crypto/sha/asm/sha1-c64x-large.pl - third_party/openssl - Git at Google

 #!/usr/bin/env perl
 #
 # ====================================================================
 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
 # project. The module is, however, dual licensed under OpenSSL and
 # CRYPTOGAMS licenses depending on where you obtain it. For further
 # details see http://www.openssl.org/~appro/cryptogams/.
 # ====================================================================
 #
 # SHA1 for C64x.
 #
 # November 2016
 #
 # This is fully-unrolled SHA1 implementation. It's 25% faster than
 # one with compact loops, doesn't use in-memory ring buffer, as
 # everything is accomodated in registers, and has "perfect" interrupt
 # agility. Drawback is obviously the code size...

 while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
 open STDOUT,">$output";

 ($CTX,$INP,$NUM) = ("A4","B4","A6");		# arguments

 ($A,$B,$C,$D,$E, $Arot,$F,$F0,$K) = map("A$_",(16..20, 21..24));
 @V = ($A,$B,$C,$D,$E);
 @X = map("B$_",(16..31));
 ($Actx,$Bctx,$Cctx,$Dctx,$Ectx) = map("A$_",(3,6..9));	# zaps $NUM

 sub BODY_00_19 {
 my ($i,$a,$b,$c,$d,$e) = @_;
 my $j = ($i+1)&15;

 $code.=<<___				if ($i<14);
 	ROTL	$a,5,$Arot		;; $i
 ||	AND	$c,$b,$F
 ||	ANDN	$d,$b,$F0
 ||	ADD	$K,$e,$e		; E+=K
 ||	 LDNW	*${INP}++,@X[$i+2]
 	OR	$F0,$F,$F		; F_00_19(B,C,D)
 ||	ROTL	$b,30,$b
 ||	 SWAP2	@X[$i+1],@X[$i+1]
 ||	ADD	@X[$i],$e,$e		; E+=X[i]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 SWAP4	@X[$i+1],@X[$i+1]
 	ADD	$F,$e,$e		; E+=F_00_19(B,C,D)
 ___
 $code.=<<___				if ($i==14);
 	ROTL	$a,5,$Arot		;; $i
 ||	AND	$c,$b,$F
 ||	ANDN	$d,$b,$F0
 ||	ADD	$K,$e,$e		; E+=K
 	OR	$F0,$F,$F		; F_00_19(B,C,D)
 ||	ROTL	$b,30,$b
 ||	ADD	@X[$i],$e,$e		; E+=X[i]
 ||	 SWAP2	@X[$i+1],@X[$i+1]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 SWAP4	@X[$i+1],@X[$i+1]
 	ADD	$F,$e,$e		; E+=F_00_19(B,C,D)
 ___
 $code.=<<___				if ($i==15);
 ||	 XOR	@X[($j+2)&15],@X[$j],@X[$j]
 	ROTL	$a,5,$Arot		;; $i
 ||	AND	$c,$b,$F
 ||	ANDN	$d,$b,$F0
 ||	ADD	$K,$e,$e		; E+=K
 ||	 XOR	@X[($j+8)&15],@X[$j],@X[$j]
 	OR	$F0,$F,$F		; F_00_19(B,C,D)
 ||	ROTL	$b,30,$b
 ||	ADD	@X[$i],$e,$e		; E+=X[i]
 ||	 XOR	@X[($j+13)&15],@X[$j],@X[$j]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 ROTL	@X[$j],1,@X[$j]
 	ADD	$F,$e,$e		; E+=F_00_19(B,C,D)
 ___
 $code.=<<___				if ($i>15);
 ||	 XOR	@X[($j+2)&15],@X[$j],@X[$j]
 	ROTL	$a,5,$Arot		;; $i
 ||	AND	$c,$b,$F
 ||	ANDN	$d,$b,$F0
 ||	ADD	$K,$e,$e		; E+=K
 ||	 XOR	@X[($j+8)&15],@X[$j],@X[$j]
 	OR	$F0,$F,$F		; F_00_19(B,C,D)
 ||	ROTL	$b,30,$b
 ||	ADD	@X[$i&15],$e,$e		; E+=X[i]
 ||	 XOR	@X[($j+13)&15],@X[$j],@X[$j]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 ROTL	@X[$j],1,@X[$j]
 	ADD	$F,$e,$e		; E+=F_00_19(B,C,D)
 ___
 }

 sub BODY_20_39 {
 my ($i,$a,$b,$c,$d,$e) = @_;
 my $j = ($i+1)&15;

