sha256_x8_avx2.S 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594
  1. /*
  2. * Multi-buffer SHA256 algorithm hash compute routine
  3. *
  4. * This file is provided under a dual BSD/GPLv2 license. When using or
  5. * redistributing this file, you may do so under either license.
  6. *
  7. * GPL LICENSE SUMMARY
  8. *
  9. * Copyright(c) 2016 Intel Corporation.
  10. *
  11. * This program is free software; you can redistribute it and/or modify
  12. * it under the terms of version 2 of the GNU General Public License as
  13. * published by the Free Software Foundation.
  14. *
  15. * This program is distributed in the hope that it will be useful, but
  16. * WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  18. * General Public License for more details.
  19. *
  20. * Contact Information:
  21. * Megha Dey <megha.dey@linux.intel.com>
  22. *
  23. * BSD LICENSE
  24. *
  25. * Copyright(c) 2016 Intel Corporation.
  26. *
  27. * Redistribution and use in source and binary forms, with or without
  28. * modification, are permitted provided that the following conditions
  29. * are met:
  30. *
  31. * * Redistributions of source code must retain the above copyright
  32. * notice, this list of conditions and the following disclaimer.
  33. * * Redistributions in binary form must reproduce the above copyright
  34. * notice, this list of conditions and the following disclaimer in
  35. * the documentation and/or other materials provided with the
  36. * distribution.
  37. * * Neither the name of Intel Corporation nor the names of its
  38. * contributors may be used to endorse or promote products derived
  39. * from this software without specific prior written permission.
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  42. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  43. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  44. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  45. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  46. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  47. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  48. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  49. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  50. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  51. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  52. */
  53. #include <linux/linkage.h>
  54. #include "sha256_mb_mgr_datastruct.S"
  55. ## code to compute oct SHA256 using SSE-256
  56. ## outer calling routine takes care of save and restore of XMM registers
  57. ## Logic designed/laid out by JDG
  58. ## Function clobbers: rax, rcx, rdx, rbx, rsi, rdi, r9-r15; %ymm0-15
