search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge #11726: Cleanups + nit fixes for walletdir PR
[bitcoinplatinum.git] / src / crypto / sha256_sse4.cpp
blob89f529a3abcff52044b0db662aa857518c523e80
1 // Copyright (c) 2017 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 //
5 // This is a translation to GCC extended asm syntax from YASM code by Intel
6 // (available at the bottom of this file).
7
8 #include <stdint.h>
9 #include <stdlib.h>
10
11 #if defined(__x86_64__) || defined(__amd64__)
12
13 namespace sha256_sse4
14 {
15 void Transform(uint32_t* s, const unsigned char* chunk, size_t blocks)
16 {
17 static const uint32_t K256 alignas(16) [] = {
18 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
19 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
20 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
21 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
22 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
23 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
24 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
25 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
26 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
27 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
28 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
29 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
30 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
31 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
32 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
33 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
34 };
35 static const uint32_t FLIP_MASK alignas(16) [] = {0x00010203, 0x04050607, 0x08090a0b, 0x0c0d0e0f};
36 static const uint32_t SHUF_00BA alignas(16) [] = {0x03020100, 0x0b0a0908, 0xffffffff, 0xffffffff};
37 static const uint32_t SHUF_DC00 alignas(16) [] = {0xffffffff, 0xffffffff, 0x03020100, 0x0b0a0908};
38 uint32_t a, b, c, d, f, g, h, y0, y1, y2;
39 uint64_t tbl;
40 uint64_t inp_end, inp;
41 uint32_t xfer alignas(16) [4];
42
43 __asm__ __volatile__(
44 "shl $0x6,%2;"
45 "je Ldone_hash_%=;"
46 "add %1,%2;"
47 "mov %2,%14;"
48 "mov (%0),%3;"
49 "mov 0x4(%0),%4;"
50 "mov 0x8(%0),%5;"
51 "mov 0xc(%0),%6;"
52 "mov 0x10(%0),%k2;"
53 "mov 0x14(%0),%7;"
54 "mov 0x18(%0),%8;"
55 "mov 0x1c(%0),%9;"
56 "movdqa %18,%%xmm12;"
57 "movdqa %19,%%xmm10;"
58 "movdqa %20,%%xmm11;"
59
60 "Lloop0_%=:"
61 "lea %17,%13;"
62 "movdqu (%1),%%xmm4;"
63 "pshufb %%xmm12,%%xmm4;"
64 "movdqu 0x10(%1),%%xmm5;"
65 "pshufb %%xmm12,%%xmm5;"
66 "movdqu 0x20(%1),%%xmm6;"
67 "pshufb %%xmm12,%%xmm6;"
68 "movdqu 0x30(%1),%%xmm7;"
69 "pshufb %%xmm12,%%xmm7;"
70 "mov %1,%15;"
71 "mov $3,%1;"
72
73 "Lloop1_%=:"
74 "movdqa 0x0(%13),%%xmm9;"
75 "paddd %%xmm4,%%xmm9;"
76 "movdqa %%xmm9,%16;"
77 "movdqa %%xmm7,%%xmm0;"
78 "mov %k2,%10;"
79 "ror $0xe,%10;"
80 "mov %3,%11;"
81 "palignr $0x4,%%xmm6,%%xmm0;"
82 "ror $0x9,%11;"
83 "xor %k2,%10;"
84 "mov %7,%12;"
85 "ror $0x5,%10;"
86 "movdqa %%xmm5,%%xmm1;"
87 "xor %3,%11;"
88 "xor %8,%12;"
89 "paddd %%xmm4,%%xmm0;"
90 "xor %k2,%10;"
91 "and %k2,%12;"
92 "ror $0xb,%11;"
93 "palignr $0x4,%%xmm4,%%xmm1;"
94 "xor %3,%11;"
95 "ror $0x6,%10;"
96 "xor %8,%12;"
97 "movdqa %%xmm1,%%xmm2;"
98 "ror $0x2,%11;"
99 "add %10,%12;"
100 "add %16,%12;"
101 "movdqa %%xmm1,%%xmm3;"
102 "mov %3,%10;"
103 "add %12,%9;"
104 "mov %3,%12;"
105 "pslld $0x19,%%xmm1;"
106 "or %5,%10;"
107 "add %9,%6;"
108 "and %5,%12;"
109 "psrld $0x7,%%xmm2;"
110 "and %4,%10;"
111 "add %11,%9;"
112 "por %%xmm2,%%xmm1;"
113 "or %12,%10;"
114 "add %10,%9;"
115 "movdqa %%xmm3,%%xmm2;"
116 "mov %6,%10;"
117 "mov %9,%11;"
118 "movdqa %%xmm3,%%xmm8;"
119 "ror $0xe,%10;"
120 "xor %6,%10;"
121 "mov %k2,%12;"
122 "ror $0x9,%11;"
123 "pslld $0xe,%%xmm3;"
124 "xor %9,%11;"
125 "ror $0x5,%10;"
126 "xor %7,%12;"
127 "psrld $0x12,%%xmm2;"
128 "ror $0xb,%11;"
129 "xor %6,%10;"
130 "and %6,%12;"
131 "ror $0x6,%10;"
132 "pxor %%xmm3,%%xmm1;"
133 "xor %9,%11;"
134 "xor %7,%12;"
135 "psrld $0x3,%%xmm8;"
136 "add %10,%12;"
137 "add 4+%16,%12;"
138 "ror $0x2,%11;"
139 "pxor %%xmm2,%%xmm1;"
140 "mov %9,%10;"
141 "add %12,%8;"
142 "mov %9,%12;"
143 "pxor %%xmm8,%%xmm1;"
144 "or %4,%10;"
145 "add %8,%5;"
146 "and %4,%12;"
147 "pshufd $0xfa,%%xmm7,%%xmm2;"
148 "and %3,%10;"
149 "add %11,%8;"
150 "paddd %%xmm1,%%xmm0;"
151 "or %12,%10;"
152 "add %10,%8;"
153 "movdqa %%xmm2,%%xmm3;"
154 "mov %5,%10;"
155 "mov %8,%11;"
156 "ror $0xe,%10;"
157 "movdqa %%xmm2,%%xmm8;"
158 "xor %5,%10;"
159 "ror $0x9,%11;"
160 "mov %6,%12;"
161 "xor %8,%11;"
162 "ror $0x5,%10;"
163 "psrlq $0x11,%%xmm2;"
164 "xor %k2,%12;"
165 "psrlq $0x13,%%xmm3;"
166 "xor %5,%10;"
