Commit 75da49bf6b for openssl.org

commit 75da49bf6b3e6a6379805f81d15cdce42da9046c
Author: Sahana Prasad <sahana@redhat.com>
Date:   Mon Feb 9 11:17:30 2026 +0100

    cleanup: Use 32 bits instead of 40 bits to perform AND operation in aes implementation.

    Fixes https://github.com/openssl/openssl/issues/29963

    Signed-off-by: Sahana Prasad <sahana@redhat.com>

    Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
    Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
    Reviewed-by: Richard Levitte <levitte@openssl.org>
    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    MergeDate: Wed Feb 11 07:29:17 2026
    (Merged from https://github.com/openssl/openssl/pull/29964)

diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 1d28327588..7d90f0b4ed 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -190,7 +190,7 @@ static void SubWord(u32 *w)
     a2 = a3;
     a2 ^= (a3 & 0x0C0C0C0Cu) >> 2;
     a4 = a3 & a2;
-    a4 ^= (a4 & 0x0A0A0A0A0Au) >> 1;
+    a4 ^= (a4 & 0x0A0A0A0Au) >> 1;
     a4 ^= (((a3 << 1) & a2) ^ ((a2 << 1) & a3)) & 0x0A0A0A0Au;
     a5 = a4 & 0x08080808u;
     a5 |= a5 >> 1;