32 #if CRYPTOPP_MSC_VERSION 33 # pragma warning(disable: 4100 4731) 36 #ifndef CRYPTOPP_IMPORTS 37 #ifndef CRYPTOPP_GENERATE_X64_MASM 47 #if defined(CRYPTOPP_LLVM_CLANG_VERSION) && (CRYPTOPP_LLVM_CLANG_VERSION < 30500) 48 # define CRYPTOPP_DISABLE_SHA_ASM 51 #if defined(CRYPTOPP_DISABLE_SHA_ASM) 52 # undef CRYPTOPP_X86_ASM_AVAILABLE 53 # undef CRYPTOPP_X32_ASM_AVAILABLE 54 # undef CRYPTOPP_X64_ASM_AVAILABLE 55 # undef CRYPTOPP_SSE2_ASM_AVAILABLE 60 #if CRYPTOPP_SHANI_AVAILABLE 61 extern void SHA1_HashMultipleBlocks_SHANI(word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
62 extern void SHA256_HashMultipleBlocks_SHANI(word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
65 #if CRYPTOPP_ARM_SHA_AVAILABLE 66 extern void SHA1_HashMultipleBlocks_ARMV8(word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
67 extern void SHA256_HashMultipleBlocks_ARMV8(word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
70 #if CRYPTOPP_POWER8_SHA_AVAILABLE 71 extern void SHA256_HashMultipleBlocks_POWER8(word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
72 extern void SHA512_HashMultipleBlocks_POWER8(word64 *state,
const word64 *data,
size_t length,
ByteOrder order);
79 ANONYMOUS_NAMESPACE_BEGIN
81 #define blk0(i) (W[i] = data[i]) 82 #define blk1(i) (W[i&15] = rotlConstant<1>(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15])) 84 #define f1(x,y,z) (z^(x&(y^z))) 85 #define f2(x,y,z) (x^y^z) 86 #define f3(x,y,z) ((x&y)|(z&(x|y))) 87 #define f4(x,y,z) (x^y^z) 90 #define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w); 91 #define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w); 92 #define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlConstant<5>(v);w=rotlConstant<30>(w); 93 #define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlConstant<5>(v);w=rotlConstant<30>(w); 94 #define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlConstant<5>(v);w=rotlConstant<30>(w); 96 void SHA1_HashBlock_CXX(word32 *state,
const word32 *data)
109 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
110 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
111 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
112 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
113 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
114 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
115 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
116 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
117 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
118 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
119 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
120 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
121 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
122 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
123 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
124 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
125 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
126 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
127 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
128 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
148 ANONYMOUS_NAMESPACE_END
156 state[0] = 0x67452301;
157 state[1] = 0xEFCDAB89;
158 state[2] = 0x98BADCFE;
159 state[3] = 0x10325476;
160 state[4] = 0xC3D2E1F0;
168 #if CRYPTOPP_SHANI_AVAILABLE 175 #if CRYPTOPP_ARM_SHA_AVAILABLE 183 SHA1_HashBlock_CXX(state, data);
