Always use C functions for AES_set_{encrypt,decrypt}_key().

Always include aes_core.c and provide AES_set_{encrypt,decrypt}_key() via C
functions, which then either use a C implementation or call the assembly
implementation.

ok tb@

diff --git a/lib/libcrypto/aes/aes_core.c b/lib/libcrypto/aes/aes_core.c
index bb1006a..ee0bbb9 100644 (file)
--- a/lib/libcrypto/aes/aes_core.c
+++ b/lib/libcrypto/aes/aes_core.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: aes_core.c,v 1.19 2024/03/27 11:15:44 jsing Exp $ */
+/* $OpenBSD: aes_core.c,v 1.20 2024/03/29 04:39:54 jsing Exp $ */
 /**
  * rijndael-alg-fst.c
  *
@@ -37,6 +37,9 @@
 #include "aes_local.h"
 #include "crypto_internal.h"
 
+#if !defined(HAVE_AES_SET_ENCRYPT_KEY_INTERNAL) && \
+    !defined(HAVE_AES_SET_DECRYPT_KEY_INTERNAL)
+
 /*
 Te0[x] = S [x].[02, 01, 01, 03];
 Te1[x] = S [x].[03, 02, 01, 01];
@@ -618,12 +621,20 @@ static const u32 rcon[] = {
        0x10000000, 0x20000000, 0x40000000, 0x80000000,
        0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 };
+#endif
 
-/**
+#ifdef HAVE_AES_SET_ENCRYPT_KEY_INTERNAL
+int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key);
+
+#else
+
+/*
  * Expand the cipher key into the encryption key schedule.
  */
-int
-AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
+static inline int
+aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key)
 {
        u32 *rk;
        int i = 0;
@@ -719,12 +730,25 @@ AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
        }
        return 0;
 }
+#endif
 
-/**
+int
+AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
+{
+       return aes_set_encrypt_key_internal(userKey, bits, key);
+}
+
+#ifdef HAVE_AES_SET_DECRYPT_KEY_INTERNAL
+int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key);
+
+#else
+/*
  * Expand the cipher key into the decryption key schedule.
  */
-int
-AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
+static inline int
+aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
+    AES_KEY *key)
 {
        u32 *rk;
        int i, j, status;
@@ -778,6 +802,13 @@ AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
        }
        return 0;
 }
+#endif
+
+int
+AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
+{
+       return aes_set_decrypt_key_internal(userKey, bits, key);
+}
 
 #ifndef AES_ASM
 /*

diff --git a/lib/libcrypto/aes/asm/aes-586.pl b/lib/libcrypto/aes/asm/aes-586.pl
index 733675c..a2d9800 100644 (file)
--- a/lib/libcrypto/aes/asm/aes-586.pl
+++ b/lib/libcrypto/aes/asm/aes-586.pl
@@ -2849,12 +2849,12 @@ sub enckey()
     &set_label("exit");
 &function_end("_x86_AES_set_encrypt_key");
 
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_encrypt_key");
+# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
+#      AES_KEY *key)
+&function_begin_B("aes_set_encrypt_key_internal");
        &call   ("_x86_AES_set_encrypt_key");
        &ret    ();
-&function_end_B("AES_set_encrypt_key");
+&function_end_B("aes_set_encrypt_key_internal");
 
 sub deckey()
 { my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
@@ -2911,9 +2911,9 @@ sub deckey()
        &mov    (&DWP(4*$i,$key),$tp1);
 }
 
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_decrypt_key");
+# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
+#     AES_KEY *key)
+&function_begin_B("aes_set_decrypt_key_internal");
        &call   ("_x86_AES_set_encrypt_key");
        &cmp    ("eax",0);
        &je     (&label("proceed"));
@@ -2969,6 +2969,6 @@ sub deckey()
        &jb     (&label("permute"));
 
        &xor    ("eax","eax");                  # return success
-&function_end("AES_set_decrypt_key");
+&function_end("aes_set_decrypt_key_internal");
 
