Improve bit counter handling in MD5.

Like most hashes, MD5 needs to keep count of the number of bits in the
message being processed. However, rather than using a 64 bit counter this
is implemented using two 32 bit values (which is exposed in the public
API). Even with this hurdle, we can still use 64 bit math and let the
compiler figure out how to best handle the situation (hopefully avoiding
compiler warnings on 16 bit platforms in the process!). On amd64 this code
now requires two instructions, instead of the previous five.

While here remove a comment that is excessively visible and no longer
completely accurate (and if you're going to redefine types like MD5_WORD
you kinda need to know what you're doing).

ok tb@ (who's going to miss the dear diary style comments)

1 files changed, 11 insertions, 1 deletions

diff --git a/src/lib/libcrypto/crypto_internal.h b/src/lib/libcrypto/crypto_internal.h
index c5de5b7b51..09ae7fa466 100644
--- a/src/lib/libcrypto/crypto_internal.h
+++ b/src/lib/libcrypto/crypto_internal.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: crypto_internal.h,v 1.14 2024/11/08 14:05:43 jsing Exp $ */
+/*      $OpenBSD: crypto_internal.h,v 1.15 2025/01/19 07:51:41 jsing Exp $ */
 /*
  * Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
  *
@@ -256,6 +256,16 @@ crypto_store_htole32(uint8_t *dst, uint32_t v)
 }
 #endif
 
+#ifndef HAVE_CRYPTO_ADD_U32DW_U64
+static inline void
+crypto_add_u32dw_u64(uint32_t *h, uint32_t *l, uint64_t v)
+{
+        v += ((uint64_t)*h << 32) | *l;
+        *h = v >> 32;
+        *l = v;
+}
+#endif
+
 #ifndef HAVE_CRYPTO_ROL_U32
 static inline uint32_t
 crypto_rol_u32(uint32_t v, size_t shift)