Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Branch: OpenSSL-fips-2_0-stable
Branches Tags
openssl
/
crypto
/
sha
/
asm
/
sha256-c64x.pl

sha256-c64x.pl 8.5 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313 
  1. #!/usr/bin/env perl
    2. 

  2. #
    3. 

  3. # ====================================================================
    4. 

  4. # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
    5. 

  5. # project. The module is, however, dual licensed under OpenSSL and
    6. 

  6. # CRYPTOGAMS licenses depending on where you obtain it. For further
    7. 

  7. # details see http://www.openssl.org/~appro/cryptogams/.
    8. 

  8. # ====================================================================
    9. 

  9. #
    10. 

  10. # SHA256 for C64x.
    11. 

  11. #
    12. 

  12. # November 2016
    13. 

  13. #
    14. 

  14. # Performance is just below 10 cycles per processed byte, which is
    15. 

  15. # almost 40% faster than compiler-generated code. Unroll is unlikely
    16. 

  16. # to give more than ~8% improvement...
    17. 

  17. #
    18. 

  18. # !!! Note that this module uses AMR, which means that all interrupt
    19. 

  19. # service routines are expected to preserve it and for own well-being
    20. 

  20. # zero it upon entry.
    21. 

  21. 

  22. while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
    23. 

  23. open STDOUT,">$output";
    24. 

  24. 

  25. ($CTXA,$INP,$NUM) = ("A4","B4","A6");            # arguments
    26. 

  26.  $K256="A3";
    27. 

  27. 

  28. ($A,$Actx,$B,$Bctx,$C,$Cctx,$D,$Dctx,$T2,$S0,$s1,$t0a,$t1a,$t2a,$X9,$X14)
    29. 

  29. 	=map("A$_",(16..31));
    30. 

  30. ($E,$Ectx,$F,$Fctx,$G,$Gctx,$H,$Hctx,$T1,$S1,$s0,$t0e,$t1e,$t2e,$X1,$X15)
    31. 

  31. 	=map("B$_",(16..31));
    32. 

  32. 

  33. ($Xia,$Xib)=("A5","B5");			# circular/ring buffer
    34. 

  34.  $CTXB=$t2e;
    35. 

  35. 

  36. ($Xn,$X0,$K)=("B7","B8","B9");
    37. 

  37. ($Maj,$Ch)=($T2,"B6");
    38. 

  38. 

  39. $code.=<<___;
    40. 

  40. 	.text
    41. 

  41. 

  42. 	.if	.ASSEMBLER_VERSION<7000000
    43. 

  43. 	.asg	0,__TI_EABI__
    44. 

  44. 	.endif
    45. 

  45. 	.if	__TI_EABI__
    46. 

  46. 	.nocmp
    47. 

  47. 	.asg	sha256_block_data_order,_sha256_block_data_order
    48. 

  48. 	.endif
    49. 

  49. 

  50. 	.asg	B3,RA
    51. 

  51. 	.asg	A15,FP
    52. 

  52. 	.asg	B15,SP
    53. 

  53. 

  54. 	.if	.BIG_ENDIAN
    55. 

  55. 	.asg	SWAP2,MV
    56. 

  56. 	.asg	SWAP4,MV
    57. 

  57. 	.endif
    58. 

  58. 

  59. 	.global	_sha256_block_data_order
    60. 

  60. _sha256_block_data_order:
    61. 

  61. __sha256_block:
    62. 

  62. 	.asmfunc stack_usage(64)
    63. 

  63. 	MV	$NUM,A0				; reassign $NUM
    64. 

  64. ||	MVK	-64,B0
    65. 

  65.   [!A0]	BNOP	RA				; if ($NUM==0) return;
    66. 

  66. || [A0]	STW	FP,*SP--[16]			; save frame pointer and alloca(64)
    67. 

  67. || [A0]	MV	SP,FP
    68. 

  68.    [A0]	ADDKPC	_sha256_block_data_order,B2
    69. 

  69. || [A0]	AND	B0,SP,SP			; align stack at 64 bytes
    70. 

  70. 	.if	__TI_EABI__
    71. 

  71.    [A0]	MVK	0x00404,B1
    72. 

  72. || [A0]	MVKL	\$PCR_OFFSET(K256,__sha256_block),$K256
    73. 

