github.com/bir3/gocompiler@v0.3.205/src/cmd/internal/notsha256/sha256block_386.s (about) 1 // Copyright 2013 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 //go:build !purego 6 // +build !purego 7 8 // SHA256 block routine. See sha256block.go for Go equivalent. 9 // 10 // The algorithm is detailed in FIPS 180-4: 11 // 12 // https://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf 13 // 14 // Wt = Mt; for 0 <= t <= 15 15 // Wt = SIGMA1(Wt-2) + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 16 // 17 // a = H0 18 // b = H1 19 // c = H2 20 // d = H3 21 // e = H4 22 // f = H5 23 // g = H6 24 // h = H7 25 // 26 // for t = 0 to 63 { 27 // T1 = h + BIGSIGMA1(e) + Ch(e,f,g) + Kt + Wt 28 // T2 = BIGSIGMA0(a) + Maj(a,b,c) 29 // h = g 30 // g = f 31 // f = e 32 // e = d + T1 33 // d = c 34 // c = b 35 // b = a 36 // a = T1 + T2 37 // } 38 // 39 // H0 = a + H0 40 // H1 = b + H1 41 // H2 = c + H2 42 // H3 = d + H3 43 // H4 = e + H4 44 // H5 = f + H5 45 // H6 = g + H6 46 // H7 = h + H7 47 48 // Wt = Mt; for 0 <= t <= 15 49 #define MSGSCHEDULE0(index) \ 50 MOVL (index*4)(SI), AX; \ 51 BSWAPL AX; \ 52 MOVL AX, (index*4)(BP) 53 54 // Wt = SIGMA1(Wt-2) + Wt-7 + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 55 // SIGMA0(x) = ROTR(7,x) XOR ROTR(18,x) XOR SHR(3,x) 56 // SIGMA1(x) = ROTR(17,x) XOR ROTR(19,x) XOR SHR(10,x) 57 #define MSGSCHEDULE1(index) \ 58 MOVL ((index-2)*4)(BP), AX; \ 59 MOVL AX, CX; \ 60 RORL $17, AX; \ 61 MOVL CX, DX; \ 62 RORL $19, CX; \ 63 SHRL $10, DX; \ 64 MOVL ((index-15)*4)(BP), BX; \ 65 XORL CX, AX; \ 66 MOVL BX, CX; \ 67 XORL DX, AX; \ 68 RORL $7, BX; \ 69 MOVL CX, DX; \ 70 SHRL $3, DX; \ 71 RORL $18, CX; \ 72 ADDL ((index-7)*4)(BP), AX; \ 73 XORL CX, BX; \ 74 XORL DX, BX; \ 75 ADDL ((index-16)*4)(BP), BX; \ 76 ADDL BX, AX; \ 77 MOVL AX, ((index)*4)(BP) 78 79 // Calculate T1 in AX - uses AX, BX, CX and DX registers. 80 // Wt is passed in AX. 81 // T1 = h + BIGSIGMA1(e) + Ch(e, f, g) + Kt + Wt 82 // BIGSIGMA1(x) = ROTR(6,x) XOR ROTR(11,x) XOR ROTR(25,x) 83 // Ch(x, y, z) = (x AND y) XOR (NOT x AND z) 84 #define SHA256T1(const, e, f, g, h) \ 85 MOVL (h*4)(DI), BX; \ 86 ADDL AX, BX; \ 87 MOVL (e*4)(DI), AX; \ 88 ADDL $const, BX; \ 89 MOVL (e*4)(DI), CX; \ 90 RORL $6, AX; \ 91 MOVL (e*4)(DI), DX; \ 92 RORL $11, CX; \ 93 XORL CX, AX; \ 94 MOVL (e*4)(DI), CX; \ 95 RORL $25, DX; \ 96 ANDL (f*4)(DI), CX; \ 97 XORL AX, DX; \ 98 MOVL (e*4)(DI), AX; \ 99 NOTL AX; \ 100 ADDL DX, BX; \ 101 ANDL (g*4)(DI), AX; \ 102 XORL CX, AX; \ 103 ADDL BX, AX 104 105 // Calculate T2 in BX - uses AX, BX, CX and DX registers. 