Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
a3b0c44b
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
a3b0c44b
编写于
9月 05, 2010
作者:
A
Andy Polyakov
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ghash-ia64.pl: 50% performance improvement of gcm_ghash_4bit.
上级
4b2603e4
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
307 addition
and
81 deletion
+307
-81
crypto/modes/Makefile
crypto/modes/Makefile
+1
-1
crypto/modes/asm/ghash-ia64.pl
crypto/modes/asm/ghash-ia64.pl
+306
-80
未找到文件。
crypto/modes/Makefile
浏览文件 @
a3b0c44b
...
@@ -43,7 +43,7 @@ lib: $(LIBOBJ)
...
@@ -43,7 +43,7 @@ lib: $(LIBOBJ)
$(RANLIB)
$(LIB)
||
echo
Never mind.
$(RANLIB)
$(LIB)
||
echo
Never mind.
@
touch
lib
@
touch
lib
aes
-ia64.s
:
asm/ghash-ia64.pl
ghash
-ia64.s
:
asm/ghash-ia64.pl
$(PERL)
asm/ghash-ia64.pl
$@
$(CFLAGS)
$(PERL)
asm/ghash-ia64.pl
$@
$(CFLAGS)
ghash-x86.s
:
asm/ghash-x86.pl
ghash-x86.s
:
asm/ghash-x86.pl
$(PERL)
asm/ghash-x86.pl
$(PERLASM_SCHEME)
$(CFLAGS)
$(PROCESSOR)
>
$@
$(PERL)
asm/ghash-x86.pl
$(PERLASM_SCHEME)
$(CFLAGS)
$(PROCESSOR)
>
$@
...
...
crypto/modes/asm/ghash-ia64.pl
浏览文件 @
a3b0c44b
...
@@ -12,22 +12,25 @@
...
@@ -12,22 +12,25 @@
# The module implements "4-bit" GCM GHASH function and underlying
# The module implements "4-bit" GCM GHASH function and underlying
# single multiplication operation in GF(2^128). "4-bit" means that it
# single multiplication operation in GF(2^128). "4-bit" means that it
# uses 256 bytes per-key table [+128 bytes shared table]. Streamed
# uses 256 bytes per-key table [+128 bytes shared table]. Streamed
# GHASH performance was measured to be 6.
35
cycles per processed byte
# GHASH performance was measured to be 6.
67
cycles per processed byte
# on Itanium 2, which is >90% better than Microsoft compiler generated
# on Itanium 2, which is >90% better than Microsoft compiler generated
# code. Well, the number should have been ~6.5. The deviation has
# code. To anchor to something else sha1-ia64.pl module processes one
# everything to do with the way performance is measured: as difference
# byte in 5.7 cycles. On Itanium GHASH should run at ~8.5 cycles per
# between GCM and straightforward 128-bit counter mode. To anchor to
# byte.
# something else sha1-ia64.pl module processes one byte in 6.0 cycles.
# On Itanium GHASH should run at ~8.5 cycles per byte.
# September 2010
#
# Note about "528B" variant. In Itanium 2 case it makes lesser sense
# It was originally thought that it makes lesser sense to implement
# to implement it for following reason. Because number of functional
# "528B" variant on Itanium 2 for following reason. Because number of
# units is naturally limited, it's impossible to implement "528B" loop
# functional units is naturally limited, it appeared impossible to
# in 4 cycles, only in 5. This means that theoretically performance
# implement "528B" loop in 4 cycles, only in 5. This would mean that
# improvement can't be more than 20%, ~15% is more realistic. This
# theoretically performance improvement couldn't be more than 20%.
# is considered below justification level for implementing new code.
# But occasionally you prove yourself wrong:-) I figured out a way to
# Not to mention that on original Itanium it would actually run
# fold couple of instructions and having freed yet another instruction
# slower, spending >9 cycles per byte.
# slot by unrolling the loop... Resulting performance is 4.45 cycles
# per processed byte and 50% better than "256B" version. On original
# Itanium performance should remain the same as the "256B" version,
# i.e. ~8.5 cycles.
$output
=
shift
and
(
open
STDOUT
,"
>
$output
"
or
die
"
can't open
$output
: $!
");
$output
=
shift
and
(
open
STDOUT
,"
>
$output
"
or
die
"
can't open
$output
: $!
");
...
@@ -143,83 +146,270 @@ $code.=<<___;
...
@@ -143,83 +146,270 @@ $code.=<<___;
mov ar.lc=prevlc
mov ar.lc=prevlc
br.ret.sptk.many b0 };;
br.ret.sptk.many b0 };;
.endp gcm_gmult_4bit#
.endp gcm_gmult_4bit#
___
######################################################################
# "528B" (well, "512B" actualy) streamed GHASH
#
$Xip
=
"
in0
";
$Htbl
=
"
in1
";
$inp
=
"
in2
";
$len
=
"
in3
";
$rem_8bit
=
"
loc0
";
$mask0xff
=
"
loc1
";
(
$sum
,
$rum
)
=
$big_endian
?
