2 # Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the OpenSSL license (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
10 # ====================================================================
11 # Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
13 # This module may be used under the terms of either the GNU General
14 # Public License version 2 or later, the GNU Lesser General Public
15 # License version 2.1 or later, the Mozilla Public License version
16 # 1.1 or the BSD License. The exact terms of either license are
17 # distributed along with this module. For further details see
18 # http://www.openssl.org/~appro/camellia/.
19 # ====================================================================
21 # Performance in cycles per processed byte (less is better) in
22 # 'openssl speed ...' benchmark:
25 # -evp camellia-128-ecb 16.7 21.0 22.7
26 # + over gcc 3.4.6 +25% +5% 0%
28 # camellia-128-cbc 15.7 20.4 21.1
30 # 128-bit key setup 128 216 205 cycles/key
31 # + over gcc 3.4.6 +54% +39% +15%
33 # Numbers in "+" rows represent performance improvement over compiler
34 # generated code. Key setup timings are impressive on AMD and Core2
35 # thanks to 64-bit operations being covertly deployed. Improvement on
36 # EM64T, pre-Core2 Intel x86_64 CPU, is not as impressive, because it
37 # apparently emulates some of 64-bit operations in [32-bit] microcode.
41 if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
43 $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
45 $0 =~ m/(.*[\/\\])[^\
/\\]+$/; $dir=$1;
46 ( $xlate="${dir}x86_64-xlate.pl" and -f
$xlate ) or
47 ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f
$xlate) or
48 die "can't locate x86_64-xlate.pl";
50 open OUT
,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
53 sub hi
() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; }
54 sub lo
() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
55 $r =~ s/%[er]([sd]i)/%\1l/;
56 $r =~ s/%(r[0-9]+)[d]?/%\1b/; $r; }
58 $t0="%eax";$t1="%ebx";$t2="%ecx";$t3="%edx";
59 @S=("%r8d","%r9d","%r10d","%r11d");
62 $Tbl="%rbp"; # size optimization
67 $arg0d=$win64?
"%ecx":"%edi";
69 # const unsigned int Camellia_SBOX[4][256];
70 # Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
71 # and [2][] - with [3][]. This is done to minimize code size.
72 $SBOX1_1110=0; # Camellia_SBOX[0]
73 $SBOX4_4404=4; # Camellia_SBOX[1]
74 $SBOX2_0222=2048; # Camellia_SBOX[2]
75 $SBOX3_3033=2052; # Camellia_SBOX[3]
77 sub Camellia_Feistel
{
79 my $seed=defined(@_[1])?
@_[1]:0;
80 my $scale=$seed<0?
-8:8;
82 my ($s0,$s1,$s2,$s3)=(@S[($j)%4],@S[($j+1)%4],@S[($j+2)%4],@S[($j+3)%4]);
85 xor $s0,$t0 # t0^=key[0]
86 xor $s1,$t1 # t1^=key[1]
87 movz
`&hi("$t0")`,$i0 # (t0>>8)&0xff
88 movz
`&lo("$t1")`,$i1 # (t1>>0)&0xff
89 mov
$SBOX3_3033($Tbl,$i0,8),$t3 # t3=SBOX3_3033[0]
90 mov
$SBOX1_1110($Tbl,$i1,8),$t2 # t2=SBOX1_1110[1]
91 movz
`&lo("$t0")`,$i0 # (t0>>0)&0xff
93 movz
`&hi("$t1")`,$i1 # (t1>>8)&0xff
94 xor $SBOX4_4404($Tbl,$i0,8),$t3 # t3^=SBOX4_4404[0]
96 xor $SBOX4_4404($Tbl,$i1,8),$t2 # t2^=SBOX4_4404[1]
97 movz