  59. ## Linux clobbers: rax rbx rcx rdx rsi r9 r10 r11 r12 r13 r14 r15
  60. ## Linux preserves: rdi rbp r8
  61. ##
  62. ## clobbers %ymm0-15
  63. arg1 = %rdi
  64. arg2 = %rsi
  65. reg3 = %rcx
  66. reg4 = %rdx
  67. # Common definitions
  68. STATE = arg1
  69. INP_SIZE = arg2
  70. IDX = %rax
  71. ROUND = %rbx
  72. TBL = reg3
  73. inp0 = %r9
  74. inp1 = %r10
  75. inp2 = %r11
  76. inp3 = %r12
  77. inp4 = %r13
  78. inp5 = %r14
  79. inp6 = %r15
  80. inp7 = reg4
  81. a = %ymm0
  82. b = %ymm1
  83. c = %ymm2
  84. d = %ymm3
  85. e = %ymm4
  86. f = %ymm5
  87. g = %ymm6
  88. h = %ymm7
  89. T1 = %ymm8
  90. a0 = %ymm12
  91. a1 = %ymm13
  92. a2 = %ymm14
  93. TMP = %ymm15
  94. TMP0 = %ymm6
  95. TMP1 = %ymm7
  96. TT0 = %ymm8
  97. TT1 = %ymm9
  98. TT2 = %ymm10
  99. TT3 = %ymm11
  100. TT4 = %ymm12
  101. TT5 = %ymm13
  102. TT6 = %ymm14
  103. TT7 = %ymm15
  104. # Define stack usage
  105. # Assume stack aligned to 32 bytes before call
  106. # Therefore FRAMESZ mod 32 must be 32-8 = 24
  107. #define FRAMESZ 0x388
  108. #define VMOVPS vmovups
  109. # TRANSPOSE8 r0, r1, r2, r3, r4, r5, r6, r7, t0, t1
  110. # "transpose" data in {r0...r7} using temps {t0...t1}
  111. # Input looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
  112. # r0 = {a7 a6 a5 a4 a3 a2 a1 a0}
  113. # r1 = {b7 b6 b5 b4 b3 b2 b1 b0}
  114. # r2 = {c7 c6 c5 c4 c3 c2 c1 c0}
  115. # r3 = {d7 d6 d5 d4 d3 d2 d1 d0}
  116. # r4 = {e7 e6 e5 e4 e3 e2 e1 e0}
  117. # r5 = {f7 f6 f5 f4 f3 f2 f1 f0}
  118. # r6 = {g7 g6 g5 g4 g3 g2 g1 g0}
  119. # r7 = {h7 h6 h5 h4 h3 h2 h1 h0}
  120. #
  121. # Output looks like: {r0 r1 r2 r3 r4 r5 r6 r7}
  122. # r0 = {h0 g0 f0 e0 d0 c0 b0 a0}
  123. # r1 = {h1 g1 f1 e1 d1 c1 b1 a1}
  124. # r2 = {h2 g2 f2 e2 d2 c2 b2 a2}
  125. # r3 = {h3 g3 f3 e3 d3 c3 b3 a3}
  126. # r4 = {h4 g4 f4 e4 d4 c4 b4 a4}
  127. # r5 = {h5 g5 f5 e5 d5 c5 b5 a5}
  128. # r6 = {h6 g6 f6 e6 d6 c6 b6 a6}
  129. # r7 = {h7 g7 f7 e7 d7 c7 b7 a7}
  130. #
  131. .macro TRANSPOSE8 r0 r1 r2 r3 r4 r5 r6 r7 t0 t1
  132. # process top half (r0..r3) {a...d}
  133. vshufps $0x44, \r1, \r0, \t0 # t0 = {b5 b4 a5 a4 b1 b0 a1 a0}
  134. vshufps $0xEE, \r1, \r0, \r0 # r0 = {b7 b6 a7 a6 b3 b2 a3 a2}
  135. vshufps $0x44, \r3, \r2, \t1 # t1 = {d5 d4 c5 c4 d1 d0 c1 c0}
  136. vshufps $0xEE, \r3, \r2, \r2 # r2 = {d7 d6 c7 c6 d3 d2 c3 c2}
  137. vshufps $0xDD, \t1, \t0, \r3 # r3 = {d5 c5 b5 a5 d1 c1 b1 a1}
  138. vshufps $0x88, \r2, \r0, \r1 # r1 = {d6 c6 b6 a6 d2 c2 b2 a2}
  139. vshufps $0xDD, \r2, \r0, \r0 # r0 = {d7 c7 b7 a7 d3 c3 b3 a3}
  140. vshufps $0x88, \t1, \t0, \t0 # t0 = {d4 c4 b4 a4 d0 c0 b0 a0}
  141. # use r2 in place of t0
  142. # process bottom half (r4..r7) {e...h}