186 size_t SHA1::HashMultipleBlocks(
const word32 *input,
size_t length)
191 #if CRYPTOPP_SHANI_AVAILABLE 195 return length & (SHA1::BLOCKSIZE - 1);
198 #if CRYPTOPP_ARM_SHA_AVAILABLE 202 return length & (SHA1::BLOCKSIZE - 1);
207 word32 *dataBuf = this->DataBuf();
212 SHA1_HashBlock_CXX(m_state, input);
217 SHA1_HashBlock_CXX(m_state, dataBuf);
220 input += SHA1::BLOCKSIZE/
sizeof(word32);
221 length -= SHA1::BLOCKSIZE;
223 while (length >= SHA1::BLOCKSIZE);
229 CRYPTOPP_ALIGN_DATA(16)
231 const word32 SHA256_K[64] = {
233 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
234 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
235 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
236 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
237 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
238 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
239 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
240 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
241 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
242 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
243 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
244 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
245 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
246 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
247 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
248 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
251 ANONYMOUS_NAMESPACE_BEGIN
253 #define a(i) T[(0-i)&7] 254 #define b(i) T[(1-i)&7] 255 #define c(i) T[(2-i)&7] 256 #define d(i) T[(3-i)&7] 257 #define e(i) T[(4-i)&7] 258 #define f(i) T[(5-i)&7] 259 #define g(i) T[(6-i)&7] 260 #define h(i) T[(7-i)&7] 262 #define blk0(i) (W[i] = data[i]) 263 #define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15])) 265 #define Ch(x,y,z) (z^(x&(y^z))) 266 #define Maj(x,y,z) (y^((x^y)&(y^z))) 268 #define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA256_K[i+j]+(j?blk2(i):blk0(i));\ 269 d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) 272 #define s0(x) (rotrConstant<7>(x)^rotrConstant<18>(x)^(x>>3)) 273 #define s1(x) (rotrConstant<17>(x)^rotrConstant<19>(x)^(x>>10)) 274 #define S0(x) (rotrConstant<2>(x)^rotrConstant<13>(x)^rotrConstant<22>(x)) 275 #define S1(x) (rotrConstant<6>(x)^rotrConstant<11>(x)^rotrConstant<25>(x)) 277 void SHA256_HashBlock_CXX(word32 *state,
const word32 *data)
279 word32 W[16]={0}, T[8];
281 memcpy(T, state,
sizeof(T));
283 for (
unsigned int j=0; j<64; j+=16)
285 R( 0); R( 1); R( 2); R( 3);
286 R( 4); R( 5); R( 6); R( 7);
287 R( 8); R( 9); R(10); R(11);
288 R(12); R(13); R(14); R(15);
321 ANONYMOUS_NAMESPACE_END
325 static const word32 s[8] = {0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4};
326 memcpy(state, s,
sizeof(s));
331 static const word32 s[8] = {0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19};
332 memcpy(state, s,
sizeof(s));
334 #endif // Not CRYPTOPP_GENERATE_X64_MASM 336 #if (defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X32_ASM_AVAILABLE) || defined(CRYPTOPP_GENERATE_X64_MASM)) 338 ANONYMOUS_NAMESPACE_BEGIN
340 void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(word32 *state,
const word32 *data,
size_t len)
