aesni-x86.S revision 1.10
1 #include <machine/asm.h> 2 .text 3 .globl aesni_encrypt 4 .type aesni_encrypt,@function 5 .align 16 6 aesni_encrypt: 7 .L_aesni_encrypt_begin: 8 movl 4(%esp),%eax 9 movl 12(%esp),%edx 10 movups (%eax),%xmm2 11 movl 240(%edx),%ecx 12 movl 8(%esp),%eax 13 movups (%edx),%xmm0 14 movups 16(%edx),%xmm1 15 leal 32(%edx),%edx 16 xorps %xmm0,%xmm2 17 .L000enc1_loop_1: 18 .byte 102,15,56,220,209 19 decl %ecx 20 movups (%edx),%xmm1 21 leal 16(%edx),%edx 22 jnz .L000enc1_loop_1 23 .byte 102,15,56,221,209 24 pxor %xmm0,%xmm0 25 pxor %xmm1,%xmm1 26 movups %xmm2,(%eax) 27 pxor %xmm2,%xmm2 28 ret 29 .size aesni_encrypt,.-.L_aesni_encrypt_begin 30 .globl aesni_decrypt 31 .type aesni_decrypt,@function 32 .align 16 33 aesni_decrypt: 34 .L_aesni_decrypt_begin: 35 movl 4(%esp),%eax 36 movl 12(%esp),%edx 37 movups (%eax),%xmm2 38 movl 240(%edx),%ecx 39 movl 8(%esp),%eax 40 movups (%edx),%xmm0 41 movups 16(%edx),%xmm1 42 leal 32(%edx),%edx 43 xorps %xmm0,%xmm2 44 .L001dec1_loop_2: 45 .byte 102,15,56,222,209 46 decl %ecx 47 movups (%edx),%xmm1 48 leal 16(%edx),%edx 49 jnz .L001dec1_loop_2 50 .byte 102,15,56,223,209 51 pxor %xmm0,%xmm0 52 pxor %xmm1,%xmm1 53 movups %xmm2,(%eax) 54 pxor %xmm2,%xmm2 55 ret 56 .size aesni_decrypt,.-.L_aesni_decrypt_begin 57 .type _aesni_encrypt2,@function 58 .align 16 59 _aesni_encrypt2: 60 movups (%edx),%xmm0 61 shll $4,%ecx 62 movups 16(%edx),%xmm1 63 xorps %xmm0,%xmm2 64 pxor %xmm0,%xmm3 65 movups 32(%edx),%xmm0 66 leal 32(%edx,%ecx,1),%edx 67 negl %ecx 68 addl $16,%ecx 69 .L002enc2_loop: 70 .byte 102,15,56,220,209 71 .byte 102,15,56,220,217 72 movups (%edx,%ecx,1),%xmm1 73 addl $32,%ecx 74 .byte 102,15,56,220,208 75 .byte 102,15,56,220,216 76 movups -16(%edx,%ecx,1),%xmm0 77 jnz .L002enc2_loop 78 .byte 102,15,56,220,209 79 .byte 102,15,56,220,217 80 .byte 102,15,56,221,208 81 .byte 102,15,56,221,216 82 ret 83 .size _aesni_encrypt2,.-_aesni_encrypt2 84 .type _aesni_decrypt2,@function 85 .align 16 86 _aesni_decrypt2: 87 movups (%edx),%xmm0 88 shll $4,%ecx 89 movups 16(%edx),%xmm1 90 xorps %xmm0,%xmm2 91 pxor %xmm0,%xmm3 92 movups 32(%edx),%xmm0 93 leal 32(%edx,%ecx,1),%edx 94 negl %ecx 95 addl $16,%ecx 96 .L003dec2_loop: 97 .byte 102,15,56,222,209 98 .byte 102,15,56,222,217 99 movups (%edx,%ecx,1),%xmm1 100 addl $32,%ecx 101 .byte 102,15,56,222,208 102 .byte 102,15,56,222,216 103 movups -16(%edx,%ecx,1),%xmm0 104 jnz .L003dec2_loop 105 .byte 102,15,56,222,209 106 .byte 102,15,56,222,217 107 .byte 102,15,56,223,208 108 .byte 102,15,56,223,216 109 ret 110 .size _aesni_decrypt2,.-_aesni_decrypt2 111 .type _aesni_encrypt3,@function 112 .align 16 113 _aesni_encrypt3: 114 movups (%edx),%xmm0 115 shll $4,%ecx 116 movups 16(%edx),%xmm1 117 xorps %xmm0,%xmm2 118 pxor %xmm0,%xmm3 119 pxor %xmm0,%xmm4 120 movups 32(%edx),%xmm0 121 leal 32(%edx,%ecx,1),%edx 122 negl %ecx 123 addl $16,%ecx 124 .L004enc3_loop: 125 .byte 102,15,56,220,209 126 .byte 102,15,56,220,217 127 .byte 102,15,56,220,225 128 movups (%edx,%ecx,1),%xmm1 129 addl $32,%ecx 130 .byte 102,15,56,220,208 131 .byte 102,15,56,220,216 132 .byte 102,15,56,220,224 133 movups -16(%edx,%ecx,1),%xmm0 134 jnz .L004enc3_loop 135 .byte 102,15,56,220,209 136 .byte 102,15,56,220,217 137 .byte 102,15,56,220,225 138 .byte 102,15,56,221,208 139 .byte 102,15,56,221,216 140 .byte 102,15,56,221,224 141 ret 142 .size _aesni_encrypt3,.-_aesni_encrypt3 143 .type _aesni_decrypt3,@function 144 .align 16 145 _aesni_decrypt3: 146 movups (%edx),%xmm0 147 shll $4,%ecx 148 movups 16(%edx),%xmm1 149 xorps %xmm0,%xmm2 150 pxor %xmm0,%xmm3 151 pxor %xmm0,%xmm4 152 movups 32(%edx),%xmm0 153 leal 32(%edx,%ecx,1),%edx 154 negl %ecx 155 addl $16,%ecx 156 .L005dec3_loop: 157 .byte 102,15,56,222,209 158 .byte 102,15,56,222,217 159 .byte 102,15,56,222,225 160 movups (%edx,%ecx,1),%xmm1 161 addl $32,%ecx 162 .byte 102,15,56,222,208 163 .byte 102,15,56,222,216 164 .byte 102,15,56,222,224 165 movups -16(%edx,%ecx,1),%xmm0 166 jnz .L005dec3_loop 167 .byte 102,15,56,222,209 168 .byte 102,15,56,222,217 169 .byte 102,15,56,222,225 170 .byte 102,15,56,223,208 171 .byte 102,15,56,223,216 172 .byte 102,15,56,223,224 173 ret 174 .size _aesni_decrypt3,.-_aesni_decrypt3 175 .type _aesni_encrypt4,@function 176 .align 16 177 _aesni_encrypt4: 178 movups (%edx),%xmm0 179 movups 16(%edx),%xmm1 180 shll $4,%ecx 181 xorps %xmm0,%xmm2 182 pxor %xmm0,%xmm3 183 pxor %xmm0,%xmm4 184 pxor %xmm0,%xmm5 185 movups 32(%edx),%xmm0 186 leal 32(%edx,%ecx,1),%edx 187 negl %ecx 188 .byte 15,31,64,0 189 addl $16,%ecx 190 .L006enc4_loop: 191 .byte 102,15,56,220,209 192 .byte 102,15,56,220,217 193 .byte 102,15,56,220,225 194 .byte 102,15,56,220,233 195 movups (%edx,%ecx,1),%xmm1 196 addl $32,%ecx 197 .byte 102,15,56,220,208 198 .byte 102,15,56,220,216 199 .byte 102,15,56,220,224 200 .byte 102,15,56,220,232 201 movups -16(%edx,%ecx,1),%xmm0 202 jnz .L006enc4_loop 203 .byte 102,15,56,220,209 204 .byte 102,15,56,220,217 205 .byte 102,15,56,220,225 206 .byte 102,15,56,220,233 207 .byte 102,15,56,221,208 208 .byte 102,15,56,221,216 209 .byte 102,15,56,221,224 210 .byte 102,15,56,221,232 211 ret 212 .size _aesni_encrypt4,.-_aesni_encrypt4 213 .type _aesni_decrypt4,@function 214 .align 16 215 _aesni_decrypt4: 216 movups (%edx),%xmm0 217 movups 16(%edx),%xmm1 218 shll $4,%ecx 219 xorps %xmm0,%xmm2 220 pxor %xmm0,%xmm3 221 pxor %xmm0,%xmm4 222 pxor %xmm0,%xmm5 223 movups 32(%edx),%xmm0 224 leal 32(%edx,%ecx,1),%edx 225 negl %ecx 226 .byte 15,31,64,0 227 addl $16,%ecx 228 .L007dec4_loop: 229 .byte 102,15,56,222,209 230 .byte 102,15,56,222,217 231 .byte 102,15,56,222,225 232 .byte 102,15,56,222,233 233 movups (%edx,%ecx,1),%xmm1 234 addl $32,%ecx 235 .byte 102,15,56,222,208 236 .byte 102,15,56,222,216 237 .byte 102,15,56,222,224 238 .byte 102,15,56,222,232 239 movups -16(%edx,%ecx,1),%xmm0 240 jnz .L007dec4_loop 241 .byte 102,15,56,222,209 242 .byte 102,15,56,222,217 243 .byte 102,15,56,222,225 244 .byte 102,15,56,222,233 245 .byte 102,15,56,223,208 246 .byte 102,15,56,223,216 247 .byte 102,15,56,223,224 248 .byte 102,15,56,223,232 249 ret 250 .size _aesni_decrypt4,.-_aesni_decrypt4 251 .type _aesni_encrypt6,@function 252 .align 16 253 _aesni_encrypt6: 254 movups (%edx),%xmm0 255 shll $4,%ecx 256 movups 16(%edx),%xmm1 257 xorps %xmm0,%xmm2 258 pxor %xmm0,%xmm3 259 pxor %xmm0,%xmm4 260 .byte 102,15,56,220,209 261 pxor %xmm0,%xmm5 262 pxor %xmm0,%xmm6 263 .byte 102,15,56,220,217 264 leal 32(%edx,%ecx,1),%edx 265 negl %ecx 266 .byte 102,15,56,220,225 267 pxor %xmm0,%xmm7 268 movups (%edx,%ecx,1),%xmm0 269 addl $16,%ecx 270 jmp .L008_aesni_encrypt6_inner 271 .align 16 272 .L009enc6_loop: 273 .byte 102,15,56,220,209 274 .byte 102,15,56,220,217 275 .byte 102,15,56,220,225 276 .L008_aesni_encrypt6_inner: 277 .byte 102,15,56,220,233 278 .byte 102,15,56,220,241 279 .byte 102,15,56,220,249 280 .L_aesni_encrypt6_enter: 281 movups (%edx,%ecx,1),%xmm1 282 addl $32,%ecx 283 .byte 102,15,56,220,208 284 .byte 102,15,56,220,216 285 .byte 102,15,56,220,224 286 .byte 102,15,56,220,232 287 .byte 102,15,56,220,240 288 .byte 102,15,56,220,248 289 movups -16(%edx,%ecx,1),%xmm0 290 jnz .L009enc6_loop 291 .byte 102,15,56,220,209 292 .byte 102,15,56,220,217 293 .byte 102,15,56,220,225 294 .byte 102,15,56,220,233 295 .byte 102,15,56,220,241 296 .byte 102,15,56,220,249 297 .byte 102,15,56,221,208 298 .byte 102,15,56,221,216 299 .byte 102,15,56,221,224 300 .byte 102,15,56,221,232 301 .byte 102,15,56,221,240 302 .byte 102,15,56,221,248 303 ret 304 .size _aesni_encrypt6,.-_aesni_encrypt6 305 .type _aesni_decrypt6,@function 306 .align 16 307 _aesni_decrypt6: 308 movups (%edx),%xmm0 309 shll $4,%ecx 310 movups 16(%edx),%xmm1 311 xorps %xmm0,%xmm2 312 pxor %xmm0,%xmm3 313 pxor %xmm0,%xmm4 314 .byte 102,15,56,222,209 315 pxor %xmm0,%xmm5 316 pxor %xmm0,%xmm6 317 .byte 102,15,56,222,217 318 leal 32(%edx,%ecx,1),%edx 319 negl %ecx 320 .byte 102,15,56,222,225 321 pxor %xmm0,%xmm7 322 movups (%edx,%ecx,1),%xmm0 323 addl $16,%ecx 324 jmp .L010_aesni_decrypt6_inner 325 .align 16 326 .L011dec6_loop: 327 .byte 102,15,56,222,209 328 .byte 102,15,56,222,217 329 .byte 102,15,56,222,225 330 .L010_aesni_decrypt6_inner: 331 .byte 102,15,56,222,233 332 .byte 102,15,56,222,241 333 .byte 102,15,56,222,249 334 .L_aesni_decrypt6_enter: 335 movups (%edx,%ecx,1),%xmm1 336 addl $32,%ecx 337 .byte 102,15,56,222,208 338 .byte 102,15,56,222,216 339 .byte 102,15,56,222,224 340 .byte 102,15,56,222,232 341 .byte 102,15,56,222,240 342 .byte 102,15,56,222,248 343 movups -16(%edx,%ecx,1),%xmm0 344 jnz .L011dec6_loop 345 .byte 102,15,56,222,209 346 .byte 102,15,56,222,217 347 .byte 102,15,56,222,225 348 .byte 102,15,56,222,233 349 .byte 102,15,56,222,241 350 .byte 102,15,56,222,249 351 .byte 102,15,56,223,208 352 .byte 102,15,56,223,216 353 .byte 102,15,56,223,224 354 .byte 102,15,56,223,232 355 .byte 102,15,56,223,240 356 .byte 102,15,56,223,248 357 ret 358 .size _aesni_decrypt6,.