Move AES-NI from EVP to AES for CTR mode.

The mode implementation for CTR has two variants - one takes the block function, while the other takes a "ctr32" function. The latter is expected to handle the lower 32 bits of the IV/counter, but is not expected to handle overflow. The AES-NI implementation for CTR currently uses the second variant. Provide aes_ctr32_encrypt_internal() as a function that can be replaced on a machine dependent basis, along with an aes_ctr32_encrypt_generic() function that provides the default implementation and can be used as a fallback. Wire up the AES-NI version for amd64 and i386, change AES_ctr128_encrypt() to use CRYPTO_ctr128_encrypt_ctr32() (which calls aes_ctr32_encrypt_internal()) and remove the various AES-NI specific EVP_CIPHER methods for CTR. Callers of AES_ctr128_encrypt() will now use AES-NI, if available. ok tb@
author: jsing <> 2025-06-27 17:10:45 +0000
committer: jsing <> 2025-06-27 17:10:45 +0000
commit: abb03e21a8d0fc7f97a871f5aee5a8084176540f (patch)
tree: 8acdb3ab7caf1e6f49b7bf3d7e6a066ca52920a2 /src/lib/libcrypto/arch
parent: c5c4895f860c5e071b09ef5f94bcfae0a51b148e (diff)
download: openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.tar.gz
openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.tar.bz2
openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.zip
2 files changed, 6 insertions, 4 deletions
diff --git a/src/lib/libcrypto/arch/amd64/crypto_arch.h b/src/lib/libcrypto/arch/amd64/crypto_arch.h
index da1a22e003..9eb99229d1 100644
--- a/src/lib/libcrypto/arch/amd64/crypto_arch.h
+++ b/src/lib/libcrypto/arch/amd64/crypto_arch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: crypto_arch.h,v 1.6 2025/06/15 14:16:11 jsing Exp $ */
+/*      $OpenBSD: crypto_arch.h,v 1.7 2025/06/27 17:10:45 jsing Exp $ */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -32,11 +32,12 @@ extern uint64_t crypto_cpu_caps_amd64;
 #ifndef OPENSSL_NO_ASM
-#define HAVE_AES_CBC_ENCRYPT_INTERNAL
 #define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL
 #define HAVE_AES_SET_DECRYPT_KEY_INTERNAL
 #define HAVE_AES_ENCRYPT_INTERNAL
 #define HAVE_AES_DECRYPT_INTERNAL
+#define HAVE_AES_CBC_ENCRYPT_INTERNAL
+#define HAVE_AES_CTR32_ENCRYPT_INTERNAL
 #define HAVE_RC4_INTERNAL
 #define HAVE_RC4_SET_KEY_INTERNAL
diff --git a/src/lib/libcrypto/arch/i386/crypto_arch.h b/src/lib/libcrypto/arch/i386/crypto_arch.h
index a693bd20d8..e03e6cd765 100644
--- a/src/lib/libcrypto/arch/i386/crypto_arch.h
+++ b/src/lib/libcrypto/arch/i386/crypto_arch.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: crypto_arch.h,v 1.5 2025/06/15 14:18:31 jsing Exp $ */
+/*      $OpenBSD: crypto_arch.h,v 1.6 2025/06/27 17:10:45 jsing Exp $ */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -31,11 +31,12 @@ extern uint64_t crypto_cpu_caps_i386;
 #ifndef OPENSSL_NO_ASM
-#define HAVE_AES_CBC_ENCRYPT_INTERNAL
 #define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL
 #define HAVE_AES_SET_DECRYPT_KEY_INTERNAL
 #define HAVE_AES_ENCRYPT_INTERNAL
 #define HAVE_AES_DECRYPT_INTERNAL
+#define HAVE_AES_CBC_ENCRYPT_INTERNAL
+#define HAVE_AES_CTR32_ENCRYPT_INTERNAL
 #define HAVE_RC4_INTERNAL
 #define HAVE_RC4_SET_KEY_INTERNAL
author	jsing <>	2025-06-27 17:10:45 +0000
committer	jsing <>	2025-06-27 17:10:45 +0000
commit	abb03e21a8d0fc7f97a871f5aee5a8084176540f (patch)
tree	8acdb3ab7caf1e6f49b7bf3d7e6a066ca52920a2 /src/lib/libcrypto/arch
parent	c5c4895f860c5e071b09ef5f94bcfae0a51b148e (diff)
download	openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.tar.gz openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.tar.bz2 openbsd-abb03e21a8d0fc7f97a871f5aee5a8084176540f.zip