rc4/asm/rc4-x86_64.pl

160814Ssimon#!/usr/bin/env perl
160814Ssimon#
160814Ssimon# ====================================================================
160814Ssimon# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
194206Ssimon# project. The module is, however, dual licensed under OpenSSL and
194206Ssimon# CRYPTOGAMS licenses depending on where you obtain it. For further
194206Ssimon# details see http://www.openssl.org/~appro/cryptogams/.
160814Ssimon# ====================================================================
160814Ssimon#
238405Sjkim# July 2004
238405Sjkim#
160814Ssimon# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
160814Ssimon# "hand-coded assembler"] doesn't stand for the whole improvement
160814Ssimon# coefficient. It turned out that eliminating RC4_CHAR from config
160814Ssimon# line results in ~40% improvement (yes, even for C implementation).
160814Ssimon# Presumably it has everything to do with AMD cache architecture and
160814Ssimon# RAW or whatever penalties. Once again! The module *requires* config
160814Ssimon# line *without* RC4_CHAR! As for coding "secret," I bet on partial
160814Ssimon# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
160814Ssimon# I simply 'inc %r8b'. Even though optimization manual discourages
160814Ssimon# to operate on partial registers, it turned out to be the best bet.
160814Ssimon# At least for AMD... How IA32E would perform remains to be seen...
160814Ssimon
238405Sjkim# November 2004
238405Sjkim#
160814Ssimon# As was shown by Marc Bevand reordering of couple of load operations
160814Ssimon# results in even higher performance gain of 3.3x:-) At least on
160814Ssimon# Opteron... For reference, 1x in this case is RC4_CHAR C-code
160814Ssimon# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
160814Ssimon# Latter means that if you want to *estimate* what to expect from
160814Ssimon# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
160814Ssimon
238405Sjkim# November 2004
238405Sjkim#
160814Ssimon# Intel P4 EM64T core was found to run the AMD64 code really slow...
160814Ssimon# The only way to achieve comparable performance on P4 was to keep
160814Ssimon# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
160814Ssimon# compose blended code, which would perform even within 30% marginal
160814Ssimon# on either AMD and Intel platforms, I implement both cases. See
160814Ssimon# rc4_skey.c for further details...
160814Ssimon
238405Sjkim# April 2005
238405Sjkim#
160814Ssimon# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing
160814Ssimon# those with add/sub results in 50% performance improvement of folded
160814Ssimon# loop...
160814Ssimon
238405Sjkim# May 2005
238405Sjkim#
160814Ssimon# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
160814Ssimon# performance by >30% [unlike P4 32-bit case that is]. But this is
160814Ssimon# provided that loads are reordered even more aggressively! Both code
160814Ssimon# pathes, AMD64 and EM64T, reorder loads in essentially same manner
160814Ssimon# as my IA-64 implementation. On Opteron this resulted in modest 5%
160814Ssimon# improvement [I had to test it], while final Intel P4 performance
160814Ssimon# achieves respectful 432MBps on 2.8GHz processor now. For reference.
160814Ssimon# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than
160814Ssimon# RC4_INT code-path. While if executed on Opteron, it's only 25%
291721Sjkim# slower than the RC4_INT one [meaning that if CPU ��-arch detection
160814Ssimon# is not implemented, then this final RC4_CHAR code-path should be
160814Ssimon# preferred, as it provides better *all-round* performance].
160814Ssimon
238405Sjkim# March 2007
238405Sjkim#
194206Ssimon# Intel Core2 was observed to perform poorly on both code paths:-( It
194206Ssimon# apparently suffers from some kind of partial register stall, which
194206Ssimon# occurs in 64-bit mode only [as virtually identical 32-bit loop was
194206Ssimon# observed to outperform 64-bit one by almost 50%]. Adding two movzb to
194206Ssimon# cloop1 boosts its performance by 80%! This loop appears to be optimal
194206Ssimon# fit for Core2 and therefore the code was modified to skip cloop8 on
194206Ssimon# this CPU.
194206Ssimon
238405Sjkim# May 2010
238405Sjkim#
238405Sjkim# Intel Westmere was observed to perform suboptimally. Adding yet
238405Sjkim# another movzb to cloop1 improved performance by almost 50%! Core2
238405Sjkim# performance is improved too, but nominally...
