summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/whrlpool
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2014-04-13 15:49:51 +0000
committercvs2svn <admin@example.com>2014-04-13 15:49:51 +0000
commit9ef0d5fb5b0acfd35d73a5557198f46525ab1667 (patch)
tree61e7e25839f716a30db270f15cddf0be6903781f /src/lib/libcrypto/whrlpool
parentff237038a541d51619efa5b36fb251c8dc1e9637 (diff)
downloadopenbsd-butholakala.tar.gz
openbsd-butholakala.tar.bz2
openbsd-butholakala.zip
This commit was manufactured by cvs2git to create tag 'butholakala'.butholakala
Diffstat (limited to 'src/lib/libcrypto/whrlpool')
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-mmx.pl493
-rw-r--r--src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl590
-rw-r--r--src/lib/libcrypto/whrlpool/whrlpool.h41
-rw-r--r--src/lib/libcrypto/whrlpool/wp_block.c655
-rw-r--r--src/lib/libcrypto/whrlpool/wp_dgst.c265
-rw-r--r--src/lib/libcrypto/whrlpool/wp_locl.h3
6 files changed, 0 insertions, 2047 deletions
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl b/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
deleted file mode 100644
index cb2381c22b..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-mmx.pl
+++ /dev/null
@@ -1,493 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block_mmx implementation.
10#
11*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
12# in 16KB large table, which is tough on L1 cache, but eliminates
13# unaligned references to it. Value of 2 results in 4KB table, but
14# 7/8 of references to it are unaligned. AMD cores seem to be
15# allergic to the latter, while Intel ones - to former [see the
16# table]. I stick to value of 2 for two reasons: 1. smaller table
17# minimizes cache trashing and thus mitigates the hazard of side-
18# channel leakage similar to AES cache-timing one; 2. performance
19# gap among different µ-archs is smaller.
20#
21# Performance table lists rounded amounts of CPU cycles spent by
22# whirlpool_block_mmx routine on single 64 byte input block, i.e.
23# smaller is better and asymptotic throughput can be estimated by
24# multiplying 64 by CPU clock frequency and dividing by relevant
25# value from the given table:
26#
27# $SCALE=2/8 icc8 gcc3
28# Intel P4 3200/4600 4600(*) 6400
29# Intel PIII 2900/3000 4900 5400
30# AMD K[78] 2500/1800 9900 8200(**)
31#
32# (*) I've sketched even non-MMX assembler, but for the record
33# I've failed to beat the Intel compiler on P4, without using
34# MMX that is...
35# (**) ... on AMD on the other hand non-MMX assembler was observed
36# to perform significantly better, but I figured this MMX
37# implementation is even faster anyway, so why bother? As for
38# pre-MMX AMD core[s], the improvement coefficient is more
39# than likely to vary anyway and I don't know how. But the
40# least I know is that gcc-generated code compiled with
41# -DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
42# details] and optimized for Pentium was observed to perform
43# *better* on Pentium 100 than unrolled non-MMX assembler
44# loop... So we just say that I don't know if maintaining
45# non-MMX implementation would actually pay off, but till
46# opposite is proved "unlikely" is assumed.
47
48$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
49push(@INC,"${dir}","${dir}../../perlasm");
50require "x86asm.pl";
51
52&asm_init($ARGV[0],"wp-mmx.pl");
53
54sub L() { &data_byte(@_); }
55sub LL()
56{ if ($SCALE==2) { &data_byte(@_); &data_byte(@_); }
57 elsif ($SCALE==8) { for ($i=0;$i<8;$i++) {
58 &data_byte(@_);
59 unshift(@_,pop(@_));
60 }
61 }
62 else { die "unvalid SCALE value"; }
63}
64
65sub scale()
66{ if ($SCALE==2) { &lea(@_[0],&DWP(0,@_[1],@_[1])); }
67 elsif ($SCALE==8) { &lea(@_[0],&DWP(0,"",@_[1],8)); }
68 else { die "unvalid SCALE value"; }
69}
70
71sub row()
72{ if ($SCALE==2) { ((8-shift)&7); }
73 elsif ($SCALE==8) { (8*shift); }
74 else { die "unvalid SCALE value"; }
75}
76
77$tbl="ebp";
78@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
79
80&function_begin_B("whirlpool_block_mmx");
81 &push ("ebp");
82 &push ("ebx");
83 &push ("esi");
84 &push ("edi");
85
86 &mov ("esi",&wparam(0)); # hash value
87 &mov ("edi",&wparam(1)); # input data stream
88 &mov ("ebp",&wparam(2)); # number of chunks in input
89
90 &mov ("eax","esp"); # copy stack pointer
91 &sub ("esp",128+20); # allocate frame
92 &and ("esp",-64); # align for cache-line
93
94 &lea ("ebx",&DWP(128,"esp"));
95 &mov (&DWP(0,"ebx"),"esi"); # save parameter block
96 &mov (&DWP(4,"ebx"),"edi");
97 &mov (&DWP(8,"ebx"),"ebp");
98 &mov (&DWP(16,"ebx"),"eax"); # saved stack pointer
99
100 &call (&label("pic_point"));
101&set_label("pic_point");
102 &blindpop($tbl);
103 &lea ($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
104
105 &xor ("ecx","ecx");
106 &xor ("edx","edx");
107
108 for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); } # L=H
109&set_label("outerloop");
110 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
111 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
112 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
113
114 &xor ("esi","esi");
115 &mov (&DWP(12,"ebx"),"esi"); # zero round counter
116
117&set_label("round",16);
118 &movq (@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8)); # rc[r]
119 &mov ("eax",&DWP(0,"esp"));
120 &mov ("ebx",&DWP(4,"esp"));
121for($i=0;$i<8;$i++) {
122 my $func = ($i==0)? \&movq : \&pxor;
123 &movb (&LB("ecx"),&LB("eax"));
124 &movb (&LB("edx"),&HB("eax"));
125 &scale ("esi","ecx");
126 &scale ("edi","edx");
127 &shr ("eax",16);
128 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
129 &$func (@mm[1],&QWP(&row(1),$tbl,"edi",8));
130 &movb (&LB("ecx"),&LB("eax"));
131 &movb (&LB("edx"),&HB("eax"));
132 &mov ("eax",&DWP(($i+1)*8,"esp"));
133 &scale ("esi","ecx");
134 &scale ("edi","edx");
135 &$func (@mm[2],&QWP(&row(2),$tbl,"esi",8));
136 &$func (@mm[3],&QWP(&row(3),$tbl,"edi",8));
137 &movb (&LB("ecx"),&LB("ebx"));
138 &movb (&LB("edx"),&HB("ebx"));
139 &scale ("esi","ecx");
140 &scale ("edi","edx");
141 &shr ("ebx",16);
142 &$func (@mm[4],&QWP(&row(4),$tbl,"esi",8));
143 &$func (@mm[5],&QWP(&row(5),$tbl,"edi",8));
144 &movb (&LB("ecx"),&LB("ebx"));
145 &movb (&LB("edx"),&HB("ebx"));
146 &mov ("ebx",&DWP(($i+1)*8+4,"esp"));
147 &scale ("esi","ecx");
148 &scale ("edi","edx");
149 &$func (@mm[6],&QWP(&row(6),$tbl,"esi",8));
150 &$func (@mm[7],&QWP(&row(7),$tbl,"edi",8));
151 push(@mm,shift(@mm));
152}
153
154 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); } # K=L
155
156for($i=0;$i<8;$i++) {
157 &movb (&LB("ecx"),&LB("eax"));
158 &movb (&LB("edx"),&HB("eax"));
159 &scale ("esi","ecx");
160 &scale ("edi","edx");
161 &shr ("eax",16);
162 &pxor (@mm[0],&QWP(&row(0),$tbl,"esi",8));
163 &pxor (@mm[1],&QWP(&row(1),$tbl,"edi",8));
164 &movb (&LB("ecx"),&LB("eax"));
165 &movb (&LB("edx"),&HB("eax"));
166 &mov ("eax",&DWP(64+($i+1)*8,"esp")) if ($i<7);
167 &scale ("esi","ecx");
168 &scale ("edi","edx");
169 &pxor (@mm[2],&QWP(&row(2),$tbl,"esi",8));
170 &pxor (@mm[3],&QWP(&row(3),$tbl,"edi",8));
171 &movb (&LB("ecx"),&LB("ebx"));
172 &movb (&LB("edx"),&HB("ebx"));
173 &scale ("esi","ecx");
174 &scale ("edi","edx");
175 &shr ("ebx",16);
176 &pxor (@mm[4],&QWP(&row(4),$tbl,"esi",8));
177 &pxor (@mm[5],&QWP(&row(5),$tbl,"edi",8));
178 &movb (&LB("ecx"),&LB("ebx"));
179 &movb (&LB("edx"),&HB("ebx"));
180 &mov ("ebx",&DWP(64+($i+1)*8+4,"esp")) if ($i<7);
181 &scale ("esi","ecx");
182 &scale ("edi","edx");
183 &pxor (@mm[6],&QWP(&row(6),$tbl,"esi",8));
184 &pxor (@mm[7],&QWP(&row(7),$tbl,"edi",8));
185 push(@mm,shift(@mm));
186}
187 &lea ("ebx",&DWP(128,"esp"));
188 &mov ("esi",&DWP(12,"ebx")); # pull round counter
189 &add ("esi",1);
190 &cmp ("esi",10);
191 &je (&label("roundsdone"));
192
193 &mov (&DWP(12,"ebx"),"esi"); # update round counter
194 for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
195 &jmp (&label("round"));
196
197&set_label("roundsdone",16);
198 &mov ("esi",&DWP(0,"ebx")); # reload argument block
199 &mov ("edi",&DWP(4,"ebx"));
200 &mov ("eax",&DWP(8,"ebx"));
201
202 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); } # L^=inp
203 for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); } # L^=H
204 for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); } # H=L
205
206 &lea ("edi",&DWP(64,"edi")); # inp+=64
207 &sub ("eax",1); # num--
208 &jz (&label("alldone"));
209 &mov (&DWP(4,"ebx"),"edi"); # update argument block
210 &mov (&DWP(8,"ebx"),"eax");
211 &jmp (&label("outerloop"));
212
213&set_label("alldone");
214 &emms ();
215 &mov ("esp",&DWP(16,"ebx")); # restore saved stack pointer
216 &pop ("edi");
217 &pop ("esi");
218 &pop ("ebx");
219 &pop ("ebp");
220 &ret ();
221
222&align(64);
223&set_label("table");
224 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
225 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
226 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
227 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
228 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
229 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
230 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
231 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
232 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
233 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
234 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
235 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
236 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
237 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
238 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
239 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
240 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
241 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
242 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
243 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
244 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
245 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
246 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
247 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
248 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
249 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
250 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
251 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
252 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
253 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
254 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
255 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
256 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
257 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
258 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
259 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
260 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
261 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
262 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
263 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
264 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
265 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
266 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
267 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
268 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
269 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
270 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
271 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
272 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
273 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
274 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
275 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
276 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
277 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
278 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
279 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
280 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
281 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
282 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
283 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
284 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
285 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
286 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
287 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
288 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
289 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
290 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
291 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
292 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
293 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
294 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
295 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
296 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
297 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
298 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
