From 8922d4bc4a8b8893d72a48deb2cdf58215f98505 Mon Sep 17 00:00:00 2001 From: djm <> Date: Fri, 1 Oct 2010 22:59:01 +0000 Subject: resolve conflicts, fix local changes --- src/lib/libcrypto/rc4/Makefile.ssl | 110 -------- src/lib/libcrypto/rc4/asm/rc4-586.pl | 448 +++++++++++++++++--------------- src/lib/libcrypto/rc4/asm/rc4-amd64.pl | 227 ---------------- src/lib/libcrypto/rc4/asm/rc4-ia64.S | 159 ------------ src/lib/libcrypto/rc4/asm/rc4-x86_64.pl | 177 +++++++++++-- src/lib/libcrypto/rc4/rc4.h | 7 +- src/lib/libcrypto/rc4/rc4_enc.c | 16 +- src/lib/libcrypto/rc4/rc4_fblk.c | 75 ------ src/lib/libcrypto/rc4/rc4_skey.c | 21 +- src/lib/libcrypto/rc4/rc4test.c | 16 +- 10 files changed, 424 insertions(+), 832 deletions(-) delete mode 100644 src/lib/libcrypto/rc4/Makefile.ssl delete mode 100755 src/lib/libcrypto/rc4/asm/rc4-amd64.pl delete mode 100644 src/lib/libcrypto/rc4/asm/rc4-ia64.S delete mode 100644 src/lib/libcrypto/rc4/rc4_fblk.c (limited to 'src/lib/libcrypto/rc4') diff --git a/src/lib/libcrypto/rc4/Makefile.ssl b/src/lib/libcrypto/rc4/Makefile.ssl deleted file mode 100644 index 3e602662be..0000000000 --- a/src/lib/libcrypto/rc4/Makefile.ssl +++ /dev/null @@ -1,110 +0,0 @@ -# -# SSLeay/crypto/rc4/Makefile -# - -DIR= rc4 -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile.ssl -AR= ar r - -RC4_ENC=rc4_enc.o -# or use -#RC4_ENC=asm/rx86-elf.o -#RC4_ENC=asm/rx86-out.o -#RC4_ENC=asm/rx86-sol.o -#RC4_ENC=asm/rx86bdsi.o - -CFLAGS= $(INCLUDES) $(CFLAG) -ASFLAGS= $(INCLUDES) $(ASFLAG) - -GENERAL=Makefile -TEST=rc4test.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=rc4_skey.c rc4_enc.c -LIBOBJ=rc4_skey.o $(RC4_ENC) - -SRC= $(LIBSRC) - -EXHEADER= rc4.h -HEADER= $(EXHEADER) rc4_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -# elf -asm/rx86-elf.s: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl elf $(CFLAGS) > rx86-elf.s) - -# a.out -asm/rx86-out.o: asm/rx86unix.cpp - $(CPP) -DOUT asm/rx86unix.cpp | as -o asm/rx86-out.o - -# bsdi -asm/rx86bsdi.o: asm/rx86unix.cpp - $(CPP) -DBSDI asm/rx86unix.cpp | sed 's/ :/:/' | as -o asm/rx86bsdi.o - -asm/rx86unix.cpp: asm/rc4-586.pl ../perlasm/x86asm.pl - (cd asm; $(PERL) rc4-586.pl cpp >rx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @sh $(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/rx86unix.cpp asm/*-elf.* *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff asm/*.o - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -rc4_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc4.h -rc4_enc.o: rc4_enc.c rc4_locl.h -rc4_skey.o: ../../include/openssl/opensslconf.h -rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc4.h -rc4_skey.o: rc4_locl.h rc4_skey.c diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl index ef7eee766c..38a44a70ef 100644 --- a/src/lib/libcrypto/rc4/asm/rc4-586.pl +++ b/src/lib/libcrypto/rc4/asm/rc4-586.pl @@ -1,14 +1,21 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl + +# ==================================================================== +# [Re]written by Andy Polyakov for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== # At some point it became apparent that the original SSLeay RC4 -# assembler implementation performs suboptimaly on latest IA-32 +# assembler implementation performs suboptimally on latest IA-32 # microarchitectures. After re-tuning performance has changed as # following: # -# Pentium +0% -# Pentium III +17% -# AMD +52%(*) -# P4 +180%(**) +# Pentium -10% +# Pentium III +12% +# AMD +50%(*) +# P4 +250%(**) # # (*) This number is actually a trade-off:-) It's possible to # achieve +72%, but at the cost of -48% off PIII performance. @@ -17,214 +24,247 @@ # For reference! This code delivers ~80% of rc4-amd64.pl # performance on the same Opteron machine. # (**) This number requires compressed key schedule set up by -# RC4_set_key and therefore doesn't apply to 0.9.7 [option for -# compressed key schedule is implemented in 0.9.8 and later, -# see commentary section in rc4_skey.c for further details]. +# RC4_set_key [see commentary below for further details]. # # -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],"rc4-586.pl"); -$x="eax"; -$y="ebx"; +$xx="eax"; +$yy="ebx"; $tx="ecx"; $ty="edx"; -$in="esi"; -$out="edi"; -$d="ebp"; - -&RC4("RC4"); - -&asm_finish(); - -sub RC4_loop - { - local($n,$p,$char)=@_; - - &comment("Round $n"); - - if ($char) - { - if ($p >= 0) - { - &mov($ty, &swtmp(2)); - &cmp($ty, $in); - &jbe(&label("finished")); - &inc($in); - } - else - { - &add($ty, 8); - &inc($in); - &cmp($ty, $in); - &jb(&label("finished")); - &mov(&swtmp(2), $ty); - } - } - # Moved out - # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0; - - &add( &LB($y), &LB($tx)); - &mov( $ty, &DWP(0,$d,$y,4)); - # XXX - &mov( &DWP(0,$d,$x,4),$ty); - &add( $ty, $tx); - &mov( &DWP(0,$d,$y,4),$tx); - &and( $ty, 0xff); - &inc( &LB($x)); # NEXT ROUND - &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND - &mov( $ty, &DWP(0,$d,$ty,4)); - - if (!