* [FFmpeg-devel] [PATCH 1/3] avutil/aes_ctr: rename AES_BLOCK_SIZE to FF_AES_BLOCK_SIZE
@ 2025-06-11 1:54 James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 2/3] avutil/aes: remove superfluous rounds argument James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation James Almer
0 siblings, 2 replies; 4+ messages in thread
From: James Almer @ 2025-06-11 1:54 UTC (permalink / raw)
To: ffmpeg-devel
This is in preparation for the following commit, to prevent redefinitions from
namespace collisions.
Signed-off-by: James Almer <jamrial@gmail.com>
---
libavutil/aes_ctr.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/libavutil/aes_ctr.c b/libavutil/aes_ctr.c
index 63dcb20d3a..76333ede33 100644
--- a/libavutil/aes_ctr.c
+++ b/libavutil/aes_ctr.c
@@ -29,11 +29,11 @@
#include "mem.h"
#include "random_seed.h"
-#define AES_BLOCK_SIZE (16)
+#define FF_AES_BLOCK_SIZE (16)
typedef struct AVAESCTR {
- DECLARE_ALIGNED(8, uint8_t, counter)[AES_BLOCK_SIZE];
- DECLARE_ALIGNED(8, uint8_t, encrypted_counter)[AES_BLOCK_SIZE];
+ DECLARE_ALIGNED(8, uint8_t, counter)[FF_AES_BLOCK_SIZE];
+ DECLARE_ALIGNED(8, uint8_t, encrypted_counter)[FF_AES_BLOCK_SIZE];
AVAES aes;
} AVAESCTR;
@@ -96,19 +96,19 @@ void av_aes_ctr_increment_iv(struct AVAESCTR *a)
void av_aes_ctr_crypt(struct AVAESCTR *a, uint8_t *dst, const uint8_t *src, int count)
{
- while (count >= AES_BLOCK_SIZE) {
+ while (count >= FF_AES_BLOCK_SIZE) {
av_aes_crypt(&a->aes, a->encrypted_counter, a->counter, 1, NULL, 0);
av_aes_ctr_increment_be64(a->counter + 8);
#if HAVE_FAST_64BIT
- for (int len = 0; len < AES_BLOCK_SIZE; len += 8)
+ for (int len = 0; len < FF_AES_BLOCK_SIZE; len += 8)
AV_WN64(&dst[len], AV_RN64(&src[len]) ^ AV_RN64A(&a->encrypted_counter[len]));
#else
- for (int len = 0; len < AES_BLOCK_SIZE; len += 4)
+ for (int len = 0; len < FF_AES_BLOCK_SIZE; len += 4)
AV_WN32(&dst[len], AV_RN32(&src[len]) ^ AV_RN32A(&a->encrypted_counter[len]));
#endif
- dst += AES_BLOCK_SIZE;
- src += AES_BLOCK_SIZE;
- count -= AES_BLOCK_SIZE;
+ dst += FF_AES_BLOCK_SIZE;
+ src += FF_AES_BLOCK_SIZE;
+ count -= FF_AES_BLOCK_SIZE;
}
if (count > 0) {
--
2.49.0
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* [FFmpeg-devel] [PATCH 2/3] avutil/aes: remove superfluous rounds argument
2025-06-11 1:54 [FFmpeg-devel] [PATCH 1/3] avutil/aes_ctr: rename AES_BLOCK_SIZE to FF_AES_BLOCK_SIZE James Almer
@ 2025-06-11 1:54 ` James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation James Almer
1 sibling, 0 replies; 4+ messages in thread
From: James Almer @ 2025-06-11 1:54 UTC (permalink / raw)
To: ffmpeg-devel
It's set during int and never changed.
