aesni-x86.S revision 1.8
1#include <machine/asm.h> 2.text 3.globl aesni_encrypt 4.type aesni_encrypt,@function 5.align 16 6aesni_encrypt: 7.L_aesni_encrypt_begin: 8 movl 4(%esp),%eax 9 movl 12(%esp),%edx 10 movups (%eax),%xmm2 11 movl 240(%edx),%ecx 12 movl 8(%esp),%eax 13 movups (%edx),%xmm0 14 movups 16(%edx),%xmm1 15 leal 32(%edx),%edx 16 xorps %xmm0,%xmm2 17.L000enc1_loop_1: 18.byte 102,15,56,220,209 19 decl %ecx 20 movups (%edx),%xmm1 21 leal 16(%edx),%edx 22 jnz .L000enc1_loop_1 23.byte 102,15,56,221,209 24 pxor %xmm0,%xmm0 25 pxor %xmm1,%xmm1 26 movups %xmm2,(%eax) 27 pxor %xmm2,%xmm2 28 ret 29.size aesni_encrypt,.-.L_aesni_encrypt_begin 30.globl aesni_decrypt 31.type aesni_decrypt,@function 32.align 16 33aesni_decrypt: 34.L_aesni_decrypt_begin: 35 movl 4(%esp),%eax 36 movl 12(%esp),%edx 37 movups (%eax),%xmm2 38 movl 240(%edx),%ecx 39 movl 8(%esp),%eax 40 movups (%edx),%xmm0 41 movups 16(%edx),%xmm1 42 leal 32(%edx),%edx 43 xorps %xmm0,%xmm2 44.L001dec1_loop_2: 45.byte 102,15,56,222,209 46 decl %ecx 47 movups (%edx),%xmm1 48 leal 16(%edx),%edx 49 jnz .L001dec1_loop_2 50.byte 102,15,56,223,209 51 pxor %xmm0,%xmm0 52 pxor %xmm1,%xmm1 53 movups %xmm2,(%eax) 54 pxor %xmm2,%xmm2 55 ret 56.size aesni_decrypt,.-.L_aesni_decrypt_begin 57.type _aesni_encrypt2,@function 58.align 16 59_aesni_encrypt2: 60 movups (%edx),%xmm0 61 shll $4,%ecx 62 movups 16(%edx),%xmm1 63 xorps %xmm0,%xmm2 64 pxor %xmm0,%xmm3 65 movups 32(%edx),%xmm0 66 leal 32(%edx,%ecx,1),%edx 67 negl %ecx 68 addl $16,%ecx 69.L002enc2_loop: 70.byte 102,15,56,220,209 71.byte 102,15,56,220,217 72 movups (%edx,%ecx,1),%xmm1 73 addl $32,%ecx 74.byte 102,15,56,220,208 75.byte 102,15,56,220,216 76 movups -16(%edx,%ecx,1),%xmm0 77 jnz .L002enc2_loop 78.byte 102,15,56,220,209 79.byte 102,15,56,220,217 80.byte 102,15,56,221,208 81.byte 102,15,56,221,216 82 ret 83.size _aesni_encrypt2,.-_aesni_encrypt2 84.type _aesni_decrypt2,@function 85.align 16 86_aesni_decrypt2: 87 movups (%edx),%xmm0 88 shll $4,%ecx 89 movups 16(%edx),%xmm1 90 xorps %xmm0,%xmm2 91 pxor %xmm0,%xmm3 92 movups 32(%edx),%xmm0 93 leal 32(%edx,%ecx,1),%edx 94 negl %ecx 95 addl $16,%ecx 96.L003dec2_loop: 97.byte 102,15,56,222,209 98.byte 102,15,56,222,217 99 movups (%edx,%ecx,1),%xmm1 100 addl $32,%ecx 101.byte 102,15,56,222,208 102.byte 102,15,56,222,216 103 movups -16(%edx,%ecx,1),%xmm0 104 jnz .L003dec2_loop 105.byte 102,15,56,222,209 106.byte 102,15,56,222,217 107.byte 102,15,56,223,208 108.byte 102,15,56,223,216 109 ret 110.size _aesni_decrypt2,.-_aesni_decrypt2 111.type _aesni_encrypt3,@function 112.align 16 113_aesni_encrypt3: 114 movups (%edx),%xmm0 115 shll $4,%ecx 116 movups 16(%edx),%xmm1 117 xorps %xmm0,%xmm2 118 pxor %xmm0,%xmm3 119 pxor %xmm0,%xmm4 120 movups 32(%edx),%xmm0 121 leal 32(%edx,%ecx,1),%edx 122 negl %ecx 123 addl $16,%ecx 124.L004enc3_loop: 125.byte 102,15,56,220,209 126.byte 102,15,56,220,217 127.byte 102,15,56,220,225 128 movups (%edx,%ecx,1),%xmm1 129 addl $32,%ecx 130.byte 102,15,56,220,208 131.byte 102,15,56,220,216 132.byte 102,15,56,220,224 133 movups -16(%edx,%ecx,1),%xmm0 134 jnz .L004enc3_loop 135.byte 102,15,56,220,209 136.byte 102,15,56,220,217 137.byte 102,15,56,220,225 138.byte 102,15,56,221,208 139.byte 102,15,56,221,216 140.byte 102,15,56,221,224 141 ret 142.size _aesni_encrypt3,.-_aesni_encrypt3 143.type _aesni_decrypt3,@function 144.align 16 145_aesni_decrypt3: 146 movups (%edx),%xmm0 147 shll $4,%ecx 148 movups 16(%edx),%xmm1 149 xorps %xmm0,%xmm2 150 pxor %xmm0,%xmm3 151 pxor %xmm0,%xmm4 152 movups 32(%edx),%xmm0 153 leal 32(%edx,%ecx,1),%edx 154 negl %ecx 155 addl $16,%ecx 156.L005dec3_loop: 157.byte 102,15,56,222,209 158.byte 102,15,56,222,217 159.byte 102,15,56,222,225 160 movups (%edx,%ecx,1),%xmm1 161 addl $32,%ecx 162.byte 102,15,56,222,208 163.byte 102,15,56,222,216 164.byte 102,15,56,222,224 165 movups -16(%edx,%ecx,1),%xmm0 166 jnz .L005dec3_loop 167.byte 102,15,56,222,209 168.byte 102,15,56,222,217 169.byte 102,15,56,222,225 170.byte 102,15,56,223,208 171.byte 102,15,56,223,216 172.byte 102,15,56,223,224 173 ret 174.size _aesni_decrypt3,.-_aesni_decrypt3 175.type _aesni_encrypt4,@function 176.align 16 177_aesni_encrypt4: 178 movups (%edx),%xmm0 179 movups 16(%edx),%xmm1 180 shll $4,%ecx 181 xorps %xmm0,%xmm2 182 pxor %xmm0,%xmm3 183 pxor %xmm0,%xmm4 184 pxor %xmm0,%xmm5 185 movups 32(%edx),%xmm0 186 leal 32(%edx,%ecx,1),%edx 187 negl %ecx 188.byte 15,31,64,0 189 addl $16,%ecx 190.L006enc4_loop: 191.byte 102,15,56,220,209 192.byte 102,15,56,220,217 193.byte 102,15,56,220,225 194.byte 102,15,56,220,233 195 movups (%edx,%ecx,1),%xmm1 196 addl $32,%ecx 197.byte 102,15,56,220,208 198.byte 102,15,56,220,216 199.byte 102,15,56,220,224 200.byte 102,15,56,220,232 201 movups -16(%edx,%ecx,1),%xmm0 202 jnz .L006enc4_loop 203.byte 102,15,56,220,209 204.byte 102,15,56,220,217 205.byte 102,15,56,220,225 206.byte 102,15,56,220,233 207.byte 102,15,56,221,208 208.byte 102,15,56,221,216 209.byte 102,15,56,221,224 210.byte 102,15,56,221,232 211 ret 212.size _aesni_encrypt4,.-_aesni_encrypt4 213.type _aesni_decrypt4,@function 214.align 16 215_aesni_decrypt4: 216 movups (%edx),%xmm0 217 movups 16(%edx),%xmm1 218 shll $4,%ecx 219 xorps %xmm0,%xmm2 220 pxor %xmm0,%xmm3 221 pxor %xmm0,%xmm4 222 pxor %xmm0,%xmm5 223 movups 32(%edx),%xmm0 224 leal 32(%edx,%ecx,1),%edx 225 negl %ecx 226.byte 15,31,64,0 227 addl $16,%ecx 228.L007dec4_loop: 229.byte 102,15,56,222,209 230.byte 102,15,56,222,217 231.byte 102,15,56,222,225 232.byte 102,15,56,222,233 233 movups (%edx,%ecx,1),%xmm1 234 addl $32,%ecx 235.byte 102,15,56,222,208 236.byte 102,15,56,222,216 237.byte 102,15,56,222,224 238.byte 102,15,56,222,232 239 movups -16(%edx,%ecx,1),%xmm0 240 jnz .L007dec4_loop 241.byte 102,15,56,222,209 242.byte 102,15,56,222,217 243.byte 102,15,56,222,225 244.byte 102,15,56,222,233 245.byte 102,15,56,223,208 246.byte 102,15,56,223,216 247.byte 102,15,56,223,224 248.byte 102,15,56,223,232 249 ret 250.size _aesni_decrypt4,.-_aesni_decrypt4 251.type _aesni_encrypt6,@function 252.align 16 253_aesni_encrypt6: 254 movups (%edx),%xmm0 255 shll $4,%ecx 256 movups 16(%edx),%xmm1 257 xorps %xmm0,%xmm2 258 pxor %xmm0,%xmm3 259 pxor %xmm0,%xmm4 260.byte 102,15,56,220,209 261 pxor %xmm0,%xmm5 262 pxor %xmm0,%xmm6 263.byte 102,15,56,220,217 264 leal 32(%edx,%ecx,1),%edx 265 negl %ecx 266.byte 102,15,56,220,225 267 pxor %xmm0,%xmm7 268 movups (%edx,%ecx,1),%xmm0 269 addl $16,%ecx 270 jmp .L008_aesni_encrypt6_inner 271.align 16 272.L009enc6_loop: 273.byte 102,15,56,220,209 274.byte 102,15,56,220,217 275.byte 102,15,56,220,225 276.L008_aesni_encrypt6_inner: 277.byte 102,15,56,220,233 278.byte 102,15,56,220,241 279.byte 102,15,56,220,249 280.L_aesni_encrypt6_enter: 281 movups (%edx,%ecx,1),%xmm1 282 addl $32,%ecx 283.byte 102,15,56,220,208 284.byte 102,15,56,220,216 285.byte 102,15,56,220,224 286.byte 102,15,56,220,232 287.byte 102,15,56,220,240 288.byte 102,15,56,220,248 289 movups -16(%edx,%ecx,1),%xmm0 290 jnz .L009enc6_loop 291.byte 102,15,56,220,209 292.byte 102,15,56,220,217 293.byte 102,15,56,220,225 294.byte 102,15,56,220,233 295.byte 102,15,56,220,241 296.byte 102,15,56,220,249 297.byte 102,15,56,221,208 298.byte 102,15,56,221,216 299.byte 102,15,56,221,224 300.byte 102,15,56,221,232 301.byte 102,15,56,221,240 302.byte 102,15,56,221,248 303 ret 304.size _aesni_encrypt6,.