Commit f7e4eb281d for openssl.org
commit f7e4eb281dfcf01b19a6fb891d0432f5af898720
Author: Simo Sorce <simo@redhat.com>
Date: Thu Jun 11 19:19:19 2026 -0400
Consolidate SPARC T4 AES implementations
Move SPARC T4-specific AES hardware implementations (GCM, CCM, and XTS) from
individual mode-specific files into a single unified file
(cipher_aes_hw_t4.c). This consolidates the architecture-specific logic to
improve code organization and maintainability.
Additionally, this change removes the unused `keybits` parameter from several
SPARC T4 hardware initialization routines to clean up the internal API.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
MergeDate: Sat Jun 27 09:06:01 2026
(Merged from https://github.com/openssl/openssl/pull/31472)
diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info
index f82cae6762..2460b0183d 100644
--- a/providers/implementations/ciphers/build.info
+++ b/providers/implementations/ciphers/build.info
@@ -109,9 +109,7 @@ SOURCE[$AES_GOAL]=\
cipher_aes_xts.c cipher_aes_xts_hw.c \
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
cipher_aes_gcm_hw_ppc.c \
- cipher_aes_gcm_hw_t4.c \
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
- cipher_aes_ccm_hw_t4.c \
cipher_aes_wrp.c \
cipher_aes_cbc_hmac_sha.c \
cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \
diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h
index 05e46d204a..4e71678fd1 100644
--- a/providers/implementations/ciphers/cipher_aes.h
+++ b/providers/implementations/ciphers/cipher_aes.h
@@ -97,8 +97,7 @@ const PROV_CIPHER_HW *ossl_prov_cipher_hw_rv64i(enum aes_modes mode);
const PROV_CIPHER_HW *ossl_prov_cipher_hw_s390x(enum aes_modes mode,
size_t keybits);
#elif defined(SPARC_AES_CAPABLE)
-const PROV_CIPHER_HW *ossl_prov_cipher_hw_t4(enum aes_modes mode,
- size_t keybits);
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_t4(enum aes_modes mode);
#endif
#endif /* !defined(OSSL_PROVIDERS_IMPLEMENTATIONS_CIPHERS_CIPHER_AES_H) */
diff --git a/providers/implementations/ciphers/cipher_aes_ccm.h b/providers/implementations/ciphers/cipher_aes_ccm.h
index 636f5e687b..9fe8ba2e07 100644
--- a/providers/implementations/ciphers/cipher_aes_ccm.h
+++ b/providers/implementations/ciphers/cipher_aes_ccm.h
@@ -68,7 +68,7 @@ const PROV_CCM_HW *ossl_prov_aes_hw_ccm_rv64i(void);
const PROV_CCM_HW *ossl_prov_aes_hw_ccm_s390x(size_t keybits);
#endif
#if defined(SPARC_AES_CAPABLE)
-const PROV_CCM_HW *ossl_prov_aes_hw_ccm_t4(size_t keybits);
+const PROV_CCM_HW *ossl_prov_aes_hw_ccm_t4(void);
#endif
#endif /* !defined(OSSL_PROVIDERS_IMPLEMENTATIONS_CIPHERS_CIPHER_AES_CCM_H) */
diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw.c b/providers/implementations/ciphers/cipher_aes_ccm_hw.c
index a3ee92c542..6387157740 100644
--- a/providers/implementations/ciphers/cipher_aes_ccm_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_ccm_hw.c
@@ -81,7 +81,7 @@ const PROV_CCM_HW *ossl_prov_aes_hw_ccm(size_t keybits)
#elif defined(S390X_aes_128_CAPABLE)
aes_ccm_hw = ossl_prov_aes_hw_ccm_s390x(keybits);
#elif defined(SPARC_AES_CAPABLE)
- aes_ccm_hw = ossl_prov_aes_hw_ccm_t4(keybits);
+ aes_ccm_hw = ossl_prov_aes_hw_ccm_t4();
#endif
if (aes_ccm_hw != NULL)
return aes_ccm_hw;
diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.c b/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.c
deleted file mode 100644
index 981773760f..0000000000
--- a/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.c
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*-
- * Fujitsu SPARC64 X support for AES CCM.
