<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>Crypto++: sha.cpp Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<!-- Generated by Doxygen 1.7.4 -->
<div id="top">
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td style="padding-left: 0.5em;">
<div id="projectname">Crypto++</div>
</td>
</tr>
</tbody>
</table>
</div>
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="namespaces.html"><span>Namespaces</span></a></li>
<li><a href="annotated.html"><span>Classes</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>File Members</span></a></li>
</ul>
</div>
<div class="header">
<div class="headertitle">
<div class="title">sha.cpp</div> </div>
</div>
<div class="contents">
<div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">// sha.cpp - modified by Wei Dai from Steve Reid's public domain sha1.c</span>
<a name="l00002"></a>00002
<a name="l00003"></a>00003 <span class="comment">// Steve Reid implemented SHA-1. Wei Dai implemented SHA-2.</span>
<a name="l00004"></a>00004 <span class="comment">// Both are in the public domain.</span>
<a name="l00005"></a>00005
<a name="l00006"></a>00006 <span class="comment">// use "cl /EP /P /DCRYPTOPP_GENERATE_X64_MASM sha.cpp" to generate MASM code</span>
<a name="l00007"></a>00007
<a name="l00008"></a>00008 <span class="preprocessor">#include "pch.h"</span>
<a name="l00009"></a>00009
<a name="l00010"></a>00010 <span class="preprocessor">#ifndef CRYPTOPP_IMPORTS</span>
<a name="l00011"></a>00011 <span class="preprocessor"></span><span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span>
<a name="l00012"></a>00012 <span class="preprocessor"></span>
<a name="l00013"></a>00013 <span class="preprocessor">#include "sha.h"</span>
<a name="l00014"></a>00014 <span class="preprocessor">#include "misc.h"</span>
<a name="l00015"></a>00015 <span class="preprocessor">#include "cpu.h"</span>
<a name="l00016"></a>00016
<a name="l00017"></a>00017 NAMESPACE_BEGIN(CryptoPP)
<a name="l00018"></a>00018
<a name="l00019"></a>00019 <span class="comment">// start of Steve Reid's code</span>
<a name="l00020"></a>00020
<a name="l00021"></a>00021 <span class="preprocessor">#define blk0(i) (W[i] = data[i])</span>
<a name="l00022"></a>00022 <span class="preprocessor"></span><span class="preprocessor">#define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))</span>
<a name="l00023"></a>00023 <span class="preprocessor"></span>
<a name="l00024"></a>00024 <span class="keywordtype">void</span> SHA1::InitState(HashWordType *state)
<a name="l00025"></a>00025 {
<a name="l00026"></a>00026 state[0] = 0x67452301L;
<a name="l00027"></a>00027 state[1] = 0xEFCDAB89L;
<a name="l00028"></a>00028 state[2] = 0x98BADCFEL;
<a name="l00029"></a>00029 state[3] = 0x10325476L;
<a name="l00030"></a>00030 state[4] = 0xC3D2E1F0L;
<a name="l00031"></a>00031 }
<a name="l00032"></a>00032
<a name="l00033"></a>00033 <span class="preprocessor">#define f1(x,y,z) (z^(x&(y^z)))</span>
<a name="l00034"></a>00034 <span class="preprocessor"></span><span class="preprocessor">#define f2(x,y,z) (x^y^z)</span>
<a name="l00035"></a>00035 <span class="preprocessor"></span><span class="preprocessor">#define f3(x,y,z) ((x&y)|(z&(x|y)))</span>
<a name="l00036"></a>00036 <span class="preprocessor"></span><span class="preprocessor">#define f4(x,y,z) (x^y^z)</span>
<a name="l00037"></a>00037 <span class="preprocessor"></span>
<a name="l00038"></a>00038 <span class="comment">/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */</span>
<a name="l00039"></a>00039 <span class="preprocessor">#define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);</span>
<a name="l00040"></a>00040 <span class="preprocessor"></span><span class="preprocessor">#define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlFixed(v,5);w=rotlFixed(w,30);</span>
<a name="l00041"></a>00041 <span class="preprocessor"></span><span class="preprocessor">#define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlFixed(v,5);w=rotlFixed(w,30);</span>
<a name="l00042"></a>00042 <span class="preprocessor"></span><span class="preprocessor">#define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlFixed(v,5);w=rotlFixed(w,30);</span>
<a name="l00043"></a>00043 <span class="preprocessor"></span><span class="preprocessor">#define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlFixed(v,5);w=rotlFixed(w,30);</span>
<a name="l00044"></a>00044 <span class="preprocessor"></span>
<a name="l00045"></a>00045 <span class="keywordtype">void</span> SHA1::Transform(word32 *state, <span class="keyword">const</span> word32 *data)
<a name="l00046"></a>00046 {
<a name="l00047"></a>00047 word32 W[16];
<a name="l00048"></a>00048 <span class="comment">/* Copy context->state[] to working vars */</span>
<a name="l00049"></a>00049 word32 a = state[0];
<a name="l00050"></a>00050 word32 b = state[1];
<a name="l00051"></a>00051 word32 c = state[2];
<a name="l00052"></a>00052 word32 d = state[3];
<a name="l00053"></a>00053 word32 e = state[4];
<a name="l00054"></a>00054 <span class="comment">/* 4 rounds of 20 operations each. Loop unrolled. */</span>
<a name="l00055"></a>00055 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
<a name="l00056"></a>00056 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
<a name="l00057"></a>00057 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
<a name="l00058"></a>00058 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
<a name="l00059"></a>00059 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
<a name="l00060"></a>00060 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
<a name="l00061"></a>00061 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
<a name="l00062"></a>00062 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
<a name="l00063"></a>00063 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
<a name="l00064"></a>00064 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
<a name="l00065"></a>00065 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
<a name="l00066"></a>00066 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
<a name="l00067"></a>00067 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
<a name="l00068"></a>00068 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
<a name="l00069"></a>00069 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
<a name="l00070"></a>00070 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
<a name="l00071"></a>00071 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
<a name="l00072"></a>00072 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
<a name="l00073"></a>00073 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
<a name="l00074"></a>00074 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
<a name="l00075"></a>00075 <span class="comment">/* Add the working vars back into context.state[] */</span>
<a name="l00076"></a>00076 state[0] += a;
<a name="l00077"></a>00077 state[1] += b;
<a name="l00078"></a>00078 state[2] += c;
<a name="l00079"></a>00079 state[3] += d;
<a name="l00080"></a>00080 state[4] += e;
<a name="l00081"></a>00081 }
<a name="l00082"></a>00082
<a name="l00083"></a>00083 <span class="comment">// end of Steve Reid's code</span>
<a name="l00084"></a>00084
<a name="l00085"></a>00085 <span class="comment">// *************************************************************</span>
<a name="l00086"></a>00086
<a name="l00087"></a>00087 <span class="keywordtype">void</span> SHA224::InitState(HashWordType *state)
<a name="l00088"></a>00088 {
<a name="l00089"></a>00089 <span class="keyword">static</span> <span class="keyword">const</span> word32 s[8] = {0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4};
<a name="l00090"></a>00090 memcpy(state, s, <span class="keyword">sizeof</span>(s));
<a name="l00091"></a>00091 }
<a name="l00092"></a>00092
<a name="l00093"></a>00093 <span class="keywordtype">void</span> SHA256::InitState(HashWordType *state)
<a name="l00094"></a>00094 {
<a name="l00095"></a>00095 <span class="keyword">static</span> <span class="keyword">const</span> word32 s[8] = {0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19};