 $code.=<<___				if ($i<79);
 ||	 XOR	@X[($j+2)&15],@X[$j],@X[$j]
 	ROTL	$a,5,$Arot		;; $i
 ||	XOR	$c,$b,$F
 ||	ADD	$K,$e,$e		; E+=K
 ||	 XOR	@X[($j+8)&15],@X[$j],@X[$j]
 	XOR	$d,$F,$F		; F_20_39(B,C,D)
 ||	ROTL	$b,30,$b
 ||	ADD	@X[$i&15],$e,$e		; E+=X[i]
 ||	 XOR	@X[($j+13)&15],@X[$j],@X[$j]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 ROTL	@X[$j],1,@X[$j]
 	ADD	$F,$e,$e		; E+=F_20_39(B,C,D)
 ___
 $code.=<<___				if ($i==79);
 || [A0]	B	loop?
 || [A0]	LDNW	*${INP}++,@X[0]		; pre-fetch input
 	ROTL	$a,5,$Arot		;; $i
 ||	XOR	$c,$b,$F
 ||	ADD	$K,$e,$e		; E+=K
 || [A0]	LDNW	*${INP}++,@X[1]
 	XOR	$d,$F,$F		; F_20_39(B,C,D)
 ||	ROTL	$b,30,$b
 ||	ADD	@X[$i&15],$e,$e		; E+=X[i]
 	ADD	$Arot,$e,$e		; E+=rot(A,5)
 	ADD	$F,$e,$e		; E+=F_20_39(B,C,D)
 ||	ADD	$Bctx,$a,$a		; accumulate context
 ||	ADD	$Cctx,$b,$b
 	ADD	$Dctx,$c,$c
 ||	ADD	$Ectx,$d,$d
 ||	ADD	$Actx,$e,$e
 ;;===== branch to loop? is taken here
 ___
 }

 sub BODY_40_59 {
 my ($i,$a,$b,$c,$d,$e) = @_;
 my $j = ($i+1)&15;

 $code.=<<___;
 ||	 XOR	@X[($j+2)&15],@X[$j],@X[$j]
 	ROTL	$a,5,$Arot		;; $i
 ||	AND	$c,$b,$F
 ||	AND	$d,$b,$F0
 ||	ADD	$K,$e,$e		; E+=K
 ||	 XOR	@X[($j+8)&15],@X[$j],@X[$j]
 	XOR	$F0,$F,$F
 ||	AND	$c,$d,$F0
 ||	ROTL	$b,30,$b
 ||	 XOR	@X[($j+13)&15],@X[$j],@X[$j]
 ||	ADD	@X[$i&15],$e,$e		; E+=X[i]
 	XOR	$F0,$F,$F		; F_40_59(B,C,D)
 ||	ADD	$Arot,$e,$e		; E+=rot(A,5)
 ||	 ROTL	@X[$j],1,@X[$j]
 	ADD	$F,$e,$e		; E+=F_20_39(B,C,D)
 ___
 }

 $code=<<___;
 	.text

 	.if	.ASSEMBLER_VERSION<7000000
 	.asg	0,__TI_EABI__
 	.endif
 	.if	__TI_EABI__
 	.asg	sha1_block_data_order,_sha1_block_data_order
 	.endif