- * This file is used by cipher_aes_ccm_hw.c
- */
-
-#include "internal/deprecated.h"
-#include "cipher_aes_ccm.h"
-
-#if defined(SPARC_AES_CAPABLE)
-
-static int ccm_t4_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
- size_t keylen)
-{
- return ossl_cipher_set_ccm_aes_initkey(ctx, key, keylen,
- aes_t4_set_encrypt_key, aes_t4_encrypt, NULL, NULL);
-}
-
-static const PROV_CCM_HW t4_aes_ccm = {
- ccm_t4_aes_initkey,
- ossl_ccm_generic_setiv,
- ossl_ccm_generic_setaad,
- ossl_ccm_generic_auth_encrypt,
- ossl_ccm_generic_auth_decrypt,
- ossl_ccm_generic_gettag
-};
-
-const PROV_CCM_HW *ossl_prov_aes_hw_ccm_t4(size_t keybits)
-{
- if (SPARC_AES_CAPABLE)
- return &t4_aes_ccm;
- return NULL;
-}
-#endif
diff --git a/providers/implementations/ciphers/cipher_aes_gcm.h b/providers/implementations/ciphers/cipher_aes_gcm.h
index 43cba79541..210c1de97a 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm.h
+++ b/providers/implementations/ciphers/cipher_aes_gcm.h
@@ -72,7 +72,7 @@ const PROV_GCM_HW *ossl_prov_aes_hw_gcm_rv64i(void);
const PROV_GCM_HW *ossl_prov_aes_hw_gcm_s390x(size_t keybits);
#endif
#if defined(SPARC_AES_CAPABLE)
-const PROV_GCM_HW *ossl_prov_aes_hw_gcm_t4(size_t keybits);
+const PROV_GCM_HW *ossl_prov_aes_hw_gcm_t4(void);
#endif
#endif /* !defined(OSSL_PROVIDERS_IMPLEMENTATIONS_CIPHERS_CIPHER_AES_GCM_H) */
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c
index 8493451688..2bd1cb9d34 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw.c
@@ -168,7 +168,7 @@ const PROV_GCM_HW *ossl_prov_aes_hw_gcm(size_t keybits)
#elif defined(S390X_aes_128_CAPABLE)
aes_gcm_hw = ossl_prov_aes_hw_gcm_s390x(keybits);
#elif defined(SPARC_AES_CAPABLE)
- aes_gcm_hw = ossl_prov_aes_hw_gcm_t4(keybits);
+ aes_gcm_hw = ossl_prov_aes_hw_gcm_t4();
#endif
if (aes_gcm_hw == NULL)
diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.c b/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.c
deleted file mode 100644
index 4b6968581d..0000000000
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_t4.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*-
- * Fujitsu SPARC64 X support for AES GCM.
- * This file is used by cipher_aes_gcm_hw.c
- */
-#include "internal/deprecated.h"
-#include "cipher_aes_gcm.h"
-
-#if defined(SPARC_AES_CAPABLE)
-
-static int t4_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
- size_t keylen)
-{
- switch (keylen) {
- case 16:
- return aes_gcm_hw_initkey(ctx, key, keylen,
- aes_t4_set_encrypt_key, aes_t4_encrypt,
- (ctr128_f)aes128_t4_ctr32_encrypt);
- case 24:
- return aes_gcm_hw_initkey(ctx, key, keylen,
- aes_t4_set_encrypt_key, aes_t4_encrypt,
- (ctr128_f)aes192_t4_ctr32_encrypt);
- case 32:
- return aes_gcm_hw_initkey(ctx, key, keylen,
- aes_t4_set_encrypt_key, aes_t4_encrypt,
- (ctr128_f)aes256_t4_ctr32_encrypt);
- default:
- return 0;
- }
-}
-
-static const PROV_GCM_HW t4_aes_gcm = {
- t4_aes_gcm_initkey,
- ossl_gcm_setiv,
- ossl_gcm_aad_update,
- generic_aes_gcm_cipher_update,
- ossl_gcm_cipher_final,
- ossl_gcm_one_shot
-};
-
-const PROV_GCM_HW *ossl_prov_aes_hw_gcm_t4(size_t keybits)
-{
- return SPARC_AES_CAPABLE ? &t4_aes_gcm : NULL;
-}
-
-#endif
diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c
index 294b2dea7d..b282393d5b 100644
--- a/providers/implementations/ciphers/cipher_aes_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_hw.c
@@ -227,7 +227,7 @@ static const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_mode(enum aes_modes mode,
#elif defined(S390X_aes_128_CAPABLE)
aes_hw_mode = ossl_prov_cipher_hw_s390x(mode, keybits);
#elif defined(SPARC_AES_CAPABLE)
- aes_hw_mode = ossl_prov_cipher_hw_t4(mode, keybits);
+ aes_hw_mode = ossl_prov_cipher_hw_t4(mode);
#endif
if (aes_hw_mode == NULL) {
diff --git a/providers/implementations/ciphers/cipher_aes_hw_t4.c b/providers/implementations/ciphers/cipher_aes_hw_t4.c
index 6d8e945de5..c9549be90b 100644
--- a/providers/implementations/ciphers/cipher_aes_hw_t4.c
+++ b/providers/implementations/ciphers/cipher_aes_hw_t4.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,16 +8,20 @@
*/
/*-
- * Sparc t4 support for AES modes ecb, cbc, ofb, cfb, ctr.