342 #define LOCALS_SIZE 8*4 + 16*4 + 4*WORD_SZ 343 #define H(i) [BASE+ASM_MOD(1024+7-(i),8)*4] 351 #define Wt(i) BASE+8*4+ASM_MOD(1024+15-(i),16)*4 352 #define Wt_2(i) Wt((i)-2) 353 #define Wt_15(i) Wt((i)-15) 354 #define Wt_7(i) Wt((i)-7) 355 #define K_END [BASE+8*4+16*4+0*WORD_SZ] 356 #define STATE_SAVE [BASE+8*4+16*4+1*WORD_SZ] 357 #define DATA_SAVE [BASE+8*4+16*4+2*WORD_SZ] 358 #define DATA_END [BASE+8*4+16*4+3*WORD_SZ] 359 #define Kt(i) WORD_REG(si)+(i)*4 360 #if CRYPTOPP_BOOL_X32 362 #elif CRYPTOPP_BOOL_X86 364 #elif defined(__GNUC__) 370 #define RA0(i, edx, edi) \ 371 AS2( add edx, [Kt(i)] )\ 372 AS2( add edx, [Wt(i)] )\ 373 AS2( add edx, H(i) )\ 375 #define RA1(i, edx, edi) 377 #define RB0(i, edx, edi) 379 #define RB1(i, edx, edi) \ 380 AS2( mov AS_REG_7d, [Wt_2(i)] )\ 381 AS2( mov edi, [Wt_15(i)])\ 382 AS2( mov ebx, AS_REG_7d )\ 383 AS2( shr AS_REG_7d, 10 )\ 385 AS2( xor AS_REG_7d, ebx )\ 387 AS2( xor ebx, AS_REG_7d )\ 388 AS2( add ebx, [Wt_7(i)])\ 389 AS2( mov AS_REG_7d, edi )\ 390 AS2( shr AS_REG_7d, 3 )\ 392 AS2( add ebx, [Wt(i)])\ 393 AS2( xor AS_REG_7d, edi )\ 394 AS2( add edx, [Kt(i)])\ 396 AS2( add edx, H(i) )\ 397 AS2( xor AS_REG_7d, edi )\ 398 AS2( add AS_REG_7d, ebx )\ 399 AS2( mov [Wt(i)], AS_REG_7d)\ 400 AS2( add edx, AS_REG_7d )\ 402 #define ROUND(i, r, eax, ecx, edi, edx)\ 405 AS2( mov edx, F(i) )\ 406 AS2( xor edx, G(i) )\ 408 AS2( xor edx, G(i) )\ 409 AS2( mov AS_REG_7d, edi )\ 411 AS2( ror AS_REG_7d, 25 )\ 413 AS2( xor AS_REG_7d, edi )\ 415 AS2( xor AS_REG_7d, edi )\ 416 AS2( add edx, AS_REG_7d )\ 421 AS2( xor ecx, B(i) )\ 423 AS2( xor eax, B(i) )\ 424 AS2( mov AS_REG_7d, ebx )\ 427 AS2( add edx, D(i) )\ 428 AS2( mov D(i), edx )\ 429 AS2( ror AS_REG_7d, 22 )\ 430 AS2( xor AS_REG_7d, ebx )\ 432 AS2( xor AS_REG_7d, ebx )\ 433 AS2( add eax, AS_REG_7d )\ 434 AS2( mov H(i), eax )\ 438 #if CRYPTOPP_BOOL_X64 439 #define SWAP_COPY(i) \ 440 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\ 441 AS1( bswap WORD_REG(bx))\ 442 AS2( mov [Wt(i*2+1)], WORD_REG(bx)) 444 #define SWAP_COPY(i) \ 445 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\ 446 AS1( bswap WORD_REG(bx))\ 447 AS2( mov [Wt(i)], WORD_REG(bx)) 450 #if defined(__GNUC__) 451 #if CRYPTOPP_BOOL_X64 456 #
if CRYPTOPP_BOOL_X64
460 #elif defined(CRYPTOPP_GENERATE_X64_MASM)
462 SHA256_HashMultipleBlocks_SSE2 PROC FRAME
467 alloc_stack(LOCALS_SIZE+8)
470 lea rsi, [?SHA256_K@
CryptoPP@@3QBIB + 48*4]
473 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
476 AS2( lea WORD_REG(si), [SHA256_K+48*4])
478 #
if !defined(_MSC_VER) || (_MSC_VER < 1400)
485 AS2( sub WORD_REG(sp), LOCALS_SIZE)
488 AS2( mov STATE_SAVE, WORD_REG(cx))
489 AS2( mov DATA_SAVE, WORD_REG(dx))
490 AS2( lea WORD_REG(ax), [WORD_REG(di) + WORD_REG(dx)])
491 AS2( mov DATA_END, WORD_REG(ax))
492 AS2( mov K_END, WORD_REG(si))
494 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
495 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
498 AS1( dec DWORD PTR K_END)
500 AS2( movdqu xmm0, XMMWORD_PTR [WORD_REG(cx)+0*16])
501 AS2( movdqu xmm1, XMMWORD_PTR [WORD_REG(cx)+1*16])
504 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
505 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
519 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
521 AS2( movdqu E(0), xmm1)
522 AS2( movdqu A(0), xmm0)
524 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
527 AS2( sub WORD_REG(si), 48*4)
528 SWAP_COPY(0) SWAP_COPY(1) SWAP_COPY(2) SWAP_COPY(3)
529 SWAP_COPY(4) SWAP_COPY(5) SWAP_COPY(6) SWAP_COPY(7)
530 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