  143. vshufps $0x44, \r5, \r4, \r2 # r2 = {f5 f4 e5 e4 f1 f0 e1 e0}
  144. vshufps $0xEE, \r5, \r4, \r4 # r4 = {f7 f6 e7 e6 f3 f2 e3 e2}
  145. vshufps $0x44, \r7, \r6, \t1 # t1 = {h5 h4 g5 g4 h1 h0 g1 g0}
  146. vshufps $0xEE, \r7, \r6, \r6 # r6 = {h7 h6 g7 g6 h3 h2 g3 g2}
  147. vshufps $0xDD, \t1, \r2, \r7 # r7 = {h5 g5 f5 e5 h1 g1 f1 e1}
  148. vshufps $0x88, \r6, \r4, \r5 # r5 = {h6 g6 f6 e6 h2 g2 f2 e2}
  149. vshufps $0xDD, \r6, \r4, \r4 # r4 = {h7 g7 f7 e7 h3 g3 f3 e3}
  150. vshufps $0x88, \t1, \r2, \t1 # t1 = {h4 g4 f4 e4 h0 g0 f0 e0}
  151. vperm2f128 $0x13, \r1, \r5, \r6 # h6...a6
  152. vperm2f128 $0x02, \r1, \r5, \r2 # h2...a2
  153. vperm2f128 $0x13, \r3, \r7, \r5 # h5...a5
  154. vperm2f128 $0x02, \r3, \r7, \r1 # h1...a1
  155. vperm2f128 $0x13, \r0, \r4, \r7 # h7...a7
  156. vperm2f128 $0x02, \r0, \r4, \r3 # h3...a3
  157. vperm2f128 $0x13, \t0, \t1, \r4 # h4...a4
  158. vperm2f128 $0x02, \t0, \t1, \r0 # h0...a0
  159. .endm
  160. .macro ROTATE_ARGS
  161. TMP_ = h
  162. h = g
  163. g = f
  164. f = e
  165. e = d
  166. d = c
  167. c = b
  168. b = a
  169. a = TMP_
  170. .endm
  171. .macro _PRORD reg imm tmp
  172. vpslld $(32-\imm),\reg,\tmp
  173. vpsrld $\imm,\reg, \reg
  174. vpor \tmp,\reg, \reg
  175. .endm
  176. # PRORD_nd reg, imm, tmp, src
  177. .macro _PRORD_nd reg imm tmp src
  178. vpslld $(32-\imm), \src, \tmp
  179. vpsrld $\imm, \src, \reg
  180. vpor \tmp, \reg, \reg
  181. .endm
  182. # PRORD dst/src, amt
  183. .macro PRORD reg imm
  184. _PRORD \reg,\imm,TMP
  185. .endm
  186. # PRORD_nd dst, src, amt
  187. .macro PRORD_nd reg tmp imm
  188. _PRORD_nd \reg, \imm, TMP, \tmp
  189. .endm
  190. # arguments passed implicitly in preprocessor symbols i, a...h
  191. .macro ROUND_00_15 _T1 i
  192. PRORD_nd a0,e,5 # sig1: a0 = (e >> 5)
  193. vpxor g, f, a2 # ch: a2 = f^g
  194. vpand e,a2, a2 # ch: a2 = (f^g)&e
  195. vpxor g, a2, a2 # a2 = ch
  196. PRORD_nd a1,e,25 # sig1: a1 = (e >> 25)
  197. vmovdqu \_T1,(SZ8*(\i & 0xf))(%rsp)
  198. vpaddd (TBL,ROUND,1), \_T1, \_T1 # T1 = W + K
  199. vpxor e,a0, a0 # sig1: a0 = e ^ (e >> 5)
  200. PRORD a0, 6 # sig1: a0 = (e >> 6) ^ (e >> 11)
  201. vpaddd a2, h, h # h = h + ch
  202. PRORD_nd a2,a,11 # sig0: a2 = (a >> 11)
  203. vpaddd \_T1,h, h # h = h + ch + W + K
  204. vpxor a1, a0, a0 # a0 = sigma1
  205. PRORD_nd a1,a,22 # sig0: a1 = (a >> 22)
  206. vpxor c, a, \_T1 # maj: T1 = a^c
  207. add $SZ8, ROUND # ROUND++
  208. vpand b, \_T1, \_T1 # maj: T1 = (a^c)&b
  209. vpaddd a0, h, h
  210. vpaddd h, d, d
  211. vpxor a, a2, a2 # sig0: a2 = a ^ (a >> 11)
  212. PRORD a2,2 # sig0: a2 = (a >> 2) ^ (a >> 13)
  213. vpxor a1, a2, a2 # a2 = sig0
  214. vpand c, a, a1 # maj: a1 = a&c