  73.    [A0]	MVKH	0x50000,B1
    74. 

  74. || [A0]	MVKH	\$PCR_OFFSET(K256,__sha256_block),$K256
    75. 

  75. 	.else
    76. 

  76.    [A0]	MVK	0x00404,B1
    77. 

  77. || [A0]	MVKL	(K256-__sha256_block),$K256
    78. 

  78.    [A0]	MVKH	0x50000,B1
    79. 

  79. || [A0]	MVKH	(K256-__sha256_block),$K256
    80. 

  80. 	.endif
    81. 

  81.    [A0]	MVC	B1,AMR				; setup circular addressing
    82. 

  82. || [A0]	MV	SP,$Xia
    83. 

  83.    [A0]	MV	SP,$Xib
    84. 

  84. || [A0]	ADD	B2,$K256,$K256
    85. 

  85. || [A0]	MV	$CTXA,$CTXB
    86. 

  86. || [A0]	SUBAW	SP,2,SP				; reserve two words above buffer
    87. 

  87. 	LDW	*${CTXA}[0],$A			; load ctx
    88. 

  88. ||	LDW	*${CTXB}[4],$E
    89. 

  89. 	LDW	*${CTXA}[1],$B
    90. 

  90. ||	LDW	*${CTXB}[5],$F
    91. 

  91. 	LDW	*${CTXA}[2],$C
    92. 

  92. ||	LDW	*${CTXB}[6],$G
    93. 

  93. 	LDW	*${CTXA}[3],$D
    94. 

  94. ||	LDW	*${CTXB}[7],$H
    95. 

  95. 

  96. 	LDNW	*$INP++,$Xn			; pre-fetch input
    97. 

  97. 	LDW	*$K256++,$K			; pre-fetch K256[0]
    98. 

  98. 	NOP
    99. 

  99. 	ADDAW	$Xia,9,$Xia
    100. 

  100. outerloop?:
    101. 

  101. 	SUB	A0,1,A0
    102. 

  102. ||	MV	$A,$Actx
    103. 

  103. ||	MV	$E,$Ectx
    104. 

  104. ||	MVD	$B,$Bctx
    105. 

  105. ||	MVD	$F,$Fctx
    106. 

  106. 	MV	$C,$Cctx
    107. 

  107. ||	MV	$G,$Gctx
    108. 

  108. ||	MVD	$D,$Dctx
    109. 

  109. ||	MVD	$H,$Hctx
    110. 

  110. ||	SWAP4	$Xn,$X0
    111. 

  111. 

  112. 	MVK	14,B0				; loop counter
    113. 

  113. ||	SWAP2	$X0,$X0
    114. 

  114. 

  115. loop_00_14?:					; BODY_00_14
    116. 

  116. 	LDNW	*$INP++,$Xn
    117. 

  117. ||	ROTL	$A,30,$S0
    118. 

  118. ||	OR	$A,$B,$Maj
    119. 

  119. ||	AND	$A,$B,$t2a
    120. 

  120. ||	ROTL	$E,26,$S1
    121. 

  121. ||	AND	$F,$E,$Ch
    122. 

  122. ||	ANDN	$G,$E,$t2e
    123. 

  123. 	ROTL	$A,19,$t0a
    124. 

  124. ||	AND	$C,$Maj,$Maj
    125. 

  125. ||	ROTL	$E,21,$t0e
    126. 

  126. ||	XOR	$t2e,$Ch,$Ch			; Ch(e,f,g) = (e&f)^(~e&g)
    127. 

  127. 	ROTL	$A,10,$t1a
    128. 

  128. ||	OR	$t2a,$Maj,$Maj			; Maj(a,b,c) = ((a|b)&c)|(a&b)
    129. 

  129. ||	ROTL	$E,7,$t1e
    130. 

  130. ||	ADD	$K,$H,$T1			; T1 = h + K256[i]
    131. 

  131. || [B0]	BDEC	loop_00_14?,B0
    132. 

  132. 	ADD	$X0,$T1,$T1			; T1 += X[i];
    133. 

  133. ||	STW	$X0,*$Xib++
    134. 

  134. ||	XOR	$t0a,$S0,$S0
    135. 

  135. ||	XOR	$t0e,$S1,$S1
    136. 