`&hi("$t0")`,$i0 # (t0>>24)&0xff
98 movz
`&lo("$t1")`,$i1 # (t1>>16)&0xff
99 xor $SBOX1_1110($Tbl,$i0,8),$t3 # t3^=SBOX1_1110[0]
100 xor $SBOX3_3033($Tbl,$i1,8),$t2 # t2^=SBOX3_3033[1]
101 movz
`&lo("$t0")`,$i0 # (t0>>16)&0xff
102 movz
`&hi("$t1")`,$i1 # (t1>>24)&0xff
103 xor $SBOX2_0222($Tbl,$i0,8),$t3 # t3^=SBOX2_0222[0]
104 xor $SBOX2_0222($Tbl,$i1,8),$t2 # t2^=SBOX2_0222[1]
105 mov
`$seed+($i+1)*$scale`($key),$t1 # prefetch key[i+1]
106 mov
`$seed+($i+1)*$scale+4`($key),$t0
108 ror \
$8,$t3 # t3=RightRotate(t3,8)
115 # void Camellia_EncryptBlock_Rounds(
117 # const Byte plaintext[],
118 # const KEY_TABLE_TYPE keyTable,
124 .globl Camellia_EncryptBlock
125 .type Camellia_EncryptBlock
,\
@abi-omnipotent
127 Camellia_EncryptBlock
:
132 adcl \
$0,$arg0d # keyBitLength==128?3:4
135 .size Camellia_EncryptBlock
,.-Camellia_EncryptBlock
137 .globl Camellia_EncryptBlock_Rounds
138 .type Camellia_EncryptBlock_Rounds
,\
@function,4
141 Camellia_EncryptBlock_Rounds
:
155 #mov %rsi,$inp # put away arguments
159 shl \
$6,%edi # process grandRounds
160 lea
.LCamellia_SBOX
(%rip),$Tbl
161 lea
($key,%rdi),$keyend
163 mov
0(%rsi),@S[0] # load plaintext
172 call _x86_64_Camellia_encrypt
194 .cfi_adjust_cfa_offset
-40
198 .size Camellia_EncryptBlock_Rounds
,.-Camellia_EncryptBlock_Rounds
200 .type _x86_64_Camellia_encrypt
,\
@abi-omnipotent
202 _x86_64_Camellia_encrypt
:
205 xor 4($key),@S[0] # ^=key[0-3]
210 mov
16($key),$t1 # prefetch key[4-5]
214 for ($i=0;$i<6;$i++) { Camellia_Feistel
($i,16); }
218 mov
8($key),$t3 # prefetch key[2-3]
225 xor $t3,@S[2] # s2^=s3|key[3];
226 xor $t0,@S[1] # s1^=LeftRotate(s0&key[0],1);
230 xor $t1,@S[0] # s0^=s1|key[1];
231 xor $t2,@S[3] # s3^=LeftRotate(s2&key[2],1);
236 xor @S[2],$t0 # SwapHalf
246 .byte
0xf3,0xc3 # rep ret
248 .size _x86_64_Camellia_encrypt
,.-_x86_64_Camellia_encrypt
251 .globl Camellia_DecryptBlock
252 .type Camellia_DecryptBlock
,\
@abi-omnipotent
254 Camellia_DecryptBlock
:
259 adcl \
$0,$arg0d # keyBitLength==128?3:4
262 .size Camellia_DecryptBlock
,.-Camellia_DecryptBlock
264 .globl Camellia_DecryptBlock_Rounds
265 .type Camellia_DecryptBlock_Rounds
,\
@function,4
268 Camellia_DecryptBlock_Rounds
:
282 #mov %rsi,$inp # put away arguments
286 shl \
$6,%edi # process grandRounds
287 lea
.LCamellia_SBOX
(%rip),$Tbl
288 lea
($keyend,%rdi),$key
290 mov
0(%rsi),@S[0] # load plaintext
299 call _x86_64_Camellia_decrypt
321 .cfi_adjust_cfa_offset
-40
325 .size Camellia_DecryptBlock_Rounds
,.-Camellia_DecryptBlock_Rounds
327 .type _x86_64_Camellia_decrypt
,\
@abi-omnipotent
329 _x86_64_Camellia_decrypt
:
332 xor 4($key),@S[0] # ^=key[0-3]
337 mov
-8($key),$t1 # prefetch key[4-5]
341 for ($i=0;$i<6;$i++) { Camellia_Feistel
($i,-8); }
345 mov
0($key),$t3 # prefetch key[2-3]
352 xor $t3,@S[2] # s2^=s3|key[3];
353 xor $t0,@S[1] # s1^=LeftRotate(s0&key[0],1);
357 xor $t1,@S[0] # s0^=s1|key[1];
358 xor $t2,@S[3] # s3^=LeftRotate(s2&key[2],1);
369 mov
$t2,@S[0] # SwapHalf
374 .byte
0xf3,0xc3 # rep ret
376 .size _x86_64_Camellia_decrypt
,.-_x86_64_Camellia_decrypt
380 my ($rnd,$key,@T)=@_;
381 my $bias=int(@T[0])?
