<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <title>Crypto++: sha.cpp Source File</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <link href="doxygen.css" rel="stylesheet" type="text/css"/> </head> <body> <!-- Generated by Doxygen 1.6.1 --> <div class="navigation" id="top"> <div class="tabs"> <ul> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li><a href="annotated.html"><span>Classes</span></a></li> <li class="current"><a href="files.html"><span>Files</span></a></li> </ul> </div> <div class="tabs"> <ul> <li><a href="files.html"><span>File List</span></a></li> <li><a href="globals.html"><span>File Members</span></a></li> </ul> </div> <h1>sha.cpp</h1><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">// sha.cpp - modified by Wei Dai from Steve Reid's public domain sha1.c</span> <a name="l00002"></a>00002 <a name="l00003"></a>00003 <span class="comment">// Steve Reid implemented SHA-1. Wei Dai implemented SHA-2.</span> <a name="l00004"></a>00004 <span class="comment">// Both are in the public domain.</span> <a name="l00005"></a>00005 <a name="l00006"></a>00006 <span class="comment">// use "cl /EP /P /DCRYPTOPP_GENERATE_X64_MASM sha.cpp" to generate MASM code</span> <a name="l00007"></a>00007 <a name="l00008"></a>00008 <span class="preprocessor">#include "pch.h"</span> <a name="l00009"></a>00009 <a name="l00010"></a>00010 <span class="preprocessor">#ifndef CRYPTOPP_IMPORTS</span> <a name="l00011"></a>00011 <span class="preprocessor"></span><span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span> <a name="l00012"></a>00012 <span class="preprocessor"></span> <a name="l00013"></a>00013 <span class="preprocessor">#include "sha.h"</span> <a name="l00014"></a>00014 <span class="preprocessor">#include "misc.h"</span> <a name="l00015"></a>00015 <span class="preprocessor">#include "cpu.h"</span> <a name="l00016"></a>00016 <a name="l00017"></a>00017 NAMESPACE_BEGIN(CryptoPP) <a name="l00018"></a>00018 <a name="l00019"></a>00019 <span class="comment">// start of Steve Reid's code</span> <a name="l00020"></a>00020 <a name="l00021"></a>00021 <span class="preprocessor">#define blk0(i) (W[i] = data[i])</span> <a name="l00022"></a>00022 <span class="preprocessor"></span><span class="preprocessor">#define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))</span> <a name="l00023"></a>00023 <span class="preprocessor"></span> <a name="l00024"></a>00024 <span class="keywordtype">void</span> SHA1::InitState(HashWordType *state) <a name="l00025"></a>00025 { <a name="l00026"></a>00026 state[0] = 0x67452301L; <a name="l00027"></a>00027 state[1] = 0xEFCDAB89L; <a name="l00028"></a>00028 state[2] = 0x98BADCFEL; <a name="l00029"></a>00029 state[3] = 0x10325476L; <a name="l00030"></a>00030 state[4] = 0xC3D2E1F0L; <a name="l00031"></a>00031 } <a name="l00032"></a>00032 <a name="l00033"></a>00033 <span class="preprocessor">#define f1(x,y,z) (z^(x&(y^z)))</span> <a name="l00034"></a>00034 <span class="preprocessor"></span><span class="preprocessor">#define f2(x,y,z) (x^y^z)</span> <a name="l00035"></a>00035 <span class="preprocessor"></span><span class="preprocessor">#define f3(x,y,z) ((x&y)|(z&(x|y)))</span> <a name="l00036"></a>00036 <span class="preprocessor"></span><span class="preprocessor">#define f4(x,y,z) (x^y^z)</span> <a name="l00037"></a>00037 <span class="preprocessor"></span> <a name="l00038"></a>00038 <span class="comment">/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */</span> <a name="l00039"></a>00039 <span class="preprocessor">#define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);</span> <a name="l00040"></a>00040 <span class="preprocessor"></span><span class="preprocessor">#define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);</span> <a name="l00041"></a>00041 <span class="preprocessor"></span><span class="preprocessor">#define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlFixed(v,5);w=rotlFixed(w,30);</span> <a name="l00042"></a>00042 <span class="preprocessor"></span><span class="preprocessor">#define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlFixed(v,5);w=rotlFixed(w,30);</span> <a name="l00043"></a>00043 <span class="preprocessor"></span><span class="preprocessor">#define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlFixed(v,5);w=rotlFixed(w,30);</span> <a name="l00044"></a>00044 <span class="preprocessor"></span> <a name="l00045"></a>00045 <span class="keywordtype">void</span> SHA1::Transform(word32 *state, <span class="keyword">const</span> word32 *data) <a name="l00046"></a>00046 { <a name="l00047"></a>00047 word32 W[16]; <a name="l00048"></a>00048 <span class="comment">/* Copy context->state[] to working vars */</span> <a name="l00049"></a>00049 word32 a = state[0]; <a name="l00050"></a>00050 word32 b = state[1]; <a name="l00051"></a>00051 word32 c = state[2]; <a name="l00052"></a>00052 word32 d = state[3]; <a name="l00053"></a>00053 word32 e = state[4]; <a name="l00054"></a>00054 <span class="comment">/* 4 rounds of 20 operations each. Loop unrolled. */</span> <a name="l00055"></a>00055 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); <a name="l00056"></a>00056 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); <a name="l00057"></a>00057 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); <a name="l00058"></a>00058 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); <a name="l00059"></a>00059 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); <a name="l00060"></a>00060 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); <a name="l00061"></a>00061 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); <a name="l00062"></a>00062 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); <a name="l00063"></a>00063 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); <a name="l00064"></a>00064 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); <a name="l00065"></a>00065 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); <a name="l00066"></a>00066 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); <a name="l00067"></a>00067 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); <a name="l00068"></a>00068 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); <a name="l00069"></a>00069 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); <a name="l00070"></a>00070 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); <a name="l00071"></a>00071 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); <a name="l00072"></a>00072 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); <a name="l00073"></a>00073 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); <a name="l00074"></a>00074 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); <a name="l00075"></a>00075 <span class="comment">/* Add the working vars back into context.state[] */</span> <a name="l00076"></a>00076 state[0] += a; <a name="l00077"></a>00077 state[1] += b; <a name="l00078"></a>00078 state[2] += c; <a name="l00079"></a>00079 state[3] += d; <a name="l00080"></a>00080 state[4] += e; <a name="l00081"></a>00081 } <a name="l00082"></a>00082 <a name="l00083"></a>00083 <span class="comment">// end of Steve Reid's code</span> <a name="l00084"></a>00084 <a name="l00085"></a>00085 <span class="comment">// *************************************************************</span> <a name="l00086"></a>00086 <a name="l00087"></a>00087 <span class="keywordtype">void</span> SHA224::InitState(HashWordType *state) <a name="l00088"></a>00088 { <a name="l00089"></a>00089 <span class="keyword">static</span> <span class="keyword">const</span> word32 s[8] = {0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4}; <a name="l00090"></a>00090 memcpy(state, s, <span class="keyword">sizeof</span>(s)); <a name="l00091"></a>00091 } <a name="l00092"></a>00092 <a name="l00093"></a>00093 <span class="keywordtype">void</span> SHA256::InitState(HashWordType *state) <a name="l00094"></a>00094 { <a name="l00095"></a>00095 <span class="keyword">static</span> <span class="keyword">const</span> word32 