From cd904815e4f4e377faeacc01627aa3f15b6fb217 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Mon, 8 Jun 2020 10:26:34 +0200 Subject: [PATCH] Revert "Bug 1613238 - POWER SHA-2 digest vector acceleration. r=jcj,kjacobs" This reverts commit 7d4b0ba0256aed6879008f87d9a3b4f6bfbc7817. --- lib/freebl/Makefile | 3 - lib/freebl/freebl.gyp | 58 +- lib/freebl/freebl_base.gypi | 9 +- lib/freebl/gcm.h | 22 +- lib/freebl/ppc-crypto.h | 31 -- lib/freebl/scripts/LICENSE | 36 -- lib/freebl/scripts/gen.sh | 19 - lib/freebl/scripts/ppc-xlate.pl | 352 ------------ lib/freebl/scripts/sha512p8-ppc.pl | 413 -------------- lib/freebl/sha512-p8.s | 851 ----------------------------- lib/freebl/sha512.c | 248 +++------ 11 files changed, 101 insertions(+), 1941 deletions(-) delete mode 100644 lib/freebl/ppc-crypto.h delete mode 100644 lib/freebl/scripts/LICENSE delete mode 100755 lib/freebl/scripts/gen.sh delete mode 100644 lib/freebl/scripts/ppc-xlate.pl delete mode 100644 lib/freebl/scripts/sha512p8-ppc.pl delete mode 100644 lib/freebl/sha512-p8.s diff --git a/lib/freebl/Makefile b/lib/freebl/Makefile index 5f7384429..a8ea6936a 100644 --- a/lib/freebl/Makefile +++ b/lib/freebl/Makefile @@ -267,7 +267,6 @@ ifeq ($(CPU_ARCH),arm) endif ifeq ($(CPU_ARCH),ppc) EXTRA_SRCS += gcm-ppc.c - ASFILES += sha512-p8.s ifdef USE_64 DEFINES += -DNSS_NO_INIT_SUPPORT endif # USE_64 @@ -727,8 +726,6 @@ ifndef NSS_DISABLE_ALTIVEC $(OBJDIR)/$(PROG_PREFIX)gcm-ppc$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx $(OBJDIR)/$(PROG_PREFIX)gcm$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx $(OBJDIR)/$(PROG_PREFIX)rijndael$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx -$(OBJDIR)/$(PROG_PREFIX)sha512$(OBJ_SUFFIX): CFLAGS += -mcrypto -maltivec -mvsx \ - -funroll-loops -fpeel-loops endif endif diff --git a/lib/freebl/freebl.gyp b/lib/freebl/freebl.gyp index f3bb8a71a..1df25f88e 100644 --- a/lib/freebl/freebl.gyp +++ b/lib/freebl/freebl.gyp @@ -258,8 +258,7 @@ 'target_name': 'gcm-aes-ppc_c_lib', 'type': 'static_library', 'sources': [ - 'gcm-ppc.c', - 'sha512-p8.s', + 'gcm-ppc.c' ], 'dependencies': [ '<(DEPTH)/exports.gyp:nss_exports' @@ -271,58 +270,7 @@ 'cflags_mozilla': [ '-mcrypto', '-maltivec' - ], - }, - { - 'target_name': 'gcm-sha512-nodepend-ppc_c_lib', - 'type': 'static_library', - 'sources': [ - 'sha512.c', - ], - 'dependencies': [ - '<(DEPTH)/exports.gyp:nss_exports' - ], - 'cflags': [ - '-mcrypto', - '-maltivec', - '-mvsx', - '-funroll-loops', - '-fpeel-loops', - ], - 'cflags_mozilla': [ - '-mcrypto', - '-maltivec', - '-mvsx', - '-funroll-loops', - '-fpeel-loops', - ], - }, - { - 'target_name': 'gcm-sha512-ppc_c_lib', - 'type': 'static_library', - 'sources': [ - 'sha512.c', - ], - 'dependencies': [ - '<(DEPTH)/exports.gyp:nss_exports' - ], - 'cflags': [ - '-mcrypto', - '-maltivec', - '-mvsx', - '-funroll-loops', - '-fpeel-loops', - ], - 'cflags_mozilla': [ - '-mcrypto', - '-maltivec', - '-mvsx', - '-funroll-loops', - '-fpeel-loops', - ], - 'defines!': [ - 'FREEBL_NO_DEPEND', - ], + ] }, { 'target_name': 'armv8_c_lib', @@ -407,7 +355,6 @@ [ 'disable_altivec==0 and (target_arch=="ppc64" or target_arch=="ppc64le")', { 'dependencies': [ 'gcm-aes-ppc_c_lib', - 'gcm-sha512-ppc_c_lib', ], }], [ 'disable_altivec==1 and (target_arch=="ppc64" or target_arch=="ppc64le")', { @@ -475,7 +422,6 @@ [ 'disable_altivec==0 and (target_arch=="ppc64" or target_arch=="ppc64le")', { 'dependencies': [ 'gcm-aes-ppc_c_lib', - 'gcm-sha512-nodepend-ppc_c_lib', ], }], [ 'disable_altivec==1 and (target_arch=="ppc64" or target_arch=="ppc64le")', { diff --git a/lib/freebl/freebl_base.gypi b/lib/freebl/freebl_base.gypi index 9ba9169f4..e1e4c88dc 100644 --- a/lib/freebl/freebl_base.gypi +++ b/lib/freebl/freebl_base.gypi @@ -55,6 +55,8 @@ 'rijndael.c', 'rsa.c', 'rsapkcs.c', + 'seed.c', + 'sha512.c', 'sha_fast.c', 'shvfy.c', 'sysrand.c', @@ -144,13 +146,6 @@ 'ecl/curve25519_32.c', ], }], - ['(target_arch!="ppc64" and target_arch!="ppc64le") or disable_altivec==1', { - 'sources': [ - # Gyp does not support per-file cflags, so working around like this. - # ppc performance greatly benefits from specific flags. - 'sha512.c', - ], - }], [ 'disable_chachapoly==0', { # The ChaCha20 code is linked in through the static ssse3-crypto lib on # all platforms that support SSSE3. There are runtime checks in place to diff --git a/lib/freebl/gcm.h b/lib/freebl/gcm.h index 21792e0b3..38b066580 100644 --- a/lib/freebl/gcm.h +++ b/lib/freebl/gcm.h @@ -31,8 +31,26 @@ #include #endif -#if defined(__powerpc64__) -#include "ppc-crypto.h" +#if defined(__powerpc64__) && !defined(NSS_DISABLE_ALTIVEC) +#include "altivec-types.h" + +/* The ghash freebl test tries to use this in C++, and gcc defines conflict. */ +#ifdef __cplusplus +#undef pixel +#undef vector +#undef bool +#endif + +/* + * PPC CRYPTO requires at least gcc 8 or clang. The LE check is purely + * because it's only been tested on LE. If you're interested in BE, + * please send a patch. + */ +#if (defined(__clang__) || (defined(__GNUC__) && __GNUC__ >= 8)) && \ + defined(IS_LITTLE_ENDIAN) +#define USE_PPC_CRYPTO +#endif + #endif SEC_BEGIN_PROTOS diff --git a/lib/freebl/ppc-crypto.h b/lib/freebl/ppc-crypto.h deleted file mode 100644 index 4d283895f..000000000 --- a/lib/freebl/ppc-crypto.h +++ /dev/null @@ -1,31 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef PPC_CRYPTO_H -#define PPC_CRYPTO_H 1 - -#if defined(__powerpc64__) && defined(__ALTIVEC__) && \ - !defined(NSS_DISABLE_ALTIVEC) -#include "altivec-types.h" - -/* The ghash freebl test tries to use this in C++, and gcc defines conflict. */ -#ifdef __cplusplus -#undef pixel -#undef vector -#undef bool -#endif - -/* - * PPC CRYPTO requires at least gcc 8 or clang. The LE check is purely - * because it's only been tested on LE. If you're interested in BE, - * please send a patch. - */ -#if (defined(__clang__) || (defined(__GNUC__) && __GNUC__ >= 8)) && \ - defined(IS_LITTLE_ENDIAN) && defined(__VSX__) -#define USE_PPC_CRYPTO -#endif - -#endif /* defined(__powerpc64__) && !defined(NSS_DISABLE_ALTIVEC) && defined(__ALTIVEC__) */ - -#endif diff --git a/lib/freebl/scripts/LICENSE b/lib/freebl/scripts/LICENSE deleted file mode 100644 index a9335c22f..000000000 --- a/lib/freebl/scripts/LICENSE +++ /dev/null @@ -1,36 +0,0 @@ -Copyright (c) 2006, CRYPTOGAMS by -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - - * Redistributions of source code must retain copyright notices, - this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above - copyright notice, this list of conditions and the following - disclaimer in the documentation and/or other materials - provided with the distribution. - - * Neither the name of the CRYPTOGAMS nor the names of its - copyright holder and contributors may be used to endorse or - promote products derived from this software without specific - prior written permission. - -ALTERNATIVELY, provided that this notice is retained in full, this -product may be distributed under the terms of the GNU General Public -License (GPL), in which case the provisions of the GPL apply INSTEAD OF -those given above. