/freebsd/crypto/openssl/crypto/modes/asm/ |
H A D | ghash-x86_64.pl | 1092 vpxor $T2,$Xi,$Xi # 1108 vpxor $T1,$Xi,$Xi # 1113 vpxor $T2,$Xi,$Xi # 1115 vpxor $T2,$Xi,$Xi # 1355 vpxor $T2, $Xi, $Xi 1565 vpxor $T2, $Xi, $Xi 1569 vpalignr \$8,$Xi,$Xi,$Xi 1570 vpxor $T2,$Xi,$Xi 1573 vpalignr \$8,$Xi,$Xi,$Xi 1574 vpxor $Xo,$Xi,$Xi [all …]
|
H A D | ghash-x86.pl | 909 &psllq ($Xi,5); 911 &psllq ($Xi,1); 915 &pslldq ($Xi,8); 917 &pxor ($Xi,$T2); 922 &psrlq ($Xi,1); 924 &pxor ($T2,$Xi); 925 &psrlq ($Xi,5); 1077 &psllq ($Xi,5); 1152 my ($Xhi,$Xi)=@_; 1157 &pslld ($Xi,1); [all …]
|
H A D | aesni-gcm-x86_64.pl | 152 vpxor 16+8(%rsp),$Xi,$Xi # modulo-scheduled [vpxor $Z3,$Xi,$Xi] 240 vpclmulqdq \$0x11,$Hkey,$Xi,$Xi 465 vpshufb $Ii,$Xi,$Xi 724 vpshufb $Ii,$Xi,$Xi 796 vpunpckhqdq $Xi,$Xi,$T3 807 vpclmulqdq \$0x11,$Ii,$Xi,$Xi 852 vxorps $inout5,$Xi,$Xi 868 vxorps $inout5,$Xi,$Xi 873 vpunpckhqdq $Xi,$Xi,$T3 897 vpxor $T2,$Xi,$Xi [all …]
|
H A D | ghash-s390x.pl | 67 $Xi="%r2"; # argument block 115 aghi $Xi,-1 120 lg $Zlo,8+1($Xi) # Xi 149 aghi $Xi,-1 154 lg $Zlo,8+1($Xi) # Xi 155 lg $Zhi,0+1($Xi) 161 stg $Zlo,8+1($Xi) 162 stg $Zhi,0+1($Xi) 198 llgc $xi,0($cnt,$Xi) 244 stg $Zlo,8+1($Xi) [all …]
|
H A D | ghash-armv4.pl | 126 str $_,[$Xi,#$i] 128 str $_,[$Xi,#$i] 131 strb $_,[$Xi,#$i+3] 133 strb $Tlh,[$Xi,#$i+2] 135 strb $Thl,[$Xi,#$i+1] 136 strb $Thh,[$Xi,#$i] 197 ldrb $nhi,[$Xi,#15] 215 ldrb $nhi,[$Xi,#14] 301 ldrb $nlo,[$Xi,#15] 310 ldrb $nlo,[$Xi,#14] [all …]
|
H A D | ghash-parisc.pl | 134 ldb 15($Xi),$nlo 146 ldb 14($Xi),$nlo 215 std $Zll,8($Xi) 216 std $Zhh,0($Xi) 224 ldb 15($Xi),$nlo 237 ldb 14($Xi),$nlo 325 stw $Zlh,8($Xi) 327 stw $Zhl,4($Xi) 328 stw $Zhh,0($Xi) 476 std $Zll,8($Xi) [all …]
|
H A D | ghash-sparcv9.pl | 109 ldub [$Xi+15],$xi0 110 ldub [$Xi+14],$xi1 159 ldub [$Xi+$cnt],$xi1 211 stx $Zlo,[$Xi+8] 213 stx $Zhi,[$Xi] 231 stx $Zlo,[$Xi+8] 233 stx $Zhi,[$Xi] 249 ldub [$Xi+15],$nlo 261 ldub [$Xi+14],$nlo 339 stx $Zlo,[$Xi+8] [all …]
|
H A D | ghash-alpha.pl | 41 $Xi="a0"; # $16, input argument block 273 ldq $Xlo,8($Xi) 274 ldq $Xhi,0($Xi) 321 stq $Xlo,8($Xi) 322 stq $Xhi,0($Xi) 348 ldq $Xhi,0($Xi) 349 ldq $Xlo,8($Xi) 434 stq $Xlo,8($Xi) 435 stq $Xhi,0($Xi)
|
/freebsd/crypto/openssl/crypto/sha/asm/ |