  136. 	XOR	$t1a,$S0,$S0			; Sigma0(a)
    137. 

  137. ||	XOR	$t1e,$S1,$S1			; Sigma1(e)
    138. 

  138. ||	LDW	*$K256++,$K			; pre-fetch K256[i+1]
    139. 

  139. ||	ADD	$Ch,$T1,$T1			; T1 += Ch(e,f,g)
    140. 

  140. 	ADD	$S1,$T1,$T1			; T1 += Sigma1(e)
    141. 

  141. ||	ADD	$S0,$Maj,$T2			; T2 = Sigma0(a) + Maj(a,b,c)
    142. 

  142. ||	ROTL	$G,0,$H				; h = g
    143. 

  143. ||	MV	$F,$G				; g = f
    144. 

  144. ||	MV	$X0,$X14
    145. 

  145. ||	SWAP4	$Xn,$X0
    146. 

  146. 	SWAP2	$X0,$X0
    147. 

  147. ||	MV	$E,$F				; f = e
    148. 

  148. ||	ADD	$D,$T1,$E			; e = d + T1
    149. 

  149. ||	MV	$C,$D				; d = c
    150. 

  150. 	MV	$B,$C				; c = b
    151. 

  151. ||	MV	$A,$B				; b = a
    152. 

  152. ||	ADD	$T1,$T2,$A			; a = T1 + T2
    153. 

  153. ;;===== branch to loop00_14? is taken here
    154. 

  154. 

  155. 	ROTL	$A,30,$S0			; BODY_15
    156. 

  156. ||	OR	$A,$B,$Maj
    157. 

  157. ||	AND	$A,$B,$t2a
    158. 

  158. ||	ROTL	$E,26,$S1
    159. 

  159. ||	AND	$F,$E,$Ch
    160. 

  160. ||	ANDN	$G,$E,$t2e
    161. 

  161. ||	LDW	*${Xib}[1],$Xn			; modulo-scheduled
    162. 

  162. 	ROTL	$A,19,$t0a
    163. 

  163. ||	AND	$C,$Maj,$Maj
    164. 

  164. ||	ROTL	$E,21,$t0e
    165. 

  165. ||	XOR	$t2e,$Ch,$Ch			; Ch(e,f,g) = (e&f)^(~e&g)
    166. 

  166. ||	LDW	*${Xib}[2],$X1			; modulo-scheduled
    167. 

  167. 	ROTL	$A,10,$t1a
    168. 

  168. ||	OR	$t2a,$Maj,$Maj			; Maj(a,b,c) = ((a|b)&c)|(a&b)
    169. 

  169. ||	ROTL	$E,7,$t1e
    170. 

  170. ||	ADD	$K,$H,$T1			; T1 = h + K256[i]
    171. 

  171. 	ADD	$X0,$T1,$T1			; T1 += X[i];
    172. 

  172. ||	STW	$X0,*$Xib++
    173. 

  173. ||	XOR	$t0a,$S0,$S0
    174. 

  174. ||	XOR	$t0e,$S1,$S1
    175. 

  175. 	XOR	$t1a,$S0,$S0			; Sigma0(a)
    176. 

  176. ||	XOR	$t1e,$S1,$S1			; Sigma1(e)
    177. 

  177. ||	LDW	*$K256++,$K			; pre-fetch K256[i+1]
    178. 

  178. ||	ADD	$Ch,$T1,$T1			; T1 += Ch(e,f,g)
    179. 

  179. 	ADD	$S1,$T1,$T1			; T1 += Sigma1(e)
    180. 

  180. ||	ADD	$S0,$Maj,$T2			; T2 = Sigma0(a) + Maj(a,b,c)
    181. 

  181. ||	ROTL	$G,0,$H				; h = g
    182. 

  182. ||	MV	$F,$G				; g = f
    183. 

  183. ||	MV	$X0,$X15
    184. 

  184. 	MV	$E,$F				; f = e
    185. 

  185. ||	ADD	$D,$T1,$E			; e = d + T1
    186. 

  186. ||	MV	$C,$D				; d = c
    187. 

  187. ||	MV	$Xn,$X0				; modulo-scheduled
    188. 

  188. ||	LDW	*$Xia,$X9			; modulo-scheduled
    189. 

