diff options
author | Jason McIntyre <jmc@cvs.openbsd.org> | 2022-12-26 07:18:54 +0000 |
---|---|---|
committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2022-12-26 07:18:54 +0000 |
commit | 5db55c25df447352f6f017a3cd33336bd5c99ded (patch) | |
tree | 91fd58d0a8b09e013ba3a808d7b3b6c82bfe6b23 /lib/libcrypto | |
parent | a00adb4d80b177e06c5272391e412b15d9e962ab (diff) |
spelling fixes; from paul tagliamonte
i removed the arithmetics -> arithmetic changes, as i felt they
were not clearly correct
ok tb
Diffstat (limited to 'lib/libcrypto')
100 files changed, 1240 insertions, 745 deletions
diff --git a/lib/libcrypto/aes/asm/aes-586.pl b/lib/libcrypto/aes/asm/aes-586.pl index 3ba8a26eaa3..c5ae3f6903e 100644 --- a/lib/libcrypto/aes/asm/aes-586.pl +++ b/lib/libcrypto/aes/asm/aes-586.pl @@ -48,8 +48,8 @@ # better performance on most recent µ-archs... # # Third version adds AES_cbc_encrypt implementation, which resulted in -# up to 40% performance imrovement of CBC benchmark results. 40% was -# observed on P4 core, where "overall" imrovement coefficient, i.e. if +# up to 40% performance improvement of CBC benchmark results. 40% was +# observed on P4 core, where "overall" improvement coefficient, i.e. if # compared to PIC generated by GCC and in CBC mode, was observed to be # as large as 4x:-) CBC performance is virtually identical to ECB now # and on some platforms even better, e.g. 17.6 "small" cycles/byte on @@ -228,7 +228,7 @@ $small_footprint=1; # $small_footprint=1 code is ~5% slower [on # contention and in hope to "collect" 5% back # in real-life applications... -$vertical_spin=0; # shift "verticaly" defaults to 0, because of +$vertical_spin=0; # shift "vertically" defaults to 0, because of # its proof-of-concept status... # Note that there is no decvert(), as well as last encryption round is # performed with "horizontal" shifts. This is because this "vertical" diff --git a/lib/libcrypto/aes/asm/aes-mips.pl b/lib/libcrypto/aes/asm/aes-mips.pl index 2f6ff74ffe1..b95d1afd5a1 100644 --- a/lib/libcrypto/aes/asm/aes-mips.pl +++ b/lib/libcrypto/aes/asm/aes-mips.pl @@ -106,7 +106,7 @@ my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2); my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23)); my ($key0,$cnt)=($gp,$fp); -# instuction ordering is "stolen" from output from MIPSpro assembler +# instruction ordering is "stolen" from output from MIPSpro assembler # invoked with -mips3 -O3 arguments... $code.=<<___; .align 5 diff --git a/lib/libcrypto/aes/asm/aes-ppc.pl b/lib/libcrypto/aes/asm/aes-ppc.pl index ce427655ef7..91a46f60ed1 100644 --- a/lib/libcrypto/aes/asm/aes-ppc.pl +++ b/lib/libcrypto/aes/asm/aes-ppc.pl @@ -7,7 +7,7 @@ # details see http://www.openssl.org/~appro/cryptogams/. # ==================================================================== -# Needs more work: key setup, page boundaries, CBC routine... +# Needs more work: key setup, CBC routine... # # ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with # 128-bit key, which is ~40% better than 64-bit code generated by gcc @@ -16,15 +16,30 @@ # at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact - # at 1/3 of ppc_AES_decrypt. +# February 2010 +# +# Rescheduling instructions to favour Power6 pipeline gave 10% +# performance improvement on the platform in question (and marginal +# improvement even on others). It should be noted that Power6 fails +# to process byte in 18 cycles, only in 23, because it fails to issue +# 4 load instructions in two cycles, only in 3. As result non-compact +# block subroutines are 25% slower than one would expect. Compact +# functions scale better, because they have pure computational part, +# which scales perfectly with clock frequency. To be specific +# ppc_AES_encrypt_compact operates at 42 cycles per byte, while +# ppc_AES_decrypt_compact - at 55 (in 64-bit build). + $flavour = shift; if ($flavour =~ /64/) { $SIZE_T =8; + $LRSAVE =2*$SIZE_T; $STU ="stdu"; $POP ="ld"; $PUSH ="std"; } elsif ($flavour =~ /32/) { $SIZE_T =4; + $LRSAVE =$SIZE_T; $STU ="stwu"; $POP ="lwz"; $PUSH ="stw"; @@ -103,15 +118,19 @@ LAES_Te: addi $Tbl0,$Tbl0,`128-8` mtlr r0 blr - .space `32-24` + .long 0 + .byte 0,12,0x14,0,0,0,0,0 + .space `64-9*4` LAES_Td: mflr r0 bcl 20,31,\$+4 mflr $Tbl0 ; vvvvvvvv "distance" between . and 1st data entry - addi $Tbl0,$Tbl0,`128-8-32+2048+256` + addi $Tbl0,$Tbl0,`128-64-8+2048+256` mtlr r0 blr - .space `128-32-24` + .long 0 + .byte 0,12,0x14,0,0,0,0,0 + .space `128-64-9*4` ___ &_data_word( 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, @@ -315,10 +334,9 @@ $code.=<<___; .globl .AES_encrypt .align 7 .AES_encrypt: - mflr r0 $STU $sp,-$FRAME($sp) + mflr r0 - $PUSH r0,`$FRAME-$SIZE_T*21`($sp) $PUSH $toc,`$FRAME-$SIZE_T*20`($sp) $PUSH r13,`$FRAME-$SIZE_T*19`($sp) $PUSH r14,`$FRAME-$SIZE_T*18`($sp) @@ -339,7 +357,14 @@ $code.=<<___; $PUSH r29,`$FRAME-$SIZE_T*3`($sp) $PUSH r30,`$FRAME-$SIZE_T*2`($sp) $PUSH r31,`$FRAME-$SIZE_T*1`($sp) + $PUSH r0,`$FRAME+$LRSAVE`($sp) + + andi. $t0,$inp,3 + andi. $t1,$out,3 + or. $t0,$t0,$t1 + bne Lenc_unaligned +Lenc_unaligned_ok: lwz $s0,0($inp) lwz $s1,4($inp) lwz $s2,8($inp) @@ -350,8 +375,80 @@ $code.=<<___; stw $s1,4($out) stw $s2,8($out) stw $s3,12($out) + b Lenc_done + +Lenc_unaligned: + subfic $t0,$inp,4096 + subfic $t1,$out,4096 + andi. $t0,$t0,4096-16 + beq Lenc_xpage + andi. $t1,$t1,4096-16 + bne Lenc_unaligned_ok - $POP r0,`$FRAME-$SIZE_T*21`($sp) +Lenc_xpage: + lbz $acc00,0($inp) + lbz $acc01,1($inp) + lbz $acc02,2($inp) + lbz $s0,3($inp) + lbz $acc04,4($inp) + lbz $acc05,5($inp) + lbz $acc06,6($inp) + lbz $s1,7($inp) + lbz $acc08,8($inp) + lbz $acc09,9($inp) + lbz $acc10,10($inp) + insrwi $s0,$acc00,8,0 + lbz $s2,11($inp) + insrwi $s1,$acc04,8,0 + lbz $acc12,12($inp) + insrwi $s0,$acc01,8,8 + lbz $acc13,13($inp) + insrwi $s1,$acc05,8,8 + lbz $acc14,14($inp) + insrwi $s0,$acc02,8,16 + lbz $s3,15($inp) + insrwi $s1,$acc06,8,16 + insrwi $s2,$acc08,8,0 + insrwi $s3,$acc12,8,0 + insrwi $s2,$acc09,8,8 + insrwi $s3,$acc13,8,8 + insrwi $s2,$acc10,8,16 + insrwi $s3,$acc14,8,16 + + bl LAES_Te + bl Lppc_AES_encrypt_compact + + extrwi $acc00,$s0,8,0 + extrwi $acc01,$s0,8,8 + stb $acc00,0($out) + extrwi $acc02,$s0,8,16 + stb $acc01,1($out) + stb $acc02,2($out) + extrwi $acc04,$s1,8,0 + stb $s0,3($out) + extrwi $acc05,$s1,8,8 + stb $acc04,4($out) + extrwi $acc06,$s1,8,16 + stb $acc05,5($out) + stb $acc06,6($out) + extrwi $acc08,$s2,8,0 + stb $s1,7($out) + extrwi $acc09,$s2,8,8 + stb $acc08,8($out) + extrwi $acc10,$s2,8,16 + stb $acc09,9($out) + stb $acc10,10($out) + extrwi $acc12,$s3,8,0 + stb $s2,11($out) + extrwi $acc13,$s3,8,8 + stb $acc12,12($out) + extrwi $acc14,$s3,8,16 + stb $acc13,13($out) + stb $acc14,14($out) + stb $s3,15($out) + +Lenc_done: + $POP r0,`$FRAME+$LRSAVE`($sp) $POP $toc,`$FRAME-$SIZE_T*20`($sp) $POP r13,`$FRAME-$SIZE_T*19`($sp) $POP r14,`$FRAME-$SIZE_T*18`($sp) @@ -375,18 +472,21 @@ $code.=<<___; mtlr r0 addi $sp,$sp,$FRAME blr + .long 0 + .byte 0,12,4,1,0x80,18,3,0 + .long 0 -.align 4 +.align 5 Lppc_AES_encrypt: lwz $acc00,240($key) - lwz $t0,0($key) - lwz $t1,4($key) - lwz $t2,8($key) - lwz $t3,12($key) addi $Tbl1,$Tbl0,3 + lwz $t0,0($key) addi $Tbl2,$Tbl0,2 + lwz $t1,4($key) addi $Tbl3,$Tbl0,1 + lwz $t2,8($key) addi $acc00,$acc00,-1 + lwz $t3,12($key) addi $key,$key,16 xor $s0,$s0,$t0 xor $s1,$s1,$t1 @@ -397,47 +497,47 @@ Lppc_AES_encrypt: Lenc_loop: rlwinm $acc00,$s0,`32-24+3`,21,28 rlwinm $acc01,$s1,`32-24+3`,21,28 - lwz $t0,0($key) - lwz $t1,4($key) rlwinm $acc02,$s2,`32-24+3`,21,28 rlwinm $acc03,$s3,`32-24+3`,21,28 - lwz $t2,8($key) - lwz $t3,12($key) + lwz $t0,0($key) rlwinm $acc04,$s1,`32-16+3`,21,28 + lwz $t1,4($key) rlwinm $acc05,$s2,`32-16+3`,21,28 - lwzx $acc00,$Tbl0,$acc00 - lwzx $acc01,$Tbl0,$acc01 + lwz $t2,8($key) rlwinm $acc06,$s3,`32-16+3`,21,28 + lwz $t3,12($key) rlwinm $acc07,$s0,`32-16+3`,21,28 - lwzx $acc02,$Tbl0,$acc02 - lwzx $acc03,$Tbl0,$acc03 + lwzx $acc00,$Tbl0,$acc00 rlwinm $acc08,$s2,`32-8+3`,21,28 + lwzx $acc01,$Tbl0,$acc01 rlwinm $acc09,$s3,`32-8+3`,21,28 - lwzx $acc04,$Tbl1,$acc04 - lwzx $acc05,$Tbl1,$acc05 + lwzx $acc02,$Tbl0,$acc02 rlwinm $acc10,$s0,`32-8+3`,21,28 + lwzx $acc03,$Tbl0,$acc03 rlwinm $acc11,$s1,`32-8+3`,21,28 - lwzx $acc06,$Tbl1,$acc06 - lwzx $acc07,$Tbl1,$acc07 + lwzx $acc04,$Tbl1,$acc04 rlwinm $acc12,$s3,`0+3`,21,28 + lwzx $acc05,$Tbl1,$acc05 rlwinm $acc13,$s0,`0+3`,21,28 - lwzx $acc08,$Tbl2,$acc08 - lwzx $acc09,$Tbl2,$acc09 + lwzx $acc06,$Tbl1,$acc06 rlwinm $acc14,$s1,`0+3`,21,28 + lwzx $acc07,$Tbl1,$acc07 rlwinm $acc15,$s2,`0+3`,21,28 - lwzx $acc10,$Tbl2,$acc10 - lwzx $acc11,$Tbl2,$acc11 + lwzx $acc08,$Tbl2,$acc08 xor $t0,$t0,$acc00 + lwzx $acc09,$Tbl2,$acc09 xor $t1,$t1,$acc01 - lwzx $acc12,$Tbl3,$acc12 - lwzx $acc13,$Tbl3,$acc13 + lwzx $acc10,$Tbl2,$acc10 xor $t2,$t2,$acc02 + lwzx $acc11,$Tbl2,$acc11 xor $t3,$t3,$acc03 - lwzx $acc14,$Tbl3,$acc14 - lwzx $acc15,$Tbl3,$acc15 + lwzx $acc12,$Tbl3,$acc12 xor $t0,$t0,$acc04 + lwzx $acc13,$Tbl3,$acc13 xor $t1,$t1,$acc05 + lwzx $acc14,$Tbl3,$acc14 xor $t2,$t2,$acc06 + lwzx $acc15,$Tbl3,$acc15 xor $t3,$t3,$acc07 xor $t0,$t0,$acc08 xor $t1,$t1,$acc09 @@ -452,61 +552,61 @@ Lenc_loop: addi $Tbl2,$Tbl0,2048 nop - lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4 - lwz $acc09,`2048+32`($Tbl0) - lwz $acc10,`2048+64`($Tbl0) - lwz $acc11,`2048+96`($Tbl0) - lwz $acc08,`2048+128`($Tbl0) - lwz $acc09,`2048+160`($Tbl0) - lwz $acc10,`2048+192`($Tbl0) - lwz $acc11,`2048+224`($Tbl0) - rlwinm $acc00,$s0,`32-24`,24,31 - rlwinm $acc01,$s1,`32-24`,24,31 lwz $t0,0($key) + rlwinm $acc00,$s0,`32-24`,24,31 lwz $t1,4($key) - rlwinm $acc02,$s2,`32-24`,24,31 - rlwinm $acc03,$s3,`32-24`,24,31 + rlwinm $acc01,$s1,`32-24`,24,31 lwz $t2,8($key) + rlwinm $acc02,$s2,`32-24`,24,31 lwz $t3,12($key) + rlwinm $acc03,$s3,`32-24`,24,31 + lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4 rlwinm $acc04,$s1,`32-16`,24,31 + lwz $acc09,`2048+32`($Tbl0) rlwinm $acc05,$s2,`32-16`,24,31 - lbzx $acc00,$Tbl2,$acc00 - lbzx $acc01,$Tbl2,$acc01 + lwz $acc10,`2048+64`($Tbl0) rlwinm $acc06,$s3,`32-16`,24,31 + lwz $acc11,`2048+96`($Tbl0) rlwinm $acc07,$s0,`32-16`,24,31 - lbzx $acc02,$Tbl2,$acc02 - lbzx $acc03,$Tbl2,$acc03 + lwz $acc12,`2048+128`($Tbl0) rlwinm $acc08,$s2,`32-8`,24,31 + lwz $acc13,`2048+160`($Tbl0) rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc04,$Tbl2,$acc04 - lbzx $acc05,$Tbl2,$acc05 + lwz $acc14,`2048+192`($Tbl0) rlwinm $acc10,$s0,`32-8`,24,31 + lwz $acc15,`2048+224`($Tbl0) rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc06,$Tbl2,$acc06 - lbzx $acc07,$Tbl2,$acc07 + lbzx $acc00,$Tbl2,$acc00 rlwinm $acc12,$s3,`0`,24,31 + lbzx $acc01,$Tbl2,$acc01 rlwinm $acc13,$s0,`0`,24,31 - lbzx $acc08,$Tbl2,$acc08 - lbzx $acc09,$Tbl2,$acc09 + lbzx $acc02,$Tbl2,$acc02 rlwinm $acc14,$s1,`0`,24,31 + lbzx $acc03,$Tbl2,$acc03 rlwinm $acc15,$s2,`0`,24,31 - lbzx $acc10,$Tbl2,$acc10 - lbzx $acc11,$Tbl2,$acc11 + lbzx $acc04,$Tbl2,$acc04 rlwinm $s0,$acc00,24,0,7 + lbzx $acc05,$Tbl2,$acc05 rlwinm $s1,$acc01,24,0,7 - lbzx $acc12,$Tbl2,$acc12 - lbzx $acc13,$Tbl2,$acc13 + lbzx $acc06,$Tbl2,$acc06 rlwinm $s2,$acc02,24,0,7 + lbzx $acc07,$Tbl2,$acc07 rlwinm $s3,$acc03,24,0,7 - lbzx $acc14,$Tbl2,$acc14 - lbzx $acc15,$Tbl2,$acc15 + lbzx $acc08,$Tbl2,$acc08 rlwimi $s0,$acc04,16,8,15 + lbzx $acc09,$Tbl2,$acc09 rlwimi $s1,$acc05,16,8,15 + lbzx $acc10,$Tbl2,$acc10 rlwimi $s2,$acc06,16,8,15 + lbzx $acc11,$Tbl2,$acc11 rlwimi $s3,$acc07,16,8,15 + lbzx $acc12,$Tbl2,$acc12 rlwimi $s0,$acc08,8,16,23 + lbzx $acc13,$Tbl2,$acc13 rlwimi $s1,$acc09,8,16,23 + lbzx $acc14,$Tbl2,$acc14 rlwimi $s2,$acc10,8,16,23 + lbzx $acc15,$Tbl2,$acc15 rlwimi $s3,$acc11,8,16,23 or $s0,$s0,$acc12 or $s1,$s1,$acc13 @@ -517,78 +617,80 @@ Lenc_loop: xor $s2,$s2,$t2 xor $s3,$s3,$t3 blr + .long 0 + .byte 0,12,0x14,0,0,0,0,0 .align 4 Lppc_AES_encrypt_compact: lwz $acc00,240($key) - lwz $t0,0($key) - lwz $t1,4($key) - lwz $t2,8($key) - lwz $t3,12($key) addi $Tbl1,$Tbl0,2048 + lwz $t0,0($key) lis $mask80,0x8080 + lwz $t1,4($key) lis $mask1b,0x1b1b - addi $key,$key,16 + lwz $t2,8($key) ori $mask80,$mask80,0x8080 + lwz $t3,12($key) ori $mask1b,$mask1b,0x1b1b + addi $key,$key,16 mtctr $acc00 .align 4 Lenc_compact_loop: xor $s0,$s0,$t0 xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 rlwinm $acc00,$s0,`32-24`,24,31 + xor $s2,$s2,$t2 rlwinm $acc01,$s1,`32-24`,24,31 + xor $s3,$s3,$t3 rlwinm $acc02,$s2,`32-24`,24,31 rlwinm $acc03,$s3,`32-24`,24,31 - lbzx $acc00,$Tbl1,$acc00 - lbzx $acc01,$Tbl1,$acc01 rlwinm $acc04,$s1,`32-16`,24,31 rlwinm $acc05,$s2,`32-16`,24,31 - lbzx $acc02,$Tbl1,$acc02 - lbzx $acc03,$Tbl1,$acc03 rlwinm $acc06,$s3,`32-16`,24,31 rlwinm $acc07,$s0,`32-16`,24,31 - lbzx $acc04,$Tbl1,$acc04 - lbzx $acc05,$Tbl1,$acc05 + lbzx $acc00,$Tbl1,$acc00 rlwinm $acc08,$s2,`32-8`,24,31 + lbzx $acc01,$Tbl1,$acc01 rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc06,$Tbl1,$acc06 - lbzx $acc07,$Tbl1,$acc07 + lbzx $acc02,$Tbl1,$acc02 rlwinm $acc10,$s0,`32-8`,24,31 + lbzx $acc03,$Tbl1,$acc03 rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc08,$Tbl1,$acc08 - lbzx $acc09,$Tbl1,$acc09 + lbzx $acc04,$Tbl1,$acc04 rlwinm $acc12,$s3,`0`,24,31 + lbzx $acc05,$Tbl1,$acc05 rlwinm $acc13,$s0,`0`,24,31 - lbzx $acc10,$Tbl1,$acc10 - lbzx $acc11,$Tbl1,$acc11 + lbzx $acc06,$Tbl1,$acc06 rlwinm $acc14,$s1,`0`,24,31 + lbzx $acc07,$Tbl1,$acc07 rlwinm $acc15,$s2,`0`,24,31 - lbzx $acc12,$Tbl1,$acc12 - lbzx $acc13,$Tbl1,$acc13 + lbzx $acc08,$Tbl1,$acc08 rlwinm $s0,$acc00,24,0,7 + lbzx $acc09,$Tbl1,$acc09 rlwinm $s1,$acc01,24,0,7 - lbzx $acc14,$Tbl1,$acc14 - lbzx $acc15,$Tbl1,$acc15 + lbzx $acc10,$Tbl1,$acc10 rlwinm $s2,$acc02,24,0,7 + lbzx $acc11,$Tbl1,$acc11 rlwinm $s3,$acc03,24,0,7 + lbzx $acc12,$Tbl1,$acc12 rlwimi $s0,$acc04,16,8,15 + lbzx $acc13,$Tbl1,$acc13 rlwimi $s1,$acc05,16,8,15 + lbzx $acc14,$Tbl1,$acc14 rlwimi $s2,$acc06,16,8,15 + lbzx $acc15,$Tbl1,$acc15 rlwimi $s3,$acc07,16,8,15 rlwimi $s0,$acc08,8,16,23 rlwimi $s1,$acc09,8,16,23 rlwimi $s2,$acc10,8,16,23 rlwimi $s3,$acc11,8,16,23 lwz $t0,0($key) - lwz $t1,4($key) or $s0,$s0,$acc12 + lwz $t1,4($key) or $s1,$s1,$acc13 lwz $t2,8($key) - lwz $t3,12($key) or $s2,$s2,$acc14 + lwz $t3,12($key) or $s3,$s3,$acc15 addi $key,$key,16 @@ -599,12 +701,12 @@ Lenc_compact_loop: and $acc02,$s2,$mask80 and $acc03,$s3,$mask80 srwi $acc04,$acc00,7 # r1>>7 - srwi $acc05,$acc01,7 - srwi $acc06,$acc02,7 - srwi $acc07,$acc03,7 andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f + srwi $acc05,$acc01,7 andc $acc09,$s1,$mask80 + srwi $acc06,$acc02,7 andc $acc10,$s2,$mask80 + srwi $acc07,$acc03,7 andc $acc11,$s3,$mask80 sub $acc00,$acc00,$acc04 # r1-(r1>>7) sub $acc01,$acc01,$acc05 @@ -620,32 +722,32 @@ Lenc_compact_loop: and $acc03,$acc03,$mask1b xor $acc00,$acc00,$acc08 # r2 xor $acc01,$acc01,$acc09 + rotlwi $acc12,$s0,16 # ROTATE(r0,16) xor $acc02,$acc02,$acc10 + rotlwi $acc13,$s1,16 xor $acc03,$acc03,$acc11 + rotlwi $acc14,$s2,16 - rotlwi $acc12,$s0,16 # ROTATE(r0,16) - rotlwi $acc13,$s1,16 - rotlwi $acc14,$s2,16 - rotlwi $acc15,$s3,16 xor $s0,$s0,$acc00 # r0^r2 + rotlwi $acc15,$s3,16 xor $s1,$s1,$acc01 - xor $s2,$s2,$acc02 - xor $s3,$s3,$acc03 rotrwi $s0,$s0,24 # ROTATE(r2^r0,24) + xor $s2,$s2,$acc02 rotrwi $s1,$s1,24 + xor $s3,$s3,$acc03 rotrwi $s2,$s2,24 - rotrwi $s3,$s3,24 xor $s0,$s0,$acc00 # ROTATE(r2^r0,24)^r2 + rotrwi $s3,$s3,24 xor $s1,$s1,$acc01 xor $s2,$s2,$acc02 xor $s3,$s3,$acc03 rotlwi $acc08,$acc12,8 # ROTATE(r0,24) - rotlwi $acc09,$acc13,8 - rotlwi $acc10,$acc14,8 - rotlwi $acc11,$acc15,8 xor $s0,$s0,$acc12 # + rotlwi $acc09,$acc13,8 xor $s1,$s1,$acc13 + rotlwi $acc10,$acc14,8 xor $s2,$s2,$acc14 + rotlwi $acc11,$acc15,8 xor $s3,$s3,$acc15 xor $s0,$s0,$acc08 # xor $s1,$s1,$acc09 @@ -660,14 +762,15 @@ Lenc_compact_done: xor $s2,$s2,$t2 xor $s3,$s3,$t3 blr + .long 0 + .byte 0,12,0x14,0,0,0,0,0 .globl .AES_decrypt .align 7 .AES_decrypt: - mflr r0 $STU $sp,-$FRAME($sp) + mflr r0 - $PUSH r0,`$FRAME-$SIZE_T*21`($sp) $PUSH $toc,`$FRAME-$SIZE_T*20`($sp) $PUSH r13,`$FRAME-$SIZE_T*19`($sp) $PUSH r14,`$FRAME-$SIZE_T*18`($sp) @@ -688,7 +791,14 @@ Lenc_compact_done: $PUSH r29,`$FRAME-$SIZE_T*3`($sp) $PUSH r30,`$FRAME-$SIZE_T*2`($sp) $PUSH r31,`$FRAME-$SIZE_T*1`($sp) + $PUSH r0,`$FRAME+$LRSAVE`($sp) + + andi. $t0,$inp,3 + andi. $t1,$out,3 + or. $t0,$t0,$t1 + bne Ldec_unaligned +Ldec_unaligned_ok: lwz $s0,0($inp) lwz $s1,4($inp) lwz $s2,8($inp) @@ -699,8 +809,80 @@ Lenc_compact_done: stw $s1,4($out) stw $s2,8($out) stw $s3,12($out) + b Ldec_done + +Ldec_unaligned: + subfic $t0,$inp,4096 + subfic $t1,$out,4096 + andi. $t0,$t0,4096-16 + beq Ldec_xpage + andi. $t1,$t1,4096-16 + bne Ldec_unaligned_ok + +Ldec_xpage: + lbz $acc00,0($inp) + lbz $acc01,1($inp) + lbz $acc02,2($inp) + lbz $s0,3($inp) + lbz $acc04,4($inp) + lbz $acc05,5($inp) + lbz $acc06,6($inp) + lbz $s1,7($inp) + lbz $acc08,8($inp) + lbz $acc09,9($inp) + lbz $acc10,10($inp) + insrwi $s0,$acc00,8,0 + lbz $s2,11($inp) + insrwi $s1,$acc04,8,0 + lbz $acc12,12($inp) + insrwi $s0,$acc01,8,8 + lbz $acc13,13($inp) + insrwi $s1,$acc05,8,8 + lbz $acc14,14($inp) + insrwi $s0,$acc02,8,16 + lbz $s3,15($inp) + insrwi $s1,$acc06,8,16 + insrwi $s2,$acc08,8,0 + insrwi $s3,$acc12,8,0 + insrwi $s2,$acc09,8,8 + insrwi $s3,$acc13,8,8 + insrwi $s2,$acc10,8,16 + insrwi $s3,$acc14,8,16 + + bl LAES_Td + bl Lppc_AES_decrypt_compact - $POP r0,`$FRAME-$SIZE_T*21`($sp) + extrwi $acc00,$s0,8,0 + extrwi $acc01,$s0,8,8 + stb $acc00,0($out) + extrwi $acc02,$s0,8,16 + stb $acc01,1($out) + stb $acc02,2($out) + extrwi $acc04,$s1,8,0 + stb $s0,3($out) + extrwi $acc05,$s1,8,8 + stb $acc04,4($out) + extrwi $acc06,$s1,8,16 + stb $acc05,5($out) + stb $acc06,6($out) + extrwi $acc08,$s2,8,0 + stb $s1,7($out) + extrwi $acc09,$s2,8,8 + stb $acc08,8($out) + extrwi $acc10,$s2,8,16 + stb $acc09,9($out) + stb $acc10,10($out) + extrwi $acc12,$s3,8,0 + stb $s2,11($out) + extrwi $acc13,$s3,8,8 + stb $acc12,12($out) + extrwi $acc14,$s3,8,16 + stb $acc13,13($out) + stb $acc14,14($out) + stb $s3,15($out) + +Ldec_done: + $POP r0,`$FRAME+$LRSAVE`($sp) $POP $toc,`$FRAME-$SIZE_T*20`($sp) $POP r13,`$FRAME-$SIZE_T*19`($sp) $POP r14,`$FRAME-$SIZE_T*18`($sp) @@ -724,18 +906,21 @@ Lenc_compact_done: mtlr r0 addi $sp,$sp,$FRAME blr + .long 0 + .byte 0,12,4,1,0x80,18,3,0 + .long 0 -.align 4 +.align 5 Lppc_AES_decrypt: lwz $acc00,240($key) - lwz $t0,0($key) - lwz $t1,4($key) - lwz $t2,8($key) - lwz $t3,12($key) addi $Tbl1,$Tbl0,3 + lwz $t0,0($key) addi $Tbl2,$Tbl0,2 + lwz $t1,4($key) addi $Tbl3,$Tbl0,1 + lwz $t2,8($key) addi $acc00,$acc00,-1 + lwz $t3,12($key) addi $key,$key,16 xor $s0,$s0,$t0 xor $s1,$s1,$t1 @@ -746,47 +931,47 @@ Lppc_AES_decrypt: Ldec_loop: rlwinm $acc00,$s0,`32-24+3`,21,28 rlwinm $acc01,$s1,`32-24+3`,21,28 - lwz $t0,0($key) - lwz $t1,4($key) rlwinm $acc02,$s2,`32-24+3`,21,28 rlwinm $acc03,$s3,`32-24+3`,21,28 - lwz $t2,8($key) - lwz $t3,12($key) + lwz $t0,0($key) rlwinm $acc04,$s3,`32-16+3`,21,28 + lwz $t1,4($key) rlwinm $acc05,$s0,`32-16+3`,21,28 - lwzx $acc00,$Tbl0,$acc00 - lwzx $acc01,$Tbl0,$acc01 + lwz $t2,8($key) rlwinm $acc06,$s1,`32-16+3`,21,28 + lwz $t3,12($key) rlwinm $acc07,$s2,`32-16+3`,21,28 - lwzx $acc02,$Tbl0,$acc02 - lwzx $acc03,$Tbl0,$acc03 + lwzx $acc00,$Tbl0,$acc00 rlwinm $acc08,$s2,`32-8+3`,21,28 + lwzx $acc01,$Tbl0,$acc01 rlwinm $acc09,$s3,`32-8+3`,21,28 - lwzx $acc04,$Tbl1,$acc04 - lwzx $acc05,$Tbl1,$acc05 + lwzx $acc02,$Tbl0,$acc02 rlwinm $acc10,$s0,`32-8+3`,21,28 + lwzx $acc03,$Tbl0,$acc03 rlwinm $acc11,$s1,`32-8+3`,21,28 - lwzx $acc06,$Tbl1,$acc06 - lwzx $acc07,$Tbl1,$acc07 + lwzx $acc04,$Tbl1,$acc04 rlwinm $acc12,$s1,`0+3`,21,28 + lwzx $acc05,$Tbl1,$acc05 rlwinm $acc13,$s2,`0+3`,21,28 - lwzx $acc08,$Tbl2,$acc08 - lwzx $acc09,$Tbl2,$acc09 + lwzx $acc06,$Tbl1,$acc06 rlwinm $acc14,$s3,`0+3`,21,28 + lwzx $acc07,$Tbl1,$acc07 rlwinm $acc15,$s0,`0+3`,21,28 - lwzx $acc10,$Tbl2,$acc10 - lwzx $acc11,$Tbl2,$acc11 + lwzx $acc08,$Tbl2,$acc08 xor $t0,$t0,$acc00 + lwzx $acc09,$Tbl2,$acc09 xor $t1,$t1,$acc01 - lwzx $acc12,$Tbl3,$acc12 - lwzx $acc13,$Tbl3,$acc13 + lwzx $acc10,$Tbl2,$acc10 xor $t2,$t2,$acc02 + lwzx $acc11,$Tbl2,$acc11 xor $t3,$t3,$acc03 - lwzx $acc14,$Tbl3,$acc14 - lwzx $acc15,$Tbl3,$acc15 + lwzx $acc12,$Tbl3,$acc12 xor $t0,$t0,$acc04 + lwzx $acc13,$Tbl3,$acc13 xor $t1,$t1,$acc05 + lwzx $acc14,$Tbl3,$acc14 xor $t2,$t2,$acc06 + lwzx $acc15,$Tbl3,$acc15 xor $t3,$t3,$acc07 xor $t0,$t0,$acc08 xor $t1,$t1,$acc09 @@ -801,57 +986,57 @@ Ldec_loop: addi $Tbl2,$Tbl0,2048 nop - lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4 - lwz $acc09,`2048+32`($Tbl0) - lwz $acc10,`2048+64`($Tbl0) - lwz $acc11,`2048+96`($Tbl0) - lwz $acc08,`2048+128`($Tbl0) - lwz $acc09,`2048+160`($Tbl0) - lwz $acc10,`2048+192`($Tbl0) - lwz $acc11,`2048+224`($Tbl0) - rlwinm $acc00,$s0,`32-24`,24,31 - rlwinm $acc01,$s1,`32-24`,24,31 lwz $t0,0($key) + rlwinm $acc00,$s0,`32-24`,24,31 lwz $t1,4($key) - rlwinm $acc02,$s2,`32-24`,24,31 - rlwinm $acc03,$s3,`32-24`,24,31 + rlwinm $acc01,$s1,`32-24`,24,31 lwz $t2,8($key) + rlwinm $acc02,$s2,`32-24`,24,31 lwz $t3,12($key) + rlwinm $acc03,$s3,`32-24`,24,31 + lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4 rlwinm $acc04,$s3,`32-16`,24,31 + lwz $acc09,`2048+32`($Tbl0) rlwinm $acc05,$s0,`32-16`,24,31 + lwz $acc10,`2048+64`($Tbl0) lbzx $acc00,$Tbl2,$acc00 + lwz $acc11,`2048+96`($Tbl0) lbzx $acc01,$Tbl2,$acc01 + lwz $acc12,`2048+128`($Tbl0) rlwinm $acc06,$s1,`32-16`,24,31 + lwz $acc13,`2048+160`($Tbl0) rlwinm $acc07,$s2,`32-16`,24,31 - lbzx $acc02,$Tbl2,$acc02 - lbzx $acc03,$Tbl2,$acc03 + lwz $acc14,`2048+192`($Tbl0) rlwinm $acc08,$s2,`32-8`,24,31 + lwz $acc15,`2048+224`($Tbl0) rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc04,$Tbl2,$acc04 - lbzx $acc05,$Tbl2,$acc05 + lbzx $acc02,$Tbl2,$acc02 rlwinm $acc10,$s0,`32-8`,24,31 + lbzx $acc03,$Tbl2,$acc03 rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc06,$Tbl2,$acc06 - lbzx $acc07,$Tbl2,$acc07 + lbzx $acc04,$Tbl2,$acc04 rlwinm $acc12,$s1,`0`,24,31 + lbzx $acc05,$Tbl2,$acc05 rlwinm $acc13,$s2,`0`,24,31 - lbzx $acc08,$Tbl2,$acc08 - lbzx $acc09,$Tbl2,$acc09 + lbzx $acc06,$Tbl2,$acc06 rlwinm $acc14,$s3,`0`,24,31 + lbzx $acc07,$Tbl2,$acc07 rlwinm $acc15,$s0,`0`,24,31 - lbzx $acc10,$Tbl2,$acc10 - lbzx $acc11,$Tbl2,$acc11 + lbzx $acc08,$Tbl2,$acc08 rlwinm $s0,$acc00,24,0,7 + lbzx $acc09,$Tbl2,$acc09 rlwinm $s1,$acc01,24,0,7 - lbzx $acc12,$Tbl2,$acc12 - lbzx $acc13,$Tbl2,$acc13 + lbzx $acc10,$Tbl2,$acc10 rlwinm $s2,$acc02,24,0,7 + lbzx $acc11,$Tbl2,$acc11 rlwinm $s3,$acc03,24,0,7 - lbzx $acc14,$Tbl2,$acc14 - lbzx $acc15,$Tbl2,$acc15 + lbzx $acc12,$Tbl2,$acc12 rlwimi $s0,$acc04,16,8,15 + lbzx $acc13,$Tbl2,$acc13 rlwimi $s1,$acc05,16,8,15 + lbzx $acc14,$Tbl2,$acc14 rlwimi $s2,$acc06,16,8,15 + lbzx $acc15,$Tbl2,$acc15 rlwimi $s3,$acc07,16,8,15 rlwimi $s0,$acc08,8,16,23 rlwimi $s1,$acc09,8,16,23 @@ -866,20 +1051,22 @@ Ldec_loop: xor $s2,$s2,$t2 xor $s3,$s3,$t3 blr + .long 0 + .byte 0,12,0x14,0,0,0,0,0 .align 4 Lppc_AES_decrypt_compact: lwz $acc00,240($key) - lwz $t0,0($key) - lwz $t1,4($key) - lwz $t2,8($key) - lwz $t3,12($key) addi $Tbl1,$Tbl0,2048 + lwz $t0,0($key) lis $mask80,0x8080 + lwz $t1,4($key) lis $mask1b,0x1b1b - addi $key,$key,16 + lwz $t2,8($key) ori $mask80,$mask80,0x8080 + lwz $t3,12($key) ori $mask1b,$mask1b,0x1b1b + addi $key,$key,16 ___ $code.=<<___ if ($SIZE_T==8); insrdi $mask80,$mask80,32,0 @@ -891,59 +1078,59 @@ $code.=<<___; Ldec_compact_loop: xor $s0,$s0,$t0 xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 rlwinm $acc00,$s0,`32-24`,24,31 + xor $s2,$s2,$t2 rlwinm $acc01,$s1,`32-24`,24,31 + xor $s3,$s3,$t3 rlwinm $acc02,$s2,`32-24`,24,31 rlwinm $acc03,$s3,`32-24`,24,31 - lbzx $acc00,$Tbl1,$acc00 - lbzx $acc01,$Tbl1,$acc01 rlwinm $acc04,$s3,`32-16`,24,31 rlwinm $acc05,$s0,`32-16`,24,31 - lbzx $acc02,$Tbl1,$acc02 - lbzx $acc03,$Tbl1,$acc03 rlwinm $acc06,$s1,`32-16`,24,31 rlwinm $acc07,$s2,`32-16`,24,31 - lbzx $acc04,$Tbl1,$acc04 - lbzx $acc05,$Tbl1,$acc05 + lbzx $acc00,$Tbl1,$acc00 rlwinm $acc08,$s2,`32-8`,24,31 + lbzx $acc01,$Tbl1,$acc01 rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc06,$Tbl1,$acc06 - lbzx $acc07,$Tbl1,$acc07 + lbzx $acc02,$Tbl1,$acc02 rlwinm $acc10,$s0,`32-8`,24,31 + lbzx $acc03,$Tbl1,$acc03 rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc08,$Tbl1,$acc08 - lbzx $acc09,$Tbl1,$acc09 + lbzx $acc04,$Tbl1,$acc04 rlwinm $acc12,$s1,`0`,24,31 + lbzx $acc05,$Tbl1,$acc05 rlwinm $acc13,$s2,`0`,24,31 - lbzx $acc10,$Tbl1,$acc10 - lbzx $acc11,$Tbl1,$acc11 + lbzx $acc06,$Tbl1,$acc06 rlwinm $acc14,$s3,`0`,24,31 + lbzx $acc07,$Tbl1,$acc07 rlwinm $acc15,$s0,`0`,24,31 - lbzx $acc12,$Tbl1,$acc12 - lbzx $acc13,$Tbl1,$acc13 + lbzx $acc08,$Tbl1,$acc08 rlwinm $s0,$acc00,24,0,7 + lbzx $acc09,$Tbl1,$acc09 rlwinm $s1,$acc01,24,0,7 - lbzx $acc14,$Tbl1,$acc14 - lbzx $acc15,$Tbl1,$acc15 + lbzx $acc10,$Tbl1,$acc10 rlwinm $s2,$acc02,24,0,7 + lbzx $acc11,$Tbl1,$acc11 rlwinm $s3,$acc03,24,0,7 + lbzx $acc12,$Tbl1,$acc12 rlwimi $s0,$acc04,16,8,15 + lbzx $acc13,$Tbl1,$acc13 rlwimi $s1,$acc05,16,8,15 + lbzx $acc14,$Tbl1,$acc14 rlwimi $s2,$acc06,16,8,15 + lbzx $acc15,$Tbl1,$acc15 rlwimi $s3,$acc07,16,8,15 rlwimi $s0,$acc08,8,16,23 rlwimi $s1,$acc09,8,16,23 rlwimi $s2,$acc10,8,16,23 rlwimi $s3,$acc11,8,16,23 lwz $t0,0($key) - lwz $t1,4($key) or $s0,$s0,$acc12 + lwz $t1,4($key) or $s1,$s1,$acc13 lwz $t2,8($key) - lwz $t3,12($key) or $s2,$s2,$acc14 + lwz $t3,12($key) or $s3,$s3,$acc15 addi $key,$key,16 @@ -1017,12 +1204,12 @@ $code.=<<___ if ($SIZE_T==4); and $acc02,$s2,$mask80 and $acc03,$s3,$mask80 srwi $acc04,$acc00,7 # r1>>7 - srwi $acc05,$acc01,7 - srwi $acc06,$acc02,7 - srwi $acc07,$acc03,7 andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f + srwi $acc05,$acc01,7 andc $acc09,$s1,$mask80 + srwi $acc06,$acc02,7 andc $acc10,$s2,$mask80 + srwi $acc07,$acc03,7 andc $acc11,$s3,$mask80 sub $acc00,$acc00,$acc04 # r1-(r1>>7) sub $acc01,$acc01,$acc05 @@ -1046,12 +1233,12 @@ $code.=<<___ if ($SIZE_T==4); and $acc06,$acc02,$mask80 and $acc07,$acc03,$mask80 srwi $acc08,$acc04,7 # r1>>7 - srwi $acc09,$acc05,7 - srwi $acc10,$acc06,7 - srwi $acc11,$acc07,7 andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f + srwi $acc09,$acc05,7 andc $acc13,$acc01,$mask80 + srwi $acc10,$acc06,7 andc $acc14,$acc02,$mask80 + srwi $acc11,$acc07,7 andc $acc15,$acc03,$mask80 sub $acc04,$acc04,$acc08 # r1-(r1>>7) sub $acc05,$acc05,$acc09 @@ -1072,13 +1259,13 @@ $code.=<<___ if ($SIZE_T==4); and $acc08,$acc04,$mask80 # r1=r4&0x80808080 and $acc09,$acc05,$mask80 - and $acc10,$acc06,$mask80 - and $acc11,$acc07,$mask80 srwi $acc12,$acc08,7 # r1>>7 + and $acc10,$acc06,$mask80 srwi $acc13,$acc09,7 + and $acc11,$acc07,$mask80 srwi $acc14,$acc10,7 - srwi $acc15,$acc11,7 sub $acc08,$acc08,$acc12 # r1-(r1>>7) + srwi $acc15,$acc11,7 sub $acc09,$acc09,$acc13 sub $acc10,$acc10,$acc14 sub $acc11,$acc11,$acc15 @@ -1111,10 +1298,10 @@ ___ $code.=<<___; rotrwi $s0,$s0,8 # = ROTATE(r0,8) rotrwi $s1,$s1,8 - rotrwi $s2,$s2,8 - rotrwi $s3,$s3,8 xor $s0,$s0,$acc00 # ^= r2^r0 + rotrwi $s2,$s2,8 xor $s1,$s1,$acc01 + rotrwi $s3,$s3,8 xor $s2,$s2,$acc02 xor $s3,$s3,$acc03 xor $acc00,$acc00,$acc08 @@ -1122,32 +1309,32 @@ $code.=<<___; xor $acc02,$acc02,$acc10 xor $acc03,$acc03,$acc11 xor $s0,$s0,$acc04 # ^= r4^r0 - xor $s1,$s1,$acc05 - xor $s2,$s2,$acc06 - xor $s3,$s3,$acc07 rotrwi $acc00,$acc00,24 + xor $s1,$s1,$acc05 rotrwi $acc01,$acc01,24 + xor $s2,$s2,$acc06 rotrwi $acc02,$acc02,24 + xor $s3,$s3,$acc07 rotrwi $acc03,$acc03,24 xor $acc04,$acc04,$acc08 xor $acc05,$acc05,$acc09 xor $acc06,$acc06,$acc10 xor $acc07,$acc07,$acc11 xor $s0,$s0,$acc08 # ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)] - xor $s1,$s1,$acc09 - xor $s2,$s2,$acc10 - xor $s3,$s3,$acc11 rotrwi $acc04,$acc04,16 + xor $s1,$s1,$acc09 rotrwi $acc05,$acc05,16 + xor $s2,$s2,$acc10 rotrwi $acc06,$acc06,16 + xor $s3,$s3,$acc11 rotrwi $acc07,$acc07,16 xor $s0,$s0,$acc00 # ^= ROTATE(r8^r2^r0,24) - xor $s1,$s1,$acc01 - xor $s2,$s2,$acc02 - xor $s3,$s3,$acc03 rotrwi $acc08,$acc08,8 + xor $s1,$s1,$acc01 rotrwi $acc09,$acc09,8 + xor $s2,$s2,$acc02 rotrwi $acc10,$acc10,8 + xor $s3,$s3,$acc03 rotrwi $acc11,$acc11,8 xor $s0,$s0,$acc04 # ^= ROTATE(r8^r4^r0,16) xor $s1,$s1,$acc05 @@ -1166,7 +1353,9 @@ Ldec_compact_done: xor $s2,$s2,$t2 xor $s3,$s3,$t3 blr -.long 0 + .long 0 + .byte 0,12,0x14,0,0,0,0,0 + .asciz "AES for PPC, CRYPTOGAMS by <appro\@openssl.org>" .align 7 ___ diff --git a/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl b/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl index bc6c8f3fc08..880bcc2d58c 100644 --- a/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl +++ b/lib/libcrypto/aes/asm/aesni-sha1-x86_64.pl @@ -250,7 +250,7 @@ ___ $r++; unshift(@rndkey,pop(@rndkey)); }; -sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_ssse3_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions @@ -767,7 +767,7 @@ ___ $r++; unshift(@rndkey,pop(@rndkey)); }; -sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_avx_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions diff --git a/lib/libcrypto/aes/asm/aesni-x86_64.pl b/lib/libcrypto/aes/asm/aesni-x86_64.pl index f0b30109aef..a849073728b 100644 --- a/lib/libcrypto/aes/asm/aesni-x86_64.pl +++ b/lib/libcrypto/aes/asm/aesni-x86_64.pl @@ -52,7 +52,7 @@ # nothing one can do and the result appears optimal. CCM result is # identical to CBC, because CBC-MAC is essentially CBC encrypt without # saving output. CCM CTR "stays invisible," because it's neatly -# interleaved wih CBC-MAC. This provides ~30% improvement over +# interleaved with CBC-MAC. This provides ~30% improvement over # "straghtforward" CCM implementation with CTR and CBC-MAC performed # disjointly. Parallelizable modes practically achieve the theoretical # limit. @@ -136,7 +136,7 @@ # asymptotic, if it can be surpassed, isn't it? What happens there? # Rewind to CBC paragraph for the answer. Yes, out-of-order execution # magic is responsible for this. Processor overlaps not only the -# additional instructions with AES ones, but even AES instuctions +# additional instructions with AES ones, but even AES instructions # processing adjacent triplets of independent blocks. In the 6x case # additional instructions still claim disproportionally small amount # of additional cycles, but in 8x case number of instructions must be @@ -1350,7 +1350,7 @@ ___ movdqa @tweak[5],@tweak[$i] paddq @tweak[5],@tweak[5] # psllq 1,$tweak pand $twmask,$twres # isolate carry and residue - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits pxor $twres,@tweak[5] ___ } @@ -1456,7 +1456,7 @@ $code.=<<___; aesenc $rndkey0,$inout0 pand $twmask,$twres # isolate carry and residue aesenc $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesenc $rndkey0,$inout2 pxor $twres,@tweak[5] aesenc $rndkey0,$inout3 @@ -1471,7 +1471,7 @@ $code.=<<___; aesenc $rndkey1,$inout0 pand $twmask,$twres # isolate carry and residue aesenc $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesenc $rndkey1,$inout2 pxor $twres,@tweak[5] aesenc $rndkey1,$inout3 @@ -1485,7 +1485,7 @@ $code.=<<___; aesenclast $rndkey0,$inout0 pand $twmask,$twres # isolate carry and residue aesenclast $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesenclast $rndkey0,$inout2 pxor $twres,@tweak[5] aesenclast $rndkey0,$inout3 @@ -1499,7 +1499,7 @@ $code.=<<___; xorps `16*0`(%rsp),$inout0 # output^=tweak pand $twmask,$twres # isolate carry and residue xorps `16*1`(%rsp),$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits pxor $twres,@tweak[5] xorps `16*2`(%rsp),$inout2 @@ -1750,7 +1750,7 @@ ___ movdqa @tweak[5],@tweak[$i] paddq @tweak[5],@tweak[5] # psllq 1,$tweak pand $twmask,$twres # isolate carry and residue - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits pxor $twres,@tweak[5] ___ } @@ -1856,7 +1856,7 @@ $code.=<<___; aesdec $rndkey0,$inout0 pand $twmask,$twres # isolate carry and residue aesdec $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesdec $rndkey0,$inout2 pxor $twres,@tweak[5] aesdec $rndkey0,$inout3 @@ -1871,7 +1871,7 @@ $code.=<<___; aesdec $rndkey1,$inout0 pand $twmask,$twres # isolate carry and residue aesdec $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesdec $rndkey1,$inout2 pxor $twres,@tweak[5] aesdec $rndkey1,$inout3 @@ -1885,7 +1885,7 @@ $code.=<<___; aesdeclast $rndkey0,$inout0 pand $twmask,$twres # isolate carry and residue aesdeclast $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits aesdeclast $rndkey0,$inout2 pxor $twres,@tweak[5] aesdeclast $rndkey0,$inout3 @@ -1899,7 +1899,7 @@ $code.=<<___; xorps `16*0`(%rsp),$inout0 # output^=tweak pand $twmask,$twres # isolate carry and residue xorps `16*1`(%rsp),$inout1 - pcmpgtd @tweak[5],$twtmp # broadcat upper bits + pcmpgtd @tweak[5],$twtmp # broadcast upper bits pxor $twres,@tweak[5] xorps `16*2`(%rsp),$inout2 @@ -2520,7 +2520,7 @@ ___ # Vinodh Gopal <vinodh.gopal@intel.com> # Kahraman Akdemir # -# Agressively optimized in respect to aeskeygenassist's critical path +# Aggressively optimized in respect to aeskeygenassist's critical path # and is contained in %xmm0-5 to meet Win64 ABI requirement. # $code.=<<___; @@ -2602,7 +2602,7 @@ __aesni_set_encrypt_key: .align 16 .L14rounds: - movups 16($inp),%xmm2 # remaning half of *userKey + movups 16($inp),%xmm2 # remaining half of *userKey mov \$13,$bits # 14 rounds for 256 lea 16(%rax),%rax $movkey %xmm0,($key) # round 0 @@ -2862,7 +2862,7 @@ xts_se_handler: mov 56($disp),%r11 # disp->HandlerData mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue lable + lea (%rsi,%r10),%r10 # prologue label cmp %r10,%rbx # context->Rip<prologue label jb .Lcommon_seh_tail diff --git a/lib/libcrypto/aes/asm/bsaes-x86_64.pl b/lib/libcrypto/aes/asm/bsaes-x86_64.pl index c9c6312fa74..14dc2c02e7e 100644 --- a/lib/libcrypto/aes/asm/bsaes-x86_64.pl +++ b/lib/libcrypto/aes/asm/bsaes-x86_64.pl @@ -20,7 +20,7 @@ # - code was made position-independent; # - rounds were folded into a loop resulting in >5x size reduction # from 12.5KB to 2.2KB; -# - above was possibile thanks to mixcolumns() modification that +# - above was possible thanks to mixcolumns() modification that # allowed to feed its output back to aesenc[last], this was # achieved at cost of two additional inter-registers moves; # - some instruction reordering and interleaving; @@ -83,9 +83,9 @@ # Add decryption procedure. Performance in CPU cycles spent to decrypt # one byte out of 4096-byte buffer with 128-bit key is: # -# Core 2 11.0 -# Nehalem 9.16 -# Atom 20.9 +# Core 2 9.83 +# Nehalem 7.74 +# Atom 19.0 # # November 2011. # @@ -105,7 +105,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or die "can't locate x86_64-xlate.pl"; -open STDOUT,"| $^X $xlate $flavour $output"; +open OUT,"| \"$^X\" $xlate $flavour $output"; +*STDOUT=*OUT; my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx"); my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15) @@ -455,6 +456,7 @@ sub MixColumns { # modified to emit output in order suitable for feeding back to aesenc[last] my @x=@_[0..7]; my @t=@_[8..15]; +my $inv=@_[16]; # optional $code.=<<___; pshufd \$0x93, @x[0], @t[0] # x0 <<< 32 pshufd \$0x93, @x[1], @t[1] @@ -496,7 +498,8 @@ $code.=<<___; pxor @t[4], @t[0] pshufd \$0x4E, @x[2], @x[6] pxor @t[5], @t[1] - +___ +$code.=<<___ if (!$inv); pxor @t[3], @x[4] pxor @t[7], @x[5] pxor @t[6], @x[3] @@ -504,9 +507,20 @@ $code.=<<___; pxor @t[2], @x[6] movdqa @t[1], @x[7] ___ +$code.=<<___ if ($inv); + pxor @x[4], @t[3] + pxor @t[7], @x[5] + pxor @x[3], @t[6] + movdqa @t[0], @x[3] + pxor @t[2], @x[6] + movdqa @t[6], @x[2] + movdqa @t[1], @x[7] + movdqa @x[6], @x[4] + movdqa @t[3], @x[6] +___ } -sub InvMixColumns { +sub InvMixColumns_orig { my @x=@_[0..7]; my @t=@_[8..15]; @@ -660,6 +674,54 @@ $code.=<<___; ___ } +sub InvMixColumns { +my @x=@_[0..7]; +my @t=@_[8..15]; + +# Thanks to Jussi Kivilinna for providing pointer to +# +# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 | +# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 | +# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 | +# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 | + +$code.=<<___; + # multiplication by 0x05-0x00-0x04-0x00 + pshufd \$0x4E, @x[0], @t[0] + pshufd \$0x4E, @x[6], @t[6] + pxor @x[0], @t[0] + pshufd \$0x4E, @x[7], @t[7] + pxor @x[6], @t[6] + pshufd \$0x4E, @x[1], @t[1] + pxor @x[7], @t[7] + pshufd \$0x4E, @x[2], @t[2] + pxor @x[1], @t[1] + pshufd \$0x4E, @x[3], @t[3] + pxor @x[2], @t[2] + pxor @t[6], @x[0] + pxor @t[6], @x[1] + pshufd \$0x4E, @x[4], @t[4] + pxor @x[3], @t[3] + pxor @t[0], @x[2] + pxor @t[1], @x[3] + pshufd \$0x4E, @x[5], @t[5] + pxor @x[4], @t[4] + pxor @t[7], @x[1] + pxor @t[2], @x[4] + pxor @x[5], @t[5] + + pxor @t[7], @x[2] + pxor @t[6], @x[3] + pxor @t[6], @x[4] + pxor @t[3], @x[5] + pxor @t[4], @x[6] + pxor @t[7], @x[4] + pxor @t[7], @x[5] + pxor @t[5], @x[7] +___ + &MixColumns (@x,@t,1); # flipped 2<->3 and 4<->6 +} + sub aesenc { # not used my @b=@_[0..7]; my @t=@_[8..15]; @@ -2027,6 +2089,8 @@ ___ # const unsigned char iv[16]); # my ($twmask,$twres,$twtmp)=@XMM[13..15]; +$arg6=~s/d$//; + $code.