From: jsing Date: Fri, 29 Mar 2024 04:39:54 +0000 (+0000) Subject: Always use C functions for AES_set_{encrypt,decrypt}_key(). X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=4efebcfa6f9b44a8b3476be1fdaacbec5ee5c99e;p=openbsd Always use C functions for AES_set_{encrypt,decrypt}_key(). Always include aes_core.c and provide AES_set_{encrypt,decrypt}_key() via C functions, which then either use a C implementation or call the assembly implementation. ok tb@ --- diff --git a/lib/libcrypto/aes/aes_core.c b/lib/libcrypto/aes/aes_core.c index bb1006acf12..ee0bbb9f401 100644 --- a/lib/libcrypto/aes/aes_core.c +++ b/lib/libcrypto/aes/aes_core.c @@ -1,4 +1,4 @@ -/* $OpenBSD: aes_core.c,v 1.19 2024/03/27 11:15:44 jsing Exp $ */ +/* $OpenBSD: aes_core.c,v 1.20 2024/03/29 04:39:54 jsing Exp $ */ /** * rijndael-alg-fst.c * @@ -37,6 +37,9 @@ #include "aes_local.h" #include "crypto_internal.h" +#if !defined(HAVE_AES_SET_ENCRYPT_KEY_INTERNAL) && \ + !defined(HAVE_AES_SET_DECRYPT_KEY_INTERNAL) + /* Te0[x] = S [x].[02, 01, 01, 03]; Te1[x] = S [x].[03, 02, 01, 01]; @@ -618,12 +621,20 @@ static const u32 rcon[] = { 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ }; +#endif -/** +#ifdef HAVE_AES_SET_ENCRYPT_KEY_INTERNAL +int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, + AES_KEY *key); + +#else + +/* * Expand the cipher key into the encryption key schedule. */ -int -AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) +static inline int +aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, + AES_KEY *key) { u32 *rk; int i = 0; @@ -719,12 +730,25 @@ AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) } return 0; } +#endif -/** +int +AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) +{ + return aes_set_encrypt_key_internal(userKey, bits, key); +} + +#ifdef HAVE_AES_SET_DECRYPT_KEY_INTERNAL +int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, + AES_KEY *key); + +#else +/* * Expand the cipher key into the decryption key schedule. */ -int -AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) +static inline int +aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, + AES_KEY *key) { u32 *rk; int i, j, status; @@ -778,6 +802,13 @@ AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) } return 0; } +#endif + +int +AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) +{ + return aes_set_decrypt_key_internal(userKey, bits, key); +} #ifndef AES_ASM /* diff --git a/lib/libcrypto/aes/asm/aes-586.pl b/lib/libcrypto/aes/asm/aes-586.pl index 733675ce7d9..a2d98009e8e 100644 --- a/lib/libcrypto/aes/asm/aes-586.pl +++ b/lib/libcrypto/aes/asm/aes-586.pl @@ -2849,12 +2849,12 @@ sub enckey() &set_label("exit"); &function_end("_x86_AES_set_encrypt_key"); -# int AES_set_encrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&function_begin_B("AES_set_encrypt_key"); +# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, +# AES_KEY *key) +&function_begin_B("aes_set_encrypt_key_internal"); &call ("_x86_AES_set_encrypt_key"); &ret (); -&function_end_B("AES_set_encrypt_key"); +&function_end_B("aes_set_encrypt_key_internal"); sub