<a name="l00096"></a>00096 memcpy(state, s, <span class="keyword">sizeof</span>(s));
<a name="l00097"></a>00097 }
<a name="l00098"></a>00098
<a name="l00099"></a>00099 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span>
<a name="l00100"></a>00100 <span class="preprocessor"></span>CRYPTOPP_ALIGN_DATA(16) extern const word32 SHA256_K[64] CRYPTOPP_SECTION_ALIGN16 = {
<a name="l00101"></a>00101 <span class="preprocessor">#else</span>
<a name="l00102"></a>00102 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="keyword">const</span> word32 SHA256_K[64] = {
<a name="l00103"></a>00103 <span class="preprocessor">#endif</span>
<a name="l00104"></a>00104 <span class="preprocessor"></span> 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
<a name="l00105"></a>00105 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
<a name="l00106"></a>00106 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
<a name="l00107"></a>00107 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
<a name="l00108"></a>00108 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
<a name="l00109"></a>00109 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
<a name="l00110"></a>00110 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
<a name="l00111"></a>00111 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
<a name="l00112"></a>00112 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
<a name="l00113"></a>00113 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
<a name="l00114"></a>00114 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
<a name="l00115"></a>00115 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
<a name="l00116"></a>00116 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
<a name="l00117"></a>00117 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
<a name="l00118"></a>00118 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
<a name="l00119"></a>00119 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
<a name="l00120"></a>00120 };
<a name="l00121"></a>00121
<a name="l00122"></a>00122 <span class="preprocessor">#endif // #ifndef CRYPTOPP_GENERATE_X64_MASM</span>
<a name="l00123"></a>00123 <span class="preprocessor"></span>
<a name="l00124"></a>00124 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_GENERATE_X64_MASM)</span>
<a name="l00125"></a>00125 <span class="preprocessor"></span>
<a name="l00126"></a>00126 <span class="preprocessor">#pragma warning(disable: 4731) // frame pointer register 'ebp' modified by inline assembly code</span>
<a name="l00127"></a>00127 <span class="preprocessor"></span>
<a name="l00128"></a>00128 <span class="keyword">static</span> <span class="keywordtype">void</span> CRYPTOPP_FASTCALL X86_SHA256_HashBlocks(word32 *state, <span class="keyword">const</span> word32 *data, <span class="keywordtype">size_t</span> len
<a name="l00129"></a>00129 #<span class="keywordflow">if</span> defined(_MSC_VER) && (_MSC_VER == 1200)
<a name="l00130"></a>00130 , ... <span class="comment">// VC60 workaround: prevent VC 6 from inlining this function</span>
<a name="l00131"></a>00131 #endif
<a name="l00132"></a>00132 )
<a name="l00133"></a>00133 {
<a name="l00134"></a>00134 <span class="preprocessor">#if defined(_MSC_VER) && (_MSC_VER == 1200)</span>
<a name="l00135"></a>00135 <span class="preprocessor"></span> AS2(mov ecx, [state])
<a name="l00136"></a>00136 AS2(mov edx, [data])
<a name="l00137"></a>00137 <span class="preprocessor">#endif</span>
<a name="l00138"></a>00138 <span class="preprocessor"></span>
<a name="l00139"></a>00139 <span class="preprocessor"> #define LOCALS_SIZE 8*4 + 16*4 + 4*WORD_SZ</span>
<a name="l00140"></a>00140 <span class="preprocessor"></span><span class="preprocessor"> #define H(i) [BASE+ASM_MOD(1024+7-(i),8)*4]</span>
<a name="l00141"></a>00141 <span class="preprocessor"></span><span class="preprocessor"> #define G(i) H(i+1)</span>
<a name="l00142"></a>00142 <span class="preprocessor"></span><span class="preprocessor"> #define F(i) H(i+2)</span>
<a name="l00143"></a>00143 <span class="preprocessor"></span><span class="preprocessor"> #define E(i) H(i+3)</span>
<a name="l00144"></a>00144 <span class="preprocessor"></span><span class="preprocessor"> #define D(i) H(i+4)</span>
<a name="l00145"></a>00145 <span class="preprocessor"></span><span class="preprocessor"> #define C(i) H(i+5)</span>
<a name="l00146"></a>00146 <span class="preprocessor"></span><span class="preprocessor"> #define B(i) H(i+6)</span>
<a name="l00147"></a>00147 <span class="preprocessor"></span><span class="preprocessor"> #define A(i) H(i+7)</span>
<a name="l00148"></a>00148 <span class="preprocessor"></span><span class="preprocessor"> #define Wt(i) BASE+8*4+ASM_MOD(1024+15-(i),16)*4</span>
<a name="l00149"></a>00149 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_2(i) Wt((i)-2)</span>
<a name="l00150"></a>00150 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_15(i) Wt((i)-15)</span>
<a name="l00151"></a>00151 <span class="preprocessor"></span><span class="preprocessor"> #define Wt_7(i) Wt((i)-7)</span>
<a name="l00152"></a>00152 <span class="preprocessor"></span><span class="preprocessor"> #define K_END [BASE+8*4+16*4+0*WORD_SZ]</span>
<a name="l00153"></a>00153 <span class="preprocessor"></span><span class="preprocessor"> #define STATE_SAVE [BASE+8*4+16*4+1*WORD_SZ]</span>
<a name="l00154"></a>00154 <span class="preprocessor"></span><span class="preprocessor"> #define DATA_SAVE [BASE+8*4+16*4+2*WORD_SZ]</span>
<a name="l00155"></a>00155 <span class="preprocessor"></span><span class="preprocessor"> #define DATA_END [BASE+8*4+16*4+3*WORD_SZ]</span>
<a name="l00156"></a>00156 <span class="preprocessor"></span><span class="preprocessor"> #define Kt(i) WORD_REG(si)+(i)*4</span>
<a name="l00157"></a>00157 <span class="preprocessor"></span><span class="preprocessor">#if CRYPTOPP_BOOL_X86</span>
<a name="l00158"></a>00158 <span class="preprocessor"></span><span class="preprocessor"> #define BASE esp+4</span>
<a name="l00159"></a>00159 <span class="preprocessor"></span><span class="preprocessor">#elif defined(__GNUC__)</span>
<a name="l00160"></a>00160 <span class="preprocessor"></span><span class="preprocessor"> #define BASE r8</span>
<a name="l00161"></a>00161 <span class="preprocessor"></span><span class="preprocessor">#else</span>
<a name="l00162"></a>00162 <span class="preprocessor"></span><span class="preprocessor"> #define BASE rsp</span>
<a name="l00163"></a>00163 <span class="preprocessor"></span><span class="preprocessor">#endif</span>
<a name="l00164"></a>00164 <span class="preprocessor"></span>
<a name="l00165"></a>00165 <span class="preprocessor">#define RA0(i, edx, edi) \</span>
<a name="l00166"></a>00166 <span class="preprocessor"> AS2( add edx, [Kt(i)] )\</span>
<a name="l00167"></a>00167 <span class="preprocessor"> AS2( add edx, [Wt(i)] )\</span>
<a name="l00168"></a>00168 <span class="preprocessor"> AS2( add edx, H(i) )\</span>
<a name="l00169"></a>00169 <span class="preprocessor"></span>
<a name="l00170"></a>00170 <span class="preprocessor"></span><span class="preprocessor">#define RA1(i, edx, edi)</span>
<a name="l00171"></a>00171 <span class="preprocessor"></span>
<a name="l00172"></a>00172 <span class="preprocessor">#define RB0(i, edx, edi)</span>
<a name="l00173"></a>00173 <span class="preprocessor"></span>
<a name="l00174"></a>00174 <span class="preprocessor">#define RB1(i, edx, edi) \</span>
<a name="l00175"></a>00175 <span class="preprocessor"> AS2( mov AS_REG_7d, [Wt_2(i)] )\</span>
<a name="l00176"></a>00176 <span class="preprocessor"> AS2( mov edi, [Wt_15(i)])\</span>
<a name="l00177"></a>00177 <span class="preprocessor"> AS2( mov ebx, AS_REG_7d )\</span>
<a name="l00178"></a>00178 <span class="preprocessor"> AS2( shr AS_REG_7d, 10 )\</span>
<a name="l00179"></a>00179 <span class="preprocessor"> AS2( ror ebx, 17 )\</span>
<a name="l00180"></a>00180 <span class="preprocessor"> AS2( xor AS_REG_7d, ebx )\</span>