=<<___; .globl bsaes_xts_encrypt .type bsaes_xts_encrypt,\@abi-omnipotent diff --git a/lib/libcrypto/arc4random/getentropy_aix.c b/lib/libcrypto/arc4random/getentropy_aix.c index 7fb857e6d22..9d085cf5033 100644 --- a/lib/libcrypto/arc4random/getentropy_aix.c +++ b/lib/libcrypto/arc4random/getentropy_aix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getentropy_aix.c,v 1.8 2021/10/24 21:24:20 deraadt Exp $ */ +/* $OpenBSD: getentropy_aix.c,v 1.9 2022/12/26 07:18:50 jmc Exp $ */ /* * Copyright (c) 2015 Michael Felt <aixtools@gmail.com> @@ -21,7 +21,7 @@ * http://man.openbsd.org/getentropy.2 */ /* - * -lperfstat is needed for the psuedo entropy data + * -lperfstat is needed for the pseudo entropy data */ #include <sys/mman.h> diff --git a/lib/libcrypto/arch/aarch64/opensslconf.h b/lib/libcrypto/arch/aarch64/opensslconf.h index ab3e2d89b00..748ed8f8b43 100644 --- a/lib/libcrypto/arch/aarch64/opensslconf.h +++ b/lib/libcrypto/arch/aarch64/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #define SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #undef THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/alpha/opensslconf.h b/lib/libcrypto/arch/alpha/opensslconf.h index a1331118f40..47f2aa8f213 100644 --- a/lib/libcrypto/arch/alpha/opensslconf.h +++ b/lib/libcrypto/arch/alpha/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #define SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #undef THIRTY_TWO_BIT @@ -88,7 +88,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -103,7 +103,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #undef DES_UNROLL #endif diff --git a/lib/libcrypto/arch/amd64/opensslconf.h b/lib/libcrypto/arch/amd64/opensslconf.h index f8cbb5d652f..5cad089a8b5 100644 --- a/lib/libcrypto/arch/amd64/opensslconf.h +++ b/lib/libcrypto/arch/amd64/opensslconf.h @@ -85,7 +85,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -100,7 +100,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/arm/opensslconf.h b/lib/libcrypto/arch/arm/opensslconf.h index 78cd6d856fb..f17d3d28034 100644 --- a/lib/libcrypto/arch/arm/opensslconf.h +++ b/lib/libcrypto/arch/arm/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/hppa/opensslconf.h b/lib/libcrypto/arch/hppa/opensslconf.h index 78cd6d856fb..f17d3d28034 100644 --- a/lib/libcrypto/arch/hppa/opensslconf.h +++ b/lib/libcrypto/arch/hppa/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/i386/opensslconf.h b/lib/libcrypto/arch/i386/opensslconf.h index bf439696d89..3b3827cdb11 100644 --- a/lib/libcrypto/arch/i386/opensslconf.h +++ b/lib/libcrypto/arch/i386/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #define DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/m88k/opensslconf.h b/lib/libcrypto/arch/m88k/opensslconf.h index 78cd6d856fb..f17d3d28034 100644 --- a/lib/libcrypto/arch/m88k/opensslconf.h +++ b/lib/libcrypto/arch/m88k/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/mips64/opensslconf.h b/lib/libcrypto/arch/mips64/opensslconf.h index 226951eded1..ed1204c8c12 100644 --- a/lib/libcrypto/arch/mips64/opensslconf.h +++ b/lib/libcrypto/arch/mips64/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #define SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #undef THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #undef DES_UNROLL #endif diff --git a/lib/libcrypto/arch/powerpc/opensslconf.h b/lib/libcrypto/arch/powerpc/opensslconf.h index 78cd6d856fb..f17d3d28034 100644 --- a/lib/libcrypto/arch/powerpc/opensslconf.h +++ b/lib/libcrypto/arch/powerpc/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/powerpc64/opensslconf.h b/lib/libcrypto/arch/powerpc64/opensslconf.h index f8cbb5d652f..5cad089a8b5 100644 --- a/lib/libcrypto/arch/powerpc64/opensslconf.h +++ b/lib/libcrypto/arch/powerpc64/opensslconf.h @@ -85,7 +85,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -100,7 +100,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/riscv64/opensslconf.h b/lib/libcrypto/arch/riscv64/opensslconf.h index ab3e2d89b00..748ed8f8b43 100644 --- a/lib/libcrypto/arch/riscv64/opensslconf.h +++ b/lib/libcrypto/arch/riscv64/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #define SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #undef THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/sh/opensslconf.h b/lib/libcrypto/arch/sh/opensslconf.h index 78cd6d856fb..f17d3d28034 100644 --- a/lib/libcrypto/arch/sh/opensslconf.h +++ b/lib/libcrypto/arch/sh/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #undef SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #define THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #define DES_UNROLL #endif diff --git a/lib/libcrypto/arch/sparc/opensslconf.h b/lib/libcrypto/arch/sparc/opensslconf.h new file mode 100644 index 00000000000..f17d3d28034 --- /dev/null +++ b/lib/libcrypto/arch/sparc/opensslconf.h @@ -0,0 +1,154 @@ +#include <openssl/opensslfeatures.h> +/* crypto/opensslconf.h.in */ + +#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +#define OPENSSLDIR "/etc/ssl" +#endif + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD <unistd.h> + +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION + +#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) +#define IDEA_INT unsigned int +#endif + +#if defined(HEADER_MD2_H) && !defined(MD2_INT) +#define MD2_INT unsigned int +#endif + +#if defined(HEADER_RC2_H) && !defined(RC2_INT) +/* I need to put in a mod for the alpha - eay */ +#define RC2_INT unsigned int +#endif + +#if defined(HEADER_RC4_H) +#if !defined(RC4_INT) +/* using int types make the structure larger but make the code faster + * on most boxes I have tested - up to %20 faster. */ +/* + * I don't know what does "most" mean, but declaring "int" is a must on: + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ +#define RC4_INT unsigned int +#endif +#if !defined(RC4_CHUNK) +/* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +#undef RC4_CHUNK +#endif +#endif + +#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) +/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a + * %20 speed up (longs are 8 bytes, int's are 4). */ +#ifndef DES_LONG +#define DES_LONG unsigned int +#endif +#endif + +#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) +#define CONFIG_HEADER_BN_H +#define BN_LLONG + +/* Should we define BN_DIV2W here? */ + +/* Only one for the following should be defined */ +/* The prime number generation stuff may not work when + * EIGHT_BIT but I don't care since I've only used this mode + * for debugging the bignum libraries */ +#undef SIXTY_FOUR_BIT_LONG +#undef SIXTY_FOUR_BIT +#define THIRTY_TWO_BIT +#undef SIXTEEN_BIT +#undef EIGHT_BIT +#endif + +#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) +#define CONFIG_HEADER_RC4_LOCL_H +/* if this is defined data[i] is used instead of *data, this is a %20 + * speedup on x86 */ +#define RC4_INDEX +#endif + +#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) +#define CONFIG_HEADER_BF_LOCL_H +#undef BF_PTR +#endif /* HEADER_BF_LOCL_H */ + +#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) +#define CONFIG_HEADER_DES_LOCL_H +#ifndef DES_DEFAULT_OPTIONS +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_PTR +#undef DES_PTR +#endif + +/* This helps C compiler generate the correct code for multiple functional + * units. It reduces register dependencies at the expense of 2 more + * registers */ +#ifndef DES_RISC1 +#undef DES_RISC1 +#endif + +#ifndef DES_RISC2 +#undef DES_RISC2 +#endif + +#if defined(DES_RISC1) && defined(DES_RISC2) +YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#endif + +/* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very much CPU dependent */ +#ifndef DES_UNROLL +#define DES_UNROLL +#endif + +/* These default values were supplied by + * Peter Gutman <pgut001@cs.auckland.ac.nz> + * They are only used if nothing else has been defined */ +#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) +/* Special defines which change the way the code is built depending on the + CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find + even newer MIPS CPU's, but at the moment one size fits all for + optimization options. Older Sparc's work better with only UNROLL, but + there's no way to tell at compile time what it is you're running on */ + +#if defined( sun ) /* Newer Sparc's */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#elif defined( __ultrix ) /* Older MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined( __osf1__ ) /* Alpha */ +# define DES_PTR +# define DES_RISC2 +#elif defined ( _AIX ) /* RS6000 */ + /* Unknown */ +#elif defined( __hpux ) /* HP-PA */ + /* Unknown */ +#elif defined( __aux ) /* 68K */ + /* Unknown */ +#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ +# define DES_UNROLL +#elif defined( __sgi ) /* Newer MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#endif /* Systems-specific speed defines */ +#endif + +#endif /* DES_DEFAULT_OPTIONS */ +#endif /* HEADER_DES_LOCL_H */ diff --git a/lib/libcrypto/arch/sparc64/opensslconf.h b/lib/libcrypto/arch/sparc64/opensslconf.h index 226951eded1..ed1204c8c12 100644 --- a/lib/libcrypto/arch/sparc64/opensslconf.h +++ b/lib/libcrypto/arch/sparc64/opensslconf.h @@ -60,7 +60,7 @@ /* Only one for the following should be defined */ /* The prime number generation stuff may not work when * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ + * for debugging the bignum libraries */ #define SIXTY_FOUR_BIT_LONG #undef SIXTY_FOUR_BIT #undef THIRTY_TWO_BIT @@ -90,7 +90,7 @@ #endif /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more + * units. It reduces register dependencies at the expense of 2 more * registers */ #ifndef DES_RISC1 #undef DES_RISC1 @@ -105,7 +105,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! #endif /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ + * Very much CPU dependent */ #ifndef DES_UNROLL #undef DES_UNROLL #endif diff --git a/lib/libcrypto/asn1/a_mbstr.c b/lib/libcrypto/asn1/a_mbstr.c index 06b674ef413..32b39ad5dbb 100644 --- a/lib/libcrypto/asn1/a_mbstr.c +++ b/lib/libcrypto/asn1/a_mbstr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_mbstr.c,v 1.25 2022/11/26 16:08:50 tb Exp $ */ +/* $OpenBSD: a_mbstr.c,v 1.26 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -276,7 +276,7 @@ traverse_string(const unsigned char *p, int len, int inform, case MBSTRING_BMP: value = *p++ << 8; value |= *p++; - /* BMP is explictly defined to not support surrogates */ + /* BMP is explicitly defined to not support surrogates */ if (UNICODE_IS_SURROGATE(value)) return -1; len -= 2; diff --git a/lib/libcrypto/asn1/tasn_utl.c b/lib/libcrypto/asn1/tasn_utl.c index 86cd42eec7a..ae546edd4b0 100644 --- a/lib/libcrypto/asn1/tasn_utl.c +++ b/lib/libcrypto/asn1/tasn_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_utl.c,v 1.17 2022/05/12 19:55:58 jsing Exp $ */ +/* $OpenBSD: tasn_utl.c,v 1.18 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -100,7 +100,7 @@ asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) /* Do reference counting. The value 'op' decides what to do. * if it is +1 then the count is incremented. If op is 0 count is * set to 1. If op is -1 count is decremented and the return value - * is the current refrence count or 0 if no reference count exists. + * is the current reference count or 0 if no reference count exists. */ int diff --git a/lib/libcrypto/bio/bss_dgram.c b/lib/libcrypto/bio/bss_dgram.c index fa6e2db9178..0d70daa20e8 100644 --- a/lib/libcrypto/bio/bss_dgram.c +++ b/lib/libcrypto/bio/bss_dgram.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bss_dgram.c,v 1.43 2022/01/07 09:02:17 tb Exp $ */ +/* $OpenBSD: bss_dgram.c,v 1.44 2022/12/26 07:18:51 jmc Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -214,7 +214,7 @@ dgram_adjust_rcv_timeout(BIO *b) timeleft.tv_usec = 1; } - /* Adjust socket timeout if next handhake message timer + /* Adjust socket timeout if next handshake message timer * will expire earlier. */ if ((data->socket_timeout.tv_sec == 0 && diff --git a/lib/libcrypto/bn/asm/co-586.pl b/lib/libcrypto/bn/asm/co-586.pl index 57101a6bd77..37d79cc0c1a 100644 --- a/lib/libcrypto/bn/asm/co-586.pl +++ b/lib/libcrypto/bn/asm/co-586.pl @@ -28,17 +28,17 @@ sub mul_add_c &mul("edx"); &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a + &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a &mov("eax",&wparam(0)) if $pos > 0; # load r[] ### &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b + &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # load next b + &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # load next b ### &adc($c2,0); # is pos > 1, it means it is the last loop &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a + &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next a } sub sqr_add_c diff --git a/lib/libcrypto/bn/asm/mips.pl b/lib/libcrypto/bn/asm/mips.pl index 215c9a74832..02d43e15b0c 100644 --- a/lib/libcrypto/bn/asm/mips.pl +++ b/lib/libcrypto/bn/asm/mips.pl @@ -15,7 +15,7 @@ # This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c. # # The module is designed to work with either of the "new" MIPS ABI(5), -# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under +# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under # IRIX 5.x not only because it doesn't support new ABIs but also # because 5.x kernels put R4x00 CPU into 32-bit mode and all those # 64-bit instructions (daddu, dmultu, etc.) found below gonna only diff --git a/lib/libcrypto/bn/asm/modexp512-x86_64.pl b/lib/libcrypto/bn/asm/modexp512-x86_64.pl index 43172828353..2e71a7f03dc 100644 --- a/lib/libcrypto/bn/asm/modexp512-x86_64.pl +++ b/lib/libcrypto/bn/asm/modexp512-x86_64.pl @@ -1307,7 +1307,7 @@ end_main_loop_a3b: movdqa %xmm3, (+$tmp16_offset+16*3)(%rsp) call mont_reduce - # If result > m, subract m + # If result > m, subtract m # load result into r15:r8 mov (+$pResult_offset)(%rsp), %rax mov (+8*0)(%rax), %r8 diff --git a/lib/libcrypto/bn/asm/pa-risc2W.s b/lib/libcrypto/bn/asm/pa-risc2W.s index a99545754d1..a91f3ea5afa 100644 --- a/lib/libcrypto/bn/asm/pa-risc2W.s +++ b/lib/libcrypto/bn/asm/pa-risc2W.s @@ -783,7 +783,7 @@ $00000012 COPY %r0,%r10 ; ret = 0 MTSARCM %r31 ; i to shift DEPD,Z %r3,%sar,64,%r3 ; d <<= i; - SUBI 64,%r31,%r19 ; 64 - i; redundent + SUBI 64,%r31,%r19 ; 64 - i; redundant MTSAR %r19 ; (64 -i) to shift SHRPD %r4,%r5,%sar,%r4 ; l>> (64-i) MTSARCM %r31 ; i to shift diff --git a/lib/libcrypto/bn/asm/parisc-mont.pl b/lib/libcrypto/bn/asm/parisc-mont.pl index fcfdee1f1f8..6da9574adf1 100644 --- a/lib/libcrypto/bn/asm/parisc-mont.pl +++ b/lib/libcrypto/bn/asm/parisc-mont.pl @@ -116,7 +116,7 @@ $fp="%r3"; $hi1="%r2"; $hi0="%r1"; -$xfer=$n0; # accomodates [-16..15] offset in fld[dw]s +$xfer=$n0; # accommodates [-16..15] offset in fld[dw]s $fm0="%fr4"; $fti=$fm0; $fbi="%fr5L"; diff --git a/lib/libcrypto/bn/asm/ppc.pl b/lib/libcrypto/bn/asm/ppc.pl index 307c7ccb358..34e38d8f6aa 100644 --- a/lib/libcrypto/bn/asm/ppc.pl +++ b/lib/libcrypto/bn/asm/ppc.pl @@ -34,7 +34,7 @@ #dsa 512 bits 0.0087s 0.0106s 114.3 94.5 #dsa 1024 bits 0.0256s 0.0313s 39.0 32.0 # -# Same bechmark with this assembler code: +# Same benchmark with this assembler code: # #rsa 512 bits 0.0056s 0.0005s 178.6 2049.2 #rsa 1024 bits 0.0283s 0.0015s 35.3 674.1 @@ -100,9 +100,9 @@ # me a note at schari@us.ibm.com # -$opf = shift; +$flavour = shift; -if ($opf =~ /32\.s/) { +if ($flavour =~ /32/) { $BITS= 32; $BNSZ= $BITS/8; $ISA= "\"ppc\""; @@ -116,7 +116,7 @@ if ($opf =~ /32\.s/) { $UDIV= "divwu"; # unsigned divide $UCMPI= "cmplwi"; # unsigned compare with immediate $UCMP= "cmplw"; # unsigned compare - $COUNTZ="cntlzw"; # count leading zeros + $CNTLZ= "cntlzw"; # count leading zeros $SHL= "slw"; # shift left $SHR= "srw"; # unsigned shift right $SHRI= "srwi"; # unsigned shift right by immediate @@ -124,7 +124,8 @@ if ($opf =~ /32\.s/) { $CLRU= "clrlwi"; # clear upper bits $INSR= "insrwi"; # insert right $ROTL= "rotlwi"; # rotate left by immediate -} elsif ($opf =~ /64\.s/) { + $TR= "tw"; # conditional trap +} elsif ($flavour =~ /64/) { $BITS= 64; $BNSZ= $BITS/8; $ISA= "\"ppc64\""; @@ -139,7 +140,7 @@ if ($opf =~ /32\.s/) { $UDIV= "divdu"; # unsigned divide $UCMPI= "cmpldi"; # unsigned compare with immediate $UCMP= "cmpld"; # unsigned compare - $COUNTZ="cntlzd"; # count leading zeros + $CNTLZ= "cntlzd"; # count leading zeros $SHL= "sld"; # shift left $SHR= "srd"; # unsigned shift right $SHRI= "srdi"; # unsigned shift right by immediate @@ -147,93 +148,17 @@ if ($opf =~ /32\.s/) { $CLRU= "clrldi"; # clear upper bits $INSR= "insrdi"; # insert right $ROTL= "rotldi"; # rotate left by immediate -} else { die "nonsense $opf"; } - -( defined shift || open STDOUT,">$opf" ) || die "can't open $opf: $!"; - -# function entry points from the AIX code -# -# There are other, more elegant, ways to handle this. We (IBM) chose -# this approach as it plays well with scripts we run to 'namespace' -# OpenSSL .i.e. we add a prefix to all the public symbols so we can -# co-exist in the same process with other implementations of OpenSSL. -# 'cleverer' ways of doing these substitutions tend to hide data we -# need to be obvious. -# -my @items = ("bn_sqr_comba4", - "bn_sqr_comba8", - "bn_mul_comba4", - "bn_mul_comba8", - "bn_sub_words", - "bn_add_words", - "bn_div_words", - "bn_sqr_words", - "bn_mul_words", - "bn_mul_add_words"); - -if ($opf =~ /linux/) { do_linux(); } -elsif ($opf =~ /aix/) { do_aix(); } -elsif ($opf =~ /osx/) { do_osx(); } -else { do_bsd(); } - -sub do_linux { - $d=&data(); - - if ($BITS==64) { - foreach $t (@items) { - $d =~ s/\.$t:/\ -\t.section\t".opd","aw"\ -\t.align\t3\ -\t.globl\t$t\ -$t:\ -\t.quad\t.$t,.TOC.\@tocbase,0\ -\t.size\t$t,24\ -\t.previous\n\ -\t.type\t.$t,\@function\ -\t.globl\t.$t\ -.$t:/g; - } - } - else { - foreach $t (@items) { - $d=~s/\.$t/$t/g; - } - } - # hide internal labels to avoid pollution of name table... - $d=~s/Lppcasm_/.Lppcasm_/gm; - print $d; -} - -sub do_aix { - # AIX assembler is smart enough to please the linker without - # making us do something special... - print &data(); -} + $TR= "td"; # conditional trap +} else { die "nonsense $flavour"; } -# MacOSX 32 bit -sub do_osx { - $d=&data(); - # Change the bn symbol prefix from '.' to '_' - foreach $t (@items) { - $d=~s/\.$t/_$t/g; - } - # Change .machine to something OS X asm will accept - $d=~s/\.machine.