Signed-off-by: James Almer <jamrial@gmail.com>
---
libavutil/aes.c | 10 +++++-----
libavutil/aes_internal.h | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavutil/aes.c b/libavutil/aes.c
index 3c8ac1c349..7fe42a5548 100644
--- a/libavutil/aes.c
+++ b/libavutil/aes.c
@@ -137,10 +137,10 @@ static inline void aes_crypt(AVAES *a, int s, const uint8_t *sbox,
}
static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
- int count, uint8_t *iv, int rounds)
+ int count, uint8_t *iv)
{
while (count--) {
- addkey_s(&a->state[1], src, &a->round_key[rounds]);
+ addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
if (iv)
addkey_s(&a->state[1], iv, &a->state[1]);
aes_crypt(a, 2, sbox, enc_multbl);
@@ -153,10 +153,10 @@ static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
}
static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
- int count, uint8_t *iv, int rounds)
+ int count, uint8_t *iv)
{
while (count--) {
- addkey_s(&a->state[1], src, &a->round_key[rounds]);
+ addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
aes_crypt(a, 0, inv_sbox, dec_multbl);
if (iv) {
addkey_s(&a->state[0], iv, &a->state[0]);
@@ -171,7 +171,7 @@ static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src,
int count, uint8_t *iv, int decrypt)
{
- a->crypt(a, dst, src, count, iv, a->rounds);
+ a->crypt(a, dst, src, count, iv);
}
static void init_multbl2(uint32_t tbl[][256], const int c[4],
diff --git a/libavutil/aes_internal.h b/libavutil/aes_internal.h
index 17f79d3ce3..e2de382f26 100644
--- a/libavutil/aes_internal.h
+++ b/libavutil/aes_internal.h
@@ -37,7 +37,7 @@ typedef struct AVAES {
DECLARE_ALIGNED(16, av_aes_block, round_key)[15];
DECLARE_ALIGNED(16, av_aes_block, state)[2];
int rounds;
- void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int rounds);
+ void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv);
} AVAES;
void ff_init_aes_x86(AVAES *a, int decrypt);
--
2.49.0
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation
2025-06-11 1:54 [FFmpeg-devel] [PATCH 1/3] avutil/aes_ctr: rename AES_BLOCK_SIZE to FF_AES_BLOCK_SIZE James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 2/3] avutil/aes: remove superfluous rounds argument James Almer
@ 2025-06-11 1:54 ` James Almer
2025-06-11 6:02 ` Andreas Rheinhardt
1 sibling, 1 reply; 4+ messages in thread
From: James Almer @ 2025-06-11 1:54 UTC (permalink / raw)
To: ffmpeg-devel
OpenSSL has optimizations for more architectures than x86-AESNI, so use it if
libavutil is configured with libcrypto explicitly (Enabling OpenSSL alone will
not make use of it).
Signed-off-by: James Almer <jamrial@gmail.com>
---
configure | 8 +++++++-
libavutil/aes.c | 37 ++++++++++++++++++++++++++++++++++---
libavutil/aes_internal.h | 11 ++++++++++-
libavutil/x86/aes_init.c | 2 ++
4 files changed, 53 insertions(+), 5 deletions(-)
diff --git a/configure b/configure
index 534b443f7d..c7b4fbb2fe 100755
--- a/configure
+++ b/configure
@@ -223,6 +223,7 @@ External library support:
--enable-libcelt enable CELT decoding via libcelt [no]
--enable-libcdio enable audio CD grabbing with libcdio [no]
--enable-libcodec2 enable codec2 en/decoding using libcodec2 [no]
+ --enable-libcrypto enable crypto via libcrypto (AES only) [no]
--enable-libdav1d enable AV1 decoding via libdav1d [no]
--enable-libdavs2 enable AVS2 decoding via libdavs2 [no]
--enable-libdc1394 enable IIDC-1394 grabbing using libdc1394
@@ -1931,6 +1932,7 @@ EXTERNAL_LIBRARY_LIST="
libcaca
libcelt
libcodec2
+ libcrypto
libdav1d
libdc1394
libflite
@@ -4091,7 +4093,7 @@ avfilter_deps="avutil"
avfilter_suggest="libm stdatomic spirv_compiler"
avformat_deps="avcodec avutil"
avformat_suggest="libm network zlib stdatomic"
-avutil_suggest="clock_gettime ffnvcodec gcrypt libm libdrm libmfx opencl openssl user32 vaapi vulkan videotoolbox corefoundation corevideo coremedia bcrypt stdatomic"
+avutil_suggest="clock_gettime ffnvcodec gcrypt libcrypto libm libdrm libmfx opencl openssl user32 vaapi vulkan videotoolbox corefoundation corevideo coremedia bcrypt stdatomic"
swresample_deps="avutil"
swresample_suggest="libm libsoxr stdatomic"
swscale_deps="avutil"