-_aesni_encrypt6 305.type _aesni_decrypt6,@function 306.align 16 307_aesni_decrypt6: 308 movups (%edx),%xmm0 309 shll $4,%ecx 310 movups 16(%edx),%xmm1 311 xorps %xmm0,%xmm2 312 pxor %xmm0,%xmm3 313 pxor %xmm0,%xmm4 314.byte 102,15,56,222,209 315 pxor %xmm0,%xmm5 316 pxor %xmm0,%xmm6 317.byte 102,15,56,222,217 318 leal 32(%edx,%ecx,1),%edx 319 negl %ecx 320.byte 102,15,56,222,225 321 pxor %xmm0,%xmm7 322 movups (%edx,%ecx,1),%xmm0 323 addl $16,%ecx 324 jmp .L010_aesni_decrypt6_inner 325.align 16 326.L011dec6_loop: 327.byte 102,15,56,222,209 328.byte 102,15,56,222,217 329.byte 102,15,56,222,225 330.L010_aesni_decrypt6_inner: 331.byte 102,15,56,222,233 332.byte 102,15,56,222,241 333.byte 102,15,56,222,249 334.L_aesni_decrypt6_enter: 335 movups (%edx,%ecx,1),%xmm1 336 addl $32,%ecx 337.byte 102,15,56,222,208 338.byte 102,15,56,222,216 339.byte 102,15,56,222,224 340.byte 102,15,56,222,232 341.byte 102,15,56,222,240 342.byte 102,15,56,222,248 343 movups -16(%edx,%ecx,1),%xmm0 344 jnz .L011dec6_loop 345.byte 102,15,56,222,209 346.byte 102,15,56,222,217 347.byte 102,15,56,222,225 348.byte 102,15,56,222,233 349.byte 102,15,56,222,241 350.byte 102,15,56,222,249 351.byte 102,15,56,223,208 352.byte 102,15,56,223,216 353.byte 102,15,56,223,224 354.byte 102,15,56,223,232 355.byte 102,15,56,223,240 356.byte 102,15,56,223,248 357 ret 358.size _aesni_decrypt6,.-_aesni_decrypt6 359.globl aesni_ecb_encrypt 360.type aesni_ecb_encrypt,@function 361.align 16 362aesni_ecb_encrypt: 363.L_aesni_ecb_encrypt_begin: 364 pushl %ebp 365 pushl %ebx 366 pushl %esi 367 pushl %edi 368 movl 20(%esp),%esi 369 movl 24(%esp),%edi 370 movl 28(%esp),%eax 371 movl 32(%esp),%edx 372 movl 36(%esp),%ebx 373 andl $-16,%eax 374 jz .L012ecb_ret 375 movl 240(%edx),%ecx 376 testl %ebx,%ebx 377 jz .L013ecb_decrypt 378 movl %edx,%ebp 379 movl %ecx,%ebx 380 cmpl $96,%eax 381 jb .L014ecb_enc_tail 382 movdqu (%esi),%xmm2 383 movdqu 16(%esi),%xmm3 384 movdqu 32(%esi),%xmm4 385 movdqu 48(%esi),%xmm5 386 movdqu 64(%esi),%xmm6 387 movdqu 80(%esi),%xmm7 388 leal 96(%esi),%esi 389 subl $96,%eax 390 jmp .L015ecb_enc_loop6_enter 391.align 16 392.L016ecb_enc_loop6: 393 movups %xmm2,(%edi) 394 movdqu (%esi),%xmm2 395 movups %xmm3,16(%edi) 396 movdqu 16(%esi),%xmm3 397 movups %xmm4,32(%edi) 398 movdqu 32(%esi),%xmm4 399 movups %xmm5,48(%edi) 400 movdqu 48(%esi),%xmm5 401 movups %xmm6,64(%edi) 402 movdqu 64(%esi),%xmm6 403 movups %xmm7,80(%edi) 404 leal 96(%edi),%edi 405 movdqu 80(%esi),%xmm7 406 leal 96(%esi),%esi 407.L015ecb_enc_loop6_enter: 408 call _aesni_encrypt6 409 movl %ebp,%edx 410 movl %ebx,%ecx 411 subl $96,%eax 412 jnc .L016ecb_enc_loop6 413 movups %xmm2,(%edi) 414 movups %xmm3,16(%edi) 415 movups %xmm4,32(%edi) 416 movups %xmm5,48(%edi) 417 movups %xmm6,64(%edi) 418 movups %xmm7,80(%edi) 419 leal 96(%edi),%edi 420 addl $96,%eax 421 jz .L012ecb_ret 422.L014ecb_enc_tail: 423 movups (%esi),%xmm2 424 cmpl $32,%eax 425 jb .L017ecb_enc_one 426 movups 16(%esi),%xmm3 427 je .L018ecb_enc_two 428 movups 32(%esi),%xmm4 429 cmpl $64,%eax 430 jb .L019ecb_enc_three 431 movups 48(%esi),%xmm5 432 je .L020ecb_enc_four 433 movups 64(%esi),%xmm6 434 xorps %xmm7,%xmm7 435 call _aesni_encrypt6 436 movups %xmm2,(%edi) 437 movups %xmm3,16(%edi) 438 movups %xmm4,32(%edi) 439 movups %xmm5,48(%edi) 440 movups %xmm6,64(%edi) 441 jmp .L012ecb_ret 442.align 16 443.L017ecb_enc_one: 444 movups (%edx),%xmm0 445 movups 16(%edx),%xmm1 446 leal 32(%edx),%edx 447 xorps %xmm0,%xmm2 448.L021enc1_loop_3: 449.byte 102,15,56,220,209 450 decl %ecx 451 movups (%edx),%xmm1 452 leal 16(%edx),%edx 453 jnz .L021enc1_loop_3 454.byte 102,15,56,221,209 455 movups %xmm2,(%edi) 456 jmp .L012ecb_ret 457.align 16 458.L018ecb_enc_two: 459 call _aesni_encrypt2 460 movups %xmm2,(%edi) 461 movups %xmm3,16(%edi) 462 jmp .L012ecb_ret 463.align 16 464.L019ecb_enc_three: 465 call _aesni_encrypt3 466 movups %xmm2,(%edi) 467 movups %xmm3,16(%edi) 468 movups %xmm4,32(%edi) 469 jmp .L012ecb_ret 470.align 16 471.L020ecb_enc_four: 472 call _aesni_encrypt4 473 movups %xmm2,(%edi) 474 movups %xmm3,16(%edi) 475 movups %xmm4,32(%edi) 476 movups %xmm5,48(%edi) 477 jmp .L012ecb_ret 478.align 16 479.L013ecb_decrypt: 480 movl %edx,%ebp 481 movl %ecx,%ebx 482 cmpl $96,%eax 483 jb .L022ecb_dec_tail 484 movdqu (%esi),%xmm2 485 movdqu 16(%esi),%xmm3 486 movdqu 32(%esi),%xmm4 487 movdqu 48(%esi),%xmm5 488 movdqu 64(%esi),%xmm6 489 movdqu 80(%esi),%xmm7 490 leal 96(%esi),%esi 491 subl $96,%eax 492 jmp .L023ecb_dec_loop6_enter 493.align 16 494.L024ecb_dec_loop6: 495 movups %xmm2,(%edi) 496 movdqu (%esi),%xmm2 497 movups %xmm3,16(%edi) 498 movdqu 16(%esi),%xmm3 499 movups %xmm4,32(%edi) 500 movdqu 32(%esi),%xmm4 501 movups %xmm5,48(%edi) 502 movdqu 48(%esi),%xmm5 503 movups %xmm6,64(%edi) 504 movdqu 64(%esi),%xmm6 505 movups %xmm7,80(%edi) 506 leal 96(%edi),%edi 507 movdqu 80(%esi),%xmm7 508 leal 96(%esi),%esi 509.L023ecb_dec_loop6_enter: 510 call _aesni_decrypt6 511 movl %ebp,%edx 512 movl %ebx,%ecx 513 subl $96,%eax 514 jnc .L024ecb_dec_loop6 515 movups %xmm2,(%edi) 516 movups %xmm3,16(%edi) 517 movups %xmm4,32(%edi) 518 movups %xmm5,48(%edi) 519 movups %xmm6,64(%edi) 520 movups %xmm7,80(%edi) 521 leal 96(%edi),%edi 522 addl $96,%eax 523 jz .L012ecb_ret 524.L022ecb_dec_tail: 525 movups (%esi),%xmm2 526 cmpl $32,%eax 527 jb .L025ecb_dec_one 528 movups 16(%esi),%xmm3 529 je .L026ecb_dec_two 530 movups 32(%esi),%xmm4 531 cmpl $64,%eax 532 jb .L027ecb_dec_three 533 movups 48(%esi),%xmm5 534 je .L028ecb_dec_four 535 movups 64(%esi),%xmm6 536 xorps %xmm7,%xmm7 537 call _aesni_decrypt6 538 movups %xmm2,(%edi) 539 movups %xmm3,16(%edi) 540 movups %xmm4,32(%edi) 541 movups %xmm5,48(%edi) 542 movups %xmm6,64(%edi) 543 jmp .L012ecb_ret 544.align 16 545.L025ecb_dec_one: 546 movups (%edx),%xmm0 547 movups 16(%edx),%xmm1 548 leal 32(%edx),%edx 549 xorps %xmm0,%xmm2 550.L029dec1_loop_4: 551.byte 102,15,56,222,209 552 decl %ecx 553 movups (%edx),%xmm1 554 leal 16(%edx),%edx 555 jnz .L029dec1_loop_4 556.byte 102,15,56,223,209 557 movups %xmm2,(%edi) 558 jmp .L012ecb_ret 559.align 16 560.L026ecb_dec_two: 561 call _aesni_decrypt2 562 movups %xmm2,(%edi) 563 movups %xmm3,16(%edi) 564 jmp .L012ecb_ret 565.align 16 566.L027ecb_dec_three: 567 call _aesni_decrypt3 568 movups %xmm2,(%edi) 569 movups %xmm3,16(%edi) 570 movups %xmm4,32(%edi) 571 jmp .L012ecb_ret 572.align 16 573.L028ecb_dec_four: 574 call _aesni_decrypt4 575 movups %xmm2,(%edi) 576 movups %xmm3,16(%edi) 577 movups %xmm4,32(%edi) 578 movups %xmm5,48(%edi) 579.L012ecb_ret: 580 pxor %xmm0,%xmm0 581 pxor %xmm1,%xmm1 582 pxor %xmm2,%xmm2 583 pxor %xmm3,%xmm3 584 pxor %xmm4,%xmm4 585 pxor %xmm5,%xmm5 586 pxor %xmm6,%xmm6 587 pxor %xmm7,%xmm7 588 popl %edi 589 popl %esi 590 popl %ebx 591 popl %ebp 592 ret 593.size aesni_ecb_encrypt,.