summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/aes/asm (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Integrate AES-NI into the AES code.jsing2025-06-152-60/+60
| | | | | | | | | | Currently, the AES-NI code is only integrated into EVP - add code to integrate AES-NI into AES. Rename the assembly provided functions and provide C versions for the original names, which check for AES-NI support and dispatch to the appropriate function. This means that the AES_* public API will now use AES-NI, if available. ok tb@
* Remove now unused AES assembly generation scripts.jsing2025-05-213-5256/+0
|
* Always use C functions for AES_{encrypt,decrypt}().jsing2024-03-297-66/+66
| | | | | | | Always provide AES_{encrypt,decrypt}() via C functions, which then either use a C implementation or call the assembly implementation. ok tb@
* Always use C functions for AES_set_{encrypt,decrypt}_key().jsing2024-03-294-47/+47
| | | | | | | | Always include aes_core.c and provide AES_set_{encrypt,decrypt}_key() via C functions, which then either use a C implementation or call the assembly implementation. ok tb@
* Rename AES_cbc_encrypt to aes_cbc_encrypt_internal for the SEH handlers.jsing2024-03-291-4/+4
| | | | Should fix windows build.
* Make AES_cbc_encrypt() always be a C function.jsing2024-03-282-12/+10
| | | | | | | | Rename the assembly generated functions from AES_cbc_encrypt() to aes_cbc_encrypt_internal(). Always include aes_cbc.c and change it to use defines that are similar to those used in BN. ok tb@
* Remove assembly for stitched modes.jsing2024-03-271-1237/+0
| | | | | The stitched modes have been removed, so having assembly for them is of little use.
* Add a few missing endbr64 to libcryptotb2024-02-241-0/+4
| | | | | | | | gcm_{gmult,ghash}_4bit(), aesni_ccm64_decrypt_blocks(), aes_cbc_encrypt(), and aesni_xts_{en,de}crypt() were overlooked in previous passes. Found with a diff for ld.lld by kettenis ok kettenis
* Replace uses of endbr64 with _CET_ENDBR from cet.htb2024-02-245-61/+61
| | | | | | | | | cet.h is needed for other platforms to emit the relevant .gnu.properties sections that are necessary for them to enable IBT. It also avoids issues with older toolchains on macOS that explode on encountering endbr64. based on a diff by kettenis ok beck kettenis
* aesni_ctr32_encrypt_blocks() is called indirectly from C code, so itderaadt2023-09-181-0/+1
| | | | | needs endbr64 ok kettenis tb
* Add endbr64 where needed by inspection. Passes regresson tests.deraadt2023-04-255-0/+60
| | | | ok jsing, and kind of tb an earlier version
* Use explicit .text instead of .previous to please Windows/MinGW on amd64tb2023-02-235-5/+5
| | | | ok miod
* Use .section .rodata instead of a plain .rodatatb2023-02-095-5/+5
| | | | | | | | At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to make it happy. ok deraadt miod
* Remove AIX toc data after every function. NFCmiod2023-02-021-23/+2
|
* Unbreak vpaes-x86 implementation.jsing2023-02-021-2/+0
| | | | | | Remove remnants of previous PIC handling. ok miod@
* Move all data blocks from .text to .rodata and cleanup up and homogeneize codemiod2023-02-013-38/+42
| | | | | | responsible from getting the proper address of those blocks. ok tb@ jsing@
* Move constants out of text segment into rodata to prepare for xonly supportderaadt2023-01-145-7/+10
| | | | | on amd64. no pic handling is neccessary since amd64 has full reach. ok kettenis
* Move all data tables from .text section to .rodata, and update the code tomiod2023-01-131-13/+48
| | | | | | | fetch them correctly when building PIC. Also drop unused data, and remove --no-execute-only from linker flags. ok kettenis@
* Move all data tables from .text section to .rodata, and update the code tomiod2023-01-131-16/+18
| | | | | | | fetch them correctly when building PIC. Also drop unused data, and remove --no-execute-only from linker flags. ok jsing@ kettenis@
* spelling fixes; from paul tagliamontejmc2022-12-266-23/+23
| | | | | | | i removed the arithmetics -> arithmetic changes, as i felt they were not clearly correct ok tb
* Add stack frames to AES-NI x86_64 assembly.jsing2022-07-301-39/+58
| | | | | | | | | | | | | | | | | | | | | The current AES-NI x86_64 assembly does some strange, although valid things, such as making internal function calls without creating stack frames. In this case, the return address lands in the red zone (which it allows for when making use of the stack) and everything works as expected. However, this trips a false positive in valgrind, which seems to think that any data saved on the stack prior to the internal function call is now "undefined" once the function returns. Avoid this by actually using stack frames - this brings in most of 6a40ebe86b4 from OpenSSL, omitting the unnecessary explicit stack alignment (which was apparently added so this code could be used in the Linux kernel with an incorrectly aligned stack). Valgrind issue reported by Steffen Jaeckel (@sjaeckel), found via libstrophe unit tests. ok tb@