shift(@T):0;
385 mov
@T[1],`$bias+$rnd*8+0`($key)
386 mov
@T[0],`$bias+$rnd*8+4`($key)
387 mov
@T[3],`$bias+$rnd*8+8`($key)
388 mov
@T[2],`$bias+$rnd*8+12`($key)
391 $code.=" mov @T[0],`$bias+$rnd*8+0`($key)\n";
392 $code.=" mov @T[1],`$bias+$rnd*8+8`($key)\n" if ($#T>=1);
397 my ($rnd,$key,@T)=@_;
398 my $bias=int(@T[0])?
shift(@T):0;
400 $code.=" mov `$bias+$rnd*8+0`($key),@T[0]\n";
401 $code.=" mov `$bias+$rnd*8+8`($key),@T[1]\n" if ($#T>=1);
404 # shld is very slow on Intel EM64T family. Even on AMD it limits
405 # instruction decode rate [because it's VectorPath] and consequently
408 my ($i0,$i1,$rot)=@_;
419 # ... Implementing 128-bit rotate without shld gives 80% better
420 # performance EM64T, +15% on AMD64 and only ~7% degradation on
421 # Core2. This is therefore preferred.
423 my ($i0,$i1,$rot)=@_;
442 .globl Camellia_Ekeygen
443 .type Camellia_Ekeygen
,\
@function,3
459 mov
%edi,${keyend
}d
# put away arguments, keyBitLength
460 mov
%rdx,$out # keyTable
462 mov
0(%rsi),@S[0] # load 0-127 bits
472 &_saveround
(0,$out,@S); # KL<<<0
474 cmp \
$128,$keyend # check keyBitLength
477 mov
16(%rsi),@S[0] # load 128-191 bits
481 mov
24(%rsi),@S[2] # load 192-255 bits
495 &_saveround
(4,$out,@S); # temp storage for KR!
497 xor 0($out),@S[1] # KR^KL
503 lea
.LCamellia_SIGMA
(%rip),$key
504 lea
.LCamellia_SBOX
(%rip),$Tbl
509 &Camellia_Feistel
($step++);
510 &Camellia_Feistel
($step++);
512 xor 0($out),@S[1] # ^KL
517 &Camellia_Feistel
($step++);
518 &Camellia_Feistel
($step++);
523 lea
128($out),$out # size optimization
524 shl \
$32,%r8 # @S[0]||
525 shl \
$32,%r10 # @S[2]||
527 or %r11,%r10 # ||@S[3]
529 &_loadround
(0,$out,-128,"%rax","%rbx"); # KL
530 &_saveround
(2,$out,-128,"%r8","%r10"); # KA<<<0
531 &_rotl128
("%rax","%rbx",15);
532 &_saveround
(4,$out,-128,"%rax","%rbx"); # KL<<<15
533 &_rotl128
("%r8","%r10",15);
534 &_saveround
(6,$out,-128,"%r8","%r10"); # KA<<<15
535 &_rotl128
("%r8","%r10",15); # 15+15=30
536 &_saveround
(8,$out,-128,"%r8","%r10"); # KA<<<30
537 &_rotl128
("%rax","%rbx",30); # 15+30=45
538 &_saveround
(10,$out,-128,"%rax","%rbx"); # KL<<<45
539 &_rotl128
("%r8","%r10",15); # 30+15=45
540 &_saveround
(12,$out,-128,"%r8"); # KA<<<45
541 &_rotl128
("%rax","%rbx",15); # 45+15=60
542 &_saveround
(13,$out,-128,"%rbx"); # KL<<<60
543 &_rotl128
("%r8","%r10",15); # 45+15=60
544 &_saveround
(14,$out,-128,"%r8","%r10"); # KA<<<60
545 &_rotl128
("%rax","%rbx",17); # 60+17=77
546 &_saveround
(16,$out,-128,"%rax","%rbx"); # KL<<<77
547 &_rotl128
("%rax","%rbx",17); # 77+17=94
548 &_saveround
(18,$out,-128,"%rax","%rbx"); # KL<<<94
549 &_rotl128
("%r8","%r10",34); # 60+34=94
550 &_saveround
(20,$out,-128,"%r8","%r10"); # KA<<<94
551 &_rotl128
("%rax","%rbx",17); # 94+17=111
552 &_saveround
(22,$out,-128,"%rax","%rbx"); # KL<<<111
553 &_rotl128
("%r8","%r10",17); # 94+17=111
554 &_saveround
(24,$out,-128,"%r8","%r10"); # KA<<<111
561 &_saveround
(6,$out,@S); # temp storage for KA!