- * This file is used by cipher_aes_hw.c
+ * Sparc t4 support for all hardware accelerated AES modes.
*/
#include "internal/deprecated.h"
#include <openssl/proverr.h>
#include "cipher_aes.h"
+#include "cipher_aes_gcm.h"
+#include "cipher_aes_ccm.h"
+#include "cipher_aes_xts.h"
#if defined(SPARC_AES_CAPABLE)
+/* MODES: ecb, cbc, cfb, ofb, ctr */
+
static int t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks)
{
aes_t4_set_encrypt_key(key, bits, ks);
@@ -118,8 +122,7 @@ static const PROV_CIPHER_HW aes_t4_ctr = {
ossl_cipher_aes_copyctx
};
-const PROV_CIPHER_HW *ossl_prov_cipher_hw_t4(enum aes_modes mode,
- size_t keybits)
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_t4(enum aes_modes mode)
{
if (SPARC_AES_CAPABLE) {
switch (mode) {
@@ -143,4 +146,107 @@ const PROV_CIPHER_HW *ossl_prov_cipher_hw_t4(enum aes_modes mode,
}
return NULL;
}
+
+/* MODES: GCM */
+
+static int t4_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key,
+ size_t keylen)
+{
+ switch (keylen) {
+ case 16:
+ return aes_gcm_hw_initkey(ctx, key, keylen,
+ t4_set_encrypt_key, aes_t4_encrypt,
+ (ctr128_f)aes128_t4_ctr32_encrypt);
+ case 24:
+ return aes_gcm_hw_initkey(ctx, key, keylen,
+ t4_set_encrypt_key, aes_t4_encrypt,
+ (ctr128_f)aes192_t4_ctr32_encrypt);
+ case 32:
+ return aes_gcm_hw_initkey(ctx, key, keylen,
+ t4_set_encrypt_key, aes_t4_encrypt,
+ (ctr128_f)aes256_t4_ctr32_encrypt);
+ default:
+ return 0;
+ }
+}
+
+static const PROV_GCM_HW t4_aes_gcm = {
+ t4_aes_gcm_initkey,
+ ossl_gcm_setiv,
+ ossl_gcm_aad_update,
+ generic_aes_gcm_cipher_update,
+ ossl_gcm_cipher_final,
+ ossl_gcm_one_shot
+};
+
+const PROV_GCM_HW *ossl_prov_aes_hw_gcm_t4(void)
+{
+ return SPARC_AES_CAPABLE ? &t4_aes_gcm : NULL;
+}
+
+/* MODES: CCM */
+
+static int ccm_t4_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key,
+ size_t keylen)
+{
+ return ossl_cipher_set_ccm_aes_initkey(ctx, key, keylen,
+ t4_set_encrypt_key, aes_t4_encrypt, NULL, NULL);
+}
+
+static const PROV_CCM_HW t4_aes_ccm = {
+ ccm_t4_aes_initkey,
+ ossl_ccm_generic_setiv,
+ ossl_ccm_generic_setaad,
+ ossl_ccm_generic_auth_encrypt,
+ ossl_ccm_generic_auth_decrypt,
+ ossl_ccm_generic_gettag
+};
+
+const PROV_CCM_HW *ossl_prov_aes_hw_ccm_t4(void)
+{
+ if (SPARC_AES_CAPABLE)
+ return &t4_aes_ccm;
+ return NULL;
+}
+
+/* MODES: XTS */
+
+static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx,
+ const unsigned char *key, size_t keylen)
+{
+ OSSL_xts_stream_fn stream_enc = NULL;
+ OSSL_xts_stream_fn stream_dec = NULL;
+
+ /* Note: keylen is the size of 2 keys */
+ switch (keylen) {
+ case 32:
+ stream_enc = aes128_t4_xts_encrypt;
+ stream_dec = aes128_t4_xts_decrypt;
+ break;
+ case 64:
