1#include <machine/asm.h> 2.text 3.globl aesni_encrypt 4.type aesni_encrypt,@function 5.align 16 6aesni_encrypt: 7.L_aesni_encrypt_begin: 8 #ifdef __CET__ 9 10.byte 243,15,30,251 11 #endif 12 13 movl 4(%esp),%eax 14 movl 12(%esp),%edx 15 movups (%eax),%xmm2 16 movl 240(%edx),%ecx 17 movl 8(%esp),%eax 18 movups (%edx),%xmm0 19 movups 16(%edx),%xmm1 20 leal 32(%edx),%edx 21 xorps %xmm0,%xmm2 22.L000enc1_loop_1: 23.byte 102,15,56,220,209 24 decl %ecx 25 movups (%edx),%xmm1 26 leal 16(%edx),%edx 27 jnz .L000enc1_loop_1 28.byte 102,15,56,221,209 29 pxor %xmm0,%xmm0 30 pxor %xmm1,%xmm1 31 movups %xmm2,(%eax) 32 pxor %xmm2,%xmm2 33 ret 34.size aesni_encrypt,.-.L_aesni_encrypt_begin 35.globl aesni_decrypt 36.type aesni_decrypt,@function 37.align 16 38aesni_decrypt: 39.L_aesni_decrypt_begin: 40 #ifdef __CET__ 41 42.byte 243,15,30,251 43 #endif 44 45 movl 4(%esp),%eax 46 movl 12(%esp),%edx 47 movups (%eax),%xmm2 48 movl 240(%edx),%ecx 49 movl 8(%esp),%eax 50 movups (%edx),%xmm0 51 movups 16(%edx),%xmm1 52 leal 32(%edx),%edx 53 xorps %xmm0,%xmm2 54.L001dec1_loop_2: 55.byte 102,15,56,222,209 56 decl %ecx 57 movups (%edx),%xmm1 58 leal 16(%edx),%edx 59 jnz .L001dec1_loop_2 60.byte 102,15,56,223,209 61 pxor %xmm0,%xmm0 62 pxor %xmm1,%xmm1 63 movups %xmm2,(%eax) 64 pxor %xmm2,%xmm2 65 ret 66.size aesni_decrypt,.-.L_aesni_decrypt_begin 67.type _aesni_encrypt2,@function 68.align 16 69_aesni_encrypt2: 70 #ifdef __CET__ 71 72.byte 243,15,30,251 73 #endif 74 75 movups (%edx),%xmm0 76 shll $4,%ecx 77 movups 16(%edx),%xmm1 78 xorps %xmm0,%xmm2 79 pxor %xmm0,%xmm3 80 movups 32(%edx),%xmm0 81 leal 32(%edx,%ecx,1),%edx 82 negl %ecx 83 addl $16,%ecx 84.L002enc2_loop: 85.byte 102,15,56,220,209 86.byte 102,15,56,220,217 87 movups (%edx,%ecx,1),%xmm1 88 addl $32,%ecx 89.byte 102,15,56,220,208 90.byte 102,15,56,220,216 91 movups -16(%edx,%ecx,1),%xmm0 92 jnz .L002enc2_loop 93.byte 102,15,56,220,209 94.byte 102,15,56,220,217 95.byte 102,15,56,221,208 96.byte 102,15,56,221,216 97 ret 98.size _aesni_encrypt2,.-_aesni_encrypt2 99.type _aesni_decrypt2,@function 100.align 16 101_aesni_decrypt2: 102 #ifdef __CET__ 103 104.byte 243,15,30,251 105 #endif 106 107 movups (%edx),%xmm0 108 shll $4,%ecx 109 movups 16(%edx),%xmm1 110 xorps %xmm0,%xmm2 111 pxor %xmm0,%xmm3 112 movups 32(%edx),%xmm0 113 leal 32(%edx,%ecx,1),%edx 114 negl %ecx 115 addl $16,%ecx 116.L003dec2_loop: 117.byte 102,15,56,222,209 118.byte 102,15,56,222,217 119 movups (%edx,%ecx,1),%xmm1 120 addl $32,%ecx 121.byte 102,15,56,222,208 122.byte 102,15,56,222,216 123 movups -16(%edx,%ecx,1),%xmm0 124 jnz .L003dec2_loop 125.byte 102,15,56,222,209 126.byte 102,15,56,222,217 127.byte 102,15,56,223,208 128.byte 102,15,56,223,216 129 ret 130.size _aesni_decrypt2,.-_aesni_decrypt2 131.type _aesni_encrypt3,@function 132.align 16 133_aesni_encrypt3: 134 #ifdef __CET__ 135 136.byte 243,15,30,251 137 #endif 138 139 movups (%edx),%xmm0 140 shll $4,%ecx 141 movups 16(%edx),%xmm1 142 xorps %xmm0,%xmm2 143 pxor %xmm0,%xmm3 144 pxor %xmm0,%xmm4 145 movups 32(%edx),%xmm0 146 leal 32(%edx,%ecx,1),%edx 147 negl %ecx 148 addl $16,%ecx 149.L004enc3_loop: 150.byte 102,15,56,220,209 151.byte 102,15,56,220,217 152.byte 102,15,56,220,225 153 movups (%edx,%ecx,1),%xmm1 154 addl $32,%ecx 155.byte 102,15,56,220,208 156.byte 102,15,56,220,216 157.byte 102,15,56,220,224 158 movups -16(%edx,%ecx,1),%xmm0 159 jnz .L004enc3_loop 160.byte 102,15,56,220,209 161.byte 102,15,56,220,217 162.byte 102,15,56,220,225 163.byte 102,15,56,221,208 164.byte 102,15,56,221,216 165.byte 102,15,56,221,224 166 ret 167.size _aesni_encrypt3,.-_aesni_encrypt3 168.type _aesni_decrypt3,@function 169.align 16 170_aesni_decrypt3: 171 #ifdef __CET__ 172 173.byte 243,15,30,251 174 #endif 175 176 movups (%edx),%xmm0 177 shll $4,%ecx 178 movups 16(%edx),%xmm1 179 xorps %xmm0,%xmm2 180 pxor %xmm0,%xmm3 181 pxor %xmm0,%xmm4 182 movups 32(%edx),%xmm0 183 leal 32(%edx,%ecx,1),%edx 184 negl %ecx 185 addl $16,%ecx 186.L005dec3_loop: 187.byte 102,15,56,222,209 188.byte 102,15,56,222,217 189.byte 102,15,56,222,225 190 movups (%edx,%ecx,1),%xmm1 191 addl $32,%ecx 192.byte 102,15,56,222,208 193.byte 102,15,56,222,216 194.byte 102,15,56,222,224 195 movups -16(%edx,%ecx,1),%xmm0 196 jnz .L005dec3_loop 197.byte 102,15,56,222,209 198.byte 102,15,56,222,217 199.byte 102,15,56,222,225 200.byte 102,15,56,223,208 201.byte 102,15,56,223,216 202.byte 102,15,56,223,224 203 ret 204.size _aesni_decrypt3,.-_aesni_decrypt3 205.type _aesni_encrypt4,@function 206.align 16 207_aesni_encrypt4: 208 #ifdef __CET__ 209 210.byte 243,15,30,251 211 #endif 212 213 movups (%edx),%xmm0 214 movups 16(%edx),%xmm1 215 shll $4,%ecx 216 xorps %xmm0,%xmm2 217 pxor %xmm0,%xmm3 218 pxor %xmm0,%xmm4 219 pxor %xmm0,%xmm5 220 movups 32(%edx),%xmm0 221 leal 32(%edx,%ecx,1),%edx 222 negl %ecx 223.byte 15,31,64,0 224 addl $16,%ecx 225.L006enc4_loop: 226.byte 102,15,56,220,209 227.byte 102,15,56,220,217 228.byte 102,15,56,220,225 229.byte 102,15,56,220,233 230 movups (%edx,%ecx,1),%xmm1 231 addl $32,%ecx 232.byte 102,15,56,220,208 233.byte 102,15,56,220,216 234.byte 102,15,56,220,224 235.byte 102,15,56,220,232 236 movups -16(%edx,%ecx,1),%xmm0 237 jnz .L006enc4_loop 238.byte 102,15,56,220,209 239.byte 102,15,56,220,217 240.byte 102,15,56,220,225 241.byte 102,15,56,220,233 242.byte 102,15,56,221,208 243.byte 102,15,56,221,216 244.byte 102,15,56,221,224 245.byte 102,15,56,221,232 246 ret 247.size _aesni_encrypt4,.-_aesni_encrypt4 248.type _aesni_decrypt4,@function 249.align 16 250_aesni_decrypt4: 251 #ifdef __CET__ 252 253.byte 243,15,30,251 254 #endif 255 256 movups (%edx),%xmm0 257 movups 16(%edx),%xmm1 258 shll $4,%ecx 259 xorps %xmm0,%xmm2 260 pxor %xmm0,%xmm3 261 pxor %xmm0,%xmm4 262 pxor %xmm0,%xmm5 263 movups 32(%edx),%xmm0 264 leal 32(%edx,%ecx,1),%edx 265 negl %ecx 266.byte 15,31,64,0 267 addl $16,%ecx 268.L007dec4_loop: 269.byte 102,15,56,222,209 270.byte 102,15,56,222,217 271.byte 102,15,56,222,225 272.byte 102,15,56,222,233 273 movups (%edx,%ecx,1),%xmm1 274 addl $32,%ecx 275.byte 102,15,56,222,208 276.byte 102,15,56,222,216 277.byte 102,15,56,222,224 278.byte 102,15,56,222,232 279 movups -16(%edx,%ecx,1),%xmm0 280 jnz .L007dec4_loop 281.byte 102,15,56,222,209 282.byte 102,15,56,222,217 283.byte 102,15,56,222,225 284.byte 102,15,56,222,233 285.byte 102,15,56,223,208 286.byte 102,15,56,223,216 287.byte 102,15,56,223,224 288.byte 102,15,56,223,232 289 ret 290.size _aesni_decrypt4,.-_aesni_decrypt4 291.type _aesni_encrypt6,@function 292.align 16 293_aesni_encrypt6: 294 #ifdef __CET__ 295 296.byte 243,15,30,251 297 #endif 298 299 movups (%edx),%xmm0 300 shll $4,%ecx 301 movups 16(%edx),%xmm1 302 xorps %xmm0,%xmm2 303 pxor %xmm0,%xmm3 304 pxor %xmm0,%xmm4 305.byte 102,15,56,220,209 306 pxor %xmm0,%xmm5 307 pxor %xmm0,%xmm6 308.byte 102,15,56,220,217 309 leal 32(%edx,%ecx,1),%edx 310 negl %ecx 311.byte 102,15,56,220,225 312 pxor %xmm0,%xmm7 313 movups (%edx,%ecx,1),%xmm0 314 addl $16,%ecx 315 jmp .L008_aesni_encrypt6_inner 316.align 16 317.L009enc6_loop: 318.byte 102,15,56,220,209 319.byte 102,15,56,220,217 320.byte 102,15,56,220,225 321.L008_aesni_encrypt6_inner: 322.byte 102,15,56,220,233 323.byte 102,15,56,220,241 324.byte 102,15,56,220,249 325.L_aesni_encrypt6_enter: 326 movups (%edx,%ecx,1),%xmm1 327 addl $32,%ecx 328.byte 102,15,56,220,208 329.byte 102,15,56,220,216 330.byte 102,15,56,220,224 331.byte 102,15,56,220,232 332.byte 102,15,56,220,240 333.byte 102,15,56,220,248 334 movups -16(%edx,%ecx,1),%xmm0 335 jnz .L009enc6_loop 336.byte 102,15,56,220,209 337.byte 102,15,56,220,217 338.byte 102,15,56,220,225 339.byte 102,15,56,220,233 340.byte 102,15,56,220,241 341.byte 102,15,56,220,249 342.byte 102,15,56,221,208 343.byte 102,15,56,221,216 344.byte 102,15,56,221,224 345.byte 102,15,56,221,232 346.byte 102,15,56,221,240 347.byte 102,15,56,221,248 348 ret 349.size _aesni_encrypt6,.-_aesni_encrypt6 350.type _aesni_decrypt6,@function 351.align 16 352_aesni_decrypt6: 353 #ifdef __CET__ 354 355.byte 243,15,30,251 356 #endif 357 358 movups (%edx),%xmm0 359 shll $4,%ecx 360 movups 16(%edx),%xmm1 361 xorps %xmm0,%xmm2 362 pxor %xmm0,%xmm3 363 pxor %xmm0,%xmm4 364.byte 102,15,56,222,209 365 pxor %xmm0,%xmm5 366 pxor %xmm0,%xmm6 367.byte 102,15,56,222,217 368 leal 32(%edx,%ecx,1),%edx 369 negl %ecx 370.byte 102,15,56,222,225 371 pxor %xmm0,%xmm7 372 movups (%edx,%ecx,1),%xmm0 373 addl $16,%ecx 374 jmp .L010_aesni_decrypt6_inner 375.align 16 376.L011dec6_loop: 377.byte 102,15,56,222,209 378.byte 102,15,56,222,217 379.byte 102,15,56,222,225 380.L010_aesni_decrypt6_inner: 381.byte 102,15,56,222,233 382.byte 102,15,56,222,241 383.byte 102,15,56,222,249 384.L_aesni_decrypt6_enter: 385 movups (%edx,%ecx,1),%xmm1 386 addl $32,%ecx 387.byte 102,15,56,222,208 388.byte 102,15,56,222,216 389.byte 102,15,56,222,224 390.byte 102,15,56,222,232 391.byte 102,15,56,222,240 392.byte 102,15,56,222,248 393 movups -16(%edx,%ecx,1),%xmm0 394 jnz .L011dec6_loop 395.byte 102,15,56,222,209 396.byte 102,15,56,222,217 397.byte 102,15,56,222,225 398.byte 102,15,56,222,233 399.byte 102,15,56,222,241 400.byte 102,15,56,222,249 401.byte 102,15,56,223,208 402.byte 102,15,56,223,216 403.byte 102,15,56,223,224 404.byte 102,15,56,223,232 405.byte 102,15,56,223,240 406.byte 102,15,56,223,248 407 ret 408.size _aesni_decrypt6,.