1 files changed, 201 insertions, 0 deletions
diff --git a/src/lib/libcrypto/aes/aes_i386.c b/src/lib/libcrypto/aes/aes_i386.c
new file mode 100644
index 0000000000..85a14454da
--- /dev/null
+++ b/src/lib/libcrypto/aes/aes_i386.c
@@ -0,0 +1,201 @@
+/* $OpenBSD: aes_i386.c,v 1.5 2025/07/22 09:13:49 jsing Exp $ */
+/*
+ * Copyright (c) 2025 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <openssl/aes.h>
+#include "crypto_arch.h"
+#include "modes_local.h"
+int aes_set_encrypt_key_generic(const unsigned char *userKey, const int bits,
+    AES_KEY *key);
+int aes_set_decrypt_key_generic(const unsigned char *userKey, const int bits,
+    AES_KEY *key);
+void aes_encrypt_generic(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key);
+void aes_decrypt_generic(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key);
+void aes_cbc_encrypt_generic(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key, unsigned char *ivec, const int enc);
+void aes_ccm64_encrypt_generic(const unsigned char *in, unsigned char *out,
+    size_t blocks, const void *key, const unsigned char ivec[16],
+    unsigned char cmac[16], int encrypt);
+void aes_ctr32_encrypt_generic(const unsigned char *in, unsigned char *out,
+    size_t blocks, const AES_KEY *key, const unsigned char ivec[AES_BLOCK_SIZE]);
+void aes_xts_encrypt_generic(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key1, const AES_KEY *key2,
+    const unsigned char iv[16], int encrypt);
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+    AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+    AES_KEY *key);
+void aesni_encrypt(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key);
+void aesni_decrypt(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key);
+void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key, unsigned char *ivec, const int enc);
+void aesni_ccm64_encrypt_blocks(const unsigned char *in, unsigned char *out,
+    size_t blocks, const void *key, const unsigned char ivec[16],
+    unsigned char cmac[16]);
+void aesni_ccm64_decrypt_blocks(const unsigned char *in, unsigned char *out,
+    size_t blocks, const void *key, const unsigned char ivec[16],
+    unsigned char cmac[16]);
+void aesni_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+    size_t blocks, const void *key, const unsigned char *ivec);
+void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
+    size_t length, const AES_KEY *key, int enc);
+void aesni_xts_encrypt(const unsigned char *in, unsigned char *out,
+    size_t length, const AES_KEY *key1, const AES_KEY *key2,
+    const unsigned char iv[16]);
+void aesni_xts_decrypt(const unsigned char *in, unsigned char *out,
+    size_t length, const AES_KEY *key1, const AES_KEY *key2,
+    const unsigned char iv[16]);
+int
+aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0)
+                return aesni_set_encrypt_key(userKey, bits, key);
+        return aes_set_encrypt_key_generic(userKey, bits, key);
+}
+int
+aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0)
+                return aesni_set_decrypt_key(userKey, bits, key);
+        return aes_set_decrypt_key_generic(userKey, bits, key);
+}
+void
+aes_encrypt_internal(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                aesni_encrypt(in, out, key);
+                return;
+        }
+        aes_encrypt_generic(in, out, key);
+}
+void
+aes_decrypt_internal(const unsigned char *in, unsigned char *out,
+    const AES_KEY *key)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                aesni_decrypt(in, out, key);
+                return;
+        }
+        aes_decrypt_generic(in, out, key);
+}
+void
+aes_cbc_encrypt_internal(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key, unsigned char *ivec, const int enc)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                aesni_cbc_encrypt(in, out, len, key, ivec, enc);
+                return;
+        }
+        aes_cbc_encrypt_generic(in, out, len, key, ivec, enc);
+}
+void
+aes_ccm64_encrypt_internal(const unsigned char *in, unsigned char *out,
+    size_t blocks, const void *key, const unsigned char ivec[16],
+    unsigned char cmac[16], int encrypt)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                if (encrypt)