-.L_aesni_ecb_encrypt_begin 594.globl aesni_ccm64_encrypt_blocks 595.type aesni_ccm64_encrypt_blocks,@function 596.align 16 597aesni_ccm64_encrypt_blocks: 598.L_aesni_ccm64_encrypt_blocks_begin: 599 pushl %ebp 600 pushl %ebx 601 pushl %esi 602 pushl %edi 603 movl 20(%esp),%esi 604 movl 24(%esp),%edi 605 movl 28(%esp),%eax 606 movl 32(%esp),%edx 607 movl 36(%esp),%ebx 608 movl 40(%esp),%ecx 609 movl %esp,%ebp 610 subl $60,%esp 611 andl $-16,%esp 612 movl %ebp,48(%esp) 613 movdqu (%ebx),%xmm7 614 movdqu (%ecx),%xmm3 615 movl 240(%edx),%ecx 616 movl $202182159,(%esp) 617 movl $134810123,4(%esp) 618 movl $67438087,8(%esp) 619 movl $66051,12(%esp) 620 movl $1,%ebx 621 xorl %ebp,%ebp 622 movl %ebx,16(%esp) 623 movl %ebp,20(%esp) 624 movl %ebp,24(%esp) 625 movl %ebp,28(%esp) 626 shll $4,%ecx 627 movl $16,%ebx 628 leal (%edx),%ebp 629 movdqa (%esp),%xmm5 630 movdqa %xmm7,%xmm2 631 leal 32(%edx,%ecx,1),%edx 632 subl %ecx,%ebx 633.byte 102,15,56,0,253 634.L030ccm64_enc_outer: 635 movups (%ebp),%xmm0 636 movl %ebx,%ecx 637 movups (%esi),%xmm6 638 xorps %xmm0,%xmm2 639 movups 16(%ebp),%xmm1 640 xorps %xmm6,%xmm0 641 xorps %xmm0,%xmm3 642 movups 32(%ebp),%xmm0 643.L031ccm64_enc2_loop: 644.byte 102,15,56,220,209 645.byte 102,15,56,220,217 646 movups (%edx,%ecx,1),%xmm1 647 addl $32,%ecx 648.byte 102,15,56,220,208 649.byte 102,15,56,220,216 650 movups -16(%edx,%ecx,1),%xmm0 651 jnz .L031ccm64_enc2_loop 652.byte 102,15,56,220,209 653.byte 102,15,56,220,217 654 paddq 16(%esp),%xmm7 655 decl %eax 656.byte 102,15,56,221,208 657.byte 102,15,56,221,216 658 leal 16(%esi),%esi 659 xorps %xmm2,%xmm6 660 movdqa %xmm7,%xmm2 661 movups %xmm6,(%edi) 662.byte 102,15,56,0,213 663 leal 16(%edi),%edi 664 jnz .L030ccm64_enc_outer 665 movl 48(%esp),%esp 666 movl 40(%esp),%edi 667 movups %xmm3,(%edi) 668 pxor %xmm0,%xmm0 669 pxor %xmm1,%xmm1 670 pxor %xmm2,%xmm2 671 pxor %xmm3,%xmm3 672 pxor %xmm4,%xmm4 673 pxor %xmm5,%xmm5 674 pxor %xmm6,%xmm6 675 pxor %xmm7,%xmm7 676 popl %edi 677 popl %esi 678 popl %ebx 679 popl %ebp 680 ret 681.size aesni_ccm64_encrypt_blocks,.-.L_aesni_ccm64_encrypt_blocks_begin 682.globl aesni_ccm64_decrypt_blocks 683.type aesni_ccm64_decrypt_blocks,@function 684.align 16 685aesni_ccm64_decrypt_blocks: 686.L_aesni_ccm64_decrypt_blocks_begin: 687 pushl %ebp 688 pushl %ebx 689 pushl %esi 690 pushl %edi 691 movl 20(%esp),%esi 692 movl 24(%esp),%edi 693 movl 28(%esp),%eax 694 movl 32(%esp),%edx 695 movl 36(%esp),%ebx 696 movl 40(%esp),%ecx 697 movl %esp,%ebp 698 subl $60,%esp 699 andl $-16,%esp 700 movl %ebp,48(%esp) 701 movdqu (%ebx),%xmm7 702 movdqu (%ecx),%xmm3 703 movl 240(%edx),%ecx 704 movl $202182159,(%esp) 705 movl $134810123,4(%esp) 706 movl $67438087,8(%esp) 707 movl $66051,12(%esp) 708 movl $1,%ebx 709 xorl %ebp,%ebp 710 movl %ebx,16(%esp) 711 movl %ebp,20(%esp) 712 movl %ebp,24(%esp) 713 movl %ebp,28(%esp) 714 movdqa (%esp),%xmm5 715 movdqa %xmm7,%xmm2 716 movl %edx,%ebp 717 movl %ecx,%ebx 718.byte 102,15,56,0,253 719 movups (%edx),%xmm0 720 movups 16(%edx),%xmm1 721 leal 32(%edx),%edx 722 xorps %xmm0,%xmm2 723.L032enc1_loop_5: 724.byte 102,15,56,220,209 725 decl %ecx 726 movups (%edx),%xmm1 727 leal 16(%edx),%edx 728 jnz .L032enc1_loop_5 729.byte 102,15,56,221,209 730 shll $4,%ebx 731 movl $16,%ecx 732 movups (%esi),%xmm6 733 paddq 16(%esp),%xmm7 734 leal 16(%esi),%esi 735 subl %ebx,%ecx 736 leal 32(%ebp,%ebx,1),%edx 737 movl %ecx,%ebx 738 jmp .L033ccm64_dec_outer 739.align 16 740.L033ccm64_dec_outer: 741 xorps %xmm2,%xmm6 742 movdqa %xmm7,%xmm2 743 movups %xmm6,(%edi) 744 leal 16(%edi),%edi 745.byte 102,15,56,0,213 746 subl $1,%eax 747 jz .L034ccm64_dec_break 748 movups (%ebp),%xmm0 749 movl %ebx,%ecx 750 movups 16(%ebp),%xmm1 751 xorps %xmm0,%xmm6 752 xorps %xmm0,%xmm2 753 xorps %xmm6,%xmm3 754 movups 32(%ebp),%xmm0 755.L035ccm64_dec2_loop: 756.byte 102,15,56,220,209 757.byte 102,15,56,220,217 758 movups (%edx,%ecx,1),%xmm1 759 addl $32,%ecx 760.byte 102,15,56,220,208 761.byte 102,15,56,220,216 762 movups -16(%edx,%ecx,1),%xmm0 763 jnz .L035ccm64_dec2_loop 764 movups (%esi),%xmm6 765 paddq 16(%esp),%xmm7 766.byte 102,15,56,220,209 767.byte 102,15,56,220,217 768.byte 102,15,56,221,208 769.byte 102,15,56,221,216 770 leal 16(%esi),%esi 771 jmp .L033ccm64_dec_outer 772.align 16 773.L034ccm64_dec_break: 774 movl 240(%ebp),%ecx 775 movl %ebp,%edx 776 movups (%edx),%xmm0 777 movups 16(%edx),%xmm1 778 xorps %xmm0,%xmm6 779 leal 32(%edx),%edx 780 xorps %xmm6,%xmm3 781.L036enc1_loop_6: 782.byte 102,15,56,220,217 783 decl %ecx 784 movups (%edx),%xmm1 785 leal 16(%edx),%edx 786 jnz .L036enc1_loop_6 787.byte 102,15,56,221,217 788 movl 48(%esp),%esp 789 movl 40(%esp),%edi 790 movups %xmm3,(%edi) 791 pxor %xmm0,%xmm0 792 pxor %xmm1,%xmm1 793 pxor %xmm2,%xmm2 794 pxor %xmm3,%xmm3 795 pxor %xmm4,%xmm4 796 pxor %xmm5,%xmm5 797 pxor %xmm6,%xmm6 798 pxor %xmm7,%xmm7 799 popl %edi 800 popl %esi 801 popl %ebx 802 popl %ebp 803 ret 804.size aesni_ccm64_decrypt_blocks,.-.L_aesni_ccm64_decrypt_blocks_begin 805.globl aesni_ctr32_encrypt_blocks 806.type aesni_ctr32_encrypt_blocks,@function 807.align 16 808aesni_ctr32_encrypt_blocks: 809.L_aesni_ctr32_encrypt_blocks_begin: 810 pushl %ebp 811 pushl %ebx 812 pushl %esi 813 pushl %edi 814 movl 20(%esp),%esi 815 movl 24(%esp),%edi 816 movl 28(%esp),%eax 817 movl 32(%esp),%edx 818 movl 36(%esp),%ebx 819 movl %esp,%ebp 820 subl $88,%esp 821 andl $-16,%esp 822 movl %ebp,80(%esp) 823 cmpl $1,%eax 824 je .L037ctr32_one_shortcut 825 movdqu (%ebx),%xmm7 826 movl $202182159,(%esp) 827 movl $134810123,4(%esp) 828 movl $67438087,8(%esp) 829 movl $66051,12(%esp) 830 movl $6,%ecx 831 xorl %ebp,%ebp 832 movl %ecx,16(%esp) 833 movl %ecx,20(%esp) 834 movl %ecx,24(%esp) 835 movl %ebp,28(%esp) 836.byte 102,15,58,22,251,3 837.byte 102,15,58,34,253,3 838 movl 240(%edx),%ecx 839 bswap %ebx 840 pxor %xmm0,%xmm0 841 pxor %xmm1,%xmm1 842 movdqa (%esp),%xmm2 843.byte 102,15,58,34,195,0 844 leal 3(%ebx),%ebp 845.byte 102,15,58,34,205,0 846 incl %ebx 847.byte 102,15,58,34,195,1 848 incl %ebp 849.byte 102,15,58,34,205,1 850 incl %ebx 851.byte 102,15,58,34,195,2 852 incl %ebp 853.byte 102,15,58,34,205,2 854 movdqa %xmm0,48(%esp) 855.byte 102,15,56,0,194 856 movdqu (%edx),%xmm6 857 movdqa %xmm1,64(%esp) 858.byte 102,15,56,0,202 859 pshufd $192,%xmm0,%xmm2 860 pshufd $128,%xmm0,%xmm3 861 cmpl $6,%eax 862 jb .L038ctr32_tail 863 pxor %xmm6,%xmm7 864 shll $4,%ecx 865 movl $16,%ebx 866 movdqa %xmm7,32(%esp) 867 movl %edx,%ebp 868 subl %ecx,%ebx 869 leal 32(%edx,%ecx,1),%edx 870 subl $6,%eax 871 jmp .L039ctr32_loop6 872.align 16 873.L039ctr32_loop6: 874 pshufd $64,%xmm0,%xmm4 875 movdqa 32(%esp),%xmm0 876 pshufd $192,%xmm1,%xmm5 877 pxor %xmm0,%xmm2 878 pshufd $128,%xmm1,%xmm6 879 pxor %xmm0,%xmm3 880 pshufd $64,%xmm1,%xmm7 881 movups 16(%ebp),%xmm1 882 pxor %xmm0,%xmm4 883 pxor %xmm0,%xmm5 884.byte 102,15,56,220,209 885 pxor %xmm0,%xmm6 886 pxor %xmm0,%xmm7 887.byte 102,15,56,220,217 888 movups 32(%ebp),%xmm0 889 movl %ebx,%ecx 890.byte 102,15,56,220,225 891.byte 102,15,56,220,233 892.byte 102,15,56,220,241 893.byte 102,15,56,220,249 894 call .L_aesni_encrypt6_enter 895 movups (%esi),%xmm1 896 movups 16(%esi),%xmm0 897 xorps %xmm1,%xmm2 898 movups 32(%esi),%xmm1 899 xorps %xmm0,%xmm3 900 movups %xmm2,(%edi) 901 movdqa 16(%esp),%xmm0 902 xorps %xmm1,%xmm4 903 movdqa 64(%esp),%xmm1 904 movups %xmm3,16(%edi) 905 movups %xmm4,32(%edi) 906 paddd %xmm0,%xmm1 907 paddd 48(%esp),%xmm0 908 movdqa (%esp),%xmm2 909 movups 48(%esi),%xmm3 910 movups 64(%esi),%xmm4 911 xorps %xmm3,%xmm5 912 movups 80(%esi),%xmm3 913 leal 96(%esi),%esi 914 movdqa %xmm0,48(%esp) 915.byte 102,15,56,0,194 916 xorps %xmm4,%xmm6 917 movups %xmm5,48(%edi) 918 xorps %xmm3,%xmm7 919 movdqa %xmm1,64(%esp) 920.byte 102,15,56,0,202 921 movups %xmm6,64(%edi) 922 pshufd $192,%xmm0,%xmm2 923 movups %xmm7,80(%edi) 924 leal 96(%edi),%edi 925 pshufd $128,%xmm0,%xmm3 