<a name="l00181"></a>00181 <span class="preprocessor"> AS2( ror ebx, 2 )\</span>
<a name="l00182"></a>00182 <span class="preprocessor"> AS2( xor ebx, AS_REG_7d )</span><span class="comment">/* s1(W_t-2) */</span>\
<a name="l00183"></a>00183 AS2( add ebx, [Wt_7(i)])\
<a name="l00184"></a>00184 AS2( mov AS_REG_7d, edi )\
<a name="l00185"></a>00185 AS2( shr AS_REG_7d, 3 )\
<a name="l00186"></a>00186 AS2( ror edi, 7 )\
<a name="l00187"></a>00187 AS2( add ebx, [Wt(i)])<span class="comment">/* s1(W_t-2) + W_t-7 + W_t-16 */</span>\
<a name="l00188"></a>00188 AS2( xor AS_REG_7d, edi )\
<a name="l00189"></a>00189 AS2( add edx, [Kt(i)])\
<a name="l00190"></a>00190 AS2( ror edi, 11 )\
<a name="l00191"></a>00191 AS2( add edx, H(i) )\
<a name="l00192"></a>00192 AS2( xor AS_REG_7d, edi )<span class="comment">/* s0(W_t-15) */</span>\
<a name="l00193"></a>00193 AS2( add AS_REG_7d, ebx )<span class="comment">/* W_t = s1(W_t-2) + W_t-7 + s0(W_t-15) W_t-16*/</span>\
<a name="l00194"></a>00194 AS2( mov [Wt(i)], AS_REG_7d)\
<a name="l00195"></a>00195 AS2( add edx, AS_REG_7d )\
<a name="l00196"></a>00196
<a name="l00197"></a>00197 <span class="preprocessor">#define ROUND(i, r, eax, ecx, edi, edx)\</span>
<a name="l00198"></a>00198 <span class="preprocessor"> </span><span class="comment">/* in: edi = E */</span>\
<a name="l00199"></a>00199 <span class="comment">/* unused: eax, ecx, temp: ebx, AS_REG_7d, out: edx = T1 */</span>\
<a name="l00200"></a>00200 AS2( mov edx, F(i) )\
<a name="l00201"></a>00201 AS2( xor edx, G(i) )\
<a name="l00202"></a>00202 AS2( and edx, edi )\
<a name="l00203"></a>00203 AS2( xor edx, G(i) )<span class="comment">/* Ch(E,F,G) = (G^(E&(F^G))) */</span>\
<a name="l00204"></a>00204 AS2( mov AS_REG_7d, edi )\
<a name="l00205"></a>00205 AS2( ror edi, 6 )\
<a name="l00206"></a>00206 AS2( ror AS_REG_7d, 25 )\
<a name="l00207"></a>00207 RA##r(i, edx, edi )<span class="comment">/* H + Wt + Kt + Ch(E,F,G) */</span>\
<a name="l00208"></a>00208 AS2( xor AS_REG_7d, edi )\
<a name="l00209"></a>00209 AS2( ror edi, 5 )\
<a name="l00210"></a>00210 AS2( xor AS_REG_7d, edi )<span class="comment">/* S1(E) */</span>\
<a name="l00211"></a>00211 AS2( add edx, AS_REG_7d )<span class="comment">/* T1 = S1(E) + Ch(E,F,G) + H + Wt + Kt */</span>\
<a name="l00212"></a>00212 RB##r(i, edx, edi )<span class="comment">/* H + Wt + Kt + Ch(E,F,G) */</span>\
<a name="l00213"></a>00213 <span class="comment">/* in: ecx = A, eax = B^C, edx = T1 */</span>\
<a name="l00214"></a>00214 <span class="comment">/* unused: edx, temp: ebx, AS_REG_7d, out: eax = A, ecx = B^C, edx = E */</span>\
<a name="l00215"></a>00215 AS2( mov ebx, ecx )\
<a name="l00216"></a>00216 AS2( xor ecx, B(i) )<span class="comment">/* A^B */</span>\
<a name="l00217"></a>00217 AS2( and eax, ecx )\
<a name="l00218"></a>00218 AS2( xor eax, B(i) )<span class="comment">/* Maj(A,B,C) = B^((A^B)&(B^C) */</span>\
<a name="l00219"></a>00219 AS2( mov AS_REG_7d, ebx )\
<a name="l00220"></a>00220 AS2( ror ebx, 2 )\
<a name="l00221"></a>00221 AS2( add eax, edx )<span class="comment">/* T1 + Maj(A,B,C) */</span>\
<a name="l00222"></a>00222 AS2( add edx, D(i) )\
<a name="l00223"></a>00223 AS2( mov D(i), edx )\
<a name="l00224"></a>00224 AS2( ror AS_REG_7d, 22 )\
<a name="l00225"></a>00225 AS2( xor AS_REG_7d, ebx )\
<a name="l00226"></a>00226 AS2( ror ebx, 11 )\
<a name="l00227"></a>00227 AS2( xor AS_REG_7d, ebx )\
<a name="l00228"></a>00228 AS2( add eax, AS_REG_7d )<span class="comment">/* T1 + S0(A) + Maj(A,B,C) */</span>\
<a name="l00229"></a>00229 AS2( mov H(i), eax )\
<a name="l00230"></a>00230
<a name="l00231"></a>00231 <span class="preprocessor">#define SWAP_COPY(i) \</span>
<a name="l00232"></a>00232 <span class="preprocessor"> AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\</span>
<a name="l00233"></a>00233 <span class="preprocessor"> AS1( bswap WORD_REG(bx))\</span>
<a name="l00234"></a>00234 <span class="preprocessor"> AS2( mov [Wt(i*(1+CRYPTOPP_BOOL_X64)+CRYPTOPP_BOOL_X64)], WORD_REG(bx))</span>
<a name="l00235"></a>00235 <span class="preprocessor"></span>
<a name="l00236"></a>00236 <span class="preprocessor">#if defined(__GNUC__)</span>
<a name="l00237"></a>00237 <span class="preprocessor"></span><span class="preprocessor"> #if CRYPTOPP_BOOL_X64</span>
<a name="l00238"></a>00238 <span class="preprocessor"></span> <a class="code" href="class_fixed_size_aligned_sec_block.html">FixedSizeAlignedSecBlock<byte, LOCALS_SIZE></a> workspace;
<a name="l00239"></a>00239 <span class="preprocessor"> #endif</span>
<a name="l00240"></a>00240 <span class="preprocessor"></span> __asm__ __volatile__
<a name="l00241"></a>00241 (
<a name="l00242"></a>00242 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64
<a name="l00243"></a>00243 <span class="stringliteral">"lea %4, %%r8;"</span>
<a name="l00244"></a>00244 #endif
<a name="l00245"></a>00245 <span class="stringliteral">".intel_syntax noprefix;"</span>
<a name="l00246"></a>00246 #elif defined(CRYPTOPP_GENERATE_X64_MASM)
<a name="l00247"></a>00247 ALIGN 8
<a name="l00248"></a>00248 X86_SHA256_HashBlocks PROC FRAME
<a name="l00249"></a>00249 rex_push_reg rsi
<a name="l00250"></a>00250 push_reg rdi
<a name="l00251"></a>00251 push_reg rbx
<a name="l00252"></a>00252 push_reg rbp
<a name="l00253"></a>00253 alloc_stack(LOCALS_SIZE+8)
<a name="l00254"></a>00254 .endprolog
<a name="l00255"></a>00255 mov rdi, r8
<a name="l00256"></a>00256 lea rsi, [?SHA256_K@CryptoPP@@3QBIB + 48*4]
<a name="l00257"></a>00257 #endif
<a name="l00258"></a>00258
<a name="l00259"></a>00259 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00260"></a>00260 #ifndef __GNUC__
<a name="l00261"></a>00261 AS2( mov edi, [len])
<a name="l00262"></a>00262 AS2( lea WORD_REG(si), [SHA256_K+48*4])
<a name="l00263"></a>00263 #endif
<a name="l00264"></a>00264 #<span class="keywordflow">if</span> !defined(_MSC_VER) || (_MSC_VER < 1400)
<a name="l00265"></a>00265 AS_PUSH_IF86(bx)
<a name="l00266"></a>00266 #endif
<a name="l00267"></a>00267
<a name="l00268"></a>00268 AS_PUSH_IF86(bp)
<a name="l00269"></a>00269 AS2( mov ebx, esp)
<a name="l00270"></a>00270 AS2( and esp, -16)
<a name="l00271"></a>00271 AS2( sub WORD_REG(sp), LOCALS_SIZE)
<a name="l00272"></a>00272 AS_PUSH_IF86(bx)
<a name="l00273"></a>00273 #endif
<a name="l00274"></a>00274 AS2( mov STATE_SAVE, WORD_REG(cx))
<a name="l00275"></a>00275 AS2( mov DATA_SAVE, WORD_REG(dx))
<a name="l00276"></a>00276 AS2( lea WORD_REG(ax), [WORD_REG(di) + WORD_REG(dx)])
<a name="l00277"></a>00277 AS2( mov DATA_END, WORD_REG(ax))
<a name="l00278"></a>00278 AS2( mov K_END, WORD_REG(si))
<a name="l00279"></a>00279
<a name="l00280"></a>00280 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00281"></a>00281 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00282"></a>00282 AS2( test edi, 1)
<a name="l00283"></a>00283 ASJ( jnz, 2, f)
<a name="l00284"></a>00284 AS1( dec DWORD PTR K_END)
<a name="l00285"></a>00285 #endif
<a name="l00286"></a>00286 AS2( movdqa xmm0, XMMWORD_PTR [WORD_REG(cx)+0*16])
<a name="l00287"></a>00287 AS2( movdqa xmm1, XMMWORD_PTR [WORD_REG(cx)+1*16])
<a name="l00288"></a>00288 #endif
<a name="l00289"></a>00289
<a name="l00290"></a>00290 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00291"></a>00291 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00292"></a>00292 ASJ( jmp, 0, f)
<a name="l00293"></a>00293 #endif
<a name="l00294"></a>00294 ASL(2) <span class="comment">// non-SSE2</span>
<a name="l00295"></a>00295 AS2( mov esi, ecx)
<a name="l00296"></a>00296 AS2( lea edi, A(0))
<a name="l00297"></a>00297 AS2( mov ecx, 8)
<a name="l00298"></a>00298 AS1( rep movsd)
<a name="l00299"></a>00299 AS2( mov esi, K_END)
<a name="l00300"></a>00300 ASJ( jmp, 3, f)
<a name="l00301"></a>00301 #endif
<a name="l00302"></a>00302
<a name="l00303"></a>00303 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00304"></a>00304 ASL(0)
<a name="l00305"></a>00305 AS2( movdqa E(0), xmm1)
<a name="l00306"></a>00306 AS2( movdqa A(0), xmm0)
<a name="l00307"></a>00307 #endif
<a name="l00308"></a>00308 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00309"></a>00309 ASL(3)
