des_enc.m4

开放的SSL工具

.encrypt2.finish:

	! rotate
	sll	in5, 29, in0
	srl	in5, 3, in5
	sll	out5, 29, in1
	add	in5, in0, in5
	srl	out5, 3, out5
	LDPTR	[%sp+BIAS+ARG0+0*ARGSZ], in0
	add	out5, in1, out5
	st	out5, [in0]
	st	in5, [in0+4]

	ret
	restore

.DES_encrypt2.end:
	.size	 DES_encrypt2, .DES_encrypt2.end-DES_encrypt2


! void DES_encrypt3(data, ks1, ks2, ks3)
! **************************************

	.align 32
	.global DES_encrypt3
	.type	 DES_encrypt3,#function

DES_encrypt3:

	save	%sp, FRAME, %sp
	
	call	.PIC.me.up
	mov	.PIC.me.up-(.-4),out0

	ld	[in0], in5                ! left
	add	in2, 120, in4             ! ks2

	ld	[in0+4], out5             ! right
	mov	in3, in2                  ! save ks3

	! parameter 6  1/2 for include encryption/decryption
	! parameter 7  1 for mov in1 to in3
	! parameter 8  1 for mov in3 to in4
	! parameter 9  1 for load ks3 and ks2 to in4 and in3

	ip_macro(in5, out5, in5, out5, in3, 1, 1, 0, 0)

	call	.des_dec
	mov	in2, in3                  ! preload ks3

	call	.des_enc
	nop

	fp_macro(in5, out5, 1)

	ret
	restore

.DES_encrypt3.end:
	.size	 DES_encrypt3,.DES_encrypt3.end-DES_encrypt3


! void DES_decrypt3(data, ks1, ks2, ks3)
! **************************************

	.align 32
	.global DES_decrypt3
	.type	 DES_decrypt3,#function

DES_decrypt3:

	save	%sp, FRAME, %sp
	
	call	.PIC.me.up
	mov	.PIC.me.up-(.-4),out0

	ld	[in0], in5                ! left
	add	in3, 120, in4             ! ks3

	ld	[in0+4], out5             ! right
	mov	in2, in3                  ! ks2

	! parameter 6  1/2 for include encryption/decryption
	! parameter 7  1 for mov in1 to in3
	! parameter 8  1 for mov in3 to in4
	! parameter 9  1 for load ks3 and ks2 to in4 and in3

	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 0)

	call	.des_enc
	add	in1, 120, in4             ! preload ks1

	call	.des_dec
	nop

	fp_macro(out5, in5, 1)

	ret
	restore

.DES_decrypt3.end:
	.size	 DES_decrypt3,.DES_decrypt3.end-DES_decrypt3

	.align	256
	.type	 .des_and,#object
	.size	 .des_and,284

.des_and:

! This table is used for AND 0xFC when it is known that register
! bits 8-31 are zero. Makes it possible to do three arithmetic
! operations in one cycle.

