* add WC_MAYBE_UNUSED attribute to AesEcbEncryptBlocks(), AesEcbDecryptBlocks(),

AesCbcEncryptBlocks(), AesCbcDecryptBlocks(), and AesCtrEncryptBlocks(), to
  fix -Wunused-functions in default build with --enable-aesni under clang.

* in AesCfbDecrypt_C(), add smallstack implementation for fast inner loop on
  intelasm/armasm.
This commit is contained in:
Daniel Pouzzner
2026-07-01 12:54:35 -05:00
parent bb7b4ccc77
commit 8b29a95da4
+36 -11
View File
@@ -907,7 +907,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
/* Pick the widest available implementation at runtime. Callers must
* already be inside a VECTOR_REGISTERS_PUSH / SAVE_VECTOR_REGISTERS
* region (all bulk AES-NI call sites are). */
static WC_INLINE void AesEcbEncryptBlocks(const unsigned char* in,
static WC_MAYBE_UNUSED WC_INLINE void AesEcbEncryptBlocks(const unsigned char* in,
unsigned char* out, word32 sz, const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
@@ -936,7 +936,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
}
#ifdef HAVE_AES_DECRYPT
static WC_INLINE void AesEcbDecryptBlocks(const unsigned char* in,
static WC_MAYBE_UNUSED WC_INLINE void AesEcbDecryptBlocks(const unsigned char* in,
unsigned char* out, word32 sz, const unsigned char* key, int nr)
{
#ifdef HAVE_INTEL_AVX512
@@ -966,7 +966,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#endif
#ifdef HAVE_AES_CBC
static WC_INLINE void AesCbcEncryptBlocks(const unsigned char* in,
static WC_MAYBE_UNUSED WC_INLINE void AesCbcEncryptBlocks(const unsigned char* in,
unsigned char* out, unsigned char* iv, word32 sz,
const unsigned char* key, int nr)
{
@@ -997,7 +997,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#endif /* HAVE_AES_CBC */
#ifdef HAVE_AES_DECRYPT
static WC_INLINE void AesCbcDecryptBlocks(const unsigned char* in,
static WC_MAYBE_UNUSED WC_INLINE void AesCbcDecryptBlocks(const unsigned char* in,
unsigned char* out, unsigned char* iv, word32 sz,
const unsigned char* key, int nr)
{
@@ -1027,7 +1027,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
}
#endif /* HAVE_AES_DECRYPT */
static WC_INLINE void AesCtrEncryptBlocks(const unsigned char* in,
static WC_MAYBE_UNUSED WC_INLINE void AesCtrEncryptBlocks(const unsigned char* in,
unsigned char* out, word32 sz, const unsigned char* key, int nr,
unsigned char* ctr)
{
@@ -15511,6 +15511,14 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
#ifdef WC_AES_HAVE_PREFETCH_ARG
int did_prefetches = 0;
#endif
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
#endif
#ifdef WOLFSSL_SMALL_STACK
byte *tmp = NULL;
#endif
(void)mode;
@@ -15534,18 +15542,30 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
sz -= processed;
}
#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_AES_ECB) && \
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
/* Only suffer the heap overhead if sz is enough to warrant it.
*
* Allocate the working buffer before suspending interrupts, so that we can
* allocate with regular GFP_KERNEL.
*/
if (sz >= WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE)
tmp = (byte *)XMALLOC(WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_AES);
#endif
VECTOR_REGISTERS_PUSH;
#if !defined(WOLFSSL_SMALL_STACK) && defined(HAVE_AES_ECB) && \
#if defined(HAVE_AES_ECB) && \
!defined(WOLFSSL_PIC32MZ_CRYPT) && \
(defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
#ifdef WOLFSSL_SMALL_STACK
if (tmp != NULL)
#endif
{
#ifndef WC_AES_CFB_DEC_BUF_BLOCKS
#define WC_AES_CFB_DEC_BUF_BLOCKS 32
#elif WC_AES_CFB_DEC_BUF_BLOCKS < 2
#error Invalid WC_AES_CFB_DEC_BUF_BLOCKS
#endif
#ifndef WOLFSSL_SMALL_STACK
ALIGN16 byte tmp[WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE];
#endif
while (sz >= 2 * WC_AES_BLOCK_SIZE) {
word32 blocks = sz / WC_AES_BLOCK_SIZE;
word32 nbytes;
@@ -15592,6 +15612,11 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
VECTOR_REGISTERS_POP;
#ifdef WOLFSSL_SMALL_STACK
/* Free tmp after restoring interrupts, so that GFP_KERNEL is usable. */
XFREE(tmp, NULL, DYNAMIC_TYPE_AES);
#endif
return ret;
}
#endif /* HAVE_AES_DECRYPT */