rdi), %xmm8
+ pxor %xmm0, %xmm1
+- movdqu %xmm1, (%rsi, %rax)
+- movdqu (%r8, %rax), %xmm0
++ movdqu (%r8, %rax), %xmm0 /* fetch the IV before we store the block */
++ movdqu %xmm1, (%rsi, %rax) /* in case input buf = output buf */
+ addq $16, %rax
+ cmpq %rax, %r9
+ jne 4b
More information about the scm-commits
mailing list