	.byte  0, 0, 0, 0, 4, 4, 4, 4
	.byte  8, 8, 8, 8, 12, 12, 12, 12
	.byte  16, 16, 16, 16, 20, 20, 20, 20
	.byte  24, 24, 24, 24, 28, 28, 28, 28
	.byte  32, 32, 32, 32, 36, 36, 36, 36
	.byte  40, 40, 40, 40, 44, 44, 44, 44
	.byte  48, 48, 48, 48, 52, 52, 52, 52
	.byte  56, 56, 56, 56, 60, 60, 60, 60
	.byte  64, 64, 64, 64, 68, 68, 68, 68
	.byte  72, 72, 72, 72, 76, 76, 76, 76
	.byte  80, 80, 80, 80, 84, 84, 84, 84
	.byte  88, 88, 88, 88, 92, 92, 92, 92
	.byte  96, 96, 96, 96, 100, 100, 100, 100
	.byte  104, 104, 104, 104, 108, 108, 108, 108
	.byte  112, 112, 112, 112, 116, 116, 116, 116
	.byte  120, 120, 120, 120, 124, 124, 124, 124
	.byte  128, 128, 128, 128, 132, 132, 132, 132
	.byte  136, 136, 136, 136, 140, 140, 140, 140
	.byte  144, 144, 144, 144, 148, 148, 148, 148
	.byte  152, 152, 152, 152, 156, 156, 156, 156
	.byte  160, 160, 160, 160, 164, 164, 164, 164
	.byte  168, 168, 168, 168, 172, 172, 172, 172
	.byte  176, 176, 176, 176, 180, 180, 180, 180
	.byte  184, 184, 184, 184, 188, 188, 188, 188
	.byte  192, 192, 192, 192, 196, 196, 196, 196
	.byte  200, 200, 200, 200, 204, 204, 204, 204
	.byte  208, 208, 208, 208, 212, 212, 212, 212
	.byte  216, 216, 216, 216, 220, 220, 220, 220
	.byte  224, 224, 224, 224, 228, 228, 228, 228
	.byte  232, 232, 232, 232, 236, 236, 236, 236
	.byte  240, 240, 240, 240, 244, 244, 244, 244
	.byte  248, 248, 248, 248, 252, 252, 252, 252

	! 5 numbers for initil/final permutation

	.word   0x0f0f0f0f                ! offset 256
	.word	0x0000ffff                ! 260
	.word	0x33333333                ! 264
	.word	0x00ff00ff                ! 268
	.word	0x55555555                ! 272

	.word	0                         ! 276
	.word	LOOPS                     ! 280
	.word	0x0000FC00                ! 284
.PIC.DES_SPtrans:
	.word	%r_disp32(DES_SPtrans)

! input:	out0	offset between .PIC.me.up and caller
! output:	out0	pointer to .PIC.me.up
!		out2	pointer to .des_and
!		global1	pointer to DES_SPtrans
	.align	32
.PIC.me.up:
	add	out0,%o7,out0			! pointer to .PIC.me.up
#if 1
	ld	[out0+(.PIC.DES_SPtrans-.PIC.me.up)],global1
	add	global1,(.PIC.DES_SPtrans-.PIC.me.up),global1
	add	global1,out0,global1
#else
# ifdef OPENSSL_PIC
	! In case anybody wonders why this code is same for both ABI.
	! To start with it is not. Do note LDPTR below. But of course
	! you must be wondering why the rest of it does not contain
	! things like %hh, %hm and %lm. Well, those are needed only
	! if OpenSSL library *itself* will become larger than 4GB,
	! which is not going to happen any time soon. 
	sethi	%hi(DES_SPtrans),global1
	or	global1,%lo(DES_SPtrans),global1
	sethi	%hi(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
	add	global1,out0,global1
	add	out2,%lo(_GLOBAL_OFFSET_TABLE_-(.PIC.me.up-.)),out2
	LDPTR	[out2+global1],global1
# elif 0
	setn	DES_SPtrans,out2,global1	! synthetic instruction !
# elif defined(ABI64)
	sethi	%hh(DES_SPtrans),out2
	or	out2,%hm(DES_SPtrans),out2
	sethi	%lm(DES_SPtrans),global1
	or	global1,%lo(DES_SPtrans),global1
	sllx	out2,32,out2
	or	out2,global1,global1
# else
	sethi	%hi(DES_SPtrans),global1
	or	global1,%lo(DES_SPtrans),global1
# endif
#endif
	retl
	add	out0,.des_and-.PIC.me.up,out2

! void DES_ncbc_encrypt(input, output, length, schedule, ivec, enc)
! *****************************************************************


	.align 32
	.global DES_ncbc_encrypt
	.type	 DES_ncbc_encrypt,#function

DES_ncbc_encrypt:

	save	%sp, FRAME, %sp
	
	define({INPUT},  { [%sp+BIAS+ARG0+0*ARGSZ] })
	define({OUTPUT}, { [%sp+BIAS+ARG0+1*ARGSZ] })
	define({IVEC},   { [%sp+BIAS+ARG0+4*ARGSZ] })

	call	.PIC.me.up
	mov	.PIC.me.up-(.-4),out0

	cmp	in5, 0                    ! enc   

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	be,pn	%icc, .ncbc.dec
#else
	be	.ncbc.dec
#endif
	STPTR	in4, IVEC