563 xor `4*8+0`($out),@S[1] # KA^KR
564 xor `4*8+4`($out),@S[0]
565 xor `5*8+0`($out),@S[3]
566 xor `5*8+4`($out),@S[2]
568 &Camellia_Feistel
($step++);
569 &Camellia_Feistel
($step++);
571 &_loadround
(0,$out,"%rax","%rbx"); # KL
572 &_loadround
(4,$out,"%rcx","%rdx"); # KR
573 &_loadround
(6,$out,"%r14","%r15"); # KA
575 lea
128($out),$out # size optimization
576 shl \
$32,%r8 # @S[0]||
577 shl \
$32,%r10 # @S[2]||
579 or %r11,%r10 # ||@S[3]
581 &_saveround
(2,$out,-128,"%r8","%r10"); # KB<<<0
582 &_rotl128
("%rcx","%rdx",15);
583 &_saveround
(4,$out,-128,"%rcx","%rdx"); # KR<<<15
584 &_rotl128
("%r14","%r15",15);
585 &_saveround
(6,$out,-128,"%r14","%r15"); # KA<<<15
586 &_rotl128
("%rcx","%rdx",15); # 15+15=30
587 &_saveround
(8,$out,-128,"%rcx","%rdx"); # KR<<<30
588 &_rotl128
("%r8","%r10",30);
589 &_saveround
(10,$out,-128,"%r8","%r10"); # KB<<<30
590 &_rotl128
("%rax","%rbx",45);
591 &_saveround
(12,$out,-128,"%rax","%rbx"); # KL<<<45
592 &_rotl128
("%r14","%r15",30); # 15+30=45
593 &_saveround
(14,$out,-128,"%r14","%r15"); # KA<<<45
594 &_rotl128
("%rax","%rbx",15); # 45+15=60
595 &_saveround
(16,$out,-128,"%rax","%rbx"); # KL<<<60
596 &_rotl128
("%rcx","%rdx",30); # 30+30=60
597 &_saveround
(18,$out,-128,"%rcx","%rdx"); # KR<<<60
598 &_rotl128
("%r8","%r10",30); # 30+30=60
599 &_saveround
(20,$out,-128,"%r8","%r10"); # KB<<<60
600 &_rotl128
("%rax","%rbx",17); # 60+17=77
601 &_saveround
(22,$out,-128,"%rax","%rbx"); # KL<<<77
602 &_rotl128
("%r14","%r15",32); # 45+32=77
603 &_saveround
(24,$out,-128,"%r14","%r15"); # KA<<<77
604 &_rotl128
("%rcx","%rdx",34); # 60+34=94
605 &_saveround
(26,$out,-128,"%rcx","%rdx"); # KR<<<94
606 &_rotl128
("%r14","%r15",17); # 77+17=94
607 &_saveround
(28,$out,-128,"%r14","%r15"); # KA<<<77
608 &_rotl128
("%rax","%rbx",34); # 77+34=111
609 &_saveround
(30,$out,-128,"%rax","%rbx"); # KL<<<111
610 &_rotl128
("%r8","%r10",51); # 60+51=111
611 &_saveround
(32,$out,-128,"%r8","%r10"); # KB<<<111
626 .cfi_adjust_cfa_offset
-40
630 .size Camellia_Ekeygen
,.-Camellia_Ekeygen
635 112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
636 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
637 134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
638 166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77,
639 139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
640 223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215,
641 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
642 254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80,
643 170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
644 16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148,
645 135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226,
646 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
647 233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
648 120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
649 114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
650 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
652 sub S1110
{ my $i=shift; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i<<8; sprintf("0x%08x",$i); }
653 sub S4404
{ my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i; sprintf("0x%08x",$i); }
654 sub S0222
{ my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; $i=$i<<16|$i<<8|$i; sprintf("0x%08x",$i); }
655 sub S3033
{ my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; $i=$i<<24|$i<<8|$i; sprintf("0x%08x",$i); }
660 .long
0x3bcc908b, 0xa09e667f, 0x4caa73b2, 0xb67ae858
661 .long
0xe94f82be, 0xc6ef372f, 0xf1d36f1c, 0x54ff53a5
662 .long
0xde682d1d, 0x10e527fa, 0xb3e6c1fd, 0xb05688c2
666 # tables are interleaved, remember?