$char) - { - #moved up into last round - if ($p >= 1) - { - &add( $out, 8) - } - &movb( &BP($n,"esp","",0), &LB($ty)); - } - else - { - # Note in+=8 has occured - &movb( &HB($ty), &BP(-1,$in,"",0)); - # XXX - &xorb(&LB($ty), &HB($ty)); - # XXX - &movb(&BP($n,$out,"",0),&LB($ty)); - } +$inp="esi"; +$out="ebp"; +$dat="edi"; + +sub RC4_loop { + my $i=shift; + my $func = ($i==0)?*mov:*or; + + &add (&LB($yy),&LB($tx)); + &mov ($ty,&DWP(0,$dat,$yy,4)); + &mov (&DWP(0,$dat,$yy,4),$tx); + &mov (&DWP(0,$dat,$xx,4),$ty); + &add ($ty,$tx); + &inc (&LB($xx)); + &and ($ty,0xff); + &ror ($out,8) if ($i!=0); + if ($i<3) { + &mov ($tx,&DWP(0,$dat,$xx,4)); + } else { + &mov ($tx,&wparam(3)); # reload [re-biased] out } - - -sub RC4 - { - local($name)=@_; - - &function_begin_B($name,""); - - &mov($ty,&wparam(1)); # len - &cmp($ty,0); - &jne(&label("proceed")); - &ret(); - &set_label("proceed"); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &push("esi"); - &xor( $x, $x); # avoid partial register stalls - &push("edi"); - &xor( $y, $y); # avoid partial register stalls - &mov( $d, &wparam(0)); # key - &mov( $in, &wparam(2)); - - &movb( &LB($x), &BP(0,$d,"",1)); - &movb( &LB($y), &BP(4,$d,"",1)); - - &mov( $out, &wparam(3)); - &inc( &LB($x)); - - &stack_push(3); # 3 temp variables - &add( $d, 8); - - # detect compressed schedule, see commentary section in rc4_skey.c... - # in 0.9.7 context ~50 bytes below RC4_CHAR label remain redundant, - # as compressed key schedule is set up in 0.9.8 and later. - &cmp(&DWP(256,$d),-1); - &je(&label("RC4_CHAR")); - - &lea( $ty, &DWP(-8,$ty,$in)); - - # check for 0 length input - - &mov( &swtmp(2), $ty); # this is now address to exit at - &mov( $tx, &DWP(0,$d,$x,4)); - - &cmp( $ty, $in); - &jb( &label("end")); # less than 8 bytes - - &set_label("start"); - - # filling DELAY SLOT - &add( $in, 8); - - &RC4_loop(0,-1,0); - &RC4_loop(1,0,0); - &RC4_loop(2,0,0); - &RC4_loop(3,0,0); - &RC4_loop(4,0,0); - &RC4_loop(5,0,0); - &RC4_loop(6,0,0); - &RC4_loop(7,1,0); - - &comment("apply the cipher text"); - # xor the cipher data with input - - #&add( $out, 8); #moved up into last round - - &mov( $tx, &swtmp(0)); - &mov( $ty, &DWP(-8,$in,"",0)); - &xor( $tx, $ty); - &mov( $ty, &DWP(-4,$in,"",0)); - &mov( &DWP(-8,$out,"",0), $tx); - &mov( $tx, &swtmp(1)); - &xor( $tx, $ty); - &mov( $ty, &swtmp(2)); # load end ptr; - &mov( &DWP(-4,$out,"",0), $tx); - &mov( $tx, &DWP(0,$d,$x,4)); - &cmp($in, $ty); - &jbe(&label("start")); - - &set_label("end"); - - # There is quite a bit of extra crap in RC4_loop() for this - # first round - &RC4_loop(0,-1,1); - &RC4_loop(1,0,1); - &RC4_loop(2,0,1); - &RC4_loop(3,0,1); - &RC4_loop(4,0,1); - &RC4_loop(5,0,1); - &RC4_loop(6,1,1); - - &jmp(&label("finished")); - - &align(16); - # this is essentially Intel P4 specific codepath, see rc4_skey.c, - # and is engaged in 0.9.8 and later context... - &set_label("RC4_CHAR"); - - &lea ($ty,&DWP(0,$in,$ty)); - &mov (&swtmp(2),$ty); - &movz ($tx,&BP(0,$d,$x)); - + &$func ($out,&DWP(0,$dat,$ty,4)); +} + +# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out); +&function_begin("RC4"); + &mov ($dat,&wparam(0)); # load key schedule pointer + &mov ($ty, &wparam(1)); # load len + &mov ($inp,&wparam(2)); # load inp + &mov ($out,&wparam(3)); # load out + + &xor ($xx,$xx); # avoid partial register stalls + &xor ($yy,$yy); + + &cmp ($ty,0); # safety net + &je (&label("abort")); + + &mov (&LB($xx),&BP(0,$dat)); # load key->x + &mov (&LB($yy),&BP(4,$dat)); # load key->y + &add ($dat,8); + + &lea ($tx,&DWP(0,$inp,$ty)); + &sub ($out,$inp); # re-bias out + &mov (&wparam(1),$tx); # save input+len + + &inc (&LB($xx)); + + # detect compressed key schedule... + &cmp (&DWP(256,$dat),-1); + &je (&label("RC4_CHAR")); + + &mov ($tx,&DWP(0,$dat,$xx,4)); + + &and ($ty,-4); # how many 