43#if CRYPTOPP_MSC_VERSION
44# pragma warning(disable: 4731)
47#ifndef CRYPTOPP_IMPORTS
48#ifndef CRYPTOPP_GENERATE_X64_MASM
55#if defined(CRYPTOPP_DISABLE_SHA_ASM)
56# undef CRYPTOPP_X86_ASM_AVAILABLE
57# undef CRYPTOPP_X32_ASM_AVAILABLE
58# undef CRYPTOPP_X64_ASM_AVAILABLE
59# undef CRYPTOPP_SSE2_ASM_AVAILABLE
64#if CRYPTOPP_SHANI_AVAILABLE
65extern void SHA1_HashMultipleBlocks_SHANI(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
66extern void SHA256_HashMultipleBlocks_SHANI(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
69#if CRYPTOGAMS_ARM_SHA1
70extern "C" void cryptogams_sha1_block_data_order(
word32* state,
const word32 *data,
size_t blocks);
71extern "C" void cryptogams_sha1_block_data_order_neon(
word32* state,
const word32 *data,
size_t blocks);
74#if CRYPTOPP_ARM_SHA1_AVAILABLE
75extern void SHA1_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
78#if CRYPTOPP_ARM_SHA2_AVAILABLE
79extern void SHA256_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
82#if CRYPTOGAMS_ARM_SHA256
83extern "C" void cryptogams_sha256_block_data_order(
word32* state,
const word32 *data,
size_t blocks);
84extern "C" void cryptogams_sha256_block_data_order_neon(
word32* state,
const word32 *data,
size_t blocks);
87#if CRYPTOPP_ARM_SHA512_AVAILABLE
88extern void SHA512_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
91#if CRYPTOPP_POWER8_SHA_AVAILABLE
92extern void SHA256_HashMultipleBlocks_POWER8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
93extern void SHA512_HashMultipleBlocks_POWER8(
word64 *state,
const word64 *data,
size_t length,
ByteOrder order);
96#if CRYPTOGAMS_ARM_SHA512
97extern "C" void cryptogams_sha512_block_data_order(
word64* state,
const word64 *data,
size_t blocks);
98extern "C" void cryptogams_sha512_block_data_order_neon(
word64* state,
const word64 *data,
size_t blocks);
103extern const word32 SHA256_K[64];
104extern const word64 SHA512_K[80];
106CRYPTOPP_ALIGN_DATA(16)
107const
word64 SHA512_K[80] = {
150CRYPTOPP_ALIGN_DATA(16)
151const
word32 SHA256_K[64] = {
153 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
154 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
155 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
156 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
157 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
158 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
159 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
160 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
161 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
162 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
163 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
164 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
165 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
166 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
167 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
168 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
175ANONYMOUS_NAMESPACE_BEGIN
177#define blk0(i) (W[i] = data[i])
178#define blk1(i) (W[i&15] = rotlConstant<1>(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15]))
