Import OpenSSL 1.1.0h
This commit is contained in:
Steve Dower
@@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@@ -200,10 +200,10 @@ AES_encrypt:
|
||||
#ifndef __thumb2__
|
||||
sub r3,pc,#8 @ AES_encrypt
|
||||
#else
|
||||
adr r3,AES_encrypt
|
||||
adr r3,.
|
||||
#endif
|
||||
stmdb sp!,{r1,r4-r12,lr}
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $tbl,AES_Te
|
||||
#else
|
||||
sub $tbl,r3,#AES_encrypt-AES_Te @ Te
|
||||
@@ -450,7 +450,7 @@ _armv4_AES_set_encrypt_key:
|
||||
#ifndef __thumb2__
|
||||
sub r3,pc,#8 @ AES_set_encrypt_key
|
||||
#else
|
||||
adr r3,AES_set_encrypt_key
|
||||
adr r3,.
|
||||
#endif
|
||||
teq r0,#0
|
||||
#ifdef __thumb2__
|
||||
@@ -481,7 +481,7 @@ _armv4_AES_set_encrypt_key:
|
||||
mov lr,r1 @ bits
|
||||
mov $key,r2 @ key
|
||||
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $tbl,AES_Te+1024 @ Te4
|
||||
#else
|
||||
sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
|
||||
@@ -976,10 +976,10 @@ AES_decrypt:
|
||||
#ifndef __thumb2__
|
||||
sub r3,pc,#8 @ AES_decrypt
|
||||
#else
|
||||
adr r3,AES_decrypt
|
||||
adr r3,.
|
||||
#endif
|
||||
stmdb sp!,{r1,r4-r12,lr}
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $tbl,AES_Td
|
||||
#else
|
||||
sub $tbl,r3,#AES_decrypt-AES_Td @ Td
|
||||
|
||||
@@ -813,7 +813,7 @@ _s390x_AES_set_encrypt_key:
|
||||
.Lproceed:
|
||||
___
|
||||
$code.=<<___ if (!$softonly);
|
||||
# convert bits to km code, [128,192,256]->[18,19,20]
|
||||
# convert bits to km(c) code, [128,192,256]->[18,19,20]
|
||||
lhi %r5,-128
|
||||
lhi %r0,18
|
||||
ar %r5,$bits
|
||||
@@ -821,13 +821,10 @@ $code.=<<___ if (!$softonly);
|
||||
ar %r5,%r0
|
||||
|
||||
larl %r1,OPENSSL_s390xcap_P
|
||||
lg %r0,0(%r1)
|
||||
tmhl %r0,0x4000 # check for message-security assist
|
||||
jz .Lekey_internal
|
||||
|
||||
llihh %r0,0x8000
|
||||
srlg %r0,%r0,0(%r5)
|
||||
ng %r0,48(%r1) # check kmc capability vector
|
||||
ng %r0,32(%r1) # check availability of both km...
|
||||
ng %r0,48(%r1) # ...and kmc support for given key length
|
||||
jz .Lekey_internal
|
||||
|
||||
lmg %r0,%r1,0($inp) # just copy 128 bits...
|
||||
@@ -842,7 +839,7 @@ $code.=<<___ if (!$softonly);
|
||||
stg %r1,24($key)
|
||||
1: st $bits,236($key) # save bits [for debugging purposes]
|
||||
lgr $t0,%r5
|
||||
st %r5,240($key) # save km code
|
||||
st %r5,240($key) # save km(c) code
|
||||
lghi %r2,0
|
||||
br %r14
|
||||
___
|
||||
@@ -1439,12 +1436,7 @@ $code.=<<___ if (!$softonly);
|
||||
|
||||
.Lctr32_hw_switch:
|
||||
___
|
||||
$code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
|
||||
larl $s0,OPENSSL_s390xcap_P
|
||||
lg $s0,8($s0)
|
||||
tmhh $s0,0x0004 # check for message_security-assist-4
|
||||
jz .Lctr32_km_loop
|
||||
|
||||
$code.=<<___ if (!$softonly && 0);# kmctr code was measured to be ~12% slower
|
||||
llgfr $s0,%r0
|
||||
lgr $s1,%r1
|
||||
larl %r1,OPENSSL_s390xcap_P
|
||||
@@ -1488,7 +1480,7 @@ $code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
|
||||
br $ra
|
||||
.align 16
|
||||
___
|
||||
$code.=<<___;
|
||||
$code.=<<___ if (!$softonly);
|
||||
.Lctr32_km_loop:
|
||||
la $s2,16($sp)
|
||||
lgr $s3,$fp
|
||||
@@ -2227,7 +2219,6 @@ ___
|
||||
}
|
||||
$code.=<<___;
|
||||
.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
|
||||
.comm OPENSSL_s390xcap_P,80,8
|
||||
___
|
||||
|
||||
$code =~ s/\`([^\`]*)\`/eval $1/gem;