4-byte chunks? + &jz (&label("loop1")); + + &lea ($ty,&DWP(-4,$inp,$ty)); + &mov (&wparam(2),$ty); # save input+(len/4)*4-4 + &mov (&wparam(3),$out); # $out as accumulator in this loop + + &set_label("loop4",16); + for ($i=0;$i<4;$i++) { RC4_loop($i); } + &ror ($out,8); + &xor ($out,&DWP(0,$inp)); + &cmp ($inp,&wparam(2)); # compare to input+(len/4)*4-4 + &mov (&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here + &lea ($inp,&DWP(4,$inp)); + &mov ($tx,&DWP(0,$dat,$xx,4)); + &jb (&label("loop4")); + + &cmp ($inp,&wparam(1)); # compare to input+len + &je (&label("done")); + &mov ($out,&wparam(3)); # restore $out + + &set_label("loop1",16); + &add (&LB($yy),&LB($tx)); + &mov ($ty,&DWP(0,$dat,$yy,4)); + &mov (&DWP(0,$dat,$yy,4),$tx); + &mov (&DWP(0,$dat,$xx,4),$ty); + &add ($ty,$tx); + &inc (&LB($xx)); + &and ($ty,0xff); + &mov ($ty,&DWP(0,$dat,$ty,4)); + &xor (&LB($ty),&BP(0,$inp)); + &lea ($inp,&DWP(1,$inp)); + &mov ($tx,&DWP(0,$dat,$xx,4)); + &cmp ($inp,&wparam(1)); # compare to input+len + &mov (&BP(-1,$out,$inp),&LB($ty)); + &jb (&label("loop1")); + + &jmp (&label("done")); + +# this is essentially Intel P4 specific codepath... +&set_label("RC4_CHAR",16); + &movz ($tx,&BP(0,$dat,$xx)); # strangely enough unrolled loop performs over 20% slower... - &set_label("RC4_CHAR_loop"); - &add (&LB($y),&LB($tx)); - &movz ($ty,&BP(0,$d,$y)); - &movb (&BP(0,$d,$y),&LB($tx)); - &movb (&BP(0,$d,$x),&LB($ty)); + &set_label("cloop1"); + &add (&LB($yy),&LB($tx)); + &movz ($ty,&BP(0,$dat,$yy)); + &mov (&BP(0,$dat,$yy),&LB($tx)); + &mov (&BP(0,$dat,$xx),&LB($ty)); &add (&LB($ty),&LB($tx)); - &movz ($ty,&BP(0,$d,$ty)); - &add (&LB($x),1); - &xorb (&LB($ty),&BP(0,$in)); - &lea ($in,&DWP(1,$in)); - &movz ($tx,&BP(0,$d,$x)); - &cmp ($in,&swtmp(2)); - &movb (&BP(0,$out),&LB($ty)); - &lea ($out,&DWP(1,$out)); - &jb (&label("RC4_CHAR_loop")); - - &set_label("finished"); - &dec( $x); - &stack_pop(3); - &movb( &BP(-4,$d,"",0),&LB($y)); - &movb( &BP(-8,$d,"",0),&LB($x)); - - &function_end($name); - } + &movz ($ty,&BP(0,$dat,$ty)); + &add (&LB($xx),1); + &xor (&LB($ty),&BP(0,$inp)); + &lea ($inp,&DWP(1,$inp)); + &movz ($tx,&BP(0,$dat,$xx)); + &cmp ($inp,&wparam(1)); + &mov (&BP(-1,$out,$inp),&LB($ty)); + &jb (&label("cloop1")); + +&set_label("done"); + &dec (&LB($xx)); + &mov (&BP(-4,$dat),&LB($yy)); # save key->y + &mov (&BP(-8,$dat),&LB($xx)); # save key->x +&set_label("abort"); +&function_end("RC4"); + +######################################################################## + +$inp="esi"; +$out="edi"; +$idi="ebp"; +$ido="ecx"; +$idx="edx"; + +&external_label("OPENSSL_ia32cap_P"); + +# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data); +&function_begin("RC4_set_key"); + &mov ($out,&wparam(0)); # load key + &mov ($idi,&wparam(1)); # load len + &mov ($inp,&wparam(2)); # load data + &picmeup($idx,"OPENSSL_ia32cap_P"); + + &lea ($out,&DWP(2*4,$out)); # &key->data + &lea ($inp,&DWP(0,$inp,$idi)); # $inp to point at the end + &neg ($idi); + &xor ("eax","eax"); + &mov (&DWP(-4,$out),$idi); # borrow key->y + + &bt (&DWP(0,$idx),20); # check for bit#20 + &jc (&label("c1stloop")); + +&set_label("w1stloop",16); + &mov (&DWP(0,$out,"eax",4),"eax"); # key->data[i]=i; + &add (&LB("eax"),1); # i++; + &jnc (&label("w1stloop")); + + &xor ($ido,$ido); + &xor ($idx,$idx); + +&set_label("w2ndloop",16); + &mov ("eax",&DWP(0,$out,$ido,4)); + &add (&LB($idx),&BP(0,$inp,$idi)); + &add (&LB($idx),&LB("eax")); + &add ($idi,1); + &mov ("ebx",&DWP(0,$out,$idx,4)); + &jnz (&label("wnowrap")); + &mov ($idi,&DWP(-4,$out)); + &set_label("wnowrap"); + &mov (&DWP(0,$out,$idx,4),"eax"); + &mov (&DWP(0,$out,$ido,4),"ebx"); + &add (&LB($ido),1); + &jnc (&label("w2ndloop")); +&jmp (&label("exit")); + +# Unlike all other x86 [and x86_64] implementations, Intel P4 core +# [including EM64T] was found to perform poorly with above "32-bit" key +# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded +# assembler turned out to be 3.5x if re-coded for compressed 8-bit one, +# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit +# schedule for x86[_64], because non-P4 implementations suffer from +# significant performance losses then, e.g. PIII exhibits >2x +# deterioration, and so does Opteron. In order to assure optimal +# all-round performance, we detect P4 at run-time and set up compressed +# key schedule, which is recognized by RC4 