CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2025/07/21 04:24:23
Modified files:
lib/libcrypto/aes: aes.c aes_amd64.c aes_i386.c aes_local.h
lib/libcrypto/arch/amd64: crypto_arch.h
lib/libcrypto/arch/i386: crypto_arch.h
lib/libcrypto/evp: e_aes.c
Log message:
Move AES-NI from EVP to AES for CCM mode.
The mode implementation for CCM has two variants - one takes the block
function, while the other takes a "ccm64" function. The latter is expected
to handle the lower 64 bits of the IV/counter but only for 16 byte blocks.
The AES-NI implementation for CCM currently uses the second variant.
Provide aes_ccm64_encrypt_internal() as a function that can be replaced on
a machine dependent basis, along with an aes_ccm64_encrypt_generic()
function that provides the default implementation and can be used as a
fallback. Wire up the AES-NI version for amd64 and i386, change EVP's
aes_ccm_cipher() to use CRYPTO_ctr128_{en,de}crypt_ccm64() with
aes_ccm64_encrypt_internal()) and remove the various AES-NI specific
EVP_CIPHER methods for CCM.
ok tb@