-_aesni_decrypt6 359 .globl aesni_ecb_encrypt 360 .type aesni_ecb_encrypt,@function 361 .align 16 362 aesni_ecb_encrypt: 363 .L_aesni_ecb_encrypt_begin: 364 pushl %ebp 365 pushl %ebx 366 pushl %esi 367 pushl %edi 368 movl 20(%esp),%esi 369 movl 24(%esp),%edi 370 movl 28(%esp),%eax 371 movl 32(%esp),%edx 372 movl 36(%esp),%ebx 373 andl $-16,%eax 374 jz .L012ecb_ret 375 movl 240(%edx),%ecx 376 testl %ebx,%ebx 377 jz .L013ecb_decrypt 378 movl %edx,%ebp 379 movl %ecx,%ebx 380 cmpl $96,%eax 381 jb .L014ecb_enc_tail 382 movdqu (%esi),%xmm2 383 movdqu 16(%esi),%xmm3 384 movdqu 32(%esi),%xmm4 385 movdqu 48(%esi),%xmm5 386 movdqu 64(%esi),%xmm6 387 movdqu 80(%esi),%xmm7 388 leal 96(%esi),%esi 389 subl $96,%eax 390 jmp .L015ecb_enc_loop6_enter 391 .align 16 392 .L016ecb_enc_loop6: 393 movups %xmm2,(%edi) 394 movdqu (%esi),%xmm2 395 movups %xmm3,16(%edi) 396 movdqu 16(%esi),%xmm3 397 movups %xmm4,32(%edi) 398 movdqu 32(%esi),%xmm4 399 movups %xmm5,48(%edi) 400 movdqu 48(%esi),%xmm5 401 movups %xmm6,64(%edi) 402 movdqu 64(%esi),%xmm6 403 movups %xmm7,80(%edi) 404 leal 96(%edi),%edi 405 movdqu 80(%esi),%xmm7 406 leal 96(%esi),%esi 407 .L015ecb_enc_loop6_enter: 408 call _aesni_encrypt6 409 movl %ebp,%edx 410 movl %ebx,%ecx 411 subl $96,%eax 412 jnc .L016ecb_enc_loop6 413 movups %xmm2,(%edi) 414 movups %xmm3,16(%edi) 415 movups %xmm4,32(%edi) 416 movups %xmm5,48(%edi) 417 movups %xmm6,64(%edi) 418 movups %xmm7,80(%edi) 419 leal 96(%edi),%edi 420 addl $96,%eax 421 jz .L012ecb_ret 422 .L014ecb_enc_tail: 423 movups (%esi),%xmm2 424 cmpl $32,%eax 425 jb .L017ecb_enc_one 426 movups 16(%esi),%xmm3 427 je .L018ecb_enc_two 428 movups 32(%esi),%xmm4 429 cmpl $64,%eax 430 jb .L019ecb_enc_three 431 movups 48(%esi),%xmm5 432 je .L020ecb_enc_four 433 movups 64(%esi),%xmm6 434 xorps %xmm7,%xmm7 435 call _aesni_encrypt6 436 movups %xmm2,(%edi) 437 movups %xmm3,16(%edi) 438 movups %xmm4,32(%edi) 439 movups %xmm5,48(%edi) 440 movups %xmm6,64(%edi) 441 jmp .L012ecb_ret 442 .align 16 443 .L017ecb_enc_one: 444 movups (%edx),%xmm0 445 movups 16(%edx),%xmm1 446 leal 32(%edx),%edx 447 xorps %xmm0,%xmm2 448 .L021enc1_loop_3: 449 .byte 102,15,56,220,209 450 decl %ecx 451 movups (%edx),%xmm1 452 leal 16(%edx),%edx 453 jnz .L021enc1_loop_3 454 .byte 102,15,56,221,209 455 movups %xmm2,(%edi) 456 jmp .L012ecb_ret 457 .align 16 458 .L018ecb_enc_two: 459 call _aesni_encrypt2 460 movups %xmm2,(%edi) 461 movups %xmm3,16(%edi) 462 jmp .L012ecb_ret 463 .align 16 464 .L019ecb_enc_three: 465 call _aesni_encrypt3 466 movups %xmm2,(%edi) 467 movups %xmm3,16(%edi) 468 movups %xmm4,32(%edi) 469 jmp .L012ecb_ret 470 .align 16 471 .L020ecb_enc_four: 472 call _aesni_encrypt4 473 movups %xmm2,(%edi) 474 movups %xmm3,16(%edi) 475 movups %xmm4,32(%edi) 476 movups %xmm5,48(%edi) 477 jmp .L012ecb_ret 478 .align 16 479 .L013ecb_decrypt: 480 movl %edx,%ebp 481 movl %ecx,%ebx 482 cmpl $96,%eax 483 jb .L022ecb_dec_tail 484 movdqu (%esi),%xmm2 485 movdqu 16(%esi),%xmm3 486 movdqu 32(%esi),%xmm4 487 movdqu 48(%esi),%xmm5 488 movdqu 64(%esi),%xmm6 489 movdqu 80(%esi),%xmm7 490 leal 96(%esi),%esi 491 subl $96,%eax 492 jmp .L023ecb_dec_loop6_enter 493 .align 16 494 .L024ecb_dec_loop6: 495 movups %xmm2,(%edi) 496 movdqu (%esi),%xmm2 497 movups %xmm3,16(%edi) 498 movdqu 16(%esi),%xmm3 499 movups %xmm4,32(%edi) 500 movdqu 32(%esi),%xmm4 501 movups %xmm5,48(%edi) 502 movdqu 48(%esi),%xmm5 503 movups %xmm6,64(%edi) 504 movdqu 64(%esi),%xmm6 505 movups %xmm7,80(%edi) 506 leal 96(%edi),%edi 507 movdqu 80(%esi),%xmm7 508 leal 96(%esi),%esi 509 .L023ecb_dec_loop6_enter: 510 call _aesni_decrypt6 511 movl %ebp,%edx 512 movl %ebx,%ecx 513 subl $96,%eax 514 jnc .L024ecb_dec_loop6 515 movups %xmm2,(%edi) 516 movups %xmm3,16(%edi) 517 movups %xmm4,32(%edi) 518 movups %xmm5,48(%edi) 519 movups %xmm6,64(%edi) 520 movups %xmm7,80(%edi) 521 leal 96(%edi),%edi 522 addl $96,%eax 523 jz .L012ecb_ret 524 .L022ecb_dec_tail: 525 movups (%esi),%xmm2 526 cmpl $32,%eax 527 jb .L025ecb_dec_one 528 movups 16(%esi),%xmm3 529 je .L026ecb_dec_two 530 movups 32(%esi),%xmm4 531 cmpl $64,%eax 532 jb .L027ecb_dec_three 533 movups 48(%esi),%xmm5 534 je .L028ecb_dec_four 535 movups 64(%esi),%xmm6 536 xorps %xmm7,%xmm7 537 call _aesni_decrypt6 538 movups %xmm2,(%edi) 539 movups %xmm3,16(%edi) 540 movups %xmm4,32(%edi) 541 movups %xmm5,48(%edi) 542 movups %xmm6,64(%edi) 543 jmp .L012ecb_ret 544 .align 16 545 .L025ecb_dec_one: 546 movups (%edx),%xmm0 547 movups 16(%edx),%xmm1 548 leal 32(%edx),%edx 549 xorps %xmm0,%xmm2 550 .L029dec1_loop_4: 551 .byte 102,15,56,222,209 552 decl %ecx 553 movups (%edx),%xmm1 554 leal 16(%edx),%edx 555 jnz .L029dec1_loop_4 556 .byte 102,15,56,223,209 557 movups %xmm2,(%edi) 558 jmp .L012ecb_ret 559 .align 16 560 .L026ecb_dec_two: 561 call _aesni_decrypt2 562 movups %xmm2,(%edi) 563 movups %xmm3,16(%edi) 564 jmp .L012ecb_ret 565 .align 16 566 .L027ecb_dec_three: 567 call _aesni_decrypt3 568 movups %xmm2,(%edi) 569 movups %xmm3,16(%edi) 570 movups %xmm4,32(%edi) 571 jmp .L012ecb_ret 572 .align 16 573 .L028ecb_dec_four: 574 call _aesni_decrypt4 575 movups %xmm2,(%edi) 576 movups %xmm3,16(%edi) 577 movups %xmm4,32(%edi) 578 movups %xmm5,48(%edi) 579 .L012ecb_ret: 580 pxor %xmm0,%xmm0 581 pxor %xmm1,%xmm1 582 pxor %xmm2,%xmm2 583 pxor %xmm3,%xmm3 584 pxor %xmm4,%xmm4 585 pxor %xmm5,%xmm5 586 pxor %xmm6,%xmm6 587 pxor %xmm7,%xmm7 588 popl %edi 589 popl %esi 590 popl %ebx 591 popl %ebp 592 ret 593 .size aesni_ecb_encrypt,.-.L_aesni_ecb_encrypt_begin 594 .globl aesni_ccm64_encrypt_blocks 595 .type aesni_ccm64_encrypt_blocks,@function 596 .align 16 597 aesni_ccm64_encrypt_blocks: 598 .L_aesni_ccm64_encrypt_blocks_begin: 599 pushl %ebp 600 pushl %ebx 601 pushl %esi 602 pushl %edi 603 movl 20(%esp),%esi 604 movl 24(%esp),%edi 605 movl 28(%esp),%eax 606 movl 32(%esp),%edx 607 movl 36(%esp),%ebx 608 movl 40(%esp),%ecx 609 movl %esp,%ebp 610 subl $60,%esp 611 andl $-16,%esp 612 movl %ebp,48(%esp) 613 movdqu (%ebx),%xmm7 614 movdqu (%ecx),%xmm3 615 movl 240(%edx),%ecx 616 movl $202182159,(%esp) 617 movl $134810123,4(%esp) 618 movl $67438087,8(%esp) 619 movl $66051,12(%esp) 620 movl $1,%ebx 621 xorl %ebp,%ebp 622 movl %ebx,16(%esp) 623 movl %ebp,20(%esp) 624 movl %ebp,24(%esp) 625 movl %ebp,28(%esp) 626 shll $4,%ecx 627 movl $16,%ebx 628 leal (%edx),%ebp 629 movdqa (%esp),%xmm5 630 movdqa %xmm7,%xmm2 631 leal 32(%edx,%ecx,1),%edx 632 subl %ecx,%ebx 633 .byte 102,15,56,0,253 634 .L030ccm64_enc_outer: 635 movups (%ebp),%xmm0 636 movl %ebx,%ecx 637 movups (%esi),%xmm6 638 xorps %xmm0,%xmm2 639 movups 16(%ebp),%xmm1 640 xorps %xmm6,%xmm0 641 xorps %xmm0,%xmm3 642 movups 32(%ebp),%xmm0 643 .L031ccm64_enc2_loop: 644 .byte 102,15,56,220,209 645 .byte 102,15,56,220,217 646 movups (%edx,%ecx,1),%xmm1 647 addl $32,%ecx 648 .byte 102,15,56,220,208 649 .byte 102,15,56,220,216 650 movups -16(%edx,%ecx,1),%xmm0 651 jnz .L031ccm64_enc2_loop 652 .byte 102,15,56,220,209 653 .byte 102,15,56,220,217 654 paddq 16(%esp),%xmm7 655 decl %eax 656 .byte 102,15,56,221,208 657 .byte 102,15,56,221,216 658 leal 16(%esi),%esi 659 xorps %xmm2,%xmm6 660 movdqa %xmm7,%xmm2 661 movups %xmm6,(%edi) 662 .byte 102,15,56,0,213 663 leal 16(%edi),%edi 664 jnz .L030ccm64_enc_outer 665 movl 48(%esp),%esp 666 movl 40(%esp),%edi 667 movups %xmm3,(%edi) 668 pxor %xmm0,%xmm0 669 pxor %xmm1,%xmm1 670 pxor %xmm2,%xmm2 671 pxor %xmm3,%xmm3 672 pxor %xmm4,%xmm4 673 pxor %xmm5,%xmm5 674 pxor %xmm6,%xmm6 675 pxor %xmm7,%xmm7 676 popl %edi 677 popl %esi 678 popl %ebx 679 popl %ebp 680 ret 681 .size aesni_ccm64_encrypt_blocks,.-.L_aesni_ccm64_encrypt_blocks_begin 682 .globl aesni_ccm64_decrypt_blocks 683 .type aesni_ccm64_decrypt_blocks,@function 684 .align 16 685 aesni_ccm64_decrypt_blocks: 686 .L_aesni_ccm64_decrypt_blocks_begin: 687 pushl %ebp 688 pushl %ebx 689 pushl %esi 690 pushl %edi 691 movl 20(%esp),%esi 692 movl 24(%esp),%edi 693 movl 28(%esp),%eax 694 movl 32(%esp),%edx 695 movl 36(%esp),%ebx 696 movl 40(%esp),%ecx 697 movl %esp,%ebp 698 subl $60,%esp 699 andl $-16,%esp 700 movl %ebp,48(%esp) 701 movdqu (%ebx),%xmm7 702 movdqu (%ecx),%xmm3 703 movl 240(%edx),%ecx 704 movl $202182159,(%esp) 705 movl $134810123,4(%esp) 706 movl $67438087,8(%esp) 707 movl $66051,12(%esp) 708 movl $1,%ebx 709 xorl %ebp,%ebp 710 movl %ebx,16(%esp) 711 movl %ebp,20(%esp) 712 movl %ebp,24(%esp) 713 movl %ebp,28(%esp) 714 movdqa (%esp),%xmm5 715 movdqa %xmm7,%xmm2 716 movl %edx,%ebp 717 movl %ecx,%ebx 718 .byte 102,15,56,0,253 719 movups (%edx),%xmm0 720 movups 16(%edx),%xmm1 721 leal 32(%edx),%edx 722 xorps %xmm0,%xmm2 723 .L032enc1_loop_5: 724 .byte 102,15,56,220,209 725 decl %ecx 726 movups (%edx),%xmm1 727 leal 16(%edx),%edx 728 jnz .L032enc1_loop_5 729 .byte 102,15,56,221,209 730 shll $4,%ebx 731 movl $16,%ecx 732 movups (%esi),%xmm6 733 paddq 16(%esp),%xmm7 734 leal 16(%esi),%esi 735 subl %ebx,%ecx 736 leal 32(%ebp,%ebx,1),%edx 737 movl %ecx,%ebx 738 jmp .L033ccm64_dec_outer 739 .align 16 740 .L033ccm64_dec_outer: 741 xorps %xmm2,%xmm6 742 movdqa %xmm7,%xmm2 743 movups %xmm6,(%edi) 744 leal 16(%edi),%edi 745 .byte 102,15,56,0,213 746 subl $1,%eax 747 jz .L034ccm64_dec_break 748 movups (%ebp),%xmm0 749 movl %ebx,%ecx 750 movups 16(%ebp),%xmm1 751 xorps %xmm0,%xmm6 752 xorps %xmm0,%xmm2 753 xorps %xmm6,%xmm3 754 movups 32(%ebp),%xmm0 755 .L035ccm64_dec2_loop: 756 .byte 102,15,56,220,209 757 .byte 102,15,56,220,217 758 movups (%edx,%ecx,1),%xmm1 759 addl $32,%ecx 760 .byte 102,15,56,220,208 761 .byte 102,15,56,220,216 762 movups -16(%edx,%ecx,1),%xmm0 763 jnz .L035ccm64_dec2_loop 764 movups (%esi),%xmm6 765 paddq 16(%esp),%xmm7 766 .byte 102,15,56,220,209 767 .byte 102,15,56,220,217 768 .byte 102,15,56,221,208 769 .byte 102,15,56,221,216 770 leal 16(%esi),%esi 771 jmp .L033ccm64_dec_outer 772 .align 16 773 .L034ccm64_dec_break: 774 movl 240(%ebp),%ecx 775 movl %ebp,%edx 776 movups (%edx),%xmm0 777 movups 16(%edx),%xmm1 778 xorps %xmm0,%xmm6 779 leal 32(%edx),%edx 780 xorps %xmm6,%xmm3 781 .L036enc1_loop_6: 782 .byte 102,15,56,220,217 783 decl %ecx 784 movups (%edx),%xmm1 785 leal 16(%edx),%edx 786 jnz .L036enc1_loop_6 787 .byte 102,15,56,221,217 788 movl 48(%esp),%esp 789 movl 40(%esp),%edi 790 movups %xmm3,(%edi) 791 pxor %xmm0,%xmm0 792 pxor %xmm1,%xmm1 793 pxor %xmm2,%xmm2 794 pxor %xmm3,%xmm3 795 pxor %xmm4,%xmm4 796 pxor %xmm5,%xmm5 797 pxor %xmm6,%xmm6 798 pxor %xmm7,%xmm7 799 popl %edi 800 popl %esi 801 popl %ebx 802 popl %ebp 803 ret 804 .size aesni_ccm64_decrypt_blocks,.