-_aesni_decrypt6 409.globl aesni_ecb_encrypt 410.type aesni_ecb_encrypt,@function 411.align 16 412aesni_ecb_encrypt: 413.L_aesni_ecb_encrypt_begin: 414 #ifdef __CET__ 415 416.byte 243,15,30,251 417 #endif 418 419 pushl %ebp 420 pushl %ebx 421 pushl %esi 422 pushl %edi 423 movl 20(%esp),%esi 424 movl 24(%esp),%edi 425 movl 28(%esp),%eax 426 movl 32(%esp),%edx 427 movl 36(%esp),%ebx 428 andl $-16,%eax 429 jz .L012ecb_ret 430 movl 240(%edx),%ecx 431 testl %ebx,%ebx 432 jz .L013ecb_decrypt 433 movl %edx,%ebp 434 movl %ecx,%ebx 435 cmpl $96,%eax 436 jb .L014ecb_enc_tail 437 movdqu (%esi),%xmm2 438 movdqu 16(%esi),%xmm3 439 movdqu 32(%esi),%xmm4 440 movdqu 48(%esi),%xmm5 441 movdqu 64(%esi),%xmm6 442 movdqu 80(%esi),%xmm7 443 leal 96(%esi),%esi 444 subl $96,%eax 445 jmp .L015ecb_enc_loop6_enter 446.align 16 447.L016ecb_enc_loop6: 448 movups %xmm2,(%edi) 449 movdqu (%esi),%xmm2 450 movups %xmm3,16(%edi) 451 movdqu 16(%esi),%xmm3 452 movups %xmm4,32(%edi) 453 movdqu 32(%esi),%xmm4 454 movups %xmm5,48(%edi) 455 movdqu 48(%esi),%xmm5 456 movups %xmm6,64(%edi) 457 movdqu 64(%esi),%xmm6 458 movups %xmm7,80(%edi) 459 leal 96(%edi),%edi 460 movdqu 80(%esi),%xmm7 461 leal 96(%esi),%esi 462.L015ecb_enc_loop6_enter: 463 call _aesni_encrypt6 464 movl %ebp,%edx 465 movl %ebx,%ecx 466 subl $96,%eax 467 jnc .L016ecb_enc_loop6 468 movups %xmm2,(%edi) 469 movups %xmm3,16(%edi) 470 movups %xmm4,32(%edi) 471 movups %xmm5,48(%edi) 472 movups %xmm6,64(%edi) 473 movups %xmm7,80(%edi) 474 leal 96(%edi),%edi 475 addl $96,%eax 476 jz .L012ecb_ret 477.L014ecb_enc_tail: 478 movups (%esi),%xmm2 479 cmpl $32,%eax 480 jb .L017ecb_enc_one 481 movups 16(%esi),%xmm3 482 je .L018ecb_enc_two 483 movups 32(%esi),%xmm4 484 cmpl $64,%eax 485 jb .L019ecb_enc_three 486 movups 48(%esi),%xmm5 487 je .L020ecb_enc_four 488 movups 64(%esi),%xmm6 489 xorps %xmm7,%xmm7 490 call _aesni_encrypt6 491 movups %xmm2,(%edi) 492 movups %xmm3,16(%edi) 493 movups %xmm4,32(%edi) 494 movups %xmm5,48(%edi) 495 movups %xmm6,64(%edi) 496 jmp .L012ecb_ret 497.align 16 498.L017ecb_enc_one: 499 movups (%edx),%xmm0 500 movups 16(%edx),%xmm1 501 leal 32(%edx),%edx 502 xorps %xmm0,%xmm2 503.L021enc1_loop_3: 504.byte 102,15,56,220,209 505 decl %ecx 506 movups (%edx),%xmm1 507 leal 16(%edx),%edx 508 jnz .L021enc1_loop_3 509.byte 102,15,56,221,209 510 movups %xmm2,(%edi) 511 jmp .L012ecb_ret 512.align 16 513.L018ecb_enc_two: 514 call _aesni_encrypt2 515 movups %xmm2,(%edi) 516 movups %xmm3,16(%edi) 517 jmp .L012ecb_ret 518.align 16 519.L019ecb_enc_three: 520 call _aesni_encrypt3 521 movups %xmm2,(%edi) 522 movups %xmm3,16(%edi) 523 movups %xmm4,32(%edi) 524 jmp .L012ecb_ret 525.align 16 526.L020ecb_enc_four: 527 call _aesni_encrypt4 528 movups %xmm2,(%edi) 529 movups %xmm3,16(%edi) 530 movups %xmm4,32(%edi) 531 movups %xmm5,48(%edi) 532 jmp .L012ecb_ret 533.align 16 534.L013ecb_decrypt: 535 movl %edx,%ebp 536 movl %ecx,%ebx 537 cmpl $96,%eax 538 jb .L022ecb_dec_tail 539 movdqu (%esi),%xmm2 540 movdqu 16(%esi),%xmm3 541 movdqu 32(%esi),%xmm4 542 movdqu 48(%esi),%xmm5 543 movdqu 64(%esi),%xmm6 544 movdqu 80(%esi),%xmm7 545 leal 96(%esi),%esi 546 subl $96,%eax 547 jmp .L023ecb_dec_loop6_enter 548.align 16 549.L024ecb_dec_loop6: 550 movups %xmm2,(%edi) 551 movdqu (%esi),%xmm2 552 movups %xmm3,16(%edi) 553 movdqu 16(%esi),%xmm3 554 movups %xmm4,32(%edi) 555 movdqu 32(%esi),%xmm4 556 movups %xmm5,48(%edi) 557 movdqu 48(%esi),%xmm5 558 movups %xmm6,64(%edi) 559 movdqu 64(%esi),%xmm6 560 movups %xmm7,80(%edi) 561 leal 96(%edi),%edi 562 movdqu 80(%esi),%xmm7 563 leal 96(%esi),%esi 564.L023ecb_dec_loop6_enter: 565 call _aesni_decrypt6 566 movl %ebp,%edx 567 movl %ebx,%ecx 568 subl $96,%eax 569 jnc .L024ecb_dec_loop6 570 movups %xmm2,(%edi) 571 movups %xmm3,16(%edi) 572 movups %xmm4,32(%edi) 573 movups %xmm5,48(%edi) 574 movups %xmm6,64(%edi) 575 movups %xmm7,80(%edi) 576 leal 96(%edi),%edi 577 addl $96,%eax 578 jz .L012ecb_ret 579.L022ecb_dec_tail: 580 movups (%esi),%xmm2 581 cmpl $32,%eax 582 jb .L025ecb_dec_one 583 movups 16(%esi),%xmm3 584 je .L026ecb_dec_two 585 movups 32(%esi),%xmm4 586 cmpl $64,%eax 587 jb .L027ecb_dec_three 588 movups 48(%esi),%xmm5 589 je .L028ecb_dec_four 590 movups 64(%esi),%xmm6 591 xorps %xmm7,%xmm7 592 call _aesni_decrypt6 593 movups %xmm2,(%edi) 594 movups %xmm3,16(%edi) 595 movups %xmm4,32(%edi) 596 movups %xmm5,48(%edi) 597 movups %xmm6,64(%edi) 598 jmp .L012ecb_ret 599.align 16 600.L025ecb_dec_one: 601 movups (%edx),%xmm0 602 movups 16(%edx),%xmm1 603 leal 32(%edx),%edx 604 xorps %xmm0,%xmm2 605.L029dec1_loop_4: 606.byte 102,15,56,222,209 607 decl %ecx 608 movups (%edx),%xmm1 609 leal 16(%edx),%edx 610 jnz .L029dec1_loop_4 611.byte 102,15,56,223,209 612 movups %xmm2,(%edi) 613 jmp .L012ecb_ret 614.align 16 615.L026ecb_dec_two: 616 call _aesni_decrypt2 617 movups %xmm2,(%edi) 618 movups %xmm3,16(%edi) 619 jmp .L012ecb_ret 620.align 16 621.L027ecb_dec_three: 622 call _aesni_decrypt3 623 movups %xmm2,(%edi) 624 movups %xmm3,16(%edi) 625 movups %xmm4,32(%edi) 626 jmp .L012ecb_ret 627.align 16 628.L028ecb_dec_four: 629 call _aesni_decrypt4 630 movups %xmm2,(%edi) 631 movups %xmm3,16(%edi) 632 movups %xmm4,32(%edi) 633 movups %xmm5,48(%edi) 634.L012ecb_ret: 635 pxor %xmm0,%xmm0 636 pxor %xmm1,%xmm1 637 pxor %xmm2,%xmm2 638 pxor %xmm3,%xmm3 639 pxor %xmm4,%xmm4 640 pxor %xmm5,%xmm5 641 pxor %xmm6,%xmm6 642 pxor %xmm7,%xmm7 643 popl %edi 644 popl %esi 645 popl %ebx 646 popl %ebp 647 ret 648.size aesni_ecb_encrypt,.-.L_aesni_ecb_encrypt_begin 649.globl aesni_ccm64_encrypt_blocks 650.type aesni_ccm64_encrypt_blocks,@function 651.align 16 652aesni_ccm64_encrypt_blocks: 653.L_aesni_ccm64_encrypt_blocks_begin: 654 #ifdef __CET__ 655 656.byte 243,15,30,251 657 #endif 658 659 pushl %ebp 660 pushl %ebx 661 pushl %esi 662 pushl %edi 663 movl 20(%esp),%esi 664 movl 24(%esp),%edi 665 movl 28(%esp),%eax 666 movl 32(%esp),%edx 667 movl 36(%esp),%ebx 668 movl 40(%esp),%ecx 669 movl %esp,%ebp 670 subl $60,%esp 671 andl $-16,%esp 672 movl %ebp,48(%esp) 673 movdqu (%ebx),%xmm7 674 movdqu (%ecx),%xmm3 675 movl 240(%edx),%ecx 676 movl $202182159,(%esp) 677 movl $134810123,4(%esp) 678 movl $67438087,8(%esp) 679 movl $66051,12(%esp) 680 movl $1,%ebx 681 xorl %ebp,%ebp 682 movl %ebx,16(%esp) 683 movl %ebp,20(%esp) 684 movl %ebp,24(%esp) 685 movl %ebp,28(%esp) 686 shll $4,%ecx 687 movl $16,%ebx 688 leal (%edx),%ebp 689 movdqa (%esp),%xmm5 690 movdqa %xmm7,%xmm2 691 leal 32(%edx,%ecx,1),%edx 692 subl %ecx,%ebx 693.byte 102,15,56,0,253 694.L030ccm64_enc_outer: 695 movups (%ebp),%xmm0 696 movl %ebx,%ecx 697 movups (%esi),%xmm6 698 xorps %xmm0,%xmm2 699 movups 16(%ebp),%xmm1 700 xorps %xmm6,%xmm0 701 xorps %xmm0,%xmm3 702 movups 32(%ebp),%xmm0 703.L031ccm64_enc2_loop: 704.byte 102,15,56,220,209 705.byte 102,15,56,220,217 706 movups (%edx,%ecx,1),%xmm1 707 addl $32,%ecx 708.byte 102,15,56,220,208 709.byte 102,15,56,220,216 710 movups -16(%edx,%ecx,1),%xmm0 711 jnz .L031ccm64_enc2_loop 712.byte 102,15,56,220,209 713.byte 102,15,56,220,217 714 paddq 16(%esp),%xmm7 715 decl %eax 716.byte 102,15,56,221,208 717.byte 102,15,56,221,216 718 leal 16(%esi),%esi 719 xorps %xmm2,%xmm6 720 movdqa %xmm7,%xmm2 721 movups %xmm6,(%edi) 722.byte 102,15,56,0,213 723 leal 16(%edi),%edi 724 jnz .L030ccm64_enc_outer 725 movl 48(%esp),%esp 726 movl 40(%esp),%edi 727 movups %xmm3,(%edi) 728 pxor %xmm0,%xmm0 729 pxor %xmm1,%xmm1 730 pxor %xmm2,%xmm2 731 pxor %xmm3,%xmm3 732 pxor %xmm4,%xmm4 733 pxor %xmm5,%xmm5 734 pxor %xmm6,%xmm6 735 pxor %xmm7,%xmm7 736 popl %edi 737 popl %esi 738 popl %ebx 739 popl %ebp 740 ret 741.size aesni_ccm64_encrypt_blocks,.-.L_aesni_ccm64_encrypt_blocks_begin 742.globl aesni_ccm64_decrypt_blocks 743.type aesni_ccm64_decrypt_blocks,@function 744.align 16 745aesni_ccm64_decrypt_blocks: 746.L_aesni_ccm64_decrypt_blocks_begin: 747 #ifdef __CET__ 748 749.byte 243,15,30,251 750 #endif 751 752 pushl %ebp 753 pushl %ebx 754 pushl %esi 755 pushl %edi 756 movl 20(%esp),%esi 757 movl 24(%esp),%edi 758 movl 28(%esp),%eax 759 movl 32(%esp),%edx 760 movl 36(%esp),%ebx 761 movl 40(%esp),%ecx 762 movl %esp,%ebp 763 subl $60,%esp 764 andl $-16,%esp 765 movl %ebp,48(%esp) 766 movdqu (%ebx),%xmm7 767 movdqu (%ecx),%xmm3 768 movl 240(%edx),%ecx 769 movl $202182159,(%esp) 770 movl $134810123,4(%esp) 771 movl $67438087,8(%esp) 772 movl $66051,12(%esp) 773 movl $1,%ebx 774 xorl %ebp,%ebp 775 movl %ebx,16(%esp) 776 movl %ebp,20(%esp) 777 movl %ebp,24(%esp) 778 movl %ebp,28(%esp) 779 movdqa (%esp),%xmm5 780 movdqa %xmm7,%xmm2 781 movl %edx,%ebp 782 movl %ecx,%ebx 783.byte 102,15,56,0,253 784 movups (%edx),%xmm0 785 movups 16(%edx),%xmm1 786 leal 32(%edx),%edx 787 xorps %xmm0,%xmm2 788.L032enc1_loop_5: 789.byte 102,15,56,220,209 790 decl %ecx 791 movups (%edx),%xmm1 792 leal 16(%edx),%edx 793 jnz .L032enc1_loop_5 794.byte 102,15,56,221,209 795 shll $4,%ebx 796 movl $16,%ecx 797 movups (%esi),%xmm6 798 paddq 16(%esp),%xmm7 799 leal 16(%esi),%esi 800 subl %ebx,%ecx 801 leal 32(%ebp,%ebx,1),%edx 802 movl %ecx,%ebx 803 jmp .L033ccm64_dec_outer 804.align 16 805.L033ccm64_dec_outer: 806 xorps %xmm2,%xmm6 807 movdqa %xmm7,%xmm2 808 movups %xmm6,(%edi) 809 leal 16(%edi),%edi 810.byte 102,15,56,0,213 811 subl $1,%eax 812 jz .L034ccm64_dec_break 813 movups (%ebp),%xmm0 814 movl %ebx,%ecx 815 movups 16(%ebp),%xmm1 816 xorps %xmm0,%xmm6 817 xorps %xmm0,%xmm2 818 xorps %xmm6,%xmm3 819 movups 32(%ebp),%xmm0 820.L035ccm64_dec2_loop: 821.byte 102,15,56,220,209 822.byte 102,15,56,220,217 823 movups (%edx,%ecx,1),%xmm1 824 addl $32,%ecx 825.byte 102,15,56,220,208 826.byte 102,15,56,220,216 827 movups -16(%edx,%ecx,1),%xmm0 828 jnz .L035ccm64_dec2_loop 829 movups (%esi),%xmm6 830 paddq 16(%esp),%xmm7 831.byte 102,15,56,220,209 832.byte 102,15,56,220,217 833.byte 102,15,56,221,208 834.byte 102,15,56,221,216 835 leal 16(%esi),%esi 836 jmp .L033ccm64_dec_outer 837.align 16 838.L034ccm64_dec_break: 839 movl 240(%ebp),%ecx 840 movl %ebp,%edx 841 movups (%edx),%xmm0 842 movups 16(%edx),%xmm1 843 xorps %xmm0,%xmm6 844 leal 32(%edx),%edx 845 xorps %xmm6,%xmm3 846.L036enc1_loop_6: 847.byte 102,15,56,220,217 848 decl %ecx 849 movups (%edx),%xmm1 850 leal 16(%edx),%edx 851 jnz .L036enc1_loop_6 852.byte 102,15,56,221,217 853 movl 48(%esp),%esp 854 movl 40(%esp),%edi 855 movups %xmm3,(%edi) 856 pxor %xmm0,%xmm0 857 pxor %xmm1,%xmm1 858 pxor %xmm2,%xmm2 859 pxor %xmm3,%xmm3 860 pxor %xmm4,%xmm4 861 pxor %xmm5,%xmm5 862 pxor %xmm6,%xmm6 863 pxor %xmm7,%xmm7 864 popl %edi 865 popl %esi 866 popl %ebx 867 popl %ebp 868 ret 869.size aesni_ccm64_decrypt_blocks,.