43#if CRYPTOPP_MSC_VERSION
44# pragma warning(disable: 4100 4731)
47#ifndef CRYPTOPP_IMPORTS
48#ifndef CRYPTOPP_GENERATE_X64_MASM
55#if defined(CRYPTOPP_DISABLE_SHA_ASM)
56# undef CRYPTOPP_X86_ASM_AVAILABLE
57# undef CRYPTOPP_X32_ASM_AVAILABLE
58# undef CRYPTOPP_X64_ASM_AVAILABLE
59# undef CRYPTOPP_SSE2_ASM_AVAILABLE
62NAMESPACE_BEGIN(CryptoPP)
64#if CRYPTOPP_SHANI_AVAILABLE
65extern void SHA1_HashMultipleBlocks_SHANI(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
66extern void SHA256_HashMultipleBlocks_SHANI(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
69#if CRYPTOGAMS_ARM_SHA1
70extern "C" void cryptogams_sha1_block_data_order(
word32* state,
const word32 *data,
size_t blocks);
71extern "C" void cryptogams_sha1_block_data_order_neon(
word32* state,
const word32 *data,
size_t blocks);
74#if CRYPTOPP_ARM_SHA1_AVAILABLE
75extern void SHA1_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
78#if CRYPTOPP_ARM_SHA2_AVAILABLE
79extern void SHA256_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
82#if CRYPTOGAMS_ARM_SHA256
83extern "C" void cryptogams_sha256_block_data_order(
word32* state,
const word32 *data,
size_t blocks);
84extern "C" void cryptogams_sha256_block_data_order_neon(
word32* state,
const word32 *data,
size_t blocks);
87#if CRYPTOPP_ARM_SHA512_AVAILABLE
88extern void SHA512_HashMultipleBlocks_ARMV8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
91#if CRYPTOPP_POWER8_SHA_AVAILABLE
92extern void SHA256_HashMultipleBlocks_POWER8(
word32 *state,
const word32 *data,
size_t length,
ByteOrder order);
93extern void SHA512_HashMultipleBlocks_POWER8(word64 *state,
const word64 *data,
size_t length,
ByteOrder order);
96#if CRYPTOGAMS_ARM_SHA512
97extern "C" void cryptogams_sha512_block_data_order(word64* state,
const word64 *data,
size_t blocks);
98extern "C" void cryptogams_sha512_block_data_order_neon(word64* state,
const word64 *data,
size_t blocks);
103extern const word32 SHA256_K[64];
104extern const word64 SHA512_K[80];
106CRYPTOPP_ALIGN_DATA(16)
107const word64 SHA512_K[80] = {
108 W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
109 W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
110 W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
111 W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
112 W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
113 W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
114 W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
115 W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
116 W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
117 W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
118 W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
119 W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
120 W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
121 W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
122 W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
123 W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
124 W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
125 W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
126 W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
127 W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
128 W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
129 W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
130 W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
131 W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
