openssl/providers/fips.module.sources
Martin Schwenke 0d40ca47bd bn: Add fixed length (n=6), unrolled PPC Montgomery Multiplication
Overall improvement for p384 of ~18% on Power 9, compared to existing
Power assembling code.  See comment in code for more details.

Multiple unrolled versions could be generated for values other than
6.  However, for TLS 1.3 the only other ECC algorithms that might use
Montgomery Multiplication are p256 and p521, but these have custom
algorithms that don't use Montgomery Multiplication.  Non-ECC
algorithms are likely to use larger key lengths that won't fit into
the n <= 10 length limitation of this code.

Signed-off-by: Amitay Isaacs <amitay@ozlabs.org>
Signed-off-by: Alastair D'Silva <alastair@d-silva.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15175)
2021-05-08 20:39:29 +10:00

415 lines
12 KiB
Plaintext

crypto/aes/aes_cbc.c
crypto/aes/aes_core.c
crypto/aes/aes_ecb.c
crypto/aes/aes_misc.c
crypto/aes/asm/aes-586.pl
crypto/aes/asm/aes-armv4.pl
crypto/aes/asm/aes-c64xplus.pl
crypto/aes/asm/aes-ia64.S
crypto/aes/asm/aes-mips.pl
crypto/aes/asm/aes-parisc.pl
crypto/aes/asm/aes-ppc.pl
crypto/aes/asm/aes-s390x.pl
crypto/aes/asm/aes-sparcv9.pl
crypto/aes/asm/aes-x86_64.pl
crypto/aes/asm/aesfx-sparcv9.pl
crypto/aes/asm/aesni-mb-x86_64.pl
crypto/aes/asm/aesni-sha1-x86_64.pl
crypto/aes/asm/aesni-sha256-x86_64.pl
crypto/aes/asm/aesni-x86.pl
crypto/aes/asm/aesni-x86_64.pl
crypto/aes/asm/aesp8-ppc.pl
crypto/aes/asm/aest4-sparcv9.pl
crypto/aes/asm/aesv8-armx.pl
crypto/aes/asm/bsaes-armv7.pl
crypto/aes/asm/bsaes-x86_64.pl
crypto/aes/asm/vpaes-armv8.pl
crypto/aes/asm/vpaes-ppc.pl
crypto/aes/asm/vpaes-x86.pl
crypto/aes/asm/vpaes-x86_64.pl
crypto/asn1_dsa.c
crypto/bn/asm/alpha-mont.pl
crypto/bn/asm/armv4-gf2m.pl
crypto/bn/asm/armv4-mont.pl
crypto/bn/asm/armv8-mont.pl
crypto/bn/asm/bn-586.pl
crypto/bn/asm/c64xplus-gf2m.pl
crypto/bn/asm/co-586.pl
crypto/bn/asm/ia64-mont.pl
crypto/bn/asm/ia64.S
crypto/bn/asm/mips-mont.pl
crypto/bn/asm/mips.pl
crypto/bn/asm/parisc-mont.pl
crypto/bn/asm/ppc-mont.pl
crypto/bn/asm/ppc.pl
crypto/bn/asm/ppc64-mont-fixed.pl
crypto/bn/asm/ppc64-mont.pl
crypto/bn/asm/rsaz-avx2.pl
crypto/bn/asm/rsaz-avx512.pl
crypto/bn/asm/rsaz-x86_64.pl
crypto/bn/asm/s390x-gf2m.pl
crypto/bn/asm/s390x-mont.pl
crypto/bn/asm/s390x.S
crypto/bn/asm/sparct4-mont.pl
crypto/bn/asm/sparcv8.S
crypto/bn/asm/sparcv8plus.S
crypto/bn/asm/sparcv9-gf2m.pl
crypto/bn/asm/sparcv9-mont.pl
crypto/bn/asm/sparcv9a-mont.pl
crypto/bn/asm/via-mont.pl
crypto/bn/asm/vis3-mont.pl
crypto/bn/asm/x86-gf2m.pl
crypto/bn/asm/x86-mont.pl
crypto/bn/asm/x86_64-gcc.c