+                        aesni_ccm64_encrypt_blocks(in, out, blocks, key, ivec, cmac);
+                else
+                        aesni_ccm64_decrypt_blocks(in, out, blocks, key, ivec, cmac);
+                return;
+        }
+        aes_ccm64_encrypt_generic(in, out, blocks, key, ivec, cmac, encrypt);
+}
+void
+aes_ctr32_encrypt_internal(const unsigned char *in, unsigned char *out,
+    size_t blocks, const AES_KEY *key, const unsigned char ivec[AES_BLOCK_SIZE])
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                aesni_ctr32_encrypt_blocks(in, out, blocks, key, ivec);
+                return;
+        }
+        aes_ctr32_encrypt_generic(in, out, blocks, key, ivec);
+}
+void
+aes_ecb_encrypt_internal(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key, int encrypt)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                aesni_ecb_encrypt(in, out, len, key, encrypt);
+                return;
+        }
+        while (len >= AES_BLOCK_SIZE) {
+                if (encrypt)
+                        aes_encrypt_generic(in, out, key);
+                else
+                        aes_decrypt_generic(in, out, key);
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+                len -= AES_BLOCK_SIZE;
+        }
+}
+void
+aes_xts_encrypt_internal(const unsigned char *in, unsigned char *out,
+    size_t len, const AES_KEY *key1, const AES_KEY *key2,
+    const unsigned char iv[16], int encrypt)
+{
+        if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
+                if (encrypt)
+                        aesni_xts_encrypt(in, out, len, key1, key2, iv);
+                else
+                        aesni_xts_decrypt(in, out, len, key1, key2, iv);
+                return;
+        }
+        aes_xts_encrypt_generic(in, out, len, key1, key2, iv, encrypt);
+}

diff --git a/src/lib/libcrypto/aes/aes_i386.c b/src/lib/libcrypto/aes/aes_i386.c new file mode 100644 index 0000000000..85a14454da --- /dev/null +++ b/src/lib/libcrypto/aes/aes_i386.c
@@ -0,0 +1,201 @@
	1	/* $OpenBSD: aes_i386.c,v 1.5 2025/07/22 09:13:49 jsing Exp $ */
	2	/*
	3	* Copyright (c) 2025 Joel Sing <jsing@openbsd.org>
	4	*
	5	* Permission to use, copy, modify, and distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
	18	#include <openssl/aes.h>
	19
	20	#include "crypto_arch.h"
	21	#include "modes_local.h"
	22
	23	int aes_set_encrypt_key_generic(const unsigned char *userKey, const int bits,
	24	AES_KEY *key);
	25	int aes_set_decrypt_key_generic(const unsigned char *userKey, const int bits,
	26	AES_KEY *key);
	27
	28	void aes_encrypt_generic(const unsigned char in, unsigned char out,
	29	const AES_KEY *key);
	30	void aes_decrypt_generic(const unsigned char in, unsigned char out,
	31	const AES_KEY *key);
	32
	33	void aes_cbc_encrypt_generic(const unsigned char in, unsigned char out,
	34	size_t len, const AES_KEY key, unsigned char ivec, const int enc);
	35
	36	void aes_ccm64_encrypt_generic(const unsigned char in, unsigned char out,
	37	size_t blocks, const void *key, const unsigned char ivec[16],
	38	unsigned char cmac[16], int encrypt);
	39
	40	void aes_ctr32_encrypt_generic(const unsigned char in, unsigned char out,
	41	size_t blocks, const AES_KEY *key, const unsigned char ivec[AES_BLOCK_SIZE]);
	42
	43	void aes_xts_encrypt_generic(const unsigned char in, unsigned char out,
	44	size_t len, const AES_KEY key1, const AES_KEY key2,
	45	const unsigned char iv[16], int encrypt);
	46
	47	int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
	48	AES_KEY *key);
	49	int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
	50	AES_KEY *key);
	51
	52	void aesni_encrypt(const unsigned char in, unsigned char out,
	53	const AES_KEY *key);
	54	void aesni_decrypt(const unsigned char in, unsigned char out,
	55	const AES_KEY *key);
	56
	57	void aesni_cbc_encrypt(const unsigned char in, unsigned char out,
	58	size_t len, const AES_KEY key, unsigned char ivec, const int enc);
	59
	60	void aesni_ccm64_encrypt_blocks(const unsigned char in, unsigned char out,
	61	size_t blocks, const void *key, const unsigned char ivec[16],
	62	unsigned char cmac[16]);
	63
