Generated files for boringssl roll to 672f6fc2486745d0cabc3aaeb4e0a3cd13b37b12 (#8)
diff --git a/BUILD.generated.gni b/BUILD.generated.gni
index 07b6e91..8a29de6 100644
--- a/BUILD.generated.gni
+++ b/BUILD.generated.gni
@@ -60,6 +60,7 @@
"src/crypto/chacha/chacha.c",
"src/crypto/cipher_extra/cipher_extra.c",
"src/crypto/cipher_extra/derive_key.c",
+ "src/crypto/cipher_extra/e_aesccm.c",
"src/crypto/cipher_extra/e_aesctrhmac.c",
"src/crypto/cipher_extra/e_aesgcmsiv.c",
"src/crypto/cipher_extra/e_chacha20poly1305.c",
@@ -74,6 +75,7 @@
"src/crypto/conf/conf.c",
"src/crypto/conf/conf_def.h",
"src/crypto/conf/internal.h",
+ "src/crypto/cpu-aarch64-fuchsia.c",
"src/crypto/cpu-aarch64-linux.c",
"src/crypto/cpu-arm-linux.c",
"src/crypto/cpu-arm.c",
@@ -81,7 +83,6 @@
"src/crypto/cpu-ppc64le.c",
"src/crypto/crypto.c",
"src/crypto/curve25519/spake25519.c",
- "src/crypto/curve25519/x25519-x86_64.c",
"src/crypto/dh/check.c",
"src/crypto/dh/dh.c",
"src/crypto/dh/dh_asn1.c",
@@ -344,6 +345,7 @@
"src/ssl/d1_srtp.cc",
"src/ssl/dtls_method.cc",
"src/ssl/dtls_record.cc",
+ "src/ssl/handoff.cc",
"src/ssl/handshake.cc",
"src/ssl/handshake_client.cc",
"src/ssl/handshake_server.cc",
@@ -462,7 +464,6 @@
"linux-x86_64/crypto/fipsmodule/vpaes-x86_64.S",
"linux-x86_64/crypto/fipsmodule/x86_64-mont.S",
"linux-x86_64/crypto/fipsmodule/x86_64-mont5.S",
- "src/crypto/curve25519/asm/x25519-asm-x86_64.S",
]
crypto_sources_mac_x86 = [
@@ -499,7 +500,6 @@
"mac-x86_64/crypto/fipsmodule/vpaes-x86_64.S",
"mac-x86_64/crypto/fipsmodule/x86_64-mont.S",
"mac-x86_64/crypto/fipsmodule/x86_64-mont5.S",
- "src/crypto/curve25519/asm/x25519-asm-x86_64.S",
]
crypto_sources_win_x86 = [
diff --git a/README b/README
index 10a7e7a..657a5d6 100644
--- a/README
+++ b/README
@@ -8,7 +8,7 @@
at revision:
-a62dbf88d8a3c04446db833a1eb80a620cb1514d
+672f6fc2486745d0cabc3aaeb4e0a3cd13b37b12
To roll boringssl forward, delete all but this file and the above mentioned
files, checkout the new boringssl into a subdirectory called src/, and run the
diff --git a/err_data.c b/err_data.c
index dbb34a3..4dda17b 100644
--- a/err_data.c
+++ b/err_data.c
@@ -185,43 +185,43 @@
0x28340c5e,
0x283480ac,
0x283500ea,
- 0x2c322cda,
+ 0x2c322cf7,
0x2c3292a5,
- 0x2c332ce8,
- 0x2c33acfa,
- 0x2c342d0e,
- 0x2c34ad20,
- 0x2c352d3b,
- 0x2c35ad4d,
- 0x2c362d60,
+ 0x2c332d05,
+ 0x2c33ad17,
+ 0x2c342d2b,
+ 0x2c34ad3d,
+ 0x2c352d58,
+ 0x2c35ad6a,
+ 0x2c362d7d,
0x2c36832d,
- 0x2c372d6d,
- 0x2c37ad7f,
- 0x2c382da4,
- 0x2c38adbb,
- 0x2c392dc9,
- 0x2c39add9,
- 0x2c3a2deb,
- 0x2c3aadff,
- 0x2c3b2e10,
- 0x2c3bae2f,
+ 0x2c372d8a,
+ 0x2c37ad9c,
+ 0x2c382dc1,
+ 0x2c38add8,
+ 0x2c392de6,
+ 0x2c39adf6,
+ 0x2c3a2e08,
+ 0x2c3aae1c,
+ 0x2c3b2e2d,
+ 0x2c3bae4c,
0x2c3c12b7,
0x2c3c92cd,
- 0x2c3d2e43,
+ 0x2c3d2e60,
0x2c3d92e6,
- 0x2c3e2e60,
- 0x2c3eae6e,
- 0x2c3f2e86,
- 0x2c3fae9e,
- 0x2c402eab,
+ 0x2c3e2e7d,
+ 0x2c3eae8b,
+ 0x2c3f2ea3,
+ 0x2c3faebb,
+ 0x2c402ec8,
0x2c4091b8,
- 0x2c412ebc,
- 0x2c41aecf,
+ 0x2c412ed9,
+ 0x2c41aeec,
0x2c42117e,
- 0x2c42aee0,
+ 0x2c42aefd,
0x2c430720,
- 0x2c43ae21,
- 0x2c442d92,
+ 0x2c43ae3e,
+ 0x2c442daf,
0x30320000,
0x30328015,
0x3033001f,
@@ -448,65 +448,65 @@
0x405fa21e,
0x4060222c,
0x4060a24e,
- 0x40612292,
- 0x4061a2ca,
- 0x406222e1,
- 0x4062a2f2,
- 0x40632303,
- 0x4063a318,
- 0x4064232f,
- 0x4064a35b,
- 0x40652376,
- 0x4065a38d,
- 0x406623a5,
- 0x4066a3cf,
- 0x406723fa,
- 0x4067a41b,
- 0x40682463,
- 0x4068a484,
- 0x406924b6,
- 0x4069a4e4,
- 0x406a2505,
- 0x406aa525,
- 0x406b26ad,
- 0x406ba6d0,
- 0x406c26e6,
- 0x406ca961,
- 0x406d2990,
- 0x406da9b8,
- 0x406e29e6,
- 0x406eaa33,
- 0x406f2a52,
- 0x406faa8a,
- 0x40702a9d,
- 0x4070aaba,
+ 0x406122af,
+ 0x4061a2e7,
+ 0x406222fe,
+ 0x4062a30f,
+ 0x40632320,
+ 0x4063a335,
+ 0x4064234c,
+ 0x4064a378,
+ 0x40652393,
+ 0x4065a3aa,
+ 0x406623c2,
+ 0x4066a3ec,
+ 0x40672417,
+ 0x4067a438,
+ 0x40682480,
+ 0x4068a4a1,
+ 0x406924d3,
+ 0x4069a501,
+ 0x406a2522,
+ 0x406aa542,
+ 0x406b26ca,
+ 0x406ba6ed,
+ 0x406c2703,
+ 0x406ca97e,
+ 0x406d29ad,
+ 0x406da9d5,
+ 0x406e2a03,
+ 0x406eaa50,
+ 0x406f2a6f,
+ 0x406faaa7,
+ 0x40702aba,
+ 0x4070aad7,
0x40710800,
- 0x4071aacc,
- 0x40722adf,
- 0x4072aaf8,
- 0x40732b10,
+ 0x4071aae9,
+ 0x40722afc,
+ 0x4072ab15,
+ 0x40732b2d,
0x407394a4,
- 0x40742b24,
- 0x4074ab3e,
- 0x40752b4f,
- 0x4075ab63,
- 0x40762b71,
+ 0x40742b41,
+ 0x4074ab5b,
+ 0x40752b6c,
+ 0x4075ab80,
+ 0x40762b8e,
0x4076927b,
- 0x40772b96,
- 0x4077abb8,
- 0x40782bd3,
- 0x4078ac0c,
- 0x40792c23,
- 0x4079ac39,
- 0x407a2c45,
- 0x407aac58,
- 0x407b2c6d,
- 0x407bac7f,
- 0x407c2cb0,
- 0x407cacb9,
- 0x407d249f,
+ 0x40772bb3,
+ 0x4077abd5,
+ 0x40782bf0,
+ 0x4078ac29,
+ 0x40792c40,
+ 0x4079ac56,
+ 0x407a2c62,
+ 0x407aac75,
+ 0x407b2c8a,
+ 0x407bac9c,
+ 0x407c2ccd,
+ 0x407cacd6,
+ 0x407d24bc,
0x407d9eca,
- 0x407e2be8,
+ 0x407e2c05,
0x407ea0a3,
0x407f1c93,
0x407f9a53,
@@ -514,66 +514,67 @@
0x40809cbb,
0x40811f46,
0x40819e7b,
- 0x408229d1,
+ 0x408229ee,
0x40829a39,
0x4083207e,
- 0x4083a340,
+ 0x4083a35d,
0x40841ccf,
0x4084a0db,
0x40852160,
0x4085a276,
0x408621d2,
0x40869ee4,
- 0x40872a17,
- 0x4087a2a7,
+ 0x40872a34,
+ 0x4087a2c4,
0x40881a9a,
- 0x4088a42e,
+ 0x4088a44b,
0x40891ae9,
0x40899a76,
- 0x408a2706,
+ 0x408a2723,
0x408a9884,
- 0x408b2c94,
- 0x408baa67,
+ 0x408b2cb1,
+ 0x408baa84,
0x408c2170,
0x408c98a0,
0x408d1d12,
0x408d9ce3,
0x408e1e2c,
0x408e9fe6,
- 0x408f2442,
- 0x41f425d8,
- 0x41f9266a,
- 0x41fe255d,
- 0x41fea752,
- 0x41ff2843,
- 0x420325f1,
- 0x42082613,
- 0x4208a64f,
- 0x42092541,
- 0x4209a689,
- 0x420a2598,
- 0x420aa578,
- 0x420b25b8,
- 0x420ba631,
- 0x420c285f,
- 0x420ca71f,
- 0x420d2739,
- 0x420da770,
- 0x4212278a,
- 0x42172826,
- 0x4217a7cc,
- 0x421c27ee,
- 0x421f27a9,
- 0x42212876,
- 0x42262809,
- 0x422b2945,
- 0x422ba8f3,
- 0x422c292d,
- 0x422ca8b2,
- 0x422d2891,
- 0x422da912,
- 0x422e28d8,
- 0x422ea9fe,
+ 0x408f245f,
+ 0x408fa292,
+ 0x41f425f5,
+ 0x41f92687,
+ 0x41fe257a,
+ 0x41fea76f,
+ 0x41ff2860,
+ 0x4203260e,
+ 0x42082630,
+ 0x4208a66c,
+ 0x4209255e,
+ 0x4209a6a6,
+ 0x420a25b5,
+ 0x420aa595,
+ 0x420b25d5,
+ 0x420ba64e,
+ 0x420c287c,
+ 0x420ca73c,
+ 0x420d2756,
+ 0x420da78d,
+ 0x421227a7,
+ 0x42172843,
+ 0x4217a7e9,
+ 0x421c280b,
+ 0x421f27c6,
+ 0x42212893,
+ 0x42262826,
+ 0x422b2962,
+ 0x422ba910,
+ 0x422c294a,
+ 0x422ca8cf,
+ 0x422d28ae,
+ 0x422da92f,
+ 0x422e28f5,
+ 0x422eaa1b,
0x4432072b,
0x4432873a,
0x44330746,
@@ -626,69 +627,69 @@
0x4c4014c9,
0x4c4092f7,
0x4c4114ed,
- 0x50322ef2,
- 0x5032af01,
- 0x50332f0c,
- 0x5033af1c,
- 0x50342f35,
- 0x5034af4f,
- 0x50352f5d,
- 0x5035af73,
- 0x50362f85,
- 0x5036af9b,
- 0x50372fb4,
- 0x5037afc7,
- 0x50382fdf,
- 0x5038aff0,
- 0x50393005,
- 0x5039b019,
- 0x503a3039,
- 0x503ab04f,
- 0x503b3067,
- 0x503bb079,
- 0x503c3095,
- 0x503cb0ac,
- 0x503d30c5,
- 0x503db0db,
- 0x503e30e8,
- 0x503eb0fe,
- 0x503f3110,
+ 0x50322f0f,
+ 0x5032af1e,
+ 0x50332f29,
+ 0x5033af39,
+ 0x50342f52,
+ 0x5034af6c,
+ 0x50352f7a,
+ 0x5035af90,
+ 0x50362fa2,
+ 0x5036afb8,
+ 0x50372fd1,
+ 0x5037afe4,
+ 0x50382ffc,
+ 0x5038b00d,
+ 0x50393022,
+ 0x5039b036,
+ 0x503a3056,
+ 0x503ab06c,
+ 0x503b3084,
+ 0x503bb096,
+ 0x503c30b2,
+ 0x503cb0c9,
+ 0x503d30e2,
+ 0x503db0f8,
+ 0x503e3105,
+ 0x503eb11b,
+ 0x503f312d,
0x503f8382,
- 0x50403123,
- 0x5040b133,
- 0x5041314d,
- 0x5041b15c,
- 0x50423176,
- 0x5042b193,
- 0x504331a3,
- 0x5043b1b3,
- 0x504431c2,
+ 0x50403140,
+ 0x5040b150,
+ 0x5041316a,
+ 0x5041b179,
+ 0x50423193,
+ 0x5042b1b0,
+ 0x504331c0,
+ 0x5043b1d0,
+ 0x504431df,
0x5044843f,
- 0x504531d6,
- 0x5045b1f4,
- 0x50463207,
- 0x5046b21d,
- 0x5047322f,
- 0x5047b244,
- 0x5048326a,
- 0x5048b278,
- 0x5049328b,
- 0x5049b2a0,
- 0x504a32b6,
- 0x504ab2c6,
- 0x504b32e6,
- 0x504bb2f9,
- 0x504c331c,
- 0x504cb34a,
- 0x504d335c,
- 0x504db379,
- 0x504e3394,
- 0x504eb3b0,
- 0x504f33c2,
- 0x504fb3d9,
- 0x505033e8,
+ 0x504531f3,
+ 0x5045b211,
+ 0x50463224,
+ 0x5046b23a,
+ 0x5047324c,
+ 0x5047b261,
+ 0x50483287,
+ 0x5048b295,
+ 0x504932a8,
+ 0x5049b2bd,
+ 0x504a32d3,
+ 0x504ab2e3,
+ 0x504b3303,
+ 0x504bb316,
+ 0x504c3339,
+ 0x504cb367,
+ 0x504d3379,
+ 0x504db396,
+ 0x504e33b1,
+ 0x504eb3cd,
+ 0x504f33df,
+ 0x504fb3f6,
+ 0x50503405,
0x505086ef,
- 0x505133fb,
+ 0x50513418,
0x58320f3a,
0x68320efc,
0x68328c6a,
@@ -1166,6 +1167,7 @@
"PEER_DID_NOT_RETURN_A_CERTIFICATE\0"
"PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE\0"
"PRE_SHARED_KEY_MUST_BE_LAST\0"
+ "PRIVATE_KEY_OPERATION_FAILED\0"
"PROTOCOL_IS_SHUTDOWN\0"
"PSK_IDENTITY_BINDER_COUNT_MISMATCH\0"
