From 17d58a5817a97aeba20512f824ec7f28f5a638cb Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 22 Jan 2025 09:37:07 +0000
Subject: Replace rotl() with crypto_rol_u32().

ok tb@
---
 src/lib/libcrypto/sm4/sm4.c | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/sm4/sm4.c b/src/lib/libcrypto/sm4/sm4.c
index bd1689987e..cf9d55634c 100644
--- a/src/lib/libcrypto/sm4/sm4.c
+++ b/src/lib/libcrypto/sm4/sm4.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sm4.c,v 1.2 2023/07/07 12:01:32 beck Exp $	*/
+/*	$OpenBSD: sm4.c,v 1.3 2025/01/22 09:37:07 jsing Exp $	*/
 /*
  * Copyright (c) 2017, 2019 Ribose Inc
  *
@@ -20,6 +20,8 @@
 #ifndef OPENSSL_NO_SM4
 #include <openssl/sm4.h>
 
+#include "crypto_internal.h"
+
 struct sm4_key {
         uint32_t rk[SM4_KEY_SCHEDULE];
 };
@@ -98,12 +100,6 @@ static const uint32_t SM4_SBOX_T[256] = {
 	0x8BD45F5F, 0xE7C82F2F, 0xDD39E4E4, 0x68492121,
 };
 
-static inline uint32_t
-rotl(uint32_t a, uint8_t n)
-{
-	return (a << n) | (a >> (32 - n));
-}
-
 static inline uint32_t
 load_u32_be(const uint8_t *b, uint32_t n)
 {
@@ -132,19 +128,18 @@ SM4_T_slow(uint32_t X)
 	t |= ((uint32_t)SM4_S[(uint8_t)(X >> 8)]) << 8;
 	t |= SM4_S[(uint8_t)X];
 
-	/*
-	 * L linear transform
-	 */
-	return t ^ rotl(t, 2) ^ rotl(t, 10) ^ rotl(t, 18) ^ rotl(t, 24);
+	/* L linear transform. */
+	return t ^ crypto_rol_u32(t, 2) ^ crypto_rol_u32(t, 10) ^
+	    crypto_rol_u32(t, 18) ^ crypto_rol_u32(t, 24);
 }
 
 static inline uint32_t
 SM4_T(uint32_t X)
 {
 	return SM4_SBOX_T[(uint8_t)(X >> 24)] ^
-	    rotl(SM4_SBOX_T[(uint8_t)(X >> 16)], 24) ^
-	    rotl(SM4_SBOX_T[(uint8_t)(X >> 8)], 16) ^
-	    rotl(SM4_SBOX_T[(uint8_t)X], 8);
+	    crypto_rol_u32(SM4_SBOX_T[(uint8_t)(X >> 16)], 24) ^
+	    crypto_rol_u32(SM4_SBOX_T[(uint8_t)(X >> 8)], 16) ^
+	    crypto_rol_u32(SM4_SBOX_T[(uint8_t)X], 8);
 }
 
 int
@@ -192,7 +187,7 @@ SM4_set_key(const uint8_t *key, SM4_KEY *k)
 		t |= ((uint32_t)SM4_S[(uint8_t)(X >> 8)]) << 8;
 		t |= SM4_S[(uint8_t)X];
 
-		t = t ^ rotl(t, 13) ^ rotl(t, 23);
+		t = t ^ crypto_rol_u32(t, 13) ^ crypto_rol_u32(t, 23);
 		K[i % 4] ^= t;
 		ks->rk[i] = K[i % 4];
 	}
-- 
cgit v1.2.3-55-g6feb