  189. ||	ROTL	$X1,25,$t0e			; modulo-scheduled
    190. 

  190. ||	ROTL	$X14,15,$t0a			; modulo-scheduled
    191. 

  191. 	SHRU	$X1,3,$s0			; modulo-scheduled
    192. 

  192. ||	SHRU	$X14,10,$s1			; modulo-scheduled
    193. 

  193. ||	ROTL	$B,0,$C				; c = b
    194. 

  194. ||	MV	$A,$B				; b = a
    195. 

  195. ||	ADD	$T1,$T2,$A			; a = T1 + T2
    196. 

  196. 

  197. 	MVK	47,B1				; loop counter
    198. 

  198. ||	ROTL	$X1,14,$t1e			; modulo-scheduled
    199. 

  199. ||	ROTL	$X14,13,$t1a			; modulo-scheduled
    200. 

  200. 

  201. loop_16_63?:					; BODY_16_63
    202. 

  202. 	XOR	$t0e,$s0,$s0
    203. 

  203. ||	XOR	$t0a,$s1,$s1
    204. 

  204. ||	MV	$X15,$X14
    205. 

  205. ||	MV	$X1,$Xn
    206. 

  206. 	XOR	$t1e,$s0,$s0			; sigma0(X[i+1])
    207. 

  207. ||	XOR	$t1a,$s1,$s1			; sigma1(X[i+14])
    208. 

  208. ||	LDW	*${Xib}[2],$X1			; module-scheduled
    209. 

  209. 	ROTL	$A,30,$S0
    210. 

  210. ||	OR	$A,$B,$Maj
    211. 

  211. ||	AND	$A,$B,$t2a
    212. 

  212. ||	ROTL	$E,26,$S1
    213. 

  213. ||	AND	$F,$E,$Ch
    214. 

  214. ||	ANDN	$G,$E,$t2e
    215. 

  215. ||	ADD	$X9,$X0,$X0			; X[i] += X[i+9]
    216. 

  216. 	ROTL	$A,19,$t0a
    217. 

  217. ||	AND	$C,$Maj,$Maj
    218. 

  218. ||	ROTL	$E,21,$t0e
    219. 

  219. ||	XOR	$t2e,$Ch,$Ch			; Ch(e,f,g) = (e&f)^(~e&g)
    220. 

  220. ||	ADD	$s0,$X0,$X0			; X[i] += sigma1(X[i+1])
    221. 

  221. 	ROTL	$A,10,$t1a
    222. 

  222. ||	OR	$t2a,$Maj,$Maj			; Maj(a,b,c) = ((a|b)&c)|(a&b)
    223. 

  223. ||	ROTL	$E,7,$t1e
    224. 

  224. ||	ADD	$H,$K,$T1			; T1 = h + K256[i]
    225. 

  225. ||	ADD	$s1,$X0,$X0			; X[i] += sigma1(X[i+14])
    226. 

  226. || [B1]	BDEC	loop_16_63?,B1
    227. 

  227. 	XOR	$t0a,$S0,$S0
    228. 

  228. ||	XOR	$t0e,$S1,$S1
    229. 

  229. ||	ADD	$X0,$T1,$T1			; T1 += X[i]
    230. 

  230. ||	STW	$X0,*$Xib++
    231. 

  231. 	XOR	$t1a,$S0,$S0			; Sigma0(a)
    232. 

  232. ||	XOR	$t1e,$S1,$S1			; Sigma1(e)
    233. 

  233. ||	ADD	$Ch,$T1,$T1			; T1 += Ch(e,f,g)
    234. 

  234. ||	MV	$X0,$X15
    235. 

  235. ||	ROTL	$G,0,$H				; h = g
    236. 

  236. ||	LDW	*$K256++,$K			; pre-fetch K256[i+1]
    237. 

  237. 	ADD	$S1,$T1,$T1			; T1 += Sigma1(e)
    238. 

  238. ||	ADD	$S0,$Maj,$T2			; T2 = Sigma0(a) + Maj(a,b,c)
    239. 

  239. ||	MV	$F,$G				; g = f
    240. 

  240. ||	MV	$Xn,$X0				; modulo-scheduled
    241. 

  241. ||	LDW	*++$Xia,$X9			; modulo-scheduled
    242. 

  242. ||	ROTL	$X1,25,$t0e			; module-scheduled
    243. 

