/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <signal.h>

/* With IPv6, it looks like Digital has mixed up the proper order of
   recursive header file inclusion, resulting in the compiler complaining
   that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
   is needed to have fileno() declared correctly...  So let's define u_int */
#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
#define __U_INT
typedef unsigned int u_int;
#endif

#define USE_SOCKETS
#define NON_MAIN
#include "apps.h"
#undef USE_SOCKETS
#undef NON_MAIN
#include "s_apps.h"
#include <openssl/ssl.h>

#ifdef FLAT_INC
#include "e_os.h"
#else
#include "../e_os.h"
#endif

#ifndef OPENSSL_NO_SOCK

#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
#include "netdb.h"
#endif

static struct hostent *GetHostByName(char *name);
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
static void ssl_sock_cleanup(void);
#endif
static int ssl_sock_init(void);
static int init_client_ip(int *sock,unsigned char ip[4], int port, int type);
static int init_server(int *sock, int port, int type);
static int init_server_long(int *sock, int port,char *ip, int type);
static int do_accept(int acc_sock, int *sock, char **host);
static int host_ip(char *str, unsigned char ip[4]);

#ifdef OPENSSL_SYS_WIN16
#define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
#else
#define SOCKET_PROTOCOL	IPPROTO_TCP
#endif

#if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
static int wsa_init_done=0;
#endif

#ifdef OPENSSL_SYS_WINDOWS
static struct WSAData wsa_state;
static int wsa_init_done=0;

#ifdef OPENSSL_SYS_WIN16
static HWND topWnd=0;
static FARPROC lpTopWndProc=NULL;
static FARPROC lpTopHookProc=NULL;
extern HINSTANCE _hInstance;  /* nice global CRT provides */

static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
	     LPARAM lParam)
	{
	if (hwnd == topWnd)
		{
		switch(message)
			{
		case WM_DESTROY:
		case WM_CLOSE:
			SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
			ssl_sock_cleanup();
			break;
			}
		}
	return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
	}

static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
	{
	topWnd=hwnd;
	return(FALSE);
	}

#endif /* OPENSSL_SYS_WIN32 */
#endif /* OPENSSL_SYS_WINDOWS */

#ifdef OPENSSL_SYS_WINDOWS
static void ssl_sock_cleanup(void)
	{
	if (wsa_init_done)
		{
		wsa_init_done=0;
#ifndef OPENSSL_SYS_WINCE
		WSACancelBlockingCall();
#endif
		WSACleanup();
		}
	}
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
static void sock_cleanup(void)
    {
    if (wsa_init_done)
        {
        wsa_init_done=0;
		WSACleanup();
		}
	}
#endif

static int ssl_sock_init(void)
	{
#ifdef WATT32
	extern int _watt_do_exit;
	_watt_do_exit = 0;
	if (sock_init())
		return (0);
#elif defined(OPENSSL_SYS_WINDOWS)
	if (!wsa_init_done)
		{
		int err;
	  
#ifdef SIGINT
		signal(SIGINT,(void (*)(int))ssl_sock_cleanup);
#endif
		wsa_init_done=1;
		memset(&wsa_state,0,sizeof(wsa_state));
		if (WSAStartup(0x0101,&wsa_state)!=0)
			{
			err=WSAGetLastError();
			BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
			return(0);
			}

#ifdef OPENSSL_SYS_WIN16
		EnumTaskWindows(GetCurrentTask(),enumproc,0L);
		lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
		lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);

		SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
#endif /* OPENSSL_SYS_WIN16 */
		}
#elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
   WORD wVerReq;
   WSADATA wsaData;
   int err;

   if (!wsa_init_done)
      {
   
# ifdef SIGINT
      signal(SIGINT,(void (*)(int))sock_cleanup);
# endif

      wsa_init_done=1;
      wVerReq = MAKEWORD( 2, 0 );
      err = WSAStartup(wVerReq,&wsaData);
      if (err != 0)
         {
         BIO_printf(bio_err,"unable to start WINSOCK2, error code=%d\n",err);
         return(0);
         }
      }
#endif /* OPENSSL_SYS_WINDOWS */
	return(1);
	}