"PSK_IDENTITY_NOT_FOUND\0"
diff --git a/ios-arm/crypto/fipsmodule/aes-armv4.S b/ios-arm/crypto/fipsmodule/aes-armv4.S
index 8d43e36..9599324 100644
--- a/ios-arm/crypto/fipsmodule/aes-armv4.S
+++ b/ios-arm/crypto/fipsmodule/aes-armv4.S
@@ -179,7 +179,7 @@
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Te
#else
sub r10,r3,#_asm_AES_encrypt-AES_Te @ Te
@@ -462,7 +462,7 @@
mov lr,r1 @ bits
mov r11,r2 @ key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Te+1024 @ Te4
#else
sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
@@ -964,7 +964,7 @@
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Td
#else
sub r10,r3,#_asm_AES_decrypt-AES_Td @ Td
diff --git a/ios-arm/crypto/fipsmodule/bsaes-armv7.S b/ios-arm/crypto/fipsmodule/bsaes-armv7.S
index 5e2ebf0..6a0d4d3 100644
--- a/ios-arm/crypto/fipsmodule/bsaes-armv7.S
+++ b/ios-arm/crypto/fipsmodule/bsaes-armv7.S
@@ -13,8 +13,7 @@
@ details see http://www.openssl.org/~appro/cryptogams/.
@
@ Specific modes and adaptation for Linux kernel by Ard Biesheuvel
-@ <ard.biesheuvel@linaro.org>. Permission to use under GPL terms is
-@ granted.
+@ of Linaro. Permission to use under GPL terms is granted.
@ ====================================================================
@ Bit-sliced AES for ARM NEON
@@ -48,10 +47,7 @@
@ <appro@openssl.org>
@ April-August 2013
-@
-@ Add CBC, CTR and XTS subroutines, adapt for kernel use.
-@
-@ <ard.biesheuvel@linaro.org>
+@ Add CBC, CTR and XTS subroutines and adapt for kernel use; courtesy of Ard.
#ifndef __KERNEL__
# include <openssl/arm_arch.h>
@@ -93,7 +89,7 @@
_bsaes_decrypt8:
adr r6,.
vldmia r4!, {q9} @ round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,LM0ISR
#else
add r6,r6,#LM0ISR-_bsaes_decrypt8
@@ -586,7 +582,7 @@
_bsaes_encrypt8:
adr r6,.
vldmia r4!, {q9} @ round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,LM0SR
#else
sub r6,r6,#_bsaes_encrypt8-LM0SR
@@ -1023,7 +1019,7 @@
_bsaes_key_convert:
adr r6,.
vld1.8 {q7}, [r4]! @ load round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,LM0
#else
sub r6,r6,#_bsaes_key_convert-LM0
diff --git a/linux-arm/crypto/fipsmodule/aes-armv4.S b/linux-arm/crypto/fipsmodule/aes-armv4.S
index 5e49e08..3e2c97b 100644
--- a/linux-arm/crypto/fipsmodule/aes-armv4.S
+++ b/linux-arm/crypto/fipsmodule/aes-armv4.S
@@ -178,7 +178,7 @@
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Te
#else
sub r10,r3,#asm_AES_encrypt-AES_Te @ Te
@@ -457,7 +457,7 @@
mov lr,r1 @ bits
mov r11,r2 @ key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Te+1024 @ Te4
#else
sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
@@ -953,7 +953,7 @@
adr r3,.
#endif
stmdb sp!,{r1,r4-r12,lr}
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r10,AES_Td
#else
sub r10,r3,#asm_AES_decrypt-AES_Td @ Td
diff --git a/linux-arm/crypto/fipsmodule/bsaes-armv7.S b/linux-arm/crypto/fipsmodule/bsaes-armv7.S
index f9c6de7..a0b1e82 100644
--- a/linux-arm/crypto/fipsmodule/bsaes-armv7.S
+++ b/linux-arm/crypto/fipsmodule/bsaes-armv7.S
@@ -14,8 +14,7 @@
@ details see http://www.openssl.org/~appro/cryptogams/.
@
@ Specific modes and adaptation for Linux kernel by Ard Biesheuvel
-@ <ard.biesheuvel@linaro.org>. Permission to use under GPL terms is
-@ granted.
+@ of Linaro. Permission to use under GPL terms is granted.
@ ====================================================================
@ Bit-sliced AES for ARM NEON
@@ -49,10 +48,7 @@
@ <appro@openssl.org>
@ April-August 2013
-@
-@ Add CBC, CTR and XTS subroutines, adapt for kernel use.
-@
-@ <ard.biesheuvel@linaro.org>
+@ Add CBC, CTR and XTS subroutines and adapt for kernel use; courtesy of Ard.
#ifndef __KERNEL__
# include <openssl/arm_arch.h>
@@ -92,7 +88,7 @@
_bsaes_decrypt8:
adr r6,.
vldmia r4!, {q9} @ round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,.LM0ISR
#else
add r6,r6,#.LM0ISR-_bsaes_decrypt8
@@ -583,7 +579,7 @@
_bsaes_encrypt8:
adr r6,.
vldmia r4!, {q9} @ round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,.LM0SR
#else
sub r6,r6,#_bsaes_encrypt8-.LM0SR
@@ -1018,7 +1014,7 @@
_bsaes_key_convert:
adr r6,.
vld1.8 {q7}, [r4]! @ load round 0 key
-#ifdef __APPLE__
+#if defined(__thumb2__) || defined(__APPLE__)
adr r6,.LM0
#else
sub r6,r6,#_bsaes_key_convert-.LM0
diff --git a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
index ff87f98..0928c17 100644
--- a/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -332,13 +332,21 @@
.type asm_AES_encrypt,@function
.hidden asm_AES_encrypt
asm_AES_encrypt:
+.cfi_startproc
movq %rsp,%rax
+.cfi_def_cfa_register %rax
pushq %rbx
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_offset %r12,-32
pushq %r13
+.cfi_offset %r13,-40
pushq %r14
+.cfi_offset %r14,-48
pushq %r15
+.cfi_offset %r15,-56
leaq -63(%rdx),%rcx
@@ -351,6 +359,7 @@
movq %rsi,16(%rsp)
movq %rax,24(%rsp)
+.cfi_escape 0x0f,0x05,0x77,0x18,0x06,0x23,0x08
.Lenc_prologue:
movq %rdx,%r15
@@ -377,20 +386,29 @@
movq 16(%rsp),%r9
movq 24(%rsp),%rsi
+.cfi_def_cfa %rsi,8
movl %eax,0(%r9)
movl %ebx,4(%r9)
movl %ecx,8(%r9)
movl %edx,12(%r9)
movq -48(%rsi),%r15
+.cfi_restore %r15
movq -40(%rsi),%r14
+.cfi_restore %r14
movq -32(%rsi),%r13
+.cfi_restore %r13
movq -24(%rsi),%r12
+.cfi_restore %r12
movq -16(%rsi),%rbp
+.cfi_restore %rbp
movq -8(%rsi),%rbx
+.cfi_restore %rbx
leaq (%rsi),%rsp
+.cfi_def_cfa_register %rsp
.Lenc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size asm_AES_encrypt,.-asm_AES_encrypt
.type _x86_64_AES_decrypt,@function
.align 16
@@ -778,13 +796,21 @@
.type asm_AES_decrypt,@function
.hidden asm_AES_decrypt
asm_AES_decrypt:
+.cfi_startproc
movq %rsp,%rax
+.cfi_def_cfa_register %rax
pushq %rbx
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_offset %r12,-32
pushq %r13
+.cfi_offset %r13,-40
pushq %r14
+.cfi_offset %r14,-48
pushq %r15
+.cfi_offset %r15,-56
leaq -63(%rdx),%rcx
@@ -797,6 +823,7 @@
movq %rsi,16(%rsp)
movq %rax,24(%rsp)
+.cfi_escape 0x0f,0x05,0x77,0x18,0x06,0x23,0x08
.Ldec_prologue:
movq %rdx,%r15
@@ -825,42 +852,69 @@
movq 16(%rsp),%r9
movq 24(%rsp),%rsi
+.cfi_def_cfa %rsi,8
movl %eax,0(%r9)
movl %ebx,4(%r9)
movl %ecx,8(%r9)
movl %edx,12(%r9)
movq -48(%rsi),%r15
+.cfi_restore %r15
movq -40(%rsi),%r14
+.cfi_restore %r14
movq -32(%rsi),%r13
+.cfi_restore %r13
movq -24(%rsi),%r12
+.cfi_restore %r12
movq -16(%rsi),%rbp
+.cfi_restore %rbp
movq -8(%rsi),%rbx
+.cfi_restore %rbx
leaq (%rsi),%rsp
+.cfi_def_cfa_register %rsp
.Ldec_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size asm_AES_decrypt,.-asm_AES_decrypt
.align 16
.globl asm_AES_set_encrypt_key
.hidden asm_AES_set_encrypt_key
.type asm_AES_set_encrypt_key,@function
asm_AES_set_encrypt_key:
+.cfi_startproc
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
subq $8,%rsp
+.cfi_adjust_cfa_offset 8
.Lenc_key_prologue:
call _x86_64_AES_set_encrypt_key
movq 40(%rsp),%rbp
+.cfi_restore %rbp
movq 48(%rsp),%rbx
+.cfi_restore %rbx
addq $56,%rsp
+.cfi_adjust_cfa_offset -56
.Lenc_key_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size asm_AES_set_encrypt_key,.-asm_AES_set_encrypt_key
.type _x86_64_AES_set_encrypt_key,@function
@@ -1107,13 +1161,27 @@
.hidden asm_AES_set_decrypt_key
.type asm_AES_set_decrypt_key,@function
asm_AES_set_decrypt_key:
+.cfi_startproc
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
pushq %rdx
+.cfi_adjust_cfa_offset 8
.Ldec_key_prologue:
call _x86_64_AES_set_encrypt_key
@@ -1281,14 +1349,22 @@
xorq %rax,%rax
.Labort:
movq 8(%rsp),%r15
+.cfi_restore %r15
movq 16(%rsp),%r14
+.cfi_restore %r14
movq 24(%rsp),%r13
+.cfi_restore %r13
movq 32(%rsp),%r12
+.cfi_restore %r12
movq 40(%rsp),%rbp
+.cfi_restore %rbp
movq 48(%rsp),%rbx
+.cfi_restore %rbx
addq $56,%rsp
+.cfi_adjust_cfa_offset -56
.Ldec_key_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size asm_AES_set_decrypt_key,.-asm_AES_set_decrypt_key
.align 16
.globl asm_AES_cbc_encrypt
@@ -1298,15 +1374,30 @@
.hidden OPENSSL_ia32cap_P
.hidden asm_AES_cbc_encrypt
asm_AES_cbc_encrypt:
+.cfi_startproc
cmpq $0,%rdx
je .Lcbc_epilogue
pushfq
+.cfi_adjust_cfa_offset 8
+.cfi_offset 49,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-32
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-40
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-48
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-56
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-64
.Lcbc_prologue:
cld
@@ -1352,8 +1443,10 @@
.Lcbc_te_ok:
xchgq %rsp,%r15
+.cfi_def_cfa_register %r15
movq %r15,16(%rsp)