180#define f1(x,y,z) (z^(x&(y^z)))
181#define f2(x,y,z) (x^y^z)
182#define f3(x,y,z) ((x&y)|(z&(x|y)))
183#define f4(x,y,z) (x^y^z)
186#define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w);
187#define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w);
188#define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlConstant<5>(v);w=rotlConstant<30>(w);
189#define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlConstant<5>(v);w=rotlConstant<30>(w);
190#define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlConstant<5>(v);w=rotlConstant<30>(w);
192void SHA1_HashBlock_CXX(
word32 *state,
const word32 *data)
205 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
206 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
207 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
208 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
209 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
210 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
211 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
212 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
213 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
214 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
215 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
216 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
217 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
218 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
219 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
220 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
221 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
222 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
223 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
224 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
244ANONYMOUS_NAMESPACE_END
250std::string SHA1::AlgorithmProvider()
const
252#if CRYPTOPP_SHANI_AVAILABLE
256#if CRYPTOPP_SSE2_ASM_AVAILABLE
260#if CRYPTOGAMS_ARM_SHA1
261# if CRYPTOPP_ARM_NEON_AVAILABLE
269#if CRYPTOPP_ARM_SHA1_AVAILABLE
278 state[0] = 0x67452301;
279 state[1] = 0xEFCDAB89;
280 state[2] = 0x98BADCFE;
281 state[3] = 0x10325476;
282 state[4] = 0xC3D2E1F0;
290#if CRYPTOPP_SHANI_AVAILABLE
298#if CRYPTOGAMS_ARM_SHA1 && 0
299# if CRYPTOPP_ARM_NEON_AVAILABLE
302# if defined(CRYPTOPP_LITTLE_ENDIAN)
305 cryptogams_sha1_block_data_order_neon(state, dataBuf, 1);
307 cryptogams_sha1_block_data_order_neon(state, data, 1);
315# if defined(CRYPTOPP_LITTLE_ENDIAN)
318 cryptogams_sha1_block_data_order(state, data, 1);
320 cryptogams_sha1_block_data_order(state, data, 1);
325#if CRYPTOPP_ARM_SHA1_AVAILABLE
333 SHA1_HashBlock_CXX(state, data);
336size_t SHA1::HashMultipleBlocks(
const word32 *input,
size_t length)
341#if CRYPTOPP_SHANI_AVAILABLE
345 return length & (SHA1::BLOCKSIZE - 1);
348#if CRYPTOGAMS_ARM_SHA1
349# if CRYPTOPP_ARM_NEON_AVAILABLE
352 cryptogams_sha1_block_data_order_neon(m_state, input, length / SHA1::BLOCKSIZE);
353 return length & (SHA1::BLOCKSIZE - 1);
359 cryptogams_sha1_block_data_order(m_state, input, length / SHA1::BLOCKSIZE);
