evp/e_aes_cbc_hmac_{sha1|sha256}.c: tag reference code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-03-01 11:40:41 +01:00 · 2017-03-01 11:40:41 +01:00 · 5908555c96
commit 5908555c96
parent 36907eaef5
2 changed files with 8 additions and 8 deletions
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@ -565,7 +565,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
            }
 # endif

-# if 1
+# if 1      /* see original reference version in #else */
            len -= SHA_DIGEST_LENGTH; /* amend mac */
            if (len >= (256 + SHA_CBLOCK)) {
                j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
@ -659,7 +659,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
            }
 #  endif
            len += SHA_DIGEST_LENGTH;
-# else
+# else      /* pre-lucky-13 reference version of above */
            SHA1_Update(&key->md, out, inp_len);
            res = key->md.num;
            SHA1_Final(pmac->c, &key->md);
@ -686,7 +686,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
            /* verify HMAC */
            out += inp_len;
            len -= inp_len;
-# if 1
+# if 1      /* see original reference version in #else */
            {
                unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
                size_t off = out - p;
@ -708,7 +708,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
                ret &= (int)~res;
            }
-# else
+# else      /* pre-lucky-13 reference version of above */
            for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
                res |= out[i] ^ pmac->c[i];
            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@ -552,7 +552,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
            key->md = key->head;
            SHA256_Update(&key->md, key->aux.tls_aad, plen);

-# if 1
+# if 1      /* see original reference version in #else */
            len -= SHA256_DIGEST_LENGTH; /* amend mac */
            if (len >= (256 + SHA256_CBLOCK)) {
                j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK);
@ -680,7 +680,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
                for (; inp_blocks < pad_blocks; inp_blocks++)
                    sha1_block_data_order(&key->md, data, 1);
            }
-# endif
+# endif      /* pre-lucky-13 reference version of above */
            key->md = key->tail;
            SHA256_Update(&key->md, pmac->c, SHA256_DIGEST_LENGTH);
            SHA256_Final(pmac->c, &key->md);
@ -688,7 +688,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
            /* verify HMAC */
            out += inp_len;
            len -= inp_len;
-# if 1
+# if 1      /* see original reference version in #else */
            {
                unsigned char *p =
                    out + len - 1 - maxpad - SHA256_DIGEST_LENGTH;
@ -711,7 +711,7 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
                ret &= (int)~res;
            }
-# else
+# else      /* pre-lucky-13 reference version of above */
            for (res = 0, i = 0; i < SHA256_DIGEST_LENGTH; i++)
                res |= out[i] ^ pmac->c[i];
            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));