openssl/crypto/bn/asm
Andy Polyakov 08ea966c01 bn/asm/rsaz-avx2.pl: constant-time gather procedure.
Performance penalty is 2%.

CVE-2016-0702

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from master)
2016-03-01 11:21:22 +00:00
..
x86
alpha-mont.pl Alpha assembler fixed from HEAD. 2011-08-12 12:31:08 +00:00
armv4-gf2m.pl Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
armv4-mont.pl Remove inconsistency in ARM support. 2015-01-06 11:14:23 +01:00
bn-586.pl Update perl asm scripts include paths for perlasm. 2008-01-05 22:28:38 +00:00
co-586.pl Update perl asm scripts include paths for perlasm. 2008-01-05 22:28:38 +00:00
ia64-mont.pl IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
ia64.S Fix typos 2015-10-23 20:32:58 +02:00
mips-mont.pl MIPS assembly pack: get rid of deprecated instructions. 2013-10-13 13:18:21 +02:00
mips.pl Fix for CVE-2014-3570 (with minor bn_asm.c revamp). 2015-01-08 11:20:29 +00:00
mips3-mont.pl Latest bn_mont.c modification broke ECDSA test. I've got math wrong, which 2007-06-29 13:10:19 +00:00
mips3.s
pa-risc2.s
pa-risc2W.s
parisc-mont.pl PA-RISC assembler pack: switch to bve in 64-bit builds. 2013-06-30 23:13:23 +02:00
ppc-mont.pl PPC assembly pack: update from master branch. 2013-10-15 00:31:45 +02:00
ppc.pl PPC assembly pack: update from master branch. 2013-10-15 00:31:45 +02:00
ppc64-mont.pl bn/asm/ppc64-mont.pl: adapt for little-endian. 2015-11-16 13:41:58 +01:00
README
rsaz-avx2.pl bn/asm/rsaz-avx2.pl: constant-time gather procedure. 2016-03-01 11:21:22 +00:00
rsaz-x86_64.pl bn/asm/rsaz-avx2.pl: constant-time gather procedure. 2016-03-01 11:21:22 +00:00
s390x-gf2m.pl Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
s390x-mont.pl s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
s390x.S bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling. 2015-11-16 13:11:27 +01:00
sparct4-mont.pl Optimize SPARC T4 MONTMUL support. 2013-06-18 11:07:16 +02:00
sparcv8.S
sparcv8plus.S Unify sparcv9 assembler naming and build rules among 32- and 64-bit builds. 2005-12-16 17:39:57 +00:00
sparcv9-gf2m.pl Add BN support for SPARC VIS3 and T4 [from master]. 2013-05-20 15:48:13 +02:00
sparcv9-mont.pl Latest bn_mont.c modification broke ECDSA test. I've got math wrong, which 2007-06-29 13:10:19 +00:00
sparcv9a-mont.pl Latest bn_mont.c modification broke ECDSA test. I've got math wrong, which 2007-06-29 13:10:19 +00:00
via-mont.pl Latest bn_mont.c modification broke ECDSA test. I've got math wrong, which 2007-06-29 13:10:19 +00:00
vis3-mont.pl bn/asm/vis3-mont.pl: fix intermittent EC failures on SPARC T3. 2015-05-24 13:26:37 +02:00
vms.mar
x86-gf2m.pl Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
x86-mont.pl x86-mont.pl: fix bug in integer-only squaring path. 2011-12-09 14:26:28 +00:00
x86.pl
x86_64-gcc.c Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
x86_64-gf2m.pl Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
x86_64-mont.pl x86_64 assembly pack: tune clang version detection even further. 2015-12-13 22:19:32 +01:00
x86_64-mont5.pl x86_64 assembly pack: tune clang version detection even further. 2015-12-13 22:19:32 +01:00

<OBSOLETE>

All assember in this directory are just version of the file
crypto/bn/bn_asm.c.

Quite a few of these files are just the assember output from gcc since on 
quite a few machines they are 2 times faster than the system compiler.

For the x86, I have hand written assember because of the bad job all
compilers seem to do on it.  This normally gives a 2 time speed up in the RSA
routines.

For the DEC alpha, I also hand wrote the assember (except the division which
is just the output from the C compiler pasted on the end of the file).
On the 2 alpha C compilers I had access to, it was not possible to do
64b x 64b -> 128b calculations (both long and the long long data types
were 64 bits).  So the hand assember gives access to the 128 bit result and
a 2 times speedup :-).

There are 3 versions of assember for the HP PA-RISC.

pa-risc.s is the origional one which works fine and generated using gcc :-)

pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
by Chris Ruemmler from HP (with some help from the HP C compiler).

</OBSOLETE>