360 return length & (SHA1::BLOCKSIZE - 1);
363#if CRYPTOPP_ARM_SHA1_AVAILABLE
367 return length & (SHA1::BLOCKSIZE - 1);
372 word32 *dataBuf = this->DataBuf();
377 SHA1_HashBlock_CXX(m_state, input);
382 SHA1_HashBlock_CXX(m_state, dataBuf);
385 input += SHA1::BLOCKSIZE/
sizeof(
word32);
386 length -= SHA1::BLOCKSIZE;
388 while (length >= SHA1::BLOCKSIZE);
394ANONYMOUS_NAMESPACE_BEGIN
396#define a(i) T[(0-i)&7]
397#define b(i) T[(1-i)&7]
398#define c(i) T[(2-i)&7]
399#define d(i) T[(3-i)&7]
400#define e(i) T[(4-i)&7]
401#define f(i) T[(5-i)&7]
402#define g(i) T[(6-i)&7]
403#define h(i) T[(7-i)&7]
405#define blk0(i) (W[i] = data[i])
406#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
408#define Ch(x,y,z) (z^(x&(y^z)))
409#define Maj(x,y,z) (y^((x^y)&(y^z)))
411#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA256_K[i+j]+(j?blk2(i):blk0(i));\
412 d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
415#define s0(x) (rotrConstant<7>(x)^rotrConstant<18>(x)^(x>>3))
416#define s1(x) (rotrConstant<17>(x)^rotrConstant<19>(x)^(x>>10))
417#define S0(x) (rotrConstant<2>(x)^rotrConstant<13>(x)^rotrConstant<22>(x))
418#define S1(x) (rotrConstant<6>(x)^rotrConstant<11>(x)^rotrConstant<25>(x))
420void SHA256_HashBlock_CXX(
word32 *state,
const word32 *data)
424 std::memcpy(T, state,
sizeof(T));
426 for (
unsigned int j=0; j<64; j+=16)
428 R( 0); R( 1); R( 2); R( 3);
429 R( 4); R( 5); R( 6); R( 7);
430 R( 8); R( 9); R(10); R(11);
431 R(12); R(13); R(14); R(15);
464ANONYMOUS_NAMESPACE_END
466std::string SHA256_AlgorithmProvider()
468#if CRYPTOPP_SHANI_AVAILABLE
472#if CRYPTOPP_SSE2_ASM_AVAILABLE
476#if CRYPTOGAMS_ARM_SHA256
477# if CRYPTOPP_ARM_NEON_AVAILABLE
485#if CRYPTOPP_ARM_SHA2_AVAILABLE
489#if (CRYPTOPP_POWER8_SHA_AVAILABLE)
496std::string SHA224::AlgorithmProvider()
const
498 return SHA256_AlgorithmProvider();
503 static const word32 s[8] = {
504 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
505 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4};
506 std::memcpy(state, s,
sizeof(s));
511 static const word32 s[8] = {
512 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
513 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19};
514 std::memcpy(state, s,
sizeof(s));
518#if defined(CRYPTOPP_X86_ASM_AVAILABLE)
520ANONYMOUS_NAMESPACE_BEGIN
522void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(
word32 *state,
const word32 *data,
size_t len)
525 CRYPTOPP_UNUSED(state);
526 CRYPTOPP_UNUSED(data);
527 CRYPTOPP_UNUSED(len);
529 #define LOCALS_SIZE 8*4 + 16*4 + 4*WORD_SZ
530 #define H(i) [BASE+ASM_MOD(1024+7-(i),8)*4]
538 #define Wt(i) BASE+8*4+ASM_MOD(1024+15-(i),16)*4
539 #define Wt_2(i) Wt((i)-2)
540 #define Wt_15(i) Wt((i)-15)
541 #define Wt_7(i) Wt((i)-7)
542 #define K_END [BASE+8*4+16*4+0*WORD_SZ]
543 #define STATE_SAVE [BASE+8*4+16*4+1*WORD_SZ]
544 #define DATA_SAVE [BASE+8*4+16*4+2*WORD_SZ]
545 #define DATA_END [BASE+8*4+16*4+3*WORD_SZ]
546 #define Kt(i) WORD_REG(si)+(i)*4
549#elif defined(__GNUC__)
555#define RA0(i, edx, edi) \
556 AS2( add edx, [Kt(i)] )\
557 AS2( add edx, [Wt(i)] )\