+.cfi_escape 0x0f,0x05,0x77,0x10,0x06,0x23,0x40
.Lcbc_fast_body:
movq %rdi,24(%rsp)
movq %rsi,32(%rsp)
@@ -1735,17 +1828,28 @@
.align 16
.Lcbc_exit:
movq 16(%rsp),%rsi
+.cfi_def_cfa %rsi,64
movq (%rsi),%r15
+.cfi_restore %r15
movq 8(%rsi),%r14
+.cfi_restore %r14
movq 16(%rsi),%r13
+.cfi_restore %r13
movq 24(%rsi),%r12
+.cfi_restore %r12
movq 32(%rsi),%rbp
+.cfi_restore %rbp
movq 40(%rsi),%rbx
+.cfi_restore %rbx
leaq 48(%rsi),%rsp
+.cfi_def_cfa %rsp,16
.Lcbc_popfq:
popfq
+.cfi_adjust_cfa_offset -8
+.cfi_restore 49
.Lcbc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size asm_AES_cbc_encrypt,.-asm_AES_cbc_encrypt
.align 64
.LAES_Te:
diff --git a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
index 0c980a3..53d594e 100644
--- a/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1003,6 +1003,7 @@
.type aesni_ctr32_encrypt_blocks,@function
.align 16
aesni_ctr32_encrypt_blocks:
+.cfi_startproc
cmpq $1,%rdx
jne .Lctr32_bulk
@@ -1033,7 +1034,9 @@
.align 16
.Lctr32_bulk:
leaq (%rsp),%r11
+.cfi_def_cfa_register %r11
pushq %rbp
+.cfi_offset %rbp,-16
subq $128,%rsp
andq $-16,%rsp
@@ -1568,17 +1571,23 @@
movaps %xmm0,112(%rsp)
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+.cfi_restore %rbp
leaq (%r11),%rsp
+.cfi_def_cfa_register %rsp
.Lctr32_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks
.globl aesni_xts_encrypt
.hidden aesni_xts_encrypt
.type aesni_xts_encrypt,@function
.align 16
aesni_xts_encrypt:
+.cfi_startproc
leaq (%rsp),%r11
+.cfi_def_cfa_register %r11
pushq %rbp
+.cfi_offset %rbp,-16
subq $112,%rsp
andq $-16,%rsp
movups (%r9),%xmm2
@@ -2033,17 +2042,23 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+.cfi_restore %rbp
leaq (%r11),%rsp
+.cfi_def_cfa_register %rsp
.Lxts_enc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_xts_encrypt,.-aesni_xts_encrypt
.globl aesni_xts_decrypt
.hidden aesni_xts_decrypt
.type aesni_xts_decrypt,@function
.align 16
aesni_xts_decrypt:
+.cfi_startproc
leaq (%rsp),%r11
+.cfi_def_cfa_register %r11
pushq %rbp
+.cfi_offset %rbp,-16
subq $112,%rsp
andq $-16,%rsp
movups (%r9),%xmm2
@@ -2535,21 +2550,35 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+.cfi_restore %rbp
leaq (%r11),%rsp
+.cfi_def_cfa_register %rsp
.Lxts_dec_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_xts_decrypt,.-aesni_xts_decrypt
.globl aesni_ocb_encrypt
.hidden aesni_ocb_encrypt
.type aesni_ocb_encrypt,@function
.align 32
aesni_ocb_encrypt:
+.cfi_startproc
leaq (%rsp),%rax
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
movq 8(%rax),%rbx
movq 8+8(%rax),%rbp
@@ -2726,14 +2755,22 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
leaq 40(%rsp),%rax
+.cfi_def_cfa %rax,8
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbp
+.cfi_restore %rbp
movq -8(%rax),%rbx
+.cfi_restore %rbx
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Locb_enc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_ocb_encrypt,.-aesni_ocb_encrypt
.type __ocb_encrypt6,@function
@@ -2947,12 +2984,23 @@
.type aesni_ocb_decrypt,@function
.align 32
aesni_ocb_decrypt:
+.cfi_startproc
leaq (%rsp),%rax
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-16
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
movq 8(%rax),%rbx
movq 8+8(%rax),%rbp
@@ -3151,14 +3199,22 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
leaq 40(%rsp),%rax
+.cfi_def_cfa %rax,8
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbp
+.cfi_restore %rbp
movq -8(%rax),%rbx
+.cfi_restore %rbx
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Locb_dec_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_ocb_decrypt,.-aesni_ocb_decrypt
.type __ocb_decrypt6,@function
@@ -3360,6 +3416,7 @@
.type aesni_cbc_encrypt,@function
.align 16
aesni_cbc_encrypt:
+.cfi_startproc
testq %rdx,%rdx
jz .Lcbc_ret
@@ -3453,7 +3510,9 @@
.align 16
.Lcbc_decrypt_bulk:
leaq (%rsp),%r11
+.cfi_def_cfa_register %r11
pushq %rbp
+.cfi_offset %rbp,-16
subq $16,%rsp
andq $-16,%rsp
movq %rcx,%rbp
@@ -3938,16 +3997,21 @@
xorps %xmm0,%xmm0
pxor %xmm1,%xmm1
movq -8(%r11),%rbp
+.cfi_restore %rbp
leaq (%r11),%rsp
+.cfi_def_cfa_register %rsp
.Lcbc_ret:
.byte 0xf3,0xc3
+.cfi_endproc
.size aesni_cbc_encrypt,.-aesni_cbc_encrypt
.globl aesni_set_decrypt_key
.hidden aesni_set_decrypt_key
.type aesni_set_decrypt_key,@function
.align 16
aesni_set_decrypt_key:
+.cfi_startproc
.byte 0x48,0x83,0xEC,0x08
+.cfi_adjust_cfa_offset 8
call __aesni_set_encrypt_key
shll $4,%esi
testl %eax,%eax
@@ -3980,7 +4044,9 @@
pxor %xmm0,%xmm0
.Ldec_key_ret:
addq $8,%rsp
+.cfi_adjust_cfa_offset -8
.byte 0xf3,0xc3
+.cfi_endproc
.LSEH_end_set_decrypt_key:
.size aesni_set_decrypt_key,.-aesni_set_decrypt_key
.globl aesni_set_encrypt_key
@@ -3989,7 +4055,9 @@
.align 16
aesni_set_encrypt_key:
__aesni_set_encrypt_key:
+.cfi_startproc
.byte 0x48,0x83,0xEC,0x08
+.cfi_adjust_cfa_offset 8
movq $-1,%rax
testq %rdi,%rdi
jz .Lenc_key_ret
@@ -4283,7 +4351,9 @@
pxor %xmm4,%xmm4
pxor %xmm5,%xmm5
addq $8,%rsp
+.cfi_adjust_cfa_offset -8
.byte 0xf3,0xc3
+.cfi_endproc
.LSEH_end_set_encrypt_key:
.align 16
diff --git a/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S b/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
index 04b161c..7c293ef 100644
--- a/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
+++ b/linux-x86_64/crypto/fipsmodule/bsaes-x86_64.S
@@ -1072,6 +1072,7 @@
.type bsaes_cbc_encrypt,@function
.align 16
bsaes_cbc_encrypt:
+.cfi_startproc
cmpl $0,%r9d
jne asm_AES_cbc_encrypt
cmpq $128,%rdx
@@ -1080,13 +1081,27 @@
movq %rsp,%rax
.Lcbc_dec_prologue:
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
leaq -72(%rsp),%rsp
+.cfi_adjust_cfa_offset 0x48
movq %rsp,%rbp
+.cfi_def_cfa_register %rbp
movl 240(%rcx),%eax
movq %rdi,%r12
movq %rsi,%r13
@@ -1306,15 +1321,24 @@
ja .Lcbc_dec_bzero
leaq 120(%rbp),%rax
+.cfi_def_cfa %rax,8
movq -48(%rax),%r15
+.cfi_restore %r15
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbx
+.cfi_restore %rbx
movq -8(%rax),%rbp
+.cfi_restore %rbp
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Lcbc_dec_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
.globl bsaes_ctr32_encrypt_blocks
@@ -1322,16 +1346,31 @@
.type bsaes_ctr32_encrypt_blocks,@function
.align 16
bsaes_ctr32_encrypt_blocks:
+.cfi_startproc
movq %rsp,%rax
.Lctr_enc_prologue:
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
leaq -72(%rsp),%rsp
+.cfi_adjust_cfa_offset 0x48
movq %rsp,%rbp
+.cfi_def_cfa_register %rbp
movdqu (%r8),%xmm0
movl 240(%rcx),%eax
movq %rdi,%r12
@@ -1506,31 +1545,55 @@
ja .Lctr_enc_bzero
leaq 120(%rbp),%rax
+.cfi_def_cfa %rax,8
movq -48(%rax),%r15
+.cfi_restore %r15
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbx
+.cfi_restore %rbx
movq -8(%rax),%rbp
+.cfi_restore %rbp
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Lctr_enc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
.globl bsaes_xts_encrypt
.hidden bsaes_xts_encrypt
.type bsaes_xts_encrypt,@function
.align 16
bsaes_xts_encrypt:
+.cfi_startproc
movq %rsp,%rax
.Lxts_enc_prologue:
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
leaq -72(%rsp),%rsp
+.cfi_adjust_cfa_offset 0x48
movq %rsp,%rbp
+.cfi_def_cfa_register %rbp
movq %rdi,%r12
movq %rsi,%r13
movq %rdx,%r14
@@ -1957,15 +2020,24 @@
ja .Lxts_enc_bzero
leaq 120(%rbp),%rax
+.cfi_def_cfa %rax,8
movq -48(%rax),%r15
+.cfi_restore %r15
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbx
+.cfi_restore %rbx
movq -8(%rax),%rbp
+.cfi_restore %rbp
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Lxts_enc_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size bsaes_xts_encrypt,.-bsaes_xts_encrypt
.globl bsaes_xts_decrypt
@@ -1973,15 +2045,29 @@
.type bsaes_xts_decrypt,@function
.align 16
bsaes_xts_decrypt:
+.cfi_startproc
movq %rsp,%rax
.Lxts_dec_prologue:
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
leaq -72(%rsp),%rsp
+.cfi_adjust_cfa_offset 0x48
movq %rsp,%rbp
movq %rdi,%r12
movq %rsi,%r13
@@ -2435,15 +2521,24 @@
ja .Lxts_dec_bzero
leaq 120(%rbp),%rax
+.cfi_def_cfa %rax,8
movq -48(%rax),%r15
+.cfi_restore %r15
movq -40(%rax),%r14
+.cfi_restore %r14
movq -32(%rax),%r13
+.cfi_restore %r13
movq -24(%rax),%r12
+.cfi_restore %r12
movq -16(%rax),%rbx
+.cfi_restore %rbx
movq -8(%rax),%rbp
+.cfi_restore %rbp
leaq (%rax),%rsp
+.cfi_def_cfa_register %rsp
.Lxts_dec_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size bsaes_xts_decrypt,.-bsaes_xts_decrypt
.type _bsaes_const,@object
.align 64