-.L_aesni_ccm64_decrypt_blocks_begin 870.globl aesni_ctr32_encrypt_blocks 871.type aesni_ctr32_encrypt_blocks,@function 872.align 16 873aesni_ctr32_encrypt_blocks: 874.L_aesni_ctr32_encrypt_blocks_begin: 875 #ifdef __CET__ 876 877.byte 243,15,30,251 878 #endif 879 880 pushl %ebp 881 pushl %ebx 882 pushl %esi 883 pushl %edi 884 movl 20(%esp),%esi 885 movl 24(%esp),%edi 886 movl 28(%esp),%eax 887 movl 32(%esp),%edx 888 movl 36(%esp),%ebx 889 movl %esp,%ebp 890 subl $88,%esp 891 andl $-16,%esp 892 movl %ebp,80(%esp) 893 cmpl $1,%eax 894 je .L037ctr32_one_shortcut 895 movdqu (%ebx),%xmm7 896 movl $202182159,(%esp) 897 movl $134810123,4(%esp) 898 movl $67438087,8(%esp) 899 movl $66051,12(%esp) 900 movl $6,%ecx 901 xorl %ebp,%ebp 902 movl %ecx,16(%esp) 903 movl %ecx,20(%esp) 904 movl %ecx,24(%esp) 905 movl %ebp,28(%esp) 906.byte 102,15,58,22,251,3 907.byte 102,15,58,34,253,3 908 movl 240(%edx),%ecx 909 bswap %ebx 910 pxor %xmm0,%xmm0 911 pxor %xmm1,%xmm1 912 movdqa (%esp),%xmm2 913.byte 102,15,58,34,195,0 914 leal 3(%ebx),%ebp 915.byte 102,15,58,34,205,0 916 incl %ebx 917.byte 102,15,58,34,195,1 918 incl %ebp 919.byte 102,15,58,34,205,1 920 incl %ebx 921.byte 102,15,58,34,195,2 922 incl %ebp 923.byte 102,15,58,34,205,2 924 movdqa %xmm0,48(%esp) 925.byte 102,15,56,0,194 926 movdqu (%edx),%xmm6 927 movdqa %xmm1,64(%esp) 928.byte 102,15,56,0,202 929 pshufd $192,%xmm0,%xmm2 930 pshufd $128,%xmm0,%xmm3 931 cmpl $6,%eax 932 jb .L038ctr32_tail 933 pxor %xmm6,%xmm7 934 shll $4,%ecx 935 movl $16,%ebx 936 movdqa %xmm7,32(%esp) 937 movl %edx,%ebp 938 subl %ecx,%ebx 939 leal 32(%edx,%ecx,1),%edx 940 subl $6,%eax 941 jmp .L039ctr32_loop6 942.align 16 943.L039ctr32_loop6: 944 pshufd $64,%xmm0,%xmm4 945 movdqa 32(%esp),%xmm0 946 pshufd $192,%xmm1,%xmm5 947 pxor %xmm0,%xmm2 948 pshufd $128,%xmm1,%xmm6 949 pxor %xmm0,%xmm3 950 pshufd $64,%xmm1,%xmm7 951 movups 16(%ebp),%xmm1 952 pxor %xmm0,%xmm4 953 pxor %xmm0,%xmm5 954.byte 102,15,56,220,209 955 pxor %xmm0,%xmm6 956 pxor %xmm0,%xmm7 957.byte 102,15,56,220,217 958 movups 32(%ebp),%xmm0 959 movl %ebx,%ecx 960.byte 102,15,56,220,225 961.byte 102,15,56,220,233 962.byte 102,15,56,220,241 963.byte 102,15,56,220,249 964 call .L_aesni_encrypt6_enter 965 movups (%esi),%xmm1 966 movups 16(%esi),%xmm0 967 xorps %xmm1,%xmm2 968 movups 32(%esi),%xmm1 969 xorps %xmm0,%xmm3 970 movups %xmm2,(%edi) 971 movdqa 16(%esp),%xmm0 972 xorps %xmm1,%xmm4 973 movdqa 64(%esp),%xmm1 974 movups %xmm3,16(%edi) 975 movups %xmm4,32(%edi) 976 paddd %xmm0,%xmm1 977 paddd 48(%esp),%xmm0 978 movdqa (%esp),%xmm2 979 movups 48(%esi),%xmm3 980 movups 64(%esi),%xmm4 981 xorps %xmm3,%xmm5 982 movups 80(%esi),%xmm3 983 leal 96(%esi),%esi 984 movdqa %xmm0,48(%esp) 985.byte 102,15,56,0,194 986 xorps %xmm4,%xmm6 987 movups %xmm5,48(%edi) 988 xorps %xmm3,%xmm7 989 movdqa %xmm1,64(%esp) 990.byte 102,15,56,0,202 991 movups %xmm6,64(%edi) 992 pshufd $192,%xmm0,%xmm2 993 movups %xmm7,80(%edi) 994 leal 96(%edi),%edi 995 pshufd $128,%xmm0,%xmm3 996 subl $6,%eax 997 jnc .L039ctr32_loop6 998 addl $6,%eax 999 jz .L040ctr32_ret 1000 movdqu (%ebp),%xmm7 1001 movl %ebp,%edx 1002 pxor 32(%esp),%xmm7 1003 movl 240(%ebp),%ecx 1004.L038ctr32_tail: 1005 por %xmm7,%xmm2 1006 cmpl $2,%eax 1007 jb .L041ctr32_one 1008 pshufd $64,%xmm0,%xmm4 1009 por %xmm7,%xmm3 1010 je .L042ctr32_two 1011 pshufd $192,%xmm1,%xmm5 1012 por %xmm7,%xmm4 1013 cmpl $4,%eax 1014 jb .L043ctr32_three 1015 pshufd $128,%xmm1,%xmm6 1016 por %xmm7,%xmm5 1017 je .L044ctr32_four 1018 por %xmm7,%xmm6 1019 call _aesni_encrypt6 1020 movups (%esi),%xmm1 1021 movups 16(%esi),%xmm0 1022 xorps %xmm1,%xmm2 1023 movups 32(%esi),%xmm1 1024 xorps %xmm0,%xmm3 1025 movups 48(%esi),%xmm0 1026 xorps %xmm1,%xmm4 1027 movups 64(%esi),%xmm1 1028 xorps %xmm0,%xmm5 1029 movups %xmm2,(%edi) 1030 xorps %xmm1,%xmm6 1031 movups %xmm3,16(%edi) 1032 movups %xmm4,32(%edi) 1033 movups %xmm5,48(%edi) 1034 movups %xmm6,64(%edi) 1035 jmp .L040ctr32_ret 1036.align 16 1037.L037ctr32_one_shortcut: 1038 movups (%ebx),%xmm2 1039 movl 240(%edx),%ecx 1040.L041ctr32_one: 1041 movups (%edx),%xmm0 1042 movups 16(%edx),%xmm1 1043 leal 32(%edx),%edx 1044 xorps %xmm0,%xmm2 1045.L045enc1_loop_7: 1046.byte 102,15,56,220,209 1047 decl %ecx 1048 movups (%edx),%xmm1 1049 leal 16(%edx),%edx 1050 jnz .L045enc1_loop_7 1051.byte 102,15,56,221,209 1052 movups (%esi),%xmm6 1053 xorps %xmm2,%xmm6 1054 movups %xmm6,(%edi) 1055 jmp .L040ctr32_ret 1056.align 16 1057.L042ctr32_two: 1058 call _aesni_encrypt2 1059 movups (%esi),%xmm5 1060 movups 16(%esi),%xmm6 1061 xorps %xmm5,%xmm2 1062 xorps %xmm6,%xmm3 1063 movups %xmm2,(%edi) 1064 movups %xmm3,16(%edi) 1065 jmp .L040ctr32_ret 1066.align 16 1067.L043ctr32_three: 1068 call _aesni_encrypt3 1069 movups (%esi),%xmm5 1070 movups 16(%esi),%xmm6 1071 xorps %xmm5,%xmm2 1072 movups 32(%esi),%xmm7 1073 xorps %xmm6,%xmm3 1074 movups %xmm2,(%edi) 1075 xorps %xmm7,%xmm4 1076 movups %xmm3,16(%edi) 1077 movups %xmm4,32(%edi) 1078 jmp .L040ctr32_ret 1079.align 16 1080.L044ctr32_four: 1081 call _aesni_encrypt4 1082 movups (%esi),%xmm6 1083 movups 16(%esi),%xmm7 1084 movups 32(%esi),%xmm1 1085 xorps %xmm6,%xmm2 1086 movups 48(%esi),%xmm0 1087 xorps %xmm7,%xmm3 1088 movups %xmm2,(%edi) 1089 xorps %xmm1,%xmm4 1090 movups %xmm3,16(%edi) 1091 xorps %xmm0,%xmm5 1092 movups %xmm4,32(%edi) 1093 movups %xmm5,48(%edi) 1094.L040ctr32_ret: 1095 pxor %xmm0,%xmm0 1096 pxor %xmm1,%xmm1 1097 pxor %xmm2,%xmm2 1098 pxor %xmm3,%xmm3 1099 pxor %xmm4,%xmm4 1100 movdqa %xmm0,32(%esp) 1101 pxor %xmm5,%xmm5 1102 movdqa %xmm0,48(%esp) 1103 pxor %xmm6,%xmm6 1104 movdqa %xmm0,64(%esp) 1105 pxor %xmm7,%xmm7 1106 movl 80(%esp),%esp 1107 popl %edi 1108 popl %esi 1109 popl %ebx 1110 popl %ebp 1111 ret 1112.size aesni_ctr32_encrypt_blocks,.-.L_aesni_ctr32_encrypt_blocks_begin 1113.globl aesni_xts_encrypt 1114.type aesni_xts_encrypt,@function 1115.align 16 1116aesni_xts_encrypt: 1117.L_aesni_xts_encrypt_begin: 1118 #ifdef __CET__ 1119 1120.byte 243,15,30,251 1121 #endif 1122 1123 pushl %ebp 1124 pushl %ebx 1125 pushl %esi 1126 pushl %edi 1127 movl 36(%esp),%edx 1128 movl 40(%esp),%esi 1129 movl 240(%edx),%ecx 1130 movups (%esi),%xmm2 1131 movups (%edx),%xmm0 1132 movups 16(%edx),%xmm1 1133 leal 32(%edx),%edx 1134 xorps %xmm0,%xmm2 1135.L046enc1_loop_8: 1136.byte 102,15,56,220,209 1137 decl %ecx 1138 movups (%edx),%xmm1 1139 leal 16(%edx),%edx 1140 jnz .L046enc1_loop_8 1141.byte 102,15,56,221,209 1142 movl 20(%esp),%esi 1143 movl 24(%esp),%edi 1144 movl 28(%esp),%eax 1145 movl 32(%esp),%edx 1146 movl %esp,%ebp 1147 subl $120,%esp 1148 movl 240(%edx),%ecx 1149 andl $-16,%esp 1150 movl $135,96(%esp) 1151 movl $0,100(%esp) 1152 movl $1,104(%esp) 1153 movl $0,108(%esp) 1154 movl %eax,112(%esp) 1155 movl %ebp,116(%esp) 1156 movdqa %xmm2,%xmm1 1157 pxor %xmm0,%xmm0 1158 movdqa 96(%esp),%xmm3 1159 pcmpgtd %xmm1,%xmm0 1160 andl $-16,%eax 1161 movl %edx,%ebp 1162 movl %ecx,%ebx 1163 subl $96,%eax 1164 jc .L047xts_enc_short 1165 shll $4,%ecx 1166 movl $16,%ebx 1167 subl %ecx,%ebx 1168 leal 32(%edx,%ecx,1),%edx 1169 jmp .L048xts_enc_loop6 1170.align 16 1171.L048xts_enc_loop6: 1172 pshufd $19,%xmm0,%xmm2 1173 pxor %xmm0,%xmm0 1174 movdqa %xmm1,(%esp) 1175 paddq %xmm1,%xmm1 1176 pand %xmm3,%xmm2 1177 pcmpgtd %xmm1,%xmm0 1178 pxor %xmm2,%xmm1 1179 pshufd $19,%xmm0,%xmm2 1180 pxor %xmm0,%xmm0 1181 movdqa %xmm1,16(%esp) 1182 paddq %xmm1,%xmm1 1183 pand %xmm3,%xmm2 1184 pcmpgtd %xmm1,%xmm0 1185 pxor %xmm2,%xmm1 1186 pshufd $19,%xmm0,%xmm2 1187 pxor %xmm0,%xmm0 1188 movdqa %xmm1,32(%esp) 1189 paddq %xmm1,%xmm1 1190 pand %xmm3,%xmm2 1191 pcmpgtd %xmm1,%xmm0 1192 pxor %xmm2,%xmm1 1193 pshufd $19,%xmm0,%xmm2 1194 pxor %xmm0,%xmm0 1195 movdqa %xmm1,48(%esp) 1196 paddq %xmm1,%xmm1 1197 pand %xmm3,%xmm2 1198 pcmpgtd %xmm1,%xmm0 1199 pxor %xmm2,%xmm1 1200 pshufd $19,%xmm0,%xmm7 1201 movdqa %xmm1,64(%esp) 1202 paddq %xmm1,%xmm1 1203 movups (%ebp),%xmm0 1204 pand %xmm3,%xmm7 1205 movups (%esi),%xmm2 1206 pxor %xmm1,%xmm7 1207 movl %ebx,%ecx 1208 movdqu 16(%esi),%xmm3 1209 xorps %xmm0,%xmm2 1210 movdqu 32(%esi),%xmm4 1211 pxor %xmm0,%xmm3 1212 movdqu 48(%esi),%xmm5 1213 pxor %xmm0,%xmm4 1214 movdqu 64(%esi),%xmm6 1215 pxor %xmm0,%xmm5 1216 movdqu 80(%esi),%xmm1 1217 pxor %xmm0,%xmm6 1218 leal 96(%esi),%esi 1219 pxor (%esp),%xmm2 1220 movdqa %xmm7,80(%esp) 1221 pxor %xmm1,%xmm7 1222 movups 16(%ebp),%xmm1 1223 pxor 16(%esp),%xmm3 1224 pxor 32(%esp),%xmm4 1225.byte 102,15,56,220,209 1226 pxor 48(%esp),%xmm5 1227 pxor 64(%esp),%xmm6 1228.byte 102,15,56,220,217 1229 pxor %xmm0,%xmm7 1230 movups 32(%ebp),%xmm0 1231.byte 102,15,56,220,225 1232.byte 102,15,56,220,233 1233.byte 102,15,56,220,241 1234.byte 102,15,56,220,249 1235 call .L_aesni_encrypt6_enter 1236 movdqa 80(%esp),%xmm1 1237 pxor %xmm0,%xmm0 1238 xorps (%esp),%xmm2 1239 pcmpgtd %xmm1,%xmm0 1240 xorps 16(%esp),%xmm3 1241 movups %xmm2,(%edi) 1242 xorps 32(%esp),%xmm4 1243 movups %xmm3,16(%edi) 1244 xorps 48(%esp),%xmm5 1245 movups %xmm4,32(%edi) 1246 xorps 64(%esp),%xmm6 1247 movups %xmm5,48(%edi) 1248 xorps %xmm1,%xmm7 1249 movups %xmm6,64(%edi) 1250 pshufd $19,%xmm0,%xmm2 1251 movups %xmm7,80(%edi) 1252 leal 96(%edi),%edi 1253 movdqa 96(%esp),%xmm3 1254 pxor %xmm0,%xmm0 1255 paddq %xmm1,%xmm1 1256 pand %xmm3,%xmm2 1257 pcmpgtd %xmm1,%xmm0 1258 pxor %xmm2,%xmm1 1259 subl $96,%eax 1260 jnc .L048xts_enc_loop6 1261 movl 240(%ebp),%ecx 1262 movl %ebp,%edx 1263 movl %ecx,%ebx 1264.L047xts_enc_short: 1265 addl $96,%eax 1266 jz .L049xts_enc_done6x 1267 movdqa %xmm1,%xmm5 1268 cmpl $32,%eax 1269 jb .L050xts_enc_one 1270 pshufd $19,%xmm0,%xmm2 1271 pxor %xmm0,%xmm0 1272 paddq %xmm1,%xmm1 1273 pand %xmm3,%xmm2 1274 pcmpgtd %xmm1,%xmm0 1275 pxor %xmm2,%xmm1 1276 je .L051xts_enc_two 1277 pshufd $19,%xmm0,%xmm2 1278 pxor %xmm0,%xmm0 1279 movdqa %xmm1,%xmm6 1280 paddq %xmm1,%xmm1 1281 pand %xmm3,%xmm2 1282 pcmpgtd %xmm1,%xmm0 1283 pxor %xmm2,%xmm1 1284 cmpl $64,%eax 1285 jb .L052xts_enc_three 1286 pshufd $19,%xmm0,%xmm2 1287 pxor %xmm0,%xmm0 1288 movdqa %xmm1,%xmm7 1289 