Remove AES-NI specific EVP_CIPHER methods for CBC.

These now end up in aesni_cbc_encrypt() via AES_cbc_encrypt(), when appropriate. ok tb@
author: jsing <> 2025-06-16 14:31:52 +0000
committer: jsing <> 2025-06-16 14:31:52 +0000
commit: afbd13e4bca0403aa397477cfc90d5fcf2e9270b (patch)
tree: 9c41c419493ffd475908d01e5361be281969736f /src/lib
parent: aebbc2857d6e27820eb817801ad5e98660e35cea (diff)
download: openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.tar.gz
openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.tar.bz2
openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.zip
1 files changed, 1 insertions, 66 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index a2cf3ed2e4..fcd1dde412 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.72 2025/06/15 15:43:00 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.73 2025/06/16 14:31:52 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -139,8 +139,6 @@ void aesni_decrypt(const unsigned char *in, unsigned char *out,
 void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
    size_t length, const AES_KEY *key, int enc);
-void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
 void aesni_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
    size_t blocks, const void *key, const unsigned char *ivec);
@@ -162,16 +160,6 @@ void aesni_ccm64_decrypt_blocks (const unsigned char *in, unsigned char *out,
    unsigned char cmac[16]);
 static int
-aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-        aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv,
-            ctx->encrypt);
-        return 1;
-}
-static int
 aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
    const unsigned char *in, size_t len)
 {
@@ -512,19 +500,6 @@ aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        return 1;
 }
-#ifdef AESNI_CAPABLE
-static const EVP_CIPHER aesni_128_cbc = {
-        .nid = NID_aes_128_cbc,
-        .block_size = 16,
-        .key_len = 16,
-        .iv_len = 16,
-        .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE,
-        .init = aes_cbc_init_key,
-        .do_cipher = aesni_cbc_cipher,
-        .ctx_size = sizeof(EVP_AES_KEY),
-};
-#endif
 static const EVP_CIPHER aes_128_cbc = {
        .nid = NID_aes_128_cbc,
        .block_size = 16,
@@ -539,11 +514,7 @@ static const EVP_CIPHER aes_128_cbc = {
 const EVP_CIPHER *
 EVP_aes_128_cbc(void)
 {
-#ifdef AESNI_CAPABLE
-        return AESNI_CAPABLE ? &aesni_128_cbc : &aes_128_cbc;
-#else
        return &aes_128_cbc;
-#endif
 }
 LCRYPTO_ALIAS(EVP_aes_128_cbc);
@@ -757,20 +728,6 @@ EVP_aes_128_ctr(void)
 }
 LCRYPTO_ALIAS(EVP_aes_128_ctr);
-#ifdef AESNI_CAPABLE
-static const EVP_CIPHER aesni_192_cbc = {
-        .nid = NID_aes_192_cbc,
-        .block_size = 16,
-        .key_len = 24,
-        .iv_len = 16,
-        .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE,
-        .init = aes_cbc_init_key,
-        .do_cipher = aesni_cbc_cipher,
-        .ctx_size = sizeof(EVP_AES_KEY),
-};
-#endif
 static const EVP_CIPHER aes_192_cbc = {
        .nid = NID_aes_192_cbc,
        .block_size = 16,
@@ -785,11 +742,7 @@ static const EVP_CIPHER aes_192_cbc = {
 const EVP_CIPHER *
 EVP_aes_192_cbc(void)
 {
-#ifdef AESNI_CAPABLE
