From 75a2ff15f6bc9d6e2e457ead9f7b1b0c9ad5fc6b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 6 Feb 2004 13:06:49 +0100
Subject: [PATCH] (EXPAND): Fixed the rotation part of the data expansion.

Rev: src/nettle/x86/sha1-compress.asm:1.2
---
 x86/sha1-compress.asm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/x86/sha1-compress.asm b/x86/sha1-compress.asm
index 5fbd7a06..2856098d 100644
--- a/x86/sha1-compress.asm
+++ b/x86/sha1-compress.asm
@@ -34,16 +34,18 @@ define(<K3>, <<$>0x8F1BBCDC>)		C  Rounds 40-59
 define(<K4>, <<$>0xCA62C1D6>)		C  Rounds 60-79
 C expand(i) is the expansion function
 C
-C   W[i] = W[i - 16] ^ W[i - 14] ^ W[i - 8] ^ W[i - 3]
+C   W[i] = (W[i - 16] ^ W[i - 14] ^ W[i - 8] ^ W[i - 3]) <<< 1
 C
 C where W[i] is stored in DATA[i & 15].
 C
-C Result is stored back in W[i], and also left in TMP, the only register that is used.
+C Result is stored back in W[i], and also left in TMP, the only
+C register that is used.
 define(<EXPAND>, <
 	movl	eval(4 *        ($1 & 15)) (DATA), TMP
 	xorl	eval(4 * (($1 +  2) & 15)) (DATA), TMP
 	xorl	eval(4 * (($1 +  8) & 15)) (DATA), TMP
 	xorl	eval(4 * (($1 + 13) & 15)) (DATA), TMP
+	roll	<$>1, TMP
 	movl	TMP, eval(4 * ($1 & 15)) (DATA)	
 >)dnl
 define(<NOEXPAND>, <eval(4 * ($1 & 15)) (DATA)>)dnl
-- 
GitLab