*/.text/g; - $d=~s/\#/;/g; # change comment from '#' to ';' - print $d; -} +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or +( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or +die "can't locate ppc-xlate.pl"; -# BSD (Untested) -sub do_bsd { - $d=&data(); - foreach $t (@items) { - $d=~s/\.$t/_$t/g; - } - print $d; -} +open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; -sub data { - local($data)=<<EOF; +$data=<<EOF; #-------------------------------------------------------------------- # # @@ -295,33 +220,20 @@ sub data { # # Defines to be used in the assembly code. # -.set r0,0 # we use it as storage for value of 0 -.set SP,1 # preserved -.set RTOC,2 # preserved -.set r3,3 # 1st argument/return value -.set r4,4 # 2nd argument/volatile register -.set r5,5 # 3rd argument/volatile register -.set r6,6 # ... -.set r7,7 -.set r8,8 -.set r9,9 -.set r10,10 -.set r11,11 -.set r12,12 -.set r13,13 # not used, nor any other "below" it... - -.set BO_IF_NOT,4 -.set BO_IF,12 -.set BO_dCTR_NZERO,16 -.set BO_dCTR_ZERO,18 -.set BO_ALWAYS,20 -.set CR0_LT,0; -.set CR0_GT,1; -.set CR0_EQ,2 -.set CR1_FX,4; -.set CR1_FEX,5; -.set CR1_VX,6 -.set LR,8 +#.set r0,0 # we use it as storage for value of 0 +#.set SP,1 # preserved +#.set RTOC,2 # preserved +#.set r3,3 # 1st argument/return value +#.set r4,4 # 2nd argument/volatile register +#.set r5,5 # 3rd argument/volatile register +#.set r6,6 # ... +#.set r7,7 +#.set r8,8 +#.set r9,9 +#.set r10,10 +#.set r11,11 +#.set r12,12 +#.set r13,13 # not used, nor any other "below" it... # Declare function names to be global # NOTE: For gcc these names MUST be changed to remove @@ -342,7 +254,7 @@ sub data { # .text section - .machine $ISA + .machine "any" # # NOTE: The following label name should be changed to @@ -476,8 +388,10 @@ sub data { $ST r9,`6*$BNSZ`(r3) #r[6]=c1 $ST r10,`7*$BNSZ`(r3) #r[7]=c2 - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,2,0 + .long 0 # # NOTE: The following label name should be changed to @@ -901,9 +815,10 @@ sub data { $ST r9, `15*$BNSZ`(r3) #r[15]=c1; - bclr BO_ALWAYS,CR0_LT - - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,2,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1037,7 +952,7 @@ sub data { addze r11,r0 #mul_add_c(a[3],b[2],c3,c1,c2); $LD r6,`3*$BNSZ`(r4) - $LD r7,`2*$BNSZ`(r4) + $LD r7,`2*$BNSZ`(r5) $UMULL r8,r6,r7 $UMULH r9,r6,r7 addc r12,r8,r12 @@ -1053,8 +968,10 @@ sub data { $ST r10,`6*$BNSZ`(r3) #r[6]=c1 $ST r11,`7*$BNSZ`(r3) #r[7]=c2 - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,3,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1589,8 +1506,10 @@ sub data { adde r10,r10,r9 $ST r12,`14*$BNSZ`(r3) #r[14]=c3; $ST r10,`15*$BNSZ`(r3) #r[15]=c1; - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,3,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1621,7 +1540,7 @@ sub data { subfc. r7,r0,r6 # If r6 is 0 then result is 0. # if r6 > 0 then result !=0 # In either case carry bit is set. - bc BO_IF,CR0_EQ,Lppcasm_sub_adios + beq Lppcasm_sub_adios addi r4,r4,-$BNSZ addi r3,r3,-$BNSZ addi r5,r5,-$BNSZ @@ -1633,13 +1552,14 @@ Lppcasm_sub_mainloop: # if carry = 1 this is r7-r8. Else it # is r7-r8 -1 as we need. $STU r6,$BNSZ(r3) - bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_sub_mainloop + bdnz- Lppcasm_sub_mainloop Lppcasm_sub_adios: subfze r3,r0 # if carry bit is set then r3 = 0 else -1 andi. r3,r3,1 # keep only last bit. - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 - + blr + .long 0 + .byte 0,12,0x14,0,0,0,4,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1668,7 +1588,7 @@ Lppcasm_sub_adios: # check for r6 = 0. Is this needed? # addic. r6,r6,0 #test r6 and clear carry bit. - bc BO_IF,CR0_EQ,Lppcasm_add_adios + beq Lppcasm_add_adios addi r4,r4,-$BNSZ addi r3,r3,-$BNSZ addi r5,r5,-$BNSZ @@ -1678,11 +1598,13 @@ Lppcasm_add_mainloop: $LDU r8,$BNSZ(r5) adde r8,r7,r8 $STU r8,$BNSZ(r3) - bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_add_mainloop + bdnz- Lppcasm_add_mainloop Lppcasm_add_adios: addze r3,r0 #return carry bit. - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,4,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1705,29 +1627,24 @@ Lppcasm_add_adios: # r5 = d $UCMPI 0,r5,0 # compare r5 and 0 - bc BO_IF_NOT,CR0_EQ,Lppcasm_div1 # proceed if d!=0 + bne Lppcasm_div1 # proceed if d!=0 li r3,-1 # d=0 return -1 - bclr BO_ALWAYS,CR0_LT + blr Lppcasm_div1: xor r0,r0,r0 #r0=0 - $COUNTZ r7,r5 #r7 = num leading 0s in d. - subfic r8,r7,$BITS #r8 = BN_num_bits_word(d) - cmpi 0,0,r8,$BITS # - bc BO_IF,CR0_EQ,Lppcasm_div2 #proceed if (r8==$BITS) - li r9,1 # r9=1 - $SHL r10,r9,r8 # r9<<=r8 - $UCMP 0,r3,r10 # - bc BO_IF,CR0_GT,Lppcasm_div2 #or if (h > (1<<r8)) - $UDIV r3,r3,r0 #if not assert(0) divide by 0! - #that's how we signal overflow - bclr BO_ALWAYS,CR0_LT #return. NEVER REACHED. + li r8,$BITS + $CNTLZ. r7,r5 #r7 = num leading 0s in d. + beq Lppcasm_div2 #proceed if no leading zeros + subf r8,r7,r8 #r8 = BN_num_bits_word(d) + $SHR. r9,r3,r8 #are there any bits above r8'th? + $TR 16,r9,r0 #if there're, signal to dump core... Lppcasm_div2: $UCMP 0,r3,r5 #h>=d? - bc BO_IF,CR0_LT,Lppcasm_div3 #goto Lppcasm_div3 if not + blt Lppcasm_div3 #goto Lppcasm_div3 if not subf r3,r5,r3 #h-=d ; Lppcasm_div3: #r7 = BN_BITS2-i. so r7=i cmpi 0,0,r7,0 # is (i == 0)? - bc BO_IF,CR0_EQ,Lppcasm_div4 + beq Lppcasm_div4 $SHL r3,r3,r7 # h = (h<< i) $SHR r8,r4,r8 # r8 = (l >> BN_BITS2 -i) $SHL r5,r5,r7 # d<<=i @@ -1744,7 +1661,7 @@ Lppcasm_divouterloop: $SHRI r11,r4,`$BITS/2` #r11= (l&BN_MASK2h)>>BN_BITS4 # compute here for innerloop. $UCMP 0,r8,r9 # is (h>>BN_BITS4)==dh - bc BO_IF_NOT,CR0_EQ,Lppcasm_div5 # goto Lppcasm_div5 if not + bne Lppcasm_div5 # goto Lppcasm_div5 if not li r8,-1 $CLRU r8,r8,`$BITS/2` #q = BN_MASK2l @@ -1765,9 +1682,9 @@ Lppcasm_divinnerloop: # the following 2 instructions do that $SHLI r7,r10,`$BITS/2` # r7 = (t<<BN_BITS4) or r7,r7,r11 # r7|=((l&BN_MASK2h)>>BN_BITS4) - $UCMP 1,r6,r7 # compare (tl <= r7) - bc BO_IF_NOT,CR0_EQ,Lppcasm_divinnerexit - bc BO_IF_NOT,CR1_FEX,Lppcasm_divinnerexit + $UCMP cr1,r6,r7 # compare (tl <= r7) + bne Lppcasm_divinnerexit + ble cr1,Lppcasm_divinnerexit addi r8,r8,-1 #q-- subf r12,r9,r12 #th -=dh $CLRU r10,r5,`$BITS/2` #r10=dl. t is no longer needed in loop. @@ -1776,14 +1693,14 @@ Lppcasm_divinnerloop: Lppcasm_divinnerexit: $SHRI r10,r6,`$BITS/2` #t=(tl>>BN_BITS4) $SHLI r11,r6,`$BITS/2` #tl=(tl<<BN_BITS4)&BN_MASK2h; - $UCMP 1,r4,r11 # compare l and tl + $UCMP cr1,r4,r11 # compare l and tl add r12,r12,r10 # th+=t - bc BO_IF_NOT,CR1_FX,Lppcasm_div7 # if (l>=tl) goto Lppcasm_div7 + bge cr1,Lppcasm_div7 # if (l>=tl) goto Lppcasm_div7 addi r12,r12,1 # th++ Lppcasm_div7: subf r11,r11,r4 #r11=l-tl - $UCMP 1,r3,r12 #compare h and th - bc BO_IF_NOT,CR1_FX,Lppcasm_div8 #if (h>=th) goto Lppcasm_div8 + $UCMP cr1,r3,r12 #compare h and th + bge cr1,Lppcasm_div8 #if (h>=th) goto Lppcasm_div8 addi r8,r8,-1 # q-- add r3,r5,r3 # h+=d Lppcasm_div8: @@ -1794,13 +1711,15 @@ Lppcasm_div8: # the following 2 instructions will do this. $INSR r11,r12,`$BITS/2`,`$BITS/2` # r11 is the value we want rotated $BITS/2. $ROTL r3,r11,`$BITS/2` # rotate by $BITS/2 and store in r3 - bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_div9#if (count==0) break ; + bdz Lppcasm_div9 #if (count==0) break ; $SHLI r0,r8,`$BITS/2` #ret =q<<BN_BITS4 b Lppcasm_divouterloop Lppcasm_div9: or r3,r8,r0 - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,3,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1825,7 +1744,7 @@ Lppcasm_div9: # No unrolling done here. Not performance critical. addic. r5,r5,0 #test r5. - bc BO_IF,CR0_EQ,Lppcasm_sqr_adios + beq Lppcasm_sqr_adios addi r4,r4,-$BNSZ addi r3,r3,-$BNSZ mtctr r5 @@ -1836,11 +1755,12 @@ Lppcasm_sqr_mainloop: $UMULH r8,r6,r6 $STU r7,$BNSZ(r3) $STU r8,$BNSZ(r3) - bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_sqr_mainloop + bdnz- Lppcasm_sqr_mainloop Lppcasm_sqr_adios: - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 - + blr + .long 0 + .byte 0,12,0x14,0,0,0,3,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1861,7 +1781,7 @@ Lppcasm_sqr_adios: xor r0,r0,r0 xor r12,r12,r12 # used for carry rlwinm. r7,r5,30,2,31 # num >> 2 - bc BO_IF,CR0_EQ,Lppcasm_mw_REM + beq Lppcasm_mw_REM mtctr r7 Lppcasm_mw_LOOP: #mul(rp[0],ap[0],w,c1); @@ -1899,11 +1819,11 @@ Lppcasm_mw_LOOP: addi r3,r3,`4*$BNSZ` addi r4,r4,`4*$BNSZ` - bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_mw_LOOP + bdnz- Lppcasm_mw_LOOP Lppcasm_mw_REM: andi. r5,r5,0x3 - bc BO_IF,CR0_EQ,Lppcasm_mw_OVER + beq Lppcasm_mw_OVER #mul(rp[0],ap[0],w,c1); $LD r8,`0*$BNSZ`(r4) $UMULL r9,r6,r8 @@ -1915,7 +1835,7 @@ Lppcasm_mw_REM: addi r5,r5,-1 cmpli 0,0,r5,0 - bc BO_IF,CR0_EQ,Lppcasm_mw_OVER + beq Lppcasm_mw_OVER #mul(rp[1],ap[1],w,c1); @@ -1929,7 +1849,7 @@ Lppcasm_mw_REM: addi r5,r5,-1 cmpli 0,0,r5,0 - bc BO_IF,CR0_EQ,Lppcasm_mw_OVER + beq Lppcasm_mw_OVER #mul_add(rp[2],ap[2],w,c1); $LD r8,`2*$BNSZ`(r4) @@ -1942,8 +1862,10 @@ Lppcasm_mw_REM: Lppcasm_mw_OVER: addi r3,r12,0 - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,4,0 + .long 0 # # NOTE: The following label name should be changed to @@ -1967,7 +1889,7 @@ Lppcasm_mw_OVER: xor r0,r0,r0 #r0 = 0 xor r12,r12,r12 #r12 = 0 . used for carry rlwinm. r7,r5,30,2,31 # num >> 2 - bc BO_IF,CR0_EQ,Lppcasm_maw_leftover # if (num < 4) go LPPCASM_maw_leftover + beq Lppcasm_maw_leftover # if (num < 4) go LPPCASM_maw_leftover mtctr r7 Lppcasm_maw_mainloop: #mul_add(rp[0],ap[0],w,c1); @@ -2020,11 +1942,11 @@ Lppcasm_maw_mainloop: $ST r11,`3*$BNSZ`(r3) addi r3,r3,`4*$BNSZ` addi r4,r4,`4*$BNSZ` - bc BO_dCTR_NZERO,CR0_EQ,Lppcasm_maw_mainloop + bdnz- Lppcasm_maw_mainloop Lppcasm_maw_leftover: andi. r5,r5,0x3 - bc BO_IF,CR0_EQ,Lppcasm_maw_adios + beq Lppcasm_maw_adios addi r3,r3,-$BNSZ addi r4,r4,-$BNSZ #mul_add(rp[0],ap[0],w,c1); @@ -2039,7 +1961,7 @@ Lppcasm_maw_leftover: addze r12,r10 $ST r9,0(r3) - bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios + bdz Lppcasm_maw_adios #mul_add(rp[1],ap[1],w,c1); $LDU r8,$BNSZ(r4) $UMULL r9,r6,r8 @@ -2051,7 +1973,7 @@ Lppcasm_maw_leftover: addze r12,r10 $ST r9,0(r3) - bc BO_dCTR_ZERO,CR0_EQ,Lppcasm_maw_adios + bdz Lppcasm_maw_adios #mul_add(rp[2],ap[2],w,c1); $LDU r8,$BNSZ(r4) $UMULL r9,r6,r8 @@ -2065,17 +1987,12 @@ Lppcasm_maw_leftover: Lppcasm_maw_adios: addi r3,r12,0 - bclr BO_ALWAYS,CR0_LT - .long 0x00000000 + blr + .long 0 + .byte 0,12,0x14,0,0,0,4,0 + .long 0 .align 4 EOF - $data =~ s/\`([^\`]*)\`/eval $1/gem; - - # if some assembler chokes on some simplified mnemonic, - # this is the spot to fix it up, e.g.: - # GNU as doesn't seem to accept cmplw, 32-bit unsigned compare - $data =~ s/^(\s*)cmplw(\s+)([^,]+),(.*)/$1cmpl$2$3,0,$4/gm; - # assembler X doesn't accept li, load immediate value - #$data =~ s/^(\s*)li(\s+)([^,]+),(.*)/$1addi$2$3,0,$4/gm; - return($data); -} +$data =~ s/\`([^\`]*)\`/eval $1/gem; +print $data; +close STDOUT; diff --git a/lib/libcrypto/bn/asm/ppc64-mont.pl b/lib/libcrypto/bn/asm/ppc64-mont.pl index 3449b35855d..a9291f4bf79 100644 --- a/lib/libcrypto/bn/asm/ppc64-mont.pl +++ b/lib/libcrypto/bn/asm/ppc64-mont.pl @@ -45,23 +45,40 @@ # on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive # in absolute terms, but it's apparently the way Power 6 is... +# December 2009 + +# Adapted for 32-bit build this module delivers 25-120%, yes, more +# than *twice* for longer keys, performance improvement over 32-bit +# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes +# even 64-bit integer operations and the trouble is that most PPC +# operating systems don't preserve upper halves of general purpose +# registers upon 32-bit signal delivery. They do preserve them upon +# context switch, but not signalling:-( This means that asynchronous +# signals have to be blocked upon entry to this subroutine. Signal +# masking (and of course complementary unmasking) has quite an impact +# on performance, naturally larger for shorter keys. It's so severe +# that 512-bit key performance can be as low as 1/3 of expected one. +# This is why this routine can be engaged for longer key operations +# only on these OSes, see crypto/ppccap.c for further details. MacOS X +# is an exception from this and doesn't require signal masking, and +# that's where above improvement coefficients were collected. For +# others alternative would be to break dependence on upper halves of +# GPRs by sticking to 32-bit integer operations... + $flavour = shift; if ($flavour =~ /32/) { $SIZE_T=4; $RZONE= 224; - $FRAME= $SIZE_T*12+8*12; - $fname= "bn_mul_mont_ppc64"; + $fname= "bn_mul_mont_fpu64"; $STUX= "stwux"; # store indexed and update $PUSH= "stw"; $POP= "lwz"; - die "not implemented yet"; } elsif ($flavour =~ /64/) { $SIZE_T=8; $RZONE= 288; - $FRAME= $SIZE_T*12+8*12; - $fname= "bn_mul_mont"; + $fname= "bn_mul_mont_fpu64"; # same as above, but 64-bit mnemonics... $STUX= "stdux"; # store indexed and update @@ -76,7 +93,7 @@ die "can't locate ppc-xlate.pl"; open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; -$FRAME=($FRAME+63)&~63; +$FRAME=64; # padded frame header $TRANSFER=16*8; $carry="r0"; @@ -93,16 +110,16 @@ $tp="r10"; $j="r11"; $i="r12"; # non-volatile registers -$nap_d="r14"; # interleaved ap and np in double format -$a0="r15"; # ap[0] -$t0="r16"; # temporary registers -$t1="r17"; -$t2="r18"; -$t3="r19"; -$t4="r20"; -$t5="r21"; -$t6="r22"; -$t7="r23"; +$nap_d="r22"; # interleaved ap and np in double format +$a0="r23"; # ap[0] +$t0="r24"; # temporary registers +$t1="r25"; +$t2="r26"; +$t3="r27"; +$t4="r28"; +$t5="r29"; +$t6="r30"; +$t7="r31"; # PPC offers enough register bank capacity to unroll inner loops twice # @@ -132,28 +149,17 @@ $ba="f0"; $bb="f1"; $bc="f2"; $bd="f3"; $na="f4"; $nb="f5"; $nc="f6"; $nd="f7"; $dota="f8"; $dotb="f9"; $A0="f10"; $A1="f11"; $A2="f12"; $A3="f13"; -$N0="f14"; $N1="f15"; $N2="f16"; $N3="f17"; -$T0a="f18"; $T0b="f19"; -$T1a="f20"; $T1b="f21"; -$T2a="f22"; $T2b="f23"; -$T3a="f24"; $T3b="f25"; +$N0="f20"; $N1="f21"; $N2="f22"; $N3="f23"; +$T0a="f24"; $T0b="f25"; +$T1a="f26"; $T1b="f27"; +$T2a="f28"; $T2b="f29"; +$T3a="f30"; $T3b="f31"; # sp----------->+-------------------------------+ # | saved sp | # +-------------------------------+ -# | | -# +-------------------------------+ -# | 10 saved gpr, r14-r23 | -# . . -# . . -# +12*size_t +-------------------------------+ -# | 12 saved fpr, f14-f25 | # . . -# . . -# +12*8 +-------------------------------+ -# | padding to 64 byte boundary | -# . . -# +X +-------------------------------+ +# +64 +-------------------------------+ # | 16 gpr<->fpr transfer zone | # . . # . . @@ -173,6 +179,16 @@ $T3a="f24"; $T3b="f25"; # . . # . . # +-------------------------------+ +# . . +# -12*size_t +-------------------------------+ +# | 10 saved gpr, r22-r31 | +# . . +# . . +# -12*8 +-------------------------------+ +# | 12 saved fpr, f20-f31 | +# . . +# . . +# +-------------------------------+ $code=<<___; .machine "any" @@ -181,14 +197,14 @@ $code=<<___; .globl .$fname .align 5 .$fname: - cmpwi $num,4 + cmpwi $num,`3*8/$SIZE_T` mr $rp,r3 ; $rp is reassigned li r3,0 ; possible "not handled" return code bltlr- - andi. r0,$num,1 ; $num has to be even + andi. r0,$num,`16/$SIZE_T-1` ; $num has to be "even" bnelr- - slwi $num,$num,3 ; num*=8 + slwi $num,$num,`log($SIZE_T)/log(2)` ; num*=sizeof(BN_LONG) li $i,-4096 slwi $tp,$num,2 ; place for {an}p_{lh}[num], i.e. 4*num add $tp,$tp,$num ; place for tp[num+1] @@ -196,35 +212,50 @@ $code=<<___; subf $tp,$tp,$sp ; $sp-$tp and $tp,$tp,$i ; minimize TLB usage subf $tp,$sp,$tp ; $tp-$sp + mr $i,$sp $STUX $sp,$sp,$tp ; alloca - $PUSH r14,`2*$SIZE_T`($sp) - $PUSH r15,`3*$SIZE_T`($sp) - $PUSH r16,`4*$SIZE_T`($sp) - $PUSH r17,`5*$SIZE_T`($sp) - $PUSH r18,`6*$SIZE_T`($sp) - $PUSH r19,`7*$SIZE_T`($sp) - $PUSH r20,`8*$SIZE_T`($sp) - $PUSH r21,`9*$SIZE_T`($sp) - $PUSH r22,`10*$SIZE_T`($sp) - $PUSH r23,`11*$SIZE_T`($sp) - stfd f14,`12*$SIZE_T+0`($sp) - stfd f15,`12*$SIZE_T+8`($sp) - stfd f16,`12*$SIZE_T+16`($sp) - stfd f17,`12*$SIZE_T+24`($sp) - stfd f18,`12*$SIZE_T+32`($sp) - stfd f19,`12*$SIZE_T+40`($sp) - stfd f20,`12*$SIZE_T+48`($sp) - stfd f21,`12*$SIZE_T+56`($sp) - stfd f22,`12*$SIZE_T+64`($sp) - stfd f23,`12*$SIZE_T+72`($sp) - stfd f24,`12*$SIZE_T+80`($sp) - stfd f25,`12*$SIZE_T+88`($sp) - + $PUSH r22,`-12*8-10*$SIZE_T`($i) + $PUSH r23,`-12*8-9*$SIZE_T`($i) + $PUSH r24,`-12*8-8*$SIZE_T`($i) + $PUSH r25,`-12*8-7*$SIZE_T`($i) + $PUSH r26,`-12*8-6*$SIZE_T`($i) + $PUSH r27,`-12*8-5*$SIZE_T`($i) + $PUSH r28,`-12*8-4*$SIZE_T`($i) + $PUSH r29,`-12*8-3*$SIZE_T`($i) + $PUSH r30,`-12*8-2*$SIZE_T`($i) + $PUSH r31,`-12*8-1*$SIZE_T`($i) + stfd f20,`-12*8`($i) + stfd f21,`-11*8`($i) + stfd f22,`-10*8`($i) + stfd f23,`-9*8`($i) + stfd f24,`-8*8`($i) + stfd f25,`-7*8`($i) + stfd f26,`-6*8`($i) + stfd f27,`-5*8`($i) + stfd f28,`-4*8`($i) + stfd f29,`-3*8`($i) + stfd f30,`-2*8`($i) + stfd f31,`-1*8`($i) +___ +$code.=<<___ if ($SIZE_T==8); ld $a0,0($ap) ; pull ap[0] value ld $n0,0($n0) ; pull n0[0] value ld $t3,0($bp) ; bp[0] - +___ +$code.=<<___ if ($SIZE_T==4); + mr $t1,$n0 + lwz $a0,0($ap) ; pull ap[0,1] value + lwz $t0,4($ap) + lwz $n0,0($t1) ; pull n0[0,1] value + lwz $t1,4($t1) + lwz $t3,0($bp) ; bp[0,1] + lwz $t2,4($bp) + insrdi $a0,$t0,32,0 + insrdi $n0,$t1,32,0 + insrdi $t3,$t2,32,0 +___ +$code.=<<___; addi $tp,$sp,`$FRAME+$TRANSFER+8+64` li $i,-64 add $nap_d,$tp,$num @@ -258,6 +289,8 @@ $code=<<___; std $t5,`$FRAME+40`($sp) std $t6,`$FRAME+48`($sp) std $t7,`$FRAME+56`($sp) +___ +$code.=<<___ if ($SIZE_T==8); lwz $t0,4($ap) ; load a[j] as 32-bit word pair lwz $t1,0($ap) lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair @@ -266,6 +299,18 @@ $code=<<___; lwz $t5,0($np) lwz $t6,12($np) ; load n[j+1] as 32-bit word pair lwz $t7,8($np) +___ +$code.=<<___ if ($SIZE_T==4); + lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs + lwz $t1,4($ap) + lwz $t2,8($ap) + lwz $t3,12($ap) + lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs + lwz $t5,4($np) + lwz $t6,8($np) + lwz $t7,12($np) +___ +$code.=<<___; lfd $ba,`$FRAME+0`($sp) lfd $bb,`$FRAME+8`($sp) lfd $bc,`$FRAME+16`($sp) @@ -374,6 +419,8 @@ $code=<<___; .align 5 L1st: +___ +$code.=<<___ if ($SIZE_T==8); lwz $t0,4($ap) ; load a[j] as 32-bit word pair lwz $t1,0($ap) lwz $t2,12($ap) ; load a[j+1] as 32-bit word pair @@ -382,6 +429,18 @@ L1st: lwz $t5,0($np) lwz $t6,12($np) ; load n[j+1] as 32-bit word pair lwz $t7,8($np) +___ +$code.