From c7200bdabce71b3d58f2f2995846e0e6f4f7d584 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 19 May 2025 03:55:09 +0000
Subject: Simplify EVP AES code for OFB.

Provide AES-NI with its own aesni_ofb_cipher() and switch aes_ofb_cipher()
to call AES_ofb128_encrypt() directly.

ok joshua@ tb@
---
 src/lib/libcrypto/evp/e_aes.c | 26 +++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

(limited to 'src/lib/libcrypto')

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index b16a1e930e..d0bcb2b3dd 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.66 2025/05/19 01:49:23 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.67 2025/05/19 03:55:09 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -277,6 +277,18 @@ aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	return 1;
 }
 
+static int
+aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+    const unsigned char *in, size_t len)
+{
+	EVP_AES_KEY *eak = ctx->cipher_data;
+
+	CRYPTO_ofb128_encrypt(in, out, len, &eak->ks, ctx->iv, &ctx->num,
+	    (block128_f)aesni_encrypt);
+
+	return 1;
+}
+
 static int
 aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     const unsigned char *iv, int enc)
@@ -452,10 +464,10 @@ static int
 aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t len)
 {
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
+	EVP_AES_KEY *eak = ctx->cipher_data;
+
+	AES_ofb128_encrypt(in, out, len, &eak->ks, ctx->iv, &ctx->num);
 
-	CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
-	    dat->block);
 	return 1;
 }
 
@@ -602,7 +614,7 @@ static const EVP_CIPHER aesni_128_ofb = {
 	.iv_len = 16,
 	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE,
 	.init = aesni_init_key,
-	.do_cipher = aes_ofb_cipher,
+	.do_cipher = aesni_ofb_cipher,
 	.ctx_size = sizeof(EVP_AES_KEY),
 };
 #endif
@@ -848,7 +860,7 @@ static const EVP_CIPHER aesni_192_ofb = {
 	.iv_len = 16,
 	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE,
 	.init = aesni_init_key,
-	.do_cipher = aes_ofb_cipher,
+	.do_cipher = aesni_ofb_cipher,
 	.ctx_size = sizeof(EVP_AES_KEY),
 };
 #endif
@@ -1094,7 +1106,7 @@ static const EVP_CIPHER aesni_256_ofb = {
 	.iv_len = 16,
 	.flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE,
 	.init = aesni_init_key,
-	.do_cipher = aes_ofb_cipher,
+	.do_cipher = aesni_ofb_cipher,
 	.ctx_size = sizeof(EVP_AES_KEY),
 };
 #endif
-- 
cgit v1.2.3-55-g6feb