1; This file is generated from a similarly-named Perl script in the BoringSSL 2; source tree. Do not edit by hand. 3 4%ifdef BORINGSSL_PREFIX 5%include "boringssl_prefix_symbols_nasm.inc" 6%endif 7%ifidn __OUTPUT_FORMAT__,obj 8section code use32 class=code align=64 9%elifidn __OUTPUT_FORMAT__,win32 10%ifdef __YASM_VERSION_ID__ 11%if __YASM_VERSION_ID__ < 01010000h 12%error yasm version 1.1.0 or later needed. 13%endif 14; Yasm automatically includes .00 and complains about redefining it. 15; https://www.tortall.net/projects/yasm/manual/html/objfmt-win32-safeseh.html 16%else 17$@feat.00 equ 1 18%endif 19section .text code align=64 20%else 21section .text code 22%endif 23%ifdef BORINGSSL_DISPATCH_TEST 24extern _BORINGSSL_function_hit 25%endif 26align 64 27L$_vpaes_consts: 28dd 218628480,235210255,168496130,67568393 29dd 252381056,17041926,33884169,51187212 30dd 252645135,252645135,252645135,252645135 31dd 1512730624,3266504856,1377990664,3401244816 32dd 830229760,1275146365,2969422977,3447763452 33dd 3411033600,2979783055,338359620,2782886510 34dd 4209124096,907596821,221174255,1006095553 35dd 191964160,3799684038,3164090317,1589111125 36dd 182528256,1777043520,2877432650,3265356744 37dd 1874708224,3503451415,3305285752,363511674 38dd 1606117888,3487855781,1093350906,2384367825 39dd 197121,67569157,134941193,202313229 40dd 67569157,134941193,202313229,197121 41dd 134941193,202313229,197121,67569157 42dd 202313229,197121,67569157,134941193 43dd 33619971,100992007,168364043,235736079 44dd 235736079,33619971,100992007,168364043 45dd 168364043,235736079,33619971,100992007 46dd 100992007,168364043,235736079,33619971 47dd 50462976,117835012,185207048,252579084 48dd 252314880,51251460,117574920,184942860 49dd 184682752,252054788,50987272,118359308 50dd 118099200,185467140,251790600,50727180 51dd 2946363062,528716217,1300004225,1881839624 52dd 1532713819,1532713819,1532713819,1532713819 53dd 3602276352,4288629033,3737020424,4153884961 54dd 1354558464,32357713,2958822624,3775749553 55dd 1201988352,132424512,1572796698,503232858 56dd 2213177600,1597421020,4103937655,675398315 57dd 2749646592,4273543773,1511898873,121693092 58dd 3040248576,1103263732,2871565598,1608280554 59dd 2236667136,2588920351,482954393,64377734 60dd 3069987328,291237287,2117370568,3650299247 61dd 533321216,3573750986,2572112006,1401264716 62dd 1339849704,2721158661,548607111,3445553514 63dd 2128193280,3054596040,2183486460,1257083700 64dd 655635200,1165381986,3923443150,2344132524 65dd 190078720,256924420,290342170,357187870 66dd 1610966272,2263057382,4103205268,309794674 67dd 2592527872,2233205587,1335446729,3402964816 68dd 3973531904,3225098121,3002836325,1918774430 69dd 3870401024,2102906079,2284471353,4117666579 