132 W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
133 W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
134 W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
135 W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
136 W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
137 W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
138 W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
139 W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
140 W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
141 W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
142 W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
143 W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
144 W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
145 W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
146 W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
147 W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
150CRYPTOPP_ALIGN_DATA(16)
151const
word32 SHA256_K[64] = {
153 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
154 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
155 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
156 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
157 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
158 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
159 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
160 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
161 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
162 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
163 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
164 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
165 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
166 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
167 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
168 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
175ANONYMOUS_NAMESPACE_BEGIN
177#define blk0(i) (W[i] = data[i])
178#define blk1(i) (W[i&15] = rotlConstant<1>(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15]))
180#define f1(x,y,z) (z^(x&(y^z)))
181#define f2(x,y,z) (x^y^z)
182#define f3(x,y,z) ((x&y)|(z&(x|y)))
183#define f4(x,y,z) (x^y^z)
186#define R0(v,w,x,y,z,i) z+=f1(w,x,y)+blk0(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w);
187#define R1(v,w,x,y,z,i) z+=f1(w,x,y)+blk1(i)+0x5A827999+rotlConstant<5>(v);w=rotlConstant<30>(w);
188#define R2(v,w,x,y,z,i) z+=f2(w,x,y)+blk1(i)+0x6ED9EBA1+rotlConstant<5>(v);w=rotlConstant<30>(w);
189#define R3(v,w,x,y,z,i) z+=f3(w,x,y)+blk1(i)+0x8F1BBCDC+rotlConstant<5>(v);w=rotlConstant<30>(w);
190#define R4(v,w,x,y,z,i) z+=f4(w,x,y)+blk1(i)+0xCA62C1D6+rotlConstant<5>(v);w=rotlConstant<30>(w);
192void SHA1_HashBlock_CXX(
word32 *state,
const word32 *data)
194 CRYPTOPP_ASSERT(state);
195 CRYPTOPP_ASSERT(data);
205 R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
206 R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
207 R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
208 R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
209 R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
210 R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
211 R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
212 R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
213 R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
214 R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