paddq %xmm1,%xmm1 1290 pand %xmm3,%xmm2 1291 pcmpgtd %xmm1,%xmm0 1292 pxor %xmm2,%xmm1 1293 movdqa %xmm5,(%esp) 1294 movdqa %xmm6,16(%esp) 1295 je .L053xts_enc_four 1296 movdqa %xmm7,32(%esp) 1297 pshufd $19,%xmm0,%xmm7 1298 movdqa %xmm1,48(%esp) 1299 paddq %xmm1,%xmm1 1300 pand %xmm3,%xmm7 1301 pxor %xmm1,%xmm7 1302 movdqu (%esi),%xmm2 1303 movdqu 16(%esi),%xmm3 1304 movdqu 32(%esi),%xmm4 1305 pxor (%esp),%xmm2 1306 movdqu 48(%esi),%xmm5 1307 pxor 16(%esp),%xmm3 1308 movdqu 64(%esi),%xmm6 1309 pxor 32(%esp),%xmm4 1310 leal 80(%esi),%esi 1311 pxor 48(%esp),%xmm5 1312 movdqa %xmm7,64(%esp) 1313 pxor %xmm7,%xmm6 1314 call _aesni_encrypt6 1315 movaps 64(%esp),%xmm1 1316 xorps (%esp),%xmm2 1317 xorps 16(%esp),%xmm3 1318 xorps 32(%esp),%xmm4 1319 movups %xmm2,(%edi) 1320 xorps 48(%esp),%xmm5 1321 movups %xmm3,16(%edi) 1322 xorps %xmm1,%xmm6 1323 movups %xmm4,32(%edi) 1324 movups %xmm5,48(%edi) 1325 movups %xmm6,64(%edi) 1326 leal 80(%edi),%edi 1327 jmp .L054xts_enc_done 1328.align 16 1329.L050xts_enc_one: 1330 movups (%esi),%xmm2 1331 leal 16(%esi),%esi 1332 xorps %xmm5,%xmm2 1333 movups (%edx),%xmm0 1334 movups 16(%edx),%xmm1 1335 leal 32(%edx),%edx 1336 xorps %xmm0,%xmm2 1337.L055enc1_loop_9: 1338.byte 102,15,56,220,209 1339 decl %ecx 1340 movups (%edx),%xmm1 1341 leal 16(%edx),%edx 1342 jnz .L055enc1_loop_9 1343.byte 102,15,56,221,209 1344 xorps %xmm5,%xmm2 1345 movups %xmm2,(%edi) 1346 leal 16(%edi),%edi 1347 movdqa %xmm5,%xmm1 1348 jmp .L054xts_enc_done 1349.align 16 1350.L051xts_enc_two: 1351 movaps %xmm1,%xmm6 1352 movups (%esi),%xmm2 1353 movups 16(%esi),%xmm3 1354 leal 32(%esi),%esi 1355 xorps %xmm5,%xmm2 1356 xorps %xmm6,%xmm3 1357 call _aesni_encrypt2 1358 xorps %xmm5,%xmm2 1359 xorps %xmm6,%xmm3 1360 movups %xmm2,(%edi) 1361 movups %xmm3,16(%edi) 1362 leal 32(%edi),%edi 1363 movdqa %xmm6,%xmm1 1364 jmp .L054xts_enc_done 1365.align 16 1366.L052xts_enc_three: 1367 movaps %xmm1,%xmm7 1368 movups (%esi),%xmm2 1369 movups 16(%esi),%xmm3 1370 movups 32(%esi),%xmm4 1371 leal 48(%esi),%esi 1372 xorps %xmm5,%xmm2 1373 xorps %xmm6,%xmm3 1374 xorps %xmm7,%xmm4 1375 call _aesni_encrypt3 1376 xorps %xmm5,%xmm2 1377 xorps %xmm6,%xmm3 1378 xorps %xmm7,%xmm4 1379 movups %xmm2,(%edi) 1380 movups %xmm3,16(%edi) 1381 movups %xmm4,32(%edi) 1382 leal 48(%edi),%edi 1383 movdqa %xmm7,%xmm1 1384 jmp .L054xts_enc_done 1385.align 16 1386.L053xts_enc_four: 1387 movaps %xmm1,%xmm6 1388 movups (%esi),%xmm2 1389 movups 16(%esi),%xmm3 1390 movups 32(%esi),%xmm4 1391 xorps (%esp),%xmm2 1392 movups 48(%esi),%xmm5 1393 leal 64(%esi),%esi 1394 xorps 16(%esp),%xmm3 1395 xorps %xmm7,%xmm4 1396 xorps %xmm6,%xmm5 1397 call _aesni_encrypt4 1398 xorps (%esp),%xmm2 1399 xorps 16(%esp),%xmm3 1400 xorps %xmm7,%xmm4 1401 movups %xmm2,(%edi) 1402 xorps %xmm6,%xmm5 1403 movups %xmm3,16(%edi) 1404 movups %xmm4,32(%edi) 1405 movups %xmm5,48(%edi) 1406 leal 64(%edi),%edi 1407 movdqa %xmm6,%xmm1 1408 jmp .L054xts_enc_done 1409.align 16 1410.L049xts_enc_done6x: 1411 movl 112(%esp),%eax 1412 andl $15,%eax 1413 jz .L056xts_enc_ret 1414 movdqa %xmm1,%xmm5 1415 movl %eax,112(%esp) 1416 jmp .L057xts_enc_steal 1417.align 16 1418.L054xts_enc_done: 1419 movl 112(%esp),%eax 1420 pxor %xmm0,%xmm0 1421 andl $15,%eax 1422 jz .L056xts_enc_ret 1423 pcmpgtd %xmm1,%xmm0 1424 movl %eax,112(%esp) 1425 pshufd $19,%xmm0,%xmm5 1426 paddq %xmm1,%xmm1 1427 pand 96(%esp),%xmm5 1428 pxor %xmm1,%xmm5 1429.L057xts_enc_steal: 1430 movzbl (%esi),%ecx 1431 movzbl -16(%edi),%edx 1432 leal 1(%esi),%esi 1433 movb %cl,-16(%edi) 1434 movb %dl,(%edi) 1435 leal 1(%edi),%edi 1436 subl $1,%eax 1437 jnz .L057xts_enc_steal 1438 subl 112(%esp),%edi 1439 movl %ebp,%edx 1440 movl %ebx,%ecx 1441 movups -16(%edi),%xmm2 1442 xorps %xmm5,%xmm2 1443 movups (%edx),%xmm0 1444 movups 16(%edx),%xmm1 1445 leal 32(%edx),%edx 1446 xorps %xmm0,%xmm2 1447.L058enc1_loop_10: 1448.byte 102,15,56,220,209 1449 decl %ecx 1450 movups (%edx),%xmm1 1451 leal 16(%edx),%edx 1452 jnz .L058enc1_loop_10 1453.byte 102,15,56,221,209 1454 xorps %xmm5,%xmm2 1455 movups %xmm2,-16(%edi) 1456.L056xts_enc_ret: 1457 pxor %xmm0,%xmm0 1458 pxor %xmm1,%xmm1 1459 pxor %xmm2,%xmm2 1460 movdqa %xmm0,(%esp) 1461 pxor %xmm3,%xmm3 1462 movdqa %xmm0,16(%esp) 1463 pxor %xmm4,%xmm4 1464 movdqa %xmm0,32(%esp) 1465 pxor %xmm5,%xmm5 1466 movdqa %xmm0,48(%esp) 1467 pxor %xmm6,%xmm6 1468 movdqa %xmm0,64(%esp) 1469 pxor %xmm7,%xmm7 1470 movdqa %xmm0,80(%esp) 1471 movl 116(%esp),%esp 1472 popl %edi 1473 popl %esi 1474 popl %ebx 1475 popl %ebp 1476 ret 1477.size aesni_xts_encrypt,.-.L_aesni_xts_encrypt_begin 1478.globl aesni_xts_decrypt 1479.type aesni_xts_decrypt,@function 1480.align 16 1481aesni_xts_decrypt: 1482.L_aesni_xts_decrypt_begin: 1483 #ifdef __CET__ 1484 1485.byte 243,15,30,251 1486 #endif 1487 1488 pushl %ebp 1489 pushl %ebx 1490 pushl %esi 1491 pushl %edi 1492 movl 36(%esp),%edx 1493 movl 40(%esp),%esi 1494 movl 240(%edx),%ecx 1495 movups (%esi),%xmm2 1496 movups (%edx),%xmm0 1497 movups 16(%edx),%xmm1 1498 leal 32(%edx),%edx 1499 xorps %xmm0,%xmm2 1500.L059enc1_loop_11: 1501.byte 102,15,56,220,209 1502 decl %ecx 1503 movups (%edx),%xmm1 1504 leal 16(%edx),%edx 1505 jnz .L059enc1_loop_11 1506.byte 102,15,56,221,209 1507 movl 20(%esp),%esi 1508 movl 24(%esp),%edi 1509 movl 28(%esp),%eax 1510 movl 32(%esp),%edx 1511 movl %esp,%ebp 1512 subl $120,%esp 1513 andl $-16,%esp 1514 xorl %ebx,%ebx 1515 testl $15,%eax 1516 setnz %bl 1517 shll $4,%ebx 1518 subl %ebx,%eax 1519 movl $135,96(%esp) 1520 movl $0,100(%esp) 1521 movl $1,104(%esp) 1522 movl $0,108(%esp) 1523 movl %eax,112(%esp) 1524 movl %ebp,116(%esp) 1525 movl 240(%edx),%ecx 1526 movl %edx,%ebp 1527 movl %ecx,%ebx 1528 movdqa %xmm2,%xmm1 1529 pxor %xmm0,%xmm0 1530 movdqa 96(%esp),%xmm3 1531 pcmpgtd %xmm1,%xmm0 1532 andl $-16,%eax 1533 subl $96,%eax 1534 jc .L060xts_dec_short 1535 shll $4,%ecx 1536 movl $16,%ebx 1537 subl %ecx,%ebx 1538 leal 32(%edx,%ecx,1),%edx 1539 jmp .L061xts_dec_loop6 1540.align 16 1541.L061xts_dec_loop6: 1542 pshufd $19,%xmm0,%xmm2 1543 pxor %xmm0,%xmm0 1544 movdqa %xmm1,(%esp) 1545 paddq %xmm1,%xmm1 1546 pand %xmm3,%xmm2 1547 pcmpgtd %xmm1,%xmm0 1548 pxor %xmm2,%xmm1 1549 pshufd $19,%xmm0,%xmm2 1550 pxor %xmm0,%xmm0 1551 movdqa %xmm1,16(%esp) 1552 paddq %xmm1,%xmm1 1553 pand %xmm3,%xmm2 1554 pcmpgtd %xmm1,%xmm0 1555 pxor %xmm2,%xmm1 1556 pshufd $19,%xmm0,%xmm2 1557 pxor %xmm0,%xmm0 1558 movdqa %xmm1,32(%esp) 1559 paddq %xmm1,%xmm1 1560 pand %xmm3,%xmm2 1561 pcmpgtd %xmm1,%xmm0 1562 pxor %xmm2,%xmm1 1563 pshufd $19,%xmm0,%xmm2 1564 pxor %xmm0,%xmm0 1565 movdqa %xmm1,48(%esp) 1566 paddq %xmm1,%xmm1 1567 pand %xmm3,%xmm2 1568 pcmpgtd %xmm1,%xmm0 1569 pxor %xmm2,%xmm1 1570 pshufd $19,%xmm0,%xmm7 1571 movdqa %xmm1,64(%esp) 1572 paddq %xmm1,%xmm1 1573 movups (%ebp),%xmm0 1574 pand %xmm3,%xmm7 1575 movups (%esi),%xmm2 1576 pxor %xmm1,%xmm7 1577 movl %ebx,%ecx 1578 movdqu 16(%esi),%xmm3 1579 xorps %xmm0,%xmm2 1580 movdqu 32(%esi),%xmm4 1581 pxor %xmm0,%xmm3 1582 movdqu 48(%esi),%xmm5 1583 pxor %xmm0,%xmm4 1584 movdqu 64(%esi),%xmm6 1585 pxor %xmm0,%xmm5 1586 movdqu 80(%esi),%xmm1 1587 pxor %xmm0,%xmm6 1588 leal 96(%esi),%esi 1589 pxor (%esp),%xmm2 1590 movdqa %xmm7,80(%esp) 1591 pxor %xmm1,%xmm7 1592 movups 16(%ebp),%xmm1 1593 pxor 16(%esp),%xmm3 1594 pxor 32(%esp),%xmm4 1595.byte 102,15,56,222,209 1596 pxor 48(%esp),%xmm5 1597 pxor 64(%esp),%xmm6 1598.byte 102,15,56,222,217 1599 pxor %xmm0,%xmm7 1600 movups 32(%ebp),%xmm0 1601.byte 102,15,56,222,225 1602.byte 102,15,56,222,233 1603.byte 102,15,56,222,241 1604.byte 102,15,56,222,249 1605 call .L_aesni_decrypt6_enter 1606 movdqa 80(%esp),%xmm1 1607 pxor %xmm0,%xmm0 1608 xorps (%esp),%xmm2 1609 pcmpgtd %xmm1,%xmm0 1610 xorps 16(%esp),%xmm3 1611 movups %xmm2,(%edi) 1612 xorps 32(%esp),%xmm4 1613 movups %xmm3,16(%edi) 1614 xorps 48(%esp),%xmm5 1615 movups %xmm4,32(%edi) 1616 xorps 64(%esp),%xmm6 1617 movups %xmm5,48(%edi) 1618 xorps %xmm1,%xmm7 1619 movups %xmm6,64(%edi) 1620 pshufd $19,%xmm0,%xmm2 1621 movups %xmm7,80(%edi) 1622 leal 96(%edi),%edi 1623 movdqa 96(%esp),%xmm3 1624 pxor %xmm0,%xmm0 1625 paddq %xmm1,%xmm1 1626 pand %xmm3,%xmm2 1627 pcmpgtd %xmm1,%xmm0 1628 pxor %xmm2,%xmm1 1629 subl $96,%eax 1630 jnc .L061xts_dec_loop6 1631 movl 240(%ebp),%ecx 1632 movl %ebp,%edx 1633 movl %ecx,%ebx 1634.L060xts_dec_short: 1635 addl $96,%eax 1636 jz .L062xts_dec_done6x 1637 movdqa %xmm1,%xmm5 1638 cmpl $32,%eax 1639 jb .L063xts_dec_one 1640 pshufd $19,%xmm0,%xmm2 1641 pxor %xmm0,%xmm0 1642 paddq %xmm1,%xmm1 1643 pand %xmm3,%xmm2 1644 pcmpgtd %xmm1,%xmm0 1645 pxor %xmm2,%xmm1 1646 je .L064xts_dec_two 1647 pshufd $19,%xmm0,%xmm2 1648 pxor %xmm0,%xmm0 1649 movdqa %xmm1,%xmm6 1650 paddq %xmm1,%xmm1 1651 pand %xmm3,%xmm2 1652 pcmpgtd %xmm1,%xmm0 1653 pxor %xmm2,%xmm1 1654 cmpl $64,%eax 1655 jb .L065xts_dec_three 1656 pshufd $19,%xmm0,%xmm2 1657 pxor %xmm0,%xmm0 1658 movdqa %xmm1,%xmm7 1659 paddq %xmm1,%xmm1 1660 pand %xmm3,%xmm2 1661 pcmpgtd %xmm1,%xmm0 1662 pxor %xmm2,%xmm1 1663 movdqa %xmm5,(%esp) 1664 movdqa %xmm6,16(%esp) 1665 je .L066xts_dec_four 1666 movdqa %xmm7,32(%esp) 1667 pshufd $19,%xmm0,%xmm7 1668 movdqa %xmm1,48(%esp) 1669 paddq %xmm1,%xmm1 1670 pand %xmm3,%xmm7 1671 pxor %xmm1,%xmm7 1672 movdqu (%esi),%xmm2 1673 movdqu 16(%esi),%xmm3 1674 movdqu 32(%esi),%xmm4 1675 pxor (%esp),%xmm2 1676 movdqu 48(%esi),%xmm5 1677 pxor 16(%esp),%xmm3 1678 movdqu 64(%esi),%xmm6 1679 pxor 32(%esp),%xmm4 1680 leal 80(%esi),%esi 1681 pxor 48(%esp),%xmm5 1682 movdqa %xmm7,64(%esp) 1683 pxor %xmm7,%xmm6 1684 call _aesni_decrypt6 1685 movaps 64(%esp),%xmm1 1686 xorps (%esp),%xmm2 1687 xorps 16(%esp),%xmm3 1688 xorps 32(%esp),%xmm4 1689 movups %xmm2,(%edi) 1690 xorps 48(%esp),%xmm5 1691 movups %xmm3,16(%edi) 1692 xorps %xmm1,%xmm6 1693 movups %xmm4,32(%edi) 1694 movups %xmm5,48(%edi) 1695 movups %xmm6,64(%edi) 1696 leal 80(%edi),%edi 1697 jmp .L067xts_dec_done 1698.align 16 1699.L063xts_dec_one: 1700 movups (%esi),%xmm2 1701 leal 16(%esi),%esi 1702 xorps %xmm5,%xmm2 