Revert "Merge branch 'upstream' into tizen"

[platform/upstream/nettle.git] / x86_64 / sha256-compress.asm

C nettle, low-level cryptographics library
C
C Copyright (C) 2013 Niels Möller
C
C The nettle library is free software; you can redistribute it and/or modify
C it under the terms of the GNU Lesser General Public License as published by
C the Free Software Foundation; either version 2.1 of the License, or (at your
C option) any later version.
C
C The nettle library is distributed in the hope that it will be useful, but
C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
C or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
C License for more details.
C
C You should have received a copy of the GNU Lesser General Public License
C along with the nettle library; see the file COPYING.LIB.  If not, write to
C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
C MA 02111-1301, USA.

        .file "sha256-compress.asm"
define(<STATE>, <%rdi>)
define(<INPUT>, <%rsi>)
define(<K>, <%rdx>)
define(<SA>, <%eax>)
define(<SB>, <%ebx>)
define(<SC>, <%ecx>)
define(<SD>, <%r8d>)
define(<SE>, <%r9d>)
define(<SF>, <%r10d>)
define(<SG>, <%r11d>)
define(<SH>, <%r12d>)
define(<T0>, <%r13d>)
define(<T1>, <%edi>)    C Overlap STATE
define(<COUNT>, <%r14>)
define(<W>, <%r15d>)

define(<EXPN>, <
        movl    OFFSET($1)(%rsp), W
        movl    OFFSET(eval(($1 + 14) % 16))(%rsp), T0
        movl    T0, T1
        shrl    <$>10, T0
        roll    <$>13, T1
        xorl    T1, T0
        roll    <$>2, T1
        xorl    T1, T0
        addl    T0, W
        movl    OFFSET(eval(($1 + 1) % 16))(%rsp), T0
        movl    T0, T1
        shrl    <$>3, T0
        roll    <$>14, T1
        xorl    T1, T0
        roll    <$>11, T1
        xorl    T1, T0
        addl    T0, W
        addl    OFFSET(eval(($1 + 9) % 16))(%rsp), W
        movl    W, OFFSET($1)(%rsp)
>)

C ROUND(A,B,C,D,E,F,G,H,K)
C
C H += S1(E) + Choice(E,F,G) + K + W
C D += H
C H += S0(A) + Majority(A,B,C)
C
C Where
C
C S1(E) = E<<<26 ^ E<<<21 ^ E<<<7
C S0(A) = A<<<30 ^ A<<<19 ^ A<<<10
C Choice (E, F, G) = G^(E&(F^G))
C Majority (A,B,C) = (A&B) + (C&(A^B))

define(<ROUND>, <
        movl    $5, T0
        movl    $5, T1
        roll    <$>7, T0
        roll    <$>21, T1
        xorl    T0, T1
        roll    <$>19, T0
        xorl    T0, T1
        addl    W, $8
        addl    T1, $8
        movl    $7, T0
        xorl    $6, T0
        andl    $5, T0
        xorl    $7, T0
        addl    OFFSET($9)(K,COUNT,4), $8
        addl    T0, $8
        addl    $8, $4

        movl    $1, T0
        movl    $1, T1
        roll    <$>10, T0
        roll    <$>19, T1
        xorl    T0, T1
        roll    <$>20, T0
        xorl    T0, T1
        addl    T1, $8
        movl    $1, T0
        movl    $1, T1
        andl    $2, T0
        xorl    $2, T1
        addl    T0, $8
        andl    $3, T1
        addl    T1, $8
>)

define(<NOEXPN>, <
        movl    OFFSET($1)(INPUT, COUNT, 4), W
        bswapl  W
        movl    W, OFFSET($1)(%rsp, COUNT, 4)
>)

        C void
        C _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k)

        .text
        ALIGN(16)

