forked from pool/openssl-1_1
02427a3414
* All the minor versions of the 1.1.x openssl branch have the same sonum and keep ABI compatibility - Remove bit obsolete syntax - Use %license macro - Don't disable afalgeng on aarch64 - Add support for s390x CPACF enhancements (fate#321518) patches taken from https://github.com/openssl/openssl/pull/2859: * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch - Do not filter pkgconfig() provides/requires. - Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a clean upgrade path as an aid to zypp (boo#1070003). - Update to 1.1.0g OpenSSL Security Advisory [02 Nov 2017] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2
48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
From 7b46a0ed5938e28d974757db44cc9d299ad5cb4e Mon Sep 17 00:00:00 2001
|
|
From: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
Date: Thu, 23 Feb 2017 14:03:39 +0100
|
|
Subject: [PATCH 02/44] crypto/modes/asm/ghash-s390x.pl: fix gcm_gmult_4bit
|
|
KIMD code path.
|
|
|
|
gcm_gmult_4bit KIMD code path assumed that that Xi is processed.
|
|
However, with iv lengths not equal to 12, the function is also used to process
|
|
Yi, resulting in wrong ghash computation.
|
|
|
|
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
---
|
|
crypto/modes/asm/ghash-s390x.pl | 11 ++++++++++-
|
|
1 file changed, 10 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/crypto/modes/asm/ghash-s390x.pl b/crypto/modes/asm/ghash-s390x.pl
|
|
index f8b038c708..6dbb8232d6 100644
|
|
--- a/crypto/modes/asm/ghash-s390x.pl
|
|
+++ b/crypto/modes/asm/ghash-s390x.pl
|
|
@@ -95,14 +95,23 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
|
|
lg %r1,24(%r1) # load second word of kimd capabilities vector
|
|
tmhh %r1,0x4000 # check for function 65
|
|
jz .Lsoft_gmult
|
|
+ lghi %r1,-16
|
|
stg %r0,16($sp) # arrange 16 bytes of zero input
|
|
stg %r0,24($sp)
|
|
+ la $Htbl,0(%r1,$Htbl) # H lies right before Htable
|
|
+
|
|
lghi %r0,65 # function 65
|
|
- la %r1,0($Xi) # H lies right after Xi in gcm128_context
|
|
+ la %r1,32($sp)
|
|
+ mvc 32(16,$sp),0($Xi) # copy Xi/Yi
|
|
+ mvc 48(16,$sp),0($Htbl) # copy H
|
|
la $inp,16($sp)
|
|
lghi $len,16
|
|
.long 0xb93e0004 # kimd %r0,$inp
|
|
brc 1,.-4 # pay attention to "partial completion"
|
|
+
|
|
+ mvc 0(16,$Xi),32($sp)
|
|
+ xc 32(32,$sp),32($sp) # wipe stack
|
|
+
|
|
br %r14
|
|
.align 32
|
|
.Lsoft_gmult:
|
|
--
|
|
2.13.6
|
|
|