-        return AESNI_CAPABLE ? &aesni_192_cbc : &aes_192_cbc;
-#else
        return &aes_192_cbc;
-#endif
 }
 LCRYPTO_ALIAS(EVP_aes_192_cbc);
@@ -1003,20 +956,6 @@ EVP_aes_192_ctr(void)
 }
 LCRYPTO_ALIAS(EVP_aes_192_ctr);
-#ifdef AESNI_CAPABLE
-static const EVP_CIPHER aesni_256_cbc = {
-        .nid = NID_aes_256_cbc,
-        .block_size = 16,
-        .key_len = 32,
-        .iv_len = 16,
-        .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE,
-        .init = aes_cbc_init_key,
-        .do_cipher = aesni_cbc_cipher,
-        .ctx_size = sizeof(EVP_AES_KEY),
-};
-#endif
 static const EVP_CIPHER aes_256_cbc = {
        .nid = NID_aes_256_cbc,
        .block_size = 16,
@@ -1031,11 +970,7 @@ static const EVP_CIPHER aes_256_cbc = {
 const EVP_CIPHER *
 EVP_aes_256_cbc(void)
 {
-#ifdef AESNI_CAPABLE
-        return AESNI_CAPABLE ? &aesni_256_cbc : &aes_256_cbc;
-#else
        return &aes_256_cbc;
-#endif
 }
 LCRYPTO_ALIAS(EVP_aes_256_cbc);
author	jsing <>	2025-06-16 14:31:52 +0000
committer	jsing <>	2025-06-16 14:31:52 +0000
commit	afbd13e4bca0403aa397477cfc90d5fcf2e9270b (patch)
tree	9c41c419493ffd475908d01e5361be281969736f /src/lib
parent	aebbc2857d6e27820eb817801ad5e98660e35cea (diff)
download	openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.tar.gz openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.tar.bz2 openbsd-afbd13e4bca0403aa397477cfc90d5fcf2e9270b.zip

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index a2cf3ed2e4..fcd1dde412 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: e_aes.c,v 1.72 2025/06/15 15:43:00 jsing Exp $ */	1	/* $OpenBSD: e_aes.c,v 1.73 2025/06/16 14:31:52 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -139,8 +139,6 @@ void aesni_decrypt(const unsigned char in, unsigned char out,
139		139
140	void aesni_ecb_encrypt(const unsigned char in, unsigned char out,	140	void aesni_ecb_encrypt(const unsigned char in, unsigned char out,
141	size_t length, const AES_KEY *key, int enc);	141	size_t length, const AES_KEY *key, int enc);
142	void aesni_cbc_encrypt(const unsigned char in, unsigned char out,
143	size_t length, const AES_KEY key, unsigned char ivec, int enc);
144		142
145	void aesni_ctr32_encrypt_blocks(const unsigned char in, unsigned char out,	143	void aesni_ctr32_encrypt_blocks(const unsigned char in, unsigned char out,
146	size_t blocks, const void key, const unsigned char ivec);	144	size_t blocks, const void key, const unsigned char ivec);
@@ -162,16 +160,6 @@ void aesni_ccm64_decrypt_blocks (const unsigned char in, unsigned char out,
162	unsigned char cmac[16]);	160	unsigned char cmac[16]);
163		161
164	static int	162	static int
165	aesni_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
166	const unsigned char *in, size_t len)
167	{
168	aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv,
169	ctx->encrypt);
170
171	return 1;
172	}
173
174	static int
175	aesni_cfb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,	163	aesni_cfb_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
176	const unsigned char *in, size_t len)	164	const unsigned char *in, size_t len)
177	{	165	{
@@ -512,19 +500,6 @@ aes_ctr_cipher(EVP_CIPHER_CTX ctx, unsigned char out,
512	return 1;	500	return 1;
513	}	501	}