531 SWAP_COPY(8) SWAP_COPY(9) SWAP_COPY(10) SWAP_COPY(11)
532 SWAP_COPY(12) SWAP_COPY(13) SWAP_COPY(14) SWAP_COPY(15)
539 ROUND(0, 0, eax, ecx, edi, edx)
540 ROUND(1, 0, ecx, eax, edx, edi)
541 ROUND(2, 0, eax, ecx, edi, edx)
542 ROUND(3, 0, ecx, eax, edx, edi)
543 ROUND(4, 0, eax, ecx, edi, edx)
544 ROUND(5, 0, ecx, eax, edx, edi)
545 ROUND(6, 0, eax, ecx, edi, edx)
546 ROUND(7, 0, ecx, eax, edx, edi)
547 ROUND(8, 0, eax, ecx, edi, edx)
548 ROUND(9, 0, ecx, eax, edx, edi)
549 ROUND(10, 0, eax, ecx, edi, edx)
550 ROUND(11, 0, ecx, eax, edx, edi)
551 ROUND(12, 0, eax, ecx, edi, edx)
552 ROUND(13, 0, ecx, eax, edx, edi)
553 ROUND(14, 0, eax, ecx, edi, edx)
554 ROUND(15, 0, ecx, eax, edx, edi)
557 AS2(add WORD_REG(si), 4*16)
558 ROUND(0, 1, eax, ecx, edi, edx)
559 ROUND(1, 1, ecx, eax, edx, edi)
560 ROUND(2, 1, eax, ecx, edi, edx)
561 ROUND(3, 1, ecx, eax, edx, edi)
562 ROUND(4, 1, eax, ecx, edi, edx)
563 ROUND(5, 1, ecx, eax, edx, edi)
564 ROUND(6, 1, eax, ecx, edi, edx)
565 ROUND(7, 1, ecx, eax, edx, edi)
566 ROUND(8, 1, eax, ecx, edi, edx)
567 ROUND(9, 1, ecx, eax, edx, edi)
568 ROUND(10, 1, eax, ecx, edi, edx)
569 ROUND(11, 1, ecx, eax, edx, edi)
570 ROUND(12, 1, eax, ecx, edi, edx)
571 ROUND(13, 1, ecx, eax, edx, edi)
572 ROUND(14, 1, eax, ecx, edi, edx)
573 ROUND(15, 1, ecx, eax, edx, edi)
574 AS2( cmp WORD_REG(si), K_END)
579 AS2( mov WORD_REG(dx), DATA_SAVE)
580 AS2( add WORD_REG(dx), 64)
581 AS2( mov AS_REG_7, STATE_SAVE)
582 AS2( mov DATA_SAVE, WORD_REG(dx))
584 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
585 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
586 AS2( test DWORD PTR K_END, 1)
589 AS2( movdqu xmm1, XMMWORD_PTR [AS_REG_7+1*16])
590 AS2( movdqu xmm0, XMMWORD_PTR [AS_REG_7+0*16])
591 AS2( paddd xmm1, E(0))
592 AS2( paddd xmm0, A(0))
593 AS2( movdqu [AS_REG_7+1*16], xmm1)
594 AS2( movdqu [AS_REG_7+0*16], xmm0)
595 AS2( cmp WORD_REG(dx), DATA_END)
601 #
if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32
602 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
606 AS2( add [AS_REG_7+0*4], ecx)
607 AS2( add [AS_REG_7+4*4], edi)
611 AS2( add [AS_REG_7+1*4], eax)
612 AS2( add [AS_REG_7+2*4], ebx)
613 AS2( add [AS_REG_7+3*4], ecx)
617 AS2( add [AS_REG_7+5*4], eax)
618 AS2( add [AS_REG_7+6*4], ebx)
619 AS2( add [AS_REG_7+7*4], ecx)
620 AS2( mov ecx, AS_REG_7d)
621 AS2( cmp WORD_REG(dx), DATA_END)
623 #
if CRYPTOPP_SSE2_ASM_AVAILABLE
630 #
if !defined(_MSC_VER) || (_MSC_VER < 1400)
634 #ifdef CRYPTOPP_GENERATE_X64_MASM
635 add rsp, LOCALS_SIZE+8
641 SHA256_HashMultipleBlocks_SSE2 ENDP
647 :
"c" (state),
"d" (data),
"S" (SHA256_K+48),
"D" (len)
648 #
if CRYPTOPP_BOOL_X64
651 :
"memory",
"cc",
"%eax" 652 #
if CRYPTOPP_BOOL_X64
653 ,
"%rbx",
"%r8",
"%r10" 659 ANONYMOUS_NAMESPACE_END
661 #endif // CRYPTOPP_X86_ASM_AVAILABLE or CRYPTOPP_GENERATE_X64_MASM 663 #ifndef CRYPTOPP_GENERATE_X64_MASM 665 #ifdef CRYPTOPP_X64_MASM_AVAILABLE 667 void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(word32 *state,
const word32 *data,
size_t len);
676 #if CRYPTOPP_SHANI_AVAILABLE 683 #if CRYPTOPP_ARM_SHA_AVAILABLE 690 #if CRYPTOPP_POWER8_SHA_AVAILABLE 698 SHA256_HashBlock_CXX(state, data);
701 size_t SHA256::HashMultipleBlocks(
const word32 *input,
size_t length)
706 #if CRYPTOPP_SHANI_AVAILABLE 710 return length & (SHA256::BLOCKSIZE - 1);
713 #if CRYPTOPP_SSE2_ASM_AVAILABLE 716 const size_t res = length & (SHA256::BLOCKSIZE - 1);