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/lib/freebl/scripts/gen.sh b/lib/freebl/scripts/gen.sh deleted file mode 100755 index ea415cc94..000000000 --- a/lib/freebl/scripts/gen.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -# -# Run the scripts in this folder, generating the assembly, -# - -perl sha512p8-ppc.pl linux64le sha512-p8.s - -# Add the license mention -cat > hdr << "EOF" -# Copyright (c) 2006, CRYPTOGAMS by -# All rights reserved. -# See the full LICENSE under scripts/. - -EOF - -cat hdr sha512-p8.s > ../sha512-p8.s - -# Cleanup -rm hdr sha512-p8.s diff --git a/lib/freebl/scripts/ppc-xlate.pl b/lib/freebl/scripts/ppc-xlate.pl deleted file mode 100644 index a0fcf6a31..000000000 --- a/lib/freebl/scripts/ppc-xlate.pl +++ /dev/null @@ -1,352 +0,0 @@ -#!/usr/bin/env perl - -# PowerPC assembler distiller by \@dot-asm. - -################################################################ -# Recognized "flavour"-s are: -# -# linux{32|64}[le] GNU assembler and ELF symbol decorations, -# with little-endian option -# linux64v2 GNU asssembler and big-endian instantiation -# of latest ELF specification -# aix{32|64} AIX assembler and symbol decorations -# osx{32|64} Mac OS X assembler and symbol decoratons - -my $flavour = shift; -my $output = shift; -open STDOUT,">$output" || die "can't open $output: $!"; - -my %GLOBALS; -my %TYPES; -my $dotinlocallabels=($flavour=~/linux/)?1:0; - -################################################################ -# directives which need special treatment on different platforms -################################################################ -my $type = sub { - my ($dir,$name,$type) = @_; - - $TYPES{$name} = $type; - if ($flavour =~ /linux/) { - $name =~ s|^\.||; - ".type $name,$type"; - } else { - ""; - } -}; -my $globl = sub { - my $junk = shift; - my $name = shift; - my $global = \$GLOBALS{$name}; - my $type = \$TYPES{$name}; - my $ret; - - $name =~ s|^\.||; - - SWITCH: for ($flavour) { - /aix/ && do { if (!$$type) { - $$type = "\@function"; - } - if ($$type =~ /function/) { - $name = ".$name"; - } - last; - }; - /osx/ && do { $name = "_$name"; - last; - }; - /linux.*(32|64(le|v2))/ - && do { $ret .= ".globl $name"; - if (!$$type) { - $ret .= "\n.type $name,\@function"; - $$type = "\@function"; - } - last; - }; - /linux.*64/ && do { $ret .= ".globl $name"; - if (!$$type) { - $ret .= "\n.type $name,\@function"; - $$type = "\@function"; - } - if ($$type =~ /function/) { - $ret .= "\n.section \".opd\",\"aw\""; - $ret .= "\n.align 3"; - $ret .= "\n$name:"; - $ret .= "\n.quad .$name,.TOC.\@tocbase,0"; - $ret .= "\n.previous"; - $name = ".$name"; - } - last; - }; - } - - $ret = ".globl $name" if (!$ret); - $$global = $name; - $ret; -}; -my $text = sub { - my $ret = ($flavour =~ /aix/) ? ".csect\t.text[PR],7" : ".text"; - $ret = ".abiversion 2\n".$ret if ($flavour =~ /linux.*64(le|v2)/); - $ret; -}; -my $machine = sub { - my $junk = shift; - my $arch = shift; - if ($flavour =~ /osx/) - { $arch =~ s/\"//g; - $arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any"); - } - ".machine $arch"; -}; -my $size = sub { - if ($flavour =~ /linux/) - { shift; - my $name = shift; - my $real = $GLOBALS{$name} ? \$GLOBALS{$name} : \$name; - my $ret = ".size $$real,.-$$real"; - $name =~ s|^\.||; - if ($$real ne $name) { - $ret .= "\n.size $name,.-$$real"; - } - $ret; - } - else - { ""; } -}; -my $asciz = sub { - shift; - my $line = join(",",@_); - if ($line =~ /^"(.*)"$/) - { ".byte " . join(",",unpack("C*",$1),0) . "\n.align 2"; } - else - { ""; } -}; -my $quad = sub { - shift; - my @ret; - my ($hi,$lo); - for (@_) { - if (/^0x([0-9a-f]*?)([0-9a-f]{1,8})$/io) - { $hi=$1?"0x$1":"0"; $lo="0x$2"; } - elsif (/^([0-9]+)$/o) - { $hi=$1>>32; $lo=$1&0xffffffff; } # error-prone with 32-bit perl - else - { $hi=undef; $lo=$_; } - - if (defined($hi)) - { push(@ret,$flavour=~/le$/o?".long\t$lo,$hi":".long\t$hi,$lo"); } - else - { push(@ret,".quad $lo"); } - } - join("\n",@ret); -}; - -################################################################ -# simplified mnemonics not handled by at least one assembler -################################################################ -my $cmplw = sub { - my $f = shift; - my $cr = 0; $cr = shift if ($#_>1); - # Some out-of-date 32-bit GNU assembler just can't handle cmplw... - ($flavour =~ /linux.*32/) ? - " .long ".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 : - " cmplw ".join(',',$cr,@_); -}; -my $bdnz = sub { - my $f = shift; - my $bo = $f=~/[\+\-]/ ? 16+9 : 16; # optional "to be taken" hint - " bc $bo,0,".shift; -} if ($flavour!~/linux/); -my $bltlr = sub { - my $f = shift; - my $bo = $f=~/\-/ ? 12+2 : 12; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%x",19<<26|$bo<<21|16<<1 : - " bclr $bo,0"; -}; -my $bnelr = sub { - my $f = shift; - my $bo = $f=~/\-/ ? 4+2 : 4; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 : - " bclr $bo,2"; -}; -my $beqlr = sub { - my $f = shift; - my $bo = $f=~/-/ ? 12+2 : 12; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 : - " bclr $bo,2"; -}; -# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two -# arguments is 64, with "operand out of range" error. -my $extrdi = sub { - my ($f,$ra,$rs,$n,$b) = @_; - $b = ($b+$n)&63; $n = 64-$n; - " rldicl $ra,$rs,$b,$n"; -}; -my $vmr = sub { - my ($f,$vx,$vy) = @_; - " vor $vx,$vy,$vy"; -}; - -# Some ABIs specify vrsave, special-purpose register #256, as reserved -# for system use. -my $no_vrsave = ($flavour =~ /aix|linux64(le|v2)/); -my $mtspr = sub { - my ($f,$idx,$ra) = @_; - if ($idx == 256 && $no_vrsave) { - " or $ra,$ra,$ra"; - } else { - " mtspr $idx,$ra"; - } -}; -my $mfspr = sub { - my ($f,$rd,$idx) = @_; - if ($idx == 256 && $no_vrsave) { - " li $rd,-1"; - } else { - " mfspr $rd,$idx"; - } -}; - -# PowerISA 2.06 stuff -sub vsxmem_op { - my ($f, $vrt, $ra, $rb, $op) = @_; - " .long ".sprintf "0x%X",(31<<26)|($vrt<<21)|($ra<<16)|($rb<<11)|($op*2+1); -} -# made-up unaligned memory reference AltiVec/VMX instructions -my $lvx_u = sub { vsxmem_op(@_, 844); }; # lxvd2x -my $stvx_u = sub { vsxmem_op(@_, 972); }; # stxvd2x -my $lvdx_u = sub { vsxmem_op(@_, 588); }; # lxsdx -my $stvdx_u = sub { vsxmem_op(@_, 716); }; # stxsdx -my $lvx_4w = sub { vsxmem_op(@_, 780); }; # lxvw4x -my $stvx_4w = sub { vsxmem_op(@_, 908); }; # stxvw4x -my $lvx_splt = sub { vsxmem_op(@_, 332); }; # lxvdsx -# VSX instruction[s] masqueraded as made-up AltiVec/VMX -my $vpermdi = sub { # xxpermdi - my ($f, $vrt, $vra, $vrb, $dm) = @_; - $dm = oct($dm) if ($dm =~ /^0/); - " .long ".sprintf "0x%X",(60<<26)|($vrt<<21)|($vra<<16)|($vrb<<11)|($dm<<8)|(10<<3)|7; -}; - -# PowerISA 2.07 stuff -sub vcrypto_op { - my ($f, $vrt, $vra, $vrb, $op) = @_; - " .long ".sprintf "0x%X",(4<<26)|($vrt<<21)|($vra<<16)|($vrb<<11)|$op; -} -sub vfour { - my ($f, $vrt, $vra, $vrb, $vrc, $op) = @_; - " .long ".sprintf "0x%X",(4<<26)|($vrt<<21)|($vra<<16)|($vrb<<11)|($vrc<<6)|$op; -}; -my $vcipher = sub { vcrypto_op(@_, 1288); }; -my $vcipherlast = sub { vcrypto_op(@_, 1289); }; -my $vncipher = sub { vcrypto_op(@_, 1352); }; -my $vncipherlast= sub { vcrypto_op(@_, 1353); }; -my $vsbox = sub { vcrypto_op(@_, 0, 1480); }; -my $vshasigmad = sub { my ($st,$six)=splice(@_,-2); vcrypto_op(@_, $st<<4|$six, 1730); }; -my $vshasigmaw = sub { my ($st,$six)=splice(@_,-2); vcrypto_op(@_, $st<<4|$six, 1666); }; -my $vpmsumb = sub { vcrypto_op(@_, 1032); }; -my $vpmsumd = sub { vcrypto_op(@_, 1224); }; -my $vpmsubh = sub { vcrypto_op(@_, 1096); }; -my $vpmsumw = sub { vcrypto_op(@_, 1160); }; -# These are not really crypto, but vcrypto_op template works -my $vaddudm = sub { vcrypto_op(@_, 192); }; -my $vadduqm = sub { vcrypto_op(@_, 256); }; -my $vmuleuw = sub { vcrypto_op(@_, 648); }; -my $vmulouw = sub { vcrypto_op(@_, 136); }; -my $vrld = sub { vcrypto_op(@_, 196); }; -my $vsld = sub { vcrypto_op(@_, 1476); }; -my $vsrd = sub { vcrypto_op(@_, 1732); }; -my $vsubudm = sub { vcrypto_op(@_, 1216); }; -my $vaddcuq = sub { vcrypto_op(@_, 320); }; -my $vaddeuqm = sub { vfour(@_,60); }; -my $vaddecuq = sub { vfour(@_,61); }; -my $vmrgew = sub { vfour(@_,0,1932); }; -my $vmrgow = sub { vfour(@_,0,1676); }; - -my $mtsle = sub { - my ($f, $arg) = @_; - " .long ".sprintf "0x%X",(31<<26)|($arg<<21)|(147*2); -}; - -# VSX instructions masqueraded as AltiVec/VMX -my $mtvrd = sub { - my ($f, $vrt, $ra) = @_; - " .long ".sprintf "0x%X",(31<<26)|($vrt<<21)|($ra<<16)|(179<<1)|1; -}; -my $mtvrwz = sub { - my ($f, $vrt, $ra) = @_; - " .long ".sprintf "0x%X",(31<<26)|($vrt<<21)|($ra<<16)|(243<<1)|1; -}; -my $lvwzx_u = sub { vsxmem_op(@_, 12); }; # lxsiwzx -my $stvwx_u = sub { vsxmem_op(@_, 140); }; # stxsiwx - -# PowerISA 3.0 stuff -my $maddhdu = sub { vfour(@_,49); }; -my $maddld = sub { vfour(@_,51); }; -my $darn = sub { - my ($f, $rt, $l) = @_; - " .long ".sprintf "0x%X",(31<<26)|($rt<<21)|($l<<16)|(755<<1); -}; -my $iseleq = sub { - my ($f, $rt, $ra, $rb) = @_; - " .long ".sprintf "0x%X",(31<<26)|($rt<<21)|($ra<<16)|($rb<<11)|(2<<6)|30; -}; -# VSX instruction[s] masqueraded as made-up AltiVec/VMX -my $vspltib = sub { # xxspltib - my ($f, $vrt, $imm8) = @_; - $imm8 = oct($imm8) if ($imm8 =~ /^0/); - $imm8 &= 0xff; - " .long ".sprintf "0x%X",(60<<26)|($vrt<<21)|($imm8<<11)|(360<<1)|1; -}; - -# PowerISA 3.0B stuff -my $addex = sub { - my ($f, $rt, $ra, $rb, $cy) = @_; # only cy==0 is specified in 3.0B - " .long ".sprintf "0x%X",(31<<26)|($rt<<21)|($ra<<16)|($rb<<11)|($cy<<9)|(170<<1); -}; -my $vmsumudm = sub { vfour(@_,35); }; - -while($line=<>) { - - $line =~ s|[#!;].*$||; # get rid of asm-style comments... - $line =~ s|/\*.*\*/||; # ... and C-style comments... - $line =~ s|^\s+||; # ... and skip white spaces in beginning... - $line =~ s|\s+$||; # ... and at the end - - { - $line =~ s|\.L(\w+)|L$1|g; # common denominator for Locallabel - $line =~ s|\bL(\w+)|\.L$1|g if ($dotinlocallabels); - } - - { - $line =~ s|(^[\.\w]+)\:\s*||; - my $label = $1; - if ($label) { - my $xlated = ($GLOBALS{$label} or $label); - print "$xlated:"; - if ($flavour =~ /linux.*64(le|v2)/) { - if ($TYPES{$label} =~ /function/) { - printf "\n.localentry %s,0\n",$xlated; - } - } - } - } - - { - $line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||; - my $c = $1; $c = "\t" if ($c eq ""); - my $mnemonic = $2; - my $f = $3; - my $opcode = eval("\$$mnemonic"); - $line =~ s/\b(c?[rf]|v|vs)([0-9]+)\b/$2/g if ($c ne "." and $flavour !~ /osx/); - if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(/,\s*/,$line)); } - elsif ($mnemonic) { $line = $c.$mnemonic.$f."\t".$line; } - } - - print $line if ($line); - print "\n"; -} - -close STDOUT; diff --git a/lib/freebl/scripts/sha512p8-ppc.pl b/lib/freebl/scripts/sha512p8-ppc.pl deleted file mode 100644 index 3bef98be7..000000000 --- a/lib/freebl/scripts/sha512p8-ppc.pl +++ /dev/null @@ -1,413 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov, @dot-asm, initially for use in the OpenSSL -# project. The module is dual licensed under OpenSSL and CRYPTOGAMS -# licenses depending on where you obtain it. For further details see -# https://github.com/dot-asm/cryptogams/. -# ==================================================================== - -# SHA256/512 for PowerISA v2.07. -# -# Accurate performance measurements are problematic, because it's -# always virtualized setup with possibly throttled processor. -# Relative comparison is therefore more informative. This module is -# ~60% faster than integer-only sha512-ppc.pl. To anchor to something -# else, SHA256 is 24% slower than sha1-ppc.pl and 2.5x slower than -# hardware-assisted aes-128-cbc encrypt. SHA512 is 20% faster than -# sha1-ppc.pl and 1.6x slower than aes-128-cbc. Another interesting -# result is degree of computational resources' utilization. POWER8 is -# "massively multi-threaded chip" and difference between single- and -# maximum multi-process benchmark results tells that utilization is -# whooping 94%. For sha512-ppc.pl we get [not unimpressive] 84% and -# for sha1-ppc.pl - 73%. 100% means that multi-process result equals -# to single-process one, given that all threads end up on the same -# physical core. -# -###################################################################### -# Believed-to-be-accurate results in cycles per processed byte [on -# little-endian system]. Numbers in square brackets are for 64-bit -# build of sha512-ppc.pl, presented for reference. -# -# POWER8 POWER9 -# SHA256 9.7 [15.8] 11.2 [12.5] -# SHA512 6.1 [10.3] 7.0 [7.9] - -$flavour=shift; -$output =shift; - -if ($flavour =~ /64/) { - $SIZE_T=8; - $LRSAVE=2*$SIZE_T; - $STU="stdu"; - $POP="ld"; - $PUSH="std"; -} elsif ($flavour =~ /32/) { - $SIZE_T=4; - $LRSAVE=$SIZE_T; - $STU="stwu"; - $POP="lwz"; - $PUSH="stw"; -} else { die "nonsense $flavour"; } - -$LENDIAN=($flavour=~/le/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!"; - -if ($output =~ /512/) { - $bits=512; - $SZ=8; - $sz="d"; - $rounds=80; -} else { - $bits=256; - $SZ=4; - $sz="w"; - $rounds=64; -} - -$func="sha${bits}_block_p8"; -$LOCALS=8*$SIZE_T+8*16; -$FRAME=$LOCALS+9*16+6*$SIZE_T; - -$sp ="r1"; -$toc="r2"; -$ctx="r3"; -$inp="r4"; -$num="r5"; -$Tbl="r6"; -$idx="r7"; -$lrsave="r8"; -$offload="r11"; -$vrsave="r12"; -@I = ($x00,$x10,$x20,$x30,$x40,$x50,$x60,$x70) = (0,map("r$_",(10,26..31))); - -@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("v$_",(0..7)); -@X=map("v$_",(8..19,24..27)); -($Ki,$Func,$Sigma,$lemask)=map("v$_",(28..31)); - -sub ROUND { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -my $j=($i+1)%16; -my $k=($i+2)%8; - -$code.=<<___ if ($i<15 && ($i%(16/$SZ))==(16/$SZ-1)); - lvx_u @X[$i+1],0,$inp ; load X[i] in advance - addi $inp,$inp,16 -___ -$code.