diff options
author | mrezai <mhd.rezai@gmail.com> | 2016-04-15 19:03:35 +0430 |
---|---|---|
committer | mrezai <mhd.rezai@gmail.com> | 2016-04-15 19:03:35 +0430 |
commit | e97922f22038e9049ed4c2db5b3736dfaa0edde3 (patch) | |
tree | 37e036a343e7482a387b7acd0a88509af78a69eb /drivers/builtin_openssl2/crypto/rc4 | |
parent | 880f4abda44a42532abb6f15999a90bc85f6264a (diff) |
Update OpenSSL to version 1.0.2g
Diffstat (limited to 'drivers/builtin_openssl2/crypto/rc4')
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/asm/rc4-586.pl | 410 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/asm/rc4-ia64.pl | 755 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/asm/rc4-md5-x86_64.pl | 632 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/asm/rc4-parisc.pl | 314 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/asm/rc4-s390x.pl | 234 | ||||
-rwxr-xr-x | drivers/builtin_openssl2/crypto/rc4/asm/rc4-x86_64.pl | 677 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/rc4_enc.c | 2 | ||||
-rw-r--r-- | drivers/builtin_openssl2/crypto/rc4/rc4test.c | 235 |
8 files changed, 1 insertions, 3258 deletions
diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-586.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-586.pl deleted file mode 100644 index 5c9ac6ad28..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-586.pl +++ /dev/null @@ -1,410 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# At some point it became apparent that the original SSLeay RC4 -# assembler implementation performs suboptimally on latest IA-32 -# microarchitectures. After re-tuning performance has changed as -# following: -# -# Pentium -10% -# Pentium III +12% -# AMD +50%(*) -# P4 +250%(**) -# -# (*) This number is actually a trade-off:-) It's possible to -# achieve +72%, but at the cost of -48% off PIII performance. -# In other words code performing further 13% faster on AMD -# would perform almost 2 times slower on Intel PIII... -# For reference! This code delivers ~80% of rc4-amd64.pl -# performance on the same Opteron machine. -# (**) This number requires compressed key schedule set up by -# RC4_set_key [see commentary below for further details]. -# -# <appro@fy.chalmers.se> - -# May 2011 -# -# Optimize for Core2 and Westmere [and incidentally Opteron]. Current -# performance in cycles per processed byte (less is better) and -# improvement relative to previous version of this module is: -# -# Pentium 10.2 # original numbers -# Pentium III 7.8(*) -# Intel P4 7.5 -# -# Opteron 6.1/+20% # new MMX numbers -# Core2 5.3/+67%(**) -# Westmere 5.1/+94%(**) -# Sandy Bridge 5.0/+8% -# Atom 12.6/+6% -# -# (*) PIII can actually deliver 6.6 cycles per byte with MMX code, -# but this specific code performs poorly on Core2. And vice -# versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs -# poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU -# [anymore], I chose to discard PIII-specific code path and opt -# for original IALU-only code, which is why MMX/SSE code path -# is guarded by SSE2 bit (see below), not MMX/SSE. -# (**) Performance vs. block size on Core2 and Westmere had a maximum -# at ... 64 bytes block size. And it was quite a maximum, 40-60% -# in comparison to largest 8KB block size. Above improvement -# coefficients are for the largest block size. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"rc4-586.pl"); - -$xx="eax"; -$yy="ebx"; -$tx="ecx"; -$ty="edx"; -$inp="esi"; -$out="ebp"; -$dat="edi"; - -sub RC4_loop { - my $i=shift; - my $func = ($i==0)?*mov:*or; - - &add (&LB($yy),&LB($tx)); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &add ($ty,$tx); - &inc (&LB($xx)); - &and ($ty,0xff); - &ror ($out,8) if ($i!=0); - if ($i<3) { - &mov ($tx,&DWP(0,$dat,$xx,4)); - } else { - &mov ($tx,&wparam(3)); # reload [re-biased] out - } - &$func ($out,&DWP(0,$dat,$ty,4)); -} - -if ($alt=0) { - # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron, - # but ~40% slower on Core2 and Westmere... Attempt to add movz - # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet - # on Core2 with movz it's almost 20% slower than below alternative - # code... Yes, it's a total mess... - my @XX=($xx,$out); - $RC4_loop_mmx = sub { # SSE actually... - my $i=shift; - my $j=$i<=0?0:$i>>1; - my $mm=$i<=0?"mm0":"mm".($i&1); - - &add (&LB($yy),&LB($tx)); - &lea (@XX[1],&DWP(1,@XX[0])); - &pxor ("mm2","mm0") if ($i==0); - &psllq ("mm1",8) if ($i==0); - &and (@XX[1],0xff); - &pxor ("mm0","mm0") if ($i<=0); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &pxor ("mm1","mm2") if ($i==0); - &mov (&DWP(0,$dat,$XX[0],4),$ty); - &add (&LB($ty),&LB($tx)); - &movd (@XX[0],"mm7") if ($i==0); - &mov ($tx,&DWP(0,$dat,@XX[1],4)); - &pxor ("mm1","mm1") if ($i==1); - &movq ("mm2",&QWP(0,$inp)) if ($i==1); - &movq (&QWP(-8,(@XX[0],$inp)),"mm1") if ($i==0); - &pinsrw ($mm,&DWP(0,$dat,$ty,4),$j); - - push (@XX,shift(@XX)) if ($i>=0); - } -} else { - # Using pinsrw here improves performane on Intel CPUs by 2-3%, but - # brings down AMD by 7%... - $RC4_loop_mmx = sub { - my $i=shift; - - &add (&LB($yy),&LB($tx)); - &psllq ("mm1",8*(($i-1)&7)) if (abs($i)!=1); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &inc ($xx); - &add ($ty,$tx); - &movz ($xx,&LB($xx)); # (*) - &movz ($ty,&LB($ty)); # (*) - &pxor ("mm2",$i==1?"mm0":"mm1") if ($i>=0); - &movq ("mm0",&QWP(0,$inp)) if ($i<=0); - &movq (&QWP(-8,($out,$inp)),"mm2") if ($i==0); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4)); - - # (*) This is the key to Core2 and Westmere performance. - # Whithout movz out-of-order execution logic confuses - # itself and fails to reorder loads and stores. Problem - # appears to be fixed in Sandy Bridge... - } -} - -&external_label("OPENSSL_ia32cap_P"); - -# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out); -&function_begin("RC4"); - &mov ($dat,&wparam(0)); # load key schedule pointer - &mov ($ty, &wparam(1)); # load len - &mov ($inp,&wparam(2)); # load inp - &mov ($out,&wparam(3)); # load out - - &xor ($xx,$xx); # avoid partial register stalls - &xor ($yy,$yy); - - &cmp ($ty,0); # safety net - &je (&label("abort")); - - &mov (&LB($xx),&BP(0,$dat)); # load key->x - &mov (&LB($yy),&BP(4,$dat)); # load key->y - &add ($dat,8); - - &lea ($tx,&DWP(0,$inp,$ty)); - &sub ($out,$inp); # re-bias out - &mov (&wparam(1),$tx); # save input+len - - &inc (&LB($xx)); - - # detect compressed key schedule... - &cmp (&DWP(256,$dat),-1); - &je (&label("RC4_CHAR")); - - &mov ($tx,&DWP(0,$dat,$xx,4)); - - &and ($ty,-4); # how many 4-byte chunks? - &jz (&label("loop1")); - - &test ($ty,-8); - &mov (&wparam(3),$out); # $out as accumulator in these loops - &jz (&label("go4loop4")); - - &picmeup($out,"OPENSSL_ia32cap_P"); - &bt (&DWP(0,$out),26); # check SSE2 bit [could have been MMX] - &jnc (&label("go4loop4")); - - &mov ($out,&wparam(3)) if (!$alt); - &movd ("mm7",&wparam(3)) if ($alt); - &and ($ty,-8); - &lea ($ty,&DWP(-8,$inp,$ty)); - &mov (&DWP(-4,$dat),$ty); # save input+(len/8)*8-8 - - &$RC4_loop_mmx(-1); - &jmp(&label("loop_mmx_enter")); - - &set_label("loop_mmx",16); - &$RC4_loop_mmx(0); - &set_label("loop_mmx_enter"); - for ($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); } - &mov ($ty,$yy); - &xor ($yy,$yy); # this is second key to Core2 - &mov (&LB($yy),&LB($ty)); # and Westmere performance... - &cmp ($inp,&DWP(-4,$dat)); - &lea ($inp,&DWP(8,$inp)); - &jb (&label("loop_mmx")); - - if ($alt) { - &movd ($out,"mm7"); - &pxor ("mm2","mm0"); - &psllq ("mm1",8); - &pxor ("mm1","mm2"); - &movq (&QWP(-8,$out,$inp),"mm1"); - } else { - &psllq ("mm1",56); - &pxor ("mm2","mm1"); - &movq (&QWP(-8,$out,$inp),"mm2"); - } - &emms (); - - &cmp ($inp,&wparam(1)); # compare to input+len - &je (&label("done")); - &jmp (&label("loop1")); - -&set_label("go4loop4",16); - &lea ($ty,&DWP(-4,$inp,$ty)); - &mov (&wparam(2),$ty); # save input+(len/4)*4-4 - - &set_label("loop4"); - for ($i=0;$i<4;$i++) { RC4_loop($i); } - &ror ($out,8); - &xor ($out,&DWP(0,$inp)); - &cmp ($inp,&wparam(2)); # compare to input+(len/4)*4-4 - &mov (&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here - &lea ($inp,&DWP(4,$inp)); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &jb (&label("loop4")); - - &cmp ($inp,&wparam(1)); # compare to input+len - &je (&label("done")); - &mov ($out,&wparam(3)); # restore $out - - &set_label("loop1",16); - &add (&LB($yy),&LB($tx)); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &add ($ty,$tx); - &inc (&LB($xx)); - &and ($ty,0xff); - &mov ($ty,&DWP(0,$dat,$ty,4)); - &xor (&LB($ty),&BP(0,$inp)); - &lea ($inp,&DWP(1,$inp)); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &cmp ($inp,&wparam(1)); # compare to input+len - &mov (&BP(-1,$out,$inp),&LB($ty)); - &jb (&label("loop1")); - - &jmp (&label("done")); - -# this is essentially Intel P4 specific codepath... -&set_label("RC4_CHAR",16); - &movz ($tx,&BP(0,$dat,$xx)); - # strangely enough unrolled loop performs over 20% slower... - &set_label("cloop1"); - &add (&LB($yy),&LB($tx)); - &movz ($ty,&BP(0,$dat,$yy)); - &mov (&BP(0,$dat,$yy),&LB($tx)); - &mov (&BP(0,$dat,$xx),&LB($ty)); - &add (&LB($ty),&LB($tx)); - &movz ($ty,&BP(0,$dat,$ty)); - &add (&LB($xx),1); - &xor (&LB($ty),&BP(0,$inp)); - &lea ($inp,&DWP(1,$inp)); - &movz ($tx,&BP(0,$dat,$xx)); - &cmp ($inp,&wparam(1)); - &mov (&BP(-1,$out,$inp),&LB($ty)); - &jb (&label("cloop1")); - -&set_label("done"); - &dec (&LB($xx)); - &mov (&DWP(-4,$dat),$yy); # save key->y - &mov (&BP(-8,$dat),&LB($xx)); # save key->x -&set_label("abort"); -&function_end("RC4"); - -######################################################################## - -$inp="esi"; -$out="edi"; -$idi="ebp"; -$ido="ecx"; -$idx="edx"; - -# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data); -&function_begin("private_RC4_set_key"); - &mov ($out,&wparam(0)); # load key - &mov ($idi,&wparam(1)); # load len - &mov ($inp,&wparam(2)); # load data - &picmeup($idx,"OPENSSL_ia32cap_P"); - - &lea ($out,&DWP(2*4,$out)); # &key->data - &lea ($inp,&DWP(0,$inp,$idi)); # $inp to point at the end - &neg ($idi); - &xor ("eax","eax"); - &mov (&DWP(-4,$out),$idi); # borrow key->y - - &bt (&DWP(0,$idx),20); # check for bit#20 - &jc (&label("c1stloop")); - -&set_label("w1stloop",16); - &mov (&DWP(0,$out,"eax",4),"eax"); # key->data[i]=i; - &add (&LB("eax"),1); # i++; - &jnc (&label("w1stloop")); - - &xor ($ido,$ido); - &xor ($idx,$idx); - -&set_label("w2ndloop",16); - &mov ("eax",&DWP(0,$out,$ido,4)); - &add (&LB($idx),&BP(0,$inp,$idi)); - &add (&LB($idx),&LB("eax")); - &add ($idi,1); - &mov ("ebx",&DWP(0,$out,$idx,4)); - &jnz (&label("wnowrap")); - &mov ($idi,&DWP(-4,$out)); - &set_label("wnowrap"); - &mov (&DWP(0,$out,$idx,4),"eax"); - &mov (&DWP(0,$out,$ido,4),"ebx"); - &add (&LB($ido),1); - &jnc (&label("w2ndloop")); -&jmp (&label("exit")); - -# Unlike all other x86 [and x86_64] implementations, Intel P4 core -# [including EM64T] was found to perform poorly with above "32-bit" key -# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded -# assembler turned out to be 3.5x if re-coded for compressed 8-bit one, -# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit -# schedule for x86[_64], because non-P4 implementations suffer from -# significant performance losses then, e.g. PIII exhibits >2x -# deterioration, and so does Opteron. In order to assure optimal -# all-round performance, we detect P4 at run-time and set up compressed -# key schedule, which is recognized by RC4 procedure. - -&set_label("c1stloop",16); - &mov (&BP(0,$out,"eax"),&LB("eax")); # key->data[i]=i; - &add (&LB("eax"),1); # i++; - &jnc (&label("c1stloop")); - - &xor ($ido,$ido); - &xor ($idx,$idx); - &xor ("ebx","ebx"); - -&set_label("c2ndloop",16); - &mov (&LB("eax"),&BP(0,$out,$ido)); - &add (&LB($idx),&BP(0,$inp,$idi)); - &add (&LB($idx),&LB("eax")); - &add ($idi,1); - &mov (&LB("ebx"),&BP(0,$out,$idx)); - &jnz (&label("cnowrap")); - &mov ($idi,&DWP(-4,$out)); - &set_label("cnowrap"); - &mov (&BP(0,$out,$idx),&LB("eax")); - &mov (&BP(0,$out,$ido),&LB("ebx")); - &add (&LB($ido),1); - &jnc (&label("c2ndloop")); - - &mov (&DWP(256,$out),-1); # mark schedule as compressed - -&set_label("exit"); - &xor ("eax","eax"); - &mov (&DWP(-8,$out),"eax"); # key->x=0; - &mov (&DWP(-4,$out),"eax"); # key->y=0; -&function_end("private_RC4_set_key"); - -# const char *RC4_options(void); -&function_begin_B("RC4_options"); - &call (&label("pic_point")); -&set_label("pic_point"); - &blindpop("eax"); - &lea ("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax")); - &picmeup("edx","OPENSSL_ia32cap_P"); - &mov ("edx",&DWP(0,"edx")); - &bt ("edx",20); - &jc (&label("1xchar")); - &bt ("edx",26); - &jnc (&label("ret")); - &add ("eax",25); - &ret (); -&set_label("1xchar"); - &add ("eax",12); -&set_label("ret"); - &ret (); -&set_label("opts",64); -&asciz ("rc4(4x,int)"); -&asciz ("rc4(1x,char)"); -&asciz ("rc4(8x,mmx)"); -&asciz ("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>"); -&align (64); -&function_end_B("RC4_options"); - -&asm_finish(); - diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-ia64.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-ia64.pl deleted file mode 100644 index 49cd5b5e69..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-ia64.pl +++ /dev/null @@ -1,755 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by David Mosberger <David.Mosberger@acm.org> based on the -# Itanium optimized Crypto code which was released by HP Labs at -# http://www.hpl.hp.com/research/linux/crypto/. -# -# Copyright (c) 2005 Hewlett-Packard Development Company, L.P. -# -# Permission is hereby granted, free of charge, to any person obtaining -# a copy of this software and associated documentation files (the -# "Software"), to deal in the Software without restriction, including -# without limitation the rights to use, copy, modify, merge, publish, -# distribute, sublicense, and/or sell copies of the Software, and to -# permit persons to whom the Software is furnished to do so, subject to -# the following conditions: -# -# The above copyright notice and this permission notice shall be -# included in all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ - - - -# This is a little helper program which generates a software-pipelined -# for RC4 encryption. The basic algorithm looks like this: -# -# for (counter = 0; counter < len; ++counter) -# { -# in = inp[counter]; -# SI = S[I]; -# J = (SI + J) & 0xff; -# SJ = S[J]; -# T = (SI + SJ) & 0xff; -# S[I] = SJ, S[J] = SI; -# ST = S[T]; -# outp[counter] = in ^ ST; -# I = (I + 1) & 0xff; -# } -# -# Pipelining this loop isn't easy, because the stores to the S[] array -# need to be observed in the right order. The loop generated by the -# code below has the following pipeline diagram: -# -# cycle -# | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 | -# iter -# 1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx -# 2: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx -# 3: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx -# -# where: -# LDI = load of S[I] -# LDJ = load of S[J] -# SWP = swap of S[I] and S[J] -# LDT = load of S[T] -# -# Note that in the above diagram, the major trouble-spot is that LDI -# of the 2nd iteration is performed BEFORE the SWP of the first -# iteration. Fortunately, this is easy to detect (I of the 1st -# iteration will be equal to J of the 2nd iteration) and when this -# happens, we simply forward the proper value from the 1st iteration -# to the 2nd one. The proper value in this case is simply the value -# of S[I] from the first iteration (thanks to the fact that SWP -# simply swaps the contents of S[I] and S[J]). -# -# Another potential trouble-spot is in cycle 7, where SWP of the 1st -# iteration issues at the same time as the LDI of the 3rd iteration. -# However, thanks to IA-64 execution semantics, this can be taken -# care of simply by placing LDI later in the instruction-group than -# SWP. IA-64 CPUs will automatically forward the value if they -# detect that the SWP and LDI are accessing the same memory-location. - -# The core-loop that can be pipelined then looks like this (annotated -# with McKinley/Madison issue port & latency numbers, assuming L1 -# cache hits for the most part): - -# operation: instruction: issue-ports: latency -# ------------------ ----------------------------- ------------- ------- - -# Data = *inp++ ld1 data = [inp], 1 M0-M1 1 cyc c0 -# shladd Iptr = I, KeyTable, 3 M0-M3, I0, I1 1 cyc -# I = (I + 1) & 0xff padd1 nextI = I, one M0-M3, I0, I1 3 cyc -# ;; -# SI = S[I] ld8 SI = [Iptr] M0-M1 1 cyc c1 * after SWAP! -# ;; -# cmp.eq.unc pBypass = I, J * after J is valid! -# J = SI + J add J = J, SI M0-M3, I0, I1 1 cyc c2 -# (pBypass) br.cond.spnt Bypass -# ;; -# --------------------------------------------------------------------------------------- -# J = J & 0xff zxt1 J = J I0, I1, 1 cyc c3 -# ;; -# shladd Jptr = J, KeyTable, 3 M0-M3, I0, I1 1 cyc c4 -# ;; -# SJ = S[J] ld8 SJ = [Jptr] M0-M1 1 cyc c5 -# ;; -# --------------------------------------------------------------------------------------- -# T = (SI + SJ) add T = SI, SJ M0-M3, I0, I1 1 cyc c6 -# ;; -# T = T & 0xff zxt1 T = T I0, I1 1 cyc -# S[I] = SJ st8 [Iptr] = SJ M2-M3 c7 -# S[J] = SI st8 [Jptr] = SI M2-M3 -# ;; -# shladd Tptr = T, KeyTable, 3 M0-M3, I0, I1 1 cyc c8 -# ;; -# --------------------------------------------------------------------------------------- -# T = S[T] ld8 T = [Tptr] M0-M1 1 cyc c9 -# ;; -# data ^= T xor data = data, T M0-M3, I0, I1 1 cyc c10 -# ;; -# *out++ = Data ^ T dep word = word, data, 8, POS I0, I1 1 cyc c11 -# ;; -# --------------------------------------------------------------------------------------- - -# There are several points worth making here: - -# - Note that due to the bypass/forwarding-path, the first two -# phases of the loop are strangly mingled together. In -# particular, note that the first stage of the pipeline is -# using the value of "J", as calculated by the second stage. -# - Each bundle-pair will have exactly 6 instructions. -# - Pipelined, the loop can execute in 3 cycles/iteration and -# 4 stages. However, McKinley/Madison can issue "st1" to -# the same bank at a rate of at most one per 4 cycles. Thus, -# instead of storing each byte, we accumulate them in a word -# and then write them back at once with a single "st8" (this -# implies that the setup code needs to ensure that the output -# buffer is properly aligned, if need be, by encoding the -# first few bytes separately). -# - There is no space for a "br.ctop" instruction. For this -# reason we can't use module-loop support in IA-64 and have -# to do a traditional, purely software-pipelined loop. -# - We can't replace any of the remaining "add/zxt1" pairs with -# "padd1" because the latency for that instruction is too high -# and would push the loop to the point where more bypasses -# would be needed, which we don't have space for. -# - The above loop runs at around 3.26 cycles/byte, or roughly -# 440 MByte/sec on a 1.5GHz Madison. This is well below the -# system bus bandwidth and hence with judicious use of -# "lfetch" this loop can run at (almost) peak speed even when -# the input and output data reside in memory. The -# max. latency that can be tolerated is (PREFETCH_DISTANCE * -# L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at -# least) 1-ahead prefetching of 128 byte cache-lines. Note -# that we do NOT prefetch into L1, since that would only -# interfere with the S[] table values stored there. This is -# acceptable because there is a 10 cycle latency between -# load and first use of the input data. -# - We use a branch to out-of-line bypass-code of cycle-pressure: -# we calculate the next J, check for the need to activate the -# bypass path, and activate the bypass path ALL IN THE SAME -# CYCLE. If we didn't have these constraints, we could do -# the bypass with a simple conditional move instruction. -# Fortunately, the bypass paths get activated relatively -# infrequently, so the extra branches don't cost all that much -# (about 0.04 cycles/byte, measured on a 16396 byte file with -# random input data). -# - -$phases = 4; # number of stages/phases in the pipelined-loop -$unroll_count = 6; # number of times we unrolled it -$pComI = (1 << 0); -$pComJ = (1 << 1); -$pComT = (1 << 2); -$pOut = (1 << 3); - -$NData = 4; -$NIP = 3; -$NJP = 2; -$NI = 2; -$NSI = 3; -$NSJ = 2; -$NT = 2; -$NOutWord = 2; - -# -# $threshold is the minimum length before we attempt to use the -# big software-pipelined loop. It MUST be greater-or-equal -# to: -# PHASES * (UNROLL_COUNT + 1) + 7 -# -# The "+ 7" comes from the fact we may have to encode up to -# 7 bytes separately before the output pointer is aligned. -# -$threshold = (3 * ($phases * ($unroll_count + 1)) + 7); - -sub I { - local *code = shift; - local $format = shift; - $code .= sprintf ("\t\t".$format."\n", @_); -} - -sub P { - local *code = shift; - local $format = shift; - $code .= sprintf ($format."\n", @_); -} - -sub STOP { - local *code = shift; - $code .=<<___; - ;; -___ -} - -sub emit_body { - local *c = shift; - local *bypass = shift; - local ($iteration, $p) = @_; - - local $i0 = $iteration; - local $i1 = $iteration - 1; - local $i2 = $iteration - 2; - local $i3 = $iteration - 3; - local $iw0 = ($iteration - 3) / 8; - local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1; - local $byte_num = ($iteration - 3) % 8; - local $label = $iteration + 1; - local $pAny = ($p & 0xf) == 0xf; - local $pByp = (($p & $pComI) && ($iteration > 0)); - - $c.=<<___; -////////////////////////////////////////////////// -___ - - if (($p & 0xf) == 0) { - $c.="#ifdef HOST_IS_BIG_ENDIAN\n"; - &I(\$c,"shr.u OutWord[%u] = OutWord[%u], 32;;", - $iw1 % $NOutWord, $iw1 % $NOutWord); - $c.="#endif\n"; - &I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord); - return; - } - - # Cycle 0 - &I(\$c, "{ .mmi") if ($pAny); - &I(\$c, "ld1 Data[%u] = [InPtr], 1", $i0 % $NData) if ($p & $pComI); - &I(\$c, "padd1 I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI); - &I(\$c, "zxt1 J = J") if ($p & $pComJ); - &I(\$c, "}") if ($pAny); - &I(\$c, "{ .mmi") if ($pAny); - &I(\$c, "LKEY T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT) if ($p & $pOut); - &I(\$c, "add T[%u] = SI[%u], SJ[%u]", - $i0 % $NT, $i2 % $NSI, $i1 % $NSJ) if ($p & $pComT); - &I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI); - &I(\$c, "}") if ($pAny); - &STOP(\$c); - - # Cycle 1 - &I(\$c, "{ .mmi") if ($pAny); - &I(\$c, "SKEY [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT); - &I(\$c, "SKEY [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT); - &I(\$c, "zxt1 T[%u] = T[%u]", $i0 % $NT, $i0 % $NT) if ($p & $pComT); - &I(\$c, "}") if ($pAny); - &I(\$c, "{ .mmi") if ($pAny); - &I(\$c, "LKEY SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI); - &I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP) if ($p & $pComJ); - &I(\$c, "xor Data[%u] = Data[%u], T[%u]", - $i3 % $NData, $i3 % $NData, $i1 % $NT) if ($p & $pOut); - &I(\$c, "}") if ($pAny); - &STOP(\$c); - - # Cycle 2 - &I(\$c, "{ .mmi") if ($pAny); - &I(\$c, "LKEY SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ); - &I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI) if ($pByp); - &I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8", - $iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut); - &I(\$c, "}") if ($pAny); - &I(\$c, "{ .mmb") if ($pAny); - &I(\$c, "add J = J, SI[%u]", $i0 % $NSI) if ($p & $pComI); - &I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT) if ($p & $pComT); - &P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp); - &I(\$c, "}") if ($pAny); - &STOP(\$c); - - &P(\$c, ".rc4Resume%u:", $label) if ($pByp); - if ($byte_num == 0 && $iteration >= $phases) { - &I(\$c, "st8 [OutPtr] = OutWord[%u], 8", - $iw1 % $NOutWord) if ($p & $pOut); - if ($iteration == (1 + $unroll_count) * $phases - 1) { - if ($unroll_count == 6) { - &I(\$c, "mov OutWord[%u] = OutWord[%u]", - $iw1 % $NOutWord, $iw0 % $NOutWord); - } - &I(\$c, "lfetch.nt1 [InPrefetch], %u", - $unroll_count * $phases); - &I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u", - $unroll_count * $phases); - &I(\$c, "br.cloop.sptk.few .rc4Loop"); - } - } - - if ($pByp) { - &P(\$bypass, ".rc4Bypass%u:", $label); - &I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI); - &I(\$bypass, "nop 0"); - &I(\$bypass, "nop 0"); - &I(\$bypass, ";;"); - &I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI); - &I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI); - &I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label); - &I(\$bypass, ";;"); - } -} - -$code=<<___; -.ident \"rc4-ia64.s, version 3.0\" -.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\" - -#define LCSave r8 -#define PRSave r9 - -/* Inputs become invalid once rotation begins! */ - -#define StateTable in0 -#define DataLen in1 -#define InputBuffer in2 -#define OutputBuffer in3 - -#define KTable r14 -#define J r15 -#define InPtr r16 -#define OutPtr r17 -#define InPrefetch r18 -#define OutPrefetch r19 -#define One r20 -#define LoopCount r21 -#define Remainder r22 -#define IFinal r23 -#define EndPtr r24 - -#define tmp0 r25 -#define tmp1 r26 - -#define pBypass p6 -#define pDone p7 -#define pSmall p8 -#define pAligned p9 -#define pUnaligned p10 - -#define pComputeI pPhase[0] -#define pComputeJ pPhase[1] -#define pComputeT pPhase[2] -#define pOutput pPhase[3] - -#define RetVal r8 -#define L_OK p7 -#define L_NOK p8 - -#define _NINPUTS 4 -#define _NOUTPUT 0 - -#define _NROTATE 24 -#define _NLOCALS (_NROTATE - _NINPUTS - _NOUTPUT) - -#ifndef SZ -# define SZ 4 // this must be set to sizeof(RC4_INT) -#endif - -#if SZ == 1 -# define LKEY ld1 -# define SKEY st1 -# define KEYADDR(dst, i) add dst = i, KTable -#elif SZ == 2 -# define LKEY ld2 -# define SKEY st2 -# define KEYADDR(dst, i) shladd dst = i, 1, KTable -#elif SZ == 4 -# define LKEY ld4 -# define SKEY st4 -# define KEYADDR(dst, i) shladd dst = i, 2, KTable -#else -# define LKEY ld8 -# define SKEY st8 -# define KEYADDR(dst, i) shladd dst = i, 3, KTable -#endif - -#if defined(_HPUX_SOURCE) && !defined(_LP64) -# define ADDP addp4 -#else -# define ADDP add -#endif - -/* Define a macro for the bit number of the n-th byte: */ - -#if defined(_HPUX_SOURCE) || defined(B_ENDIAN) -# define HOST_IS_BIG_ENDIAN -# define BYTE_POS(n) (56 - (8 * (n))) -#else -# define BYTE_POS(n) (8 * (n)) -#endif - -/* - We must perform the first phase of the pipeline explicitly since - we will always load from the stable the first time. The br.cexit - will never be taken since regardless of the number of bytes because - the epilogue count is 4. -*/ -/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX - assembler failed on original macro with syntax error. <appro> */ -#define MODSCHED_RC4_PROLOGUE \\ - { \\ - ld1 Data[0] = [InPtr], 1; \\ - add IFinal = 1, I[1]; \\ - KEYADDR(IPr[0], I[1]); \\ - } ;; \\ - { \\ - LKEY SI[0] = [IPr[0]]; \\ - mov pr.rot = 0x10000; \\ - mov ar.ec = 4; \\ - } ;; \\ - { \\ - add J = J, SI[0]; \\ - zxt1 I[0] = IFinal; \\ - br.cexit.spnt.few .+16; /* never taken */ \\ - } ;; -#define MODSCHED_RC4_LOOP(label) \\ -label: \\ - { .mmi; \\ - (pComputeI) ld1 Data[0] = [InPtr], 1; \\ - (pComputeI) add IFinal = 1, I[1]; \\ - (pComputeJ) zxt1 J = J; \\ - }{ .mmi; \\ - (pOutput) LKEY T[1] = [T[1]]; \\ - (pComputeT) add T[0] = SI[2], SJ[1]; \\ - (pComputeI) KEYADDR(IPr[0], I[1]); \\ - } ;; \\ - { .mmi; \\ - (pComputeT) SKEY [IPr[2]] = SJ[1]; \\ - (pComputeT) SKEY [JP[1]] = SI[2]; \\ - (pComputeT) zxt1 T[0] = T[0]; \\ - }{ .mmi; \\ - (pComputeI) LKEY SI[0] = [IPr[0]]; \\ - (pComputeJ) KEYADDR(JP[0], J); \\ - (pComputeI) cmp.eq.unc pBypass, p0 = I[1], J; \\ - } ;; \\ - { .mmi; \\ - (pComputeJ) LKEY SJ[0] = [JP[0]]; \\ - (pOutput) xor Data[3] = Data[3], T[1]; \\ - nop 0x0; \\ - }{ .mmi; \\ - (pComputeT) KEYADDR(T[0], T[0]); \\ - (pBypass) mov SI[0] = SI[1]; \\ - (pComputeI) zxt1 I[0] = IFinal; \\ - } ;; \\ - { .mmb; \\ - (pOutput) st1 [OutPtr] = Data[3], 1; \\ - (pComputeI) add J = J, SI[0]; \\ - br.ctop.sptk.few label; \\ - } ;; - - .text - - .align 32 - - .type RC4, \@function - .global RC4 - - .proc RC4 - .prologue - -RC4: - { - .mmi - alloc r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE - - .rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\ - OutWord[2] - .rotp pPhase[4] - - ADDP InPrefetch = 0, InputBuffer - ADDP KTable = 0, StateTable - } - { - .mmi - ADDP InPtr = 0, InputBuffer - ADDP OutPtr = 0, OutputBuffer - mov RetVal = r0 - } - ;; - { - .mmi - lfetch.nt1 [InPrefetch], 0x80 - ADDP OutPrefetch = 0, OutputBuffer - } - { // Return 0 if the input length is nonsensical - .mib - ADDP StateTable = 0, StateTable - cmp.ge.unc L_NOK, L_OK = r0, DataLen - (L_NOK) br.ret.sptk.few rp - } - ;; - { - .mib - cmp.eq.or L_NOK, L_OK = r0, InPtr - cmp.eq.or L_NOK, L_OK = r0, OutPtr - nop 0x0 - } - { - .mib - cmp.eq.or L_NOK, L_OK = r0, StateTable - nop 0x0 - (L_NOK) br.ret.sptk.few