From 3a8012cbf26a9de010672296f7ca3dc131395172 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Mon, 18 Sep 2006 19:13:15 +0000 Subject: [PATCH] Improve 386 portability of aes-586.pl. --- crypto/aes/asm/aes-586.pl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/aes/asm/aes-586.pl b/crypto/aes/asm/aes-586.pl index 7b75685025..8b27e4c65c 100755 --- a/crypto/aes/asm/aes-586.pl +++ b/crypto/aes/asm/aes-586.pl @@ -117,8 +117,9 @@ # # Version 4.3 implements switch between compact and non-compact block # functions in AES_cbc_encrypt depending on how much data was asked -# to process in one stroke. +# to be processed in one stroke. # +###################################################################### # Timing attacks are classified in two classes: synchronous when # attacker consciously initiates cryptographic operation and collects # timing data of various character afterwards, and asynchronous when @@ -141,7 +142,7 @@ # timing. But note that *if* plain-text was concealed in such way that # input to block function is distributed *uniformly*, then attack # wouldn't apply. Now note that some encryption modes, most notably -# CBC, do masks the plain-text in this exact way [secure cipher output +# CBC, do mask the plain-text in this exact way [secure cipher output # is distributed uniformly]. Yes, one still might find input that # would reveal the information about given key, but if amount of # candidate inputs to be tried is larger than amount of possible key @@ -2459,7 +2460,7 @@ my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds &pushf (); # kludge, never executed &set_label("slow_enc_tail",16); - &emms (); + &emms () if (!$x86only); &mov ($key eq "edi"? $key:"",$s3); # load out to edi &mov ($s1,16); &sub ($s1,$s2); -- 2.25.1