<a name="l00310"></a>00310 #endif
<a name="l00311"></a>00311 AS2( sub WORD_REG(si), 48*4)
<a name="l00312"></a>00312 SWAP_COPY(0) SWAP_COPY(1) SWAP_COPY(2) SWAP_COPY(3)
<a name="l00313"></a>00313 SWAP_COPY(4) SWAP_COPY(5) SWAP_COPY(6) SWAP_COPY(7)
<a name="l00314"></a>00314 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00315"></a>00315 SWAP_COPY(8) SWAP_COPY(9) SWAP_COPY(10) SWAP_COPY(11)
<a name="l00316"></a>00316 SWAP_COPY(12) SWAP_COPY(13) SWAP_COPY(14) SWAP_COPY(15)
<a name="l00317"></a>00317 #endif
<a name="l00318"></a>00318 AS2( mov edi, E(0)) <span class="comment">// E</span>
<a name="l00319"></a>00319 AS2( mov eax, B(0)) <span class="comment">// B</span>
<a name="l00320"></a>00320 AS2( xor eax, C(0)) <span class="comment">// B^C</span>
<a name="l00321"></a>00321 AS2( mov ecx, A(0)) <span class="comment">// A</span>
<a name="l00322"></a>00322
<a name="l00323"></a>00323 ROUND(0, 0, eax, ecx, edi, edx)
<a name="l00324"></a>00324 ROUND(1, 0, ecx, eax, edx, edi)
<a name="l00325"></a>00325 ROUND(2, 0, eax, ecx, edi, edx)
<a name="l00326"></a>00326 ROUND(3, 0, ecx, eax, edx, edi)
<a name="l00327"></a>00327 ROUND(4, 0, eax, ecx, edi, edx)
<a name="l00328"></a>00328 ROUND(5, 0, ecx, eax, edx, edi)
<a name="l00329"></a>00329 ROUND(6, 0, eax, ecx, edi, edx)
<a name="l00330"></a>00330 ROUND(7, 0, ecx, eax, edx, edi)
<a name="l00331"></a>00331 ROUND(8, 0, eax, ecx, edi, edx)
<a name="l00332"></a>00332 ROUND(9, 0, ecx, eax, edx, edi)
<a name="l00333"></a>00333 ROUND(10, 0, eax, ecx, edi, edx)
<a name="l00334"></a>00334 ROUND(11, 0, ecx, eax, edx, edi)
<a name="l00335"></a>00335 ROUND(12, 0, eax, ecx, edi, edx)
<a name="l00336"></a>00336 ROUND(13, 0, ecx, eax, edx, edi)
<a name="l00337"></a>00337 ROUND(14, 0, eax, ecx, edi, edx)
<a name="l00338"></a>00338 ROUND(15, 0, ecx, eax, edx, edi)
<a name="l00339"></a>00339
<a name="l00340"></a>00340 ASL(1)
<a name="l00341"></a>00341 AS2(add WORD_REG(si), 4*16)
<a name="l00342"></a>00342 ROUND(0, 1, eax, ecx, edi, edx)
<a name="l00343"></a>00343 ROUND(1, 1, ecx, eax, edx, edi)
<a name="l00344"></a>00344 ROUND(2, 1, eax, ecx, edi, edx)
<a name="l00345"></a>00345 ROUND(3, 1, ecx, eax, edx, edi)
<a name="l00346"></a>00346 ROUND(4, 1, eax, ecx, edi, edx)
<a name="l00347"></a>00347 ROUND(5, 1, ecx, eax, edx, edi)
<a name="l00348"></a>00348 ROUND(6, 1, eax, ecx, edi, edx)
<a name="l00349"></a>00349 ROUND(7, 1, ecx, eax, edx, edi)
<a name="l00350"></a>00350 ROUND(8, 1, eax, ecx, edi, edx)
<a name="l00351"></a>00351 ROUND(9, 1, ecx, eax, edx, edi)
<a name="l00352"></a>00352 ROUND(10, 1, eax, ecx, edi, edx)
<a name="l00353"></a>00353 ROUND(11, 1, ecx, eax, edx, edi)
<a name="l00354"></a>00354 ROUND(12, 1, eax, ecx, edi, edx)
<a name="l00355"></a>00355 ROUND(13, 1, ecx, eax, edx, edi)
<a name="l00356"></a>00356 ROUND(14, 1, eax, ecx, edi, edx)
<a name="l00357"></a>00357 ROUND(15, 1, ecx, eax, edx, edi)
<a name="l00358"></a>00358 AS2( cmp WORD_REG(si), K_END)
<a name="l00359"></a>00359 ASJ( jb, 1, b)
<a name="l00360"></a>00360
<a name="l00361"></a>00361 AS2( mov WORD_REG(dx), DATA_SAVE)
<a name="l00362"></a>00362 AS2( add WORD_REG(dx), 64)
<a name="l00363"></a>00363 AS2( mov AS_REG_7, STATE_SAVE)
<a name="l00364"></a>00364 AS2( mov DATA_SAVE, WORD_REG(dx))
<a name="l00365"></a>00365
<a name="l00366"></a>00366 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00367"></a>00367 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00368"></a>00368 AS2( test DWORD PTR K_END, 1)
<a name="l00369"></a>00369 ASJ( jz, 4, f)
<a name="l00370"></a>00370 #endif
<a name="l00371"></a>00371 AS2( movdqa xmm1, XMMWORD_PTR [AS_REG_7+1*16])
<a name="l00372"></a>00372 AS2( movdqa xmm0, XMMWORD_PTR [AS_REG_7+0*16])
<a name="l00373"></a>00373 AS2( paddd xmm1, E(0))
<a name="l00374"></a>00374 AS2( paddd xmm0, A(0))
<a name="l00375"></a>00375 AS2( movdqa [AS_REG_7+1*16], xmm1)
<a name="l00376"></a>00376 AS2( movdqa [AS_REG_7+0*16], xmm0)
<a name="l00377"></a>00377 AS2( cmp WORD_REG(dx), DATA_END)
<a name="l00378"></a>00378 ASJ( jb, 0, b)
<a name="l00379"></a>00379 #endif
<a name="l00380"></a>00380
<a name="l00381"></a>00381 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86
<a name="l00382"></a>00382 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00383"></a>00383 ASJ( jmp, 5, f)
<a name="l00384"></a>00384 ASL(4) <span class="comment">// non-SSE2</span>
<a name="l00385"></a>00385 #endif
<a name="l00386"></a>00386 AS2( add [AS_REG_7+0*4], ecx) <span class="comment">// A</span>
<a name="l00387"></a>00387 AS2( add [AS_REG_7+4*4], edi) <span class="comment">// E</span>
<a name="l00388"></a>00388 AS2( mov eax, B(0))
<a name="l00389"></a>00389 AS2( mov ebx, C(0))
<a name="l00390"></a>00390 AS2( mov ecx, D(0))
<a name="l00391"></a>00391 AS2( add [AS_REG_7+1*4], eax)
<a name="l00392"></a>00392 AS2( add [AS_REG_7+2*4], ebx)
<a name="l00393"></a>00393 AS2( add [AS_REG_7+3*4], ecx)
<a name="l00394"></a>00394 AS2( mov eax, F(0))
<a name="l00395"></a>00395 AS2( mov ebx, G(0))
<a name="l00396"></a>00396 AS2( mov ecx, H(0))
<a name="l00397"></a>00397 AS2( add [AS_REG_7+5*4], eax)
<a name="l00398"></a>00398 AS2( add [AS_REG_7+6*4], ebx)
<a name="l00399"></a>00399 AS2( add [AS_REG_7+7*4], ecx)
<a name="l00400"></a>00400 AS2( mov ecx, AS_REG_7d)
<a name="l00401"></a>00401 AS2( cmp WORD_REG(dx), DATA_END)
<a name="l00402"></a>00402 ASJ( jb, 2, b)
<a name="l00403"></a>00403 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
<a name="l00404"></a>00404 ASL(5)
<a name="l00405"></a>00405 #endif
<a name="l00406"></a>00406 #endif
<a name="l00407"></a>00407
<a name="l00408"></a>00408 AS_POP_IF86(sp)
<a name="l00409"></a>00409 AS_POP_IF86(bp)
<a name="l00410"></a>00410 #<span class="keywordflow">if</span> !defined(_MSC_VER) || (_MSC_VER < 1400)
<a name="l00411"></a>00411 AS_POP_IF86(bx)
<a name="l00412"></a>00412 #endif
<a name="l00413"></a>00413
<a name="l00414"></a>00414 #ifdef CRYPTOPP_GENERATE_X64_MASM
<a name="l00415"></a>00415 add rsp, LOCALS_SIZE+8
<a name="l00416"></a>00416 pop rbp
<a name="l00417"></a>00417 pop rbx
<a name="l00418"></a>00418 pop rdi
<a name="l00419"></a>00419 pop rsi
<a name="l00420"></a>00420 ret
<a name="l00421"></a>00421 X86_SHA256_HashBlocks ENDP
<a name="l00422"></a>00422 #endif
<a name="l00423"></a>00423
<a name="l00424"></a>00424 #ifdef __GNUC__
<a name="l00425"></a>00425 <span class="stringliteral">".att_syntax prefix;"</span>
<a name="l00426"></a>00426 :
<a name="l00427"></a>00427 : <span class="stringliteral">"c"</span> (state), <span class="stringliteral">"d"</span> (data), <span class="stringliteral">"S"</span> (SHA256_K+48), <span class="stringliteral">"D"</span> (len)
<a name="l00428"></a>00428 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64
<a name="l00429"></a>00429 , <span class="stringliteral">"m"</span> (workspace[0])
<a name="l00430"></a>00430 #endif
<a name="l00431"></a>00431 : <span class="stringliteral">"memory"</span>, <span class="stringliteral">"cc"</span>, <span class="stringliteral">"%eax"</span>
<a name="l00432"></a>00432 #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64
<a name="l00433"></a>00433 , <span class="stringliteral">"%rbx"</span>, <span class="stringliteral">"%r8"</span>, <span class="stringliteral">"%r10"</span>
<a name="l00434"></a>00434 #endif
<a name="l00435"></a>00435 );
<a name="l00436"></a>00436 <span class="preprocessor">#endif</span>
<a name="l00437"></a>00437 <span class="preprocessor"></span>}
<a name="l00438"></a>00438
<a name="l00439"></a>00439 <span class="preprocessor">#endif // #if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_GENERATE_X64_MASM)</span>
<a name="l00440"></a>00440 <span class="preprocessor"></span>
<a name="l00441"></a>00441 <span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span>
<a name="l00442"></a>00442 <span class="preprocessor"></span>
<a name="l00443"></a>00443 <span class="preprocessor">#ifdef CRYPTOPP_X64_MASM_AVAILABLE</span>
<a name="l00444"></a>00444 <span class="preprocessor"></span><span class="keyword">extern</span> <span class="stringliteral">"C"</span> {