106 // T2 = BIGSIGMA0(a) + Maj(a, b, c) 107 // BIGSIGMA0(x) = ROTR(2,x) XOR ROTR(13,x) XOR ROTR(22,x) 108 // Maj(x, y, z) = (x AND y) XOR (x AND z) XOR (y AND z) 109 #define SHA256T2(a, b, c) \ 110 MOVL (a*4)(DI), AX; \ 111 MOVL (c*4)(DI), BX; \ 112 RORL $2, AX; \ 113 MOVL (a*4)(DI), DX; \ 114 ANDL (b*4)(DI), BX; \ 115 RORL $13, DX; \ 116 MOVL (a*4)(DI), CX; \ 117 ANDL (c*4)(DI), CX; \ 118 XORL DX, AX; \ 119 XORL CX, BX; \ 120 MOVL (a*4)(DI), DX; \ 121 MOVL (b*4)(DI), CX; \ 122 RORL $22, DX; \ 123 ANDL (a*4)(DI), CX; \ 124 XORL CX, BX; \ 125 XORL DX, AX; \ 126 ADDL AX, BX 127 128 // Calculate T1 and T2, then e = d + T1 and a = T1 + T2. 129 // The values for e and a are stored in d and h, ready for rotation. 130 #define SHA256ROUND(index, const, a, b, c, d, e, f, g, h) \ 131 SHA256T1(const, e, f, g, h); \ 132 MOVL AX, 292(SP); \ 133 SHA256T2(a, b, c); \ 134 MOVL 292(SP), AX; \ 135 ADDL AX, BX; \ 136 ADDL AX, (d*4)(DI); \ 137 MOVL BX, (h*4)(DI) 138 139 #define SHA256ROUND0(index, const, a, b, c, d, e, f, g, h) \ 140 MSGSCHEDULE0(index); \ 141 SHA256ROUND(index, const, a, b, c, d, e, f, g, h) 142 143 #define SHA256ROUND1(index, const, a, b, c, d, e, f, g, h) \ 144 MSGSCHEDULE1(index); \ 145 SHA256ROUND(index, const, a, b, c, d, e, f, g, h) 146 147 TEXT ·block(SB),0,$296-16 148 MOVL p_base+4(FP), SI 149 MOVL p_len+8(FP), DX 150 SHRL $6, DX 151 SHLL $6, DX 152 153 LEAL (SI)(DX*1), DI 154 MOVL DI, 288(SP) 155 CMPL SI, DI 156 JEQ end 157 158 LEAL 256(SP), DI // variables 159 160 MOVL dig+0(FP), BP 161 MOVL (0*4)(BP), AX // a = H0 162 MOVL AX, (0*4)(DI) 163 MOVL (1*4)(BP), BX // b = H1 164 MOVL BX, (1*4)(DI) 165 MOVL (2*4)(BP), CX // c = H2 166 MOVL CX, (2*4)(DI) 167 MOVL (3*4)(BP), DX // d = H3 168 MOVL DX, (3*4)(DI) 169 MOVL (4*4)(BP), AX // e = H4 170 MOVL AX, (4*4)(DI) 171 MOVL (5*4)(BP), BX // f = H5 172 MOVL BX, (5*4)(DI) 173 MOVL (6*4)(BP), CX // g = H6 174 MOVL CX, (6*4)(DI) 175 MOVL (7*4)(BP), DX // h = H7 176 MOVL DX, (7*4)(DI) 177 178 loop: 179 MOVL SP, BP // message schedule 180 181 