diff options
| author | Andy Polyakov <appro@openssl.org> | 2007-11-11 13:34:08 +0000 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2007-11-11 13:34:08 +0000 |
| commit | 98b09d3949051a0c15e97ad0601c9988f6e718e1 (patch) | |
| tree | 16d12684ede6ccdbd9e54befdccff1b3f21dc6f0 /crypto/sha | |
| parent | 231a737a82cecde336ef4eeebdc26469f8c44e98 (diff) | |
Synchronize message digests in 098-fips with 098.
Diffstat (limited to 'crypto/sha')
| -rw-r--r-- | crypto/sha/asm/sha1-586.pl | 433 | ||||
| -rw-r--r-- | crypto/sha/asm/sha1-ia64.pl | 342 | ||||
| -rwxr-xr-x | crypto/sha/asm/sha512-ia64.pl | 419 | ||||
| -rw-r--r-- | crypto/sha/sha256.c | 67 | ||||
| -rw-r--r-- | crypto/sha/sha512.c | 103 | ||||
| -rw-r--r-- | crypto/sha/sha_locl.h | 278 |
6 files changed, 635 insertions, 1007 deletions
diff --git a/crypto/sha/asm/sha1-586.pl b/crypto/sha/asm/sha1-586.pl index 4f8521f1e2..0b4dab2bd5 100644 --- a/crypto/sha/asm/sha1-586.pl +++ b/crypto/sha/asm/sha1-586.pl @@ -1,4 +1,16 @@ -#!/usr/local/bin/perl +#!/usr/bin/env perl + +# ==================================================================== +# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# "[Re]written" was achieved in two major overhauls. In 2004 BODY_* +# functions were re-implemented to address P4 performance issue [see +# commentary below], and in 2006 the rest was rewritten in order to +# gain freedom to liberate licensing terms. # It was noted that Intel IA-32 C compiler generates code which # performs ~30% *faster* on P4 CPU than original *hand-coded* @@ -17,90 +29,27 @@ # improvement on P4 outweights the loss and incorporate this # re-tuned code to 0.9.7 and later. # ---------------------------------------------------------------- -# Those who for any particular reason absolutely must score on -# Pentium can replace this module with one from 0.9.6 distribution. -# This "offer" shall be revoked the moment programming interface to -# this module is changed, in which case this paragraph should be -# removed. -# ---------------------------------------------------------------- # <appro@fy.chalmers.se> -$normal=0; - -push(@INC,"perlasm","../../perlasm"); +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../perlasm"); require "x86asm.pl"; &asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); $A="eax"; -$B="ecx"; -$C="ebx"; +$B="ebx"; +$C="ecx"; $D="edx"; $E="edi"; $T="esi"; $tmp1="ebp"; -$off=9*4; - -@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6); - -&sha1_block_data("sha1_block_asm_data_order"); - -&asm_finish(); - -sub Nn - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - return($n{$p}); - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A); - return($n{$p}); - } - -sub Na - { - local($n)=@_; - return( (($n )&0x0f), - (($n+ 2)&0x0f), - (($n+ 8)&0x0f), - (($n+13)&0x0f), - (($n+ 1)&0x0f)); - } - -sub X_expand - { - local($in)=@_; - - &comment("First, load the words onto the stack in network byte order"); - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,$in,"",0)); - &bswap($A); - &bswap($B); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - - &comment("We now have the X array on the stack"); - &comment("starting at sp-4"); - } - -# Rules of engagement -# F is always trashable at the start, the running total. -# E becomes the next F so it can be trashed after it has been 'accumulated' -# F becomes A in the next round. We don't need to access it much. -# During the X update part, the result ends up in $X[$n0]. +@V=($A,$B,$C,$D,$E,$T); sub BODY_00_15 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("00_15 $n"); @@ -109,37 +58,37 @@ sub BODY_00_15 else { &mov($a,$tmp1); } &rotl($tmp1,5); # tmp1=ROTATE(a,5) &xor($f,$d); - &and($f,$b); - &add($tmp1,$e); # tmp1+=e; - &mov($e,&swtmp($n)); # e becomes volatile and - # is loaded with xi + &add($tmp1,$e); # tmp1+=e; + &and($f,$b); + &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded + # with xi, also note that e becomes + # f in next round... &xor($f,$d); # f holds F_00_19(b,c,d) &rotr($b,2); # b=ROTATE(b,30) - &lea($tmp1,&DWP($K,$tmp1,$e,1));# tmp1+=K_00_19+xi + &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi if ($n==15) { &add($f,$tmp1); } # f+=tmp1 - else { &add($tmp1,$f); } + else { &add($tmp1,$f); } # f becomes a in next round } sub BODY_16_19 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - local($n0,$n1,$n2,$n3,$np)=&Na($n); + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("16_19 $n"); - &mov($f,&swtmp($n1)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) - &xor($f,&swtmp($n0)); + &xor($f,&swtmp(($n+2)%16)); &xor($tmp1,$d); - &xor($f,&swtmp($n2)); + &xor($f,&swtmp(($n+8)%16)); &and($tmp1,$b); # tmp1 holds F_00_19(b,c,d) &rotr($b,2); # b=ROTATE(b,30) - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROATE(f,1) + &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd + &rotl($f,1); # f=ROTATE(f,1) &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) - &mov(&swtmp($n0),$f); # xi=f - &lea($f,&DWP($K,$f,$e,1)); # f+=K_00_19+e + &mov(&swtmp($n%16),$f); # xi=f + &lea($f,&DWP(0x5a827999,$f,$e));# f+=K_00_19+e &mov($e,$a); # e becomes volatile &rotl($e,5); # e=ROTATE(a,5) &add($f,$tmp1); # f+=F_00_19(b,c,d) @@ -148,48 +97,47 @@ sub BODY_16_19 sub BODY_20_39 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; + local $K=($n<40)?0x6ed9eba1:0xca62c1d6; &comment("20_39 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) &rotr($b,2); # b=ROTATE(b,30) - &xor($f,&swtmp($n1)); + &xor($f,&swtmp(($n+2)%16)); &xor($tmp1,$c); - &xor($f,&swtmp($n2)); + &xor($f,&swtmp(($n+8)%16)); &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) - &xor($f,&swtmp($n3)); # f holds xa^xb^xc^xd + &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd &rotl($f,1); # f=ROTATE(f,1) &add($tmp1,$e); - &mov(&swtmp($n0),$f); # xi=f + &mov(&swtmp($n%16),$f); # xi=f &mov($e,$a); # e becomes volatile &rotl($e,5); # e=ROTATE(a,5) - &lea($f,&DWP($K,$f,$tmp1,1)); # f+=K_20_39+e + &lea($f,&DWP($K,$f,$tmp1)); # f+=K_20_39+e &add($f,$e); # f+=ROTATE(a,5) } sub BODY_40_59 { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; + local($n,$a,$b,$c,$d,$e,$f)=@_; &comment("40_59 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - &mov($f,&swtmp($n0)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &mov($tmp1,&swtmp($n1)); + &mov($f,&swtmp($n%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) + &mov($tmp1,&swtmp(($n+2)%16)); &xor($f,$tmp1); - &mov($tmp1,&swtmp($n2)); + &mov($tmp1,&swtmp(($n+8)%16)); &xor($f,$tmp1); - &mov($tmp1,&swtmp($n3)); + &mov($tmp1,&swtmp(($n+13)%16)); &xor($f,$tmp1); # f holds xa^xb^xc^xd &mov($tmp1,$b); # tmp1 to hold F_40_59(b,c,d) &rotl($f,1); # f=ROTATE(f,1) &or($tmp1,$c); - &mov(&swtmp($n0),$f); # xi=f + &mov(&swtmp($n%16),$f); # xi=f &and($tmp1,$d); - &lea($f,&DWP($K,$f,$e,1)); # f+=K_40_59+e + &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e &mov($e,$b); # e becomes volatile and is used # to calculate