int init_client(int *sock, char *host, int port, int type)
	{
	unsigned char ip[4];
	short p=0;

	if (!host_ip(host,&(ip[0])))
		{
		return(0);
		}
	if (p != 0) port=p;
	return(init_client_ip(sock,ip,port,type));
	}

static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
	{
	unsigned long addr;
	struct sockaddr_in them;
	int s,i;

	if (!ssl_sock_init()) return(0);

	memset((char *)&them,0,sizeof(them));
	them.sin_family=AF_INET;
	them.sin_port=htons((unsigned short)port);
	addr=(unsigned long)
		((unsigned long)ip[0]<<24L)|
		((unsigned long)ip[1]<<16L)|
		((unsigned long)ip[2]<< 8L)|
		((unsigned long)ip[3]);
	them.sin_addr.s_addr=htonl(addr);

	if (type == SOCK_STREAM)
		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
	else /* ( type == SOCK_DGRAM) */
		s=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
			
	if (s == INVALID_SOCKET) { perror("socket"); return(0); }

#ifndef OPENSSL_SYS_MPE
	if (type == SOCK_STREAM)
		{
		i=0;
		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
		if (i < 0) { perror("keepalive"); return(0); }
		}
#endif

	if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
		{ close(s); perror("connect"); return(0); }
	*sock=s;
	return(1);
	}

int do_server(int port, int type, int *ret, int (*cb)(char *hostname, int s, unsigned char *conte<style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="c1">// ====================================================================</span>
<span class="c1">// Written by Andy Polyakov &lt;appro@fy.chalmers.se&gt; for the OpenSSL</span>
<span class="c1">// project.</span>
<span class="c1">//</span>
<span class="c1">// Rights for redistribution and usage in source and binary forms are</span>
<span class="c1">// granted according to the OpenSSL license. Warranty of any kind is</span>
<span class="c1">// disclaimed.</span>
<span class="c1">// ====================================================================</span>

<span class="na">.ident</span><span class="w">  </span><span class="s">&quot;rc4-ia64.S, Version 2.0&quot;</span>
<span class="na">.ident</span><span class="w">  </span><span class="s">&quot;IA-64 ISA artwork by Andy Polyakov &lt;appro@fy.chalmers.se&gt;&quot;</span>

<span class="c1">// What&#39;s wrong with compiler generated code? Because of the nature of</span>
<span class="c1">// C language, compiler doesn&#39;t [dare to] reorder load and stores. But</span>
<span class="c1">// being memory-bound, RC4 should benefit from reorder [on in-order-</span>
<span class="c1">// execution core such as IA-64]. But what can we reorder? At the very</span>
<span class="c1">// least we can safely reorder references to key schedule in respect</span>
<span class="c1">// to input and output streams. Secondly, from the first [close] glance</span>
<span class="c1">// it appeared that it&#39;s possible to pull up some references to</span>
<span class="c1">// elements of the key schedule itself. Original rationale [&quot;prior</span>
<span class="c1">// loads are not safe only for &quot;degenerated&quot; key schedule, when some</span>
<span class="c1">// elements equal to the same value&quot;] was kind of sloppy. I should have</span>
<span class="c1">// formulated as it really was: if we assume that pulling up reference</span>
<span class="c1">// to key[x+1] is not safe, then it would mean that key schedule would</span>
<span class="c1">// &quot;degenerate,&quot; which is never the case. The problem is that this</span>
<span class="c1">// holds true in respect to references to key[x], but not to key[y].</span>
<span class="c1">// Legitimate &quot;collisions&quot; do occur within every 256^2 bytes window.</span>
<span class="c1">// Fortunately there&#39;re enough free instruction slots to keep prior</span>
<span class="c1">// reference to key[x+1], detect &quot;collision&quot; and compensate for it.</span>
<span class="c1">// All this without sacrificing a single clock cycle:-) Throughput is</span>
<span class="c1">// ~210MBps on 900MHz CPU, which is is &gt;3x faster than gcc generated</span>
<span class="c1">// code and +30% - if compared to HP-UX C. Unrolling loop below should</span>
<span class="c1">// give &gt;30% on top of that...</span>