s[8] = {0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19}; <a name="l00096"></a>00096 memcpy(state, s, <span class="keyword">sizeof</span>(s)); <a name="l00097"></a>00097 } <a name="l00098"></a>00098 <a name="l00099"></a>00099 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span> <a name="l00100"></a>00100 <span class="preprocessor"></span>CRYPTOPP_ALIGN_DATA(16) extern const word32 SHA256_K[64] CRYPTOPP_SECTION_ALIGN16 = { <a name="l00101"></a>00101 <span class="preprocessor">#else</span> <a name="l00102"></a>00102 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="keyword">const</span> word32 SHA256_K[64] = { <a name="l00103"></a>00103 <span class="preprocessor">#endif</span> <a name="l00104"></a>00104 <span class="preprocessor"></span> 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, <a name="l00105"></a>00105 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, <a name="l00106"></a>00106 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, <a name="l00107"></a>00107 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, <a name="l00108"></a>00108 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, <a name="l00109"></a>00109 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, <a name="l00110"></a>00110 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, <a name="l00111"></a>00111 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, <a name="l00112"></a>00112 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, <a name="l00113"></a>00113 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, <a name="l00114"></a>00114 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, <a name="l00115"></a>00115 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, <a name="l00116"></a>00116 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, <a name="l00117"></a>00117 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, <a name="l00118"></a>00118 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, <a name="l00119"></a>00119 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 <a name="l00120"></a>00120 }; <a name="l00121"></a>00121 <a name="l00122"></a>00122 <span class="preprocessor">#endif // #ifndef CRYPTOPP_GENERATE_X64_MASM</span> <a name="l00123"></a>00123 <span class="preprocessor"></span> <a name="l00124"></a>00124 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_GENERATE_X64_MASM)</span> <a name="l00125"></a>00125 <span class="preprocessor"></span> <a name="l00126"></a>00126 <span class="preprocessor">#pragma warning(disable: 4731) // frame pointer register 'ebp' modified by inline assembly code</span> <a name="l00127"></a>00127 <span class="preprocessor"></span> <a name="l00128"></a>00128 <span class="keyword">static</span> <span class="keywordtype">void</span> CRYPTOPP_FASTCALL X86_SHA256_HashBlocks(word32 *state, <span class="keyword">const</span> word32 *data, <span class="keywordtype">size_t</span> len <a name="l00129"></a>00129 #<span class="keywordflow">if</span> defined(_MSC_VER) && (_MSC_VER == 1200) <a name="l00130"></a>00130 , ... <span class="comment">// VC60 workaround: prevent VC 6 from inlining this function</span> <a name="l00131"></a>00131 #endif <a name="l00132"></a>00132 ) <a name="l00133"></a>00133 { <a name="l00134"></a>00134 <span class="preprocessor">#if defined(_MSC_VER) && (_MSC_VER == 1200)</span> <a name="l00135"></a>00135 <span class="preprocessor"></span> AS2(mov ecx, [state]) <a name="l00136"></a>00136 AS2(mov edx, [data]) <a name="l00137"></a>00137 <span class="preprocessor">#endif</span> <a name="l00138"></a>00138 <span class="preprocessor"></span> <a name="l00139"></a>00139 <span class="preprocessor"> #define LOCALS_SIZE 8*4 + 16*4 + 4*WORD_SZ</span> <a name="l00140"></a>00140 <span class="preprocessor"></span><span class="preprocessor"> #define H(i) [BASE+ASM_MOD(1024+7-(i),8)*4]</span> <a name="l00141"></a>00141 <span class="preprocessor"></span><span class="preprocessor"> #define G(i) H(i+1)</span> <a name="l00142"></a>00142 <span class="preprocessor"></span><span class="preprocessor"> #define F(i) H(i+2)</span> <a name="l00143"></a>00143 <span class="preprocessor"></span><span class="preprocessor"> #define E(i) H(i+3)</span> <a name="l00144"></a>00144 <span class="preprocessor"></span><span class="preprocessor"> #define D(i) H(i+4)</span> <a name="l00145"></a>00145 <span class="preprocessor"></span><span class="preprocessor"> #define C(i) H(i+5)</span> <a name="l00146"></a>00146 <span class="preprocessor"></span><span class="preprocessor"> #define B(i) H(i+6)</span> <a name="l00147"></a>00147 <span class="preprocessor"></span><span class="preprocessor"> #define A(i) H(i+7)</span> <a name="l00148"></a>00148 <span class="preprocessor"></span><span class="preprocessor"> #define Wt(i) BASE+8*4+ASM_MOD(1024+15-(i),16)*4</span> <a name="l00149"></a>00149 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_2(i) Wt((i)-2)</span> <a name="l00150"></a>00150 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_15(i) Wt((i)-15)</span> <a name="l00151"></a>00151 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_7(i) Wt((i)-7)</span> <a name="l00152"></a>00152 <span class="preprocessor"></span><span class="preprocessor"> #define K_END [BASE+8*4+16*4+0*WORD_SZ]</span> <a name="l00153"></a>00153 <span class="preprocessor"></span><span class="preprocessor"> #define STATE_SAVE [BASE+8*4+16*4+1*WORD_SZ]</span> <a name="l00154"></a>00154 <span class="preprocessor"></span><span class="preprocessor"> #define DATA_SAVE [BASE+8*4+16*4+2*WORD_SZ]</span> <a name="l00155"></a>00155 <span class="preprocessor"></span><span class="preprocessor"> #define DATA_END [BASE+8*4+16*4+3*WORD_SZ]</span> <a name="l00156"></a>00156 <span class="preprocessor"></span><span class="preprocessor"> #define Kt(i) WORD_REG(si)+(i)*4</span> <a name="l00157"></a>00157 <span class="preprocessor"></span><span class="preprocessor">#if CRYPTOPP_BOOL_X86</span> <a name="l00158"></a>00158 <span class="preprocessor"></span><span class="preprocessor"> #define BASE esp+4</span> <a name="l00159"></a>00159 <span class="preprocessor"></span><span class="preprocessor">#elif defined(__GNUC__)</span> <a name="l00160"></a>00160 <span class="preprocessor"></span><span class="preprocessor"> #define BASE r8</span> <a name="l00161"></a>00161 <span class="preprocessor"></span><span class="preprocessor">#else</span> <a name="l00162"></a>00162 <span class="preprocessor"></span><span class="preprocessor"> #define BASE rsp</span> <a name="l00163"></a>00163 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00164"></a>00164 <span class="preprocessor"></span> <a name="l00165"></a>00165 <span class="preprocessor">#define RA0(i, edx, edi) \</span> <a name="l00166"></a>00166 <span class="preprocessor"> AS2( add edx, [Kt(i)] )\</span> <a name="l00167"></a>00167 <span class="preprocessor"> AS2( add edx, [Wt(i)] )\</span> <a name="l00168"></a>00168 <span class="preprocessor"> AS2( add edx, H(i) )\</span> <a name="l00169"></a>00169 <span class="preprocessor"></span> <a name="l00170"></a>00170 <span class="preprocessor"></span><span class="preprocessor">#define RA1(i, edx, edi)</span> <a name="l00171"></a>00171 <span class="preprocessor"></span> <a name="l00172"></a>00172 <span class="preprocessor">#define RB0(i, edx, edi)</span> <a name="l00173"></a>00173 <span class="preprocessor"></span> <a name="l00174"></a>00174 <span class="preprocessor">#define RB1(i, edx, edi) \</span> <a name="l00175"></a>00175 <span class="preprocessor"> AS2( mov AS_REG_7d, [Wt_2(i)] )\</span> <a name="l00176"></a>00176 <span class="preprocessor"> AS2( mov edi, [Wt_15(i)])\</span> <a name="l00177"></a>00177 <span class="preprocessor"> AS2( mov ebx, AS_REG_7d )\</span> <a name="l00178"></a>00178 <span class="preprocessor"> AS2( shr AS_REG_7d, 10 )\</span> <a name="l00179"></a>00179 <span class="preprocessor"> AS2( ror ebx, 17 )\</span> <a name="l00180"></a>00180 <span class="preprocessor"> AS2( xor AS_REG_7d, ebx )\</span> <a name="l00181"></a>00181 <span class="preprocessor"> AS2( ror