SHA256ROUND0(0, 0x428a2f98, 0, 1, 2, 3, 4, 5, 6, 7) 182 SHA256ROUND0(1, 0x71374491, 7, 0, 1, 2, 3, 4, 5, 6) 183 SHA256ROUND0(2, 0xb5c0fbcf, 6, 7, 0, 1, 2, 3, 4, 5) 184 SHA256ROUND0(3, 0xe9b5dba5, 5, 6, 7, 0, 1, 2, 3, 4) 185 SHA256ROUND0(4, 0x3956c25b, 4, 5, 6, 7, 0, 1, 2, 3) 186 SHA256ROUND0(5, 0x59f111f1, 3, 4, 5, 6, 7, 0, 1, 2) 187 SHA256ROUND0(6, 0x923f82a4, 2, 3, 4, 5, 6, 7, 0, 1) 188 SHA256ROUND0(7, 0xab1c5ed5, 1, 2, 3, 4, 5, 6, 7, 0) 189 SHA256ROUND0(8, 0xd807aa98, 0, 1, 2, 3, 4, 5, 6, 7) 190 SHA256ROUND0(9, 0x12835b01, 7, 0, 1, 2, 3, 4, 5, 6) 191 SHA256ROUND0(10, 0x243185be, 6, 7, 0, 1, 2, 3, 4, 5) 192 SHA256ROUND0(11, 0x550c7dc3, 5, 6, 7, 0, 1, 2, 3, 4) 193 SHA256ROUND0(12, 0x72be5d74, 4, 5, 6, 7, 0, 1, 2, 3) 194 SHA256ROUND0(13, 0x80deb1fe, 3, 4, 5, 6, 7, 0, 1, 2) 195 SHA256ROUND0(14, 0x9bdc06a7, 2, 3, 4, 5, 6, 7, 0, 1) 196 SHA256ROUND0(15, 0xc19bf174, 1, 2, 3, 4, 5, 6, 7, 0) 197 198 SHA256ROUND1(16, 0xe49b69c1, 0, 1, 2, 3, 4, 5, 6, 7) 199 SHA256ROUND1(17, 0xefbe4786, 7, 0, 1, 2, 3, 4, 5, 6) 200 SHA256ROUND1(18, 0x0fc19dc6, 6, 7, 0, 1, 2, 3, 4, 5) 201 SHA256ROUND1(19, 0x240ca1cc, 5, 6, 7, 0, 1, 2, 3, 4) 202 SHA256ROUND1(20, 0x2de92c6f, 4, 5, 6, 7, 0, 1, 2, 3) 203 SHA256ROUND1(21, 0x4a7484aa, 3, 4, 5, 6, 7, 0, 1, 2) 204 SHA256ROUND1(22, 0x5cb0a9dc, 2, 3, 4, 5, 6, 7, 0, 1) 205 SHA256ROUND1(23, 0x76f988da, 1, 2, 3, 4, 5, 6, 7, 0) 206 SHA256ROUND1(24, 0x983e5152, 0, 1, 2, 3, 4, 5, 6, 7) 207 SHA256ROUND1(25, 0xa831c66d, 7, 0, 1, 2, 3, 4, 5, 6) 208 SHA256ROUND1(26, 0xb00327c8, 6, 7, 0, 1, 2, 3, 4, 5) 209 SHA256ROUND1(27, 0xbf597fc7, 5, 6, 7, 0, 1, 2, 3, 4) 210 SHA256ROUND1(28, 0xc6e00bf3, 4, 5, 6, 7, 0, 1, 2, 3) 211 SHA256ROUND1(29, 0xd5a79147, 3, 4, 5, 6, 7, 0, 1, 2) 212 SHA256ROUND1(30, 0x06ca6351, 2, 3, 4, 5, 6, 7, 0, 1) 213 SHA256ROUND1(31, 0x14292967, 1, 2, 3, 4, 5, 6, 7, 0) 214 SHA256ROUND1(32, 0x27b70a85, 0, 1, 2, 3, 4, 5, 6, 7) 215 SHA256ROUND1(33, 0x2e1b2138, 7, 0, 1, 2, 3, 4, 5, 6) 216 SHA256ROUND1(34, 0x4d2c6dfc, 6, 7, 0, 1, 2, 3, 4, 5) 217 SHA256ROUND1(35, 0x53380d13, 5, 6, 7, 0, 1, 2, 3, 4) 218 SHA256ROUND1(36, 0x650a7354, 4, 5, 6, 7, 0, 1, 2, 3) 219 SHA256ROUND1(37, 0x766a0abb, 3, 4, 5, 6, 7, 0, 1, 2) 220 SHA256ROUND1(38, 0x81c2c92e, 2, 3, 4, 5, 6, 7, 0, 1) 221 SHA256ROUND1(39, 0x92722c85, 1, 2, 3, 4, 5, 6, 7, 0) 222 SHA256ROUND1(40, 