160814Ssimon
238405Sjkim# May 2011
238405Sjkim#
238405Sjkim# The only code path that was not modified is P4-specific one. Non-P4
238405Sjkim# Intel code path optimization is heavily based on submission by Maxim
238405Sjkim# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
238405Sjkim# some of the ideas even in attempt to optmize the original RC4_INT
238405Sjkim# code path... Current performance in cycles per processed byte (less
238405Sjkim# is better) and improvement coefficients relative to previous
238405Sjkim# version of this module are:
238405Sjkim#
238405Sjkim# Opteron	5.3/+0%(*)
238405Sjkim# P4		6.5
238405Sjkim# Core2		6.2/+15%(**)
238405Sjkim# Westmere	4.2/+60%
238405Sjkim# Sandy Bridge	4.2/+120%
238405Sjkim# Atom		9.3/+80%
238405Sjkim#
238405Sjkim# (*)	But corresponding loop has less instructions, which should have
238405Sjkim#	positive effect on upcoming Bulldozer, which has one less ALU.
238405Sjkim#	For reference, Intel code runs at 6.8 cpb rate on Opteron.
238405Sjkim# (**)	Note that Core2 result is ~15% lower than corresponding result
238405Sjkim#	for 32-bit code, meaning that it's possible to improve it,
238405Sjkim#	but more than likely at the cost of the others (see rc4-586.pl
238405Sjkim#	to get the idea)...
238405Sjkim
238405Sjkim$flavour = shift;
238405Sjkim$output  = shift;
238405Sjkimif ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
238405Sjkim
238405Sjkim$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
238405Sjkim
194206Ssimon$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
194206Ssimon( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
194206Ssimon( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
194206Ssimondie "can't locate x86_64-xlate.pl";
194206Ssimon
246772Sjkimopen OUT,"| \"$^X\" $xlate $flavour $output";
246772Sjkim*STDOUT=*OUT;
194206Ssimon
160814Ssimon$dat="%rdi";	    # arg1
160814Ssimon$len="%rsi";	    # arg2
160814Ssimon$inp="%rdx";	    # arg3
160814Ssimon$out="%rcx";	    # arg4
160814Ssimon
238405Sjkim{
160814Ssimon$code=<<___;
160814Ssimon.text
238405Sjkim.extern	OPENSSL_ia32cap_P
160814Ssimon
160814Ssimon.globl	RC4
160814Ssimon.type	RC4,\@function,4
160814Ssimon.align	16
160814SsimonRC4:	or	$len,$len
160814Ssimon	jne	.Lentry
160814Ssimon	ret
160814Ssimon.Lentry:
238405Sjkim	push	%rbx
160814Ssimon	push	%r12
160814Ssimon	push	%r13
238405Sjkim.Lprologue:
238405Sjkim	mov	$len,%r11
238405Sjkim	mov	$inp,%r12
238405Sjkim	mov	$out,%r13
238405Sjkim___
238405Sjkimmy $len="%r11";		# reassign input arguments
238405Sjkimmy $inp="%r12";
238405Sjkimmy $out="%r13";
160814Ssimon
238405Sjkimmy @XX=("%r10","%rsi");
238405Sjkimmy @TX=("%rax","%rbx");
238405Sjkimmy $YY="%rcx";
238405Sjkimmy $TY="%rdx";
238405Sjkim
238405Sjkim$code.=<<___;
238405Sjkim	xor	$XX[0],$XX[0]
238405Sjkim	xor	$YY,$YY
238405Sjkim
238405Sjkim	lea	8($dat),$dat
238405Sjkim	mov	-8($dat),$XX[0]#b
238405Sjkim	mov	-4($dat),$YY#b
160814Ssimon	cmpl	\$-1,256($dat)
160814Ssimon	je	.LRC4_CHAR
238405Sjkim	mov	OPENSSL_ia32cap_P(%rip),%r8d
238405Sjkim	xor	$TX[1],$TX[1]
160814Ssimon	inc	$XX[0]#b
238405Sjkim	sub	$XX[0],$TX[1]
238405Sjkim	sub	$inp,$out
160814Ssimon	movl	($dat,$XX[0],4),$TX[0]#d
238405Sjkim	test	\$-16,$len
160814Ssimon	jz	.Lloop1
238405Sjkim	bt	\$30,%r8d	# Intel CPU?