crypto/bn/asm/x86_64-gf2m.pl
crypto/bn/asm/x86_64-mont.pl
crypto/bn/asm/x86_64-mont5.pl
crypto/bn/bn_add.c
crypto/bn/bn_asm.c
crypto/bn/bn_blind.c
crypto/bn/bn_const.c
crypto/bn/bn_conv.c
crypto/bn/bn_ctx.c
crypto/bn/bn_dh.c
crypto/bn/bn_div.c
crypto/bn/bn_exp.c
crypto/bn/bn_exp2.c
crypto/bn/bn_gcd.c
crypto/bn/bn_gf2m.c
crypto/bn/bn_intern.c
crypto/bn/bn_kron.c
crypto/bn/bn_lib.c
crypto/bn/bn_mod.c
crypto/bn/bn_mont.c
crypto/bn/bn_mpi.c
crypto/bn/bn_mul.c
crypto/bn/bn_nist.c
crypto/bn/bn_prime.c
crypto/bn/bn_rand.c
crypto/bn/bn_recp.c
crypto/bn/bn_rsa_fips186_4.c
crypto/bn/bn_shift.c
crypto/bn/bn_sqr.c
crypto/bn/bn_sqrt.c
crypto/bn/bn_word.c
crypto/bn/rsaz_exp.c
crypto/bn/rsaz_exp_x2.c
crypto/bsearch.c
crypto/buffer/buffer.c
crypto/cmac/cmac.c
crypto/context.c
crypto/core_algorithm.c
crypto/core_fetch.c
crypto/core_namemap.c
crypto/cpuid.c
crypto/cryptlib.c
crypto/ctype.c
crypto/der_writer.c
crypto/des/des_enc.c
crypto/des/ecb3_enc.c
crypto/des/fcrypt_b.c
crypto/des/set_key.c
crypto/dh/dh_backend.c
crypto/dh/dh_check.c
crypto/dh/dh_gen.c
crypto/dh/dh_group_params.c
crypto/dh/dh_kdf.c
crypto/dh/dh_key.c
crypto/dh/dh_lib.c
crypto/dsa/dsa_backend.c
crypto/dsa/dsa_check.c
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_key.c
crypto/dsa/dsa_lib.c
crypto/dsa/dsa_ossl.c
crypto/dsa/dsa_sign.c
crypto/dsa/dsa_vrf.c
crypto/ec/asm/ecp_nistz256-armv4.pl
crypto/ec/asm/ecp_nistz256-armv8.pl
crypto/ec/asm/ecp_nistz256-ppc64.pl
crypto/ec/asm/ecp_nistz256-sparcv9.pl
crypto/ec/asm/ecp_nistz256-x86.pl
crypto/ec/asm/ecp_nistz256-x86_64.pl
crypto/ec/asm/x25519-ppc64.pl
crypto/ec/asm/x25519-x86_64.pl
crypto/ec/curve25519.c
crypto/ec/curve448/arch_32/f_impl32.c
crypto/ec/curve448/arch_64/f_impl64.c
crypto/ec/curve448/curve448.c
crypto/ec/curve448/curve448_tables.c
crypto/ec/curve448/eddsa.c
crypto/ec/curve448/f_generic.c
crypto/ec/curve448/scalar.c
crypto/ec/ec2_oct.c
crypto/ec/ec2_smpl.c
crypto/ec/ec_asn1.c
crypto/ec/ec_backend.c
crypto/ec/ec_check.c
crypto/ec/ec_curve.c
crypto/ec/ec_cvt.c
crypto/ec/ec_deprecated.c
crypto/ec/ec_key.c
crypto/ec/ec_kmeth.c
crypto/ec/ec_lib.c
crypto/ec/ec_mult.c
crypto/ec/ec_oct.c
crypto/ec/ec_print.c
crypto/ec/ecdh_kdf.c
crypto/ec/ecdh_ossl.c
crypto/ec/ecdsa_ossl.c
crypto/ec/ecdsa_sign.c
crypto/ec/ecdsa_vrf.c
crypto/ec/ecp_mont.c
crypto/ec/ecp_nist.c
crypto/ec/ecp_nistz256.c
crypto/ec/ecp_oct.c
crypto/ec/ecp_smpl.c
crypto/ec/ecx_backend.c
crypto/ec/ecx_key.c
crypto/evp/asymcipher.c
crypto/evp/cmeth_lib.c
crypto/evp/dh_support.c
crypto/evp/digest.c
crypto/evp/ec_support.c
crypto/evp/evp_enc.c
crypto/evp/evp_fetch.c
crypto/evp/evp_lib.c