	! addr  left  right  temp  label
	load_little_endian(in4, in5, out5, local3, .LLE1)  ! iv

	addcc	in2, -8, in2              ! bytes missing when first block done

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc, .ncbc.enc.seven.or.less
#else
	bl	.ncbc.enc.seven.or.less
#endif
	mov	in3, in4                  ! schedule

.ncbc.enc.next.block:

	load_little_endian(in0, out4, global4, local3, .LLE2)  ! block

.ncbc.enc.next.block_1:

	xor	in5, out4, in5            ! iv xor
	xor	out5, global4, out5       ! iv xor

	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
	ip_macro(in5, out5, in5, out5, in3, 0, 0, 2)

.ncbc.enc.next.block_2:

!//	call .des_enc                     ! compares in2 to 8
!	rounds inlined for alignment purposes

	add	global1, 768, global4     ! address sbox 4 since register used below

	rounds_macro(in5, out5, 1, .ncbc.enc.1, in3, in4) ! include encryption  ks in3

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc, .ncbc.enc.next.block_fp
#else
	bl	.ncbc.enc.next.block_fp
#endif
	add	in0, 8, in0               ! input address

	! If 8 or more bytes are to be encrypted after this block,
	! we combine final permutation for this block with initial
	! permutation for next block. Load next block:

	load_little_endian(in0, global3, global4, local5, .LLE12)

	!  parameter 1   original left
	!  parameter 2   original right
	!  parameter 3   left ip
	!  parameter 4   right ip
	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
	!                2: mov in4 to in3
	!
	! also adds -8 to length in2 and loads loop counter to out4

	fp_ip_macro(out0, out1, global3, global4, 2)

	store_little_endian(in1, out0, out1, local3, .SLE10)  ! block

	ld	[in3], out0               ! key 7531 first round next block
	mov 	in5, local1
	xor	global3, out5, in5        ! iv xor next block

	ld	[in3+4], out1             ! key 8642
	add	global1, 512, global3     ! address sbox 3 since register used
	xor	global4, local1, out5     ! iv xor next block

	ba	.ncbc.enc.next.block_2
	add	in1, 8, in1               ! output adress

.ncbc.enc.next.block_fp:

	fp_macro(in5, out5)

	store_little_endian(in1, in5, out5, local3, .SLE1)  ! block

	addcc   in2, -8, in2              ! bytes missing when next block done

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bpos,pt	%icc, .ncbc.enc.next.block  ! also jumps if 0
#else
	bpos	.ncbc.enc.next.block
#endif
	add	in1, 8, in1

.ncbc.enc.seven.or.less:

	cmp	in2, -8

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	ble,pt	%icc, .ncbc.enc.finish
#else
	ble	.ncbc.enc.finish
#endif
	nop

	add	in2, 8, local1            ! bytes to load

	! addr, length, dest left, dest right, temp, temp2, label, ret label
	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB1, .ncbc.enc.next.block_1)

	! Loads 1 to 7 bytes little endian to global4, out4


.ncbc.enc.finish:

	LDPTR	IVEC, local4
	store_little_endian(local4, in5, out5, local5, .SLE2)  ! ivec

	ret
	restore


.ncbc.dec:

	STPTR	in0, INPUT
	cmp	in2, 0                    ! length
	add	in3, 120, in3

	LDPTR	IVEC, local7              ! ivec
#ifdef OPENSSL_SYSNAME_ULTRASPARC
	ble,pn	%icc, .ncbc.dec.finish
#else
	ble	.ncbc.dec.finish
#endif
	mov	in3, in4                  ! schedule

	STPTR	in1, OUTPUT
	mov	in0, local5               ! input

	load_little_endian(local7, in0, in1, local3, .LLE3)   ! ivec

.ncbc.dec.next.block:

	load_little_endian(local5, in5, out5, local3, .LLE4)  ! block

	! parameter 6  1/2 for include encryption/decryption
	! parameter 7  1 for mov in1 to in3
	! parameter 8  1 for mov in3 to in4

	ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include decryprion  ks in4

	fp_macro(out5, in5, 0, 1) ! 1 for input and output address to local5/7

	! in2 is bytes left to be stored
	! in2 is compared to 8 in the rounds

	xor	out5, in0, out4           ! iv xor
#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc, .ncbc.dec.seven.or.less
#else
	bl	.ncbc.dec.seven.or.less
#endif
	xor	in5, in1, global4         ! iv xor

	! Load ivec next block now, since input and output address might be the same.

	load_little_endian_inc(local5, in0, in1, local3, .LLE5)  ! iv

	store_little_endian(local7, out4, global4, local3, .SLE3)

	STPTR	local5, INPUT
	add	local7, 8, local7
	addcc   in2, -8, in2

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bg,pt	%icc, .ncbc.dec.next.block
#else
	bg	.ncbc.dec.next.block
#endif
	STPTR	local7, OUTPUT


.ncbc.dec.store.iv:

	LDPTR	IVEC, local4              ! ivec
	store_little_endian(local4, in0, in1, local5, .SLE4)

.ncbc.dec.finish:

	ret
	restore

.ncbc.dec.seven.or.less:

	load_little_endian_inc(local5, in0, in1, local3, .LLE13)     ! ivec

	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB1, .ncbc.dec.store.iv)


.DES_ncbc_encrypt.end:
	.size	 DES_ncbc_encrypt, .DES_ncbc_encrypt.end-DES_ncbc_encrypt


! void DES_ede3_cbc_encrypt(input, output, lenght, ks1, ks2, ks3, ivec, enc)
! **************************************************************************


	.align 32
	.global DES_ede3_cbc_encrypt
	.type	 DES_ede3_cbc_encrypt,#function

DES_ede3_cbc_encrypt:

	save	%sp, FRAME, %sp

	define({KS1}, { [%sp+BIAS+ARG0+3*ARGSZ] })
	define({KS2}, { [%sp+BIAS+ARG0+4*ARGSZ] })
	define({KS3}, { [%sp+BIAS+ARG0+5*ARGSZ] })

	call	.PIC.me.up
	mov	.PIC.me.up-(.-4),out0

	LDPTR	[%fp+BIAS+ARG0+7*ARGSZ], local3          ! enc
	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
	cmp	local3, 0                 ! enc

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	be,pn	%icc, .ede3.dec
#else
	be	.ede3.dec
#endif
	STPTR	in4, KS2

	STPTR	in5, KS3

	load_little_endian(local4, in5, out5, local3, .LLE6)  ! ivec

	addcc	in2, -8, in2              ! bytes missing after next block

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc,  .ede3.enc.seven.or.less
#else
	bl	.ede3.enc.seven.or.less
#endif
	STPTR	in3, KS1

.ede3.enc.next.block:

	load_little_endian(in0, out4, global4, local3, .LLE7)

.ede3.enc.next.block_1:

	LDPTR	KS2, in4
	xor	in5, out4, in5            ! iv xor
	xor	out5, global4, out5       ! iv xor

	LDPTR	KS1, in3
	add	in4, 120, in4             ! for decryption we use last subkey first
	nop

	ip_macro(in5, out5, in5, out5, in3)

.ede3.enc.next.block_2:

	call .des_enc                     ! ks1 in3
	nop

	call .des_dec                     ! ks2 in4
	LDPTR	KS3, in3

	call .des_enc                     ! ks3 in3  compares in2 to 8
	nop

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc, .ede3.enc.next.block_fp
#else
	bl	.ede3.enc.next.block_fp
#endif
	add	in0, 8, in0

	! If 8 or more bytes are to be encrypted after this block,
	! we combine final permutation for this block with initial
	! permutation for next block. Load next block:

	load_little_endian(in0, global3, global4, local5, .LLE11)