167 "and %5,%12;"
168 "psrld $0xa,%%xmm8;"
169 "ror $0xb,%11;"
170 "xor %8,%11;"
171 "xor %k2,%12;"
172 "ror $0x6,%10;"
173 "pxor %%xmm3,%%xmm2;"
174 "add %10,%12;"
175 "ror $0x2,%11;"
176 "add 8+%16,%12;"
177 "pxor %%xmm2,%%xmm8;"
178 "mov %8,%10;"
179 "add %12,%7;"
180 "mov %8,%12;"
181 "pshufb %%xmm10,%%xmm8;"
182 "or %3,%10;"
183 "add %7,%4;"
184 "and %3,%12;"
185 "paddd %%xmm8,%%xmm0;"
186 "and %9,%10;"
187 "add %11,%7;"
188 "pshufd $0x50,%%xmm0,%%xmm2;"
189 "or %12,%10;"
190 "add %10,%7;"
191 "movdqa %%xmm2,%%xmm3;"
192 "mov %4,%10;"
193 "ror $0xe,%10;"
194 "mov %7,%11;"
195 "movdqa %%xmm2,%%xmm4;"
196 "ror $0x9,%11;"
197 "xor %4,%10;"
198 "mov %5,%12;"
199 "ror $0x5,%10;"
200 "psrlq $0x11,%%xmm2;"
201 "xor %7,%11;"
202 "xor %6,%12;"
203 "psrlq $0x13,%%xmm3;"
204 "xor %4,%10;"
205 "and %4,%12;"
206 "ror $0xb,%11;"
207 "psrld $0xa,%%xmm4;"
208 "xor %7,%11;"
209 "ror $0x6,%10;"
210 "xor %6,%12;"
211 "pxor %%xmm3,%%xmm2;"
212 "ror $0x2,%11;"
213 "add %10,%12;"
214 "add 12+%16,%12;"
215 "pxor %%xmm2,%%xmm4;"
216 "mov %7,%10;"
217 "add %12,%k2;"
218 "mov %7,%12;"
219 "pshufb %%xmm11,%%xmm4;"
220 "or %9,%10;"
221 "add %k2,%3;"
222 "and %9,%12;"
223 "paddd %%xmm0,%%xmm4;"
224 "and %8,%10;"
225 "add %11,%k2;"
226 "or %12,%10;"
227 "add %10,%k2;"
228 "movdqa 0x10(%13),%%xmm9;"
229 "paddd %%xmm5,%%xmm9;"
230 "movdqa %%xmm9,%16;"
231 "movdqa %%xmm4,%%xmm0;"
232 "mov %3,%10;"
233 "ror $0xe,%10;"
234 "mov %k2,%11;"
235 "palignr $0x4,%%xmm7,%%xmm0;"
236 "ror $0x9,%11;"
237 "xor %3,%10;"
238 "mov %4,%12;"
239 "ror $0x5,%10;"
240 "movdqa %%xmm6,%%xmm1;"
241 "xor %k2,%11;"
242 "xor %5,%12;"
243 "paddd %%xmm5,%%xmm0;"
244 "xor %3,%10;"
245 "and %3,%12;"
246 "ror $0xb,%11;"
247 "palignr $0x4,%%xmm5,%%xmm1;"
248 "xor %k2,%11;"
249 "ror $0x6,%10;"
250 "xor %5,%12;"
251 "movdqa %%xmm1,%%xmm2;"
252 "ror $0x2,%11;"
253 "add %10,%12;"
254 "add %16,%12;"
255 "movdqa %%xmm1,%%xmm3;"
256 "mov %k2,%10;"
257 "add %12,%6;"
258 "mov %k2,%12;"
259 "pslld $0x19,%%xmm1;"
260 "or %8,%10;"
261 "add %6,%9;"
262 "and %8,%12;"
263 "psrld $0x7,%%xmm2;"
264 "and %7,%10;"
265 "add %11,%6;"
266 "por %%xmm2,%%xmm1;"
267 "or %12,%10;"
268 "add %10,%6;"
269 "movdqa %%xmm3,%%xmm2;"
270 "mov %9,%10;"
271 "mov %6,%11;"
272 "movdqa %%xmm3,%%xmm8;"
273 "ror $0xe,%10;"
274 "xor %9,%10;"
275 "mov %3,%12;"
276 "ror $0x9,%11;"
277 "pslld $0xe,%%xmm3;"
278 "xor %6,%11;"
279 "ror $0x5,%10;"
280 "xor %4,%12;"
281 "psrld $0x12,%%xmm2;"
282 "ror $0xb,%11;"
283 "xor %9,%10;"
284 "and %9,%12;"
285 "ror $0x6,%10;"
286 "pxor %%xmm3,%%xmm1;"
287 "xor %6,%11;"
288 "xor %4,%12;"
289 "psrld $0x3,%%xmm8;"
290 "add %10,%12;"
291 "add 4+%16,%12;"
292 "ror $0x2,%11;"
293 "pxor %%xmm2,%%xmm1;"
294 "mov %6,%10;"
295 "add %12,%5;"
296 "mov %6,%12;"
297 "pxor %%xmm8,%%xmm1;"
298 "or %7,%10;"
299 "add %5,%8;"
300 "and %7,%12;"
301 "pshufd $0xfa,%%xmm4,%%xmm2;"
302 "and %k2,%10;"
303 "add %11,%5;"
304 "paddd %%xmm1,%%xmm0;"
305 "or %12,%10;"
306 "add %10,%5;"
307 "movdqa %%xmm2,%%xmm3;"
308 "mov %8,%10;"
309 "mov %5,%11;"
310 "ror $0xe,%10;"
311 "movdqa %%xmm2,%%xmm8;"
312 "xor %8,%10;"
313 "ror $0x9,%11;"
314 "mov %9,%12;"
315 "xor %5,%11;"
316 "ror $0x5,%10;"
317 "psrlq $0x11,%%xmm2;"
318 "xor %3,%12;"
319 "psrlq $0x13,%%xmm3;"
320 "xor %8,%10;"
321 "and %8,%12;"
322 "psrld $0xa,%%xmm8;"
323 "ror $0xb,%11;"
324 "xor %5,%11;"
325 "xor %3,%12;"
326 "ror $0x6,%10;"
327 "pxor %%xmm3,%%xmm2;"
328 "add %10,%12;"
329 "ror $0x2,%11;"
330 "add 8+%16,%12;"
331 "pxor %%xmm2,%%xmm8;"
332 "mov %5,%10;"
333 "add %12,%4;"
334 "mov %5,%12;"
335 "pshufb %%xmm10,%%xmm8;"
336 "or %k2,%10;"
337 "add %4,%7;"
338 "and %k2,%12;"
339 "paddd %%xmm8,%%xmm0;"
340 "and %6,%10;"
341 "add %11,%4;"
342 "pshufd $0x50,%%xmm0,%%xmm2;"
343 "or %12,%10;"
344 "add %10,%4;"
345 "movdqa %%xmm2,%%xmm3;"
346 "mov %7,%10;"
347 "ror $0xe,%10;"
348 "mov %4,%11;"
349 "movdqa %%xmm2,%%xmm5;"
350 "ror $0x9,%11;"
351 "xor %7,%10;"
352 "mov %8,%12;"
353 "ror $0x5,%10;"
354 "psrlq $0x11,%%xmm2;"
355 "xor %4,%11;"
356 "xor %9,%12;"
357 "psrlq $0x13,%%xmm3;"
358 "xor %7,%10;"
359 "and %7,%12;"
360 "ror $0xb,%11;"
361 "psrld $0xa,%%xmm5;"
362 "xor %4,%11;"
363 "ror $0x6,%10;"
364 "xor %9,%12;"
365 "pxor %%xmm3,%%xmm2;"
366 "ror $0x2,%11;"
367 "add %10,%12;"
368 "add 12+%16,%12;"
369 "pxor %%xmm2,%%xmm5;"
370 "mov %4,%10;"
371 "add %12,%3;"
372 "mov %4,%12;"
373 "pshufb %%xmm11,%%xmm5;"
374 "or %6,%10;"
375 "add %3,%k2;"
376 "and %6,%12;"
377 "paddd %%xmm0,%%xmm5;"
378 "and %5,%10;"
379 "add %11,%3;"
380 "or %12,%10;"
381 "add %10,%3;"
382 "movdqa 0x20(%13),%%xmm9;"
383 "paddd %%xmm6,%%xmm9;"
384 "movdqa %%xmm9,%16;"
385 "movdqa %%xmm5,%%xmm0;"
386 "mov %k2,%10;"