926 subl $6,%eax 927 jnc .L039ctr32_loop6 928 addl $6,%eax 929 jz .L040ctr32_ret 930 movdqu (%ebp),%xmm7 931 movl %ebp,%edx 932 pxor 32(%esp),%xmm7 933 movl 240(%ebp),%ecx 934.L038ctr32_tail: 935 por %xmm7,%xmm2 936 cmpl $2,%eax 937 jb .L041ctr32_one 938 pshufd $64,%xmm0,%xmm4 939 por %xmm7,%xmm3 940 je .L042ctr32_two 941 pshufd $192,%xmm1,%xmm5 942 por %xmm7,%xmm4 943 cmpl $4,%eax 944 jb .L043ctr32_three 945 pshufd $128,%xmm1,%xmm6 946 por %xmm7,%xmm5 947 je .L044ctr32_four 948 por %xmm7,%xmm6 949 call _aesni_encrypt6 950 movups (%esi),%xmm1 951 movups 16(%esi),%xmm0 952 xorps %xmm1,%xmm2 953 movups 32(%esi),%xmm1 954 xorps %xmm0,%xmm3 955 movups 48(%esi),%xmm0 956 xorps %xmm1,%xmm4 957 movups 64(%esi),%xmm1 958 xorps %xmm0,%xmm5 959 movups %xmm2,(%edi) 960 xorps %xmm1,%xmm6 961 movups %xmm3,16(%edi) 962 movups %xmm4,32(%edi) 963 movups %xmm5,48(%edi) 964 movups %xmm6,64(%edi) 965 jmp .L040ctr32_ret 966.align 16 967.L037ctr32_one_shortcut: 968 movups (%ebx),%xmm2 969 movl 240(%edx),%ecx 970.L041ctr32_one: 971 movups (%edx),%xmm0 972 movups 16(%edx),%xmm1 973 leal 32(%edx),%edx 974 xorps %xmm0,%xmm2 975.L045enc1_loop_7: 976.byte 102,15,56,220,209 977 decl %ecx 978 movups (%edx),%xmm1 979 leal 16(%edx),%edx 980 jnz .L045enc1_loop_7 981.byte 102,15,56,221,209 982 movups (%esi),%xmm6 983 xorps %xmm2,%xmm6 984 movups %xmm6,(%edi) 985 jmp .L040ctr32_ret 986.align 16 987.L042ctr32_two: 988 call _aesni_encrypt2 989 movups (%esi),%xmm5 990 movups 16(%esi),%xmm6 991 xorps %xmm5,%xmm2 992 xorps %xmm6,%xmm3 993 movups %xmm2,(%edi) 994 movups %xmm3,16(%edi) 995 jmp .L040ctr32_ret 996.align 16 997.L043ctr32_three: 998 call _aesni_encrypt3 999 movups (%esi),%xmm5 1000 movups 16(%esi),%xmm6 1001 xorps %xmm5,%xmm2 1002 movups 32(%esi),%xmm7 1003 xorps %xmm6,%xmm3 1004 movups %xmm2,(%edi) 1005 xorps %xmm7,%xmm4 1006 movups %xmm3,16(%edi) 1007 movups %xmm4,32(%edi) 1008 jmp .L040ctr32_ret 1009.align 16 1010.L044ctr32_four: 1011 call _aesni_encrypt4 1012 movups (%esi),%xmm6 1013 movups 16(%esi),%xmm7 1014 movups 32(%esi),%xmm1 1015 xorps %xmm6,%xmm2 1016 movups 48(%esi),%xmm0 1017 xorps %xmm7,%xmm3 1018 movups %xmm2,(%edi) 1019 xorps %xmm1,%xmm4 1020 movups %xmm3,16(%edi) 1021 xorps %xmm0,%xmm5 1022 movups %xmm4,32(%edi) 1023 movups %xmm5,48(%edi) 1024.L040ctr32_ret: 1025 pxor %xmm0,%xmm0 1026 pxor %xmm1,%xmm1 1027 pxor %xmm2,%xmm2 1028 pxor %xmm3,%xmm3 1029 pxor %xmm4,%xmm4 1030 movdqa %xmm0,32(%esp) 1031 pxor %xmm5,%xmm5 1032 movdqa %xmm0,48(%esp) 1033 pxor %xmm6,%xmm6 1034 movdqa %xmm0,64(%esp) 1035 pxor %xmm7,%xmm7 1036 movl 80(%esp),%esp 1037 popl %edi 1038 popl %esi 1039 popl %ebx 1040 popl %ebp 1041 ret 1042.size aesni_ctr32_encrypt_blocks,.-.L_aesni_ctr32_encrypt_blocks_begin 1043.globl aesni_xts_encrypt 1044.type aesni_xts_encrypt,@function 1045.align 16 1046aesni_xts_encrypt: 1047.L_aesni_xts_encrypt_begin: 1048 pushl %ebp 1049 pushl %ebx 1050 pushl %esi 1051 pushl %edi 1052 movl 36(%esp),%edx 1053 movl 40(%esp),%esi 1054 movl 240(%edx),%ecx 1055 movups (%esi),%xmm2 1056 movups (%edx),%xmm0 1057 movups 16(%edx),%xmm1 1058 leal 32(%edx),%edx 1059 xorps %xmm0,%xmm2 1060.L046enc1_loop_8: 1061.byte 102,15,56,220,209 1062 decl %ecx 1063 movups (%edx),%xmm1 1064 leal 16(%edx),%edx 1065 jnz .L046enc1_loop_8 1066.byte 102,15,56,221,209 1067 movl 20(%esp),%esi 1068 movl 24(%esp),%edi 1069 movl 28(%esp),%eax 1070 movl 32(%esp),%edx 1071 movl %esp,%ebp 1072 subl $120,%esp 1073 movl 240(%edx),%ecx 1074 andl $-16,%esp 1075 movl $135,96(%esp) 1076 movl $0,100(%esp) 1077 movl $1,104(%esp) 1078 movl $0,108(%esp) 1079 movl %eax,112(%esp) 1080 movl %ebp,116(%esp) 1081 movdqa %xmm2,%xmm1 1082 pxor %xmm0,%xmm0 1083 movdqa 96(%esp),%xmm3 1084 pcmpgtd %xmm1,%xmm0 1085 andl $-16,%eax 1086 movl %edx,%ebp 1087 movl %ecx,%ebx 1088 subl $96,%eax 1089 jc .L047xts_enc_short 1090 shll $4,%ecx 1091 movl $16,%ebx 1092 subl %ecx,%ebx 1093 leal 32(%edx,%ecx,1),%edx 1094 jmp .L048xts_enc_loop6 1095.align 16 1096.L048xts_enc_loop6: 1097 pshufd $19,%xmm0,%xmm2 1098 pxor %xmm0,%xmm0 1099 movdqa %xmm1,(%esp) 1100 paddq %xmm1,%xmm1 1101 pand %xmm3,%xmm2 1102 pcmpgtd %xmm1,%xmm0 1103 pxor %xmm2,%xmm1 1104 pshufd $19,%xmm0,%xmm2 1105 pxor %xmm0,%xmm0 1106 movdqa %xmm1,16(%esp) 1107 paddq %xmm1,%xmm1 1108 pand %xmm3,%xmm2 1109 pcmpgtd %xmm1,%xmm0 1110 pxor %xmm2,%xmm1 1111 pshufd $19,%xmm0,%xmm2 1112 pxor %xmm0,%xmm0 1113 movdqa %xmm1,32(%esp) 1114 paddq %xmm1,%xmm1 1115 pand %xmm3,%xmm2 1116 pcmpgtd %xmm1,%xmm0 1117 pxor %xmm2,%xmm1 1118 pshufd $19,%xmm0,%xmm2 1119 pxor %xmm0,%xmm0 1120 movdqa %xmm1,48(%esp) 1121 paddq %xmm1,%xmm1 1122 pand %xmm3,%xmm2 1123 pcmpgtd %xmm1,%xmm0 1124 pxor %xmm2,%xmm1 1125 pshufd $19,%xmm0,%xmm7 1126 movdqa %xmm1,64(%esp) 1127 paddq %xmm1,%xmm1 1128 movups (%ebp),%xmm0 1129 pand %xmm3,%xmm7 1130 movups (%esi),%xmm2 1131 pxor %xmm1,%xmm7 1132 movl %ebx,%ecx 1133 movdqu 16(%esi),%xmm3 1134 xorps %xmm0,%xmm2 1135 movdqu 32(%esi),%xmm4 1136 pxor %xmm0,%xmm3 1137 movdqu 48(%esi),%xmm5 1138 pxor %xmm0,%xmm4 1139 movdqu 64(%esi),%xmm6 1140 pxor %xmm0,%xmm5 1141 movdqu 80(%esi),%xmm1 1142 pxor %xmm0,%xmm6 1143 leal 96(%esi),%esi 1144 pxor (%esp),%xmm2 1145 movdqa %xmm7,80(%esp) 1146 pxor %xmm1,%xmm7 1147 movups 16(%ebp),%xmm1 1148 pxor 16(%esp),%xmm3 1149 pxor 32(%esp),%xmm4 1150.byte 102,15,56,220,209 1151 pxor 48(%esp),%xmm5 1152 pxor 64(%esp),%xmm6 1153.byte 102,15,56,220,217 1154 pxor %xmm0,%xmm7 1155 movups 32(%ebp),%xmm0 1156.byte 102,15,56,220,225 1157.byte 102,15,56,220,233 1158.byte 102,15,56,220,241 1159.byte 102,15,56,220,249 1160 call .L_aesni_encrypt6_enter 1161 movdqa 80(%esp),%xmm1 1162 pxor %xmm0,%xmm0 1163 xorps (%esp),%xmm2 1164 pcmpgtd %xmm1,%xmm0 1165 xorps 16(%esp),%xmm3 1166 movups %xmm2,(%edi) 1167 xorps 32(%esp),%xmm4 1168 movups %xmm3,16(%edi) 1169 xorps 48(%esp),%xmm5 1170 movups %xmm4,32(%edi) 1171 xorps 64(%esp),%xmm6 1172 movups %xmm5,48(%edi) 1173 xorps %xmm1,%xmm7 1174 movups %xmm6,64(%edi) 1175 pshufd $19,%xmm0,%xmm2 1176 movups %xmm7,80(%edi) 1177 leal 96(%edi),%edi 1178 movdqa 96(%esp),%xmm3 1179 pxor %xmm0,%xmm0 1180 paddq %xmm1,%xmm1 1181 pand %xmm3,%xmm2 1182 pcmpgtd %xmm1,%xmm0 1183 pxor %xmm2,%xmm1 1184 subl $96,%eax 1185 jnc .L048xts_enc_loop6 1186 movl 240(%ebp),%ecx 1187 movl %ebp,%edx 1188 movl %ecx,%ebx 1189.L047xts_enc_short: 1190 addl $96,%eax 1191 jz .L049xts_enc_done6x 1192 movdqa %xmm1,%xmm5 1193 cmpl $32,%eax 1194 jb .L050xts_enc_one 1195 pshufd $19,%xmm0,%xmm2 1196 pxor %xmm0,%xmm0 1197 paddq %xmm1,%xmm1 1198 pand %xmm3,%xmm2 1199 pcmpgtd %xmm1,%xmm0 1200 pxor %xmm2,%xmm1 1201 je .L051xts_enc_two 1202 pshufd $19,%xmm0,%xmm2 1203 pxor %xmm0,%xmm0 1204 movdqa %xmm1,%xmm6 1205 paddq %xmm1,%xmm1 1206 pand %xmm3,%xmm2 1207 pcmpgtd %xmm1,%xmm0 1208 pxor %xmm2,%xmm1 1209 cmpl $64,%eax 1210 jb .L052xts_enc_three 1211 pshufd $19,%xmm0,%xmm2 1212 pxor %xmm0,%xmm0 1213 movdqa %xmm1,%xmm7 1214 paddq %xmm1,%xmm1 1215 pand %xmm3,%xmm2 1216 pcmpgtd %xmm1,%xmm0 1217 pxor %xmm2,%xmm1 1218 movdqa %xmm5,(%esp) 1219 movdqa %xmm6,16(%esp) 1220 je .L053xts_enc_four 1221 movdqa %xmm7,32(%esp) 1222 pshufd $19,%xmm0,%xmm7 1223 movdqa %xmm1,48(%esp) 1224 paddq %xmm1,%xmm1 1225 pand %xmm3,%xmm7 1226 pxor %xmm1,%xmm7 1227 movdqu (%esi),%xmm2 1228 movdqu 16(%esi),%xmm3 1229 movdqu 32(%esi),%xmm4 1230 pxor (%esp),%xmm2 1231 movdqu 48(%esi),%xmm5 1232 pxor 16(%esp),%xmm3 1233 movdqu 