H A D | sha1-mb-x86_64.pl | 817 vpunpckldq @Xi[2],@Xi[0],@Xi[0] 845 vinserti128 @Xi[2],@Xi[0],@Xi[0] 911 vpxor @Xi[-2],@Xi[1],@Xi[1] # "X[13]" 925 vpxor @Xi[3],@Xi[1],@Xi[1] 933 vpaddd @Xi[1],@Xi[1],@Xi[1] 949 vpxor @Xi[-2],@Xi[1],@Xi[1] # "X[13]" 964 vpxor @Xi[3],@Xi[1],@Xi[1] 970 vpaddd @Xi[1],@Xi[1],@Xi[1] 1002 vpxor @Xi[-2],@Xi[1],@Xi[1] # "X[13]" 1013 vpxor @Xi[3],@Xi[1],@Xi[1] [all …]
|
H A D | sha256-mb-x86_64.pl | 243 ($Xi,$Xn)=($Xn,$Xi); 809 vpunpckldq $t1,$Xi,$Xi 810 vpshufb $Xn,$Xi,$Xi 821 vpunpckldq $t1,$Xi,$Xi 822 vpshufb $Xn,$Xi,$Xi 832 vpunpckldq $t2,$Xi,$Xi 835 vinserti128 $t1,$Xi,$Xi 836 vpshufb $Xn,$Xi,$Xi 853 vpunpckldq $t2,$Xi,$Xi 858 vpshufb $Xn,$Xi,$Xi [all …]
|
H A D | sha1-armv4-large.pl | 108 $Xi="r14"; 226 mov $Xi,sp 239 teq $Xi,$t3 241 teq $Xi,sp 263 teq $Xi,$t3 282 teq $Xi,sp 334 my $Xi=4; 513 $Xi=0; 522 &vrev32_8 (@X[($Xi-3)&7],@X[($Xi-3)&7]); 525 &vadd_i32 (@X[$Xi&7],@X[($Xi-4)&7],$K); [all …]
|
H A D | sha1-thumb.pl | 46 $Xi="r12"; 139 mov $Xi,sp 176 mov $t0,$Xi 181 mov $Xi,$t1 187 cmp $Xi,$t0 193 mov $Xi,$t1 199 cmp $Xi,$t0 207 mov $Xi,$t1 213 cmp $Xi,$t0 217 mov $Xi,sp
|
H A D | sha1-sparcv9.pl | 40 $Xi="%g4"; 104 or $tmp1,$Xi,$Xi 107 srlx @X[$j%8],31,$Xi 109 and $Xi,$rot1m,$Xi 112 or $Xi,@X[$j%8],@X[$j%8] 124 $xi=$Xi; 148 $xi=$Xi; 171 $xi=$Xi; 330 srlx @X[$i+1],$tmp2,$Xi 332 or $Xi,@X[$i],@X[$i] [all …]
|
H A D | sha1-x86_64.pl | 479 my $Xi=4; 685 if ($Xi%5) { 769 $Xi=0; 799 $Xi++; 1211 $Xi=0; 1222 &vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]); 1225 &vpaddd (@X[$Xi&7],@X[($Xi-4)&7],$Kx); 1235 $Xi++; 1432 for (;$Xi<8;$Xi++) { # Xupdate_avx2_16_31 1594 $Xi++; [all …]
|
H A D | sha1-586.pl | 781 if ($Xi%5) { 872 $Xi=0; 893 &paddd (@X[($Xi-4)&7],@X[3]); 898 &movdqa (&QWP(0+16*$Xi,"esp"),@X[($Xi-4)&7]); # X[]+K xfer to IALU 906 $Xi++; 1296 if ($Xi%5) { 1376 $Xi=0; 1387 &vpshufb (@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]); 1390 &vpaddd (@X[$Xi&7],@X[($Xi-4)&7],@X[3]); 1395 &vmovdqa (&QWP(0+16*$Xi,"esp"),@X[$Xi&7]); # X[]+K xfer to IALU [all …]
|
H A D | sha1-sparcv9a.pl | 64 $Xi="%o7"; 166 add $Xi,$e,$e 186 add $Xi,$e,$e 223 add $Xi,$e,$e 243 add $Xi,$e,$e 260 add $Xi,$e,$e 274 add $Xi,$e,$e 301 add $Xi,$e,$e 323 add $Xi,$e,$e 353 add $Xi,$e,$e [all …]
|
/freebsd/crypto/openssl/crypto/modes/ |