1703 movups (%edx),%xmm0 1704 movups 16(%edx),%xmm1 1705 leal 32(%edx),%edx 1706 xorps %xmm0,%xmm2 1707.L068dec1_loop_12: 1708.byte 102,15,56,222,209 1709 decl %ecx 1710 movups (%edx),%xmm1 1711 leal 16(%edx),%edx 1712 jnz .L068dec1_loop_12 1713.byte 102,15,56,223,209 1714 xorps %xmm5,%xmm2 1715 movups %xmm2,(%edi) 1716 leal 16(%edi),%edi 1717 movdqa %xmm5,%xmm1 1718 jmp .L067xts_dec_done 1719.align 16 1720.L064xts_dec_two: 1721 movaps %xmm1,%xmm6 1722 movups (%esi),%xmm2 1723 movups 16(%esi),%xmm3 1724 leal 32(%esi),%esi 1725 xorps %xmm5,%xmm2 1726 xorps %xmm6,%xmm3 1727 call _aesni_decrypt2 1728 xorps %xmm5,%xmm2 1729 xorps %xmm6,%xmm3 1730 movups %xmm2,(%edi) 1731 movups %xmm3,16(%edi) 1732 leal 32(%edi),%edi 1733 movdqa %xmm6,%xmm1 1734 jmp .L067xts_dec_done 1735.align 16 1736.L065xts_dec_three: 1737 movaps %xmm1,%xmm7 1738 movups (%esi),%xmm2 1739 movups 16(%esi),%xmm3 1740 movups 32(%esi),%xmm4 1741 leal 48(%esi),%esi 1742 xorps %xmm5,%xmm2 1743 xorps %xmm6,%xmm3 1744 xorps %xmm7,%xmm4 1745 call _aesni_decrypt3 1746 xorps %xmm5,%xmm2 1747 xorps %xmm6,%xmm3 1748 xorps %xmm7,%xmm4 1749 movups %xmm2,(%edi) 1750 movups %xmm3,16(%edi) 1751 movups %xmm4,32(%edi) 1752 leal 48(%edi),%edi 1753 movdqa %xmm7,%xmm1 1754 jmp .L067xts_dec_done 1755.align 16 1756.L066xts_dec_four: 1757 movaps %xmm1,%xmm6 1758 movups (%esi),%xmm2 1759 movups 16(%esi),%xmm3 1760 movups 32(%esi),%xmm4 1761 xorps (%esp),%xmm2 1762 movups 48(%esi),%xmm5 1763 leal 64(%esi),%esi 1764 xorps 16(%esp),%xmm3 1765 xorps %xmm7,%xmm4 1766 xorps %xmm6,%xmm5 1767 call _aesni_decrypt4 1768 xorps (%esp),%xmm2 1769 xorps 16(%esp),%xmm3 1770 xorps %xmm7,%xmm4 1771 movups %xmm2,(%edi) 1772 xorps %xmm6,%xmm5 1773 movups %xmm3,16(%edi) 1774 movups %xmm4,32(%edi) 1775 movups %xmm5,48(%edi) 1776 leal 64(%edi),%edi 1777 movdqa %xmm6,%xmm1 1778 jmp .L067xts_dec_done 1779.align 16 1780.L062xts_dec_done6x: 1781 movl 112(%esp),%eax 1782 andl $15,%eax 1783 jz .L069xts_dec_ret 1784 movl %eax,112(%esp) 1785 jmp .L070xts_dec_only_one_more 1786.align 16 1787.L067xts_dec_done: 1788 movl 112(%esp),%eax 1789 pxor %xmm0,%xmm0 1790 andl $15,%eax 1791 jz .L069xts_dec_ret 1792 pcmpgtd %xmm1,%xmm0 1793 movl %eax,112(%esp) 1794 pshufd $19,%xmm0,%xmm2 1795 pxor %xmm0,%xmm0 1796 movdqa 96(%esp),%xmm3 1797 paddq %xmm1,%xmm1 1798 pand %xmm3,%xmm2 1799 pcmpgtd %xmm1,%xmm0 1800 pxor %xmm2,%xmm1 1801.L070xts_dec_only_one_more: 1802 pshufd $19,%xmm0,%xmm5 1803 movdqa %xmm1,%xmm6 1804 paddq %xmm1,%xmm1 1805 pand %xmm3,%xmm5 1806 pxor %xmm1,%xmm5 1807 movl %ebp,%edx 1808 movl %ebx,%ecx 1809 movups (%esi),%xmm2 1810 xorps %xmm5,%xmm2 1811 movups (%edx),%xmm0 1812 movups 16(%edx),%xmm1 1813 leal 32(%edx),%edx 1814 xorps %xmm0,%xmm2 1815.L071dec1_loop_13: 1816.byte 102,15,56,222,209 1817 decl %ecx 1818 movups (%edx),%xmm1 1819 leal 16(%edx),%edx 1820 jnz .L071dec1_loop_13 1821.byte 102,15,56,223,209 1822 xorps %xmm5,%xmm2 1823 movups %xmm2,(%edi) 1824.L072xts_dec_steal: 1825 movzbl 16(%esi),%ecx 1826 movzbl (%edi),%edx 1827 leal 1(%esi),%esi 1828 movb %cl,(%edi) 1829 movb %dl,16(%edi) 1830 leal 1(%edi),%edi 1831 subl $1,%eax 1832 jnz .L072xts_dec_steal 1833 subl 112(%esp),%edi 1834 movl %ebp,%edx 1835 movl %ebx,%ecx 1836 movups (%edi),%xmm2 1837 xorps %xmm6,%xmm2 1838 movups (%edx),%xmm0 1839 movups 16(%edx),%xmm1 1840 leal 32(%edx),%edx 1841 xorps %xmm0,%xmm2 1842.L073dec1_loop_14: 1843.byte 102,15,56,222,209 1844 decl %ecx 1845 movups (%edx),%xmm1 1846 leal 16(%edx),%edx 1847 jnz .L073dec1_loop_14 1848.byte 102,15,56,223,209 1849 xorps %xmm6,%xmm2 1850 movups %xmm2,(%edi) 1851.L069xts_dec_ret: 1852 pxor %xmm0,%xmm0 1853 pxor %xmm1,%xmm1 1854 pxor %xmm2,%xmm2 1855 movdqa %xmm0,(%esp) 1856 pxor %xmm3,%xmm3 1857 movdqa %xmm0,16(%esp) 1858 pxor %xmm4,%xmm4 1859 movdqa %xmm0,32(%esp) 1860 pxor %xmm5,%xmm5 1861 movdqa %xmm0,48(%esp) 1862 pxor %xmm6,%xmm6 1863 movdqa %xmm0,64(%esp) 1864 pxor %xmm7,%xmm7 1865 movdqa %xmm0,80(%esp) 1866 movl 116(%esp),%esp 1867 popl %edi 1868 popl %esi 1869 popl %ebx 1870 popl %ebp 1871 ret 1872.size aesni_xts_decrypt,.-.L_aesni_xts_decrypt_begin 1873.globl aesni_ocb_encrypt 1874.type aesni_ocb_encrypt,@function 1875.align 16 1876aesni_ocb_encrypt: 1877.L_aesni_ocb_encrypt_begin: 1878 #ifdef __CET__ 1879 1880.byte 243,15,30,251 1881 #endif 1882 1883 pushl %ebp 1884 pushl %ebx 1885 pushl %esi 1886 pushl %edi 1887 movl 40(%esp),%ecx 1888 movl 48(%esp),%ebx 1889 movl 20(%esp),%esi 1890 movl 24(%esp),%edi 1891 movl 28(%esp),%eax 1892 movl 32(%esp),%edx 1893 movdqu (%ecx),%xmm0 1894 movl 36(%esp),%ebp 1895 movdqu (%ebx),%xmm1 1896 movl 44(%esp),%ebx 1897 movl %esp,%ecx 1898 subl $132,%esp 1899 andl $-16,%esp 1900 subl %esi,%edi 1901 shll $4,%eax 1902 leal -96(%esi,%eax,1),%eax 1903 movl %edi,120(%esp) 1904 movl %eax,124(%esp) 1905 movl %ecx,128(%esp) 1906 movl 240(%edx),%ecx 1907 testl $1,%ebp 1908 jnz .L074odd 1909 bsfl %ebp,%eax 1910 addl $1,%ebp 1911 shll $4,%eax 1912 movdqu (%ebx,%eax,1),%xmm7 1913 movl %edx,%eax 1914 movdqu (%esi),%xmm2 1915 leal 16(%esi),%esi 1916 pxor %xmm0,%xmm7 1917 pxor %xmm2,%xmm1 1918 pxor %xmm7,%xmm2 1919 movdqa %xmm1,%xmm6 1920 movups (%edx),%xmm0 1921 movups 16(%edx),%xmm1 1922 leal 32(%edx),%edx 1923 xorps %xmm0,%xmm2 1924.L075enc1_loop_15: 1925.byte 102,15,56,220,209 1926 decl %ecx 1927 movups (%edx),%xmm1 1928 leal 16(%edx),%edx 1929 jnz .L075enc1_loop_15 1930.byte 102,15,56,221,209 1931 xorps %xmm7,%xmm2 1932 movdqa %xmm7,%xmm0 1933 movdqa %xmm6,%xmm1 1934 movups %xmm2,-16(%edi,%esi,1) 1935 movl 240(%eax),%ecx 1936 movl %eax,%edx 1937 movl 124(%esp),%eax 1938.L074odd: 1939 shll $4,%ecx 1940 movl $16,%edi 1941 subl %ecx,%edi 1942 movl %edx,112(%esp) 1943 leal 32(%edx,%ecx,1),%edx 1944 movl %edi,116(%esp) 1945 cmpl %eax,%esi 1946 ja .L076short 1947 jmp .L077grandloop 1948.align 32 1949.L077grandloop: 1950 leal 1(%ebp),%ecx 1951 leal 3(%ebp),%eax 1952 leal 5(%ebp),%edi 1953 addl $6,%ebp 1954 bsfl %ecx,%ecx 1955 bsfl %eax,%eax 1956 bsfl %edi,%edi 1957 shll $4,%ecx 1958 shll $4,%eax 1959 shll $4,%edi 1960 movdqu (%ebx),%xmm2 1961 movdqu (%ebx,%ecx,1),%xmm3 1962 movl 116(%esp),%ecx 1963 movdqa %xmm2,%xmm4 1964 movdqu (%ebx,%eax,1),%xmm5 1965 movdqa %xmm2,%xmm6 1966 movdqu (%ebx,%edi,1),%xmm7 1967 pxor %xmm0,%xmm2 1968 pxor %xmm2,%xmm3 1969 movdqa %xmm2,(%esp) 1970 pxor %xmm3,%xmm4 1971 movdqa %xmm3,16(%esp) 1972 pxor %xmm4,%xmm5 1973 movdqa %xmm4,32(%esp) 1974 pxor %xmm5,%xmm6 1975 movdqa %xmm5,48(%esp) 1976 pxor %xmm6,%xmm7 1977 movdqa %xmm6,64(%esp) 1978 movdqa %xmm7,80(%esp) 1979 movups -48(%edx,%ecx,1),%xmm0 1980 movdqu (%esi),%xmm2 1981 movdqu 16(%esi),%xmm3 1982 movdqu 32(%esi),%xmm4 1983 movdqu 48(%esi),%xmm5 1984 movdqu 64(%esi),%xmm6 1985 movdqu 80(%esi),%xmm7 1986 leal 96(%esi),%esi 1987 pxor %xmm2,%xmm1 1988 pxor %xmm0,%xmm2 1989 pxor %xmm3,%xmm1 1990 pxor %xmm0,%xmm3 1991 pxor %xmm4,%xmm1 1992 pxor %xmm0,%xmm4 1993 pxor %xmm5,%xmm1 1994 pxor %xmm0,%xmm5 1995 pxor %xmm6,%xmm1 1996 pxor %xmm0,%xmm6 1997 pxor %xmm7,%xmm1 1998 pxor %xmm0,%xmm7 1999 movdqa %xmm1,96(%esp) 2000 movups -32(%edx,%ecx,1),%xmm1 2001 pxor (%esp),%xmm2 2002 pxor 16(%esp),%xmm3 2003 pxor 32(%esp),%xmm4 2004 pxor 48(%esp),%xmm5 2005 pxor 64(%esp),%xmm6 2006 pxor 80(%esp),%xmm7 2007 movups -16(%edx,%ecx,1),%xmm0 2008.byte 102,15,56,220,209 2009.byte 102,15,56,220,217 2010.byte 102,15,56,220,225 2011.byte 102,15,56,220,233 2012.byte 102,15,56,220,241 2013.byte 102,15,56,220,249 2014 movl 120(%esp),%edi 2015 movl 124(%esp),%eax 2016 call .L_aesni_encrypt6_enter 2017 movdqa 80(%esp),%xmm0 2018 pxor (%esp),%xmm2 2019 pxor 16(%esp),%xmm3 2020 pxor 32(%esp),%xmm4 2021 pxor 48(%esp),%xmm5 2022 pxor 64(%esp),%xmm6 2023 pxor %xmm0,%xmm7 2024 movdqa 96(%esp),%xmm1 2025 movdqu %xmm2,-96(%edi,%esi,1) 2026 movdqu %xmm3,-80(%edi,%esi,1) 2027 movdqu %xmm4,-64(%edi,%esi,1) 2028 movdqu %xmm5,-48(%edi,%esi,1) 2029 movdqu %xmm6,-32(%edi,%esi,1) 2030 movdqu %xmm7,-16(%edi,%esi,1) 2031 cmpl %eax,%esi 2032 jbe .L077grandloop 2033.L076short: 2034 addl $96,%eax 2035 subl %esi,%eax 2036 jz .L078done 2037 cmpl $32,%eax 2038 jb .L079one 2039 je .L080two 2040 cmpl $64,%eax 2041 jb .L081three 2042 je .L082four 2043 leal 1(%ebp),%ecx 2044 leal 3(%ebp),%eax 2045 bsfl %ecx,%ecx 2046 bsfl %eax,%eax 2047 shll $4,%ecx 2048 shll $4,%eax 2049 movdqu (%ebx),%xmm2 2050 movdqu (%ebx,%ecx,1),%xmm3 2051 movl 116(%esp),%ecx 2052 movdqa %xmm2,%xmm4 2053 movdqu (%ebx,%eax,1),%xmm5 2054 movdqa %xmm2,%xmm6 2055 pxor %xmm0,%xmm2 2056 pxor %xmm2,%xmm3 2057 movdqa %xmm2,(%esp) 2058 pxor %xmm3,%xmm4 2059 movdqa %xmm3,16(%esp) 2060 pxor %xmm4,%xmm5 2061 movdqa %xmm4,32(%esp) 2062 pxor %xmm5,%xmm6 2063 movdqa %xmm5,48(%esp) 2064 pxor %xmm6,%xmm7 2065 movdqa %xmm6,64(%esp) 2066 movups -48(%edx,%ecx,1),%xmm0 2067 movdqu (%esi),%xmm2 2068 movdqu 16(%esi),%xmm3 2069 movdqu 32(%esi),%xmm4 2070 movdqu 48(%esi),%xmm5 2071 movdqu 64(%esi),%xmm6 2072 pxor %xmm7,%xmm7 2073 pxor %xmm2,%xmm1 2074 pxor %xmm0,%xmm2 2075 pxor %xmm3,%xmm1 2076 pxor %xmm0,%xmm3 2077 pxor %xmm4,%xmm1 2078 pxor %xmm0,%xmm4 2079 pxor %xmm5,%xmm1 2080 pxor %xmm0,%xmm5 2081 pxor %xmm6,%xmm1 2082 pxor %xmm0,%xmm6 2083 movdqa %xmm1,96(%esp) 2084 movups -32(%edx,%ecx,1),%xmm1 2085 pxor (%esp),%xmm2 2086 pxor 16(%esp),%xmm3 2087 pxor 32(%esp),%xmm4 2088 pxor 48(%esp),%xmm5 2089 pxor 64(%esp),%xmm6 2090 movups -16(%edx,%ecx,1),%xmm0 2091.byte 102,15,56,220,209 2092.byte 102,15,56,220,217 2093.byte 102,15,56,220,225 2094.byte 102,15,56,220,233 2095.byte 102,15,56,220,241 2096.byte 102,15,56,220,249 2097 movl 120(%esp),%edi 2098 call .L_aesni_encrypt6_enter 2099 movdqa 64(%esp),%xmm0 2100 pxor (%esp),%xmm2 2101 pxor 16(%esp),%xmm3 2102 pxor 32(%esp),%xmm4 2103 pxor 48(%esp),%xmm5 2104 pxor %xmm0,%xmm6 2105 movdqa 96(%esp),%xmm1 2106 movdqu %xmm2,(%edi,%esi,1) 2107 movdqu %xmm3,16(%edi,%esi,1) 2108 movdqu %xmm4,32(%edi,%esi,1) 2109 movdqu %xmm5,48(%edi,%esi,1) 2110 movdqu %xmm6,64(%edi,%esi,1) 2111 jmp .L078done 2112.align 16 2113.L079one: 2114 movdqu (%ebx),%xmm7 2115 