 &asm_finish();

diff --git a/lib/libcrypto/aes/asm/aes-armv4.pl b/lib/libcrypto/aes/asm/aes-armv4.pl
index 1cb9586..3d581c5 100644 (file)
--- a/lib/libcrypto/aes/asm/aes-armv4.pl
+++ b/lib/libcrypto/aes/asm/aes-armv4.pl
@@ -404,12 +404,12 @@ _armv4_AES_encrypt:
        ldr     pc,[sp],#4              @ pop and return
 .size  _armv4_AES_encrypt,.-_armv4_AES_encrypt
 
-.global AES_set_encrypt_key
-.type   AES_set_encrypt_key,%function
+.global aes_set_encrypt_key_internal
+.type   aes_set_encrypt_key_internal,%function
 .align 5
-AES_set_encrypt_key:
+aes_set_encrypt_key_internal:
 _armv4_AES_set_encrypt_key:
-       sub     r3,pc,#8                @ AES_set_encrypt_key
+       sub     r3,pc,#8                @ aes_set_encrypt_key_internal
        teq     r0,#0
        moveq   r0,#-1
        beq     .Labrt
@@ -679,12 +679,12 @@ _armv4_AES_set_encrypt_key:
 .Labrt:        tst     lr,#1
        moveq   pc,lr                   @ be binary compatible with V4, yet
        bx      lr                      @ interoperable with Thumb ISA:-)
-.size  AES_set_encrypt_key,.-AES_set_encrypt_key
+.size  aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal
 
-.global AES_set_decrypt_key
-.type   AES_set_decrypt_key,%function
+.global aes_set_decrypt_key_internal
+.type   aes_set_decrypt_key_internal,%function
 .align 5
-AES_set_decrypt_key:
+aes_set_decrypt_key_internal:
        str     lr,[sp,#-4]!            @ push lr
        bl      _armv4_AES_set_encrypt_key
        teq     r0,#0
@@ -773,7 +773,7 @@ $code.=<<___;
        moveq   pc,lr                   @ be binary compatible with V4, yet
        bx      lr                      @ interoperable with Thumb ISA:-)
 #endif
-.size  AES_set_decrypt_key,.-AES_set_decrypt_key
+.size  aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal
 
 .type  AES_Td,%object
 .align 5

diff --git a/lib/libcrypto/aes/asm/aes-mips.pl b/lib/libcrypto/aes/asm/aes-mips.pl
index b95d1af..b3649bc 100644 (file)
--- a/lib/libcrypto/aes/asm/aes-mips.pl
+++ b/lib/libcrypto/aes/asm/aes-mips.pl
@@ -1038,9 +1038,9 @@ _mips_AES_set_encrypt_key:
        nop
 .end   _mips_AES_set_encrypt_key
 
-.globl AES_set_encrypt_key
-.ent   AES_set_encrypt_key
-AES_set_encrypt_key:
+.globl aes_set_encrypt_key_internal
+.ent   aes_set_encrypt_key_internal
+aes_set_encrypt_key_internal:
        .frame  $sp,$FRAMESIZE,$ra
        .mask   $SAVED_REGS_MASK,-$SZREG
        .set    noreorder
@@ -1062,7 +1062,7 @@ $code.=<<___ if ($flavour =~ /nubi/i);    # optimize non-nubi prologue
 ___
 $code.=<<___ if ($flavour !~ /o32/i);  # non-o32 PIC-ification
        .cplocal        $Tbl
-       .cpsetup        $pf,$zero,AES_set_encrypt_key
+       .cpsetup        $pf,$zero,aes_set_encrypt_key_internal
 ___
 $code.=<<___;
        .set    reorder
@@ -1085,7 +1085,7 @@ ___
 $code.=<<___;
        jr      $ra
        $PTR_ADD $sp,$FRAMESIZE
-.end   AES_set_encrypt_key
+.end   aes_set_encrypt_key_internal
 ___
 \f
 my ($head,$tail)=($inp,$bits);
@@ -1093,9 +1093,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
 my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
 $code.=<<___;
 .align 5
-.globl AES_set_decrypt_key
-.ent   AES_set_decrypt_key
-AES_set_decrypt_key:
+.globl aes_set_decrypt_key_internal
+.ent   aes_set_decrypt_key_internal
+aes_set_decrypt_key_internal:
        .frame  $sp,$FRAMESIZE,$ra
        .mask   $SAVED_REGS_MASK,-$SZREG
        .set    noreorder
@@ -1117,7 +1117,7 @@ $code.=<<___ if ($flavour =~ /nubi/i);    # optimize non-nubi prologue
 ___
 $code.=<<___ if ($flavour !~ /o32/i);  # non-o32 PIC-ification
        .cplocal        $Tbl
-       .cpsetup        $pf,$zero,AES_set_decrypt_key
+       .cpsetup        $pf,$zero,aes_set_decrypt_key_internal
 ___
 $code.=<<___;
        .set    reorder
@@ -1228,7 +1228,7 @@ ___
 $code.=<<___;
        jr      $ra
        $PTR_ADD $sp,$FRAMESIZE
-.end   AES_set_decrypt_key
+.end   aes_set_decrypt_key_internal
 ___
 }}}
 