70dd 617007872,1021508343,366931923,691083277 71dd 2528395776,3491914898,2968704004,1613121270 72dd 3445188352,3247741094,844474987,4093578302 73dd 651481088,1190302358,1689581232,574775300 74dd 4289380608,206939853,2555985458,2489840491 75dd 2130264064,327674451,3566485037,3349835193 76dd 2470714624,316102159,3636825756,3393945945 77db 86,101,99,116,111,114,32,80,101,114,109,117,116,97,116,105 78db 111,110,32,65,69,83,32,102,111,114,32,120,56,54,47,83 79db 83,83,69,51,44,32,77,105,107,101,32,72,97,109,98,117 80db 114,103,32,40,83,116,97,110,102,111,114,100,32,85,110,105 81db 118,101,114,115,105,116,121,41,0 82align 64 83align 16 84__vpaes_preheat: 85 add ebp,DWORD [esp] 86 movdqa xmm7,[ebp-48] 87 movdqa xmm6,[ebp-16] 88 ret 89align 16 90__vpaes_encrypt_core: 91 mov ecx,16 92 mov eax,DWORD [240+edx] 93 movdqa xmm1,xmm6 94 movdqa xmm2,[ebp] 95 pandn xmm1,xmm0 96 pand xmm0,xmm6 97 movdqu xmm5,[edx] 98db 102,15,56,0,208 99 movdqa xmm0,[16+ebp] 100 pxor xmm2,xmm5 101 psrld xmm1,4 102 add edx,16 103db 102,15,56,0,193 104 lea ebx,[192+ebp] 105 pxor xmm0,xmm2 106 jmp NEAR L$000enc_entry 107align 16 108L$001enc_loop: 109 movdqa xmm4,[32+ebp] 110 movdqa xmm0,[48+ebp] 111db 102,15,56,0,226 112db 102,15,56,0,195 113 pxor xmm4,xmm5 114 movdqa xmm5,[64+ebp] 115 pxor xmm0,xmm4 116 movdqa xmm1,[ecx*1+ebx-64] 117db 102,15,56,0,234 118 movdqa xmm2,[80+ebp] 119 movdqa xmm4,[ecx*1+ebx] 120db 102,15,56,0,211 121 movdqa xmm3,xmm0 122 pxor xmm2,xmm5 123db 102,15,56,0,193 124 add edx,16 125 pxor xmm0,xmm2 126db 102,15,56,0,220 127 add ecx,16 128 pxor xmm3,xmm0 129db 102,15,56,0,193 130 and ecx,48 131 sub eax,1 132 pxor xmm0,xmm3 133L$000enc_entry: 134 movdqa xmm1,xmm6 135 movdqa xmm5,[ebp-32] 136 pandn xmm1,xmm0 137 psrld xmm1,4 138 pand xmm0,xmm6 139db 102,15,56,0,232 140 movdqa xmm3,xmm7 141 pxor xmm0,xmm1 142db 102,15,56,0,217 143 movdqa xmm4,xmm7 144 pxor xmm3,xmm5 145db 102,15,56,0,224 146 movdqa xmm2,xmm7 147 pxor xmm4,xmm5 148db 102,15,56,0,211 149 movdqa xmm3,xmm7 150 pxor xmm2,xmm0 151db 102,15,56,0,220 152 movdqu xmm5,[edx] 153 pxor xmm3,xmm1 154 jnz NEAR L$001enc_loop 155 movdqa xmm4,[96+ebp] 156 movdqa xmm0,[112+ebp] 157db 102,15,56,0,226 158 pxor xmm4,xmm5 159db 102,15,56,0,195 160 movdqa xmm1,[64+ecx*1+ebx] 161 pxor xmm0,xmm4 162db 102,15,56,0,193 163 ret 164align 16 165__vpaes_decrypt_core: 166 lea ebx,[608+ebp] 167 mov eax,DWORD [240+edx] 168 movdqa xmm1,xmm6 169 movdqa xmm2,[ebx-64] 170 pandn xmm1,xmm0 171 mov ecx,eax 172 psrld xmm1,4 173 movdqu xmm5,[edx] 174 shl ecx,4 175 pand xmm0,xmm6 176db 102,15,56,0,208 177 movdqa xmm0,[ebx-48] 178 xor ecx,48 179db 102,15,56,0,193 180 and ecx,48 181 pxor xmm2,xmm5 182 movdqa xmm5,[176+ebp] 183 pxor xmm0,xmm2 