rp - } - ;; - LKEY I[1] = [KTable], SZ -/* Prefetch the state-table. It contains 256 elements of size SZ */ - -#if SZ == 1 - ADDP tmp0 = 1*128, StateTable -#elif SZ == 2 - ADDP tmp0 = 3*128, StateTable - ADDP tmp1 = 2*128, StateTable -#elif SZ == 4 - ADDP tmp0 = 7*128, StateTable - ADDP tmp1 = 6*128, StateTable -#elif SZ == 8 - ADDP tmp0 = 15*128, StateTable - ADDP tmp1 = 14*128, StateTable -#endif - ;; -#if SZ >= 8 - lfetch.fault.nt1 [tmp0], -256 // 15 - lfetch.fault.nt1 [tmp1], -256;; - lfetch.fault.nt1 [tmp0], -256 // 13 - lfetch.fault.nt1 [tmp1], -256;; - lfetch.fault.nt1 [tmp0], -256 // 11 - lfetch.fault.nt1 [tmp1], -256;; - lfetch.fault.nt1 [tmp0], -256 // 9 - lfetch.fault.nt1 [tmp1], -256;; -#endif -#if SZ >= 4 - lfetch.fault.nt1 [tmp0], -256 // 7 - lfetch.fault.nt1 [tmp1], -256;; - lfetch.fault.nt1 [tmp0], -256 // 5 - lfetch.fault.nt1 [tmp1], -256;; -#endif -#if SZ >= 2 - lfetch.fault.nt1 [tmp0], -256 // 3 - lfetch.fault.nt1 [tmp1], -256;; -#endif - { - .mii - lfetch.fault.nt1 [tmp0] // 1 - add I[1]=1,I[1];; - zxt1 I[1]=I[1] - } - { - .mmi - lfetch.nt1 [InPrefetch], 0x80 - lfetch.excl.nt1 [OutPrefetch], 0x80 - .save pr, PRSave - mov PRSave = pr - } ;; - { - .mmi - lfetch.excl.nt1 [OutPrefetch], 0x80 - LKEY J = [KTable], SZ - ADDP EndPtr = DataLen, InPtr - } ;; - { - .mmi - ADDP EndPtr = -1, EndPtr // Make it point to - // last data byte. - mov One = 1 - .save ar.lc, LCSave - mov LCSave = ar.lc - .body - } ;; - { - .mmb - sub Remainder = 0, OutPtr - cmp.gtu pSmall, p0 = $threshold, DataLen -(pSmall) br.cond.dpnt .rc4Remainder // Data too small for - // big loop. - } ;; - { - .mmi - and Remainder = 0x7, Remainder - ;; - cmp.eq pAligned, pUnaligned = Remainder, r0 - nop 0x0 - } ;; - { - .mmb -.pred.rel "mutex",pUnaligned,pAligned -(pUnaligned) add Remainder = -1, Remainder -(pAligned) sub Remainder = EndPtr, InPtr -(pAligned) br.cond.dptk.many .rc4Aligned - } ;; - { - .mmi - nop 0x0 - nop 0x0 - mov.i ar.lc = Remainder - } - -/* Do the initial few bytes via the compact, modulo-scheduled loop - until the output pointer is 8-byte-aligned. */ - - MODSCHED_RC4_PROLOGUE - MODSCHED_RC4_LOOP(.RC4AlignLoop) - - { - .mib - sub Remainder = EndPtr, InPtr - zxt1 IFinal = IFinal - clrrrb // Clear CFM.rrb.pr so - ;; // next "mov pr.rot = N" - // does the right thing. - } - { - .mmi - mov I[1] = IFinal - nop 0x0 - nop 0x0 - } ;; - - -.rc4Aligned: - -/* - Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases) - */ - - { - .mlx - add LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder - movl Remainder = 0xaaaaaaaaaaaaaaab - } ;; - { - .mmi - setf.sig f6 = LoopCount // M2, M3 6 cyc - setf.sig f7 = Remainder // M2, M3 6 cyc - nop 0x0 - } ;; - { - .mfb - nop 0x0 - xmpy.hu f6 = f6, f7 - nop 0x0 - } ;; - { - .mmi - getf.sig LoopCount = f6;; // M2 5 cyc - nop 0x0 - shr.u LoopCount = LoopCount, 4 - } ;; - { - .mmi - nop 0x0 - nop 0x0 - mov.i ar.lc = LoopCount - } ;; - -/* Now comes the unrolled loop: */ - -.rc4Prologue: -___ - -$iteration = 0; - -# Generate the prologue: -$predicates = 1; -for ($i = 0; $i < $phases; ++$i) { - &emit_body (\$code, \$bypass, $iteration++, $predicates); - $predicates = ($predicates << 1) | 1; -} - -$code.=<<___; -.rc4Loop: -___ - -# Generate the body: -for ($i = 0; $i < $unroll_count*$phases; ++$i) { - &emit_body (\$code, \$bypass, $iteration++, $predicates); -} - -$code.=<<___; -.rc4Epilogue: -___ - -# Generate the epilogue: -for ($i = 0; $i < $phases; ++$i) { - $predicates <<= 1; - &emit_body (\$code, \$bypass, $iteration++, $predicates); -} - -$code.=<<___; - { - .mmi - lfetch.nt1 [EndPtr] // fetch line with last byte - mov IFinal = I[1] - nop 0x0 - } - -.rc4Remainder: - { - .mmi - sub Remainder = EndPtr, InPtr // Calculate - // # of bytes - // left - 1 - nop 0x0 - nop 0x0 - } ;; - { - .mib - cmp.eq pDone, p0 = -1, Remainder // done already? - mov.i ar.lc = Remainder -(pDone) br.cond.dptk.few .rc4Complete - } - -/* Do the remaining bytes via the compact, modulo-scheduled loop */ - - MODSCHED_RC4_PROLOGUE - MODSCHED_RC4_LOOP(.RC4RestLoop) - -.rc4Complete: - { - .mmi - add KTable = -SZ, KTable - add IFinal = -1, IFinal - mov ar.lc = LCSave - } ;; - { - .mii - SKEY [KTable] = J,-SZ - zxt1 IFinal = IFinal - mov pr = PRSave, 0x1FFFF - } ;; - { - .mib - SKEY [KTable] = IFinal - add RetVal = 1, r0 - br.ret.sptk.few rp - } ;; -___ - -# Last but not least, emit the code for the bypass-code of the unrolled loop: - -$code.=$bypass; - -$code.=<<___; - .endp RC4 -___ - -print $code; diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-md5-x86_64.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-md5-x86_64.pl deleted file mode 100644 index 272fa91e1a..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-md5-x86_64.pl +++ /dev/null @@ -1,632 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# June 2011 -# -# This is RC4+MD5 "stitch" implementation. The idea, as spelled in -# http://download.intel.com/design/intarch/papers/323686.pdf, is that -# since both algorithms exhibit instruction-level parallelism, ILP, -# below theoretical maximum, interleaving them would allow to utilize -# processor resources better and achieve better performance. RC4 -# instruction sequence is virtually identical to rc4-x86_64.pl, which -# is heavily based on submission by Maxim Perminov, Maxim Locktyukhin -# and Jim Guilford of Intel. MD5 is fresh implementation aiming to -# minimize register usage, which was used as "main thread" with RC4 -# weaved into it, one RC4 round per one MD5 round. In addition to the -# stiched subroutine the script can generate standalone replacement -# md5_block_asm_data_order and RC4. Below are performance numbers in -# cycles per processed byte, less is better, for these the standalone -# subroutines, sum of them, and stitched one: -# -# RC4 MD5 RC4+MD5 stitch gain -# Opteron 6.5(*) 5.4 11.9 7.0 +70%(*) -# Core2 6.5 5.8 12.3 7.7 +60% -# Westmere 4.3 5.2 9.5 7.0 +36% -# Sandy Bridge 4.2 5.5 9.7 6.8 +43% -# Atom 9.3 6.5 15.8 11.1 +42% -# -# (*) rc4-x86_64.pl delivers 5.3 on Opteron, so real improvement -# is +53%... - -my ($rc4,$md5)=(1,1); # what to generate? -my $D="#" if (!$md5); # if set to "#", MD5 is stitched into RC4(), - # but its result is discarded. Idea here is - # to be able to use 'openssl speed rc4' for - # benchmarking the stitched subroutine... - -my $flavour = shift; -my $output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -my ($dat,$in0,$out,$ctx,$inp,$len, $func,$nargs); - -if ($rc4 && !$md5) { - ($dat,$len,$in0,$out) = ("%rdi","%rsi","%rdx","%rcx"); - $func="RC4"; $nargs=4; -} elsif ($md5 && !$rc4) { - ($ctx,$inp,$len) = ("%rdi","%rsi","%rdx"); - $func="md5_block_asm_data_order"; $nargs=3; -} else { - ($dat,$in0,$out,$ctx,$inp,$len) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9"); - $func="rc4_md5_enc"; $nargs=6; - # void rc4_md5_enc( - # RC4_KEY *key, # - # const void *in0, # RC4 input - # void *out, # RC4 output - # MD5_CTX *ctx, # - # const void *inp, # MD5 input - # size_t len); # number of 64-byte blocks -} - -my @K=( 0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee, - 0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501, - 0x698098d8,0x8b44f7af,0xffff5bb1,0x895cd7be, - 0x6b901122,0xfd987193,0xa679438e,0x49b40821, - - 0xf61e2562,0xc040b340,0x265e5a51,0xe9b6c7aa, - 0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8, - 0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed, - 0xa9e3e905,0xfcefa3f8,0x676f02d9,0x8d2a4c8a, - - 0xfffa3942,0x8771f681,0x6d9d6122,0xfde5380c, - 0xa4beea44,0x4bdecfa9,0xf6bb4b60,0xbebfbc70, - 0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05, - 0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665, - - 0xf4292244,0x432aff97,0xab9423a7,0xfc93a039, - 0x655b59c3,0x8f0ccc92,0xffeff47d,0x85845dd1, - 0x6fa87e4f,0xfe2ce6e0,0xa3014314,0x4e0811a1, - 0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391 ); - -my @V=("%r8d","%r9d","%r10d","%r11d"); # MD5 registers -my $tmp="%r12d"; - -my @XX=("%rbp","%rsi"); # RC4 registers -my @TX=("%rax","%rbx"); -my $YY="%rcx"; -my $TY="%rdx"; - -my $MOD=32; # 16, 32 or 64 - -$code.=<<___; -.text -.align 16 - -.globl $func -.type $func,\@function,$nargs -$func: - cmp \$0,$len - je .Labort - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - sub \$40,%rsp -.Lbody: -___ -if ($rc4) { -$code.=<<___; -$D#md5# mov $ctx,%r11 # reassign arguments - mov $len,%r12 - mov $in0,%r13 - mov $out,%r14 -$D#md5# mov $inp,%r15 -___ - $ctx="%r11" if ($md5); # reassign arguments - $len="%r12"; - $in0="%r13"; - $out="%r14"; - $inp="%r15" if ($md5); - $inp=$in0 if (!$md5); -$code.=<<___; - xor $XX[0],$XX[0] - xor $YY,$YY - - lea 8($dat),$dat - mov -8($dat),$XX[0]#b - mov -4($dat),$YY#b - - inc $XX[0]#b - sub $in0,$out - movl ($dat,$XX[0],4),$TX[0]#d -___ -$code.=<<___ if (!$md5); - xor $TX[1],$TX[1] - test \$-128,$len - jz .Loop1 - sub $XX[0],$TX[1] - and \$`$MOD-1`,$TX[1] - jz .Loop${MOD}_is_hot - sub $TX[1],$len -.Loop${MOD}_warmup: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($in0),$TY#b - movb $TY#b,($out,$in0) - lea 1($in0),$in0 - dec $TX[1] - jnz .Loop${MOD}_warmup - - mov $YY,$TX[1] - xor $YY,$YY - mov $TX[1]#b,$YY#b - -.Loop${MOD}_is_hot: - mov $len,32(%rsp) # save original $len - shr \$6,$len # number of 64-byte blocks -___ - if ($D && !$md5) { # stitch in dummy MD5 - $md5=1; - $ctx="%r11"; - $inp="%r15"; - $code.=<<___; - mov %rsp,$ctx - mov $in0,$inp -___ - } -} -$code.