diff --git a/lib/libcrypto/aes/asm/aes-x86_64.pl b/lib/libcrypto/aes/asm/aes-x86_64.pl
index 4c4686d..9b75a6f 100755 (executable)
--- a/lib/libcrypto/aes/asm/aes-x86_64.pl
+++ b/lib/libcrypto/aes/asm/aes-x86_64.pl
@@ -1290,13 +1290,13 @@ $code.=<<___;
 ___
 }
 
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
+# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits,
+#     AES_KEY *key)
 $code.=<<___;
-.globl AES_set_encrypt_key
-.type  AES_set_encrypt_key,\@function,3
+.globl aes_set_encrypt_key_internal
+.type  aes_set_encrypt_key_internal,\@function,3
 .align 16
-AES_set_encrypt_key:
+aes_set_encrypt_key_internal:
        _CET_ENDBR
        push    %rbx
        push    %rbp
@@ -1318,7 +1318,7 @@ AES_set_encrypt_key:
        add     \$56,%rsp
 .Lenc_key_epilogue:
        ret
-.size  AES_set_encrypt_key,.-AES_set_encrypt_key
+.size  aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal
 
 .type  _x86_64_AES_set_encrypt_key,\@abi-omnipotent
 .align 16
@@ -1562,13 +1562,13 @@ $code.=<<___;
 ___
 }
 
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
+# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits,
+#     AES_KEY *key)
 $code.=<<___;
-.globl AES_set_decrypt_key
-.type  AES_set_decrypt_key,\@function,3
+.globl aes_set_decrypt_key_internal
+.type  aes_set_decrypt_key_internal,\@function,3
 .align 16
-AES_set_decrypt_key:
+aes_set_decrypt_key_internal:
        _CET_ENDBR
        push    %rbx
        push    %rbp
@@ -1638,7 +1638,7 @@ $code.=<<___;
        add     \$56,%rsp
 .Ldec_key_epilogue:
        ret
-.size  AES_set_decrypt_key,.-AES_set_decrypt_key
+.size  aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal
 ___
 
 # void aes_cbc_encrypt_internal(const void char *inp, unsigned char *out,
@@ -2790,13 +2790,13 @@ cbc_se_handler:
        .rva    .LSEH_end_AES_decrypt
        .rva    .LSEH_info_AES_decrypt
 
-       .rva    .LSEH_begin_AES_set_encrypt_key
-       .rva    .LSEH_end_AES_set_encrypt_key
-       .rva    .LSEH_info_AES_set_encrypt_key
+       .rva    .LSEH_begin_aes_set_encrypt_key_internal
+       .rva    .LSEH_end_aes_set_encrypt_key_internal
+       .rva    .LSEH_info_aes_set_encrypt_key_internal
 
-       .rva    .LSEH_begin_AES_set_decrypt_key
-       .rva    .LSEH_end_AES_set_decrypt_key
-       .rva    .LSEH_info_AES_set_decrypt_key
+       .rva    .LSEH_begin_aes_set_decrypt_key_internal
+       .rva    .LSEH_end_aes_set_decrypt_key_internal
+       .rva    .LSEH_info_aes_set_decrypt_key_internal
 