<a name="l00445"></a>00445 <span class="keywordtype">void</span> CRYPTOPP_FASTCALL X86_SHA256_HashBlocks(word32 *state, <span class="keyword">const</span> word32 *data, <span class="keywordtype">size_t</span> len);
<a name="l00446"></a>00446 }
<a name="l00447"></a>00447 <span class="preprocessor">#endif</span>
<a name="l00448"></a>00448 <span class="preprocessor"></span>
<a name="l00449"></a>00449 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)</span>
<a name="l00450"></a>00450 <span class="preprocessor"></span>
<a name="l00451"></a>00451 <span class="keywordtype">size_t</span> SHA256::HashMultipleBlocks(<span class="keyword">const</span> word32 *input, <span class="keywordtype">size_t</span> length)
<a name="l00452"></a>00452 {
<a name="l00453"></a>00453 X86_SHA256_HashBlocks(m_state, input, (length&(<span class="keywordtype">size_t</span>(0)-BLOCKSIZE)) - !HasSSE2());
<a name="l00454"></a>00454 <span class="keywordflow">return</span> length % BLOCKSIZE;
<a name="l00455"></a>00455 }
<a name="l00456"></a>00456
<a name="l00457"></a>00457 <span class="keywordtype">size_t</span> SHA224::HashMultipleBlocks(<span class="keyword">const</span> word32 *input, <span class="keywordtype">size_t</span> length)
<a name="l00458"></a>00458 {
<a name="l00459"></a>00459 X86_SHA256_HashBlocks(m_state, input, (length&(<span class="keywordtype">size_t</span>(0)-BLOCKSIZE)) - !HasSSE2());
<a name="l00460"></a>00460 <span class="keywordflow">return</span> length % BLOCKSIZE;
<a name="l00461"></a>00461 }
<a name="l00462"></a>00462
<a name="l00463"></a>00463 <span class="preprocessor">#endif</span>
<a name="l00464"></a>00464 <span class="preprocessor"></span>
<a name="l00465"></a>00465 <span class="preprocessor">#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))</span>
<a name="l00466"></a>00466 <span class="preprocessor"></span>
<a name="l00467"></a>00467 <span class="preprocessor">#define Ch(x,y,z) (z^(x&(y^z)))</span>
<a name="l00468"></a>00468 <span class="preprocessor"></span><span class="preprocessor">#define Maj(x,y,z) (y^((x^y)&(y^z)))</span>
<a name="l00469"></a>00469 <span class="preprocessor"></span>
<a name="l00470"></a>00470 <span class="preprocessor">#define a(i) T[(0-i)&7]</span>
<a name="l00471"></a>00471 <span class="preprocessor"></span><span class="preprocessor">#define b(i) T[(1-i)&7]</span>
<a name="l00472"></a>00472 <span class="preprocessor"></span><span class="preprocessor">#define c(i) T[(2-i)&7]</span>
<a name="l00473"></a>00473 <span class="preprocessor"></span><span class="preprocessor">#define d(i) T[(3-i)&7]</span>
<a name="l00474"></a>00474 <span class="preprocessor"></span><span class="preprocessor">#define e(i) T[(4-i)&7]</span>
<a name="l00475"></a>00475 <span class="preprocessor"></span><span class="preprocessor">#define f(i) T[(5-i)&7]</span>
<a name="l00476"></a>00476 <span class="preprocessor"></span><span class="preprocessor">#define g(i) T[(6-i)&7]</span>
<a name="l00477"></a>00477 <span class="preprocessor"></span><span class="preprocessor">#define h(i) T[(7-i)&7]</span>
<a name="l00478"></a>00478 <span class="preprocessor"></span>
<a name="l00479"></a>00479 <span class="preprocessor">#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA256_K[i+j]+(j?blk2(i):blk0(i));\</span>
<a name="l00480"></a>00480 <span class="preprocessor"> d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))</span>
<a name="l00481"></a>00481 <span class="preprocessor"></span>
<a name="l00482"></a>00482 <span class="comment">// for SHA256</span>
<a name="l00483"></a>00483 <span class="preprocessor">#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22))</span>
<a name="l00484"></a>00484 <span class="preprocessor"></span><span class="preprocessor">#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25))</span>
<a name="l00485"></a>00485 <span class="preprocessor"></span><span class="preprocessor">#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3))</span>
<a name="l00486"></a>00486 <span class="preprocessor"></span><span class="preprocessor">#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10))</span>
<a name="l00487"></a>00487 <span class="preprocessor"></span>
<a name="l00488"></a>00488 <span class="keywordtype">void</span> SHA256::Transform(word32 *state, <span class="keyword">const</span> word32 *data)
<a name="l00489"></a>00489 {
<a name="l00490"></a>00490 word32 W[16];
<a name="l00491"></a>00491 <span class="preprocessor">#if defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)</span>
<a name="l00492"></a>00492 <span class="preprocessor"></span> <span class="comment">// this byte reverse is a waste of time, but this function is only called by MDC</span>
<a name="l00493"></a>00493 ByteReverse(W, data, BLOCKSIZE);
<a name="l00494"></a>00494 X86_SHA256_HashBlocks(state, W, BLOCKSIZE - !HasSSE2());
<a name="l00495"></a>00495 <span class="preprocessor">#else</span>
<a name="l00496"></a>00496 <span class="preprocessor"></span> word32 T[8];
<a name="l00497"></a>00497 <span class="comment">/* Copy context->state[] to working vars */</span>
<a name="l00498"></a>00498 memcpy(T, state, <span class="keyword">sizeof</span>(T));
<a name="l00499"></a>00499 <span class="comment">/* 64 operations, partially loop unrolled */</span>
<a name="l00500"></a>00500 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j=0; j<64; j+=16)
<a name="l00501"></a>00501 {
<a name="l00502"></a>00502 R( 0); R( 1); R( 2); R( 3);
<a name="l00503"></a>00503 R( 4); R( 5); R( 6); R( 7);
<a name="l00504"></a>00504 R( 8); R( 9); R(10); R(11);
<a name="l00505"></a>00505 R(12); R(13); R(14); R(15);
<a name="l00506"></a>00506 }
<a name="l00507"></a>00507 <span class="comment">/* Add the working vars back into context.state[] */</span>
<a name="l00508"></a>00508 state[0] += a(0);
<a name="l00509"></a>00509 state[1] += b(0);
<a name="l00510"></a>00510 state[2] += c(0);
<a name="l00511"></a>00511 state[3] += d(0);
<a name="l00512"></a>00512 state[4] += e(0);
<a name="l00513"></a>00513 state[5] += f(0);
<a name="l00514"></a>00514 state[6] += g(0);
<a name="l00515"></a>00515 state[7] += h(0);
<a name="l00516"></a>00516 <span class="preprocessor">#endif</span>
<a name="l00517"></a>00517 <span class="preprocessor"></span>}
<a name="l00518"></a>00518
<a name="l00519"></a>00519 <span class="comment">/* </span>
<a name="l00520"></a>00520 <span class="comment">// smaller but slower</span>
<a name="l00521"></a>00521 <span class="comment">void SHA256::Transform(word32 *state, const word32 *data)</span>
<a name="l00522"></a>00522 <span class="comment">{</span>
<a name="l00523"></a>00523 <span class="comment"> word32 T[20];</span>
<a name="l00524"></a>00524 <span class="comment"> word32 W[32];</span>
<a name="l00525"></a>00525 <span class="comment"> unsigned int i = 0, j = 0;</span>
<a name="l00526"></a>00526 <span class="comment"> word32 *t = T+8;</span>
<a name="l00527"></a>00527 <span class="comment"></span>
<a name="l00528"></a>00528 <span class="comment"> memcpy(t, state, 8*4);</span>
<a name="l00529"></a>00529 <span class="comment"> word32 e = t[4], a = t[0];</span>
<a name="l00530"></a>00530 <span class="comment"></span>
<a name="l00531"></a>00531 <span class="comment"> do </span>
<a name="l00532"></a>00532 <span class="comment"> {</span>
<a name="l00533"></a>00533 <span class="comment"> word32 w = data[j];</span>
<a name="l00534"></a>00534 <span class="comment"> W[j] = w;</span>
<a name="l00535"></a>00535 <span class="comment"> w += SHA256_K[j];</span>
<a name="l00536"></a>00536 <span class="comment"> w += t[7];</span>
<a name="l00537"></a>00537 <span class="comment"> w += S1(e);</span>
<a name="l00538"></a>00538 <span class="comment"> w += Ch(e, t[5], t[6]);</span>
<a name="l00539"></a>00539 <span class="comment"> e = t[3] + w;</span>
<a name="l00540"></a>00540 <span class="comment"> t[3] = t[3+8] = e;</span>
<a name="l00541"></a>00541 <span class="comment"> w += S0(t[0]);</span>
<a name="l00542"></a>00542 <span class="comment"> a = w + Maj(a, t[1], t[2]);</span>