	!  parameter 1   original left
	!  parameter 2   original right
	!  parameter 3   left ip
	!  parameter 4   right ip
	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
	!                2: mov in4 to in3
	!
	! also adds -8 to length in2 and loads loop counter to out4

	fp_ip_macro(out0, out1, global3, global4, 1)

	store_little_endian(in1, out0, out1, local3, .SLE9)  ! block

	mov 	in5, local1
	xor	global3, out5, in5        ! iv xor next block

	ld	[in3], out0               ! key 7531
	add	global1, 512, global3     ! address sbox 3
	xor	global4, local1, out5     ! iv xor next block

	ld	[in3+4], out1             ! key 8642
	add	global1, 768, global4     ! address sbox 4
	ba	.ede3.enc.next.block_2
	add	in1, 8, in1

.ede3.enc.next.block_fp:

	fp_macro(in5, out5)

	store_little_endian(in1, in5, out5, local3, .SLE5)  ! block

	addcc   in2, -8, in2              ! bytes missing when next block done

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bpos,pt	%icc, .ede3.enc.next.block
#else
	bpos	.ede3.enc.next.block
#endif
	add	in1, 8, in1

.ede3.enc.seven.or.less:

	cmp	in2, -8

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	ble,pt	%icc, .ede3.enc.finish
#else
	ble	.ede3.enc.finish
#endif
	nop

	add	in2, 8, local1            ! bytes to load

	! addr, length, dest left, dest right, temp, temp2, label, ret label
	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB2, .ede3.enc.next.block_1)

.ede3.enc.finish:

	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
	store_little_endian(local4, in5, out5, local5, .SLE6)  ! ivec

	ret
	restore

.ede3.dec:

	STPTR	in0, INPUT
	add	in5, 120, in5

	STPTR	in1, OUTPUT
	mov	in0, local5
	add	in3, 120, in3

	STPTR	in3, KS1
	cmp	in2, 0

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	ble	%icc, .ede3.dec.finish
#else
	ble	.ede3.dec.finish
#endif
	STPTR	in5, KS3

	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local7          ! iv
	load_little_endian(local7, in0, in1, local3, .LLE8)

.ede3.dec.next.block:

	load_little_endian(local5, in5, out5, local3, .LLE9)

	! parameter 6  1/2 for include encryption/decryption
	! parameter 7  1 for mov in1 to in3
	! parameter 8  1 for mov in3 to in4
	! parameter 9  1 for load ks3 and ks2 to in4 and in3

	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 1) ! inc .des_dec ks3 in4

	call .des_enc                     ! ks2 in3
	LDPTR	KS1, in4

	call .des_dec                     ! ks1 in4
	nop

	fp_macro(out5, in5, 0, 1)   ! 1 for input and output address local5/7

	! in2 is bytes left to be stored
	! in2 is compared to 8 in the rounds

	xor	out5, in0, out4
#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bl,pn	%icc, .ede3.dec.seven.or.less
#else
	bl	.ede3.dec.seven.or.less
#endif
	xor	in5, in1, global4

	load_little_endian_inc(local5, in0, in1, local3, .LLE10)   ! iv next block

	store_little_endian(local7, out4, global4, local3, .SLE7)  ! block

	STPTR	local5, INPUT
	addcc   in2, -8, in2
	add	local7, 8, local7

#ifdef OPENSSL_SYSNAME_ULTRASPARC
	bg,pt	%icc, .ede3.dec.next.block
#else
	bg	.ede3.dec.next.block
#endif
	STPTR	local7, OUTPUT

.ede3.dec.store.iv:

	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
	store_little_endian(local4, in0, in1, local5, .SLE8)  ! ivec

.ede3.dec.finish:

	ret
	restore

.ede3.dec.seven.or.less:

	load_little_endian_inc(local5, in0, in1, local3, .LLE14)     ! iv

	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB2, .ede3.dec.store.iv)


.DES_ede3_cbc_encrypt.end:
	.size	 DES_ede3_cbc_encrypt,.DES_ede3_cbc_encrypt.end-DES_ede3_cbc_encrypt