=<<___ if ($SIZE_T==4); + lwz $t0,0($ap) ; load a[j..j+3] as 32-bit word pairs + lwz $t1,4($ap) + lwz $t2,8($ap) + lwz $t3,12($ap) + lwz $t4,0($np) ; load n[j..j+3] as 32-bit word pairs + lwz $t5,4($np) + lwz $t6,8($np) + lwz $t7,12($np) +___ +$code.=<<___; std $t0,`$FRAME+64`($sp) std $t1,`$FRAME+72`($sp) std $t2,`$FRAME+80`($sp) @@ -559,7 +618,17 @@ L1st: li $i,8 ; i=1 .align 5 Louter: +___ +$code.=<<___ if ($SIZE_T==8); ldx $t3,$bp,$i ; bp[i] +___ +$code.=<<___ if ($SIZE_T==4); + add $t0,$bp,$i + lwz $t3,0($t0) ; bp[i,i+1] + lwz $t0,4($t0) + insrdi $t3,$t0,32,0 +___ +$code.=<<___; ld $t6,`$FRAME+$TRANSFER+8`($sp) ; tp[0] mulld $t7,$a0,$t3 ; ap[0]*bp[i] @@ -761,6 +830,13 @@ Linner: stfd $T0b,`$FRAME+8`($sp) add $t7,$t7,$carry addc $t3,$t0,$t1 +___ +$code.=<<___ if ($SIZE_T==4); # adjust XER[CA] + extrdi $t0,$t0,32,0 + extrdi $t1,$t1,32,0 + adde $t0,$t0,$t1 +___ +$code.=<<___; stfd $T1a,`$FRAME+16`($sp) stfd $T1b,`$FRAME+24`($sp) insrdi $t4,$t7,16,0 ; 64..127 bits @@ -768,6 +844,13 @@ Linner: stfd $T2a,`$FRAME+32`($sp) stfd $T2b,`$FRAME+40`($sp) adde $t5,$t4,$t2 +___ +$code.=<<___ if ($SIZE_T==4); # adjust XER[CA] + extrdi $t4,$t4,32,0 + extrdi $t2,$t2,32,0 + adde $t4,$t4,$t2 +___ +$code.=<<___; stfd $T3a,`$FRAME+48`($sp) stfd $T3b,`$FRAME+56`($sp) addze $carry,$carry @@ -816,13 +899,27 @@ Linner: ld $t7,`$FRAME+72`($sp) addc $t3,$t0,$t1 +___ +$code.=<<___ if ($SIZE_T==4); # adjust XER[CA] + extrdi $t0,$t0,32,0 + extrdi $t1,$t1,32,0 + adde $t0,$t0,$t1 +___ +$code.=<<___; adde $t5,$t4,$t2 +___ +$code.=<<___ if ($SIZE_T==4); # adjust XER[CA] + extrdi $t4,$t4,32,0 + extrdi $t2,$t2,32,0 + adde $t4,$t4,$t2 +___ +$code.=<<___; addze $carry,$carry std $t3,-16($tp) ; tp[j-1] std $t5,-8($tp) ; tp[j] - add $carry,$carry,$ovf ; comsume upmost overflow + add $carry,$carry,$ovf ; consume upmost overflow add $t6,$t6,$carry ; can not overflow srdi $carry,$t6,16 add $t7,$t7,$carry @@ -835,7 +932,9 @@ Linner: subf $nap_d,$t7,$nap_d ; rewind pointer cmpw $i,$num blt- Louter +___ +$code.=<<___ if ($SIZE_T==8); subf $np,$num,$np ; rewind np addi $j,$j,1 ; restore counter subfc $i,$i,$i ; j=0 and "clear" XER[CA] @@ -883,34 +982,105 @@ Lcopy: ; copy or in-place refresh stdx $i,$t4,$i addi $i,$i,16 bdnz- Lcopy +___ +$code.=<<___ if ($SIZE_T==4); + subf $np,$num,$np ; rewind np + addi $j,$j,1 ; restore counter + subfc $i,$i,$i ; j=0 and "clear" XER[CA] + addi $tp,$sp,`$FRAME+$TRANSFER` + addi $np,$np,-4 + addi $rp,$rp,-4 + addi $ap,$sp,`$FRAME+$TRANSFER+4` + mtctr $j + +.align 4 +Lsub: ld $t0,8($tp) ; load tp[j..j+3] in 64-bit word order + ldu $t2,16($tp) + lwz $t4,4($np) ; load np[j..j+3] in 32-bit word order + lwz $t5,8($np) + lwz $t6,12($np) + lwzu $t7,16($np) + extrdi $t1,$t0,32,0 + extrdi $t3,$t2,32,0 + subfe $t4,$t4,$t0 ; tp[j]-np[j] + stw $t0,4($ap) ; save tp[j..j+3] in 32-bit word order + subfe $t5,$t5,$t1 ; tp[j+1]-np[j+1] + stw $t1,8($ap) + subfe $t6,$t6,$t2 ; tp[j+2]-np[j+2] + stw $t2,12($ap) + subfe $t7,$t7,$t3 ; tp[j+3]-np[j+3] + stwu $t3,16($ap) + stw $t4,4($rp) + stw $t5,8($rp) + stw $t6,12($rp) + stwu $t7,16($rp) + bdnz- Lsub + + li $i,0 + subfe $ovf,$i,$ovf ; handle upmost overflow bit + addi $tp,$sp,`$FRAME+$TRANSFER+4` + subf $rp,$num,$rp ; rewind rp + and $ap,$tp,$ovf + andc $np,$rp,$ovf + or $ap,$ap,$np ; ap=borrow?tp:rp + addi $tp,$sp,`$FRAME+$TRANSFER` + mtctr $j + +.align 4 +Lcopy: ; copy or in-place refresh + lwz $t0,4($ap) + lwz $t1,8($ap) + lwz $t2,12($ap) + lwzu $t3,16($ap) + std $i,8($nap_d) ; zap nap_d + std $i,16($nap_d) + std $i,24($nap_d) + std $i,32($nap_d) + std $i,40($nap_d) + std $i,48($nap_d) + std $i,56($nap_d) + stdu $i,64($nap_d) + stw $t0,4($rp) + stw $t1,8($rp) + stw $t2,12($rp) + stwu $t3,16($rp) + std $i,8($tp) ; zap tp at once + stdu $i,16($tp) + bdnz- Lcopy +___ - $POP r14,`2*$SIZE_T`($sp) - $POP r15,`3*$SIZE_T`($sp) - $POP r16,`4*$SIZE_T`($sp) - $POP r17,`5*$SIZE_T`($sp) - $POP r18,`6*$SIZE_T`($sp) - $POP r19,`7*$SIZE_T`($sp) - $POP r20,`8*$SIZE_T`($sp) - $POP r21,`9*$SIZE_T`($sp) - $POP r22,`10*$SIZE_T`($sp) - $POP r23,`11*$SIZE_T`($sp) - lfd f14,`12*$SIZE_T+0`($sp) - lfd f15,`12*$SIZE_T+8`($sp) - lfd f16,`12*$SIZE_T+16`($sp) - lfd f17,`12*$SIZE_T+24`($sp) - lfd f18,`12*$SIZE_T+32`($sp) - lfd f19,`12*$SIZE_T+40`($sp) - lfd f20,`12*$SIZE_T+48`($sp) - lfd f21,`12*$SIZE_T+56`($sp) - lfd f22,`12*$SIZE_T+64`($sp) - lfd f23,`12*$SIZE_T+72`($sp) - lfd f24,`12*$SIZE_T+80`($sp) - lfd f25,`12*$SIZE_T+88`($sp) - $POP $sp,0($sp) +$code.=<<___; + $POP $i,0($sp) li r3,1 ; signal "handled" + $POP r22,`-12*8-10*$SIZE_T`($i) + $POP r23,`-12*8-9*$SIZE_T`($i) + $POP r24,`-12*8-8*$SIZE_T`($i) + $POP r25,`-12*8-7*$SIZE_T`($i) + $POP r26,`-12*8-6*$SIZE_T`($i) + $POP r27,`-12*8-5*$SIZE_T`($i) + $POP r28,`-12*8-4*$SIZE_T`($i) + $POP r29,`-12*8-3*$SIZE_T`($i) + $POP r30,`-12*8-2*$SIZE_T`($i) + $POP r31,`-12*8-1*$SIZE_T`($i) + lfd f20,`-12*8`($i) + lfd f21,`-11*8`($i) + lfd f22,`-10*8`($i) + lfd f23,`-9*8`($i) + lfd f24,`-8*8`($i) + lfd f25,`-7*8`($i) + lfd f26,`-6*8`($i) + lfd f27,`-5*8`($i) + lfd f28,`-4*8`($i) + lfd f29,`-3*8`($i) + lfd f30,`-2*8`($i) + lfd f31,`-1*8`($i) + mr $sp,$i blr .long 0 -.asciz "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@fy.chalmers.se>" + .byte 0,12,4,0,0x8c,10,6,0 + .long 0 + +.asciz "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@openssl.org>" ___ $code =~ s/\`([^\`]*)\`/eval $1/gem; diff --git a/lib/libcrypto/bn/asm/sparcv9-mont.pl b/lib/libcrypto/bn/asm/sparcv9-mont.pl index b8fb1e8a25d..fb44c014431 100644 --- a/lib/libcrypto/bn/asm/sparcv9-mont.pl +++ b/lib/libcrypto/bn/asm/sparcv9-mont.pl @@ -13,7 +13,7 @@ # for undertaken effort are multiple. First of all, UltraSPARC is not # the whole SPARCv9 universe and other VIS-free implementations deserve # optimized code as much. Secondly, newly introduced UltraSPARC T1, -# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes, +# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive paths, # such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with # several integrated RSA/DSA accelerator circuits accessible through # kernel driver [only(*)], but having decent user-land software diff --git a/lib/libcrypto/bn/asm/sparcv9a-mont.pl b/lib/libcrypto/bn/asm/sparcv9a-mont.pl index a14205f2f00..4ebe15c5c01 100755 --- a/lib/libcrypto/bn/asm/sparcv9a-mont.pl +++ b/lib/libcrypto/bn/asm/sparcv9a-mont.pl @@ -51,7 +51,7 @@ # # Modulo-scheduled inner loops allow to interleave floating point and # integer instructions and minimize Read-After-Write penalties. This -# results in *further* 20-50% perfromance improvement [depending on +# results in *further* 20-50% performance improvement [depending on # key length, more for longer keys] on USI&II cores and 30-80% - on # USIII&IV. @@ -867,7 +867,7 @@ ___ $code =~ s/\`([^\`]*)\`/eval($1)/gem; # Below substitution makes it possible to compile without demanding -# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I +# VIS extensions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I # dare to do this, because VIS capability is detected at run-time now # and this routine is not called on CPU not capable to execute it. Do # note that fzeros is not the only VIS dependency! Another dependency diff --git a/lib/libcrypto/bn/asm/x86-gf2m.pl b/lib/libcrypto/bn/asm/x86-gf2m.pl index 97d91362602..9715b2158fd 100644 --- a/lib/libcrypto/bn/asm/x86-gf2m.pl +++ b/lib/libcrypto/bn/asm/x86-gf2m.pl @@ -142,7 +142,7 @@ $R="mm0"; &xor ($a4,$a2); # a2=a4^a2^a4 &mov (&DWP(5*4,"esp"),$a1); # a1^a4 &xor ($a4,$a1); # a1^a2^a4 - &sar (@i[1],31); # broardcast 30th bit + &sar (@i[1],31); # broadcast 30th bit &and ($lo,$b); &mov (&DWP(6*4,"esp"),$a2); # a2^a4 &and (@i[1],$b); diff --git a/lib/libcrypto/bn/asm/x86-mont.pl b/lib/libcrypto/bn/asm/x86-mont.pl index a0bdd5787e5..e6c04739b1d 100755 --- a/lib/libcrypto/bn/asm/x86-mont.pl +++ b/lib/libcrypto/bn/asm/x86-mont.pl @@ -69,7 +69,7 @@ $frame=32; # size of above frame rounded up to 16n &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) &neg ("edi"); - # minimize cache contention by arraning 2K window between stack + # minimize cache contention by arranging 2K window between stack # pointer and ap argument [np is also position sensitive vector, # but it's assumed to be near ap, as it's allocated at ~same # time]. @@ -267,7 +267,7 @@ if (0) { &xor ("eax","eax"); # signal "not fast enough [yet]" &jmp (&label("just_leave")); # While the below code provides competitive performance for - # all key lengthes on modern Intel cores, it's still more + # all key lengths on modern Intel cores, it's still more # than 10% slower for 4096-bit key elsewhere:-( "Competitive" # means compared to the original integer-only assembler. # 512-bit RSA sign is better by ~40%, but that's about all diff --git a/lib/libcrypto/bn/asm/x86/comba.pl b/lib/libcrypto/bn/asm/x86/comba.pl index dc4ec97ff57..762412974ad 100644 --- a/lib/libcrypto/bn/asm/x86/comba.pl +++ b/lib/libcrypto/bn/asm/x86/comba.pl @@ -16,17 +16,17 @@ sub mul_add_c &mul("edx"); &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a + &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a &mov("eax",&wparam(0)) if $pos > 0; # load r[] ### &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b + &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # load next b + &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # load next b ### &adc($c2,0); # is pos > 1, it means it is the last loop &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a + &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next a } sub sqr_add_c diff --git a/lib/libcrypto/bn/asm/x86_64-gf2m.pl b/lib/libcrypto/bn/asm/x86_64-gf2m.pl index 3ecb425dad2..24dacb1e9c0 100644 --- a/lib/libcrypto/bn/asm/x86_64-gf2m.pl +++ b/lib/libcrypto/bn/asm/x86_64-gf2m.pl @@ -59,7 +59,7 @@ _mul_1x1: sar \$63,$i0 # broadcast 62nd bit lea (,$a1,4),$a4 and $b,$a - sar \$63,$i1 # boardcast 61st bit + sar \$63,$i1 # broadcast 61st bit mov $a,$hi # $a is $lo shl \$63,$lo and $b,$i0 diff --git a/lib/libcrypto/bn/bn_div.c b/lib/libcrypto/bn/bn_div.c index a62e74da5d6..d0adc4688f0 100644 --- a/lib/libcrypto/bn/bn_div.c +++ b/lib/libcrypto/bn/bn_div.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_div.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: bn_div.c,v 1.29 2022/12/26 07:18:51 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -327,7 +327,7 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q); tmp->d[div_n] = l0; wnum.d--; - /* ingore top values of the bignums just sub the two + /* ignore top values of the bignums just sub the two * BN_ULONG arrays with bn_sub_words */ if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) { /* Note: As we have considered only the leading diff --git a/lib/libcrypto/bn/bn_gcd.c b/lib/libcrypto/bn/bn_gcd.c index f3a23701b1c..0d8bdf07ebd 100644 --- a/lib/libcrypto/bn/bn_gcd.c +++ b/lib/libcrypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.19 2022/12/01 02:58:31 jsing Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.20 2022/12/26 07:18:51 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -301,7 +301,7 @@ BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ct /* Binary inversion algorithm; requires odd modulus. * This is faster than the general algorithm if the modulus * is sufficiently small (about 400 .. 500 bits on 32-bit - * sytems, but much more on 64-bit systems) */ + * systems, but much more on 64-bit systems) */ int shift; while (!BN_is_zero(B)) { diff --git a/lib/libcrypto/bn/bn_x931p.c b/lib/libcrypto/bn/bn_x931p.c index b14e9810dd2..e73c416e3ff 100644 --- a/lib/libcrypto/bn/bn_x931p.c +++ b/lib/libcrypto/bn/bn_x931p.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_x931p.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: bn_x931p.c,v 1.15 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -80,7 +80,7 @@ bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, BN_GENCB *cb) for (;;) { i++; BN_GENCB_call(cb, 0, i); - /* NB 27 MR is specificed in X9.31 */ + /* NB 27 MR is specified in X9.31 */ is_prime = BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb); if (is_prime < 0) return 0; @@ -205,8 +205,8 @@ err: return ret; } -/* Generate pair of paramters Xp, Xq for X9.31 prime generation. - * Note: nbits paramter is sum of number of bits in both. +/* Generate pair of parameters Xp, Xq for X9.31 prime generation. + * Note: nbits parameter is sum of number of bits in both. */ int diff --git a/lib/libcrypto/cmac/cmac.c b/lib/libcrypto/cmac/cmac.c index e7b343e2160..7135f5306ee 100644 --- a/lib/libcrypto/cmac/cmac.c +++ b/lib/libcrypto/cmac/cmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmac.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: cmac.c,v 1.13 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -167,7 +167,7 @@ CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, ctx->nlast_block = 0; return 1; } - /* Initialiase context */ + /* Initialise context */ if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL)) return 0; /* Non-NULL key means initialisation complete */ diff --git a/lib/libcrypto/comp/c_zlib.c b/lib/libcrypto/comp/c_zlib.c index 6aac97e451c..9db0ae26bc2 100644 --- a/lib/libcrypto/comp/c_zlib.c +++ b/lib/libcrypto/comp/c_zlib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: c_zlib.c,v 1.24 2022/12/24 07:12:09 tb Exp $ */ +/* $OpenBSD: c_zlib.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */ /* * --------------------------------------------------------------------------- * Major patches to this file were contributed by @@ -143,7 +143,7 @@ static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, unsigned char *in, unsigned int ilen); -/* memory allocations functions for zlib intialization */ +/* memory allocations functions for zlib initialization */ static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size) { @@ -297,7 +297,7 @@ COMP_zlib(void) #ifdef ZLIB { /* init zlib_stateful_ex_idx here so that in a multi-process - * application it's enough to intialize openssl before forking + * application it's enough to initialize openssl before forking * (idx will be inherited in all the children) */ if (zlib_stateful_ex_idx == -1) { CRYPTO_w_lock(CRYPTO_LOCK_COMP); diff --git a/lib/libcrypto/crypto.h b/lib/libcrypto/crypto.h index 3b00f039fab..066f6246f6b 100644 --- a/lib/libcrypto/crypto.h +++ b/lib/libcrypto/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.57 2022/09/11 17:26:51 tb Exp $ */ +/* $OpenBSD: crypto.h,v 1.58 2022/12/26 07:18:50 jmc Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -248,8 +248,8 @@ DECLARE_STACK_OF(void) * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ typedef struct crypto_ex_data_func_st { - long argl; /* Arbitary long */ - void *argp; /* Arbitary void * */ + long argl; /* Arbitrary long */ + void *argp; /* Arbitrary void * */ CRYPTO_EX_new *new_func; CRYPTO_EX_free *free_func; CRYPTO_EX_dup *dup_func; @@ -540,7 +540,7 @@ void ERR_load_CRYPTO_strings(void); #define _OPENSSL_INIT_FLAG_NOOP 0x80000000L /* - * These are provided for compatibiliy, but have no effect + * These are provided for compatibility, but have no effect * on how LibreSSL is initialized. */ #define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS _OPENSSL_INIT_FLAG_NOOP diff --git a/lib/libcrypto/des/asm/des_enc.m4 b/lib/libcrypto/des/asm/des_enc.m4 index 7303d40052a..3fbb026dd3f 100644 --- a/lib/libcrypto/des/asm/des_enc.m4 +++ b/lib/libcrypto/des/asm/des_enc.m4 @@ -124,7 +124,7 @@ changequote({,}) ! technique. ! ! The macro also loads address sbox 1 to 5 to global 1 to 5, address -! sbox 6 to local6, and addres sbox 8 to out3. +! sbox 6 to local6, and address sbox 8 to out3. ! ! Rotates the halfs 3 left to bring the sbox bits in convenient positions. ! @@ -266,7 +266,7 @@ define(ip_macro, { ! other half (use). ! ! In this version we do two rounds in a loop repeated 7 times -! and two rounds seperately. +! and two rounds separately. ! ! One half has the bits for the sboxes in the following positions: ! diff --git a/lib/libcrypto/dh/dh_ameth.c b/lib/libcrypto/dh/dh_ameth.c index d21a8ddd07d..a0bcf8a761e 100644 --- a/lib/libcrypto/dh/dh_ameth.c +++ b/lib/libcrypto/dh/dh_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_ameth.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: dh_ameth.c,v 1.26 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -177,7 +177,7 @@ err: /* * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in - * that the AlgorithmIdentifier contains the paramaters, the private key + * that the AlgorithmIdentifier contains the parameters, the private key * is explcitly included and the pubkey must be recalculated. */ diff --git a/lib/libcrypto/dso/dso.h b/lib/libcrypto/dso/dso.h index ae07b0a5f7f..c3963a8e01d 100644 --- a/lib/libcrypto/dso/dso.h +++ b/lib/libcrypto/dso/dso.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dso.h,v 1.13 2022/07/12 14:42:49 kn Exp $ */ +/* $OpenBSD: dso.h,v 1.14 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -109,14 +109,14 @@ typedef struct dso_st DSO; /* The function prototype used for method functions (or caller-provided * callbacks) that transform filenames. They are passed a DSO structure pointer - * (or NULL if they are to be used independantly of a DSO object) and a + * (or NULL if they are to be used independently of a DSO object) and a * filename to transform. They should either return NULL (if there is an error * condition) or a newly allocated string containing the transformed form that * the caller will need to free with free() when done. */ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); /* The function prototype used for method functions (or caller-provided * callbacks) that merge two file specifications. They are passed a - * DSO structure pointer (or NULL if they are to be used independantly of + * DSO structure pointer (or NULL if they are to be used independently of * a DSO object) and two file specifications to merge. They should * either return NULL (if there is an error condition) or a newly allocated * string containing the result of merging that the caller will need @@ -285,7 +285,7 @@ DSO_METHOD *DSO_METHOD_dlfcn(void); * containing 'addr' into 'sz' large caller-provided 'path' and * returns the number of characters [including trailing zero] * written to it. If 'sz' is 0 or negative, 'path' is ignored and - * required amount of charachers [including trailing zero] to + * required amount of characters [including trailing zero] to * accommodate pathname is returned. If 'addr' is NULL, then * pathname of cryptolib itself is returned. Negative or zero * return value denotes error. diff --git a/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl b/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl index f3205d673a7..9e6c65905f6 100644 --- a/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl +++ b/lib/libcrypto/ec/asm/ecp_nistz256-armv4.