238405Sjkim	jc	.Lintel
238405Sjkim	and	\$7,$TX[1]
238405Sjkim	lea	1($XX[0]),$XX[1]
238405Sjkim	jz	.Loop8
238405Sjkim	sub	$TX[1],$len
238405Sjkim.Loop8_warmup:
238405Sjkim	add	$TX[0]#b,$YY#b
238405Sjkim	movl	($dat,$YY,4),$TY#d
238405Sjkim	movl	$TX[0]#d,($dat,$YY,4)
238405Sjkim	movl	$TY#d,($dat,$XX[0],4)
238405Sjkim	add	$TY#b,$TX[0]#b
238405Sjkim	inc	$XX[0]#b
238405Sjkim	movl	($dat,$TX[0],4),$TY#d
238405Sjkim	movl	($dat,$XX[0],4),$TX[0]#d
238405Sjkim	xorb	($inp),$TY#b
238405Sjkim	movb	$TY#b,($out,$inp)
238405Sjkim	lea	1($inp),$inp
238405Sjkim	dec	$TX[1]
238405Sjkim	jnz	.Loop8_warmup
238405Sjkim
238405Sjkim	lea	1($XX[0]),$XX[1]
238405Sjkim	jmp	.Loop8
160814Ssimon.align	16
238405Sjkim.Loop8:
160814Ssimon___
160814Ssimonfor ($i=0;$i<8;$i++) {
238405Sjkim$code.=<<___ if ($i==7);
238405Sjkim	add	\$8,$XX[1]#b
238405Sjkim___
160814Ssimon$code.=<<___;
160814Ssimon	add	$TX[0]#b,$YY#b
160814Ssimon	movl	($dat,$YY,4),$TY#d
160814Ssimon	movl	$TX[0]#d,($dat,$YY,4)
238405Sjkim	movl	`4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
238405Sjkim	ror	\$8,%r8				# ror is redundant when $i=0
238405Sjkim	movl	$TY#d,4*$i($dat,$XX[0],4)
160814Ssimon	add	$TX[0]#b,$TY#b
238405Sjkim	movb	($dat,$TY,4),%r8b
160814Ssimon___
238405Sjkimpush(@TX,shift(@TX)); #push(@XX,shift(@XX));	# "rotate" registers
160814Ssimon}
160814Ssimon$code.=<<___;
238405Sjkim	add	\$8,$XX[0]#b
238405Sjkim	ror	\$8,%r8
160814Ssimon	sub	\$8,$len
160814Ssimon
238405Sjkim	xor	($inp),%r8
238405Sjkim	mov	%r8,($out,$inp)
238405Sjkim	lea	8($inp),$inp
160814Ssimon
160814Ssimon	test	\$-8,$len
238405Sjkim	jnz	.Loop8
160814Ssimon	cmp	\$0,$len
160814Ssimon	jne	.Lloop1
238405Sjkim	jmp	.Lexit
238405Sjkim
238405Sjkim.align	16
238405Sjkim.Lintel:
238405Sjkim	test	\$-32,$len
238405Sjkim	jz	.Lloop1
238405Sjkim	and	\$15,$TX[1]
238405Sjkim	jz	.Loop16_is_hot
238405Sjkim	sub	$TX[1],$len
238405Sjkim.Loop16_warmup:
238405Sjkim	add	$TX[0]#b,$YY#b
238405Sjkim	movl	($dat,$YY,4),$TY#d
238405Sjkim	movl	$TX[0]#d,($dat,$YY,4)
238405Sjkim	movl	$TY#d,($dat,$XX[0],4)
238405Sjkim	add	$TY#b,$TX[0]#b
238405Sjkim	inc	$XX[0]#b
238405Sjkim	movl	($dat,$TX[0],4),$TY#d
238405Sjkim	movl	($dat,$XX[0],4),$TX[0]#d
238405Sjkim	xorb	($inp),$TY#b
238405Sjkim	movb	$TY#b,($out,$inp)
238405Sjkim	lea	1($inp),$inp
238405Sjkim	dec	$TX[1]
238405Sjkim	jnz	.Loop16_warmup
238405Sjkim
238405Sjkim	mov	$YY,$TX[1]
238405Sjkim	xor	$YY,$YY
238405Sjkim	mov	$TX[1]#b,$YY#b
238405Sjkim
238405Sjkim.Loop16_is_hot:
238405Sjkim	lea	($dat,$XX[0],4),$XX[1]
160814Ssimon___
238405Sjkimsub RC4_loop {
238405Sjkim  my $i=shift;
238405Sjkim  my $j=$i<0?0:$i;
238405Sjkim  my $xmm="%xmm".($j&1);
238405Sjkim