-.L_aesni_ccm64_decrypt_blocks_begin 805 .globl aesni_ctr32_encrypt_blocks 806 .type aesni_ctr32_encrypt_blocks,@function 807 .align 16 808 aesni_ctr32_encrypt_blocks: 809 .L_aesni_ctr32_encrypt_blocks_begin: 810 pushl %ebp 811 pushl %ebx 812 pushl %esi 813 pushl %edi 814 movl 20(%esp),%esi 815 movl 24(%esp),%edi 816 movl 28(%esp),%eax 817 movl 32(%esp),%edx 818 movl 36(%esp),%ebx 819 movl %esp,%ebp 820 subl $88,%esp 821 andl $-16,%esp 822 movl %ebp,80(%esp) 823 cmpl $1,%eax 824 je .L037ctr32_one_shortcut 825 movdqu (%ebx),%xmm7 826 movl $202182159,(%esp) 827 movl $134810123,4(%esp) 828 movl $67438087,8(%esp) 829 movl $66051,12(%esp) 830 movl $6,%ecx 831 xorl %ebp,%ebp 832 movl %ecx,16(%esp) 833 movl %ecx,20(%esp) 834 movl %ecx,24(%esp) 835 movl %ebp,28(%esp) 836 .byte 102,15,58,22,251,3 837 .byte 102,15,58,34,253,3 838 movl 240(%edx),%ecx 839 bswap %ebx 840 pxor %xmm0,%xmm0 841 pxor %xmm1,%xmm1 842 movdqa (%esp),%xmm2 843 .byte 102,15,58,34,195,0 844 leal 3(%ebx),%ebp 845 .byte 102,15,58,34,205,0 846 incl %ebx 847 .byte 102,15,58,34,195,1 848 incl %ebp 849 .byte 102,15,58,34,205,1 850 incl %ebx 851 .byte 102,15,58,34,195,2 852 incl %ebp 853 .byte 102,15,58,34,205,2 854 movdqa %xmm0,48(%esp) 855 .byte 102,15,56,0,194 856 movdqu (%edx),%xmm6 857 movdqa %xmm1,64(%esp) 858 .byte 102,15,56,0,202 859 pshufd $192,%xmm0,%xmm2 860 pshufd $128,%xmm0,%xmm3 861 cmpl $6,%eax 862 jb .L038ctr32_tail 863 pxor %xmm6,%xmm7 864 shll $4,%ecx 865 movl $16,%ebx 866 movdqa %xmm7,32(%esp) 867 movl %edx,%ebp 868 subl %ecx,%ebx 869 leal 32(%edx,%ecx,1),%edx 870 subl $6,%eax 871 jmp .L039ctr32_loop6 872 .align 16 873 .L039ctr32_loop6: 874 pshufd $64,%xmm0,%xmm4 875 movdqa 32(%esp),%xmm0 876 pshufd $192,%xmm1,%xmm5 877 pxor %xmm0,%xmm2 878 pshufd $128,%xmm1,%xmm6 879 pxor %xmm0,%xmm3 880 pshufd $64,%xmm1,%xmm7 881 movups 16(%ebp),%xmm1 882 pxor %xmm0,%xmm4 883 pxor %xmm0,%xmm5 884 .byte 102,15,56,220,209 885 pxor %xmm0,%xmm6 886 pxor %xmm0,%xmm7 887 .byte 102,15,56,220,217 888 movups 32(%ebp),%xmm0 889 movl %ebx,%ecx 890 .byte 102,15,56,220,225 891 .byte 102,15,56,220,233 892 .byte 102,15,56,220,241 893 .byte 102,15,56,220,249 894 call .L_aesni_encrypt6_enter 895 movups (%esi),%xmm1 896 movups 16(%esi),%xmm0 897 xorps %xmm1,%xmm2 898 movups 32(%esi),%xmm1 899 xorps %xmm0,%xmm3 900 movups %xmm2,(%edi) 901 movdqa 16(%esp),%xmm0 902 xorps %xmm1,%xmm4 903 movdqa 64(%esp),%xmm1 904 movups %xmm3,16(%edi) 905 movups %xmm4,32(%edi) 906 paddd %xmm0,%xmm1 907 paddd 48(%esp),%xmm0 908 movdqa (%esp),%xmm2 909 movups 48(%esi),%xmm3 910 movups 64(%esi),%xmm4 911 xorps %xmm3,%xmm5 912 movups 80(%esi),%xmm3 913 leal 96(%esi),%esi 914 movdqa %xmm0,48(%esp) 915 .byte 102,15,56,0,194 916 xorps %xmm4,%xmm6 917 movups %xmm5,48(%edi) 918 xorps %xmm3,%xmm7 919 movdqa %xmm1,64(%esp) 920 .byte 102,15,56,0,202 921 movups %xmm6,64(%edi) 922 pshufd $192,%xmm0,%xmm2 923 movups %xmm7,80(%edi) 924 leal 96(%edi),%edi 925 pshufd $128,%xmm0,%xmm3 926 subl $6,%eax 927 jnc .L039ctr32_loop6 928 addl $6,%eax 929 jz .L040ctr32_ret 930 movdqu (%ebp),%xmm7 931 movl %ebp,%edx 932 pxor 32(%esp),%xmm7 933 movl 240(%ebp),%ecx 934 .L038ctr32_tail: 935 por %xmm7,%xmm2 936 cmpl $2,%eax 937 jb .L041ctr32_one 938 pshufd $64,%xmm0,%xmm4 939 por %xmm7,%xmm3 940 je .L042ctr32_two 941 pshufd $192,%xmm1,%xmm5 942 por %xmm7,%xmm4 943 cmpl $4,%eax 944 jb .L043ctr32_three 945 pshufd $128,%xmm1,%xmm6 946 por %xmm7,%xmm5 947 je .L044ctr32_four 948 por %xmm7,%xmm6 949 call _aesni_encrypt6 950 movups (%esi),%xmm1 951 movups 16(%esi),%xmm0 952 xorps %xmm1,%xmm2 953 movups 32(%esi),%xmm1 954 xorps %xmm0,%xmm3 955 movups 48(%esi),%xmm0 956 xorps %xmm1,%xmm4 957 movups 64(%esi),%xmm1 958 xorps %xmm0,%xmm5 959 movups %xmm2,(%edi) 960 xorps %xmm1,%xmm6 961 movups %xmm3,16(%edi) 962 movups %xmm4,32(%edi) 963 movups %xmm5,48(%edi) 964 movups %xmm6,64(%edi) 965 jmp .L040ctr32_ret 966 .align 16 967 .L037ctr32_one_shortcut: 968 movups (%ebx),%xmm2 969 movl 240(%edx),%ecx 970 .L041ctr32_one: 971 movups (%edx),%xmm0 972 movups 16(%edx),%xmm1 973 leal 32(%edx),%edx 974 xorps %xmm0,%xmm2 975 .L045enc1_loop_7: 976 .byte 102,15,56,220,209 977 decl %ecx 978 movups (%edx),%xmm1 979 leal 16(%edx),%edx 980 jnz .L045enc1_loop_7 981 .byte 102,15,56,221,209 982 movups (%esi),%xmm6 983 xorps %xmm2,%xmm6 984 movups %xmm6,(%edi) 985 jmp .L040ctr32_ret 986 .align 16 987 .L042ctr32_two: 988 call _aesni_encrypt2 989 movups (%esi),%xmm5 990 movups 16(%esi),%xmm6 991 xorps %xmm5,%xmm2 992 xorps %xmm6,%xmm3 993 movups %xmm2,(%edi) 994 movups %xmm3,16(%edi) 995 jmp .L040ctr32_ret 996 .align 16 997 .L043ctr32_three: 998 call _aesni_encrypt3 999 movups (%esi),%xmm5 1000 movups 16(%esi),%xmm6 1001 xorps %xmm5,%xmm2 1002 movups 32(%esi),%xmm7 1003 xorps %xmm6,%xmm3 1004 movups %xmm2,(%edi) 1005 xorps %xmm7,%xmm4 1006 movups %xmm3,16(%edi) 1007 movups %xmm4,32(%edi) 1008 jmp .L040ctr32_ret 1009 .align 16 1010 .L044ctr32_four: 1011 call _aesni_encrypt4 1012 movups (%esi),%xmm6 1013 movups 16(%esi),%xmm7 1014 movups 32(%esi),%xmm1 1015 xorps %xmm6,%xmm2 1016 movups 48(%esi),%xmm0 1017 xorps %xmm7,%xmm3 1018 movups %xmm2,(%edi) 1019 xorps %xmm1,%xmm4 1020 movups %xmm3,16(%edi) 1021 xorps %xmm0,%xmm5 1022 movups %xmm4,32(%edi) 1023 movups %xmm5,48(%edi) 1024 .L040ctr32_ret: 1025 pxor %xmm0,%xmm0 1026 pxor %xmm1,%xmm1 1027 pxor %xmm2,%xmm2 1028 pxor %xmm3,%xmm3 1029 pxor %xmm4,%xmm4 1030 movdqa %xmm0,32(%esp) 1031 pxor %xmm5,%xmm5 1032 movdqa %xmm0,48(%esp) 1033 pxor %xmm6,%xmm6 1034 movdqa %xmm0,64(%esp) 1035 pxor %xmm7,%xmm7 1036 movl 80(%esp),%esp 1037 popl %edi 1038 popl %esi 1039 popl %ebx 1040 popl %ebp 1041 ret 1042 .size aesni_ctr32_encrypt_blocks,.-.L_aesni_ctr32_encrypt_blocks_begin 1043 .globl aesni_xts_encrypt 1044 .type aesni_xts_encrypt,@function 1045 .align 16 1046 aesni_xts_encrypt: 1047 .L_aesni_xts_encrypt_begin: 1048 pushl %ebp 1049 pushl %ebx 1050 pushl %esi 1051 pushl %edi 1052 movl 36(%esp),%edx 1053 movl 40(%esp),%esi 1054 movl 240(%edx),%ecx 1055 movups (%esi),%xmm2 1056 movups (%edx),%xmm0 1057 movups 16(%edx),%xmm1 1058 leal 32(%edx),%edx 1059 xorps %xmm0,%xmm2 1060 .L046enc1_loop_8: 1061 .byte 102,15,56,220,209 1062 decl %ecx 1063 movups (%edx),%xmm1 1064 leal 16(%edx),%edx 1065 jnz .L046enc1_loop_8 1066 .byte 102,15,56,221,209 1067 movl 20(%esp),%esi 1068 movl 24(%esp),%edi 1069 movl 28(%esp),%eax 1070 movl 32(%esp),%edx 1071 movl %esp,%ebp 1072 subl $120,%esp 1073 movl 240(%edx),%ecx 1074 andl $-16,%esp 1075 movl $135,96(%esp) 1076 movl $0,100(%esp) 1077 movl $1,104(%esp) 1078 movl $0,108(%esp) 1079 movl %eax,112(%esp) 1080 movl %ebp,116(%esp) 1081 movdqa %xmm2,%xmm1 1082 pxor %xmm0,%xmm0 1083 movdqa 96(%esp),%xmm3 1084 pcmpgtd %xmm1,%xmm0 1085 andl $-16,%eax 1086 movl %edx,%ebp 1087 movl %ecx,%ebx 1088 subl $96,%eax 1089 jc .L047xts_enc_short 1090 shll $4,%ecx 1091 movl $16,%ebx 1092 subl %ecx,%ebx 1093 leal 32(%edx,%ecx,1),%edx 1094 jmp .L048xts_enc_loop6 1095 .align 16 1096 .L048xts_enc_loop6: 1097 pshufd $19,%xmm0,%xmm2 1098 pxor %xmm0,%xmm0 1099 movdqa %xmm1,(%esp) 1100 paddq %xmm1,%xmm1 1101 pand %xmm3,%xmm2 1102 pcmpgtd %xmm1,%xmm0 1103 pxor %xmm2,%xmm1 1104 pshufd $19,%xmm0,%xmm2 1105 pxor %xmm0,%xmm0 1106 movdqa %xmm1,16(%esp) 1107 paddq %xmm1,%xmm1 1108 pand %xmm3,%xmm2 1109 pcmpgtd %xmm1,%xmm0 1110 pxor %xmm2,%xmm1 1111 pshufd $19,%xmm0,%xmm2 1112 pxor %xmm0,%xmm0 1113 movdqa %xmm1,32(%esp) 1114 paddq %xmm1,%xmm1 1115 pand %xmm3,%xmm2 1116 pcmpgtd %xmm1,%xmm0 1117 pxor %xmm2,%xmm1 1118 pshufd $19,%xmm0,%xmm2 1119 pxor %xmm0,%xmm0 1120 movdqa %xmm1,48(%esp) 1121 paddq %xmm1,%xmm1 1122 pand %xmm3,%xmm2 1123 pcmpgtd %xmm1,%xmm0 1124 pxor %xmm2,%xmm1 1125 pshufd $19,%xmm0,%xmm7 1126 movdqa %xmm1,64(%esp) 1127 paddq %xmm1,%xmm1 1128 movups (%ebp),%xmm0 1129 pand %xmm3,%xmm7 1130 movups (%esi),%xmm2 1131 pxor %xmm1,%xmm7 1132 movl %ebx,%ecx 1133 movdqu 16(%esi),%xmm3 1134 xorps %xmm0,%xmm2 1135 movdqu 32(%esi),%xmm4 1136 pxor %xmm0,%xmm3 1137 movdqu 48(%esi),%xmm5 1138 pxor %xmm0,%xmm4 1139 movdqu 64(%esi),%xmm6 1140 pxor %xmm0,%xmm5 1141 movdqu 80(%esi),%xmm1 1142 pxor %xmm0,%xmm6 1143 leal 96(%esi),%esi 1144 pxor (%esp),%xmm2 1145 movdqa %xmm7,80(%esp) 1146 pxor %xmm1,%xmm7 1147 movups 16(%ebp),%xmm1 1148 pxor 16(%esp),%xmm3 1149 pxor 32(%esp),%xmm4 1150 .byte 102,15,56,220,209 1151 pxor 48(%esp),%xmm5 1152 pxor 64(%esp),%xmm6 1153 .byte 102,15,56,220,217 1154 pxor %xmm0,%xmm7 1155 movups 32(%ebp),%xmm0 1156 .byte 102,15,56,220,225 1157 .byte 102,15,56,220,233 1158 .byte 102,15,56,220,241 1159 .byte 102,15,56,220,249 1160 call .L_aesni_encrypt6_enter 1161 movdqa 80(%esp),%xmm1 1162 pxor %xmm0,%xmm0 1163 xorps (%esp),%xmm2 1164 pcmpgtd %xmm1,%xmm0 1165 xorps 16(%esp),%xmm3 1166 movups %xmm2,(%edi) 1167 xorps 32(%esp),%xmm4 1168 movups %xmm3,16(%edi) 1169 xorps 48(%esp),%xmm5 1170 movups %xmm4,32(%edi) 1171 xorps 64(%esp),%xmm6 1172 movups %xmm5,48(%edi) 1173 xorps %xmm1,%xmm7 1174 movups %xmm6,64(%edi) 1175 pshufd $19,%xmm0,%xmm2 1176 movups %xmm7,80(%edi) 1177 leal 96(%edi),%edi 1178 movdqa 96(%esp),%xmm3 1179 pxor %xmm0,%xmm0 1180 paddq %xmm1,%xmm1 1181 pand %xmm3,%xmm2 1182 pcmpgtd %xmm1,%xmm0 1183 pxor %xmm2,%xmm1 1184 subl $96,%eax 1185 jnc .L048xts_enc_loop6 1186 movl 240(%ebp),%ecx 1187 movl %ebp,%edx 1188 movl %ecx,%ebx 1189 .L047xts_enc_short: 1190 addl $96,%eax 1191 jz .L049xts_enc_done6x 1192 movdqa %xmm1,%xmm5 1193 cmpl $32,%eax 1194 jb .L050xts_enc_one 1195 pshufd $19,%xmm0,%xmm2 1196 pxor %xmm0,%xmm0 1197 paddq %xmm1,%xmm1 1198 pand %xmm3,%xmm2 1199 pcmpgtd %xmm1,%xmm0 1200 pxor %xmm2,%xmm1 1201 je .L051xts_enc_two 1202 pshufd $19,%xmm0,%xmm2 1203 pxor %xmm0,%xmm0 1204 movdqa %xmm1,%xmm6 1205 paddq %xmm1,%xmm1 1206 pand %xmm3,%xmm2 1207 pcmpgtd %xmm1,%xmm0 1208 pxor %xmm2,%xmm1 1209 cmpl $64,%eax 1210 jb .L052xts_enc_three 1211 pshufd $19,%xmm0,%xmm2 1212 pxor %xmm0,%xmm0 1213 movdqa %xmm1,%xmm7 1214 paddq %xmm1,%xmm1 1215 pand %xmm3,%xmm2 1216 pcmpgtd %xmm1,%xmm0 1217 pxor %xmm2,%xmm1 1218 movdqa %xmm5,(%esp) 1219 movdqa %xmm6,16(%esp) 1220 je .L053xts_enc_four 1221 movdqa %xmm7,32(%esp) 1222 pshufd $19,%xmm0,%xmm7 1223 movdqa %xmm1,48(%esp) 1224 