@@ -7193,6 +7195,10 @@ enabled openssl && { { check_pkg_config openssl "openssl >= 3.0.0" ope
check_lib openssl openssl/ssl.h SSL_library_init -lssl32 -leay32 ||
check_lib openssl openssl/ssl.h SSL_library_init -lssl -lcrypto -lws2_32 -lgdi32 ||
die "ERROR: openssl not found"; }
+enabled libcrypto && { { check_pkg_config libcrypto "libcrypto >= 3.0.0" openssl/aes.h AES_set_encrypt_key &&
+ { enabled gplv3 || ! enabled gpl || enabled nonfree || die "ERROR: OpenSSL-libcrypto >= 3.0.0 requires --enable-version3"; }; } ||
+ { enabled gpl && ! enabled nonfree && die "ERROR: OpenSSL-libcrypto < 3.0.0 is incompatible with the gpl"; } ||
+ require_pkg_config libcrypto libcrypto openssl/aes.h AES_set_encrypt_key; }
enabled pocketsphinx && require_pkg_config pocketsphinx pocketsphinx pocketsphinx/pocketsphinx.h ps_init
enabled rkmpp && { require_pkg_config rkmpp rockchip_mpp rockchip/rk_mpi.h mpp_create &&
require_pkg_config rockchip_mpp "rockchip_mpp >= 1.3.7" rockchip/rk_mpi.h mpp_create &&
diff --git a/libavutil/aes.c b/libavutil/aes.c
index 7fe42a5548..3a0d4e1385 100644
--- a/libavutil/aes.c
+++ b/libavutil/aes.c
@@ -39,6 +39,7 @@ struct AVAES *av_aes_alloc(void)
return av_mallocz(sizeof(struct AVAES));
}
+#if !CONFIG_LIBCRYPTO
static const uint8_t rcon[10] = {
0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36
};
@@ -137,7 +138,7 @@ static inline void aes_crypt(AVAES *a, int s, const uint8_t *sbox,
}
static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
- int count, uint8_t *iv)
+ int count, uint8_t *iv, int decrypt)
{
while (count--) {
addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
@@ -153,7 +154,7 @@ static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
}
static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
- int count, uint8_t *iv)
+ int count, uint8_t *iv, int decrypt)
{
while (count--) {
addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
@@ -168,12 +169,32 @@ static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
}
}
+#else
+
+static void aes_libcrypto(AVAES *a, uint8_t *dst, const uint8_t *src,
+ int count, uint8_t *iv, int decrypt)
+{
+ if (iv)
+ AES_cbc_encrypt((const unsigned char *)src,
+ (unsigned char *)dst,
+ count, &a->key,
+ (unsigned char *)iv, !decrypt);
+ else {
+ for (int i = 0; i < count; i++)
+ AES_ecb_encrypt((const unsigned char *)&src[i*16],
+ (unsigned char *)&dst[i*16],
+ &a->key, !decrypt);
+ }
+}
+#endif
+
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src,
int count, uint8_t *iv, int decrypt)
{
- a->crypt(a, dst, src, count, iv);
+ a->crypt(a, dst, src, count, iv, decrypt);
}
+#if !CONFIG_LIBCRYPTO
static void init_multbl2(uint32_t tbl[][256], const int c[4],
const uint8_t *log8, const uint8_t *alog8,
const uint8_t *sbox)
@@ -226,10 +247,19 @@ static av_cold void aes_init_static(void)
init_multbl2(enc_multbl, (const int[4]) { 0x2, 0x1, 0x1, 0x3 },
log8, alog8, sbox);
}
+#endif
// this is based on the reference AES code by Paulo Barreto and Vincent Rijmen
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
{
+#if CONFIG_LIBCRYPTO
+ int ret = decrypt ? AES_set_decrypt_key(key, key_bits, &a->key) :
+ AES_set_encrypt_key(key, key_bits, &a->key);
+ if (ret < 0)
+ return AVERROR_EXTERNAL;
+
+ a->crypt = aes_libcrypto;
+#else
int i, j, t, rconpointer = 0;
uint8_t tk[8][4];
int KC = key_bits >> 5;
@@ -278,6 +308,7 @@ int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
for (i = 0; i < (rounds + 1) >> 1; i++)
FFSWAP(av_aes_block, a->round_key[i], a->round_key[rounds - i]);
}
+#endif
return 0;
}
diff --git a/libavutil/aes_internal.h b/libavutil/aes_internal.h
index e2de382f26..6713798ce2 100644
--- a/libavutil/aes_internal.h
+++ b/libavutil/aes_internal.h
@@ -21,8 +21,13 @@
#ifndef AVUTIL_AES_INTERNAL_H
#define AVUTIL_AES_INTERNAL_H
+#include "config.h"
+
#include "mem_internal.h"
#include <stdint.h>
+#if CONFIG_LIBCRYPTO
+#include <openssl/aes.h>
+#endif
typedef union {
uint64_t u64[2];
@@ -32,12 +37,16 @@ typedef union {
} av_aes_block;
typedef struct AVAES {
+#if CONFIG_LIBCRYPTO
+ AES_KEY key;
+#else
// Note: round_key[16] is accessed in the init code, but this only
// overwrites state, which does not matter (see also commit ba554c0).