299 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
300 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
301 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
302 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
303 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
304 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
305 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
306 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
307 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
308 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
309 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
310 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
311 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
312 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
313 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
314 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
315 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
316 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
317 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
318 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
319 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
320 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
321 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
322 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
323 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
324 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
325 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
326 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
327 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
328 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
329 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
330 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
331 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
332 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
333 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
334 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
335 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
336 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
337 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
338 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
339 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
340 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
341 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
342 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
343 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
344 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
345 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
346 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
347 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
348 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
349 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
350 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
351 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
352 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
353 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
354 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
355 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
356 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
357 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
358 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
359 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
360 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
361 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
362 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
363 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
364 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
365 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
366 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
367 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
368 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
369 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
370 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
371 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
372 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
373 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
374 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
375 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
376 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
377 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
378 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
379 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
380 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
381 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
382 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
383 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
384 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
385 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
386 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
387 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
388 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
389 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
390 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
391 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
392 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
393 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
394 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
395 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
396 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
397 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
398 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
399 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
400 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
401 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
402 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
403 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
404 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
405 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
406 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
407 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
408 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
409 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
410 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
411 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
412 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
413 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
414 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
415 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
416 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
417 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
418 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
419 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
420 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
421 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
422 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
423 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
424 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
425 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
426 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
427 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
428 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
429 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
430 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
431 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
432 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
433 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
434 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
435 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
436 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
437 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
438 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
439 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
440 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
441 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
442 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
443 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
444 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
445 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
446 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
447 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
448 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
449 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
450 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
451 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
452 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
453 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
454 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
455 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
456 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
457 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
458 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
459 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
460 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
461 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
462 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
463 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
464 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
465 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
466 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
467 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
468 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
469 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
470 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
471 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
472 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
473 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
474 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
475 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
476 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
477 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
478 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
479 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
480
481 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
482 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
483 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
484 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
485 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
486 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
487 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
488 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
489 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
490 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
491
492&function_end_B("whirlpool_block_mmx");
493&asm_finish();
diff --git a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl b/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
deleted file mode 100644
index 24b2ff60c3..0000000000
--- a/src/lib/libcrypto/whrlpool/asm/wp-x86_64.pl
+++ /dev/null
@@ -1,590 +0,0 @@
1#!/usr/bin/env perl
2#
3# ====================================================================
4# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
5# project. Rights for redistribution and usage in source and binary
6# forms are granted according to the OpenSSL license.
7# ====================================================================
8#
9# whirlpool_block for x86_64.
10#
11# 2500 cycles per 64-byte input block on AMD64, which is *identical*
12# to 32-bit MMX version executed on same CPU. So why did I bother?
13# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
14# over 80% faster than PathScale 1.4, an "ambitious" commercial
15# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
16# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
17# first example when they fail to generate more optimal code, when
18# I believe they had *all* chances to...
19#
20# Note that register and stack frame layout are virtually identical
21# to 32-bit MMX version, except that %r8-15 are used instead of
22# %mm0-8. You can even notice that K[i] and S[i] are loaded to
23# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
24# This is done in order to avoid 64-bit shift penalties on Intel
25# EM64T core. Speaking of which! I bet it's possible to improve
26# Opteron performance by compressing the table to 2KB and replacing
27# unaligned references with complementary rotations [which would
28# incidentally replace lea instructions], but it would definitely
29# just "kill" EM64T, because it has only 1 shifter/rotator [against
30# 3 on Opteron] and which is *unacceptably* slow with 64-bit
31# operand.