=<<___ if ($i<16 && ($i%(16/$SZ))); - vsldoi @X[$i],@X[$i-1],@X[$i-1],$SZ -___ -$code.=<<___ if ($LENDIAN && $i<16 && ($i%(16/$SZ))==0); - vperm @X[$i],@X[$i],@X[$i],$lemask -___ -$code.=<<___ if ($i>=15); - vshasigma${sz} $Sigma,@X[($j+1)%16],0,0 - vaddu${sz}m @X[$j],@X[$j],$Sigma - vshasigma${sz} $Sigma,@X[($j+14)%16],0,15 - vaddu${sz}m @X[$j],@X[$j],$Sigma - vaddu${sz}m @X[$j],@X[$j],@X[($j+9)%16] -___ -$code.=<<___; - vaddu${sz}m $h,$h,@X[$i%16] ; h+=X[i] - vsel $Func,$g,$f,$e ; Ch(e,f,g) - vaddu${sz}m $g,$g,$Ki ; future h+=K[i] - vaddu${sz}m $h,$h,$Func ; h+=Ch(e,f,g) - vshasigma${sz} $Sigma,$e,1,15 ; Sigma1(e) - vaddu${sz}m $h,$h,$Sigma ; h+=Sigma1(e) - vxor $Func,$a,$b - vsel $Func,$b,$c,$Func ; Maj(a,b,c) - vaddu${sz}m $d,$d,$h ; d+=h - vshasigma${sz} $Sigma,$a,1,0 ; Sigma0(a) - vaddu${sz}m $Sigma,$Sigma,$Func ; Sigma0(a)+Maj(a,b,c) - vaddu${sz}m $h,$h,$Sigma ; h+=Sigma0(a)+Maj(a,b,c) - lvx $Ki,@I[$k],$idx ; load next K[i] -___ -$code.=<<___ if ($k == 7); - addi $idx,$idx,0x80 -___ -} - -$code=<<___; -.machine "any" -.text - -.globl $func -.align 6 -$func: - $STU $sp,-$FRAME($sp) - mflr $lrsave - li r10,`$LOCALS+15` - li r11,`$LOCALS+31` - stvx v24,r10,$sp # ABI says so - addi r10,r10,32 - mfspr $vrsave,256 - stvx v25,r11,$sp - addi r11,r11,32 - stvx v26,r10,$sp - addi r10,r10,32 - stvx v27,r11,$sp - addi r11,r11,32 - stvx v28,r10,$sp - addi r10,r10,32 - stvx v29,r11,$sp - addi r11,r11,32 - stvx v30,r10,$sp - stvx v31,r11,$sp - li r11,-4096+255 # 0xfffff0ff - stw $vrsave,`$FRAME-6*$SIZE_T-4`($sp) # save vrsave - li $x10,0x10 - $PUSH r26,`$FRAME-6*$SIZE_T`($sp) - li $x20,0x20 - $PUSH r27,`$FRAME-5*$SIZE_T`($sp) - li $x30,0x30 - $PUSH r28,`$FRAME-4*$SIZE_T`($sp) - li $x40,0x40 - $PUSH r29,`$FRAME-3*$SIZE_T`($sp) - li $x50,0x50 - $PUSH r30,`$FRAME-2*$SIZE_T`($sp) - li $x60,0x60 - $PUSH r31,`$FRAME-1*$SIZE_T`($sp) - li $x70,0x70 - $PUSH $lrsave,`$FRAME+$LRSAVE`($sp) - mtspr 256,r11 - - bl LPICmeup - addi $offload,$sp,`8*$SIZE_T+15` -___ -$code.=<<___ if ($LENDIAN); - li $idx,8 - lvsl $lemask,0,$idx - vspltisb $Ki,0x0f - vxor $lemask,$lemask,$Ki -___ -$code.=<<___ if ($SZ==4); - lvx_4w $A,$x00,$ctx - lvx_4w $E,$x10,$ctx - vsldoi $B,$A,$A,4 # unpack - vsldoi $C,$A,$A,8 - vsldoi $D,$A,$A,12 - vsldoi $F,$E,$E,4 - vsldoi $G,$E,$E,8 - vsldoi $H,$E,$E,12 -___ -$code.=<<___ if ($SZ==8); - lvx_u $A,$x00,$ctx - lvx_u $C,$x10,$ctx - lvx_u $E,$x20,$ctx - vsldoi $B,$A,$A,8 # unpack - lvx_u $G,$x30,$ctx - vsldoi $D,$C,$C,8 - vsldoi $F,$E,$E,8 - vsldoi $H,$G,$G,8 -___ -$code.=<<___; - li r0,`($rounds-16)/16` # inner loop counter - b Loop -.align 5 -Loop: - lvx $Ki,$x00,$Tbl - lvx_u @X[0],0,$inp - addi $inp,$inp,16 - mr $idx,$Tbl # copy $Tbl - stvx $A,$x00,$offload # offload $A-$H - stvx $B,$x10,$offload - stvx $C,$x20,$offload - stvx $D,$x30,$offload - stvx $E,$x40,$offload - stvx $F,$x50,$offload - stvx $G,$x60,$offload - stvx $H,$x70,$offload - vaddu${sz}m $H,$H,$Ki # h+K[i] - lvx $Ki,$x10,$Tbl -___ -for ($i=0;$i<16;$i++) { &ROUND($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - mtctr r0 - b L16_xx -.align 5 -L16_xx: -___ -for (;$i<32;$i++) { &ROUND($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - bdnz L16_xx - - lvx @X[2],$x00,$offload - subic. $num,$num,1 - lvx @X[3],$x10,$offload - vaddu${sz}m $A,$A,@X[2] - lvx @X[4],$x20,$offload - vaddu${sz}m $B,$B,@X[3] - lvx @X[5],$x30,$offload - vaddu${sz}m $C,$C,@X[4] - lvx @X[6],$x40,$offload - vaddu${sz}m $D,$D,@X[5] - lvx @X[7],$x50,$offload - vaddu${sz}m $E,$E,@X[6] - lvx @X[8],$x60,$offload - vaddu${sz}m $F,$F,@X[7] - lvx @X[9],$x70,$offload - vaddu${sz}m $G,$G,@X[8] - vaddu${sz}m $H,$H,@X[9] - bne Loop -___ -$code.=<<___ if ($SZ==4); - lvx @X[0],$x20,$idx - vperm $A,$A,$B,$Ki # pack the answer - lvx @X[1],$x30,$idx - vperm $E,$E,$F,$Ki - vperm $A,$A,$C,@X[0] - vperm $E,$E,$G,@X[0] - vperm $A,$A,$D,@X[1] - vperm $E,$E,$H,@X[1] - stvx_4w $A,$x00,$ctx - stvx_4w $E,$x10,$ctx -___ -$code.=<<___ if ($SZ==8); - vperm $A,$A,$B,$Ki # pack the answer - vperm $C,$C,$D,$Ki - vperm $E,$E,$F,$Ki - vperm $G,$G,$H,$Ki - stvx_u $A,$x00,$ctx - stvx_u $C,$x10,$ctx - stvx_u $E,$x20,$ctx - stvx_u $G,$x30,$ctx -___ -$code.=<<___; - addi $offload,$sp,`$LOCALS+15` - mtlr $lrsave - mtspr 256,$vrsave - lvx v24,$x00,$offload # ABI says so - lvx v25,$x10,$offload - lvx v26,$x20,$offload - lvx v27,$x30,$offload - lvx v28,$x40,$offload - lvx v29,$x50,$offload - lvx v30,$x60,$offload - lvx v31,$x70,$offload - $POP r26,`$FRAME-6*$SIZE_T`($sp) - $POP r27,`$FRAME-5*$SIZE_T`($sp) - $POP r28,`$FRAME-4*$SIZE_T`($sp) - $POP r29,`$FRAME-3*$SIZE_T`($sp) - $POP r30,`$FRAME-2*$SIZE_T`($sp) - $POP r31,`$FRAME-1*$SIZE_T`($sp) - addi $sp,$sp,$FRAME - blr - .long 0 - .byte 0,12,4,1,0x80,6,3,0 - .long 0 -.size $func,.-$func -___ - -# Ugly hack here, because PPC assembler syntax seem to vary too -# much from platforms to platform... -$code.=<<___; -.align 6 -LPICmeup: - mflr r0 - bcl 20,31,\$+4 - mflr $Tbl ; vvvvvv "distance" between . and 1st data entry - addi $Tbl,$Tbl,`64-8` - mtlr r0 - blr - .long 0 - .byte 0,12,0x14,0,0,0,0,0 - .space `64-9*4` -___ - -if ($SZ==8) { - local *table = sub { - foreach(@_) { $code.=".quad $_,$_\n"; } - }; - table( - "0x428a2f98d728ae22","0x7137449123ef65cd", - "0xb5c0fbcfec4d3b2f","0xe9b5dba58189dbbc", - "0x3956c25bf348b538","0x59f111f1b605d019", - "0x923f82a4af194f9b","0xab1c5ed5da6d8118", - "0xd807aa98a3030242","0x12835b0145706fbe", - "0x243185be4ee4b28c","0x550c7dc3d5ffb4e2", - "0x72be5d74f27b896f","0x80deb1fe3b1696b1", - "0x9bdc06a725c71235","0xc19bf174cf692694", - "0xe49b69c19ef14ad2","0xefbe4786384f25e3", - "0x0fc19dc68b8cd5b5","0x240ca1cc77ac9c65", - "0x2de92c6f592b0275","0x4a7484aa6ea6e483", - "0x5cb0a9dcbd41fbd4","0x76f988da831153b5", - "0x983e5152ee66dfab","0xa831c66d2db43210", - "0xb00327c898fb213f","0xbf597fc7beef0ee4", - "0xc6e00bf33da88fc2","0xd5a79147930aa725", - "0x06ca6351e003826f","0x142929670a0e6e70", - "0x27b70a8546d22ffc","0x2e1b21385c26c926", - "0x4d2c6dfc5ac42aed","0x53380d139d95b3df", - "0x650a73548baf63de","0x766a0abb3c77b2a8", - "0x81c2c92e47edaee6","0x92722c851482353b", - "0xa2bfe8a14cf10364","0xa81a664bbc423001", - "0xc24b8b70d0f89791","0xc76c51a30654be30", - "0xd192e819d6ef5218","0xd69906245565a910", - "0xf40e35855771202a","0x106aa07032bbd1b8", - "0x19a4c116b8d2d0c8","0x1e376c085141ab53", - "0x2748774cdf8eeb99","0x34b0bcb5e19b48a8", - "0x391c0cb3c5c95a63","0x4ed8aa4ae3418acb", - "0x5b9cca4f7763e373","0x682e6ff3d6b2b8a3", - "0x748f82ee5defb2fc","0x78a5636f43172f60", - "0x84c87814a1f0ab72","0x8cc702081a6439ec", - "0x90befffa23631e28","0xa4506cebde82bde9", - "0xbef9a3f7b2c67915","0xc67178f2e372532b", - "0xca273eceea26619c","0xd186b8c721c0c207", - "0xeada7dd6cde0eb1e","0xf57d4f7fee6ed178", - "0x06f067aa72176fba","0x0a637dc5a2c898a6", - "0x113f9804bef90dae","0x1b710b35131c471b", - "0x28db77f523047d84","0x32caab7b40c72493", - "0x3c9ebe0a15c9bebc","0x431d67c49c100d4c", - "0x4cc5d4becb3e42b6","0x597f299cfc657e2a", - "0x5fcb6fab3ad6faec","0x6c44198c4a475817","0"); -$code.