[openssl-dev] [openssl.org #4532] Replacing the “div_spoiler” hack in CBC code with Barrett reduction.
Adam Langley via RT
rt at openssl.org
Wed May 4 17:36:20 UTC 2016
(This is a pointer to a pull request:
https://github.com/openssl/openssl/pull/1027)
The “div_spoiler” was designed to always trigger the slow path division
on Intel chips and be sufficiently obfuscated to stop the compiler
optimising it away. It was always a huge hack but I didn't know the
correct solution at the time.
Replace that hack with Barrett reduction, which solves the problem
without using division in the first place.
This change has been running in BoringSSL for some time without
issues.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4532
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list