diff --git a/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S b/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
index 6d21888..21e5471 100644
--- a/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
+++ b/linux-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
@@ -24,8 +24,14 @@
.type ecp_nistz256_neg,@function
.align 32
ecp_nistz256_neg:
+.cfi_startproc
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-16
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-24
+.Lneg_body:
xorq %r8,%r8
xorq %r9,%r9
@@ -59,9 +65,15 @@
movq %r10,16(%rdi)
movq %r11,24(%rdi)
- popq %r13
- popq %r12
+ movq 0(%rsp),%r13
+.cfi_restore %r13
+ movq 8(%rsp),%r12
+.cfi_restore %r12
+ leaq 16(%rsp),%rsp
+.cfi_adjust_cfa_offset -16
+.Lneg_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_neg,.-ecp_nistz256_neg
@@ -74,13 +86,27 @@
.type ecp_nistz256_mul_mont,@function
.align 32
ecp_nistz256_mul_mont:
+.cfi_startproc
.Lmul_mont:
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
+.Lmul_body:
movq %rdx,%rbx
movq 0(%rdx),%rax
movq 0(%rsi),%r9
@@ -90,13 +116,23 @@
call __ecp_nistz256_mul_montq
.Lmul_mont_done:
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ movq 0(%rsp),%r15
+.cfi_restore %r15
+ movq 8(%rsp),%r14
+.cfi_restore %r14
+ movq 16(%rsp),%r13
+.cfi_restore %r13
+ movq 24(%rsp),%r12
+.cfi_restore %r12
+ movq 32(%rsp),%rbx
+.cfi_restore %rbx
+ movq 40(%rsp),%rbp
+.cfi_restore %rbp
+ leaq 48(%rsp),%rsp
+.cfi_adjust_cfa_offset -48
+.Lmul_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_mul_mont,.-ecp_nistz256_mul_mont
.type __ecp_nistz256_mul_montq,@function
@@ -327,12 +363,26 @@
.type ecp_nistz256_sqr_mont,@function
.align 32
ecp_nistz256_sqr_mont:
+.cfi_startproc
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
+.Lsqr_body:
movq 0(%rsi),%rax
movq 8(%rsi),%r14
movq 16(%rsi),%r15
@@ -340,13 +390,23 @@
call __ecp_nistz256_sqr_montq
.Lsqr_mont_done:
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ movq 0(%rsp),%r15
+.cfi_restore %r15
+ movq 8(%rsp),%r14
+.cfi_restore %r14
+ movq 16(%rsp),%r13
+.cfi_restore %r13
+ movq 24(%rsp),%r12
+.cfi_restore %r12
+ movq 32(%rsp),%rbx
+.cfi_restore %rbx
+ movq 40(%rsp),%rbp
+.cfi_restore %rbp
+ leaq 48(%rsp),%rsp
+.cfi_adjust_cfa_offset -48
+.Lsqr_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_sqr_mont,.-ecp_nistz256_sqr_mont
.type __ecp_nistz256_sqr_montq,@function
@@ -572,6 +632,7 @@
movdqu %xmm6,64(%rdi)
movdqu %xmm7,80(%rdi)
.byte 0xf3,0xc3
+.LSEH_end_ecp_nistz256_select_w5:
.size ecp_nistz256_select_w5,.-ecp_nistz256_select_w5
@@ -625,6 +686,7 @@
movdqu %xmm4,32(%rdi)
movdqu %xmm5,48(%rdi)
.byte 0xf3,0xc3
+.LSEH_end_ecp_nistz256_select_w7:
.size ecp_nistz256_select_w7,.-ecp_nistz256_select_w7
@@ -685,6 +747,7 @@
vmovdqu %ymm4,64(%rdi)
vzeroupper
.byte 0xf3,0xc3
+.LSEH_end_ecp_nistz256_avx2_select_w5:
.size ecp_nistz256_avx2_select_w5,.-ecp_nistz256_avx2_select_w5
@@ -763,6 +826,7 @@
vmovdqu %ymm3,32(%rdi)
vzeroupper
.byte 0xf3,0xc3
+.LSEH_end_ecp_nistz256_avx2_select_w7:
.size ecp_nistz256_avx2_select_w7,.-ecp_nistz256_avx2_select_w7
.type __ecp_nistz256_add_toq,@function
.align 32
@@ -890,13 +954,28 @@
.type ecp_nistz256_point_double,@function
.align 32
ecp_nistz256_point_double:
+.cfi_startproc
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
subq $160+8,%rsp
+.cfi_adjust_cfa_offset 32*5+8
+.Lpoint_doubleq_body:
.Lpoint_double_shortcutq:
movdqu 0(%rsi),%xmm0
@@ -1079,27 +1158,53 @@
.byte 102,72,15,126,207
call __ecp_nistz256_sub_fromq
- addq $160+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 160+56(%rsp),%rsi
+.cfi_def_cfa %rsi,8
+ movq -48(%rsi),%r15
+.cfi_restore %r15
+ movq -40(%rsi),%r14
+.cfi_restore %r14
+ movq -32(%rsi),%r13
+.cfi_restore %r13
+ movq -24(%rsi),%r12
+.cfi_restore %r12
+ movq -16(%rsi),%rbx
+.cfi_restore %rbx
+ movq -8(%rsi),%rbp
+.cfi_restore %rbp
+ leaq (%rsi),%rsp
+.cfi_def_cfa_register %rsp
+.Lpoint_doubleq_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_point_double,.-ecp_nistz256_point_double
.globl ecp_nistz256_point_add
.hidden ecp_nistz256_point_add
.type ecp_nistz256_point_add,@function
.align 32
ecp_nistz256_point_add:
+.cfi_startproc
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
subq $576+8,%rsp
+.cfi_adjust_cfa_offset 32*18+8
+.Lpoint_addq_body:
movdqu 0(%rsi),%xmm0
movdqu 16(%rsi),%xmm1
@@ -1476,27 +1581,53 @@
movdqu %xmm3,48(%rdi)
.Ladd_doneq:
- addq $576+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 576+56(%rsp),%rsi
+.cfi_def_cfa %rsi,8
+ movq -48(%rsi),%r15
+.cfi_restore %r15
+ movq -40(%rsi),%r14
+.cfi_restore %r14
+ movq -32(%rsi),%r13
+.cfi_restore %r13
+ movq -24(%rsi),%r12
+.cfi_restore %r12
+ movq -16(%rsi),%rbx
+.cfi_restore %rbx
+ movq -8(%rsi),%rbp
+.cfi_restore %rbp
+ leaq (%rsi),%rsp
+.cfi_def_cfa_register %rsp
+.Lpoint_addq_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_point_add,.-ecp_nistz256_point_add
.globl ecp_nistz256_point_add_affine
.hidden ecp_nistz256_point_add_affine
.type ecp_nistz256_point_add_affine,@function
.align 32
ecp_nistz256_point_add_affine:
+.cfi_startproc
pushq %rbp
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbp,-16
pushq %rbx
+.cfi_adjust_cfa_offset 8
+.cfi_offset %rbx,-24
pushq %r12
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r12,-32
pushq %r13
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r13,-40
pushq %r14
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r14,-48
pushq %r15
+.cfi_adjust_cfa_offset 8
+.cfi_offset %r15,-56
subq $480+8,%rsp
+.cfi_adjust_cfa_offset 32*15+8
+.Ladd_affineq_body:
movdqu 0(%rsi),%xmm0
movq %rdx,%rbx
@@ -1779,13 +1910,24 @@
movdqu %xmm2,32(%rdi)
movdqu %xmm3,48(%rdi)
- addq $480+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 480+56(%rsp),%rsi
+.cfi_def_cfa %rsi,8
+ movq -48(%rsi),%r15
+.cfi_restore %r15
+ movq -40(%rsi),%r14
+.cfi_restore %r14
+ movq -32(%rsi),%r13
+.cfi_restore %r13
+ movq -24(%rsi),%r12
+.cfi_restore %r12
+ movq -16(%rsi),%rbx
+.cfi_restore %rbx
+ movq -8(%rsi),%rbp
+.cfi_restore %rbp
+ leaq (%rsi),%rsp
+.cfi_def_cfa_register %rsp
+.Ladd_affineq_epilogue:
.byte 0xf3,0xc3
+.cfi_endproc
.size ecp_nistz256_point_add_affine,.-ecp_nistz256_point_add_affine
#endif
diff --git a/linux-x86_64/crypto/fipsmodule/x86_64-mont.S b/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
index b32e2f0..1f673ef 100644
--- a/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
+++ b/linux-x86_64/crypto/fipsmodule/x86_64-mont.S
@@ -212,8 +212,7 @@
movq %r9,%r15
jmp .Lsub
.align 16
-.Lsub:
- sbbq (%rcx,%r14,8),%rax
+.Lsub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
diff --git a/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S b/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
index 208b1dc..1ec58ca 100644
--- a/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
+++ b/linux-x86_64/crypto/fipsmodule/x86_64-mont5.S
@@ -396,8 +396,7 @@
movq %r9,%r15
jmp .Lsub
.align 16
-.Lsub:
- sbbq (%rcx,%r14,8),%rax
+.Lsub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
diff --git a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
index c7c4829..f7b1b06 100644
--- a/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aes-x86_64.S
@@ -332,15 +332,23 @@
.private_extern _asm_AES_encrypt
_asm_AES_encrypt:
+
movq %rsp,%rax
+
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -63(%rdx),%rcx
andq $-64,%rsp
subq %rsp,%rcx
@@ -351,6 +359,7 @@
movq %rsi,16(%rsp)
movq %rax,24(%rsp)
+
L$enc_prologue:
movq %rdx,%r15
@@ -377,22 +386,31 @@
movq 16(%rsp),%r9
movq 24(%rsp),%rsi
+
movl %eax,0(%r9)
movl %ebx,4(%r9)
movl %ecx,8(%r9)
movl %edx,12(%r9)
movq -48(%rsi),%r15
+
movq -40(%rsi),%r14
+
movq -32(%rsi),%r13
+
movq -24(%rsi),%r12
+
movq -16(%rsi),%rbp
+
movq -8(%rsi),%rbx
+
leaq (%rsi),%rsp
+
L$enc_epilogue:
.byte 0xf3,0xc3
+
.p2align 4
_x86_64_AES_decrypt:
xorl 0(%r15),%eax
@@ -778,15 +796,23 @@
.private_extern _asm_AES_decrypt
_asm_AES_decrypt:
+
movq %rsp,%rax
+
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -63(%rdx),%rcx
andq $-64,%rsp
subq %rsp,%rcx
@@ -797,6 +823,7 @@
movq %rsi,16(%rsp)
movq %rax,24(%rsp)
+
L$dec_prologue:
movq %rdx,%r15
@@ -825,45 +852,66 @@
movq 16(%rsp),%r9
movq 24(%rsp),%rsi
+
movl %eax,0(%r9)
movl %ebx,4(%r9)
movl %ecx,8(%r9)
movl %edx,12(%r9)
movq -48(%rsi),%r15
+
movq -40(%rsi),%r14
+
movq -32(%rsi),%r13
+
movq -24(%rsi),%r12
+
movq -16(%rsi),%rbp
+
movq -8(%rsi),%rbx
+
leaq (%rsi),%rsp
+
L$dec_epilogue:
.byte 0xf3,0xc3
+
.p2align 4