32
33$flavour = shift;
34$output = shift;
35if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
36
37$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
38
39$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
40( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
41( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
42die "can't locate x86_64-xlate.pl";
43
44open OUT,"| \"$^X\" $xlate $flavour $output";
45*STDOUT=*OUT;
46
47sub L() { $code.=".byte ".join(',',@_)."\n"; }
48sub LL(){ $code.=".byte ".join(',',@_).",".join(',',@_)."\n"; }
49
50@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
51
52$func="whirlpool_block";
53$table=".Ltable";
54
55$code=<<___;
56.text
57
58.globl $func
59.type $func,\@function,3
60.align 16
61$func:
62 push %rbx
63 push %rbp
64 push %r12
65 push %r13
66 push %r14
67 push %r15
68
69 mov %rsp,%r11
70 sub \$128+40,%rsp
71 and \$-64,%rsp
72
73 lea 128(%rsp),%r10
74 mov %rdi,0(%r10) # save parameter block
75 mov %rsi,8(%r10)
76 mov %rdx,16(%r10)
77 mov %r11,32(%r10) # saved stack pointer
78.Lprologue:
79
80 mov %r10,%rbx
81 lea $table(%rip),%rbp
82
83 xor %rcx,%rcx
84 xor %rdx,%rdx
85___
86for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; } # L=H
87$code.=".Louterloop:\n";
88for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
89for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
90for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
91$code.=<<___;
92 xor %rsi,%rsi
93 mov %rsi,24(%rbx) # zero round counter
94.align 16
95.Lround:
96 mov 4096(%rbp,%rsi,8),@mm[0] # rc[r]
97 mov 0(%rsp),%eax
98 mov 4(%rsp),%ebx
99___
100for($i=0;$i<8;$i++) {
101 my $func = ($i==0)? "mov" : "xor";
102 $code.=<<___;
103 mov %al,%cl
104 mov %ah,%dl
105 lea (%rcx,%rcx),%rsi
106 lea (%rdx,%rdx),%rdi
107 shr \$16,%eax
108 xor 0(%rbp,%rsi,8),@mm[0]
109 $func 7(%rbp,%rdi,8),@mm[1]
110 mov %al,%cl
111 mov %ah,%dl
112 mov $i*8+8(%rsp),%eax # ($i+1)*8
113 lea (%rcx,%rcx),%rsi
114 lea (%rdx,%rdx),%rdi
115 $func 6(%rbp,%rsi,8),@mm[2]
116 $func 5(%rbp,%rdi,8),@mm[3]
117 mov %bl,%cl
118 mov %bh,%dl
119 lea (%rcx,%rcx),%rsi
120 lea (%rdx,%rdx),%rdi
121 shr \$16,%ebx
122 $func 4(%rbp,%rsi,8),@mm[4]
123 $func 3(%rbp,%rdi,8),@mm[5]
124 mov %bl,%cl
125 mov %bh,%dl
126 mov $i*8+8+4(%rsp),%ebx # ($i+1)*8+4
127 lea (%rcx,%rcx),%rsi
128 lea (%rdx,%rdx),%rdi
129 $func 2(%rbp,%rsi,8),@mm[6]
130 $func 1(%rbp,%rdi,8),@mm[7]
131___
132 push(@mm,shift(@mm));
133}
134for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; } # K=L
135for($i=0;$i<8;$i++) {
136 $code.=<<___;
137 mov %al,%cl
138 mov %ah,%dl
139 lea (%rcx,%rcx),%rsi
140 lea (%rdx,%rdx),%rdi
141 shr \$16,%eax
142 xor 0(%rbp,%rsi,8),@mm[0]
143 xor 7(%rbp,%rdi,8),@mm[1]
144 mov %al,%cl
145 mov %ah,%dl
146 `"mov 64+$i*8+8(%rsp),%eax" if($i<7);` # 64+($i+1)*8
147 lea (%rcx,%rcx),%rsi
148 lea (%rdx,%rdx),%rdi
149 xor 6(%rbp,%rsi,8),@mm[2]
150 xor 5(%rbp,%rdi,8),@mm[3]
151 mov %bl,%cl
152 mov %bh,%dl
153 lea (%rcx,%rcx),%rsi
154 lea (%rdx,%rdx),%rdi
155 shr \$16,%ebx
156 xor 4(%rbp,%rsi,8),@mm[4]
157 xor 3(%rbp,%rdi,8),@mm[5]
158 mov %bl,%cl
159 mov %bh,%dl
160 `"mov 64+$i*8+8+4(%rsp),%ebx" if($i<7);` # 64+($i+1)*8+4
161 lea (%rcx,%rcx),%rsi
162 lea (%rdx,%rdx),%rdi
163 xor 2(%rbp,%rsi,8),@mm[6]
164 xor 1(%rbp,%rdi,8),@mm[7]
165___
166 push(@mm,shift(@mm));
167}
168$code.=<<___;
169 lea 128(%rsp),%rbx
170 mov 24(%rbx),%rsi # pull round counter
171 add \$1,%rsi
172 cmp \$10,%rsi
173 je .Lroundsdone
174
175 mov %rsi,24(%rbx) # update round counter
176___
177for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; } # S=L
178$code.=<<___;
179 jmp .Lround
180.align 16
181.Lroundsdone:
182 mov 0(%rbx),%rdi # reload argument block
183 mov 8(%rbx),%rsi
184 mov 16(%rbx),%rax
185___
186for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; } # L^=inp
187for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; } # L^=H
188for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; } # H=L
189$code.=<<___;
190 lea 64(%rsi),%rsi # inp+=64
191 sub \$1,%rax # num--
192 jz .Lalldone
193 mov %rsi,8(%rbx) # update parameter block
194 mov %rax,16(%rbx)
195 jmp .Louterloop
196.Lalldone:
197 mov 32(%rbx),%rsi # restore saved pointer
198 mov (%rsi),%r15
199 mov 8(%rsi),%r14
200 mov 16(%rsi),%r13
201 mov 24(%rsi),%r12
202 mov 32(%rsi),%rbp
203 mov 40(%rsi),%rbx
204 lea 48(%rsi),%rsp
205.Lepilogue:
206 ret
207.size $func,.-$func
208
209.align 64
210.type $table,\@object
211$table:
212___
213 &LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
214 &LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
215 &LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
216 &LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
217 &LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
218 &LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
219 &LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
220 &LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
221 &LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
222 &LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
223 &LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
224 &LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
225 &LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
226 &LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
227 &LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
228 &LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
229 &LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
230 &LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
231 &LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
232 &LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
233 &LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
234 &LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
235 &LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
236 &LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
237 &LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
238 &LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
239 &LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
240 &LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
241 &LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
242 &LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
243 &LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
244 &LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
245 &LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
246 &LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
247 &LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
248 &LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
249 &LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
250 &LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
251 &LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
252 &LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
253 &LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
254 &LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
255 &LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
256 &LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
257 &LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
258 &LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
259 &LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
260 &LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
261 &LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
262 &LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
263 &LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
264 &LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
265 &LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
266 &LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
267 &LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
268 &LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
269 &LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
270 &LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
271 &LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
272 &LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
273 &LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
274 &LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
275 &LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
276 &LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
277 &LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
278 &LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
279 &LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
280 &LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
281 &LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
282 &LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
283 &LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
284 &LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
285 &LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
286 &LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
287 &LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
288 &LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
289 &LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
290 &LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
291 &LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
292 &LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
293 &LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
294 &LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
295 &LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
296 &LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
297 &LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
298 &LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
299 &LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
300 &LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
301 &LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
302 &LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
303 &LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
304 &LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
305 &LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
306 &LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
307 &LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
308 &LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
309 &LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
310 &LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
311 &LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
312 &LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
313 &LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
314 &LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
315 &LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
316 &LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
317 &LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
318 &LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
319 &LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
320 &LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
321 &LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
322 &LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
323 &LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
324 &LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
325 &LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
326 &LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
327 &LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
328 &LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
329 &LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
330 &LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
331 &LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
332 &LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
333 &LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
334 &LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
335 &LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
336 &LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
337 &LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
338 &LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
339 &LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
340 &LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
341 &LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
342 &LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
343 &LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
344 &LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
345 &LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
346 &LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
347 &LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
348 &LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
349 &LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
350 &LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
351 &LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
352 &LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
353 &LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
354 &LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
355 &LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
356 &LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
357 &LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
358 &LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
359 &LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
360 &LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
361 &LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
362 &LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
363 &LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
364 &LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
365 &LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
366 &LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
367 &LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
368 &LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
369 &LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