paddq %xmm1,%xmm1 1225 pand %xmm3,%xmm7 1226 pxor %xmm1,%xmm7 1227 movdqu (%esi),%xmm2 1228 movdqu 16(%esi),%xmm3 1229 movdqu 32(%esi),%xmm4 1230 pxor (%esp),%xmm2 1231 movdqu 48(%esi),%xmm5 1232 pxor 16(%esp),%xmm3 1233 movdqu 64(%esi),%xmm6 1234 pxor 32(%esp),%xmm4 1235 leal 80(%esi),%esi 1236 pxor 48(%esp),%xmm5 1237 movdqa %xmm7,64(%esp) 1238 pxor %xmm7,%xmm6 1239 call _aesni_encrypt6 1240 movaps 64(%esp),%xmm1 1241 xorps (%esp),%xmm2 1242 xorps 16(%esp),%xmm3 1243 xorps 32(%esp),%xmm4 1244 movups %xmm2,(%edi) 1245 xorps 48(%esp),%xmm5 1246 movups %xmm3,16(%edi) 1247 xorps %xmm1,%xmm6 1248 movups %xmm4,32(%edi) 1249 movups %xmm5,48(%edi) 1250 movups %xmm6,64(%edi) 1251 leal 80(%edi),%edi 1252 jmp .L054xts_enc_done 1253 .align 16 1254 .L050xts_enc_one: 1255 movups (%esi),%xmm2 1256 leal 16(%esi),%esi 1257 xorps %xmm5,%xmm2 1258 movups (%edx),%xmm0 1259 movups 16(%edx),%xmm1 1260 leal 32(%edx),%edx 1261 xorps %xmm0,%xmm2 1262 .L055enc1_loop_9: 1263 .byte 102,15,56,220,209 1264 decl %ecx 1265 movups (%edx),%xmm1 1266 leal 16(%edx),%edx 1267 jnz .L055enc1_loop_9 1268 .byte 102,15,56,221,209 1269 xorps %xmm5,%xmm2 1270 movups %xmm2,(%edi) 1271 leal 16(%edi),%edi 1272 movdqa %xmm5,%xmm1 1273 jmp .L054xts_enc_done 1274 .align 16 1275 .L051xts_enc_two: 1276 movaps %xmm1,%xmm6 1277 movups (%esi),%xmm2 1278 movups 16(%esi),%xmm3 1279 leal 32(%esi),%esi 1280 xorps %xmm5,%xmm2 1281 xorps %xmm6,%xmm3 1282 call _aesni_encrypt2 1283 xorps %xmm5,%xmm2 1284 xorps %xmm6,%xmm3 1285 movups %xmm2,(%edi) 1286 movups %xmm3,16(%edi) 1287 leal 32(%edi),%edi 1288 movdqa %xmm6,%xmm1 1289 jmp .L054xts_enc_done 1290 .align 16 1291 .L052xts_enc_three: 1292 movaps %xmm1,%xmm7 1293 movups (%esi),%xmm2 1294 movups 16(%esi),%xmm3 1295 movups 32(%esi),%xmm4 1296 leal 48(%esi),%esi 1297 xorps %xmm5,%xmm2 1298 xorps %xmm6,%xmm3 1299 xorps %xmm7,%xmm4 1300 call _aesni_encrypt3 1301 xorps %xmm5,%xmm2 1302 xorps %xmm6,%xmm3 1303 xorps %xmm7,%xmm4 1304 movups %xmm2,(%edi) 1305 movups %xmm3,16(%edi) 1306 movups %xmm4,32(%edi) 1307 leal 48(%edi),%edi 1308 movdqa %xmm7,%xmm1 1309 jmp .L054xts_enc_done 1310 .align 16 1311 .L053xts_enc_four: 1312 movaps %xmm1,%xmm6 1313 movups (%esi),%xmm2 1314 movups 16(%esi),%xmm3 1315 movups 32(%esi),%xmm4 1316 xorps (%esp),%xmm2 1317 movups 48(%esi),%xmm5 1318 leal 64(%esi),%esi 1319 xorps 16(%esp),%xmm3 1320 xorps %xmm7,%xmm4 1321 xorps %xmm6,%xmm5 1322 call _aesni_encrypt4 1323 xorps (%esp),%xmm2 1324 xorps 16(%esp),%xmm3 1325 xorps %xmm7,%xmm4 1326 movups %xmm2,(%edi) 1327 xorps %xmm6,%xmm5 1328 movups %xmm3,16(%edi) 1329 movups %xmm4,32(%edi) 1330 movups %xmm5,48(%edi) 1331 leal 64(%edi),%edi 1332 movdqa %xmm6,%xmm1 1333 jmp .L054xts_enc_done 1334 .align 16 1335 .L049xts_enc_done6x: 1336 movl 112(%esp),%eax 1337 andl $15,%eax 1338 jz .L056xts_enc_ret 1339 movdqa %xmm1,%xmm5 1340 movl %eax,112(%esp) 1341 jmp .L057xts_enc_steal 1342 .align 16 1343 .L054xts_enc_done: 1344 movl 112(%esp),%eax 1345 pxor %xmm0,%xmm0 1346 andl $15,%eax 1347 jz .L056xts_enc_ret 1348 pcmpgtd %xmm1,%xmm0 1349 movl %eax,112(%esp) 1350 pshufd $19,%xmm0,%xmm5 1351 paddq %xmm1,%xmm1 1352 pand 96(%esp),%xmm5 1353 pxor %xmm1,%xmm5 1354 .L057xts_enc_steal: 1355 movzbl (%esi),%ecx 1356 movzbl -16(%edi),%edx 1357 leal 1(%esi),%esi 1358 movb %cl,-16(%edi) 1359 movb %dl,(%edi) 1360 leal 1(%edi),%edi 1361 subl $1,%eax 1362 jnz .L057xts_enc_steal 1363 subl 112(%esp),%edi 1364 movl %ebp,%edx 1365 movl %ebx,%ecx 1366 movups -16(%edi),%xmm2 1367 xorps %xmm5,%xmm2 1368 movups (%edx),%xmm0 1369 movups 16(%edx),%xmm1 1370 leal 32(%edx),%edx 1371 xorps %xmm0,%xmm2 1372 .L058enc1_loop_10: 1373 .byte 102,15,56,220,209 1374 decl %ecx 1375 movups (%edx),%xmm1 1376 leal 16(%edx),%edx 1377 jnz .L058enc1_loop_10 1378 .byte 102,15,56,221,209 1379 xorps %xmm5,%xmm2 1380 movups %xmm2,-16(%edi) 1381 .L056xts_enc_ret: 1382 pxor %xmm0,%xmm0 1383 pxor %xmm1,%xmm1 1384 pxor %xmm2,%xmm2 1385 movdqa %xmm0,(%esp) 1386 pxor %xmm3,%xmm3 1387 movdqa %xmm0,16(%esp) 1388 pxor %xmm4,%xmm4 1389 movdqa %xmm0,32(%esp) 1390 pxor %xmm5,%xmm5 1391 movdqa %xmm0,48(%esp) 1392 pxor %xmm6,%xmm6 1393 movdqa %xmm0,64(%esp) 1394 pxor %xmm7,%xmm7 1395 movdqa %xmm0,80(%esp) 1396 movl 116(%esp),%esp 1397 popl %edi 1398 popl %esi 1399 popl %ebx 1400 popl %ebp 1401 ret 1402 .size aesni_xts_encrypt,.-.L_aesni_xts_encrypt_begin 1403 .globl aesni_xts_decrypt 1404 .type aesni_xts_decrypt,@function 1405 .align 16 1406 aesni_xts_decrypt: 1407 .L_aesni_xts_decrypt_begin: 1408 pushl %ebp 1409 pushl %ebx 1410 pushl %esi 1411 pushl %edi 1412 movl 36(%esp),%edx 1413 movl 40(%esp),%esi 1414 movl 240(%edx),%ecx 1415 movups (%esi),%xmm2 1416 movups (%edx),%xmm0 1417 movups 16(%edx),%xmm1 1418 leal 32(%edx),%edx 1419 xorps %xmm0,%xmm2 1420 .L059enc1_loop_11: 1421 .byte 102,15,56,220,209 1422 decl %ecx 1423 movups (%edx),%xmm1 1424 leal 16(%edx),%edx 1425 jnz .L059enc1_loop_11 1426 .byte 102,15,56,221,209 1427 movl 20(%esp),%esi 1428 movl 24(%esp),%edi 1429 movl 28(%esp),%eax 1430 movl 32(%esp),%edx 1431 movl %esp,%ebp 1432 subl $120,%esp 1433 andl $-16,%esp 1434 xorl %ebx,%ebx 1435 testl $15,%eax 1436 setnz %bl 1437 shll $4,%ebx 1438 subl %ebx,%eax 1439 movl $135,96(%esp) 1440 movl $0,100(%esp) 1441 movl $1,104(%esp) 1442 movl $0,108(%esp) 1443 movl %eax,112(%esp) 1444 movl %ebp,116(%esp) 1445 movl 240(%edx),%ecx 1446 movl %edx,%ebp 1447 movl %ecx,%ebx 1448 movdqa %xmm2,%xmm1 1449 pxor %xmm0,%xmm0 1450 movdqa 96(%esp),%xmm3 1451 pcmpgtd %xmm1,%xmm0 1452 andl $-16,%eax 1453 subl $96,%eax 1454 jc .L060xts_dec_short 1455 shll $4,%ecx 1456 movl $16,%ebx 1457 subl %ecx,%ebx 1458 leal 32(%edx,%ecx,1),%edx 1459 jmp .L061xts_dec_loop6 1460 .align 16 1461 .L061xts_dec_loop6: 1462 pshufd $19,%xmm0,%xmm2 1463 pxor %xmm0,%xmm0 1464 movdqa %xmm1,(%esp) 1465 paddq %xmm1,%xmm1 1466 pand %xmm3,%xmm2 1467 pcmpgtd %xmm1,%xmm0 1468 pxor %xmm2,%xmm1 1469 pshufd $19,%xmm0,%xmm2 1470 pxor %xmm0,%xmm0 1471 movdqa %xmm1,16(%esp) 1472 paddq %xmm1,%xmm1 1473 pand %xmm3,%xmm2 1474 pcmpgtd %xmm1,%xmm0 1475 pxor %xmm2,%xmm1 1476 pshufd $19,%xmm0,%xmm2 1477 pxor %xmm0,%xmm0 1478 movdqa %xmm1,32(%esp) 1479 paddq %xmm1,%xmm1 1480 pand %xmm3,%xmm2 1481 pcmpgtd %xmm1,%xmm0 1482 pxor %xmm2,%xmm1 1483 pshufd $19,%xmm0,%xmm2 1484 pxor %xmm0,%xmm0 1485 movdqa %xmm1,48(%esp) 1486 paddq %xmm1,%xmm1 1487 pand %xmm3,%xmm2 1488 pcmpgtd %xmm1,%xmm0 1489 pxor %xmm2,%xmm1 1490 pshufd $19,%xmm0,%xmm7 1491 movdqa %xmm1,64(%esp) 1492 paddq %xmm1,%xmm1 1493 movups (%ebp),%xmm0 1494 pand %xmm3,%xmm7 1495 movups (%esi),%xmm2 1496 pxor %xmm1,%xmm7 1497 movl %ebx,%ecx 1498 movdqu 16(%esi),%xmm3 1499 xorps %xmm0,%xmm2 1500 movdqu 32(%esi),%xmm4 1501 pxor %xmm0,%xmm3 1502 movdqu 48(%esi),%xmm5 1503 pxor %xmm0,%xmm4 1504 movdqu 64(%esi),%xmm6 1505 pxor %xmm0,%xmm5 1506 movdqu 80(%esi),%xmm1 1507 pxor %xmm0,%xmm6 1508 leal 96(%esi),%esi 1509 pxor (%esp),%xmm2 1510 movdqa %xmm7,80(%esp) 1511 pxor %xmm1,%xmm7 1512 movups 16(%ebp),%xmm1 1513 pxor 16(%esp),%xmm3 1514 pxor 32(%esp),%xmm4 1515 .byte 102,15,56,222,209 1516 pxor 48(%esp),%xmm5 1517 pxor 64(%esp),%xmm6 1518 .byte 102,15,56,222,217 1519 pxor %xmm0,%xmm7 1520 movups 32(%ebp),%xmm0 1521 .byte 102,15,56,222,225 1522 .byte 102,15,56,222,233 1523 .byte 102,15,56,222,241 1524 .byte 102,15,56,222,249 1525 call .L_aesni_decrypt6_enter 1526 movdqa 80(%esp),%xmm1 1527 pxor %xmm0,%xmm0 1528 xorps (%esp),%xmm2 1529 pcmpgtd %xmm1,%xmm0 1530 xorps 16(%esp),%xmm3 1531 movups %xmm2,(%edi) 1532 xorps 32(%esp),%xmm4 1533 movups %xmm3,16(%edi) 1534 xorps 48(%esp),%xmm5 1535 movups %xmm4,32(%edi) 1536 xorps 64(%esp),%xmm6 1537 movups %xmm5,48(%edi) 1538 xorps %xmm1,%xmm7 1539 movups %xmm6,64(%edi) 1540 pshufd $19,%xmm0,%xmm2 1541 movups %xmm7,80(%edi) 1542 leal 96(%edi),%edi 1543 movdqa 96(%esp),%xmm3 1544 pxor %xmm0,%xmm0 1545 paddq %xmm1,%xmm1 1546 pand %xmm3,%xmm2 1547 pcmpgtd %xmm1,%xmm0 1548 pxor %xmm2,%xmm1 1549 subl $96,%eax 1550 jnc .L061xts_dec_loop6 1551 movl 240(%ebp),%ecx 1552 movl %ebp,%edx 1553 movl %ecx,%ebx 1554 .L060xts_dec_short: 1555 addl $96,%eax 1556 jz .L062xts_dec_done6x 1557 movdqa %xmm1,%xmm5 1558 cmpl $32,%eax 1559 jb .L063xts_dec_one 1560 pshufd $19,%xmm0,%xmm2 1561 pxor %xmm0,%xmm0 1562 paddq %xmm1,%xmm1 1563 pand %xmm3,%xmm2 1564 pcmpgtd %xmm1,%xmm0 1565 pxor %xmm2,%xmm1 1566 je .L064xts_dec_two 1567 pshufd $19,%xmm0,%xmm2 1568 pxor %xmm0,%xmm0 1569 movdqa %xmm1,%xmm6 1570 paddq %xmm1,%xmm1 1571 pand %xmm3,%xmm2 1572 pcmpgtd %xmm1,%xmm0 1573 pxor %xmm2,%xmm1 1574 cmpl $64,%eax 1575 jb .L065xts_dec_three 1576 pshufd $19,%xmm0,%xmm2 1577 pxor %xmm0,%xmm0 1578 movdqa %xmm1,%xmm7 1579 paddq %xmm1,%xmm1 1580 pand %xmm3,%xmm2 1581 pcmpgtd %xmm1,%xmm0 1582 pxor %xmm2,%xmm1 1583 movdqa %xmm5,(%esp) 1584 movdqa %xmm6,16(%esp) 1585 je .L066xts_dec_four 1586 movdqa %xmm7,32(%esp) 1587 pshufd $19,%xmm0,%xmm7 1588 movdqa %xmm1,48(%esp) 1589 paddq %xmm1,%xmm1 1590 pand %xmm3,%xmm7 1591 pxor %xmm1,%xmm7 1592 movdqu (%esi),%xmm2 1593 movdqu 16(%esi),%xmm3 1594 movdqu 32(%esi),%xmm4 1595 pxor (%esp),%xmm2 1596 movdqu 48(%esi),%xmm5 1597 pxor 16(%esp),%xmm3 1598 movdqu 64(%esi),%xmm6 1599 pxor 32(%esp),%xmm4 1600 leal 80(%esi),%esi 1601 pxor 48(%esp),%xmm5 1602 movdqa %xmm7,64(%esp) 1603 pxor %xmm7,%xmm6 1604 call _aesni_decrypt6 1605 movaps 64(%esp),%xmm1 1606 xorps (%esp),%xmm2 1607 xorps 16(%esp),%xmm3 1608 xorps 32(%esp),%xmm4 1609 movups %xmm2,(%edi) 1610 xorps 48(%esp),%xmm5 1611 movups %xmm3,16(%edi) 1612 xorps %xmm1,%xmm6 1613 movups %xmm4,32(%edi) 1614 movups %xmm5,48(%edi) 1615 movups %xmm6,64(%edi) 1616 leal 80(%edi),%edi 1617 jmp .L067xts_dec_done 1618 .align 16 1619 .L063xts_dec_one: 1620 movups (%esi),%xmm2 1621 leal 16(%esi),%esi 1622 xorps %xmm5,%xmm2 1623 movups (%edx),%xmm0 1624 movups 16(%edx),%xmm1 1625 leal 32(%edx),%edx 1626 xorps %xmm0,%xmm2 1627 .L068dec1_loop_12: 1628 .byte 102,15,56,222,209 