ebx, 2 )\</span> <a name="l00182"></a>00182 <span class="preprocessor"> AS2( xor ebx, AS_REG_7d )</span><span class="comment">/* s1(W_t-2) */</span>\ <a name="l00183"></a>00183 AS2( add ebx, [Wt_7(i)])\ <a name="l00184"></a>00184 AS2( mov AS_REG_7d, edi )\ <a name="l00185"></a>00185 AS2( shr AS_REG_7d, 3 )\ <a name="l00186"></a>00186 AS2( ror edi, 7 )\ <a name="l00187"></a>00187 AS2( add ebx, [Wt(i)])<span class="comment">/* s1(W_t-2) + W_t-7 + W_t-16 */</span>\ <a name="l00188"></a>00188 AS2( xor AS_REG_7d, edi )\ <a name="l00189"></a>00189 AS2( add edx, [Kt(i)])\ <a name="l00190"></a>00190 AS2( ror edi, 11 )\ <a name="l00191"></a>00191 AS2( add edx, H(i) )\ <a name="l00192"></a>00192 AS2( xor AS_REG_7d, edi )<span class="comment">/* s0(W_t-15) */</span>\ <a name="l00193"></a>00193 AS2( add AS_REG_7d, ebx )<span class="comment">/* W_t = s1(W_t-2) + W_t-7 + s0(W_t-15) W_t-16*/</span>\ <a name="l00194"></a>00194 AS2( mov [Wt(i)], AS_REG_7d)\ <a name="l00195"></a>00195 AS2( add edx, AS_REG_7d )\ <a name="l00196"></a>00196 <a name="l00197"></a>00197 <span class="preprocessor">#define ROUND(i, r, eax, ecx, edi, edx)\</span> <a name="l00198"></a>00198 <span class="preprocessor"> </span><span class="comment">/* in: edi = E */</span>\ <a name="l00199"></a>00199 <span class="comment">/* unused: eax, ecx, temp: ebx, AS_REG_7d, out: edx = T1 */</span>\ <a name="l00200"></a>00200 AS2( mov edx, F(i) )\ <a name="l00201"></a>00201 AS2( xor edx, G(i) )\ <a name="l00202"></a>00202 AS2( and edx, edi )\ <a name="l00203"></a>00203 AS2( xor edx, G(i) )<span class="comment">/* Ch(E,F,G) = (G^(E&(F^G))) */</span>\ <a name="l00204"></a>00204 AS2( mov AS_REG_7d, edi )\ <a name="l00205"></a>00205 AS2( ror edi, 6 )\ <a name="l00206"></a>00206 AS2( ror AS_REG_7d, 25 )\ <a name="l00207"></a>00207 RA##r(i, edx, edi )<span class="comment">/* H + Wt + Kt + Ch(E,F,G) */</span>\ <a name="l00208"></a>00208 AS2( xor AS_REG_7d, edi )\ <a name="l00209"></a>00209 AS2( ror edi, 5 )\ <a name="l00210"></a>00210 AS2( xor AS_REG_7d, edi )<span class="comment">/* S1(E) */</span>\ <a name="l00211"></a>00211 AS2( add edx, AS_REG_7d )<span class="comment">/* T1 = S1(E) + Ch(E,F,G) + H + Wt + Kt */</span>\ <a name="l00212"></a>00212 RB##r(i, edx, edi )<span class="comment">/* H + Wt + Kt + Ch(E,F,G) */</span>\ <a name="l00213"></a>00213 <span class="comment">/* in: ecx = A, eax = B^C, edx = T1 */</span>\ <a name="l00214"></a>00214 <span class="comment">/* unused: edx, temp: ebx, AS_REG_7d, out: eax = A, ecx = B^C, edx = E */</span>\ <a name="l00215"></a>00215 AS2( mov ebx, ecx )\ <a name="l00216"></a>00216 AS2( xor ecx, B(i) )<span class="comment">/* A^B */</span>\ <a name="l00217"></a>00217 AS2( and eax, ecx )\ <a name="l00218"></a>00218 AS2( xor eax, B(i) )<span class="comment">/* Maj(A,B,C) = B^((A^B)&(B^C) */</span>\ <a name="l00219"></a>00219 AS2( mov AS_REG_7d, ebx )\ <a name="l00220"></a>00220 AS2( ror ebx, 2 )\ <a name="l00221"></a>00221 AS2( add eax, edx )<span class="comment">/* T1 + Maj(A,B,C) */</span>\ <a name="l00222"></a>00222 AS2( add edx, D(i) )\ <a name="l00223"></a>00223 AS2( mov D(i), edx )\ <a name="l00224"></a>00224 AS2( ror AS_REG_7d, 22 )\ <a name="l00225"></a>00225 AS2( xor AS_REG_7d, ebx )\ <a name="l00226"></a>00226 AS2( ror ebx, 11 )\ <a name="l00227"></a>00227 AS2( xor AS_REG_7d, ebx )\ <a name="l00228"></a>00228 AS2( add eax, AS_REG_7d )<span class="comment">/* T1 + S0(A) + Maj(A,B,C) */</span>\ <a name="l00229"></a>00229 AS2( mov H(i), eax )\ <a name="l00230"></a>00230 <a name="l00231"></a>00231 <span class="preprocessor">#define SWAP_COPY(i) \</span> <a name="l00232"></a>00232 <span class="preprocessor"> AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\</span> <a name="l00233"></a>00233 <span class="preprocessor"> AS1( bswap WORD_REG(bx))\</span> <a name="l00234"></a>00234 <span class="preprocessor"> AS2( mov [Wt(i*(1+CRYPTOPP_BOOL_X64)+CRYPTOPP_BOOL_X64)], WORD_REG(bx))</span> <a name="l00235"></a>00235 <span class="preprocessor"></span> <a name="l00236"></a>00236 <span class="preprocessor">#if defined(__GNUC__)</span> <a name="l00237"></a>00237 <span class="preprocessor"></span><span class="preprocessor"> #if CRYPTOPP_BOOL_X64</span> <a name="l00238"></a>00238 <span class="preprocessor"></span> <a class="code" href="class_fixed_size_aligned_sec_block.html">FixedSizeAlignedSecBlock<byte, LOCALS_SIZE></a> workspace; <a name="l00239"></a>00239 <span class="preprocessor"> #endif</span> <a name="l00240"></a>00240 <span class="preprocessor"></span> __asm__ __volatile__ <a name="l00241"></a>00241 ( <a name="l00242"></a>00242 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64 <a name="l00243"></a>00243 <span class="stringliteral">"lea %4, %%r8;"</span> <a name="l00244"></a>00244 #endif <a name="l00245"></a>00245 <span class="stringliteral">".intel_syntax noprefix;"</span> <a name="l00246"></a>00246 #elif defined(CRYPTOPP_GENERATE_X64_MASM) <a name="l00247"></a>00247 ALIGN 8 <a name="l00248"></a>00248 X86_SHA256_HashBlocks PROC FRAME <a name="l00249"></a>00249 rex_push_reg rsi <a name="l00250"></a>00250 push_reg rdi <a name="l00251"></a>00251 push_reg rbx <a name="l00252"></a>00252 push_reg rbp <a name="l00253"></a>00253 alloc_stack(LOCALS_SIZE+8) <a name="l00254"></a>00254 .endprolog <a name="l00255"></a>00255 mov rdi, r8 <a name="l00256"></a>00256 lea rsi, [?SHA256_K@CryptoPP@@3QBIB + 48*4] <a name="l00257"></a>00257 #endif <a name="l00258"></a>00258 <a name="l00259"></a>00259 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00260"></a>00260 #ifndef __GNUC__ <a name="l00261"></a>00261 AS2( mov edi, [len]) <a name="l00262"></a>00262 AS2( lea WORD_REG(si), [SHA256_K+48*4]) <a name="l00263"></a>00263 #endif <a name="l00264"></a>00264 #<span class="keywordflow">if</span> !defined(_MSC_VER) || (_MSC_VER < 1400) <a name="l00265"></a>00265 AS_PUSH_IF86(bx) <a name="l00266"></a>00266 #endif <a name="l00267"></a>00267 <a name="l00268"></a>00268 AS_PUSH_IF86(bp) <a name="l00269"></a>00269 AS2( mov ebx, esp) <a name="l00270"></a>00270 AS2( and esp, -16) <a name="l00271"></a>00271 AS2( sub WORD_REG(sp), LOCALS_SIZE) <a name="l00272"></a>00272 AS_PUSH_IF86(bx) <a name="l00273"></a>00273 #endif <a name="l00274"></a>00274 AS2( mov STATE_SAVE, WORD_REG(cx)) <a name="l00275"></a>00275 AS2( mov DATA_SAVE, WORD_REG(dx)) <a name="l00276"></a>00276 AS2( lea WORD_REG(ax), [WORD_REG(di) + WORD_REG(dx)]) <a name="l00277"></a>00277 AS2( mov DATA_END, WORD_REG(ax)) <a name="l00278"></a>00278 AS2( mov K_END, WORD_REG(si)) <a name="l00279"></a>00279 <a name="l00280"></a>00280 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00281"></a>00281 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00282"></a>00282 AS2( test edi, 1) <a name="l00283"></a>00283 ASJ( jnz, 2, f) <a name="l00284"></a>00284 AS1( dec DWORD PTR K_END) <a name="l00285"></a>00285 #endif <a name="l00286"></a>00286 AS2( movdqa xmm0, XMMWORD_PTR [WORD_REG(cx)+0*16]) <a name="l00287"></a>00287 AS2( movdqa xmm1, XMMWORD_PTR [WORD_REG(cx)+1*16]) <a name="l00288"></a>00288 #endif <a name="l00289"></a>00289 <a name="l00290"></a>00290 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00291"></a>00291 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00292"></a>00292 ASJ( jmp, 0, f) <a name="l00293"></a>00293 #endif <a name="l00294"></a>00294 ASL(2) <span class="comment">// non-SSE2</span> <a name="l00295"></a>00295 AS2( mov esi, ecx) <a name="l00296"></a>00296 AS2( lea edi, A(0)) <a name="l00297"></a>00297 AS2( mov ecx, 8) <a name="l00298"></a>00298 AS1( rep movsd) <a name="l00299"></a>00299 AS2( mov esi, K_END) <a name="l00300"></a>00300 ASJ( jmp, 3, f) <a name="l00301"></a>00301 #endif <a name="l00302"></a>00302 <a name="l00303"></a>00303 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00304"></a>00304 ASL(0) <a name="l00305"></a>00305 AS2( movdqa E(0), xmm1) <a name="l00306"></a>00306 AS2( movdqa A(0), xmm0) <a name="l00307"></a>00307 #endif <a name="l00308"></a>00308 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00309"></a>00309 