  243. ||	ROTL	$X14,15,$t0a			; modulo-scheduled
    244. 

  244. 	ROTL	$X1,14,$t1e			; modulo-scheduled
    245. 

  245. ||	ROTL	$X14,13,$t1a			; modulo-scheduled
    246. 

  246. ||	MV	$E,$F				; f = e
    247. 

  247. ||	ADD	$D,$T1,$E			; e = d + T1
    248. 

  248. ||	MV	$C,$D				; d = c
    249. 

  249. ||	MV	$B,$C				; c = b
    250. 

  250. 	MV	$A,$B				; b = a
    251. 

  251. ||	ADD	$T1,$T2,$A			; a = T1 + T2
    252. 

  252. ||	SHRU	$X1,3,$s0			; modulo-scheduled
    253. 

  253. ||	SHRU	$X14,10,$s1			; modulo-scheduled
    254. 

  254. ;;===== branch to loop16_63? is taken here
    255. 

  255. 

  256.    [A0]	B	outerloop?
    257. 

  257. || [A0]	LDNW	*$INP++,$Xn			; pre-fetch input
    258. 

  258. || [A0]	ADDK	-260,$K256			; rewind K256
    259. 

  259. ||	ADD	$Actx,$A,$A			; accumulate ctx
    260. 

  260. ||	ADD	$Ectx,$E,$E
    261. 

  261. ||	ADD	$Bctx,$B,$B
    262. 

  262. 	ADD	$Fctx,$F,$F
    263. 

  263. ||	ADD	$Cctx,$C,$C
    264. 

  264. ||	ADD	$Gctx,$G,$G
    265. 

  265. ||	ADD	$Dctx,$D,$D
    266. 

  266. ||	ADD	$Hctx,$H,$H
    267. 

  267. || [A0]	LDW	*$K256++,$K			; pre-fetch K256[0]
    268. 

  268. 

  269.   [!A0]	BNOP	RA
    270. 

  270. ||[!A0]	MV	$CTXA,$CTXB
    271. 

  271.   [!A0]	MV	FP,SP				; restore stack pointer
    272. 

  272. ||[!A0]	LDW	*FP[0],FP			; restore frame pointer
    273. 

  273.   [!A0]	STW	$A,*${CTXA}[0]  		; save ctx
    274. 

  274. ||[!A0]	STW	$E,*${CTXB}[4]
    275. 

  275. ||[!A0]	MVK	0,B0
    276. 

  276.   [!A0]	STW	$B,*${CTXA}[1]
    277. 

  277. ||[!A0]	STW	$F,*${CTXB}[5]
    278. 

  278. ||[!A0]	MVC	B0,AMR				; clear AMR
    279. 

  279. 	STW	$C,*${CTXA}[2]
    280. 

  280. ||	STW	$G,*${CTXB}[6]
    281. 

  281. 	STW	$D,*${CTXA}[3]
    282. 

  282. ||	STW	$H,*${CTXB}[7]
    283. 

  283. 	.endasmfunc
    284. 

  284. 

  285. 	.if	__TI_EABI__
    286. 

  286. 	.sect	".text:sha_asm.const"
    287. 

  287. 	.else
    288. 

  288. 	.sect	".const:sha_asm"
    289. 

  289. 	.endif
    290. 

  290. 	.align	128
    291. 

  291. K256:
    292. 

  292. 	.uword	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
    293. 

  293. 	.uword	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
    294. 

  294. 	.uword	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
    295. 

  295. 	.uword	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
    296. 

  296. 	.uword	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
    297. 

  297. 	.uword	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
    298. 

  298. 	.uword	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
    299. 

  299. 	.uword	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
    300. 

  300. 	.uword	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
    301. 

  301. 	.uword	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
    302. 

  302. 	.uword	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
    303. 

  303. 	.uword	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
    304. 

  304. 	.uword	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
    305. 

  305. 	.uword	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
    306. 

  306. 	.uword	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
    307. 

  307. 	.uword	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
    308. 

  308. 	.cstring "SHA256 block transform for C64x, CRYPTOGAMS by <appro\@openssl.org>"
    309. 

  309. 	.align	4
    310. 

  310. 

  311. ___
    312. 

  312. 

  313. print $code;
    314.