215 R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
216 R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
217 R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
218 R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
219 R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
220 R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
221 R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
222 R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
223 R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
224 R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
244ANONYMOUS_NAMESPACE_END
250std::string SHA1::AlgorithmProvider()
const
252#if CRYPTOPP_SHANI_AVAILABLE
256#if CRYPTOPP_SSE2_ASM_AVAILABLE
260#if CRYPTOGAMS_ARM_SHA1
261# if CRYPTOPP_ARM_NEON_AVAILABLE
269#if CRYPTOPP_ARM_SHA1_AVAILABLE
278 state[0] = 0x67452301;
279 state[1] = 0xEFCDAB89;
280 state[2] = 0x98BADCFE;
281 state[3] = 0x10325476;
282 state[4] = 0xC3D2E1F0;
287 CRYPTOPP_ASSERT(state);
288 CRYPTOPP_ASSERT(data);
290#if CRYPTOPP_SHANI_AVAILABLE
298#if CRYPTOGAMS_ARM_SHA1 && 0
299# if CRYPTOPP_ARM_NEON_AVAILABLE
302# if defined(CRYPTOPP_LITTLE_ENDIAN)
305 cryptogams_sha1_block_data_order_neon(state, dataBuf, 1);
307 cryptogams_sha1_block_data_order_neon(state, data, 1);
315# if defined(CRYPTOPP_LITTLE_ENDIAN)
318 cryptogams_sha1_block_data_order(state, data, 1);
320 cryptogams_sha1_block_data_order(state, data, 1);
325#if CRYPTOPP_ARM_SHA1_AVAILABLE
333 SHA1_HashBlock_CXX(state, data);
336size_t SHA1::HashMultipleBlocks(
const word32 *input,
size_t length)
338 CRYPTOPP_ASSERT(input);
339 CRYPTOPP_ASSERT(length >= SHA1::BLOCKSIZE);
341#if CRYPTOPP_SHANI_AVAILABLE
345 return length & (SHA1::BLOCKSIZE - 1);
348#if CRYPTOGAMS_ARM_SHA1
349# if CRYPTOPP_ARM_NEON_AVAILABLE
352 cryptogams_sha1_block_data_order_neon(m_state, input, length / SHA1::BLOCKSIZE);
353 return length & (SHA1::BLOCKSIZE - 1);
359 cryptogams_sha1_block_data_order(m_state, input, length / SHA1::BLOCKSIZE);
360 return length & (SHA1::BLOCKSIZE - 1);
363#if CRYPTOPP_ARM_SHA1_AVAILABLE
367 return length & (SHA1::BLOCKSIZE - 1);
372 word32 *dataBuf = this->DataBuf();
377 SHA1_HashBlock_CXX(m_state, input);
382 SHA1_HashBlock_CXX(m_state, dataBuf);
385 input += SHA1::BLOCKSIZE/
sizeof(
word32);
386 length -= SHA1::BLOCKSIZE;
388 while (length >= SHA1::BLOCKSIZE);
394ANONYMOUS_NAMESPACE_BEGIN
396#define a(i) T[(0-i)&7]
397#define b(i) T[(1-i)&7]
398#define c(i) T[(2-i)&7]
399#define d(i) T[(3-i)&7]
400#define e(i) T[(4-i)&7]
401#define f(i) T[(5-i)&7]
402#define g(i) T[(6-i)&7]
403#define h(i) T[(7-i)&7]
405#define blk0(i) (W[i] = data[i])
406#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
408#define Ch(x,y,z) (z^(x&(y^z)))
409#define Maj(x,y,z) (y^((x^y)&(y^z)))
411#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA256_K[i+j]+(j?blk2(i):blk0(i));\
412 d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
415#define s0(x) (rotrConstant<7>(x)^rotrConstant<18>(x)^(x>>3))
416#define s1(x) (rotrConstant<17>(x)^rotrConstant<19>(x)^(x>>10))
417#define S0(x) (rotrConstant<2>(x)^rotrConstant<13>(x)^rotrConstant<22>(x))
418#define S1(x) (rotrConstant<6>(x)^rotrConstant<11>(x)^rotrConstant<25>(x))
420void SHA256_HashBlock_CXX(
word32 *state,
const word32 *data)
424 memcpy(T, state,
sizeof(T));
426 for (
unsigned int j=0; j<64; j+=16)
428 R( 0); R( 1); R( 2); R( 3);
429 R( 4); R( 5); R( 6); R( 7);
430 R( 8); R( 9); R(10); R(11);