deckey() { my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_; @@ -2911,9 +2911,9 @@ sub deckey() &mov (&DWP(4*$i,$key),$tp1); } -# int AES_set_decrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&function_begin_B("AES_set_decrypt_key"); +# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, +# AES_KEY *key) +&function_begin_B("aes_set_decrypt_key_internal"); &call ("_x86_AES_set_encrypt_key"); &cmp ("eax",0); &je (&label("proceed")); @@ -2969,6 +2969,6 @@ sub deckey() &jb (&label("permute")); &xor ("eax","eax"); # return success -&function_end("AES_set_decrypt_key"); +&function_end("aes_set_decrypt_key_internal"); &asm_finish(); diff --git a/lib/libcrypto/aes/asm/aes-armv4.pl b/lib/libcrypto/aes/asm/aes-armv4.pl index 1cb9586d4b9..3d581c5d7c0 100644 --- a/lib/libcrypto/aes/asm/aes-armv4.pl +++ b/lib/libcrypto/aes/asm/aes-armv4.pl @@ -404,12 +404,12 @@ _armv4_AES_encrypt: ldr pc,[sp],#4 @ pop and return .size _armv4_AES_encrypt,.-_armv4_AES_encrypt -.global AES_set_encrypt_key -.type AES_set_encrypt_key,%function +.global aes_set_encrypt_key_internal +.type aes_set_encrypt_key_internal,%function .align 5 -AES_set_encrypt_key: +aes_set_encrypt_key_internal: _armv4_AES_set_encrypt_key: - sub r3,pc,#8 @ AES_set_encrypt_key + sub r3,pc,#8 @ aes_set_encrypt_key_internal teq r0,#0 moveq r0,#-1 beq .Labrt @@ -679,12 +679,12 @@ _armv4_AES_set_encrypt_key: .Labrt: tst lr,#1 moveq pc,lr @ be binary compatible with V4, yet bx lr @ interoperable with Thumb ISA:-) -.size AES_set_encrypt_key,.-AES_set_encrypt_key +.size aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal -.global AES_set_decrypt_key -.type AES_set_decrypt_key,%function +.global aes_set_decrypt_key_internal +.type aes_set_decrypt_key_internal,%function .align 5 -AES_set_decrypt_key: +aes_set_decrypt_key_internal: str lr,[sp,#-4]! @ push lr bl _armv4_AES_set_encrypt_key teq r0,#0 @@ -773,7 +773,7 @@ $code.=<<___; moveq pc,lr @ be binary compatible with V4, yet bx lr @ interoperable with Thumb ISA:-) #endif -.size AES_set_decrypt_key,.-AES_set_decrypt_key +.size aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal .type AES_Td,%object .align 5 diff --git a/lib/libcrypto/aes/asm/aes-mips.pl b/lib/libcrypto/aes/asm/aes-mips.pl index b95d1afd5a1..b3649bc60f5 100644 --- a/lib/libcrypto/aes/asm/aes-mips.pl +++ b/lib/libcrypto/aes/asm/aes-mips.pl @@ -1038,9 +1038,9 @@ _mips_AES_set_encrypt_key: nop .end _mips_AES_set_encrypt_key -.globl AES_set_encrypt_key -.ent AES_set_encrypt_key -AES_set_encrypt_key: +.globl aes_set_encrypt_key_internal +.ent aes_set_encrypt_key_internal +aes_set_encrypt_key_internal: .frame $sp,$FRAMESIZE,$ra .mask $SAVED_REGS_MASK,-$SZREG .set noreorder @@ -1062,7 +1062,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue ___ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification .cplocal $Tbl - .cpsetup $pf,$zero,AES_set_encrypt_key + .cpsetup $pf,$zero,aes_set_encrypt_key_internal ___ $code.=<<___; .set reorder @@ -1085,7 +1085,7 @@ ___ $code.