238405Sjkim    $code.="	add	\$16,$XX[0]#b\n"		if ($i==15);
238405Sjkim    $code.="	movdqu	($inp),%xmm2\n"			if ($i==15);
238405Sjkim    $code.="	add	$TX[0]#b,$YY#b\n"		if ($i<=0);
238405Sjkim    $code.="	movl	($dat,$YY,4),$TY#d\n";
238405Sjkim    $code.="	pxor	%xmm0,%xmm2\n"			if ($i==0);
238405Sjkim    $code.="	psllq	\$8,%xmm1\n"			if ($i==0);
238405Sjkim    $code.="	pxor	$xmm,$xmm\n"			if ($i<=1);
238405Sjkim    $code.="	movl	$TX[0]#d,($dat,$YY,4)\n";
238405Sjkim    $code.="	add	$TY#b,$TX[0]#b\n";
238405Sjkim    $code.="	movl	`4*($j+1)`($XX[1]),$TX[1]#d\n"	if ($i<15);
238405Sjkim    $code.="	movz	$TX[0]#b,$TX[0]#d\n";
238405Sjkim    $code.="	movl	$TY#d,4*$j($XX[1])\n";
238405Sjkim    $code.="	pxor	%xmm1,%xmm2\n"			if ($i==0);
238405Sjkim    $code.="	lea	($dat,$XX[0],4),$XX[1]\n"	if ($i==15);
238405Sjkim    $code.="	add	$TX[1]#b,$YY#b\n"		if ($i<15);
238405Sjkim    $code.="	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
238405Sjkim    $code.="	movdqu	%xmm2,($out,$inp)\n"		if ($i==0);
238405Sjkim    $code.="	lea	16($inp),$inp\n"		if ($i==0);
238405Sjkim    $code.="	movl	($XX[1]),$TX[1]#d\n"		if ($i==15);
238405Sjkim}
238405Sjkim	RC4_loop(-1);
160814Ssimon$code.=<<___;
238405Sjkim	jmp	.Loop16_enter
238405Sjkim.align	16
238405Sjkim.Loop16:
238405Sjkim___
160814Ssimon
238405Sjkimfor ($i=0;$i<16;$i++) {
238405Sjkim    $code.=".Loop16_enter:\n"		if ($i==1);
238405Sjkim	RC4_loop($i);
238405Sjkim	push(@TX,shift(@TX)); 		# "rotate" registers
238405Sjkim}
238405Sjkim$code.=<<___;
238405Sjkim	mov	$YY,$TX[1]
238405Sjkim	xor	$YY,$YY			# keyword to partial register
238405Sjkim	sub	\$16,$len
238405Sjkim	mov	$TX[1]#b,$YY#b
238405Sjkim	test	\$-16,$len
238405Sjkim	jnz	.Loop16
238405Sjkim
238405Sjkim	psllq	\$8,%xmm1
238405Sjkim	pxor	%xmm0,%xmm2
238405Sjkim	pxor	%xmm1,%xmm2
238405Sjkim	movdqu	%xmm2,($out,$inp)
238405Sjkim	lea	16($inp),$inp
238405Sjkim
238405Sjkim	cmp	\$0,$len
238405Sjkim	jne	.Lloop1
238405Sjkim	jmp	.Lexit
238405Sjkim
160814Ssimon.align	16
160814Ssimon.Lloop1:
160814Ssimon	add	$TX[0]#b,$YY#b
160814Ssimon	movl	($dat,$YY,4),$TY#d
160814Ssimon	movl	$TX[0]#d,($dat,$YY,4)
160814Ssimon	movl	$TY#d,($dat,$XX[0],4)
160814Ssimon	add	$TY#b,$TX[0]#b
160814Ssimon	inc	$XX[0]#b
160814Ssimon	movl	($dat,$TX[0],4),$TY#d
160814Ssimon	movl	($dat,$XX[0],4),$TX[0]#d
160814Ssimon	xorb	($inp),$TY#b
238405Sjkim	movb	$TY#b,($out,$inp)
238405Sjkim	lea	1($inp),$inp
160814Ssimon	dec	$len
160814Ssimon	jnz	.Lloop1
160814Ssimon	jmp	.Lexit
160814Ssimon
160814Ssimon.align	16
160814Ssimon.LRC4_CHAR:
160814Ssimon	add	\$1,$XX[0]#b
160814Ssimon	movzb	($dat,$XX[0]),$TX[0]#d
160814Ssimon	test	\$-8,$len
160814Ssimon	jz	.Lcloop1