0xa2bfe8a1, 0, 1, 2, 3, 4, 5, 6, 7) 223 SHA256ROUND1(41, 0xa81a664b, 7, 0, 1, 2, 3, 4, 5, 6) 224 SHA256ROUND1(42, 0xc24b8b70, 6, 7, 0, 1, 2, 3, 4, 5) 225 SHA256ROUND1(43, 0xc76c51a3, 5, 6, 7, 0, 1, 2, 3, 4) 226 SHA256ROUND1(44, 0xd192e819, 4, 5, 6, 7, 0, 1, 2, 3) 227 SHA256ROUND1(45, 0xd6990624, 3, 4, 5, 6, 7, 0, 1, 2) 228 SHA256ROUND1(46, 0xf40e3585, 2, 3, 4, 5, 6, 7, 0, 1) 229 SHA256ROUND1(47, 0x106aa070, 1, 2, 3, 4, 5, 6, 7, 0) 230 SHA256ROUND1(48, 0x19a4c116, 0, 1, 2, 3, 4, 5, 6, 7) 231 SHA256ROUND1(49, 0x1e376c08, 7, 0, 1, 2, 3, 4, 5, 6) 232 SHA256ROUND1(50, 0x2748774c, 6, 7, 0, 1, 2, 3, 4, 5) 233 SHA256ROUND1(51, 0x34b0bcb5, 5, 6, 7, 0, 1, 2, 3, 4) 234 SHA256ROUND1(52, 0x391c0cb3, 4, 5, 6, 7, 0, 1, 2, 3) 235 SHA256ROUND1(53, 0x4ed8aa4a, 3, 4, 5, 6, 7, 0, 1, 2) 236 SHA256ROUND1(54, 0x5b9cca4f, 2, 3, 4, 5, 6, 7, 0, 1) 237 SHA256ROUND1(55, 0x682e6ff3, 1, 2, 3, 4, 5, 6, 7, 0) 238 SHA256ROUND1(56, 0x748f82ee, 0, 1, 2, 3, 4, 5, 6, 7) 239 SHA256ROUND1(57, 0x78a5636f, 7, 0, 1, 2, 3, 4, 5, 6) 240 SHA256ROUND1(58, 0x84c87814, 6, 7, 0, 1, 2, 3, 4, 5) 241 SHA256ROUND1(59, 0x8cc70208, 5, 6, 7, 0, 1, 2, 3, 4) 242 SHA256ROUND1(60, 0x90befffa, 4, 5, 6, 7, 0, 1, 2, 3) 243 SHA256ROUND1(61, 0xa4506ceb, 3, 4, 5, 6, 7, 0, 1, 2) 244 SHA256ROUND1(62, 0xbef9a3f7, 2, 3, 4, 5, 6, 7, 0, 1) 245 SHA256ROUND1(63, 0xc67178f2, 1, 2, 3, 4, 5, 6, 7, 0) 246 247 MOVL dig+0(FP), BP 248 MOVL (0*4)(BP), AX // H0 = a + H0 249 ADDL (0*4)(DI), AX 250 MOVL AX, (0*4)(DI) 251 MOVL AX, (0*4)(BP) 252 MOVL (1*4)(BP), BX // H1 = b + H1 253 ADDL (1*4)(DI), BX 254 MOVL BX, (1*4)(DI) 255 MOVL BX, (1*4)(BP) 256 MOVL (2*4)(BP), CX // H2 = c + H2 257 ADDL (2*4)(DI), CX 258 MOVL CX, (2*4)(DI) 259 MOVL CX, (2*4)(BP) 260 MOVL (3*4)(BP), DX // H3 = d + H3 261 ADDL (3*4)(DI), DX 262 MOVL DX, (3*4)(DI) 263 MOVL DX, (3*4)(BP) 264 MOVL (4*4)(BP), AX // H4 = e + H4 265 ADDL (4*4)(DI), AX 266 MOVL AX, (4*4)(DI) 267 MOVL AX, (4*4)(BP) 268 MOVL (5*4)(BP), BX // H5 = f + H5 269 ADDL (5*4)(DI), BX 270 MOVL BX, (5*4)(DI) 271 MOVL BX, (5*4)(BP) 272 MOVL (6*4)(BP), CX // H6 = g + H6 273 ADDL (6*4)(DI), CX 274 MOVL CX, (6*4)(DI) 275 MOVL CX, (6*4)(BP) 276 MOVL (7*4)(BP), DX // H7 = h + H7 277 ADDL (7*4)(DI), DX 278 MOVL DX, (7*4)(DI) 279 MOVL DX, (7*4)(BP) 280 281 ADDL $64, SI 282 CMPL SI, 288(SP) 283 JB loop 284 285 end: 286 RET