external/boringssl: Sync to f21650709a6f76e829ddcc77fe221c9d6a5c12de.

This includes the following changes: https://boringssl.googlesource.com/boringssl/+log/348f0d8db9c2a0eca0503ba654020209c579d552..f21650709a6f76e829ddcc77fe221c9d6a5c12de Test: BoringSSL CTS Presubmits. Change-Id: Ie6e99c3315c552068b5ea57e31b1af7ff94f9b0f
author: Robert Sloan <varomodt@google.com> 2017-08-28 07:37:06 -0700
committer: Robert Sloan <varomodt@google.com> 2017-08-28 07:37:24 -0700
commit: 8f860b133896bf655e4342ecefe692d52df81d48 (patch)
tree: bfe5f02889bb1873876a95ccedb482ea46cb9a37 /src/crypto/fipsmodule/aes/aes.c
parent: 05e49fc79f61f4be37c1bb5bee2931524d1939c6 (diff)
download: boringssl-8f860b133896bf655e4342ecefe692d52df81d48.tar.gz
1 files changed, 61 insertions, 65 deletions
diff --git a/src/crypto/fipsmodule/aes/aes.c b/src/crypto/fipsmodule/aes/aes.c
index c68a5d55..a988b395 100644
--- a/src/crypto/fipsmodule/aes/aes.c
+++ b/src/crypto/fipsmodule/aes/aes.c
@@ -59,16 +59,16 @@
 #if defined(OPENSSL_NO_ASM) || \
     (!defined(OPENSSL_X86) && !defined(OPENSSL_X86_64) && !defined(OPENSSL_ARM))
 
-/* Te0[x] = S [x].[02, 01, 01, 03];
- * Te1[x] = S [x].[03, 02, 01, 01];
- * Te2[x] = S [x].[01, 03, 02, 01];
- * Te3[x] = S [x].[01, 01, 03, 02];
- *
- * Td0[x] = Si[x].[0e, 09, 0d, 0b];
- * Td1[x] = Si[x].[0b, 0e, 09, 0d];
- * Td2[x] = Si[x].[0d, 0b, 0e, 09];
- * Td3[x] = Si[x].[09, 0d, 0b, 0e];
- * Td4[x] = Si[x].[01]; */
+// Te0[x] = S [x].[02, 01, 01, 03];
+// Te1[x] = S [x].[03, 02, 01, 01];
+// Te2[x] = S [x].[01, 03, 02, 01];
+// Te3[x] = S [x].[01, 01, 03, 02];
+//
+// Td0[x] = Si[x].[0e, 09, 0d, 0b];
+// Td1[x] = Si[x].[0b, 0e, 09, 0d];
+// Td2[x] = Si[x].[0d, 0b, 0e, 09];
+// Td3[x] = Si[x].[09, 0d, 0b, 0e];
+// Td4[x] = Si[x].[01];
 
 static const uint32_t Te0[256] = {
     0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, 0xfff2f20dU,
@@ -531,7 +531,7 @@ static const uint8_t Td4[256] = {
 static const uint32_t rcon[] = {
     0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
     0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000,
-    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+    // for 128-bit blocks, Rijndael never uses more than 10 rcon values
 };
 
 int AES_set_encrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
@@ -634,7 +634,7 @@ int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
   int i, j, status;
   uint32_t temp;
 
-  /* first, start with an encryption schedule */
+  // first, start with an encryption schedule
   status = AES_set_encrypt_key(key, bits, aeskey);
   if (status < 0) {
     return status;
@@ -642,7 +642,7 @@ int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
 
   rk = aeskey->rd_key;
 