F_40_59(b,c,d) &rotr($b,2); # b=ROTATE(b,30) @@ -201,230 +149,71 @@ sub BODY_40_59 &add($f,$e); # f+=ROTATE(a,5) } -sub BODY_60_79 - { - &BODY_20_39(@_); - } - -sub sha1_block_host - { - local($name, $sclabel)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); +&function_begin("sha1_block_data_order",16); + &mov($tmp1,&wparam(0)); # SHA_CTX *c + &mov($T,&wparam(1)); # const void *input + &mov($A,&wparam(2)); # size_t num + &stack_push(16); # allocate X[16] + &shl($A,6); + &add($A,$T); + &mov(&wparam(2),$A); # pointer beyond the end of input + &mov($E,&DWP(16,$tmp1));# pre-load E - &comment("First we need to setup the X array"); + &set_label("loop",16); - for ($i=0; $i<16; $i+=2) + # copy input chunk to X, but reversing byte order! + for ($i=0; $i<16; $i+=4) { - &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,"esi","",0)); + &mov($A,&DWP(4*($i+0),$T)); + &mov($B,&DWP(4*($i+1),$T)); + &mov($C,&DWP(4*($i+2),$T)); + &mov($D,&DWP(4*($i+3),$T)); + &bswap($A); + &bswap($B); + &bswap($C); + &bswap($D); &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); + &mov(&swtmp($i+1),$B); + &mov(&swtmp($i+2),$C); + &mov(&swtmp($i+3),$D); } - &jmp($sclabel); - &function_end_B($name); - } - - -sub sha1_block_data - { - local($name)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - &set_label("start") unless $normal; - - &X_expand("esi"); - &mov(&wparam(1),"esi"); - - &set_label("shortcut", 0, 1); - &comment(""); - &comment("Start processing"); - - # odd start - &mov($A, &DWP( 0,"ebp","",0)); - &mov($B, &DWP( 4,"ebp","",0)); - $X="esp"; - &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C); - &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E); - - &comment("End processing"); - &comment(""); - # D is the tmp value - - # E -> A - # T -> B - # A -> C - # B -> D - # C -> E - # D -> T - - &mov($tmp1,&wparam(0)); - - &mov($D, &DWP(12,$tmp1,"",0)); - &add($D,$B); - &mov($B, &DWP( 4,$tmp1,"",0)); - &add($B,$T); - &mov($T, $A); - &mov($A, &DWP( 0,$tmp1,"",0)); - &mov(&DWP(12,$tmp1,"",0),$D); - - &add($A,$E); - &mov($E, &DWP(16,$tmp1,"",0)); - &add($E,$C); - &mov($C, &DWP( 8,$tmp1,"",0)); - &add($C,$T); - - &mov(&DWP( 0,$tmp1,"",0),$A); - &mov("esi",&wparam(1)); - &mov(&DWP( 8,$tmp1,"",0),$C); - &add("esi",64); - &mov("eax",&swtmp(17)); - &mov(&DWP(16,$tmp1,"",0),$E); - &cmp("esi","eax"); - &mov(&DWP( 4,$tmp1,"",0),$B); - &jb(&label("start")); - - &stack_pop(18+9); - &pop("edi"); - &pop("ebx"); - &pop("ebp"); - &pop("esi"); - &ret(); - - # keep a note of shortcut label so it can be used outside - # block. - my $sclabel = &label("shortcut"); - - &function_end_B($name); - # Putting this here avoids problems with MASM in debugging mode - &sha1_block_host("sha1_block_asm_host_order", $sclabel); - } + &mov(&wparam(1),$T); # redundant in 1st spin + + &mov($A,&DWP(0,$tmp1)); # load SHA_CTX + &mov($B,&DWP(4,$tmp1)); + &mov($C,&DWP(8,$tmp1)); + &mov($D,&DWP(12,$tmp1)); + # E is pre-loaded + + for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } + for(;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } + for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } + for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } + for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } + + (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check + + &mov($tmp1,&wparam(0)); # re-load SHA_CTX* + &mov($D,&wparam(1)); # D is last "T" and is discarded + + &add($E,&DWP(0,$tmp1)); # E is last "A"... + &add($T,&DWP(4,$tmp1)); + &add($A,&DWP(8,$tmp1)); + &add($B,&DWP(12,$tmp1)); + &add($C,&DWP(16,$tmp1)); + + &mov(&DWP(0,$tmp1),$E); # update SHA_CTX + &add($D,64); # advance input pointer + &mov(&DWP(4,$tmp1),$T); + &cmp($D,&wparam(2)); # have we reached the end yet? + &mov(&DWP(8,$tmp1),$A); + &mov($E,$C); # C is last "E" which needs to be "pre-loaded" + &mov(&DWP(12,$tmp1),$B); + &mov($T,$D); # input pointer + &mov(&DWP(16,$tmp1),$C); + &jb(&label("loop")); + + &stack_pop(16); +&function_end("sha1_block_data_order"); +&asm_finish(); diff --git a/crypto/sha/asm/sha1-ia64.pl b/crypto/sha/asm/sha1-ia64.pl index 9478f5dd5d..aa18c1089b 100644 --- a/crypto/sha/asm/sha1-ia64.pl +++ b/crypto/sha/asm/sha1-ia64.pl @@ -2,8 +2,9 @@ # # ==================================================================== # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. # ==================================================================== # # Eternal question is what's wrong with compiler generated code? The @@ -11,15 +12,10 @@ # to perform rotations by maintaining copy of 32-bit value in upper # bits of 64-bit register. Just follow mux2 and shrp instructions... # Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which -# is >50% better than HP C and >2x better than gcc. As of this moment -# performance under little-endian OS such as Linux and Windows will be -# a bit lower, because data has to be picked in reverse byte-order. -# It's possible to resolve this issue by implementing third function, -# sha1_block_asm_data_order_aligned, which would temporarily flip -# BE field in User Mask register... +# is >50% better than HP C and >2x better than gcc. $code=<<___; -.ident \"sha1-ia64.s, version 1.0\" +.ident \"sha1-ia64.s, version 1.2\" .ident \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\" .explicit @@ -55,63 +51,55 @@ else { sub BODY_00_15 { local *code=shift; -local ($i,$a,$b,$c,$d,$e,$f,$unaligned)=@_; +local ($i,$a,$b,$c,$d,$e,$f)=@_; -if ($unaligned) { - $code.=<<___; -{ .mmi; ld1 tmp0=[inp],2 // MSB - ld1 tmp1=[tmp3],2 };; -{ .mmi; ld1 tmp2=[inp],2 - ld1 $X[$i&0xf]=[tmp3],2 // LSB - dep tmp1=tmp0,tmp1,8,8 };; -{ .mii; cmp.ne p16,p0=r0,r0 // no misaligned prefetch - dep $X[$i&0xf]=tmp2,$X[$i&0xf],8,8;; - dep $X[$i&0xf]=tmp1,$X[$i&0xf],16,16 };; -{ .mmi; nop.m 0 -___ - } -elsif ($i<15) { - $code.=<<___; -{ .mmi; ld4 $X[($i+1)&0xf]=[inp],4 // prefetch -___ - } -else { - $code.=<<___; -{ .mmi; nop.m 0 +$code.=<<___ if ($i==0); +{ .mmi; ld1 $X[$i&0xf]=[inp],2 // MSB + ld1 tmp2=[tmp3],2 };; +{ .mmi; ld1 tmp0=[inp],2 + ld1 tmp4=[tmp3],2 // LSB + dep $X[$i&0xf]=$X[$i&0xf],tmp2,8,8 };; ___ - } if ($i<15) { $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 +{ .mmi; ld1 $X[($i+1)&0xf]=[inp],2 // +1 + dep tmp1=tmp0,tmp4,8,8 };; +{ .mmi; ld1 tmp2=[tmp3],2 // +1 + and tmp4=$c,$b + dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;; { .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 + add tmp0=$e,$K_00_19 + dep.z tmp5=$a,5,27 };; // a<<5 +{ .mmi; or tmp4=tmp4,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) + add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19 extr.u tmp1=$a,27,5 };; // a>>27 -{ .mib; add $f=$f,tmp0 // f+=F_00_19(b,c,d) +{ .mmi; ld1 tmp0=[inp],2 // +1 + add $f=$f,tmp4 // f+=F_00_19(b,c,d) shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) -{ .mib; or tmp1=tmp1,tmp5 // ROTATE(a,5) +{ .mmi; ld1 tmp4=[tmp3],2 // +1 + or tmp5=tmp1,tmp5 // ROTATE(a,5) mux2 tmp6=$a,0x44 };; // see b in next iteration -{ .mii; add $f=$f,tmp1 // f+=ROTATE(a,5) - mux2 $X[$i&0xf]=$X[$i&0xf],0x44 - nop.i 0 };; +{ .mii; add $f=$f,tmp5 // f+=ROTATE(a,5) + dep $X[($i+1)&0xf]=$X[($i+1)&0xf],tmp2,8,8 // +1 + mux2 $X[$i&0xf]=$X[$i&0xf],0x44 } //;; ___ } else { $code.