procedure. + +&set_label("c1stloop",16); + &mov (&BP(0,$out,"eax"),&LB("eax")); # key->data[i]=i; + &add (&LB("eax"),1); # i++; + &jnc (&label("c1stloop")); + + &xor ($ido,$ido); + &xor ($idx,$idx); + &xor ("ebx","ebx"); + +&set_label("c2ndloop",16); + &mov (&LB("eax"),&BP(0,$out,$ido)); + &add (&LB($idx),&BP(0,$inp,$idi)); + &add (&LB($idx),&LB("eax")); + &add ($idi,1); + &mov (&LB("ebx"),&BP(0,$out,$idx)); + &jnz (&label("cnowrap")); + &mov ($idi,&DWP(-4,$out)); + &set_label("cnowrap"); + &mov (&BP(0,$out,$idx),&LB("eax")); + &mov (&BP(0,$out,$ido),&LB("ebx")); + &add (&LB($ido),1); + &jnc (&label("c2ndloop")); + + &mov (&DWP(256,$out),-1); # mark schedule as compressed + +&set_label("exit"); + &xor ("eax","eax"); + &mov (&DWP(-8,$out),"eax"); # key->x=0; + &mov (&DWP(-4,$out),"eax"); # key->y=0; +&function_end("RC4_set_key"); + +# const char *RC4_options(void); +&function_begin_B("RC4_options"); + &call (&label("pic_point")); +&set_label("pic_point"); + &blindpop("eax"); + &lea ("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax")); + &picmeup("edx","OPENSSL_ia32cap_P"); + &bt (&DWP(0,"edx"),20); + &jnc (&label("skip")); + &add ("eax",12); + &set_label("skip"); + &ret (); +&set_label("opts",64); +&asciz ("rc4(4x,int)"); +&asciz ("rc4(1x,char)"); +&asciz ("RC4 for x86, CRYPTOGAMS by "); +&align (64); +&function_end_B("RC4_options"); + +&asm_finish(); diff --git a/src/lib/libcrypto/rc4/asm/rc4-amd64.pl b/src/lib/libcrypto/rc4/asm/rc4-amd64.pl deleted file mode 100755 index 9e0da8af99..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-amd64.pl +++ /dev/null @@ -1,227 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in -# "hand-coded assembler"] doesn't stand for the whole improvement -# coefficient. It turned out that eliminating RC4_CHAR from config -# line results in ~40% improvement (yes, even for C implementation). -# Presumably it has everything to do with AMD cache architecture and -# RAW or whatever penalties. Once again! The module *requires* config -# line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' -# I simply 'inc %r8b'. Even though optimization manual discourages -# to operate on partial registers, it turned out to be the best bet. -# At least for AMD... How IA32E would perform remains to be seen... - -# As was shown by Marc Bevand reordering of couple of load operations -# results in even higher performance gain of 3.3x:-) At least on -# Opteron... For reference, 1x in this case is RC4_CHAR C-code -# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock. -# Latter means that if you want to *estimate* what to expect from -# *your* CPU, then multiply 54 by 3.3 and clock frequency in GHz. - -# Intel P4 EM64T core was found to run the AMD64 code really slow... -# The only way to achieve comparable performance on P4 is to keep -# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to -# compose blended code, which would perform even within 30% marginal -# on either AMD and Intel platforms, I implement both cases. See -# rc4_skey.c for further details... This applies to 0.9.8 and later. -# In 0.9.7 context RC4_CHAR codepath is never engaged and ~70 bytes -# of code remain redundant. - -$output=shift; - -$win64a=1 if ($output =~ /win64a.[s|asm]/); - -open STDOUT,">$output" || die "can't open $output: $!"; - -if (defined($win64a)) { - $dat="%rcx"; # arg1 - $len="%rdx"; # arg2 - $inp="%rsi"; # r8, arg3 moves here - $out="%rdi"; # r9, arg4 moves here -} else { - $dat="%rdi"; # arg1 - $len="%rsi"; # arg2 - $inp="%rdx"; # arg3 - $out="%rcx"; # arg4 -} - -$XX="%r10"; -$TX="%r8"; -$YY="%r11"; -$TY="%r9"; - -sub PTR() { - my $ret=shift; - if (defined($win64a)) { - $ret =~ s/\[([\S]+)\+([\S]+)\]/[$2+$1]/g; # [%rN+%rM*4]->[%rM*4+%rN] - $ret =~ s/:([^\[]+)\[([^\]]+)\]/:[$2+$1]/g; # :off[ea]->:[ea+off] - } else { - $ret =~ s/[\+\*]/,/g; # [%rN+%rM*4]->[%rN,%rM,4] - $ret =~ s/\[([^\]]+)\]/($1)/g; # [%rN]->(%rN) - } - $ret; -} - -$code=<<___ if (!defined($win64a)); -.text - -.globl RC4 -.type RC4,\@function -.align 16 -RC4: or $len,$len - jne .Lentry - repret -.Lentry: -___ -$code=<<___ if (defined($win64a)); -_TEXT SEGMENT -PUBLIC RC4 -ALIGN 16 -RC4 PROC - or $len,$len - jne .Lentry - repret -.Lentry: - push %rdi - push %rsi - sub \$40,%rsp - mov %r8,$inp - mov %r9,$out -___ -$code.