 	.asg	B3,RA
 	.asg	A15,FP
 	.asg	B15,SP

 	.if	.BIG_ENDIAN
 	.asg	MV,SWAP2
 	.asg	MV,SWAP4
 	.endif

 	.global	_sha1_block_data_order
 _sha1_block_data_order:
 	.asmfunc
 	MV	$NUM,A0			; reassign $NUM
   [!A0]	BNOP	RA			; if ($NUM==0) return;
 || [A0]	LDW	*${CTX}[0],$A		; load A-E...
    [A0]	LDW	*${CTX}[1],$B
    [A0]	LDW	*${CTX}[2],$C
    [A0]	LDW	*${CTX}[3],$D
    [A0]	LDW	*${CTX}[4],$E
    [A0]	LDNW	*${INP}++,@X[0]		; pre-fetch input
    [A0]	LDNW	*${INP}++,@X[1]
 	NOP	3

 loop?:
 	SUB	A0,1,A0
 ||	MV	$A,$Actx
 ||	MVD	$B,$Bctx
 ||	SWAP2	@X[0],@X[0]
 ||	MVKL	0x5a827999,$K
 	MVKH	0x5a827999,$K		; K_00_19
 ||	MV	$C,$Cctx
 ||	MV	$D,$Dctx
 ||	MVD	$E,$Ectx
 ||	SWAP4	@X[0],@X[0]
 ___
 for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
 $code.=<<___;
 ||	MVKL	0x6ed9eba1,$K
 	MVKH	0x6ed9eba1,$K		; K_20_39
 ___
 for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
 $code.=<<___;
 ||	MVKL	0x8f1bbcdc,$K
 	MVKH	0x8f1bbcdc,$K		; K_40_59
 ___
 for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
 $code.=<<___;
 ||	MVKL	0xca62c1d6,$K
 	MVKH	0xca62c1d6,$K		; K_60_79
 ___
 for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
 $code.=<<___;
 	BNOP	RA			; return
 	STW	$A,*${CTX}[0]		; emit A-E...
 	STW	$B,*${CTX}[1]
 	STW	$C,*${CTX}[2]
 	STW	$D,*${CTX}[3]
 	STW	$E,*${CTX}[4]
 	.endasmfunc

 	.sect	.const
 	.cstring "SHA1 block transform for C64x, CRYPTOGAMS by <appro\@openssl.org>"
 	.align	4
 ___

 print $code;
 close STDOUT;
	#!/usr/bin/env perl
	#
	# ====================================================================
	# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
	# project. The module is, however, dual licensed under OpenSSL and
	# CRYPTOGAMS licenses depending on where you obtain it. For further
	# details see http://www.openssl.org/~appro/cryptogams/.
	# ====================================================================
	#
	# SHA1 for C64x.
	#
	# November 2016
	#
	# This is fully-unrolled SHA1 implementation. It's 25% faster than
	# one with compact loops, doesn't use in-memory ring buffer, as
	# everything is accomodated in registers, and has "perfect" interrupt
	# agility. Drawback is obviously the code size...

	while (($output=shift) && ($output!~/\w[\w\-]*\.\w+$/)) {}
	open STDOUT,">$output";

	($CTX,$INP,$NUM) = ("A4","B4","A6"); # arguments

	($A,$B,$C,$D,$E, $Arot,$F,$F0,$K) = map("A$_",(16..20, 21..24));
	@V = ($A,$B,$C,$D,$E);
	@X = map("B$_",(16..31));
	($Actx,$Bctx,$Cctx,$Dctx,$Ectx) = map("A$_",(3,6..9)); # zaps $NUM

	sub BODY_00_19 {
	my ($i,$a,$b,$c,$d,$e) = @_;
	my $j = ($i+1)&15;