370 &LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
371 &LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
372 &LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
373 &LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
374 &LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
375 &LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
376 &LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
377 &LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
378 &LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
379 &LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
380 &LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
381 &LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
382 &LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
383 &LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
384 &LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
385 &LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
386 &LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
387 &LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
388 &LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
389 &LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
390 &LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
391 &LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
392 &LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
393 &LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
394 &LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
395 &LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
396 &LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
397 &LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
398 &LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
399 &LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
400 &LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
401 &LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
402 &LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
403 &LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
404 &LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
405 &LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
406 &LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
407 &LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
408 &LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
409 &LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
410 &LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
411 &LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
412 &LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
413 &LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
414 &LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
415 &LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
416 &LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
417 &LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
418 &LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
419 &LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
420 &LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
421 &LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
422 &LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
423 &LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
424 &LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
425 &LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
426 &LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
427 &LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
428 &LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
429 &LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
430 &LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
431 &LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
432 &LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
433 &LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
434 &LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
435 &LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
436 &LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
437 &LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
438 &LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
439 &LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
440 &LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
441 &LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
442 &LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
443 &LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
444 &LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
445 &LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
446 &LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
447 &LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
448 &LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
449 &LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
450 &LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
451 &LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
452 &LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
453 &LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
454 &LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
455 &LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
456 &LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
457 &LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
458 &LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
459 &LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
460 &LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
461 &LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
462 &LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
463 &LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
464 &LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
465 &LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
466 &LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
467 &LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
468 &LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
469
470 &L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f); # rc[ROUNDS]
471 &L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
472 &L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
473 &L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
474 &L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
475 &L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
476 &L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
477 &L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
478 &L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
479 &L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
480
481# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
482# CONTEXT *context,DISPATCHER_CONTEXT *disp)
483if ($win64) {
484$rec="%rcx";
485$frame="%rdx";
486$context="%r8";
487$disp="%r9";
488
489$code.=<<___;
490.extern __imp_RtlVirtualUnwind
491.type se_handler,\@abi-omnipotent
492.align 16
493se_handler:
494 push %rsi
495 push %rdi
496 push %rbx
497 push %rbp
498 push %r12
499 push %r13
500 push %r14
501 push %r15
502 pushfq
503 sub \$64,%rsp
504
505 mov 120($context),%rax # pull context->Rax
506 mov 248($context),%rbx # pull context->Rip
507
508 lea .Lprologue(%rip),%r10
509 cmp %r10,%rbx # context->Rip<.Lprologue
510 jb .Lin_prologue
511
512 mov 152($context),%rax # pull context->Rsp
513
514 lea .Lepilogue(%rip),%r10
515 cmp %r10,%rbx # context->Rip>=.Lepilogue
516 jae .Lin_prologue
517
518 mov 128+32(%rax),%rax # pull saved stack pointer
519 lea 48(%rax),%rax
520
521 mov -8(%rax),%rbx
522 mov -16(%rax),%rbp
523 mov -24(%rax),%r12
524 mov -32(%rax),%r13
525 mov -40(%rax),%r14
526 mov -48(%rax),%r15
527 mov %rbx,144($context) # restore context->Rbx
528 mov %rbp,160($context) # restore context->Rbp
529 mov %r12,216($context) # restore context->R12
530 mov %r13,224($context) # restore context->R13
531 mov %r14,232($context) # restore context->R14
532 mov %r15,240($context) # restore context->R15
533
534.Lin_prologue:
535 mov 8(%rax),%rdi
536 mov 16(%rax),%rsi
537 mov %rax,152($context) # restore context->Rsp
538 mov %rsi,168($context) # restore context->Rsi
539 mov %rdi,176($context) # restore context->Rdi
540
541 mov 40($disp),%rdi # disp->ContextRecord
542 mov $context,%rsi # context
543 mov \$154,%ecx # sizeof(CONTEXT)
544 .long 0xa548f3fc # cld; rep movsq
545
546 mov $disp,%rsi
547 xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
548 mov 8(%rsi),%rdx # arg2, disp->ImageBase
549 mov 0(%rsi),%r8 # arg3, disp->ControlPc
550 mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
551 mov 40(%rsi),%r10 # disp->ContextRecord
552 lea 56(%rsi),%r11 # &disp->HandlerData
553 lea 24(%rsi),%r12 # &disp->EstablisherFrame
554 mov %r10,32(%rsp) # arg5
555 mov %r11,40(%rsp) # arg6
556 mov %r12,48(%rsp) # arg7
557 mov %rcx,56(%rsp) # arg8, (NULL)
558 call *__imp_RtlVirtualUnwind(%rip)
559
560 mov \$1,%eax # ExceptionContinueSearch
561 add \$64,%rsp
562 popfq
563 pop %r15
564 pop %r14
565 pop %r13
566 pop %r12
567 pop %rbp
568 pop %rbx
569 pop %rdi
570 pop %rsi
571 ret
572.size se_handler,.-se_handler
573
574.section .pdata
575.align 4
576 .rva .LSEH_begin_$func
577 .rva .LSEH_end_$func
578 .rva .LSEH_info_$func
579
580.section .xdata
581.align 8
582.LSEH_info_$func:
583 .byte 9,0,0,0
584 .rva se_handler
585___
586}
587
588$code =~ s/\`([^\`]*)\`/eval $1/gem;
589print $code;
590close STDOUT;
diff --git a/src/lib/libcrypto/whrlpool/whrlpool.h b/src/lib/libcrypto/whrlpool/whrlpool.h
deleted file mode 100644
index 9e01f5b076..0000000000
--- a/src/lib/libcrypto/whrlpool/whrlpool.h
+++ /dev/null
@@ -1,41 +0,0 @@
1#ifndef HEADER_WHRLPOOL_H
2#define HEADER_WHRLPOOL_H
3
4#include <openssl/e_os2.h>
5#include <stddef.h>
6
7#ifdef __cplusplus
8extern "C" {
9#endif
10
11#define WHIRLPOOL_DIGEST_LENGTH (512/8)
12#define WHIRLPOOL_BBLOCK 512
13#define WHIRLPOOL_COUNTER (256/8)
14
15typedef struct {
16 union {
17 unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
18 /* double q is here to ensure 64-bit alignment */
19 double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
20 } H;
21 unsigned char data[WHIRLPOOL_BBLOCK/8];
22 unsigned int bitoff;
23 size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
24 } WHIRLPOOL_CTX;
25
26#ifndef OPENSSL_NO_WHIRLPOOL
27#ifdef OPENSSL_FIPS
28int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
29#endif
30int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
31int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
32void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
33int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c);
34unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
35#endif
36
37#ifdef __cplusplus
38}
39#endif
40
41#endif
diff --git a/src/lib/libcrypto/whrlpool/wp_block.c b/src/lib/libcrypto/whrlpool/wp_block.c
deleted file mode 100644
index 824ed1827c..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_block.c
+++ /dev/null
@@ -1,655 +0,0 @@
1/**
2 * The Whirlpool hashing function.
3 *
4 * <P>
5 * <b>References</b>
6 *
7 * <P>
8 * The Whirlpool algorithm was developed by
9 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
10 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
11 *
12 * See
13 * P.S.L.M. Barreto, V. Rijmen,
14 * ``The Whirlpool hashing function,''
15 * NESSIE submission, 2000 (tweaked version, 2001),
16 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
17 *
18 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
19 * Vincent Rijmen. Lookup "reference implementations" on
20 * <http://planeta.terra.com.br/informatica/paulobarreto/>
21 *
22 * =============================================================================
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
25 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
26 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
33 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
34 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
36 */
37
38#include "wp_locl.h"
39#include <string.h>
40
41typedef unsigned char u8;
42#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32)
43typedef unsigned __int64 u64;
44#elif defined(__arch64__)
45typedef unsigned long u64;
46#else
47typedef unsigned long long u64;
48#endif
49
50#define ROUNDS 10
51
52#define STRICT_ALIGNMENT
53#if defined(__i386) || defined(__i386__) || \
54 defined(__x86_64) || defined(__x86_64__) || \
55 defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
56/* Well, formally there're couple of other architectures, which permit
57 * unaligned loads, specifically those not crossing cache lines, IA-64
58 * and PowerPC... */
59# undef STRICT_ALIGNMENT
60#endif
61
62#undef SMALL_REGISTER_BANK
63#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
64# define SMALL_REGISTER_BANK
65# if defined(WHIRLPOOL_ASM)
66# ifndef OPENSSL_SMALL_FOOTPRINT
67# define OPENSSL_SMALL_FOOTPRINT /* it appears that for elder non-MMX
68 CPUs this is actually faster! */
69# endif
70# define GO_FOR_MMX(ctx,inp,num) do { \
71 extern unsigned int OPENSSL_ia32cap_P[]; \
72 void whirlpool_block_mmx(void *,const void *,size_t); \
73 if (!(OPENSSL_ia32cap_P[0] & (1<<23))) break; \
74 whirlpool_block_mmx(ctx->H.c,inp,num); return; \
75 } while (0)
76# endif
77#endif
78
79#undef ROTATE
80#if defined(_MSC_VER)
81# if defined(_WIN64) /* applies to both IA-64 and AMD64 */
82# pragma intrinsic(_rotl64)
83# define ROTATE(a,n) _rotl64((a),n)
84# endif
85#elif defined(__GNUC__) && __GNUC__>=2
86# if defined(__x86_64) || defined(__x86_64__)
87# if defined(L_ENDIAN)
88# define ROTATE(a,n) ({ u64 ret; asm ("rolq %1,%0" \
89 : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
90# elif defined(B_ENDIAN)
91 /* Most will argue that x86_64 is always little-endian. Well,
92 * yes, but then we have stratus.com who has modified gcc to
93 * "emulate" big-endian on x86. Is there evidence that they
94 * [or somebody else] won't do same for x86_64? Naturally no.