-  /* invert the order of the round keys: */
+  // invert the order of the round keys:
   for (i = 0, j = 4 * aeskey->rounds; i < j; i += 4, j -= 4) {
     temp = rk[i];
     rk[i] = rk[j];
@@ -657,8 +657,8 @@ int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
     rk[i + 3] = rk[j + 3];
     rk[j + 3] = temp;
   }
-  /* apply the inverse MixColumn transform to all round keys but the first and
-   * the last: */
+  // apply the inverse MixColumn transform to all round keys but the first and
+  // the last:
   for (i = 1; i < (int)aeskey->rounds; i++) {
     rk += 4;
     rk[0] =
@@ -682,19 +682,19 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
   uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
 #ifndef FULL_UNROLL
   int r;
-#endif /* ?FULL_UNROLL */
+#endif  // ?FULL_UNROLL
 
   assert(in && out && key);
   rk = key->rd_key;
 
-  /* map byte array block to cipher state
-   * and add initial round key: */
+  // map byte array block to cipher state
+  // and add initial round key:
   s0 = GETU32(in) ^ rk[0];
   s1 = GETU32(in + 4) ^ rk[1];
   s2 = GETU32(in + 8) ^ rk[2];
   s3 = GETU32(in + 12) ^ rk[3];
 #ifdef FULL_UNROLL
-  /* round 1: */
+  // round 1:
   t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
        Te3[s3 & 0xff] ^ rk[4];
   t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -703,7 +703,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[s1 & 0xff] ^ rk[6];
   t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
        Te3[s2 & 0xff] ^ rk[7];
-  /* round 2: */
+  // round 2:
   s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
        Te3[t3 & 0xff] ^ rk[8];
   s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -712,7 +712,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[t1 & 0xff] ^ rk[10];
   s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
        Te3[t2 & 0xff] ^ rk[11];
-  /* round 3: */
+  // round 3:
   t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
        Te3[s3 & 0xff] ^ rk[12];
   t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -721,7 +721,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[s1 & 0xff] ^ rk[14];
   t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
        Te3[s2 & 0xff] ^ rk[15];
-  /* round 4: */
+  // round 4:
   s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
        Te3[t3 & 0xff] ^ rk[16];
   s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -730,7 +730,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[t1 & 0xff] ^ rk[18];
   s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
        Te3[t2 & 0xff] ^ rk[19];
-  /* round 5: */
+  // round 5:
   t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
        Te3[s3 & 0xff] ^ rk[20];
   t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -739,7 +739,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[s1 & 0xff] ^ rk[22];
   t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
        Te3[s2 & 0xff] ^ rk[23];
-  /* round 6: */
+  // round 6:
   s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
        Te3[t3 & 0xff] ^ rk[24];
   s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -748,7 +748,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[t1 & 0xff] ^ rk[26];
   s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
        Te3[t2 & 0xff] ^ rk[27];
-  /* round 7: */
+  // round 7:
   t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
        Te3[s3 & 0xff] ^ rk[28];
   t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -757,7 +757,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[s1 & 0xff] ^ rk[30];
   t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
        Te3[s2 & 0xff] ^ rk[31];
-  /* round 8: */
+  // round 8:
   s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
        Te3[t3 & 0xff] ^ rk[32];
   s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -766,7 +766,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Te3[t1 & 0xff] ^ rk[34];
   s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
        Te3[t2 & 0xff] ^ rk[35];
-  /* round 9: */
+  // round 9:
   t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
        Te3[s3 & 0xff] ^ rk[36];
   t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -776,7 +776,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
   t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
        Te3[s2 & 0xff] ^ rk[39];
   if (key->rounds > 10) {
-    /* round 10: */
+    // round 10:
     s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
          Te3[t3 & 0xff] ^ rk[40];
     s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -785,7 +785,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
          Te3[t1 & 0xff] ^ rk[42];
     s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
          Te3[t2 & 0xff] ^ rk[43];
-    /* round 11: */
+    // round 11:
     t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
          Te3[s3 & 0xff] ^ rk[44];
     t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -795,7 +795,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^
          Te3[s2 & 0xff] ^ rk[47];
     if (key->rounds > 12) {
-      /* round 12: */
+      // round 12:
       s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^
            Te3[t3 & 0xff] ^ rk[48];
       s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^
@@ -804,7 +804,7 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
            Te3[t1 & 0xff] ^ rk[50];
       s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
            Te3[t2 & 0xff] ^ rk[51];
-      /* round 13: */
+      // round 13:
       t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
            Te3[s3 & 0xff] ^ rk[52];
       t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^
@@ -816,10 +816,8 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     }
   }
   rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-  /*
-   * Nr - 1 full rounds:
-   */
+#else  // !FULL_UNROLL
+  // Nr - 1 full rounds:
   r = key->rounds >> 1;
   for (;;) {
     t0 = Te0[(s0 >> 24)] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^
@@ -845,8 +843,8 @@ void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     s3 = Te0[(t3 >> 24)] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^
          Te3[(t2) & 0xff] ^ rk[3];
   }
-#endif /* ?FULL_UNROLL */
-  /*  apply last round and map cipher state to byte array block: */
+#endif  // ?FULL_UNROLL
+  //  apply last round and map cipher state to byte array block:
   s0 = (Te2[(t0 >> 24)] & 0xff000000) ^ (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
        (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ (Te1[(t3) & 0xff] & 0x000000ff) ^
        rk[0];
@@ -870,19 +868,19 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
   uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
 #ifndef FULL_UNROLL
   int r;
-#endif /* ?FULL_UNROLL */
+#endif  // ?FULL_UNROLL
 