=<<___; - add \$8,$dat - movl `&PTR("DWORD:-8[$dat]")`,$XX#d - movl `&PTR("DWORD:-4[$dat]")`,$YY#d - cmpl \$-1,`&PTR("DWORD:256[$dat]")` - je .LRC4_CHAR - test \$-8,$len - jz .Lloop1 -.align 16 -.Lloop8: - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - add $TX#b,$YY#b - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TX#b,$TY#b - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - movb `&PTR("BYTE:[$dat+$TY*4]")`,%al -___ -for ($i=1;$i<=6;$i++) { -$code.=<<___; - add $TX#b,$YY#b - ror \$8,%rax - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TX#b,$TY#b - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - movb `&PTR("BYTE:[$dat+$TY*4]")`,%al -___ -} -$code.=<<___; - add $TX#b,$YY#b - ror \$8,%rax - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - sub \$8,$len - add $TY#b,$TX#b - movb `&PTR("BYTE:[$dat+$TX*4]")`,%al - ror \$8,%rax - add \$8,$inp - add \$8,$out - - xor `&PTR("QWORD:-8[$inp]")`,%rax - mov %rax,`&PTR("QWORD:-8[$out]")` - - test \$-8,$len - jnz .Lloop8 - cmp \$0,$len - jne .Lloop1 -.Lexit: - movl $XX#d,`&PTR("DWORD:-8[$dat]")` - movl $YY#d,`&PTR("DWORD:-4[$dat]")` -___ -$code.=<<___ if (defined($win64a)); - add \$40,%rsp - pop %rsi - pop %rdi -___ -$code.=<<___; - repret -.align 16 -.Lloop1: - movzb `&PTR("BYTE:[$inp]")`,%eax - inc $XX#b - movl `&PTR("DWORD:[$dat+$XX*4]")`,$TX#d - add $TX#b,$YY#b - movl `&PTR("DWORD:[$dat+$YY*4]")`,$TY#d - movl $TX#d,`&PTR("DWORD:[$dat+$YY*4]")` - movl $TY#d,`&PTR("DWORD:[$dat+$XX*4]")` - add $TY#b,$TX#b - movl `&PTR("DWORD:[$dat+$TX*4]")`,$TY#d - xor $TY,%rax - inc $inp - movb %al,`&PTR("BYTE:[$out]")` - inc $out - dec $len - jnz .Lloop1 - jmp .Lexit - -.align 16 -.LRC4_CHAR: - inc $XX#b - movzb `&PTR("BYTE:[$dat+$XX]")`,$TX#d - add $TX#b,$YY#b - movzb `&PTR("BYTE:[$dat+$YY]")`,$TY#d - movb $TX#b,`&PTR("BYTE:[$dat+$YY]")` - movb $TY#b,`&PTR("BYTE:[$dat+$XX]")` - add $TX#b,$TY#b - movzb `&PTR("BYTE:[$dat+$TY]")`,$TY#d - xorb `&PTR("BYTE:[$inp]")`,$TY#b - movb $TY#b,`&PTR("BYTE:[$out]")` - inc $inp - inc $out - dec $len - jnz .LRC4_CHAR - jmp .Lexit -___ -$code.=<<___ if (defined($win64a)); -RC4 ENDP -_TEXT ENDS -END -___ -$code.=<<___ if (!defined($win64a)); -.size RC4,.-RC4 -___ - -$code =~ s/#([bwd])/$1/gm; -$code =~ s/\`([^\`]*)\`/eval $1/gem; - -if (defined($win64a)) { - $code =~ s/\.align/ALIGN/gm; - $code =~ s/[\$%]//gm; - $code =~ s/\.L/\$L/gm; - $code =~ s/([\w]+)([\s]+)([\S]+),([\S]+)/$1$2$4,$3/gm; - $code =~ s/([QD]*WORD|BYTE):/$1 PTR/gm; - $code =~ s/mov[bwlq]/mov/gm; - $code =~ s/movzb/movzx/gm; - $code =~ s/repret/DB\t0F3h,0C3h/gm; - $code =~ s/cmpl/cmp/gm; - $code =~ s/xorb/xor/gm; -} else { - $code =~ s/([QD]*WORD|BYTE)://gm; - $code =~ s/repret/.byte\t0xF3,0xC3/gm; -} -print $code; diff --git a/src/lib/libcrypto/rc4/asm/rc4-ia64.S b/src/lib/libcrypto/rc4/asm/rc4-ia64.S deleted file mode 100644 index 8210c47d04..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-ia64.S +++ /dev/null @@ -1,159 +0,0 @@ -// ==================================================================== -// Written by Andy Polyakov for the OpenSSL -// project. -// -// Rights for redistribution and usage in source and binary forms are -// granted according to the OpenSSL license. Warranty of any kind is -// disclaimed. -// ==================================================================== - -.ident "rc4-ia64.S, Version 2.0" -.ident "IA-64 ISA artwork by Andy Polyakov " - -// What's wrong with compiler generated code? Because of the nature of -// C language, compiler doesn't [dare to] reorder load and stores. But -// being memory-bound, RC4 should benefit from reorder [on in-order- -// execution core such as IA-64]. But what can we reorder? At the very -// least we can safely reorder references to key schedule in respect -// to input and output streams. Secondly, from the first [close] glance -// it appeared that it's possible to pull up some references to -// elements of the key schedule itself. Original rationale ["prior -// loads are not safe only for "degenerated" key schedule, when some -// elements equal to the same value"] was kind of sloppy. I should have -// formulated as it really was: if we assume that pulling up reference -// to key[x+1] is not safe, then it would mean that key schedule would -// "degenerate," which is never the case. The problem is that this -// holds true in respect to references to key[x], but not to key[y]. -// Legitimate "collisions" do occur within every 256^2 bytes window. -// Fortunately there're enough free instruction slots