	$code.=<<___ if ($i<14);
	ROTL $a,5,$Arot ;; $i
	\|\| AND $c,$b,$F
	\|\| ANDN $d,$b,$F0
	\|\| ADD $K,$e,$e ; E+=K
	\|\| LDNW *${INP}++,@X[$i+2]
	OR $F0,$F,$F ; F_00_19(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| SWAP2 @X[$i+1],@X[$i+1]
	\|\| ADD @X[$i],$e,$e ; E+=X[i]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| SWAP4 @X[$i+1],@X[$i+1]
	ADD $F,$e,$e ; E+=F_00_19(B,C,D)
	___
	$code.=<<___ if ($i==14);
	ROTL $a,5,$Arot ;; $i
	\|\| AND $c,$b,$F
	\|\| ANDN $d,$b,$F0
	\|\| ADD $K,$e,$e ; E+=K
	OR $F0,$F,$F ; F_00_19(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| ADD @X[$i],$e,$e ; E+=X[i]
	\|\| SWAP2 @X[$i+1],@X[$i+1]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| SWAP4 @X[$i+1],@X[$i+1]
	ADD $F,$e,$e ; E+=F_00_19(B,C,D)
	___
	$code.=<<___ if ($i==15);
	\|\| XOR @X[($j+2)&15],@X[$j],@X[$j]
	ROTL $a,5,$Arot ;; $i
	\|\| AND $c,$b,$F
	\|\| ANDN $d,$b,$F0
	\|\| ADD $K,$e,$e ; E+=K
	\|\| XOR @X[($j+8)&15],@X[$j],@X[$j]
	OR $F0,$F,$F ; F_00_19(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| ADD @X[$i],$e,$e ; E+=X[i]
	\|\| XOR @X[($j+13)&15],@X[$j],@X[$j]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| ROTL @X[$j],1,@X[$j]
	ADD $F,$e,$e ; E+=F_00_19(B,C,D)
	___
	$code.=<<___ if ($i>15);
	\|\| XOR @X[($j+2)&15],@X[$j],@X[$j]
	ROTL $a,5,$Arot ;; $i
	\|\| AND $c,$b,$F
	\|\| ANDN $d,$b,$F0
	\|\| ADD $K,$e,$e ; E+=K
	\|\| XOR @X[($j+8)&15],@X[$j],@X[$j]
	OR $F0,$F,$F ; F_00_19(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| ADD @X[$i&15],$e,$e ; E+=X[i]
	\|\| XOR @X[($j+13)&15],@X[$j],@X[$j]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| ROTL @X[$j],1,@X[$j]
	ADD $F,$e,$e ; E+=F_00_19(B,C,D)
	___
	}

	sub BODY_20_39 {
	my ($i,$a,$b,$c,$d,$e) = @_;
	my $j = ($i+1)&15;

	$code.=<<___ if ($i<79);
	\|\| XOR @X[($j+2)&15],@X[$j],@X[$j]
	ROTL $a,5,$Arot ;; $i
	\|\| XOR $c,$b,$F
	\|\| ADD $K,$e,$e ; E+=K
	\|\| XOR @X[($j+8)&15],@X[$j],@X[$j]
	XOR $d,$F,$F ; F_20_39(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| ADD @X[$i&15],$e,$e ; E+=X[i]
	\|\| XOR @X[($j+13)&15],@X[$j],@X[$j]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| ROTL @X[$j],1,@X[$j]
	ADD $F,$e,$e ; E+=F_20_39(B,C,D)
	___
	$code.=<<___ if ($i==79);
	\|\| [A0] B loop?
	\|\| [A0] LDNW *${INP}++,@X[0] ; pre-fetch input
	ROTL $a,5,$Arot ;; $i
	\|\| XOR $c,$b,$F
	\|\| ADD $K,$e,$e ; E+=K
	\|\| [A0] LDNW *${INP}++,@X[1]
	XOR $d,$F,$F ; F_20_39(B,C,D)
	\|\| ROTL $b,30,$b
	\|\| ADD @X[$i&15],$e,$e ; E+=X[i]
	ADD $Arot,$e,$e ; E+=rot(A,5)
	ADD $F,$e,$e ; E+=F_20_39(B,C,D)
	\|\| ADD $Bctx,$a,$a ; accumulate context
	\|\| ADD $Cctx,$b,$b
	ADD $Dctx,$c,$c
	\|\| ADD $Ectx,$d,$d
	\|\| ADD $Actx,$e,$e
	;;===== branch to loop? is taken here
	___
	}

	sub BODY_40_59 {
	my ($i,$a,$b,$c,$d,$e) = @_;
	my $j = ($i+1)&15;

