292 lines
5.5 KiB
NASM
292 lines
5.5 KiB
NASM
|
; libcrash -- cryptographic hash functions
|
||
|
;
|
||
|
; Copyright (C) 2013 Ivan Baravy (dunkaist)
|
||
|
;
|
||
|
; This program is free software: you can redistribute it and/or modify
|
||
|
; it under the terms of the GNU General Public License as published by
|
||
|
; the Free Software Foundation, either version 3 of the License, or
|
||
|
; (at your option) any later version.
|
||
|
;
|
||
|
; This program is distributed in the hope that it will be useful,
|
||
|
; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
; GNU General Public License for more details.
|
||
|
;
|
||
|
; You should have received a copy of the GNU General Public License
|
||
|
; along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||
|
|
||
|
macro keccak_rol_xor nd, ncl, ncr
|
||
|
{
|
||
|
movq mm0, [C + 8*(ncl)]
|
||
|
movq mm1, mm0
|
||
|
psllq mm0, 1
|
||
|
psrlq mm1, 63
|
||
|
por mm0, mm1
|
||
|
pxor mm0, [C + 8*(ncr)]
|
||
|
movq [D + 8*(nd)], mm0
|
||
|
}
|
||
|
|
||
|
proc keccak_theta
|
||
|
locals
|
||
|
C rq 5
|
||
|
D rq 5
|
||
|
endl
|
||
|
|
||
|
repeat 5
|
||
|
movq mm0, [edi + 8*(%-1 + 0)]
|
||
|
pxor mm0, [edi + 8*(%-1 + 5)]
|
||
|
pxor mm0, [edi + 8*(%-1 + 10)]
|
||
|
pxor mm0, [edi + 8*(%-1 + 15)]
|
||
|
pxor mm0, [edi + 8*(%-1 + 20)]
|
||
|
movq [C + 8*(%-1)], mm0
|
||
|
end repeat
|
||
|
|
||
|
keccak_rol_xor 0, 1, 4
|
||
|
keccak_rol_xor 1, 2, 0
|
||
|
keccak_rol_xor 2, 3, 1
|
||
|
keccak_rol_xor 3, 4, 2
|
||
|
keccak_rol_xor 4, 0, 3
|
||
|
|
||
|
repeat 5
|
||
|
movq mm1, [D + 8*(%-1)]
|
||
|
movq mm0, mm1
|
||
|
pxor mm0, [edi + 8*(%-1 + 0)]
|
||
|
movq [edi + 8*(%-1 + 0)], mm0
|
||
|
movq mm0, mm1
|
||
|
pxor mm0, [edi + 8*(%-1 + 5)]
|
||
|
movq [edi + 8*(%-1 + 5)], mm0
|
||
|
movq mm0, mm1
|
||
|
pxor mm0, [edi + 8*(%-1 + 10)]
|
||
|
movq [edi + 8*(%-1 + 10)], mm0
|
||
|
movq mm0, mm1
|
||
|
pxor mm0, [edi + 8*(%-1 + 15)]
|
||
|
movq [edi + 8*(%-1 + 15)], mm0
|
||
|
movq mm0, mm1
|
||
|
pxor mm0, [edi + 8*(%-1 + 20)]
|
||
|
movq [edi + 8*(%-1 + 20)], mm0
|
||
|
end repeat
|
||
|
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc keccak_pi
|
||
|
movq mm1, [edi + 8*1]
|
||
|
movq mm0, [edi + 8*6]
|
||
|
movq [edi + 8*1], mm0
|
||
|
movq mm0, [edi + 8*9]
|
||
|
movq [edi + 8*6], mm0
|
||
|
movq mm0, [edi + 8*22]
|
||
|
movq [edi + 8*9], mm0
|
||
|
movq mm0, [edi + 8*14]
|
||
|
movq [edi + 8*22], mm0
|
||
|
movq mm0, [edi + 8*20]
|
||
|
movq [edi + 8*14], mm0