ASL(3) <a name="l00310"></a>00310 #endif <a name="l00311"></a>00311 AS2( sub WORD_REG(si), 48*4) <a name="l00312"></a>00312 SWAP_COPY(0) SWAP_COPY(1) SWAP_COPY(2) SWAP_COPY(3) <a name="l00313"></a>00313 SWAP_COPY(4) SWAP_COPY(5) SWAP_COPY(6) SWAP_COPY(7) <a name="l00314"></a>00314 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00315"></a>00315 SWAP_COPY(8) SWAP_COPY(9) SWAP_COPY(10) SWAP_COPY(11) <a name="l00316"></a>00316 SWAP_COPY(12) SWAP_COPY(13) SWAP_COPY(14) SWAP_COPY(15) <a name="l00317"></a>00317 #endif <a name="l00318"></a>00318 AS2( mov edi, E(0)) <span class="comment">// E</span> <a name="l00319"></a>00319 AS2( mov eax, B(0)) <span class="comment">// B</span> <a name="l00320"></a>00320 AS2( xor eax, C(0)) <span class="comment">// B^C</span> <a name="l00321"></a>00321 AS2( mov ecx, A(0)) <span class="comment">// A</span> <a name="l00322"></a>00322 <a name="l00323"></a>00323 ROUND(0, 0, eax, ecx, edi, edx) <a name="l00324"></a>00324 ROUND(1, 0, ecx, eax, edx, edi) <a name="l00325"></a>00325 ROUND(2, 0, eax, ecx, edi, edx) <a name="l00326"></a>00326 ROUND(3, 0, ecx, eax, edx, edi) <a name="l00327"></a>00327 ROUND(4, 0, eax, ecx, edi, edx) <a name="l00328"></a>00328 ROUND(5, 0, ecx, eax, edx, edi) <a name="l00329"></a>00329 ROUND(6, 0, eax, ecx, edi, edx) <a name="l00330"></a>00330 ROUND(7, 0, ecx, eax, edx, edi) <a name="l00331"></a>00331 ROUND(8, 0, eax, ecx, edi, edx) <a name="l00332"></a>00332 ROUND(9, 0, ecx, eax, edx, edi) <a name="l00333"></a>00333 ROUND(10, 0, eax, ecx, edi, edx) <a name="l00334"></a>00334 ROUND(11, 0, ecx, eax, edx, edi) <a name="l00335"></a>00335 ROUND(12, 0, eax, ecx, edi, edx) <a name="l00336"></a>00336 ROUND(13, 0, ecx, eax, edx, edi) <a name="l00337"></a>00337 ROUND(14, 0, eax, ecx, edi, edx) <a name="l00338"></a>00338 ROUND(15, 0, ecx, eax, edx, edi) <a name="l00339"></a>00339 <a name="l00340"></a>00340 ASL(1) <a name="l00341"></a>00341 AS2(add WORD_REG(si), 4*16) <a name="l00342"></a>00342 ROUND(0, 1, eax, ecx, edi, edx) <a name="l00343"></a>00343 ROUND(1, 1, ecx, eax, edx, edi) <a name="l00344"></a>00344 ROUND(2, 1, eax, ecx, edi, edx) <a name="l00345"></a>00345 ROUND(3, 1, ecx, eax, edx, edi) <a name="l00346"></a>00346 ROUND(4, 1, eax, ecx, edi, edx) <a name="l00347"></a>00347 ROUND(5, 1, ecx, eax, edx, edi) <a name="l00348"></a>00348 ROUND(6, 1, eax, ecx, edi, edx) <a name="l00349"></a>00349 ROUND(7, 1, ecx, eax, edx, edi) <a name="l00350"></a>00350 ROUND(8, 1, eax, ecx, edi, edx) <a name="l00351"></a>00351 ROUND(9, 1, ecx, eax, edx, edi) <a name="l00352"></a>00352 ROUND(10, 1, eax, ecx, edi, edx) <a name="l00353"></a>00353 ROUND(11, 1, ecx, eax, edx, edi) <a name="l00354"></a>00354 ROUND(12, 1, eax, ecx, edi, edx) <a name="l00355"></a>00355 ROUND(13, 1, ecx, eax, edx, edi) <a name="l00356"></a>00356 ROUND(14, 1, eax, ecx, edi, edx) <a name="l00357"></a>00357 ROUND(15, 1, ecx, eax, edx, edi) <a name="l00358"></a>00358 AS2( cmp WORD_REG(si), K_END) <a name="l00359"></a>00359 ASJ( jl, 1, b) <a name="l00360"></a>00360 <a name="l00361"></a>00361 AS2( mov WORD_REG(dx), DATA_SAVE) <a name="l00362"></a>00362 AS2( add WORD_REG(dx), 64) <a name="l00363"></a>00363 AS2( mov AS_REG_7, STATE_SAVE) <a name="l00364"></a>00364 AS2( mov DATA_SAVE, WORD_REG(dx)) <a name="l00365"></a>00365 <a name="l00366"></a>00366 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00367"></a>00367 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00368"></a>00368 AS2( test DWORD PTR K_END, 1) <a name="l00369"></a>00369 ASJ( jz, 4, f) <a name="l00370"></a>00370 #endif <a name="l00371"></a>00371 AS2( movdqa xmm1, XMMWORD_PTR [AS_REG_7+1*16]) <a name="l00372"></a>00372 AS2( movdqa xmm0, XMMWORD_PTR [AS_REG_7+0*16]) <a name="l00373"></a>00373 AS2( paddd xmm1, E(0)) <a name="l00374"></a>00374 AS2( paddd xmm0, A(0)) <a name="l00375"></a>00375 AS2( movdqa [AS_REG_7+1*16], xmm1) <a name="l00376"></a>00376 AS2( movdqa [AS_REG_7+0*16], xmm0) <a name="l00377"></a>00377 AS2( cmp WORD_REG(dx), DATA_END) <a name="l00378"></a>00378 ASJ( jl, 0, b) <a name="l00379"></a>00379 #endif <a name="l00380"></a>00380 <a name="l00381"></a>00381 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 <a name="l00382"></a>00382 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00383"></a>00383 ASJ( jmp, 5, f) <a name="l00384"></a>00384 ASL(4) <span class="comment">// non-SSE2</span> <a name="l00385"></a>00385 #endif <a name="l00386"></a>00386 AS2( add [AS_REG_7+0*4], ecx) <span class="comment">// A</span> <a name="l00387"></a>00387 AS2( add [AS_REG_7+4*4], edi) <span class="comment">// E</span> <a name="l00388"></a>00388 AS2( mov eax, B(0)) <a name="l00389"></a>00389 AS2( mov ebx, C(0)) <a name="l00390"></a>00390 AS2( mov ecx, D(0)) <a name="l00391"></a>00391 AS2( add [AS_REG_7+1*4], eax) <a name="l00392"></a>00392 AS2( add [AS_REG_7+2*4], ebx) <a name="l00393"></a>00393 AS2( add [AS_REG_7+3*4], ecx) <a name="l00394"></a>00394 AS2( mov eax, F(0)) <a name="l00395"></a>00395 AS2( mov ebx, G(0)) <a name="l00396"></a>00396 AS2( mov ecx, H(0)) <a name="l00397"></a>00397 AS2( add [AS_REG_7+5*4], eax) <a name="l00398"></a>00398 AS2( add [AS_REG_7+6*4], ebx) <a name="l00399"></a>00399 AS2( add [AS_REG_7+7*4], ecx) <a name="l00400"></a>00400 AS2( mov ecx, AS_REG_7d) <a name="l00401"></a>00401 AS2( cmp WORD_REG(dx), DATA_END) <a name="l00402"></a>00402 ASJ( jl, 2, b) <a name="l00403"></a>00403 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE <a name="l00404"></a>00404 ASL(5) <a name="l00405"></a>00405 #endif <a name="l00406"></a>00406 #endif <a name="l00407"></a>00407 <a name="l00408"></a>00408 AS_POP_IF86(sp) <a name="l00409"></a>00409 AS_POP_IF86(bp) <a name="l00410"></a>00410 #<span class="keywordflow">if</span> !defined(_MSC_VER) || (_MSC_VER < 1400) <a name="l00411"></a>00411 AS_POP_IF86(bx) <a name="l00412"></a>00412 #endif <a name="l00413"></a>00413 <a name="l00414"></a>00414 #ifdef CRYPTOPP_GENERATE_X64_MASM <a name="l00415"></a>00415 add rsp, LOCALS_SIZE+8 <a name="l00416"></a>00416 pop rbp <a name="l00417"></a>00417 pop rbx <a name="l00418"></a>00418 pop rdi <a name="l00419"></a>00419 pop rsi <a name="l00420"></a>00420 ret <a name="l00421"></a>00421 X86_SHA256_HashBlocks ENDP <a name="l00422"></a>00422 #endif <a name="l00423"></a>00423 <a name="l00424"></a>00424 #ifdef __GNUC__ <a name="l00425"></a>00425 <span class="stringliteral">".att_syntax prefix;"</span> <a name="l00426"></a>00426 : <a name="l00427"></a>00427 : <span class="stringliteral">"c"</span> (state), <span class="stringliteral">"d"</span> (data), <span class="stringliteral">"S"</span> (SHA256_K+48), <span class="stringliteral">"D"</span> (len) <a name="l00428"></a>00428 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64 <a name="l00429"></a>00429 , <span class="stringliteral">"m"</span> (workspace[0]) <a name="l00430"></a>00430 #endif <a name="l00431"></a>00431 : <span class="stringliteral">"memory"</span>, <span class="stringliteral">"cc"</span>, <span class="stringliteral">"%eax"</span> <a name="l00432"></a>00432 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64 <a name="l00433"></a>00433 , <span class="stringliteral">"%rbx"</span>, <span class="stringliteral">"%r8"</span> <a name="l00434"></a>00434 #endif <a name="l00435"></a>00435 ); <a name="l00436"></a>00436 <span class="preprocessor">#endif</span> <a name="l00437"></a>00437 <span class="preprocessor"></span>} <a name="l00438"></a>00438 <a name="l00439"></a>00439 <span class="preprocessor">#endif // #if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_GENERATE_X64_MASM)</span> <a name="l00440"></a>00440 <span class="preprocessor"></span> <a name="l00441"></a>00441 <span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span> <a name="l00442"></a>00442 <span class="preprocessor"></span> <a name="l00443"></a>00443 <span class="preprocessor">#ifdef CRYPTOPP_X64_MASM_AVAILABLE</span> <a name="l00444"></a>00444 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="stringliteral">"C"</span> { <a