=<<___; -#rc4# add $TX[0]#b,$YY#b -#rc4# lea ($dat,$XX[0],4),$XX[1] - shl \$6,$len - add $inp,$len # pointer to the end of input - mov $len,16(%rsp) - -#md5# mov $ctx,24(%rsp) # save pointer to MD5_CTX -#md5# mov 0*4($ctx),$V[0] # load current hash value from MD5_CTX -#md5# mov 1*4($ctx),$V[1] -#md5# mov 2*4($ctx),$V[2] -#md5# mov 3*4($ctx),$V[3] - jmp .Loop - -.align 16 -.Loop: -#md5# mov $V[0],0*4(%rsp) # put aside current hash value -#md5# mov $V[1],1*4(%rsp) -#md5# mov $V[2],2*4(%rsp) -#md5# mov $V[3],$tmp # forward reference -#md5# mov $V[3],3*4(%rsp) -___ - -sub R0 { - my ($i,$a,$b,$c,$d)=@_; - my @rot0=(7,12,17,22); - my $j=$i%16; - my $k=$i%$MOD; - my $xmm="%xmm".($j&1); - $code.=" movdqu ($in0),%xmm2\n" if ($rc4 && $j==15); - $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1); - $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1); - $code.=<<___; -#rc4# movl ($dat,$YY,4),$TY#d -#md5# xor $c,$tmp -#rc4# movl $TX[0]#d,($dat,$YY,4) -#md5# and $b,$tmp -#md5# add 4*`$j`($inp),$a -#rc4# add $TY#b,$TX[0]#b -#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d -#md5# add \$$K[$i],$a -#md5# xor $d,$tmp -#rc4# movz $TX[0]#b,$TX[0]#d -#rc4# movl $TY#d,4*$k($XX[1]) -#md5# add $tmp,$a -#rc4# add $TX[1]#b,$YY#b -#md5# rol \$$rot0[$j%4],$a -#md5# mov `$j==15?"$b":"$c"`,$tmp # forward reference -#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n -#md5# add $b,$a -___ - $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1); - mov $YY,$XX[1] - xor $YY,$YY # keyword to partial register - mov $XX[1]#b,$YY#b - lea ($dat,$XX[0],4),$XX[1] -___ - $code.=<<___ if ($rc4 && $j==15); - psllq \$8,%xmm1 - pxor %xmm0,%xmm2 - pxor %xmm1,%xmm2 -___ -} -sub R1 { - my ($i,$a,$b,$c,$d)=@_; - my @rot1=(5,9,14,20); - my $j=$i%16; - my $k=$i%$MOD; - my $xmm="%xmm".($j&1); - $code.=" movdqu 16($in0),%xmm3\n" if ($rc4 && $j==15); - $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1); - $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1); - $code.=<<___; -#rc4# movl ($dat,$YY,4),$TY#d -#md5# xor $b,$tmp -#rc4# movl $TX[0]#d,($dat,$YY,4) -#md5# and $d,$tmp -#md5# add 4*`((1+5*$j)%16)`($inp),$a -#rc4# add $TY#b,$TX[0]#b -#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d -#md5# add \$$K[$i],$a -#md5# xor $c,$tmp -#rc4# movz $TX[0]#b,$TX[0]#d -#rc4# movl $TY#d,4*$k($XX[1]) -#md5# add $tmp,$a -#rc4# add $TX[1]#b,$YY#b -#md5# rol \$$rot1[$j%4],$a -#md5# mov `$j==15?"$c":"$b"`,$tmp # forward reference -#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n -#md5# add $b,$a -___ - $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1); - mov $YY,$XX[1] - xor $YY,$YY # keyword to partial register - mov $XX[1]#b,$YY#b - lea ($dat,$XX[0],4),$XX[1] -___ - $code.=<<___ if ($rc4 && $j==15); - psllq \$8,%xmm1 - pxor %xmm0,%xmm3 - pxor %xmm1,%xmm3 -___ -} -sub R2 { - my ($i,$a,$b,$c,$d)=@_; - my @rot2=(4,11,16,23); - my $j=$i%16; - my $k=$i%$MOD; - my $xmm="%xmm".($j&1); - $code.=" movdqu 32($in0),%xmm4\n" if ($rc4 && $j==15); - $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1); - $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1); - $code.=<<___; -#rc4# movl ($dat,$YY,4),$TY#d -#md5# xor $c,$tmp -#rc4# movl $TX[0]#d,($dat,$YY,4) -#md5# xor $b,$tmp -#md5# add 4*`((5+3*$j)%16)`($inp),$a -#rc4# add $TY#b,$TX[0]#b -#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d -#md5# add \$$K[$i],$a -#rc4# movz $TX[0]#b,$TX[0]#d -#md5# add $tmp,$a -#rc4# movl $TY#d,4*$k($XX[1]) -#rc4# add $TX[1]#b,$YY#b -#md5# rol \$$rot2[$j%4],$a -#md5# mov `$j==15?"\\\$-1":"$c"`,$tmp # forward reference -#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n -#md5# add $b,$a -___ - $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1); - mov $YY,$XX[1] - xor $YY,$YY # keyword to partial register - mov $XX[1]#b,$YY#b - lea ($dat,$XX[0],4),$XX[1] -___ - $code.=<<___ if ($rc4 && $j==15); - psllq \$8,%xmm1 - pxor %xmm0,%xmm4 - pxor %xmm1,%xmm4 -___ -} -sub R3 { - my ($i,$a,$b,$c,$d)=@_; - my @rot3=(6,10,15,21); - my $j=$i%16; - my $k=$i%$MOD; - my $xmm="%xmm".($j&1); - $code.=" movdqu 48($in0),%xmm5\n" if ($rc4 && $j==15); - $code.=" add \$$MOD,$XX[0]#b\n" if ($rc4 && $j==15 && $k==$MOD-1); - $code.=" pxor $xmm,$xmm\n" if ($rc4 && $j<=1); - $code.=<<___; -#rc4# movl ($dat,$YY,4),$TY#d -#md5# xor $d,$tmp -#rc4# movl $TX[0]#d,($dat,$YY,4) -#md5# or $b,$tmp -#md5# add 4*`((7*$j)%16)`($inp),$a -#rc4# add $TY#b,$TX[0]#b -#rc4# movl `4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d -#md5# add \$$K[$i],$a -#rc4# movz $TX[0]#b,$TX[0]#d -#md5# xor $c,$tmp -#rc4# movl $TY#d,4*$k($XX[1]) -#md5# add $tmp,$a -#rc4# add $TX[1]#b,$YY#b -#md5# rol \$$rot3[$j%4],$a -#md5# mov \$-1,$tmp # forward reference -#rc4# pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n -#md5# add $b,$a -___ - $code.=<<___ if ($rc4 && $j==15); - mov $XX[0],$XX[1] - xor $XX[0],$XX[0] # keyword to partial register - mov $XX[1]#b,$XX[0]#b - mov $YY,$XX[1] - xor $YY,$YY # keyword to partial register - mov $XX[1]#b,$YY#b - lea ($dat,$XX[0],4),$XX[1] - psllq \$8,%xmm1 - pxor %xmm0,%xmm5 - pxor %xmm1,%xmm5 -___ -} - -my $i=0; -for(;$i<16;$i++) { R0($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); } -for(;$i<32;$i++) { R1($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); } -for(;$i<48;$i++) { R2($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); } -for(;$i<64;$i++) { R3($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); } - -$code.=<<___; -#md5# add 0*4(%rsp),$V[0] # accumulate hash value -#md5# add 1*4(%rsp),$V[1] -#md5# add 2*4(%rsp),$V[2] -#md5# add 3*4(%rsp),$V[3] - -#rc4# movdqu %xmm2,($out,$in0) # write RC4 output -#rc4# movdqu %xmm3,16($out,$in0) -#rc4# movdqu %xmm4,32($out,$in0) -#rc4# movdqu %xmm5,48($out,$in0) -#md5# lea 64($inp),$inp -#rc4# lea 64($in0),$in0 - cmp 16(%rsp),$inp # are we done? - jb .Loop - -#md5# mov 24(%rsp),$len # restore pointer to MD5_CTX -#rc4# sub $TX[0]#b,$YY#b # correct $YY -#md5# mov $V[0],0*4($len) # write MD5_CTX -#md5# mov $V[1],1*4($len) -#md5# mov $V[2],2*4($len) -#md5# mov $V[3],3*4($len) -___ -$code.=<<___ if ($rc4 && (!$md5 || $D)); - mov 32(%rsp),$len # restore original $len - and \$63,$len # remaining bytes - jnz .Loop1 - jmp .Ldone - -.align 16 -.Loop1: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($in0),$TY#b - movb $TY#b,($out,$in0) - lea 1($in0),$in0 - dec $len - jnz .Loop1 - -.Ldone: -___ -$code.=<<___; -#rc4# sub \$1,$XX[0]#b -#rc4# movl $XX[0]#d,-8($dat) -#rc4# movl $YY#d,-4($dat) - - mov 40(%rsp),%r15 - mov 48(%rsp),%r14 - mov 56(%rsp),%r13 - mov 64(%rsp),%r12 - mov 72(%rsp),%rbp - mov 80(%rsp),%rbx - lea 88(%rsp),%rsp -.Lepilogue: -.Labort: - ret -.size $func,.-$func -___ - -if ($rc4 && $D) { # sole purpose of this section is to provide - # option to use the generated module as drop-in - # replacement for rc4-x86_64.pl for debugging - # and testing purposes... -my ($idx,$ido)=("%r8","%r9"); -my ($dat,$len,$inp)=("%rdi","%rsi","%rdx"); - -$code.=<<___; -.globl RC4_set_key -.type RC4_set_key,\@function,3 -.align 16 -RC4_set_key: - lea 8($dat),$dat - lea ($inp,$len),$inp - neg $len - mov $len,%rcx - xor %eax,%eax - xor $ido,$ido - xor %r10,%r10 - xor %r11,%r11 - jmp .Lw1stloop - -.align 16 -.Lw1stloop: - mov %eax,($dat,%rax,4) - add \$1,%al - jnc .Lw1stloop - - xor $ido,$ido - xor $idx,$idx -.align 16 -.Lw2ndloop: - mov ($dat,$ido,4),%r10d - add ($inp,$len,1),$idx#b - add %r10b,$idx#b - add \$1,$len - mov ($dat,$idx,4),%r11d - cmovz %rcx,$len - mov %r10d,($dat,$idx,4) - mov %r11d,($dat,$ido,4) - add \$1,$ido#b - jnc .Lw2ndloop - - xor %eax,%eax - mov %eax,-8($dat) - mov %eax,-4($dat) - ret -.size RC4_set_key,.-RC4_set_key - -.globl RC4_options -.type RC4_options,\@abi-omnipotent -.align 16 -RC4_options: - lea .Lopts(%rip),%rax - ret -.align 64 -.Lopts: -.asciz "rc4(64x,int)" -.align 64 -.size RC4_options,.-RC4_options -___ -} -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -my $rec="%rcx"; -my $frame="%rdx"; -my $context="%r8"; -my $disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type se_handler,\@abi-omnipotent -.align 16 -se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - lea .Lbody(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lbody - jb .Lin_prologue - - mov 152($context),%rax # pull context->Rsp - - lea .Lepilogue(%rip),%r10 - cmp %r10,%rbx # context->Rip>=.Lepilogue - jae .Lin_prologue - - mov 40(%rax),%r15 - mov 48(%rax),%r14 - mov 56(%rax),%r13 - mov 64(%rax),%r12 - mov 72(%rax),%rbp - mov 80(%rax),%rbx - lea 88(%rax),%rax - - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R12 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$154,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size se_handler,.-se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_$func - .rva .LSEH_end_$func - .rva .LSEH_info_$func - -.section .xdata -.align 8 -.LSEH_info_$func: - .byte 9,0,0,0 - .rva se_handler -___ -} - -sub reg_part { -my ($reg,$conv)=@_; - if ($reg =~ /%r[0-9]+/) { $reg .= $conv; } - elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; } - elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; } - elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; } - return $reg; -} - -$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem; -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/pinsrw\s+\$0,/movd /gm; - -$code =~ s/#md5#//gm if ($md5); -$code =~ s/#rc4#//gm if ($rc4); - -print $code; - -close STDOUT; diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-parisc.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-parisc.pl deleted file mode 100644 index ad7e65651c..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-parisc.pl +++ /dev/null @@ -1,314 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# RC4 for PA-RISC. - -# June 2009. -# -# Performance is 33% better than gcc 3.2 generated code on PA-7100LC. -# For reference, [4x] unrolled loop is >40% faster than folded one. -# It's possible to unroll loop 8 times on PA-RISC 2.0, but improvement -# is believed to be not sufficient to justify the effort... -# -# Special thanks to polarhome.com for providing HP-UX account. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; - -$flavour = shift; -$output = shift; -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; -} else { - $LEVEL ="1.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; -} - -$FRAME=4*$SIZE_T+$FRAME_MARKER; # 4 saved regs + frame marker - # [+ argument transfer] -$SZ=1; # defaults to RC4_CHAR -if (open CONF,"<${dir}../../opensslconf.h") { - while(<CONF>) { - if (m/#\s*define\s+RC4_INT\s+(.*)/) { - $SZ = ($1=~/char$/) ? 1 : 4; - last; - } - } - close CONF; -} - -if ($SZ==1) { # RC4_CHAR - $LD="ldb"; - $LDX="ldbx"; - $MKX="addl"; - $ST="stb"; -} else { # RC4_INT (~5% faster than RC4_CHAR on PA-7100LC) - $LD="ldw"; - $LDX="ldwx,s"; - $MKX="sh2addl"; - $ST="stw"; -} - -$key="%r26"; -$len="%r25"; -$inp="%r24"; -$out="%r23"; - -@XX=("%r19","%r20"); -@TX=("%r21","%r22"); -$YY="%r28"; -$TY="%r29"; - -$acc="%r1"; -$ix="%r2"; -$iy="%r3"; -$dat0="%r4"; -$dat1="%r5"; -$rem="%r6"; -$mask="%r31"; - -sub unrolledloopbody { -for ($i=0;$i<4;$i++) { -$code.=<<___; - ldo 1($XX[0]),$XX[1] - `sprintf("$LDX %$TY(%$key),%$dat1") if ($i>0)` - and $mask,$XX[1],$XX[1] - $LDX $YY($key),$TY - $MKX $YY,$key,$ix - $LDX $XX[1]($key),$TX[1] - $MKX $XX[0],$key,$iy - $ST $TX[0],0($ix) - comclr,<> $XX[1],$YY,%r0 ; conditional - copy $TX[0],$TX[1] ; move - `sprintf("%sdep %$dat1,%d,8,%$acc",$i==1?"z":"",8*($i-1)+7) if ($i>0)` - $ST $TY,0($iy) - addl $TX[0],$TY,$TY - addl $TX[1],$YY,$YY - and $mask,$TY,$TY - and $mask,$YY,$YY -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} } - -sub foldedloop { -my ($label,$count)=@_; -$code.=<<___; -$label - $MKX $YY,$key,$iy - $LDX $YY($key),$TY - $MKX $XX[0],$key,$ix - $ST $TX[0],0($iy) - ldo 1($XX[0]),$XX[0] - $ST $TY,0($ix) - addl $TX[0],$TY,$TY - ldbx $inp($out),$dat1 - and $mask,$TY,$TY - and $mask,$XX[0],$XX[0] - $LDX $TY($key),$acc - $LDX $XX[0]($key),$TX[0] - ldo 1($out),$out - xor $dat1,$acc,$acc - addl $TX[0],$YY,$YY - stb $acc,-1($out) - addib,<> -1,$count,$label ; $count is always small - and $mask,$YY,$YY -___ -} - -$code=<<___; - .LEVEL $LEVEL - .SPACE \$TEXT\$ - .SUBSPA \$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY - - .EXPORT RC4,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR -RC4 - .PROC - .CALLINFO FRAME=`$FRAME-4*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=6 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - - cmpib,*= 0,$len,L\$abort - sub $inp,$out,$inp ; distance between $inp and $out - - $LD `0*$SZ`($key),$XX[0] - $LD `1*$SZ`($key),$YY - ldo `2*$SZ`($key),$key - - ldi 0xff,$mask - ldi 3,$dat0 - - ldo 1($XX[0]),$XX[0] ; warm up loop - and $mask,$XX[0],$XX[0] - $LDX $XX[0]($key),$TX[0] - addl $TX[0],$YY,$YY - cmpib,*>>= 6,$len,L\$oop1 ; is $len large enough to bother? - and $mask,$YY,$YY - - and,<> $out,$dat0,$rem ; is $out aligned? - b L\$alignedout - subi 4,$rem,$rem - sub $len,$rem,$len -___ -&foldedloop("L\$alignout",$rem); # process till $out is aligned - -$code.=<<___; -L\$alignedout ; $len is at least 4 here - and,<> $inp,$dat0,$acc ; is $inp aligned? - b L\$oop4 - sub $inp,$acc,$rem ; align $inp - - sh3addl $acc,%r0,$acc - subi 32,$acc,$acc - mtctl $acc,%cr11 ; load %sar with vshd align factor - ldwx $rem($out),$dat0 - ldo 4($rem),$rem -L\$oop4misalignedinp -___ -&unrolledloopbody(); -$code.=<<___; - $LDX $TY($key),$ix - ldwx $rem($out),$dat1 - ldo -4($len),$len - or $ix,$acc,$acc ; last piece, no need to dep - vshd $dat0,$dat1,$iy ; align data - copy $dat1,$dat0 - xor $iy,$acc,$acc - stw $acc,0($out) - cmpib,*<< 3,$len,L\$oop4misalignedinp - ldo 4($out),$out - cmpib,*= 0,$len,L\$done - nop - b L\$oop1 - nop - - .ALIGN 8 -L\$oop4 -___ -&unrolledloopbody(); -$code.=<<___; - $LDX $TY($key),$ix - ldwx $inp($out),$dat0 - ldo -4($len),$len - or $ix,$acc,$acc ; last piece, no need to dep - xor $dat0,$acc,$acc - stw $acc,0($out) - cmpib,*<< 3,$len,L\$oop4 - ldo 4($out),$out - cmpib,*= 0,$len,L\$done - nop -___ -&foldedloop("L\$oop1",$len); -$code.=<<___; -L\$done - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 - ldo -1($XX[0]),$XX[0] ; chill out loop - sub $YY,$TX[0],$YY - and $mask,$XX[0],$XX[0] - and $mask,$YY,$YY - $ST $XX[0],`-2*$SZ`($key) - $ST $YY,`-1*$SZ`($key) - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 -L\$abort - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND -___ - -$code.=<<___; - - .EXPORT private_RC4_set_key,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR - .ALIGN 8 -private_RC4_set_key - .PROC - .CALLINFO NO_CALLS - .ENTRY - $ST %r0,`0*$SZ`($key) - $ST %r0,`1*$SZ`($key) - ldo `2*$SZ`($key),$key - copy %r0,@XX[0] -L\$1st - $ST @XX[0],0($key) - ldo 1(@XX[0]),@XX[0] - bb,>= @XX[0],`31-8`,L\$1st ; @XX[0]<256 - ldo $SZ($key),$key - - ldo `-256*$SZ`($key),$key ; rewind $key - addl $len,$inp,$inp ; $inp to point at the end - sub %r0,$len,%r23 ; inverse index - copy %r0,@XX[0] - copy %r0,@XX[1] - ldi 0xff,$mask - -L\$2nd - $LDX @XX[0]($key),@TX[0] - ldbx %r23($inp),@TX[1] - addi,nuv 1,%r23,%r23 ; increment and conditional - sub %r0,$len,%r23 ; inverse index - addl @TX[0],@XX[1],@XX[1] - addl @TX[1],@XX[1],@XX[1] - and $mask,@XX[1],@XX[1] - $MKX @XX[0],$key,$TY - $LDX @XX[1]($key),@TX[1] - $MKX @XX[1],$key,$YY - ldo 1(@XX[0]),@XX[0] - $ST @TX[0],0($YY) - bb,>= @XX[0],`31-8`,L\$2nd ; @XX[0]<256 - $ST @TX[1],0($TY) - - bv,n (%r2) - .EXIT - nop - .PROCEND - - .EXPORT RC4_options,ENTRY - .ALIGN 8 -RC4_options - .PROC - .CALLINFO NO_CALLS - .ENTRY - blr %r0,%r28 - ldi 3,%r1 -L\$pic - andcm %r28,%r1,%r28 - bv (%r2) - .EXIT - ldo L\$opts-L\$pic(%r28),%r28 - .PROCEND - .ALIGN 8 -L\$opts - .STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)" - .STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>" -___ -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4); -$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8); - -print $code; -close STDOUT; diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-s390x.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-s390x.pl deleted file mode 100644 index 7528ece13c..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-s390x.pl +++ /dev/null @@ -1,234 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# February 2009 -# -# Performance is 2x of gcc 3.4.6 on z10. Coding "secret" is to -# "cluster" Address Generation Interlocks, so that one pipeline stall -# resolves several dependencies. - -# November 2010. -# -# Adapt for -m31 build. If kernel supports what's called "highgprs" -# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit -# instructions and achieve "64-bit" performance even in 31-bit legacy -# application context. The feature is not specific to any particular -# processor, as long as it's "z-CPU". Latter implies that the code -# remains z/Architecture specific. On z990 it was measured to perform -# 50% better than code generated by gcc 4.3. - -$flavour = shift; - -if ($flavour =~ /3[12]/) { - $SIZE_T=4; - $g=""; -} else { - $SIZE_T=8; - $g="g"; -} - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$rp="%r14"; -$sp="%r15"; -$code=<<___; -.text - -___ - -# void RC4(RC4_KEY *key,size_t len,const void *inp,void *out) -{ -$acc="%r0"; -$cnt="%r1"; -$key="%r2"; -$len="%r3"; -$inp="%r4"; -$out="%r5"; - -@XX=("%r6","%r7"); -@TX=("%r8","%r9"); -$YY="%r10"; -$TY="%r11"; - -$code.=<<___; -.globl RC4 -.type RC4,\@function -.align 64 -RC4: - stm${g} %r6,%r11,6*$SIZE_T($sp) -___ -$code.=<<___ if ($flavour =~ /3[12]/); - llgfr $len,$len -___ -$code.=<<___; - llgc $XX[0],0($key) - llgc $YY,1($key) - la $XX[0],1($XX[0]) - nill $XX[0],0xff - srlg $cnt,$len,3 - ltgr $cnt,$cnt - llgc $TX[0],2($XX[0],$key) - jz .Lshort - j .Loop8 - -.align 64 -.Loop8: -___ -for ($i=0;$i<8;$i++) { -$code.=<<___; - la $YY,0($YY,$TX[0]) # $i - nill $YY,255 - la $XX[1],1($XX[0]) - nill $XX[1],255 -___ -$code.=<<___ if ($i==1); - llgc $acc,2($TY,$key) -___ -$code.=<<___ if ($i>1); - sllg $acc,$acc,8 - ic $acc,2($TY,$key) -___ -$code.=<<___; - llgc $TY,2($YY,$key) - stc $TX[0],2($YY,$key) - llgc $TX[1],2($XX[1],$key) - stc $TY,2($XX[0],$key) - cr $XX[1],$YY - jne .Lcmov$i - la $TX[1],0($TX[0]) -.Lcmov$i: - la $TY,0($TY,$TX[0]) - nill $TY,255 -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} - -$code.=<<___; - lg $TX[1],0($inp) - sllg $acc,$acc,8 - la $inp,8($inp) - ic $acc,2($TY,$key) - xgr $acc,$TX[1] - stg $acc,0($out) - la $out,8($out) - brctg $cnt,.Loop8 - -.Lshort: - lghi $acc,7 - ngr $len,$acc - jz .Lexit - j .Loop1 - -.align 16 -.Loop1: - la $YY,0($YY,$TX[0]) - nill $YY,255 - llgc $TY,2($YY,$key) - stc $TX[0],2($YY,$key) - stc $TY,2($XX[0],$key) - ar $TY,$TX[0] - ahi $XX[0],1 - nill $TY,255 - nill $XX[0],255 - llgc $acc,0($inp) - la $inp,1($inp) - llgc $TY,2($TY,$key) - llgc $TX[0],2($XX[0],$key) - xr $acc,$TY - stc $acc,0($out) - la $out,1($out) - brct $len,.Loop1 - -.Lexit: - ahi $XX[0],-1 - stc $XX[0],0($key) - stc $YY,1($key) - lm${g} %r6,%r11,6*$SIZE_T($sp) - br $rp -.size RC4,.-RC4 -.string "RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>" - -___ -} - -# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp) -{ -$cnt="%r0"; -$idx="%r1"; -$key="%r2"; -$len="%r3"; -$inp="%r4"; -$acc="%r5"; -$dat="%r6"; -$ikey="%r7"; -$iinp="%r8"; - -$code.