95 * And this line is waiting ready for that brave soul:-) */
96# define ROTATE(a,n) ({ u64 ret; asm ("rorq %1,%0" \
97 : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
98# endif
99# elif defined(__ia64) || defined(__ia64__)
100# if defined(L_ENDIAN)
101# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
102 : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
103# elif defined(B_ENDIAN)
104# define ROTATE(a,n) ({ u64 ret; asm ("shrp %0=%1,%1,%2" \
105 : "=r"(ret) : "r"(a),"M"(n)); ret; })
106# endif
107# endif
108#endif
109
110#if defined(OPENSSL_SMALL_FOOTPRINT)
111# if !defined(ROTATE)
112# if defined(L_ENDIAN) /* little-endians have to rotate left */
113# define ROTATE(i,n) ((i)<<(n) ^ (i)>>(64-n))
114# elif defined(B_ENDIAN) /* big-endians have to rotate right */
115# define ROTATE(i,n) ((i)>>(n) ^ (i)<<(64-n))
116# endif
117# endif
118# if defined(ROTATE) && !defined(STRICT_ALIGNMENT)
119# define STRICT_ALIGNMENT /* ensure smallest table size */
120# endif
121#endif
122
123/*
124 * Table size depends on STRICT_ALIGNMENT and whether or not endian-
125 * specific ROTATE macro is defined. If STRICT_ALIGNMENT is not
126 * defined, which is normally the case on x86[_64] CPUs, the table is
127 * 4KB large unconditionally. Otherwise if ROTATE is defined, the
128 * table is 2KB large, and otherwise - 16KB. 2KB table requires a
129 * whole bunch of additional rotations, but I'm willing to "trade,"
130 * because 16KB table certainly trashes L1 cache. I wish all CPUs
131 * could handle unaligned load as 4KB table doesn't trash the cache,
132 * nor does it require additional rotations.
133 */
134/*
135 * Note that every Cn macro expands as two loads: one byte load and
136 * one quadword load. One can argue that that many single-byte loads
137 * is too excessive, as one could load a quadword and "milk" it for
138 * eight 8-bit values instead. Well, yes, but in order to do so *and*
139 * avoid excessive loads you have to accomodate a handful of 64-bit
140 * values in the register bank and issue a bunch of shifts and mask.
141 * It's a tradeoff: loads vs. shift and mask in big register bank[!].
142 * On most CPUs eight single-byte loads are faster and I let other
143 * ones to depend on smart compiler to fold byte loads if beneficial.
144 * Hand-coded assembler would be another alternative:-)
145 */
146#ifdef STRICT_ALIGNMENT
147# if defined(ROTATE)
148# define N 1
149# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7
150# define C0(K,i) (Cx.q[K.c[(i)*8+0]])
151# define C1(K,i) ROTATE(Cx.q[K.c[(i)*8+1]],8)
152# define C2(K,i) ROTATE(Cx.q[K.c[(i)*8+2]],16)
153# define C3(K,i) ROTATE(Cx.q[K.c[(i)*8+3]],24)
154# define C4(K,i) ROTATE(Cx.q[K.c[(i)*8+4]],32)
155# define C5(K,i) ROTATE(Cx.q[K.c[(i)*8+5]],40)
156# define C6(K,i) ROTATE(Cx.q[K.c[(i)*8+6]],48)
157# define C7(K,i) ROTATE(Cx.q[K.c[(i)*8+7]],56)
158# else
159# define N 8
160# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
161 c7,c0,c1,c2,c3,c4,c5,c6, \
162 c6,c7,c0,c1,c2,c3,c4,c5, \
163 c5,c6,c7,c0,c1,c2,c3,c4, \
164 c4,c5,c6,c7,c0,c1,c2,c3, \
165 c3,c4,c5,c6,c7,c0,c1,c2, \
166 c2,c3,c4,c5,c6,c7,c0,c1, \
167 c1,c2,c3,c4,c5,c6,c7,c0
168# define C0(K,i) (Cx.q[0+8*K.c[(i)*8+0]])
169# define C1(K,i) (Cx.q[1+8*K.c[(i)*8+1]])
170# define C2(K,i) (Cx.q[2+8*K.c[(i)*8+2]])
171# define C3(K,i) (Cx.q[3+8*K.c[(i)*8+3]])
172# define C4(K,i) (Cx.q[4+8*K.c[(i)*8+4]])
173# define C5(K,i) (Cx.q[5+8*K.c[(i)*8+5]])
174# define C6(K,i) (Cx.q[6+8*K.c[(i)*8+6]])
175# define C7(K,i) (Cx.q[7+8*K.c[(i)*8+7]])
176# endif
177#else
178# define N 2
179# define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
180 c0,c1,c2,c3,c4,c5,c6,c7
181# define C0(K,i) (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
182# define C1(K,i) (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
183# define C2(K,i) (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
184# define C3(K,i) (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
185# define C4(K,i) (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
186# define C5(K,i) (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
187# define C6(K,i) (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
188# define C7(K,i) (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
189#endif
190
191static const
192union {
193 u8 c[(256*N+ROUNDS)*sizeof(u64)];
194 u64 q[(256*N+ROUNDS)];
195 } Cx = { {
196 /* Note endian-neutral representation:-) */
197 LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8),
198 LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26),
199 LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8),
200 LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb),
201 LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb),
202 LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11),
203 LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09),
204 LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d),
205 LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b),
206 LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff),
207 LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c),
208 LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e),
209 LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96),
210 LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30),
211 LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d),
212 LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8),
213 LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47),
214 LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35),
215 LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37),
216 LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a),
217 LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2),
218 LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c),
219 LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84),
220 LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80),
221 LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5),
222 LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3),
223 LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21),
224 LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c),
225 LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43),
226 LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29),
227 LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d),
228 LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5),
229 LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd),
230 LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8),
231 LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92),
232 LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e),
233 LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13),
234 LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23),
235 LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20),
236 LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44),
237 LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2),
238 LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf),
239 LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c),
240 LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a),
241 LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50),
242 LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9),
243 LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14),
244 LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9),
245 LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c),
246 LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f),
247 LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90),
248 LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07),
249 LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd),
250 LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3),
251 LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d),
252 LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78),
253 LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97),
254 LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02),
255 LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73),
256 LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7),
257 LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6),
258 LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2),
259 LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49),
260 LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56),
261 LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70),
262 LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd),
263 LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb),
264 LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71),
265 LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b),
266 LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf),
267 LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45),
268 LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a),
269 LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4),
270 LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58),
271 LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e),
272 LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f),
273 LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac),
274 LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0),
275 LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef),
276 LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6),
277 LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c),
278 LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12),
279 LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93),
280 LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde),