|
||
|
movq mm0, [edi + 8*2]
|
||
|
movq [edi + 8*20], mm0
|
||
|
movq mm0, [edi + 8*12]
|
||
|
movq [edi + 8*2], mm0
|
||
|
movq mm0, [edi + 8*13]
|
||
|
movq [edi + 8*12], mm0
|
||
|
movq mm0, [edi + 8*19]
|
||
|
movq [edi + 8*13], mm0
|
||
|
movq mm0, [edi + 8*23]
|
||
|
movq [edi + 8*19], mm0
|
||
|
movq mm0, [edi + 8*15]
|
||
|
movq [edi + 8*23], mm0
|
||
|
movq mm0, [edi + 8*4]
|
||
|
movq [edi + 8*15], mm0
|
||
|
movq mm0, [edi + 8*24]
|
||
|
movq [edi + 8*4], mm0
|
||
|
movq mm0, [edi + 8*21]
|
||
|
movq [edi + 8*24], mm0
|
||
|
movq mm0, [edi + 8*8]
|
||
|
movq [edi + 8*21], mm0
|
||
|
movq mm0, [edi + 8*16]
|
||
|
movq [edi + 8*8], mm0
|
||
|
movq mm0, [edi + 8*5]
|
||
|
movq [edi + 8*16], mm0
|
||
|
movq mm0, [edi + 8*3]
|
||
|
movq [edi + 8*5], mm0
|
||
|
movq mm0, [edi + 8*18]
|
||
|
movq [edi + 8*3], mm0
|
||
|
movq mm0, [edi + 8*17]
|
||
|
movq [edi + 8*18], mm0
|
||
|
movq mm0, [edi + 8*11]
|
||
|
movq [edi + 8*17], mm0
|
||
|
movq mm0, [edi + 8*7]
|
||
|
movq [edi + 8*11], mm0
|
||
|
movq mm0, [edi + 8*10]
|
||
|
movq [edi + 8*7], mm0
|
||
|
movq [edi + 8*10], mm1
|
||
|
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc keccak_chi
|
||
|
|
||
|
mov eax, 0xffffffff
|
||
|
movd mm0, eax
|
||
|
movq mm2, mm0
|
||
|
punpckldq mm2, mm0
|
||
|
|
||
|
repeat 5
|
||
|
movq mm6, [edi + 8*(0 + 5*(%-1))]
|
||
|
movq mm7, [edi + 8*(1 + 5*(%-1))]
|
||
|
|
||
|
movq mm0, [edi + 8*(0 + 5*(%-1))]
|
||
|
movq mm1, mm7
|
||
|
pandn mm1, mm2
|
||
|
pand mm1, [edi + 8*(2 + 5*(%-1))]
|
||
|
pxor mm0, mm1
|
||
|
movq [edi + 8*(0 + 5*(%-1))], mm0
|
||
|
|
||
|
movq mm0, [edi + 8*(1 + 5*(%-1))]
|
||
|
movq mm1, [edi + 8*(2 + 5*(%-1))]
|
||
|
pandn mm1, mm2
|
||
|
pand mm1, [edi + 8*(3 + 5*(%-1))]
|
||
|
pxor mm0, mm1
|
||
|
movq [edi + 8*(1 + 5*(%-1))], mm0
|
||
|
|
||
|
movq mm0, [edi + 8*(2 + 5*(%-1))]
|
||
|
movq mm1, [edi + 8*(3 + 5*(%-1))]
|
||
|
pandn mm1, mm2
|
||
|
pand mm1, [edi + 8*(4 + 5*(%-1))]
|
||
|
pxor mm0, mm1
|
||
|
movq [edi + 8*(2 + 5*(%-1))], mm0
|
||
|
|
||
|
movq mm0, [edi + 8*(3 + 5*(%-1))]
|
||
|
movq mm1, [edi + 8*(4 + 5*(%-1))]
|
||
|
pandn mm1, mm2
|
||
|
pand mm1, mm6
|
||
|
pxor mm0, mm1
|
||
|
movq [edi + 8*(3 + 5*(%-1))], mm0
|
||
|
|
||
|
movq mm0, [edi + 8*(4 + 5*(%-1))]
|
||
|
movq mm1, mm6
|
||
|
pandn mm1, mm2
|
||
|
pand mm1, mm7
|
||
|
pxor mm0, mm1
|
||
|
movq [edi + 8*(4 + 5*(%-1))], mm0
|
||
|
end repeat
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