387 "ror $0xe,%10;"
388 "mov %3,%11;"
389 "palignr $0x4,%%xmm4,%%xmm0;"
390 "ror $0x9,%11;"
391 "xor %k2,%10;"
392 "mov %7,%12;"
393 "ror $0x5,%10;"
394 "movdqa %%xmm7,%%xmm1;"
395 "xor %3,%11;"
396 "xor %8,%12;"
397 "paddd %%xmm6,%%xmm0;"
398 "xor %k2,%10;"
399 "and %k2,%12;"
400 "ror $0xb,%11;"
401 "palignr $0x4,%%xmm6,%%xmm1;"
402 "xor %3,%11;"
403 "ror $0x6,%10;"
404 "xor %8,%12;"
405 "movdqa %%xmm1,%%xmm2;"
406 "ror $0x2,%11;"
407 "add %10,%12;"
408 "add %16,%12;"
409 "movdqa %%xmm1,%%xmm3;"
410 "mov %3,%10;"
411 "add %12,%9;"
412 "mov %3,%12;"
413 "pslld $0x19,%%xmm1;"
414 "or %5,%10;"
415 "add %9,%6;"
416 "and %5,%12;"
417 "psrld $0x7,%%xmm2;"
418 "and %4,%10;"
419 "add %11,%9;"
420 "por %%xmm2,%%xmm1;"
421 "or %12,%10;"
422 "add %10,%9;"
423 "movdqa %%xmm3,%%xmm2;"
424 "mov %6,%10;"
425 "mov %9,%11;"
426 "movdqa %%xmm3,%%xmm8;"
427 "ror $0xe,%10;"
428 "xor %6,%10;"
429 "mov %k2,%12;"
430 "ror $0x9,%11;"
431 "pslld $0xe,%%xmm3;"
432 "xor %9,%11;"
433 "ror $0x5,%10;"
434 "xor %7,%12;"
435 "psrld $0x12,%%xmm2;"
436 "ror $0xb,%11;"
437 "xor %6,%10;"
438 "and %6,%12;"
439 "ror $0x6,%10;"
440 "pxor %%xmm3,%%xmm1;"
441 "xor %9,%11;"
442 "xor %7,%12;"
443 "psrld $0x3,%%xmm8;"
444 "add %10,%12;"
445 "add 4+%16,%12;"
446 "ror $0x2,%11;"
447 "pxor %%xmm2,%%xmm1;"
448 "mov %9,%10;"
449 "add %12,%8;"
450 "mov %9,%12;"
451 "pxor %%xmm8,%%xmm1;"
452 "or %4,%10;"
453 "add %8,%5;"
454 "and %4,%12;"
455 "pshufd $0xfa,%%xmm5,%%xmm2;"
456 "and %3,%10;"
457 "add %11,%8;"
458 "paddd %%xmm1,%%xmm0;"
459 "or %12,%10;"
460 "add %10,%8;"
461 "movdqa %%xmm2,%%xmm3;"
462 "mov %5,%10;"
463 "mov %8,%11;"
464 "ror $0xe,%10;"
465 "movdqa %%xmm2,%%xmm8;"
466 "xor %5,%10;"
467 "ror $0x9,%11;"
468 "mov %6,%12;"
469 "xor %8,%11;"
470 "ror $0x5,%10;"
471 "psrlq $0x11,%%xmm2;"
472 "xor %k2,%12;"
473 "psrlq $0x13,%%xmm3;"
474 "xor %5,%10;"
475 "and %5,%12;"
476 "psrld $0xa,%%xmm8;"
477 "ror $0xb,%11;"
478 "xor %8,%11;"
479 "xor %k2,%12;"
480 "ror $0x6,%10;"
481 "pxor %%xmm3,%%xmm2;"
482 "add %10,%12;"
483 "ror $0x2,%11;"
484 "add 8+%16,%12;"
485 "pxor %%xmm2,%%xmm8;"
486 "mov %8,%10;"
487 "add %12,%7;"
488 "mov %8,%12;"
489 "pshufb %%xmm10,%%xmm8;"
490 "or %3,%10;"
491 "add %7,%4;"
492 "and %3,%12;"
493 "paddd %%xmm8,%%xmm0;"
494 "and %9,%10;"
495 "add %11,%7;"
496 "pshufd $0x50,%%xmm0,%%xmm2;"
497 "or %12,%10;"
498 "add %10,%7;"
499 "movdqa %%xmm2,%%xmm3;"
500 "mov %4,%10;"
501 "ror $0xe,%10;"
502 "mov %7,%11;"
503 "movdqa %%xmm2,%%xmm6;"
504 "ror $0x9,%11;"
505 "xor %4,%10;"
506 "mov %5,%12;"
507 "ror $0x5,%10;"
508 "psrlq $0x11,%%xmm2;"
509 "xor %7,%11;"
510 "xor %6,%12;"
511 "psrlq $0x13,%%xmm3;"
512 "xor %4,%10;"
513 "and %4,%12;"
514 "ror $0xb,%11;"
515 "psrld $0xa,%%xmm6;"
516 "xor %7,%11;"
517 "ror $0x6,%10;"
518 "xor %6,%12;"
519 "pxor %%xmm3,%%xmm2;"
520 "ror $0x2,%11;"
521 "add %10,%12;"
522 "add 12+%16,%12;"
523 "pxor %%xmm2,%%xmm6;"
524 "mov %7,%10;"
525 "add %12,%k2;"
526 "mov %7,%12;"
527 "pshufb %%xmm11,%%xmm6;"
528 "or %9,%10;"
529 "add %k2,%3;"
530 "and %9,%12;"
531 "paddd %%xmm0,%%xmm6;"
532 "and %8,%10;"
533 "add %11,%k2;"
534 "or %12,%10;"
535 "add %10,%k2;"
536 "movdqa 0x30(%13),%%xmm9;"
537 "paddd %%xmm7,%%xmm9;"
538 "movdqa %%xmm9,%16;"
539 "add $0x40,%13;"
540 "movdqa %%xmm6,%%xmm0;"
541 "mov %3,%10;"
542 "ror $0xe,%10;"
543 "mov %k2,%11;"
544 "palignr $0x4,%%xmm5,%%xmm0;"
545 "ror $0x9,%11;"
546 "xor %3,%10;"
547 "mov %4,%12;"
548 "ror $0x5,%10;"
549 "movdqa %%xmm4,%%xmm1;"
550 "xor %k2,%11;"
551 "xor %5,%12;"
552 "paddd %%xmm7,%%xmm0;"
553 "xor %3,%10;"
554 "and %3,%12;"
555 "ror $0xb,%11;"
556 "palignr $0x4,%%xmm7,%%xmm1;"
557 "xor %k2,%11;"
558 "ror $0x6,%10;"
559 "xor %5,%12;"
560 "movdqa %%xmm1,%%xmm2;"
561 "ror $0x2,%11;"
562 "add %10,%12;"
563 "add %16,%12;"
564 "movdqa %%xmm1,%%xmm3;"
565 "mov %k2,%10;"
566 "add %12,%6;"
567 "mov %k2,%12;"
568 "pslld $0x19,%%xmm1;"
569 "or %8,%10;"
570 "add %6,%9;"
571 "and %8,%12;"
572 "psrld $0x7,%%xmm2;"
573 "and %7,%10;"
574 "add %11,%6;"
575 "por %%xmm2,%%xmm1;"
576 "or %12,%10;"
577 "add %10,%6;"
578 "movdqa %%xmm3,%%xmm2;"
579 "mov %9,%10;"
580 "mov %6,%11;"
581 "movdqa %%xmm3,%%xmm8;"
582 "ror $0xe,%10;"
583 "xor %9,%10;"
584 "mov %3,%12;"
585 "ror $0x9,%11;"
586 "pslld $0xe,%%xmm3;"
587 "xor %6,%11;"
588 "ror $0x5,%10;"
589 "xor %4,%12;"
590 "psrld $0x12,%%xmm2;"
591 "ror $0xb,%11;"
592 "xor %9,%10;"
593 "and %9,%12;"
594 "ror $0x6,%10;"
595 "pxor %%xmm3,%%xmm1;"
596 "xor %6,%11;"
597 "xor %4,%12;"
598 "psrld $0x3,%%xmm8;"
599 "add %10,%12;"
600 "add 4+%16,%12;"
601 "ror $0x2,%11;"
602 "pxor %%xmm2,%%xmm1;"
603 "mov %6,%10;"
604 "add %12,%5;"
605 "mov %6,%12;"
606 "pxor %%xmm8,%%xmm1;"
607 "or %7,%10;"