160814Ssimon	jmp	.Lcloop8
160814Ssimon.align	16
160814Ssimon.Lcloop8:
238405Sjkim	mov	($inp),%r8d
238405Sjkim	mov	4($inp),%r9d
160814Ssimon___
160814Ssimon# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
160814Ssimonfor ($i=0;$i<4;$i++) {
160814Ssimon$code.=<<___;
160814Ssimon	add	$TX[0]#b,$YY#b
160814Ssimon	lea	1($XX[0]),$XX[1]
160814Ssimon	movzb	($dat,$YY),$TY#d
160814Ssimon	movzb	$XX[1]#b,$XX[1]#d
160814Ssimon	movzb	($dat,$XX[1]),$TX[1]#d
160814Ssimon	movb	$TX[0]#b,($dat,$YY)
160814Ssimon	cmp	$XX[1],$YY
160814Ssimon	movb	$TY#b,($dat,$XX[0])
160814Ssimon	jne	.Lcmov$i			# Intel cmov is sloooow...
160814Ssimon	mov	$TX[0],$TX[1]
160814Ssimon.Lcmov$i:
160814Ssimon	add	$TX[0]#b,$TY#b
238405Sjkim	xor	($dat,$TY),%r8b
238405Sjkim	ror	\$8,%r8d
160814Ssimon___
160814Ssimonpush(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
160814Ssimon}
160814Ssimonfor ($i=4;$i<8;$i++) {
160814Ssimon$code.=<<___;
160814Ssimon	add	$TX[0]#b,$YY#b
160814Ssimon	lea	1($XX[0]),$XX[1]
160814Ssimon	movzb	($dat,$YY),$TY#d
160814Ssimon	movzb	$XX[1]#b,$XX[1]#d
160814Ssimon	movzb	($dat,$XX[1]),$TX[1]#d
160814Ssimon	movb	$TX[0]#b,($dat,$YY)
160814Ssimon	cmp	$XX[1],$YY
160814Ssimon	movb	$TY#b,($dat,$XX[0])
160814Ssimon	jne	.Lcmov$i			# Intel cmov is sloooow...
160814Ssimon	mov	$TX[0],$TX[1]
160814Ssimon.Lcmov$i:
160814Ssimon	add	$TX[0]#b,$TY#b
238405Sjkim	xor	($dat,$TY),%r9b
238405Sjkim	ror	\$8,%r9d
160814Ssimon___
160814Ssimonpush(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
160814Ssimon}
160814Ssimon$code.=<<___;
160814Ssimon	lea	-8($len),$len
238405Sjkim	mov	%r8d,($out)
160814Ssimon	lea	8($inp),$inp
238405Sjkim	mov	%r9d,4($out)
160814Ssimon	lea	8($out),$out
160814Ssimon
160814Ssimon	test	\$-8,$len
160814Ssimon	jnz	.Lcloop8
160814Ssimon	cmp	\$0,$len
160814Ssimon	jne	.Lcloop1
160814Ssimon	jmp	.Lexit
160814Ssimon___
160814Ssimon$code.=<<___;
160814Ssimon.align	16
160814Ssimon.Lcloop1:
160814Ssimon	add	$TX[0]#b,$YY#b
238405Sjkim	movzb	$YY#b,$YY#d
160814Ssimon	movzb	($dat,$YY),$TY#d
160814Ssimon	movb	$TX[0]#b,($dat,$YY)
160814Ssimon	movb	$TY#b,($dat,$XX[0])
160814Ssimon	add	$TX[0]#b,$TY#b
160814Ssimon	add	\$1,$XX[0]#b
194206Ssimon	movzb	$TY#b,$TY#d
194206Ssimon	movzb	$XX[0]#b,$XX[0]#d
160814Ssimon	movzb	($dat,$TY),$TY#d
160814Ssimon	movzb	($dat,$XX[0]),$TX[0]#d
160814Ssimon	xorb	($inp),$TY#b
160814Ssimon	lea	1($inp),$inp
160814Ssimon	movb	$TY#b,($out)
160814Ssimon	lea	1($out),$out
160814Ssimon	sub	\$1,$len
160814Ssimon	jnz	.Lcloop1
160814Ssimon	jmp	.Lexit
238405Sjkim
238405Sjkim.align	16
238405Sjkim.Lexit:
238405Sjkim	sub	\$1,$XX[0]#b
238405Sjkim	movl	$XX[0]#d,-8($dat)
238405Sjkim	movl	$YY#d,-4($dat)