  215. vpor \_T1, a1, a1 # a1 = maj
  216. vpaddd a1, h, h # h = h + ch + W + K + maj
  217. vpaddd a2, h, h # h = h + ch + W + K + maj + sigma0
  218. ROTATE_ARGS
  219. .endm
  220. # arguments passed implicitly in preprocessor symbols i, a...h
  221. .macro ROUND_16_XX _T1 i
  222. vmovdqu (SZ8*((\i-15)&0xf))(%rsp), \_T1
  223. vmovdqu (SZ8*((\i-2)&0xf))(%rsp), a1
  224. vmovdqu \_T1, a0
  225. PRORD \_T1,11
  226. vmovdqu a1, a2
  227. PRORD a1,2
  228. vpxor a0, \_T1, \_T1
  229. PRORD \_T1, 7
  230. vpxor a2, a1, a1
  231. PRORD a1, 17
  232. vpsrld $3, a0, a0
  233. vpxor a0, \_T1, \_T1
  234. vpsrld $10, a2, a2
  235. vpxor a2, a1, a1
  236. vpaddd (SZ8*((\i-16)&0xf))(%rsp), \_T1, \_T1
  237. vpaddd (SZ8*((\i-7)&0xf))(%rsp), a1, a1
  238. vpaddd a1, \_T1, \_T1
  239. ROUND_00_15 \_T1,\i
  240. .endm
  241. # SHA256_ARGS:
  242. # UINT128 digest[8]; // transposed digests
  243. # UINT8 *data_ptr[4];
  244. # void sha256_x8_avx2(SHA256_ARGS *args, UINT64 bytes);
  245. # arg 1 : STATE : pointer to array of pointers to input data
  246. # arg 2 : INP_SIZE : size of input in blocks
  247. # general registers preserved in outer calling routine
  248. # outer calling routine saves all the XMM registers
  249. # save rsp, allocate 32-byte aligned for local variables
  250. ENTRY(sha256_x8_avx2)
  251. # save callee-saved clobbered registers to comply with C function ABI
  252. push %r12
  253. push %r13
  254. push %r14
  255. push %r15
  256. mov %rsp, IDX
  257. sub $FRAMESZ, %rsp
  258. and $~0x1F, %rsp
  259. mov IDX, _rsp(%rsp)
  260. # Load the pre-transposed incoming digest.
  261. vmovdqu 0*SHA256_DIGEST_ROW_SIZE(STATE),a
  262. vmovdqu 1*SHA256_DIGEST_ROW_SIZE(STATE),b
  263. vmovdqu 2*SHA256_DIGEST_ROW_SIZE(STATE),c
  264. vmovdqu 3*SHA256_DIGEST_ROW_SIZE(STATE),d
  265. vmovdqu 4*SHA256_DIGEST_ROW_SIZE(STATE),e
  266. vmovdqu 5*SHA256_DIGEST_ROW_SIZE(STATE),f
  267. vmovdqu 6*SHA256_DIGEST_ROW_SIZE(STATE),g
  268. vmovdqu 7*SHA256_DIGEST_ROW_SIZE(STATE),h
  269. lea K256_8(%rip),TBL
  270. # load the address of each of the 4 message lanes
  271. # getting ready to transpose input onto stack
  272. mov _args_data_ptr+0*PTR_SZ(STATE),inp0
  273. mov _args_data_ptr+1*PTR_SZ(STATE),inp1
  274. mov _args_data_ptr+2*PTR_SZ(STATE),inp2
  275. mov _args_data_ptr+3*PTR_SZ(STATE),inp3
  276. mov _args_data_ptr+4*PTR_SZ(STATE),inp4
  277. mov _args_data_ptr+5*PTR_SZ(STATE),inp5
  278. mov _args_data_ptr+6*PTR_SZ(STATE),inp6
  279. mov _args_data_ptr+7*PTR_SZ(STATE),inp7
  280. xor IDX, IDX
  281. lloop:
  282. xor ROUND, ROUND
  283. # save old digest
  284. vmovdqu a, _digest(%rsp)
  285. vmovdqu b, _digest+1*SZ8(%rsp)
  286. vmovdqu c, _digest+2*SZ8(%rsp)