184 add edx,16 185 lea ecx,[ecx*1+ebx-352] 186 jmp NEAR L$002dec_entry 187align 16 188L$003dec_loop: 189 movdqa xmm4,[ebx-32] 190 movdqa xmm1,[ebx-16] 191db 102,15,56,0,226 192db 102,15,56,0,203 193 pxor xmm0,xmm4 194 movdqa xmm4,[ebx] 195 pxor xmm0,xmm1 196 movdqa xmm1,[16+ebx] 197db 102,15,56,0,226 198db 102,15,56,0,197 199db 102,15,56,0,203 200 pxor xmm0,xmm4 201 movdqa xmm4,[32+ebx] 202 pxor xmm0,xmm1 203 movdqa xmm1,[48+ebx] 204db 102,15,56,0,226 205db 102,15,56,0,197 206db 102,15,56,0,203 207 pxor xmm0,xmm4 208 movdqa xmm4,[64+ebx] 209 pxor xmm0,xmm1 210 movdqa xmm1,[80+ebx] 211db 102,15,56,0,226 212db 102,15,56,0,197 213db 102,15,56,0,203 214 pxor xmm0,xmm4 215 add edx,16 216db 102,15,58,15,237,12 217 pxor xmm0,xmm1 218 sub eax,1 219L$002dec_entry: 220 movdqa xmm1,xmm6 221 movdqa xmm2,[ebp-32] 222 pandn xmm1,xmm0 223 pand xmm0,xmm6 224 psrld xmm1,4 225db 102,15,56,0,208 226 movdqa xmm3,xmm7 227 pxor xmm0,xmm1 228db 102,15,56,0,217 229 movdqa xmm4,xmm7 230 pxor xmm3,xmm2 231db 102,15,56,0,224 232 pxor xmm4,xmm2 233 movdqa xmm2,xmm7 234db 102,15,56,0,211 235 movdqa xmm3,xmm7 236 pxor xmm2,xmm0 237db 102,15,56,0,220 238 movdqu xmm0,[edx] 239 pxor xmm3,xmm1 240 jnz NEAR L$003dec_loop 241 movdqa xmm4,[96+ebx] 242db 102,15,56,0,226 243 pxor xmm4,xmm0 244 movdqa xmm0,[112+ebx] 245 movdqa xmm2,[ecx] 246db 102,15,56,0,195 247 pxor xmm0,xmm4 248db 102,15,56,0,194 249 ret 250align 16 251__vpaes_schedule_core: 252 add ebp,DWORD [esp] 253 movdqu xmm0,[esi] 254 movdqa xmm2,[320+ebp] 255 movdqa xmm3,xmm0 256 lea ebx,[ebp] 257 movdqa [4+esp],xmm2 258 call __vpaes_schedule_transform 259 movdqa xmm7,xmm0 260 test edi,edi 261 jnz NEAR L$004schedule_am_decrypting 262 movdqu [edx],xmm0 263 jmp NEAR L$005schedule_go 264L$004schedule_am_decrypting: 265 movdqa xmm1,[256+ecx*1+ebp] 266db 102,15,56,0,217 267 movdqu [edx],xmm3 268 xor ecx,48 269L$005schedule_go: 270 cmp eax,192 271 ja NEAR L$006schedule_256 272 je NEAR L$007schedule_192 273L$008schedule_128: 274 mov eax,10 275L$009loop_schedule_128: 276 call __vpaes_schedule_round 277 dec eax 278 jz NEAR L$010schedule_mangle_last 279 call __vpaes_schedule_mangle 280 jmp NEAR L$009loop_schedule_128 281align 16 282L$007schedule_192: 283 movdqu xmm0,[8+esi] 284 call __vpaes_schedule_transform 285 movdqa xmm6,xmm0 286 pxor xmm4,xmm4 287 movhlps xmm6,xmm4 288 mov eax,4 289L$011loop_schedule_192: 290 call __vpaes_schedule_round 291db 102,15,58,15,198,8 292 call __vpaes_schedule_mangle 293 call __vpaes_schedule_192_smear 294 call __vpaes_schedule_mangle 295 call __vpaes_schedule_round 296 dec eax 297 jz NEAR L$010schedule_mangle_last 298 call __vpaes_schedule_mangle 299 call __vpaes_schedule_192_smear 300 jmp NEAR L$011loop_schedule_192 