64(%esi),%xmm6 1234 pxor 32(%esp),%xmm4 1235 leal 80(%esi),%esi 1236 pxor 48(%esp),%xmm5 1237 movdqa %xmm7,64(%esp) 1238 pxor %xmm7,%xmm6 1239 call _aesni_encrypt6 1240 movaps 64(%esp),%xmm1 1241 xorps (%esp),%xmm2 1242 xorps 16(%esp),%xmm3 1243 xorps 32(%esp),%xmm4 1244 movups %xmm2,(%edi) 1245 xorps 48(%esp),%xmm5 1246 movups %xmm3,16(%edi) 1247 xorps %xmm1,%xmm6 1248 movups %xmm4,32(%edi) 1249 movups %xmm5,48(%edi) 1250 movups %xmm6,64(%edi) 1251 leal 80(%edi),%edi 1252 jmp .L054xts_enc_done 1253.align 16 1254.L050xts_enc_one: 1255 movups (%esi),%xmm2 1256 leal 16(%esi),%esi 1257 xorps %xmm5,%xmm2 1258 movups (%edx),%xmm0 1259 movups 16(%edx),%xmm1 1260 leal 32(%edx),%edx 1261 xorps %xmm0,%xmm2 1262.L055enc1_loop_9: 1263.byte 102,15,56,220,209 1264 decl %ecx 1265 movups (%edx),%xmm1 1266 leal 16(%edx),%edx 1267 jnz .L055enc1_loop_9 1268.byte 102,15,56,221,209 1269 xorps %xmm5,%xmm2 1270 movups %xmm2,(%edi) 1271 leal 16(%edi),%edi 1272 movdqa %xmm5,%xmm1 1273 jmp .L054xts_enc_done 1274.align 16 1275.L051xts_enc_two: 1276 movaps %xmm1,%xmm6 1277 movups (%esi),%xmm2 1278 movups 16(%esi),%xmm3 1279 leal 32(%esi),%esi 1280 xorps %xmm5,%xmm2 1281 xorps %xmm6,%xmm3 1282 call _aesni_encrypt2 1283 xorps %xmm5,%xmm2 1284 xorps %xmm6,%xmm3 1285 movups %xmm2,(%edi) 1286 movups %xmm3,16(%edi) 1287 leal 32(%edi),%edi 1288 movdqa %xmm6,%xmm1 1289 jmp .L054xts_enc_done 1290.align 16 1291.L052xts_enc_three: 1292 movaps %xmm1,%xmm7 1293 movups (%esi),%xmm2 1294 movups 16(%esi),%xmm3 1295 movups 32(%esi),%xmm4 1296 leal 48(%esi),%esi 1297 xorps %xmm5,%xmm2 1298 xorps %xmm6,%xmm3 1299 xorps %xmm7,%xmm4 1300 call _aesni_encrypt3 1301 xorps %xmm5,%xmm2 1302 xorps %xmm6,%xmm3 1303 xorps %xmm7,%xmm4 1304 movups %xmm2,(%edi) 1305 movups %xmm3,16(%edi) 1306 movups %xmm4,32(%edi) 1307 leal 48(%edi),%edi 1308 movdqa %xmm7,%xmm1 1309 jmp .L054xts_enc_done 1310.align 16 1311.L053xts_enc_four: 1312 movaps %xmm1,%xmm6 1313 movups (%esi),%xmm2 1314 movups 16(%esi),%xmm3 1315 movups 32(%esi),%xmm4 1316 xorps (%esp),%xmm2 1317 movups 48(%esi),%xmm5 1318 leal 64(%esi),%esi 1319 xorps 16(%esp),%xmm3 1320 xorps %xmm7,%xmm4 1321 xorps %xmm6,%xmm5 1322 call _aesni_encrypt4 1323 xorps (%esp),%xmm2 1324 xorps 16(%esp),%xmm3 1325 xorps %xmm7,%xmm4 1326 movups %xmm2,(%edi) 1327 xorps %xmm6,%xmm5 1328 movups %xmm3,16(%edi) 1329 movups %xmm4,32(%edi) 1330 movups %xmm5,48(%edi) 1331 leal 64(%edi),%edi 1332 movdqa %xmm6,%xmm1 1333 jmp .L054xts_enc_done 1334.align 16 1335.L049xts_enc_done6x: 1336 movl 112(%esp),%eax 1337 andl $15,%eax 1338 jz .L056xts_enc_ret 1339 movdqa %xmm1,%xmm5 1340 movl %eax,112(%esp) 1341 jmp .L057xts_enc_steal 1342.align 16 1343.L054xts_enc_done: 1344 movl 112(%esp),%eax 1345 pxor %xmm0,%xmm0 1346 andl $15,%eax 1347 jz .L056xts_enc_ret 1348 pcmpgtd %xmm1,%xmm0 1349 movl %eax,112(%esp) 1350 pshufd $19,%xmm0,%xmm5 1351 paddq %xmm1,%xmm1 1352 pand 96(%esp),%xmm5 1353 pxor %xmm1,%xmm5 1354.L057xts_enc_steal: 1355 movzbl (%esi),%ecx 1356 movzbl -16(%edi),%edx 1357 leal 1(%esi),%esi 1358 movb %cl,-16(%edi) 1359 movb %dl,(%edi) 1360 leal 1(%edi),%edi 1361 subl $1,%eax 1362 jnz .L057xts_enc_steal 1363 subl 112(%esp),%edi 1364 movl %ebp,%edx 1365 movl %ebx,%ecx 1366 movups -16(%edi),%xmm2 1367 xorps %xmm5,%xmm2 1368 movups (%edx),%xmm0 1369 movups 16(%edx),%xmm1 1370 leal 32(%edx),%edx 1371 xorps %xmm0,%xmm2 1372.L058enc1_loop_10: 1373.byte 102,15,56,220,209 1374 decl %ecx 1375 movups (%edx),%xmm1 1376 leal 16(%edx),%edx 1377 jnz .L058enc1_loop_10 1378.byte 102,15,56,221,209 1379 xorps %xmm5,%xmm2 1380 movups %xmm2,-16(%edi) 1381.L056xts_enc_ret: 1382 pxor %xmm0,%xmm0 1383 pxor %xmm1,%xmm1 1384 pxor %xmm2,%xmm2 1385 movdqa %xmm0,(%esp) 1386 pxor %xmm3,%xmm3 1387 movdqa %xmm0,16(%esp) 1388 pxor %xmm4,%xmm4 1389 movdqa %xmm0,32(%esp) 1390 pxor %xmm5,%xmm5 1391 movdqa %xmm0,48(%esp) 1392 pxor %xmm6,%xmm6 1393 movdqa %xmm0,64(%esp) 1394 pxor %xmm7,%xmm7 1395 movdqa %xmm0,80(%esp) 1396 movl 116(%esp),%esp 1397 popl %edi 1398 popl %esi 1399 popl %ebx 1400 popl %ebp 1401 ret 1402.size aesni_xts_encrypt,.-.L_aesni_xts_encrypt_begin 1403.globl aesni_xts_decrypt 1404.type aesni_xts_decrypt,@function 1405.align 16 1406aesni_xts_decrypt: 1407.L_aesni_xts_decrypt_begin: 1408 pushl %ebp 1409 pushl %ebx 1410 pushl %esi 1411 pushl %edi 1412 movl 36(%esp),%edx 1413 movl 40(%esp),%esi 1414 movl 240(%edx),%ecx 1415 movups (%esi),%xmm2 1416 movups (%edx),%xmm0 1417 movups 16(%edx),%xmm1 1418 leal 32(%edx),%edx 1419 xorps %xmm0,%xmm2 1420.L059enc1_loop_11: 1421.byte 102,15,56,220,209 1422 decl %ecx 1423 movups (%edx),%xmm1 1424 leal 16(%edx),%edx 1425 jnz .L059enc1_loop_11 1426.byte 102,15,56,221,209 1427 movl 20(%esp),%esi 1428 movl 24(%esp),%edi 1429 movl 28(%esp),%eax 1430 movl 32(%esp),%edx 1431 movl %esp,%ebp 1432 subl $120,%esp 1433 andl $-16,%esp 1434 xorl %ebx,%ebx 1435 testl $15,%eax 1436 setnz %bl 1437 shll $4,%ebx 1438 subl %ebx,%eax 1439 movl $135,96(%esp) 1440 movl $0,100(%esp) 1441 movl $1,104(%esp) 1442 movl $0,108(%esp) 1443 movl %eax,112(%esp) 1444 movl %ebp,116(%esp) 1445 movl 240(%edx),%ecx 1446 movl %edx,%ebp 1447 movl %ecx,%ebx 1448 movdqa %xmm2,%xmm1 1449 pxor %xmm0,%xmm0 1450 movdqa 96(%esp),%xmm3 1451 pcmpgtd %xmm1,%xmm0 1452 andl $-16,%eax 1453 subl $96,%eax 1454 jc .L060xts_dec_short 1455 shll $4,%ecx 1456 movl $16,%ebx 1457 subl %ecx,%ebx 1458 leal 32(%edx,%ecx,1),%edx 1459 jmp .L061xts_dec_loop6 1460.align 16 1461.L061xts_dec_loop6: 1462 pshufd $19,%xmm0,%xmm2 1463 pxor %xmm0,%xmm0 1464 movdqa %xmm1,(%esp) 1465 paddq %xmm1,%xmm1 1466 pand %xmm3,%xmm2 1467 pcmpgtd %xmm1,%xmm0 1468 pxor %xmm2,%xmm1 1469 pshufd $19,%xmm0,%xmm2 1470 pxor %xmm0,%xmm0 1471 movdqa %xmm1,16(%esp) 1472 paddq %xmm1,%xmm1 1473 pand %xmm3,%xmm2 1474 pcmpgtd %xmm1,%xmm0 1475 pxor %xmm2,%xmm1 1476 pshufd $19,%xmm0,%xmm2 1477 pxor %xmm0,%xmm0 1478 movdqa %xmm1,32(%esp) 1479 paddq %xmm1,%xmm1 1480 pand %xmm3,%xmm2 1481 pcmpgtd %xmm1,%xmm0 1482 pxor %xmm2,%xmm1 1483 pshufd $19,%xmm0,%xmm2 1484 pxor %xmm0,%xmm0 1485 movdqa %xmm1,48(%esp) 1486 paddq %xmm1,%xmm1 1487 pand %xmm3,%xmm2 1488 pcmpgtd %xmm1,%xmm0 1489 pxor %xmm2,%xmm1 1490 pshufd $19,%xmm0,%xmm7 1491 movdqa %xmm1,64(%esp) 1492 paddq %xmm1,%xmm1 1493 movups (%ebp),%xmm0 1494 pand %xmm3,%xmm7 1495 movups (%esi),%xmm2 1496 pxor %xmm1,%xmm7 1497 movl %ebx,%ecx 1498 movdqu 16(%esi),%xmm3 1499 xorps %xmm0,%xmm2 1500 movdqu 32(%esi),%xmm4 1501 pxor %xmm0,%xmm3 1502 movdqu 48(%esi),%xmm5 1503 pxor %xmm0,%xmm4 1504 movdqu 64(%esi),%xmm6 1505 pxor %xmm0,%xmm5 1506 movdqu 80(%esi),%xmm1 1507 pxor %xmm0,%xmm6 1508 leal 96(%esi),%esi 1509 pxor (%esp),%xmm2 1510 movdqa %xmm7,80(%esp) 1511 pxor %xmm1,%xmm7 1512 movups 16(%ebp),%xmm1 1513 pxor 16(%esp),%xmm3 1514 pxor 32(%esp),%xmm4 1515.byte 102,15,56,222,209 1516 pxor 48(%esp),%xmm5 1517 pxor 64(%esp),%xmm6 1518.byte 102,15,56,222,217 1519 pxor %xmm0,%xmm7 1520 movups 32(%ebp),%xmm0 1521.byte 102,15,56,222,225 1522.byte 102,15,56,222,233 1523.byte 102,15,56,222,241 1524.byte 102,15,56,222,249 1525 call .L_aesni_decrypt6_enter 1526 movdqa 80(%esp),%xmm1 1527 pxor %xmm0,%xmm0 1528 xorps (%esp),%xmm2 1529 pcmpgtd %xmm1,%xmm0 1530 xorps 16(%esp),%xmm3 1531 movups %xmm2,(%edi) 1532 xorps 32(%esp),%xmm4 1533 movups %xmm3,16(%edi) 1534 xorps 48(%esp),%xmm5 1535 movups %xmm4,32(%edi) 1536 xorps 64(%esp),%xmm6 1537 movups %xmm5,48(%edi) 1538 xorps %xmm1,%xmm7 1539 movups %xmm6,64(%edi) 1540 pshufd $19,%xmm0,%xmm2 1541 movups %xmm7,80(%edi) 1542 leal 96(%edi),%edi 1543 movdqa 96(%esp),%xmm3 1544 pxor %xmm0,%xmm0 1545 paddq %xmm1,%xmm1 1546 pand %xmm3,%xmm2 1547 pcmpgtd %xmm1,%xmm0 1548 pxor %xmm2,%xmm1 1549 subl $96,%eax 1550 jnc .L061xts_dec_loop6 1551 movl 240(%ebp),%ecx 1552 movl %ebp,%edx 1553 movl %ecx,%ebx 1554.L060xts_dec_short: 1555 addl $96,%eax 1556 jz .L062xts_dec_done6x 1557 movdqa %xmm1,%xmm5 1558 cmpl $32,%eax 1559 jb .L063xts_dec_one 1560 pshufd $19,%xmm0,%xmm2 1561 pxor %xmm0,%xmm0 1562 paddq %xmm1,%xmm1 1563 pand %xmm3,%xmm2 1564 pcmpgtd %xmm1,%xmm0 1565 pxor %xmm2,%xmm1 1566 je .L064xts_dec_two 1567 pshufd $19,%xmm0,%xmm2 1568 pxor %xmm0,%xmm0 1569 movdqa %xmm1,%xmm6 1570 paddq %xmm1,%xmm1 1571 pand %xmm3,%xmm2 1572 pcmpgtd %xmm1,%xmm0 1573 pxor %xmm2,%xmm1 1574 cmpl $64,%eax 1575 jb .L065xts_dec_three 1576 pshufd $19,%xmm0,%xmm2 1577 pxor %xmm0,%xmm0 1578 movdqa %xmm1,%xmm7 1579 paddq %xmm1,%xmm1 1580 pand %xmm3,%xmm2 1581 pcmpgtd %xmm1,%xmm0 1582 pxor %xmm2,%xmm1 1583 movdqa %xmm5,(%esp) 1584 movdqa %xmm6,16(%esp) 1585 je .L066xts_dec_four 1586 movdqa %xmm7,32(%esp) 1587 pshufd $19,%xmm0,%xmm7 1588 movdqa %xmm1,48(%esp) 1589 paddq %xmm1,%xmm1 1590 pand %xmm3,%xmm7 1591 pxor %xmm1,%xmm7 1592 movdqu (%esi),%xmm2 1593 movdqu 16(%esi),%xmm3 1594 movdqu 32(%esi),%xmm4 1595 pxor (%esp),%xmm2 1596 movdqu 48(%esi),%xmm5 1597 pxor 16(%esp),%xmm3 1598 movdqu 64(%esi),%xmm6 1599 pxor 32(%esp),%xmm4 1600 leal 80(%esi),%esi 1601 pxor 48(%esp),%xmm5 1602 movdqa %xmm7,64(%esp) 1603 pxor %xmm7,%xmm6 1604 call _aesni_decrypt6 1605 movaps 64(%esp),%xmm1 1606 xorps (%esp),%xmm2 1607 xorps 16(%esp),%xmm3 1608 xorps 32(%esp),%xmm4 1609 movups %xmm2,(%edi) 1610 xorps 48(%esp),%xmm5 1611 movups %xmm3,16(%edi) 1612 xorps %xmm1,%xmm6 1613 movups %xmm4,32(%edi) 1614 movups %xmm5,48(%edi) 1615 movups %xmm6,64(%edi) 1616 leal 80(%edi),%edi 1617 jmp .L067xts_dec_done 1618.align 16 1619.L063xts_dec_one: 1620 movups (%esi),%xmm2 1621 leal 16(%esi),%esi 1622 xorps %xmm5,%xmm2 1623 movups (%edx),%xmm0 1624 movups 16(%edx),%xmm1 1625 leal 32(%edx),%edx 1626 xorps %xmm0,%xmm2 1627.L068dec1_loop_12: 1628.byte 102,15,56,222,209 1629 decl %ecx 1630 movups (%edx),%xmm1 1631 leal 16(%edx),%edx 1632 jnz .L068dec1_loop_12 1633.byte 102,15,56,223,209 1634 xorps %xmm5,%xmm2 1635 movups %xmm2,(%edi) 1636 leal 16(%edi),%edi 1637 movdqa %xmm5,%xmm1 1638 jmp .L067xts_dec_done 1639.align 16 1640.L064xts_dec_two: 1641 movaps %xmm1,%xmm6 1642 movups (%esi),%xmm2 1643 movups 16(%esi),%xmm3 1644 leal 32(%esi),%esi 1645 xorps %xmm5,%xmm2 1646 xorps %xmm6,%xmm3 1647 call _aesni_decrypt2 1648 xorps %xmm5,%xmm2 1649 xorps %xmm6,%xmm3 1650 movups %xmm2,(%edi) 1651 movups %xmm3,16(%edi) 1652 leal 32(%edi),%edi 1653 movdqa %xmm6,%xmm1 1654 jmp .L067xts_dec_done 1655.align 16 1656.L065xts_dec_three: 1657 movaps %xmm1,%xmm7 1658 movups (%esi),%xmm2 1659 movups 16(%esi),%xmm3 1660 movups 32(%esi),%xmm4 1661 leal 48(%esi),%esi 1662 xorps %xmm5,%xmm2 1663 xorps %xmm6,%xmm3 1664 xorps %xmm7,%xmm4 1665 call _aesni_decrypt3 1666 xorps %xmm5,%xmm2 1667 xorps %xmm6,%xmm3 1668 xorps %xmm7,%xmm4 1669 movups %xmm2,(%edi) 1670 movups %xmm3,16(%edi) 1671 movups %xmm4,32(%edi) 1672 leal 48(%edi),%edi 1673 movdqa %xmm7,%xmm1 1674 jmp .L067xts_dec_done 1675.align 16 1676.L066xts_dec_four: 1677 movaps %xmm1,%xmm6 1678 movups (%esi),%xmm2 1679 movups 16(%esi),%xmm3 1680 movups 32(%esi),%xmm4 1681 xorps (%esp),%xmm2 1682 movups 48(%esi),%xmm5 1683 leal 64(%esi),%esi 1684 xorps 16(%esp),%xmm3 1685 xorps %xmm7,%xmm4 1686 xorps %xmm6,%xmm5 1687 call _aesni_decrypt4 1688 xorps (%esp),%xmm2 1689 xorps 16(%esp),%xmm3 1690 xorps %xmm7,%xmm4 1691 movups %xmm2,(%edi) 1692 xorps %xmm6,%xmm5 1693 movups %xmm3,16(%edi) 1694 movups %xmm4,32(%edi) 1695 movups %xmm5,48(%edi) 1696 leal 64(%edi),%edi 1697 movdqa %xmm6,%xmm1 1698 jmp .L067xts_dec_done 1699.align 16 1700.L062xts_dec_done6x: 1701 movl 112(%esp),%eax 1702 andl $15,%eax 1703 jz .L069xts_dec_ret 1704 movl %eax,112(%esp) 1705 jmp .L070xts_dec_only_one_more 1706.align 16 1707.L067xts_dec_done: 1708 movl 112(%esp),%eax 1709 pxor %xmm0,%xmm0 1710 andl $15,%eax 1711 jz .L069xts_dec_ret 1712 pcmpgtd %xmm1,%xmm0 1713 movl %eax,112(%esp) 1714 pshufd $19,%xmm0,%xmm2 1715 pxor %xmm0,%xmm0 1716 movdqa 96(%esp),%xmm3 1717 paddq %xmm1,%xmm1 1718 pand %xmm3,%xmm2 1719 pcmpgtd %xmm1,%xmm0 1720 pxor %xmm2,%xmm1 1721.L070xts_dec_only_one_more: 1722 pshufd $19,%xmm0,%xmm5 1723 movdqa %xmm1,%xmm6 1724 paddq %xmm1,%xmm1 1725 pand %xmm3,%xmm5 1726 pxor %xmm1,%xmm5 1727 movl %ebp,%edx 1728 movl %ebx,%ecx 1729 movups (%esi),%xmm2 1730 xorps %xmm5,%xmm2 1731 movups (%edx),%xmm0 1732 movups 16(%edx),%xmm1 1733 leal 32(%edx),%edx 1734 xorps %xmm0,%xmm2 1735.L071dec1_loop_13: 1736.byte 102,15,56,222,209 1737 decl %ecx 1738 movups (%edx),%xmm1 1739 leal 16(%edx),%edx 1740 jnz .L071dec1_loop_13 1741.byte 102,15,56,223,209 1742 xorps %xmm5,%xmm2 1743 movups %xmm2,(%edi) 1744.L072xts_dec_steal: 1745 movzbl 16(%esi),%ecx 1746 movzbl (%edi),%edx 1747 leal 1(%esi),%esi 1748 movb %cl,(%edi) 1749 movb %dl,16(%edi) 1750 leal 1(%edi),%edi 1751 subl $1,%eax 1752 jnz .L072xts_dec_steal 1753 subl 112(%esp),%edi 1754 movl %ebp,%edx 1755 movl %ebx,%ecx 1756 movups (%edi),%xmm2 1757 xorps %xmm6,%xmm2 1758 movups (%edx),%xmm0 1759 movups 16(%edx),%xmm1 1760 leal 32(%edx),%edx 1761 xorps %xmm0,%xmm2 1762.L073dec1_loop_14: 1763.byte 102,15,56,222,209 1764 decl %ecx 1765 movups (%edx),%xmm1 1766 leal 16(%edx),%edx 1767 jnz .L073dec1_loop_14 1768.byte 102,15,56,223,209 1769 xorps %xmm6,%xmm2 1770 movups %xmm2,(%edi) 1771.L069xts_dec_ret: 1772 pxor %xmm0,%xmm0 1773 pxor %xmm1,%xmm1 1774 pxor %xmm2,%xmm2 1775 movdqa %xmm0,(%esp) 1776 pxor %xmm3,%xmm3 1777 movdqa %xmm0,16(%esp) 1778 pxor %xmm4,%xmm4 1779 movdqa %xmm0,32(%esp) 1780 pxor %xmm5,%xmm5 1781 movdqa %xmm0,48(%esp) 1782 pxor %xmm6,%xmm6 1783 movdqa %xmm0,64(%esp) 1784 pxor %xmm7,%xmm7 1785 movdqa %xmm0,80(%esp) 1786 movl 116(%esp),%esp 1787 popl %edi 1788 popl %esi 1789 popl %ebx 1790 popl %ebp 1791 ret 1792.size aesni_xts_decrypt,.-.L_aesni_xts_decrypt_begin 1793.globl aesni_cbc_encrypt 1794.type aesni_cbc_encrypt,@function 1795.align 16 1796aesni_cbc_encrypt: 1797.L_aesni_cbc_encrypt_begin: 1798 pushl %ebp 1799 pushl %ebx 1800 pushl %esi 1801 pushl %edi 1802 movl 20(%esp),%esi 1803 movl %esp,%ebx 1804 movl 24(%esp),%edi 1805 subl $24,%ebx 1806 movl 28(%esp),%eax 1807 andl $-16,%ebx 1808 movl 32(%esp),%edx 1809 movl 36(%esp),%ebp 1810 testl %eax,%eax 1811 jz .L074cbc_abort 1812 cmpl $0,40(%esp) 1813 xchgl %esp,%ebx 1814 movups (%ebp),%xmm7 1815 movl 240(%edx),%ecx 1816 movl %edx,%ebp 1817 movl %ebx,16(%esp) 1818 movl %ecx,%ebx 1819 je .L075cbc_decrypt 1820 movaps %xmm7,%xmm2 1821 cmpl $16,%eax 1822 jb .L076cbc_enc_tail 1823 subl $16,%eax 1824 jmp .L077cbc_enc_loop 1825.align 16 1826.L077cbc_enc_loop: 1827 movups (%esi),%xmm7 1828 leal 16(%esi),%esi 1829 movups (%edx),%xmm0 1830 movups 16(%edx),%xmm1 1831 xorps %xmm0,%xmm7 1832 leal 32(%edx),%edx 1833 xorps %xmm7,%xmm2 1834.L078enc1_loop_15: 1835.byte 102,15,56,220,209 1836 decl %ecx 1837 movups (%edx),%xmm1 1838 leal 16(%edx),%edx 1839 jnz .L078enc1_loop_15 1840.byte 102,15,56,221,209 1841 movl %ebx,%ecx 1842 movl %ebp,%edx 1843 movups %xmm2,(%edi) 1844 leal 16(%edi),%edi 