.globl _asm_AES_set_encrypt_key
.private_extern _asm_AES_set_encrypt_key
_asm_AES_set_encrypt_key:
+
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
subq $8,%rsp
+
L$enc_key_prologue:
call _x86_64_AES_set_encrypt_key
movq 40(%rsp),%rbp
+
movq 48(%rsp),%rbx
+
addq $56,%rsp
+
L$enc_key_epilogue:
.byte 0xf3,0xc3
+
.p2align 4
_x86_64_AES_set_encrypt_key:
movl %esi,%ecx
@@ -1107,13 +1155,21 @@
.private_extern _asm_AES_set_decrypt_key
_asm_AES_set_decrypt_key:
+
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
pushq %rdx
+
L$dec_key_prologue:
call _x86_64_AES_set_encrypt_key
@@ -1281,15 +1337,23 @@
xorq %rax,%rax
L$abort:
movq 8(%rsp),%r15
+
movq 16(%rsp),%r14
+
movq 24(%rsp),%r13
+
movq 32(%rsp),%r12
+
movq 40(%rsp),%rbp
+
movq 48(%rsp),%rbx
+
addq $56,%rsp
+
L$dec_key_epilogue:
.byte 0xf3,0xc3
+
.p2align 4
.globl _asm_AES_cbc_encrypt
.private_extern _asm_AES_cbc_encrypt
@@ -1297,15 +1361,23 @@
.private_extern _asm_AES_cbc_encrypt
_asm_AES_cbc_encrypt:
+
cmpq $0,%rdx
je L$cbc_epilogue
pushfq
+
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
L$cbc_prologue:
cld
@@ -1352,7 +1424,9 @@
xchgq %rsp,%r15
+
movq %r15,16(%rsp)
+
L$cbc_fast_body:
movq %rdi,24(%rsp)
movq %rsi,32(%rsp)
@@ -1734,18 +1808,28 @@
.p2align 4
L$cbc_exit:
movq 16(%rsp),%rsi
+
movq (%rsi),%r15
+
movq 8(%rsi),%r14
+
movq 16(%rsi),%r13
+
movq 24(%rsi),%r12
+
movq 32(%rsi),%rbp
+
movq 40(%rsi),%rbx
+
leaq 48(%rsi),%rsp
+
L$cbc_popfq:
popfq
+
L$cbc_epilogue:
.byte 0xf3,0xc3
+
.p2align 6
L$AES_Te:
.long 0xa56363c6,0xa56363c6
diff --git a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
index 4ee0dc4..6899800 100644
--- a/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/aesni-x86_64.S
@@ -1002,6 +1002,7 @@
.p2align 4
_aesni_ctr32_encrypt_blocks:
+
cmpq $1,%rdx
jne L$ctr32_bulk
@@ -1032,7 +1033,9 @@
.p2align 4
L$ctr32_bulk:
leaq (%rsp),%r11
+
pushq %rbp
+
subq $128,%rsp
andq $-16,%rsp
@@ -1567,17 +1570,23 @@
movaps %xmm0,112(%rsp)
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+
leaq (%r11),%rsp
+
L$ctr32_epilogue:
.byte 0xf3,0xc3
+
.globl _aesni_xts_encrypt
.private_extern _aesni_xts_encrypt
.p2align 4
_aesni_xts_encrypt:
+
leaq (%rsp),%r11
+
pushq %rbp
+
subq $112,%rsp
andq $-16,%rsp
movups (%r9),%xmm2
@@ -2032,17 +2041,23 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+
leaq (%r11),%rsp
+
L$xts_enc_epilogue:
.byte 0xf3,0xc3
+
.globl _aesni_xts_decrypt
.private_extern _aesni_xts_decrypt
.p2align 4
_aesni_xts_decrypt:
+
leaq (%rsp),%r11
+
pushq %rbp
+
subq $112,%rsp
andq $-16,%rsp
movups (%r9),%xmm2
@@ -2534,21 +2549,30 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
movq -8(%r11),%rbp
+
leaq (%r11),%rsp
+
L$xts_dec_epilogue:
.byte 0xf3,0xc3
+
.globl _aesni_ocb_encrypt
.private_extern _aesni_ocb_encrypt
.p2align 5
_aesni_ocb_encrypt:
+
leaq (%rsp),%rax
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
movq 8(%rax),%rbx
movq 8+8(%rax),%rbp
@@ -2725,17 +2749,25 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
leaq 40(%rsp),%rax
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbp
+
movq -8(%rax),%rbx
+
leaq (%rax),%rsp
+
L$ocb_enc_epilogue:
.byte 0xf3,0xc3
+
.p2align 5
__ocb_encrypt6:
pxor %xmm9,%xmm15
@@ -2946,12 +2978,18 @@
.p2align 5
_aesni_ocb_decrypt:
+
leaq (%rsp),%rax
pushq %rbx
+
pushq %rbp
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
movq 8(%rax),%rbx
movq 8+8(%rax),%rbp
@@ -3150,17 +3188,25 @@
pxor %xmm14,%xmm14
pxor %xmm15,%xmm15
leaq 40(%rsp),%rax
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbp
+
movq -8(%rax),%rbx
+
leaq (%rax),%rsp
+
L$ocb_dec_epilogue:
.byte 0xf3,0xc3
+
.p2align 5
__ocb_decrypt6:
pxor %xmm9,%xmm15
@@ -3359,6 +3405,7 @@
.p2align 4
_aesni_cbc_encrypt:
+
testq %rdx,%rdx
jz L$cbc_ret
@@ -3452,7 +3499,9 @@
.p2align 4
L$cbc_decrypt_bulk:
leaq (%rsp),%r11
+
pushq %rbp
+
subq $16,%rsp
andq $-16,%rsp
movq %rcx,%rbp
@@ -3937,16 +3986,21 @@
xorps %xmm0,%xmm0
pxor %xmm1,%xmm1
movq -8(%r11),%rbp
+
leaq (%r11),%rsp
+
L$cbc_ret:
.byte 0xf3,0xc3
+
.globl _aesni_set_decrypt_key
.private_extern _aesni_set_decrypt_key
.p2align 4
_aesni_set_decrypt_key:
+
.byte 0x48,0x83,0xEC,0x08
+
call __aesni_set_encrypt_key
shll $4,%esi
testl %eax,%eax
@@ -3979,7 +4033,9 @@
pxor %xmm0,%xmm0
L$dec_key_ret:
addq $8,%rsp
+
.byte 0xf3,0xc3
+
L$SEH_end_set_decrypt_key:
.globl _aesni_set_encrypt_key
@@ -3988,7 +4044,9 @@
.p2align 4
_aesni_set_encrypt_key:
__aesni_set_encrypt_key:
+
.byte 0x48,0x83,0xEC,0x08
+
movq $-1,%rax
testq %rdi,%rdi
jz L$enc_key_ret
@@ -4282,7 +4340,9 @@
pxor %xmm4,%xmm4
pxor %xmm5,%xmm5
addq $8,%rsp
+
.byte 0xf3,0xc3
+
L$SEH_end_set_encrypt_key:
.p2align 4
diff --git a/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S b/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
index 195abd3..91cd048 100644
--- a/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
+++ b/mac-x86_64/crypto/fipsmodule/bsaes-x86_64.S
@@ -1069,6 +1069,7 @@
.p2align 4
_bsaes_cbc_encrypt:
+
cmpl $0,%r9d
jne _asm_AES_cbc_encrypt
cmpq $128,%rdx
@@ -1077,13 +1078,21 @@
movq %rsp,%rax
L$cbc_dec_prologue:
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -72(%rsp),%rsp
+
movq %rsp,%rbp
+
movl 240(%rcx),%eax
movq %rdi,%r12
movq %rsi,%r13
@@ -1303,32 +1312,50 @@
ja L$cbc_dec_bzero
leaq 120(%rbp),%rax
+
movq -48(%rax),%r15
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbx
+
movq -8(%rax),%rbp
+
leaq (%rax),%rsp
+
L$cbc_dec_epilogue:
.byte 0xf3,0xc3
+
.globl _bsaes_ctr32_encrypt_blocks
.private_extern _bsaes_ctr32_encrypt_blocks
.p2align 4
_bsaes_ctr32_encrypt_blocks:
+
movq %rsp,%rax
L$ctr_enc_prologue:
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -72(%rsp),%rsp
+
movq %rsp,%rbp
+
movdqu (%r8),%xmm0
movl 240(%rcx),%eax
movq %rdi,%r12
@@ -1503,31 +1530,49 @@
ja L$ctr_enc_bzero
leaq 120(%rbp),%rax
+
movq -48(%rax),%r15
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbx
+
movq -8(%rax),%rbp
+
leaq (%rax),%rsp
+
L$ctr_enc_epilogue:
.byte 0xf3,0xc3
+
.globl _bsaes_xts_encrypt
.private_extern _bsaes_xts_encrypt
.p2align 4
_bsaes_xts_encrypt:
+
movq %rsp,%rax
L$xts_enc_prologue:
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -72(%rsp),%rsp
+
movq %rsp,%rbp
+
movq %rdi,%r12
movq %rsi,%r13
movq %rdx,%r14
@@ -1954,31 +1999,48 @@
ja L$xts_enc_bzero
leaq 120(%rbp),%rax
+
movq -48(%rax),%r15
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbx
+
movq -8(%rax),%rbp
+
leaq (%rax),%rsp
+
L$xts_enc_epilogue:
.byte 0xf3,0xc3
+
.globl _bsaes_xts_decrypt
.private_extern _bsaes_xts_decrypt
.p2align 4
_bsaes_xts_decrypt:
+
movq %rsp,%rax
L$xts_dec_prologue:
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
leaq -72(%rsp),%rsp
+
movq %rsp,%rbp
movq %rdi,%r12
movq %rsi,%r13
@@ -2432,17 +2494,26 @@
ja L$xts_dec_bzero
leaq 120(%rbp),%rax
+
movq -48(%rax),%r15
+
movq -40(%rax),%r14
+
movq -32(%rax),%r13
+
movq -24(%rax),%r12
+
movq -16(%rax),%rbx
+
movq -8(%rax),%rbp
+
leaq (%rax),%rsp
+
L$xts_dec_epilogue:
.byte 0xf3,0xc3
+
.p2align 6
_bsaes_const:
L$M0ISR:
diff --git a/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S b/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
index f787577..8295346 100644
--- a/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
+++ b/mac-x86_64/crypto/fipsmodule/p256-x86_64-asm.S
@@ -23,9 +23,13 @@
.p2align 5
_ecp_nistz256_neg:
+
pushq %r12
+
pushq %r13
+L$neg_body:
+
xorq %r8,%r8
xorq %r9,%r9
xorq %r10,%r10
@@ -58,8 +62,13 @@
movq %r10,16(%rdi)
movq %r11,24(%rdi)
- popq %r13
- popq %r12
+ movq 0(%rsp),%r13
+
+ movq 8(%rsp),%r12
+
+ leaq 16(%rsp),%rsp
+
+L$neg_epilogue:
.byte 0xf3,0xc3
@@ -68,18 +77,27 @@
+
.globl _ecp_nistz256_mul_mont
.private_extern _ecp_nistz256_mul_mont
.p2align 5
_ecp_nistz256_mul_mont:
+
L$mul_mont:
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
+L$mul_body:
movq %rdx,%rbx
movq 0(%rdx),%rax
movq 0(%rsi),%r9
@@ -89,16 +107,26 @@
call __ecp_nistz256_mul_montq
L$mul_mont_done:
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ movq 0(%rsp),%r15
+
+ movq 8(%rsp),%r14
+
+ movq 16(%rsp),%r13
+
+ movq 24(%rsp),%r12
+
+ movq 32(%rsp),%rbx
+
+ movq 40(%rsp),%rbp
+
+ leaq 48(%rsp),%rsp
+
+L$mul_epilogue:
.byte 0xf3,0xc3
+
.p2align 5
__ecp_nistz256_mul_montq:
@@ -326,12 +354,20 @@
.p2align 5
_ecp_nistz256_sqr_mont:
+
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
+L$sqr_body:
movq 0(%rsi),%rax
movq 8(%rsi),%r14
movq 16(%rsi),%r15
@@ -339,16 +375,26 @@
call __ecp_nistz256_sqr_montq
L$sqr_mont_done:
