.global asm_aescbc_sha1_hmac
.type asm_aescbc_sha1_hmac,%function
+.rodata
.align 4
.Lrcon:
.word 0x5a827999, 0x5a827999, 0x5a827999, 0x5a827999
.word 0x6ed9eba1, 0x6ed9eba1, 0x6ed9eba1, 0x6ed9eba1
.word 0x8f1bbcdc, 0x8f1bbcdc, 0x8f1bbcdc, 0x8f1bbcdc
.word 0xca62c1d6, 0xca62c1d6, 0xca62c1d6, 0xca62c1d6
+.text
asm_aescbc_sha1_hmac:
AARCH64_VALID_CALL_TARGET
ldp q10,q11,[x9],32 /* rk[2],rk[3] */
prfm PLDL1KEEP,[x0,64] /* pref next aes_ptr_in */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
aese v0.16b,v9.16b
aesmc v0.16b,v0.16b
prfm PLDL1KEEP,[x1,64] /* pref next aes_ptr_out */
*/
.Lenc_short_cases:
ldp q8,q9,[x9],32
- adr x8,.Lrcon /* rcon */
+ adrp x8,.Lrcon /* rcon */
+ add x8,x8,:lo12:.Lrcon
mov w15,0x80 /* sha padding word */
ldp q10,q11,[x9],32
lsl x11,x10,4 /* len = aes_blocks*16 */
blt .Ldec_short_cases /* branch if < 12 */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ldp q4,q5,[x8],32 /* key0,key1 */
ldp q6,q7,[x8],32 /* key2,key3 */
*/
.Ldec_short_cases:
ldp q8,q9,[x9],32
- adr x8,.Lrcon /* rcon */
+ adrp x8,.Lrcon /* rcon */
+ add x8,x8,:lo12:.Lrcon
ldp q10,q11,[x9],32
lsl x11,x10,4 /* len = aes_blocks*16 */
.global asm_aescbc_sha256_hmac
.type asm_aescbc_sha256_hmac,%function
+.rodata
.align 4
.Lrcon:
.word 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
.Linit_sha_state:
.word 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a
.word 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+.text
asm_aescbc_sha256_hmac:
AARCH64_VALID_CALL_TARGET
stp d10,d11,[sp,#16]
/* address of sha init state consts */
- adr x12,.Linit_sha_state
+ adrp x12,.Linit_sha_state
+ add x12,x12,:lo12:.Linit_sha_state
prfm PLDL1KEEP,[x1,0] /* pref next aes_ptr_out */
lsr x10,x2,4 /* aes_blocks = len/16 */
aesmc v0.16b,v0.16b
prfm PLDL1KEEP,[x1,64] /* pref next aes_ptr_out */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v12.16b},[x9],16 /* rk[4] */
aese v0.16b,v10.16b
aesmc v0.16b,v0.16b
*/
.Lenc_main_loop:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/*
* Because both mov, rev32 and eor have a busy cycle,this takes longer
* than it looks. That's OK since there are 6 cycles before we can use
*/
ld1 {v0.16b},[x0],16
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
ld1 {v6.16b},[x8],16 /* key2 */
/* quad 0 */
.Lbm2fromQ0:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
*/
1:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
* do last sha of pad block
*/
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/* quad 0 */
ld1 {v4.16b},[x8],16 /* key0 */
eor v28.16b, v28.16b, v28.16b
eor v29.16b, v29.16b, v29.16b
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/* load o_key_pad partial hash */
ldp q24,q25,[x7]
* already in place excepting the final word.
*/
.Lenc_short_loop:
- adr x8,.Lrcon /* rcon */
+ adrp x8,.Lrcon /* rcon */
+ add x8,x8,:lo12:.Lrcon
/* read next aes block, update aes_ptr_in */
ld1 {v0.16b},[x0],16
eor v0.16b,v0.16b,v3.16b /* xor w/prev value */
*/
1:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
/* do final block */
/* base address for sha round consts */
- adr x8,.Lrcon /* top of rcon */
+ adrp x8,.Lrcon /* top of rcon */
+ add x8,x8,:lo12:.Lrcon
/* quad 0 */
ld1 {v4.16b},[x8],16 /* key0 */
eor v28.16b, v28.16b, v28.16b
eor v29.16b, v29.16b, v29.16b
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/* load o_key_pad partial hash */
ldp q24,q25,[x7]
lsr x10,x2,4 /* aes_blocks = len/16 */
stp d14,d15,[sp,#48]
/* address of sha init state consts */
- adr x12,.Linit_sha_state
+ adrp x12,.Linit_sha_state
+ add x12,x12,:lo12:.Linit_sha_state
stp x19,x20,[sp,#64]
ldr x9, [x6, #CIPHER_KEY]
prfm PLDL1KEEP,[x0,64] /* pref next aes_ptr_in */
prfm PLDL1KEEP,[x1,64] /* pref next aes_ptr_out */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/*
* do the first sha256 block on the plaintext
*/
prfm PLDL1KEEP,[x1,64]
mov v23.16b,v25.16b /* working EFGH <- EFGH */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/*
* aes xform 0, sha quad 0
prfm PLDL1KEEP,[x1,64]
mov v23.16b,v25.16b /* working EFGH <- EFGH */
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
*/
.Ljoin_common:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
mov w15,0x80 /* that's the 1 of the pad */
.Lpost_loop_Q0:
/* assume this was final block */
/* read first aes block, bump aes_ptr_in */
ld1 {v0.16b},[x0]
ld1 {v31.16b},[x0],16
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
aesd v0.16b,v8.16b
aesimc v0.16b,v0.16b
.Lzero_aes_blocks_left:
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
ld1 {v4.16b},[x8],16 /* key0 */
ld1 {v5.16b},[x8],16 /* key1 */
* Calculate final HMAC
*/
/* base address for sha round consts */
- adr x8,.Lrcon
+ adrp x8,.Lrcon
+ add x8,x8,:lo12:.Lrcon
/* load o_key_pad partial hash */
ld1 {v24.16b},[x7],16
ld1 {v25.16b},[x7]
*/
.Ldec_short_cases:
ldp q8,q9,[x9],32
- adr x8,.Lrcon /* rcon */
+ adrp x8,.Lrcon /* rcon */
+ add x8,x8,:lo12:.Lrcon
ldp q10,q11,[x9],32
lsl x11,x10,4 /* len=aes_blocks*16 */
projects / thirdparty / openssl.git / commitdiff