PROLOGUE(_nettle_sha256_compress)
        W64_ENTRY(3, 0)

        sub     $120, %rsp
        mov     %rbx, 64(%rsp)
        mov     STATE, 72(%rsp) C Save state, to free a register
        mov     %rbp, 80(%rsp)
        mov     %r12, 88(%rsp)
        mov     %r13, 96(%rsp)
        mov     %r14, 104(%rsp)
        mov     %r15, 112(%rsp)

        movl    (STATE),   SA
        movl    4(STATE),  SB
        movl    8(STATE),  SC
        movl    12(STATE), SD
        movl    16(STATE), SE
        movl    20(STATE), SF
        movl    24(STATE), SG
        movl    28(STATE), SH
        xor     COUNT, COUNT
        ALIGN(16)

.Loop1:
        NOEXPN(0) ROUND(SA,SB,SC,SD,SE,SF,SG,SH,0)
        NOEXPN(1) ROUND(SH,SA,SB,SC,SD,SE,SF,SG,1)
        NOEXPN(2) ROUND(SG,SH,SA,SB,SC,SD,SE,SF,2)
        NOEXPN(3) ROUND(SF,SG,SH,SA,SB,SC,SD,SE,3)
        NOEXPN(4) ROUND(SE,SF,SG,SH,SA,SB,SC,SD,4)
        NOEXPN(5) ROUND(SD,SE,SF,SG,SH,SA,SB,SC,5)
        NOEXPN(6) ROUND(SC,SD,SE,SF,SG,SH,SA,SB,6)
        NOEXPN(7) ROUND(SB,SC,SD,SE,SF,SG,SH,SA,7)
        add     $8, COUNT
        cmp     $16, COUNT
        jne     .Loop1

.Loop2:
        EXPN( 0) ROUND(SA,SB,SC,SD,SE,SF,SG,SH,0)
        EXPN( 1) ROUND(SH,SA,SB,SC,SD,SE,SF,SG,1)
        EXPN( 2) ROUND(SG,SH,SA,SB,SC,SD,SE,SF,2)
        EXPN( 3) ROUND(SF,SG,SH,SA,SB,SC,SD,SE,3)
        EXPN( 4) ROUND(SE,SF,SG,SH,SA,SB,SC,SD,4)
        EXPN( 5) ROUND(SD,SE,SF,SG,SH,SA,SB,SC,5)
        EXPN( 6) ROUND(SC,SD,SE,SF,SG,SH,SA,SB,6)
        EXPN( 7) ROUND(SB,SC,SD,SE,SF,SG,SH,SA,7)
        EXPN( 8) ROUND(SA,SB,SC,SD,SE,SF,SG,SH,8)
        EXPN( 9) ROUND(SH,SA,SB,SC,SD,SE,SF,SG,9)
        EXPN(10) ROUND(SG,SH,SA,SB,SC,SD,SE,SF,10)
        EXPN(11) ROUND(SF,SG,SH,SA,SB,SC,SD,SE,11)
        EXPN(12) ROUND(SE,SF,SG,SH,SA,SB,SC,SD,12)
        EXPN(13) ROUND(SD,SE,SF,SG,SH,SA,SB,SC,13)
        EXPN(14) ROUND(SC,SD,SE,SF,SG,SH,SA,SB,14)
        EXPN(15) ROUND(SB,SC,SD,SE,SF,SG,SH,SA,15)
        add     $16, COUNT
        cmp     $64, COUNT
        jne     .Loop2

        mov     72(%rsp), STATE

        addl    SA, (STATE)
        addl    SB, 4(STATE)
        addl    SC, 8(STATE)
        addl    SD, 12(STATE)
        addl    SE, 16(STATE)
        addl    SF, 20(STATE)
        addl    SG, 24(STATE)
        addl    SH, 28(STATE)

        mov     64(%rsp), %rbx
        mov     80(%rsp), %rbp
        mov     88(%rsp), %r12
        mov     96(%rsp), %r13
        mov     104(%rsp),%r14
        mov     112(%rsp),%r15

        add     $120, %rsp
        W64_EXIT(3, 0)
        ret
EPILOGUE(_nettle_sha256_compress)