|
||||
|
||||
@@ -34,6 +34,8 @@
|
||||
# Haswell 4.43[+3.6(4.2)] 8.00(8.58) 4.55(5.21) +75%(+65%)
|
||||
# Skylake 2.63[+3.5(4.1)] 6.17(6.69) 4.23(4.44) +46%(+51%)
|
||||
# Bulldozer 5.77[+6.0] 11.72 6.37 +84%
|
||||
# Ryzen(**) 2.71[+1.93] 4.64 2.74 +69%
|
||||
# Goldmont(**) 3.82[+1.70] 5.52 4.20 +31%
|
||||
#
|
||||
# AES-192-CBC
|
||||
# Westmere 4.51 9.81 6.80 +44%
|
||||
@@ -47,13 +49,16 @@
|
||||
# Sandy Bridge 7.05 12.06(13.15) 7.12(7.72) +69%(+70%)
|
||||
# Ivy Bridge 7.05 11.65 7.12 +64%
|
||||
# Haswell 6.19 9.76(10.34) 6.21(6.25) +57%(+65%)
|
||||
# Skylake 3.62 7.16(7.68) 4.56(4.76) +57%(+61$)
|
||||
# Skylake 3.62 7.16(7.68) 4.56(4.76) +57%(+61%)
|
||||
# Bulldozer 8.00 13.95 8.25 +69%
|
||||
# Ryzen(**) 3.71 5.64 3.72 +52%
|
||||
# Goldmont(**) 5.35 7.05 5.76 +22%
|
||||
#
|
||||
# (*) There are two code paths: SSSE3 and AVX. See sha1-568.pl for
|
||||
# background information. Above numbers in parentheses are SSSE3
|
||||
# results collected on AVX-capable CPU, i.e. apply on OSes that
|
||||
# don't support AVX.
|
||||
# (**) SHAEXT results.
|
||||
#
|
||||
# Needless to mention that it makes no sense to implement "stitched"
|
||||
# *decrypt* subroutine. Because *both* AESNI-CBC decrypt and SHA1
|
||||
|
||||
@@ -28,18 +28,21 @@
|
||||
# for standalone AESNI-CBC encrypt, standalone SHA256, and stitched
|
||||
# subroutine:
|
||||
#
|
||||
# AES-128/-192/-256+SHA256 this(**)gain
|
||||
# Sandy Bridge 5.05/6.05/7.05+11.6 13.0 +28%/36%/43%
|
||||
# Ivy Bridge 5.05/6.05/7.05+10.3 11.6 +32%/41%/50%
|
||||
# Haswell 4.43/5.29/6.19+7.80 8.79 +39%/49%/59%
|
||||
# Skylake 2.62/3.14/3.62+7.70 8.10 +27%/34%/40%
|
||||
# Bulldozer 5.77/6.89/8.00+13.7 13.7 +42%/50%/58%
|
||||
# AES-128/-192/-256+SHA256 this(**) gain
|
||||
# Sandy Bridge 5.05/6.05/7.05+11.6 13.0 +28%/36%/43%
|
||||
# Ivy Bridge 5.05/6.05/7.05+10.3 11.6 +32%/41%/50%
|
||||
# Haswell 4.43/5.29/6.19+7.80 8.79 +39%/49%/59%
|
||||
# Skylake 2.62/3.14/3.62+7.70 8.10 +27%/34%/40%
|
||||
# Bulldozer 5.77/6.89/8.00+13.7 13.7 +42%/50%/58%
|
||||
# Ryzen(***) 2.71/-/3.71+2.05 2.74/-/3.73 +74%/-/54%
|
||||
# Goldmont(***) 3.82/-/5.35+4.16 4.73/-/5.94 +69%/-/60%
|
||||
#
|
||||
# (*) there are XOP, AVX1 and AVX2 code paths, meaning that
|
||||
# Westmere is omitted from loop, this is because gain was not
|
||||
# estimated high enough to justify the effort;
|
||||
# (**) these are EVP-free results, results obtained with 'speed
|
||||
# -evp aes-256-cbc-hmac-sha256' will vary by percent or two;
|
||||
# (***) these are SHAEXT results;
|
||||
|
||||
$flavour = shift;
|
||||
$output = shift;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#! /usr/bin/env perl
|
||||
# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the OpenSSL license (the "License"). You may not use
|
||||
# this file except in compliance with the License. You can obtain a copy
|
||||
@@ -744,9 +744,9 @@ $code.=<<___;
|
||||
.type _bsaes_decrypt8,%function
|
||||
.align 4
|
||||
_bsaes_decrypt8:
|
||||
adr $const,_bsaes_decrypt8
|
||||
adr $const,.
|
||||
vldmia $key!, {@XMM[9]} @ round 0 key
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $const,.LM0ISR
|
||||
#else
|
||||
add $const,$const,#.LM0ISR-_bsaes_decrypt8
|
||||
@@ -843,9 +843,9 @@ _bsaes_const:
|
||||
.type _bsaes_encrypt8,%function
|
||||
.align 4
|
||||
_bsaes_encrypt8:
|
||||
adr $const,_bsaes_encrypt8
|
||||
adr $const,.
|
||||
vldmia $key!, {@XMM[9]} @ round 0 key
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $const,.LM0SR
|
||||
#else
|
||||
sub $const,$const,#_bsaes_encrypt8-.LM0SR
|
||||
@@ -951,9 +951,9 @@ $code.=<<___;
|
||||
.type _bsaes_key_convert,%function
|
||||
.align 4
|
||||
_bsaes_key_convert:
|
||||
adr $const,_bsaes_key_convert
|
||||
adr $const,.
|
||||
vld1.8 {@XMM[7]}, [$inp]! @ load round 0 key
|
||||
#ifdef __APPLE__
|
||||
#if defined(__thumb2__) || defined(__APPLE__)
|
||||
adr $const,.LM0
|
||||
#else
|
||||
sub $const,$const,#_bsaes_key_convert-.LM0
|
||||
|
||||
Reference in New Issue
Block a user