431 R(12); R(13); R(14); R(15);
464ANONYMOUS_NAMESPACE_END
466std::string SHA256_AlgorithmProvider()
468#if CRYPTOPP_SHANI_AVAILABLE
472#if CRYPTOPP_SSE2_ASM_AVAILABLE
476#if CRYPTOGAMS_ARM_SHA256
477# if CRYPTOPP_ARM_NEON_AVAILABLE
485#if CRYPTOPP_ARM_SHA2_AVAILABLE
489#if (CRYPTOPP_POWER8_SHA_AVAILABLE)
496std::string SHA224::AlgorithmProvider()
const
498 return SHA256_AlgorithmProvider();
503 static const word32 s[8] = {
504 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
505 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4};
506 memcpy(state, s,
sizeof(s));
511 static const word32 s[8] = {
512 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
513 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19};
514 memcpy(state, s,
sizeof(s));
518#if defined(CRYPTOPP_X86_ASM_AVAILABLE)
520ANONYMOUS_NAMESPACE_BEGIN
522void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(
word32 *state,
const word32 *data,
size_t len)
524 #define LOCALS_SIZE 8*4 + 16*4 + 4*WORD_SZ
525 #define H(i) [BASE+ASM_MOD(1024+7-(i),8)*4]
533 #define Wt(i) BASE+8*4+ASM_MOD(1024+15-(i),16)*4
534 #define Wt_2(i) Wt((i)-2)
535 #define Wt_15(i) Wt((i)-15)
536 #define Wt_7(i) Wt((i)-7)
537 #define K_END [BASE+8*4+16*4+0*WORD_SZ]
538 #define STATE_SAVE [BASE+8*4+16*4+1*WORD_SZ]
539 #define DATA_SAVE [BASE+8*4+16*4+2*WORD_SZ]
540 #define DATA_END [BASE+8*4+16*4+3*WORD_SZ]
541 #define Kt(i) WORD_REG(si)+(i)*4
544#elif defined(__GNUC__)
550#define RA0(i, edx, edi) \
551 AS2( add edx, [Kt(i)] )\
552 AS2( add edx, [Wt(i)] )\
553 AS2( add edx, H(i) )\
555#define RA1(i, edx, edi)
557#define RB0(i, edx, edi)
559#define RB1(i, edx, edi) \
560 AS2( mov AS_REG_7d, [Wt_2(i)] )\
561 AS2( mov edi, [Wt_15(i)])\
562 AS2( mov ebx, AS_REG_7d )\
563 AS2( shr AS_REG_7d, 10 )\
565 AS2( xor AS_REG_7d, ebx )\
567 AS2( xor ebx, AS_REG_7d )\
568 AS2( add ebx, [Wt_7(i)])\
569 AS2( mov AS_REG_7d, edi )\
570 AS2( shr AS_REG_7d, 3 )\
572 AS2( add ebx, [Wt(i)])\
573 AS2( xor AS_REG_7d, edi )\
574 AS2( add edx, [Kt(i)])\
576 AS2( add edx, H(i) )\
577 AS2( xor AS_REG_7d, edi )\
578 AS2( add AS_REG_7d, ebx )\
579 AS2( mov [Wt(i)], AS_REG_7d)\
580 AS2( add edx, AS_REG_7d )\
582#define ROUND(i, r, eax, ecx, edi, edx)\
585 AS2( mov edx, F(i) )\
586 AS2( xor edx, G(i) )\
588 AS2( xor edx, G(i) )\
589 AS2( mov AS_REG_7d, edi )\
591 AS2( ror AS_REG_7d, 25 )\
593 AS2( xor AS_REG_7d, edi )\
595 AS2( xor AS_REG_7d, edi )\
596 AS2( add edx, AS_REG_7d )\
601 AS2( xor ecx, B(i) )\
603 AS2( xor eax, B(i) )\
604 AS2( mov AS_REG_7d, ebx )\
607 AS2( add edx, D(i) )\
608 AS2( mov D(i), edx )\
609 AS2( ror AS_REG_7d, 22 )\
610 AS2( xor AS_REG_7d, ebx )\
612 AS2( xor AS_REG_7d, ebx )\
613 AS2( add eax, AS_REG_7d )\
614 AS2( mov H(i), eax )\
619#define SWAP_COPY(i) \
620 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\
621 AS1( bswap WORD_REG(bx))\
622 AS2( mov [Wt(i*2+1)], WORD_REG(bx))
624#define SWAP_COPY(i) \
625 AS2( mov WORD_REG(bx), [WORD_REG(dx)+i*WORD_SZ])\
626 AS1( bswap WORD_REG(bx))\
627 AS2( mov [Wt(i)], WORD_REG(bx))
631 #if CRYPTOPP_BOOL_X64
636 #
if CRYPTOPP_BOOL_X64
640#elif defined(CRYPTOPP_GENERATE_X64_MASM)
642 SHA256_HashMultipleBlocks_SSE2 PROC FRAME
647 alloc_stack(LOCALS_SIZE+8)
650 lea rsi, [?SHA256_K@CryptoPP@@3QBIB + 48*4]
656 AS2( lea WORD_REG(si), [SHA256_K+48*4])
658 #
if !defined(_MSC_VER) || (_MSC_VER < 1400)
665 AS2( sub WORD_REG(sp), LOCALS_SIZE)
668 AS2( mov STATE_SAVE, WORD_REG(cx))
669 AS2( mov DATA_SAVE, WORD_REG(dx))