558 AS2( add edx, H(i) )\
560#define RA1(i, edx, edi)
562#define RB0(i, edx, edi)
564#define RB1(i, edx, edi) \
565 AS2( mov AS_REG_7d, [Wt_2(i)] )\
566 AS2( mov edi, [Wt_15(i)])\
567 AS2( mov ebx, AS_REG_7d )\
568 AS2( shr AS_REG_7d, 10 )\
570 AS2( xor AS_REG_7d, ebx )\
572 AS2( xor ebx, AS_REG_7d )\
573 AS2( add ebx, [Wt_7(i)])\
574 AS2( mov AS_REG_7d, edi )\
575 AS2( shr AS_REG_7d, 3 )\
577 AS2( add ebx, [Wt(i)])\
578 AS2( xor AS_REG_7d, edi )\
579 AS2( add edx, [Kt(i)])\
581 AS2( add edx, H(i) )\
582 AS2( xor AS_REG_7d, edi )\
583 AS2( add AS_REG_7d, ebx )\
584 AS2( mov [Wt(i)], AS_REG_7d)\
585 AS2( add edx, AS_REG_7d )\
587#define ROUND(i, r, eax, ecx, edi, edx)\
590 AS2( mov edx, F(i) )\
591 AS2( xor edx, G(i) )\
593 AS2( xor edx, G(i) )\
594 AS2( mov AS_REG_7d, edi )\
596 AS2( ror AS_REG_7d, 25 )\
598 AS2( xor AS_REG_7d, edi )\
600 AS2( xor AS_REG_7d, edi )\
601 AS2( add edx, AS_REG_7d )\
606 AS2( xor ecx, B(i) )\
608 AS2( xor eax, B(i) )\
609 AS2( mov AS_REG_7d, ebx )\
612 AS2( add edx, D(i) )\
613 AS2( mov D(i), edx )\
614 AS2( ror AS_REG_7d, 22 )\
615 AS2( xor AS_REG_7d, ebx )\
617 AS2( xor AS_REG_7d, ebx )\
618 AS2( add eax, AS_REG_7d )\
619 AS2( mov H(i), eax )\
624#define SWAP_COPY(i) \
625 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\
626 AS1( bswap WORD_REG(bx))\
627 AS2( mov [Wt(i*2+1)], WORD_REG(bx))
629#define SWAP_COPY(i) \
630 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\
631 AS1( bswap WORD_REG(bx))\
632 AS2( mov [Wt(i)], WORD_REG(bx))
636 #if CRYPTOPP_BOOL_X64
645#elif defined(CRYPTOPP_GENERATE_X64_MASM)
647 SHA256_HashMultipleBlocks_SSE2 PROC FRAME
652 alloc_stack(LOCALS_SIZE+8)
655 lea rsi, [?SHA256_K@
CryptoPP@@3QBIB + 48*4]
661 AS2( lea WORD_REG(si), [SHA256_K+48*4])
663 #
if !defined(CRYPTOPP_MSC_VERSION) || (CRYPTOPP_MSC_VERSION < 1400)
670 AS2( sub WORD_REG(sp), LOCALS_SIZE)
673 AS2( mov STATE_SAVE, WORD_REG(cx))
674 AS2( mov DATA_SAVE, WORD_REG(dx))
675 AS2( lea WORD_REG(ax), [WORD_REG(di) + WORD_REG(dx)])
676 AS2( mov DATA_END, WORD_REG(ax))
677 AS2( mov K_END, WORD_REG(si))
679#
if CRYPTOPP_SSE2_ASM_AVAILABLE
683 AS1( dec DWORD PTR K_END)
685 AS2( movdqu xmm0, XMMWORD_PTR [WORD_REG(cx)+0*16])
686 AS2( movdqu xmm1, XMMWORD_PTR [WORD_REG(cx)+1*16])
690#
if CRYPTOPP_SSE2_ASM_AVAILABLE
704#
if CRYPTOPP_SSE2_ASM_AVAILABLE
706 AS2( movdqu E(0), xmm1)
707 AS2( movdqu A(0), xmm0)
712 AS2( sub WORD_REG(si), 48*4)
713 SWAP_COPY(0) SWAP_COPY(1) SWAP_COPY(2) SWAP_COPY(3)
714 SWAP_COPY(4) SWAP_COPY(5) SWAP_COPY(6) SWAP_COPY(7)
716 SWAP_COPY(8) SWAP_COPY(9) SWAP_COPY(10) SWAP_COPY(11)
717 SWAP_COPY(12) SWAP_COPY(13) SWAP_COPY(14) SWAP_COPY(15)
724 ROUND(0, 0, eax, ecx, edi, edx)
725 ROUND(1, 0, ecx, eax, edx, edi)
726 ROUND(2, 0, eax, ecx, edi, edx)
727 ROUND(3, 0, ecx, eax, edx, edi)
728 ROUND(4, 0, eax, ecx, edi, edx)
729 ROUND(5, 0, ecx, eax, edx, edi)
730 ROUND(6, 0, eax, ecx, edi, edx)
731 ROUND(7, 0, ecx, eax, edx, edi)
732 ROUND(8, 0, eax, ecx, edi, edx)
733 ROUND(9, 0, ecx, eax, edx, edi)
734 ROUND(10, 0, eax, ecx, edi, edx)
735 ROUND(11, 0, ecx, eax, edx, edi)
736 ROUND(12, 0, eax, ecx, edi, edx)
