From a76f719aac7932da89f2d58a6898e93eeea25ce3 Mon Sep 17 00:00:00 2001 From: Tesfa Mael Date: Wed, 28 Aug 2019 10:42:57 -0700 Subject: [PATCH] Fix review comment --- wolfcrypt/src/aes.c | 10 ++++++---- wolfssl/wolfcrypt/aes.h | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 08b382235..fef2f9c74 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -5123,8 +5123,10 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c, } #ifdef OPENSSL_EXTRA /* store AAD partial tag for next call */ - aes->aadH[0] = (word32)x[0]; - aes->aadH[1] = (word32)x[1]; + aes->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000) >> 32); + aes->aadH[1] = (word32)(x[0] & 0xFFFFFFFF); + aes->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000) >> 32); + aes->aadH[3] = (word32)(x[1] & 0xFFFFFFFF); #endif } @@ -5136,8 +5138,8 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c, #ifdef OPENSSL_EXTRA /* Start from last AAD partial tag */ if(aes->aadLen) { - x[0] = (word64)aes->aadH[0]; - x[1] = (word64)aes->aadH[1]; + x[0] = ((word64)aes->aadH[0]) << 32 | aes->aadH[1]; + x[1] = ((word64)aes->aadH[2]) << 32 | aes->aadH[3]; } #endif while (blocks--) { diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index e59d36348..eeecb0b65 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -146,7 +146,7 @@ typedef struct Aes { #ifdef HAVE_AESGCM ALIGN16 byte H[AES_BLOCK_SIZE]; #ifdef OPENSSL_EXTRA - word32 aadH[2]; /* additional authenticated data GASH */ + word32 aadH[4]; /* additional authenticated data GHASH */ word32 aadLen; /* additional authenticated data len */ #endif