717 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
721 #if CRYPTOPP_ARM_SHA_AVAILABLE 725 return length & (SHA256::BLOCKSIZE - 1);
728 #if CRYPTOPP_POWER8_SHA_AVAILABLE 732 return length & (SHA256::BLOCKSIZE - 1);
737 word32 *dataBuf = this->DataBuf();
742 SHA256_HashBlock_CXX(m_state, input);
747 SHA256_HashBlock_CXX(m_state, dataBuf);
750 input += SHA256::BLOCKSIZE/
sizeof(word32);
751 length -= SHA256::BLOCKSIZE;
753 while (length >= SHA256::BLOCKSIZE);
757 size_t SHA224::HashMultipleBlocks(
const word32 *input,
size_t length)
762 #if CRYPTOPP_SHANI_AVAILABLE 766 return length & (SHA256::BLOCKSIZE - 1);
769 #if CRYPTOPP_SSE2_ASM_AVAILABLE 772 const size_t res = length & (SHA256::BLOCKSIZE - 1);
773 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
777 #if CRYPTOPP_ARM_SHA_AVAILABLE 781 return length & (SHA256::BLOCKSIZE - 1);
784 #if CRYPTOPP_POWER8_SHA_AVAILABLE 788 return length & (SHA256::BLOCKSIZE - 1);
793 word32 *dataBuf = this->DataBuf();
798 SHA256_HashBlock_CXX(m_state, input);
803 SHA256_HashBlock_CXX(m_state, dataBuf);
806 input += SHA256::BLOCKSIZE/
sizeof(word32);
807 length -= SHA256::BLOCKSIZE;
809 while (length >= SHA256::BLOCKSIZE);
817 const word64 s[8] = {
818 W64LIT(0xcbbb9d5dc1059ed8), W64LIT(0x629a292a367cd507),
819 W64LIT(0x9159015a3070dd17), W64LIT(0x152fecd8f70e5939),
820 W64LIT(0x67332667ffc00b31), W64LIT(0x8eb44a8768581511),
821 W64LIT(0xdb0c2e0d64f98fa7), W64LIT(0x47b5481dbefa4fa4)};
822 memcpy(state, s,
sizeof(s));
827 const word64 s[8] = {
828 W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b),
829 W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1),
830 W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f),
831 W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)};
832 memcpy(state, s,
sizeof(s));
837 CRYPTOPP_ALIGN_DATA(16)
839 const word64 SHA512_K[80] = {
840 W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
841 W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
842 W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
843 W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
844 W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
845 W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
846 W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
847 W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
848 W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
849 W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
850 W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
851 W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
852 W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
853 W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
854 W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
855 W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
856 W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
857 W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
858 W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
859 W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
860 W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
861 W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
862 W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
863 W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
864 W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
865 W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
866 W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