737 ROUND(13, 0, ecx, eax, edx, edi)
738 ROUND(14, 0, eax, ecx, edi, edx)
739 ROUND(15, 0, ecx, eax, edx, edi)
742 AS2(add WORD_REG(si), 4*16)
743 ROUND(0, 1, eax, ecx, edi, edx)
744 ROUND(1, 1, ecx, eax, edx, edi)
745 ROUND(2, 1, eax, ecx, edi, edx)
746 ROUND(3, 1, ecx, eax, edx, edi)
747 ROUND(4, 1, eax, ecx, edi, edx)
748 ROUND(5, 1, ecx, eax, edx, edi)
749 ROUND(6, 1, eax, ecx, edi, edx)
750 ROUND(7, 1, ecx, eax, edx, edi)
751 ROUND(8, 1, eax, ecx, edi, edx)
752 ROUND(9, 1, ecx, eax, edx, edi)
753 ROUND(10, 1, eax, ecx, edi, edx)
754 ROUND(11, 1, ecx, eax, edx, edi)
755 ROUND(12, 1, eax, ecx, edi, edx)
756 ROUND(13, 1, ecx, eax, edx, edi)
757 ROUND(14, 1, eax, ecx, edi, edx)
758 ROUND(15, 1, ecx, eax, edx, edi)
759 AS2( cmp WORD_REG(si), K_END)
764 AS2( mov WORD_REG(dx), DATA_SAVE)
765 AS2( add WORD_REG(dx), 64)
766 AS2( mov AS_REG_7, STATE_SAVE)
767 AS2( mov DATA_SAVE, WORD_REG(dx))
769#
if CRYPTOPP_SSE2_ASM_AVAILABLE
771 AS2( test DWORD PTR K_END, 1)
774 AS2( movdqu xmm1, XMMWORD_PTR [AS_REG_7+1*16])
775 AS2( movdqu xmm0, XMMWORD_PTR [AS_REG_7+0*16])
776 AS2( paddd xmm1, E(0))
777 AS2( paddd xmm0, A(0))
778 AS2( movdqu [AS_REG_7+1*16], xmm1)
779 AS2( movdqu [AS_REG_7+0*16], xmm0)
780 AS2( cmp WORD_REG(dx), DATA_END)
787#
if CRYPTOPP_SSE2_ASM_AVAILABLE
791 AS2( add [AS_REG_7+0*4], ecx)
792 AS2( add [AS_REG_7+4*4], edi)
796 AS2( add [AS_REG_7+1*4], eax)
797 AS2( add [AS_REG_7+2*4], ebx)
798 AS2( add [AS_REG_7+3*4], ecx)
802 AS2( add [AS_REG_7+5*4], eax)
803 AS2( add [AS_REG_7+6*4], ebx)
804 AS2( add [AS_REG_7+7*4], ecx)
805 AS2( mov ecx, AS_REG_7d)
806 AS2( cmp WORD_REG(dx), DATA_END)
808#
if CRYPTOPP_SSE2_ASM_AVAILABLE
815 #
if !defined(CRYPTOPP_MSC_VERSION) || (CRYPTOPP_MSC_VERSION < 1400)
819#ifdef CRYPTOPP_GENERATE_X64_MASM
820 add rsp, LOCALS_SIZE+8
826 SHA256_HashMultipleBlocks_SSE2 ENDP
832 :
"c" (state),
"d" (data),
"S" (SHA256_K+48),
"D" (len)
836 :
"memory",
"cc",
"%eax"
838 , PERCENT_REG(AS_REG_7),
"%rbx",
"%r8",
"%r10",
"%xmm0",
"%xmm1"
846ANONYMOUS_NAMESPACE_END
850#ifndef CRYPTOPP_GENERATE_X64_MASM
852#ifdef CRYPTOPP_X64_MASM_AVAILABLE
854void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(
word32 *state,
const word32 *data,
size_t len);
858std::string SHA256::AlgorithmProvider()
const
860 return SHA256_AlgorithmProvider();
868#if CRYPTOPP_SHANI_AVAILABLE
876#if CRYPTOGAMS_ARM_SHA256 && 0
877# if CRYPTOPP_ARM_NEON_AVAILABLE
880# if defined(CRYPTOPP_LITTLE_ENDIAN)
883 cryptogams_sha256_block_data_order_neon(state, dataBuf, 1);
885 cryptogams_sha256_block_data_order_neon(state, data, 1);
893# if defined(CRYPTOPP_LITTLE_ENDIAN)
896 cryptogams_sha256_block_data_order(state, data, 1);
898 cryptogams_sha256_block_data_order(state, data, 1);
903#if CRYPTOPP_ARM_SHA2_AVAILABLE
910#if CRYPTOPP_POWER8_SHA_AVAILABLE
918 SHA256_HashBlock_CXX(state, data);
921size_t SHA256::HashMultipleBlocks(
const word32 *input,
size_t length)
926#if CRYPTOPP_SHANI_AVAILABLE
930 return length & (SHA256::BLOCKSIZE - 1);
933#if CRYPTOPP_SSE2_ASM_AVAILABLE || CRYPTOPP_X64_MASM_AVAILABLE
936 const size_t res = length & (SHA256::BLOCKSIZE - 1);