name="l00445"></a>00445 <span class="keywordtype">void</span> CRYPTOPP_FASTCALL X86_SHA256_HashBlocks(word32 *state, <span class="keyword">const</span> word32 *data, <span class="keywordtype">size_t</span> len); <a name="l00446"></a>00446 } <a name="l00447"></a>00447 <span class="preprocessor">#endif</span> <a name="l00448"></a>00448 <span class="preprocessor"></span> <a name="l00449"></a>00449 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)</span> <a name="l00450"></a>00450 <span class="preprocessor"></span> <a name="l00451"></a>00451 <span class="keywordtype">size_t</span> SHA256::HashMultipleBlocks(<span class="keyword">const</span> word32 *input, <span class="keywordtype">size_t</span> length) <a name="l00452"></a>00452 { <a name="l00453"></a>00453 X86_SHA256_HashBlocks(m_state, input, (length&(<span class="keywordtype">size_t</span>(0)-BLOCKSIZE)) - !HasSSE2()); <a name="l00454"></a>00454 <span class="keywordflow">return</span> length % BLOCKSIZE; <a name="l00455"></a>00455 } <a name="l00456"></a>00456 <a name="l00457"></a>00457 <span class="keywordtype">size_t</span> SHA224::HashMultipleBlocks(<span class="keyword">const</span> word32 *input, <span class="keywordtype">size_t</span> length) <a name="l00458"></a>00458 { <a name="l00459"></a>00459 X86_SHA256_HashBlocks(m_state, input, (length&(<span class="keywordtype">size_t</span>(0)-BLOCKSIZE)) - !HasSSE2()); <a name="l00460"></a>00460 <span class="keywordflow">return</span> length % BLOCKSIZE; <a name="l00461"></a>00461 } <a name="l00462"></a>00462 <a name="l00463"></a>00463 <span class="preprocessor">#endif</span> <a name="l00464"></a>00464 <span class="preprocessor"></span> <a name="l00465"></a>00465 <span class="preprocessor">#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))</span> <a name="l00466"></a>00466 <span class="preprocessor"></span> <a name="l00467"></a>00467 <span class="preprocessor">#define Ch(x,y,z) (z^(x&(y^z)))</span> <a name="l00468"></a>00468 <span class="preprocessor"></span><span class="preprocessor">#define Maj(x,y,z) (y^((x^y)&(y^z)))</span> <a name="l00469"></a>00469 <span class="preprocessor"></span> <a name="l00470"></a>00470 <span class="preprocessor">#define a(i) T[(0-i)&7]</span> <a name="l00471"></a>00471 <span class="preprocessor"></span><span class="preprocessor">#define b(i) T[(1-i)&7]</span> <a name="l00472"></a>00472 <span class="preprocessor"></span><span class="preprocessor">#define c(i) T[(2-i)&7]</span> <a name="l00473"></a>00473 <span class="preprocessor"></span><span class="preprocessor">#define d(i) T[(3-i)&7]</span> <a name="l00474"></a>00474 <span class="preprocessor"></span><span class="preprocessor">#define e(i) T[(4-i)&7]</span> <a name="l00475"></a>00475 <span class="preprocessor"></span><span class="preprocessor">#define f(i) T[(5-i)&7]</span> <a name="l00476"></a>00476 <span class="preprocessor"></span><span class="preprocessor">#define g(i) T[(6-i)&7]</span> <a name="l00477"></a>00477 <span class="preprocessor"></span><span class="preprocessor">#define h(i) T[(7-i)&7]</span> <a name="l00478"></a>00478 <span class="preprocessor"></span> <a name="l00479"></a>00479 <span class="preprocessor">#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA256_K[i+j]+(j?blk2(i):blk0(i));\</span> <a name="l00480"></a>00480 <span class="preprocessor"> d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))</span> <a name="l00481"></a>00481 <span class="preprocessor"></span> <a name="l00482"></a>00482 <span class="comment">// for SHA256</span> <a name="l00483"></a>00483 <span class="preprocessor">#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22))</span> <a name="l00484"></a>00484 <span class="preprocessor"></span><span class="preprocessor">#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25))</span> <a name="l00485"></a>00485 <span class="preprocessor"></span><span class="preprocessor">#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3))</span> <a name="l00486"></a>00486 <span class="preprocessor"></span><span class="preprocessor">#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10))</span> <a name="l00487"></a>00487 <span class="preprocessor"></span> <a name="l00488"></a>00488 <span class="keywordtype">void</span> SHA256::Transform(word32 *state, <span class="keyword">const</span> word32 *data) <a name="l00489"></a>00489 { <a name="l00490"></a>00490 word32 W[16]; <a name="l00491"></a>00491 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)</span> <a name="l00492"></a>00492 <span class="preprocessor"></span> <span class="comment">// this byte reverse is a waste of time, but this function is only called by MDC</span> <a name="l00493"></a>00493 ByteReverse(W, data, BLOCKSIZE); <a name="l00494"></a>00494 X86_SHA256_HashBlocks(state, W, BLOCKSIZE - !HasSSE2()); <a name="l00495"></a>00495 <span class="preprocessor">#else</span> <a name="l00496"></a>00496 <span class="preprocessor"></span> word32 T[8]; <a name="l00497"></a>00497 <span class="comment">/* Copy context->state[] to working vars */</span> <a name="l00498"></a>00498 memcpy(T, state, <span class="keyword">sizeof</span>(T)); <a name="l00499"></a>00499 <span class="comment">/* 64 operations, partially loop unrolled */</span> <a name="l00500"></a>00500 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j=0; j<64; j+=16) <a name="l00501"></a>00501 { <a name="l00502"></a>00502 R( 0); R( 1); R( 2); R( 3); <a name="l00503"></a>00503 R( 4); R( 5); R( 6); R( 7); <a name="l00504"></a>00504 R( 8); R( 9); R(10); R(11); <a name="l00505"></a>00505 R(12); R(13); R(14); R(15); <a name="l00506"></a>00506 } <a name="l00507"></a>00507 <span class="comment">/* Add the working vars back into context.state[] */</span> <a name="l00508"></a>00508 state[0] += a(0); <a name="l00509"></a>00509 state[1] += b(0); <a name="l00510"></a>00510 state[2] += c(0); <a name="l00511"></a>00511 state[3] += d(0); <a name="l00512"></a>00512 state[4] += e(0); <a name="l00513"></a>00513 state[5] += f(0); <a name="l00514"></a>00514 state[6] += g(0); <a name="l00515"></a>00515 state[7] += h(0); <a name="l00516"></a>00516 <span class="preprocessor">#endif</span> <a name="l00517"></a>00517 <span class="preprocessor"></span>} <a name="l00518"></a>00518 <a name="l00519"></a>00519 <span class="comment">/* </span> <a name="l00520"></a>00520 <span class="comment">// smaller but slower</span> <a name="l00521"></a>00521 <span class="comment">void SHA256::Transform(word32 *state, const word32 *data)</span> <a name="l00522"></a>00522 <span class="comment">{</span> <a name="l00523"></a>00523 <span class="comment"> word32 T[20];</span> <a name="l00524"></a>00524 <span class="comment"> word32 W[32];</span> <a name="l00525"></a>00525 <span class="comment"> unsigned int i = 0, j = 0;</span> <a name="l00526"></a>00526 <span class="comment"> word32 *t = T+8;</span> <a name="l00527"></a>00527 <span class="comment"></span> <a name="l00528"></a>00528 <span class="comment"> memcpy(t, state, 8*4);</span> <a name="l00529"></a>00529 <span class="comment"> word32 e = t[4], a = t[0];</span> <a name="l00530"></a>00530 <span class="comment"></span> <a name="l00531"></a>00531 <span class="comment"> do </span> <a name="l00532"></a>00532 <span class="comment"> {</span> <a name="l00533"></a>00533 <span class="comment"> word32 w = data[j];</span> <a name="l00534"></a>00534 <span class="comment"> W[j] = w;</span> <a name="l00535"></a>00535 <span class="comment"> w += SHA256_K[j];</span> <a name="l00536"></a>00536 <span class="comment"> w += t[7];</span> <a name="l00537"></a>00537 <span class="comment"> w += S1(e);</span> <a name="l00538"></a>00538 <span class="comment"> w += Ch(e, t[5], t[6]);</span> <a name="l00539"></a>00539 <span class="comment"> e = t[3] + w;</span> <a name="l00540"></a>00540 <span class="comment"> t[3] = t[3+8] = e;</span> <a name="l00541"></a>00541 <span class="comment"> w += S0(t[0]);</span> <a name="l00542"></a>00542 <span class="comment"> a = w + Maj(a, t[1], t[2]);</span> <a name="l00543"></a>00543 <span class="comment"> t[-1] = t[7] = a;</span> <a