514		502
515	#ifdef AESNI_CAPABLE
516	static const EVP_CIPHER aesni_128_cbc = {
517	.nid = NID_aes_128_cbc,
518	.block_size = 16,
519	.key_len = 16,
520	.iv_len = 16,
521	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 \| EVP_CIPH_CBC_MODE,
522	.init = aes_cbc_init_key,
523	.do_cipher = aesni_cbc_cipher,
524	.ctx_size = sizeof(EVP_AES_KEY),
525	};
526	#endif
527
528	static const EVP_CIPHER aes_128_cbc = {	503	static const EVP_CIPHER aes_128_cbc = {
529	.nid = NID_aes_128_cbc,	504	.nid = NID_aes_128_cbc,
530	.block_size = 16,	505	.block_size = 16,
@@ -539,11 +514,7 @@ static const EVP_CIPHER aes_128_cbc = {
539	const EVP_CIPHER *	514	const EVP_CIPHER *
540	EVP_aes_128_cbc(void)	515	EVP_aes_128_cbc(void)
541	{	516	{
542	#ifdef AESNI_CAPABLE
543	return AESNI_CAPABLE ? &aesni_128_cbc : &aes_128_cbc;
544	#else
545	return &aes_128_cbc;	517	return &aes_128_cbc;
546	#endif
547	}	518	}
548	LCRYPTO_ALIAS(EVP_aes_128_cbc);	519	LCRYPTO_ALIAS(EVP_aes_128_cbc);
549		520
@@ -757,20 +728,6 @@ EVP_aes_128_ctr(void)
757	}	728	}
758	LCRYPTO_ALIAS(EVP_aes_128_ctr);	729	LCRYPTO_ALIAS(EVP_aes_128_ctr);
759		730
760
761	#ifdef AESNI_CAPABLE
762	static const EVP_CIPHER aesni_192_cbc = {
763	.nid = NID_aes_192_cbc,
764	.block_size = 16,
765	.key_len = 24,
766	.iv_len = 16,
767	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 \| EVP_CIPH_CBC_MODE,
768	.init = aes_cbc_init_key,
769	.do_cipher = aesni_cbc_cipher,
770	.ctx_size = sizeof(EVP_AES_KEY),
771	};
772	#endif
773
774	static const EVP_CIPHER aes_192_cbc = {	731	static const EVP_CIPHER aes_192_cbc = {
775	.nid = NID_aes_192_cbc,	732	.nid = NID_aes_192_cbc,
776	.block_size = 16,	733	.block_size = 16,
@@ -785,11 +742,7 @@ static const EVP_CIPHER aes_192_cbc = {
785	const EVP_CIPHER *	742	const EVP_CIPHER *
786	EVP_aes_192_cbc(void)	743	EVP_aes_192_cbc(void)
787	{	744	{
788	#ifdef AESNI_CAPABLE
789	return AESNI_CAPABLE ? &aesni_192_cbc : &aes_192_cbc;
790	#else
791	return &aes_192_cbc;	745	return &aes_192_cbc;
792	#endif
793	}	746	}
794	LCRYPTO_ALIAS(EVP_aes_192_cbc);	747	LCRYPTO_ALIAS(EVP_aes_192_cbc);
795		748
@@ -1003,20 +956,6 @@ EVP_aes_192_ctr(void)
1003	}	956	}
1004	LCRYPTO_ALIAS(EVP_aes_192_ctr);	957	LCRYPTO_ALIAS(EVP_aes_192_ctr);
1005		958
1006
1007	#ifdef AESNI_CAPABLE
1008	static const EVP_CIPHER aesni_256_cbc = {
1009	.nid = NID_aes_256_cbc,
1010	.block_size = 16,
1011	.key_len = 32,
1012	.iv_len = 16,
1013	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 \| EVP_CIPH_CBC_MODE,
1014	.init = aes_cbc_init_key,
1015	.do_cipher = aesni_cbc_cipher,
1016	.ctx_size = sizeof(EVP_AES_KEY),
1017	};
1018	#endif
1019
1020	static const EVP_CIPHER aes_256_cbc = {	959	static const EVP_CIPHER aes_256_cbc = {
1021	.nid = NID_aes_256_cbc,	960	.nid = NID_aes_256_cbc,
1022	.block_size = 16,	961	.block_size = 16,
@@ -1031,11 +970,7 @@ static const EVP_CIPHER aes_256_cbc = {
1031	const EVP_CIPHER *	970	const EVP_CIPHER *
1032	EVP_aes_256_cbc(void)	971	EVP_aes_256_cbc(void)
1033	{	972	{
1034	#ifdef AESNI_CAPABLE
1035	return AESNI_CAPABLE ? &aesni_256_cbc : &aes_256_cbc;
1036	#else
1037	return &aes_256_cbc;	973	return &aes_256_cbc;
1038	#endif
1039	}	974	}
1040	LCRYPTO_ALIAS(EVP_aes_256_cbc);	975	LCRYPTO_ALIAS(EVP_aes_256_cbc);
1041		976