<span class="na">.text</span>
<span class="na">.explicit</span>

<span class="c1">#if defined(_HPUX_SOURCE) &amp;&amp; !defined(_LP64)</span>
<span class="c1"># define ADDP	addp4</span>
<span class="c1">#else</span>
<span class="c1"># define ADDP	add</span>
<span class="c1">#endif</span>

<span class="c1">#ifndef SZ</span>
<span class="c1">#define SZ	4	// this is set to sizeof(RC4_INT)</span>
<span class="c1">#endif</span>
<span class="c1">// SZ==4 seems to be optimal. At least SZ==8 is not any faster, not for</span>
<span class="c1">// assembler implementation, while SZ==1 code is ~30% slower.</span>
<span class="c1">#if SZ==1	// RC4_INT is unsigned char</span>
<span class="c1"># define	LDKEY	ld1</span>
<span class="c1"># define	STKEY	st1</span>
<span class="c1"># define	OFF	0</span>
<span class="c1">#elif SZ==4	// RC4_INT is unsigned int</span>
<span class="c1"># define	LDKEY	ld4</span>
<span class="c1"># define	STKEY	st4</span>
<span class="c1"># define	OFF	2</span>
<span class="c1">#elif SZ==8	// RC4_INT is unsigned long</span>
<span class="c1"># define	LDKEY	ld8</span>
<span class="c1"># define	STKEY	st8</span>
<span class="c1"># define	OFF	3</span>
<span class="c1">#endif</span>

<span class="nf">out</span><span class="err">=</span><span class="no">r8</span><span class="c1">;		// [expanded] output pointer</span>
<span class="nf">inp</span><span class="err">=</span><span class="no">r9</span><span class="c1">;		// [expanded] output pointer</span>
<span class="nf">prsave</span><span class="err">=</span><span class="no">r10</span><span class="c1">;</span>
<span class="nf">key</span><span class="err">=</span><span class="no">r28</span><span class="c1">;	// [expanded] pointer to RC4_KEY</span>
<span class="nf">ksch</span><span class="err">=</span><span class="no">r29</span><span class="c1">;	// (key-&gt;data+255)[&amp;~(sizeof(key-&gt;data)-1)]</span>
<span class="nf">xx</span><span class="err">=</span><span class="no">r30</span><span class="c1">;</span>
<span class="nf">yy</span><span class="err">=</span><span class="no">r31</span><span class="c1">;</span>

<span class="c1">// void RC4(RC4_KEY *key,size_t len,const void *inp,void *out);</span>
<span class="na">.global</span><span class="w">	</span><span class="no">RC4</span><span class="c1">#</span>
<span class="na">.proc</span><span class="w">	</span><span class="no">RC4</span><span class="c1">#</span>
<span class="na">.align</span><span class="w">	</span><span class="mi">32</span>
<span class="na">.skip</span><span class="w">	</span><span class="mi">16</span>
<span class="nl">RC4:</span>
<span class="w">	</span><span class="na">.prologue</span>
<span class="w">	</span><span class="na">.fframe</span><span class="w"> </span><span class="mi">0</span>
<span class="w">	</span><span class="na">.save</span><span class="w">   </span><span class="no">ar.pfs</span><span class="p">,</span><span class="no">r2</span>
<span class="w">	</span><span class="na">.save</span><span class="w">	</span><span class="no">ar.lc</span><span class="p">,</span><span class="no">r3</span>
<span class="w">	</span><span class="na">.save</span><span class="w">	</span><span class="no">pr</span><span class="p">,</span><span class="no">prsave</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mii</span><span class="c1">;	alloc	r2=ar.pfs,4,12,0,16</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">prsave</span><span class="err">=</span><span class="no">pr</span>
<span class="w">	</span><span class="nf">ADDP</span><span class="w">	</span><span class="no">key</span><span class="err">=</span><span class="mi">0</span><span class="p">,</span><span class="no">in0</span><span class="w">		</span><span class="p">}</span><span class="c1">;;</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	cmp.eq	p6,p0=0,in1			// len==0?</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">r3</span><span class="err">=</span><span class="no">ar.lc</span>
<span class="err">(</span><span class="nf">p6</span><span class="p">)</span><span class="w">	</span><span class="no">br.ret.spnt.many</span><span class="w">	</span><span class="no">b0</span><span class="w">	</span><span class="p">}</span><span class="c1">;;	// emergency exit</span>