  287. vmovdqu d, _digest+3*SZ8(%rsp)
  288. vmovdqu e, _digest+4*SZ8(%rsp)
  289. vmovdqu f, _digest+5*SZ8(%rsp)
  290. vmovdqu g, _digest+6*SZ8(%rsp)
  291. vmovdqu h, _digest+7*SZ8(%rsp)
  292. i = 0
  293. .rep 2
  294. VMOVPS i*32(inp0, IDX), TT0
  295. VMOVPS i*32(inp1, IDX), TT1
  296. VMOVPS i*32(inp2, IDX), TT2
  297. VMOVPS i*32(inp3, IDX), TT3
  298. VMOVPS i*32(inp4, IDX), TT4
  299. VMOVPS i*32(inp5, IDX), TT5
  300. VMOVPS i*32(inp6, IDX), TT6
  301. VMOVPS i*32(inp7, IDX), TT7
  302. vmovdqu g, _ytmp(%rsp)
  303. vmovdqu h, _ytmp+1*SZ8(%rsp)
  304. TRANSPOSE8 TT0, TT1, TT2, TT3, TT4, TT5, TT6, TT7, TMP0, TMP1
  305. vmovdqu PSHUFFLE_BYTE_FLIP_MASK(%rip), TMP1
  306. vmovdqu _ytmp(%rsp), g
  307. vpshufb TMP1, TT0, TT0
  308. vpshufb TMP1, TT1, TT1
  309. vpshufb TMP1, TT2, TT2
  310. vpshufb TMP1, TT3, TT3
  311. vpshufb TMP1, TT4, TT4
  312. vpshufb TMP1, TT5, TT5
  313. vpshufb TMP1, TT6, TT6
  314. vpshufb TMP1, TT7, TT7
  315. vmovdqu _ytmp+1*SZ8(%rsp), h
  316. vmovdqu TT4, _ytmp(%rsp)
  317. vmovdqu TT5, _ytmp+1*SZ8(%rsp)
  318. vmovdqu TT6, _ytmp+2*SZ8(%rsp)
  319. vmovdqu TT7, _ytmp+3*SZ8(%rsp)
  320. ROUND_00_15 TT0,(i*8+0)
  321. vmovdqu _ytmp(%rsp), TT0
  322. ROUND_00_15 TT1,(i*8+1)
  323. vmovdqu _ytmp+1*SZ8(%rsp), TT1
  324. ROUND_00_15 TT2,(i*8+2)
  325. vmovdqu _ytmp+2*SZ8(%rsp), TT2
  326. ROUND_00_15 TT3,(i*8+3)
  327. vmovdqu _ytmp+3*SZ8(%rsp), TT3
  328. ROUND_00_15 TT0,(i*8+4)
  329. ROUND_00_15 TT1,(i*8+5)
  330. ROUND_00_15 TT2,(i*8+6)
  331. ROUND_00_15 TT3,(i*8+7)
  332. i = (i+1)
  333. .endr
  334. add $64, IDX
  335. i = (i*8)
  336. jmp Lrounds_16_xx
  337. .align 16
  338. Lrounds_16_xx:
  339. .rep 16
  340. ROUND_16_XX T1, i
  341. i = (i+1)
  342. .endr
  343. cmp $ROUNDS,ROUND
  344. jb Lrounds_16_xx
  345. # add old digest
  346. vpaddd _digest+0*SZ8(%rsp), a, a
  347. vpaddd _digest+1*SZ8(%rsp), b, b
  348. vpaddd _digest+2*SZ8(%rsp), c, c
  349. vpaddd _digest+3*SZ8(%rsp), d, d
  350. vpaddd _digest+4*SZ8(%rsp), e, e
  351. vpaddd _digest+5*SZ8(%rsp), f, f
  352. vpaddd _digest+6*SZ8(%rsp), g, g
  353. vpaddd _digest+7*SZ8(%rsp), h, h
  354. sub $1, INP_SIZE # unit is blocks
  355. jne lloop
  356. # write back to memory (state object) the transposed digest
  357. vmovdqu a, 0*SHA256_DIGEST_ROW_SIZE(STATE)
  358. vmovdqu b, 1*SHA256_DIGEST_ROW_SIZE(STATE)
  359. vmovdqu c, 2*SHA256_DIGEST_ROW_SIZE(STATE)
  360. vmovdqu d, 3*SHA256_DIGEST_ROW_SIZE(STATE)
  361. vmovdqu e, 4*SHA256_DIGEST_ROW_SIZE(STATE)
  362. vmovdqu f, 5*SHA256_DIGEST_ROW_SIZE(STATE)
  363. vmovdqu g, 6*SHA256_DIGEST_ROW_SIZE(STATE)
  364. vmovdqu h, 7*SHA256_DIGEST_ROW_SIZE(STATE)
  365. # update input pointers
  366. add IDX, inp0
