kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Drop some unused bsaes to aes_nohw dependencies.

Browse Source 
When the CBC and CTR EVP_CIPHER implementations use bsaes, they never
call dat->block. Note this is *not* true of aes_ctr_set_key which is
used in contexts where it needs single-block operations.

Bug: 256
Change-Id: Ibea4f2117a2220cd5cb09f6cf12b7a50c28bf794
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35168
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2019-03-02 18:47:59 -06:00 committed by Adam Langley
parent d22578f366
commit fdb48f9861
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/fipsmodule/cipher/e_aes.c
View File

@ -111,7 +111,8 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
}
} else if (bsaes_capable() && mode == EVP_CIPH_CBC_MODE) {
ret = aes_nohw_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
dat->block = aes_nohw_decrypt;
// If |dat->stream.cbc| is provided, |dat->block| is never used.
dat->block = NULL;
dat->stream.cbc = bsaes_cbc_encrypt;
} else if (vpaes_capable()) {
ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
@ -138,7 +139,8 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
}
} else if (bsaes_capable() && mode == EVP_CIPH_CTR_MODE) {
ret = aes_nohw_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
dat->block = aes_nohw_encrypt;
// If |dat->stream.ctr| is provided, |dat->block| is never used.
dat->block = NULL;
dat->stream.ctr = bsaes_ctr32_encrypt_blocks;
} else if (vpaes_capable()) {
ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);