H A D | gcm128.c | 212 Xi[0] = Z.hi; in gcm_gmult_8bit() 213 Xi[1] = Z.lo; in gcm_gmult_8bit() 362 Xi[0] = Z.hi; in gcm_gmult_4bit() 363 Xi[1] = Z.lo; in gcm_gmult_4bit() 615 Xi[0] = Z.hi; 616 Xi[1] = Z.lo; 999 memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi)); 1231 memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi)); 1473 memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi)); 1634 memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi)); [all …]
|
/freebsd/sys/crypto/openssl/arm/ |
H A D | ossl_aes_gcm.c | 73 ctx->gcm.Xi.u[0] = 0; in gcm_setiv() 74 ctx->gcm.Xi.u[1] = 0; in gcm_setiv() 100 ctx->gcm.Xi.u[0] ^= alen; in gcm_finish() 101 ctx->gcm.Xi.u[1] ^= clen; in gcm_finish() 130 ctx->gcm.Xi.c[n] ^= *(aad++); in gcm_aad() 149 ctx->gcm.Xi.c[i] ^= aad[i]; in gcm_aad() 217 ctx->gcm.Xi.c[i] ^= out[i]; in gcm_encrypt() 273 ctx->gcm.Xi.c[n] ^= c; in gcm_decrypt() 291 ctx->gcm.Xi.c[k] ^= in[k]; in gcm_decrypt() 321 ctx->gcm.Xi.c[mres++] ^= c; in gcm_decrypt() [all …]
|
H A D | ghashv8-armx.S | 69 vld1.64 {q9},[r0] @ load Xi 81 INST(0xa2,0x2e,0xaa,0xf2) @ pmull q1,q13,q9 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) 102 vst1.64 {q0},[r0] @ write out Xi 111 vld1.64 {q0},[r0] @ load [rotated] Xi 132 vext.8 q0,q0,q0,#8 @ rotate Xi 146 veor q3,q3,q0 @ I[i]^=Xi 164 INST(0xa5,0x2e,0xab,0xf2) @ pmull2 q1,q13,q10 @ (H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) 208 veor q3,q3,q0 @ inp^=Xi 209 veor q9,q8,q10 @ q9 is rotated inp^Xi 214 INST(0xa2,0x2e,0xaa,0xf2) @ pmull q1,q13,q9 @ (H.lo+H.hi)·(Xi.lo+Xi.hi) [all …]
|
/freebsd/sys/crypto/openssl/amd64/ |
H A D | ossl_aes_gcm.c | 50 memcpy(tag, ctx->gcm.Xi.c, len); in gcm_tag() 83 ctx->gcm.Xi.u[1] = 0; in gcm_setiv_avx512() 269 ctx->gcm.Xi.u[0] = 0; in gcm_setiv_aesni() 270 ctx->gcm.Xi.u[1] = 0; in gcm_setiv_aesni() 320 ctx->gcm.Xi.c[i] ^= aad[i]; in gcm_aad_aesni() 520 ctx->gcm.Xi.c[n] ^= c; in gcm_decrypt() 562 ctx->gcm.Xi.c[n] ^= c; in gcm_decrypt_ctr32() 580 ctx->gcm.Xi.c[k] ^= in[k]; in gcm_decrypt_ctr32() 607 ctx->gcm.Xi.c[mres++] ^= c; in gcm_decrypt_ctr32() 654 ctx->gcm.Xi.u[0] ^= alen; in gcm_finish_aesni() [all …]
|
/freebsd/crypto/openssl/providers/implementations/ciphers/ |