1629 decl %ecx 1630 movups (%edx),%xmm1 1631 leal 16(%edx),%edx 1632 jnz .L068dec1_loop_12 1633 .byte 102,15,56,223,209 1634 xorps %xmm5,%xmm2 1635 movups %xmm2,(%edi) 1636 leal 16(%edi),%edi 1637 movdqa %xmm5,%xmm1 1638 jmp .L067xts_dec_done 1639 .align 16 1640 .L064xts_dec_two: 1641 movaps %xmm1,%xmm6 1642 movups (%esi),%xmm2 1643 movups 16(%esi),%xmm3 1644 leal 32(%esi),%esi 1645 xorps %xmm5,%xmm2 1646 xorps %xmm6,%xmm3 1647 call _aesni_decrypt2 1648 xorps %xmm5,%xmm2 1649 xorps %xmm6,%xmm3 1650 movups %xmm2,(%edi) 1651 movups %xmm3,16(%edi) 1652 leal 32(%edi),%edi 1653 movdqa %xmm6,%xmm1 1654 jmp .L067xts_dec_done 1655 .align 16 1656 .L065xts_dec_three: 1657 movaps %xmm1,%xmm7 1658 movups (%esi),%xmm2 1659 movups 16(%esi),%xmm3 1660 movups 32(%esi),%xmm4 1661 leal 48(%esi),%esi 1662 xorps %xmm5,%xmm2 1663 xorps %xmm6,%xmm3 1664 xorps %xmm7,%xmm4 1665 call _aesni_decrypt3 1666 xorps %xmm5,%xmm2 1667 xorps %xmm6,%xmm3 1668 xorps %xmm7,%xmm4 1669 movups %xmm2,(%edi) 1670 movups %xmm3,16(%edi) 1671 movups %xmm4,32(%edi) 1672 leal 48(%edi),%edi 1673 movdqa %xmm7,%xmm1 1674 jmp .L067xts_dec_done 1675 .align 16 1676 .L066xts_dec_four: 1677 movaps %xmm1,%xmm6 1678 movups (%esi),%xmm2 1679 movups 16(%esi),%xmm3 1680 movups 32(%esi),%xmm4 1681 xorps (%esp),%xmm2 1682 movups 48(%esi),%xmm5 1683 leal 64(%esi),%esi 1684 xorps 16(%esp),%xmm3 1685 xorps %xmm7,%xmm4 1686 xorps %xmm6,%xmm5 1687 call _aesni_decrypt4 1688 xorps (%esp),%xmm2 1689 xorps 16(%esp),%xmm3 1690 xorps %xmm7,%xmm4 1691 movups %xmm2,(%edi) 1692 xorps %xmm6,%xmm5 1693 movups %xmm3,16(%edi) 1694 movups %xmm4,32(%edi) 1695 movups %xmm5,48(%edi) 1696 leal 64(%edi),%edi 1697 movdqa %xmm6,%xmm1 1698 jmp .L067xts_dec_done 1699 .align 16 1700 .L062xts_dec_done6x: 1701 movl 112(%esp),%eax 1702 andl $15,%eax 1703 jz .L069xts_dec_ret 1704 movl %eax,112(%esp) 1705 jmp .L070xts_dec_only_one_more 1706 .align 16 1707 .L067xts_dec_done: 1708 movl 112(%esp),%eax 1709 pxor %xmm0,%xmm0 1710 andl $15,%eax 1711 jz .L069xts_dec_ret 1712 pcmpgtd %xmm1,%xmm0 1713 movl %eax,112(%esp) 1714 pshufd $19,%xmm0,%xmm2 1715 pxor %xmm0,%xmm0 1716 movdqa 96(%esp),%xmm3 1717 paddq %xmm1,%xmm1 1718 pand %xmm3,%xmm2 1719 pcmpgtd %xmm1,%xmm0 1720 pxor %xmm2,%xmm1 1721 .L070xts_dec_only_one_more: 1722 pshufd $19,%xmm0,%xmm5 1723 movdqa %xmm1,%xmm6 1724 paddq %xmm1,%xmm1 1725 pand %xmm3,%xmm5 1726 pxor %xmm1,%xmm5 1727 movl %ebp,%edx 1728 movl %ebx,%ecx 1729 movups (%esi),%xmm2 1730 xorps %xmm5,%xmm2 1731 movups (%edx),%xmm0 1732 movups 16(%edx),%xmm1 1733 leal 32(%edx),%edx 1734 xorps %xmm0,%xmm2 1735 .L071dec1_loop_13: 1736 .byte 102,15,56,222,209 1737 decl %ecx 1738 movups (%edx),%xmm1 1739 leal 16(%edx),%edx 1740 jnz .L071dec1_loop_13 1741 .byte 102,15,56,223,209 1742 xorps %xmm5,%xmm2 1743 movups %xmm2,(%edi) 1744 .L072xts_dec_steal: 1745 movzbl 16(%esi),%ecx 1746 movzbl (%edi),%edx 1747 leal 1(%esi),%esi 1748 movb %cl,(%edi) 1749 movb %dl,16(%edi) 1750 leal 1(%edi),%edi 1751 subl $1,%eax 1752 jnz .L072xts_dec_steal 1753 subl 112(%esp),%edi 1754 movl %ebp,%edx 1755 movl %ebx,%ecx 1756 movups (%edi),%xmm2 1757 xorps %xmm6,%xmm2 1758 movups (%edx),%xmm0 1759 movups 16(%edx),%xmm1 1760 leal 32(%edx),%edx 1761 xorps %xmm0,%xmm2 1762 .L073dec1_loop_14: 1763 .byte 102,15,56,222,209 1764 decl %ecx 1765 movups (%edx),%xmm1 1766 leal 16(%edx),%edx 1767 jnz .L073dec1_loop_14 1768 .byte 102,15,56,223,209 1769 xorps %xmm6,%xmm2 1770 movups %xmm2,(%edi) 1771 .L069xts_dec_ret: 1772 pxor %xmm0,%xmm0 1773 pxor %xmm1,%xmm1 1774 pxor %xmm2,%xmm2 1775 movdqa %xmm0,(%esp) 1776 pxor %xmm3,%xmm3 1777 movdqa %xmm0,16(%esp) 1778 pxor %xmm4,%xmm4 1779 movdqa %xmm0,32(%esp) 1780 pxor %xmm5,%xmm5 1781 movdqa %xmm0,48(%esp) 1782 pxor %xmm6,%xmm6 1783 movdqa %xmm0,64(%esp) 1784 pxor %xmm7,%xmm7 1785 movdqa %xmm0,80(%esp) 1786 movl 116(%esp),%esp 1787 popl %edi 1788 popl %esi 1789 popl %ebx 1790 popl %ebp 1791 ret 1792 .size aesni_xts_decrypt,.-.L_aesni_xts_decrypt_begin 1793 .globl aesni_ocb_encrypt 1794 .type aesni_ocb_encrypt,@function 1795 .align 16 1796 aesni_ocb_encrypt: 1797 .L_aesni_ocb_encrypt_begin: 1798 pushl %ebp 1799 pushl %ebx 1800 pushl %esi 1801 pushl %edi 1802 movl 40(%esp),%ecx 1803 movl 48(%esp),%ebx 1804 movl 20(%esp),%esi 1805 movl 24(%esp),%edi 1806 movl 28(%esp),%eax 1807 movl 32(%esp),%edx 1808 movdqu (%ecx),%xmm0 1809 movl 36(%esp),%ebp 1810 movdqu (%ebx),%xmm1 1811 movl 44(%esp),%ebx 1812 movl %esp,%ecx 1813 subl $132,%esp 1814 andl $-16,%esp 1815 subl %esi,%edi 1816 shll $4,%eax 1817 leal -96(%esi,%eax,1),%eax 1818 movl %edi,120(%esp) 1819 movl %eax,124(%esp) 1820 movl %ecx,128(%esp) 1821 movl 240(%edx),%ecx 1822 testl $1,%ebp 1823 jnz .L074odd 1824 bsfl %ebp,%eax 1825 addl $1,%ebp 1826 shll $4,%eax 1827 movdqu (%ebx,%eax,1),%xmm7 1828 movl %edx,%eax 1829 movdqu (%esi),%xmm2 1830 leal 16(%esi),%esi 1831 pxor %xmm0,%xmm7 1832 pxor %xmm2,%xmm1 1833 pxor %xmm7,%xmm2 1834 movdqa %xmm1,%xmm6 1835 movups (%edx),%xmm0 1836 movups 16(%edx),%xmm1 1837 leal 32(%edx),%edx 1838 xorps %xmm0,%xmm2 1839 .L075enc1_loop_15: 1840 .byte 102,15,56,220,209 1841 decl %ecx 1842 movups (%edx),%xmm1 1843 leal 16(%edx),%edx 1844 jnz .L075enc1_loop_15 1845 .byte 102,15,56,221,209 1846 xorps %xmm7,%xmm2 1847 movdqa %xmm7,%xmm0 1848 movdqa %xmm6,%xmm1 1849 movups %xmm2,-16(%edi,%esi,1) 1850 movl 240(%eax),%ecx 1851 movl %eax,%edx 1852 movl 124(%esp),%eax 1853 .L074odd: 1854 shll $4,%ecx 1855 movl $16,%edi 1856 subl %ecx,%edi 1857 movl %edx,112(%esp) 1858 leal 32(%edx,%ecx,1),%edx 1859 movl %edi,116(%esp) 1860 cmpl %eax,%esi 1861 ja .L076short 1862 jmp .L077grandloop 1863 .align 32 1864 .L077grandloop: 1865 leal 1(%ebp),%ecx 1866 leal 3(%ebp),%eax 1867 leal 5(%ebp),%edi 1868 addl $6,%ebp 1869 bsfl %ecx,%ecx 1870 bsfl %eax,%eax 1871 bsfl %edi,%edi 1872 shll $4,%ecx 1873 shll $4,%eax 1874 shll $4,%edi 1875 movdqu (%ebx),%xmm2 1876 movdqu (%ebx,%ecx,1),%xmm3 1877 movl 116(%esp),%ecx 1878 movdqa %xmm2,%xmm4 1879 movdqu (%ebx,%eax,1),%xmm5 1880 movdqa %xmm2,%xmm6 1881 movdqu (%ebx,%edi,1),%xmm7 1882 pxor %xmm0,%xmm2 1883 pxor %xmm2,%xmm3 1884 movdqa %xmm2,(%esp) 1885 pxor %xmm3,%xmm4 1886 movdqa %xmm3,16(%esp) 1887 pxor %xmm4,%xmm5 1888 movdqa %xmm4,32(%esp) 1889 pxor %xmm5,%xmm6 1890 movdqa %xmm5,48(%esp) 1891 pxor %xmm6,%xmm7 1892 movdqa %xmm6,64(%esp) 1893 movdqa %xmm7,80(%esp) 1894 movups -48(%edx,%ecx,1),%xmm0 1895 movdqu (%esi),%xmm2 1896 movdqu 16(%esi),%xmm3 1897 movdqu 32(%esi),%xmm4 1898 movdqu 48(%esi),%xmm5 1899 movdqu 64(%esi),%xmm6 1900 movdqu 80(%esi),%xmm7 1901 leal 96(%esi),%esi 1902 pxor %xmm2,%xmm1 1903 pxor %xmm0,%xmm2 1904 pxor %xmm3,%xmm1 1905 pxor %xmm0,%xmm3 1906 pxor %xmm4,%xmm1 1907 pxor %xmm0,%xmm4 1908 pxor %xmm5,%xmm1 1909 pxor %xmm0,%xmm5 1910 pxor %xmm6,%xmm1 1911 pxor %xmm0,%xmm6 1912 pxor %xmm7,%xmm1 1913 pxor %xmm0,%xmm7 1914 movdqa %xmm1,96(%esp) 1915 movups -32(%edx,%ecx,1),%xmm1 1916 pxor (%esp),%xmm2 1917 pxor 16(%esp),%xmm3 1918 pxor 32(%esp),%xmm4 1919 pxor 48(%esp),%xmm5 1920 pxor 64(%esp),%xmm6 1921 pxor 80(%esp),%xmm7 1922 movups -16(%edx,%ecx,1),%xmm0 1923 .byte 102,15,56,220,209 1924 .byte 102,15,56,220,217 1925 .byte 102,15,56,220,225 1926 .byte 102,15,56,220,233 1927 .byte 102,15,56,220,241 1928 .byte 102,15,56,220,249 1929 movl 120(%esp),%edi 1930 movl 124(%esp),%eax 1931 call .L_aesni_encrypt6_enter 1932 movdqa 80(%esp),%xmm0 1933 pxor (%esp),%xmm2 1934 pxor 16(%esp),%xmm3 1935 pxor 32(%esp),%xmm4 1936 pxor 48(%esp),%xmm5 1937 pxor 64(%esp),%xmm6 1938 pxor %xmm0,%xmm7 1939 movdqa 96(%esp),%xmm1 1940 movdqu %xmm2,-96(%edi,%esi,1) 1941 movdqu %xmm3,-80(%edi,%esi,1) 1942 movdqu %xmm4,-64(%edi,%esi,1) 1943 movdqu %xmm5,-48(%edi,%esi,1) 1944 movdqu %xmm6,-32(%edi,%esi,1) 1945 movdqu %xmm7,-16(%edi,%esi,1) 1946 cmpl %eax,%esi 1947 jb .L077grandloop 1948 .L076short: 1949 addl $96,%eax 1950 subl %esi,%eax 1951 jz .L078done 1952 cmpl $32,%eax 1953 jb .L079one 1954 je .L080two 1955 cmpl $64,%eax 1956 jb .L081three 1957 je .L082four 1958 leal 1(%ebp),%ecx 1959 leal 3(%ebp),%eax 1960 bsfl %ecx,%ecx 1961 bsfl %eax,%eax 1962 shll $4,%ecx 1963 shll $4,%eax 1964 movdqu (%ebx),%xmm2 1965 movdqu (%ebx,%ecx,1),%xmm3 1966 movl 116(%esp),%ecx 1967 movdqa %xmm2,%xmm4 1968 movdqu (%ebx,%eax,1),%xmm5 1969 movdqa %xmm2,%xmm6 1970 pxor %xmm0,%xmm2 1971 pxor %xmm2,%xmm3 1972 movdqa %xmm2,(%esp) 1973 pxor %xmm3,%xmm4 1974 movdqa %xmm3,16(%esp) 1975 pxor %xmm4,%xmm5 1976 movdqa %xmm4,32(%esp) 1977 pxor %xmm5,%xmm6 1978 movdqa %xmm5,48(%esp) 1979 pxor %xmm6,%xmm7 1980 movdqa %xmm6,64(%esp) 1981 movups -48(%edx,%ecx,1),%xmm0 1982 movdqu (%esi),%xmm2 1983 movdqu 16(%esi),%xmm3 1984 movdqu 32(%esi),%xmm4 1985 movdqu 48(%esi),%xmm5 1986 movdqu 64(%esi),%xmm6 1987 pxor %xmm7,%xmm7 1988 pxor %xmm2,%xmm1 1989 pxor %xmm0,%xmm2 1990 pxor %xmm3,%xmm1 1991 pxor %xmm0,%xmm3 1992 pxor %xmm4,%xmm1 1993 pxor %xmm0,%xmm4 1994 pxor %xmm5,%xmm1 1995 pxor %xmm0,%xmm5 1996 pxor %xmm6,%xmm1 1997 pxor %xmm0,%xmm6 1998 movdqa %xmm1,96(%esp) 1999 movups -32(%edx,%ecx,1),%xmm1 2000 pxor (%esp),%xmm2 2001 pxor 16(%esp),%xmm3 2002 pxor 32(%esp),%xmm4 2003 pxor 48(%esp),%xmm5 2004 pxor 64(%esp),%xmm6 2005 movups -16(%edx,%ecx,1),%xmm0 2006 .byte 102,15,56,220,209 2007 .byte 102,15,56,220,217 2008 .byte 102,15,56,220,225 2009 .byte 102,15,56,220,233 2010 .byte 102,15,56,220,241 2011 .byte 102,15,56,220,249 2012 movl 120(%esp),%edi 2013 call .L_aesni_encrypt6_enter 2014 movdqa 64(%esp),%xmm0 2015 pxor (%esp),%xmm2 2016 pxor 16(%esp),%xmm3 2017 pxor 32(%esp),%xmm4 2018 pxor 48(%esp),%xmm5 2019 pxor %xmm0,%xmm6 2020 movdqa 96(%esp),%xmm1 2021 movdqu %xmm2,(%edi,%esi,1) 2022 movdqu %xmm3,16(%edi,%esi,1) 2023 movdqu %xmm4,32(%edi,%esi,1) 2024 movdqu %xmm5,48(%edi,%esi,1) 2025 movdqu %xmm6,64(%edi,%esi,1) 2026 jmp .L078done 2027 .align 16 2028 .L079one: 2029 movdqu (%ebx),%xmm7 2030 movl 112(%esp),%edx 2031 movdqu (%esi),%xmm2 