<span class="w">	</span><span class="na">.body</span>
<span class="w">	</span><span class="na">.rotr</span><span class="w">	</span><span class="no">dat</span><span class="p">[</span><span class="mi">4</span><span class="p">],</span><span class="no">key_x</span><span class="p">[</span><span class="mi">4</span><span class="p">],</span><span class="no">tx</span><span class="p">[</span><span class="mi">2</span><span class="p">],</span><span class="no">rnd</span><span class="p">[</span><span class="mi">2</span><span class="p">],</span><span class="no">key_y</span><span class="p">[</span><span class="mi">2</span><span class="p">],</span><span class="no">ty</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="c1">;</span>

<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	LDKEY	xx=[key],SZ			// load key-&gt;x</span>
<span class="w">	</span><span class="nf">add</span><span class="w">	</span><span class="no">in1</span><span class="err">=</span><span class="mi">-1</span><span class="p">,</span><span class="no">in1</span><span class="w">			</span><span class="c1">// adjust len for loop counter</span>
<span class="w">	</span><span class="nf">nop.b</span><span class="w">	</span><span class="mi">0</span><span class="w">			</span><span class="p">}</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	ADDP	inp=0,in2</span>
<span class="w">	</span><span class="nf">ADDP</span><span class="w">	</span><span class="no">out</span><span class="err">=</span><span class="mi">0</span><span class="p">,</span><span class="no">in3</span>
<span class="w">	</span><span class="nf">brp.loop.imp</span><span class="w">	</span><span class="no">.Ltop</span><span class="p">,.</span><span class="no">Lexit-16</span><span class="w">	</span><span class="p">}</span><span class="c1">;;</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	LDKEY	yy=[key]			// load key-&gt;y</span>
<span class="w">	</span><span class="nf">add</span><span class="w">	</span><span class="no">ksch</span><span class="err">=</span><span class="no">SZ</span><span class="p">,</span><span class="no">key</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">ar.lc</span><span class="err">=</span><span class="no">in1</span><span class="w">		</span><span class="p">}</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	mov	key_y[1]=r0			// guarantee inequality</span>
<span class="w">						</span><span class="c1">// in first iteration</span>
<span class="w">	</span><span class="nf">add</span><span class="w">	</span><span class="no">xx</span><span class="err">=</span><span class="mi">1</span><span class="p">,</span><span class="no">xx</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">pr.rot</span><span class="err">=</span><span class="mi">1</span><span class="err">&lt;&lt;</span><span class="mi">16</span><span class="w">		</span><span class="p">}</span><span class="c1">;;</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mii</span><span class="c1">;	nop.m	0</span>
<span class="w">	</span><span class="nf">dep</span><span class="w">	</span><span class="no">key_x</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">=</span><span class="no">xx</span><span class="p">,</span><span class="no">r0</span><span class="p">,</span><span class="no">OFF</span><span class="p">,</span><span class="mi">8</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">ar.ec</span><span class="err">=</span><span class="mi">3</span><span class="w">			</span><span class="p">}</span><span class="c1">;;	// note that epilogue counter</span>
<span class="w">						</span><span class="c1">// is off by 1. I compensate</span>
<span class="w">						</span><span class="c1">// for this at exit...</span>
<span class="nl">.Ltop:</span>
<span class="c1">// The loop is scheduled for 4*(n+2) spin-rate on Itanium 2, which</span>
<span class="c1">// theoretically gives asymptotic performance of clock frequency</span>
<span class="c1">// divided by 4 bytes per seconds, or 400MBps on 1.6GHz CPU. This is</span>
<span class="c1">// for sizeof(RC4_INT)==4. For smaller RC4_INT STKEY inadvertently</span>
<span class="c1">// splits the last bundle and you end up with 5*n spin-rate:-(</span>
<span class="c1">// Originally the loop was scheduled for 3*n and relied on key</span>
<span class="c1">// schedule to be aligned at 256*sizeof(RC4_INT) boundary. But</span>
<span class="c1">// *(out++)=dat, which maps to st1, had same effect [inadvertent</span>
<span class="c1">// bundle split] and holded the loop back. Rescheduling for 4*n</span>