movl 112(%esp),%edx 2116 movdqu (%esi),%xmm2 2117 movl 240(%edx),%ecx 2118 pxor %xmm0,%xmm7 2119 pxor %xmm2,%xmm1 2120 pxor %xmm7,%xmm2 2121 movdqa %xmm1,%xmm6 2122 movl 120(%esp),%edi 2123 movups (%edx),%xmm0 2124 movups 16(%edx),%xmm1 2125 leal 32(%edx),%edx 2126 xorps %xmm0,%xmm2 2127.L083enc1_loop_16: 2128.byte 102,15,56,220,209 2129 decl %ecx 2130 movups (%edx),%xmm1 2131 leal 16(%edx),%edx 2132 jnz .L083enc1_loop_16 2133.byte 102,15,56,221,209 2134 xorps %xmm7,%xmm2 2135 movdqa %xmm7,%xmm0 2136 movdqa %xmm6,%xmm1 2137 movups %xmm2,(%edi,%esi,1) 2138 jmp .L078done 2139.align 16 2140.L080two: 2141 leal 1(%ebp),%ecx 2142 movl 112(%esp),%edx 2143 bsfl %ecx,%ecx 2144 shll $4,%ecx 2145 movdqu (%ebx),%xmm6 2146 movdqu (%ebx,%ecx,1),%xmm7 2147 movdqu (%esi),%xmm2 2148 movdqu 16(%esi),%xmm3 2149 movl 240(%edx),%ecx 2150 pxor %xmm0,%xmm6 2151 pxor %xmm6,%xmm7 2152 pxor %xmm2,%xmm1 2153 pxor %xmm6,%xmm2 2154 pxor %xmm3,%xmm1 2155 pxor %xmm7,%xmm3 2156 movdqa %xmm1,%xmm5 2157 movl 120(%esp),%edi 2158 call _aesni_encrypt2 2159 xorps %xmm6,%xmm2 2160 xorps %xmm7,%xmm3 2161 movdqa %xmm7,%xmm0 2162 movdqa %xmm5,%xmm1 2163 movups %xmm2,(%edi,%esi,1) 2164 movups %xmm3,16(%edi,%esi,1) 2165 jmp .L078done 2166.align 16 2167.L081three: 2168 leal 1(%ebp),%ecx 2169 movl 112(%esp),%edx 2170 bsfl %ecx,%ecx 2171 shll $4,%ecx 2172 movdqu (%ebx),%xmm5 2173 movdqu (%ebx,%ecx,1),%xmm6 2174 movdqa %xmm5,%xmm7 2175 movdqu (%esi),%xmm2 2176 movdqu 16(%esi),%xmm3 2177 movdqu 32(%esi),%xmm4 2178 movl 240(%edx),%ecx 2179 pxor %xmm0,%xmm5 2180 pxor %xmm5,%xmm6 2181 pxor %xmm6,%xmm7 2182 pxor %xmm2,%xmm1 2183 pxor %xmm5,%xmm2 2184 pxor %xmm3,%xmm1 2185 pxor %xmm6,%xmm3 2186 pxor %xmm4,%xmm1 2187 pxor %xmm7,%xmm4 2188 movdqa %xmm1,96(%esp) 2189 movl 120(%esp),%edi 2190 call _aesni_encrypt3 2191 xorps %xmm5,%xmm2 2192 xorps %xmm6,%xmm3 2193 xorps %xmm7,%xmm4 2194 movdqa %xmm7,%xmm0 2195 movdqa 96(%esp),%xmm1 2196 movups %xmm2,(%edi,%esi,1) 2197 movups %xmm3,16(%edi,%esi,1) 2198 movups %xmm4,32(%edi,%esi,1) 2199 jmp .L078done 2200.align 16 2201.L082four: 2202 leal 1(%ebp),%ecx 2203 leal 3(%ebp),%eax 2204 bsfl %ecx,%ecx 2205 bsfl %eax,%eax 2206 movl 112(%esp),%edx 2207 shll $4,%ecx 2208 shll $4,%eax 2209 movdqu (%ebx),%xmm4 2210 movdqu (%ebx,%ecx,1),%xmm5 2211 movdqa %xmm4,%xmm6 2212 movdqu (%ebx,%eax,1),%xmm7 2213 pxor %xmm0,%xmm4 2214 movdqu (%esi),%xmm2 2215 pxor %xmm4,%xmm5 2216 movdqu 16(%esi),%xmm3 2217 pxor %xmm5,%xmm6 2218 movdqa %xmm4,(%esp) 2219 pxor %xmm6,%xmm7 2220 movdqa %xmm5,16(%esp) 2221 movdqu 32(%esi),%xmm4 2222 movdqu 48(%esi),%xmm5 2223 movl 240(%edx),%ecx 2224 pxor %xmm2,%xmm1 2225 pxor (%esp),%xmm2 2226 pxor %xmm3,%xmm1 2227 pxor 16(%esp),%xmm3 2228 pxor %xmm4,%xmm1 2229 pxor %xmm6,%xmm4 2230 pxor %xmm5,%xmm1 2231 pxor %xmm7,%xmm5 2232 movdqa %xmm1,96(%esp) 2233 movl 120(%esp),%edi 2234 call _aesni_encrypt4 2235 xorps (%esp),%xmm2 2236 xorps 16(%esp),%xmm3 2237 xorps %xmm6,%xmm4 2238 movups %xmm2,(%edi,%esi,1) 2239 xorps %xmm7,%xmm5 2240 movups %xmm3,16(%edi,%esi,1) 2241 movdqa %xmm7,%xmm0 2242 movups %xmm4,32(%edi,%esi,1) 2243 movdqa 96(%esp),%xmm1 2244 movups %xmm5,48(%edi,%esi,1) 2245.L078done: 2246 movl 128(%esp),%edx 2247 pxor %xmm2,%xmm2 2248 pxor %xmm3,%xmm3 2249 movdqa %xmm2,(%esp) 2250 pxor %xmm4,%xmm4 2251 movdqa %xmm2,16(%esp) 2252 pxor %xmm5,%xmm5 2253 movdqa %xmm2,32(%esp) 2254 pxor %xmm6,%xmm6 2255 movdqa %xmm2,48(%esp) 2256 pxor %xmm7,%xmm7 2257 movdqa %xmm2,64(%esp) 2258 movdqa %xmm2,80(%esp) 2259 movdqa %xmm2,96(%esp) 2260 leal (%edx),%esp 2261 movl 40(%esp),%ecx 2262 movl 48(%esp),%ebx 2263 movdqu %xmm0,(%ecx) 2264 pxor %xmm0,%xmm0 2265 movdqu %xmm1,(%ebx) 2266 pxor %xmm1,%xmm1 2267 popl %edi 2268 popl %esi 2269 popl %ebx 2270 popl %ebp 2271 ret 2272.size aesni_ocb_encrypt,.-.L_aesni_ocb_encrypt_begin 2273.globl aesni_ocb_decrypt 2274.type aesni_ocb_decrypt,@function 2275.align 16 2276aesni_ocb_decrypt: 2277.L_aesni_ocb_decrypt_begin: 2278 #ifdef __CET__ 2279 2280.byte 243,15,30,251 2281 #endif 2282 2283 pushl %ebp 2284 pushl %ebx 2285 pushl %esi 2286 pushl %edi 2287 movl 40(%esp),%ecx 2288 movl 48(%esp),%ebx 2289 movl 20(%esp),%esi 2290 movl 24(%esp),%edi 2291 movl 28(%esp),%eax 2292 movl 32(%esp),%edx 2293 movdqu (%ecx),%xmm0 2294 movl 36(%esp),%ebp 2295 movdqu (%ebx),%xmm1 2296 movl 44(%esp),%ebx 2297 movl %esp,%ecx 2298 subl $132,%esp 2299 andl $-16,%esp 2300 subl %esi,%edi 2301 shll $4,%eax 2302 leal -96(%esi,%eax,1),%eax 2303 movl %edi,120(%esp) 2304 movl %eax,124(%esp) 2305 movl %ecx,128(%esp) 2306 movl 240(%edx),%ecx 2307 testl $1,%ebp 2308 jnz .L084odd 2309 bsfl %ebp,%eax 2310 addl $1,%ebp 2311 shll $4,%eax 2312 movdqu (%ebx,%eax,1),%xmm7 2313 movl %edx,%eax 2314 movdqu (%esi),%xmm2 2315 leal 16(%esi),%esi 2316 pxor %xmm0,%xmm7 2317 pxor %xmm7,%xmm2 2318 movdqa %xmm1,%xmm6 2319 movups (%edx),%xmm0 2320 movups 16(%edx),%xmm1 2321 leal 32(%edx),%edx 2322 xorps %xmm0,%xmm2 2323.L085dec1_loop_17: 2324.byte 102,15,56,222,209 2325 decl %ecx 2326 movups (%edx),%xmm1 2327 leal 16(%edx),%edx 2328 jnz .L085dec1_loop_17 2329.byte 102,15,56,223,209 2330 xorps %xmm7,%xmm2 2331 movaps %xmm6,%xmm1 2332 movdqa %xmm7,%xmm0 2333 xorps %xmm2,%xmm1 2334 movups %xmm2,-16(%edi,%esi,1) 2335 movl 240(%eax),%ecx 2336 movl %eax,%edx 2337 movl 124(%esp),%eax 2338.L084odd: 2339 shll $4,%ecx 2340 movl $16,%edi 2341 subl %ecx,%edi 2342 movl %edx,112(%esp) 2343 leal 32(%edx,%ecx,1),%edx 2344 movl %edi,116(%esp) 2345 cmpl %eax,%esi 2346 ja .L086short 2347 jmp .L087grandloop 2348.align 32 2349.L087grandloop: 2350 leal 1(%ebp),%ecx 2351 leal 3(%ebp),%eax 2352 leal 5(%ebp),%edi 2353 addl $6,%ebp 2354 bsfl %ecx,%ecx 2355 bsfl %eax,%eax 2356 bsfl %edi,%edi 2357 shll $4,%ecx 2358 shll $4,%eax 2359 shll $4,%edi 2360 movdqu (%ebx),%xmm2 2361 movdqu (%ebx,%ecx,1),%xmm3 2362 movl 116(%esp),%ecx 2363 movdqa %xmm2,%xmm4 2364 movdqu (%ebx,%eax,1),%xmm5 2365 movdqa %xmm2,%xmm6 2366 movdqu (%ebx,%edi,1),%xmm7 2367 pxor %xmm0,%xmm2 2368 pxor %xmm2,%xmm3 2369 movdqa %xmm2,(%esp) 2370 pxor %xmm3,%xmm4 2371 movdqa %xmm3,16(%esp) 2372 pxor %xmm4,%xmm5 2373 movdqa %xmm4,32(%esp) 2374 pxor %xmm5,%xmm6 2375 movdqa %xmm5,48(%esp) 2376 pxor %xmm6,%xmm7 2377 movdqa %xmm6,64(%esp) 2378 movdqa %xmm7,80(%esp) 2379 movups -48(%edx,%ecx,1),%xmm0 2380 movdqu (%esi),%xmm2 2381 movdqu 16(%esi),%xmm3 2382 movdqu 32(%esi),%xmm4 2383 movdqu 48(%esi),%xmm5 2384 movdqu 64(%esi),%xmm6 2385 movdqu 80(%esi),%xmm7 2386 leal 96(%esi),%esi 2387 movdqa %xmm1,96(%esp) 2388 pxor %xmm0,%xmm2 2389 pxor %xmm0,%xmm3 2390 pxor %xmm0,%xmm4 2391 pxor %xmm0,%xmm5 2392 pxor %xmm0,%xmm6 2393 pxor %xmm0,%xmm7 2394 movups -32(%edx,%ecx,1),%xmm1 2395 pxor (%esp),%xmm2 2396 pxor 16(%esp),%xmm3 2397 pxor 32(%esp),%xmm4 2398 pxor 48(%esp),%xmm5 2399 pxor 64(%esp),%xmm6 2400 pxor 80(%esp),%xmm7 2401 movups -16(%edx,%ecx,1),%xmm0 2402.byte 102,15,56,222,209 2403.byte 102,15,56,222,217 2404.byte 102,15,56,222,225 2405.byte 102,15,56,222,233 2406.byte 102,15,56,222,241 2407.byte 102,15,56,222,249 2408 movl 120(%esp),%edi 2409 movl 124(%esp),%eax 2410 call .L_aesni_decrypt6_enter 2411 movdqa 80(%esp),%xmm0 2412 pxor (%esp),%xmm2 2413 movdqa 96(%esp),%xmm1 2414 pxor 16(%esp),%xmm3 2415 pxor 32(%esp),%xmm4 2416 pxor 48(%esp),%xmm5 2417 pxor 64(%esp),%xmm6 2418 pxor %xmm0,%xmm7 2419 pxor %xmm2,%xmm1 2420 movdqu %xmm2,-96(%edi,%esi,1) 2421 pxor %xmm3,%xmm1 2422 movdqu %xmm3,-80(%edi,%esi,1) 2423 pxor %xmm4,%xmm1 2424 movdqu %xmm4,-64(%edi,%esi,1) 2425 pxor %xmm5,%xmm1 2426 movdqu %xmm5,-48(%edi,%esi,1) 2427 pxor %xmm6,%xmm1 2428 movdqu %xmm6,-32(%edi,%esi,1) 2429 pxor %xmm7,%xmm1 2430 movdqu %xmm7,-16(%edi,%esi,1) 2431 cmpl %eax,%esi 2432 jbe .L087grandloop 2433.L086short: 2434 addl $96,%eax 2435 subl %esi,%eax 2436 jz .L088done 2437 cmpl $32,%eax 2438 jb .L089one 2439 je .L090two 2440 cmpl $64,%eax 2441 jb .L091three 2442 je .L092four 2443 leal 1(%ebp),%ecx 2444 leal 3(%ebp),%eax 2445 bsfl %ecx,%ecx 2446 bsfl %eax,%eax 2447 shll $4,%ecx 2448 shll $4,%eax 2449 movdqu (%ebx),%xmm2 2450 movdqu (%ebx,%ecx,1),%xmm3 2451 movl 116(%esp),%ecx 2452 movdqa %xmm2,%xmm4 2453 movdqu (%ebx,%eax,1),%xmm5 2454 movdqa %xmm2,%xmm6 2455 pxor %xmm0,%xmm2 2456 pxor %xmm2,%xmm3 2457 movdqa %xmm2,(%esp) 2458 pxor %xmm3,%xmm4 2459 movdqa %xmm3,16(%esp) 2460 pxor %xmm4,%xmm5 2461 movdqa %xmm4,32(%esp) 2462 pxor %xmm5,%xmm6 2463 movdqa %xmm5,48(%esp) 2464 pxor %xmm6,%xmm7 2465 movdqa %xmm6,64(%esp) 2466 movups -48(%edx,%ecx,1),%xmm0 2467 movdqu (%esi),%xmm2 2468 movdqu 16(%esi),%xmm3 2469 movdqu 32(%esi),%xmm4 2470 movdqu 48(%esi),%xmm5 2471 movdqu 64(%esi),%xmm6 2472 pxor %xmm7,%xmm7 2473 movdqa %xmm1,96(%esp) 2474 pxor %xmm0,%xmm2 2475 pxor %xmm0,%xmm3 2476 pxor %xmm0,%xmm4 2477 pxor %xmm0,%xmm5 2478 pxor %xmm0,%xmm6 2479 movups -32(%edx,%ecx,1),%xmm1 2480 pxor (%esp),%xmm2 2481 pxor 16(%esp),%xmm3 2482 pxor 32(%esp),%xmm4 2483 pxor 48(%esp),%xmm5 2484 pxor 64(%esp),%xmm6 2485 movups -16(%edx,%ecx,1),%xmm0 2486.byte 102,15,56,222,209 2487.byte 102,15,56,222,217 2488.byte 102,15,56,222,225 2489.byte 102,15,56,222,233 2490.byte 102,15,56,222,241 2491.byte 102,15,56,222,249 2492 movl 120(%esp),%edi 2493 call .L_aesni_decrypt6_enter 2494 movdqa 64(%esp),%xmm0 2495 pxor (%esp),%xmm2 2496 movdqa 96(%esp),%xmm1 2497 pxor 16(%esp),%xmm3 2498 pxor 32(%esp),%xmm4 2499 pxor 48(%esp),%xmm5 2500 pxor %xmm0,%xmm6 2501 pxor %xmm2,%xmm1 2502 movdqu %xmm2,(%edi,%esi,1) 2503 pxor %xmm3,%xmm1 2504 movdqu %xmm3,16(%edi,%esi,1) 2505 pxor %xmm4,%xmm1 2506 movdqu %xmm4,32(%edi,%esi,1) 2507 pxor %xmm5,%xmm1 2508 movdqu %xmm5,48(%edi,%esi,1) 2509 pxor %xmm6,%xmm1 2510 movdqu %xmm6,64(%edi,%esi,1) 2511 jmp .L088done 2512.align 16 2513.L089one: 2514 movdqu (%ebx),%xmm7 2515 movl 112(%esp),%edx 2516 movdqu (%esi),%xmm2 2517 movl 240(%edx),%ecx 2518 pxor %xmm0,%xmm7 2519 pxor %xmm7,%xmm2 2520 movdqa %xmm1,%xmm6 2521 movl 120(%esp),%edi 2522 movups (%edx),%xmm0 2523 movups 16(%edx),%xmm1 2524 leal 32(%edx),%edx 2525 xorps %xmm0,%xmm2 2526.L093dec1_loop_18: 2527.byte 