301align 16 302L$006schedule_256: 303 movdqu xmm0,[16+esi] 304 call __vpaes_schedule_transform 305 mov eax,7 306L$012loop_schedule_256: 307 call __vpaes_schedule_mangle 308 movdqa xmm6,xmm0 309 call __vpaes_schedule_round 310 dec eax 311 jz NEAR L$010schedule_mangle_last 312 call __vpaes_schedule_mangle 313 pshufd xmm0,xmm0,255 314 movdqa [20+esp],xmm7 315 movdqa xmm7,xmm6 316 call L$_vpaes_schedule_low_round 317 movdqa xmm7,[20+esp] 318 jmp NEAR L$012loop_schedule_256 319align 16 320L$010schedule_mangle_last: 321 lea ebx,[384+ebp] 322 test edi,edi 323 jnz NEAR L$013schedule_mangle_last_dec 324 movdqa xmm1,[256+ecx*1+ebp] 325db 102,15,56,0,193 326 lea ebx,[352+ebp] 327 add edx,32 328L$013schedule_mangle_last_dec: 329 add edx,-16 330 pxor xmm0,[336+ebp] 331 call __vpaes_schedule_transform 332 movdqu [edx],xmm0 333 pxor xmm0,xmm0 334 pxor xmm1,xmm1 335 pxor xmm2,xmm2 336 pxor xmm3,xmm3 337 pxor xmm4,xmm4 338 pxor xmm5,xmm5 339 pxor xmm6,xmm6 340 pxor xmm7,xmm7 341 ret 342align 16 343__vpaes_schedule_192_smear: 344 pshufd xmm1,xmm6,128 345 pshufd xmm0,xmm7,254 346 pxor xmm6,xmm1 347 pxor xmm1,xmm1 348 pxor xmm6,xmm0 349 movdqa xmm0,xmm6 350 movhlps xmm6,xmm1 351 ret 352align 16 353__vpaes_schedule_round: 354 movdqa xmm2,[8+esp] 355 pxor xmm1,xmm1 356db 102,15,58,15,202,15 357db 102,15,58,15,210,15 358 pxor xmm7,xmm1 359 pshufd xmm0,xmm0,255 360db 102,15,58,15,192,1 361 movdqa [8+esp],xmm2 362L$_vpaes_schedule_low_round: 363 movdqa xmm1,xmm7 364 pslldq xmm7,4 365 pxor xmm7,xmm1 366 movdqa xmm1,xmm7 367 pslldq xmm7,8 368 pxor xmm7,xmm1 369 pxor xmm7,[336+ebp] 370 movdqa xmm4,[ebp-16] 371 movdqa xmm5,[ebp-48] 372 movdqa xmm1,xmm4 373 pandn xmm1,xmm0 374 psrld xmm1,4 375 pand xmm0,xmm4 376 movdqa xmm2,[ebp-32] 377db 102,15,56,0,208 378 pxor xmm0,xmm1 379 movdqa xmm3,xmm5 380db 102,15,56,0,217 381 pxor xmm3,xmm2 382 movdqa xmm4,xmm5 383db 102,15,56,0,224 384 pxor xmm4,xmm2 385 movdqa xmm2,xmm5 386db 102,15,56,0,211 387 pxor xmm2,xmm0 388 movdqa xmm3,xmm5 389db 102,15,56,0,220 390 pxor xmm3,xmm1 391 movdqa xmm4,[32+ebp] 392db 102,15,56,0,226 393 movdqa xmm0,[48+ebp] 394db 102,15,56,0,195 395 pxor xmm0,xmm4 396 pxor xmm0,xmm7 397 movdqa xmm7,xmm0 398 ret 399align 16 400__vpaes_schedule_transform: 401 movdqa xmm2,[ebp-16] 402 movdqa xmm1,xmm2 403 pandn xmm1,xmm0 404 psrld xmm1,4 405 pand xmm0,xmm2 406 movdqa xmm2,[ebx] 407db 102,15,56,0,208 408 movdqa xmm0,[16+ebx] 409db 102,15,56,0,193 410 pxor xmm0,xmm2 411 ret 412align 16 413__vpaes_schedule_mangle: 414 movdqa xmm4,xmm0 415 movdqa xmm5,[128+ebp] 416 test edi,edi 417 jnz NEAR L$014schedule_mangle_dec 418 add edx,16 419 pxor xmm4,[336+ebp] 420db 102,15,56,0,229 421 movdqa xmm3,xmm4 422db 102,15,56,0,229 423 