  367. mov inp0, _args_data_ptr+0*8(STATE)
  368. add IDX, inp1
  369. mov inp1, _args_data_ptr+1*8(STATE)
  370. add IDX, inp2
  371. mov inp2, _args_data_ptr+2*8(STATE)
  372. add IDX, inp3
  373. mov inp3, _args_data_ptr+3*8(STATE)
  374. add IDX, inp4
  375. mov inp4, _args_data_ptr+4*8(STATE)
  376. add IDX, inp5
  377. mov inp5, _args_data_ptr+5*8(STATE)
  378. add IDX, inp6
  379. mov inp6, _args_data_ptr+6*8(STATE)
  380. add IDX, inp7
  381. mov inp7, _args_data_ptr+7*8(STATE)
  382. # Postamble
  383. mov _rsp(%rsp), %rsp
  384. # restore callee-saved clobbered registers
  385. pop %r15
  386. pop %r14
  387. pop %r13
  388. pop %r12
  389. ret
  390. ENDPROC(sha256_x8_avx2)
  391. .data
  392. .align 64
  393. K256_8:
  394. .octa 0x428a2f98428a2f98428a2f98428a2f98
  395. .octa 0x428a2f98428a2f98428a2f98428a2f98
  396. .octa 0x71374491713744917137449171374491
  397. .octa 0x71374491713744917137449171374491
  398. .octa 0xb5c0fbcfb5c0fbcfb5c0fbcfb5c0fbcf
  399. .octa 0xb5c0fbcfb5c0fbcfb5c0fbcfb5c0fbcf
  400. .octa 0xe9b5dba5e9b5dba5e9b5dba5e9b5dba5
  401. .octa 0xe9b5dba5e9b5dba5e9b5dba5e9b5dba5
  402. .octa 0x3956c25b3956c25b3956c25b3956c25b
  403. .octa 0x3956c25b3956c25b3956c25b3956c25b
  404. .octa 0x59f111f159f111f159f111f159f111f1
  405. .octa 0x59f111f159f111f159f111f159f111f1
  406. .octa 0x923f82a4923f82a4923f82a4923f82a4
  407. .octa 0x923f82a4923f82a4923f82a4923f82a4
  408. .octa 0xab1c5ed5ab1c5ed5ab1c5ed5ab1c5ed5
  409. .octa 0xab1c5ed5ab1c5ed5ab1c5ed5ab1c5ed5
  410. .octa 0xd807aa98d807aa98d807aa98d807aa98
  411. .octa 0xd807aa98d807aa98d807aa98d807aa98
  412. .octa 0x12835b0112835b0112835b0112835b01
  413. .octa 0x12835b0112835b0112835b0112835b01
  414. .octa 0x243185be243185be243185be243185be
  415. .octa 0x243185be243185be243185be243185be
  416. .octa 0x550c7dc3550c7dc3550c7dc3550c7dc3
  417. .octa 0x550c7dc3550c7dc3550c7dc3550c7dc3
  418. .octa 0x72be5d7472be5d7472be5d7472be5d74
  419. .octa 0x72be5d7472be5d7472be5d7472be5d74
  420. .octa 0x80deb1fe80deb1fe80deb1fe80deb1fe
  421. .octa 0x80deb1fe80deb1fe80deb1fe80deb1fe
  422. .octa 0x9bdc06a79bdc06a79bdc06a79bdc06a7
  423. .octa 0x9bdc06a79bdc06a79bdc06a79bdc06a7
  424. .octa 0xc19bf174c19bf174c19bf174c19bf174
  425. .octa 0xc19bf174c19bf174c19bf174c19bf174
  426. .octa 0xe49b69c1e49b69c1e49b69c1e49b69c1
  427. .octa 0xe49b69c1e49b69c1e49b69c1e49b69c1
  428. .octa 0xefbe4786efbe4786efbe4786efbe4786
  429. .octa 0xefbe4786efbe4786efbe4786efbe4786
  430. .octa 0x0fc19dc60fc19dc60fc19dc60fc19dc6
  431. .octa 0x0fc19dc60fc19dc60fc19dc60fc19dc6
  432. .octa 0x240ca1cc240ca1cc240ca1cc240ca1cc
  433. .octa 0x240ca1cc240ca1cc240ca1cc240ca1cc
  434. .octa 0x2de92c6f2de92c6f2de92c6f2de92c6f
