[openssl-users] CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

Andy Polyakov appro at openssl.org
Fri Dec 11 15:06:43 UTC 2015


>> static inline unsigned int constant_time_msb(unsigned int a) {
>> -    *return 0 - (a >> (sizeof(a) * 8 - 1));*
>> + return (((unsigned)((int)(a) >> (sizeof(int) * 8 - 1))));
>> }
> 
> 
> ... Both versions
> look reasonable to me (ignoring the hardcoded 8 - implying a char is 8
> bits).

Hardcoded 8 is not reference to char C type, but to units in which
sizeof(variable) is measured. For example when we say ILP32 or LP64,
what do we mean and what role does 8 play in the drama?



More information about the openssl-users mailing list