   assert(in && out && key);
   rk = key->rd_key;
 
-  /* map byte array block to cipher state
-   * and add initial round key: */
+  // map byte array block to cipher state
+  // and add initial round key:
   s0 = GETU32(in) ^ rk[0];
   s1 = GETU32(in + 4) ^ rk[1];
   s2 = GETU32(in + 8) ^ rk[2];
   s3 = GETU32(in + 12) ^ rk[3];
 #ifdef FULL_UNROLL
-  /* round 1: */
+  // round 1:
   t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
        Td3[s1 & 0xff] ^ rk[4];
   t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -891,7 +889,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[s3 & 0xff] ^ rk[6];
   t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
        Td3[s0 & 0xff] ^ rk[7];
-  /* round 2: */
+  // round 2:
   s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
        Td3[t1 & 0xff] ^ rk[8];
   s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -900,7 +898,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[t3 & 0xff] ^ rk[10];
   s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
        Td3[t0 & 0xff] ^ rk[11];
-  /* round 3: */
+  // round 3:
   t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
        Td3[s1 & 0xff] ^ rk[12];
   t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -909,7 +907,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[s3 & 0xff] ^ rk[14];
   t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
        Td3[s0 & 0xff] ^ rk[15];
-  /* round 4: */
+  // round 4:
   s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
        Td3[t1 & 0xff] ^ rk[16];
   s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -918,7 +916,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[t3 & 0xff] ^ rk[18];
   s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
        Td3[t0 & 0xff] ^ rk[19];
-  /* round 5: */
+  // round 5:
   t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
        Td3[s1 & 0xff] ^ rk[20];
   t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -927,7 +925,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[s3 & 0xff] ^ rk[22];
   t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
        Td3[s0 & 0xff] ^ rk[23];
-  /* round 6: */
+  // round 6:
   s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
        Td3[t1 & 0xff] ^ rk[24];
   s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -936,7 +934,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[t3 & 0xff] ^ rk[26];
   s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
        Td3[t0 & 0xff] ^ rk[27];
-  /* round 7: */
+  // round 7:
   t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
        Td3[s1 & 0xff] ^ rk[28];
   t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -945,7 +943,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[s3 & 0xff] ^ rk[30];
   t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
        Td3[s0 & 0xff] ^ rk[31];
-  /* round 8: */
+  // round 8:
   s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
        Td3[t1 & 0xff] ^ rk[32];
   s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -954,7 +952,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
        Td3[t3 & 0xff] ^ rk[34];
   s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
        Td3[t0 & 0xff] ^ rk[35];
-  /* round 9: */
+  // round 9:
   t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
        Td3[s1 & 0xff] ^ rk[36];
   t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -964,7 +962,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
   t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
        Td3[s0 & 0xff] ^ rk[39];
   if (key->rounds > 10) {
-    /* round 10: */