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ movq 0(%rsp),%r15
+
+ movq 8(%rsp),%r14
+
+ movq 16(%rsp),%r13
+
+ movq 24(%rsp),%r12
+
+ movq 32(%rsp),%rbx
+
+ movq 40(%rsp),%rbp
+
+ leaq 48(%rsp),%rsp
+
+L$sqr_epilogue:
.byte 0xf3,0xc3
+
.p2align 5
__ecp_nistz256_sqr_montq:
movq %rax,%r13
@@ -571,6 +617,7 @@
movdqu %xmm6,64(%rdi)
movdqu %xmm7,80(%rdi)
.byte 0xf3,0xc3
+L$SEH_end_ecp_nistz256_select_w5:
@@ -624,6 +671,7 @@
movdqu %xmm4,32(%rdi)
movdqu %xmm5,48(%rdi)
.byte 0xf3,0xc3
+L$SEH_end_ecp_nistz256_select_w7:
@@ -684,6 +732,7 @@
vmovdqu %ymm4,64(%rdi)
vzeroupper
.byte 0xf3,0xc3
+L$SEH_end_ecp_nistz256_avx2_select_w5:
@@ -762,6 +811,7 @@
vmovdqu %ymm3,32(%rdi)
vzeroupper
.byte 0xf3,0xc3
+L$SEH_end_ecp_nistz256_avx2_select_w7:
.p2align 5
@@ -889,14 +939,23 @@
.p2align 5
_ecp_nistz256_point_double:
+
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
subq $160+8,%rsp
+L$point_doubleq_body:
+
L$point_double_shortcutq:
movdqu 0(%rsi),%xmm0
movq %rsi,%rbx
@@ -1078,28 +1137,48 @@
.byte 102,72,15,126,207
call __ecp_nistz256_sub_fromq
- addq $160+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 160+56(%rsp),%rsi
+
+ movq -48(%rsi),%r15
+
+ movq -40(%rsi),%r14
+
+ movq -32(%rsi),%r13
+
+ movq -24(%rsi),%r12
+
+ movq -16(%rsi),%rbx
+
+ movq -8(%rsi),%rbp
+
+ leaq (%rsi),%rsp
+
+L$point_doubleq_epilogue:
.byte 0xf3,0xc3
+
.globl _ecp_nistz256_point_add
.private_extern _ecp_nistz256_point_add
.p2align 5
_ecp_nistz256_point_add:
+
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
subq $576+8,%rsp
+L$point_addq_body:
+
movdqu 0(%rsi),%xmm0
movdqu 16(%rsi),%xmm1
movdqu 32(%rsi),%xmm2
@@ -1475,28 +1554,48 @@
movdqu %xmm3,48(%rdi)
L$add_doneq:
- addq $576+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 576+56(%rsp),%rsi
+
+ movq -48(%rsi),%r15
+
+ movq -40(%rsi),%r14
+
+ movq -32(%rsi),%r13
+
+ movq -24(%rsi),%r12
+
+ movq -16(%rsi),%rbx
+
+ movq -8(%rsi),%rbp
+
+ leaq (%rsi),%rsp
+
+L$point_addq_epilogue:
.byte 0xf3,0xc3
+
.globl _ecp_nistz256_point_add_affine
.private_extern _ecp_nistz256_point_add_affine
.p2align 5
_ecp_nistz256_point_add_affine:
+
pushq %rbp
+
pushq %rbx
+
pushq %r12
+
pushq %r13
+
pushq %r14
+
pushq %r15
+
subq $480+8,%rsp
+L$add_affineq_body:
+
movdqu 0(%rsi),%xmm0
movq %rdx,%rbx
movdqu 16(%rsi),%xmm1
@@ -1778,13 +1877,24 @@
movdqu %xmm2,32(%rdi)
movdqu %xmm3,48(%rdi)
- addq $480+8,%rsp
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- popq %rbp
+ leaq 480+56(%rsp),%rsi
+
+ movq -48(%rsi),%r15
+
+ movq -40(%rsi),%r14
+
+ movq -32(%rsi),%r13
+
+ movq -24(%rsi),%r12
+
+ movq -16(%rsi),%rbx
+
+ movq -8(%rsi),%rbp
+
+ leaq (%rsi),%rsp
+
+L$add_affineq_epilogue:
.byte 0xf3,0xc3
+
#endif
diff --git a/mac-x86_64/crypto/fipsmodule/x86_64-mont.S b/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
index 4904417..be3d13a 100644
--- a/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
+++ b/mac-x86_64/crypto/fipsmodule/x86_64-mont.S
@@ -211,8 +211,7 @@
movq %r9,%r15
jmp L$sub
.p2align 4
-L$sub:
- sbbq (%rcx,%r14,8),%rax
+L$sub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
diff --git a/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S b/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
index abc65f1..91980d8 100644
--- a/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
+++ b/mac-x86_64/crypto/fipsmodule/x86_64-mont5.S
@@ -395,8 +395,7 @@
movq %r9,%r15
jmp L$sub
.p2align 4
-L$sub:
- sbbq (%rcx,%r14,8),%rax
+L$sub: sbbq (%rcx,%r14,8),%rax
movq %rax,(%rdi,%r14,8)
movq 8(%rsi,%r14,8),%rax
leaq 1(%r14),%r14
diff --git a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
index f6a4edf..6b4c056 100644
--- a/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aes-x86_64.asm
@@ -344,15 +344,23 @@
mov rdx,r8
+
mov rax,rsp
+
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rcx,[((-63))+rdx]
and rsp,-64
sub rcx,rsp
@@ -363,6 +371,7 @@
mov QWORD[16+rsp],rsi
mov QWORD[24+rsp],rax
+
$L$enc_prologue:
mov r15,rdx
@@ -389,22 +398,31 @@
mov r9,QWORD[16+rsp]
mov rsi,QWORD[24+rsp]
+
mov DWORD[r9],eax
mov DWORD[4+r9],ebx
mov DWORD[8+r9],ecx
mov DWORD[12+r9],edx
mov r15,QWORD[((-48))+rsi]
+
mov r14,QWORD[((-40))+rsi]
+
mov r13,QWORD[((-32))+rsi]
+
mov r12,QWORD[((-24))+rsi]
+
mov rbp,QWORD[((-16))+rsi]
+
mov rbx,QWORD[((-8))+rsi]
+
lea rsp,[rsi]
+
$L$enc_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_asm_AES_encrypt:
ALIGN 16
@@ -800,15 +818,23 @@
mov rdx,r8
+
mov rax,rsp
+
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rcx,[((-63))+rdx]
and rsp,-64
sub rcx,rsp
@@ -819,6 +845,7 @@
mov QWORD[16+rsp],rsi
mov QWORD[24+rsp],rax
+
$L$dec_prologue:
mov r15,rdx
@@ -847,22 +874,31 @@
mov r9,QWORD[16+rsp]
mov rsi,QWORD[24+rsp]
+
mov DWORD[r9],eax
mov DWORD[4+r9],ebx
mov DWORD[8+r9],ecx
mov DWORD[12+r9],edx
mov r15,QWORD[((-48))+rsi]
+
mov r14,QWORD[((-40))+rsi]
+
mov r13,QWORD[((-32))+rsi]
+
mov r12,QWORD[((-24))+rsi]
+
mov rbp,QWORD[((-16))+rsi]
+
mov rbx,QWORD[((-8))+rsi]
+
lea rsp,[rsi]
+
$L$dec_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_asm_AES_decrypt:
ALIGN 16
global asm_AES_set_encrypt_key
@@ -877,24 +913,36 @@
mov rdx,r8
+
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
push r15
+
sub rsp,8
+
$L$enc_key_prologue:
call _x86_64_AES_set_encrypt_key
mov rbp,QWORD[40+rsp]
+
mov rbx,QWORD[48+rsp]
+
add rsp,56
+
$L$enc_key_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_asm_AES_set_encrypt_key:
@@ -1149,13 +1197,21 @@
mov rdx,r8
+
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
push r15
+
push rdx
+
$L$dec_key_prologue:
call _x86_64_AES_set_encrypt_key
@@ -1323,16 +1379,24 @@
xor rax,rax
$L$abort:
mov r15,QWORD[8+rsp]
+
mov r14,QWORD[16+rsp]
+
mov r13,QWORD[24+rsp]
+
mov r12,QWORD[32+rsp]
+
mov rbp,QWORD[40+rsp]
+
mov rbx,QWORD[48+rsp]
+
add rsp,56
+
$L$dec_key_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_asm_AES_set_decrypt_key:
ALIGN 16
global asm_AES_cbc_encrypt
@@ -1352,15 +1416,23 @@
mov r9,QWORD[48+rsp]
+
cmp rdx,0
je NEAR $L$cbc_epilogue
pushfq
+
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
push r15
+
$L$cbc_prologue:
cld
@@ -1407,7 +1479,9 @@
xchg r15,rsp
+
mov QWORD[16+rsp],r15
+
$L$cbc_fast_body:
mov QWORD[24+rsp],rdi
mov QWORD[32+rsp],rsi
@@ -1789,19 +1863,29 @@
ALIGN 16
$L$cbc_exit:
mov rsi,QWORD[16+rsp]
+
mov r15,QWORD[rsi]
+
mov r14,QWORD[8+rsi]
+
mov r13,QWORD[16+rsi]
+
mov r12,QWORD[24+rsi]
+
mov rbp,QWORD[32+rsi]
+
mov rbx,QWORD[40+rsi]
+
lea rsp,[48+rsi]
+
$L$cbc_popfq:
popfq
+
$L$cbc_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_asm_AES_cbc_encrypt:
ALIGN 64
$L$AES_Te:
diff --git a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
index 13e9c5e..2a2980b 100644
--- a/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/aesni-x86_64.asm
@@ -1100,6 +1100,7 @@
mov r8,QWORD[40+rsp]
+
cmp rdx,1
jne NEAR $L$ctr32_bulk
@@ -1130,7 +1131,9 @@
ALIGN 16
$L$ctr32_bulk:
lea r11,[rsp]
+
push rbp
+
sub rsp,288
and rsp,-16
movaps XMMWORD[(-168)+r11],xmm6
@@ -1686,11 +1689,14 @@
movaps XMMWORD[96+rsp],xmm0
movaps XMMWORD[112+rsp],xmm0
mov rbp,QWORD[((-8))+r11]
+
lea rsp,[r11]
+
$L$ctr32_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_ctr32_encrypt_blocks:
global aesni_xts_encrypt
@@ -1708,8 +1714,11 @@
mov r9,QWORD[48+rsp]
+
lea r11,[rsp]
+
push rbp
+
sub rsp,272
and rsp,-16
movaps XMMWORD[(-168)+r11],xmm6
@@ -2185,11 +2194,14 @@
movaps XMMWORD[80+rsp],xmm0
movaps XMMWORD[96+rsp],xmm0
mov rbp,QWORD[((-8))+r11]
+
lea rsp,[r11]
+
$L$xts_enc_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_xts_encrypt:
global aesni_xts_decrypt
@@ -2207,8 +2219,11 @@
mov r9,QWORD[48+rsp]
+
lea r11,[rsp]
+
push rbp
+
sub rsp,272
and rsp,-16
movaps XMMWORD[(-168)+r11],xmm6
@@ -2721,11 +2736,14 @@
movaps XMMWORD[80+rsp],xmm0
movaps XMMWORD[96+rsp],xmm0
mov rbp,QWORD[((-8))+r11]
+
lea rsp,[r11]
+
$L$xts_dec_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_xts_decrypt:
global aesni_ocb_encrypt
@@ -2743,12 +2761,18 @@
mov r9,QWORD[48+rsp]
+
lea rax,[rsp]
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
lea rsp,[((-160))+rsp]
movaps XMMWORD[rsp],xmm6
movaps XMMWORD[16+rsp],xmm7
@@ -2949,15 +2973,22 @@
lea rax,[((160+40))+rsp]
$L$ocb_enc_pop:
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbp,QWORD[((-16))+rax]
+
mov rbx,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$ocb_enc_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_ocb_encrypt:
@@ -3182,12 +3213,18 @@
mov r9,QWORD[48+rsp]
+
lea rax,[rsp]
push rbx
+
push rbp
+
push r12