=<<___; jr $ra $PTR_ADD $sp,$FRAMESIZE -.end AES_set_encrypt_key +.end aes_set_encrypt_key_internal ___ my ($head,$tail)=($inp,$bits); @@ -1093,9 +1093,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3); my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2); $code.=<<___; .align 5 -.globl AES_set_decrypt_key -.ent AES_set_decrypt_key -AES_set_decrypt_key: +.globl aes_set_decrypt_key_internal +.ent aes_set_decrypt_key_internal +aes_set_decrypt_key_internal: .frame $sp,$FRAMESIZE,$ra .mask $SAVED_REGS_MASK,-$SZREG .set noreorder @@ -1117,7 +1117,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue ___ $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification .cplocal $Tbl - .cpsetup $pf,$zero,AES_set_decrypt_key + .cpsetup $pf,$zero,aes_set_decrypt_key_internal ___ $code.=<<___; .set reorder @@ -1228,7 +1228,7 @@ ___ $code.=<<___; jr $ra $PTR_ADD $sp,$FRAMESIZE -.end AES_set_decrypt_key +.end aes_set_decrypt_key_internal ___ }}} diff --git a/lib/libcrypto/aes/asm/aes-x86_64.pl b/lib/libcrypto/aes/asm/aes-x86_64.pl index 4c4686d8fbf..9b75a6f7a56 100755 --- a/lib/libcrypto/aes/asm/aes-x86_64.pl +++ b/lib/libcrypto/aes/asm/aes-x86_64.pl @@ -1290,13 +1290,13 @@ $code.=<<___; ___ } -# int AES_set_encrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) +# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, +# AES_KEY *key) $code.=<<___; -.globl AES_set_encrypt_key -.type AES_set_encrypt_key,\@function,3 +.globl aes_set_encrypt_key_internal +.type aes_set_encrypt_key_internal,\@function,3 .align 16 -AES_set_encrypt_key: +aes_set_encrypt_key_internal: _CET_ENDBR push %rbx push %rbp @@ -1318,7 +1318,7 @@ AES_set_encrypt_key: add \$56,%rsp .Lenc_key_epilogue: ret -.size AES_set_encrypt_key,.-AES_set_encrypt_key +.size aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal .type _x86_64_AES_set_encrypt_key,\@abi-omnipotent .align 16 @@ -1562,13 +1562,13 @@ $code.=<<___; ___ } -# int AES_set_decrypt_key(const unsigned char *userKey, const int bits, -# AES_KEY *key) +# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, +# AES_KEY *key) $code.=<<___; -.globl AES_set_decrypt_key -.type AES_set_decrypt_key,\@function,3 +.globl aes_set_decrypt_key_internal +.type aes_set_decrypt_key_internal,\@function,3 .align 16 -AES_set_decrypt_key: +aes_set_decrypt_key_internal: _CET_ENDBR push %rbx push %rbp @@ -1638,7 +1638,7 @@ $code.=<<___; add \$56,%rsp .Ldec_key_epilogue: ret -.size AES_set_decrypt_key,.-AES_set_decrypt_key +.size aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal ___ # void aes_cbc_encrypt_internal(const void char *inp, unsigned char *out, @@ -2790,13 +2790,13 @@ cbc_se_handler: .rva .LSEH_end_AES_decrypt .rva .LSEH_info_AES_decrypt - .rva .LSEH_begin_AES_set_encrypt_key - .rva .LSEH_end_AES_set_encrypt_key - .rva .LSEH_info_AES_set_encrypt_key + .rva .LSEH_begin_aes_set_encrypt_key_internal + .rva .LSEH_end_aes_set_encrypt_key_internal + .rva .LSEH_info_aes_set_encrypt_key_internal - .rva .LSEH_begin_AES_set_decrypt_key - .rva .LSEH_end_AES_set_decrypt_key - .rva .LSEH_info_AES_set_decrypt_key + .rva .LSEH_begin_aes_set_decrypt_key_internal + .rva .LSEH_end_aes_set_decrypt_key_internal + .rva .LSEH_info_aes_set_decrypt_key_internal .rva .LSEH_begin_aes_cbc_encrypt_internal .rva .LSEH_end_aes_cbc_encrypt_internal @@ -2812,11 +2812,11 @@ cbc_se_handler: .byte 9,0,0,0 .rva block_se_handler .rva .Ldec_prologue,.Ldec_epilogue # HandlerData[] -.LSEH_info_AES_set_encrypt_key: +.LSEH_info_aes_set_encrypt_key_internal: .byte 9,0,0,0 .rva key_se_handler .rva .Lenc_key_prologue,.Lenc_key_epilogue # HandlerData[] -.LSEH_info_AES_set_decrypt_key: +.LSEH_info_aes_set_decrypt_key_internal: .byte 9,0,0,0 .rva key_se_handler .rva .Ldec_key_prologue,.Ldec_key_epilogue # HandlerData[] diff --git a/lib/libcrypto/arch/amd64/Makefile.inc b/lib/libcrypto/arch/amd64/Makefile.inc index ac5cf874f5d..06417c06f33 100644 --- a/lib/libcrypto/arch/amd64/Makefile.inc +++ b/lib/libcrypto/arch/amd64/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.22 2024/03/29 02:33:44 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.23 2024/03/29 04:39:54 jsing Exp $ # amd64-specific libcrypto build rules @@ -14,6 +14,9 @@ CFLAGS+= -DVPAES_ASM SSLASM+= aes vpaes-x86_64 SSLASM+= aes aesni-x86_64 CFLAGS+= -DHAVE_AES_CBC_ENCRYPT_INTERNAL +CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL +CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL +SRCS+= aes_core.c # bn CFLAGS+= -DOPENSSL_IA32_SSE2 CFLAGS+= -DRSA_ASM diff --git a/lib/libcrypto/arch/arm/Makefile.inc b/lib/libcrypto/arch/arm/Makefile.inc index 7db36aaa60a..bfef312f719 100644 --- a/lib/libcrypto/arch/arm/Makefile.inc +++ b/lib/libcrypto/arch/arm/Makefile.inc @@ -5,6 +5,9 @@ # aes CFLAGS+= -DAES_ASM SSLASM+= aes aes-armv4 +CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL +CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL +SRCS+= aes_core.c # bn CFLAGS+= -DOPENSSL_BN_ASM_MONT SSLASM+= bn armv4-mont diff --git a/lib/libcrypto/arch/i386/Makefile.inc b/lib/libcrypto/arch/i386/Makefile.inc index c8e5a535e5c..0722c4e5a0d 100644 --- a/lib/libcrypto/arch/i386/Makefile.inc +++ b/lib/libcrypto/arch/i386/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.19 2024/03/29 02:33:44 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.20 2024/03/29 04:39:54 jsing Exp $ # i386-specific libcrypto build rules @@ -12,6 +12,9 @@ CFLAGS+= -DVPAES_ASM SSLASM+= aes vpaes-x86 SSLASM+= aes aesni-x86 CFLAGS+= -DHAVE_AES_CBC_ENCRYPT_INTERNAL +CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL +CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL +SRCS+= aes_core.c # bn CFLAGS+= -DOPENSSL_IA32_SSE2 SSLASM+= bn bn-586 diff --git a/lib/libcrypto/arch/mips64/Makefile.inc b/lib/libcrypto/arch/mips64/Makefile.inc index 4fde831c9ad..c8bcca68781 100644 --- a/lib/libcrypto/arch/mips64/Makefile.inc +++ b/lib/libcrypto/arch/mips64/Makefile.inc @@ -1,10 +1,13 @@ -# $OpenBSD: Makefile.inc,v 1.13 2024/03/29 02:33:44 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.14 2024/03/29 04:39:54 jsing Exp $ # mips64-specific libcrypto build rules # aes CFLAGS+= -DAES_ASM SSLASM+= aes aes-mips aes-mips +CFLAGS+= -DHAVE_AES_SET_ENCRYPT_KEY_INTERNAL +CFLAGS+= -DHAVE_AES_SET_DECRYPT_KEY_INTERNAL +SRCS+= aes_core.c # bn SSLASM+= bn mips bn-mips SSLASM+= bn mips-mont mips-mont