H A D | cipher_aes_gcm_hw_armv8.inc | 16 const void *key, unsigned char ivec[16], u64 *Xi) 25 aes_gcm_enc_128_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key); 28 aes_gcm_enc_192_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key); 31 aes_gcm_enc_256_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key); 38 const void *key, unsigned char ivec[16], u64 *Xi) 47 aes_gcm_dec_128_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key); 50 aes_gcm_dec_192_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key); 53 aes_gcm_dec_256_kernel(in, align_bytes * 8, out, (uint64_t *)Xi, ivec, key);
|
/freebsd/crypto/openssl/crypto/aes/asm/ |
H A D | aesni-sha1-x86_64.pl | 163 my $Xi=4; 429 if ($Xi%5) { 513 $Xi=0; 543 $Xi++; 766 $Xi=4; 1057 my $Xi=4; 1294 &vmovdqa ($Kx,eval(16*($Xi/5))."($K_XX_XX)") if ($Xi%5==0); 1365 $Xi=0; 1376 &vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@Tx[1]); 1389 $Xi++; [all …]
|
/freebsd/crypto/openssl/include/crypto/ |
H A D | aes_platform.h | 109 uint64_t *Xi, unsigned char ivec[16], const void *key); 111 uint64_t *Xi, unsigned char ivec[16], const void *key); 113 uint64_t *Xi, unsigned char ivec[16], const void *key); 115 uint64_t *Xi, unsigned char ivec[16], const void *key); 117 uint64_t *Xi, unsigned char ivec[16], const void *key); 121 unsigned char ivec[16], u64 *Xi); 123 unsigned char ivec[16], u64 *Xi); 124 void gcm_ghash_v8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len); 221 const void *key, unsigned char ivec[16], u64 *Xi); 223 const void *key, unsigned char ivec[16], u64 *Xi); [all …]
|
/freebsd/sys/crypto/armv8/ |
H A D | armv8_crypto_wrap.c | 323 __uint128_val_t Xi; member 348 memset(s->Xi.c, 0, sizeof(s->Xi.c)); in armv8_aes_gmac_setup() 357 gcm_ghash_v8(s->Xi.u, Htable, block, AES_BLOCK_LEN); in armv8_aes_gmac_setup() 371 s->Xi.u[0] ^= s->EK0.u[0]; in armv8_aes_gmac_finish() 372 s->Xi.u[1] ^= s->EK0.u[1]; in armv8_aes_gmac_finish() 427 gcm_ghash_v8(s.Xi.u, Htable, block, seglen); in armv8_aes_encrypt_gcm() 435 gcm_ghash_v8(s.Xi.u, Htable, (uint8_t *)to64, in armv8_aes_encrypt_gcm() 449 memcpy(tag, s.Xi.c, GMAC_DIGEST_LEN); in armv8_aes_encrypt_gcm() 478 gcm_ghash_v8(s.Xi.u, Htable, from, seglen); in armv8_aes_decrypt_gcm() 484 gcm_ghash_v8(s.Xi.u, Htable, block, seglen); in armv8_aes_decrypt_gcm() [all …]
|
H A D | armv8_crypto.h | 60 void gcm_init_v8(__uint128_val_t Htable[16], const uint64_t Xi[2]); 61 void gcm_gmult_v8(uint64_t Xi[2], const __uint128_val_t Htable[16]); 62 void gcm_ghash_v8(uint64_t Xi[2], const __uint128_val_t Htable[16], const uint8_t *inp, size_t len);
|