DECLARE_ALIGNED(16, av_aes_block, round_key)[15];
DECLARE_ALIGNED(16, av_aes_block, state)[2];
int rounds;
- void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv);
+#endif
+ void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decript);
} AVAES;
void ff_init_aes_x86(AVAES *a, int decrypt);
diff --git a/libavutil/x86/aes_init.c b/libavutil/x86/aes_init.c
index f825e0799c..54487e8832 100644
--- a/libavutil/x86/aes_init.c
+++ b/libavutil/x86/aes_init.c
@@ -37,6 +37,7 @@ void ff_aes_encrypt_14_aesni(AVAES *a, uint8_t *dst, const uint8_t *src,
void ff_init_aes_x86(AVAES *a, int decrypt)
{
+#if !CONFIG_LIBCRYPTO
int cpu_flags = av_get_cpu_flags();
if (EXTERNAL_AESNI(cpu_flags)) {
@@ -47,4 +48,5 @@ void ff_init_aes_x86(AVAES *a, int decrypt)
else if (a->rounds == 14)
a->crypt = decrypt ? ff_aes_decrypt_14_aesni : ff_aes_encrypt_14_aesni;
}
+#endif
}
--
2.49.0
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation James Almer
@ 2025-06-11 6:02 ` Andreas Rheinhardt
0 siblings, 0 replies; 4+ messages in thread
From: Andreas Rheinhardt @ 2025-06-11 6:02 UTC (permalink / raw)
To: ffmpeg-devel
James Almer:
> OpenSSL has optimizations for more architectures than x86-AESNI, so use it if
> libavutil is configured with libcrypto explicitly (Enabling OpenSSL alone will
> not make use of it).
>
> Signed-off-by: James Almer <jamrial@gmail.com>
> ---
> configure | 8 +++++++-
> libavutil/aes.c | 37 ++++++++++++++++++++++++++++++++++---
> libavutil/aes_internal.h | 11 ++++++++++-
> libavutil/x86/aes_init.c | 2 ++
> 4 files changed, 53 insertions(+), 5 deletions(-)
>
> diff --git a/configure b/configure
> index 534b443f7d..c7b4fbb2fe 100755
> --- a/configure
> +++ b/configure
> @@ -223,6 +223,7 @@ External library support:
> --enable-libcelt enable CELT decoding via libcelt [no]
> --enable-libcdio enable audio CD grabbing with libcdio [no]
> --enable-libcodec2 enable codec2 en/decoding using libcodec2 [no]
> + --enable-libcrypto enable crypto via libcrypto (AES only) [no]
> --enable-libdav1d enable AV1 decoding via libdav1d [no]
> --enable-libdavs2 enable AVS2 decoding via libdavs2 [no]
> --enable-libdc1394 enable IIDC-1394 grabbing using libdc1394
> @@ -1931,6 +1932,7 @@ EXTERNAL_LIBRARY_LIST="
> libcaca
> libcelt
> libcodec2
> + libcrypto
> libdav1d
> libdc1394
> libflite
> @@ -4091,7 +4093,7 @@ avfilter_deps="avutil"
> avfilter_suggest="libm stdatomic spirv_compiler"
> avformat_deps="avcodec avutil"
> avformat_suggest="libm network zlib stdatomic"
> -avutil_suggest="clock_gettime ffnvcodec gcrypt libm libdrm libmfx opencl openssl user32 vaapi vulkan videotoolbox corefoundation corevideo coremedia bcrypt stdatomic"
> +avutil_suggest="clock_gettime ffnvcodec gcrypt libcrypto libm libdrm libmfx opencl openssl user32 vaapi vulkan videotoolbox corefoundation corevideo coremedia bcrypt stdatomic"
> swresample_deps="avutil"
> swresample_suggest="libm libsoxr stdatomic"
