1 files changed, 13 insertions, 57 deletions
diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c
index b989915c4a..b6874296e0 100644
--- a/src/lib/libcrypto/modes/gcm128.c
+++ b/src/lib/libcrypto/modes/gcm128.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gcm128.c,v 1.53 2025/06/28 12:32:27 jsing Exp $ */
+/* $OpenBSD: gcm128.c,v 1.54 2025/06/28 12:39:10 jsing Exp $ */
 /* ====================================================================
 * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
 *
@@ -55,7 +55,7 @@
 #include "crypto_internal.h"
 #include "modes_local.h"
-static void
+void
 gcm_init_4bit(u128 Htable[16], uint64_t H[2])
 {
        u128 V;
@@ -196,35 +196,17 @@ gcm_ghash(GCM128_CONTEXT *ctx, const uint8_t *in, size_t len)
        ctx->ghash(ctx->Xi.u, ctx->Htable, in, len);
 }
-#if     defined(GHASH_ASM) &&                                           \
+#ifdef HAVE_GCM128_INIT
-        (defined(__i386)        || defined(__i386__)    ||              \
+void gcm128_init(GCM128_CONTEXT *ctx);
-         defined(__x86_64)      || defined(__x86_64__)  ||              \
-         defined(_M_IX86)       || defined(_M_AMD64)    || defined(_M_X64))
-#include "x86_arch.h"
-#endif
-#if     defined(GHASH_ASM)
-# if    (defined(__i386)        || defined(__i386__)    ||              \
-         defined(__x86_64)      || defined(__x86_64__)  ||              \
-         defined(_M_IX86)       || defined(_M_AMD64)    || defined(_M_X64))
-#  define GHASH_ASM_X86_OR_64
-void gcm_init_clmul(u128 Htable[16], const uint64_t Xi[2]);
+#else
-void gcm_gmult_clmul(uint64_t Xi[2], const u128 Htable[16]);
+static void
-void gcm_ghash_clmul(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
+gcm128_init(GCM128_CONTEXT *ctx)
-    size_t len);
+{
+        gcm_init_4bit(ctx->Htable, ctx->H.u);
-#  if   defined(__i386) || defined(__i386__) || defined(_M_IX86)
+        ctx->gmult = gcm_gmult_4bit;
-#   define GHASH_ASM_X86
+        ctx->ghash = gcm_ghash_4bit;
-void gcm_gmult_4bit_mmx(uint64_t Xi[2], const u128 Htable[16]);
+}
-void gcm_ghash_4bit_mmx(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
-    size_t len);
-void gcm_gmult_4bit_x86(uint64_t Xi[2], const u128 Htable[16]);
-void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
-    size_t len);
-#  endif
-# endif
 #endif
 void
@@ -240,33 +222,7 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
        ctx->H.u[0] = be64toh(ctx->H.u[0]);
        ctx->H.u[1] = be64toh(ctx->H.u[1]);
-# if    defined(GHASH_ASM_X86_OR_64)
+        gcm128_init(ctx);
-        /* check FXSR and PCLMULQDQ bits */
-        if ((crypto_cpu_caps_ia32() & (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) ==
-            (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) {
-                gcm_init_clmul(ctx->Htable, ctx->H.u);
-                ctx->gmult = gcm_gmult_clmul;
-                ctx->ghash = gcm_ghash_clmul;
-                return;
-        }
-        gcm_init_4bit(ctx->Htable, ctx->H.u);
-#  if   defined(GHASH_ASM_X86)                  /* x86 only */
-        if (crypto_cpu_caps_ia32() & CPUCAP_MASK_MMX) { /* check MMX bit */
-                ctx->gmult = gcm_gmult_4bit_mmx;
-                ctx->ghash = gcm_ghash_4bit_mmx;
-        } else {
-                ctx->gmult = gcm_gmult_4bit_x86;
-                ctx->ghash = gcm_ghash_4bit_x86;
-        }
-#  else
-        ctx->gmult = gcm_gmult_4bit;
-        ctx->ghash = gcm_ghash_4bit;
-#  endif
-# else
-        gcm_init_4bit(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_4bit;
-        ctx->ghash = gcm_ghash_4bit;
-# endif
 }
 LCRYPTO_ALIAS(CRYPTO_gcm128_init);

diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c index b989915c4a..b6874296e0 100644 --- a/src/lib/libcrypto/modes/gcm128.c +++ b/src/lib/libcrypto/modes/gcm128.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gcm128.c,v 1.53 2025/06/28 12:32:27 jsing Exp $ */	1	/* $OpenBSD: gcm128.c,v 1.54 2025/06/28 12:39:10 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2010 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -55,7 +55,7 @@
55	#include "crypto_internal.h"	55	#include "crypto_internal.h"
56	#include "modes_local.h"	56	#include "modes_local.h"
57		57
58	static void	58	void
59	gcm_init_4bit(u128 Htable[16], uint64_t H[2])	59	gcm_init_4bit(u128 Htable[16], uint64_t H[2])
60	{	60	{
61	u128 V;	61	u128 V;
@@ -196,35 +196,17 @@ gcm_ghash(GCM128_CONTEXT ctx, const uint8_t in, size_t len)
196	ctx->ghash(ctx->Xi.u, ctx->Htable, in, len);	196	ctx->ghash(ctx->Xi.u, ctx->Htable, in, len);
197	}	197	}
198		198
199	#if defined(GHASH_ASM) && \	199	#ifdef HAVE_GCM128_INIT
200	(defined(__i386) \|\| defined(__i386__) \|\| \	200	void gcm128_init(GCM128_CONTEXT *ctx);
201	defined(__x86_64) \|\| defined(__x86_64__) \|\| \
202	defined(_M_IX86) \|\| defined(_M_AMD64) \|\| defined(_M_X64))
203	#include "x86_arch.h"
204	#endif
205
206	#if defined(GHASH_ASM)
207	# if (defined(__i386) \|\| defined(__i386__) \|\| \
208	defined(__x86_64) \|\| defined(__x86_64__) \|\| \
209	defined(_M_IX86) \|\| defined(_M_AMD64) \|\| defined(_M_X64))
210	# define GHASH_ASM_X86_OR_64
211		201
212	void gcm_init_clmul(u128 Htable[16], const uint64_t Xi[2]);	202	#else
213	void gcm_gmult_clmul(uint64_t Xi[2], const u128 Htable[16]);	203	static void
214	void gcm_ghash_clmul(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,	204	gcm128_init(GCM128_CONTEXT *ctx)
215	size_t len);	205	{
216		206	gcm_init_4bit(ctx->Htable, ctx->H.u);
217	# if defined(__i386) \|\| defined(__i386__) \|\| defined(_M_IX86)	207	ctx->gmult = gcm_gmult_4bit;
218	# define GHASH_ASM_X86	208	ctx->ghash = gcm_ghash_4bit;
219	void gcm_gmult_4bit_mmx(uint64_t Xi[2], const u128 Htable[16]);	209	}
220	void gcm_ghash_4bit_mmx(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
221	size_t len);
222
223	void gcm_gmult_4bit_x86(uint64_t Xi[2], const u128 Htable[16]);
224	void gcm_ghash_4bit_x86(uint64_t Xi[2], const u128 Htable[16], const uint8_t *inp,
225	size_t len);
226	# endif
227	# endif
228	#endif	210	#endif
229		211
230	void	212	void
@@ -240,33 +222,7 @@ CRYPTO_gcm128_init(GCM128_CONTEXT ctx, void key, block128_f block)
240	ctx->H.u[0] = be64toh(ctx->H.u[0]);	222	ctx->H.u[0] = be64toh(ctx->H.u[0]);
241	ctx->H.u[1] = be64toh(ctx->H.u[1]);	223	ctx->H.u[1] = be64toh(ctx->H.u[1]);
242		224
243	# if defined(GHASH_ASM_X86_OR_64)	225	gcm128_init(ctx);
244	/* check FXSR and PCLMULQDQ bits */
245	if ((crypto_cpu_caps_ia32() & (CPUCAP_MASK_FXSR \| CPUCAP_MASK_PCLMUL)) ==
246	(CPUCAP_MASK_FXSR \| CPUCAP_MASK_PCLMUL)) {
247	gcm_init_clmul(ctx->Htable, ctx->H.u);
248	ctx->gmult = gcm_gmult_clmul;
249	ctx->ghash = gcm_ghash_clmul;
250	return;
251	}
252	gcm_init_4bit(ctx->Htable, ctx->H.u);
253	# if defined(GHASH_ASM_X86) /* x86 only */
254	if (crypto_cpu_caps_ia32() & CPUCAP_MASK_MMX) { /* check MMX bit */
255	ctx->gmult = gcm_gmult_4bit_mmx;
256	ctx->ghash = gcm_ghash_4bit_mmx;
257	} else {
258	ctx->gmult = gcm_gmult_4bit_x86;
259	ctx->ghash = gcm_ghash_4bit_x86;
260	}
261	# else
262	ctx->gmult = gcm_gmult_4bit;
263	ctx->ghash = gcm_ghash_4bit;
264	# endif
265	# else
266	gcm_init_4bit(ctx->Htable, ctx->H.u);
267	ctx->gmult = gcm_gmult_4bit;
268	ctx->ghash = gcm_ghash_4bit;
269	# endif
270	}	226	}
271	LCRYPTO_ALIAS(CRYPTO_gcm128_init);	227	LCRYPTO_ALIAS(CRYPTO_gcm128_init);
272		228