pxor xmm3,xmm4 424db 102,15,56,0,229 425 pxor xmm3,xmm4 426 jmp NEAR L$015schedule_mangle_both 427align 16 428L$014schedule_mangle_dec: 429 movdqa xmm2,[ebp-16] 430 lea esi,[416+ebp] 431 movdqa xmm1,xmm2 432 pandn xmm1,xmm4 433 psrld xmm1,4 434 pand xmm4,xmm2 435 movdqa xmm2,[esi] 436db 102,15,56,0,212 437 movdqa xmm3,[16+esi] 438db 102,15,56,0,217 439 pxor xmm3,xmm2 440db 102,15,56,0,221 441 movdqa xmm2,[32+esi] 442db 102,15,56,0,212 443 pxor xmm2,xmm3 444 movdqa xmm3,[48+esi] 445db 102,15,56,0,217 446 pxor xmm3,xmm2 447db 102,15,56,0,221 448 movdqa xmm2,[64+esi] 449db 102,15,56,0,212 450 pxor xmm2,xmm3 451 movdqa xmm3,[80+esi] 452db 102,15,56,0,217 453 pxor xmm3,xmm2 454db 102,15,56,0,221 455 movdqa xmm2,[96+esi] 456db 102,15,56,0,212 457 pxor xmm2,xmm3 458 movdqa xmm3,[112+esi] 459db 102,15,56,0,217 460 pxor xmm3,xmm2 461 add edx,-16 462L$015schedule_mangle_both: 463 movdqa xmm1,[256+ecx*1+ebp] 464db 102,15,56,0,217 465 add ecx,-16 466 and ecx,48 467 movdqu [edx],xmm3 468 ret 469global _vpaes_set_encrypt_key 470align 16 471_vpaes_set_encrypt_key: 472L$_vpaes_set_encrypt_key_begin: 473 push ebp 474 push ebx 475 push esi 476 push edi 477%ifdef BORINGSSL_DISPATCH_TEST 478 push ebx 479 push edx 480 call L$016pic 481L$016pic: 482 pop ebx 483 lea ebx,[(_BORINGSSL_function_hit+5-L$016pic)+ebx] 484 mov edx,1 485 mov BYTE [ebx],dl 486 pop edx 487 pop ebx 488%endif 489 mov esi,DWORD [20+esp] 490 lea ebx,[esp-56] 491 mov eax,DWORD [24+esp] 492 and ebx,-16 493 mov edx,DWORD [28+esp] 494 xchg ebx,esp 495 mov DWORD [48+esp],ebx 496 mov ebx,eax 497 shr ebx,5 498 add ebx,5 499 mov DWORD [240+edx],ebx 500 mov ecx,48 501 mov edi,0 502 lea ebp,[(L$_vpaes_consts+0x30-L$017pic_point)] 503 call __vpaes_schedule_core 504L$017pic_point: 505 mov esp,DWORD [48+esp] 506 xor eax,eax 507 pop edi 508 pop esi 509 pop ebx 510 pop ebp 511 ret 512global _vpaes_set_decrypt_key 513align 16 514_vpaes_set_decrypt_key: 515L$_vpaes_set_decrypt_key_begin: 516 push ebp 517 push ebx 518 push esi 519 push edi 520 mov esi,DWORD [20+esp] 521 lea ebx,[esp-56] 522 mov eax,DWORD [24+esp] 523 and ebx,-16 524 mov edx,DWORD [28+esp] 525 xchg ebx,esp 526 mov DWORD [48+esp],ebx 527 mov ebx,eax 528 shr ebx,5 529 add ebx,5 530 mov DWORD [240+edx],ebx 531 shl ebx,4 532 lea edx,[16+ebx*1+edx] 533 mov edi,1 534 mov ecx,eax 535 shr ecx,1 536 and ecx,32 537 xor ecx,32 538 lea ebp,[(L$_vpaes_consts+0x30-L$018pic_point)] 539 call __vpaes_schedule_core 540L$018pic_point: 541 mov esp,DWORD [48+esp] 542 xor eax,eax 543 pop edi 544 pop esi 545 pop ebx 546 pop ebp 547 ret 548global _vpaes_encrypt 549align 16 550_vpaes_encrypt: 551L$_vpaes_encrypt_begin: 552 push ebp 553 push ebx 554 push esi 555 push edi 556%ifdef