281 LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6),
282 LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1),
283 LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b),
284 LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f),
285 LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31),
286 LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8),
287 LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9),
288 LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc),
289 LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e),
290 LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b),
291 LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf),
292 LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59),
293 LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2),
294 LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77),
295 LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33),
296 LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4),
297 LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27),
298 LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb),
299 LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89),
300 LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32),
301 LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54),
302 LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d),
303 LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64),
304 LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d),
305 LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d),
306 LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f),
307 LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca),
308 LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7),
309 LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d),
310 LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce),
311 LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f),
312 LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f),
313 LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63),
314 LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a),
315 LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc),
316 LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82),
317 LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a),
318 LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48),
319 LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95),
320 LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf),
321 LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d),
322 LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0),
323 LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91),
324 LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8),
325 LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b),
326 LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00),
327 LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9),
328 LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e),
329 LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1),
330 LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6),
331 LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28),
332 LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3),
333 LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74),
334 LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe),
335 LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d),
336 LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea),
337 LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57),
338 LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38),
339 LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad),
340 LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4),
341 LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda),
342 LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7),
343 LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb),
344 LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9),
345 LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a),
346 LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03),
347 LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a),
348 LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e),
349 LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60),
350 LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc),
351 LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46),
352 LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f),
353 LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76),
354 LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa),
355 LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36),
356 LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae),
357 LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b),
358 LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85),
359 LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e),
360 LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7),
361 LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55),
362 LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a),
363 LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81),
364 LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52),
365 LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62),
366 LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3),
367 LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10),
368 LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab),
369 LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0),
370 LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5),
371 LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec),
372 LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16),
373 LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94),
374 LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f),
375 LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5),
376 LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98),
377 LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17),
378 LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4),
379 LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1),
380 LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e),
381 LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42),
382 LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34),
383 LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08),
384 LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee),
385 LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61),
386 LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1),
387 LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f),
388 LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24),
389 LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3),
390 LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25),
391 LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22),
392 LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65),
393 LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79),
394 LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69),
395 LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9),
396 LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19),
397 LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe),
398 LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a),
399 LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0),
400 LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99),
401 LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83),
402 LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04),
403 LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66),
404 LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0),
405 LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1),
406 LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd),
407 LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40),
408 LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c),
409 LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18),
410 LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b),
411 LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51),
412 LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05),
413 LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c),
414 LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39),
415 LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa),
416 LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b),
417 LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc),
418 LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e),
419 LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0),
420 LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88),
421 LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67),
422 LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a),
423 LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87),
424 LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1),
425 LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72),
426 LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53),
427 LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01),
428 LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b),
429 LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4),
430 LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3),
431 LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15),
432 LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c),
433 LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5),
434 LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5),