<a name="l00543"></a>00543 <span class="comment"> t[-1] = t[7] = a;</span>
<a name="l00544"></a>00544 <span class="comment"> --t;</span>
<a name="l00545"></a>00545 <span class="comment"> ++j;</span>
<a name="l00546"></a>00546 <span class="comment"> if (j%8 == 0)</span>
<a name="l00547"></a>00547 <span class="comment"> t += 8;</span>
<a name="l00548"></a>00548 <span class="comment"> } while (j<16);</span>
<a name="l00549"></a>00549 <span class="comment"></span>
<a name="l00550"></a>00550 <span class="comment"> do</span>
<a name="l00551"></a>00551 <span class="comment"> {</span>
<a name="l00552"></a>00552 <span class="comment"> i = j&0xf;</span>
<a name="l00553"></a>00553 <span class="comment"> word32 w = s1(W[i+16-2]) + s0(W[i+16-15]) + W[i] + W[i+16-7];</span>
<a name="l00554"></a>00554 <span class="comment"> W[i+16] = W[i] = w;</span>
<a name="l00555"></a>00555 <span class="comment"> w += SHA256_K[j];</span>
<a name="l00556"></a>00556 <span class="comment"> w += t[7];</span>
<a name="l00557"></a>00557 <span class="comment"> w += S1(e);</span>
<a name="l00558"></a>00558 <span class="comment"> w += Ch(e, t[5], t[6]);</span>
<a name="l00559"></a>00559 <span class="comment"> e = t[3] + w;</span>
<a name="l00560"></a>00560 <span class="comment"> t[3] = t[3+8] = e;</span>
<a name="l00561"></a>00561 <span class="comment"> w += S0(t[0]);</span>
<a name="l00562"></a>00562 <span class="comment"> a = w + Maj(a, t[1], t[2]);</span>
<a name="l00563"></a>00563 <span class="comment"> t[-1] = t[7] = a;</span>
<a name="l00564"></a>00564 <span class="comment"></span>
<a name="l00565"></a>00565 <span class="comment"> w = s1(W[(i+1)+16-2]) + s0(W[(i+1)+16-15]) + W[(i+1)] + W[(i+1)+16-7];</span>
<a name="l00566"></a>00566 <span class="comment"> W[(i+1)+16] = W[(i+1)] = w;</span>
<a name="l00567"></a>00567 <span class="comment"> w += SHA256_K[j+1];</span>
<a name="l00568"></a>00568 <span class="comment"> w += (t-1)[7];</span>
<a name="l00569"></a>00569 <span class="comment"> w += S1(e);</span>
<a name="l00570"></a>00570 <span class="comment"> w += Ch(e, (t-1)[5], (t-1)[6]);</span>
<a name="l00571"></a>00571 <span class="comment"> e = (t-1)[3] + w;</span>
<a name="l00572"></a>00572 <span class="comment"> (t-1)[3] = (t-1)[3+8] = e;</span>
<a name="l00573"></a>00573 <span class="comment"> w += S0((t-1)[0]);</span>
<a name="l00574"></a>00574 <span class="comment"> a = w + Maj(a, (t-1)[1], (t-1)[2]);</span>
<a name="l00575"></a>00575 <span class="comment"> (t-1)[-1] = (t-1)[7] = a;</span>
<a name="l00576"></a>00576 <span class="comment"></span>
<a name="l00577"></a>00577 <span class="comment"> t-=2;</span>
<a name="l00578"></a>00578 <span class="comment"> j+=2;</span>
<a name="l00579"></a>00579 <span class="comment"> if (j%8 == 0)</span>
<a name="l00580"></a>00580 <span class="comment"> t += 8;</span>
<a name="l00581"></a>00581 <span class="comment"> } while (j<64);</span>
<a name="l00582"></a>00582 <span class="comment"></span>
<a name="l00583"></a>00583 <span class="comment"> state[0] += a;</span>
<a name="l00584"></a>00584 <span class="comment"> state[1] += t[1];</span>
<a name="l00585"></a>00585 <span class="comment"> state[2] += t[2];</span>
<a name="l00586"></a>00586 <span class="comment"> state[3] += t[3];</span>
<a name="l00587"></a>00587 <span class="comment"> state[4] += e;</span>
<a name="l00588"></a>00588 <span class="comment"> state[5] += t[5];</span>
<a name="l00589"></a>00589 <span class="comment"> state[6] += t[6];</span>
<a name="l00590"></a>00590 <span class="comment"> state[7] += t[7];</span>
<a name="l00591"></a>00591 <span class="comment">}</span>
<a name="l00592"></a>00592 <span class="comment">*/</span>
<a name="l00593"></a>00593
<a name="l00594"></a>00594 <span class="preprocessor">#undef S0</span>
<a name="l00595"></a>00595 <span class="preprocessor"></span><span class="preprocessor">#undef S1</span>
<a name="l00596"></a>00596 <span class="preprocessor"></span><span class="preprocessor">#undef s0</span>
<a name="l00597"></a>00597 <span class="preprocessor"></span><span class="preprocessor">#undef s1</span>
<a name="l00598"></a>00598 <span class="preprocessor"></span><span class="preprocessor">#undef R</span>
<a name="l00599"></a>00599 <span class="preprocessor"></span>
<a name="l00600"></a>00600 <span class="comment">// *************************************************************</span>
<a name="l00601"></a>00601
<a name="l00602"></a>00602 <span class="keywordtype">void</span> SHA384::InitState(HashWordType *state)
<a name="l00603"></a>00603 {
<a name="l00604"></a>00604 <span class="keyword">static</span> <span class="keyword">const</span> word64 s[8] = {
<a name="l00605"></a>00605 W64LIT(0xcbbb9d5dc1059ed8), W64LIT(0x629a292a367cd507),
<a name="l00606"></a>00606 W64LIT(0x9159015a3070dd17), W64LIT(0x152fecd8f70e5939),
<a name="l00607"></a>00607 W64LIT(0x67332667ffc00b31), W64LIT(0x8eb44a8768581511),
<a name="l00608"></a>00608 W64LIT(0xdb0c2e0d64f98fa7), W64LIT(0x47b5481dbefa4fa4)};
<a name="l00609"></a>00609 memcpy(state, s, <span class="keyword">sizeof</span>(s));
<a name="l00610"></a>00610 }
<a name="l00611"></a>00611
<a name="l00612"></a>00612 <span class="keywordtype">void</span> SHA512::InitState(HashWordType *state)
<a name="l00613"></a>00613 {
<a name="l00614"></a>00614 <span class="keyword">static</span> <span class="keyword">const</span> word64 s[8] = {
<a name="l00615"></a>00615 W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b),
<a name="l00616"></a>00616 W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1),
<a name="l00617"></a>00617 W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f),
<a name="l00618"></a>00618 W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)};
<a name="l00619"></a>00619 memcpy(state, s, <span class="keyword">sizeof</span>(s));
<a name="l00620"></a>00620 }
<a name="l00621"></a>00621
<a name="l00622"></a>00622 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span>
<a name="l00623"></a>00623 <span class="preprocessor"></span>CRYPTOPP_ALIGN_DATA(16) static const word64 SHA512_K[80] CRYPTOPP_SECTION_ALIGN16 = {
<a name="l00624"></a>00624 <span class="preprocessor">#else</span>
<a name="l00625"></a>00625 <span class="preprocessor"></span><span class="keyword">static</span> <span class="keyword">const</span> word64 SHA512_K[80] = {
<a name="l00626"></a>00626 <span class="preprocessor">#endif</span>
<a name="l00627"></a>00627 <span class="preprocessor"></span> W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
<a name="l00628"></a>00628 W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
<a name="l00629"></a>00629 W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
<a name="l00630"></a>00630 W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
<a name="l00631"></a>00631 W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
<a name="l00632"></a>00632 W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
<a name="l00633"></a>00633 W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
<a name="l00634"></a>00634 W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
<a name="l00635"></a>00635 W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
<a name="l00636"></a>00636 W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
<a name="l00637"></a>00637 W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
<a name="l00638"></a>00638 W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
<a name="l00639"></a>00639 W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
<a name="l00640"></a>00640 W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
<a name="l00641"></a>00641 W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
<a name="l00642"></a>00642 W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
<a name="l00643"></a>00643 W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
<a name="l00644"></a>00644 W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
<a name="l00645"></a>00645 W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