BORINGSSL_DISPATCH_TEST 557 push ebx 558 push edx 559 call L$019pic 560L$019pic: 561 pop ebx 562 lea ebx,[(_BORINGSSL_function_hit+4-L$019pic)+ebx] 563 mov edx,1 564 mov BYTE [ebx],dl 565 pop edx 566 pop ebx 567%endif 568 lea ebp,[(L$_vpaes_consts+0x30-L$020pic_point)] 569 call __vpaes_preheat 570L$020pic_point: 571 mov esi,DWORD [20+esp] 572 lea ebx,[esp-56] 573 mov edi,DWORD [24+esp] 574 and ebx,-16 575 mov edx,DWORD [28+esp] 576 xchg ebx,esp 577 mov DWORD [48+esp],ebx 578 movdqu xmm0,[esi] 579 call __vpaes_encrypt_core 580 movdqu [edi],xmm0 581 mov esp,DWORD [48+esp] 582 pop edi 583 pop esi 584 pop ebx 585 pop ebp 586 ret 587global _vpaes_decrypt 588align 16 589_vpaes_decrypt: 590L$_vpaes_decrypt_begin: 591 push ebp 592 push ebx 593 push esi 594 push edi 595 lea ebp,[(L$_vpaes_consts+0x30-L$021pic_point)] 596 call __vpaes_preheat 597L$021pic_point: 598 mov esi,DWORD [20+esp] 599 lea ebx,[esp-56] 600 mov edi,DWORD [24+esp] 601 and ebx,-16 602 mov edx,DWORD [28+esp] 603 xchg ebx,esp 604 mov DWORD [48+esp],ebx 605 movdqu xmm0,[esi] 606 call __vpaes_decrypt_core 607 movdqu [edi],xmm0 608 mov esp,DWORD [48+esp] 609 pop edi 610 pop esi 611 pop ebx 612 pop ebp 613 ret 614global _vpaes_cbc_encrypt 615align 16 616_vpaes_cbc_encrypt: 617L$_vpaes_cbc_encrypt_begin: 618 push ebp 619 push ebx 620 push esi 621 push edi 622 mov esi,DWORD [20+esp] 623 mov edi,DWORD [24+esp] 624 mov eax,DWORD [28+esp] 625 mov edx,DWORD [32+esp] 626 sub eax,16 627 jc NEAR L$022cbc_abort 628 lea ebx,[esp-56] 629 mov ebp,DWORD [36+esp] 630 and ebx,-16 631 mov ecx,DWORD [40+esp] 632 xchg ebx,esp 633 movdqu xmm1,[ebp] 634 sub edi,esi 635 mov DWORD [48+esp],ebx 636 mov DWORD [esp],edi 637 mov DWORD [4+esp],edx 638 mov DWORD [8+esp],ebp 639 mov edi,eax 640 lea ebp,[(L$_vpaes_consts+0x30-L$023pic_point)] 641 call __vpaes_preheat 642L$023pic_point: 643 cmp ecx,0 644 je NEAR L$024cbc_dec_loop 645 jmp NEAR L$025cbc_enc_loop 646align 16 647L$025cbc_enc_loop: 648 movdqu xmm0,[esi] 649 pxor xmm0,xmm1 650 call __vpaes_encrypt_core 651 mov ebx,DWORD [esp] 652 mov edx,DWORD [4+esp] 653 movdqa xmm1,xmm0 654 movdqu [esi*1+ebx],xmm0 655 lea esi,[16+esi] 656 sub edi,16 657 jnc NEAR L$025cbc_enc_loop 658 jmp NEAR L$026cbc_done 659align 16 660L$024cbc_dec_loop: 661 movdqu xmm0,[esi] 662 movdqa [16+esp],xmm1 663 movdqa [32+esp],xmm0 664 call __vpaes_decrypt_core 665 mov ebx,DWORD [esp] 666 mov edx,DWORD [4+esp] 667 pxor xmm0,[16+esp] 668 movdqa xmm1,[32+esp] 669 movdqu [esi*1+ebx],xmm0 670 lea esi,[16+esi] 671 sub edi,16 672 jnc NEAR L$024cbc_dec_loop 673L$026cbc_done: 674 mov ebx,DWORD [8+esp] 675 mov esp,DWORD [48+esp] 676 movdqu [ebx],xmm1 677L$022cbc_abort: 678 pop edi 679 pop esi 680 pop ebx 681 pop ebp 682 ret 683