937 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
941#if CRYPTOGAMS_ARM_SHA256
942# if CRYPTOPP_ARM_NEON_AVAILABLE
945 cryptogams_sha256_block_data_order_neon(m_state, input, length / SHA256::BLOCKSIZE);
946 return length & (SHA256::BLOCKSIZE - 1);
952 cryptogams_sha256_block_data_order(m_state, input, length / SHA256::BLOCKSIZE);
953 return length & (SHA256::BLOCKSIZE - 1);
956#if CRYPTOPP_ARM_SHA2_AVAILABLE
960 return length & (SHA256::BLOCKSIZE - 1);
963#if CRYPTOPP_POWER8_SHA_AVAILABLE
967 return length & (SHA256::BLOCKSIZE - 1);
972 word32 *dataBuf = this->DataBuf();
977 SHA256_HashBlock_CXX(m_state, input);
982 SHA256_HashBlock_CXX(m_state, dataBuf);
985 input += SHA256::BLOCKSIZE/
sizeof(
word32);
986 length -= SHA256::BLOCKSIZE;
988 while (length >= SHA256::BLOCKSIZE);
992size_t SHA224::HashMultipleBlocks(
const word32 *input,
size_t length)
997#if CRYPTOPP_SHANI_AVAILABLE
1001 return length & (SHA256::BLOCKSIZE - 1);
1004#if CRYPTOPP_SSE2_ASM_AVAILABLE || CRYPTOPP_X64_MASM_AVAILABLE
1007 const size_t res = length & (SHA256::BLOCKSIZE - 1);
1008 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
1012#if CRYPTOGAMS_ARM_SHA256
1013# if CRYPTOPP_ARM_NEON_AVAILABLE
1016 cryptogams_sha256_block_data_order_neon(m_state, input, length / SHA256::BLOCKSIZE);
1017 return length & (SHA256::BLOCKSIZE - 1);
1023 cryptogams_sha256_block_data_order(m_state, input, length / SHA256::BLOCKSIZE);
1024 return length & (SHA256::BLOCKSIZE - 1);
1027#if CRYPTOPP_ARM_SHA2_AVAILABLE
1031 return length & (SHA256::BLOCKSIZE - 1);
1034#if CRYPTOPP_POWER8_SHA_AVAILABLE
1037 SHA256_HashMultipleBlocks_POWER8(m_state, input, length,
BIG_ENDIAN_ORDER);
1038 return length & (SHA256::BLOCKSIZE - 1);
1043 word32 *dataBuf = this->DataBuf();
1048 SHA256_HashBlock_CXX(m_state, input);
1053 SHA256_HashBlock_CXX(m_state, dataBuf);
1056 input += SHA256::BLOCKSIZE/
sizeof(
word32);
1057 length -= SHA256::BLOCKSIZE;
1059 while (length >= SHA256::BLOCKSIZE);
1065std::string SHA512_AlgorithmProvider()
1067#if CRYPTOPP_SSE2_ASM_AVAILABLE
1071#if CRYPTOGAMS_ARM_SHA512
1072# if CRYPTOPP_ARM_NEON_AVAILABLE
1080#if (CRYPTOPP_POWER8_SHA_AVAILABLE)
1087std::string SHA384::AlgorithmProvider()
const
1089 return SHA512_AlgorithmProvider();
1092std::string SHA512::AlgorithmProvider()
const
1094 return SHA512_AlgorithmProvider();
1100 W64LIT(0xcbbb9d5dc1059ed8),
W64LIT(0x629a292a367cd507),
1101 W64LIT(0x9159015a3070dd17),
W64LIT(0x152fecd8f70e5939),
1102 W64LIT(0x67332667ffc00b31),
W64LIT(0x8eb44a8768581511),
1103 W64LIT(0xdb0c2e0d64f98fa7),
W64LIT(0x47b5481dbefa4fa4)};
1104 std::memcpy(state, s,
sizeof(s));
1110 W64LIT(0x6a09e667f3bcc908),
W64LIT(0xbb67ae8584caa73b),
1111 W64LIT(0x3c6ef372fe94f82b),
W64LIT(0xa54ff53a5f1d36f1),
1112 W64LIT(0x510e527fade682d1),
W64LIT(0x9b05688c2b3e6c1f),
1113 W64LIT(0x1f83d9abfb41bd6b),
W64LIT(0x5be0cd19137e2179)};
1114 std::memcpy(state, s,
sizeof(s));
1117#if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86)
1119ANONYMOUS_NAMESPACE_BEGIN
1127CRYPTOPP_NOINLINE CRYPTOPP_NAKED
1128void CRYPTOPP_FASTCALL SHA512_HashBlock_SSE2(
word64 *state,