name="l00544"></a>00544 <span class="comment"> --t;</span> <a name="l00545"></a>00545 <span class="comment"> ++j;</span> <a name="l00546"></a>00546 <span class="comment"> if (j%8 == 0)</span> <a name="l00547"></a>00547 <span class="comment"> t += 8;</span> <a name="l00548"></a>00548 <span class="comment"> } while (j<16);</span> <a name="l00549"></a>00549 <span class="comment"></span> <a name="l00550"></a>00550 <span class="comment"> do</span> <a name="l00551"></a>00551 <span class="comment"> {</span> <a name="l00552"></a>00552 <span class="comment"> i = j&0xf;</span> <a name="l00553"></a>00553 <span class="comment"> word32 w = s1(W[i+16-2]) + s0(W[i+16-15]) + W[i] + W[i+16-7];</span> <a name="l00554"></a>00554 <span class="comment"> W[i+16] = W[i] = w;</span> <a name="l00555"></a>00555 <span class="comment"> w += SHA256_K[j];</span> <a name="l00556"></a>00556 <span class="comment"> w += t[7];</span> <a name="l00557"></a>00557 <span class="comment"> w += S1(e);</span> <a name="l00558"></a>00558 <span class="comment"> w += Ch(e, t[5], t[6]);</span> <a name="l00559"></a>00559 <span class="comment"> e = t[3] + w;</span> <a name="l00560"></a>00560 <span class="comment"> t[3] = t[3+8] = e;</span> <a name="l00561"></a>00561 <span class="comment"> w += S0(t[0]);</span> <a name="l00562"></a>00562 <span class="comment"> a = w + Maj(a, t[1], t[2]);</span> <a name="l00563"></a>00563 <span class="comment"> t[-1] = t[7] = a;</span> <a name="l00564"></a>00564 <span class="comment"></span> <a name="l00565"></a>00565 <span class="comment"> w = s1(W[(i+1)+16-2]) + s0(W[(i+1)+16-15]) + W[(i+1)] + W[(i+1)+16-7];</span> <a name="l00566"></a>00566 <span class="comment"> W[(i+1)+16] = W[(i+1)] = w;</span> <a name="l00567"></a>00567 <span class="comment"> w += SHA256_K[j+1];</span> <a name="l00568"></a>00568 <span class="comment"> w += (t-1)[7];</span> <a name="l00569"></a>00569 <span class="comment"> w += S1(e);</span> <a name="l00570"></a>00570 <span class="comment"> w += Ch(e, (t-1)[5], (t-1)[6]);</span> <a name="l00571"></a>00571 <span class="comment"> e = (t-1)[3] + w;</span> <a name="l00572"></a>00572 <span class="comment"> (t-1)[3] = (t-1)[3+8] = e;</span> <a name="l00573"></a>00573 <span class="comment"> w += S0((t-1)[0]);</span> <a name="l00574"></a>00574 <span class="comment"> a = w + Maj(a, (t-1)[1], (t-1)[2]);</span> <a name="l00575"></a>00575 <span class="comment"> (t-1)[-1] = (t-1)[7] = a;</span> <a name="l00576"></a>00576 <span class="comment"></span> <a name="l00577"></a>00577 <span class="comment"> t-=2;</span> <a name="l00578"></a>00578 <span class="comment"> j+=2;</span> <a name="l00579"></a>00579 <span class="comment"> if (j%8 == 0)</span> <a name="l00580"></a>00580 <span class="comment"> t += 8;</span> <a name="l00581"></a>00581 <span class="comment"> } while (j<64);</span> <a name="l00582"></a>00582 <span class="comment"></span> <a name="l00583"></a>00583 <span class="comment"> state[0] += a;</span> <a name="l00584"></a>00584 <span class="comment"> state[1] += t[1];</span> <a name="l00585"></a>00585 <span class="comment"> state[2] += t[2];</span> <a name="l00586"></a>00586 <span class="comment"> state[3] += t[3];</span> <a name="l00587"></a>00587 <span class="comment"> state[4] += e;</span> <a name="l00588"></a>00588 <span class="comment"> state[5] += t[5];</span> <a name="l00589"></a>00589 <span class="comment"> state[6] += t[6];</span> <a name="l00590"></a>00590 <span class="comment"> state[7] += t[7];</span> <a name="l00591"></a>00591 <span class="comment">}</span> <a name="l00592"></a>00592 <span class="comment">*/</span> <a name="l00593"></a>00593 <a name="l00594"></a>00594 <span class="preprocessor">#undef S0</span> <a name="l00595"></a>00595 <span class="preprocessor"></span><span class="preprocessor">#undef S1</span> <a name="l00596"></a>00596 <span class="preprocessor"></span><span class="preprocessor">#undef s0</span> <a name="l00597"></a>00597 <span class="preprocessor"></span><span class="preprocessor">#undef s1</span> <a name="l00598"></a>00598 <span class="preprocessor"></span><span class="preprocessor">#undef R</span> <a name="l00599"></a>00599 <span class="preprocessor"></span> <a name="l00600"></a>00600 <span class="comment">// *************************************************************</span> <a name="l00601"></a>00601 <a name="l00602"></a>00602 <span class="keywordtype">void</span> SHA384::InitState(HashWordType *state) <a name="l00603"></a>00603 { <a name="l00604"></a>00604 <span class="keyword">static</span> <span class="keyword">const</span> word64 s[8] = { <a name="l00605"></a>00605 W64LIT(0xcbbb9d5dc1059ed8), W64LIT(0x629a292a367cd507), <a name="l00606"></a>00606 W64LIT(0x9159015a3070dd17), W64LIT(0x152fecd8f70e5939), <a name="l00607"></a>00607 W64LIT(0x67332667ffc00b31), W64LIT(0x8eb44a8768581511), <a name="l00608"></a>00608 W64LIT(0xdb0c2e0d64f98fa7), W64LIT(0x47b5481dbefa4fa4)}; <a name="l00609"></a>00609 memcpy(state, s, <span class="keyword">sizeof</span>(s)); <a name="l00610"></a>00610 } <a name="l00611"></a>00611 <a name="l00612"></a>00612 <span class="keywordtype">void</span> SHA512::InitState(HashWordType *state) <a name="l00613"></a>00613 { <a name="l00614"></a>00614 <span class="keyword">static</span> <span class="keyword">const</span> word64 s[8] = { <a name="l00615"></a>00615 W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b), <a name="l00616"></a>00616 W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1), <a name="l00617"></a>00617 W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f), <a name="l00618"></a>00618 W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)}; <a name="l00619"></a>00619 memcpy(state, s, <span class="keyword">sizeof</span>(s)); <a name="l00620"></a>00620 } <a name="l00621"></a>00621 <a name="l00622"></a>00622 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span> <a name="l00623"></a>00623 <span class="preprocessor"></span>CRYPTOPP_ALIGN_DATA(16) static const word64 SHA512_K[80] CRYPTOPP_SECTION_ALIGN16 = { <a name="l00624"></a>00624 <span class="preprocessor">#else</span> <a name="l00625"></a>00625 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keyword">const</span> word64 SHA512_K[80] = { <a name="l00626"></a>00626 <span class="preprocessor">#endif</span> <a name="l00627"></a>00627 <span class="preprocessor"></span> W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd), <a name="l00628"></a>00628 W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc), <a name="l00629"></a>00629 W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019), <a name="l00630"></a>00630 W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118), <a name="l00631"></a>00631 W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe), <a name="l00632"></a>00632 W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2), <a name="l00633"></a>00633 W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1), <a name="l00634"></a>00634 W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694), <a name="l00635"></a>00635 W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3), <a name="l00636"></a>00636 W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65), <a name="l00637"></a>00637 W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483), <a name="l00638"></a>00638 W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5), <a name="l00639"></a>00639 W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210), <a name="l00640"></a>00640 W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4), <a name="l00641"></a>00641 W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725), <a name="l00642"></a>00642 W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70), <a name="l00643"></a>00643 W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926), <a name="l00644"></a>00644 W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df), <a name="l00645"></a>00645 W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8), <a name="l00646"></a>00646 W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b), <a