=<<___; -.globl private_RC4_set_key -.type private_RC4_set_key,\@function -.align 64 -private_RC4_set_key: - stm${g} %r6,%r8,6*$SIZE_T($sp) - lhi $cnt,256 - la $idx,0(%r0) - sth $idx,0($key) -.align 4 -.L1stloop: - stc $idx,2($idx,$key) - la $idx,1($idx) - brct $cnt,.L1stloop - - lghi $ikey,-256 - lr $cnt,$len - la $iinp,0(%r0) - la $idx,0(%r0) -.align 16 -.L2ndloop: - llgc $acc,2+256($ikey,$key) - llgc $dat,0($iinp,$inp) - la $idx,0($idx,$acc) - la $ikey,1($ikey) - la $idx,0($idx,$dat) - nill $idx,255 - la $iinp,1($iinp) - tml $ikey,255 - llgc $dat,2($idx,$key) - stc $dat,2+256-1($ikey,$key) - stc $acc,2($idx,$key) - jz .Ldone - brct $cnt,.L2ndloop - lr $cnt,$len - la $iinp,0(%r0) - j .L2ndloop -.Ldone: - lm${g} %r6,%r8,6*$SIZE_T($sp) - br $rp -.size private_RC4_set_key,.-private_RC4_set_key - -___ -} - -# const char *RC4_options() -$code.=<<___; -.globl RC4_options -.type RC4_options,\@function -.align 16 -RC4_options: - larl %r2,.Loptions - br %r14 -.size RC4_options,.-RC4_options -.section .rodata -.Loptions: -.align 8 -.string "rc4(8x,char)" -___ - -print $code; -close STDOUT; # force flush diff --git a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-x86_64.pl b/drivers/builtin_openssl2/crypto/rc4/asm/rc4-x86_64.pl deleted file mode 100755 index 20722d3e72..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/asm/rc4-x86_64.pl +++ /dev/null @@ -1,677 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# July 2004 -# -# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in -# "hand-coded assembler"] doesn't stand for the whole improvement -# coefficient. It turned out that eliminating RC4_CHAR from config -# line results in ~40% improvement (yes, even for C implementation). -# Presumably it has everything to do with AMD cache architecture and -# RAW or whatever penalties. Once again! The module *requires* config -# line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' -# I simply 'inc %r8b'. Even though optimization manual discourages -# to operate on partial registers, it turned out to be the best bet. -# At least for AMD... How IA32E would perform remains to be seen... - -# November 2004 -# -# As was shown by Marc Bevand reordering of couple of load operations -# results in even higher performance gain of 3.3x:-) At least on -# Opteron... For reference, 1x in this case is RC4_CHAR C-code -# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock. -# Latter means that if you want to *estimate* what to expect from -# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz. - -# November 2004 -# -# Intel P4 EM64T core was found to run the AMD64 code really slow... -# The only way to achieve comparable performance on P4 was to keep -# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to -# compose blended code, which would perform even within 30% marginal -# on either AMD and Intel platforms, I implement both cases. See -# rc4_skey.c for further details... - -# April 2005 -# -# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing -# those with add/sub results in 50% performance improvement of folded -# loop... - -# May 2005 -# -# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T -# performance by >30% [unlike P4 32-bit case that is]. But this is -# provided that loads are reordered even more aggressively! Both code -# pathes, AMD64 and EM64T, reorder loads in essentially same manner -# as my IA-64 implementation. On Opteron this resulted in modest 5% -# improvement [I had to test it], while final Intel P4 performance -# achieves respectful 432MBps on 2.8GHz processor now. For reference. -# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than -# RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU ยต-arch detection -# is not implemented, then this final RC4_CHAR code-path should be -# preferred, as it provides better *all-round* performance]. - -# March 2007 -# -# Intel Core2 was observed to perform poorly on both code paths:-( It -# apparently suffers from some kind of partial register stall, which -# occurs in 64-bit mode only [as virtually identical 32-bit loop was -# observed to outperform 64-bit one by almost 50%]. Adding two movzb to -# cloop1 boosts its performance by 80%! This loop appears to be optimal -# fit for Core2 and therefore the code was modified to skip cloop8 on -# this CPU. - -# May 2010 -# -# Intel Westmere was observed to perform suboptimally. Adding yet -# another movzb to cloop1 improved performance by almost 50%! Core2 -# performance is improved too, but nominally... - -# May 2011 -# -# The only code path that was not modified is P4-specific one. Non-P4 -# Intel code path optimization is heavily based on submission by Maxim -# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used -# some of the ideas even in attempt to optmize the original RC4_INT -# code path... Current performance in cycles per processed byte (less -# is better) and improvement coefficients relative to previous -# version of this module are: -# -# Opteron 5.3/+0%(*) -# P4 6.5 -# Core2 6.2/+15%(**) -# Westmere 4.2/+60% -# Sandy Bridge 4.2/+120% -# Atom 9.3/+80% -# -# (*) But corresponding loop has less instructions, which should have -# positive effect on upcoming Bulldozer, which has one less ALU. -# For reference, Intel code runs at 6.8 cpb rate on Opteron. -# (**) Note that Core2 result is ~15% lower than corresponding result -# for 32-bit code, meaning that it's possible to improve it, -# but more than likely at the cost of the others (see rc4-586.pl -# to get the idea)... - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$dat="%rdi"; # arg1 -$len="%rsi"; # arg2 -$inp="%rdx"; # arg3 -$out="%rcx"; # arg4 - -{ -$code=<<___; -.text -.extern OPENSSL_ia32cap_P - -.globl RC4 -.type RC4,\@function,4 -.align 16 -RC4: or $len,$len - jne .Lentry - ret -.Lentry: - push %rbx - push %r12 - push %r13 -.Lprologue: - mov $len,%r11 - mov $inp,%r12 - mov $out,%r13 -___ -my $len="%r11"; # reassign input arguments -my $inp="%r12"; -my $out="%r13"; - -my @XX=("%r10","%rsi"); -my @TX=("%rax","%rbx"); -my $YY="%rcx"; -my $TY="%rdx"; - -$code.=<<___; - xor $XX[0],$XX[0] - xor $YY,$YY - - lea 8($dat),$dat - mov -8($dat),$XX[0]#b - mov -4($dat),$YY#b - cmpl \$-1,256($dat) - je .LRC4_CHAR - mov OPENSSL_ia32cap_P(%rip),%r8d - xor $TX[1],$TX[1] - inc $XX[0]#b - sub $XX[0],$TX[1] - sub $inp,$out - movl ($dat,$XX[0],4),$TX[0]#d - test \$-16,$len - jz .Lloop1 - bt \$30,%r8d # Intel CPU? - jc .Lintel - and \$7,$TX[1] - lea 1($XX[0]),$XX[1] - jz .Loop8 - sub $TX[1],$len -.Loop8_warmup: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $TX[1] - jnz .Loop8_warmup - - lea 1($XX[0]),$XX[1] - jmp .Loop8 -.align 16 -.Loop8: -___ -for ($i=0;$i<8;$i++) { -$code.=<<___ if ($i==7); - add \$8,$XX[1]#b -___ -$code.=<<___; - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl `4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d - ror \$8,%r8 # ror is redundant when $i=0 - movl $TY#d,4*$i($dat,$XX[0],4) - add $TX[0]#b,$TY#b - movb ($dat,$TY,4),%r8b -___ -push(@TX,shift(@TX)); #push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - add \$8,$XX[0]#b - ror \$8,%r8 - sub \$8,$len - - xor ($inp),%r8 - mov %r8,($out,$inp) - lea 8($inp),$inp - - test \$-8,$len - jnz .Loop8 - cmp \$0,$len - jne .Lloop1 - jmp .Lexit - -.align 16 -.Lintel: - test \$-32,$len - jz .Lloop1 - and \$15,$TX[1] - jz .Loop16_is_hot - sub $TX[1],$len -.Loop16_warmup: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $TX[1] - jnz .Loop16_warmup - - mov $YY,$TX[1] - xor $YY,$YY - mov $TX[1]#b,$YY#b - -.Loop16_is_hot: - lea ($dat,$XX[0],4),$XX[1] -___ -sub RC4_loop { - my $i=shift; - my $j=$i<0?0:$i; - my $xmm="%xmm".($j&1); - - $code.=" add \$16,$XX[0]#b\n" if ($i==15); - $code.=" movdqu ($inp),%xmm2\n" if ($i==15); - $code.=" add $TX[0]#b,$YY#b\n" if ($i<=0); - $code.=" movl ($dat,$YY,4),$TY#d\n"; - $code.=" pxor %xmm0,%xmm2\n" if ($i==0); - $code.=" psllq \$8,%xmm1\n" if ($i==0); - $code.=" pxor $xmm,$xmm\n" if ($i<=1); - $code.=" movl $TX[0]#d,($dat,$YY,4)\n"; - $code.=" add $TY#b,$TX[0]#b\n"; - $code.=" movl `4*($j+1)`($XX[1]),$TX[1]#d\n" if ($i<15); - $code.=" movz $TX[0]#b,$TX[0]#d\n"; - $code.=" movl $TY#d,4*$j($XX[1])\n"; - $code.=" pxor %xmm1,%xmm2\n" if ($i==0); - $code.=" lea ($dat,$XX[0],4),$XX[1]\n" if ($i==15); - $code.=" add $TX[1]#b,$YY#b\n" if ($i<15); - $code.=" pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n"; - $code.=" movdqu %xmm2,($out,$inp)\n" if ($i==0); - $code.=" lea 16($inp),$inp\n" if ($i==0); - $code.=" movl ($XX[1]),$TX[1]#d\n" if ($i==15); -} - RC4_loop(-1); -$code.=<<___; - jmp .Loop16_enter -.align 16 -.Loop16: -___ - -for ($i=0;$i<16;$i++) { - $code.=".Loop16_enter:\n" if ($i==1); - RC4_loop($i); - push(@TX,shift(@TX)); # "rotate" registers -} -$code.=<<___; - mov $YY,$TX[1] - xor $YY,$YY # keyword to partial register - sub \$16,$len - mov $TX[1]#b,$YY#b - test \$-16,$len - jnz .Loop16 - - psllq \$8,%xmm1 - pxor %xmm0,%xmm2 - pxor %xmm1,%xmm2 - movdqu %xmm2,($out,$inp) - lea 16($inp),$inp - - cmp \$0,$len - jne .Lloop1 - jmp .Lexit - -.align 16 -.Lloop1: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $len - jnz .Lloop1 - jmp .Lexit - -.align 16 -.LRC4_CHAR: - add \$1,$XX[0]#b - movzb ($dat,$XX[0]),$TX[0]#d - test \$-8,$len - jz .Lcloop1 - jmp .Lcloop8 -.align 16 -.Lcloop8: - mov ($inp),%r8d - mov 4($inp),%r9d -___ -# unroll 2x4-wise, because 64-bit rotates kill Intel P4... -for ($i=0;$i<4;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%r8b - ror \$8,%r8d -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -for ($i=4;$i<8;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%r9b - ror \$8,%r9d -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - lea -8($len),$len - mov %r8d,($out) - lea 8($inp),$inp - mov %r9d,4($out) - lea 8($out),$out - - test \$-8,$len - jnz .Lcloop8 - cmp \$0,$len - jne .Lcloop1 - jmp .Lexit -___ -$code.