867 W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
868 W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
869 W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
870 W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
871 W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
872 W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
873 W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
874 W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
875 W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
876 W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
877 W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
878 W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
879 W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
882 #if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32) 884 ANONYMOUS_NAMESPACE_BEGIN
886 CRYPTOPP_NAKED
void CRYPTOPP_FASTCALL SHA512_HashBlock_SSE2(word64 *state,
const word64 *data)
898 AS2( lea ebx, SHA512_K)
902 AS2( and esp, 0xfffffff0)
907 #
if CRYPTOPP_BOOL_X32
908 AS2( lea edi, [esp+8+8*8])
909 AS2( lea esi, [esp+8+20*8+8])
911 AS2( lea edi, [esp+4+8*8])
912 AS2( lea esi, [esp+4+20*8+8])
915 AS2( movdqu xmm0, [ecx+0*16])
916 AS2( movdq2q mm4, xmm0)
917 AS2( movdqu [edi+0*16], xmm0)
918 AS2( movdqu xmm0, [ecx+1*16])
919 AS2( movdqu [edi+1*16], xmm0)
920 AS2( movdqu xmm0, [ecx+2*16])
921 AS2( movdq2q mm5, xmm0)
922 AS2( movdqu [edi+2*16], xmm0)
923 AS2( movdqu xmm0, [ecx+3*16])
924 AS2( movdqu [edi+3*16], xmm0)
927 #define SSE2_S0_S1(r, a, b, c) \
931 AS2( psllq mm6, 64-c)\
935 AS2( psllq mm6, c-b)\
939 AS2( psllq mm6, b-a)\
942 #define SSE2_s0(r, a, b, c) \
943 AS2( movdqu xmm6, r)\
945 AS2( movdqu xmm7, r)\
946 AS2( psllq xmm6, 64-c)\
947 AS2( pxor xmm7, xmm6)\
952 AS2( psllq xmm6, c-a)\
955 #define SSE2_s1(r, a, b, c) \
956 AS2( movdqu xmm6, r)\
958 AS2( movdqu xmm7, r)\
959 AS2( psllq xmm6, 64-c)\
960 AS2( pxor xmm7, xmm6)\
963 AS2( psllq xmm6, c-b)\
964 AS2( pxor xmm7, xmm6)\
970 AS2( paddq mm0, [edi+7*8])
971 AS2( movq mm2, [edi+5*8])
972 AS2( movq mm3, [edi+6*8])
975 SSE2_S0_S1(mm5,14,18,41)
979 AS2( movq mm2, [edi+1*8])
982 AS2( pand mm2, [edi+2*8])
986 AS2( paddq mm5, [edi+3*8])
987 AS2( movq [edi+3*8], mm5)
988 AS2( movq [edi+11*8], mm5)
989 SSE2_S0_S1(mm4,28,34,39)
991 AS2( movq [edi-8], mm4)
992 AS2( movq [edi+7*8], mm4)
997 AS2( movq mm0, [edx+eax*8])
998 AS2( movq [esi+eax*8], mm0)
999 AS2( movq [esi+eax*8+16*8], mm0)
1000 AS2( paddq mm0, [ebx+eax*8])
1001 ASC( call, SHA512_Round)
1011 AS2( movdqu xmm0, [esi+(16-2)*8])
1014 AS2( movdqu xmm3, [esi])
1015 AS2( paddq xmm3, [esi+(16-7)*8])
1016 AS2( movdqu xmm2, [esi+(16-15)*8])
1017 SSE2_s1(xmm0, 6, 19, 61)
1018 AS2( paddq xmm0, xmm3)
1019 SSE2_s0(xmm2, 1, 7, 8)
1020 AS2( paddq xmm0, xmm2)
1021 AS2( movdq2q mm0, xmm0)
1022 AS2( movhlps xmm1, xmm0)
1023 AS2( paddq mm0, [ebx+eax*8])
1024 AS2( movlps [esi], xmm0)
1025 AS2( movlps [esi+8], xmm1)
1026 AS2( movlps [esi+8*16], xmm0)
1027 AS2( movlps [esi+8*17], xmm1)
1029 ASC( call, SHA512_Round)
1031 AS2( movdq2q mm0, xmm1)
1032 AS2( paddq mm0, [ebx+eax*8+8])
1033 ASC( call, SHA512_Round)
1043 #
if CRYPTOPP_BOOL_X32
1044 AS2( lea esi, [esp+8+20*8+8+esi*8])
1046 AS2( lea esi, [esp+4+20*8+8+esi*8])
1052 #define SSE2_CombineState(i) \
1053 AS2( movdqu xmm0, [edi+i*16])\
1054 AS2( paddq xmm0, [ecx+i*16])\
1055 AS2( movdqu [ecx+i*16], xmm0)