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# $OpenBSD: ecp_nistz256-armv4.pl,v 1.1 2016/11/04 17:33:19 miod Exp $ +# $OpenBSD: ecp_nistz256-armv4.pl,v 1.2 2022/12/26 07:18:51 jmc Exp $ # # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. # @@ -179,7 +179,7 @@ __ecp_nistz256_add: @ if a+b >= modulus, subtract modulus. @ @ But since comparison implies subtraction, we subtract - @ modulus and then add it back if subraction borrowed. + @ modulus and then add it back if subtraction borrowed. subs $a0,$a0,#-1 sbcs $a1,$a1,#-1 @@ -1090,7 +1090,7 @@ __ecp_nistz256_add_self: @ if a+b >= modulus, subtract modulus. @ @ But since comparison implies subtraction, we subtract - @ modulus and then add it back if subraction borrowed. + @ modulus and then add it back if subtraction borrowed. subs $a0,$a0,#-1 sbcs $a1,$a1,#-1 diff --git a/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl b/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl index 044eb457b6a..49460fefdc0 100644 --- a/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl +++ b/lib/libcrypto/ec/asm/ecp_nistz256-sparcv9.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# $OpenBSD: ecp_nistz256-sparcv9.pl,v 1.1 2016/11/04 17:33:20 miod Exp $ +# $OpenBSD: ecp_nistz256-sparcv9.pl,v 1.2 2022/12/26 07:18:51 jmc Exp $ # # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. # @@ -350,7 +350,7 @@ __ecp_nistz256_add: ! if a+b >= modulus, subtract modulus. ! ! But since comparison implies subtraction, we subtract - ! modulus and then add it back if subraction borrowed. + ! modulus and then add it back if subtraction borrowed. subcc @acc[0],-1,@acc[0] subccc @acc[1],-1,@acc[1] @@ -1805,7 +1805,7 @@ $code.=<<___; srlx $acc0,32,$t1 addxccc $acc3,$t2,$acc2 ! +=acc[0]*0xFFFFFFFF00000001 sub $acc0,$t0,$t2 ! acc0*0xFFFFFFFF00000001, low part - addxc %g0,$t3,$acc3 ! cant't overflow + addxc %g0,$t3,$acc3 ! can't overflow ___ } $code.=<<___; diff --git a/lib/libcrypto/ec/ec.h b/lib/libcrypto/ec/ec.h index 9a7c5de8a52..8cafc5522ff 100644 --- a/lib/libcrypto/ec/ec.h +++ b/lib/libcrypto/ec/ec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.h,v 1.29 2022/11/10 16:37:51 jsing Exp $ */ +/* $OpenBSD: ec.h,v 1.30 2022/12/26 07:18:51 jmc Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -232,7 +232,7 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth); * \param order the order of the group generated by the generator. * \param cofactor the index of the sub-group generated by the generator * in the group of all points on the elliptic curve. - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); @@ -246,7 +246,7 @@ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); * \param group EC_GROUP object * \param order BIGNUM to which the order is copied * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); @@ -256,7 +256,7 @@ int EC_GROUP_order_bits(const EC_GROUP *group); * \param group EC_GROUP object * \param cofactor BIGNUM to which the cofactor is copied * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); @@ -293,7 +293,7 @@ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, * \param a BIGNUM with parameter a of the equation * \param b BIGNUM with parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); @@ -303,7 +303,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co * \param a BIGNUM for parameter a of the equation * \param b BIGNUM for parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); @@ -314,7 +314,7 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM * * \param a BIGNUM with parameter a of the equation * \param b BIGNUM with parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); @@ -324,7 +324,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c * \param a BIGNUM for parameter a of the equation * \param b BIGNUM for parameter b of the equation * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); #endif @@ -430,7 +430,7 @@ void EC_POINT_clear_free(EC_POINT *point); /** Copies EC_POINT object * \param dst destination EC_POINT object * \param src source EC_POINT object - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); @@ -451,7 +451,7 @@ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); /** Sets a point to infinity (neutral element) * \param group underlying EC_GROUP object * \param point EC_POINT to set to infinity - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); @@ -478,7 +478,7 @@ int EC_POINT_get_Jprojective_coordinates(const EC_GROUP *group, * \param y BIGNUM with the y-coordinate * \param z BIGNUM with the z-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); @@ -490,7 +490,7 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param y BIGNUM for the y-coordinate * \param z BIGNUM for the z-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx); @@ -501,7 +501,7 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, * \param x BIGNUM with the x-coordinate * \param y BIGNUM with the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); @@ -512,7 +512,7 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM for the x-coordinate * \param y BIGNUM for the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); @@ -523,7 +523,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, * \param x BIGNUM with x-coordinate * \param y_bit integer with the y-Bit (either 0 or 1) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, int y_bit, BN_CTX *ctx); @@ -535,7 +535,7 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM with the x-coordinate * \param y BIGNUM with the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); @@ -546,7 +546,7 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, * \param x BIGNUM for the x-coordinate * \param y BIGNUM for the y-coordinate * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); @@ -557,7 +557,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, * \param x BIGNUM with x-coordinate * \param y_bit integer with the y-Bit (either 0 or 1) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, int y_bit, BN_CTX *ctx); @@ -584,7 +584,7 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, * \param buf memory buffer with the encoded ec point * \param len length of the encoded ec point * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, const unsigned char *buf, size_t len, BN_CTX *ctx); @@ -610,7 +610,7 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, * \param a EC_POINT object with the first summand * \param b EC_POINT object with the second summand * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); @@ -619,7 +619,7 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC * \param r EC_POINT object for the result (r = 2 * a) * \param a EC_POINT object * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx); @@ -627,7 +627,7 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX * * \param group underlying EC_GROUP object * \param a EC_POINT object to be inverted (it's used for the result as well) * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); @@ -662,11 +662,11 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], * \param group underlying EC_GROUP object * \param r EC_POINT object for the result * \param n BIGNUM with the multiplier for the group generator (optional) - * \param num number futher summands + * \param num number further summands * \param p array of size num of EC_POINT objects * \param m array of size num of BIGNUM objects * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx); @@ -677,14 +677,14 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t nu * \param q EC_POINT object with the first factor of the second summand * \param m BIGNUM with the second factor of the second summand * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); /** Stores multiples of generator for faster point multiplication * \param group EC_GROUP object * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured + * \return 1 on success and 0 if an error occurred */ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); @@ -869,8 +869,8 @@ int EC_KEY_generate_key(EC_KEY *key); */ int EC_KEY_check_key(const EC_KEY *key); -/** Sets a public key from affine coordindates performing - * neccessary NIST PKV tests. +/** Sets a public key from affine coordinates performing + * necessary NIST PKV tests. * \param key the EC_KEY object * \param x public key x coordinate * \param y public key y coordinate @@ -914,7 +914,7 @@ int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); /** Encodes ec parameter and stores the result in a buffer. - * \param key the EC_KEY object with ec paramters to encode + * \param key the EC_KEY object with ec parameters to encode * \param out the buffer for the result (if NULL the function returns number * of bytes needed). * \return 1 on success and 0 if an error occurred. diff --git a/lib/libcrypto/ec/ecp_nistp224.c b/lib/libcrypto/ec/ecp_nistp224.c index 59781b75c33..caa4c3facf2 100644 --- a/lib/libcrypto/ec/ecp_nistp224.c +++ b/lib/libcrypto/ec/ecp_nistp224.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_nistp224.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: ecp_nistp224.c,v 1.30 2022/12/26 07:18:51 jmc Exp $ */ /* * Written by Emilia Kasper (Google) for the OpenSSL project. */ @@ -72,7 +72,7 @@ typedef uint128_t widelimb; typedef limb felem[4]; typedef widelimb widefelem[7]; -/* Field element represented as a byte arrary. +/* Field element represented as a byte array. * 28*8 = 224 bits is also the group order size for the elliptic curve, * and we also use this type for scalars for point multiplication. */ diff --git a/lib/libcrypto/ec/ecp_nistp256.c b/lib/libcrypto/ec/ecp_nistp256.c index 275015b98d5..e218b0c68c1 100644 --- a/lib/libcrypto/ec/ecp_nistp256.c +++ b/lib/libcrypto/ec/ecp_nistp256.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_nistp256.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: ecp_nistp256.c,v 1.29 2022/12/26 07:18:51 jmc Exp $ */ /* * Written by Adam Langley (Google) for the OpenSSL project */ @@ -1223,7 +1223,7 @@ copy_small_conditional(felem out, const smallfelem in, limb mask) } } -/* point_add calcuates (x1, y1, z1) + (x2, y2, z2) +/* point_add calculates (x1, y1, z1) + (x2, y2, z2) * * The method is taken from: * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl, diff --git a/lib/libcrypto/ec/ecp_nistp521.c b/lib/libcrypto/ec/ecp_nistp521.c index 20b5885ab7b..caeea149119 100644 --- a/lib/libcrypto/ec/ecp_nistp521.c +++ b/lib/libcrypto/ec/ecp_nistp521.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_nistp521.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: ecp_nistp521.c,v 1.30 2022/12/26 07:18:51 jmc Exp $ */ /* * Written by Adam Langley (Google) for the OpenSSL project */ @@ -1034,7 +1034,7 @@ felem_contract(felem out, const felem in) * elliptic curve group itself. Points on the curve are represented in Jacobian * coordinates */ -/* point_double calcuates 2*(x_in, y_in, z_in) +/* point_double calculates 2*(x_in, y_in, z_in) * * The method is taken from: * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b @@ -1143,7 +1143,7 @@ copy_conditional(felem out, const felem in, limb mask) } } -/* point_add calcuates (x1, y1, z1) + (x2, y2, z2) +/* point_add calculates (x1, y1, z1) + (x2, y2, z2) * * The method is taken from * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl, diff --git a/lib/libcrypto/ecdsa/ecdsa.h b/lib/libcrypto/ecdsa/ecdsa.h index 29ee8729ed1..3f0eb3b66fe 100644 --- a/lib/libcrypto/ecdsa/ecdsa.h +++ b/lib/libcrypto/ecdsa/ecdsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdsa.h,v 1.12 2022/07/12 14:42:49 kn Exp $ */ +/* $OpenBSD: ecdsa.h,v 1.13 2022/12/26 07:18:51 jmc Exp $ */ /** * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions * \author Written by Nils Larsch for the OpenSSL project @@ -156,7 +156,7 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, * \param dgst pointer to the hash value to sign * \param dgstlen length of the hash value * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), + * \param rp BIGNUM with a pre-computed rp value (optional), * see ECDSA_sign_setup * \param eckey EC_KEY object containing a private EC key * \return pointer to a ECDSA_SIG structure or NULL if an error occurred @@ -233,7 +233,7 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, * \param sig buffer to hold the DER encoded signature * \param siglen pointer to the length of the returned signature * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), + * \param rp BIGNUM with a pre-computed rp value (optional), * see ECDSA_sign_setup * \param eckey EC_KEY object containing a private EC key * \return 1 on success and 0 otherwise diff --git a/lib/libcrypto/engine/README b/lib/libcrypto/engine/README index 6b69b70f576..bc4a9041ffc 100644 --- a/lib/libcrypto/engine/README +++ b/lib/libcrypto/engine/README @@ -122,7 +122,7 @@ use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of ENGINE_TABLE essentially provide linker-separation of the classes so that even if ENGINEs implement *all* possible algorithms, an application using only EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core -ENGINE code that is independant of class, and of course the ENGINE +ENGINE code that is independent of class, and of course the ENGINE implementation that the application loaded. It will *not* however link any class-specific ENGINE code for digests, RSA, etc nor will it bleed over into other APIs, such as the RSA/DSA/etc library code. @@ -188,7 +188,7 @@ state will be unchanged. Thus, no cleanup is required unless registration takes place. ENGINE_cleanup() will simply iterate across a list of registered cleanup callbacks calling each in turn, and will then internally delete its own storage (a STACK). When a cleanup callback is next registered (eg. if the cleanup() is -part of a gracefull restart and the application wants to cleanup all state then +part of a graceful restart and the application wants to cleanup all state then start again), the internal STACK storage will be freshly allocated. This is much the same as the situation in the ENGINE_TABLE instantiations ... NULL is the initialised state, so only modification operations (not queries) will cause that diff --git a/lib/libcrypto/engine/eng_aesni.c b/lib/libcrypto/engine/eng_aesni.c index 586f74792ac..cce4203bc42 100644 --- a/lib/libcrypto/engine/eng_aesni.c +++ b/lib/libcrypto/engine/eng_aesni.c @@ -1,6 +1,6 @@ -/* $OpenBSD: eng_aesni.c,v 1.11 2018/04/14 07:18:37 tb Exp $ */ +/* $OpenBSD: eng_aesni.c,v 1.12 2022/12/26 07:18:51 jmc Exp $ */ /* - * Support for Intel AES-NI intruction set + * Support for Intel AES-NI instruction set * Author: Huang Ying <ying.huang@intel.com> * * Intel AES-NI is a new set of Single Instruction Multiple Data diff --git a/lib/libcrypto/engine/eng_list.c b/lib/libcrypto/engine/eng_list.c index b29b4102e40..451c8616ef9 100644 --- a/lib/libcrypto/engine/eng_list.c +++ b/lib/libcrypto/engine/eng_list.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_list.c,v 1.24 2019/01/19 01:07:00 tb Exp $ */ +/* $OpenBSD: eng_list.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -223,7 +223,7 @@ ENGINE_get_next(ENGINE *e) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); ret = e->next; if (ret) { - /* Return a valid structural refernce to the next ENGINE */ + /* Return a valid structural reference to the next ENGINE */ ret->struct_ref++; engine_ref_debug(ret, 0, 1) } diff --git a/lib/libcrypto/engine/eng_padlock.c b/lib/libcrypto/engine/eng_padlock.c index 0281ab810c6..50b5fb780dc 100644 --- a/lib/libcrypto/engine/eng_padlock.c +++ b/lib/libcrypto/engine/eng_padlock.