102,15,56,222,209 2528 decl %ecx 2529 movups (%edx),%xmm1 2530 leal 16(%edx),%edx 2531 jnz .L093dec1_loop_18 2532.byte 102,15,56,223,209 2533 xorps %xmm7,%xmm2 2534 movaps %xmm6,%xmm1 2535 movdqa %xmm7,%xmm0 2536 xorps %xmm2,%xmm1 2537 movups %xmm2,(%edi,%esi,1) 2538 jmp .L088done 2539.align 16 2540.L090two: 2541 leal 1(%ebp),%ecx 2542 movl 112(%esp),%edx 2543 bsfl %ecx,%ecx 2544 shll $4,%ecx 2545 movdqu (%ebx),%xmm6 2546 movdqu (%ebx,%ecx,1),%xmm7 2547 movdqu (%esi),%xmm2 2548 movdqu 16(%esi),%xmm3 2549 movl 240(%edx),%ecx 2550 movdqa %xmm1,%xmm5 2551 pxor %xmm0,%xmm6 2552 pxor %xmm6,%xmm7 2553 pxor %xmm6,%xmm2 2554 pxor %xmm7,%xmm3 2555 movl 120(%esp),%edi 2556 call _aesni_decrypt2 2557 xorps %xmm6,%xmm2 2558 xorps %xmm7,%xmm3 2559 movdqa %xmm7,%xmm0 2560 xorps %xmm2,%xmm5 2561 movups %xmm2,(%edi,%esi,1) 2562 xorps %xmm3,%xmm5 2563 movups %xmm3,16(%edi,%esi,1) 2564 movaps %xmm5,%xmm1 2565 jmp .L088done 2566.align 16 2567.L091three: 2568 leal 1(%ebp),%ecx 2569 movl 112(%esp),%edx 2570 bsfl %ecx,%ecx 2571 shll $4,%ecx 2572 movdqu (%ebx),%xmm5 2573 movdqu (%ebx,%ecx,1),%xmm6 2574 movdqa %xmm5,%xmm7 2575 movdqu (%esi),%xmm2 2576 movdqu 16(%esi),%xmm3 2577 movdqu 32(%esi),%xmm4 2578 movl 240(%edx),%ecx 2579 movdqa %xmm1,96(%esp) 2580 pxor %xmm0,%xmm5 2581 pxor %xmm5,%xmm6 2582 pxor %xmm6,%xmm7 2583 pxor %xmm5,%xmm2 2584 pxor %xmm6,%xmm3 2585 pxor %xmm7,%xmm4 2586 movl 120(%esp),%edi 2587 call _aesni_decrypt3 2588 movdqa 96(%esp),%xmm1 2589 xorps %xmm5,%xmm2 2590 xorps %xmm6,%xmm3 2591 xorps %xmm7,%xmm4 2592 movups %xmm2,(%edi,%esi,1) 2593 pxor %xmm2,%xmm1 2594 movdqa %xmm7,%xmm0 2595 movups %xmm3,16(%edi,%esi,1) 2596 pxor %xmm3,%xmm1 2597 movups %xmm4,32(%edi,%esi,1) 2598 pxor %xmm4,%xmm1 2599 jmp .L088done 2600.align 16 2601.L092four: 2602 leal 1(%ebp),%ecx 2603 leal 3(%ebp),%eax 2604 bsfl %ecx,%ecx 2605 bsfl %eax,%eax 2606 movl 112(%esp),%edx 2607 shll $4,%ecx 2608 shll $4,%eax 2609 movdqu (%ebx),%xmm4 2610 movdqu (%ebx,%ecx,1),%xmm5 2611 movdqa %xmm4,%xmm6 2612 movdqu (%ebx,%eax,1),%xmm7 2613 pxor %xmm0,%xmm4 2614 movdqu (%esi),%xmm2 2615 pxor %xmm4,%xmm5 2616 movdqu 16(%esi),%xmm3 2617 pxor %xmm5,%xmm6 2618 movdqa %xmm4,(%esp) 2619 pxor %xmm6,%xmm7 2620 movdqa %xmm5,16(%esp) 2621 movdqu 32(%esi),%xmm4 2622 movdqu 48(%esi),%xmm5 2623 movl 240(%edx),%ecx 2624 movdqa %xmm1,96(%esp) 2625 pxor (%esp),%xmm2 2626 pxor 16(%esp),%xmm3 2627 pxor %xmm6,%xmm4 2628 pxor %xmm7,%xmm5 2629 movl 120(%esp),%edi 2630 call _aesni_decrypt4 2631 movdqa 96(%esp),%xmm1 2632 xorps (%esp),%xmm2 2633 xorps 16(%esp),%xmm3 2634 xorps %xmm6,%xmm4 2635 movups %xmm2,(%edi,%esi,1) 2636 pxor %xmm2,%xmm1 2637 xorps %xmm7,%xmm5 2638 movups %xmm3,16(%edi,%esi,1) 2639 pxor %xmm3,%xmm1 2640 movdqa %xmm7,%xmm0 2641 movups %xmm4,32(%edi,%esi,1) 2642 pxor %xmm4,%xmm1 2643 movups %xmm5,48(%edi,%esi,1) 2644 pxor %xmm5,%xmm1 2645.L088done: 2646 movl 128(%esp),%edx 2647 pxor %xmm2,%xmm2 2648 pxor %xmm3,%xmm3 2649 movdqa %xmm2,(%esp) 2650 pxor %xmm4,%xmm4 2651 movdqa %xmm2,16(%esp) 2652 pxor %xmm5,%xmm5 2653 movdqa %xmm2,32(%esp) 2654 pxor %xmm6,%xmm6 2655 movdqa %xmm2,48(%esp) 2656 pxor %xmm7,%xmm7 2657 movdqa %xmm2,64(%esp) 2658 movdqa %xmm2,80(%esp) 2659 movdqa %xmm2,96(%esp) 2660 leal (%edx),%esp 2661 movl 40(%esp),%ecx 2662 movl 48(%esp),%ebx 2663 movdqu %xmm0,(%ecx) 2664 pxor %xmm0,%xmm0 2665 movdqu %xmm1,(%ebx) 2666 pxor %xmm1,%xmm1 2667 popl %edi 2668 popl %esi 2669 popl %ebx 2670 popl %ebp 2671 ret 2672.size aesni_ocb_decrypt,.-.L_aesni_ocb_decrypt_begin 2673.globl aesni_cbc_encrypt 2674.type aesni_cbc_encrypt,@function 2675.align 16 2676aesni_cbc_encrypt: 2677.L_aesni_cbc_encrypt_begin: 2678 #ifdef __CET__ 2679 2680.byte 243,15,30,251 2681 #endif 2682 2683 pushl %ebp 2684 pushl %ebx 2685 pushl %esi 2686 pushl %edi 2687 movl 20(%esp),%esi 2688 movl %esp,%ebx 2689 movl 24(%esp),%edi 2690 subl $24,%ebx 2691 movl 28(%esp),%eax 2692 andl $-16,%ebx 2693 movl 32(%esp),%edx 2694 movl 36(%esp),%ebp 2695 testl %eax,%eax 2696 jz .L094cbc_abort 2697 cmpl $0,40(%esp) 2698 xchgl %esp,%ebx 2699 movups (%ebp),%xmm7 2700 movl 240(%edx),%ecx 2701 movl %edx,%ebp 2702 movl %ebx,16(%esp) 2703 movl %ecx,%ebx 2704 je .L095cbc_decrypt 2705 movaps %xmm7,%xmm2 2706 cmpl $16,%eax 2707 jb .L096cbc_enc_tail 2708 subl $16,%eax 2709 jmp .L097cbc_enc_loop 2710.align 16 2711.L097cbc_enc_loop: 2712 movups (%esi),%xmm7 2713 leal 16(%esi),%esi 2714 movups (%edx),%xmm0 2715 movups 16(%edx),%xmm1 2716 xorps %xmm0,%xmm7 2717 leal 32(%edx),%edx 2718 xorps %xmm7,%xmm2 2719.L098enc1_loop_19: 2720.byte 102,15,56,220,209 2721 decl %ecx 2722 movups (%edx),%xmm1 2723 leal 16(%edx),%edx 2724 jnz .L098enc1_loop_19 2725.byte 102,15,56,221,209 2726 movl %ebx,%ecx 2727 movl %ebp,%edx 2728 movups %xmm2,(%edi) 2729 leal 16(%edi),%edi 2730 subl $16,%eax 2731 jnc .L097cbc_enc_loop 2732 addl $16,%eax 2733 jnz .L096cbc_enc_tail 2734 movaps %xmm2,%xmm7 2735 pxor %xmm2,%xmm2 2736 jmp .L099cbc_ret 2737.L096cbc_enc_tail: 2738 movl %eax,%ecx 2739.long 2767451785 2740 movl $16,%ecx 2741 subl %eax,%ecx 2742 xorl %eax,%eax 2743.long 2868115081 2744 leal -16(%edi),%edi 2745 movl %ebx,%ecx 2746 movl %edi,%esi 2747 movl %ebp,%edx 2748 jmp .L097cbc_enc_loop 2749.align 16 2750.L095cbc_decrypt: 2751 cmpl $80,%eax 2752 jbe .L100cbc_dec_tail 2753 movaps %xmm7,(%esp) 2754 subl $80,%eax 2755 jmp .L101cbc_dec_loop6_enter 2756.align 16 2757.L102cbc_dec_loop6: 2758 movaps %xmm0,(%esp) 2759 movups %xmm7,(%edi) 2760 leal 16(%edi),%edi 2761.L101cbc_dec_loop6_enter: 2762 movdqu (%esi),%xmm2 2763 movdqu 16(%esi),%xmm3 2764 movdqu 32(%esi),%xmm4 2765 movdqu 48(%esi),%xmm5 2766 movdqu 64(%esi),%xmm6 2767 movdqu 80(%esi),%xmm7 2768 call _aesni_decrypt6 2769 movups (%esi),%xmm1 2770 movups 16(%esi),%xmm0 2771 xorps (%esp),%xmm2 2772 xorps %xmm1,%xmm3 2773 movups 32(%esi),%xmm1 2774 xorps %xmm0,%xmm4 2775 movups 48(%esi),%xmm0 2776 xorps %xmm1,%xmm5 2777 movups 64(%esi),%xmm1 2778 xorps %xmm0,%xmm6 2779 movups 80(%esi),%xmm0 2780 xorps %xmm1,%xmm7 2781 movups %xmm2,(%edi) 2782 movups %xmm3,16(%edi) 2783 leal 96(%esi),%esi 2784 movups %xmm4,32(%edi) 2785 movl %ebx,%ecx 2786 movups %xmm5,48(%edi) 2787 movl %ebp,%edx 2788 movups %xmm6,64(%edi) 2789 leal 80(%edi),%edi 2790 subl $96,%eax 2791 ja .L102cbc_dec_loop6 2792 movaps %xmm7,%xmm2 2793 movaps %xmm0,%xmm7 2794 addl $80,%eax 2795 jle .L103cbc_dec_clear_tail_collected 2796 movups %xmm2,(%edi) 2797 leal 16(%edi),%edi 2798.L100cbc_dec_tail: 2799 movups (%esi),%xmm2 2800 movaps %xmm2,%xmm6 2801 cmpl $16,%eax 2802 jbe .L104cbc_dec_one 2803 movups 16(%esi),%xmm3 2804 movaps %xmm3,%xmm5 2805 cmpl $32,%eax 2806 jbe .L105cbc_dec_two 2807 movups 32(%esi),%xmm4 2808 cmpl $48,%eax 2809 jbe .L106cbc_dec_three 2810 movups 48(%esi),%xmm5 2811 cmpl $64,%eax 2812 jbe .L107cbc_dec_four 2813 movups 64(%esi),%xmm6 2814 movaps %xmm7,(%esp) 2815 movups (%esi),%xmm2 2816 xorps %xmm7,%xmm7 2817 call _aesni_decrypt6 2818 movups (%esi),%xmm1 2819 movups 16(%esi),%xmm0 2820 xorps (%esp),%xmm2 2821 xorps %xmm1,%xmm3 2822 movups 32(%esi),%xmm1 2823 xorps %xmm0,%xmm4 2824 movups 48(%esi),%xmm0 2825 xorps %xmm1,%xmm5 2826 movups 64(%esi),%xmm7 2827 xorps %xmm0,%xmm6 2828 movups %xmm2,(%edi) 2829 movups %xmm3,16(%edi) 2830 pxor %xmm3,%xmm3 2831 movups %xmm4,32(%edi) 2832 pxor %xmm4,%xmm4 2833 movups %xmm5,48(%edi) 2834 pxor %xmm5,%xmm5 2835 leal 64(%edi),%edi 2836 movaps %xmm6,%xmm2 2837 pxor %xmm6,%xmm6 2838 subl $80,%eax 2839 jmp .L108cbc_dec_tail_collected 2840.align 16 2841.L104cbc_dec_one: 2842 movups (%edx),%xmm0 2843 movups 16(%edx),%xmm1 2844 leal 32(%edx),%edx 2845 xorps %xmm0,%xmm2 2846.L109dec1_loop_20: 2847.byte 102,15,56,222,209 2848 decl %ecx 2849 movups (%edx),%xmm1 2850 leal 16(%edx),%edx 2851 jnz .L109dec1_loop_20 2852.byte 102,15,56,223,209 2853 xorps %xmm7,%xmm2 2854 movaps %xmm6,%xmm7 2855 subl $16,%eax 2856 jmp .L108cbc_dec_tail_collected 2857.align 16 2858.L105cbc_dec_two: 2859 call _aesni_decrypt2 2860 xorps %xmm7,%xmm2 2861 xorps %xmm6,%xmm3 2862 movups %xmm2,(%edi) 2863 movaps %xmm3,%xmm2 2864 pxor %xmm3,%xmm3 2865 leal 16(%edi),%edi 2866 movaps %xmm5,%xmm7 2867 subl $32,%eax 2868 jmp .L108cbc_dec_tail_collected 2869.align 16 2870.L106cbc_dec_three: 2871 call _aesni_decrypt3 2872 xorps %xmm7,%xmm2 2873 xorps %xmm6,%xmm3 2874 xorps %xmm5,%xmm4 2875 movups %xmm2,(%edi) 2876 movaps %xmm4,%xmm2 2877 pxor %xmm4,%xmm4 2878 movups %xmm3,16(%edi) 2879 pxor %xmm3,%xmm3 2880 leal 32(%edi),%edi 2881 movups 32(%esi),%xmm7 2882 subl $48,%eax 2883 jmp .L108cbc_dec_tail_collected 2884.align 16 2885.L107cbc_dec_four: 2886 call _aesni_decrypt4 2887 movups 16(%esi),%xmm1 2888 movups 32(%esi),%xmm0 2889 xorps %xmm7,%xmm2 2890 movups 48(%esi),%xmm7 2891 xorps %xmm6,%xmm3 2892 movups %xmm2,(%edi) 2893 xorps %xmm1,%xmm4 2894 movups %xmm3,16(%edi) 2895 pxor %xmm3,%xmm3 2896 xorps %xmm0,%xmm5 2897 movups %xmm4,32(%edi) 2898 pxor %xmm4,%xmm4 2899 leal 48(%edi),%edi 2900 movaps %xmm5,%xmm2 2901 pxor %xmm5,%xmm5 2902 subl $64,%eax 2903 jmp .L108cbc_dec_tail_collected 2904.align 16 2905.L103cbc_dec_clear_tail_collected: 2906 pxor %xmm3,%xmm3 2907 pxor %xmm4,%xmm4 2908 pxor %xmm5,%xmm5 2909 pxor %xmm6,%xmm6 2910.L108cbc_dec_tail_collected: 2911 andl $15,%eax 2912 jnz .L110cbc_dec_tail_partial 2913 movups %xmm2,(%edi) 2914 pxor %xmm0,%xmm0 2915 jmp .L099cbc_ret 2916.align 16 2917.L110cbc_dec_tail_partial: 2918 movaps %xmm2,(%esp) 2919 pxor %xmm0,%xmm0 2920 movl $16,%ecx 2921 movl %esp,%esi 2922 subl %eax,%ecx 2923.long 2767451785 2924 movdqa %xmm2,(%esp) 2925.L099cbc_ret: 2926 movl 16(%esp),%esp 2927 movl 36(%esp),%ebp 2928 pxor %xmm2,%xmm2 2929 pxor %xmm1,%xmm1 2930 movups %xmm7,(%ebp) 2931 pxor %xmm7,%xmm7 2932.L094cbc_abort: 2933 popl %edi 2934 popl %esi 2935 popl %ebx 2936 popl %ebp 2937 ret 2938.size aesni_cbc_encrypt,.