1057 SSE2_CombineState(0)
1058 SSE2_CombineState(1)
1059 SSE2_CombineState(2)
1060 SSE2_CombineState(3)
1065 #
if defined(__GNUC__)
1069 :
"a" (SHA512_K),
"c" (state),
"d" (data)
1070 :
"%esi",
"%edi",
"memory",
"cc" 1080 ANONYMOUS_NAMESPACE_END
1082 #endif // CRYPTOPP_SSE2_ASM_AVAILABLE 1084 ANONYMOUS_NAMESPACE_BEGIN
1086 #define a(i) T[(0-i)&7] 1087 #define b(i) T[(1-i)&7] 1088 #define c(i) T[(2-i)&7] 1089 #define d(i) T[(3-i)&7] 1090 #define e(i) T[(4-i)&7] 1091 #define f(i) T[(5-i)&7] 1092 #define g(i) T[(6-i)&7] 1093 #define h(i) T[(7-i)&7] 1095 #define blk0(i) (W[i]=data[i]) 1096 #define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15])) 1098 #define Ch(x,y,z) (z^(x&(y^z))) 1099 #define Maj(x,y,z) (y^((x^y)&(y^z))) 1101 #define s0(x) (rotrConstant<1>(x)^rotrConstant<8>(x)^(x>>7)) 1102 #define s1(x) (rotrConstant<19>(x)^rotrConstant<61>(x)^(x>>6)) 1103 #define S0(x) (rotrConstant<28>(x)^rotrConstant<34>(x)^rotrConstant<39>(x)) 1104 #define S1(x) (rotrConstant<14>(x)^rotrConstant<18>(x)^rotrConstant<41>(x)) 1106 #define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA512_K[i+j]+\ 1107 (j?blk2(i):blk0(i));d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)); 1109 void SHA512_HashBlock_CXX(word64 *state,
const word64 *data)
1114 word64 W[16]={0}, T[8];
1116 memcpy(T, state,
sizeof(T));
1118 for (
unsigned int j=0; j<80; j+=16)
1120 R( 0); R( 1); R( 2); R( 3);
1121 R( 4); R( 5); R( 6); R( 7);
1122 R( 8); R( 9); R(10); R(11);
1123 R(12); R(13); R(14); R(15);
1159 ANONYMOUS_NAMESPACE_END
1166 #if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32) 1169 SHA512_HashBlock_SSE2(state, data);
1173 #if CRYPTOPP_POWER8_SHA_AVAILABLE 1176 SHA512_HashMultipleBlocks_POWER8(state, data, SHA512::BLOCKSIZE,
BIG_ENDIAN_ORDER);
1181 SHA512_HashBlock_CXX(state, data);
1186 #endif // Not CRYPTOPP_GENERATE_X64_MASM 1187 #endif // Not CRYPTOPP_IMPORTS bool HasSHA()
Determines SHA availability.
bool NativeByteOrderIs(ByteOrder order)
Determines whether order follows native byte ordering.
Utility functions for the Crypto++ library.
ByteOrder
Provides the byte ordering.
static void InitState(HashWordType *state)
Initialize state array.
Library configuration file.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
byte order is little-endian
Classes and functions for secure memory allocations.
static void InitState(HashWordType *state)
Initialize state array.
bool HasSHA256()
Determine if a PowerPC processor has SHA256 available.
ByteOrder GetByteOrder() const
Provides the byte order of the hash.
static void InitState(HashWordType *state)
Initialize state array.
bool HasSHA1()
Determine if an ARM processor has SHA1 available.
Fixed size stack-based SecBlock with 16-byte alignment.
bool HasSHA512()
Determine if a PowerPC processor has SHA512 available.
#define CRYPTOPP_ASSERT(exp)
Debugging and diagnostic assertion.
Functions for CPU features and intrinsics.
Classes for SHA-1 and SHA-2 family of message digests.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
bool HasSSE2()
Determines SSE2 availability.
bool HasSHA2()
Determine if an ARM processor has SHA2 available.
static void InitState(HashWordType *state)
Initialize state array.
static void Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
Crypto++ library namespace.
static void InitState(HashWordType *state)
Initialize state array.
byte ByteReverse(byte value)
Reverses bytes in a 8-bit value.