1845 subl $16,%eax 1846 jnc .L077cbc_enc_loop 1847 addl $16,%eax 1848 jnz .L076cbc_enc_tail 1849 movaps %xmm2,%xmm7 1850 pxor %xmm2,%xmm2 1851 jmp .L079cbc_ret 1852.L076cbc_enc_tail: 1853 movl %eax,%ecx 1854.long 2767451785 1855 movl $16,%ecx 1856 subl %eax,%ecx 1857 xorl %eax,%eax 1858.long 2868115081 1859 leal -16(%edi),%edi 1860 movl %ebx,%ecx 1861 movl %edi,%esi 1862 movl %ebp,%edx 1863 jmp .L077cbc_enc_loop 1864.align 16 1865.L075cbc_decrypt: 1866 cmpl $80,%eax 1867 jbe .L080cbc_dec_tail 1868 movaps %xmm7,(%esp) 1869 subl $80,%eax 1870 jmp .L081cbc_dec_loop6_enter 1871.align 16 1872.L082cbc_dec_loop6: 1873 movaps %xmm0,(%esp) 1874 movups %xmm7,(%edi) 1875 leal 16(%edi),%edi 1876.L081cbc_dec_loop6_enter: 1877 movdqu (%esi),%xmm2 1878 movdqu 16(%esi),%xmm3 1879 movdqu 32(%esi),%xmm4 1880 movdqu 48(%esi),%xmm5 1881 movdqu 64(%esi),%xmm6 1882 movdqu 80(%esi),%xmm7 1883 call _aesni_decrypt6 1884 movups (%esi),%xmm1 1885 movups 16(%esi),%xmm0 1886 xorps (%esp),%xmm2 1887 xorps %xmm1,%xmm3 1888 movups 32(%esi),%xmm1 1889 xorps %xmm0,%xmm4 1890 movups 48(%esi),%xmm0 1891 xorps %xmm1,%xmm5 1892 movups 64(%esi),%xmm1 1893 xorps %xmm0,%xmm6 1894 movups 80(%esi),%xmm0 1895 xorps %xmm1,%xmm7 1896 movups %xmm2,(%edi) 1897 movups %xmm3,16(%edi) 1898 leal 96(%esi),%esi 1899 movups %xmm4,32(%edi) 1900 movl %ebx,%ecx 1901 movups %xmm5,48(%edi) 1902 movl %ebp,%edx 1903 movups %xmm6,64(%edi) 1904 leal 80(%edi),%edi 1905 subl $96,%eax 1906 ja .L082cbc_dec_loop6 1907 movaps %xmm7,%xmm2 1908 movaps %xmm0,%xmm7 1909 addl $80,%eax 1910 jle .L083cbc_dec_clear_tail_collected 1911 movups %xmm2,(%edi) 1912 leal 16(%edi),%edi 1913.L080cbc_dec_tail: 1914 movups (%esi),%xmm2 1915 movaps %xmm2,%xmm6 1916 cmpl $16,%eax 1917 jbe .L084cbc_dec_one 1918 movups 16(%esi),%xmm3 1919 movaps %xmm3,%xmm5 1920 cmpl $32,%eax 1921 jbe .L085cbc_dec_two 1922 movups 32(%esi),%xmm4 1923 cmpl $48,%eax 1924 jbe .L086cbc_dec_three 1925 movups 48(%esi),%xmm5 1926 cmpl $64,%eax 1927 jbe .L087cbc_dec_four 1928 movups 64(%esi),%xmm6 1929 movaps %xmm7,(%esp) 1930 movups (%esi),%xmm2 1931 xorps %xmm7,%xmm7 1932 call _aesni_decrypt6 1933 movups (%esi),%xmm1 1934 movups 16(%esi),%xmm0 1935 xorps (%esp),%xmm2 1936 xorps %xmm1,%xmm3 1937 movups 32(%esi),%xmm1 1938 xorps %xmm0,%xmm4 1939 movups 48(%esi),%xmm0 1940 xorps %xmm1,%xmm5 1941 movups 64(%esi),%xmm7 1942 xorps %xmm0,%xmm6 1943 movups %xmm2,(%edi) 1944 movups %xmm3,16(%edi) 1945 pxor %xmm3,%xmm3 1946 movups %xmm4,32(%edi) 1947 pxor %xmm4,%xmm4 1948 movups %xmm5,48(%edi) 1949 pxor %xmm5,%xmm5 1950 leal 64(%edi),%edi 1951 movaps %xmm6,%xmm2 1952 pxor %xmm6,%xmm6 1953 subl $80,%eax 1954 jmp .L088cbc_dec_tail_collected 1955.align 16 1956.L084cbc_dec_one: 1957 movups (%edx),%xmm0 1958 movups 16(%edx),%xmm1 1959 leal 32(%edx),%edx 1960 xorps %xmm0,%xmm2 1961.L089dec1_loop_16: 1962.byte 102,15,56,222,209 1963 decl %ecx 1964 movups (%edx),%xmm1 1965 leal 16(%edx),%edx 1966 jnz .L089dec1_loop_16 1967.byte 102,15,56,223,209 1968 xorps %xmm7,%xmm2 1969 movaps %xmm6,%xmm7 1970 subl $16,%eax 1971 jmp .L088cbc_dec_tail_collected 1972.align 16 1973.L085cbc_dec_two: 1974 call _aesni_decrypt2 1975 xorps %xmm7,%xmm2 1976 xorps %xmm6,%xmm3 1977 movups %xmm2,(%edi) 1978 movaps %xmm3,%xmm2 1979 pxor %xmm3,%xmm3 1980 leal 16(%edi),%edi 1981 movaps %xmm5,%xmm7 1982 subl $32,%eax 1983 jmp .L088cbc_dec_tail_collected 1984.align 16 1985.L086cbc_dec_three: 1986 call _aesni_decrypt3 1987 xorps %xmm7,%xmm2 1988 xorps %xmm6,%xmm3 1989 xorps %xmm5,%xmm4 1990 movups %xmm2,(%edi) 1991 movaps %xmm4,%xmm2 1992 pxor %xmm4,%xmm4 1993 movups %xmm3,16(%edi) 1994 pxor %xmm3,%xmm3 1995 leal 32(%edi),%edi 1996 movups 32(%esi),%xmm7 1997 subl $48,%eax 1998 jmp .L088cbc_dec_tail_collected 1999.align 16 2000.L087cbc_dec_four: 2001 call _aesni_decrypt4 2002 movups 16(%esi),%xmm1 2003 movups 32(%esi),%xmm0 2004 xorps %xmm7,%xmm2 2005 movups 48(%esi),%xmm7 2006 xorps %xmm6,%xmm3 2007 movups %xmm2,(%edi) 2008 xorps %xmm1,%xmm4 2009 movups %xmm3,16(%edi) 2010 pxor %xmm3,%xmm3 2011 xorps %xmm0,%xmm5 2012 movups %xmm4,32(%edi) 2013 pxor %xmm4,%xmm4 2014 leal 48(%edi),%edi 2015 movaps %xmm5,%xmm2 2016 pxor %xmm5,%xmm5 2017 subl $64,%eax 2018 jmp .L088cbc_dec_tail_collected 2019.align 16 2020.L083cbc_dec_clear_tail_collected: 2021 pxor %xmm3,%xmm3 2022 pxor %xmm4,%xmm4 2023 pxor %xmm5,%xmm5 2024 pxor %xmm6,%xmm6 2025.L088cbc_dec_tail_collected: 2026 andl $15,%eax 2027 jnz .L090cbc_dec_tail_partial 2028 movups %xmm2,(%edi) 2029 pxor %xmm0,%xmm0 2030 jmp .L079cbc_ret 2031.align 16 2032.L090cbc_dec_tail_partial: 2033 movaps %xmm2,(%esp) 2034 pxor %xmm0,%xmm0 2035 movl $16,%ecx 2036 movl %esp,%esi 2037 subl %eax,%ecx 2038.long 2767451785 2039 movdqa %xmm2,(%esp) 2040.L079cbc_ret: 2041 movl 16(%esp),%esp 2042 movl 36(%esp),%ebp 2043 pxor %xmm2,%xmm2 2044 pxor %xmm1,%xmm1 2045 movups %xmm7,(%ebp) 2046 pxor %xmm7,%xmm7 2047.L074cbc_abort: 2048 popl %edi 2049 popl %esi 2050 popl %ebx 2051 popl %ebp 2052 ret 2053.size aesni_cbc_encrypt,.-.L_aesni_cbc_encrypt_begin 2054.type _aesni_set_encrypt_key,@function 2055.align 16 2056_aesni_set_encrypt_key: 2057 pushl %ebp 2058 pushl %ebx 2059 testl %eax,%eax 2060 jz .L091bad_pointer 2061 testl %edx,%edx 2062 jz .L091bad_pointer 2063 call .L092pic 2064.L092pic: 2065 popl %ebx 2066 leal .Lkey_const-.L092pic(%ebx),%ebx 2067 leal OPENSSL_ia32cap_P-.Lkey_const(%ebx),%ebp 2068 movups (%eax),%xmm0 2069 xorps %xmm4,%xmm4 2070 movl 4(%ebp),%ebp 2071 leal 16(%edx),%edx 2072 andl $268437504,%ebp 2073 cmpl $256,%ecx 2074 je .L09314rounds 2075 cmpl $192,%ecx 2076 je .L09412rounds 2077 cmpl $128,%ecx 2078 jne .L095bad_keybits 2079.align 16 2080.L09610rounds: 2081 cmpl $268435456,%ebp 2082 je .L09710rounds_alt 2083 movl $9,%ecx 2084 movups %xmm0,-16(%edx) 2085.byte 102,15,58,223,200,1 2086 call .L098key_128_cold 2087.byte 102,15,58,223,200,2 2088 call .L099key_128 2089.byte 102,15,58,223,200,4 2090 call .L099key_128 2091.byte 102,15,58,223,200,8 2092 call .L099key_128 2093.byte 102,15,58,223,200,16 2094 call .L099key_128 2095.byte 102,15,58,223,200,32 2096 call .L099key_128 2097.byte 102,15,58,223,200,64 2098 call .L099key_128 2099.byte 102,15,58,223,200,128 2100 call .L099key_128 2101.byte 102,15,58,223,200,27 2102 call .L099key_128 2103.byte 102,15,58,223,200,54 2104 call .L099key_128 2105 movups %xmm0,(%edx) 2106 movl %ecx,80(%edx) 2107 jmp .L100good_key 2108.align 16 2109.L099key_128: 2110 movups %xmm0,(%edx) 2111 leal 16(%edx),%edx 2112.L098key_128_cold: 2113 shufps $16,%xmm0,%xmm4 2114 xorps %xmm4,%xmm0 2115 shufps $140,%xmm0,%xmm4 2116 xorps %xmm4,%xmm0 2117 shufps $255,%xmm1,%xmm1 2118 xorps %xmm1,%xmm0 2119 ret 2120.align 16 2121.L09710rounds_alt: 2122 movdqa (%ebx),%xmm5 2123 movl $8,%ecx 2124 movdqa 32(%ebx),%xmm4 2125 movdqa %xmm0,%xmm2 2126 movdqu %xmm0,-16(%edx) 2127.L101loop_key128: 2128.byte 102,15,56,0,197 2129.byte 102,15,56,221,196 2130 pslld $1,%xmm4 2131 leal 16(%edx),%edx 2132 movdqa %xmm2,%xmm3 2133 pslldq $4,%xmm2 2134 pxor %xmm2,%xmm3 2135 pslldq $4,%xmm2 2136 pxor %xmm2,%xmm3 2137 pslldq $4,%xmm2 2138 pxor %xmm3,%xmm2 2139 pxor %xmm2,%xmm0 2140 movdqu %xmm0,-16(%edx) 2141 movdqa %xmm0,%xmm2 2142 decl %ecx 2143 jnz .L101loop_key128 2144 movdqa 48(%ebx),%xmm4 2145.byte 102,15,56,0,197 2146.byte 102,15,56,221,196 2147 pslld $1,%xmm4 2148 movdqa %xmm2,%xmm3 2149 pslldq $4,%xmm2 2150 pxor %xmm2,%xmm3 2151 pslldq $4,%xmm2 2152 pxor %xmm2,%xmm3 2153 pslldq $4,%xmm2 2154 pxor %xmm3,%xmm2 2155 pxor %xmm2,%xmm0 2156 movdqu %xmm0,(%edx) 2157 movdqa %xmm0,%xmm2 2158.byte 102,15,56,0,197 2159.byte 102,15,56,221,196 2160 movdqa %xmm2,%xmm3 2161 pslldq $4,%xmm2 2162 pxor %xmm2,%xmm3 2163 pslldq $4,%xmm2 2164 pxor %xmm2,%xmm3 2165 pslldq $4,%xmm2 2166 pxor %xmm3,%xmm2 2167 pxor %xmm2,%xmm0 2168 movdqu %xmm0,16(%edx) 2169 movl $9,%ecx 2170 movl %ecx,96(%edx) 2171 jmp .L100good_key 2172.align 16 2173.L09412rounds: 2174 movq 16(%eax),%xmm2 2175 cmpl $268435456,%ebp 2176 je .L10212rounds_alt 2177 movl $11,%ecx 2178 movups %xmm0,-16(%edx) 2179.byte 102,15,58,223,202,1 2180 call .L103key_192a_cold 2181.byte 102,15,58,223,202,2 2182 call .L104key_192b 2183.byte 102,15,58,223,202,4 2184 call .L105key_192a 2185.byte 102,15,58,223,202,8 2186 call .L104key_192b 2187.byte 102,15,58,223,202,16 2188 call .L105key_192a 2189.byte 102,15,58,223,202,32 2190 call .L104key_192b 2191.byte 102,15,58,223,202,64 2192 call .L105key_192a 2193.byte 102,15,58,223,202,128 2194 call .L104key_192b 2195 movups %xmm0,(%edx) 2196 movl %ecx,48(%edx) 2197 jmp .L100good_key 2198.align 16 2199.L105key_192a: 2200 movups %xmm0,(%edx) 2201 leal 16(%edx),%edx 2202.align 16 2203.L103key_192a_cold: 2204 movaps %xmm2,%xmm5 2205.L106key_192b_warm: 2206 shufps $16,%xmm0,%xmm4 2207 movdqa %xmm2,%xmm3 2208 xorps %xmm4,%xmm0 2209 shufps $140,%xmm0,%xmm4 2210 pslldq $4,%xmm3 2211 xorps %xmm4,%xmm0 2212 pshufd $85,%xmm1,%xmm1 2213 pxor %xmm3,%xmm2 2214 pxor %xmm1,%xmm0 2215 pshufd $255,%xmm0,%xmm3 2216 pxor %xmm3,%xmm2 2217 ret 2218.align 16 2219.L104key_192b: 2220 movaps %xmm0,%xmm3 2221 shufps $68,%xmm0,%xmm5 2222 movups %xmm5,(%edx) 2223 shufps $78,%xmm2,%xmm3 2224 movups %xmm3,16(%edx) 2225 leal 32(%edx),%edx 2226 jmp .L106key_192b_warm 2227.align 16 2228.L10212rounds_alt: 2229 movdqa 16(%ebx),%xmm5 2230 movdqa 32(%ebx),%xmm4 2231 movl $8,%ecx 2232 movdqu %xmm0,-16(%edx) 2233.L107loop_key192: 2234 movq %xmm2,(%edx) 2235 movdqa %xmm2,%xmm1 2236.byte 102,15,56,0,213 2237.byte 102,15,56,221,212 2238 pslld $1,%xmm4 2239 leal 24(%edx),%edx 2240 movdqa %xmm0,%xmm3 2241 pslldq $4,%xmm0 2242 pxor %xmm0,%xmm3 2243 pslldq $4,%xmm0 2244 pxor %xmm0,%xmm3 2245 pslldq $4,%xmm0 2246 pxor %xmm3,%xmm0 2247 pshufd $255,%xmm0,%xmm3 2248 pxor %xmm1,%xmm3 2249 pslldq $4,%xmm1 2250 pxor %xmm1,%xmm3 2251 pxor %xmm2,%xmm0 2252 pxor %xmm3,%xmm2 2253 movdqu %xmm0,-16(%edx) 2254 decl %ecx 2255 jnz .L107loop_key192 2256 movl $11,%ecx 2257 movl %ecx,32(%edx) 2258 jmp .L100good_key 2259.align 16 2260.L09314rounds: 2261 movups 16(%eax),%xmm2 2262 leal 16(%edx),%edx 2263 cmpl $268435456,%ebp 2264 je .L10814rounds_alt 2265 movl $13,%ecx 2266 movups %xmm0,-32(%edx) 2267 movups %xmm2,-16(%edx) 2268.byte 102,15,58,223,202,1 2269 call .L109key_256a_cold 2270.byte 102,15,58,223,200,1 2271 call .L110key_256b 2272.byte 102,15,58,223,202,2 2273 call .L111key_256a 2274.byte 102,15,58,223,200,2 2275 call .L110key_256b 2276.byte 102,15,58,223,202,4 2277 call .L111key_256a 2278.byte 102,15,58,223,200,4 2279 call .L110key_256b 2280.byte 102,15,58,223,202,8 2281 call .L111key_256a 2282.byte 102,15,58,223,200,8 2283 call .L110key_256b 2284.byte 102,15,58,223,202,16 2285 call .L111key_256a 2286.byte 102,15,58,223,200,16 2287 call .L110key_256b 2288.byte 102,15,58,223,202,32 2289 call .L111key_256a 2290.byte 102,15,58,223,200,32 2291 call .L110key_256b 2292.byte 102,15,58,223,202,64 2293 call .L111key_256a 2294 movups %xmm0,(%edx) 2295 movl %ecx,16(%edx) 2296 xorl %eax,%eax 2297 jmp .L100good_key 2298.align 16 2299.L111key_256a: 2300 movups %xmm2,(%edx) 2301 leal 16(%edx),%edx 2302.L109key_256a_cold: 2303 shufps $16,%xmm0,%xmm4 2304 xorps %xmm4,%xmm0 2305 shufps $140,%xmm0,%xmm4 2306 xorps %xmm4,%xmm0 2307 shufps $255,%xmm1,%xmm1 2308 xorps %xmm1,%xmm0 2309 ret 2310.align 16 2311.L110key_256b: 2312 movups %xmm0,(%edx) 2313 leal 16(%edx),%edx 2314 shufps $16,%xmm2,%xmm4 2315 xorps %xmm4,%xmm2 2316 shufps $140,%xmm2,%xmm4 2317 xorps %xmm4,%xmm2 2318 shufps $170,%xmm1,%xmm1 2319 xorps %xmm1,%xmm2 2320 ret 2321.align 16 2322.L10814rounds_alt: 2323 movdqa (%ebx),%xmm5 2324 movdqa 32(%ebx),%xmm4 2325 movl $7,%ecx 2326 movdqu %xmm0,-32(%edx) 2327 movdqa %xmm2,%xmm1 2328 movdqu %xmm2,-16(%edx) 2329.L112loop_key256: 2330.byte 102,15,56,0,213 2331.byte 102,15,56,221,212 2332 movdqa %xmm0,%xmm3 2333 pslldq $4,%xmm0 2334 pxor %xmm0,%xmm3 2335 pslldq $4,%xmm0 2336 pxor %xmm0,%xmm3 2337 pslldq $4,%xmm0 2338 pxor %xmm3,%xmm0 2339 pslld $1,%xmm4 2340 pxor %xmm2,%xmm0 2341 movdqu %xmm0,(%edx) 2342 decl %ecx 2343 jz .L113done_key256 2344 pshufd $255,%xmm0,%xmm2 2345 pxor %xmm3,%xmm3 2346.byte 102,15,56,221,211 2347 movdqa %xmm1,%xmm3 2348 pslldq $4,%xmm1 2349 pxor %xmm1,%xmm3 2350 pslldq $4,%xmm1 2351 pxor %xmm1,%xmm3 2352 pslldq $4,%xmm1 2353 pxor %xmm3,%xmm1 2354 pxor %xmm1,%xmm2 2355 movdqu %xmm2,16(%edx) 2356 leal 32(%edx),%edx 2357 movdqa %xmm2,%xmm1 2358 jmp .L112loop_key256 2359.L113done_key256: 2360 movl $13,%ecx 2361 movl %ecx,16(%edx) 2362.L100good_key: 2363 pxor %xmm0,%xmm0 2364 pxor %xmm1,%xmm1 2365 pxor %xmm2,%xmm2 2366 pxor %xmm3,%xmm3 2367 pxor %xmm4,%xmm4 2368 pxor %xmm5,%xmm5 2369 xorl %eax,%eax 2370 popl %ebx 2371 popl %ebp 2372 ret 2373.align 4 2374.L091bad_pointer: 2375 movl $-1,%eax 2376 popl %ebx 2377 popl %ebp 2378 ret 2379.align 4 2380.L095bad_keybits: 2381 pxor %xmm0,%xmm0 2382 movl $-2,%eax 2383 popl %ebx 2384 popl %ebp 2385 ret 2386.size _aesni_set_encrypt_key,.-_aesni_set_encrypt_key 2387.globl aesni_set_encrypt_key 2388.type aesni_set_encrypt_key,@function 2389.align 16 2390aesni_set_encrypt_key: 2391.L_aesni_set_encrypt_key_begin: 2392 movl 4(%esp),%eax 2393 movl 8(%esp),%ecx 2394 movl 12(%esp),%edx 2395 call _aesni_set_encrypt_key 2396 ret 2397.size aesni_set_encrypt_key,.-.L_aesni_set_encrypt_key_begin 2398.globl aesni_set_decrypt_key 2399.type aesni_set_decrypt_key,@function 2400.align 16 2401aesni_set_decrypt_key: 2402.L_aesni_set_decrypt_key_begin: 2403 movl 4(%esp),%eax 2404 movl 8(%esp),%ecx 2405 movl 12(%esp),%edx 2406 call _aesni_set_encrypt_key 2407 movl 12(%esp),%edx 2408 shll $4,%ecx 2409 testl %eax,%eax 2410 jnz .L114dec_key_ret 2411 leal 16(%edx,%ecx,1),%eax 2412 movups (%edx),%xmm0 2413 movups (%eax),%xmm1 2414 movups %xmm0,(%eax) 2415 movups %xmm1,(%edx) 2416 leal 16(%edx),%edx 2417 leal -16(%eax),%eax 2418.L115dec_key_inverse: 2419 movups (%edx),%xmm0 2420 movups (%eax),%xmm1 2421.byte 102,15,56,219,192 2422.byte 102,15,56,219,201 2423 leal 16(%edx),%edx 2424 leal -16(%eax),%eax 2425 movups %xmm0,16(%eax) 2426 movups %xmm1,-16(%edx) 2427 cmpl %edx,%eax 2428 ja .L115dec_key_inverse 2429 movups (%edx),%xmm0 2430.byte 102,15,56,219,192 2431 movups %xmm0,(%edx) 2432 pxor %xmm0,%xmm0 2433 pxor %xmm1,%xmm1 2434 xorl %eax,%eax 2435.L114dec_key_ret: 2436 ret 2437.size aesni_set_decrypt_key,.-.L_aesni_set_decrypt_key_begin 2438.align 64 2439.Lkey_const: 2440.long 202313229,202313229,202313229,202313229 2441.long 67569157,67569157,67569157,67569157 2442.long 1,1,1,1 2443.long 27,27,27,27 2444.byte 65,69,83,32,102,111,114,32,73,110,116,101,108,32,65,69 2445.byte 83,45,78,73,44,32,67,82,89,80,84,79,71,65,77,83 2446.byte 32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115 2447.byte 115,108,46,111,114,103,62,0 2448.comm OPENSSL_ia32cap_P,16,4 2449