<span class="c1">// made it possible to eliminate dependence on specific alignment</span>
<span class="c1">// and allow OpenSSH keep &quot;abusing&quot; our API. Reaching for 3*n would</span>
<span class="c1">// require unrolling, sticking to variable shift instruction for</span>
<span class="c1">// collecting output [to avoid starvation for integer shifter] and</span>
<span class="c1">// copying of key schedule to controlled place in stack [so that</span>
<span class="c1">// deposit instruction can serve as substitute for whole</span>
<span class="c1">// key-&gt;data+((x&amp;255)&lt;&lt;log2(sizeof(key-&gt;data[0])))]...</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p19)	st1	[out]=dat[3],1			// *(out++)=dat</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p16</span><span class="p">)</span><span class="w">	</span><span class="no">add</span><span class="w">	</span><span class="no">xx</span><span class="err">=</span><span class="mi">1</span><span class="p">,</span><span class="no">xx</span><span class="w">				</span><span class="c1">// x++</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p18</span><span class="p">)</span><span class="w">	</span><span class="no">dep</span><span class="w">	</span><span class="no">rnd</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">=</span><span class="no">rnd</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span><span class="no">r0</span><span class="p">,</span><span class="no">OFF</span><span class="p">,</span><span class="mi">8</span><span class="w">	</span><span class="p">}</span><span class="w">	</span><span class="c1">// ((tx+ty)&amp;255)&lt;&lt;OFF</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p16)	add	key_x[1]=ksch,key_x[1]		// &amp;key[xx&amp;255]</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p17</span><span class="p">)</span><span class="w">	</span><span class="no">add</span><span class="w">	</span><span class="no">key_y</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="err">=</span><span class="no">ksch</span><span class="p">,</span><span class="no">key_y</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="w">	</span><span class="p">}</span><span class="c1">;;	// &amp;key[yy&amp;255]	</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p16)	LDKEY	tx[0]=[key_x[1]]		// tx=key[xx]</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p17</span><span class="p">)</span><span class="w">	</span><span class="no">LDKEY</span><span class="w">	</span><span class="no">ty</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">=</span><span class="p">[</span><span class="no">key_y</span><span class="p">[</span><span class="mi">1</span><span class="p">]]</span><span class="w">		</span><span class="c1">// ty=key[yy]	</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p16</span><span class="p">)</span><span class="w">	</span><span class="no">dep</span><span class="w">	</span><span class="no">key_x</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">=</span><span class="no">xx</span><span class="p">,</span><span class="no">r0</span><span class="p">,</span><span class="no">OFF</span><span class="p">,</span><span class="mi">8</span><span class="w">	</span><span class="p">}</span><span class="w">	</span><span class="c1">// (xx&amp;255)&lt;&lt;OFF</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p18)	add	rnd[1]=ksch,rnd[1]		// &amp;key[(tx+ty)&amp;255]</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p16</span><span class="p">)</span><span class="w">	</span><span class="no">cmp.ne.unc</span><span class="w"> </span><span class="no">p20</span><span class="p">,</span><span class="no">p21</span><span class="err">=</span><span class="no">key_x</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span><span class="no">key_y</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="c1">;;</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p18)	LDKEY	rnd[1]=[rnd[1]]			// rnd=key[(tx+ty)&amp;255]</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p16</span><span class="p">)</span><span class="w">	</span><span class="no">ld1</span><span class="w">	</span><span class="no">dat</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">=</span><span class="p">[</span><span class="no">inp</span><span class="p">],</span><span class="mi">1</span><span class="w">		</span><span class="p">}</span><span class="w">	</span><span class="c1">// dat=*(inp++)</span>