+    // round 10:
     s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
          Td3[t1 & 0xff] ^ rk[40];
     s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -973,7 +971,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
          Td3[t3 & 0xff] ^ rk[42];
     s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
          Td3[t0 & 0xff] ^ rk[43];
-    /* round 11: */
+    // round 11:
     t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
          Td3[s1 & 0xff] ^ rk[44];
     t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -983,7 +981,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^
          Td3[s0 & 0xff] ^ rk[47];
     if (key->rounds > 12) {
-      /* round 12: */
+      // round 12:
       s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^
            Td3[t1 & 0xff] ^ rk[48];
       s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^
@@ -992,7 +990,7 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
            Td3[t3 & 0xff] ^ rk[50];
       s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
            Td3[t0 & 0xff] ^ rk[51];
-      /* round 13: */
+      // round 13:
       t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
            Td3[s1 & 0xff] ^ rk[52];
       t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^
@@ -1004,10 +1002,8 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     }
   }
   rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-  /*
-   * Nr - 1 full rounds:
-   */
+#else  // !FULL_UNROLL
+  // Nr - 1 full rounds:
   r = key->rounds >> 1;
   for (;;) {
     t0 = Td0[(s0 >> 24)] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^
@@ -1033,9 +1029,9 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
     s3 = Td0[(t3 >> 24)] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^
          Td3[(t0) & 0xff] ^ rk[3];
   }
-#endif /* ?FULL_UNROLL */
-  /* apply last round and
-   * map cipher state to byte array block: */
+#endif  // ?FULL_UNROLL
+  // apply last round and
+  // map cipher state to byte array block:
   s0 = ((uint32_t)Td4[(t0 >> 24)] << 24) ^
        ((uint32_t)Td4[(t3 >> 16) & 0xff] << 16) ^
        ((uint32_t)Td4[(t2 >> 8) & 0xff] << 8) ^
@@ -1060,10 +1056,10 @@ void AES_decrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
 
 #else
 
-/* In this case several functions are provided by asm code. However, one cannot
- * control asm symbol visibility with command line flags and such so they are
- * always hidden and wrapped by these C functions, which can be so
- * controlled. */
+// In this case several functions are provided by asm code. However, one cannot
+// control asm symbol visibility with command line flags and such so they are
+// always hidden and wrapped by these C functions, which can be so
+// controlled.
 
 void asm_AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key);
 void AES_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key) {
@@ -1101,4 +1097,4 @@ int AES_set_decrypt_key(const uint8_t *key, unsigned bits, AES_KEY *aeskey) {
   }
 }
 
-#endif  /* OPENSSL_NO_ASM || (!OPENSSL_X86 && !OPENSSL_X86_64 && !OPENSSL_ARM) */
+#endif  // OPENSSL_NO_ASM || (!OPENSSL_X86 && !OPENSSL_X86_64 && !OPENSSL_ARM)
author	Robert Sloan <varomodt@google.com>	2017-08-28 07:37:06 -0700
committer	Robert Sloan <varomodt@google.com>	2017-08-28 07:37:24 -0700
commit	8f860b133896bf655e4342ecefe692d52df81d48 (patch)
tree	bfe5f02889bb1873876a95ccedb482ea46cb9a37 /src/crypto/fipsmodule/aes/aes.c
parent	05e49fc79f61f4be37c1bb5bee2931524d1939c6 (diff)
download	boringssl-8f860b133896bf655e4342ecefe692d52df81d48.tar.gz