670 AS2( lea WORD_REG(ax), [WORD_REG(di) + WORD_REG(dx)])
671 AS2( mov DATA_END, WORD_REG(ax))
672 AS2( mov K_END, WORD_REG(si))
674#
if CRYPTOPP_SSE2_ASM_AVAILABLE
678 AS1( dec DWORD PTR K_END)
680 AS2( movdqu xmm0, XMMWORD_PTR [WORD_REG(cx)+0*16])
681 AS2( movdqu xmm1, XMMWORD_PTR [WORD_REG(cx)+1*16])
685#
if CRYPTOPP_SSE2_ASM_AVAILABLE
699#
if CRYPTOPP_SSE2_ASM_AVAILABLE
701 AS2( movdqu E(0), xmm1)
702 AS2( movdqu A(0), xmm0)
707 AS2( sub WORD_REG(si), 48*4)
708 SWAP_COPY(0) SWAP_COPY(1) SWAP_COPY(2) SWAP_COPY(3)
709 SWAP_COPY(4) SWAP_COPY(5) SWAP_COPY(6) SWAP_COPY(7)
711 SWAP_COPY(8) SWAP_COPY(9) SWAP_COPY(10) SWAP_COPY(11)
712 SWAP_COPY(12) SWAP_COPY(13) SWAP_COPY(14) SWAP_COPY(15)
719 ROUND(0, 0, eax, ecx, edi, edx)
720 ROUND(1, 0, ecx, eax, edx, edi)
721 ROUND(2, 0, eax, ecx, edi, edx)
722 ROUND(3, 0, ecx, eax, edx, edi)
723 ROUND(4, 0, eax, ecx, edi, edx)
724 ROUND(5, 0, ecx, eax, edx, edi)
725 ROUND(6, 0, eax, ecx, edi, edx)
726 ROUND(7, 0, ecx, eax, edx, edi)
727 ROUND(8, 0, eax, ecx, edi, edx)
728 ROUND(9, 0, ecx, eax, edx, edi)
729 ROUND(10, 0, eax, ecx, edi, edx)
730 ROUND(11, 0, ecx, eax, edx, edi)
731 ROUND(12, 0, eax, ecx, edi, edx)
732 ROUND(13, 0, ecx, eax, edx, edi)
733 ROUND(14, 0, eax, ecx, edi, edx)
734 ROUND(15, 0, ecx, eax, edx, edi)
737 AS2(add WORD_REG(si), 4*16)
738 ROUND(0, 1, eax, ecx, edi, edx)
739 ROUND(1, 1, ecx, eax, edx, edi)
740 ROUND(2, 1, eax, ecx, edi, edx)
741 ROUND(3, 1, ecx, eax, edx, edi)
742 ROUND(4, 1, eax, ecx, edi, edx)
743 ROUND(5, 1, ecx, eax, edx, edi)
744 ROUND(6, 1, eax, ecx, edi, edx)
745 ROUND(7, 1, ecx, eax, edx, edi)
746 ROUND(8, 1, eax, ecx, edi, edx)
747 ROUND(9, 1, ecx, eax, edx, edi)
748 ROUND(10, 1, eax, ecx, edi, edx)
749 ROUND(11, 1, ecx, eax, edx, edi)
750 ROUND(12, 1, eax, ecx, edi, edx)
751 ROUND(13, 1, ecx, eax, edx, edi)
752 ROUND(14, 1, eax, ecx, edi, edx)
753 ROUND(15, 1, ecx, eax, edx, edi)
754 AS2( cmp WORD_REG(si), K_END)
759 AS2( mov WORD_REG(dx), DATA_SAVE)
760 AS2( add WORD_REG(dx), 64)
761 AS2( mov AS_REG_7, STATE_SAVE)
762 AS2( mov DATA_SAVE, WORD_REG(dx))
764#
if CRYPTOPP_SSE2_ASM_AVAILABLE
766 AS2( test DWORD PTR K_END, 1)
769 AS2( movdqu xmm1, XMMWORD_PTR [AS_REG_7+1*16])
770 AS2( movdqu xmm0, XMMWORD_PTR [AS_REG_7+0*16])
771 AS2( paddd xmm1, E(0))
772 AS2( paddd xmm0, A(0))
773 AS2( movdqu [AS_REG_7+1*16], xmm1)
774 AS2( movdqu [AS_REG_7+0*16], xmm0)
775 AS2( cmp WORD_REG(dx), DATA_END)
782#
if CRYPTOPP_SSE2_ASM_AVAILABLE
786 AS2( add [AS_REG_7+0*4], ecx)
787 AS2( add [AS_REG_7+4*4], edi)
791 AS2( add [AS_REG_7+1*4], eax)
792 AS2( add [AS_REG_7+2*4], ebx)
793 AS2( add [AS_REG_7+3*4], ecx)
797 AS2( add [AS_REG_7+5*4], eax)
798 AS2( add [AS_REG_7+6*4], ebx)
799 AS2( add [AS_REG_7+7*4], ecx)
800 AS2( mov ecx, AS_REG_7d)
801 AS2( cmp WORD_REG(dx), DATA_END)
803#
if CRYPTOPP_SSE2_ASM_AVAILABLE
810 #
if !defined(_MSC_VER) || (_MSC_VER < 1400)
814#ifdef CRYPTOPP_GENERATE_X64_MASM
815 add rsp, LOCALS_SIZE+8
821 SHA256_HashMultipleBlocks_SSE2 ENDP
827 :
"c" (state),
"d" (data),
"S" (SHA256_K+48),
"D" (len)
828 #if CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64
831 :
"memory",
"cc",
"%eax",
"%xmm0",
"%xmm1", PERCENT_REG(AS_REG_7)
832 #if CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64
833 ,
"%rbx",
"%r8",
"%r10"
841ANONYMOUS_NAMESPACE_END
845#ifndef CRYPTOPP_GENERATE_X64_MASM
847#ifdef CRYPTOPP_X64_MASM_AVAILABLE
849void CRYPTOPP_FASTCALL SHA256_HashMultipleBlocks_SSE2(
word32 *state,