2032 movl 240(%edx),%ecx 2033 pxor %xmm0,%xmm7 2034 pxor %xmm2,%xmm1 2035 pxor %xmm7,%xmm2 2036 movdqa %xmm1,%xmm6 2037 movl 120(%esp),%edi 2038 movups (%edx),%xmm0 2039 movups 16(%edx),%xmm1 2040 leal 32(%edx),%edx 2041 xorps %xmm0,%xmm2 2042 .L083enc1_loop_16: 2043 .byte 102,15,56,220,209 2044 decl %ecx 2045 movups (%edx),%xmm1 2046 leal 16(%edx),%edx 2047 jnz .L083enc1_loop_16 2048 .byte 102,15,56,221,209 2049 xorps %xmm7,%xmm2 2050 movdqa %xmm7,%xmm0 2051 movdqa %xmm6,%xmm1 2052 movups %xmm2,(%edi,%esi,1) 2053 jmp .L078done 2054 .align 16 2055 .L080two: 2056 leal 1(%ebp),%ecx 2057 movl 112(%esp),%edx 2058 bsfl %ecx,%ecx 2059 shll $4,%ecx 2060 movdqu (%ebx),%xmm6 2061 movdqu (%ebx,%ecx,1),%xmm7 2062 movdqu (%esi),%xmm2 2063 movdqu 16(%esi),%xmm3 2064 movl 240(%edx),%ecx 2065 pxor %xmm0,%xmm6 2066 pxor %xmm6,%xmm7 2067 pxor %xmm2,%xmm1 2068 pxor %xmm6,%xmm2 2069 pxor %xmm3,%xmm1 2070 pxor %xmm7,%xmm3 2071 movdqa %xmm1,%xmm5 2072 movl 120(%esp),%edi 2073 call _aesni_encrypt2 2074 xorps %xmm6,%xmm2 2075 xorps %xmm7,%xmm3 2076 movdqa %xmm7,%xmm0 2077 movdqa %xmm5,%xmm1 2078 movups %xmm2,(%edi,%esi,1) 2079 movups %xmm3,16(%edi,%esi,1) 2080 jmp .L078done 2081 .align 16 2082 .L081three: 2083 leal 1(%ebp),%ecx 2084 movl 112(%esp),%edx 2085 bsfl %ecx,%ecx 2086 shll $4,%ecx 2087 movdqu (%ebx),%xmm5 2088 movdqu (%ebx,%ecx,1),%xmm6 2089 movdqa %xmm5,%xmm7 2090 movdqu (%esi),%xmm2 2091 movdqu 16(%esi),%xmm3 2092 movdqu 32(%esi),%xmm4 2093 movl 240(%edx),%ecx 2094 pxor %xmm0,%xmm5 2095 pxor %xmm5,%xmm6 2096 pxor %xmm6,%xmm7 2097 pxor %xmm2,%xmm1 2098 pxor %xmm5,%xmm2 2099 pxor %xmm3,%xmm1 2100 pxor %xmm6,%xmm3 2101 pxor %xmm4,%xmm1 2102 pxor %xmm7,%xmm4 2103 movdqa %xmm1,96(%esp) 2104 movl 120(%esp),%edi 2105 call _aesni_encrypt3 2106 xorps %xmm5,%xmm2 2107 xorps %xmm6,%xmm3 2108 xorps %xmm7,%xmm4 2109 movdqa %xmm7,%xmm0 2110 movdqa 96(%esp),%xmm1 2111 movups %xmm2,(%edi,%esi,1) 2112 movups %xmm3,16(%edi,%esi,1) 2113 movups %xmm4,32(%edi,%esi,1) 2114 jmp .L078done 2115 .align 16 2116 .L082four: 2117 leal 1(%ebp),%ecx 2118 leal 3(%ebp),%eax 2119 bsfl %ecx,%ecx 2120 bsfl %eax,%eax 2121 movl 112(%esp),%edx 2122 shll $4,%ecx 2123 shll $4,%eax 2124 movdqu (%ebx),%xmm4 2125 movdqu (%ebx,%ecx,1),%xmm5 2126 movdqa %xmm4,%xmm6 2127 movdqu (%ebx,%eax,1),%xmm7 2128 pxor %xmm0,%xmm4 2129 movdqu (%esi),%xmm2 2130 pxor %xmm4,%xmm5 2131 movdqu 16(%esi),%xmm3 2132 pxor %xmm5,%xmm6 2133 movdqa %xmm4,(%esp) 2134 pxor %xmm6,%xmm7 2135 movdqa %xmm5,16(%esp) 2136 movdqu 32(%esi),%xmm4 2137 movdqu 48(%esi),%xmm5 2138 movl 240(%edx),%ecx 2139 pxor %xmm2,%xmm1 2140 pxor (%esp),%xmm2 2141 pxor %xmm3,%xmm1 2142 pxor 16(%esp),%xmm3 2143 pxor %xmm4,%xmm1 2144 pxor %xmm6,%xmm4 2145 pxor %xmm5,%xmm1 2146 pxor %xmm7,%xmm5 2147 movdqa %xmm1,96(%esp) 2148 movl 120(%esp),%edi 2149 call _aesni_encrypt4 2150 xorps (%esp),%xmm2 2151 xorps 16(%esp),%xmm3 2152 xorps %xmm6,%xmm4 2153 movups %xmm2,(%edi,%esi,1) 2154 xorps %xmm7,%xmm5 2155 movups %xmm3,16(%edi,%esi,1) 2156 movdqa %xmm7,%xmm0 2157 movups %xmm4,32(%edi,%esi,1) 2158 movdqa 96(%esp),%xmm1 2159 movups %xmm5,48(%edi,%esi,1) 2160 .L078done: 2161 movl 128(%esp),%edx 2162 pxor %xmm2,%xmm2 2163 pxor %xmm3,%xmm3 2164 movdqa %xmm2,(%esp) 2165 pxor %xmm4,%xmm4 2166 movdqa %xmm2,16(%esp) 2167 pxor %xmm5,%xmm5 2168 movdqa %xmm2,32(%esp) 2169 pxor %xmm6,%xmm6 2170 movdqa %xmm2,48(%esp) 2171 pxor %xmm7,%xmm7 2172 movdqa %xmm2,64(%esp) 2173 movdqa %xmm2,80(%esp) 2174 movdqa %xmm2,96(%esp) 2175 leal (%edx),%esp 2176 movl 40(%esp),%ecx 2177 movl 48(%esp),%ebx 2178 movdqu %xmm0,(%ecx) 2179 pxor %xmm0,%xmm0 2180 movdqu %xmm1,(%ebx) 2181 pxor %xmm1,%xmm1 2182 popl %edi 2183 popl %esi 2184 popl %ebx 2185 popl %ebp 2186 ret 2187 .size aesni_ocb_encrypt,.-.L_aesni_ocb_encrypt_begin 2188 .globl aesni_ocb_decrypt 2189 .type aesni_ocb_decrypt,@function 2190 .align 16 2191 aesni_ocb_decrypt: 2192 .L_aesni_ocb_decrypt_begin: 2193 pushl %ebp 2194 pushl %ebx 2195 pushl %esi 2196 pushl %edi 2197 movl 40(%esp),%ecx 2198 movl 48(%esp),%ebx 2199 movl 20(%esp),%esi 2200 movl 24(%esp),%edi 2201 movl 28(%esp),%eax 2202 movl 32(%esp),%edx 2203 movdqu (%ecx),%xmm0 2204 movl 36(%esp),%ebp 2205 movdqu (%ebx),%xmm1 2206 movl 44(%esp),%ebx 2207 movl %esp,%ecx 2208 subl $132,%esp 2209 andl $-16,%esp 2210 subl %esi,%edi 2211 shll $4,%eax 2212 leal -96(%esi,%eax,1),%eax 2213 movl %edi,120(%esp) 2214 movl %eax,124(%esp) 2215 movl %ecx,128(%esp) 2216 movl 240(%edx),%ecx 2217 testl $1,%ebp 2218 jnz .L084odd 2219 bsfl %ebp,%eax 2220 addl $1,%ebp 2221 shll $4,%eax 2222 movdqu (%ebx,%eax,1),%xmm7 2223 movl %edx,%eax 2224 movdqu (%esi),%xmm2 2225 leal 16(%esi),%esi 2226 pxor %xmm0,%xmm7 2227 pxor %xmm7,%xmm2 2228 movdqa %xmm1,%xmm6 2229 movups (%edx),%xmm0 2230 movups 16(%edx),%xmm1 2231 leal 32(%edx),%edx 2232 xorps %xmm0,%xmm2 2233 .L085dec1_loop_17: 2234 .byte 102,15,56,222,209 2235 decl %ecx 2236 movups (%edx),%xmm1 2237 leal 16(%edx),%edx 2238 jnz .L085dec1_loop_17 2239 .byte 102,15,56,223,209 2240 xorps %xmm7,%xmm2 2241 movaps %xmm6,%xmm1 2242 movdqa %xmm7,%xmm0 2243 xorps %xmm2,%xmm1 2244 movups %xmm2,-16(%edi,%esi,1) 2245 movl 240(%eax),%ecx 2246 movl %eax,%edx 2247 movl 124(%esp),%eax 2248 .L084odd: 2249 shll $4,%ecx 2250 movl $16,%edi 2251 subl %ecx,%edi 2252 movl %edx,112(%esp) 2253 leal 32(%edx,%ecx,1),%edx 2254 movl %edi,116(%esp) 2255 cmpl %eax,%esi 2256 ja .L086short 2257 jmp .L087grandloop 2258 .align 32 2259 .L087grandloop: 2260 leal 1(%ebp),%ecx 2261 leal 3(%ebp),%eax 2262 leal 5(%ebp),%edi 2263 addl $6,%ebp 2264 bsfl %ecx,%ecx 2265 bsfl %eax,%eax 2266 bsfl %edi,%edi 2267 shll $4,%ecx 2268 shll $4,%eax 2269 shll $4,%edi 2270 movdqu (%ebx),%xmm2 2271 movdqu (%ebx,%ecx,1),%xmm3 2272 movl 116(%esp),%ecx 2273 movdqa %xmm2,%xmm4 2274 movdqu (%ebx,%eax,1),%xmm5 2275 movdqa %xmm2,%xmm6 2276 movdqu (%ebx,%edi,1),%xmm7 2277 pxor %xmm0,%xmm2 2278 pxor %xmm2,%xmm3 2279 movdqa %xmm2,(%esp) 2280 pxor %xmm3,%xmm4 2281 movdqa %xmm3,16(%esp) 2282 pxor %xmm4,%xmm5 2283 movdqa %xmm4,32(%esp) 2284 pxor %xmm5,%xmm6 2285 movdqa %xmm5,48(%esp) 2286 pxor %xmm6,%xmm7 2287 movdqa %xmm6,64(%esp) 2288 movdqa %xmm7,80(%esp) 2289 movups -48(%edx,%ecx,1),%xmm0 2290 movdqu (%esi),%xmm2 2291 movdqu 16(%esi),%xmm3 2292 movdqu 32(%esi),%xmm4 2293 movdqu 48(%esi),%xmm5 2294 movdqu 64(%esi),%xmm6 2295 movdqu 80(%esi),%xmm7 2296 leal 96(%esi),%esi 2297 movdqa %xmm1,96(%esp) 2298 pxor %xmm0,%xmm2 2299 pxor %xmm0,%xmm3 2300 pxor %xmm0,%xmm4 2301 pxor %xmm0,%xmm5 2302 pxor %xmm0,%xmm6 2303 pxor %xmm0,%xmm7 2304 movups -32(%edx,%ecx,1),%xmm1 2305 pxor (%esp),%xmm2 2306 pxor 16(%esp),%xmm3 2307 pxor 32(%esp),%xmm4 2308 pxor 48(%esp),%xmm5 2309 pxor 64(%esp),%xmm6 2310 pxor 80(%esp),%xmm7 2311 movups -16(%edx,%ecx,1),%xmm0 2312 .byte 102,15,56,222,209 2313 .byte 102,15,56,222,217 2314 .byte 102,15,56,222,225 2315 .byte 102,15,56,222,233 2316 .byte 102,15,56,222,241 2317 .byte 102,15,56,222,249 2318 movl 120(%esp),%edi 2319 movl 124(%esp),%eax 2320 call .L_aesni_decrypt6_enter 2321 movdqa 80(%esp),%xmm0 2322 pxor (%esp),%xmm2 2323 movdqa 96(%esp),%xmm1 2324 pxor 16(%esp),%xmm3 2325 pxor 32(%esp),%xmm4 2326 pxor 48(%esp),%xmm5 2327 pxor 64(%esp),%xmm6 2328 pxor %xmm0,%xmm7 2329 pxor %xmm2,%xmm1 2330 movdqu %xmm2,-96(%edi,%esi,1) 2331 pxor %xmm3,%xmm1 2332 movdqu %xmm3,-80(%edi,%esi,1) 2333 pxor %xmm4,%xmm1 2334 movdqu %xmm4,-64(%edi,%esi,1) 2335 pxor %xmm5,%xmm1 2336 movdqu %xmm5,-48(%edi,%esi,1) 2337 pxor %xmm6,%xmm1 2338 movdqu %xmm6,-32(%edi,%esi,1) 2339 pxor %xmm7,%xmm1 2340 movdqu %xmm7,-16(%edi,%esi,1) 2341 cmpl %eax,%esi 2342 jb .L087grandloop 2343 .L086short: 2344 addl $96,%eax 2345 subl %esi,%eax 2346 jz .L088done 2347 cmpl $32,%eax 2348 jb .L089one 2349 je .L090two 2350 cmpl $64,%eax 2351 jb .L091three 2352 je .L092four 2353 leal 1(%ebp),%ecx 2354 leal 3(%ebp),%eax 2355 bsfl %ecx,%ecx 2356 bsfl %eax,%eax 2357 shll $4,%ecx 2358 shll $4,%eax 2359 movdqu (%ebx),%xmm2 2360 movdqu (%ebx,%ecx,1),%xmm3 2361 movl 116(%esp),%ecx 2362 movdqa %xmm2,%xmm4 2363 movdqu (%ebx,%eax,1),%xmm5 2364 movdqa %xmm2,%xmm6 2365 pxor %xmm0,%xmm2 2366 pxor %xmm2,%xmm3 2367 movdqa %xmm2,(%esp) 2368 pxor %xmm3,%xmm4 2369 movdqa %xmm3,16(%esp) 2370 pxor %xmm4,%xmm5 2371 movdqa %xmm4,32(%esp) 2372 pxor %xmm5,%xmm6 2373 movdqa %xmm5,48(%esp) 2374 pxor %xmm6,%xmm7 2375 movdqa %xmm6,64(%esp) 2376 movups -48(%edx,%ecx,1),%xmm0 2377 movdqu (%esi),%xmm2 2378 movdqu 16(%esi),%xmm3 2379 movdqu 32(%esi),%xmm4 2380 movdqu 48(%esi),%xmm5 2381 movdqu 64(%esi),%xmm6 2382 pxor %xmm7,%xmm7 2383 movdqa %xmm1,96(%esp) 2384 pxor %xmm0,%xmm2 2385 pxor %xmm0,%xmm3 2386 pxor %xmm0,%xmm4 2387 pxor %xmm0,%xmm5 2388 pxor %xmm0,%xmm6 2389 movups -32(%edx,%ecx,1),%xmm1 2390 pxor (%esp),%xmm2 2391 pxor 16(%esp),%xmm3 2392 pxor 32(%esp),%xmm4 2393 pxor 48(%esp),%xmm5 2394 pxor 64(%esp),%xmm6 2395 movups -16(%edx,%ecx,1),%xmm0 2396 .byte 102,15,56,222,209 2397 .byte 102,15,56,222,217 2398 .byte 102,15,56,222,225 2399 .byte 102,15,56,222,233 2400 .byte 102,15,56,222,241 2401 .byte 102,15,56,222,249 2402 movl 120(%esp),%edi 2403 call .L_aesni_decrypt6_enter 2404 movdqa 64(%esp),%xmm0 2405 pxor (%esp),%xmm2 2406 movdqa 96(%esp),%xmm1 2407 pxor 16(%esp),%xmm3 2408 pxor 32(%esp),%xmm4 2409 pxor 48(%esp),%xmm5 2410 pxor %xmm0,%xmm6 2411 pxor %xmm2,%xmm1 2412 movdqu %xmm2,(%edi,%esi,1) 2413 pxor %xmm3,%xmm1 2414 movdqu %xmm3,16(%edi,%esi,1) 2415 pxor %xmm4,%xmm1 2416 movdqu %xmm4,32(%edi,%esi,1) 2417 pxor %xmm5,%xmm1 2418 movdqu %xmm5,48(%edi,%esi,1) 2419 pxor %xmm6,%xmm1 2420 movdqu %xmm6,64(%edi,%esi,1) 2421 jmp .L088done 2422 .align 16 2423 .L089one: 2424 movdqu (%ebx),%xmm7 2425 movl 112(%esp),%edx 2426 movdqu (%esi),%xmm2 2427 movl 240(%edx),%ecx 2428 pxor %xmm0,%xmm7 2429 pxor %xmm7,%xmm2 2430 movdqa %xmm1,%xmm6 2431 movl 120(%esp),%edi 2432 movups (%edx),%xmm0 2433 movups 16(%edx),%xmm1 2434 leal 32(%edx),%edx 