macro keccak_rol_mov n, c
|
||
|
{
|
||
|
movq mm0, [edi + 8*(n)]
|
||
|
movq mm1, mm0
|
||
|
psllq mm0, (c)
|
||
|
psrlq mm1, (64-(c))
|
||
|
por mm0, mm1
|
||
|
movq [edi + 8*(n)], mm0
|
||
|
}
|
||
|
|
||
|
proc keccak_permutation
|
||
|
|
||
|
repeat 24
|
||
|
stdcall keccak_theta
|
||
|
|
||
|
keccak_rol_mov 1, 1
|
||
|
keccak_rol_mov 2, 62
|
||
|
keccak_rol_mov 3, 28
|
||
|
keccak_rol_mov 4, 27
|
||
|
keccak_rol_mov 5, 36
|
||
|
keccak_rol_mov 6, 44
|
||
|
keccak_rol_mov 7, 6
|
||
|
keccak_rol_mov 8, 55
|
||
|
keccak_rol_mov 9, 20
|
||
|
keccak_rol_mov 10, 3
|
||
|
keccak_rol_mov 11, 10
|
||
|
keccak_rol_mov 12, 43
|
||
|
keccak_rol_mov 13, 25
|
||
|
keccak_rol_mov 14, 39
|
||
|
keccak_rol_mov 15, 41
|
||
|
keccak_rol_mov 16, 45
|
||
|
keccak_rol_mov 17, 15
|
||
|
keccak_rol_mov 18, 21
|
||
|
keccak_rol_mov 19, 8
|
||
|
keccak_rol_mov 20, 18
|
||
|
keccak_rol_mov 21, 2
|
||
|
keccak_rol_mov 22, 61
|
||
|
keccak_rol_mov 23, 56
|
||
|
keccak_rol_mov 24, 14
|
||
|
|
||
|
stdcall keccak_pi
|
||
|
stdcall keccak_chi
|
||
|
|
||
|
movq mm0, [edi + 8*(0)]
|
||
|
pxor mm0, [crash._.sha3_round + 8*(%-1)]
|
||
|
movq [edi + 8*(0)], mm0
|
||
|
end repeat
|
||
|
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc crash.sha3_224 _hash, _data
|
||
|
mov edi, [_hash]
|
||
|
|
||
|
repeat 18
|
||
|
movq mm0, [esi + 8*(%-1)]
|
||
|
pxor mm0, [edi + 8*(%-1)]
|
||
|
movq [edi + 8*(%-1)], mm0
|
||
|
end repeat
|
||
|
|
||
|
stdcall keccak_permutation
|
||
|
|
||
|
add esi, 144
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc crash.sha3_256 _hash, _data
|
||
|
mov edi, [_hash]
|
||
|
|
||
|
repeat 17
|
||
|
movq mm0, [esi + 8*(%-1)]
|
||
|
pxor mm0, [edi + 8*(%-1)]
|
||
|
movq [edi + 8*(%-1)], mm0
|
||
|
end repeat
|
||
|
|
||
|
stdcall keccak_permutation
|
||
|
|
||
|
add esi, 136
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc crash.sha3_384 _hash, _data
|
||
|
mov edi, [_hash]
|
||
|
|
||
|
repeat 13
|
||
|
movq mm0, [esi + 8*(%-1)]
|
||
|
pxor mm0, [edi + 8*(%-1)]
|
||
|
movq [edi + 8*(%-1)], mm0
|
||
|
end repeat
|
||
|
|
||
|
stdcall keccak_permutation
|
||
|
|
||
|
add esi, 104
|
||
|
ret
|
||
|
endp
|
||
|
|
||
|
|
||
|
proc crash.sha3_512 _hash, _data
|
||
|
mov edi, [_hash]
|
||
|
|
||
|
repeat 9
|
||
|
movq mm0, [esi + 8*(%-1)]
|
||
|
pxor mm0, [edi + 8*(%-1)]
|
||
|
movq [edi + 8*(%-1)], mm0
|
||
|
end repeat
|
||
|
|
||
|
stdcall keccak_permutation
|
||
|
|
||
|
add esi, 72
|
||
|
ret
|
||
|
endp
|
||
|
|