=<<___ if (!$LENDIAN); -.quad 0x0001020304050607,0x1011121314151617 -___ -$code.=<<___ if ($LENDIAN); # quad-swapped -.quad 0x1011121314151617,0x0001020304050607 -___ -} else { - local *table = sub { - foreach(@_) { $code.=".long $_,$_,$_,$_\n"; } - }; - table( - "0x428a2f98","0x71374491","0xb5c0fbcf","0xe9b5dba5", - "0x3956c25b","0x59f111f1","0x923f82a4","0xab1c5ed5", - "0xd807aa98","0x12835b01","0x243185be","0x550c7dc3", - "0x72be5d74","0x80deb1fe","0x9bdc06a7","0xc19bf174", - "0xe49b69c1","0xefbe4786","0x0fc19dc6","0x240ca1cc", - "0x2de92c6f","0x4a7484aa","0x5cb0a9dc","0x76f988da", - "0x983e5152","0xa831c66d","0xb00327c8","0xbf597fc7", - "0xc6e00bf3","0xd5a79147","0x06ca6351","0x14292967", - "0x27b70a85","0x2e1b2138","0x4d2c6dfc","0x53380d13", - "0x650a7354","0x766a0abb","0x81c2c92e","0x92722c85", - "0xa2bfe8a1","0xa81a664b","0xc24b8b70","0xc76c51a3", - "0xd192e819","0xd6990624","0xf40e3585","0x106aa070", - "0x19a4c116","0x1e376c08","0x2748774c","0x34b0bcb5", - "0x391c0cb3","0x4ed8aa4a","0x5b9cca4f","0x682e6ff3", - "0x748f82ee","0x78a5636f","0x84c87814","0x8cc70208", - "0x90befffa","0xa4506ceb","0xbef9a3f7","0xc67178f2","0"); -$code.=<<___ if (!$LENDIAN); -.long 0x00010203,0x10111213,0x10111213,0x10111213 -.long 0x00010203,0x04050607,0x10111213,0x10111213 -.long 0x00010203,0x04050607,0x08090a0b,0x10111213 -___ -$code.=<<___ if ($LENDIAN); # word-swapped -.long 0x10111213,0x10111213,0x10111213,0x00010203 -.long 0x10111213,0x10111213,0x04050607,0x00010203 -.long 0x10111213,0x08090a0b,0x04050607,0x00010203 -___ -} -$code.=<<___; -.asciz "SHA${bits} for PowerISA 2.07, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/lib/freebl/sha512-p8.s b/lib/freebl/sha512-p8.s deleted file mode 100644 index d84ec0478..000000000 --- a/lib/freebl/sha512-p8.s +++ /dev/null @@ -1,851 +0,0 @@ -# Copyright (c) 2006, CRYPTOGAMS by -# All rights reserved. -# See the full LICENSE under scripts/. - -.machine "any" -.abiversion 2 -.text - -.globl sha512_block_p8 -.type sha512_block_p8,@function -.align 6 -sha512_block_p8: -.localentry sha512_block_p8,0 - - stdu 1,-384(1) - mflr 8 - li 10,207 - li 11,223 - stvx 24,10,1 - addi 10,10,32 - li 12,-1 - stvx 25,11,1 - addi 11,11,32 - stvx 26,10,1 - addi 10,10,32 - stvx 27,11,1 - addi 11,11,32 - stvx 28,10,1 - addi 10,10,32 - stvx 29,11,1 - addi 11,11,32 - stvx 30,10,1 - stvx 31,11,1 - li 11,-4096+255 - stw 12,332(1) - li 10,0x10 - std 26,336(1) - li 26,0x20 - std 27,344(1) - li 27,0x30 - std 28,352(1) - li 28,0x40 - std 29,360(1) - li 29,0x50 - std 30,368(1) - li 30,0x60 - std 31,376(1) - li 31,0x70 - std 8,400(1) - or 11,11,11 - - bl .LPICmeup - addi 11,1,79 - li 7,8 - lvsl 31,0,7 - vspltisb 28,0x0f - vxor 31,31,28 - .long 0x7C001E99 - .long 0x7C4A1E99 - .long 0x7C9A1E99 - vsldoi 1,0,0,8 - .long 0x7CDB1E99 - vsldoi 3,2,2,8 - vsldoi 5,4,4,8 - vsldoi 7,6,6,8 - li 0,4 - b .Loop -.align 5 -.Loop: - lvx 28,0,6 - .long 0x7D002699 - addi 4,4,16 - mr 7,6 - stvx 0,0,11 - stvx 1,10,11 - stvx 2,26,11 - stvx 3,27,11 - stvx 4,28,11 - stvx 5,29,11 - stvx 6,30,11 - stvx 7,31,11 - .long 0x10E7E0C0 - lvx 28,10,6 - vperm 8,8,8,31 - .long 0x10E740C0 - vsel 29,6,5,4 - .long 0x10C6E0C0 - .long 0x10E7E8C0 - .long 0x13C4FEC2 - .long 0x10E7F0C0 - vxor 29,0,1 - vsel 29,1,2,29 - .long 0x106338C0 - .long 0x13C086C2 - .long 0x13DEE8C0 - .long 0x10E7F0C0 - lvx 28,26,7 - .long 0x7D402699 - addi 4,4,16 - vsldoi 9,8,8,8 - .long 0x10C648C0 - vsel 29,5,4,3 - .long 0x10A5E0C0 - .long 0x10C6E8C0 - .long 0x13C3FEC2 - .long 0x10C6F0C0 - vxor 29,7,0 - vsel 29,0,1,29 - .long 0x104230C0 - .long 0x13C786C2 - .long 0x13DEE8C0 - .long 0x10C6F0C0 - lvx 28,27,7 - vperm 10,10,10,31 - .long 0x10A550C0 - vsel 29,4,3,2 - .long 0x1084E0C0 - .long 0x10A5E8C0 - .long 0x13C2FEC2 - .long 0x10A5F0C0 - vxor 29,6,7 - vsel 29,7,0,29 - .long 0x102128C0 - .long 0x13C686C2 - .long 0x13DEE8C0 - .long 0x10A5F0C0 - lvx 28,28,7 - .long 0x7D802699 - addi 4,4,16 - vsldoi 11,10,10,8 - .long 0x108458C0 - vsel 29,3,2,1 - .long 0x1063E0C0 - .long 0x1084E8C0 - .long 0x13C1FEC2 - .long 0x1084F0C0 - vxor 29,5,6 - vsel 29,6,7,29 - .long 0x100020C0 - .long 0x13C586C2 - .long 0x13DEE8C0 - .long 0x1084F0C0 - lvx 28,29,7 - vperm 12,12,12,31 - .long 0x106360C0 - vsel 29,2,1,0 - .long 0x1042E0C0 - .long 0x1063E8C0 - .long 0x13C0FEC2 - .long 0x1063F0C0 - vxor 29,4,5 - vsel 29,5,6,29 - .long 0x10E718C0 - .long 0x13C486C2 - .long 0x13DEE8C0 - .long 0x1063F0C0 - lvx 28,30,7 - .long 0x7DC02699 - addi 4,4,16 - vsldoi 13,12,12,8 - .long 0x104268C0 - vsel 29,1,0,7 - .long 0x1021E0C0 - .long 0x1042E8C0 - .long 0x13C7FEC2 - .long 0x1042F0C0 - vxor 29,3,4 - vsel 29,4,5,29 - .long 0x10C610C0 - .long 0x13C386C2 - .long 0x13DEE8C0 - .long 0x1042F0C0 - lvx 28,31,7 - addi 7,7,0x80 - vperm 14,14,14,31 - .long 0x102170C0 - vsel 29,0,7,6 - .long 0x1000E0C0 - .long 0x1021E8C0 - .long 0x13C6FEC2 - .long 0x1021F0C0 - vxor 29,2,3 - vsel 29,3,4,29 - .long 0x10A508C0 - .long 0x13C286C2 - .long 0x13DEE8C0 - .long 0x1021F0C0 - lvx 28,0,7 - .long 0x7E002699 - addi 4,4,16 - vsldoi 15,14,14,8 - .long 0x100078C0 - vsel 29,7,6,5 - .long 0x10E7E0C0 - .long 0x1000E8C0 - .long 0x13C5FEC2 - .long 0x1000F0C0 - vxor 29,1,2 - vsel 29,2,3,29 - .long 0x108400C0 - .long 0x13C186C2 - .long 0x13DEE8C0 - .long 0x1000F0C0 - lvx 28,10,7 - vperm 16,16,16,31 - .long 0x10E780C0 - vsel 29,6,5,4 - .long 0x10C6E0C0 - .long 0x10E7E8C0 - .long 0x13C4FEC2 - .long 0x10E7F0C0 - vxor 29,0,1 - vsel 29,1,2,29 - .long 0x106338C0 - .long 0x13C086C2 - .long 0x13DEE8C0 - .long 0x10E7F0C0 - lvx 28,26,7 - .long 0x7E402699 - addi 4,4,16 - vsldoi 17,16,16,8 - .long 0x10C688C0 - vsel 29,5,4,3 - .long 0x10A5E0C0 - .long 0x10C6E8C0 - .long 0x13C3FEC2 - .long 0x10C6F0C0 - vxor 29,7,0 - vsel 29,0,1,29 - .long 0x104230C0 - .long 0x13C786C2 - .long 0x13DEE8C0 - .long 0x10C6F0C0 - lvx 28,27,7 - vperm 18,18,18,31 - .long 0x10A590C0 - vsel 29,4,3,2 - .long 0x1084E0C0 - .long 0x10A5E8C0 - .long 0x13C2FEC2 - .long 0x10A5F0C0 - vxor 29,6,7 - vsel 29,7,0,29 - .long 0x102128C0 - .long 0x13C686C2 - .long 0x13DEE8C0 - .long 0x10A5F0C0 - lvx 28,28,7 - .long 0x7F002699 - addi 4,4,16 - vsldoi 19,18,18,8 - .long 0x108498C0 - vsel 29,3,2,1 - .long 0x1063E0C0 - .long 0x1084E8C0 - .long 0x13C1FEC2 - .long 0x1084F0C0 - vxor 29,5,6 - vsel 29,6,7,29 - .long 0x100020C0 - .long 0x13C586C2 - .long 0x13DEE8C0 - .long 0x1084F0C0 - lvx 28,29,7 - vperm 24,24,24,31 - .long 0x1063C0C0 - vsel 29,2,1,0 - .long 0x1042E0C0 - .long 0x1063E8C0 - .long 0x13C0FEC2 - .long 0x1063F0C0 - vxor 29,4,5 - vsel 29,5,6,29 - .long 0x10E718C0 - .long 0x13C486C2 - .long 0x13DEE8C0 - .long 0x1063F0C0 - lvx 28,30,7 - .long 0x7F402699 - addi 4,4,16 - vsldoi 25,24,24,8 - .long 0x1042C8C0 - vsel 29,1,0,7 - .long 0x1021E0C0 - .long 0x1042E8C0 - .long 0x13C7FEC2 - .long 0x1042F0C0 - vxor 29,3,4 - vsel 29,4,5,29 - .long 0x10C610C0 - .long 0x13C386C2 - .long 0x13DEE8C0 - .long 0x1042F0C0 - lvx 28,31,7 - addi 7,7,0x80 - vperm 26,26,26,31 - .long 0x1021D0C0 - vsel 29,0,7,6 - .long 0x1000E0C0 - .long 0x1021E8C0 - .long 0x13C6FEC2 - .long 0x1021F0C0 - vxor 29,2,3 - vsel 29,3,4,29 - .long 0x10A508C0 - .long 0x13C286C2 - .long 0x13DEE8C0 - .long 0x1021F0C0 - lvx 28,0,7 - vsldoi 27,26,26,8 - .long 0x13C906C2 - .long 0x1108F0C0 - .long 0x13DA7EC2 - .long 0x1108F0C0 - .long 0x110888C0 - .long 0x1000D8C0 - vsel 29,7,6,5 - .long 0x10E7E0C0 - .long 0x1000E8C0 - .long 0x13C5FEC2 - .long 0x1000F0C0 - vxor 29,1,2 - vsel 29,2,3,29 - .long 0x108400C0 - .long 0x13C186C2 - .long 0x13DEE8C0 - .long 0x1000F0C0 - lvx 28,10,7 - mtctr 0 - b .L16_xx -.align 5 -.L16_xx: - .long 0x13CA06C2 - .long 0x1129F0C0 - .long 0x13DB7EC2 - .long 0x1129F0C0 - .long 0x112990C0 - .long 0x10E740C0 - vsel 29,6,5,4 - .long 0x10C6E0C0 - .long 0x10E7E8C0 - .long 0x13C4FEC2 - .long 0x10E7F0C0 - vxor 29,0,1 - vsel 29,1,2,29 - .long 0x106338C0 - .long 0x13C086C2 - .long 0x13DEE8C0 - .long 0x10E7F0C0 - lvx 28,26,7 - .long 0x13CB06C2 - .long 0x114AF0C0 - .long 0x13C87EC2 - .long 0x114AF0C0 - .long 0x114A98C0 - .long 0x10C648C0 - vsel 29,5,4,3 - .long 0x10A5E0C0 - .long 0x10C6E8C0 - .long 0x13C3FEC2 - .long 0x10C6F0C0 - vxor 29,7,0 - vsel 29,0,1,29 - .long 0x104230C0 - .long 0x13C786C2 - .long 0x13DEE8C0 - .long 0x10C6F0C0 - lvx 28,27,7 - .long 0x13CC06C2 - .long 0x116BF0C0 - .long 0x13C97EC2 - .long 0x116BF0C0 - .long 0x116BC0C0 - .long 0x10A550C0 - vsel 29,4,3,2 - .long 0x1084E0C0 - .long 0x10A5E8C0 - .long 0x13C2FEC2 - .long 0x10A5F0C0 - vxor 29,6,7 - vsel 29,7,0,29 - .long 0x102128C0 - .long 0x13C686C2 - .long 0x13DEE8C0 - .long 0x10A5F0C0 - lvx 28,28,7 - .long 0x13CD06C2 - .long 0x118CF0C0 - .long 0x13CA7EC2 - .long 0x118CF0C0 - .long 0x118CC8C0 - .long 0x108458C0 - vsel 29,3,2,1 - .long 0x1063E0C0 - .long 0x1084E8C0 - .long 0x13C1FEC2 - .long 0x1084F0C0 - vxor 29,5,6 - vsel 29,6,7,29 - .long 0x100020C0 - .long 0x13C586C2 - .long 0x13DEE8C0 - .long 0x1084F0C0 - lvx 28,29,7 - .long 0x13CE06C2 - .long 0x11ADF0C0 - .long 0x13CB7EC2 - .long 0x11ADF0C0 - .long 0x11ADD0C0 - .long 0x106360C0 - vsel 29,2,1,0 - .long 0x1042E0C0 - .long 0x1063E8C0 - .long 0x13C0FEC2 - .long 0x1063F0C0 - vxor 29,4,5 - vsel 29,5,6,29 - .long 0x10E718C0 - .long 0x13C486C2 - .long 0x13DEE8C0 - .long 0x1063F0C0 - lvx 28,30,7 - .long 0x13CF06C2 - .long 0x11CEF0C0 - .long 0x13CC7EC2 - .long 0x11CEF0C0 - .long 0x11CED8C0 - .long 0x104268C0 - vsel 29,1,0,7 - .long 0x1021E0C0 - .long 0x1042E8C0 - .long 0x13C7FEC2 - .long 0x1042F0C0 - vxor 29,3,4 - vsel 29,4,5,29 - .long 0x10C610C0 - .long 0x13C386C2 - .long 0x13DEE8C0 - .long 0x1042F0C0 - lvx 28,31,7 - addi 7,7,0x80 - .long 0x13D006C2 - .long 0x11EFF0C0 - .long 0x13CD7EC2 - .long 0x11EFF0C0 - .long 0x11EF40C0 - .long 0x102170C0 - vsel 29,0,7,6 - .long 0x1000E0C0 - .long 0x1021E8C0 - .long 0x13C6FEC2 - .long 0x1021F0C0 - vxor 29,2,3 - vsel 29,3,4,29 - .long 0x10A508C0 - .long 0x13C286C2 - .long 0x13DEE8C0 - .long 0x1021F0C0 - lvx 28,0,7 - .long 0x13D106C2 - .long 0x1210F0C0 - .long 0x13CE7EC2 - .long 0x1210F0C0 - .long 0x121048C0 - .long 0x100078C0 - vsel 29,7,6,5 - .long 0x10E7E0C0 - .long 0x1000E8C0 - .long 0x13C5FEC2 - .long 0x1000F0C0 - vxor 29,1,2 - vsel 29,2,3,29 - .long 0x108400C0 - .long 0x13C186C2 - .long 0x13DEE8C0 - .long 0x1000F0C0 - lvx 28,10,7 - .long 0x13D206C2 - .long 0x1231F0C0 - .long 0x13CF7EC2 - .long 0x1231F0C0 - .long 0x123150C0 - .long 0x10E780C0 - vsel 29,6,5,4 - .long 0x10C6E0C0 - .long 0x10E7E8C0 - .long 0x13C4FEC2 - .long 0x10E7F0C0 - vxor 29,0,1 - vsel 29,1,2,29 - .long 0x106338C0 - .long 0x13C086C2 - .long 0x13DEE8C0 - .long 0x10E7F0C0 - lvx 28,26,7 - .long 0x13D306C2 - .long 0x1252F0C0 - .long 0x13D07EC2 - .long 0x1252F0C0 - .long 0x125258C0 - .long 0x10C688C0 - vsel 29,5,4,3 - .long 0x10A5E0C0 - .long 0x10C6E8C0 - .long 0x13C3FEC2 - .long 0x10C6F0C0 - vxor 29,7,0 - vsel 29,0,1,29 - .long 0x104230C0 - .long 0x13C786C2 - .long 0x13DEE8C0 - .long 0x10C6F0C0 - lvx 28,27,7 - .long 0x13D806C2 - .long 0x1273F0C0 - .long 0x13D17EC2 - .long 0x1273F0C0 - .long 0x127360C0 - .long 0x10A590C0 - vsel 29,4,3,2 - .long 0x1084E0C0 - .long 0x10A5E8C0 - .long 0x13C2FEC2 - .long 0x10A5F0C0 - vxor 29,6,7 - vsel 29,7,0,29 - .long 0x102128C0 - .long 0x13C686C2 - .long 0x13DEE8C0 - .long 0x10A5F0C0 - lvx 28,28,7 - .long 0x13D906C2 - .long 0x1318F0C0 - .long 0x13D27EC2 - .long 0x1318F0C0 - .long 0x131868C0 - .long 0x108498C0 - vsel 29,3,2,1 - .long 0x1063E0C0 - .long 0x1084E8C0 - .long 0x13C1FEC2 - .long 0x1084F0C0 - vxor 29,5,6 - vsel 29,6,7,29 - .long 0x100020C0 - .long 0x13C586C2 - .long 0x13DEE8C0 - .long 0x1084F0C0 - lvx 28,29,7 - .long 0x13DA06C2 - .long 0x1339F0C0 - .long 0x13D37EC2 - .long 0x1339F0C0 - .long 0x133970C0 - .long 0x1063C0C0 - vsel 29,2,1,0 - .long 0x1042E0C0 - .long 0x1063E8C0 - .long 0x13C0FEC2 - .long 0x1063F0C0 - vxor 29,4,5 - vsel 29,5,6,29 - .long 0x10E718C0 - .long 0x13C486C2 - .long 0x13DEE8C0 - .long 0x1063F0C0 - lvx 28,30,7 - .long 0x13DB06C2 - .long 0x135AF0C0 - .long 0x13D87EC2 - .long 0x135AF0C0 - .long 0x135A78C0 - .long 0x1042C8C0 - vsel 29,1,0,7 - .long 0x1021E0C0 - .long 0x1042E8C0 - .long 0x13C7FEC2 - .long 0x1042F0C0 - vxor 29,3,4 - vsel 29,4,5,29 - .long 0x10C610C0 - .long 0x13C386C2 - .long 0x13DEE8C0 - .long 0x1042F0C0 - lvx 28,31,7 - addi 7,7,0x80 - .long 0x13C806C2 - .long 0x137BF0C0 - .long 0x13D97EC2 - .long 0x137BF0C0 - .long 0x137B80C0 - .long 0x1021D0C0 - vsel 29,0,7,6 - .long 0x1000E0C0 - .long 0x1021E8C0 - .long 0x13C6FEC2 - .long 0x1021F0C0 - vxor 29,2,3 - vsel 29,3,4,29 - .long 0x10A508C0 - .long 0x13C286C2 - .long 0x13DEE8C0 - .long 0x1021F0C0 - lvx 28,0,7 - .long 0x13C906C2 - .long 0x1108F0C0 - .long 0x13DA7EC2 - .long 0x1108F0C0 - .long 0x110888C0 - .long 0x1000D8C0 - vsel 29,7,6,5 - .long 0x10E7E0C0 - .long 0x1000E8C0 - .long 0x13C5FEC2 - .long 0x1000F0C0 - vxor 29,1,2 - vsel 29,2,3,29 - .long 0x108400C0 - .long 0x13C186C2 - .long 0x13DEE8C0 - .long 0x1000F0C0 - lvx 28,10,7 - bdnz .L16_xx - - lvx 10,0,11 - subic. 5,5,1 - lvx 11,10,11 - .long 0x100050C0 - lvx 12,26,11 - .long 0x102158C0 - lvx 13,27,11 - .long 0x104260C0 - lvx 14,28,11 - .long 0x106368C0 - lvx 15,29,11 - .long 0x108470C0 - lvx 16,30,11 - .long 0x10A578C0 - lvx 17,31,11 - .long 0x10C680C0 - .long 0x10E788C0 - bne .Loop - vperm 0,0,1,28 - vperm 2,2,3,28 - vperm 4,4,5,28 - vperm 6,6,7,28 - .long 0x7C001F99 - .long 0x7C4A1F99 - .long 0x7C9A1F99 - .long 0x7CDB1F99 - addi 11,1,207 - mtlr 8 - or 12,12,12 - lvx 24,0,11 - lvx 25,10,11 - lvx 26,26,11 - lvx 27,27,11 - lvx 28,28,11 - lvx 29,29,11 - lvx 30,30,11 - lvx 31,31,11 - ld 26,336(1) - ld 27,344(1) - ld 28,352(1) - ld 29,360(1) - ld 30,368(1) - ld 31,376(1) - addi 1,1,384 - blr -.long 0 -.byte 0,12,4,1,0x80,6,3,0 -.long 0 -.size sha512_block_p8,.