  435. .octa 0x2de92c6f2de92c6f2de92c6f2de92c6f
  436. .octa 0x4a7484aa4a7484aa4a7484aa4a7484aa
  437. .octa 0x4a7484aa4a7484aa4a7484aa4a7484aa
  438. .octa 0x5cb0a9dc5cb0a9dc5cb0a9dc5cb0a9dc
  439. .octa 0x5cb0a9dc5cb0a9dc5cb0a9dc5cb0a9dc
  440. .octa 0x76f988da76f988da76f988da76f988da
  441. .octa 0x76f988da76f988da76f988da76f988da
  442. .octa 0x983e5152983e5152983e5152983e5152
  443. .octa 0x983e5152983e5152983e5152983e5152
  444. .octa 0xa831c66da831c66da831c66da831c66d
  445. .octa 0xa831c66da831c66da831c66da831c66d
  446. .octa 0xb00327c8b00327c8b00327c8b00327c8
  447. .octa 0xb00327c8b00327c8b00327c8b00327c8
  448. .octa 0xbf597fc7bf597fc7bf597fc7bf597fc7
  449. .octa 0xbf597fc7bf597fc7bf597fc7bf597fc7
  450. .octa 0xc6e00bf3c6e00bf3c6e00bf3c6e00bf3
  451. .octa 0xc6e00bf3c6e00bf3c6e00bf3c6e00bf3
  452. .octa 0xd5a79147d5a79147d5a79147d5a79147
  453. .octa 0xd5a79147d5a79147d5a79147d5a79147
  454. .octa 0x06ca635106ca635106ca635106ca6351
  455. .octa 0x06ca635106ca635106ca635106ca6351
  456. .octa 0x14292967142929671429296714292967
  457. .octa 0x14292967142929671429296714292967
  458. .octa 0x27b70a8527b70a8527b70a8527b70a85
  459. .octa 0x27b70a8527b70a8527b70a8527b70a85
  460. .octa 0x2e1b21382e1b21382e1b21382e1b2138
  461. .octa 0x2e1b21382e1b21382e1b21382e1b2138
  462. .octa 0x4d2c6dfc4d2c6dfc4d2c6dfc4d2c6dfc
  463. .octa 0x4d2c6dfc4d2c6dfc4d2c6dfc4d2c6dfc
  464. .octa 0x53380d1353380d1353380d1353380d13
  465. .octa 0x53380d1353380d1353380d1353380d13
  466. .octa 0x650a7354650a7354650a7354650a7354
  467. .octa 0x650a7354650a7354650a7354650a7354
  468. .octa 0x766a0abb766a0abb766a0abb766a0abb
  469. .octa 0x766a0abb766a0abb766a0abb766a0abb
  470. .octa 0x81c2c92e81c2c92e81c2c92e81c2c92e
  471. .octa 0x81c2c92e81c2c92e81c2c92e81c2c92e
  472. .octa 0x92722c8592722c8592722c8592722c85
  473. .octa 0x92722c8592722c8592722c8592722c85
  474. .octa 0xa2bfe8a1a2bfe8a1a2bfe8a1a2bfe8a1
  475. .octa 0xa2bfe8a1a2bfe8a1a2bfe8a1a2bfe8a1
  476. .octa 0xa81a664ba81a664ba81a664ba81a664b
  477. .octa 0xa81a664ba81a664ba81a664ba81a664b
  478. .octa 0xc24b8b70c24b8b70c24b8b70c24b8b70
  479. .octa 0xc24b8b70c24b8b70c24b8b70c24b8b70
  480. .octa 0xc76c51a3c76c51a3c76c51a3c76c51a3
  481. .octa 0xc76c51a3c76c51a3c76c51a3c76c51a3
  482. .octa 0xd192e819d192e819d192e819d192e819
  483. .octa 0xd192e819d192e819d192e819d192e819
  484. .octa 0xd6990624d6990624d6990624d6990624
  485. .octa 0xd6990624d6990624d6990624d6990624
  486. .octa 0xf40e3585f40e3585f40e3585f40e3585
  487. .octa 0xf40e3585f40e3585f40e3585f40e3585
  488. .octa 0x106aa070106aa070106aa070106aa070
  489. .octa 0x106aa070106aa070106aa070106aa070
  490. .octa 0x19a4c11619a4c11619a4c11619a4c116