608 "add %5,%8;"
609 "and %7,%12;"
610 "pshufd $0xfa,%%xmm6,%%xmm2;"
611 "and %k2,%10;"
612 "add %11,%5;"
613 "paddd %%xmm1,%%xmm0;"
614 "or %12,%10;"
615 "add %10,%5;"
616 "movdqa %%xmm2,%%xmm3;"
617 "mov %8,%10;"
618 "mov %5,%11;"
619 "ror $0xe,%10;"
620 "movdqa %%xmm2,%%xmm8;"
621 "xor %8,%10;"
622 "ror $0x9,%11;"
623 "mov %9,%12;"
624 "xor %5,%11;"
625 "ror $0x5,%10;"
626 "psrlq $0x11,%%xmm2;"
627 "xor %3,%12;"
628 "psrlq $0x13,%%xmm3;"
629 "xor %8,%10;"
630 "and %8,%12;"
631 "psrld $0xa,%%xmm8;"
632 "ror $0xb,%11;"
633 "xor %5,%11;"
634 "xor %3,%12;"
635 "ror $0x6,%10;"
636 "pxor %%xmm3,%%xmm2;"
637 "add %10,%12;"
638 "ror $0x2,%11;"
639 "add 8+%16,%12;"
640 "pxor %%xmm2,%%xmm8;"
641 "mov %5,%10;"
642 "add %12,%4;"
643 "mov %5,%12;"
644 "pshufb %%xmm10,%%xmm8;"
645 "or %k2,%10;"
646 "add %4,%7;"
647 "and %k2,%12;"
648 "paddd %%xmm8,%%xmm0;"
649 "and %6,%10;"
650 "add %11,%4;"
651 "pshufd $0x50,%%xmm0,%%xmm2;"
652 "or %12,%10;"
653 "add %10,%4;"
654 "movdqa %%xmm2,%%xmm3;"
655 "mov %7,%10;"
656 "ror $0xe,%10;"
657 "mov %4,%11;"
658 "movdqa %%xmm2,%%xmm7;"
659 "ror $0x9,%11;"
660 "xor %7,%10;"
661 "mov %8,%12;"
662 "ror $0x5,%10;"
663 "psrlq $0x11,%%xmm2;"
664 "xor %4,%11;"
665 "xor %9,%12;"
666 "psrlq $0x13,%%xmm3;"
667 "xor %7,%10;"
668 "and %7,%12;"
669 "ror $0xb,%11;"
670 "psrld $0xa,%%xmm7;"
671 "xor %4,%11;"
672 "ror $0x6,%10;"
673 "xor %9,%12;"
674 "pxor %%xmm3,%%xmm2;"
675 "ror $0x2,%11;"
676 "add %10,%12;"
677 "add 12+%16,%12;"
678 "pxor %%xmm2,%%xmm7;"
679 "mov %4,%10;"
680 "add %12,%3;"
681 "mov %4,%12;"
682 "pshufb %%xmm11,%%xmm7;"
683 "or %6,%10;"
684 "add %3,%k2;"
685 "and %6,%12;"
686 "paddd %%xmm0,%%xmm7;"
687 "and %5,%10;"
688 "add %11,%3;"
689 "or %12,%10;"
690 "add %10,%3;"
691 "sub $0x1,%1;"
692 "jne Lloop1_%=;"
693 "mov $0x2,%1;"
694
695 "Lloop2_%=:"
696 "paddd 0x0(%13),%%xmm4;"
697 "movdqa %%xmm4,%16;"
698 "mov %k2,%10;"
699 "ror $0xe,%10;"
700 "mov %3,%11;"
701 "xor %k2,%10;"
702 "ror $0x9,%11;"
703 "mov %7,%12;"
704 "xor %3,%11;"
705 "ror $0x5,%10;"
706 "xor %8,%12;"
707 "xor %k2,%10;"
708 "ror $0xb,%11;"
709 "and %k2,%12;"
710 "xor %3,%11;"
711 "ror $0x6,%10;"
712 "xor %8,%12;"
713 "add %10,%12;"
714 "ror $0x2,%11;"
715 "add %16,%12;"
716 "mov %3,%10;"
717 "add %12,%9;"
718 "mov %3,%12;"
719 "or %5,%10;"
720 "add %9,%6;"
721 "and %5,%12;"
722 "and %4,%10;"
723 "add %11,%9;"
724 "or %12,%10;"
725 "add %10,%9;"
726 "mov %6,%10;"
727 "ror $0xe,%10;"
728 "mov %9,%11;"
729 "xor %6,%10;"
730 "ror $0x9,%11;"
731 "mov %k2,%12;"
732 "xor %9,%11;"
733 "ror $0x5,%10;"
734 "xor %7,%12;"
735 "xor %6,%10;"
736 "ror $0xb,%11;"
737 "and %6,%12;"
738 "xor %9,%11;"
739 "ror $0x6,%10;"
740 "xor %7,%12;"
741 "add %10,%12;"
742 "ror $0x2,%11;"
743 "add 4+%16,%12;"
744 "mov %9,%10;"
745 "add %12,%8;"
746 "mov %9,%12;"
747 "or %4,%10;"
748 "add %8,%5;"
749 "and %4,%12;"
750 "and %3,%10;"
751 "add %11,%8;"
752 "or %12,%10;"
753 "add %10,%8;"
754 "mov %5,%10;"
755 "ror $0xe,%10;"
756 "mov %8,%11;"
757 "xor %5,%10;"
758 "ror $0x9,%11;"
759 "mov %6,%12;"
760 "xor %8,%11;"
761 "ror $0x5,%10;"
762 "xor %k2,%12;"
763 "xor %5,%10;"
764 "ror $0xb,%11;"
765 "and %5,%12;"
766 "xor %8,%11;"
767 "ror $0x6,%10;"
768 "xor %k2,%12;"
769 "add %10,%12;"
770 "ror $0x2,%11;"
771 "add 8+%16,%12;"
772 "mov %8,%10;"
773 "add %12,%7;"
774 "mov %8,%12;"
775 "or %3,%10;"
776 "add %7,%4;"
777 "and %3,%12;"
778 "and %9,%10;"
779 "add %11,%7;"
780 "or %12,%10;"
781 "add %10,%7;"
782 "mov %4,%10;"
783 "ror $0xe,%10;"
784 "mov %7,%11;"
785 "xor %4,%10;"
786 "ror $0x9,%11;"
787 "mov %5,%12;"
788 "xor %7,%11;"
789 "ror $0x5,%10;"
790 "xor %6,%12;"
791 "xor %4,%10;"
792 "ror $0xb,%11;"
793 "and %4,%12;"
794 "xor %7,%11;"
795 "ror $0x6,%10;"
796 "xor %6,%12;"
797 "add %10,%12;"
798 "ror $0x2,%11;"
799 "add 12+%16,%12;"
800 "mov %7,%10;"
801 "add %12,%k2;"
802 "mov %7,%12;"
803 "or %9,%10;"
804 "add %k2,%3;"
805 "and %9,%12;"
806 "and %8,%10;"
807 "add %11,%k2;"
808 "or %12,%10;"
809 "add %10,%k2;"
810 "paddd 0x10(%13),%%xmm5;"
811 "movdqa %%xmm5,%16;"
812 "add $0x20,%13;"
813 "mov %3,%10;"
814 "ror $0xe,%10;"
815 "mov %k2,%11;"
816 "xor %3,%10;"
817 "ror $0x9,%11;"
818 "mov %4,%12;"
819 "xor %k2,%11;"
820 "ror $0x5,%10;"
821 "xor %5,%12;"
822 "xor %3,%10;"
823 "ror $0xb,%11;"
824 "and %3,%12;"
825 "xor %k2,%11;"
826 "ror $0x6,%10;"
827 "xor %5,%12;"
828 "add %10,%12;"
829 "ror $0x2,%11;"
830 "add %16,%12;"
831 "mov %k2,%10;"
832 "add %12,%6;"
833 "mov %k2,%12;"
834 "or %8,%10;"
835 "add %6,%9;"
836 "and %8,%12;"
837 "and %7,%10;"
838 "add %11,%6;"
839 "or %12,%10;"
840 "add %10,%6;"
841 "mov %9,%10;"
842 "ror $0xe,%10;"
843 "mov %6,%11;"
844 "xor %9,%10;"
845 "ror $0x9,%11;"