const word32 *data,
size_t len);
853std::string SHA256::AlgorithmProvider()
const
855 return SHA256_AlgorithmProvider();
860 CRYPTOPP_ASSERT(state);
861 CRYPTOPP_ASSERT(data);
863#if CRYPTOPP_SHANI_AVAILABLE
871#if CRYPTOGAMS_ARM_SHA256 && 0
872# if CRYPTOPP_ARM_NEON_AVAILABLE
875# if defined(CRYPTOPP_LITTLE_ENDIAN)
878 cryptogams_sha256_block_data_order_neon(state, dataBuf, 1);
880 cryptogams_sha256_block_data_order_neon(state, data, 1);
888# if defined(CRYPTOPP_LITTLE_ENDIAN)
891 cryptogams_sha256_block_data_order(state, data, 1);
893 cryptogams_sha256_block_data_order(state, data, 1);
898#if CRYPTOPP_ARM_SHA2_AVAILABLE
905#if CRYPTOPP_POWER8_SHA_AVAILABLE
913 SHA256_HashBlock_CXX(state, data);
916size_t SHA256::HashMultipleBlocks(
const word32 *input,
size_t length)
918 CRYPTOPP_ASSERT(input);
919 CRYPTOPP_ASSERT(length >= SHA256::BLOCKSIZE);
921#if CRYPTOPP_SHANI_AVAILABLE
925 return length & (SHA256::BLOCKSIZE - 1);
928#if CRYPTOPP_SSE2_ASM_AVAILABLE || CRYPTOPP_X64_MASM_AVAILABLE
931 const size_t res = length & (SHA256::BLOCKSIZE - 1);
932 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
936#if CRYPTOGAMS_ARM_SHA256
937# if CRYPTOPP_ARM_NEON_AVAILABLE
940 cryptogams_sha256_block_data_order_neon(m_state, input, length / SHA256::BLOCKSIZE);
941 return length & (SHA256::BLOCKSIZE - 1);
947 cryptogams_sha256_block_data_order(m_state, input, length / SHA256::BLOCKSIZE);
948 return length & (SHA256::BLOCKSIZE - 1);
951#if CRYPTOPP_ARM_SHA2_AVAILABLE
955 return length & (SHA256::BLOCKSIZE - 1);
958#if CRYPTOPP_POWER8_SHA_AVAILABLE
962 return length & (SHA256::BLOCKSIZE - 1);
967 word32 *dataBuf = this->DataBuf();
972 SHA256_HashBlock_CXX(m_state, input);
977 SHA256_HashBlock_CXX(m_state, dataBuf);
980 input += SHA256::BLOCKSIZE/
sizeof(
word32);
981 length -= SHA256::BLOCKSIZE;
983 while (length >= SHA256::BLOCKSIZE);
987size_t SHA224::HashMultipleBlocks(
const word32 *input,
size_t length)
989 CRYPTOPP_ASSERT(input);
990 CRYPTOPP_ASSERT(length >= SHA256::BLOCKSIZE);
992#if CRYPTOPP_SHANI_AVAILABLE
996 return length & (SHA256::BLOCKSIZE - 1);
999#if CRYPTOPP_SSE2_ASM_AVAILABLE || CRYPTOPP_X64_MASM_AVAILABLE
1002 const size_t res = length & (SHA256::BLOCKSIZE - 1);
1003 SHA256_HashMultipleBlocks_SSE2(m_state, input, length-res);
1007#if CRYPTOGAMS_ARM_SHA256
1008# if CRYPTOPP_ARM_NEON_AVAILABLE
1011 cryptogams_sha256_block_data_order_neon(m_state, input, length / SHA256::BLOCKSIZE);
1012 return length & (SHA256::BLOCKSIZE - 1);
1018 cryptogams_sha256_block_data_order(m_state, input, length / SHA256::BLOCKSIZE);
1019 return length & (SHA256::BLOCKSIZE - 1);
1022#if CRYPTOPP_ARM_SHA2_AVAILABLE
1026 return length & (SHA256::BLOCKSIZE - 1);
1029#if CRYPTOPP_POWER8_SHA_AVAILABLE
1032 SHA256_HashMultipleBlocks_POWER8(m_state, input, length,
BIG_ENDIAN_ORDER);
1033 return length & (SHA256::BLOCKSIZE - 1);
1038 word32 *dataBuf = this->DataBuf();
1043 SHA256_HashBlock_CXX(m_state, input);
1048 SHA256_HashBlock_CXX(m_state, dataBuf);
1051 input += SHA256::BLOCKSIZE/
sizeof(
word32);
1052 length -= SHA256::BLOCKSIZE;
1054 while (length >= SHA256::BLOCKSIZE);
1060std::string SHA512_AlgorithmProvider()
1062#if CRYPTOPP_SSE2_ASM_AVAILABLE
1066#if CRYPTOGAMS_ARM_SHA512
1067# if CRYPTOPP_ARM_NEON_AVAILABLE
1075#if (CRYPTOPP_POWER8_SHA_AVAILABLE)
1082std::string SHA384::AlgorithmProvider()
const
1084 return SHA512_AlgorithmProvider();
1087std::string SHA512::AlgorithmProvider()
const
1089 return SHA512_AlgorithmProvider();