name="l00647"></a>00647 W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001), <a name="l00648"></a>00648 W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30), <a name="l00649"></a>00649 W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910), <a name="l00650"></a>00650 W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8), <a name="l00651"></a>00651 W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53), <a name="l00652"></a>00652 W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8), <a name="l00653"></a>00653 W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb), <a name="l00654"></a>00654 W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3), <a name="l00655"></a>00655 W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60), <a name="l00656"></a>00656 W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec), <a name="l00657"></a>00657 W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9), <a name="l00658"></a>00658 W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b), <a name="l00659"></a>00659 W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207), <a name="l00660"></a>00660 W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178), <a name="l00661"></a>00661 W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6), <a name="l00662"></a>00662 W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b), <a name="l00663"></a>00663 W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493), <a name="l00664"></a>00664 W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c), <a name="l00665"></a>00665 W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a), <a name="l00666"></a>00666 W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817) <a name="l00667"></a>00667 }; <a name="l00668"></a>00668 <a name="l00669"></a>00669 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span> <a name="l00670"></a>00670 <span class="preprocessor"></span><span class="comment">// put assembly version in separate function, otherwise MSVC 2005 SP1 doesn't generate correct code for the non-assembly version</span> <a name="l00671"></a>00671 CRYPTOPP_NAKED <span class="keyword">static</span> <span class="keywordtype">void</span> CRYPTOPP_FASTCALL SHA512_SSE2_Transform(word64 *state, <span class="keyword">const</span> word64 *data) <a name="l00672"></a>00672 { <a name="l00673"></a>00673 <span class="preprocessor">#ifdef __GNUC__</span> <a name="l00674"></a>00674 <span class="preprocessor"></span> __asm__ __volatile__ <a name="l00675"></a>00675 ( <a name="l00676"></a>00676 <span class="stringliteral">".intel_syntax noprefix;"</span> <a name="l00677"></a>00677 AS1( push ebx) <a name="l00678"></a>00678 AS2( mov ebx, eax) <a name="l00679"></a>00679 #<span class="keywordflow">else</span> <a name="l00680"></a>00680 AS1( push ebx) <a name="l00681"></a>00681 AS1( push esi) <a name="l00682"></a>00682 AS1( push edi) <a name="l00683"></a>00683 AS2( lea ebx, SHA512_K) <a name="l00684"></a>00684 #endif <a name="l00685"></a>00685 <a name="l00686"></a>00686 AS2( mov eax, esp) <a name="l00687"></a>00687 AS2( and esp, 0xfffffff0) <a name="l00688"></a>00688 AS2( sub esp, 27*16) <span class="comment">// 17*16 for expanded data, 20*8 for state</span> <a name="l00689"></a>00689 AS1( push eax) <a name="l00690"></a>00690 AS2( xor eax, eax) <a name="l00691"></a>00691 AS2( lea edi, [esp+4+8*8]) <span class="comment">// start at middle of state buffer. will decrement pointer each round to avoid copying</span> <a name="l00692"></a>00692 AS2( lea esi, [esp+4+20*8+8]) <span class="comment">// 16-byte alignment, then add 8</span> <a name="l00693"></a>00693 <a name="l00694"></a>00694 AS2( movdqa xmm0, [ecx+0*16]) <a name="l00695"></a>00695 AS2( movdq2q mm4, xmm0) <a name="l00696"></a>00696 AS2( movdqa [edi+0*16], xmm0) <a name="l00697"></a>00697 AS2( movdqa xmm0, [ecx+1*16]) <a name="l00698"></a>00698 AS2( movdqa [edi+1*16], xmm0) <a name="l00699"></a>00699 AS2( movdqa xmm0, [ecx+2*16]) <a name="l00700"></a>00700 AS2( movdq2q mm5, xmm0) <a name="l00701"></a>00701 AS2( movdqa [edi+2*16], xmm0) <a name="l00702"></a>00702 AS2( movdqa xmm0, [ecx+3*16]) <a name="l00703"></a>00703 AS2( movdqa [edi+3*16], xmm0) <a name="l00704"></a>00704 ASJ( jmp, 0, f) <a name="l00705"></a>00705 <a name="l00706"></a>00706 #define SSE2_S0_S1(r, a, b, c) \ <a name="l00707"></a>00707 AS2( movq mm6, r)\ <a name="l00708"></a>00708 AS2( psrlq r, a)\ <a name="l00709"></a>00709 AS2( movq mm7, r)\ <a name="l00710"></a>00710 AS2( psllq mm6, 64-c)\ <a name="l00711"></a>00711 AS2( pxor mm7, mm6)\ <a name="l00712"></a>00712 AS2( psrlq r, b-a)\ <a name="l00713"></a>00713 AS2( pxor mm7, r)\ <a name="l00714"></a>00714 AS2( psllq mm6, c-b)\ <a name="l00715"></a>00715 AS2( pxor mm7, mm6)\ <a name="l00716"></a>00716 AS2( psrlq r, c-b)\ <a name="l00717"></a>00717 AS2( pxor r, mm7)\ <a name="l00718"></a>00718 AS2( psllq mm6, b-a)\ <a name="l00719"></a>00719 AS2( pxor r, mm6) <a name="l00720"></a>00720 <a name="l00721"></a>00721 #define SSE2_s0(r, a, b, c) \ <a name="l00722"></a>00722 AS2( movdqa xmm6, r)\ <a name="l00723"></a>00723 AS2( psrlq r, a)\ <a name="l00724"></a>00724 AS2( movdqa xmm7, r)\ <a name="l00725"></a>00725 AS2( psllq xmm6, 64-c)\ <a name="l00726"></a>00726 AS2( pxor xmm7, xmm6)\ <a name="l00727"></a>00727 AS2( psrlq r, b-a)\ <a name="l00728"></a>00728 AS2( pxor xmm7, r)\ <a name="l00729"></a>00729 AS2( psrlq r, c-b)\ <a name="l00730"></a>00730 AS2( pxor r, xmm7)\ <a name="l00731"></a>00731 AS2( psllq xmm6, c-a)\ <a name="l00732"></a>00732 AS2( pxor r, xmm6) <a name="l00733"></a>00733 <a name="l00734"></a>00734 #define SSE2_s1(r, a, b, c) \ <a name="l00735"></a>00735 AS2( movdqa xmm6, r)\ <a name="l00736"></a>00736 AS2( psrlq r, a)\ <a name="l00737"></a>00737 AS2( movdqa xmm7, r)\ <a name="l00738"></a>00738 AS2( psllq xmm6, 64-c)\ <a name="l00739"></a>00739 AS2( pxor xmm7, xmm6)\ <a name="l00740"></a>00740 AS2( psrlq r, b-a)\ <a name="l00741"></a>00741 AS2( pxor xmm7, r)\ <a name="l00742"></a>00742 AS2( psllq xmm6, c-b)\ <a name="l00743"></a>00743 AS2( pxor xmm7, xmm6)\ <a name="l00744"></a>00744 AS2( psrlq r, c-b)\ <a name="l00745"></a>00745 AS2( pxor r, xmm7) <a name="l00746"></a>00746 <a name="l00747"></a>00747 ASL(SHA512_Round) <a name="l00748"></a>00748 <span class="comment">// k + w is in mm0, a is in mm4, e is in mm5</span> <a name="l00749"></a>00749 AS2( paddq mm0, [edi+7*8]) <span class="comment">// h</span> <a name="l00750"></a>00750 AS2( movq mm2, [edi+5*8]) <span class="comment">// f</span> <a name="l00751"></a>00751 AS2( movq mm3, [edi+6*8]) <span class="comment">// g</span> <a name="l00752"></a>00752 AS2( pxor mm2, mm3) <a name="l00753"></a>00753 AS2( pand mm2, mm5) <a name="l00754"></a>00754 SSE2_S0_S1(mm5,14,18,41) <a name="l00755"></a>00755 AS2( pxor mm2, mm3) <a name="l00756"></a>00756 AS2( paddq mm0, mm2) <span class="comment">// h += Ch(e,f,g)</span> <a name="l00757"></a>00757 AS2( paddq mm5, mm0) <span class="comment">// h += S1(e)</span> <a name="l00758"></a>00758 AS2( movq mm2, [edi+1*8]) <span class="comment">// b</span> <a name="l00759"></a>00759 AS2( movq mm1, mm2) <a name="l00760"></a>00760 AS2( por mm2, mm4) <a name="l00761"></a>00761 AS2( pand mm2, [edi+2*8]) <span class="comment">// c</span> <a name="l00762"></a>00762 AS2( pand mm1, mm4) <a name="l00763"></a>00763 AS2( por mm1, mm2) <a name="l00764"></a>00764 AS2( paddq mm1, mm5) <span class="comment">// temp = h + Maj(a,b,c)</span> <a name="l00765"></a>00765 AS2( paddq mm5, [edi+3*8]) <span class="comment">// e = d + h</span> <a name="l00766"></a>00766 AS2( movq [edi+3*8], mm5) <a name="l00767"></a>00767 AS2( movq [edi+11*8], mm5) <a name="l00768"></a>00768 SSE2_S0_S1(mm4,28,34,39) <span class="comment">// S0(a)</span> <a name="l00769"></a>00769 AS2( paddq mm4, mm1) <span class="comment">// a = temp + S0(a)</span> <a name="l00770"></a>00770 AS2( movq [edi-8], mm4) <a name="l00771"></a>00771 AS2( movq [edi+7*8], mm4) <a name="l00772"></a>00772 AS1( ret) <a name="l00773"></a>00773 <a