238405Sjkim
238405Sjkim	mov	(%rsp),%r13
238405Sjkim	mov	8(%rsp),%r12
238405Sjkim	mov	16(%rsp),%rbx
238405Sjkim	add	\$24,%rsp
238405Sjkim.Lepilogue:
238405Sjkim	ret
160814Ssimon.size	RC4,.-RC4
160814Ssimon___
238405Sjkim}
160814Ssimon
194206Ssimon$idx="%r8";
194206Ssimon$ido="%r9";
194206Ssimon
194206Ssimon$code.=<<___;
238405Sjkim.globl	private_RC4_set_key
238405Sjkim.type	private_RC4_set_key,\@function,3
194206Ssimon.align	16
238405Sjkimprivate_RC4_set_key:
194206Ssimon	lea	8($dat),$dat
194206Ssimon	lea	($inp,$len),$inp
194206Ssimon	neg	$len
194206Ssimon	mov	$len,%rcx
194206Ssimon	xor	%eax,%eax
194206Ssimon	xor	$ido,$ido
194206Ssimon	xor	%r10,%r10
194206Ssimon	xor	%r11,%r11
194206Ssimon
194206Ssimon	mov	OPENSSL_ia32cap_P(%rip),$idx#d
238405Sjkim	bt	\$20,$idx#d	# RC4_CHAR?
238405Sjkim	jc	.Lc1stloop
238405Sjkim	jmp	.Lw1stloop
194206Ssimon
194206Ssimon.align	16
194206Ssimon.Lw1stloop:
194206Ssimon	mov	%eax,($dat,%rax,4)
194206Ssimon	add	\$1,%al
194206Ssimon	jnc	.Lw1stloop
194206Ssimon
194206Ssimon	xor	$ido,$ido
194206Ssimon	xor	$idx,$idx
194206Ssimon.align	16
194206Ssimon.Lw2ndloop:
194206Ssimon	mov	($dat,$ido,4),%r10d
194206Ssimon	add	($inp,$len,1),$idx#b
194206Ssimon	add	%r10b,$idx#b
194206Ssimon	add	\$1,$len
194206Ssimon	mov	($dat,$idx,4),%r11d
194206Ssimon	cmovz	%rcx,$len
194206Ssimon	mov	%r10d,($dat,$idx,4)
194206Ssimon	mov	%r11d,($dat,$ido,4)
194206Ssimon	add	\$1,$ido#b
194206Ssimon	jnc	.Lw2ndloop
194206Ssimon	jmp	.Lexit_key
194206Ssimon
194206Ssimon.align	16
194206Ssimon.Lc1stloop:
194206Ssimon	mov	%al,($dat,%rax)
194206Ssimon	add	\$1,%al
194206Ssimon	jnc	.Lc1stloop
194206Ssimon
194206Ssimon	xor	$ido,$ido
194206Ssimon	xor	$idx,$idx
194206Ssimon.align	16
194206Ssimon.Lc2ndloop:
194206Ssimon	mov	($dat,$ido),%r10b
194206Ssimon	add	($inp,$len),$idx#b
194206Ssimon	add	%r10b,$idx#b
194206Ssimon	add	\$1,$len
194206Ssimon	mov	($dat,$idx),%r11b
194206Ssimon	jnz	.Lcnowrap
194206Ssimon	mov	%rcx,$len
194206Ssimon.Lcnowrap:
194206Ssimon	mov	%r10b,($dat,$idx)
194206Ssimon	mov	%r11b,($dat,$ido)
194206Ssimon	add	\$1,$ido#b
194206Ssimon	jnc	.Lc2ndloop
194206Ssimon	movl	\$-1,256($dat)
194206Ssimon
194206Ssimon.align	16
194206Ssimon.Lexit_key:
194206Ssimon	xor	%eax,%eax
194206Ssimon	mov	%eax,-8($dat)
194206Ssimon	mov	%eax,-4($dat)
194206Ssimon	ret
238405Sjkim.size	private_RC4_set_key,.-private_RC4_set_key
194206Ssimon
194206Ssimon.globl	RC4_options
238405Sjkim.type	RC4_options,\@abi-omnipotent
194206Ssimon.align	16
194206SsimonRC4_options:
238405Sjkim	lea	.Lopts(%rip),%rax
194206Ssimon	mov	OPENSSL_ia32cap_P(%rip),%edx
194206Ssimon	bt	\$20,%edx
238405Sjkim	jc	.L8xchar
238405Sjkim	bt	\$30,%edx