crypto/evp/evp_rand.c
crypto/evp/evp_utils.c
crypto/evp/exchange.c
crypto/evp/kdf_lib.c
crypto/evp/kdf_meth.c
crypto/evp/kem.c
crypto/evp/keymgmt_lib.c
crypto/evp/keymgmt_meth.c
crypto/evp/m_sigver.c
crypto/evp/mac_lib.c
crypto/evp/mac_meth.c
crypto/evp/p_lib.c
crypto/evp/pmeth_check.c
crypto/evp/pmeth_gn.c
crypto/evp/pmeth_lib.c
crypto/evp/signature.c
crypto/ex_data.c
crypto/ffc/ffc_backend.c
crypto/ffc/ffc_dh.c
crypto/ffc/ffc_key_generate.c
crypto/ffc/ffc_key_validate.c
crypto/ffc/ffc_params.c
crypto/ffc/ffc_params_generate.c
crypto/ffc/ffc_params_validate.c
crypto/hmac/hmac.c
crypto/initthread.c
crypto/lhash/lhash.c
crypto/md5/asm/md5-586.pl
crypto/md5/asm/md5-sparcv9.pl
crypto/md5/asm/md5-x86_64.pl
crypto/md5/md5_dgst.c
crypto/md5/md5_one.c
crypto/md5/md5_sha1.c
crypto/mem_clr.c
crypto/modes/asm/aes-gcm-armv8_64.pl
crypto/modes/asm/aesni-gcm-x86_64.pl
crypto/modes/asm/ghash-alpha.pl
crypto/modes/asm/ghash-armv4.pl
crypto/modes/asm/ghash-c64xplus.pl
crypto/modes/asm/ghash-ia64.pl
crypto/modes/asm/ghash-parisc.pl
crypto/modes/asm/ghash-s390x.pl
crypto/modes/asm/ghash-sparcv9.pl
crypto/modes/asm/ghash-x86.pl
crypto/modes/asm/ghash-x86_64.pl
crypto/modes/asm/ghashp8-ppc.pl
crypto/modes/asm/ghashv8-armx.pl
crypto/modes/cbc128.c
crypto/modes/ccm128.c
crypto/modes/cfb128.c
crypto/modes/ctr128.c
crypto/modes/gcm128.c
crypto/modes/ofb128.c
crypto/modes/wrap128.c
crypto/modes/xts128.c
crypto/o_str.c
crypto/packet.c
crypto/param_build.c
crypto/param_build_set.c
crypto/params.c
crypto/params_dup.c
crypto/params_from_text.c
crypto/passphrase.c
crypto/property/defn_cache.c
crypto/property/property.c
crypto/property/property_parse.c
crypto/property/property_string.c
crypto/provider_core.c
crypto/provider_predefined.c
crypto/rand/rand_lib.c
crypto/rand/rand_meth.c
crypto/rsa/rsa_backend.c
crypto/rsa/rsa_chk.c
crypto/rsa/rsa_crpt.c
crypto/rsa/rsa_gen.c
crypto/rsa/rsa_lib.c
crypto/rsa/rsa_mp_names.c
crypto/rsa/rsa_none.c
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_ossl.c
crypto/rsa/rsa_pk1.c
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_schemes.c
crypto/rsa/rsa_sign.c
crypto/rsa/rsa_sp800_56b_check.c
crypto/rsa/rsa_sp800_56b_gen.c
crypto/rsa/rsa_x931.c
crypto/self_test_core.c
crypto/sha/asm/keccak1600-armv4.pl
crypto/sha/asm/keccak1600-armv8.pl
crypto/sha/asm/keccak1600-avx2.pl
crypto/sha/asm/keccak1600-avx512.pl
crypto/sha/asm/keccak1600-avx512vl.pl
crypto/sha/asm/keccak1600-c64x.pl
crypto/sha/asm/keccak1600-mmx.pl
crypto/sha/asm/keccak1600-ppc64.pl
crypto/sha/asm/keccak1600-s390x.pl
crypto/sha/asm/keccak1600-x86_64.pl
crypto/sha/asm/keccak1600p8-ppc.pl