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_padlock.c,v 1.16 2018/04/14 07:18:37 tb Exp $ */ +/* $OpenBSD: eng_padlock.c,v 1.17 2022/12/26 07:18:51 jmc Exp $ */ /* * Support for VIA PadLock Advanced Cryptography Engine (ACE) * Written by Michal Ludvig <michal@logix.cz> @@ -285,7 +285,7 @@ struct padlock_cipher_data { * Essentially this variable belongs in thread local storage. * Having this variable global on the other hand can only cause * few bogus key reloads [if any at all on single-CPU system], - * so we accept the penatly... + * so we accept the penalty... */ static volatile struct padlock_cipher_data *padlock_saved_context; #endif @@ -872,7 +872,7 @@ padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, chunk = PADLOCK_CHUNK; if (out_misaligned) { - /* optmize for small input */ + /* optimize for small input */ allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes); out = alloca(0x10 + allocated); out = NEAREST_ALIGNED(out); diff --git a/lib/libcrypto/engine/eng_table.c b/lib/libcrypto/engine/eng_table.c index a8aded5aaf8..0e7ea3b6985 100644 --- a/lib/libcrypto/engine/eng_table.c +++ b/lib/libcrypto/engine/eng_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: eng_table.c,v 1.9 2017/01/29 17:49:23 beck Exp $ */ +/* $OpenBSD: eng_table.c,v 1.10 2022/12/26 07:18:52 jmc Exp $ */ /* ==================================================================== * Copyright (c) 2001 The OpenSSL Project. All rights reserved. * @@ -163,7 +163,7 @@ engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, fnd->funct = NULL; (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); } - /* A registration shouldn't add duplciate entries */ + /* A registration shouldn't add duplicate entries */ (void)sk_ENGINE_delete_ptr(fnd->sk, e); /* if 'setdefault', this ENGINE goes to the head of the list */ if (!sk_ENGINE_push(fnd->sk, e)) @@ -193,7 +193,7 @@ int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) { int n; - /* Iterate the 'c->sk' stack removing any occurance of 'e' */ + /* Iterate the 'c->sk' stack removing any occurrence of 'e' */ while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) { (void)sk_ENGINE_delete(pile->sk, n); pile->uptodate = 0; diff --git a/lib/libcrypto/engine/engine.h b/lib/libcrypto/engine/engine.h index 5c21647fe3a..41f05d48af6 100644 --- a/lib/libcrypto/engine/engine.h +++ b/lib/libcrypto/engine/engine.h @@ -1,4 +1,4 @@ -/* $OpenBSD: engine.h,v 1.34 2022/07/12 14:42:49 kn Exp $ */ +/* $OpenBSD: engine.h,v 1.35 2022/12/26 07:18:52 jmc Exp $ */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -631,7 +631,7 @@ typedef struct st_dynamic_MEM_fns { dyn_MEM_free_cb free_cb; } dynamic_MEM_fns; /* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use - * these types so we (and any other dependant code) can simplify a bit?? */ + * these types so we (and any other dependent code) can simplify a bit?? */ typedef void (*dyn_lock_locking_cb)(int, int, const char *, int); typedef int (*dyn_lock_add_lock_cb)(int*, int, int, const char *, int); typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)( diff --git a/lib/libcrypto/err/err.c b/lib/libcrypto/err/err.c index 349140543b6..403fcd46077 100644 --- a/lib/libcrypto/err/err.c +++ b/lib/libcrypto/err/err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err.c,v 1.49 2022/08/29 06:49:24 jsing Exp $ */ +/* $OpenBSD: err.c,v 1.50 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1075,7 +1075,7 @@ ERR_get_state(void) ERR_STATE_free(ret); /* could not insert it */ return (&fallback); } - /* If a race occured in this function and we came second, tmpp + /* If a race occurred in this function and we came second, tmpp * is the first one that we just replaced. */ if (tmpp) ERR_STATE_free(tmpp); diff --git a/lib/libcrypto/evp/digest.c b/lib/libcrypto/evp/digest.c index 1fa25cd4fb5..7c129f025d8 100644 --- a/lib/libcrypto/evp/digest.c +++ b/lib/libcrypto/evp/digest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest.c,v 1.35 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: digest.c,v 1.36 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -140,7 +140,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts * so this context may already have an ENGINE! Try to avoid releasing * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ + * reinitialisation, when it may all be unnecessary. */ if (ctx->engine && ctx->digest && (!type || (type && (type->type == ctx->digest->type)))) goto skip_to_init; diff --git a/lib/libcrypto/evp/evp_enc.c b/lib/libcrypto/evp/evp_enc.c index d1defc46437..c64390d599b 100644 --- a/lib/libcrypto/evp/evp_enc.c +++ b/lib/libcrypto/evp/evp_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_enc.c,v 1.48 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: evp_enc.c,v 1.49 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -98,7 +98,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts * so this context may already have an ENGINE! Try to avoid releasing * the previous handle, re-querying for an ENGINE, and having a - * reinitialisation, when it may all be unecessary. */ + * reinitialisation, when it may all be unnecessary. */ if (ctx->engine && ctx->cipher && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid)))) goto skip_to_init; diff --git a/lib/libcrypto/evp/pmeth_lib.c b/lib/libcrypto/evp/pmeth_lib.c index e4abdc4aec7..bec899cef18 100644 --- a/lib/libcrypto/evp/pmeth_lib.c +++ b/lib/libcrypto/evp/pmeth_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmeth_lib.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: pmeth_lib.c,v 1.27 2022/12/26 07:18:52 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -173,7 +173,7 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) } else e = ENGINE_get_pkey_meth_engine(id); - /* If an ENGINE handled this method look it up. Othewise + /* If an ENGINE handled this method look it up. Otherwise * use internal tables. */ diff --git a/lib/libcrypto/man/PKCS7_dataFinal.3 b/lib/libcrypto/man/PKCS7_dataFinal.3 index e2e088d9d9b..1a01b2ff610 100644 --- a/lib/libcrypto/man/PKCS7_dataFinal.3 +++ b/lib/libcrypto/man/PKCS7_dataFinal.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PKCS7_dataFinal.3,v 1.2 2020/06/03 13:41:27 schwarze Exp $ +.\" $OpenBSD: PKCS7_dataFinal.3,v 1.3 2022/12/26 07:18:52 jmc Exp $ .\" .\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 3 2020 $ +.Dd $Mdocdate: December 26 2022 $ .Dt PKCS7_DATAFINAL 3 .Os .Sh NAME @@ -122,7 +122,7 @@ Signing or digesting is requested and is not configured to store a detached signature, but does not contain the required field to store the content either. .It -At least one signer lacks a useable digest algorithm. +At least one signer lacks a usable digest algorithm. .It Signing or digesting fails. .It diff --git a/lib/libcrypto/man/PKCS7_final.3 b/lib/libcrypto/man/PKCS7_final.3 index 7c9e51521a9..775b84d9844 100644 --- a/lib/libcrypto/man/PKCS7_final.3 +++ b/lib/libcrypto/man/PKCS7_final.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PKCS7_final.3,v 1.2 2020/06/04 10:24:27 schwarze Exp $ +.\" $OpenBSD: PKCS7_final.3,v 1.3 2022/12/26 07:18:52 jmc Exp $ .\" .\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 4 2020 $ +.Dd $Mdocdate: December 26 2022 $ .Dt PKCS7_FINAL 3 .Os .Sh NAME @@ -172,7 +172,7 @@ Signing or digesting is requested and is not configured to store a detached signature, but does not contain the required field to store the content either. .It -At least one signer lacks a useable digest algorithm. +At least one signer lacks a usable digest algorithm. .It A cipher is required but none is configured. .It diff --git a/lib/libcrypto/man/X509_check_trust.3 b/lib/libcrypto/man/X509_check_trust.3 index 286dcdd5b9e..be4489e9465 100644 --- a/lib/libcrypto/man/X509_check_trust.3 +++ b/lib/libcrypto/man/X509_check_trust.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_check_trust.3,v 1.6 2022/09/10 10:22:46 jsg Exp $ +.\" $OpenBSD: X509_check_trust.3,v 1.7 2022/12/26 07:18:52 jmc Exp $ .\" .\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: September 10 2022 $ +.Dd $Mdocdate: December 26 2022 $ .Dt X509_CHECK_TRUST 3 .Os .Sh NAME @@ -140,7 +140,7 @@ identifiers, the standard algorithm is modified: and .Xr X509_add1_trust_object 3 settings are completely ignored -and all steps before the compatibility step are skippped. +and all steps before the compatibility step are skipped. The .Fa certificate is trusted if and only if it is self-signed. diff --git a/lib/libcrypto/md32_common.h b/lib/libcrypto/md32_common.h index 0dca61710fc..a8b0d9ab740 100644 --- a/lib/libcrypto/md32_common.h +++ b/lib/libcrypto/md32_common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md32_common.h,v 1.22 2016/11/04 13:56:04 miod Exp $ */ +/* $OpenBSD: md32_common.h,v 1.23 2022/12/26 07:18:50 jmc Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -316,7 +316,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) #if defined(__alpha) || defined(__sparcv9) || defined(__mips) #define MD32_REG_T long /* - * This comment was originaly written for MD5, which is why it + * This comment was originally written for MD5, which is why it * discusses A-D. But it basically applies to all 32-bit digests, * which is why it was moved to common header file. * diff --git a/lib/libcrypto/modes/asm/ghash-x86.pl b/lib/libcrypto/modes/asm/ghash-x86.pl index 6b09669d474..27492597adb 100644 --- a/lib/libcrypto/modes/asm/ghash-x86.pl +++ b/lib/libcrypto/modes/asm/ghash-x86.pl @@ -86,7 +86,7 @@ # where Tproc is time required for Karatsuba pre- and post-processing, # is more realistic estimate. In this case it gives ... 1.91 cycles. # Or in other words, depending on how well we can interleave reduction -# and one of the two multiplications the performance should be betwen +# and one of the two multiplications the performance should be between # 1.91 and 2.16. As already mentioned, this implementation processes # one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart # - in 2.02. x86_64 performance is better, because larger register @@ -635,7 +635,7 @@ sub mmx_loop() { { my @lo = ("mm0","mm1","mm2"); my @hi = ("mm3","mm4","mm5"); my @tmp = ("mm6","mm7"); - my $off1=0,$off2=0,$i; + my ($off1,$off2,$i) = (0,0,); &add ($Htbl,128); # optimize for size &lea ("edi",&DWP(16+128,"esp")); @@ -700,7 +700,7 @@ sub mmx_loop() { &pxor ($red[1],$red[1]); &pxor ($red[2],$red[2]); - # Just like in "May" verson modulo-schedule for critical path in + # Just like in "May" version modulo-schedule for critical path in # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor' # is scheduled so late that rem_8bit[] has to be shifted *right* # by 16, which is why last argument to pinsrw is 2, which @@ -883,7 +883,7 @@ sub reduction_alg9 { # 17/13 times faster than Intel version my ($Xhi,$Xi) = @_; # 1st phase - &movdqa ($T1,$Xi) # + &movdqa ($T1,$Xi); # &psllq ($Xi,1); &pxor ($Xi,$T1); # &psllq ($Xi,5); # @@ -1019,7 +1019,7 @@ my ($Xhi,$Xi) = @_; &movdqa ($Xhn,$Xn); &pxor ($Xhi,$T1); # "Ii+Xi", consume early - &movdqa ($T1,$Xi) #&reduction_alg9($Xhi,$Xi); 1st phase + &movdqa ($T1,$Xi); #&reduction_alg9($Xhi,$Xi); 1st phase &psllq ($Xi,1); &pxor ($Xi,$T1); # &psllq ($Xi,5); # @@ -1087,7 +1087,7 @@ my ($Xhi,$Xi) = @_; &movdqu (&QWP(0,$Xip),$Xi); &function_end("gcm_ghash_clmul"); -} else { # Algorith 5. Kept for reference purposes. +} else { # Algorithm 5. Kept for reference purposes. sub reduction_alg5 { # 19/16 times faster than Intel version my ($Xhi,$Xi)=@_; diff --git a/lib/libcrypto/modes/ctr128.c b/lib/libcrypto/modes/ctr128.c index 9dd8c0c55ee..eadb80449c8 100644 --- a/lib/libcrypto/modes/ctr128.c +++ b/lib/libcrypto/modes/ctr128.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ctr128.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: ctr128.c,v 1.9 2022/12/26 07:18:52 jmc Exp $ */ /* ==================================================================== * Copyright (c) 2008 The OpenSSL Project. All rights reserved. * @@ -109,7 +109,7 @@ ctr128_inc_aligned(unsigned char *counter) * This algorithm assumes that the counter is in the x lower bits * of the IV (ivec), and that the application has full control over * overflow and the rest of the IV. This implementation takes NO - * responsability for checking that the counter doesn't overflow + * responsibility for checking that the counter doesn't overflow * into the rest of the IV when incremented. */ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, @@ -228,7 +228,7 @@ void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, (*func)(in,out,blocks,key,ivec); /* (*ctr) does not update ivec, caller does: */ PUTU32(ivec+12,ctr32); - /* ... overflow was detected, propogate carry. */ + /* ... overflow was detected, propagate carry. */ if (ctr32 == 0) ctr96_inc(ivec); blocks *= 16; len -= blocks; diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c index b42d0e5e9ca..6adc4068a31 100644 --- a/lib/libcrypto/objects/obj_dat.c +++ b/lib/libcrypto/objects/obj_dat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_dat.c,v 1.50 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: obj_dat.c,v 1.51 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -251,7 +251,7 @@ static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) /* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting - * to use freed up OIDs. If neccessary the actual freeing up of OIDs is + * to use freed up OIDs. If necessary the actual freeing up of OIDs is * delayed. */ @@ -320,7 +320,7 @@ OBJ_add_object(const ASN1_OBJECT *obj) ao[i]->type = i; ao[i]->obj = o; aop = lh_ADDED_OBJ_insert(added, ao[i]); - /* memory leak, buit should not normally matter */ + /* memory leak, but should not normally matter */ free(aop); } } diff --git a/lib/libcrypto/objects/objects.txt b/lib/libcrypto/objects/objects.txt index 283686f9ffe..4ce86ac88ed 100644 --- a/lib/libcrypto/objects/objects.txt +++ b/lib/libcrypto/objects/objects.txt @@ -842,7 +842,7 @@ internet 6 : snmpv2 : SNMPv2 # Documents refer to "internet 7" as "mail". This however leads to ambiguities # with RFC2798, Section 9.1.3, where "mail" is defined as the short name for # rfc822Mailbox. The short name is therefore here left out for a reason. -# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as +# Subclasses of "mail", e.g. "MIME MHS" don't constitute a problem, as # references are realized via long name "Mail" (with capital M). internet 7 : : Mail diff --git a/lib/libcrypto/ocsp/ocsp_cl.c b/lib/libcrypto/ocsp/ocsp_cl.c index bcc484c3c59..7747020221b 100644 --- a/lib/libcrypto/ocsp/ocsp_cl.c +++ b/lib/libcrypto/ocsp/ocsp_cl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_cl.c,v 1.21 2022/01/07 09:45:52 tb Exp $ */ +/* $OpenBSD: ocsp_cl.c,v 1.22 2022/12/26 07:18:52 jmc Exp $ */ /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL * project. */ @@ -215,7 +215,7 @@ OCSP_response_get1_basic(OCSP_RESPONSE *resp) return ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it); } -/* Return number of OCSP_SINGLERESP reponses present in +/* Return number of OCSP_SINGLERESP responses present in * a basic response. */ int diff --git a/lib/libcrypto/ocsp/ocsp_ext.c b/lib/libcrypto/ocsp/ocsp_ext.c index 829495bcf35..9605d859b4d 100644 --- a/lib/libcrypto/ocsp/ocsp_ext.c +++ b/lib/libcrypto/ocsp/ocsp_ext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_ext.c,v 1.21 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: ocsp_ext.c,v 1.22 2022/12/26 07:18:52 jmc Exp $ */ /* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL * project. */ @@ -321,7 +321,7 @@ OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) /* Nonce handling functions */ -/* Add a nonce to an extension stack. A nonce can be specificed or if NULL +/* Add a nonce to an extension stack. A nonce can be specified or if NULL * a random nonce will be generated. * Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the * nonce, previous versions used the raw nonce. diff --git a/lib/libcrypto/ossl_typ.h b/lib/libcrypto/ossl_typ.h index d8e2d92ae40..78eb7e92ba4 100644 --- a/lib/libcrypto/ossl_typ.h +++ b/lib/libcrypto/ossl_typ.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ossl_typ.h,v 1.21 2022/01/14 08:59:30 tb Exp $ */ +/* $OpenBSD: ossl_typ.h,v 1.22 2022/12/26 07:18:50 jmc Exp $ */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -170,7 +170,7 @@ typedef struct DIST_POINT_st DIST_POINT; typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; -/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ +/* If placed in pkcs12.h, we end up with a circular dependency with pkcs7.h */ #define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ #define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ diff --git a/lib/libcrypto/perlasm/readme b/lib/libcrypto/perlasm/readme index 57d61fda1ee..a7876bcc958 100644 --- a/lib/libcrypto/perlasm/readme +++ b/lib/libcrypto/perlasm/readme @@ -1,5 +1,5 @@ The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. +multiple different assembler formats via the one original script. The way to use this library is to start with adding the path to this directory and then include it. diff --git a/lib/libcrypto/perlasm/x86_64-xlate.pl b/lib/libcrypto/perlasm/x86_64-xlate.pl index 5f7f5855490..bc9d78eb02b 100755 --- a/lib/libcrypto/perlasm/x86_64-xlate.pl +++ b/lib/libcrypto/perlasm/x86_64-xlate.pl @@ -291,7 +291,7 @@ my %globals; } { package register; # pick up registers, which start with %. sub re { - my $class = shift; # muliple instances... + my $class = shift; # multiple instances... my $self = {}; local *line = shift; undef $ret; @@ -879,7 +879,7 @@ close STDOUT; # (#) Nth argument, volatile # # In Unix terms top of stack is argument transfer area for arguments -# which could not be accomodated in registers. Or in other words 7th +# which could not be accommodated in registers. Or in other words 7th # [integer] argument resides at 8(%rsp) upon function entry point. # 128 bytes above %rsp constitute a "red zone" which is not touched # by signal handlers and can be used as temporal storage without @@ -896,7 +896,7 @@ close STDOUT; # the area above user stack pointer in true asynchronous manner... # # All the above means that if assembler programmer adheres to Unix -# register and stack layout, but disregards the "red zone" existense, +# register and stack layout, but disregards the "red zone" existence, # it's possible to use following prologue and epilogue to "gear" from # Unix to Win64 ABI in leaf functions with not more than 6 arguments. # diff --git a/lib/libcrypto/pkcs7/pk7_doit.c b/lib/libcrypto/pkcs7/pk7_doit.c index 5cd95cdf91d..3e2d4c2119e 100644 --- a/lib/libcrypto/pkcs7/pk7_doit.c +++ b/lib/libcrypto/pkcs7/pk7_doit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pk7_doit.c,v 1.49 2022/11/26 16:08:53 tb Exp $ */ +/* $OpenBSD: pk7_doit.c,v 1.50 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -534,7 +534,7 @@ PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) /* If we haven't got a certificate try each ri in turn */ if (pcert == NULL) { /* Always attempt to decrypt all rinfo even - * after sucess as a defence against MMA timing + * after success as a defence against MMA timing * attacks. */ for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) { diff --git a/lib/libcrypto/rc2/version b/lib/libcrypto/rc2/version index a69ff35a437..8ca161a6133 100644 --- a/lib/libcrypto/rc2/version +++ b/lib/libcrypto/rc2/version @@ -1,7 +1,7 @@ 1.1 23/08/96 - eay Changed RC2_set_key() so it now takes another argument. Many thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the - clarification and origional specification of RC2. BSAFE uses + clarification and original specification of RC2. BSAFE uses this last parameter, 'bits'. It the key is 128 bits, BSAFE also sets this parameter to 128. The old behaviour can be duplicated by setting this parameter to 1024. diff --git a/lib/libcrypto/rc4/asm/rc4-586.pl b/lib/libcrypto/rc4/asm/rc4-586.pl index 03f0cff467c..f3c3e117bc3 100644 --- a/lib/libcrypto/rc4/asm/rc4-586.pl +++ b/lib/libcrypto/rc4/asm/rc4-586.pl @@ -123,7 +123,7 @@ if ($alt=0) { push (@XX,shift(@XX)) if ($i>=0); } } else { - # Using pinsrw here improves performane on Intel CPUs by 2-3%, but + # Using pinsrw here improves performance on Intel CPUs by 2-3%, but # brings down AMD by 7%... $RC4_loop_mmx = sub { my $i=shift; @@ -144,7 +144,7 @@ if ($alt=0) { &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4)); # (*) This is the key to Core2 and Westmere performance. - # Whithout movz out-of-order execution logic confuses + # Without movz out-of-order execution logic confuses # itself and fails to reorder loads and stores. Problem # appears to be fixed in Sandy Bridge... } diff --git a/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/lib/libcrypto/rc4/asm/rc4-x86_64.pl index 2135b38ef82..18a967e5465 100755 --- a/lib/libcrypto/rc4/asm/rc4-x86_64.pl +++ b/lib/libcrypto/rc4/asm/rc4-x86_64.pl @@ -50,7 +50,7 @@ # As was shown by Zou Nanhai loop unrolling