667 sub data_word
{ $code.=".long\t".join(',',@_)."\n"; }
668 for ($i=0;$i<256;$i++) { &data_word
(&S1110
($i),&S4404
($i)); }
669 for ($i=0;$i<256;$i++) { &data_word
(&S0222
($i),&S3033
($i)); }
671 # void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
672 # size_t length, const CAMELLIA_KEY *key,
673 # unsigned char *ivp,const int enc);
676 $_end="8(%rsp)"; # inp+len&~15
677 $_res="16(%rsp)"; # len&15
683 .globl Camellia_cbc_encrypt
684 .type Camellia_cbc_encrypt
,\
@function,6
686 Camellia_cbc_encrypt
:
705 .cfi_def_cfa_register
%rbp
709 # place stack frame just "above mod 1024" the key schedule,
710 # this ensures that cache associativity suffices
711 lea
-64-63(%rcx),%r10
716 #add \$8,%rsp # 8 is reserved for callee's ra
718 mov
%rdi,$inp # inp argument
719 mov
%rsi,$out # out argument
720 mov
%r8,%rbx # ivp argument
721 mov
%rcx,$key # key argument
722 mov
272(%rcx),${keyend
}d
# grandRounds
726 .cfi_cfa_expression
$_rsp,deref
,+56
729 lea
.LCamellia_SBOX
(%rip),$Tbl
739 loop .Lcbc_prefetch_sbox
742 mov
%rdx,%rcx # len argument
743 lea
($key,$keyend),$keyend
745 cmp \
$0,%r9d # enc argument
749 and \
$15,%rcx # length residue
756 mov
0(%rbx),@S[0] # load IV
774 call _x86_64_Camellia_encrypt
776 mov
$_key,$key # "rewind" the key
796 mov
@S[0],0($out) # write out IV residue
814 .long
0x9066A4F3 # rep movsb
821 jmp
.Lcbc_eloop
# one more time
827 and \
$15,%rcx # length residue
834 mov
(%rbx),%rax # load IV
845 mov
%rax,0+$ivec # save IV to temporary storage
850 call _x86_64_Camellia_decrypt
852 mov
$_key,$key # "rewind" the key
857 mov
($inp),%rax # load IV for next iteration
889 mov
%rax,(%rdx) # write out IV residue
904 .long
0x9066A4F3 # rep movsb
908 mov
%rax,(%rdx) # write out IV residue
933 .size Camellia_cbc_encrypt
,.-Camellia_cbc_encrypt
935 .asciz
"Camellia for x86_64 by <appro\@openssl.org>"
939 # EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
940 # CONTEXT *context,DISPATCHER_CONTEXT *disp)
948 .extern __imp_RtlVirtualUnwind
949 .type common_se_handler
,\
@abi-omnipotent
963 mov
120($context),%rax # pull context->Rax
964 mov
248($context),%rbx # pull context->Rip
966 mov
8($disp),%rsi # disp->ImageBase
967 mov
56($disp),%r11 # disp->HandlerData
969 mov
0(%r11),%r10d # HandlerData[0]
970 lea
(%rsi,%r10),%r10 # prologue label
971 cmp %r10,%rbx # context->Rip<prologue label
974 mov
152($context),%rax # pull context->Rsp
976 mov
4(%r11),%r10d # HandlerData[1]
977 lea
(%rsi,%r10),%r10 # epilogue label
978 cmp %r10,%rbx # context->Rip>=epilogue label
987 mov
%rbx,144($context) # restore context->Rbx
988 mov
%rbp,160($context) # restore context->Rbp
989 mov
%r13,224($context) # restore context->R13
990 mov
%r14,232($context) # restore context->R14
991 mov
%r15,240($context) # restore context->R15
996 mov
%rax,152($context) # restore context->Rsp
997 mov
%rsi,168($context) # restore context->Rsi
998 mov
%rdi,176($context) # restore context->Rdi
1000 jmp
.Lcommon_seh_exit
1001 .size common_se_handler
,.-common_se_handler
1003 .type cbc_se_handler
,\
@abi-omnipotent
1017 mov
120($context),%rax # pull context->Rax
1018 mov
248($context),%rbx # pull context->Rip
1020 lea