const word64 *data)
1131 CRYPTOPP_UNUSED(state);
1132 CRYPTOPP_UNUSED(data);
1135 __asm__ __volatile__
1144 AS2( lea ebx, SHA512_K)
1148 AS2( and esp, 0xfffffff0)
1149 AS2( sub esp, 27*16)
1153 AS2( lea edi, [esp+4+8*8])
1154 AS2( lea esi, [esp+4+20*8+8])
1156 AS2( movdqu xmm0, [ecx+0*16])
1157 AS2( movdq2q mm4, xmm0)
1158 AS2( movdqu [edi+0*16], xmm0)
1159 AS2( movdqu xmm0, [ecx+1*16])
1160 AS2( movdqu [edi+1*16], xmm0)
1161 AS2( movdqu xmm0, [ecx+2*16])
1162 AS2( movdq2q mm5, xmm0)
1163 AS2( movdqu [edi+2*16], xmm0)
1164 AS2( movdqu xmm0, [ecx+3*16])
1165 AS2( movdqu [edi+3*16], xmm0)
1168#define SSE2_S0_S1(r, a, b, c) \
1172 AS2( psllq mm6, 64-c)\
1173 AS2( pxor mm7, mm6)\
1176 AS2( psllq mm6, c-b)\
1177 AS2( pxor mm7, mm6)\
1180 AS2( psllq mm6, b-a)\
1183#define SSE2_s0(r, a, b, c) \
1184 AS2( movdqu xmm6, r)\
1186 AS2( movdqu xmm7, r)\
1187 AS2( psllq xmm6, 64-c)\
1188 AS2( pxor xmm7, xmm6)\
1193 AS2( psllq xmm6, c-a)\
1196#define SSE2_s1(r, a, b, c) \
1197 AS2( movdqu xmm6, r)\
1199 AS2( movdqu xmm7, r)\
1200 AS2( psllq xmm6, 64-c)\
1201 AS2( pxor xmm7, xmm6)\
1204 AS2( psllq xmm6, c-b)\
1205 AS2( pxor xmm7, xmm6)\
1211 AS2( paddq mm0, [edi+7*8])
1212 AS2( movq mm2, [edi+5*8])
1213 AS2( movq mm3, [edi+6*8])
1216 SSE2_S0_S1(mm5,14,18,41)
1218 AS2( paddq mm0, mm2)
1219 AS2( paddq mm5, mm0)
1220 AS2( movq mm2, [edi+1*8])
1223 AS2( pand mm2, [edi+2*8])
1226 AS2( paddq mm1, mm5)
1227 AS2( paddq mm5, [edi+3*8])
1228 AS2( movq [edi+3*8], mm5)
1229 AS2( movq [edi+11*8], mm5)
1230 SSE2_S0_S1(mm4,28,34,39)
1231 AS2( paddq mm4, mm1)
1232 AS2( movq [edi-8], mm4)
1233 AS2( movq [edi+7*8], mm4)
1238 AS2( movq mm0, [edx+eax*8])
1239 AS2( movq [esi+eax*8], mm0)
1240 AS2( movq [esi+eax*8+16*8], mm0)
1241 AS2( paddq mm0, [ebx+eax*8])
1242 ASC( call, SHA512_Round)
1253 AS2( movdqu xmm0, [esi+(16-2)*8])
1256 AS2( movdqu xmm3, [esi])
1257 AS2( paddq xmm3, [esi+(16-7)*8])
1258 AS2( movdqu xmm2, [esi+(16-15)*8])
1259 SSE2_s1(xmm0, 6, 19, 61)
1260 AS2( paddq xmm0, xmm3)
1261 SSE2_s0(xmm2, 1, 7, 8)
1262 AS2( paddq xmm0, xmm2)
1263 AS2( movdq2q mm0, xmm0)
1264 AS2( movhlps xmm1, xmm0)
1265 AS2( paddq mm0, [ebx+eax*8])
1266 AS2( movlps [esi], xmm0)
1267 AS2( movlps [esi+8], xmm1)
1268 AS2( movlps [esi+8*16], xmm0)
1269 AS2( movlps [esi+8*17], xmm1)
1271 ASC( call, SHA512_Round)
1273 AS2( movdq2q mm0, xmm1)
1274 AS2( paddq mm0, [ebx+eax*8+8])
1275 ASC( call, SHA512_Round)
1285 AS2( lea esi, [esp+4+20*8+8+esi*8])
1290#define SSE2_CombineState(i) \
1291 AS2( movdqu xmm0, [edi+i*16])\
1292 AS2( paddq xmm0, [ecx+i*16])\
1293 AS2( movdqu [ecx+i*16], xmm0)
1295 SSE2_CombineState(0)
1296 SSE2_CombineState(1)
1297 SSE2_CombineState(2)
1298 SSE2_CombineState(3)
1303#
if defined(__GNUC__)
1307 :
"a" (SHA512_K),
"c" (state),
"d" (data)
1308 :
"%ebx",
"%esi",
"%edi",
"memory",
"cc"
1310 ,
"%mm0",
"%mm1",
"%mm2",
"%mm3",
"%mm4",
"%mm5",
1311 "%xmm0",
"%xmm1",
"%xmm2",
"%xmm3",
"%xmm4",
"%xmm5",
"%xmm6",
"%xmm7"
1322ANONYMOUS_NAMESPACE_END
1326ANONYMOUS_NAMESPACE_BEGIN
1328#define a(i) T[(0-i)&7]
1329#define b(i) T[(1-i)&7]
1330#define c(i) T[(2-i)&7]
1331#define d(i) T[(3-i)&7]