can improve Intel EM64T # performance by >30% [unlike P4 32-bit case that is]. But this is # provided that loads are reordered even more aggressively! Both code -# pathes, AMD64 and EM64T, reorder loads in essentially same manner +# paths, AMD64 and EM64T, reorder loads in essentially same manner # as my IA-64 implementation. On Opteron this resulted in modest 5% # improvement [I had to test it], while final Intel P4 performance # achieves respectful 432MBps on 2.8GHz processor now. For reference. @@ -81,7 +81,7 @@ # The only code path that was not modified is P4-specific one. Non-P4 # Intel code path optimization is heavily based on submission by Maxim # Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used -# some of the ideas even in attempt to optmize the original RC4_INT +# some of the ideas even in attempt to optimize the original RC4_INT # code path... Current performance in cycles per processed byte (less # is better) and improvement coefficients relative to previous # version of this module are: diff --git a/lib/libcrypto/ripemd/README b/lib/libcrypto/ripemd/README index 5e18d458664..ab1d7a4c0c6 100644 --- a/lib/libcrypto/ripemd/README +++ b/lib/libcrypto/ripemd/README @@ -8,7 +8,7 @@ this point I will not bother right now. I believe the trick will be to remove my 'copy X array onto stack' until inside the RIP1() finctions the first time round. To do this I need another register and will only have one temporary one. A bit tricky.... I can also cleanup the saving of the 5 words -after the first half of the calculation. I should read the origional +after the first half of the calculation. I should read the original value, add then write. Currently I just save the new and read the origioal. I then read both at the end. Bad. diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c index f6c3092dc46..a19201727eb 100644 --- a/lib/libcrypto/rsa/rsa_eay.c +++ b/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.55 2022/11/26 16:08:54 tb Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.56 2022/12/26 07:18:52 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -716,7 +716,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) BIGNUM p, q; /* - * Make sure BN_mod_inverse in Montgomery intialization uses the + * Make sure BN_mod_inverse in Montgomery initialization uses the * BN_FLG_CONSTTIME flag */ BN_init(&p); diff --git a/lib/libcrypto/sha/asm/sha1-586.pl b/lib/libcrypto/sha/asm/sha1-586.pl index d29ed84706a..1de5e2650e1 100644 --- a/lib/libcrypto/sha/asm/sha1-586.pl +++ b/lib/libcrypto/sha/asm/sha1-586.pl @@ -28,7 +28,7 @@ # P4 +85%(!) +45% # # As you can see Pentium came out as looser:-( Yet I reckoned that -# improvement on P4 outweights the loss and incorporate this +# improvement on P4 outweighs the loss and incorporate this # re-tuned code to 0.9.7 and later. # ---------------------------------------------------------------- # <appro@fy.chalmers.se> @@ -511,14 +511,14 @@ my $_ror=sub { &ror(@_) }; # # Temporary registers usage. X[2] is volatile at the entry and at the # end is restored from backtrace ring buffer. X[3] is expected to -# contain current K_XX_XX constant and is used to caclulate X[-1]+K +# contain current K_XX_XX constant and is used to calculate X[-1]+K # from previous round, it becomes volatile the moment the value is # saved to stack for transfer to IALU. X[4] becomes volatile whenever # X[-4] is accumulated and offloaded to backtrace ring buffer, at the # end it is loaded with next K_XX_XX [which becomes X[3] in next # round]... # -sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_ssse3_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions @@ -940,7 +940,7 @@ my $_ror=sub { &shrd(@_[0],@_) }; &vmovdqa(&QWP(0+32,"esp"),@X[2]); &jmp (&label("loop")); -sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_avx_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions diff --git a/lib/libcrypto/sha/asm/sha1-sparcv9a.pl b/lib/libcrypto/sha/asm/sha1-sparcv9a.pl index 15eb854badc..e81a4dcb053 100644 --- a/lib/libcrypto/sha/asm/sha1-sparcv9a.pl +++ b/lib/libcrypto/sha/asm/sha1-sparcv9a.pl @@ -539,16 +539,17 @@ $code.=<<___; .type sha1_block_data_order,#function .size sha1_block_data_order,(.-sha1_block_data_order) .asciz "SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>" +.align 4 ___ # Purpose of these subroutines is to explicitly encode VIS instructions, # so that one can compile the module without having to specify VIS -# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. +# extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a. # Idea is to reserve for option to produce "universal" binary and let # programmer detect if current CPU is VIS capable at run-time. sub unvis { my ($mnemonic,$rs1,$rs2,$rd)=@_; -my $ref,$opf; +my ($ref,$opf); my %visopf = ( "fmul8ulx16" => 0x037, "faligndata" => 0x048, "fpadd32" => 0x052, diff --git a/lib/libcrypto/sha/asm/sha1-thumb.pl b/lib/libcrypto/sha/asm/sha1-thumb.pl index 7c9ea9b0296..553e9cedb55 100644 --- a/lib/libcrypto/sha/asm/sha1-thumb.pl +++ b/lib/libcrypto/sha/asm/sha1-thumb.pl @@ -14,7 +14,7 @@ # The code does not present direct interest to OpenSSL, because of low # performance. Its purpose is to establish _size_ benchmark. Pretty # useless one I must say, because 30% or 88 bytes larger ARMv4 code -# [avialable on demand] is almost _twice_ as fast. It should also be +# [available on demand] is almost _twice_ as fast. It should also be # noted that in-lining of .Lcommon and .Lrotate improves performance # by over 40%, while code increases by only 10% or 32 bytes. But once # again, the goal was to establish _size_ benchmark, not performance. diff --git a/lib/libcrypto/sha/asm/sha1-x86_64.pl b/lib/libcrypto/sha/asm/sha1-x86_64.pl index 147d21570bc..cc8ef5337de 100755 --- a/lib/libcrypto/sha/asm/sha1-x86_64.pl +++ b/lib/libcrypto/sha/asm/sha1-x86_64.pl @@ -368,7 +368,7 @@ sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n"; } -sub Xupdate_ssse3_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_ssse3_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions @@ -779,7 +779,7 @@ $code.=<<___; jmp .Loop_avx ___ -sub Xupdate_avx_16_31() # recall that $Xi starts wtih 4 +sub Xupdate_avx_16_31() # recall that $Xi starts with 4 { use integer; my $body = shift; my @insns = (&$body,&$body,&$body,&$body); # 40 instructions diff --git a/lib/libcrypto/sha/asm/sha512-x86_64.pl b/lib/libcrypto/sha/asm/sha512-x86_64.pl index feb0f9e7767..bc4b2e74872 100755 --- a/lib/libcrypto/sha/asm/sha512-x86_64.pl +++ b/lib/libcrypto/sha/asm/sha512-x86_64.pl @@ -34,7 +34,7 @@ # level parallelism, on a given CPU implementation in this case. # # Special note on Intel EM64T. While Opteron CPU exhibits perfect -# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above], +# performance ratio of 1.5 between 64- and 32-bit flavors [see above], # [currently available] EM64T CPUs apparently are far from it. On the # contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit # sha256_block:-( This is presumably because 64-bit shifts/rotates diff --git a/lib/libcrypto/sparccpuid.S b/lib/libcrypto/sparccpuid.S index b913e3dddbc..757e015704d 100644 --- a/lib/libcrypto/sparccpuid.S +++ b/lib/libcrypto/sparccpuid.S @@ -263,7 +263,7 @@ _sparcv9_vis1_instrument: sub %o3,%o2,%o2 sub %o4,%o3,%o3 - ! find minumum value + ! find minimum value cmp %o0,%o1 .word 0x38680002 !bgu,a %xcc,.+8 mov %o1,%o0 diff --git a/lib/libcrypto/ui/ui.h b/lib/libcrypto/ui/ui.h index ee27fd2a493..0f662455ed3 100644 --- a/lib/libcrypto/ui/ui.h +++ b/lib/libcrypto/ui/ui.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ui.h,v 1.15 2022/12/17 21:59:39 tb Exp $ */ +/* $OpenBSD: ui.h,v 1.16 2022/12/26 07:18:52 jmc Exp $ */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2001. */ @@ -276,7 +276,7 @@ const UI_METHOD *UI_null(void); * display a dialog box after it has been built. * a reader This function is called to read a given prompt, * maybe from the tty, maybe from a field in a - * window. Note that it's called wth all string + * window. Note that it's called with all string * structures, not only the prompt ones, so it must * check such things itself. * a closer This function closes the session, maybe by closing diff --git a/lib/libcrypto/whrlpool/asm/wp-mmx.pl b/lib/libcrypto/whrlpool/asm/wp-mmx.pl index 32cf16380b5..0ff8e5b6121 100644 --- a/lib/libcrypto/whrlpool/asm/wp-mmx.pl +++ b/lib/libcrypto/whrlpool/asm/wp-mmx.pl @@ -59,19 +59,19 @@ sub LL() unshift(@_,pop(@_)); } } - else { die "unvalid SCALE value"; } + else { die "invalid SCALE value"; } } sub scale() { if ($SCALE==2) { &lea(@_[0],&DWP(0,@_[1],@_[1])); } elsif ($SCALE==8) { &lea(@_[0],&DWP(0,"",@_[1],8)); } - else { die "unvalid SCALE value"; } + else { die "invalid SCALE value"; } } sub row() { if ($SCALE==2) { ((8-shift)&7); } elsif ($SCALE==8) { (8*shift); } - else { die "unvalid SCALE value"; } + else { die "invalid SCALE value"; } } $tbl="ebp"; @@ -119,7 +119,7 @@ $tbl="ebp"; &mov ("eax",&DWP(0,"esp")); &mov ("ebx",&DWP(4,"esp")); for($i=0;$i<8;$i++) { - my $func = ($i==0)? movq : pxor; + my $func = ($i==0)? \&movq : \&pxor; &movb (&LB("ecx"),&LB("eax")); &movb (&LB("edx"),&HB("eax")); &scale ("esi","ecx"); diff --git a/lib/libcrypto/x509/pcy_tree.c b/lib/libcrypto/x509/pcy_tree.c index be563d26770..050503bdf3f 100644 --- a/lib/libcrypto/x509/pcy_tree.c +++ b/lib/libcrypto/x509/pcy_tree.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcy_tree.c,v 1.4 2022/11/26 16:08:54 tb Exp $ */ +/* $OpenBSD: pcy_tree.c,v 1.5 2022/12/26 07:18:53 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -131,7 +131,7 @@ tree_print(char *str, X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) #endif /* Initialize policy tree. Return values: - * 0 Some internal error occured. + * 0 Some internal error occurred. * -1 Inconsistent or invalid extensions in certificates. * 1 Tree initialized OK. * 2 Policy tree is empty. diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index 7795181efcf..0ff66587b99 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.90 2022/07/12 14:42:50 kn Exp $ */ +/* $OpenBSD: x509.h,v 1.91 2022/12/26 07:18:53 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -893,7 +893,7 @@ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf,int len); -/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use +/* NOTE: you should be passing -1, not 0 as lastpos. The functions that use * lastpos, search after that position on. */ int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos); diff --git a/lib/libcrypto/x509/x509_constraints.c b/lib/libcrypto/x509/x509_constraints.c index 1b79383de04..346cab0a403 100644 --- a/lib/libcrypto/x509/x509_constraints.c +++ b/lib/libcrypto/x509/x509_constraints.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_constraints.c,v 1.30 2022/11/28 07:22:15 tb Exp $ */ +/* $OpenBSD: x509_constraints.c,v 1.31 2022/12/26 07:18:53 jmc Exp $ */ /* * Copyright (c) 2020 Bob Beck <beck@openbsd.org> * @@ -192,7 +192,7 @@ x509_constraints_names_dup(struct x509_constraints_names *names) * 5890 compliant A-labels (see RFC 6066 section 3). This is more * permissive to allow for a leading '.' for a subdomain based * constraint, as well as allowing for '_' which is commonly accepted - * by nonconformant DNS implementaitons. + * by nonconformant DNS implementations. * * if "wildcards" is set it allows '*' to occur in the string at the end of a * component. @@ -587,7 +587,7 @@ x509_constraints_sandns(char *sandns, size_t dlen, char *constraint, size_t len) * returns 1 if the domain and constraint match. * returns 0 otherwise. * - * an empty constraint matches everyting. + * an empty constraint matches everything. * constraint will be matched against the domain as a suffix if it * starts with a '.'. * domain will be matched against the constraint as a suffix if it @@ -651,10 +651,10 @@ x509_constraints_uri(uint8_t *uri, size_t ulen, uint8_t *constraint, } /* - * Verify a validated address of size alen with a validated contraint + * Verify a validated address of size alen with a validated constraint * of size constraint_len. returns 1 if matching, 0 if not. * Addresses are assumed to be pre-validated for a length of 4 and 8 - * respectively for ipv4 addreses and constraints, and a length of + * respectively for ipv4 addresses and constraints, and a length of * 16 and 32 respectively for ipv6 address constraints by the caller. */ int @@ -909,7 +909,7 @@ x509_constraints_extract_names(struct x509_constraints_names *names, vname = NULL; } /* - * Include the CN as a hostname to be checked againt + * Include the CN as a hostname to be checked against * name constraints if it looks like a hostname. */ while (include_cn && @@ -1210,7 +1210,7 @@ x509_constraints_check(struct x509_constraints_names *names, /* * Walk a validated chain of X509 certs, starting at the leaf, and * validate the name constraints in the chain. Intended for use with - * the legacy X509 validtion code in x509_vfy.c + * the legacy X509 validation code in x509_vfy.c * * returns 1 if the constraints are ok, 0 otherwise, setting error and * depth diff --git a/lib/libcrypto/x509/x509_issuer_cache.c b/lib/libcrypto/x509/x509_issuer_cache.c index 4f78e1e69b8..f7fbd54ca77 100644 --- a/lib/libcrypto/x509/x509_issuer_cache.c +++ b/lib/libcrypto/x509/x509_issuer_cache.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_issuer_cache.c,v 1.3 2022/06/27 14:23:40 beck Exp $ */ +/* $OpenBSD: x509_issuer_cache.c,v 1.4 2022/12/26 07:18:53 jmc Exp $ */ /* * Copyright (c) 2020 Bob Beck <beck@openbsd.org> * @@ -75,7 +75,7 @@ x509_issuer_cache_set_max(size_t max) /* * Free the oldest entry in the issuer cache. Returns 1 - * if an entry was successfuly freed, 0 otherwise. Must + * if an entry was successfully freed, 0 otherwise. Must * be called with x509_issuer_tree_mutex held. */ void diff --git a/lib/libcrypto/x509/x509_ncons.c b/lib/libcrypto/x509/x509_ncons.c index cc7f59cd0a0..c7e4e6ed9f5 100644 --- a/lib/libcrypto/x509/x509_ncons.c +++ b/lib/libcrypto/x509/x509_ncons.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_ncons.c,v 1.7 2022/11/26 16:08:55 tb Exp $ */ +/* $OpenBSD: x509_ncons.c,v 1.8 2022/12/26 07:18:53 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -482,7 +482,7 @@ nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base) if (!emlat) return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - /* Special case: inital '.' is RHS match */ + /* Special case: initial '.' is RHS match */ if (!baseat && (*baseptr == '.')) { if (eml->length > base->length) { emlptr += eml->length - base->length; @@ -543,7 +543,7 @@ nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base) if (hostlen == 0) return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - /* Special case: inital '.' is RHS match */ + /* Special case: initial '.' is RHS match */ if (*baseptr == '.') { if (hostlen > base->length) { p = hostptr + hostlen - base->length; diff --git a/lib/libcrypto/x509/x509_utl.c b/lib/libcrypto/x509/x509_utl.c index 525939d4cab..aa18efe2c55 100644 --- a/lib/libcrypto/x509/x509_utl.c +++ b/lib/libcrypto/x509/x509_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_utl.c,v 1.4 2022/11/14 17:48:50 beck Exp $ */ +/* $OpenBSD: x509_utl.c,v 1.5 2022/12/26 07:18:53 jmc Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -723,7 +723,7 @@ skip_prefix(const unsigned char **p, size_t *plen, const unsigned char *subject, * "equal_nocase" function is a hand-rolled strncasecmp that does not * allow \0 in the pattern. Since an embedded \0 is likely a sign of * problems, we simply don't allow it in either case, and then we use - * standard libc funcitons. + * standard libc functions. */ /* Compare using strncasecmp */ diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 9392b1f41e6..f6c7c21f5f6 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.109 2022/12/01 05:20:30 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.110 2022/12/26 07:18:53 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -312,7 +312,7 @@ X509_verify_cert_legacy_build_chain(X509_STORE_CTX *ctx, int *bad, int *out_ok) if (ctx->untrusted != NULL) { /* * If we do not find a non-expired untrusted cert, peek - * ahead and see if we can satisify this from the trusted + * ahead and see if we can satisfy this from the trusted * store. If not, see if we have an expired untrusted cert. */ xtmp = find_issuer(ctx, sktmp, x, 0); diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h index 9a9d6c0a1cd..27ed4842915 100644 --- a/lib/libcrypto/x509/x509_vfy.h +++ b/lib/libcrypto/x509/x509_vfy.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.h,v 1.56 2022/12/01 05:27:04 tb Exp $ */ +/* $OpenBSD: x509_vfy.h,v 1.57 2022/12/26 07:18:53 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -255,7 +255,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); /* Do not check certificate or CRL validity against current time. */ #define X509_V_FLAG_NO_CHECK_TIME 0x200000 -/* Force the use of the legacy certificate verifcation */ +/* Force the use of the legacy certificate verification */ #define X509_V_FLAG_LEGACY_VERIFY 0x400000 #define X509_VP_FLAG_DEFAULT 0x1 diff --git a/lib/libcrypto/x509/x509name.c b/lib/libcrypto/x509/x509name.c index 14e2deb84f5..19a253da4da 100644 --- a/lib/libcrypto/x509/x509name.c +++ b/lib/libcrypto/x509/x509name.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509name.c,v 1.29 2022/11/26 16:08:55 tb Exp $ */ +/* $OpenBSD: x509name.c,v 1.30 2022/12/26 07:18:53 jmc Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -123,7 +123,7 @@ X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos) } LCRYPTO_ALIAS(X509_NAME_get_index_by_NID) -/* NOTE: you should be passsing -1, not 0 as lastpos */ +/* NOTE: you should be passing -1, not 0 as lastpos */ int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, int lastpos) diff --git a/lib/libcrypto/x86cpuid.pl b/lib/libcrypto/x86cpuid.pl index 8b9570fc726..0fc906a3e95 100644 --- a/lib/libcrypto/x86cpuid.pl +++ b/lib/libcrypto/x86cpuid.pl @@ -190,7 +190,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } &set_label("spin"); &lea ("ebx",&DWP(0,"eax","ecx")); &nop (); - &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is envolved and is always reloaded + &data_word(0x1ab10ff0); # lock; cmpxchg %ebx,(%edx) # %eax is involved and is always reloaded &jne (&label("spin")); &mov ("eax","ebx"); # OpenSSL expects the new value &pop ("ebx"); |