194206Ssimon	jnc	.Ldone
238405Sjkim	add	\$25,%rax
238405Sjkim	ret
238405Sjkim.L8xchar:
194206Ssimon	add	\$12,%rax
194206Ssimon.Ldone:
194206Ssimon	ret
194206Ssimon.align	64
194206Ssimon.Lopts:
194206Ssimon.asciz	"rc4(8x,int)"
194206Ssimon.asciz	"rc4(8x,char)"
238405Sjkim.asciz	"rc4(16x,int)"
194206Ssimon.asciz	"RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
194206Ssimon.align	64
194206Ssimon.size	RC4_options,.-RC4_options
194206Ssimon___
194206Ssimon
238405Sjkim# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
238405Sjkim#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
238405Sjkimif ($win64) {
238405Sjkim$rec="%rcx";
238405Sjkim$frame="%rdx";
238405Sjkim$context="%r8";
238405Sjkim$disp="%r9";
160814Ssimon
238405Sjkim$code.=<<___;
238405Sjkim.extern	__imp_RtlVirtualUnwind
238405Sjkim.type	stream_se_handler,\@abi-omnipotent
238405Sjkim.align	16
238405Sjkimstream_se_handler:
238405Sjkim	push	%rsi
238405Sjkim	push	%rdi
238405Sjkim	push	%rbx
238405Sjkim	push	%rbp
238405Sjkim	push	%r12
238405Sjkim	push	%r13
238405Sjkim	push	%r14
238405Sjkim	push	%r15
238405Sjkim	pushfq
238405Sjkim	sub	\$64,%rsp
194206Ssimon
238405Sjkim	mov	120($context),%rax	# pull context->Rax
238405Sjkim	mov	248($context),%rbx	# pull context->Rip
238405Sjkim
238405Sjkim	lea	.Lprologue(%rip),%r10
238405Sjkim	cmp	%r10,%rbx		# context->Rip<prologue label
238405Sjkim	jb	.Lin_prologue
238405Sjkim
238405Sjkim	mov	152($context),%rax	# pull context->Rsp
238405Sjkim
238405Sjkim	lea	.Lepilogue(%rip),%r10
238405Sjkim	cmp	%r10,%rbx		# context->Rip>=epilogue label
238405Sjkim	jae	.Lin_prologue
238405Sjkim
238405Sjkim	lea	24(%rax),%rax
238405Sjkim
238405Sjkim	mov	-8(%rax),%rbx
238405Sjkim	mov	-16(%rax),%r12
238405Sjkim	mov	-24(%rax),%r13
238405Sjkim	mov	%rbx,144($context)	# restore context->Rbx
238405Sjkim	mov	%r12,216($context)	# restore context->R12
238405Sjkim	mov	%r13,224($context)	# restore context->R13
238405Sjkim
238405Sjkim.Lin_prologue:
238405Sjkim	mov	8(%rax),%rdi
238405Sjkim	mov	16(%rax),%rsi
238405Sjkim	mov	%rax,152($context)	# restore context->Rsp
238405Sjkim	mov	%rsi,168($context)	# restore context->Rsi
238405Sjkim	mov	%rdi,176($context)	# restore context->Rdi
238405Sjkim
238405Sjkim	jmp	.Lcommon_seh_exit
238405Sjkim.size	stream_se_handler,.-stream_se_handler
238405Sjkim
238405Sjkim.type	key_se_handler,\@abi-omnipotent
238405Sjkim.align	16
238405Sjkimkey_se_handler:
238405Sjkim	push	%rsi
238405Sjkim	push	%rdi
238405Sjkim	push	%rbx
238405Sjkim	push	%rbp
238405Sjkim	push	%r12
238405Sjkim	push	%r13
238405Sjkim	push	%r14
238405Sjkim	push	%r15
238405Sjkim	pushfq
238405Sjkim	sub	\$64,%rsp
238405Sjkim