        .rva    .LSEH_begin_aes_cbc_encrypt_internal
        .rva    .LSEH_end_aes_cbc_encrypt_internal
@@ -2812,11 +2812,11 @@ cbc_se_handler:
        .byte   9,0,0,0
        .rva    block_se_handler
        .rva    .Ldec_prologue,.Ldec_epilogue   # HandlerData[]
-.LSEH_info_AES_set_encrypt_key:
+.LSEH_info_aes_set_encrypt_key_internal:
        .byte   9,0,0,0
        .rva    key_se_handler
        .rva    .Lenc_key_prologue,.Lenc_key_epilogue   # HandlerData[]
-.LSEH_info_AES_set_decrypt_key:
+.LSEH_info_aes_set_decrypt_key_internal:
        .byte   9,0,0,0
        .rva    key_se_handler
        .rva    .Ldec_key_prologue,.Ldec_key_epilogue   # HandlerData[]

diff --git a/lib/libcrypto/arch/amd64/Makefile.inc b/lib/libcrypto/arch/amd64/Makefile.inc
index ac5cf87..06417c0 100644 (file)
--- a/lib/libcrypto/arch/amd64/Makefile.inc
+++ b/lib/libcrypto/arch/amd64/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.22 2024/03/29 02:33:44 jsing Exp $
+# $OpenBSD: Makefile.inc,v 1.23 2024/03/29 04:39:54 jsing Exp $
 
 # amd64-specific libcrypto build rules
 
@@ -14,6 +14,9 @@ CFLAGS+= -DVPAES_ASM
 SSLASM+= aes vpaes-x86_64
 SSLASM+= aes aesni-x86_64
 CFLAGS+= -DHAVE_AES_CBC_ENCRYPT_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL
+SRCS+= aes_core.c
 # bn
 CFLAGS+= -DOPENSSL_IA32_SSE2
 CFLAGS+= -DRSA_ASM

diff --git a/lib/libcrypto/arch/arm/Makefile.inc b/lib/libcrypto/arch/arm/Makefile.inc
index 7db36aa..bfef312 100644 (file)
--- a/lib/libcrypto/arch/arm/Makefile.inc
+++ b/lib/libcrypto/arch/arm/Makefile.inc
@@ -5,6 +5,9 @@
 # aes
 CFLAGS+= -DAES_ASM
 SSLASM+= aes aes-armv4
+CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL
+SRCS+= aes_core.c
 # bn
 CFLAGS+= -DOPENSSL_BN_ASM_MONT
 SSLASM+= bn armv4-mont

diff --git a/lib/libcrypto/arch/i386/Makefile.inc b/lib/libcrypto/arch/i386/Makefile.inc
index c8e5a53..0722c4e 100644 (file)
--- a/lib/libcrypto/arch/i386/Makefile.inc
+++ b/lib/libcrypto/arch/i386/Makefile.inc
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile.inc,v 1.19 2024/03/29 02:33:44 jsing Exp $
+# $OpenBSD: Makefile.inc,v 1.20 2024/03/29 04:39:54 jsing Exp $
 
 # i386-specific libcrypto build rules
 
@@ -12,6 +12,9 @@ CFLAGS+= -DVPAES_ASM
 SSLASM+= aes vpaes-x86
 SSLASM+= aes aesni-x86
 CFLAGS+= -DHAVE_AES_CBC_ENCRYPT_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL
+SRCS+= aes_core.c
 # bn
 CFLAGS+= -DOPENSSL_IA32_SSE2
 SSLASM+= bn bn-586

diff --git a/lib/libcrypto/arch/mips64/Makefile.inc b/lib/libcrypto/arch/mips64/Makefile.inc
index 4fde831..c8bcca6 100644 (file)
--- a/lib/libcrypto/arch/mips64/Makefile.inc
+++ b/lib/libcrypto/arch/mips64/Makefile.inc
@@ -1,10 +1,13 @@
-# $OpenBSD: Makefile.inc,v 1.13 2024/03/29 02:33:44 jsing Exp $
+# $OpenBSD: Makefile.inc,v 1.14 2024/03/29 04:39:54 jsing Exp $
 
 # mips64-specific libcrypto build rules
 
 # aes
 CFLAGS+= -DAES_ASM
 SSLASM+= aes aes-mips aes-mips
+CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL
+CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL
+SRCS+= aes_core.c
 # bn
 SSLASM+= bn mips bn-mips
 SSLASM+= bn mips-mont mips-mont