+
push r13
+
push r14
+
lea rsp,[((-160))+rsp]
movaps XMMWORD[rsp],xmm6
movaps XMMWORD[16+rsp],xmm7
@@ -3410,15 +3447,22 @@
lea rax,[((160+40))+rsp]
$L$ocb_dec_pop:
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbp,QWORD[((-16))+rax]
+
mov rbx,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$ocb_dec_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_ocb_decrypt:
@@ -3631,6 +3675,7 @@
mov r9,QWORD[48+rsp]
+
test rdx,rdx
jz NEAR $L$cbc_ret
@@ -3724,7 +3769,9 @@
ALIGN 16
$L$cbc_decrypt_bulk:
lea r11,[rsp]
+
push rbp
+
sub rsp,176
and rsp,-16
movaps XMMWORD[16+rsp],xmm6
@@ -4236,17 +4283,22 @@
movaps xmm15,XMMWORD[160+rsp]
movaps XMMWORD[160+rsp],xmm0
mov rbp,QWORD[((-8))+r11]
+
lea rsp,[r11]
+
$L$cbc_ret:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_aesni_cbc_encrypt:
global aesni_set_decrypt_key
ALIGN 16
aesni_set_decrypt_key:
+
DB 0x48,0x83,0xEC,0x08
+
call __aesni_set_encrypt_key
shl edx,4
test eax,eax
@@ -4279,7 +4331,9 @@
pxor xmm0,xmm0
$L$dec_key_ret:
add rsp,8
+
DB 0F3h,0C3h ;repret
+
$L$SEH_end_set_decrypt_key:
global aesni_set_encrypt_key
@@ -4287,7 +4341,9 @@
ALIGN 16
aesni_set_encrypt_key:
__aesni_set_encrypt_key:
+
DB 0x48,0x83,0xEC,0x08
+
mov rax,-1
test rcx,rcx
jz NEAR $L$enc_key_ret
@@ -4581,7 +4637,9 @@
pxor xmm4,xmm4
pxor xmm5,xmm5
add rsp,8
+
DB 0F3h,0C3h ;repret
+
$L$SEH_end_set_encrypt_key:
ALIGN 16
diff --git a/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm b/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
index 9c6d129..9ea8253 100644
--- a/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
+++ b/win-x86_64/crypto/fipsmodule/bsaes-x86_64.asm
@@ -1072,6 +1072,7 @@
ALIGN 16
bsaes_cbc_encrypt:
+
mov r11d,DWORD[48+rsp]
cmp r11d,0
jne NEAR asm_AES_cbc_encrypt
@@ -1081,12 +1082,19 @@
mov rax,rsp
$L$cbc_dec_prologue:
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rsp,[((-72))+rsp]
+
mov r10,QWORD[160+rsp]
lea rsp,[((-160))+rsp]
movaps XMMWORD[64+rsp],xmm6
@@ -1101,6 +1109,7 @@
movaps XMMWORD[208+rsp],xmm15
$L$cbc_dec_body:
mov rbp,rsp
+
mov eax,DWORD[240+r9]
mov r12,rcx
mov r13,rdx
@@ -1320,6 +1329,7 @@
ja NEAR $L$cbc_dec_bzero
lea rax,[120+rbp]
+
movaps xmm6,XMMWORD[64+rbp]
movaps xmm7,XMMWORD[80+rbp]
movaps xmm8,XMMWORD[96+rbp]
@@ -1333,29 +1343,45 @@
lea rax,[160+rax]
$L$cbc_dec_tail:
mov r15,QWORD[((-48))+rax]
+
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbx,QWORD[((-16))+rax]
+
mov rbp,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$cbc_dec_epilogue:
DB 0F3h,0C3h ;repret
+
global bsaes_ctr32_encrypt_blocks
ALIGN 16
bsaes_ctr32_encrypt_blocks:
+
mov rax,rsp
$L$ctr_enc_prologue:
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rsp,[((-72))+rsp]
+
mov r10,QWORD[160+rsp]
lea rsp,[((-160))+rsp]
movaps XMMWORD[64+rsp],xmm6
@@ -1370,6 +1396,7 @@
movaps XMMWORD[208+rsp],xmm15
$L$ctr_enc_body:
mov rbp,rsp
+
movdqu xmm0,XMMWORD[r10]
mov eax,DWORD[240+r9]
mov r12,rcx
@@ -1544,6 +1571,7 @@
ja NEAR $L$ctr_enc_bzero
lea rax,[120+rbp]
+
movaps xmm6,XMMWORD[64+rbp]
movaps xmm7,XMMWORD[80+rbp]
movaps xmm8,XMMWORD[96+rbp]
@@ -1557,28 +1585,44 @@
lea rax,[160+rax]
$L$ctr_enc_tail:
mov r15,QWORD[((-48))+rax]
+
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbx,QWORD[((-16))+rax]
+
mov rbp,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$ctr_enc_epilogue:
DB 0F3h,0C3h ;repret
+
global bsaes_xts_encrypt
ALIGN 16
bsaes_xts_encrypt:
+
mov rax,rsp
$L$xts_enc_prologue:
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rsp,[((-72))+rsp]
+
mov r10,QWORD[160+rsp]
mov r11,QWORD[168+rsp]
lea rsp,[((-160))+rsp]
@@ -1594,6 +1638,7 @@
movaps XMMWORD[208+rsp],xmm15
$L$xts_enc_body:
mov rbp,rsp
+
mov r12,rcx
mov r13,rdx
mov r14,r8
@@ -2020,6 +2065,7 @@
ja NEAR $L$xts_enc_bzero
lea rax,[120+rbp]
+
movaps xmm6,XMMWORD[64+rbp]
movaps xmm7,XMMWORD[80+rbp]
movaps xmm8,XMMWORD[96+rbp]
@@ -2033,29 +2079,45 @@
lea rax,[160+rax]
$L$xts_enc_tail:
mov r15,QWORD[((-48))+rax]
+
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbx,QWORD[((-16))+rax]
+
mov rbp,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$xts_enc_epilogue:
DB 0F3h,0C3h ;repret
+
global bsaes_xts_decrypt
ALIGN 16
bsaes_xts_decrypt:
+
mov rax,rsp
$L$xts_dec_prologue:
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
lea rsp,[((-72))+rsp]
+
mov r10,QWORD[160+rsp]
mov r11,QWORD[168+rsp]
lea rsp,[((-160))+rsp]
@@ -2523,6 +2585,7 @@
ja NEAR $L$xts_dec_bzero
lea rax,[120+rbp]
+
movaps xmm6,XMMWORD[64+rbp]
movaps xmm7,XMMWORD[80+rbp]
movaps xmm8,XMMWORD[96+rbp]
@@ -2536,16 +2599,24 @@
lea rax,[160+rax]
$L$xts_dec_tail:
mov r15,QWORD[((-48))+rax]
+
mov r14,QWORD[((-40))+rax]
+
mov r13,QWORD[((-32))+rax]
+
mov r12,QWORD[((-24))+rax]
+
mov rbx,QWORD[((-16))+rax]
+
mov rbp,QWORD[((-8))+rax]
+
lea rsp,[rax]
+
$L$xts_dec_epilogue:
DB 0F3h,0C3h ;repret
+
ALIGN 64
_bsaes_const:
$L$M0ISR:
diff --git a/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm b/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
index 64db9d9..ec48141 100644
--- a/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
+++ b/win-x86_64/crypto/fipsmodule/p256-x86_64-asm.asm
@@ -34,9 +34,13 @@
mov rsi,rdx
+
push r12
+
push r13
+$L$neg_body:
+
xor r8,r8
xor r9,r9
xor r10,r10
@@ -69,11 +73,17 @@
mov QWORD[16+rdi],r10
mov QWORD[24+rdi],r11
- pop r13
- pop r12
+ mov r13,QWORD[rsp]
+
+ mov r12,QWORD[8+rsp]
+
+ lea rsp,[16+rsp]
+
+$L$neg_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_ecp_nistz256_neg:
@@ -94,13 +104,21 @@
mov rdx,r8
+
$L$mul_mont:
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
+$L$mul_body:
mov rbx,rdx
mov rax,QWORD[rdx]
mov r9,QWORD[rsi]
@@ -110,15 +128,25 @@
call __ecp_nistz256_mul_montq
$L$mul_mont_done:
- pop r15
- pop r14
- pop r13
- pop r12
- pop rbx
- pop rbp
+ mov r15,QWORD[rsp]
+
+ mov r14,QWORD[8+rsp]
+
+ mov r13,QWORD[16+rsp]
+
+ mov r12,QWORD[24+rsp]
+
+ mov rbx,QWORD[32+rsp]
+
+ mov rbp,QWORD[40+rsp]
+
+ lea rsp,[48+rsp]
+
+$L$mul_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_ecp_nistz256_mul_mont:
@@ -356,12 +384,20 @@
mov rsi,rdx
+
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
+$L$sqr_body:
mov rax,QWORD[rsi]
mov r14,QWORD[8+rsi]
mov r15,QWORD[16+rsi]
@@ -369,15 +405,25 @@
call __ecp_nistz256_sqr_montq
$L$sqr_mont_done:
- pop r15
- pop r14
- pop r13
- pop r12
- pop rbx
- pop rbp
+ mov r15,QWORD[rsp]
+
+ mov r14,QWORD[8+rsp]
+
+ mov r13,QWORD[16+rsp]
+
+ mov r12,QWORD[24+rsp]
+
+ mov rbx,QWORD[32+rsp]
+
+ mov rbp,QWORD[40+rsp]
+
+ lea rsp,[48+rsp]
+
+$L$sqr_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_ecp_nistz256_sqr_mont:
@@ -625,8 +671,8 @@
movaps xmm14,XMMWORD[128+rsp]
movaps xmm15,XMMWORD[144+rsp]
lea rsp,[168+rsp]
-$L$SEH_end_ecp_nistz256_select_w5:
DB 0F3h,0C3h ;repret
+$L$SEH_end_ecp_nistz256_select_w5:
@@ -702,8 +748,8 @@
movaps xmm14,XMMWORD[128+rsp]
movaps xmm15,XMMWORD[144+rsp]
lea rsp,[168+rsp]
-$L$SEH_end_ecp_nistz256_select_w7:
DB 0F3h,0C3h ;repret
+$L$SEH_end_ecp_nistz256_select_w7:
@@ -713,6 +759,7 @@
$L$avx2_select_w5:
vzeroupper
lea rax,[((-136))+rsp]
+ mov r11,rsp
$L$SEH_begin_ecp_nistz256_avx2_select_w5:
DB 0x48,0x8d,0x60,0xe0
DB 0xc5,0xf8,0x29,0x70,0xe0
@@ -786,9 +833,9 @@
movaps xmm13,XMMWORD[112+rsp]
movaps xmm14,XMMWORD[128+rsp]
movaps xmm15,XMMWORD[144+rsp]
- lea rsp,[168+rsp]
-$L$SEH_end_ecp_nistz256_avx2_select_w5:
+ lea rsp,[r11]
DB 0F3h,0C3h ;repret
+$L$SEH_end_ecp_nistz256_avx2_select_w5:
@@ -799,6 +846,7 @@
ecp_nistz256_avx2_select_w7:
$L$avx2_select_w7:
vzeroupper
+ mov r11,rsp
lea rax,[((-136))+rsp]
$L$SEH_begin_ecp_nistz256_avx2_select_w7:
DB 0x48,0x8d,0x60,0xe0
@@ -888,9 +936,9 @@
movaps xmm13,XMMWORD[112+rsp]
movaps xmm14,XMMWORD[128+rsp]
movaps xmm15,XMMWORD[144+rsp]
- lea rsp,[168+rsp]
-$L$SEH_end_ecp_nistz256_avx2_select_w7:
+ lea rsp,[r11]
DB 0F3h,0C3h ;repret
+$L$SEH_end_ecp_nistz256_avx2_select_w7:
ALIGN 32
@@ -1025,14 +1073,23 @@
mov rsi,rdx
+
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
sub rsp,32*5+8
+$L$point_doubleq_body:
+
$L$point_double_shortcutq:
movdqu xmm0,XMMWORD[rsi]
mov rbx,rsi
@@ -1214,16 +1271,27 @@
DB 102,72,15,126,207
call __ecp_nistz256_sub_fromq
- add rsp,32*5+8
- pop r15
- pop r14
- pop r13
- pop r12
- pop rbx
- pop rbp
+ lea rsi,[((160+56))+rsp]
+
+ mov r15,QWORD[((-48))+rsi]
+
+ mov r14,QWORD[((-40))+rsi]
+
+ mov r13,QWORD[((-32))+rsi]
+
+ mov r12,QWORD[((-24))+rsi]
+
+ mov rbx,QWORD[((-16))+rsi]
+
+ mov rbp,QWORD[((-8))+rsi]
+
+ lea rsp,[rsi]
+