435 LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4),
436 LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba),
437 LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6),
438 LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7),
439 LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06),
440 LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41),
441 LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7),
442 LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f),
443 LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e),
444 LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6),
445 LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2),
446 LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68),
447 LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c),
448 LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed),
449 LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75),
450 LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86),
451 LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b),
452 LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2),
453#define RC (&(Cx.q[256*N]))
454 0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f, /* rc[ROUNDS] */
455 0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52,
456 0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35,
457 0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57,
458 0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda,
459 0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85,
460 0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67,
461 0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8,
462 0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e,
463 0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33
464 }
465};
466
467void whirlpool_block(WHIRLPOOL_CTX *ctx,const void *inp,size_t n)
468 {
469 int r;
470 const u8 *p=inp;
471 union { u64 q[8]; u8 c[64]; } S,K,*H=(void *)ctx->H.q;
472
473#ifdef GO_FOR_MMX
474 GO_FOR_MMX(ctx,inp,n);
475#endif
476 do {
477#ifdef OPENSSL_SMALL_FOOTPRINT
478 u64 L[8];
479 int i;
480
481 for (i=0;i<64;i++) S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
482 for (r=0;r<ROUNDS;r++)
483 {
484 for (i=0;i<8;i++)
485 {
486 L[i] = i ? 0 : RC[r];
487 L[i] ^= C0(K,i) ^ C1(K,(i-1)&7) ^
488 C2(K,(i-2)&7) ^ C3(K,(i-3)&7) ^
489 C4(K,(i-4)&7) ^ C5(K,(i-5)&7) ^
490 C6(K,(i-6)&7) ^ C7(K,(i-7)&7);
491 }
492 memcpy (K.q,L,64);
493 for (i=0;i<8;i++)
494 {
495 L[i] ^= C0(S,i) ^ C1(S,(i-1)&7) ^
496 C2(S,(i-2)&7) ^ C3(S,(i-3)&7) ^
497 C4(S,(i-4)&7) ^ C5(S,(i-5)&7) ^
498 C6(S,(i-6)&7) ^ C7(S,(i-7)&7);
499 }
500 memcpy (S.q,L,64);
501 }
502 for (i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
503#else
504 u64 L0,L1,L2,L3,L4,L5,L6,L7;
505
506#ifdef STRICT_ALIGNMENT
507 if ((size_t)p & 7)
508 {
509 memcpy (S.c,p,64);
510 S.q[0] ^= (K.q[0] = H->q[0]);
511 S.q[1] ^= (K.q[1] = H->q[1]);
512 S.q[2] ^= (K.q[2] = H->q[2]);
513 S.q[3] ^= (K.q[3] = H->q[3]);
514 S.q[4] ^= (K.q[4] = H->q[4]);
515 S.q[5] ^= (K.q[5] = H->q[5]);
516 S.q[6] ^= (K.q[6] = H->q[6]);
517 S.q[7] ^= (K.q[7] = H->q[7]);
518 }
519 else
520#endif
521 {
522 const u64 *pa = (const u64*)p;
523 S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
524 S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
525 S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
526 S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
527 S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
528 S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
529 S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
530 S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
531 }
532
533 for(r=0;r<ROUNDS;r++)
534 {
535#ifdef SMALL_REGISTER_BANK
536 L0 = C0(K,0) ^ C1(K,7) ^ C2(K,6) ^ C3(K,5) ^
537 C4(K,4) ^ C5(K,3) ^ C6(K,2) ^ C7(K,1) ^ RC[r];
538 L1 = C0(K,1) ^ C1(K,0) ^ C2(K,7) ^ C3(K,6) ^
539 C4(K,5) ^ C5(K,4) ^ C6(K,3) ^ C7(K,2);
540 L2 = C0(K,2) ^ C1(K,1) ^ C2(K,0) ^ C3(K,7) ^
541 C4(K,6) ^ C5(K,5) ^ C6(K,4) ^ C7(K,3);
542 L3 = C0(K,3) ^ C1(K,2) ^ C2(K,1) ^ C3(K,0) ^
543 C4(K,7) ^ C5(K,6) ^ C6(K,5) ^ C7(K,4);
544 L4 = C0(K,4) ^ C1(K,3) ^ C2(K,2) ^ C3(K,1) ^
545 C4(K,0) ^ C5(K,7) ^ C6(K,6) ^ C7(K,5);
546 L5 = C0(K,5) ^ C1(K,4) ^ C2(K,3) ^ C3(K,2) ^
547 C4(K,1) ^ C5(K,0) ^ C6(K,7) ^ C7(K,6);
548 L6 = C0(K,6) ^ C1(K,5) ^ C2(K,4) ^ C3(K,3) ^
549 C4(K,2) ^ C5(K,1) ^ C6(K,0) ^ C7(K,7);
550 L7 = C0(K,7) ^ C1(K,6) ^ C2(K,5) ^ C3(K,4) ^
551 C4(K,3) ^ C5(K,2) ^ C6(K,1) ^ C7(K,0);
552
553 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
554 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
555
556 L0 ^= C0(S,0) ^ C1(S,7) ^ C2(S,6) ^ C3(S,5) ^
557 C4(S,4) ^ C5(S,3) ^ C6(S,2) ^ C7(S,1);
558 L1 ^= C0(S,1) ^ C1(S,0) ^ C2(S,7) ^ C3(S,6) ^
559 C4(S,5) ^ C5(S,4) ^ C6(S,3) ^ C7(S,2);
560 L2 ^= C0(S,2) ^ C1(S,1) ^ C2(S,0) ^ C3(S,7) ^
561 C4(S,6) ^ C5(S,5) ^ C6(S,4) ^ C7(S,3);
562 L3 ^= C0(S,3) ^ C1(S,2) ^ C2(S,1) ^ C3(S,0) ^
563 C4(S,7) ^ C5(S,6) ^ C6(S,5) ^ C7(S,4);
564 L4 ^= C0(S,4) ^ C1(S,3) ^ C2(S,2) ^ C3(S,1) ^
565 C4(S,0) ^ C5(S,7) ^ C6(S,6) ^ C7(S,5);
566 L5 ^= C0(S,5) ^ C1(S,4) ^ C2(S,3) ^ C3(S,2) ^
567 C4(S,1) ^ C5(S,0) ^ C6(S,7) ^ C7(S,6);
568 L6 ^= C0(S,6) ^ C1(S,5) ^ C2(S,4) ^ C3(S,3) ^
569 C4(S,2) ^ C5(S,1) ^ C6(S,0) ^ C7(S,7);
570 L7 ^= C0(S,7) ^ C1(S,6) ^ C2(S,5) ^ C3(S,4) ^
571 C4(S,3) ^ C5(S,2) ^ C6(S,1) ^ C7(S,0);
572
573 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
574 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
575#else
576 L0 = C0(K,0); L1 = C1(K,0); L2 = C2(K,0); L3 = C3(K,0);
577 L4 = C4(K,0); L5 = C5(K,0); L6 = C6(K,0); L7 = C7(K,0);
578 L0 ^= RC[r];
579
580 L1 ^= C0(K,1); L2 ^= C1(K,1); L3 ^= C2(K,1); L4 ^= C3(K,1);
581 L5 ^= C4(K,1); L6 ^= C5(K,1); L7 ^= C6(K,1); L0 ^= C7(K,1);
582
583 L2 ^= C0(K,2); L3 ^= C1(K,2); L4 ^= C2(K,2); L5 ^= C3(K,2);
584 L6 ^= C4(K,2); L7 ^= C5(K,2); L0 ^= C6(K,2); L1 ^= C7(K,2);
585
586 L3 ^= C0(K,3); L4 ^= C1(K,3); L5 ^= C2(K,3); L6 ^= C3(K,3);
587 L7 ^= C4(K,3); L0 ^= C5(K,3); L1 ^= C6(K,3); L2 ^= C7(K,3);
588
589 L4 ^= C0(K,4); L5 ^= C1(K,4); L6 ^= C2(K,4); L7 ^= C3(K,4);
590 L0 ^= C4(K,4); L1 ^= C5(K,4); L2 ^= C6(K,4); L3 ^= C7(K,4);
591
592 L5 ^= C0(K,5); L6 ^= C1(K,5); L7 ^= C2(K,5); L0 ^= C3(K,5);
593 L1 ^= C4(K,5); L2 ^= C5(K,5); L3 ^= C6(K,5); L4 ^= C7(K,5);
594
595 L6 ^= C0(K,6); L7 ^= C1(K,6); L0 ^= C2(K,6); L1 ^= C3(K,6);
596 L2 ^= C4(K,6); L3 ^= C5(K,6); L4 ^= C6(K,6); L5 ^= C7(K,6);
597
598 L7 ^= C0(K,7); L0 ^= C1(K,7); L1 ^= C2(K,7); L2 ^= C3(K,7);
599 L3 ^= C4(K,7); L4 ^= C5(K,7); L5 ^= C6(K,7); L6 ^= C7(K,7);
600
601 K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
602 K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
603
604 L0 ^= C0(S,0); L1 ^= C1(S,0); L2 ^= C2(S,0); L3 ^= C3(S,0);
605 L4 ^= C4(S,0); L5 ^= C5(S,0); L6 ^= C6(S,0); L7 ^= C7(S,0);
606
607 L1 ^= C0(S,1); L2 ^= C1(S,1); L3 ^= C2(S,1); L4 ^= C3(S,1);
608 L5 ^= C4(S,1); L6 ^= C5(S,1); L7 ^= C6(S,1); L0 ^= C7(S,1);
609
610 L2 ^= C0(S,2); L3 ^= C1(S,2); L4 ^= C2(S,2); L5 ^= C3(S,2);
611 L6 ^= C4(S,2); L7 ^= C5(S,2); L0 ^= C6(S,2); L1 ^= C7(S,2);
612
613 L3 ^= C0(S,3); L4 ^= C1(S,3); L5 ^= C2(S,3); L6 ^= C3(S,3);
614 L7 ^= C4(S,3); L0 ^= C5(S,3); L1 ^= C6(S,3); L2 ^= C7(S,3);
615
616 L4 ^= C0(S,4); L5 ^= C1(S,4); L6 ^= C2(S,4); L7 ^= C3(S,4);
617 L0 ^= C4(S,4); L1 ^= C5(S,4); L2 ^= C6(S,4); L3 ^= C7(S,4);
618
619 L5 ^= C0(S,5); L6 ^= C1(S,5); L7 ^= C2(S,5); L0 ^= C3(S,5);
620 L1 ^= C4(S,5); L2 ^= C5(S,5); L3 ^= C6(S,5); L4 ^= C7(S,5);
621
622 L6 ^= C0(S,6); L7 ^= C1(S,6); L0 ^= C2(S,6); L1 ^= C3(S,6);
623 L2 ^= C4(S,6); L3 ^= C5(S,6); L4 ^= C6(S,6); L5 ^= C7(S,6);
624
625 L7 ^= C0(S,7); L0 ^= C1(S,7); L1 ^= C2(S,7); L2 ^= C3(S,7);
626 L3 ^= C4(S,7); L4 ^= C5(S,7); L5 ^= C6(S,7); L6 ^= C7(S,7);
627
628 S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
629 S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
630#endif
631 }
632
633#ifdef STRICT_ALIGNMENT
634 if ((size_t)p & 7)
635 {
636 int i;
637 for(i=0;i<64;i++) H->c[i] ^= S.c[i] ^ p[i];
638 }
639 else
640#endif
641 {
642 const u64 *pa=(const u64 *)p;
643 H->q[0] ^= S.q[0] ^ pa[0];
644 H->q[1] ^= S.q[1] ^ pa[1];
645 H->q[2] ^= S.q[2] ^ pa[2];
646 H->q[3] ^= S.q[3] ^ pa[3];
647 H->q[4] ^= S.q[4] ^ pa[4];
648 H->q[5] ^= S.q[5] ^ pa[5];
649 H->q[6] ^= S.q[6] ^ pa[6];
650 H->q[7] ^= S.q[7] ^ pa[7];
651 }
652#endif
653 p += 64;
654 } while(--n);
655 }
diff --git a/src/lib/libcrypto/whrlpool/wp_dgst.c b/src/lib/libcrypto/whrlpool/wp_dgst.c
deleted file mode 100644
index 7e28bef51d..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_dgst.c
+++ /dev/null
@@ -1,265 +0,0 @@
1/**
2 * The Whirlpool hashing function.
3 *
4 * <P>
5 * <b>References</b>
6 *
7 * <P>
8 * The Whirlpool algorithm was developed by
9 * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
10 * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
11 *
12 * See
13 * P.S.L.M. Barreto, V. Rijmen,
14 * ``The Whirlpool hashing function,''
15 * NESSIE submission, 2000 (tweaked version, 2001),
16 * <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
17 *
18 * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
19 * Vincent Rijmen. Lookup "reference implementations" on
20 * <http://planeta.terra.com.br/informatica/paulobarreto/>
21 *
22 * =============================================================================
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
25 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
26 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
33 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
34 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 *
36 */
37
38/*
39 * OpenSSL-specific implementation notes.