846 "mov %3,%12;"
847 "xor %6,%11;"
848 "ror $0x5,%10;"
849 "xor %4,%12;"
850 "xor %9,%10;"
851 "ror $0xb,%11;"
852 "and %9,%12;"
853 "xor %6,%11;"
854 "ror $0x6,%10;"
855 "xor %4,%12;"
856 "add %10,%12;"
857 "ror $0x2,%11;"
858 "add 4+%16,%12;"
859 "mov %6,%10;"
860 "add %12,%5;"
861 "mov %6,%12;"
862 "or %7,%10;"
863 "add %5,%8;"
864 "and %7,%12;"
865 "and %k2,%10;"
866 "add %11,%5;"
867 "or %12,%10;"
868 "add %10,%5;"
869 "mov %8,%10;"
870 "ror $0xe,%10;"
871 "mov %5,%11;"
872 "xor %8,%10;"
873 "ror $0x9,%11;"
874 "mov %9,%12;"
875 "xor %5,%11;"
876 "ror $0x5,%10;"
877 "xor %3,%12;"
878 "xor %8,%10;"
879 "ror $0xb,%11;"
880 "and %8,%12;"
881 "xor %5,%11;"
882 "ror $0x6,%10;"
883 "xor %3,%12;"
884 "add %10,%12;"
885 "ror $0x2,%11;"
886 "add 8+%16,%12;"
887 "mov %5,%10;"
888 "add %12,%4;"
889 "mov %5,%12;"
890 "or %k2,%10;"
891 "add %4,%7;"
892 "and %k2,%12;"
893 "and %6,%10;"
894 "add %11,%4;"
895 "or %12,%10;"
896 "add %10,%4;"
897 "mov %7,%10;"
898 "ror $0xe,%10;"
899 "mov %4,%11;"
900 "xor %7,%10;"
901 "ror $0x9,%11;"
902 "mov %8,%12;"
903 "xor %4,%11;"
904 "ror $0x5,%10;"
905 "xor %9,%12;"
906 "xor %7,%10;"
907 "ror $0xb,%11;"
908 "and %7,%12;"
909 "xor %4,%11;"
910 "ror $0x6,%10;"
911 "xor %9,%12;"
912 "add %10,%12;"
913 "ror $0x2,%11;"
914 "add 12+%16,%12;"
915 "mov %4,%10;"
916 "add %12,%3;"
917 "mov %4,%12;"
918 "or %6,%10;"
919 "add %3,%k2;"
920 "and %6,%12;"
921 "and %5,%10;"
922 "add %11,%3;"
923 "or %12,%10;"
924 "add %10,%3;"
925 "movdqa %%xmm6,%%xmm4;"
926 "movdqa %%xmm7,%%xmm5;"
927 "sub $0x1,%1;"
928 "jne Lloop2_%=;"
929 "add (%0),%3;"
930 "mov %3,(%0);"
931 "add 0x4(%0),%4;"
932 "mov %4,0x4(%0);"
933 "add 0x8(%0),%5;"
934 "mov %5,0x8(%0);"
935 "add 0xc(%0),%6;"
936 "mov %6,0xc(%0);"
937 "add 0x10(%0),%k2;"
938 "mov %k2,0x10(%0);"
939 "add 0x14(%0),%7;"
940 "mov %7,0x14(%0);"
941 "add 0x18(%0),%8;"
942 "mov %8,0x18(%0);"
943 "add 0x1c(%0),%9;"
944 "mov %9,0x1c(%0);"
945 "mov %15,%1;"
946 "add $0x40,%1;"
947 "cmp %14,%1;"
948 "jne Lloop0_%=;"
949
950 "Ldone_hash_%=:"
951
952 : "+r"(s), "+r"(chunk), "+r"(blocks), "=r"(a), "=r"(b), "=r"(c), "=r"(d), /* e = chunk */ "=r"(f), "=r"(g), "=r"(h), "=r"(y0), "=r"(y1), "=r"(y2), "=r"(tbl), "+m"(inp_end), "+m"(inp), "+m"(xfer)
953 : "m"(K256), "m"(FLIP_MASK), "m"(SHUF_00BA), "m"(SHUF_DC00)
954 : "cc", "memory", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5", "xmm6", "xmm7", "xmm8", "xmm9", "xmm10", "xmm11", "xmm12"
955 );
956 }
957 }
958
959 /*
960 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
961 ; Copyright (c) 2012, Intel Corporation
962 ;
963 ; All rights reserved.
964 ;
965 ; Redistribution and use in source and binary forms, with or without
966 ; modification, are permitted provided that the following conditions are
967 ; met:
968 ;
969 ; * Redistributions of source code must retain the above copyright
970 ; notice, this list of conditions and the following disclaimer.
971 ;
972 ; * Redistributions in binary form must reproduce the above copyright
973 ; notice, this list of conditions and the following disclaimer in the
974 ; documentation and/or other materials provided with the
975 ; distribution.
976 ;
977 ; * Neither the name of the Intel Corporation nor the names of its
978 ; contributors may be used to endorse or promote products derived from
979 ; this software without specific prior written permission.
980 ;
981 ;
982 ; THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS" AND ANY
983 ; EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
984 ; IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
985 ; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR
986 ; CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
987 ; EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
988 ; PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
989 ; PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
990 ; LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
991 ; NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
992 ; SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
993 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
994 ;
995 ; Example YASM command lines:
996 ; Windows: yasm -Xvc -f x64 -rnasm -pnasm -o sha256_sse4.obj -g cv8 sha256_sse4.asm
997 ; Linux: yasm -f x64 -f elf64 -X gnu -g dwarf2 -D LINUX -o sha256_sse4.o sha256_sse4.asm
998 ;
999 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1000 ;
1001 ; This code is described in an Intel White-Paper:
1002 ; "Fast SHA-256 Implementations on Intel Architecture Processors"
1003 ;
1004 ; To find it, surf to http://www.intel.com/p/en_US/embedded
1005 ; and search for that title.
