From: Sahana Prasad <sahana@redhat.com>
Date: Mon, 9 Feb 2026 10:17:30 +0000 (+0100)
Subject: cleanup: Use 32 bits instead of 40 bits to perform AND operation in aes implementation.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=75da49bf6b3e6a6379805f81d15cdce42da9046c;p=thirdparty%2Fopenssl.git

cleanup: Use 32 bits instead of 40 bits to perform AND operation in aes implementation.

Fixes https://github.com/openssl/openssl/issues/29963

Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Wed Feb 11 07:29:17 2026
(Merged from https://github.com/openssl/openssl/pull/29964)
---

diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 1d283275882..7d90f0b4ed2 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -190,7 +190,7 @@ static void SubWord(u32 *w)
     a2 = a3;
     a2 ^= (a3 & 0x0C0C0C0Cu) >> 2;
     a4 = a3 & a2;
-    a4 ^= (a4 & 0x0A0A0A0A0Au) >> 1;
+    a4 ^= (a4 & 0x0A0A0A0Au) >> 1;
     a4 ^= (((a3 << 1) & a2) ^ ((a2 << 1) & a3)) & 0x0A0A0A0Au;
     a5 = a4 & 0x08080808u;
     a5 |= a5 >> 1;