1094 const word64 s[8] = {
1095 W64LIT(0xcbbb9d5dc1059ed8), W64LIT(0x629a292a367cd507),
1096 W64LIT(0x9159015a3070dd17), W64LIT(0x152fecd8f70e5939),
1097 W64LIT(0x67332667ffc00b31), W64LIT(0x8eb44a8768581511),
1098 W64LIT(0xdb0c2e0d64f98fa7), W64LIT(0x47b5481dbefa4fa4)};
1099 memcpy(state, s,
sizeof(s));
1104 const word64 s[8] = {
1105 W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b),
1106 W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1),
1107 W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f),
1108 W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)};
1109 memcpy(state, s,
sizeof(s));
1112#if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86)
1114ANONYMOUS_NAMESPACE_BEGIN
1122CRYPTOPP_NOINLINE CRYPTOPP_NAKED
1123void CRYPTOPP_FASTCALL SHA512_HashBlock_SSE2(word64 *state,
const word64 *data)
1126 __asm__ __volatile__
1135 AS2( lea ebx, SHA512_K)
1139 AS2( and esp, 0xfffffff0)
1140 AS2( sub esp, 27*16)
1144 AS2( lea edi, [esp+4+8*8])
1145 AS2( lea esi, [esp+4+20*8+8])
1147 AS2( movdqu xmm0, [ecx+0*16])
1148 AS2( movdq2q mm4, xmm0)
1149 AS2( movdqu [edi+0*16], xmm0)
1150 AS2( movdqu xmm0, [ecx+1*16])
1151 AS2( movdqu [edi+1*16], xmm0)
1152 AS2( movdqu xmm0, [ecx+2*16])
1153 AS2( movdq2q mm5, xmm0)
1154 AS2( movdqu [edi+2*16], xmm0)
1155 AS2( movdqu xmm0, [ecx+3*16])
1156 AS2( movdqu [edi+3*16], xmm0)
1159#define SSE2_S0_S1(r, a, b, c) \
1163 AS2( psllq mm6, 64-c)\
1164 AS2( pxor mm7, mm6)\
1167 AS2( psllq mm6, c-b)\
1168 AS2( pxor mm7, mm6)\
1171 AS2( psllq mm6, b-a)\
1174#define SSE2_s0(r, a, b, c) \
1175 AS2( movdqu xmm6, r)\
1177 AS2( movdqu xmm7, r)\
1178 AS2( psllq xmm6, 64-c)\
1179 AS2( pxor xmm7, xmm6)\
1184 AS2( psllq xmm6, c-a)\
1187#define SSE2_s1(r, a, b, c) \
1188 AS2( movdqu xmm6, r)\
1190 AS2( movdqu xmm7, r)\
1191 AS2( psllq xmm6, 64-c)\
1192 AS2( pxor xmm7, xmm6)\
1195 AS2( psllq xmm6, c-b)\
1196 AS2( pxor xmm7, xmm6)\
1202 AS2( paddq mm0, [edi+7*8])
1203 AS2( movq mm2, [edi+5*8])
1204 AS2( movq mm3, [edi+6*8])
1207 SSE2_S0_S1(mm5,14,18,41)
1209 AS2( paddq mm0, mm2)
1210 AS2( paddq mm5, mm0)
1211 AS2( movq mm2, [edi+1*8])
1214 AS2( pand mm2, [edi+2*8])
1217 AS2( paddq mm1, mm5)
1218 AS2( paddq mm5, [edi+3*8])
1219 AS2( movq [edi+3*8], mm5)
1220 AS2( movq [edi+11*8], mm5)
1221 SSE2_S0_S1(mm4,28,34,39)
1222 AS2( paddq mm4, mm1)
1223 AS2( movq [edi-8], mm4)
1224 AS2( movq [edi+7*8], mm4)
1229 AS2( movq mm0, [edx+eax*8])
1230 AS2( movq [esi+eax*8], mm0)
1231 AS2( movq [esi+eax*8+16*8], mm0)
1232 AS2( paddq mm0, [ebx+eax*8])
1233 ASC( call, SHA512_Round)
1244 AS2( movdqu xmm0, [esi+(16-2)*8])
1247 AS2( movdqu xmm3, [esi])
1248 AS2( paddq xmm3, [esi+(16-7)*8])
1249 AS2( movdqu xmm2, [esi+(16-15)*8])
1250 SSE2_s1(xmm0, 6, 19, 61)
1251 AS2( paddq xmm0, xmm3)
1252 SSE2_s0(xmm2, 1, 7, 8)
1253 AS2( paddq xmm0, xmm2)
1254 AS2( movdq2q mm0, xmm0)
1255 AS2( movhlps xmm1, xmm0)
1256 AS2( paddq mm0, [ebx+eax*8])
1257 AS2( movlps [esi], xmm0)
1258 AS2( movlps [esi+8], xmm1)
1259 AS2( movlps [esi+8*16], xmm0)
1260 AS2( movlps [esi+8*17], xmm1)
1262 ASC( call, SHA512_Round)
1264 AS2( movdq2q mm0, xmm1)
1265 AS2( paddq mm0, [ebx+eax*8+8])
1266 ASC( call, SHA512_Round)
1276 AS2( lea esi, [esp+4+20*8+8+esi*8])
1281#define SSE2_CombineState(i) \
1282 AS2( movdqu xmm0, [edi+i*16])\
1283 AS2( paddq xmm0, [ecx+i*16])\
1284 AS2( movdqu [ecx+i*16], xmm0)
1286 SSE2_CombineState(0)
1287 SSE2_CombineState(1)
1288 SSE2_CombineState(2)
1289 SSE2_CombineState(3)