crypto/sha/asm/sha1-586.pl
crypto/sha/asm/sha1-alpha.pl
crypto/sha/asm/sha1-armv4-large.pl
crypto/sha/asm/sha1-armv8.pl
crypto/sha/asm/sha1-c64xplus.pl
crypto/sha/asm/sha1-ia64.pl
crypto/sha/asm/sha1-mb-x86_64.pl
crypto/sha/asm/sha1-mips.pl
crypto/sha/asm/sha1-parisc.pl
crypto/sha/asm/sha1-ppc.pl
crypto/sha/asm/sha1-s390x.pl
crypto/sha/asm/sha1-sparcv9.pl
crypto/sha/asm/sha1-sparcv9a.pl
crypto/sha/asm/sha1-thumb.pl
crypto/sha/asm/sha1-x86_64.pl
crypto/sha/asm/sha256-586.pl
crypto/sha/asm/sha256-armv4.pl
crypto/sha/asm/sha256-c64xplus.pl
crypto/sha/asm/sha256-mb-x86_64.pl
crypto/sha/asm/sha512-586.pl
crypto/sha/asm/sha512-armv4.pl
crypto/sha/asm/sha512-armv8.pl
crypto/sha/asm/sha512-c64xplus.pl
crypto/sha/asm/sha512-ia64.pl
crypto/sha/asm/sha512-mips.pl
crypto/sha/asm/sha512-parisc.pl
crypto/sha/asm/sha512-ppc.pl
crypto/sha/asm/sha512-s390x.pl
crypto/sha/asm/sha512-sparcv9.pl
crypto/sha/asm/sha512-x86_64.pl
crypto/sha/asm/sha512p8-ppc.pl
crypto/sha/keccak1600.c
crypto/sha/sha1dgst.c
crypto/sha/sha256.c
crypto/sha/sha3.c
crypto/sha/sha512.c
crypto/sparse_array.c
crypto/stack/stack.c
crypto/threads_lib.c
crypto/threads_none.c
crypto/threads_pthread.c
crypto/threads_win.c
crypto/x86_64cpuid.pl
providers/common/bio_prov.c
providers/common/capabilities.c
providers/common/der/der_digests_gen.c.in
providers/common/der/der_dsa_gen.c.in
providers/common/der/der_dsa_key.c
providers/common/der/der_dsa_sig.c
providers/common/der/der_ec_gen.c.in
providers/common/der/der_ec_key.c
providers/common/der/der_ec_sig.c
providers/common/der/der_ecx_gen.c.in
providers/common/der/der_ecx_key.c
providers/common/der/der_rsa_gen.c.in
providers/common/der/der_rsa_key.c
providers/common/der/der_rsa_sig.c
providers/common/der/der_sm2_gen.c.in
providers/common/der/der_sm2_key.c
providers/common/der/der_sm2_sig.c
providers/common/der/der_wrap_gen.c.in
providers/common/digest_to_nid.c
providers/common/provider_ctx.c
providers/common/provider_err.c
providers/common/provider_seeding.c
providers/common/provider_util.c
providers/common/securitycheck.c
providers/common/securitycheck_fips.c
providers/fips/fipsprov.c
providers/fips/self_test.c
providers/fips/self_test_kats.c
providers/implementations/asymciphers/rsa_enc.c
providers/implementations/ciphers/cipher_aes.c
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
providers/implementations/ciphers/cipher_aes_ccm.c
providers/implementations/ciphers/cipher_aes_ccm_hw.c
providers/implementations/ciphers/cipher_aes_cts.c
providers/implementations/ciphers/cipher_aes_gcm.c
providers/implementations/ciphers/cipher_aes_gcm_hw.c
providers/implementations/ciphers/cipher_aes_hw.c