1332#define e(i) T[(4-i)&7]
1333#define f(i) T[(5-i)&7]
1334#define g(i) T[(6-i)&7]
1335#define h(i) T[(7-i)&7]
1337#define blk0(i) (W[i]=data[i])
1338#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
1340#define Ch(x,y,z) (z^(x&(y^z)))
1341#define Maj(x,y,z) (y^((x^y)&(y^z)))
1343#define s0(x) (rotrConstant<1>(x)^rotrConstant<8>(x)^(x>>7))
1344#define s1(x) (rotrConstant<19>(x)^rotrConstant<61>(x)^(x>>6))
1345#define S0(x) (rotrConstant<28>(x)^rotrConstant<34>(x)^rotrConstant<39>(x))
1346#define S1(x) (rotrConstant<14>(x)^rotrConstant<18>(x)^rotrConstant<41>(x))
1348#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA512_K[i+j]+\
1349 (j?blk2(i):blk0(i));d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i));
1351void SHA512_HashBlock_CXX(
word64 *state,
const word64 *data)
1359 std::memcpy(T, state,
sizeof(T));
1362 for (
unsigned int j=0; j<80; j+=16)
1364 R( 0); R( 1); R( 2); R( 3);
1365 R( 4); R( 5); R( 6); R( 7);
1366 R( 8); R( 9); R(10); R(11);
1367 R(12); R(13); R(14); R(15);
1380ANONYMOUS_NAMESPACE_END
1387#if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86)
1390 SHA512_HashBlock_SSE2(state, data);
1394#if CRYPTOGAMS_ARM_SHA512
1395# if CRYPTOPP_ARM_NEON_AVAILABLE
1398# if (CRYPTOPP_LITTLE_ENDIAN)
1401 cryptogams_sha512_block_data_order_neon(state, dataBuf, 1);
1403 cryptogams_sha512_block_data_order_neon(state, data, 1);
1411# if (CRYPTOPP_LITTLE_ENDIAN)
1414 cryptogams_sha512_block_data_order(state, dataBuf, 1);
1416 cryptogams_sha512_block_data_order(state, data, 1);
1421#if CRYPTOPP_POWER8_SHA_AVAILABLE
1424 SHA512_HashMultipleBlocks_POWER8(state, data, SHA512::BLOCKSIZE,
BIG_ENDIAN_ORDER);
1429 SHA512_HashBlock_CXX(state, data);
Fixed size stack-based SecBlock with 16-byte alignment.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void InitState(HashWordType *state)
Initialize state array.
static void InitState(HashWordType *state)
Initialize state array.
static void InitState(HashWordType *state)
Initialize state array.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void InitState(HashWordType *state)
Initialize state array.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void InitState(HashWordType *state)
Initialize state array.
Library configuration file.
#define CRYPTOPP_BOOL_X86
32-bit x86 platform
#define CRYPTOPP_BOOL_X32
32-bit x32 platform
#define CRYPTOPP_BOOL_X64
32-bit x86 platform
#define W64LIT(x)
Declare an unsigned word64.
unsigned int word32
32-bit unsigned datatype
unsigned long long word64
64-bit unsigned datatype
Functions for CPU features and intrinsics.
ByteOrder
Provides the byte ordering.
@ LITTLE_ENDIAN_ORDER
byte order is little-endian
@ BIG_ENDIAN_ORDER
byte order is big-endian
Utility functions for the Crypto++ library.
byte ByteReverse(byte value)
Reverses bytes in a 8-bit value.
bool NativeByteOrderIs(ByteOrder order)
Determines whether order follows native byte ordering.
Crypto++ library namespace.
Classes and functions for secure memory allocations.
Classes for SHA-1 and SHA-2 family of message digests.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.