<span class="na">.pred.rel</span><span class="w">	</span><span class="s">&quot;mutex&quot;</span><span class="p">,</span><span class="no">p20</span><span class="p">,</span><span class="no">p21</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p21)	add	yy=yy,tx[1]			// (p16)</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p20</span><span class="p">)</span><span class="w">	</span><span class="no">add</span><span class="w">	</span><span class="no">yy</span><span class="err">=</span><span class="no">yy</span><span class="p">,</span><span class="no">tx</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="w">			</span><span class="c1">// (p16) y+=tx</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p21</span><span class="p">)</span><span class="w">	</span><span class="no">mov</span><span class="w">	</span><span class="no">tx</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">=</span><span class="no">tx</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="w">		</span><span class="p">}</span><span class="c1">;;	// (p16)</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmi</span><span class="c1">;	(p17)	STKEY	[key_y[1]]=tx[1]		// key[yy]=tx</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p17</span><span class="p">)</span><span class="w">	</span><span class="no">STKEY</span><span class="w">	</span><span class="p">[</span><span class="no">key_x</span><span class="p">[</span><span class="mi">2</span><span class="p">]]</span><span class="err">=</span><span class="no">ty</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="w">		</span><span class="c1">// key[xx]=ty</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p16</span><span class="p">)</span><span class="w">	</span><span class="no">dep</span><span class="w">	</span><span class="no">key_y</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="err">=</span><span class="no">yy</span><span class="p">,</span><span class="no">r0</span><span class="p">,</span><span class="no">OFF</span><span class="p">,</span><span class="mi">8</span><span class="w">	</span><span class="p">}</span><span class="w">	</span><span class="c1">// &amp;key[yy&amp;255]</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mmb</span><span class="c1">;	(p17)	add	rnd[0]=tx[1],ty[0]		// tx+=ty</span>
<span class="w">	</span><span class="err">(</span><span class="nf">p18</span><span class="p">)</span><span class="w">	</span><span class="no">xor</span><span class="w">	</span><span class="no">dat</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span><span class="err">=</span><span class="no">dat</span><span class="p">[</span><span class="mi">2</span><span class="p">],</span><span class="no">rnd</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span><span class="w">		</span><span class="c1">// dat^=rnd</span>
<span class="w">	</span><span class="nf">br.ctop.sptk</span><span class="w">	</span><span class="no">.Ltop</span><span class="w">			</span><span class="p">}</span><span class="c1">;;</span>
<span class="nl">.Lexit:</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	STKEY	[key]=yy,-SZ			// save key-&gt;y</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">pr</span><span class="err">=</span><span class="no">prsave</span><span class="p">,</span><span class="mi">0x1ffff</span>
<span class="w">	</span><span class="nf">nop.b</span><span class="w">	</span><span class="mi">0</span><span class="w">			</span><span class="p">}</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	st1	[out]=dat[3],1			// compensate for truncated</span>
<span class="w">						</span><span class="c1">// epilogue counter</span>
<span class="w">	</span><span class="nf">add</span><span class="w">	</span><span class="no">xx</span><span class="err">=</span><span class="mi">-1</span><span class="p">,</span><span class="no">xx</span>
<span class="w">	</span><span class="nf">nop.b</span><span class="w">	</span><span class="mi">0</span><span class="w">			</span><span class="p">}</span><span class="c1">;;</span>
<span class="err">{</span><span class="w"> </span><span class="na">.mib</span><span class="c1">;	STKEY	[key]=xx			// save key-&gt;x</span>
<span class="w">	</span><span class="nf">mov</span><span class="w">	</span><span class="no">ar.lc</span><span class="err">=</span><span class="no">r3</span>
<span class="w">	</span><span class="nf">br.ret.sptk.many</span><span class="w">	</span><span class="no">b0</span><span class="w">	</span><span class="p">}</span><span class="c1">;;</span>
<span class="na">.endp</span><span class="w">	</span><span class="no">RC4</span><span class="c1">#</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2025-05-19 18:00:46 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>