-sha512_block_p8 -.align 6 -.LPICmeup: - mflr 0 - bcl 20,31,$+4 - mflr 6 - addi 6,6,56 - mtlr 0 - blr -.long 0 -.byte 0,12,0x14,0,0,0,0,0 -.space 28 -.long 0xd728ae22,0x428a2f98 -.long 0xd728ae22,0x428a2f98 -.long 0x23ef65cd,0x71374491 -.long 0x23ef65cd,0x71374491 -.long 0xec4d3b2f,0xb5c0fbcf -.long 0xec4d3b2f,0xb5c0fbcf -.long 0x8189dbbc,0xe9b5dba5 -.long 0x8189dbbc,0xe9b5dba5 -.long 0xf348b538,0x3956c25b -.long 0xf348b538,0x3956c25b -.long 0xb605d019,0x59f111f1 -.long 0xb605d019,0x59f111f1 -.long 0xaf194f9b,0x923f82a4 -.long 0xaf194f9b,0x923f82a4 -.long 0xda6d8118,0xab1c5ed5 -.long 0xda6d8118,0xab1c5ed5 -.long 0xa3030242,0xd807aa98 -.long 0xa3030242,0xd807aa98 -.long 0x45706fbe,0x12835b01 -.long 0x45706fbe,0x12835b01 -.long 0x4ee4b28c,0x243185be -.long 0x4ee4b28c,0x243185be -.long 0xd5ffb4e2,0x550c7dc3 -.long 0xd5ffb4e2,0x550c7dc3 -.long 0xf27b896f,0x72be5d74 -.long 0xf27b896f,0x72be5d74 -.long 0x3b1696b1,0x80deb1fe -.long 0x3b1696b1,0x80deb1fe -.long 0x25c71235,0x9bdc06a7 -.long 0x25c71235,0x9bdc06a7 -.long 0xcf692694,0xc19bf174 -.long 0xcf692694,0xc19bf174 -.long 0x9ef14ad2,0xe49b69c1 -.long 0x9ef14ad2,0xe49b69c1 -.long 0x384f25e3,0xefbe4786 -.long 0x384f25e3,0xefbe4786 -.long 0x8b8cd5b5,0x0fc19dc6 -.long 0x8b8cd5b5,0x0fc19dc6 -.long 0x77ac9c65,0x240ca1cc -.long 0x77ac9c65,0x240ca1cc -.long 0x592b0275,0x2de92c6f -.long 0x592b0275,0x2de92c6f -.long 0x6ea6e483,0x4a7484aa -.long 0x6ea6e483,0x4a7484aa -.long 0xbd41fbd4,0x5cb0a9dc -.long 0xbd41fbd4,0x5cb0a9dc -.long 0x831153b5,0x76f988da -.long 0x831153b5,0x76f988da -.long 0xee66dfab,0x983e5152 -.long 0xee66dfab,0x983e5152 -.long 0x2db43210,0xa831c66d -.long 0x2db43210,0xa831c66d -.long 0x98fb213f,0xb00327c8 -.long 0x98fb213f,0xb00327c8 -.long 0xbeef0ee4,0xbf597fc7 -.long 0xbeef0ee4,0xbf597fc7 -.long 0x3da88fc2,0xc6e00bf3 -.long 0x3da88fc2,0xc6e00bf3 -.long 0x930aa725,0xd5a79147 -.long 0x930aa725,0xd5a79147 -.long 0xe003826f,0x06ca6351 -.long 0xe003826f,0x06ca6351 -.long 0x0a0e6e70,0x14292967 -.long 0x0a0e6e70,0x14292967 -.long 0x46d22ffc,0x27b70a85 -.long 0x46d22ffc,0x27b70a85 -.long 0x5c26c926,0x2e1b2138 -.long 0x5c26c926,0x2e1b2138 -.long 0x5ac42aed,0x4d2c6dfc -.long 0x5ac42aed,0x4d2c6dfc -.long 0x9d95b3df,0x53380d13 -.long 0x9d95b3df,0x53380d13 -.long 0x8baf63de,0x650a7354 -.long 0x8baf63de,0x650a7354 -.long 0x3c77b2a8,0x766a0abb -.long 0x3c77b2a8,0x766a0abb -.long 0x47edaee6,0x81c2c92e -.long 0x47edaee6,0x81c2c92e -.long 0x1482353b,0x92722c85 -.long 0x1482353b,0x92722c85 -.long 0x4cf10364,0xa2bfe8a1 -.long 0x4cf10364,0xa2bfe8a1 -.long 0xbc423001,0xa81a664b -.long 0xbc423001,0xa81a664b -.long 0xd0f89791,0xc24b8b70 -.long 0xd0f89791,0xc24b8b70 -.long 0x0654be30,0xc76c51a3 -.long 0x0654be30,0xc76c51a3 -.long 0xd6ef5218,0xd192e819 -.long 0xd6ef5218,0xd192e819 -.long 0x5565a910,0xd6990624 -.long 0x5565a910,0xd6990624 -.long 0x5771202a,0xf40e3585 -.long 0x5771202a,0xf40e3585 -.long 0x32bbd1b8,0x106aa070 -.long 0x32bbd1b8,0x106aa070 -.long 0xb8d2d0c8,0x19a4c116 -.long 0xb8d2d0c8,0x19a4c116 -.long 0x5141ab53,0x1e376c08 -.long 0x5141ab53,0x1e376c08 -.long 0xdf8eeb99,0x2748774c -.long 0xdf8eeb99,0x2748774c -.long 0xe19b48a8,0x34b0bcb5 -.long 0xe19b48a8,0x34b0bcb5 -.long 0xc5c95a63,0x391c0cb3 -.long 0xc5c95a63,0x391c0cb3 -.long 0xe3418acb,0x4ed8aa4a -.long 0xe3418acb,0x4ed8aa4a -.long 0x7763e373,0x5b9cca4f -.long 0x7763e373,0x5b9cca4f -.long 0xd6b2b8a3,0x682e6ff3 -.long 0xd6b2b8a3,0x682e6ff3 -.long 0x5defb2fc,0x748f82ee -.long 0x5defb2fc,0x748f82ee -.long 0x43172f60,0x78a5636f -.long 0x43172f60,0x78a5636f -.long 0xa1f0ab72,0x84c87814 -.long 0xa1f0ab72,0x84c87814 -.long 0x1a6439ec,0x8cc70208 -.long 0x1a6439ec,0x8cc70208 -.long 0x23631e28,0x90befffa -.long 0x23631e28,0x90befffa -.long 0xde82bde9,0xa4506ceb -.long 0xde82bde9,0xa4506ceb -.long 0xb2c67915,0xbef9a3f7 -.long 0xb2c67915,0xbef9a3f7 -.long 0xe372532b,0xc67178f2 -.long 0xe372532b,0xc67178f2 -.long 0xea26619c,0xca273ece -.long 0xea26619c,0xca273ece -.long 0x21c0c207,0xd186b8c7 -.long 0x21c0c207,0xd186b8c7 -.long 0xcde0eb1e,0xeada7dd6 -.long 0xcde0eb1e,0xeada7dd6 -.long 0xee6ed178,0xf57d4f7f -.long 0xee6ed178,0xf57d4f7f -.long 0x72176fba,0x06f067aa -.long 0x72176fba,0x06f067aa -.long 0xa2c898a6,0x0a637dc5 -.long 0xa2c898a6,0x0a637dc5 -.long 0xbef90dae,0x113f9804 -.long 0xbef90dae,0x113f9804 -.long 0x131c471b,0x1b710b35 -.long 0x131c471b,0x1b710b35 -.long 0x23047d84,0x28db77f5 -.long 0x23047d84,0x28db77f5 -.long 0x40c72493,0x32caab7b -.long 0x40c72493,0x32caab7b -.long 0x15c9bebc,0x3c9ebe0a -.long 0x15c9bebc,0x3c9ebe0a -.long 0x9c100d4c,0x431d67c4 -.long 0x9c100d4c,0x431d67c4 -.long 0xcb3e42b6,0x4cc5d4be -.long 0xcb3e42b6,0x4cc5d4be -.long 0xfc657e2a,0x597f299c -.long 0xfc657e2a,0x597f299c -.long 0x3ad6faec,0x5fcb6fab -.long 0x3ad6faec,0x5fcb6fab -.long 0x4a475817,0x6c44198c -.long 0x4a475817,0x6c44198c -.long 0,0 -.long 0,0 -.long 0x14151617,0x10111213 -.long 0x04050607,0x00010203 -.byte 83,72,65,53,49,50,32,102,111,114,32,80,111,119,101,114,73,83,65,32,50,46,48,55,44,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0 -.align 2 -.align 2 diff --git a/lib/freebl/sha512.c b/lib/freebl/sha512.c index f2a1a33ca..c1cfb7376 100644 --- a/lib/freebl/sha512.c +++ b/lib/freebl/sha512.c @@ -18,10 +18,8 @@ #include "prlong.h" #include "secport.h" /* for PORT_XXX */ #include "blapi.h" -#include "blapii.h" #include "sha256.h" /* for struct SHA256ContextStr */ #include "crypto_primitives.h" -#include "ppc-crypto.h" /* for USE_PPC_CRYPTO */ /* ============= Common constants and defines ======================= */ @@ -45,7 +43,7 @@ static const PRUint8 pad[240] = { /* ============= SHA256 implementation ================================== */ /* SHA-256 constants, K256. */ -pre_align static const PRUint32 K256[64] post_align = { +static const PRUint32 K256[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, @@ -179,162 +177,9 @@ SHA256_Begin(SHA256Context *ctx) memcpy(H, H256, sizeof H256); } -#if defined(USE_PPC_CRYPTO) - -#define ROUND(n, a, b, c, d, e, f, g, h) \ - s0 = __builtin_crypto_vshasigmaw(e, 1, 0xf); \ - h += s0 + vec_sel(g, f, e) + w[n / 4]; \ - d += h; \ - s0 = __builtin_crypto_vshasigmaw(a, 1, 0); \ - h += s0 + vec_sel(b, c, vec_xor(a, b)); \ - if (n % 4 != 3) \ - w[n / 4] = vec_sro(w[n / 4], rshift); - -#else - -#define ROUND(n, a, b, c, d, e, f, g, h) \ - h += S1(e) + Ch(e, f, g) + K256[n] + W[n]; \ - d += h; \ - h += S0(a) + Maj(a, b, c); - -#endif - -#define SHA256_UNROLLED_ROUNDS \ - ROUND(0, a, b, c, d, e, f, g, h) \ - ROUND(1, h, a, b, c, d, e, f, g) \ - ROUND(2, g, h, a, b, c, d, e, f) \ - ROUND(3, f, g, h, a, b, c, d, e) \ - ROUND(4, e, f, g, h, a, b, c, d) \ - ROUND(5, d, e, f, g, h, a, b, c) \ - ROUND(6, c, d, e, f, g, h, a, b) \ - ROUND(7, b, c, d, e, f, g, h, a) \ - \ - ROUND(8, a, b, c, d, e, f, g, h) \ - ROUND(9, h, a, b, c, d, e, f, g) \ - ROUND(10, g, h, a, b, c, d, e, f) \ - ROUND(11, f, g, h, a, b, c, d, e) \ - ROUND(12, e, f, g, h, a, b, c, d) \ - ROUND(13, d, e, f, g, h, a, b, c) \ - ROUND(14, c, d, e, f, g, h, a, b) \ - ROUND(15, b, c, d, e, f, g, h, a) \ - \ - ROUND(16, a, b, c, d, e, f, g, h) \ - ROUND(17, h, a, b, c, d, e, f, g) \ - ROUND(18, g, h, a, b, c, d, e, f) \ - ROUND(19, f, g, h, a, b, c, d, e) \ - ROUND(20, e, f, g, h, a, b, c, d) \ - ROUND(21, d, e, f, g, h, a, b, c) \ - ROUND(22, c, d, e, f, g, h, a, b) \ - ROUND(23, b, c, d, e, f, g, h, a) \ - \ - ROUND(24, a, b, c, d, e, f, g, h) \ - ROUND(25, h, a, b, c, d, e, f, g) \ - ROUND(26, g, h, a, b, c, d, e, f) \ - ROUND(27, f, g, h, a, b, c, d, e) \ - ROUND(28, e, f, g, h, a, b, c, d) \ - ROUND(29, d, e, f, g, h, a, b, c) \ - ROUND(30, c, d, e, f, g, h, a, b) \ - ROUND(31, b, c, d, e, f, g, h, a) \ - \ - ROUND(32, a, b, c, d, e, f, g, h) \ - ROUND(33, h, a, b, c, d, e, f, g) \ - ROUND(34, g, h, a, b, c, d, e, f) \ - ROUND(35, f, g, h, a, b, c, d, e) \ - ROUND(36, e, f, g, h, a, b, c, d) \ - ROUND(37, d, e, f, g, h, a, b, c) \ - ROUND(38, c, d, e, f, g, h, a, b) \ - ROUND(39, b, c, d, e, f, g, h, a) \ - \ - ROUND(40, a, b, c, d, e, f, g, h) \ - ROUND(41, h, a, b, c, d, e, f, g) \ - ROUND(42, g, h, a, b, c, d, e, f) \ - ROUND(43, f, g, h, a, b, c, d, e) \ - ROUND(44, e, f, g, h, a, b, c, d) \ - ROUND(45, d, e, f, g, h, a, b, c) \ - ROUND(46, c, d, e, f, g, h, a, b) \ - ROUND(47, b, c, d, e, f, g, h, a) \ - \ - ROUND(48, a, b, c, d, e, f, g, h) \ - ROUND(49, h, a, b, c, d, e, f, g) \ - ROUND(50, g, h, a, b, c, d, e, f) \ - ROUND(51, f, g, h, a, b, c, d, e) \ - ROUND(52, e, f, g, h, a, b, c, d) \ - ROUND(53, d, e, f, g, h, a, b, c) \ - ROUND(54, c, d, e, f, g, h, a, b) \ - ROUND(55, b, c, d, e, f, g, h, a) \ - \ - ROUND(56, a, b, c, d, e, f, g, h) \ - ROUND(57, h, a, b, c, d, e, f, g) \ - ROUND(58, g, h, a, b, c, d, e, f) \ - ROUND(59, f, g, h, a, b, c, d, e) \ - ROUND(60, e, f, g, h, a, b, c, d) \ - ROUND(61, d, e, f, g, h, a, b, c) \ - ROUND(62, c, d, e, f, g, h, a, b) \ - ROUND(63, b, c, d, e, f, g, h, a) - static void SHA256_Compress(SHA256Context *ctx) { -#if defined(USE_PPC_CRYPTO) - vec_u32 w[16], s0, s1; - const vec_u8 rshift = (vec_u8)vec_splats(4 << 3); - const vec_u8 shifthalf = (vec_u8)vec_splats(8 << 3); - const vec_u8 bswap4 = (vec_u8){ - 3, 2, 1, 0, 7, 6, 5, 4, 11, - 10, 9, 8, 15, 14, 13, 12, - }; - unsigned i; - - for (i = 0; i < 4; i++) { - w[i] = vec_vsx_ld(0, &W[i * 4]); - w[i] = vec_perm(w[i], w[i], bswap4); - } - - /* prepare the message schedule */ - for (i = 4; i < 16; i++) { - vec_u32 off1 = vec_sld(w[i - 3], w[i - 4], 12); - vec_u32 off2 = vec_sld(w[i - 1], w[i - 2], 12); - s0 = __builtin_crypto_vshasigmaw(off1, 0, 0); - /* first half, s1 depends on two prior ints */ - s1 = __builtin_crypto_vshasigmaw(w[i - 1], 0, 0xf); - s1 = vec_sro(s1, shifthalf); - w[i] = w[i - 4] + s0 + off2 + s1; - - /* second half s1 */ - s1 = __builtin_crypto_vshasigmaw(w[i], 0, 0xf); - s1 = vec_slo(s1, shifthalf); - w[i] += s1; - } - - for (i = 0; i < 16; i++) { - w[i] += vec_ld(0, &K256[i * 4]); - } - - vec_u32 a, b, c, d, e, f, g, h; - a = vec_splats(H[0]); - b = vec_splats(H[1]); - c = vec_splats(H[2]); - d = vec_splats(H[3]); - e = vec_splats(H[4]); - f = vec_splats(H[5]); - g = vec_splats(H[6]); - h = vec_splats(H[7]); - - SHA256_UNROLLED_ROUNDS; - - H[0] += a[0]; - H[1] += b[0]; - H[2] += c[0]; - H[3] += d[0]; - H[4] += e[0]; - H[5] += f[0]; - H[6] += g[0]; - H[7] += h[0]; - -#undef ROUND - -#else /* USE_PPC_CRYPTO*/ - { #if defined(IS_LITTLE_ENDIAN) BYTESWAP4(W[0]); @@ -435,6 +280,11 @@ SHA256_Compress(SHA256Context *ctx) g = H[6]; h = H[7]; +#define ROUND(n, a, b, c, d, e, f, g, h) \ + h += S1(e) + Ch(e, f, g) + K256[n] + W[n]; \ + d += h; \ + h += S0(a) + Maj(a, b, c); + #ifdef NOUNROLL256 { int t; @@ -450,7 +300,77 @@ SHA256_Compress(SHA256Context *ctx) } } #else - SHA256_UNROLLED_ROUNDS; + ROUND(0, a, b, c, d, e, f, g, h) + ROUND(1, h, a, b, c, d, e, f, g) + ROUND(2, g, h, a, b, c, d, e, f) + ROUND(3, f, g, h, a, b, c, d, e) + ROUND(4, e, f, g, h, a, b, c, d) + ROUND(5, d, e, f, g, h, a, b, c) + ROUND(6, c, d, e, f, g, h, a, b) + ROUND(7, b, c, d, e, f, g, h, a) + + ROUND(8, a, b, c, d, e, f, g, h) + ROUND(9, h, a, b, c, d, e, f, g) + ROUND(10, g, h, a, b, c, d, e, f) + ROUND(11, f, g, h, a, b, c, d, e) + ROUND(12, e, f, g, h, a, b, c, d) + ROUND(13, d, e, f, g, h, a, b, c) + ROUND(14, c, d, e, f, g, h, a, b) + ROUND(15, b, c, d, e, f, g, h, a) + + ROUND(16, a, b, c, d, e, f, g, h) + ROUND(17, h, a, b, c, d, e, f, g) + ROUND(18, g, h, a, b, c, d, e, f) + ROUND(19, f, g, h, a, b, c, d, e) + ROUND(20, e, f, g, h, a, b, c, d) + ROUND(21, d, e, f, g, h, a, b, c) + ROUND(22, c, d, e, f, g, h, a, b) + ROUND(23, b, c, d, e, f, g, h, a) + + ROUND(24, a, b, c, d, e, f, g, h) + ROUND(25, h, a, b, c, d, e, f, g) + ROUND(26, g, h, a, b, c, d, e, f) + ROUND(27, f, g, h, a, b, c, d, e) + ROUND(28, e, f, g, h, a, b, c, d) + ROUND(29, d, e, f, g, h, a, b, c) + ROUND(30, c, d, e, f, g, h, a, b) + ROUND(31, b, c, d, e, f, g, h, a) + + ROUND(32, a, b, c, d, e, f, g, h) + ROUND(33, h, a, b, c, d, e, f, g) + ROUND(34, g, h, a, b, c, d, e, f) + ROUND(35, f, g, h, a, b, c, d, e) + ROUND(36, e, f, g, h, a, b, c, d) + ROUND(37, d, e, f, g, h, a, b, c) + ROUND(38, c, d, e, f, g, h, a, b) + ROUND(39, b, c, d, e, f, g, h, a) + + ROUND(40, a, b, c, d, e, f, g, h) + ROUND(41, h, a, b, c, d, e, f, g) + ROUND(42, g, h, a, b, c, d, e, f) + ROUND(43, f, g, h, a, b, c, d, e) + ROUND(44, e, f, g, h, a, b, c, d) + ROUND(45, d, e, f, g, h, a, b, c) + ROUND(46, c, d, e, f, g, h, a, b) + ROUND(47, b, c, d, e, f, g, h, a) + + ROUND(48, a, b, c, d, e, f, g, h) + ROUND(49, h, a, b, c, d, e, f, g) + ROUND(50, g, h, a, b, c, d, e, f) + ROUND(51, f, g, h, a, b, c, d, e) + ROUND(52, e, f, g, h, a, b, c, d) + ROUND(53, d, e, f, g, h, a, b, c) + ROUND(54, c, d, e, f, g, h, a, b) + ROUND(55, b, c, d, e, f, g, h, a) + + ROUND(56, a, b, c, d, e, f, g, h) + ROUND(57, h, a, b, c, d, e, f, g) + ROUND(58, g, h, a, b, c, d, e, f) + ROUND(59, f, g, h, a, b, c, d, e) + ROUND(60, e, f, g, h, a, b, c, d) + ROUND(61, d, e, f, g, h, a, b, c) + ROUND(62, c, d, e, f, g, h, a, b) + ROUND(63, b, c, d, e, f, g, h, a) #endif H[0] += a; @@ -463,7 +383,6 @@ SHA256_Compress(SHA256Context *ctx) H[7] += h; } #undef ROUND -#endif /* !USE_PPC_CRYPTO */ } #undef s0 @@ -772,11 +691,6 @@ SHA224_Clone(SHA224Context *dest, SHA224Context *src) #endif -#if defined(USE_PPC_CRYPTO) -void sha512_block_p8(void *ctx, const void *inp, size_t len); - -#else /* USE_PPC_CRYPTO */ - /* SHA-384 and SHA-512 constants, K512. */ static const PRUint64 K512[80] = { #if PR_BYTES_PER_LONG == 8 @@ -864,8 +778,6 @@ static const PRUint64 K512[80] = { #endif }; -#endif /* !USE_PPC_CRYPTO */ - struct SHA512ContextStr { union { PRUint64 w[80]; /* message schedule, input buffer, plus 64 words */ @@ -1020,10 +932,6 @@ SHA512_Begin(SHA512Context *ctx) static void SHA512_Compress(SHA512Context *ctx) { -#if defined(USE_PPC_CRYPTO) - sha512_block_p8(&H[0], &W[0], 1); -#else /* USE_PPC_CRYPTO */ - #if defined(IS_LITTLE_ENDIAN) { BYTESWAP8(W[0]); @@ -1266,8 +1174,6 @@ SHA512_Compress(SHA512Context *ctx) ADDTO(g, H[6]); ADDTO(h, H[7]); } - -#endif /* !USE_PPC_CRYPTO */ } void -- 2.26.2