* On OpenBSD/armv7 we deliberately trap unaligned access. Unfortunatelykettenis2018-01-071-7/+7
| | | | | | | | the assembly code in libcrypto assumes unaligned access is allowed for ARMv7. Make these paths conditional on __STRICT_ALIGNMENT not being defined and define __STRICT_ALIGNMENT in arm_arch.h for OpenBSD. ok tom@
* http://repzret.org/p/repzret/deraadt2017-12-111-5/+5
| | | | | | | | | | My read of this: Long time ago (Think Conan, not dinasaurs) during the race to make speedier processors, a cpu vendor built a pipeline with a bad stall, and proposed a tremendously hasky workaround. A wizard adopted this into his perl scroll, and failed to reflect later when no compiler adopted the practice. This relic remains at the tail end of some functions in OpenSSL as ".byte 0xf3,0xc3". Banish it straight to hell. ok mlarkin, others also stared blankly
* Replace all uses of magic numbers when operating on OPENSSL_ia32_P[] bymiod2016-11-043-10/+13
| | | | | | | | | | | | | | | meaningful constants in a private header file, so that reviewers can actually get a chance to figure out what the code is attempting to do without knowing all cpuid bits. While there, turn it from an array of two 32-bit ints into a properly aligned 64-bit int. Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will now always use OPENSSL_cpu_caps() and check for the proper bits in the whole 64-bit word it returns. i386 tests and ok jsing@
* Less S390.jsing2016-09-041-2237/+0
| | | | ok deraadt@
* Less IA64.jsing2016-09-041-1123/+0
| | | | ok deraadt@
* Remove the logic responsible for outputting most AES-NI instructions asmiod2015-07-192-46/+0
| | | | | | | | | raw byte sequences. The toolchains have had some time to update and assemble the instructions correctly (except for p{ins,ext}rd which are not supported yet by as(1) under OpenBSD, but will be fixed shortly). Inspired by a discussion between tedu@ and John-Mark Gurney. Verified to still work on Mac OS X and average Linux distros by bcook@
* Replace `.byte 0x48,0x83,0xEC,0x08' with `sub \$8,%rsp' which is exactly themiod2015-07-191-2/+2
| | | | same four bytes, unobfuscated.
* extenstion -> extensionmiod2015-07-171-1/+1
|
* Make sure to load absolute symbol address with `dla' instead of `la' whenmiod2014-12-071-4/+10
| | | | generating code for 64-bit mips userland.
* Remove OPENSSL_FIPSCANISTER mentions.miod2014-12-071-4/+0
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-095-51/+51
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Do not output SOM-specific directives.miod2014-05-011-0/+6
|
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-132-2/+4
|
* This commit was generated by cvs2git to track changes on a CVS vendormiod2014-04-136-76/+126
|\ | | | | branch.
| * Import OpenSSL 1.0.1gmiod2014-04-138-78/+130
| |
* | On amd64 OPENSSL_cpuid_setup and OPENSSL_ia32cap_P are now hidden so we don'tkettenis2012-10-311-1/+1
| | | | | | | | | | | | | | | | | | | | have to go through the PLT/GOT to get at them anymore. In fact going through the GOT now fails since we no longer have a GOT entry for OPENSSL_ia32cap_P. Fixes the problem spotted by jasper@ and sthen@. Based on a diff from mikeb@ who did most of the actual work of tracking down the issue. ok millert@, mikeb@
* | resolve conflictsdjm2012-10-133-226/+2311
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-1311-252/+12671
|\| | | | | branch.
| * import OpenSSL-1.0.1cdjm2012-10-1314-478/+14982
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2011-11-031-199/+198
|\| | | | | branch.
| * import OpenSSL 1.0.0edjm2011-11-031-199/+198
| |
* | resolve conflicts, fix local changesdjm2010-10-012-479/+1926
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2010-10-014-519/+1769
|\| | | | | branch.
| * import OpenSSL-1.0.0adjm2010-10-015-996/+3693
| |
| * This commit was manufactured by cvs2git to create branch 'unlabeled-1.1.1'.cvs2svn2010-07-011-0/+992
| |
* | AES-NI engine support for OpenSSL.thib2010-07-011-0/+992
| | | | | | | | | | | | | | | | | | | | This is code mostly picked up from upstream OpenSSL, or to be more exact a diff from David Woodhouse <dwmw2 at infradead dot org>. Remember to make includes before doing a build! no objections from djm@ OK deraadt@, reyk@ (AES is about 4.25x faster on his x201 now)
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2009-04-064-0/+4720
|\| | | | | branch.
| * import of OpenSSL 0.9.8kdjm2009-04-064-0/+4720
| |
* | resolve conflictsdjm2009-01-091-1/+2
| |
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-24 13:36:50 +0000