-.L_aesni_cbc_encrypt_begin 2939.type _aesni_set_encrypt_key,@function 2940.align 16 2941_aesni_set_encrypt_key: 2942 #ifdef __CET__ 2943 2944.byte 243,15,30,251 2945 #endif 2946 2947 pushl %ebp 2948 pushl %ebx 2949 testl %eax,%eax 2950 jz .L111bad_pointer 2951 testl %edx,%edx 2952 jz .L111bad_pointer 2953 call .L112pic 2954.L112pic: 2955 popl %ebx 2956 leal .Lkey_const-.L112pic(%ebx),%ebx 2957 leal OPENSSL_ia32cap_P-.Lkey_const(%ebx),%ebp 2958 movups (%eax),%xmm0 2959 xorps %xmm4,%xmm4 2960 movl 4(%ebp),%ebp 2961 leal 16(%edx),%edx 2962 andl $268437504,%ebp 2963 cmpl $256,%ecx 2964 je .L11314rounds 2965 cmpl $192,%ecx 2966 je .L11412rounds 2967 cmpl $128,%ecx 2968 jne .L115bad_keybits 2969.align 16 2970.L11610rounds: 2971 cmpl $268435456,%ebp 2972 je .L11710rounds_alt 2973 movl $9,%ecx 2974 movups %xmm0,-16(%edx) 2975.byte 102,15,58,223,200,1 2976 call .L118key_128_cold 2977.byte 102,15,58,223,200,2 2978 call .L119key_128 2979.byte 102,15,58,223,200,4 2980 call .L119key_128 2981.byte 102,15,58,223,200,8 2982 call .L119key_128 2983.byte 102,15,58,223,200,16 2984 call .L119key_128 2985.byte 102,15,58,223,200,32 2986 call .L119key_128 2987.byte 102,15,58,223,200,64 2988 call .L119key_128 2989.byte 102,15,58,223,200,128 2990 call .L119key_128 2991.byte 102,15,58,223,200,27 2992 call .L119key_128 2993.byte 102,15,58,223,200,54 2994 call .L119key_128 2995 movups %xmm0,(%edx) 2996 movl %ecx,80(%edx) 2997 jmp .L120good_key 2998.align 16 2999.L119key_128: 3000 movups %xmm0,(%edx) 3001 leal 16(%edx),%edx 3002.L118key_128_cold: 3003 shufps $16,%xmm0,%xmm4 3004 xorps %xmm4,%xmm0 3005 shufps $140,%xmm0,%xmm4 3006 xorps %xmm4,%xmm0 3007 shufps $255,%xmm1,%xmm1 3008 xorps %xmm1,%xmm0 3009 ret 3010.align 16 3011.L11710rounds_alt: 3012 movdqa (%ebx),%xmm5 3013 movl $8,%ecx 3014 movdqa 32(%ebx),%xmm4 3015 movdqa %xmm0,%xmm2 3016 movdqu %xmm0,-16(%edx) 3017.L121loop_key128: 3018.byte 102,15,56,0,197 3019.byte 102,15,56,221,196 3020 pslld $1,%xmm4 3021 leal 16(%edx),%edx 3022 movdqa %xmm2,%xmm3 3023 pslldq $4,%xmm2 3024 pxor %xmm2,%xmm3 3025 pslldq $4,%xmm2 3026 pxor %xmm2,%xmm3 3027 pslldq $4,%xmm2 3028 pxor %xmm3,%xmm2 3029 pxor %xmm2,%xmm0 3030 movdqu %xmm0,-16(%edx) 3031 movdqa %xmm0,%xmm2 3032 decl %ecx 3033 jnz .L121loop_key128 3034 movdqa 48(%ebx),%xmm4 3035.byte 102,15,56,0,197 3036.byte 102,15,56,221,196 3037 pslld $1,%xmm4 3038 movdqa %xmm2,%xmm3 3039 pslldq $4,%xmm2 3040 pxor %xmm2,%xmm3 3041 pslldq $4,%xmm2 3042 pxor %xmm2,%xmm3 3043 pslldq $4,%xmm2 3044 pxor %xmm3,%xmm2 3045 pxor %xmm2,%xmm0 3046 movdqu %xmm0,(%edx) 3047 movdqa %xmm0,%xmm2 3048.byte 102,15,56,0,197 3049.byte 102,15,56,221,196 3050 movdqa %xmm2,%xmm3 3051 pslldq $4,%xmm2 3052 pxor %xmm2,%xmm3 3053 pslldq $4,%xmm2 3054 pxor %xmm2,%xmm3 3055 pslldq $4,%xmm2 3056 pxor %xmm3,%xmm2 3057 pxor %xmm2,%xmm0 3058 movdqu %xmm0,16(%edx) 3059 movl $9,%ecx 3060 movl %ecx,96(%edx) 3061 jmp .L120good_key 3062.align 16 3063.L11412rounds: 3064 movq 16(%eax),%xmm2 3065 cmpl $268435456,%ebp 3066 je .L12212rounds_alt 3067 movl $11,%ecx 3068 movups %xmm0,-16(%edx) 3069.byte 102,15,58,223,202,1 3070 call .L123key_192a_cold 3071.byte 102,15,58,223,202,2 3072 call .L124key_192b 3073.byte 102,15,58,223,202,4 3074 call .L125key_192a 3075.byte 102,15,58,223,202,8 3076 call .L124key_192b 3077.byte 102,15,58,223,202,16 3078 call .L125key_192a 3079.byte 102,15,58,223,202,32 3080 call .L124key_192b 3081.byte 102,15,58,223,202,64 3082 call .L125key_192a 3083.byte 102,15,58,223,202,128 3084 call .L124key_192b 3085 movups %xmm0,(%edx) 3086 movl %ecx,48(%edx) 3087 jmp .L120good_key 3088.align 16 3089.L125key_192a: 3090 movups %xmm0,(%edx) 3091 leal 16(%edx),%edx 3092.align 16 3093.L123key_192a_cold: 3094 movaps %xmm2,%xmm5 3095.L126key_192b_warm: 3096 shufps $16,%xmm0,%xmm4 3097 movdqa %xmm2,%xmm3 3098 xorps %xmm4,%xmm0 3099 shufps $140,%xmm0,%xmm4 3100 pslldq $4,%xmm3 3101 xorps %xmm4,%xmm0 3102 pshufd $85,%xmm1,%xmm1 3103 pxor %xmm3,%xmm2 3104 pxor %xmm1,%xmm0 3105 pshufd $255,%xmm0,%xmm3 3106 pxor %xmm3,%xmm2 3107 ret 3108.align 16 3109.L124key_192b: 3110 movaps %xmm0,%xmm3 3111 shufps $68,%xmm0,%xmm5 3112 movups %xmm5,(%edx) 3113 shufps $78,%xmm2,%xmm3 3114 movups %xmm3,16(%edx) 3115 leal 32(%edx),%edx 3116 jmp .L126key_192b_warm 3117.align 16 3118.L12212rounds_alt: 3119 movdqa 16(%ebx),%xmm5 3120 movdqa 32(%ebx),%xmm4 3121 movl $8,%ecx 3122 movdqu %xmm0,-16(%edx) 3123.L127loop_key192: 3124 movq %xmm2,(%edx) 3125 movdqa %xmm2,%xmm1 3126.byte 102,15,56,0,213 3127.byte 102,15,56,221,212 3128 pslld $1,%xmm4 3129 leal 24(%edx),%edx 3130 movdqa %xmm0,%xmm3 3131 pslldq $4,%xmm0 3132 pxor %xmm0,%xmm3 3133 pslldq $4,%xmm0 3134 pxor %xmm0,%xmm3 3135 pslldq $4,%xmm0 3136 pxor %xmm3,%xmm0 3137 pshufd $255,%xmm0,%xmm3 3138 pxor %xmm1,%xmm3 3139 pslldq $4,%xmm1 3140 pxor %xmm1,%xmm3 3141 pxor %xmm2,%xmm0 3142 pxor %xmm3,%xmm2 3143 movdqu %xmm0,-16(%edx) 3144 decl %ecx 3145 jnz .L127loop_key192 3146 movl $11,%ecx 3147 movl %ecx,32(%edx) 3148 jmp .L120good_key 3149.align 16 3150.L11314rounds: 3151 movups 16(%eax),%xmm2 3152 leal 16(%edx),%edx 3153 cmpl $268435456,%ebp 3154 je .L12814rounds_alt 3155 movl $13,%ecx 3156 movups %xmm0,-32(%edx) 3157 movups %xmm2,-16(%edx) 3158.byte 102,15,58,223,202,1 3159 call .L129key_256a_cold 3160.byte 102,15,58,223,200,1 3161 call .L130key_256b 3162.byte 102,15,58,223,202,2 3163 call .L131key_256a 3164.byte 102,15,58,223,200,2 3165 call .L130key_256b 3166.byte 102,15,58,223,202,4 3167 call .L131key_256a 3168.byte 102,15,58,223,200,4 3169 call .L130key_256b 3170.byte 102,15,58,223,202,8 3171 call .L131key_256a 3172.byte 102,15,58,223,200,8 3173 call .L130key_256b 3174.byte 102,15,58,223,202,16 3175 call .L131key_256a 3176.byte 102,15,58,223,200,16 3177 call .L130key_256b 3178.byte 102,15,58,223,202,32 3179 call .L131key_256a 3180.byte 102,15,58,223,200,32 3181 call .L130key_256b 3182.byte 102,15,58,223,202,64 3183 call .L131key_256a 3184 movups %xmm0,(%edx) 3185 movl %ecx,16(%edx) 3186 xorl %eax,%eax 3187 jmp .L120good_key 3188.align 16 3189.L131key_256a: 3190 movups %xmm2,(%edx) 3191 leal 16(%edx),%edx 3192.L129key_256a_cold: 3193 shufps $16,%xmm0,%xmm4 3194 xorps %xmm4,%xmm0 3195 shufps $140,%xmm0,%xmm4 3196 xorps %xmm4,%xmm0 3197 shufps $255,%xmm1,%xmm1 3198 xorps %xmm1,%xmm0 3199 ret 3200.align 16 3201.L130key_256b: 3202 movups %xmm0,(%edx) 3203 leal 16(%edx),%edx 3204 shufps $16,%xmm2,%xmm4 3205 xorps %xmm4,%xmm2 3206 shufps $140,%xmm2,%xmm4 3207 xorps %xmm4,%xmm2 3208 shufps $170,%xmm1,%xmm1 3209 xorps %xmm1,%xmm2 3210 ret 3211.align 16 3212.L12814rounds_alt: 3213 movdqa (%ebx),%xmm5 3214 movdqa 32(%ebx),%xmm4 3215 movl $7,%ecx 3216 movdqu %xmm0,-32(%edx) 3217 movdqa %xmm2,%xmm1 3218 movdqu %xmm2,-16(%edx) 3219.L132loop_key256: 3220.byte 102,15,56,0,213 3221.byte 102,15,56,221,212 3222 movdqa %xmm0,%xmm3 3223 pslldq $4,%xmm0 3224 pxor %xmm0,%xmm3 3225 pslldq $4,%xmm0 3226 pxor %xmm0,%xmm3 3227 pslldq $4,%xmm0 3228 pxor %xmm3,%xmm0 3229 pslld $1,%xmm4 3230 pxor %xmm2,%xmm0 3231 movdqu %xmm0,(%edx) 3232 decl %ecx 3233 jz .L133done_key256 3234 pshufd $255,%xmm0,%xmm2 3235 pxor %xmm3,%xmm3 3236.byte 102,15,56,221,211 3237 movdqa %xmm1,%xmm3 3238 pslldq $4,%xmm1 3239 pxor %xmm1,%xmm3 3240 pslldq $4,%xmm1 3241 pxor %xmm1,%xmm3 3242 pslldq $4,%xmm1 3243 pxor %xmm3,%xmm1 3244 pxor %xmm1,%xmm2 3245 movdqu %xmm2,16(%edx) 3246 leal 32(%edx),%edx 3247 movdqa %xmm2,%xmm1 3248 jmp .L132loop_key256 3249.L133done_key256: 3250 movl $13,%ecx 3251 movl %ecx,16(%edx) 3252.L120good_key: 3253 pxor %xmm0,%xmm0 3254 pxor %xmm1,%xmm1 3255 pxor %xmm2,%xmm2 3256 pxor %xmm3,%xmm3 3257 pxor %xmm4,%xmm4 3258 pxor %xmm5,%xmm5 3259 xorl %eax,%eax 3260 popl %ebx 3261 popl %ebp 3262 ret 3263.align 4 3264.L111bad_pointer: 3265 movl $-1,%eax 3266 popl %ebx 3267 popl %ebp 3268 ret 3269.align 4 3270.L115bad_keybits: 3271 pxor %xmm0,%xmm0 3272 movl $-2,%eax 3273 popl %ebx 3274 popl %ebp 3275 ret 3276.size _aesni_set_encrypt_key,.-_aesni_set_encrypt_key 3277.globl aesni_set_encrypt_key 3278.type aesni_set_encrypt_key,@function 3279.align 16 3280aesni_set_encrypt_key: 3281.L_aesni_set_encrypt_key_begin: 3282 #ifdef __CET__ 3283 3284.byte 243,15,30,251 3285 #endif 3286 3287 movl 4(%esp),%eax 3288 movl 8(%esp),%ecx 3289 movl 12(%esp),%edx 3290 call _aesni_set_encrypt_key 3291 ret 3292.size aesni_set_encrypt_key,.-.L_aesni_set_encrypt_key_begin 3293.globl aesni_set_decrypt_key 3294.type aesni_set_decrypt_key,@function 3295.align 16 3296aesni_set_decrypt_key: 3297.L_aesni_set_decrypt_key_begin: 3298 #ifdef __CET__ 3299 3300.byte 243,15,30,251 3301 #endif 3302 3303 movl 4(%esp),%eax 3304 movl 8(%esp),%ecx 3305 movl 12(%esp),%edx 3306 call _aesni_set_encrypt_key 3307 movl 12(%esp),%edx 3308 shll $4,%ecx 3309 testl %eax,%eax 3310 jnz .L134dec_key_ret 3311 leal 16(%edx,%ecx,1),%eax 3312 movups (%edx),%xmm0 3313 movups (%eax),%xmm1 3314 movups %xmm0,(%eax) 3315 movups %xmm1,(%edx) 3316 leal 16(%edx),%edx 3317 leal -16(%eax),%eax 3318.L135dec_key_inverse: 3319 movups (%edx),%xmm0 3320 movups (%eax),%xmm1 3321.byte 102,15,56,219,192 3322.byte 102,15,56,219,201 3323 leal 16(%edx),%edx 3324 leal -16(%eax),%eax 3325 movups %xmm0,16(%eax) 3326 movups %xmm1,-16(%edx) 3327 cmpl %edx,%eax 3328 ja .L135dec_key_inverse 3329 movups (%edx),%xmm0 3330.byte 102,15,56,219,192 3331 movups %xmm0,(%edx) 3332 pxor %xmm0,%xmm0 3333 pxor %xmm1,%xmm1 3334 xorl %eax,%eax 3335.L134dec_key_ret: 3336 ret 3337.size aesni_set_decrypt_key,.-.L_aesni_set_decrypt_key_begin 3338.align 64 3339.Lkey_const: 3340.long 202313229,202313229,202313229,202313229 3341.long 67569157,67569157,67569157,67569157 3342.long 1,1,1,1 3343.long 27,27,27,27 3344.byte 65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69 3345.byte 83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83 3346.byte 32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115 3347.byte 115,108,46,111,114,103,62,0 3348.comm OPENSSL_ia32cap_P,16,4 3349 3350 .section ".note.gnu.property", "a" 3351 .p2align 2 3352 .long 1f - 0f 3353 .long 4f - 1f 3354 .long 5 33550: 3356 .asciz "GNU" 33571: 3358 .p2align 2 3359 .long 0xc0000002 3360 .long 3f - 2f 33612: 3362 .long 3 33633: 3364 .p2align 2 33654: 3366