Improve 386 portability of aes-586.pl.

diff --git a/crypto/aes/asm/aes-586.pl b/crypto/aes/asm/aes-586.pl
index 7b75685025410170315bf13fadcbf4444f6d08eb..8b27e4c65cd429bafe817f5bb5f426263761dfce 100755 (executable)
--- a/crypto/aes/asm/aes-586.pl
+++ b/crypto/aes/asm/aes-586.pl
@@ -117,8 +117,9 @@
 #
 # Version 4.3 implements switch between compact and non-compact block
 # functions in AES_cbc_encrypt depending on how much data was asked
-# to process in one stroke.
+# to be processed in one stroke.
 #
+######################################################################
 # Timing attacks are classified in two classes: synchronous when
 # attacker consciously initiates cryptographic operation and collects
 # timing data of various character afterwards, and asynchronous when
@@ -141,7 +142,7 @@
 # timing. But note that *if* plain-text was concealed in such way that
 # input to block function is distributed *uniformly*, then attack
 # wouldn't apply. Now note that some encryption modes, most notably
-# CBC, do masks the plain-text in this exact way [secure cipher output
+# CBC, do mask the plain-text in this exact way [secure cipher output
 # is distributed uniformly]. Yes, one still might find input that
 # would reveal the information about given key, but if amount of
 # candidate inputs to be tried is larger than amount of possible key
@@ -2459,7 +2460,7 @@ my $mark=&DWP(76+240,"esp");      # copy of aes_key->rounds
        &pushf  ();                     # kludge, never executed
 
     &set_label("slow_enc_tail",16);
-       &emms   ();
+       &emms   ()      if (!$x86only);
        &mov    ($key eq "edi"? $key:"",$s3);   # load out to edi
        &mov    ($s1,16);
        &sub    ($s1,$s2);