From 085955c56744a9cc82f98ed850deca2165252d2c Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Fri, 16 Feb 2018 14:39:42 -0500
Subject: [PATCH] Actually use the u64 cast.

The point was to remove the silly moduli.

Change-Id: I48c507c9dd1fc46e38e8991ed528b02b8da3dc1d
Reviewed-on: https://boringssl-review.googlesource.com/26044
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 crypto/fipsmodule/modes/ccm.c | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/crypto/fipsmodule/modes/ccm.c b/crypto/fipsmodule/modes/ccm.c
index dba9262c..deff6791 100644
--- a/crypto/fipsmodule/modes/ccm.c
+++ b/crypto/fipsmodule/modes/ccm.c
@@ -115,28 +115,28 @@ static int ccm128_init_state(const CCM128_CONTEXT *ctx,
     // Cast to u64 to avoid the compiler complaining about invalid shifts.
     uint64_t aad_len_u64 = aad_len;
     if (aad_len_u64 < 0x10000 - 0x100) {
-      state->cmac.c[0] ^= (uint8_t)(aad_len >> 8);
-      state->cmac.c[1] ^= (uint8_t)aad_len;
+      state->cmac.c[0] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[1] ^= (uint8_t)aad_len_u64;
       i = 2;
     } else if (aad_len_u64 <= 0xffffffff) {
       state->cmac.c[0] ^= 0xff;
       state->cmac.c[1] ^= 0xfe;
-      state->cmac.c[2] ^= (uint8_t)(aad_len >> 24);
-      state->cmac.c[3] ^= (uint8_t)(aad_len >> 16);
-      state->cmac.c[4] ^= (uint8_t)(aad_len >> 8);
-      state->cmac.c[5] ^= (uint8_t)aad_len;
+      state->cmac.c[2] ^= (uint8_t)(aad_len_u64 >> 24);
+      state->cmac.c[3] ^= (uint8_t)(aad_len_u64 >> 16);
+      state->cmac.c[4] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[5] ^= (uint8_t)aad_len_u64;
       i = 6;
     } else {
       state->cmac.c[0] ^= 0xff;
       state->cmac.c[1] ^= 0xff;
-      state->cmac.c[2] ^= (uint8_t)(aad_len >> (56 % (sizeof(aad_len) * 8)));
-      state->cmac.c[3] ^= (uint8_t)(aad_len >> (48 % (sizeof(aad_len) * 8)));
-      state->cmac.c[4] ^= (uint8_t)(aad_len >> (40 % (sizeof(aad_len) * 8)));
-      state->cmac.c[5] ^= (uint8_t)(aad_len >> (32 % (sizeof(aad_len) * 8)));
-      state->cmac.c[6] ^= (uint8_t)(aad_len >> 24);
-      state->cmac.c[7] ^= (uint8_t)(aad_len >> 16);
-      state->cmac.c[8] ^= (uint8_t)(aad_len >> 8);
-      state->cmac.c[9] ^= (uint8_t)aad_len;
+      state->cmac.c[2] ^= (uint8_t)(aad_len_u64 >> 56);
+      state->cmac.c[3] ^= (uint8_t)(aad_len_u64 >> 48);
+      state->cmac.c[4] ^= (uint8_t)(aad_len_u64 >> 40);
+      state->cmac.c[5] ^= (uint8_t)(aad_len_u64 >> 32);
+      state->cmac.c[6] ^= (uint8_t)(aad_len_u64 >> 24);
+      state->cmac.c[7] ^= (uint8_t)(aad_len_u64 >> 16);
+      state->cmac.c[8] ^= (uint8_t)(aad_len_u64 >> 8);
+      state->cmac.c[9] ^= (uint8_t)aad_len_u64;
       i = 10;
     }