1006 ; The paper is expected to be released roughly at the end of April, 2012
1007 ;
1008 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1009 ; This code schedules 1 blocks at a time, with 4 lanes per block
1010 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1011
1012 %define MOVDQ movdqu ;; assume buffers not aligned
1013
1014 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Define Macros
1015
1016 ; addm [mem], reg
1017 ; Add reg to mem using reg-mem add and store
1018 %macro addm 2
1019 add %2, %1
1020 mov %1, %2
1021 %endm
1022
1023 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1024
1025 ; COPY_XMM_AND_BSWAP xmm, [mem], byte_flip_mask
1026 ; Load xmm with mem and byte swap each dword
1027 %macro COPY_XMM_AND_BSWAP 3
1028 MOVDQ %1, %2
1029 pshufb %1, %3
1030 %endmacro
1031
1032 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1033
1034 %define X0 xmm4
1035 %define X1 xmm5
1036 %define X2 xmm6
1037 %define X3 xmm7
1038
1039 %define XTMP0 xmm0
1040 %define XTMP1 xmm1
1041 %define XTMP2 xmm2
1042 %define XTMP3 xmm3
1043 %define XTMP4 xmm8
1044 %define XFER xmm9
1045
1046 %define SHUF_00BA xmm10 ; shuffle xBxA -> 00BA
1047 %define SHUF_DC00 xmm11 ; shuffle xDxC -> DC00
1048 %define BYTE_FLIP_MASK xmm12
1049
1050 %ifdef LINUX
1051 %define NUM_BLKS rdx ; 3rd arg
1052 %define CTX rsi ; 2nd arg
1053 %define INP rdi ; 1st arg
1054
1055 %define SRND rdi ; clobbers INP
1056 %define c ecx
1057 %define d r8d
1058 %define e edx
1059 %else
1060 %define NUM_BLKS r8 ; 3rd arg
1061 %define CTX rdx ; 2nd arg
1062 %define INP rcx ; 1st arg
1063
1064 %define SRND rcx ; clobbers INP
1065 %define c edi
1066 %define d esi
1067 %define e r8d
1068
1069 %endif
1070 %define TBL rbp
1071 %define a eax
1072 %define b ebx
1073
1074 %define f r9d
1075 %define g r10d
1076 %define h r11d
1077
1078 %define y0 r13d
1079 %define y1 r14d
1080 %define y2 r15d
1081
1082
1083
1084 _INP_END_SIZE equ 8
1085 _INP_SIZE equ 8
1086 _XFER_SIZE equ 8
1087 %ifdef LINUX
1088 _XMM_SAVE_SIZE equ 0
1089 %else
1090 _XMM_SAVE_SIZE equ 7*16
1091 %endif
1092 ; STACK_SIZE plus pushes must be an odd multiple of 8
1093 _ALIGN_SIZE equ 8
1094
1095 _INP_END equ 0
1096 _INP equ _INP_END + _INP_END_SIZE
1097 _XFER equ _INP + _INP_SIZE
1098 _XMM_SAVE equ _XFER + _XFER_SIZE + _ALIGN_SIZE
1099 STACK_SIZE equ _XMM_SAVE + _XMM_SAVE_SIZE
1100
1101 ; rotate_Xs
1102 ; Rotate values of symbols X0...X3
1103 %macro rotate_Xs 0
1104 %xdefine X_ X0
1105 %xdefine X0 X1
1106 %xdefine X1 X2
1107 %xdefine X2 X3
1108 %xdefine X3 X_
1109 %endm
1110
1111 ; ROTATE_ARGS
1112 ; Rotate values of symbols a...h
1113 %macro ROTATE_ARGS 0
1114 %xdefine TMP_ h
1115 %xdefine h g
1116 %xdefine g f
1117 %xdefine f e
1118 %xdefine e d
1119 %xdefine d c
1120 %xdefine c b
1121 %xdefine b a
1122 %xdefine a TMP_
1123 %endm
1124
1125 %macro FOUR_ROUNDS_AND_SCHED 0
1126 ;; compute s0 four at a time and s1 two at a time
1127 ;; compute W[-16] + W[-7] 4 at a time
1128 movdqa XTMP0, X3
1129 mov y0, e ; y0 = e
1130 ror y0, (25-11) ; y0 = e >> (25-11)
1131 mov y1, a ; y1 = a
1132 palignr XTMP0, X2, 4 ; XTMP0 = W[-7]
1133 ror y1, (22-13) ; y1 = a >> (22-13)
1134 xor y0, e ; y0 = e ^ (e >> (25-11))
1135 mov y2, f ; y2 = f
1136 ror y0, (11-6) ; y0 = (e >> (11-6)) ^ (e >> (25-6))
1137 movdqa XTMP1, X1
1138 xor y1, a ; y1 = a ^ (a >> (22-13)
1139 xor y2, g ; y2 = f^g
1140 paddd XTMP0, X0 ; XTMP0 = W[-7] + W[-16]
1141 xor y0, e ; y0 = e ^ (e >> (11-6)) ^ (e >> (25-6))
1142 and y2, e ; y2 = (f^g)&e
1143 ror y1, (13-2) ; y1 = (a >> (13-2)) ^ (a >> (22-2))
1144 ;; compute s0
1145 palignr XTMP1, X0, 4 ; XTMP1 = W[-15]
1146 xor y1, a ; y1 = a ^ (a >> (13-2)) ^ (a >> (22-2))
1147 ror y0, 6 ; y0 = S1 = (e>>6) & (e>>11) ^ (e>>25)
1148 xor y2, g ; y2 = CH = ((f^g)&e)^g
1149 movdqa XTMP2, XTMP1 ; XTMP2 = W[-15]
1150 ror y1, 2 ; y1 = S0 = (a>>2) ^ (a>>13) ^ (a>>22)
1151 add y2, y0 ; y2 = S1 + CH
1152 add y2, [rsp + _XFER + 0*4] ; y2 = k + w + S1 + CH
1153 movdqa XTMP3, XTMP1 ; XTMP3 = W[-15]
1154 mov y0, a ; y0 = a
1155 add h, y2 ; h = h + S1 + CH + k + w
1156 mov y2, a ; y2 = a
1157 pslld XTMP1, (32-7)
1158 or y0, c ; y0 = a|c
1159 add d, h ; d = d + h + S1 + CH + k + w
1160 and y2, c ; y2 = a&c
1161 psrld XTMP2, 7
1162 and y0, b ; y0 = (a|c)&b
1163 add h, y1 ; h = h + S1 + CH + k + w + S0
1164 por XTMP1, XTMP2 ; XTMP1 = W[-15] ror 7
1165 or y0, y2 ; y0 = MAJ = (a|c)&b)|(a&c)
1166 add h, y0 ; h = h + S1 + CH + k + w + S0 + MAJ
1167
1168 ROTATE_ARGS
1169 movdqa XTMP2, XTMP3 ; XTMP2 = W[-15]
1170 mov y0, e ; y0 = e
1171 mov y1, a ; y1 = a
1172 movdqa XTMP4, XTMP3 ; XTMP4 = W[-15]
1173 ror y0, (25-11) ; y0 = e >> (25-11)
1174 xor y0, e ; y0 = e ^ (e >> (25-11))
1175 mov y2, f ; y2 = f
1176 ror y1, (22-13) ; y1 = a >> (22-13)
1177 pslld XTMP3, (32-18)
1178 xor y1, a ; y1 = a ^ (a >> (22-13)
1179 ror y0, (11-6) ; y0 = (e >> (11-6)) ^ (e >> (25-6))
1180 xor y2, g ; y2 = f^g
1181 psrld XTMP2, 18
1182 ror y1, (13-2) ; y1 = (a >> (13-2)) ^ (a >> (22-2))
1183 xor y0, e ; y0 = e ^ (e >> (11-6)) ^ (e >> (25-6))
1184 and y2, e ; y2 = (f^g)&e
1185 ror y0, 6 ; y0 = S1 = (e>>6) & (e>>11) ^ (e>>25)