+$L$point_doubleq_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_ecp_nistz256_point_double:
global ecp_nistz256_point_add
@@ -1238,14 +1306,23 @@
mov rdx,r8
+
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
sub rsp,32*18+8
+$L$point_addq_body:
+
movdqu xmm0,XMMWORD[rsi]
movdqu xmm1,XMMWORD[16+rsi]
movdqu xmm2,XMMWORD[32+rsi]
@@ -1621,16 +1698,27 @@
movdqu XMMWORD[48+rdi],xmm3
$L$add_doneq:
- add rsp,32*18+8
- pop r15
- pop r14
- pop r13
- pop r12
- pop rbx
- pop rbp
+ lea rsi,[((576+56))+rsp]
+
+ mov r15,QWORD[((-48))+rsi]
+
+ mov r14,QWORD[((-40))+rsi]
+
+ mov r13,QWORD[((-32))+rsi]
+
+ mov r12,QWORD[((-24))+rsi]
+
+ mov rbx,QWORD[((-16))+rsi]
+
+ mov rbp,QWORD[((-8))+rsi]
+
+ lea rsp,[rsi]
+
+$L$point_addq_epilogue:
mov rdi,QWORD[8+rsp] ;WIN64 epilogue
mov rsi,QWORD[16+rsp]
DB 0F3h,0C3h ;repret
+
$L$SEH_end_ecp_nistz256_point_add:
global ecp_nistz256_point_add_affine
@@ -1645,14 +1733,23 @@
mov rdx,r8
+
push rbp
+
push rbx
+
push r12
+
push r13
+
push r14
+
push r15
+
sub rsp,32*15+8
+$L$add_affineq_body:
+
movdqu xmm0,XMMWORD[rsi]
mov rbx,rdx
movdqu xmm1,XMMWORD[16+rsi]
@@ -1934,14 +2031,257 @@
movdqu XMMWORD[32+rdi],xmm2
movdqu XMMWORD[48+rdi],xmm3
- add rsp,32*15+8
+ lea rsi,[((480+56))+rsp]
+
+ mov r15,QWORD[((-48))+rsi]
+
+ mov r14,QWORD[((-40))+rsi]
+
+ mov r13,QWORD[((-32))+rsi]
+
+ mov r12,QWORD[((-24))+rsi]
+
+ mov rbx,QWORD[((-16))+rsi]
+
+ mov rbp,QWORD[((-8))+rsi]
+
+ lea rsp,[rsi]
+
+$L$add_affineq_epilogue:
+ mov rdi,QWORD[8+rsp] ;WIN64 epilogue
+ mov rsi,QWORD[16+rsp]
+ DB 0F3h,0C3h ;repret
+
+$L$SEH_end_ecp_nistz256_point_add_affine:
+EXTERN __imp_RtlVirtualUnwind
+
+
+ALIGN 16
+short_handler:
+ push rsi
+ push rdi
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+ pushfq
+ sub rsp,64
+
+ mov rax,QWORD[120+r8]
+ mov rbx,QWORD[248+r8]
+
+ mov rsi,QWORD[8+r9]
+ mov r11,QWORD[56+r9]
+
+ mov r10d,DWORD[r11]
+ lea r10,[r10*1+rsi]
+ cmp rbx,r10
+ jb NEAR $L$common_seh_tail
+
+ mov rax,QWORD[152+r8]
+
+ mov r10d,DWORD[4+r11]
+ lea r10,[r10*1+rsi]
+ cmp rbx,r10
+ jae NEAR $L$common_seh_tail
+
+ lea rax,[16+rax]
+
+ mov r12,QWORD[((-8))+rax]
+ mov r13,QWORD[((-16))+rax]
+ mov QWORD[216+r8],r12
+ mov QWORD[224+r8],r13
+
+ jmp NEAR $L$common_seh_tail
+
+
+
+ALIGN 16
+full_handler:
+ push rsi
+ push rdi
+ push rbx
+ push rbp
+ push r12
+ push r13
+ push r14
+ push r15
+ pushfq
+ sub rsp,64
+
+ mov rax,QWORD[120+r8]
+ mov rbx,QWORD[248+r8]
+
+ mov rsi,QWORD[8+r9]
+ mov r11,QWORD[56+r9]
+
+ mov r10d,DWORD[r11]
+ lea r10,[r10*1+rsi]
+ cmp rbx,r10
+ jb NEAR $L$common_seh_tail
+
+ mov rax,QWORD[152+r8]
+
+ mov r10d,DWORD[4+r11]
+ lea r10,[r10*1+rsi]
+ cmp rbx,r10
+ jae NEAR $L$common_seh_tail
+
+ mov r10d,DWORD[8+r11]
+ lea rax,[r10*1+rax]
+
+ mov rbp,QWORD[((-8))+rax]
+ mov rbx,QWORD[((-16))+rax]
+ mov r12,QWORD[((-24))+rax]
+ mov r13,QWORD[((-32))+rax]
+ mov r14,QWORD[((-40))+rax]
+ mov r15,QWORD[((-48))+rax]
+ mov QWORD[144+r8],rbx
+ mov QWORD[160+r8],rbp
+ mov QWORD[216+r8],r12
+ mov QWORD[224+r8],r13
+ mov QWORD[232+r8],r14
+ mov QWORD[240+r8],r15
+
+$L$common_seh_tail:
+ mov rdi,QWORD[8+rax]
+ mov rsi,QWORD[16+rax]
+ mov QWORD[152+r8],rax
+ mov QWORD[168+r8],rsi
+ mov QWORD[176+r8],rdi
+
+ mov rdi,QWORD[40+r9]
+ mov rsi,r8
+ mov ecx,154
+ DD 0xa548f3fc
+
+ mov rsi,r9
+ xor rcx,rcx
+ mov rdx,QWORD[8+rsi]
+ mov r8,QWORD[rsi]
+ mov r9,QWORD[16+rsi]
+ mov r10,QWORD[40+rsi]
+ lea r11,[56+rsi]
+ lea r12,[24+rsi]
+ mov QWORD[32+rsp],r10
+ mov QWORD[40+rsp],r11
+ mov QWORD[48+rsp],r12
+ mov QWORD[56+rsp],rcx
+ call QWORD[__imp_RtlVirtualUnwind]
+
+ mov eax,1
+ add rsp,64
+ popfq
pop r15
pop r14
pop r13
pop r12
- pop rbx
pop rbp
- mov rdi,QWORD[8+rsp] ;WIN64 epilogue
- mov rsi,QWORD[16+rsp]
+ pop rbx
+ pop rdi
+ pop rsi
DB 0F3h,0C3h ;repret
-$L$SEH_end_ecp_nistz256_point_add_affine:
+
+
+section .pdata rdata align=4
+ALIGN 4
+ DD $L$SEH_begin_ecp_nistz256_neg wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_neg wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_neg wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_mul_mont wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_mul_mont wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_mul_mont wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_sqr_mont wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_sqr_mont wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_sqr_mont wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_select_w5 wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_select_w5 wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_select_wX wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_select_w7 wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_select_w7 wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_select_wX wrt ..imagebase
+ DD $L$SEH_begin_ecp_nistz256_avx2_select_w5 wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_avx2_select_w5 wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_avx2_select_wX wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_avx2_select_w7 wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_avx2_select_w7 wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_avx2_select_wX wrt ..imagebase
+ DD $L$SEH_begin_ecp_nistz256_point_double wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_point_double wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_point_double wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_point_add wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_point_add wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_point_add wrt ..imagebase
+
+ DD $L$SEH_begin_ecp_nistz256_point_add_affine wrt ..imagebase
+ DD $L$SEH_end_ecp_nistz256_point_add_affine wrt ..imagebase
+ DD $L$SEH_info_ecp_nistz256_point_add_affine wrt ..imagebase
+
+section .xdata rdata align=8
+ALIGN 8
+$L$SEH_info_ecp_nistz256_neg:
+DB 9,0,0,0
+ DD short_handler wrt ..imagebase
+ DD $L$neg_body wrt ..imagebase,$L$neg_epilogue wrt ..imagebase
+$L$SEH_info_ecp_nistz256_mul_mont:
+DB 9,0,0,0
+ DD full_handler wrt ..imagebase
+ DD $L$mul_body wrt ..imagebase,$L$mul_epilogue wrt ..imagebase
+ DD 48,0
+$L$SEH_info_ecp_nistz256_sqr_mont:
+DB 9,0,0,0
+ DD full_handler wrt ..imagebase
+ DD $L$sqr_body wrt ..imagebase,$L$sqr_epilogue wrt ..imagebase
+ DD 48,0
+$L$SEH_info_ecp_nistz256_select_wX:
+DB 0x01,0x33,0x16,0x00
+DB 0x33,0xf8,0x09,0x00
+DB 0x2e,0xe8,0x08,0x00
+DB 0x29,0xd8,0x07,0x00
+DB 0x24,0xc8,0x06,0x00
+DB 0x1f,0xb8,0x05,0x00
+DB 0x1a,0xa8,0x04,0x00
+DB 0x15,0x98,0x03,0x00
+DB 0x10,0x88,0x02,0x00
+DB 0x0c,0x78,0x01,0x00
+DB 0x08,0x68,0x00,0x00
+DB 0x04,0x01,0x15,0x00
+ALIGN 8
+$L$SEH_info_ecp_nistz256_avx2_select_wX:
+DB 0x01,0x36,0x17,0x0b
+DB 0x36,0xf8,0x09,0x00
+DB 0x31,0xe8,0x08,0x00
+DB 0x2c,0xd8,0x07,0x00
+DB 0x27,0xc8,0x06,0x00
+DB 0x22,0xb8,0x05,0x00
+DB 0x1d,0xa8,0x04,0x00
+DB 0x18,0x98,0x03,0x00
+DB 0x13,0x88,0x02,0x00
+DB 0x0e,0x78,0x01,0x00
+DB 0x09,0x68,0x00,0x00
+DB 0x04,0x01,0x15,0x00
+DB 0x00,0xb3,0x00,0x00
+ALIGN 8
+$L$SEH_info_ecp_nistz256_point_double:
+DB 9,0,0,0
+ DD full_handler wrt ..imagebase
+ DD $L$point_doubleq_body wrt ..imagebase,$L$point_doubleq_epilogue wrt ..imagebase
+ DD 32*5+56,0
+$L$SEH_info_ecp_nistz256_point_add:
+DB 9,0,0,0
+ DD full_handler wrt ..imagebase
+ DD $L$point_addq_body wrt ..imagebase,$L$point_addq_epilogue wrt ..imagebase
+ DD 32*18+56,0
+$L$SEH_info_ecp_nistz256_point_add_affine:
+DB 9,0,0,0
+ DD full_handler wrt ..imagebase
+ DD $L$add_affineq_body wrt ..imagebase,$L$add_affineq_epilogue wrt ..imagebase
+ DD 32*15+56,0
diff --git a/win-x86_64/crypto/fipsmodule/x86_64-mont.asm b/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
index dd93341..1a9da51 100644
--- a/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
+++ b/win-x86_64/crypto/fipsmodule/x86_64-mont.asm
@@ -226,8 +226,7 @@
mov r15,r9
jmp NEAR $L$sub
ALIGN 16
-$L$sub:
- sbb rax,QWORD[r14*8+rcx]
+$L$sub: sbb rax,QWORD[r14*8+rcx]
mov QWORD[r14*8+rdi],rax
mov rax,QWORD[8+r14*8+rsi]
lea r14,[1+r14]
diff --git a/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm b/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
index 1bcbc5d..b330641 100644
--- a/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
+++ b/win-x86_64/crypto/fipsmodule/x86_64-mont5.asm
@@ -410,8 +410,7 @@
mov r15,r9
jmp NEAR $L$sub
ALIGN 16
-$L$sub:
- sbb rax,QWORD[r14*8+rcx]
+$L$sub: sbb rax,QWORD[r14*8+rcx]
mov QWORD[r14*8+rdi],rax
mov rax,QWORD[8+r14*8+rsi]
lea r14,[1+r14]