1294#
if defined(__GNUC__)
1298 :
"a" (SHA512_K),
"c" (state),
"d" (data)
1299 :
"%ebx",
"%esi",
"%edi",
"%mm0",
"%mm1",
"%mm2",
"%mm3",
"%mm4",
"%mm5",
1300 "%xmm0",
"%xmm1",
"%xmm2",
"%xmm3",
"%xmm4",
"%xmm5",
"%xmm6",
"%xmm7",
1311ANONYMOUS_NAMESPACE_END
1315ANONYMOUS_NAMESPACE_BEGIN
1317#define a(i) T[(0-i)&7]
1318#define b(i) T[(1-i)&7]
1319#define c(i) T[(2-i)&7]
1320#define d(i) T[(3-i)&7]
1321#define e(i) T[(4-i)&7]
1322#define f(i) T[(5-i)&7]
1323#define g(i) T[(6-i)&7]
1324#define h(i) T[(7-i)&7]
1326#define blk0(i) (W[i]=data[i])
1327#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
1329#define Ch(x,y,z) (z^(x&(y^z)))
1330#define Maj(x,y,z) (y^((x^y)&(y^z)))
1332#define s0(x) (rotrConstant<1>(x)^rotrConstant<8>(x)^(x>>7))
1333#define s1(x) (rotrConstant<19>(x)^rotrConstant<61>(x)^(x>>6))
1334#define S0(x) (rotrConstant<28>(x)^rotrConstant<34>(x)^rotrConstant<39>(x))
1335#define S1(x) (rotrConstant<14>(x)^rotrConstant<18>(x)^rotrConstant<41>(x))
1337#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+SHA512_K[i+j]+\
1338 (j?blk2(i):blk0(i));d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i));
1340void SHA512_HashBlock_CXX(word64 *state,
const word64 *data)
1342 CRYPTOPP_ASSERT(state);
1343 CRYPTOPP_ASSERT(data);
1345 word64 W[16]={0}, T[8];
1348 std::memcpy(T, state,
sizeof(T));
1351 for (
unsigned int j=0; j<80; j+=16)
1353 R( 0); R( 1); R( 2); R( 3);
1354 R( 4); R( 5); R( 6); R( 7);
1355 R( 8); R( 9); R(10); R(11);
1356 R(12); R(13); R(14); R(15);
1369ANONYMOUS_NAMESPACE_END
1373 CRYPTOPP_ASSERT(state);
1374 CRYPTOPP_ASSERT(data);
1376#if CRYPTOPP_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86)
1379 SHA512_HashBlock_SSE2(state, data);
1383#if CRYPTOGAMS_ARM_SHA512
1384# if CRYPTOPP_ARM_NEON_AVAILABLE
1387# if (CRYPTOPP_LITTLE_ENDIAN)
1390 cryptogams_sha512_block_data_order_neon(state, dataBuf, 1);
1392 cryptogams_sha512_block_data_order_neon(state, data, 1);
1400# if (CRYPTOPP_LITTLE_ENDIAN)
1403 cryptogams_sha512_block_data_order(state, dataBuf, 1);
1405 cryptogams_sha512_block_data_order(state, data, 1);
1410#if CRYPTOPP_POWER8_SHA_AVAILABLE
1413 SHA512_HashMultipleBlocks_POWER8(state, data, SHA512::BLOCKSIZE,
BIG_ENDIAN_ORDER);
1418 SHA512_HashBlock_CXX(state, data);
Fixed size stack-based SecBlock with 16-byte alignment.
static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void CRYPTOPP_API InitState(HashWordType *state)
Initialize state array.
static void CRYPTOPP_API InitState(HashWordType *state)
Initialize state array.
static void CRYPTOPP_API InitState(HashWordType *state)
Initialize state array.
static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void CRYPTOPP_API InitState(HashWordType *state)
Initialize state array.
static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data)
Operate the hash.
static void CRYPTOPP_API InitState(HashWordType *state)
Initialize state array.
Library configuration file.
unsigned int word32
32-bit unsigned datatype
Functions for CPU features and intrinsics.
ByteOrder
Provides the byte ordering.
@ LITTLE_ENDIAN_ORDER
byte order is little-endian
@ BIG_ENDIAN_ORDER
byte order is big-endian
Utility functions for the Crypto++ library.
byte ByteReverse(byte value)
Reverses bytes in a 8-bit value.
bool NativeByteOrderIs(ByteOrder order)
Determines whether order follows native byte ordering.
Classes and functions for secure memory allocations.
Classes for SHA-1 and SHA-2 family of message digests.