<a name="l00646"></a>00646 W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
<a name="l00647"></a>00647 W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
<a name="l00648"></a>00648 W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
<a name="l00649"></a>00649 W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
<a name="l00650"></a>00650 W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
<a name="l00651"></a>00651 W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
<a name="l00652"></a>00652 W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
<a name="l00653"></a>00653 W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
<a name="l00654"></a>00654 W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
<a name="l00655"></a>00655 W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
<a name="l00656"></a>00656 W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
<a name="l00657"></a>00657 W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
<a name="l00658"></a>00658 W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
<a name="l00659"></a>00659 W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
<a name="l00660"></a>00660 W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
<a name="l00661"></a>00661 W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
<a name="l00662"></a>00662 W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
<a name="l00663"></a>00663 W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
<a name="l00664"></a>00664 W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
<a name="l00665"></a>00665 W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
<a name="l00666"></a>00666 W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
<a name="l00667"></a>00667 };
<a name="l00668"></a>00668
<a name="l00669"></a>00669 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span>
<a name="l00670"></a>00670 <span class="preprocessor"></span><span class="comment">// put assembly version in separate function, otherwise MSVC 2005 SP1 doesn't generate correct code for the non-assembly version</span>
<a name="l00671"></a>00671 CRYPTOPP_NAKED <span class="keyword">static</span> <span class="keywordtype">void</span> CRYPTOPP_FASTCALL SHA512_SSE2_Transform(word64 *state, <span class="keyword">const</span> word64 *data)
<a name="l00672"></a>00672 {
<a name="l00673"></a>00673 <span class="preprocessor">#ifdef __GNUC__</span>
<a name="l00674"></a>00674 <span class="preprocessor"></span> __asm__ __volatile__
<a name="l00675"></a>00675 (
<a name="l00676"></a>00676 <span class="stringliteral">".intel_syntax noprefix;"</span>
<a name="l00677"></a>00677 AS1( push ebx)
<a name="l00678"></a>00678 AS2( mov ebx, eax)
<a name="l00679"></a>00679 #<span class="keywordflow">else</span>
<a name="l00680"></a>00680 AS1( push ebx)
<a name="l00681"></a>00681 AS1( push esi)
<a name="l00682"></a>00682 AS1( push edi)
<a name="l00683"></a>00683 AS2( lea ebx, SHA512_K)
<a name="l00684"></a>00684 #endif
<a name="l00685"></a>00685
<a name="l00686"></a>00686 AS2( mov eax, esp)
<a name="l00687"></a>00687 AS2( and esp, 0xfffffff0)
<a name="l00688"></a>00688 AS2( sub esp, 27*16) <span class="comment">// 17*16 for expanded data, 20*8 for state</span>
<a name="l00689"></a>00689 AS1( push eax)
<a name="l00690"></a>00690 AS2( xor eax, eax)
<a name="l00691"></a>00691 AS2( lea edi, [esp+4+8*8]) <span class="comment">// start at middle of state buffer. will decrement pointer each round to avoid copying</span>
<a name="l00692"></a>00692 AS2( lea esi, [esp+4+20*8+8]) <span class="comment">// 16-byte alignment, then add 8</span>
<a name="l00693"></a>00693
<a name="l00694"></a>00694 AS2( movdqa xmm0, [ecx+0*16])
<a name="l00695"></a>00695 AS2( movdq2q mm4, xmm0)
<a name="l00696"></a>00696 AS2( movdqa [edi+0*16], xmm0)
<a name="l00697"></a>00697 AS2( movdqa xmm0, [ecx+1*16])
<a name="l00698"></a>00698 AS2( movdqa [edi+1*16], xmm0)
<a name="l00699"></a>00699 AS2( movdqa xmm0, [ecx+2*16])
<a name="l00700"></a>00700 AS2( movdq2q mm5, xmm0)
<a name="l00701"></a>00701 AS2( movdqa [edi+2*16], xmm0)
<a name="l00702"></a>00702 AS2( movdqa xmm0, [ecx+3*16])
<a name="l00703"></a>00703 AS2( movdqa [edi+3*16], xmm0)
<a name="l00704"></a>00704 ASJ( jmp, 0, f)
<a name="l00705"></a>00705
<a name="l00706"></a>00706 #define SSE2_S0_S1(r, a, b, c) \
<a name="l00707"></a>00707 AS2( movq mm6, r)\
<a name="l00708"></a>00708 AS2( psrlq r, a)\
<a name="l00709"></a>00709 AS2( movq mm7, r)\
<a name="l00710"></a>00710 AS2( psllq mm6, 64-c)\
<a name="l00711"></a>00711 AS2( pxor mm7, mm6)\
<a name="l00712"></a>00712 AS2( psrlq r, b-a)\
<a name="l00713"></a>00713 AS2( pxor mm7, r)\
<a name="l00714"></a>00714 AS2( psllq mm6, c-b)\
<a name="l00715"></a>00715 AS2( pxor mm7, mm6)\
<a name="l00716"></a>00716 AS2( psrlq r, c-b)\
<a name="l00717"></a>00717 AS2( pxor r, mm7)\
<a name="l00718"></a>00718 AS2( psllq mm6, b-a)\
<a name="l00719"></a>00719 AS2( pxor r, mm6)
<a name="l00720"></a>00720
<a name="l00721"></a>00721 #define SSE2_s0(r, a, b, c) \
<a name="l00722"></a>00722 AS2( movdqa xmm6, r)\
<a name="l00723"></a>00723 AS2( psrlq r, a)\
<a name="l00724"></a>00724 AS2( movdqa xmm7, r)\
<a name="l00725"></a>00725 AS2( psllq xmm6, 64-c)\
<a name="l00726"></a>00726 AS2( pxor xmm7, xmm6)\
<a name="l00727"></a>00727 AS2( psrlq r, b-a)\
<a name="l00728"></a>00728 AS2( pxor xmm7, r)\
<a name="l00729"></a>00729 AS2( psrlq r, c-b)\
<a name="l00730"></a>00730 AS2( pxor r, xmm7)\
<a name="l00731"></a>00731 AS2( psllq xmm6, c-a)\
<a name="l00732"></a>00732 AS2( pxor r, xmm6)
<a name="l00733"></a>00733
<a name="l00734"></a>00734 #define SSE2_s1(r, a, b, c) \
<a name="l00735"></a>00735 AS2( movdqa xmm6, r)\
<a name="l00736"></a>00736 AS2( psrlq r, a)\
<a name="l00737"></a>00737 AS2( movdqa xmm7, r)\
<a name="l00738"></a>00738 AS2( psllq xmm6, 64-c)\
<a name="l00739"></a>00739 AS2( pxor xmm7, xmm6)\
<a name="l00740"></a>00740 AS2( psrlq r, b-a)\
<a name="l00741"></a>00741 AS2( pxor xmm7, r)\
<a name="l00742"></a>00742 AS2( psllq xmm6, c-b)\
<a name="l00743"></a>00743 AS2( pxor xmm7, xmm6)\
<a name="l00744"></a>00744 AS2( psrlq r, c-b)\
<a name="l00745"></a>00745 AS2( pxor r, xmm7)
<a name="l00746"></a>00746
<a name="l00747"></a>00747 ASL(SHA512_Round)
<a name="l00748"></a>00748 <span class="comment">// k + w is in mm0, a is in mm4, e is in mm5</span>
<a name="l00749"></a>00749 AS2( paddq mm0, [edi+7*8]) <span class="comment">// h</span>
<a name="l00750"></a>00750 AS2( movq mm2, [edi+5*8]) <span class="comment">// f</span>
<a name="l00751"></a>00751 AS2( movq mm3, [edi+6*8]) <span class="comment">// g</span>
<a name="l00752"></a>00752 AS2( pxor mm2, mm3)
<a name="l00753"></a>00753 AS2( pand mm2, mm5)
<a name="l00754"></a>00754 SSE2_S0_S1(mm5,14,18,41)
<a name="l00755"></a>00755 AS2( pxor mm2, mm3)
<a name="l00756"></a>00756 AS2( paddq mm0, mm2) <span class="comment">// h += Ch(e,f,g)</span>
<a name="l00757"></a>00757 AS2( paddq mm5, mm0) <span class="comment">// h += S1(e)</span>
<a name="l00758"></a>00758 AS2( movq mm2, [edi+1*8]) <span class="comment">// b</span>
<a name="l00759"></a>00759 AS2( movq mm1, mm2)
<a name="l00760"></a>00760 AS2( por mm2, mm4)
<a name="l00761"></a>00761 AS2( pand mm2, [edi+2*8]) <span class="comment">// c</span>
<a name="l00762"></a>00762 AS2( pand mm1, mm4)
<a name="l00763"></a>00763 AS2( por mm1, mm2)
<a name="l00764"></a>00764 AS2( paddq mm1, mm5) <span class="comment">// temp = h + Maj(a,b,c)</span>
<a name="l00765"></a>00765 AS2( paddq mm5, [edi+3*8]) <span class="comment">// e = d + h</span>
<a name="l00766"></a>00766 AS2( movq [edi+3*8], mm5)
<a name="l00767"></a>00767 AS2( movq [edi+11*8], mm5)
<a name="l00768"></a>00768 SSE2_S0_S1(mm4,28,34,39) <span class="comment">// S0(a)</span>
<a name="l00769"></a>00769 AS2( paddq mm4, mm1) <span class="comment">// a = temp + S0(a)</span>
<a name="l00770"></a>00770 AS2( movq [edi-8], mm4)
<a name="l00771"></a>00771 AS2( movq [edi+7*8], mm4)
<a name="l00772"></a>00772 AS1( ret)
<a name="l00773"></a>00773
<a name="l00774"></a>00774 <span class="comment">// first 16 rounds</span>