name="l00774"></a>00774 <span class="comment">// first 16 rounds</span> <a name="l00775"></a>00775 ASL(0) <a name="l00776"></a>00776 AS2( movq mm0, [edx+eax*8]) <a name="l00777"></a>00777 AS2( movq [esi+eax*8], mm0) <a name="l00778"></a>00778 AS2( movq [esi+eax*8+16*8], mm0) <a name="l00779"></a>00779 AS2( paddq mm0, [ebx+eax*8]) <a name="l00780"></a>00780 ASC( call, SHA512_Round) <a name="l00781"></a>00781 AS1( inc eax) <a name="l00782"></a>00782 AS2( sub edi, 8) <a name="l00783"></a>00783 AS2( test eax, 7) <a name="l00784"></a>00784 ASJ( jnz, 0, b) <a name="l00785"></a>00785 AS2( add edi, 8*8) <a name="l00786"></a>00786 AS2( cmp eax, 16) <a name="l00787"></a>00787 ASJ( jne, 0, b) <a name="l00788"></a>00788 <a name="l00789"></a>00789 <span class="comment">// rest of the rounds</span> <a name="l00790"></a>00790 AS2( movdqu xmm0, [esi+(16-2)*8]) <a name="l00791"></a>00791 ASL(1) <a name="l00792"></a>00792 <span class="comment">// data expansion, W[i-2] already in xmm0</span> <a name="l00793"></a>00793 AS2( movdqu xmm3, [esi]) <a name="l00794"></a>00794 AS2( paddq xmm3, [esi+(16-7)*8]) <a name="l00795"></a>00795 AS2( movdqa xmm2, [esi+(16-15)*8]) <a name="l00796"></a>00796 SSE2_s1(xmm0, 6, 19, 61) <a name="l00797"></a>00797 AS2( paddq xmm0, xmm3) <a name="l00798"></a>00798 SSE2_s0(xmm2, 1, 7, 8) <a name="l00799"></a>00799 AS2( paddq xmm0, xmm2) <a name="l00800"></a>00800 AS2( movdq2q mm0, xmm0) <a name="l00801"></a>00801 AS2( movhlps xmm1, xmm0) <a name="l00802"></a>00802 AS2( paddq mm0, [ebx+eax*8]) <a name="l00803"></a>00803 AS2( movlps [esi], xmm0) <a name="l00804"></a>00804 AS2( movlps [esi+8], xmm1) <a name="l00805"></a>00805 AS2( movlps [esi+8*16], xmm0) <a name="l00806"></a>00806 AS2( movlps [esi+8*17], xmm1) <a name="l00807"></a>00807 <span class="comment">// 2 rounds</span> <a name="l00808"></a>00808 ASC( call, SHA512_Round) <a name="l00809"></a>00809 AS2( sub edi, 8) <a name="l00810"></a>00810 AS2( movdq2q mm0, xmm1) <a name="l00811"></a>00811 AS2( paddq mm0, [ebx+eax*8+8]) <a name="l00812"></a>00812 ASC( call, SHA512_Round) <a name="l00813"></a>00813 <span class="comment">// update indices and loop</span> <a name="l00814"></a>00814 AS2( add esi, 16) <a name="l00815"></a>00815 AS2( add eax, 2) <a name="l00816"></a>00816 AS2( sub edi, 8) <a name="l00817"></a>00817 AS2( test eax, 7) <a name="l00818"></a>00818 ASJ( jnz, 1, b) <a name="l00819"></a>00819 <span class="comment">// do housekeeping every 8 rounds</span> <a name="l00820"></a>00820 AS2( mov esi, 0xf) <a name="l00821"></a>00821 AS2( and esi, eax) <a name="l00822"></a>00822 AS2( lea esi, [esp+4+20*8+8+esi*8]) <a name="l00823"></a>00823 AS2( add edi, 8*8) <a name="l00824"></a>00824 AS2( cmp eax, 80) <a name="l00825"></a>00825 ASJ( jne, 1, b) <a name="l00826"></a>00826 <a name="l00827"></a>00827 #define SSE2_CombineState(i) \ <a name="l00828"></a>00828 AS2( movdqa xmm0, [edi+i*16])\ <a name="l00829"></a>00829 AS2( paddq xmm0, [ecx+i*16])\ <a name="l00830"></a>00830 AS2( movdqa [ecx+i*16], xmm0) <a name="l00831"></a>00831 <a name="l00832"></a>00832 SSE2_CombineState(0) <a name="l00833"></a>00833 SSE2_CombineState(1) <a name="l00834"></a>00834 SSE2_CombineState(2) <a name="l00835"></a>00835 SSE2_CombineState(3) <a name="l00836"></a>00836 <a name="l00837"></a>00837 AS1( pop esp) <a name="l00838"></a>00838 AS1( emms) <a name="l00839"></a>00839 <a name="l00840"></a>00840 #<span class="keywordflow">if</span> defined(__GNUC__) <a name="l00841"></a>00841 AS1( pop ebx) <a name="l00842"></a>00842 <span class="stringliteral">".att_syntax prefix;"</span> <a name="l00843"></a>00843 : <a name="l00844"></a>00844 : <span class="stringliteral">"a"</span> (SHA512_K), <span class="stringliteral">"c"</span> (state), <span class="stringliteral">"d"</span> (data) <a name="l00845"></a>00845 : <span class="stringliteral">"%esi"</span>, <span class="stringliteral">"%edi"</span>, <span class="stringliteral">"memory"</span>, <span class="stringliteral">"cc"</span> <a name="l00846"></a>00846 ); <a name="l00847"></a>00847 <span class="preprocessor">#else</span> <a name="l00848"></a>00848 <span class="preprocessor"></span> AS1( pop edi) <a name="l00849"></a>00849 AS1( pop esi) <a name="l00850"></a>00850 AS1( pop ebx) <a name="l00851"></a>00851 AS1( ret) <a name="l00852"></a>00852 <span class="preprocessor">#endif</span> <a name="l00853"></a>00853 <span class="preprocessor"></span>} <a name="l00854"></a>00854 <span class="preprocessor">#endif // #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span> <a name="l00855"></a>00855 <span class="preprocessor"></span> <a name="l00856"></a>00856 <span class="keywordtype">void</span> SHA512::Transform(word64 *state, <span class="keyword">const</span> word64 *data) <a name="l00857"></a>00857 { <a name="l00858"></a>00858 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span> <a name="l00859"></a>00859 <span class="preprocessor"></span> <span class="keywordflow">if</span> (HasSSE2()) <a name="l00860"></a>00860 { <a name="l00861"></a>00861 SHA512_SSE2_Transform(state, data); <a name="l00862"></a>00862 <span class="keywordflow">return</span>; <a name="l00863"></a>00863 } <a name="l00864"></a>00864 <span class="preprocessor">#endif</span> <a name="l00865"></a>00865 <span class="preprocessor"></span> <a name="l00866"></a>00866 <span class="preprocessor">#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39))</span> <a name="l00867"></a>00867 <span class="preprocessor"></span><span class="preprocessor">#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41))</span> <a name="l00868"></a>00868 <span class="preprocessor"></span><span class="preprocessor">#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7))</span> <a name="l00869"></a>00869 <span class="preprocessor"></span><span class="preprocessor">#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6))</span> <a name="l00870"></a>00870 <span class="preprocessor"></span> <a name="l00871"></a>00871 <span class="preprocessor">#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA512_K[i+j]+(j?blk2(i):blk0(i));\</span> <a name="l00872"></a>00872 <span class="preprocessor"> d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))</span> <a name="l00873"></a>00873 <span class="preprocessor"></span> <a name="l00874"></a>00874 word64 W[16]; <a name="l00875"></a>00875 word64 T[8]; <a name="l00876"></a>00876 <span class="comment">/* Copy context->state[] to working vars */</span> <a name="l00877"></a>00877 memcpy(T, state, <span class="keyword">sizeof</span>(T)); <a name="l00878"></a>00878 <span class="comment">/* 80 operations, partially loop unrolled */</span> <a name="l00879"></a>00879 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j=0; j<80; j+=16) <a name="l00880"></a>00880 { <a name="l00881"></a>00881 R( 0); R( 1); R( 2); R( 3); <a name="l00882"></a>00882 R( 4); R( 5); R( 6); R( 7); <a name="l00883"></a>00883 R( 8); R( 9); R(10); R(11); <a name="l00884"></a>00884 R(12); R(13); R(14); R(15); <a name="l00885"></a>00885 } <a name="l00886"></a>00886 <span class="comment">/* Add the working vars back into context.state[] */</span> <a name="l00887"></a>00887 state[0] += a(0); <a name="l00888"></a>00888 state[1] += b(0); <a name="l00889"></a>00889 state[2] += c(0); <a name="l00890"></a>00890 state[3] += d(0); <a name="l00891"></a>00891 state[4] += e(0); <a name="l00892"></a>00892 state[5] += f(0); <a name="l00893"></a>00893 state[6] += g(0); <a name="l00894"></a>00894 state[7] += h(0); <a name="l00895"></a>00895 } <a name="l00896"></a>00896 <a name="l00897"></a>00897 NAMESPACE_END <a name="l00898"></a>00898 <a name="l00899"></a>00899 <span class="preprocessor">#endif // #ifndef CRYPTOPP_GENERATE_X64_MASM</span> <a name="l00900"></a>00900 <span class="preprocessor"></span><span class="preprocessor">#endif // #ifndef CRYPTOPP_IMPORTS</span> </pre></div></div> <hr size="1"/><address style="text-align: right;"><small>Generated on 9 Dec 2009 for Crypto++ by <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.6.1 </small></address> </body> </html>