to keep prior -// reference to key[x+1], detect "collision" and compensate for it. -// All this without sacrificing a single clock cycle:-) Throughput is -// ~210MBps on 900MHz CPU, which is is >3x faster than gcc generated -// code and +30% - if compared to HP-UX C. Unrolling loop below should -// give >30% on top of that... - -.text -.explicit - -#if defined(_HPUX_SOURCE) && !defined(_LP64) -# define ADDP addp4 -#else -# define ADDP add -#endif - -#ifndef SZ -#define SZ 4 // this is set to sizeof(RC4_INT) -#endif -// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for -// assembler implementation, while SZ==1 code is ~30% slower. -#if SZ==1 // RC4_INT is unsigned char -# define LDKEY ld1 -# define STKEY st1 -# define OFF 0 -#elif SZ==4 // RC4_INT is unsigned int -# define LDKEY ld4 -# define STKEY st4 -# define OFF 2 -#elif SZ==8 // RC4_INT is unsigned long -# define LDKEY ld8 -# define STKEY st8 -# define OFF 3 -#endif - -out=r8; // [expanded] output pointer -inp=r9; // [expanded] output pointer -prsave=r10; -key=r28; // [expanded] pointer to RC4_KEY -ksch=r29; // (key->data+255)[&~(sizeof(key->data)-1)] -xx=r30; -yy=r31; - -// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out); -.global RC4# -.proc RC4# -.align 32 -.skip 16 -RC4: - .prologue - .save ar.pfs,r2 -{ .mii; alloc r2=ar.pfs,4,12,0,16 - .save pr,prsave - mov prsave=pr - ADDP key=0,in0 };; -{ .mib; cmp.eq p6,p0=0,in1 // len==0? - .save ar.lc,r3 - mov r3=ar.lc -(p6) br.ret.spnt.many b0 };; // emergency exit - - .body - .rotr dat[4],key_x[4],tx[2],rnd[2],key_y[2],ty[1]; - -{ .mib; LDKEY xx=[key],SZ // load key->x - add in1=-1,in1 // adjust len for loop counter - nop.b 0 } -{ .mib; ADDP inp=0,in2 - ADDP out=0,in3 - brp.loop.imp .Ltop,.Lexit-16 };; -{ .mmi; LDKEY yy=[key] // load key->y - add ksch=SZ,key - mov ar.lc=in1 } -{ .mmi; mov key_y[1]=r0 // guarantee inequality - // in first iteration - add xx=1,xx - mov pr.rot=1<<16 };; -{ .mii; nop.m 0 - dep key_x[1]=xx,r0,OFF,8 - mov ar.ec=3 };; // note that epilogue counter - // is off by 1. I compensate - // for this at exit... -.Ltop: -// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which -// theoretically gives asymptotic performance of clock frequency -// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is -// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently -// splits the last bundle and you end up with 5*n spin-rate:-( -// Originally the loop was scheduled for 3*n and relied on key -// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But -// *(out++)=dat, which maps to st1, had same effect [inadvertent -// bundle split] and holded the loop back. Rescheduling for 4*n -// made it possible to eliminate dependence on specific alignment -// and allow OpenSSH keep "abusing" our API. Reaching for 3*n would -// require unrolling, sticking to variable shift instruction for -// collecting output [to avoid starvation for integer shifter] and -// copying of key schedule to controlled place in stack [so that -// deposit instruction can serve as substitute for whole -// key->data+((x&255)<data[0])))]... -{ .mmi; (p19) st1 [out]=dat[3],1 // *(out++)=dat - (p16) add xx=1,xx // x++ - (p18) dep rnd[1]=rnd[1],r0,OFF,8 } // ((tx+ty)&255)<y - mov pr=prsave,0x1ffff - nop.b 0 } -{ .mib; st1 [out]=dat[3],1 // compensate for truncated - // epilogue counter - add xx=-1,xx - nop.b 0 };; -{ .mib; STKEY [key]=xx // save key->x - mov ar.lc=r3 - br.ret.sptk.many b0 };; -.endp RC4# diff --git a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl index 3a54623495..544386bf53 100755 --- a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl +++ b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl @@ -58,14 +58,18 @@ # fit for Core2 and therefore the code was modified to skip cloop8 on # this CPU. -$output=shift; +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } + +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; ( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or die "can't locate x86_64-xlate.pl"; -open STDOUT,"| $^X $xlate $output"; +open STDOUT,"| $^X $xlate $flavour $output"; $dat="%rdi"; # arg1 $len="%rsi"; # arg2 @@ -87,8 +91,10 @@ RC4: or $len,$len jne .Lentry ret .Lentry: + push %rbx push %r12 push %r13 +.Lprologue: add \$8,$dat movl -8($dat),$XX[0]#d @@ -133,16 +139,8 @@ $code.=<<___; jnz .Lloop8 cmp \$0,$len jne .Lloop1 -___ -$code.