SHA256
1
0
forked from pool/openssl-1_1
openssl-1_1/0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
Vítězslav Čížek 02427a3414 - Renamed from openssl-1_1_0 (bsc#1081335)
* All the minor versions of the 1.1.x openssl branch have the same
    sonum and keep ABI compatibility

- Remove bit obsolete syntax
- Use %license macro

- Don't disable afalgeng on aarch64

- Add support for s390x CPACF enhancements (fate#321518)
  patches taken from https://github.com/openssl/openssl/pull/2859:
  * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
  * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
  * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
  * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
  * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
  * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
  * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
  * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
  * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
  * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
  * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch

- Do not filter pkgconfig() provides/requires.

- Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a
  clean upgrade path as an aid to zypp (boo#1070003).

- Update to 1.1.0g
  OpenSSL Security Advisory [02 Nov 2017]

OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2
2018-02-16 12:13:08 +00:00

48 lines
1.5 KiB
Diff

From 7b46a0ed5938e28d974757db44cc9d299ad5cb4e Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Thu, 23 Feb 2017 14:03:39 +0100
Subject: [PATCH 02/44] crypto/modes/asm/ghash-s390x.pl: fix gcm_gmult_4bit
KIMD code path.
gcm_gmult_4bit KIMD code path assumed that that Xi is processed.
However, with iv lengths not equal to 12, the function is also used to process
Yi, resulting in wrong ghash computation.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
---
crypto/modes/asm/ghash-s390x.pl | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl
index f8b038c708..6dbb8232d6 100644
--- a/crypto/modes/asm/ghash-s390x.pl
+++ b/crypto/modes/asm/ghash-s390x.pl
@@ -95,14 +95,23 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
lg %r1,24(%r1) # load second word of kimd capabilities vector
tmhh %r1,0x4000 # check for function 65
jz .Lsoft_gmult
+ lghi %r1,-16
stg %r0,16($sp) # arrange 16 bytes of zero input
stg %r0,24($sp)
+ la $Htbl,0(%r1,$Htbl) # H lies right before Htable
+
lghi %r0,65 # function 65
- la %r1,0($Xi) # H lies right after Xi in gcm128_context
+ la %r1,32($sp)
+ mvc 32(16,$sp),0($Xi) # copy Xi/Yi
+ mvc 48(16,$sp),0($Htbl) # copy H
la $inp,16($sp)
lghi $len,16
.long 0xb93e0004 # kimd %r0,$inp
brc 1,.-4 # pay attention to "partial completion"
+
+ mvc 0(16,$Xi),32($sp)
+ xc 32(32,$sp),32($sp) # wipe stack
+
br %r14
.align 32
.Lsoft_gmult:
--
2.13.6