=<<___; -.align 16 -.Lcloop1: - add $TX[0]#b,$YY#b - movzb $YY#b,$YY#d - movzb ($dat,$YY),$TY#d - movb $TX[0]#b,($dat,$YY) - movb $TY#b,($dat,$XX[0]) - add $TX[0]#b,$TY#b - add \$1,$XX[0]#b - movzb $TY#b,$TY#d - movzb $XX[0]#b,$XX[0]#d - movzb ($dat,$TY),$TY#d - movzb ($dat,$XX[0]),$TX[0]#d - xorb ($inp),$TY#b - lea 1($inp),$inp - movb $TY#b,($out) - lea 1($out),$out - sub \$1,$len - jnz .Lcloop1 - jmp .Lexit - -.align 16 -.Lexit: - sub \$1,$XX[0]#b - movl $XX[0]#d,-8($dat) - movl $YY#d,-4($dat) - - mov (%rsp),%r13 - mov 8(%rsp),%r12 - mov 16(%rsp),%rbx - add \$24,%rsp -.Lepilogue: - ret -.size RC4,.-RC4 -___ -} - -$idx="%r8"; -$ido="%r9"; - -$code.=<<___; -.globl private_RC4_set_key -.type private_RC4_set_key,\@function,3 -.align 16 -private_RC4_set_key: - lea 8($dat),$dat - lea ($inp,$len),$inp - neg $len - mov $len,%rcx - xor %eax,%eax - xor $ido,$ido - xor %r10,%r10 - xor %r11,%r11 - - mov OPENSSL_ia32cap_P(%rip),$idx#d - bt \$20,$idx#d # RC4_CHAR? - jc .Lc1stloop - jmp .Lw1stloop - -.align 16 -.Lw1stloop: - mov %eax,($dat,%rax,4) - add \$1,%al - jnc .Lw1stloop - - xor $ido,$ido - xor $idx,$idx -.align 16 -.Lw2ndloop: - mov ($dat,$ido,4),%r10d - add ($inp,$len,1),$idx#b - add %r10b,$idx#b - add \$1,$len - mov ($dat,$idx,4),%r11d - cmovz %rcx,$len - mov %r10d,($dat,$idx,4) - mov %r11d,($dat,$ido,4) - add \$1,$ido#b - jnc .Lw2ndloop - jmp .Lexit_key - -.align 16 -.Lc1stloop: - mov %al,($dat,%rax) - add \$1,%al - jnc .Lc1stloop - - xor $ido,$ido - xor $idx,$idx -.align 16 -.Lc2ndloop: - mov ($dat,$ido),%r10b - add ($inp,$len),$idx#b - add %r10b,$idx#b - add \$1,$len - mov ($dat,$idx),%r11b - jnz .Lcnowrap - mov %rcx,$len -.Lcnowrap: - mov %r10b,($dat,$idx) - mov %r11b,($dat,$ido) - add \$1,$ido#b - jnc .Lc2ndloop - movl \$-1,256($dat) - -.align 16 -.Lexit_key: - xor %eax,%eax - mov %eax,-8($dat) - mov %eax,-4($dat) - ret -.size private_RC4_set_key,.-private_RC4_set_key - -.globl RC4_options -.type RC4_options,\@abi-omnipotent -.align 16 -RC4_options: - lea .Lopts(%rip),%rax - mov OPENSSL_ia32cap_P(%rip),%edx - bt \$20,%edx - jc .L8xchar - bt \$30,%edx - jnc .Ldone - add \$25,%rax - ret -.L8xchar: - add \$12,%rax -.Ldone: - ret -.align 64 -.Lopts: -.asciz "rc4(8x,int)" -.asciz "rc4(8x,char)" -.asciz "rc4(16x,int)" -.asciz "RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>" -.align 64 -.size RC4_options,.-RC4_options -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type stream_se_handler,\@abi-omnipotent -.align 16 -stream_se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - lea .Lprologue(%rip),%r10 - cmp %r10,%rbx # context->Rip<prologue label - jb .Lin_prologue - - mov 152($context),%rax # pull context->Rsp - - lea .Lepilogue(%rip),%r10 - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_prologue - - lea 24(%rax),%rax - - mov -8(%rax),%rbx - mov -16(%rax),%r12 - mov -24(%rax),%r13 - mov %rbx,144($context) # restore context->Rbx - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - -.Lin_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - jmp .Lcommon_seh_exit -.size stream_se_handler,.-stream_se_handler - -.type key_se_handler,\@abi-omnipotent -.align 16 -key_se_handler: - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 152($context),%rax # pull context->Rsp - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - -.Lcommon_seh_exit: - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$154,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size key_se_handler,.-key_se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_RC4 - .rva .LSEH_end_RC4 - .rva .LSEH_info_RC4 - - .rva .LSEH_begin_private_RC4_set_key - .rva .LSEH_end_private_RC4_set_key - .rva .LSEH_info_private_RC4_set_key - -.section .xdata -.align 8 -.LSEH_info_RC4: - .byte 9,0,0,0 - .rva stream_se_handler -.LSEH_info_private_RC4_set_key: - .byte 9,0,0,0 - .rva key_se_handler -___ -} - -sub reg_part { -my ($reg,$conv)=@_; - if ($reg =~ /%r[0-9]+/) { $reg .= $conv; } - elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; } - elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; } - elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; } - return $reg; -} - -$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem; -$code =~ s/\`([^\`]*)\`/eval $1/gem; - -print $code; - -close STDOUT; diff --git a/drivers/builtin_openssl2/crypto/rc4/rc4_enc.c b/drivers/builtin_openssl2/crypto/rc4/rc4_enc.c index 6ebd54d46c..0f0a2487a7 100644 --- a/drivers/builtin_openssl2/crypto/rc4/rc4_enc.c +++ b/drivers/builtin_openssl2/crypto/rc4/rc4_enc.c @@ -79,7 +79,7 @@ void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, y = key->y; d = key->data; -#if defined(RC4_CHUNK) +#if defined(RC4_CHUNK) && !defined(PEDANTIC) /*- * The original reason for implementing this(*) was the fact that * pre-21164a Alpha CPUs don't have byte load/store instructions diff --git a/drivers/builtin_openssl2/crypto/rc4/rc4test.c b/drivers/builtin_openssl2/crypto/rc4/rc4test.c deleted file mode 100644 index e2bfbfa1fc..0000000000 --- a/drivers/builtin_openssl2/crypto/rc4/rc4test.c +++ /dev/null @@ -1,235 +0,0 @@ -/* crypto/rc4/rc4test.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include "../e_os.h" - -#ifdef OPENSSL_NO_RC4 -int main(int argc, char *argv[]) -{ - printf("No RC4 support\n"); - return (0); -} -#else -# include <openssl/rc4.h> -# include <openssl/sha.h> - -static unsigned char keys[7][30] = { - {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, - {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, - {8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, - {4, 0xef, 0x01, 0x23, 0x45}, - {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, - {4, 0xef, 0x01, 0x23, 0x45}, -}; - -static unsigned char data_len[7] = { 8, 8, 8, 20, 28, 10 }; - -static unsigned char data[7][30] = { - {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xff}, - {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xff}, - {0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, - 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, - 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, - 0x12, 0x34, 0x56, 0x78, 0xff}, - {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - {0}, -}; - -static unsigned char output[7][30] = { - {0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96, 0x00}, - {0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79, 0x00}, - {0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a, 0x00}, - {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, - 0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba, - 0x36, 0xb6, 0x78, 0x58, 0x00}, - {0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89, - 0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c, - 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87, - 0x40, 0x01, 0x1e, 0xcf, 0x00}, - {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, 0xbd, 0x61, 0x00}, - {0}, -}; - -int main(int argc, char *argv[]) -{ - int i, err = 0; - int j; - unsigned char *p; - RC4_KEY key; - unsigned char obuf[512]; - -# if !defined(OPENSSL_PIC) - void OPENSSL_cpuid_setup(void); - - OPENSSL_cpuid_setup(); -# endif - - for (i = 0; i < 6; i++) { - RC4_set_key(&key, keys[i][0], &(keys[i][1])); - memset(obuf, 0x00, sizeof(obuf)); - RC4(&key, data_len[i], &(data[i][0]), obuf); - if (memcmp(obuf, output[i], data_len[i] + 1) != 0) { - printf("error calculating RC4\n"); - printf("output:"); - for (j = 0; j < data_len[i] + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[i][0]); - for (j = 0; j < data_len[i] + 1; j++) - printf(" %02x", *(p++)); - printf("\n"); - err++; - } else - printf("test %d ok\n", i); - } - printf("test end processing "); - for (i = 0; i < data_len[3]; i++) { - RC4_set_key(&key, keys[3][0], &(keys[3][1])); - memset(obuf, 0x00, sizeof(obuf)); - RC4(&key, i, &(data[3][0]), obuf); - if ((memcmp(obuf, output[3], i) != 0) || (obuf[i] != 0)) { - printf("error in RC4 length processing\n"); - printf("output:"); - for (j = 0; j < i + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[3][0]); - for (j = 0; j < i; j++) - printf(" %02x", *(p++)); - printf(" 00\n"); - err++; - } else { - printf("."); - fflush(stdout); - } - } - printf("done\n"); - printf("test multi-call "); - for (i = 0; i < data_len[3]; i++) { - RC4_set_key(&key, keys[3][0], &(keys[3][1])); - memset(obuf, 0x00, sizeof(obuf)); - RC4(&key, i, &(data[3][0]), obuf); - RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i])); - if (memcmp(obuf, output[3], data_len[3] + 1) != 0) { - printf("error in RC4 multi-call processing\n"); - printf("output:"); - for (j = 0; j < data_len[3] + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[3][0]); - for (j = 0; j < data_len[3] + 1; j++) - printf(" %02x", *(p++)); - err++; - } else { - printf("."); - fflush(stdout); - } - } - printf("done\n"); - printf("bulk test "); - { - unsigned char buf[513]; - SHA_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; - static unsigned char expected[] = { - 0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f, - 0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5 - }; - - RC4_set_key(&key, keys[0][0], &(keys[3][1])); - memset(buf, '\0', sizeof(buf)); - SHA1_Init(&c); - for (i = 0; i < 2571; i++) { - RC4(&key, sizeof(buf), buf, buf); - SHA1_Update(&c, buf, sizeof(buf)); - } - SHA1_Final(md, &c); - - if (memcmp(md, expected, sizeof(md))) { - printf("error in RC4 bulk test\n"); - printf("output:"); - for (j = 0; j < (int)sizeof(md); j++) - printf(" %02x", md[j]); - printf("\n"); - printf("expect:"); - for (j = 0; j < (int)sizeof(md); j++) - printf(" %02x", expected[j]); - printf("\n"); - err++; - } else - printf("ok\n"); - } -# ifdef OPENSSL_SYS_NETWARE - if (err) - printf("ERROR: %d\n", err); -# endif - EXIT(err); - return (0); -} -#endif |