2435 xorps %xmm0,%xmm2 2436 .L093dec1_loop_18: 2437 .byte 102,15,56,222,209 2438 decl %ecx 2439 movups (%edx),%xmm1 2440 leal 16(%edx),%edx 2441 jnz .L093dec1_loop_18 2442 .byte 102,15,56,223,209 2443 xorps %xmm7,%xmm2 2444 movaps %xmm6,%xmm1 2445 movdqa %xmm7,%xmm0 2446 xorps %xmm2,%xmm1 2447 movups %xmm2,(%edi,%esi,1) 2448 jmp .L088done 2449 .align 16 2450 .L090two: 2451 leal 1(%ebp),%ecx 2452 movl 112(%esp),%edx 2453 bsfl %ecx,%ecx 2454 shll $4,%ecx 2455 movdqu (%ebx),%xmm6 2456 movdqu (%ebx,%ecx,1),%xmm7 2457 movdqu (%esi),%xmm2 2458 movdqu 16(%esi),%xmm3 2459 movl 240(%edx),%ecx 2460 movdqa %xmm1,%xmm5 2461 pxor %xmm0,%xmm6 2462 pxor %xmm6,%xmm7 2463 pxor %xmm6,%xmm2 2464 pxor %xmm7,%xmm3 2465 movl 120(%esp),%edi 2466 call _aesni_decrypt2 2467 xorps %xmm6,%xmm2 2468 xorps %xmm7,%xmm3 2469 movdqa %xmm7,%xmm0 2470 xorps %xmm2,%xmm5 2471 movups %xmm2,(%edi,%esi,1) 2472 xorps %xmm3,%xmm5 2473 movups %xmm3,16(%edi,%esi,1) 2474 movaps %xmm5,%xmm1 2475 jmp .L088done 2476 .align 16 2477 .L091three: 2478 leal 1(%ebp),%ecx 2479 movl 112(%esp),%edx 2480 bsfl %ecx,%ecx 2481 shll $4,%ecx 2482 movdqu (%ebx),%xmm5 2483 movdqu (%ebx,%ecx,1),%xmm6 2484 movdqa %xmm5,%xmm7 2485 movdqu (%esi),%xmm2 2486 movdqu 16(%esi),%xmm3 2487 movdqu 32(%esi),%xmm4 2488 movl 240(%edx),%ecx 2489 movdqa %xmm1,96(%esp) 2490 pxor %xmm0,%xmm5 2491 pxor %xmm5,%xmm6 2492 pxor %xmm6,%xmm7 2493 pxor %xmm5,%xmm2 2494 pxor %xmm6,%xmm3 2495 pxor %xmm7,%xmm4 2496 movl 120(%esp),%edi 2497 call _aesni_decrypt3 2498 movdqa 96(%esp),%xmm1 2499 xorps %xmm5,%xmm2 2500 xorps %xmm6,%xmm3 2501 xorps %xmm7,%xmm4 2502 movups %xmm2,(%edi,%esi,1) 2503 pxor %xmm2,%xmm1 2504 movdqa %xmm7,%xmm0 2505 movups %xmm3,16(%edi,%esi,1) 2506 pxor %xmm3,%xmm1 2507 movups %xmm4,32(%edi,%esi,1) 2508 pxor %xmm4,%xmm1 2509 jmp .L088done 2510 .align 16 2511 .L092four: 2512 leal 1(%ebp),%ecx 2513 leal 3(%ebp),%eax 2514 bsfl %ecx,%ecx 2515 bsfl %eax,%eax 2516 movl 112(%esp),%edx 2517 shll $4,%ecx 2518 shll $4,%eax 2519 movdqu (%ebx),%xmm4 2520 movdqu (%ebx,%ecx,1),%xmm5 2521 movdqa %xmm4,%xmm6 2522 movdqu (%ebx,%eax,1),%xmm7 2523 pxor %xmm0,%xmm4 2524 movdqu (%esi),%xmm2 2525 pxor %xmm4,%xmm5 2526 movdqu 16(%esi),%xmm3 2527 pxor %xmm5,%xmm6 2528 movdqa %xmm4,(%esp) 2529 pxor %xmm6,%xmm7 2530 movdqa %xmm5,16(%esp) 2531 movdqu 32(%esi),%xmm4 2532 movdqu 48(%esi),%xmm5 2533 movl 240(%edx),%ecx 2534 movdqa %xmm1,96(%esp) 2535 pxor (%esp),%xmm2 2536 pxor 16(%esp),%xmm3 2537 pxor %xmm6,%xmm4 2538 pxor %xmm7,%xmm5 2539 movl 120(%esp),%edi 2540 call _aesni_decrypt4 2541 movdqa 96(%esp),%xmm1 2542 xorps (%esp),%xmm2 2543 xorps 16(%esp),%xmm3 2544 xorps %xmm6,%xmm4 2545 movups %xmm2,(%edi,%esi,1) 2546 pxor %xmm2,%xmm1 2547 xorps %xmm7,%xmm5 2548 movups %xmm3,16(%edi,%esi,1) 2549 pxor %xmm3,%xmm1 2550 movdqa %xmm7,%xmm0 2551 movups %xmm4,32(%edi,%esi,1) 2552 pxor %xmm4,%xmm1 2553 movups %xmm5,48(%edi,%esi,1) 2554 pxor %xmm5,%xmm1 2555 .L088done: 2556 movl 128(%esp),%edx 2557 pxor %xmm2,%xmm2 2558 pxor %xmm3,%xmm3 2559 movdqa %xmm2,(%esp) 2560 pxor %xmm4,%xmm4 2561 movdqa %xmm2,16(%esp) 2562 pxor %xmm5,%xmm5 2563 movdqa %xmm2,32(%esp) 2564 pxor %xmm6,%xmm6 2565 movdqa %xmm2,48(%esp) 2566 pxor %xmm7,%xmm7 2567 movdqa %xmm2,64(%esp) 2568 movdqa %xmm2,80(%esp) 2569 movdqa %xmm2,96(%esp) 2570 leal (%edx),%esp 2571 movl 40(%esp),%ecx 2572 movl 48(%esp),%ebx 2573 movdqu %xmm0,(%ecx) 2574 pxor %xmm0,%xmm0 2575 movdqu %xmm1,(%ebx) 2576 pxor %xmm1,%xmm1 2577 popl %edi 2578 popl %esi 2579 popl %ebx 2580 popl %ebp 2581 ret 2582 .size aesni_ocb_decrypt,.-.L_aesni_ocb_decrypt_begin 2583 .globl aesni_cbc_encrypt 2584 .type aesni_cbc_encrypt,@function 2585 .align 16 2586 aesni_cbc_encrypt: 2587 .L_aesni_cbc_encrypt_begin: 2588 pushl %ebp 2589 pushl %ebx 2590 pushl %esi 2591 pushl %edi 2592 movl 20(%esp),%esi 2593 movl %esp,%ebx 2594 movl 24(%esp),%edi 2595 subl $24,%ebx 2596 movl 28(%esp),%eax 2597 andl $-16,%ebx 2598 movl 32(%esp),%edx 2599 movl 36(%esp),%ebp 2600 testl %eax,%eax 2601 jz .L094cbc_abort 2602 cmpl $0,40(%esp) 2603 xchgl %esp,%ebx 2604 movups (%ebp),%xmm7 2605 movl 240(%edx),%ecx 2606 movl %edx,%ebp 2607 movl %ebx,16(%esp) 2608 movl %ecx,%ebx 2609 je .L095cbc_decrypt 2610 movaps %xmm7,%xmm2 2611 cmpl $16,%eax 2612 jb .L096cbc_enc_tail 2613 subl $16,%eax 2614 jmp .L097cbc_enc_loop 2615 .align 16 2616 .L097cbc_enc_loop: 2617 movups (%esi),%xmm7 2618 leal 16(%esi),%esi 2619 movups (%edx),%xmm0 2620 movups 16(%edx),%xmm1 2621 xorps %xmm0,%xmm7 2622 leal 32(%edx),%edx 2623 xorps %xmm7,%xmm2 2624 .L098enc1_loop_19: 2625 .byte 102,15,56,220,209 2626 decl %ecx 2627 movups (%edx),%xmm1 2628 leal 16(%edx),%edx 2629 jnz .L098enc1_loop_19 2630 .byte 102,15,56,221,209 2631 movl %ebx,%ecx 2632 movl %ebp,%edx 2633 movups %xmm2,(%edi) 2634 leal 16(%edi),%edi 2635 subl $16,%eax 2636 jnc .L097cbc_enc_loop 2637 addl $16,%eax 2638 jnz .L096cbc_enc_tail 2639 movaps %xmm2,%xmm7 2640 pxor %xmm2,%xmm2 2641 jmp .L099cbc_ret 2642 .L096cbc_enc_tail: 2643 movl %eax,%ecx 2644 .long 2767451785 2645 movl $16,%ecx 2646 subl %eax,%ecx 2647 xorl %eax,%eax 2648 .long 2868115081 2649 leal -16(%edi),%edi 2650 movl %ebx,%ecx 2651 movl %edi,%esi 2652 movl %ebp,%edx 2653 jmp .L097cbc_enc_loop 2654 .align 16 2655 .L095cbc_decrypt: 2656 cmpl $80,%eax 2657 jbe .L100cbc_dec_tail 2658 movaps %xmm7,(%esp) 2659 subl $80,%eax 2660 jmp .L101cbc_dec_loop6_enter 2661 .align 16 2662 .L102cbc_dec_loop6: 2663 movaps %xmm0,(%esp) 2664 movups %xmm7,(%edi) 2665 leal 16(%edi),%edi 2666 .L101cbc_dec_loop6_enter: 2667 movdqu (%esi),%xmm2 2668 movdqu 16(%esi),%xmm3 2669 movdqu 32(%esi),%xmm4 2670 movdqu 48(%esi),%xmm5 2671 movdqu 64(%esi),%xmm6 2672 movdqu 80(%esi),%xmm7 2673 call _aesni_decrypt6 2674 movups (%esi),%xmm1 2675 movups 16(%esi),%xmm0 2676 xorps (%esp),%xmm2 2677 xorps %xmm1,%xmm3 2678 movups 32(%esi),%xmm1 2679 xorps %xmm0,%xmm4 2680 movups 48(%esi),%xmm0 2681 xorps %xmm1,%xmm5 2682 movups 64(%esi),%xmm1 2683 xorps %xmm0,%xmm6 2684 movups 80(%esi),%xmm0 2685 xorps %xmm1,%xmm7 2686 movups %xmm2,(%edi) 2687 movups %xmm3,16(%edi) 2688 leal 96(%esi),%esi 2689 movups %xmm4,32(%edi) 2690 movl %ebx,%ecx 2691 movups %xmm5,48(%edi) 2692 movl %ebp,%edx 2693 movups %xmm6,64(%edi) 2694 leal 80(%edi),%edi 2695 subl $96,%eax 2696 ja .L102cbc_dec_loop6 2697 movaps %xmm7,%xmm2 2698 movaps %xmm0,%xmm7 2699 addl $80,%eax 2700 jle .L103cbc_dec_clear_tail_collected 2701 movups %xmm2,(%edi) 2702 leal 16(%edi),%edi 2703 .L100cbc_dec_tail: 2704 movups (%esi),%xmm2 2705 movaps %xmm2,%xmm6 2706 cmpl $16,%eax 2707 jbe .L104cbc_dec_one 2708 movups 16(%esi),%xmm3 2709 movaps %xmm3,%xmm5 2710 cmpl $32,%eax 2711 jbe .L105cbc_dec_two 2712 movups 32(%esi),%xmm4 2713 cmpl $48,%eax 2714 jbe .L106cbc_dec_three 2715 movups 48(%esi),%xmm5 2716 cmpl $64,%eax 2717 jbe .L107cbc_dec_four 2718 movups 64(%esi),%xmm6 2719 movaps %xmm7,(%esp) 2720 movups (%esi),%xmm2 2721 xorps %xmm7,%xmm7 2722 call _aesni_decrypt6 2723 movups (%esi),%xmm1 2724 movups 16(%esi),%xmm0 2725 xorps (%esp),%xmm2 2726 xorps %xmm1,%xmm3 2727 movups 32(%esi),%xmm1 2728 xorps %xmm0,%xmm4 2729 movups 48(%esi),%xmm0 2730 xorps %xmm1,%xmm5 2731 movups 64(%esi),%xmm7 2732 xorps %xmm0,%xmm6 2733 movups %xmm2,(%edi) 2734 movups %xmm3,16(%edi) 2735 pxor %xmm3,%xmm3 2736 movups %xmm4,32(%edi) 2737 pxor %xmm4,%xmm4 2738 movups %xmm5,48(%edi) 2739 pxor %xmm5,%xmm5 2740 leal 64(%edi),%edi 2741 movaps %xmm6,%xmm2 2742 pxor %xmm6,%xmm6 2743 subl $80,%eax 2744 jmp .L108cbc_dec_tail_collected 2745 .align 16 2746 .L104cbc_dec_one: 2747 movups (%edx),%xmm0 2748 movups 16(%edx),%xmm1 2749 leal 32(%edx),%edx 2750 xorps %xmm0,%xmm2 2751 .L109dec1_loop_20: 2752 .byte 102,15,56,222,209 2753 decl %ecx 2754 movups (%edx),%xmm1 2755 leal 16(%edx),%edx 2756 jnz .L109dec1_loop_20 2757 .byte 102,15,56,223,209 2758 xorps %xmm7,%xmm2 2759 movaps %xmm6,%xmm7 2760 subl $16,%eax 2761 jmp .L108cbc_dec_tail_collected 2762 .align 16 2763 .L105cbc_dec_two: 2764 call _aesni_decrypt2 2765 xorps %xmm7,%xmm2 2766 xorps %xmm6,%xmm3 2767 movups %xmm2,(%edi) 2768 movaps %xmm3,%xmm2 2769 pxor %xmm3,%xmm3 2770 leal 16(%edi),%edi 2771 movaps %xmm5,%xmm7 2772 subl $32,%eax 2773 jmp .L108cbc_dec_tail_collected 2774 .align 16 2775 .L106cbc_dec_three: 2776 call _aesni_decrypt3 2777 xorps %xmm7,%xmm2 2778 xorps %xmm6,%xmm3 2779 xorps %xmm5,%xmm4 2780 movups %xmm2,(%edi) 2781 movaps %xmm4,%xmm2 2782 pxor %xmm4,%xmm4 2783 movups %xmm3,16(%edi) 2784 pxor %xmm3,%xmm3 2785 leal 32(%edi),%edi 2786 movups 32(%esi),%xmm7 2787 subl $48,%eax 2788 jmp .L108cbc_dec_tail_collected 2789 .align 16 2790 .L107cbc_dec_four: 2791 call _aesni_decrypt4 2792 movups 16(%esi),%xmm1 2793 movups 32(%esi),%xmm0 2794 xorps %xmm7,%xmm2 2795 movups 48(%esi),%xmm7 2796 xorps %xmm6,%xmm3 2797 movups %xmm2,(%edi) 2798 xorps %xmm1,%xmm4 2799 movups %xmm3,16(%edi) 2800 pxor %xmm3,%xmm3 2801 xorps %xmm0,%xmm5 2802 movups %xmm4,32(%edi) 2803 pxor %xmm4,%xmm4 2804 leal 48(%edi),%edi 2805 movaps %xmm5,%xmm2 2806 pxor %xmm5,%xmm5 2807 subl $64,%eax 2808 jmp .L108cbc_dec_tail_collected 2809 .align 16 2810 .L103cbc_dec_clear_tail_collected: 2811 pxor %xmm3,%xmm3 2812 pxor %xmm4,%xmm4 2813 pxor %xmm5,%xmm5 2814 pxor %xmm6,%xmm6 2815 .L108cbc_dec_tail_collected: 2816 andl $15,%eax 2817 jnz .L110cbc_dec_tail_partial 2818 movups %xmm2,(%edi) 2819 pxor %xmm0,%xmm0 2820 jmp .L099cbc_ret 2821 .align 16 2822 .L110cbc_dec_tail_partial: 2823 movaps %xmm2,(%esp) 2824 pxor %xmm0,%xmm0 2825 movl $16,%ecx 2826 movl %esp,%esi 2827 subl %eax,%ecx 2828 .long 2767451785 2829 movdqa %xmm2,(%esp) 2830 .L099cbc_ret: 2831 movl 16(%esp),%esp 2832 movl 36(%esp),%ebp 2833 pxor %xmm2,%xmm2 2834 pxor %xmm1,%xmm1 2835 movups %xmm7,(%ebp) 2836 pxor %xmm7,%xmm7 2837 .L094cbc_abort: 2838 popl %edi 2839 popl %esi 2840 popl %ebx 2841 popl %ebp 2842 ret 2843 .size aesni_cbc_encrypt,.