  491. .octa 0x19a4c11619a4c11619a4c11619a4c116
  492. .octa 0x1e376c081e376c081e376c081e376c08
  493. .octa 0x1e376c081e376c081e376c081e376c08
  494. .octa 0x2748774c2748774c2748774c2748774c
  495. .octa 0x2748774c2748774c2748774c2748774c
  496. .octa 0x34b0bcb534b0bcb534b0bcb534b0bcb5
  497. .octa 0x34b0bcb534b0bcb534b0bcb534b0bcb5
  498. .octa 0x391c0cb3391c0cb3391c0cb3391c0cb3
  499. .octa 0x391c0cb3391c0cb3391c0cb3391c0cb3
  500. .octa 0x4ed8aa4a4ed8aa4a4ed8aa4a4ed8aa4a
  501. .octa 0x4ed8aa4a4ed8aa4a4ed8aa4a4ed8aa4a
  502. .octa 0x5b9cca4f5b9cca4f5b9cca4f5b9cca4f
  503. .octa 0x5b9cca4f5b9cca4f5b9cca4f5b9cca4f
  504. .octa 0x682e6ff3682e6ff3682e6ff3682e6ff3
  505. .octa 0x682e6ff3682e6ff3682e6ff3682e6ff3
  506. .octa 0x748f82ee748f82ee748f82ee748f82ee
  507. .octa 0x748f82ee748f82ee748f82ee748f82ee
  508. .octa 0x78a5636f78a5636f78a5636f78a5636f
  509. .octa 0x78a5636f78a5636f78a5636f78a5636f
  510. .octa 0x84c8781484c8781484c8781484c87814
  511. .octa 0x84c8781484c8781484c8781484c87814
  512. .octa 0x8cc702088cc702088cc702088cc70208
  513. .octa 0x8cc702088cc702088cc702088cc70208
  514. .octa 0x90befffa90befffa90befffa90befffa
  515. .octa 0x90befffa90befffa90befffa90befffa
  516. .octa 0xa4506ceba4506ceba4506ceba4506ceb
  517. .octa 0xa4506ceba4506ceba4506ceba4506ceb
  518. .octa 0xbef9a3f7bef9a3f7bef9a3f7bef9a3f7
  519. .octa 0xbef9a3f7bef9a3f7bef9a3f7bef9a3f7
  520. .octa 0xc67178f2c67178f2c67178f2c67178f2
  521. .octa 0xc67178f2c67178f2c67178f2c67178f2
  522. PSHUFFLE_BYTE_FLIP_MASK:
  523. .octa 0x0c0d0e0f08090a0b0405060700010203
  524. .octa 0x0c0d0e0f08090a0b0405060700010203
  525. .align 64
  526. .global K256
  527. K256:
  528. .int 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
  529. .int 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
  530. .int 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
  531. .int 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
  532. .int 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
  533. .int 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
  534. .int 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
  535. .int 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
  536. .int 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
  537. .int 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
  538. .int 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
  539. .int 0xd192e819,0xd6990624,0xf40e3585,0x106aa070
  540. .int 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
  541. .int 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
  542. .int 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
  543. .int 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2