	$code.=<<___;
	\|\| XOR @X[($j+2)&15],@X[$j],@X[$j]
	ROTL $a,5,$Arot ;; $i
	\|\| AND $c,$b,$F
	\|\| AND $d,$b,$F0
	\|\| ADD $K,$e,$e ; E+=K
	\|\| XOR @X[($j+8)&15],@X[$j],@X[$j]
	XOR $F0,$F,$F
	\|\| AND $c,$d,$F0
	\|\| ROTL $b,30,$b
	\|\| XOR @X[($j+13)&15],@X[$j],@X[$j]
	\|\| ADD @X[$i&15],$e,$e ; E+=X[i]
	XOR $F0,$F,$F ; F_40_59(B,C,D)
	\|\| ADD $Arot,$e,$e ; E+=rot(A,5)
	\|\| ROTL @X[$j],1,@X[$j]
	ADD $F,$e,$e ; E+=F_20_39(B,C,D)
	___
	}

	$code=<<___;
	.text

	.if .ASSEMBLER_VERSION<7000000
	.asg 0,__TI_EABI__
	.endif
	.if __TI_EABI__
	.asg sha1_block_data_order,_sha1_block_data_order
	.endif

	.asg B3,RA
	.asg A15,FP
	.asg B15,SP

	.if .BIG_ENDIAN
	.asg MV,SWAP2
	.asg MV,SWAP4
	.endif

	.global _sha1_block_data_order
	_sha1_block_data_order:
	.asmfunc
	MV $NUM,A0 ; reassign $NUM
	[!A0] BNOP RA ; if ($NUM==0) return;
	\|\| [A0] LDW *${CTX}[0],$A ; load A-E...
	[A0] LDW *${CTX}[1],$B
	[A0] LDW *${CTX}[2],$C
	[A0] LDW *${CTX}[3],$D
	[A0] LDW *${CTX}[4],$E
	[A0] LDNW *${INP}++,@X[0] ; pre-fetch input
	[A0] LDNW *${INP}++,@X[1]
	NOP 3

	loop?:
	SUB A0,1,A0
	\|\| MV $A,$Actx
	\|\| MVD $B,$Bctx
	\|\| SWAP2 @X[0],@X[0]
	\|\| MVKL 0x5a827999,$K
	MVKH 0x5a827999,$K ; K_00_19
	\|\| MV $C,$Cctx
	\|\| MV $D,$Dctx
	\|\| MVD $E,$Ectx
	\|\| SWAP4 @X[0],@X[0]
	___
	for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
	$code.=<<___;
	\|\| MVKL 0x6ed9eba1,$K
	MVKH 0x6ed9eba1,$K ; K_20_39
	___
	for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
	$code.=<<___;
	\|\| MVKL 0x8f1bbcdc,$K
	MVKH 0x8f1bbcdc,$K ; K_40_59
	___
	for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
	$code.=<<___;
	\|\| MVKL 0xca62c1d6,$K
	MVKH 0xca62c1d6,$K ; K_60_79
	___
	for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
	$code.=<<___;
	BNOP RA ; return
	STW $A,*${CTX}[0] ; emit A-E...
	STW $B,*${CTX}[1]
	STW $C,*${CTX}[2]
	STW $D,*${CTX}[3]
	STW $E,*${CTX}[4]
	.endasmfunc

	.sect .const
	.cstring "SHA1 block transform for C64x, CRYPTOGAMS by <appro\@openssl.org>"
	.align 4
	___

	print $code;
	close STDOUT;