1 files changed, 65 insertions, 1 deletions
diff --git a/src/lib/libcrypto/aes/aes.c b/src/lib/libcrypto/aes/aes.c
index 1c1c61a7a9..50e4ce13cc 100644
--- a/src/lib/libcrypto/aes/aes.c
+++ b/src/lib/libcrypto/aes/aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: aes.c,v 1.7 2025/05/19 04:32:51 jsing Exp $ */
+/* $OpenBSD: aes.c,v 1.8 2025/05/25 06:27:02 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
 *
@@ -52,6 +52,7 @@
 #include <openssl/aes.h>
 #include <openssl/bio.h>
+#include <openssl/crypto.h>
 #include <openssl/modes.h>
 #include "crypto_arch.h"
@@ -202,6 +203,69 @@ aes_ecb_encrypt_internal(const unsigned char *in, unsigned char *out,
        }
 }
+#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
+typedef struct {
+        unsigned long data[N_WORDS];
+} aes_block_t;
+void
+AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
+    const AES_KEY *key, unsigned char *ivec, const int enc)
+{
+        aes_block_t tmp, tmp2;
+        aes_block_t iv;
+        aes_block_t iv2;
+        size_t n;
+        size_t len;
+        /* N.B. The IV for this mode is _twice_ the block size */
+        OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
+        len = length / AES_BLOCK_SIZE;
+        memcpy(iv.data, ivec, AES_BLOCK_SIZE);
+        memcpy(iv2.data, ivec + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+        if (AES_ENCRYPT == enc) {
+                while (len) {
+                        memcpy(tmp.data, in, AES_BLOCK_SIZE);
+                        for (n = 0; n < N_WORDS; ++n)
+                                tmp2.data[n] = tmp.data[n] ^ iv.data[n];
+                        AES_encrypt((unsigned char *)tmp2.data,
+                            (unsigned char *)tmp2.data, key);
+                        for (n = 0; n < N_WORDS; ++n)
+                                tmp2.data[n] ^= iv2.data[n];
+                        memcpy(out, tmp2.data, AES_BLOCK_SIZE);
+                        iv = tmp2;
+                        iv2 = tmp;
+                        --len;
+                        in += AES_BLOCK_SIZE;
+                        out += AES_BLOCK_SIZE;
+                }
+        } else {
+                while (len) {
+                        memcpy(tmp.data, in, AES_BLOCK_SIZE);
+                        tmp2 = tmp;
+                        for (n = 0; n < N_WORDS; ++n)
+                                tmp.data[n] ^= iv2.data[n];
+                        AES_decrypt((unsigned char *)tmp.data,
+                            (unsigned char *)tmp.data, key);
+                        for (n = 0; n < N_WORDS; ++n)
+                                tmp.data[n] ^= iv.data[n];
+                        memcpy(out, tmp.data, AES_BLOCK_SIZE);
+                        iv = tmp2;
+                        iv2 = tmp;
+                        --len;
+                        in += AES_BLOCK_SIZE;
+                        out += AES_BLOCK_SIZE;
+                }
+        }
+        memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+        memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+}
+LCRYPTO_ALIAS(AES_ige_encrypt);
 void
 AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
    const AES_KEY *key, unsigned char *ivec, int *num)

diff --git a/src/lib/libcrypto/aes/aes.c b/src/lib/libcrypto/aes/aes.c index 1c1c61a7a9..50e4ce13cc 100644 --- a/src/lib/libcrypto/aes/aes.c +++ b/src/lib/libcrypto/aes/aes.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: aes.c,v 1.7 2025/05/19 04:32:51 jsing Exp $ */	1	/* $OpenBSD: aes.c,v 1.8 2025/05/25 06:27:02 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -52,6 +52,7 @@
52		52
53	#include <openssl/aes.h>	53	#include <openssl/aes.h>
54	#include <openssl/bio.h>	54	#include <openssl/bio.h>
		55	#include <openssl/crypto.h>
55	#include <openssl/modes.h>	56	#include <openssl/modes.h>
56		57
57	#include "crypto_arch.h"	58	#include "crypto_arch.h"
@@ -202,6 +203,69 @@ aes_ecb_encrypt_internal(const unsigned char in, unsigned char out,
202	}	203	}
203	}	204	}
204		205
		206	#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
		207	typedef struct {
		208	unsigned long data[N_WORDS];
		209	} aes_block_t;
		210
		211	void
		212	AES_ige_encrypt(const unsigned char in, unsigned char out, size_t length,
		213	const AES_KEY key, unsigned char ivec, const int enc)
		214	{
		215	aes_block_t tmp, tmp2;
		216	aes_block_t iv;
		217	aes_block_t iv2;
		218	size_t n;
		219	size_t len;
		220
		221	/* N.B. The IV for this mode is _twice_ the block size */
		222
		223	OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
		224
		225	len = length / AES_BLOCK_SIZE;
		226
		227	memcpy(iv.data, ivec, AES_BLOCK_SIZE);
		228	memcpy(iv2.data, ivec + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
		229
		230	if (AES_ENCRYPT == enc) {
		231	while (len) {
		232	memcpy(tmp.data, in, AES_BLOCK_SIZE);
		233	for (n = 0; n < N_WORDS; ++n)
		234	tmp2.data[n] = tmp.data[n] ^ iv.data[n];
		235	AES_encrypt((unsigned char *)tmp2.data,
		236	(unsigned char *)tmp2.data, key);
		237	for (n = 0; n < N_WORDS; ++n)
		238	tmp2.data[n] ^= iv2.data[n];
		239	memcpy(out, tmp2.data, AES_BLOCK_SIZE);
		240	iv = tmp2;
		241	iv2 = tmp;
		242	--len;
		243	in += AES_BLOCK_SIZE;
		244	out += AES_BLOCK_SIZE;
		245	}
		246	} else {
		247	while (len) {
		248	memcpy(tmp.data, in, AES_BLOCK_SIZE);
		249	tmp2 = tmp;
		250	for (n = 0; n < N_WORDS; ++n)
		251	tmp.data[n] ^= iv2.data[n];
		252	AES_decrypt((unsigned char *)tmp.data,
		253	(unsigned char *)tmp.data, key);
		254	for (n = 0; n < N_WORDS; ++n)
		255	tmp.data[n] ^= iv.data[n];
		256	memcpy(out, tmp.data, AES_BLOCK_SIZE);
		257	iv = tmp2;
		258	iv2 = tmp;
		259	--len;
		260	in += AES_BLOCK_SIZE;
		261	out += AES_BLOCK_SIZE;
		262	}
		263	}
		264	memcpy(ivec, iv.data, AES_BLOCK_SIZE);
		265	memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
		266	}
		267	LCRYPTO_ALIAS(AES_ige_encrypt);
		268
205	void	269	void
206	AES_ofb128_encrypt(const unsigned char in, unsigned char out, size_t length,	270	AES_ofb128_encrypt(const unsigned char in, unsigned char out, size_t length,
207	const AES_KEY key, unsigned char ivec, int *num)	271	const AES_KEY key, unsigned char ivec, int *num)