	64	void aesni_ccm64_decrypt_blocks(const unsigned char in, unsigned char out,
	65	size_t blocks, const void *key, const unsigned char ivec[16],
	66	unsigned char cmac[16]);
	67
	68	void aesni_ctr32_encrypt_blocks(const unsigned char in, unsigned char out,
	69	size_t blocks, const void key, const unsigned char ivec);
	70
	71	void aesni_ecb_encrypt(const unsigned char in, unsigned char out,
	72	size_t length, const AES_KEY *key, int enc);
	73
	74	void aesni_xts_encrypt(const unsigned char in, unsigned char out,
	75	size_t length, const AES_KEY key1, const AES_KEY key2,
	76	const unsigned char iv[16]);
	77
	78	void aesni_xts_decrypt(const unsigned char in, unsigned char out,
	79	size_t length, const AES_KEY key1, const AES_KEY key2,
	80	const unsigned char iv[16]);
	81
	82	int
	83	aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
	84	AES_KEY *key)
	85	{
	86	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0)
	87	return aesni_set_encrypt_key(userKey, bits, key);
	88
	89	return aes_set_encrypt_key_generic(userKey, bits, key);
	90	}
	91
	92	int
	93	aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
	94	AES_KEY *key)
	95	{
	96	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0)
	97	return aesni_set_decrypt_key(userKey, bits, key);
	98
	99	return aes_set_decrypt_key_generic(userKey, bits, key);
	100	}
	101
	102	void
	103	aes_encrypt_internal(const unsigned char in, unsigned char out,
	104	const AES_KEY *key)
	105	{
	106	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	107	aesni_encrypt(in, out, key);
	108	return;
	109	}
	110
	111	aes_encrypt_generic(in, out, key);
	112	}
	113
	114	void
	115	aes_decrypt_internal(const unsigned char in, unsigned char out,
	116	const AES_KEY *key)
	117	{
	118	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	119	aesni_decrypt(in, out, key);
	120	return;
	121	}
	122
	123	aes_decrypt_generic(in, out, key);
	124	}
	125
	126	void
	127	aes_cbc_encrypt_internal(const unsigned char in, unsigned char out,
	128	size_t len, const AES_KEY key, unsigned char ivec, const int enc)
	129	{
	130	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	131	aesni_cbc_encrypt(in, out, len, key, ivec, enc);
	132	return;
	133	}
	134
	135	aes_cbc_encrypt_generic(in, out, len, key, ivec, enc);
	136	}
	137
	138	void
	139	aes_ccm64_encrypt_internal(const unsigned char in, unsigned char out,
	140	size_t blocks, const void *key, const unsigned char ivec[16],
	141	unsigned char cmac[16], int encrypt)
	142	{
	143	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	144	if (encrypt)
	145	aesni_ccm64_encrypt_blocks(in, out, blocks, key, ivec, cmac);
	146	else
	147	aesni_ccm64_decrypt_blocks(in, out, blocks, key, ivec, cmac);
	148	return;
	149	}
	150
	151	aes_ccm64_encrypt_generic(in, out, blocks, key, ivec, cmac, encrypt);
	152	}
	153
	154	void
	155	aes_ctr32_encrypt_internal(const unsigned char in, unsigned char out,
	156	size_t blocks, const AES_KEY *key, const unsigned char ivec[AES_BLOCK_SIZE])
	157	{
	158	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	159	aesni_ctr32_encrypt_blocks(in, out, blocks, key, ivec);
	160	return;
	161	}
	162
	163	aes_ctr32_encrypt_generic(in, out, blocks, key, ivec);
	164	}
	165
	166	void
	167	aes_ecb_encrypt_internal(const unsigned char in, unsigned char out,
	168	size_t len, const AES_KEY *key, int encrypt)
	169	{
	170	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	171	aesni_ecb_encrypt(in, out, len, key, encrypt);
	172	return;
	173	}
	174
	175	while (len >= AES_BLOCK_SIZE) {
	176	if (encrypt)
	177	aes_encrypt_generic(in, out, key);
	178	else
	179	aes_decrypt_generic(in, out, key);
	180
	181	in += AES_BLOCK_SIZE;
	182	out += AES_BLOCK_SIZE;
	183	len -= AES_BLOCK_SIZE;
	184	}
	185	}
	186
	187	void
	188	aes_xts_encrypt_internal(const unsigned char in, unsigned char out,
	189	size_t len, const AES_KEY key1, const AES_KEY key2,
	190	const unsigned char iv[16], int encrypt)
	191	{
	192	if ((crypto_cpu_caps_i386 & CRYPTO_CPU_CAPS_I386_AES) != 0) {
	193	if (encrypt)
	194	aesni_xts_encrypt(in, out, len, key1, key2, iv);
	195	else
	196	aesni_xts_decrypt(in, out, len, key1, key2, iv);
	197	return;
	198	}
	199
	200	aes_xts_encrypt_generic(in, out, len, key1, key2, iv, encrypt);
	201	}