=<<___; - and tmp0=$c,$b - dep.z tmp5=$a,5,27 } // a<<5 ;;? +{ .mii; and tmp3=$c,$b + dep tmp1=tmp0,tmp4,8,8;; + dep $X[$i&0xf]=$X[$i&0xf],tmp1,16,16 } //;; { .mmi; andcm tmp1=$d,$b - add tmp4=$e,$K_00_19 };; -{ .mmi; or tmp0=tmp0,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) - add $f=tmp4,$X[$i&0xf] // f=xi+e+K_00_19 + add tmp0=$e,$K_00_19 + dep.z tmp5=$a,5,27 };; // a<<5 +{ .mmi; or tmp4=tmp3,tmp1 // F_00_19(b,c,d)=(b&c)|(~b&d) + add $f=tmp0,$X[$i&0xf] // f=xi+e+K_00_19 extr.u tmp1=$a,27,5 } // a>>27 { .mmi; xor tmp2=$X[($i+0+1)&0xf],$X[($i+2+1)&0xf] // +1 xor tmp3=$X[($i+8+1)&0xf],$X[($i+13+1)&0xf] // +1 nop.i 0 };; -{ .mmi; add $f=$f,tmp0 // f+=F_00_19(b,c,d) +{ .mmi; add $f=$f,tmp4 // f+=F_00_19(b,c,d) xor tmp2=tmp2,tmp3 // +1 shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) { .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) @@ -190,9 +178,7 @@ $code.=<<___; extr.u tmp1=$a,27,5 } // a>>27 { .mib; add $f=$f,tmp4 // f+=e+K_20_39 add $h1=$h1,$a };; // wrap up -{ .mmi; -(p16) ld4.s $X[0]=[inp],4 // non-faulting prefetch - add $f=$f,tmp0 // f+=F_20_39(b,c,d) +{ .mmi; add $f=$f,tmp0 // f+=F_20_39(b,c,d) shrp $b=tmp6,tmp6,2 } // b=ROTATE(b,30) ;;? { .mmi; or tmp1=tmp1,tmp5 // ROTATE(a,5) add $h3=$h3,$c };; // wrap up @@ -245,164 +231,11 @@ tmp3=r11; ctx=r32; // in0 inp=r33; // in1 -// void sha1_block_asm_host_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_host_order# -.proc sha1_block_asm_host_order# +// void sha1_block_data_order(SHA_CTX *c,const void *p,size_t num); +.global sha1_block_data_order# +.proc sha1_block_data_order# .align 32 -sha1_block_asm_host_order: - .prologue -{ .mmi; alloc tmp1=ar.pfs,3,15,0,0 - $ADDP tmp0=4,ctx - .save ar.lc,r3 - mov r3=ar.lc } -{ .mmi; $ADDP ctx=0,ctx - $ADDP inp=0,inp - mov r2=pr };; -tmp4=in2; -tmp5=loc13; -tmp6=loc14; - .body -{ .mlx; ld4 $h0=[ctx],8 - movl $K_00_19=0x5a827999 } -{ .mlx; ld4 $h1=[tmp0],8 - movl $K_20_39=0x6ed9eba1 };; -{ .mlx; ld4 $h2=[ctx],8 - movl $K_40_59=0x8f1bbcdc } -{ .mlx; ld4 $h3=[tmp0] - movl $K_60_79=0xca62c1d6 };; -{ .mmi; ld4 $h4=[ctx],-16 - add in2=-1,in2 // adjust num for ar.lc - mov ar.ec=1 };; -{ .mmi; ld4 $X[0]=[inp],4 // prefetch - cmp.ne p16,p0=r0,in2 // prefecth at loop end - mov ar.lc=in2 };; // brp.loop.imp: too far - -.Lhtop: -{ .mmi; mov $A=$h0 - mov $B=$h1 - mux2 tmp6=$h1,0x44 } -{ .mmi; mov $C=$h2 - mov $D=$h3 - mov $E=$h4 };; - -___ - - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); - -$code.=<<___; -{ .mmb; add $h0=$h0,$E - nop.m 0 - br.ctop.dptk.many .Lhtop };; -.Lhend: -{ .mmi; add tmp0=4,ctx - mov ar.lc=r3 };; -{ .mmi; st4 [ctx]=$h0,8 - st4 [tmp0]=$h1,8 };; -{ .mmi; st4 [ctx]=$h2,8 - st4 [tmp0]=$h3 };; -{ .mib; st4 [ctx]=$h4,-16 - mov pr=r2,0x1ffff - br.ret.sptk.many b0 };; -.endp sha1_block_asm_host_order# -___ - - -$code.=<<___; -// void sha1_block_asm_data_order(SHA_CTX *c,const void *p,size_t num); -.global sha1_block_asm_data_order# -.proc sha1_block_asm_data_order# -.align 32 -sha1_block_asm_data_order: -___ -$code.=<<___ if ($big_endian); -{ .mmi; and r2=3,inp };; -{ .mib; cmp.eq p6,p0=r0,r2 -(p6) br.dptk.many sha1_block_asm_host_order };; -___ -$code.