1186 pxor XTMP1, XTMP3
1187 xor y1, a ; y1 = a ^ (a >> (13-2)) ^ (a >> (22-2))
1188 xor y2, g ; y2 = CH = ((f^g)&e)^g
1189 psrld XTMP4, 3 ; XTMP4 = W[-15] >> 3
1190 add y2, y0 ; y2 = S1 + CH
1191 add y2, [rsp + _XFER + 1*4] ; y2 = k + w + S1 + CH
1192 ror y1, 2 ; y1 = S0 = (a>>2) ^ (a>>13) ^ (a>>22)
1193 pxor XTMP1, XTMP2 ; XTMP1 = W[-15] ror 7 ^ W[-15] ror 18
1194 mov y0, a ; y0 = a
1195 add h, y2 ; h = h + S1 + CH + k + w
1196 mov y2, a ; y2 = a
1197 pxor XTMP1, XTMP4 ; XTMP1 = s0
1198 or y0, c ; y0 = a|c
1199 add d, h ; d = d + h + S1 + CH + k + w
1200 and y2, c ; y2 = a&c
1201 ;; compute low s1
1202 pshufd XTMP2, X3, 11111010b ; XTMP2 = W[-2] {BBAA}
1203 and y0, b ; y0 = (a|c)&b
1204 add h, y1 ; h = h + S1 + CH + k + w + S0
1205 paddd XTMP0, XTMP1 ; XTMP0 = W[-16] + W[-7] + s0
1206 or y0, y2 ; y0 = MAJ = (a|c)&b)|(a&c)
1207 add h, y0 ; h = h + S1 + CH + k + w + S0 + MAJ
1208
1209 ROTATE_ARGS
1210 movdqa XTMP3, XTMP2 ; XTMP3 = W[-2] {BBAA}
1211 mov y0, e ; y0 = e
1212 mov y1, a ; y1 = a
1213 ror y0, (25-11) ; y0 = e >> (25-11)
1214 movdqa XTMP4, XTMP2 ; XTMP4 = W[-2] {BBAA}
1215 xor y0, e ; y0 = e ^ (e >> (25-11))
1216 ror y1, (22-13) ; y1 = a >> (22-13)
1217 mov y2, f ; y2 = f
1218 xor y1, a ; y1 = a ^ (a >> (22-13)
1219 ror y0, (11-6) ; y0 = (e >> (11-6)) ^ (e >> (25-6))
1220 psrlq XTMP2, 17 ; XTMP2 = W[-2] ror 17 {xBxA}
1221 xor y2, g ; y2 = f^g
1222 psrlq XTMP3, 19 ; XTMP3 = W[-2] ror 19 {xBxA}
1223 xor y0, e ; y0 = e ^ (e >> (11-6)) ^ (e >> (25-6))
1224 and y2, e ; y2 = (f^g)&e
1225 psrld XTMP4, 10 ; XTMP4 = W[-2] >> 10 {BBAA}
1226 ror y1, (13-2) ; y1 = (a >> (13-2)) ^ (a >> (22-2))
1227 xor y1, a ; y1 = a ^ (a >> (13-2)) ^ (a >> (22-2))
1228 xor y2, g ; y2 = CH = ((f^g)&e)^g
1229 ror y0, 6 ; y0 = S1 = (e>>6) & (e>>11) ^ (e>>25)
1230 pxor XTMP2, XTMP3
1231 add y2, y0 ; y2 = S1 + CH
1232 ror y1, 2 ; y1 = S0 = (a>>2) ^ (a>>13) ^ (a>>22)
1233 add y2, [rsp + _XFER + 2*4] ; y2 = k + w + S1 + CH
1234 pxor XTMP4, XTMP2 ; XTMP4 = s1 {xBxA}
1235 mov y0, a ; y0 = a
1236 add h, y2 ; h = h + S1 + CH + k + w
1237 mov y2, a ; y2 = a
1238 pshufb XTMP4, SHUF_00BA ; XTMP4 = s1 {00BA}
1239 or y0, c ; y0 = a|c
1240 add d, h ; d = d + h + S1 + CH + k + w
1241 and y2, c ; y2 = a&c
1242 paddd XTMP0, XTMP4 ; XTMP0 = {..., ..., W[1], W[0]}
1243 and y0, b ; y0 = (a|c)&b
1244 add h, y1 ; h = h + S1 + CH + k + w + S0
1245 ;; compute high s1
1246 pshufd XTMP2, XTMP0, 01010000b ; XTMP2 = W[-2] {DDCC}
1247 or y0, y2 ; y0 = MAJ = (a|c)&b)|(a&c)
1248 add h, y0 ; h = h + S1 + CH + k + w + S0 + MAJ
1249
1250 ROTATE_ARGS
1251 movdqa XTMP3, XTMP2 ; XTMP3 = W[-2] {DDCC}
1252 mov y0, e ; y0 = e
1253 ror y0, (25-11) ; y0 = e >> (25-11)
1254 mov y1, a ; y1 = a
1255 movdqa X0, XTMP2 ; X0 = W[-2] {DDCC}
1256 ror y1, (22-13) ; y1 = a >> (22-13)
1257 xor y0, e ; y0 = e ^ (e >> (25-11))
1258 mov y2, f ; y2 = f
1259 ror y0, (11-6) ; y0 = (e >> (11-6)) ^ (e >> (25-6))
1260 psrlq XTMP2, 17 ; XTMP2 = W[-2] ror 17 {xDxC}
1261 xor y1, a ; y1 = a ^ (a >> (22-13)
1262 xor y2, g ; y2 = f^g
1263 psrlq XTMP3, 19 ; XTMP3 = W[-2] ror 19 {xDxC}
1264 xor y0, e ; y0 = e ^ (e >> (11-6)) ^ (e >> (25-6))
1265 and y2, e ; y2 = (f^g)&e
1266 ror y1, (13-2) ; y1 = (a >> (13-2)) ^ (a >> (22-2))
1267 psrld X0, 10 ; X0 = W[-2] >> 10 {DDCC}
1268 xor y1, a ; y1 = a ^ (a >> (13-2)) ^ (a >> (22-2))
1269 ror y0, 6 ; y0 = S1 = (e>>6) & (e>>11) ^ (e>>25)
1270 xor y2, g ; y2 = CH = ((f^g)&e)^g
1271 pxor XTMP2, XTMP3
1272 ror y1, 2 ; y1 = S0 = (a>>2) ^ (a>>13) ^ (a>>22)
1273 add y2, y0 ; y2 = S1 + CH
1274 add y2, [rsp + _XFER + 3*4] ; y2 = k + w + S1 + CH
1275 pxor X0, XTMP2 ; X0 = s1 {xDxC}
1276 mov y0, a ; y0 = a
1277 add h, y2 ; h = h + S1 + CH + k + w
1278 mov y2, a ; y2 = a
1279 pshufb X0, SHUF_DC00 ; X0 = s1 {DC00}
1280 or y0, c ; y0 = a|c
1281 add d, h ; d = d + h + S1 + CH + k + w
1282 and y2, c ; y2 = a&c
1283 paddd X0, XTMP0 ; X0 = {W[3], W[2], W[1], W[0]}
1284 and y0, b ; y0 = (a|c)&b
1285 add h, y1 ; h = h + S1 + CH + k + w + S0
1286 or y0, y2 ; y0 = MAJ = (a|c)&b)|(a&c)
1287 add h, y0 ; h = h + S1 + CH + k + w + S0 + MAJ
1288
1289 ROTATE_ARGS
1290 rotate_Xs
1291 %endm
1292
1293 ;; input is [rsp + _XFER + %1 * 4]
1294 %macro DO_ROUND 1
1295 mov y0, e ; y0 = e
1296 ror y0, (25-11) ; y0 = e >> (25-11)
1297 mov y1, a ; y1 = a
1298 xor y0, e ; y0 = e ^ (e >> (25-11))
1299 ror y1, (22-13) ; y1 = a >> (22-13)
1300 mov y2, f ; y2 = f
1301 xor y1, a ; y1 = a ^ (a >> (22-13)
1302 ror y0, (11-6) ; y0 = (e >> (11-6)) ^ (e >> (25-6))
1303 xor y2, g ; y2 = f^g
1304 xor y0, e ; y0 = e ^ (e >> (11-6)) ^ (e >> (25-6))
1305 ror y1, (13-2) ; y1 = (a >> (13-2)) ^ (a >> (22-2))
1306 and y2, e ; y2 = (f^g)&e
1307 xor y1, a ; y1 = a ^ (a >> (13-2)) ^ (a >> (22-2))
1308 ror y0, 6 ; y0 = S1 = (e>>6) & (e>>11) ^ (e>>25)
1309 xor y2, g ; y2 = CH = ((f^g)&e)^g
1310 add y2, y0 ; y2 = S1 + CH
1311 ror y1, 2 ; y1 = S0 = (a>>2) ^ (a>>13) ^ (a>>22)
1312 add y2, [rsp + _XFER + %1 * 4] ; y2 = k + w + S1 + CH
1313 mov y0, a ; y0 = a
1314 add h, y2 ; h = h + S1 + CH + k + w
1315 mov y2, a ; y2 = a
1316 or y0, c ; y0 = a|c
1317 add d, h ; d = d + h + S1 + CH + k + w