40 *
41 * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
42 * number of *bytes* as input length argument. Bit-oriented routine
43 * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
44 * does not have one-stroke counterpart.
45 *
46 * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
47 * to serve WHIRLPOOL_Update. This is done for performance.
48 *
49 * Unlike authors' reference implementation, block processing
50 * routine whirlpool_block is designed to operate on multi-block
51 * input. This is done for perfomance.
52 */
53
54#include "wp_locl.h"
55#include <openssl/crypto.h>
56#include <string.h>
57
58fips_md_init(WHIRLPOOL)
59 {
60 memset (c,0,sizeof(*c));
61 return(1);
62 }
63
64int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *_inp,size_t bytes)
65 {
66 /* Well, largest suitable chunk size actually is
67 * (1<<(sizeof(size_t)*8-3))-64, but below number
68 * is large enough for not to care about excessive
69 * calls to WHIRLPOOL_BitUpdate... */
70 size_t chunk = ((size_t)1)<<(sizeof(size_t)*8-4);
71 const unsigned char *inp = _inp;
72
73 while (bytes>=chunk)
74 {
75 WHIRLPOOL_BitUpdate(c,inp,chunk*8);
76 bytes -= chunk;
77 inp += chunk;
78 }
79 if (bytes)
80 WHIRLPOOL_BitUpdate(c,inp,bytes*8);
81
82 return(1);
83 }
84
85void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
86 {
87 size_t n;
88 unsigned int bitoff = c->bitoff,
89 bitrem = bitoff%8,
90 inpgap = (8-(unsigned int)bits%8)&7;
91 const unsigned char *inp=_inp;
92
93 /* This 256-bit increment procedure relies on the size_t
94 * being natural size of CPU register, so that we don't
95 * have to mask the value in order to detect overflows. */
96 c->bitlen[0] += bits;
97 if (c->bitlen[0] < bits) /* overflow */
98 {
99 n = 1;
100 do { c->bitlen[n]++;
101 } while(c->bitlen[n]==0
102 && ++n<(WHIRLPOOL_COUNTER/sizeof(size_t)));
103 }
104
105#ifndef OPENSSL_SMALL_FOOTPRINT
106 reconsider:
107 if (inpgap==0 && bitrem==0) /* byte-oriented loop */
108 {
109 while (bits)
110 {
111 if (bitoff==0 && (n=bits/WHIRLPOOL_BBLOCK))
112 {
113 whirlpool_block(c,inp,n);
114 inp += n*WHIRLPOOL_BBLOCK/8;
115 bits %= WHIRLPOOL_BBLOCK;
116 }
117 else
118 {
119 unsigned int byteoff = bitoff/8;
120
121 bitrem = WHIRLPOOL_BBLOCK - bitoff;/* re-use bitrem */
122 if (bits >= bitrem)
123 {
124 bits -= bitrem;
125 bitrem /= 8;
126 memcpy(c->data+byteoff,inp,bitrem);
127 inp += bitrem;
128 whirlpool_block(c,c->data,1);
129 bitoff = 0;
130 }
131 else
132 {
133 memcpy(c->data+byteoff,inp,bits/8);
134 bitoff += (unsigned int)bits;
135 bits = 0;
136 }
137 c->bitoff = bitoff;
138 }
139 }
140 }
141 else /* bit-oriented loop */
142#endif
143 {
144 /*
145 inp
146 |
147 +-------+-------+-------
148 |||||||||||||||||||||
149 +-------+-------+-------
150 +-------+-------+-------+-------+-------
151 |||||||||||||| c->data
152 +-------+-------+-------+-------+-------
153 |
154 c->bitoff/8
155 */
156 while (bits)
157 {
158 unsigned int byteoff = bitoff/8;
159 unsigned char b;
160
161#ifndef OPENSSL_SMALL_FOOTPRINT
162 if (bitrem==inpgap)
163 {
164 c->data[byteoff++] |= inp[0] & (0xff>>inpgap);
165 inpgap = 8-inpgap;
166 bitoff += inpgap; bitrem = 0; /* bitoff%8 */
167 bits -= inpgap; inpgap = 0; /* bits%8 */
168 inp++;
169 if (bitoff==WHIRLPOOL_BBLOCK)
170 {
171 whirlpool_block(c,c->data,1);
172 bitoff = 0;
173 }
174 c->bitoff = bitoff;
175 goto reconsider;
176 }
177 else
178#endif
179 if (bits>=8)
180 {
181 b = ((inp[0]<<inpgap) | (inp[1]>>(8-inpgap)));
182 b &= 0xff;
183 if (bitrem) c->data[byteoff++] |= b>>bitrem;
184 else c->data[byteoff++] = b;
185 bitoff += 8;
186 bits -= 8;
187 inp++;
188 if (bitoff>=WHIRLPOOL_BBLOCK)
189 {
190 whirlpool_block(c,c->data,1);
191 byteoff = 0;
192 bitoff %= WHIRLPOOL_BBLOCK;
193 }
194 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
195 }
196 else /* remaining less than 8 bits */
197 {
198 b = (inp[0]<<inpgap)&0xff;
199 if (bitrem) c->data[byteoff++] |= b>>bitrem;
200 else c->data[byteoff++] = b;
201 bitoff += (unsigned int)bits;
202 if (bitoff==WHIRLPOOL_BBLOCK)
203 {
204 whirlpool_block(c,c->data,1);
205 byteoff = 0;
206 bitoff %= WHIRLPOOL_BBLOCK;
207 }
208 if (bitrem) c->data[byteoff] = b<<(8-bitrem);
209 bits = 0;
210 }
211 c->bitoff = bitoff;
212 }
213 }
214 }
215
216int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c)
217 {
218 unsigned int bitoff = c->bitoff,
219 byteoff = bitoff/8;
220 size_t i,j,v;
221 unsigned char *p;
222
223 bitoff %= 8;
224 if (bitoff) c->data[byteoff] |= 0x80>>bitoff;
225 else c->data[byteoff] = 0x80;
226 byteoff++;
227
228 /* pad with zeros */
229 if (byteoff > (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
230 {
231 if (byteoff<WHIRLPOOL_BBLOCK/8)
232 memset(&c->data[byteoff],0,WHIRLPOOL_BBLOCK/8-byteoff);
233 whirlpool_block(c,c->data,1);
234 byteoff = 0;
235 }
236 if (byteoff < (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
237 memset(&c->data[byteoff],0,
238 (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER)-byteoff);
239 /* smash 256-bit c->bitlen in big-endian order */
240 p = &c->data[WHIRLPOOL_BBLOCK/8-1]; /* last byte in c->data */
241 for(i=0;i<WHIRLPOOL_COUNTER/sizeof(size_t);i++)
242 for(v=c->bitlen[i],j=0;j<sizeof(size_t);j++,v>>=8)
243 *p-- = (unsigned char)(v&0xff);
244
245 whirlpool_block(c,c->data,1);
246
247 if (md) {
248 memcpy(md,c->H.c,WHIRLPOOL_DIGEST_LENGTH);
249 memset(c,0,sizeof(*c));
250 return(1);
251 }
252 return(0);
253 }
254
255unsigned char *WHIRLPOOL(const void *inp, size_t bytes,unsigned char *md)
256 {
257 WHIRLPOOL_CTX ctx;
258 static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
259
260 if (md == NULL) md=m;
261 WHIRLPOOL_Init(&ctx);
262 WHIRLPOOL_Update(&ctx,inp,bytes);
263 WHIRLPOOL_Final(md,&ctx);
264 return(md);
265 }
diff --git a/src/lib/libcrypto/whrlpool/wp_locl.h b/src/lib/libcrypto/whrlpool/wp_locl.h
deleted file mode 100644
index 94e56a39f1..0000000000
--- a/src/lib/libcrypto/whrlpool/wp_locl.h
+++ /dev/null
@@ -1,3 +0,0 @@
1#include <openssl/whrlpool.h>
2
3void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-09 05:10:41 +0000