=<<___; +sha1_block_data_order: .prologue { .mmi; alloc tmp1=ar.pfs,3,15,0,0 $ADDP tmp0=4,ctx @@ -440,90 +273,16 @@ tmp6=loc14; ___ - &BODY_00_15(\$code, 0,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 1,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 2,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 3,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code, 4,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code, 5,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code, 6,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code, 7,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code, 8,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code, 9,$D,$E,$T,$A,$B,$C,1); - &BODY_00_15(\$code,10,$C,$D,$E,$T,$A,$B,1); - &BODY_00_15(\$code,11,$B,$C,$D,$E,$T,$A,1); - &BODY_00_15(\$code,12,$A,$B,$C,$D,$E,$T,1); - &BODY_00_15(\$code,13,$T,$A,$B,$C,$D,$E,1); - &BODY_00_15(\$code,14,$E,$T,$A,$B,$C,$D,1); - &BODY_00_15(\$code,15,$D,$E,$T,$A,$B,$C,1); - - &BODY_16_19(\$code,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19(\$code,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19(\$code,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19(\$code,19,$T,$A,$B,$C,$D,$E); +{ my $i,@V=($A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39(\$code,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39(\$code,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39(\$code,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39(\$code,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39(\$code,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39(\$code,39,$D,$E,$T,$A,$B,$C); + for($i=0;$i<16;$i++) { &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<20;$i++) { &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<40;$i++) { &BODY_20_39(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<60;$i++) { &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); } + for(;$i<80;$i++) { &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); } - &BODY_40_59(\$code,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59(\$code,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59(\$code,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59(\$code,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59(\$code,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59(\$code,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59(\$code,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(\$code,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79(\$code,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79(\$code,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79(\$code,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79(\$code,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79(\$code,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79(\$code,79,$T,$A,$B,$C,$D,$E); + (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check +} $code.=<<___; { .mmb; add $h0=$h0,$E @@ -539,7 +298,8 @@ $code.=<<___; { .mib; st4 [ctx]=$h4,-16 mov pr=r2,0x1ffff br.ret.sptk.many b0 };; -.endp sha1_block_asm_data_order# +.endp sha1_block_data_order# +stringz "SHA1 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>" ___ print $code; diff --git a/crypto/sha/asm/sha512-ia64.pl b/crypto/sha/asm/sha512-ia64.pl index 9de9174992..1c6ce56522 100755 --- a/crypto/sha/asm/sha512-ia64.pl +++ b/crypto/sha/asm/sha512-ia64.pl @@ -2,8 +2,9 @@ # # ==================================================================== # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. |