1318 and y2, c ; y2 = a&c
1319 and y0, b ; y0 = (a|c)&b
1320 add h, y1 ; h = h + S1 + CH + k + w + S0
1321 or y0, y2 ; y0 = MAJ = (a|c)&b)|(a&c)
1322 add h, y0 ; h = h + S1 + CH + k + w + S0 + MAJ
1323 ROTATE_ARGS
1324 %endm
1325
1326 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1327 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
1328 ;; void sha256_sse4(void *input_data, UINT32 digest[8], UINT64 num_blks)
1329 ;; arg 1 : pointer to input data
1330 ;; arg 2 : pointer to digest
1331 ;; arg 3 : Num blocks
1332 section .text
1333 global sha256_sse4
1334 align 32
1335 sha256_sse4:
1336 push rbx
1337 %ifndef LINUX
1338 push rsi
1339 push rdi
1340 %endif
1341 push rbp
1342 push r13
1343 push r14
1344 push r15
1345
1346 sub rsp,STACK_SIZE
1347 %ifndef LINUX
1348 movdqa [rsp + _XMM_SAVE + 0*16],xmm6
1349 movdqa [rsp + _XMM_SAVE + 1*16],xmm7
1350 movdqa [rsp + _XMM_SAVE + 2*16],xmm8
1351 movdqa [rsp + _XMM_SAVE + 3*16],xmm9
1352 movdqa [rsp + _XMM_SAVE + 4*16],xmm10
1353 movdqa [rsp + _XMM_SAVE + 5*16],xmm11
1354 movdqa [rsp + _XMM_SAVE + 6*16],xmm12
1355 %endif
1356
1357 shl NUM_BLKS, 6 ; convert to bytes
1358 jz done_hash
1359 add NUM_BLKS, INP ; pointer to end of data
1360 mov [rsp + _INP_END], NUM_BLKS
1361
1362 ;; load initial digest
1363 mov a,[4*0 + CTX]
1364 mov b,[4*1 + CTX]
1365 mov c,[4*2 + CTX]
1366 mov d,[4*3 + CTX]
1367 mov e,[4*4 + CTX]
1368 mov f,[4*5 + CTX]
1369 mov g,[4*6 + CTX]
1370 mov h,[4*7 + CTX]
1371
1372 movdqa BYTE_FLIP_MASK, [PSHUFFLE_BYTE_FLIP_MASK wrt rip]
1373 movdqa SHUF_00BA, [_SHUF_00BA wrt rip]
1374 movdqa SHUF_DC00, [_SHUF_DC00 wrt rip]
1375
1376 loop0:
1377 lea TBL,[K256 wrt rip]
1378
1379 ;; byte swap first 16 dwords
1380 COPY_XMM_AND_BSWAP X0, [INP + 0*16], BYTE_FLIP_MASK
1381 COPY_XMM_AND_BSWAP X1, [INP + 1*16], BYTE_FLIP_MASK
1382 COPY_XMM_AND_BSWAP X2, [INP + 2*16], BYTE_FLIP_MASK
1383 COPY_XMM_AND_BSWAP X3, [INP + 3*16], BYTE_FLIP_MASK
1384
1385 mov [rsp + _INP], INP
1386
1387 ;; schedule 48 input dwords, by doing 3 rounds of 16 each
1388 mov SRND, 3
1389 align 16
1390 loop1:
1391 movdqa XFER, [TBL + 0*16]
1392 paddd XFER, X0
1393 movdqa [rsp + _XFER], XFER
1394 FOUR_ROUNDS_AND_SCHED
1395
1396 movdqa XFER, [TBL + 1*16]
1397 paddd XFER, X0
1398 movdqa [rsp + _XFER], XFER
1399 FOUR_ROUNDS_AND_SCHED
1400
1401 movdqa XFER, [TBL + 2*16]
1402 paddd XFER, X0
1403 movdqa [rsp + _XFER], XFER
1404 FOUR_ROUNDS_AND_SCHED
1405
1406 movdqa XFER, [TBL + 3*16]
1407 paddd XFER, X0
1408 movdqa [rsp + _XFER], XFER
1409 add TBL, 4*16
1410 FOUR_ROUNDS_AND_SCHED
1411
1412 sub SRND, 1
1413 jne loop1
1414
1415 mov SRND, 2
1416 loop2:
1417 paddd X0, [TBL + 0*16]
1418 movdqa [rsp + _XFER], X0
1419 DO_ROUND 0
1420 DO_ROUND 1
1421 DO_ROUND 2
1422 DO_ROUND 3
1423 paddd X1, [TBL + 1*16]
1424 movdqa [rsp + _XFER], X1
1425 add TBL, 2*16
1426 DO_ROUND 0
1427 DO_ROUND 1
1428 DO_ROUND 2
1429 DO_ROUND 3
1430
1431 movdqa X0, X2
1432 movdqa X1, X3
1433
1434 sub SRND, 1
1435 jne loop2
1436
1437 addm [4*0 + CTX],a
1438 addm [4*1 + CTX],b
1439 addm [4*2 + CTX],c
1440 addm [4*3 + CTX],d
1441 addm [4*4 + CTX],e
1442 addm [4*5 + CTX],f
1443 addm [4*6 + CTX],g
1444 addm [4*7 + CTX],h
1445
1446 mov INP, [rsp + _INP]
1447 add INP, 64
1448 cmp INP, [rsp + _INP_END]
1449 jne loop0
1450
1451 done_hash:
1452 %ifndef LINUX
1453 movdqa xmm6,[rsp + _XMM_SAVE + 0*16]
1454 movdqa xmm7,[rsp + _XMM_SAVE + 1*16]
1455 movdqa xmm8,[rsp + _XMM_SAVE + 2*16]
1456 movdqa xmm9,[rsp + _XMM_SAVE + 3*16]
1457 movdqa xmm10,[rsp + _XMM_SAVE + 4*16]
1458 movdqa xmm11,[rsp + _XMM_SAVE + 5*16]
1459 movdqa xmm12,[rsp + _XMM_SAVE + 6*16]
1460 %endif
1461
1462 add rsp, STACK_SIZE
1463
1464 pop r15
1465 pop r14
1466 pop r13
1467 pop rbp
1468 %ifndef LINUX
1469 pop rdi
1470 pop rsi
1471 %endif
1472 pop rbx
1473
1474 ret
1475
1476
1477 section .data
1478 align 64
1479 K256:
1480 dd 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
1481 dd 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
1482 dd 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
1483 dd 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
1484 dd 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
1485 dd 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
1486 dd 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
1487 dd 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
1488 dd 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
1489 dd 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
1490 dd 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
1491 dd 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
1492 dd 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
1493 dd 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
1494 dd 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
1495 dd 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
1496
1497 PSHUFFLE_BYTE_FLIP_MASK: ddq 0x0c0d0e0f08090a0b0405060700010203
1498
1499 ; shuffle xBxA -> 00BA
1500 _SHUF_00BA: ddq 0xFFFFFFFFFFFFFFFF0b0a090803020100
1501
1502 ; shuffle xDxC -> DC00
1503 _SHUF_DC00: ddq 0x0b0a090803020100FFFFFFFFFFFFFFFF
1504 */
1505
1506 #endif