<a name="l00775"></a>00775 ASL(0)
<a name="l00776"></a>00776 AS2( movq mm0, [edx+eax*8])
<a name="l00777"></a>00777 AS2( movq [esi+eax*8], mm0)
<a name="l00778"></a>00778 AS2( movq [esi+eax*8+16*8], mm0)
<a name="l00779"></a>00779 AS2( paddq mm0, [ebx+eax*8])
<a name="l00780"></a>00780 ASC( call, SHA512_Round)
<a name="l00781"></a>00781 AS1( inc eax)
<a name="l00782"></a>00782 AS2( sub edi, 8)
<a name="l00783"></a>00783 AS2( test eax, 7)
<a name="l00784"></a>00784 ASJ( jnz, 0, b)
<a name="l00785"></a>00785 AS2( add edi, 8*8)
<a name="l00786"></a>00786 AS2( cmp eax, 16)
<a name="l00787"></a>00787 ASJ( jne, 0, b)
<a name="l00788"></a>00788
<a name="l00789"></a>00789 <span class="comment">// rest of the rounds</span>
<a name="l00790"></a>00790 AS2( movdqu xmm0, [esi+(16-2)*8])
<a name="l00791"></a>00791 ASL(1)
<a name="l00792"></a>00792 <span class="comment">// data expansion, W[i-2] already in xmm0</span>
<a name="l00793"></a>00793 AS2( movdqu xmm3, [esi])
<a name="l00794"></a>00794 AS2( paddq xmm3, [esi+(16-7)*8])
<a name="l00795"></a>00795 AS2( movdqa xmm2, [esi+(16-15)*8])
<a name="l00796"></a>00796 SSE2_s1(xmm0, 6, 19, 61)
<a name="l00797"></a>00797 AS2( paddq xmm0, xmm3)
<a name="l00798"></a>00798 SSE2_s0(xmm2, 1, 7, 8)
<a name="l00799"></a>00799 AS2( paddq xmm0, xmm2)
<a name="l00800"></a>00800 AS2( movdq2q mm0, xmm0)
<a name="l00801"></a>00801 AS2( movhlps xmm1, xmm0)
<a name="l00802"></a>00802 AS2( paddq mm0, [ebx+eax*8])
<a name="l00803"></a>00803 AS2( movlps [esi], xmm0)
<a name="l00804"></a>00804 AS2( movlps [esi+8], xmm1)
<a name="l00805"></a>00805 AS2( movlps [esi+8*16], xmm0)
<a name="l00806"></a>00806 AS2( movlps [esi+8*17], xmm1)
<a name="l00807"></a>00807 <span class="comment">// 2 rounds</span>
<a name="l00808"></a>00808 ASC( call, SHA512_Round)
<a name="l00809"></a>00809 AS2( sub edi, 8)
<a name="l00810"></a>00810 AS2( movdq2q mm0, xmm1)
<a name="l00811"></a>00811 AS2( paddq mm0, [ebx+eax*8+8])
<a name="l00812"></a>00812 ASC( call, SHA512_Round)
<a name="l00813"></a>00813 <span class="comment">// update indices and loop</span>
<a name="l00814"></a>00814 AS2( add esi, 16)
<a name="l00815"></a>00815 AS2( add eax, 2)
<a name="l00816"></a>00816 AS2( sub edi, 8)
<a name="l00817"></a>00817 AS2( test eax, 7)
<a name="l00818"></a>00818 ASJ( jnz, 1, b)
<a name="l00819"></a>00819 <span class="comment">// do housekeeping every 8 rounds</span>
<a name="l00820"></a>00820 AS2( mov esi, 0xf)
<a name="l00821"></a>00821 AS2( and esi, eax)
<a name="l00822"></a>00822 AS2( lea esi, [esp+4+20*8+8+esi*8])
<a name="l00823"></a>00823 AS2( add edi, 8*8)
<a name="l00824"></a>00824 AS2( cmp eax, 80)
<a name="l00825"></a>00825 ASJ( jne, 1, b)
<a name="l00826"></a>00826
<a name="l00827"></a>00827 #define SSE2_CombineState(i) \
<a name="l00828"></a>00828 AS2( movdqa xmm0, [edi+i*16])\
<a name="l00829"></a>00829 AS2( paddq xmm0, [ecx+i*16])\
<a name="l00830"></a>00830 AS2( movdqa [ecx+i*16], xmm0)
<a name="l00831"></a>00831
<a name="l00832"></a>00832 SSE2_CombineState(0)
<a name="l00833"></a>00833 SSE2_CombineState(1)
<a name="l00834"></a>00834 SSE2_CombineState(2)
<a name="l00835"></a>00835 SSE2_CombineState(3)
<a name="l00836"></a>00836
<a name="l00837"></a>00837 AS1( pop esp)
<a name="l00838"></a>00838 AS1( emms)
<a name="l00839"></a>00839
<a name="l00840"></a>00840 #<span class="keywordflow">if</span> defined(__GNUC__)
<a name="l00841"></a>00841 AS1( pop ebx)
<a name="l00842"></a>00842 <span class="stringliteral">".att_syntax prefix;"</span>
<a name="l00843"></a>00843 :
<a name="l00844"></a>00844 : <span class="stringliteral">"a"</span> (SHA512_K), <span class="stringliteral">"c"</span> (state), <span class="stringliteral">"d"</span> (data)
<a name="l00845"></a>00845 : <span class="stringliteral">"%esi"</span>, <span class="stringliteral">"%edi"</span>, <span class="stringliteral">"memory"</span>, <span class="stringliteral">"cc"</span>
<a name="l00846"></a>00846 );
<a name="l00847"></a>00847 <span class="preprocessor">#else</span>
<a name="l00848"></a>00848 <span class="preprocessor"></span> AS1( pop edi)
<a name="l00849"></a>00849 AS1( pop esi)
<a name="l00850"></a>00850 AS1( pop ebx)
<a name="l00851"></a>00851 AS1( ret)
<a name="l00852"></a>00852 <span class="preprocessor">#endif</span>
<a name="l00853"></a>00853 <span class="preprocessor"></span>}
<a name="l00854"></a>00854 <span class="preprocessor">#endif // #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span>
<a name="l00855"></a>00855 <span class="preprocessor"></span>
<a name="l00856"></a>00856 <span class="keywordtype">void</span> SHA512::Transform(word64 *state, <span class="keyword">const</span> word64 *data)
<a name="l00857"></a>00857 {
<a name="l00858"></a>00858 <span class="preprocessor">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && CRYPTOPP_BOOL_X86</span>
<a name="l00859"></a>00859 <span class="preprocessor"></span> <span class="keywordflow">if</span> (HasSSE2())
<a name="l00860"></a>00860 {
<a name="l00861"></a>00861 SHA512_SSE2_Transform(state, data);
<a name="l00862"></a>00862 <span class="keywordflow">return</span>;
<a name="l00863"></a>00863 }
<a name="l00864"></a>00864 <span class="preprocessor">#endif</span>
<a name="l00865"></a>00865 <span class="preprocessor"></span>
<a name="l00866"></a>00866 <span class="preprocessor">#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39))</span>
<a name="l00867"></a>00867 <span class="preprocessor"></span><span class="preprocessor">#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41))</span>
<a name="l00868"></a>00868 <span class="preprocessor"></span><span class="preprocessor">#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7))</span>
<a name="l00869"></a>00869 <span class="preprocessor"></span><span class="preprocessor">#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6))</span>
<a name="l00870"></a>00870 <span class="preprocessor"></span>
<a name="l00871"></a>00871 <span class="preprocessor">#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA512_K[i+j]+(j?blk2(i):blk0(i));\</span>
<a name="l00872"></a>00872 <span class="preprocessor"> d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))</span>
<a name="l00873"></a>00873 <span class="preprocessor"></span>
<a name="l00874"></a>00874 word64 W[16];
<a name="l00875"></a>00875 word64 T[8];
<a name="l00876"></a>00876 <span class="comment">/* Copy context->state[] to working vars */</span>
<a name="l00877"></a>00877 memcpy(T, state, <span class="keyword">sizeof</span>(T));
<a name="l00878"></a>00878 <span class="comment">/* 80 operations, partially loop unrolled */</span>
<a name="l00879"></a>00879 <span class="keywordflow">for</span> (<span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j=0; j<80; j+=16)
<a name="l00880"></a>00880 {
<a name="l00881"></a>00881 R( 0); R( 1); R( 2); R( 3);
<a name="l00882"></a>00882 R( 4); R( 5); R( 6); R( 7);
<a name="l00883"></a>00883 R( 8); R( 9); R(10); R(11);
<a name="l00884"></a>00884 R(12); R(13); R(14); R(15);
<a name="l00885"></a>00885 }
<a name="l00886"></a>00886 <span class="comment">/* Add the working vars back into context.state[] */</span>
<a name="l00887"></a>00887 state[0] += a(0);
<a name="l00888"></a>00888 state[1] += b(0);
<a name="l00889"></a>00889 state[2] += c(0);
<a name="l00890"></a>00890 state[3] += d(0);
<a name="l00891"></a>00891 state[4] += e(0);
<a name="l00892"></a>00892 state[5] += f(0);
<a name="l00893"></a>00893 state[6] += g(0);
<a name="l00894"></a>00894 state[7] += h(0);
<a name="l00895"></a>00895 }
<a name="l00896"></a>00896
<a name="l00897"></a>00897 NAMESPACE_END
<a name="l00898"></a>00898
<a name="l00899"></a>00899 <span class="preprocessor">#endif // #ifndef CRYPTOPP_GENERATE_X64_MASM</span>
<a name="l00900"></a>00900 <span class="preprocessor"></span><span class="preprocessor">#endif // #ifndef CRYPTOPP_IMPORTS</span>
</pre></div></div>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Sun Oct 16 2011 for Crypto++ by 
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.4 </small></address>
</body>
</html>