+ stream_enc = aes256_t4_xts_encrypt;
+ stream_dec = aes256_t4_xts_decrypt;
+ break;
+ default:
+ return 0;
+ }
+
+ return ossl_cipher_set_aes_xts_initkey(ctx, key, keylen,
+ t4_set_encrypt_key, t4_set_decrypt_key,
+ aes_t4_encrypt, aes_t4_decrypt, stream_enc, stream_dec);
+}
+
+static const PROV_CIPHER_HW aes_xts_t4 = {
+ cipher_hw_aes_xts_t4_initkey,
+ NULL,
+ ossl_cipher_hw_aes_xts_copyctx
+};
+
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts_t4(void)
+{
+ if (SPARC_AES_CAPABLE)
+ return &aes_xts_t4;
+ return NULL;
+}
+
#endif
diff --git a/providers/implementations/ciphers/cipher_aes_xts.h b/providers/implementations/ciphers/cipher_aes_xts.h
index 9fa0624dfc..49ee66ac88 100644
--- a/providers/implementations/ciphers/cipher_aes_xts.h
+++ b/providers/implementations/ciphers/cipher_aes_xts.h
@@ -89,6 +89,10 @@ int s390x_aes_xts_cipher_stream(PROV_AES_XTS_CTX *xctx,
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts_s390x(size_t keybits);
#endif
+#if defined(SPARC_AES_CAPABLE)
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts_t4(void);
+#endif
+
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits);
#endif /* !defined(OSSL_PROVIDERS_IMPLEMENTATIONS_CIPHERS_CIPHER_AES_XTS_H) */
diff --git a/providers/implementations/ciphers/cipher_aes_xts_hw.c b/providers/implementations/ciphers/cipher_aes_xts_hw.c
index e584f12051..162f8e4593 100644
--- a/providers/implementations/ciphers/cipher_aes_xts_hw.c
+++ b/providers/implementations/ciphers/cipher_aes_xts_hw.c
@@ -102,48 +102,6 @@ void ossl_cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst,
dctx->xts.key2 = &dctx->ks2.ks;
}
-#if defined(SPARC_AES_CAPABLE)
-
-static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx,
- const unsigned char *key, size_t keylen)
-{
- OSSL_xts_stream_fn stream_enc = NULL;
- OSSL_xts_stream_fn stream_dec = NULL;
-
- /* Note: keylen is the size of 2 keys */
- switch (keylen) {
- case 32:
- stream_enc = aes128_t4_xts_encrypt;
- stream_dec = aes128_t4_xts_decrypt;
- break;
- case 64:
- stream_enc = aes256_t4_xts_encrypt;
- stream_dec = aes256_t4_xts_decrypt;
- break;
- default:
- return 0;
- }
-
- return ossl_cipher_set_aes_xts_initkey(ctx, key, keylen,
- aes_t4_set_encrypt_key, aes_t4_set_decrypt_key,
- aes_t4_encrypt, aes_t4_decrypt, stream_enc, stream_dec);
-}
-
-static const PROV_CIPHER_HW aes_xts_t4 = {
- cipher_hw_aes_xts_t4_initkey,
- NULL,
- ossl_cipher_hw_aes_xts_copyctx
-};
-
-static const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts_t4()
-{
- if (SPARC_AES_CAPABLE)
- return &aes_xts_t4;
- return NULL;
-}
-
-#endif
-
static const PROV_CIPHER_HW aes_generic_xts = {
cipher_hw_aes_xts_generic_initkey,
NULL,