238405Sjkim	mov	152($context),%rax	# pull context->Rsp
238405Sjkim	mov	8(%rax),%rdi
238405Sjkim	mov	16(%rax),%rsi
238405Sjkim	mov	%rsi,168($context)	# restore context->Rsi
238405Sjkim	mov	%rdi,176($context)	# restore context->Rdi
238405Sjkim
238405Sjkim.Lcommon_seh_exit:
238405Sjkim
238405Sjkim	mov	40($disp),%rdi		# disp->ContextRecord
238405Sjkim	mov	$context,%rsi		# context
238405Sjkim	mov	\$154,%ecx		# sizeof(CONTEXT)
238405Sjkim	.long	0xa548f3fc		# cld; rep movsq
238405Sjkim
238405Sjkim	mov	$disp,%rsi
238405Sjkim	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
238405Sjkim	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
238405Sjkim	mov	0(%rsi),%r8		# arg3, disp->ControlPc
238405Sjkim	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
238405Sjkim	mov	40(%rsi),%r10		# disp->ContextRecord
238405Sjkim	lea	56(%rsi),%r11		# &disp->HandlerData
238405Sjkim	lea	24(%rsi),%r12		# &disp->EstablisherFrame
238405Sjkim	mov	%r10,32(%rsp)		# arg5
238405Sjkim	mov	%r11,40(%rsp)		# arg6
238405Sjkim	mov	%r12,48(%rsp)		# arg7
238405Sjkim	mov	%rcx,56(%rsp)		# arg8, (NULL)
238405Sjkim	call	*__imp_RtlVirtualUnwind(%rip)
238405Sjkim
238405Sjkim	mov	\$1,%eax		# ExceptionContinueSearch
238405Sjkim	add	\$64,%rsp
238405Sjkim	popfq
238405Sjkim	pop	%r15
238405Sjkim	pop	%r14
238405Sjkim	pop	%r13
238405Sjkim	pop	%r12
238405Sjkim	pop	%rbp
238405Sjkim	pop	%rbx
238405Sjkim	pop	%rdi
238405Sjkim	pop	%rsi
238405Sjkim	ret
238405Sjkim.size	key_se_handler,.-key_se_handler
238405Sjkim
238405Sjkim.section	.pdata
238405Sjkim.align	4
238405Sjkim	.rva	.LSEH_begin_RC4
238405Sjkim	.rva	.LSEH_end_RC4
238405Sjkim	.rva	.LSEH_info_RC4
238405Sjkim
238405Sjkim	.rva	.LSEH_begin_private_RC4_set_key
238405Sjkim	.rva	.LSEH_end_private_RC4_set_key
238405Sjkim	.rva	.LSEH_info_private_RC4_set_key
238405Sjkim
238405Sjkim.section	.xdata
238405Sjkim.align	8
238405Sjkim.LSEH_info_RC4:
238405Sjkim	.byte	9,0,0,0
238405Sjkim	.rva	stream_se_handler
238405Sjkim.LSEH_info_private_RC4_set_key:
238405Sjkim	.byte	9,0,0,0
238405Sjkim	.rva	key_se_handler
238405Sjkim___
238405Sjkim}
238405Sjkim
238405Sjkimsub reg_part {
238405Sjkimmy ($reg,$conv)=@_;
238405Sjkim    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
238405Sjkim    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
238405Sjkim    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
238405Sjkim    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
238405Sjkim    return $reg;
238405Sjkim}
238405Sjkim
238405Sjkim$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
238405Sjkim$code =~ s/\`([^\`]*)\`/eval $1/gem;
238405Sjkim
160814Ssimonprint $code;
160814Ssimon
160814Ssimonclose STDOUT;