.Lcbc_prologue
(%rip),%r10
1021 cmp %r10,%rbx # context->Rip<.Lcbc_prologue
1022 jb
.Lin_cbc_prologue
1024 lea
.Lcbc_body
(%rip),%r10
1025 cmp %r10,%rbx # context->Rip<.Lcbc_body
1026 jb
.Lin_cbc_frame_setup
1028 mov
152($context),%rax # pull context->Rsp
1030 lea
.Lcbc_abort
(%rip),%r10
1031 cmp %r10,%rbx # context->Rip>=.Lcbc_abort
1032 jae
.Lin_cbc_prologue
1034 # handle pushf/popf in Camellia_cbc_encrypt
1035 lea
.Lcbc_enc_pushf
(%rip),%r10
1036 cmp %r10,%rbx # context->Rip<=.Lcbc_enc_pushf
1037 jbe
.Lin_cbc_no_flag
1039 lea
.Lcbc_enc_popf
(%rip),%r10
1040 cmp %r10,%rbx # context->Rip<.Lcbc_enc_popf
1043 lea
.Lcbc_dec_pushf
(%rip),%r10
1044 cmp %r10,%rbx # context->Rip<=.Lcbc_dec_pushf
1045 jbe
.Lin_cbc_no_flag
1047 lea
.Lcbc_dec_popf
(%rip),%r10
1048 cmp %r10,%rbx # context->Rip<.Lcbc_dec_popf
1053 mov
48(%rax),%rax # $_rsp
1056 .Lin_cbc_frame_setup
:
1063 mov
%rbx,144($context) # restore context->Rbx
1064 mov
%rbp,160($context) # restore context->Rbp
1065 mov
%r12,216($context) # restore context->R12
1066 mov
%r13,224($context) # restore context->R13
1067 mov
%r14,232($context) # restore context->R14
1068 mov
%r15,240($context) # restore context->R15
1073 mov
%rax,152($context) # restore context->Rsp
1074 mov
%rsi,168($context) # restore context->Rsi
1075 mov
%rdi,176($context) # restore context->Rdi
1080 mov
40($disp),%rdi # disp->ContextRecord
1081 mov
$context,%rsi # context
1082 mov \
$`1232/8`,%ecx # sizeof(CONTEXT)
1083 .long
0xa548f3fc # cld; rep movsq
1086 xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
1087 mov
8(%rsi),%rdx # arg2, disp->ImageBase
1088 mov
0(%rsi),%r8 # arg3, disp->ControlPc
1089 mov
16(%rsi),%r9 # arg4, disp->FunctionEntry
1090 mov
40(%rsi),%r10 # disp->ContextRecord
1091 lea
56(%rsi),%r11 # &disp->HandlerData
1092 lea
24(%rsi),%r12 # &disp->EstablisherFrame
1093 mov
%r10,32(%rsp) # arg5
1094 mov
%r11,40(%rsp) # arg6
1095 mov
%r12,48(%rsp) # arg7
1096 mov
%rcx,56(%rsp) # arg8, (NULL)
1097 call
*__imp_RtlVirtualUnwind
(%rip)
1099 mov \
$1,%eax # ExceptionContinueSearch
1111 .size cbc_se_handler
,.-cbc_se_handler
1115 .rva
.LSEH_begin_Camellia_EncryptBlock_Rounds
1116 .rva
.LSEH_end_Camellia_EncryptBlock_Rounds
1117 .rva
.LSEH_info_Camellia_EncryptBlock_Rounds
1119 .rva
.LSEH_begin_Camellia_DecryptBlock_Rounds
1120 .rva
.LSEH_end_Camellia_DecryptBlock_Rounds
1121 .rva
.LSEH_info_Camellia_DecryptBlock_Rounds
1123 .rva
.LSEH_begin_Camellia_Ekeygen
1124 .rva
.LSEH_end_Camellia_Ekeygen
1125 .rva
.LSEH_info_Camellia_Ekeygen
1127 .rva
.LSEH_begin_Camellia_cbc_encrypt
1128 .rva
.LSEH_end_Camellia_cbc_encrypt
1129 .rva
.LSEH_info_Camellia_cbc_encrypt
1133 .LSEH_info_Camellia_EncryptBlock_Rounds
:
1135 .rva common_se_handler
1136 .rva
.Lenc_prologue
,.Lenc_epilogue
# HandlerData[]
1137 .LSEH_info_Camellia_DecryptBlock_Rounds
:
1139 .rva common_se_handler
1140 .rva
.Ldec_prologue
,.Ldec_epilogue
# HandlerData[]
1141 .LSEH_info_Camellia_Ekeygen
:
1143 .rva common_se_handler
1144 .rva
.Lkey_prologue
,.Lkey_epilogue
# HandlerData[]
1145 .LSEH_info_Camellia_cbc_encrypt
:
1151 $code =~ s/\`([^\`]*)\`/eval $1/gem;
1153 close STDOUT
or die "error closing STDOUT: $!";