-.L_aesni_cbc_encrypt_begin 2844 .type _aesni_set_encrypt_key,@function 2845 .align 16 2846 _aesni_set_encrypt_key: 2847 pushl %ebp 2848 pushl %ebx 2849 testl %eax,%eax 2850 jz .L111bad_pointer 2851 testl %edx,%edx 2852 jz .L111bad_pointer 2853 call .L112pic 2854 .L112pic: 2855 popl %ebx 2856 leal .Lkey_const-.L112pic(%ebx),%ebx 2857 leal OPENSSL_ia32cap_P-.Lkey_const(%ebx),%ebp 2858 movups (%eax),%xmm0 2859 xorps %xmm4,%xmm4 2860 movl 4(%ebp),%ebp 2861 leal 16(%edx),%edx 2862 andl $268437504,%ebp 2863 cmpl $256,%ecx 2864 je .L11314rounds 2865 cmpl $192,%ecx 2866 je .L11412rounds 2867 cmpl $128,%ecx 2868 jne .L115bad_keybits 2869 .align 16 2870 .L11610rounds: 2871 cmpl $268435456,%ebp 2872 je .L11710rounds_alt 2873 movl $9,%ecx 2874 movups %xmm0,-16(%edx) 2875 .byte 102,15,58,223,200,1 2876 call .L118key_128_cold 2877 .byte 102,15,58,223,200,2 2878 call .L119key_128 2879 .byte 102,15,58,223,200,4 2880 call .L119key_128 2881 .byte 102,15,58,223,200,8 2882 call .L119key_128 2883 .byte 102,15,58,223,200,16 2884 call .L119key_128 2885 .byte 102,15,58,223,200,32 2886 call .L119key_128 2887 .byte 102,15,58,223,200,64 2888 call .L119key_128 2889 .byte 102,15,58,223,200,128 2890 call .L119key_128 2891 .byte 102,15,58,223,200,27 2892 call .L119key_128 2893 .byte 102,15,58,223,200,54 2894 call .L119key_128 2895 movups %xmm0,(%edx) 2896 movl %ecx,80(%edx) 2897 jmp .L120good_key 2898 .align 16 2899 .L119key_128: 2900 movups %xmm0,(%edx) 2901 leal 16(%edx),%edx 2902 .L118key_128_cold: 2903 shufps $16,%xmm0,%xmm4 2904 xorps %xmm4,%xmm0 2905 shufps $140,%xmm0,%xmm4 2906 xorps %xmm4,%xmm0 2907 shufps $255,%xmm1,%xmm1 2908 xorps %xmm1,%xmm0 2909 ret 2910 .align 16 2911 .L11710rounds_alt: 2912 movdqa (%ebx),%xmm5 2913 movl $8,%ecx 2914 movdqa 32(%ebx),%xmm4 2915 movdqa %xmm0,%xmm2 2916 movdqu %xmm0,-16(%edx) 2917 .L121loop_key128: 2918 .byte 102,15,56,0,197 2919 .byte 102,15,56,221,196 2920 pslld $1,%xmm4 2921 leal 16(%edx),%edx 2922 movdqa %xmm2,%xmm3 2923 pslldq $4,%xmm2 2924 pxor %xmm2,%xmm3 2925 pslldq $4,%xmm2 2926 pxor %xmm2,%xmm3 2927 pslldq $4,%xmm2 2928 pxor %xmm3,%xmm2 2929 pxor %xmm2,%xmm0 2930 movdqu %xmm0,-16(%edx) 2931 movdqa %xmm0,%xmm2 2932 decl %ecx 2933 jnz .L121loop_key128 2934 movdqa 48(%ebx),%xmm4 2935 .byte 102,15,56,0,197 2936 .byte 102,15,56,221,196 2937 pslld $1,%xmm4 2938 movdqa %xmm2,%xmm3 2939 pslldq $4,%xmm2 2940 pxor %xmm2,%xmm3 2941 pslldq $4,%xmm2 2942 pxor %xmm2,%xmm3 2943 pslldq $4,%xmm2 2944 pxor %xmm3,%xmm2 2945 pxor %xmm2,%xmm0 2946 movdqu %xmm0,(%edx) 2947 movdqa %xmm0,%xmm2 2948 .byte 102,15,56,0,197 2949 .byte 102,15,56,221,196 2950 movdqa %xmm2,%xmm3 2951 pslldq $4,%xmm2 2952 pxor %xmm2,%xmm3 2953 pslldq $4,%xmm2 2954 pxor %xmm2,%xmm3 2955 pslldq $4,%xmm2 2956 pxor %xmm3,%xmm2 2957 pxor %xmm2,%xmm0 2958 movdqu %xmm0,16(%edx) 2959 movl $9,%ecx 2960 movl %ecx,96(%edx) 2961 jmp .L120good_key 2962 .align 16 2963 .L11412rounds: 2964 movq 16(%eax),%xmm2 2965 cmpl $268435456,%ebp 2966 je .L12212rounds_alt 2967 movl $11,%ecx 2968 movups %xmm0,-16(%edx) 2969 .byte 102,15,58,223,202,1 2970 call .L123key_192a_cold 2971 .byte 102,15,58,223,202,2 2972 call .L124key_192b 2973 .byte 102,15,58,223,202,4 2974 call .L125key_192a 2975 .byte 102,15,58,223,202,8 2976 call .L124key_192b 2977 .byte 102,15,58,223,202,16 2978 call .L125key_192a 2979 .byte 102,15,58,223,202,32 2980 call .L124key_192b 2981 .byte 102,15,58,223,202,64 2982 call .L125key_192a 2983 .byte 102,15,58,223,202,128 2984 call .L124key_192b 2985 movups %xmm0,(%edx) 2986 movl %ecx,48(%edx) 2987 jmp .L120good_key 2988 .align 16 2989 .L125key_192a: 2990 movups %xmm0,(%edx) 2991 leal 16(%edx),%edx 2992 .align 16 2993 .L123key_192a_cold: 2994 movaps %xmm2,%xmm5 2995 .L126key_192b_warm: 2996 shufps $16,%xmm0,%xmm4 2997 movdqa %xmm2,%xmm3 2998 xorps %xmm4,%xmm0 2999 shufps $140,%xmm0,%xmm4 3000 pslldq $4,%xmm3 3001 xorps %xmm4,%xmm0 3002 pshufd $85,%xmm1,%xmm1 3003 pxor %xmm3,%xmm2 3004 pxor %xmm1,%xmm0 3005 pshufd $255,%xmm0,%xmm3 3006 pxor %xmm3,%xmm2 3007 ret 3008 .align 16 3009 .L124key_192b: 3010 movaps %xmm0,%xmm3 3011 shufps $68,%xmm0,%xmm5 3012 movups %xmm5,(%edx) 3013 shufps $78,%xmm2,%xmm3 3014 movups %xmm3,16(%edx) 3015 leal 32(%edx),%edx 3016 jmp .L126key_192b_warm 3017 .align 16 3018 .L12212rounds_alt: 3019 movdqa 16(%ebx),%xmm5 3020 movdqa 32(%ebx),%xmm4 3021 movl $8,%ecx 3022 movdqu %xmm0,-16(%edx) 3023 .L127loop_key192: 3024 movq %xmm2,(%edx) 3025 movdqa %xmm2,%xmm1 3026 .byte 102,15,56,0,213 3027 .byte 102,15,56,221,212 3028 pslld $1,%xmm4 3029 leal 24(%edx),%edx 3030 movdqa %xmm0,%xmm3 3031 pslldq $4,%xmm0 3032 pxor %xmm0,%xmm3 3033 pslldq $4,%xmm0 3034 pxor %xmm0,%xmm3 3035 pslldq $4,%xmm0 3036 pxor %xmm3,%xmm0 3037 pshufd $255,%xmm0,%xmm3 3038 pxor %xmm1,%xmm3 3039 pslldq $4,%xmm1 3040 pxor %xmm1,%xmm3 3041 pxor %xmm2,%xmm0 3042 pxor %xmm3,%xmm2 3043 movdqu %xmm0,-16(%edx) 3044 decl %ecx 3045 jnz .L127loop_key192 3046 movl $11,%ecx 3047 movl %ecx,32(%edx) 3048 jmp .L120good_key 3049 .align 16 3050 .L11314rounds: 3051 movups 16(%eax),%xmm2 3052 leal 16(%edx),%edx 3053 cmpl $268435456,%ebp 3054 je .L12814rounds_alt 3055 movl $13,%ecx 3056 movups %xmm0,-32(%edx) 3057 movups %xmm2,-16(%edx) 3058 .byte 102,15,58,223,202,1 3059 call .L129key_256a_cold 3060 .byte 102,15,58,223,200,1 3061 call .L130key_256b 3062 .byte 102,15,58,223,202,2 3063 call .L131key_256a 3064 .byte 102,15,58,223,200,2 3065 call .L130key_256b 3066 .byte 102,15,58,223,202,4 3067 call .L131key_256a 3068 .byte 102,15,58,223,200,4 3069 call .L130key_256b 3070 .byte 102,15,58,223,202,8 3071 call .L131key_256a 3072 .byte 102,15,58,223,200,8 3073 call .L130key_256b 3074 .byte 102,15,58,223,202,16 3075 call .L131key_256a 3076 .byte 102,15,58,223,200,16 3077 call .L130key_256b 3078 .byte 102,15,58,223,202,32 3079 call .L131key_256a 3080 .byte 102,15,58,223,200,32 3081 call .L130key_256b 3082 .byte 102,15,58,223,202,64 3083 call .L131key_256a 3084 movups %xmm0,(%edx) 3085 movl %ecx,16(%edx) 3086 xorl %eax,%eax 3087 jmp .L120good_key 3088 .align 16 3089 .L131key_256a: 3090 movups %xmm2,(%edx) 3091 leal 16(%edx),%edx 3092 .L129key_256a_cold: 3093 shufps $16,%xmm0,%xmm4 3094 xorps %xmm4,%xmm0 3095 shufps $140,%xmm0,%xmm4 3096 xorps %xmm4,%xmm0 3097 shufps $255,%xmm1,%xmm1 3098 xorps %xmm1,%xmm0 3099 ret 3100 .align 16 3101 .L130key_256b: 3102 movups %xmm0,(%edx) 3103 leal 16(%edx),%edx 3104 shufps $16,%xmm2,%xmm4 3105 xorps %xmm4,%xmm2 3106 shufps $140,%xmm2,%xmm4 3107 xorps %xmm4,%xmm2 3108 shufps $170,%xmm1,%xmm1 3109 xorps %xmm1,%xmm2 3110 ret 3111 .align 16 3112 .L12814rounds_alt: 3113 movdqa (%ebx),%xmm5 3114 movdqa 32(%ebx),%xmm4 3115 movl $7,%ecx 3116 movdqu %xmm0,-32(%edx) 3117 movdqa %xmm2,%xmm1 3118 movdqu %xmm2,-16(%edx) 3119 .L132loop_key256: 3120 .byte 102,15,56,0,213 3121 .byte 102,15,56,221,212 3122 movdqa %xmm0,%xmm3 3123 pslldq $4,%xmm0 3124 pxor %xmm0,%xmm3 3125 pslldq $4,%xmm0 3126 pxor %xmm0,%xmm3 3127 pslldq $4,%xmm0 3128 pxor %xmm3,%xmm0 3129 pslld $1,%xmm4 3130 pxor %xmm2,%xmm0 3131 movdqu %xmm0,(%edx) 3132 decl %ecx 3133 jz .L133done_key256 3134 pshufd $255,%xmm0,%xmm2 3135 pxor %xmm3,%xmm3 3136 .byte 102,15,56,221,211 3137 movdqa %xmm1,%xmm3 3138 pslldq $4,%xmm1 3139 pxor %xmm1,%xmm3 3140 pslldq $4,%xmm1 3141 pxor %xmm1,%xmm3 3142 pslldq $4,%xmm1 3143 pxor %xmm3,%xmm1 3144 pxor %xmm1,%xmm2 3145 movdqu %xmm2,16(%edx) 3146 leal 32(%edx),%edx 3147 movdqa %xmm2,%xmm1 3148 jmp .L132loop_key256 3149 .L133done_key256: 3150 movl $13,%ecx 3151 movl %ecx,16(%edx) 3152 .L120good_key: 3153 pxor %xmm0,%xmm0 3154 pxor %xmm1,%xmm1 3155 pxor %xmm2,%xmm2 3156 pxor %xmm3,%xmm3 3157 pxor %xmm4,%xmm4 3158 pxor %xmm5,%xmm5 3159 xorl %eax,%eax 3160 popl %ebx 3161 popl %ebp 3162 ret 3163 .align 4 3164 .L111bad_pointer: 3165 movl $-1,%eax 3166 popl %ebx 3167 popl %ebp 3168 ret 3169 .align 4 3170 .L115bad_keybits: 3171 pxor %xmm0,%xmm0 3172 movl $-2,%eax 3173 popl %ebx 3174 popl %ebp 3175 ret 3176 .size _aesni_set_encrypt_key,.-_aesni_set_encrypt_key 3177 .globl aesni_set_encrypt_key 3178 .type aesni_set_encrypt_key,@function 3179 .align 16 3180 aesni_set_encrypt_key: 3181 .L_aesni_set_encrypt_key_begin: 3182 movl 4(%esp),%eax 3183 movl 8(%esp),%ecx 3184 movl 12(%esp),%edx 3185 call _aesni_set_encrypt_key 3186 ret 3187 .size aesni_set_encrypt_key,.-.L_aesni_set_encrypt_key_begin 3188 .globl aesni_set_decrypt_key 3189 .type aesni_set_decrypt_key,@function 3190 .align 16 3191 aesni_set_decrypt_key: 3192 .L_aesni_set_decrypt_key_begin: 3193 movl 4(%esp),%eax 3194 movl 8(%esp),%ecx 3195 movl 12(%esp),%edx 3196 call _aesni_set_encrypt_key 3197 movl 12(%esp),%edx 3198 shll $4,%ecx 3199 testl %eax,%eax 3200 jnz .L134dec_key_ret 3201 leal 16(%edx,%ecx,1),%eax 3202 movups (%edx),%xmm0 3203 movups (%eax),%xmm1 3204 movups %xmm0,(%eax) 3205 movups %xmm1,(%edx) 3206 leal 16(%edx),%edx 3207 leal -16(%eax),%eax 3208 .L135dec_key_inverse: 3209 movups (%edx),%xmm0 3210 movups (%eax),%xmm1 3211 .byte 102,15,56,219,192 3212 .byte 102,15,56,219,201 3213 leal 16(%edx),%edx 3214 leal -16(%eax),%eax 3215 movups %xmm0,16(%eax) 3216 movups %xmm1,-16(%edx) 3217 cmpl %edx,%eax 3218 ja .L135dec_key_inverse 3219 movups (%edx),%xmm0 3220 .byte 102,15,56,219,192 3221 movups %xmm0,(%edx) 3222 pxor %xmm0,%xmm0 3223 pxor %xmm1,%xmm1 3224 xorl %eax,%eax 3225 .L134dec_key_ret: 3226 ret 3227 .size aesni_set_decrypt_key,.-.L_aesni_set_decrypt_key_begin 3228 .align 64 3229 .Lkey_const: 3230 .long 202313229,202313229,202313229,202313229 3231 .long 67569157,67569157,67569157,67569157 3232 .long 1,1,1,1 3233 .long 27,27,27,27 3234 .byte 65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69 3235 .byte 83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83 3236 .byte 32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115 3237 .byte 115,108,46,111,114,103,62,0 3238 .comm OPENSSL_ia32cap_P,16,4 3239
Indexes created Sun Apr 26 00:22:38 UTC 2026