> swscale_deps="avutil"
> @@ -7193,6 +7195,10 @@ enabled openssl && { { check_pkg_config openssl "openssl >= 3.0.0" ope
> check_lib openssl openssl/ssl.h SSL_library_init -lssl32 -leay32 ||
> check_lib openssl openssl/ssl.h SSL_library_init -lssl -lcrypto -lws2_32 -lgdi32 ||
> die "ERROR: openssl not found"; }
> +enabled libcrypto && { { check_pkg_config libcrypto "libcrypto >= 3.0.0" openssl/aes.h AES_set_encrypt_key &&
> + { enabled gplv3 || ! enabled gpl || enabled nonfree || die "ERROR: OpenSSL-libcrypto >= 3.0.0 requires --enable-version3"; }; } ||
> + { enabled gpl && ! enabled nonfree && die "ERROR: OpenSSL-libcrypto < 3.0.0 is incompatible with the gpl"; } ||
> + require_pkg_config libcrypto libcrypto openssl/aes.h AES_set_encrypt_key; }
> enabled pocketsphinx && require_pkg_config pocketsphinx pocketsphinx pocketsphinx/pocketsphinx.h ps_init
> enabled rkmpp && { require_pkg_config rkmpp rockchip_mpp rockchip/rk_mpi.h mpp_create &&
> require_pkg_config rockchip_mpp "rockchip_mpp >= 1.3.7" rockchip/rk_mpi.h mpp_create &&
> diff --git a/libavutil/aes.c b/libavutil/aes.c
> index 7fe42a5548..3a0d4e1385 100644
> --- a/libavutil/aes.c
> +++ b/libavutil/aes.c
> @@ -39,6 +39,7 @@ struct AVAES *av_aes_alloc(void)
> return av_mallocz(sizeof(struct AVAES));
> }
>
> +#if !CONFIG_LIBCRYPTO
> static const uint8_t rcon[10] = {
> 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36
> };
> @@ -137,7 +138,7 @@ static inline void aes_crypt(AVAES *a, int s, const uint8_t *sbox,
> }
>
> static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
> - int count, uint8_t *iv)
> + int count, uint8_t *iv, int decrypt)
> {
> while (count--) {
> addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
> @@ -153,7 +154,7 @@ static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
> }
>
> static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
> - int count, uint8_t *iv)
> + int count, uint8_t *iv, int decrypt)
> {
> while (count--) {
> addkey_s(&a->state[1], src, &a->round_key[a->rounds]);
> @@ -168,12 +169,32 @@ static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src,
> }
> }
>
> +#else
> +
> +static void aes_libcrypto(AVAES *a, uint8_t *dst, const uint8_t *src,
> + int count, uint8_t *iv, int decrypt)
> +{
> + if (iv)
> + AES_cbc_encrypt((const unsigned char *)src,
> + (unsigned char *)dst,
> + count, &a->key,
> + (unsigned char *)iv, !decrypt);
> + else {
> + for (int i = 0; i < count; i++)
> + AES_ecb_encrypt((const unsigned char *)&src[i*16],
> + (unsigned char *)&dst[i*16],
Casts seem pointless. Lots of other part of the code presume that
uint8_t* and unsigned char* are compatible.
> + &a->key, !decrypt);
> + }
> +}
> +#endif
> +
> void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src,
> int count, uint8_t *iv, int decrypt)
> {
> - a->crypt(a, dst, src, count, iv);
> + a->crypt(a, dst, src, count, iv, decrypt);
This new argument can be #if'ed away.