=<<___; -.Lexit: - sub \$1,$XX[0]#b - movl $XX[0]#d,-8($dat) - movl $YY#d,-4($dat) + jmp .Lexit - pop %r13 - pop %r12 - ret .align 16 .Lloop1: add $TX[0]#b,$YY#b @@ -167,9 +165,8 @@ $code.=<<___; movzb ($dat,$XX[0]),$TX[0]#d test \$-8,$len jz .Lcloop1 - cmp \$0,260($dat) + cmpl \$0,260($dat) jnz .Lcloop1 - push %rbx jmp .Lcloop8 .align 16 .Lcloop8: @@ -224,7 +221,6 @@ $code.=<<___; test \$-8,$len jnz .Lcloop8 - pop %rbx cmp \$0,$len jne .Lcloop1 jmp .Lexit @@ -249,6 +245,19 @@ $code.=<<___; sub \$1,$len jnz .Lcloop1 jmp .Lexit + +.align 16 +.Lexit: + sub \$1,$XX[0]#b + movl $XX[0]#d,-8($dat) + movl $YY#d,-4($dat) + + mov (%rsp),%r13 + mov 8(%rsp),%r12 + mov 16(%rsp),%rbx + add \$24,%rsp +.Lepilogue: + ret .size RC4,.-RC4 ___ @@ -269,6 +278,7 @@ RC4_set_key: xor $ido,$ido xor %r10,%r10 xor %r11,%r11 + mov PIC_GOT(OPENSSL_ia32cap_P),$idx#d bt \$20,$idx#d jnc .Lw1stloop @@ -332,11 +342,10 @@ RC4_set_key: .size RC4_set_key,.-RC4_set_key .globl RC4_options -.type RC4_options,\@function,0 +.type RC4_options,\@abi-omnipotent .align 16 RC4_options: - .picmeup %rax - lea .Lopts-.(%rax),%rax + lea .Lopts(%rip),%rax mov PIC_GOT(OPENSSL_ia32cap_P),%edx bt \$20,%edx jnc .Ldone @@ -356,9 +365,139 @@ RC4_options: .size RC4_options,.-RC4_options ___ -$code =~ s/#([bwd])/$1/gm; +# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, +# CONTEXT *context,DISPATCHER_CONTEXT *disp) +if ($win64) { +$rec="%rcx"; +$frame="%rdx"; +$context="%r8"; +$disp="%r9"; + +$code.=<<___; +.extern __imp_RtlVirtualUnwind +.type stream_se_handler,\@abi-omnipotent +.align 16 +stream_se_handler: + push %rsi + push %rdi + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + push %r15 + pushfq + sub \$64,%rsp + + mov 120($context),%rax # pull context->Rax + mov 248($context),%rbx # pull context->Rip + + lea .Lprologue(%rip),%r10 + cmp %r10,%rbx # context->RipRsp + + lea .Lepilogue(%rip),%r10 + cmp %r10,%rbx # context->Rip>=epilogue label + jae .Lin_prologue + + lea 24(%rax),%rax + + mov -8(%rax),%rbx + mov -16(%rax),%r12 + mov -24(%rax),%r13 + mov %rbx,144($context) # restore context->Rbx + mov %r12,216($context) # restore context->R12 + mov %r13,224($context) # restore context->R13 + +.Lin_prologue: + mov 8(%rax),%rdi + mov 16(%rax),%rsi + mov %rax,152($context) # restore context->Rsp + mov %rsi,168($context) # restore context->Rsi + mov %rdi,176($context) # restore context->Rdi + + jmp .Lcommon_seh_exit +.size stream_se_handler,.-stream_se_handler + +.type key_se_handler,\@abi-omnipotent +.align 16 +key_se_handler: + push %rsi + push %rdi + push %rbx + push %rbp + push %r12 + push %r13 + push %r14 + push %r15 + pushfq + sub \$64,%rsp + + mov 152($context),%rax # pull context->Rsp + mov 8(%rax),%rdi + mov 16(%rax),%rsi + mov %rsi,168($context) # restore context->Rsi + mov %rdi,176($context) # restore context->Rdi -$code =~ s/RC4_set_key/private_RC4_set_key/g if ($ENV{FIPSCANLIB} ne ""); +.Lcommon_seh_exit: + + mov 40($disp),%rdi # disp->ContextRecord + mov $context,%rsi # context + mov \$154,%ecx # sizeof(CONTEXT) + .long 0xa548f3fc # cld; rep movsq + + mov $disp,%rsi + xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER + mov 8(%rsi),%rdx # arg2, disp->ImageBase + mov 0(%rsi),%r8 # arg3, disp->ControlPc + mov 16(%rsi),%r9 # arg4, disp->FunctionEntry + mov 40(%rsi),%r10 # disp->ContextRecord + lea 56(%rsi),%r11 # &disp->HandlerData + lea 24(%rsi),%r12 # &disp->EstablisherFrame + mov %r10,32(%rsp) # arg5 + mov %r11,40(%rsp) # arg6 + mov %r12,48(%rsp) # arg7 + mov %rcx,56(%rsp) # arg8, (NULL) + call *__imp_RtlVirtualUnwind(%rip) + + mov \$1,%eax # ExceptionContinueSearch + add \$64,%rsp + popfq + pop %r15 + pop %r14 + pop %r13 + pop %r12 + pop %rbp + pop %rbx + pop %rdi + pop %rsi + ret +.size key_se_handler,.-key_se_handler + +.section .pdata +.align 4 + .rva .LSEH_begin_RC4 + .rva .LSEH_end_RC4 + .rva .LSEH_info_RC4 + + .rva .LSEH_begin_RC4_set_key + .rva .LSEH_end_RC4_set_key + .rva .LSEH_info_RC4_set_key + +.section .xdata +.align 8 +.LSEH_info_RC4: + .byte 9,0,0,0 + .rva stream_se_handler +.LSEH_info_RC4_set_key: + .byte 9,0,0,0 + .rva key_se_handler +___ +} + +$code =~ s/#([bwd])/$1/gm; print $code; diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h index 2d8620d33b..29d1acccf5 100644 --- a/src/lib/libcrypto/rc4/rc4.h +++ b/src/lib/libcrypto/rc4/rc4.h @@ -64,6 +64,8 @@ #error RC4 is disabled. #endif +#include + #ifdef __cplusplus extern "C" { #endif @@ -76,11 +78,8 @@ typedef struct rc4_key_st const char *RC4_options(void); -#ifdef OPENSSL_FIPS -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -#endif void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, +void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, unsigned char *outdata); #ifdef __cplusplus diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c index 0660ea60a2..8c4fc6c7a3 100644 --- a/src/lib/libcrypto/rc4/rc4_enc.c +++ b/src/lib/libcrypto/rc4/rc4_enc.c @@ -67,12 +67,12 @@ * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, +void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, unsigned char *outdata) { register RC4_INT *d; register RC4_INT x,y,tx,ty; - int i; + size_t i; x=key->x; y=key->y; @@ -120,8 +120,8 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, (RC4_CHUNK)d[(tx+ty)&0xff]\ ) - if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) | - ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 ) + if ( ( ((size_t)indata & (sizeof(RC4_CHUNK)-1)) | + ((size_t)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 ) { RC4_CHUNK ichunk,otp; const union { long one; char little; } is_endian = {1}; @@ -157,7 +157,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (!is_endian.little) { /* BIG-ENDIAN CASE */ # define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&~(sizeof(RC4_CHUNK)-1);len-=sizeof(RC4_CHUNK)) + for (;len&(0-sizeof(RC4_CHUNK));len-=sizeof(RC4_CHUNK)) { ichunk = *(RC4_CHUNK *)indata; otp = RC4_STEP<>3L); + i=len>>3; if (i) { for (;;) @@ -296,7 +296,7 @@ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, if (--i == 0) break; } } - i=(int)len&0x07; + i=len&0x07; if (i) { for (;;) diff --git a/src/lib/libcrypto/rc4/rc4_fblk.c b/src/lib/libcrypto/rc4/rc4_fblk.c deleted file mode 100644 index 1b2a42979b..0000000000 --- a/src/lib/libcrypto/rc4/rc4_fblk.c +++ /dev/null @@ -1,75 +0,0 @@ -/* crypto/rc4/rc4_fblk.c */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#include -#include "rc4_locl.h" -#include -#include -#ifdef OPENSSL_FIPS -#include -#endif - -/* FIPS mode blocking for RC4 has to be done separately since RC4_set_key - * may be implemented in an assembly language file. - */ - -#ifdef OPENSSL_FIPS -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) - { - if (FIPS_mode()) - FIPS_BAD_ABORT(RC4) - private_RC4_set_key(key, len, data); - } -#endif - diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c index 4478d1a4b3..b22c40b0bd 100644 --- a/src/lib/libcrypto/rc4/rc4_skey.c +++ b/src/lib/libcrypto/rc4/rc4_skey.c @@ -59,11 +59,6 @@ #include #include "rc4_locl.h" #include -#include -#ifdef OPENSSL_FIPS -#include -#endif - const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; @@ -90,11 +85,7 @@ const char *RC4_options(void) * Date: Wed, 14 Sep 1994 06:35:31 GMT */ -#ifdef OPENSSL_FIPS -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) -#else void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) -#endif { register RC4_INT tmp; register int id1,id2; @@ -128,20 +119,14 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) * implementations suffer from significant performance * losses then, e.g. PIII exhibits >2x deterioration, * and so does Opteron. In order to assure optimal - * all-round performance, we detect P4 at run-time by - * checking upon reserved bit 20 in CPU capability + * all-round performance, let us [try to] detect P4 at + * run-time by checking upon HTT bit in CPU capability * vector and set up compressed key schedule, which is * recognized by correspondingly updated assembler - * module... Bit 20 is set up by OPENSSL_ia32_cpuid. - * + * module... * */ -#ifdef OPENSSL_FIPS - unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc(); - if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) { -#else if (OPENSSL_ia32cap_P & (1<<28)) { -#endif unsigned char *cp=(unsigned char *)d; for (i=0;i<256;i++) cp[i]=i; diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c index 54b597fa26..633a79e758 100644 --- a/src/lib/libcrypto/rc4/rc4test.c +++ b/src/lib/libcrypto/rc4/rc4test.c @@ -114,8 +114,8 @@ static unsigned char output[7][30]={ int main(int argc, char *argv[]) { - int err=0; - unsigned int i, j; + int i,err=0; + int j; unsigned char *p; RC4_KEY key; unsigned char obuf[512]; @@ -129,12 +129,12 @@ int main(int argc, char *argv[]) { printf("error calculating RC4\n"); printf("output:"); - for (j=0; j