providers/implementations/ciphers/cipher_aes_ocb.c
providers/implementations/ciphers/cipher_aes_ocb_hw.c
providers/implementations/ciphers/cipher_aes_wrp.c
providers/implementations/ciphers/cipher_aes_xts.c
providers/implementations/ciphers/cipher_aes_xts_fips.c
providers/implementations/ciphers/cipher_aes_xts_hw.c
providers/implementations/ciphers/cipher_tdes.c
providers/implementations/ciphers/cipher_tdes_common.c
providers/implementations/ciphers/cipher_tdes_hw.c
providers/implementations/ciphers/ciphercommon.c
providers/implementations/ciphers/ciphercommon_block.c
providers/implementations/ciphers/ciphercommon_ccm.c
providers/implementations/ciphers/ciphercommon_ccm_hw.c
providers/implementations/ciphers/ciphercommon_gcm.c
providers/implementations/ciphers/ciphercommon_gcm_hw.c
providers/implementations/ciphers/ciphercommon_hw.c
providers/implementations/digests/digestcommon.c
providers/implementations/digests/sha2_prov.c
providers/implementations/digests/sha3_prov.c
providers/implementations/exchange/dh_exch.c
providers/implementations/exchange/ecdh_exch.c
providers/implementations/exchange/ecx_exch.c
providers/implementations/exchange/kdf_exch.c
providers/implementations/kdfs/hkdf.c
providers/implementations/kdfs/kbkdf.c
providers/implementations/kdfs/pbkdf2.c
providers/implementations/kdfs/pbkdf2_fips.c
providers/implementations/kdfs/sshkdf.c
providers/implementations/kdfs/sskdf.c
providers/implementations/kdfs/tls1_prf.c
providers/implementations/kdfs/x942kdf.c
providers/implementations/kem/rsa_kem.c
providers/implementations/keymgmt/dh_kmgmt.c
providers/implementations/keymgmt/dsa_kmgmt.c
providers/implementations/keymgmt/ec_kmgmt.c
providers/implementations/keymgmt/ecx_kmgmt.c
providers/implementations/keymgmt/kdf_legacy_kmgmt.c
providers/implementations/keymgmt/mac_legacy_kmgmt.c
providers/implementations/keymgmt/rsa_kmgmt.c
providers/implementations/macs/cmac_prov.c
providers/implementations/macs/gmac_prov.c
providers/implementations/macs/hmac_prov.c
providers/implementations/macs/kmac_prov.c
providers/implementations/rands/crngt.c
providers/implementations/rands/drbg.c
providers/implementations/rands/drbg_ctr.c
providers/implementations/rands/drbg_hash.c
providers/implementations/rands/drbg_hmac.c
providers/implementations/rands/test_rng.c
providers/implementations/signature/dsa_sig.c
providers/implementations/signature/ecdsa_sig.c
providers/implementations/signature/eddsa_sig.c
providers/implementations/signature/mac_legacy_sig.c
providers/implementations/signature/rsa_sig.c
ssl/record/tls_pad.c
ssl/s3_cbc.c
util/providers.num