> }
>
> +#if !CONFIG_LIBCRYPTO
> static void init_multbl2(uint32_t tbl[][256], const int c[4],
> const uint8_t *log8, const uint8_t *alog8,
> const uint8_t *sbox)
> @@ -226,10 +247,19 @@ static av_cold void aes_init_static(void)
> init_multbl2(enc_multbl, (const int[4]) { 0x2, 0x1, 0x1, 0x3 },
> log8, alog8, sbox);
> }
> +#endif
>
> // this is based on the reference AES code by Paulo Barreto and Vincent Rijmen
> int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
> {
> +#if CONFIG_LIBCRYPTO
> + int ret = decrypt ? AES_set_decrypt_key(key, key_bits, &a->key) :
> + AES_set_encrypt_key(key, key_bits, &a->key);
> + if (ret < 0)
> + return AVERROR_EXTERNAL;
> +
> + a->crypt = aes_libcrypto;
> +#else
> int i, j, t, rconpointer = 0;
> uint8_t tk[8][4];
> int KC = key_bits >> 5;
> @@ -278,6 +308,7 @@ int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
> for (i = 0; i < (rounds + 1) >> 1; i++)
> FFSWAP(av_aes_block, a->round_key[i], a->round_key[rounds - i]);
> }
> +#endif
>
> return 0;
> }
> diff --git a/libavutil/aes_internal.h b/libavutil/aes_internal.h
> index e2de382f26..6713798ce2 100644
> --- a/libavutil/aes_internal.h
> +++ b/libavutil/aes_internal.h
> @@ -21,8 +21,13 @@
> #ifndef AVUTIL_AES_INTERNAL_H
> #define AVUTIL_AES_INTERNAL_H
>
> +#include "config.h"
> +
> #include "mem_internal.h"
> #include <stdint.h>
> +#if CONFIG_LIBCRYPTO
> +#include <openssl/aes.h>
> +#endif
>
> typedef union {
> uint64_t u64[2];
> @@ -32,12 +37,16 @@ typedef union {
> } av_aes_block;
>
> typedef struct AVAES {
> +#if CONFIG_LIBCRYPTO
> + AES_KEY key;
> +#else
> // Note: round_key[16] is accessed in the init code, but this only
> // overwrites state, which does not matter (see also commit ba554c0).
> DECLARE_ALIGNED(16, av_aes_block, round_key)[15];
> DECLARE_ALIGNED(16, av_aes_block, state)[2];
> int rounds;
> - void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv);
> +#endif
> + void (*crypt)(struct AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decript);
> } AVAES;
>
> void ff_init_aes_x86(AVAES *a, int decrypt);
> diff --git a/libavutil/x86/aes_init.c b/libavutil/x86/aes_init.c
> index f825e0799c..54487e8832 100644
> --- a/libavutil/x86/aes_init.c
> +++ b/libavutil/x86/aes_init.c
> @@ -37,6 +37,7 @@ void ff_aes_encrypt_14_aesni(AVAES *a, uint8_t *dst, const uint8_t *src,
>
> void ff_init_aes_x86(AVAES *a, int decrypt)
> {
> +#if !CONFIG_LIBCRYPTO
> int cpu_flags = av_get_cpu_flags();
>
> if (EXTERNAL_AESNI(cpu_flags)) {
> @@ -47,4 +48,5 @@ void ff_init_aes_x86(AVAES *a, int decrypt)
> else if (a->rounds == 14)
> a->crypt = decrypt ? ff_aes_decrypt_14_aesni : ff_aes_encrypt_14_aesni;
> }
> +#endif
> }
Is this better than our implementation for x86 with AESNI?
Apart from that: If you don't need anything from ff_init_aes_x86(), then
it should not be exist, i.e. it should not be compiled (and neither
should the asm file).
- Andreas
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-06-11 6:03 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-06-11 1:54 [FFmpeg-devel] [PATCH 1/3] avutil/aes_ctr: rename AES_BLOCK_SIZE to FF_AES_BLOCK_SIZE James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 2/3] avutil/aes: remove superfluous rounds argument James Almer
2025-06-11 1:54 ` [FFmpeg-devel] [PATCH 3/3] avutil/aes: add an OpenSSL-libcrypto backed implementation James Almer
2025-06-11 6:02 ` Andreas Rheinhardt
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git