diff options
author | Jussi Kivilinna <jussi.kivilinna@mbnet.fi> | 2013-01-29 10:05:15 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-02-19 11:30:05 +0100 |
commit | e0139f73600ed584f23d57a2baf768e32ea900ec (patch) | |
tree | 730313ac0445de84e8df681572f5718f5332e036 | |
parent | d30c86465fef9531766fd7c124a5d87d7645850e (diff) | |
download | libgcrypt-e0139f73600ed584f23d57a2baf768e32ea900ec.tar.gz |
libgcrypt-1.5: rinjdael: Fix use of SSE2 outside USE_AESNI/ctx->use_aesni
* cipher/rijndael.c (_gcry_aes_cbc_enc, _gcry_aes_cbc_dec): Check if
AES-NI is enabled before calling aesni_prepare() and aesni_cleanup().
--
aesni_cleanup() contains SSE2 instructions that are interpreted as MMX on CPUs
without SSE2 support (Pentium-III, etc). In above functions, aesni_cleanup()
was called outside use_aesni checks. This causes x87 register state to be
poisoned, causing crashes later on when program tries to use floating point
registers.
Add missing '#ifdef USE_AESNI' and 'if (ctx->use_aesni)' for aesni_cleanup()
and, while at it, for aesni_prepare() too.
Reported-by: Mitsutoshi NAKANO <bkbin005@rinku.zaq.ne.jp>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
-rw-r--r-- | cipher/rijndael.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/cipher/rijndael.c b/cipher/rijndael.c index 92fa31d3..98162804 100644 --- a/cipher/rijndael.c +++ b/cipher/rijndael.c @@ -1239,7 +1239,11 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, unsigned char *ivp; int i; - aesni_prepare (); +#ifdef USE_AESNI + if (ctx->use_aesni) + aesni_prepare (); +#endif /*USE_AESNI*/ + for ( ;nblocks; nblocks-- ) { for (ivp=iv, i=0; i < BLOCKSIZE; i++ ) @@ -1263,7 +1267,11 @@ _gcry_aes_cbc_enc (void *context, unsigned char *iv, if (!cbc_mac) outbuf += BLOCKSIZE; } - aesni_cleanup (); + +#ifdef USE_AESNI + if (ctx->use_aesni) + aesni_cleanup (); +#endif /*USE_AESNI*/ _gcry_burn_stack (48 + 2*sizeof(int)); } @@ -1575,7 +1583,11 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, int i; unsigned char savebuf[BLOCKSIZE]; - aesni_prepare (); +#ifdef USE_AESNI + if (ctx->use_aesni) + aesni_prepare (); +#endif /*USE_AESNI*/ + for ( ;nblocks; nblocks-- ) { /* We need to save INBUF away because it may be identical to @@ -1601,7 +1613,11 @@ _gcry_aes_cbc_dec (void *context, unsigned char *iv, inbuf += BLOCKSIZE; outbuf += BLOCKSIZE; } - aesni_cleanup (); + +#ifdef USE_AESNI + if (ctx->use_aesni) + aesni_cleanup (); +#endif /*USE_AESNI*/ _gcry_burn_stack (48 + 2*sizeof(int) + BLOCKSIZE + 4*sizeof (char*)); } |