("
nop.m
","
nop.m
")
:
("
sum
","
rum
");
sub
load_htable
()
{
for
(
my
$i
=
0
;
$i
<
8
;
$i
++
)
{
$code
.=
<<___;
{ .mmi; ld8 r`16+2*$i+1`=[r8],16 // Htable[$i].hi
ld8 r`16+2*$i`=[r9],16 } // Htable[$i].lo
{ .mmi; ldf8 f`32+2*$i+1`=[r10],16 // Htable[`8+$i`].hi
ldf8 f`32+2*$i`=[r11],16 // Htable[`8+$i`].lo
___
$code
.=
shift
if
((
$i
+
$
#_)==7);
$code
.=
"
\t
};;
\n
"
}
}
$code
.=
<<___;
prevsp=r3;
.global gcm_ghash_4bit#
.global gcm_ghash_4bit#
.proc gcm_ghash_4bit#
.proc gcm_ghash_4bit#
.align 32;;
.align 32
.skip 16;; // aligns loop body
gcm_ghash_4bit:
gcm_ghash_4bit:
.prologue
.prologue
{ .mmi; .save ar.pfs,prevfs
{ .mmi; .save ar.pfs,prevfs
alloc prevfs=ar.pfs,4,4,0,8
alloc prevfs=ar.pfs,4,2,0,0
$ADDP inp=15,in2 // &inp[15]
.vframe prevsp
mov rem_4bitp=ip }
mov prevsp=sp
{ .mmi; $ADDP end=in3,in2 // &inp[len]
mov $rem_8bit=ip };;
$ADDP Xi=15,in0 // &Xi[15]
.save ar.lc,prevlc
mov prevlc=ar.lc };;
{ .mmi; $ADDP Htbl=8,in1 // &Htbl[0].lo
mov mask0xf0=0xf0
.save pr,prevpr
mov prevpr=pr }
.body
.body
.rotr in[3],xi[3],Hi[2]
{ .mfi; $ADDP r8=0+0,$Htbl
$ADDP r9=0+8,$Htbl }
{ .mmi; ld1 in[2]=[inp],-1 // inp[15]
{ .mfi; $ADDP r10=128+0,$Htbl
ld1 xi[2]=[Xi],-1 // Xi[15]
$ADDP r11=128+8,$Htbl };;
add end=-17,end };;
{ .mmi; ld1 in[1]=[inp],-1 // inp[14]
ld1 xi[1]=[Xi],-1 // Xi[14]
xor xi[2]=xi[2],in[2] };;
{ .mii; shladd Hi[1]=xi[2],4,r0
mov pr.rot=0x7<<16
mov ar.lc=13 };;
{ .mii; and Hi[1]=mask0xf0,Hi[1]
mov ar.ec=3
xor Zlo=Zlo,Zlo };;
{ .mii; add Hi[1]=Htbl,Hi[1] // &Htbl[nlo].lo
add rem_4bitp=rem_4bit#-gcm_ghash_4bit#,rem_4bitp
xor Zhi=Zhi,Zhi };;
___
___
&loop
("
.LoopN
");
&load_htable
(
"
$ADDP
$Xip
=15,
$Xip
",
# &Xi[15]
"
$ADDP
$len
=
$len
,
$inp
",
# &inp[len]
"
$ADDP
$inp
=15,
$inp
",
# &inp[15]
"
mov
$mask0xff
=0xff
",
"
add sp=-512,sp
",
"
andcm sp=sp,
$mask0xff
",
# align stack frame
"
add r14=0,sp
",
"
add r15=8,sp
");
$code
.=
<<___;
$code
.=
<<___;
{ .mib; xor Zhi=Zhi,Hhi // modulo-scheduling artefact
{ .mmi; $sum 1<<1 // go big-endian
extr.u xi[2]=Zlo,0,8 } // Xi[15]
add r8=256+0,sp
{ .mib; cmp.ltu p6,p0=inp,end // are we done?
add r9=256+8,sp }
add inp=32,inp // advance inp
{ .mmi; add r10=256+128+0,sp
clrrrb.pr };;
add r11=256+128+8,sp
{ .mii;
add $len=-17,$len };;
(p6) ld1 in[2]=[inp],-1 // inp[15]
___
(p6) extr.u xi[1]=Zlo,8,8 // Xi[14]
for
(
$i
=
0
;
$i
<
8
;
$i
++
)
{
# generate first half of Hshr4[]
(p6) mov ar.lc=13 };;
my
(
$rlo
,
$rhi
)
=
("
r
"
.
eval
(
16
+
2
*$i
),"
r
"
.
eval
(
16
+
2
*$i
+
1
));
{ .mii;
$code
.=
<<___;
(p6) ld1 in[1]=[inp],-1 // inp[14]
{ .mmi; st8 [r8]=$rlo,16 // Htable[$i].lo
(p6) mov ar.ec=3
st8 [r9]=$rhi,16 // Htable[$i].hi
mux1 Zlo=Zlo,\@rev };;
shrp $rlo=$rhi,$rlo,4 }//;;
{ .mii;
{ .mmi; stf8 [r10]=f`32+2*$i`,16 // Htable[`8+$i`].lo
(p6) xor xi[2]=xi[2],in[2]
stf8 [r11]=f`32+2*$i+1`,16 // Htable[`8+$i`].hi
mux1 Zhi=Zhi,\@rev };;
shr.u $rhi=$rhi,4 };;
{ .mii;
{ .mmi; st8 [r14]=$rlo,16 // Htable[$i].lo>>4
(p6) shladd Hi[1]=xi[2],4,r0
st8 [r15]=$rhi,16 }//;; // Htable[$i].hi>>4
add Hlo=9,Xi // Xi is &Xi[-1]
___
add Hhi=1,Xi };;
}
{ .mii;
$code
.=
<<___;
(p6) and Hi[1]=mask0xf0,Hi[1]
{ .mmi; ld8 r16=[r8],16 // Htable[8].lo
(p6) add Xi=14,Xi // &Xi[13]
ld8 r17=[r9],16 };; // Htable[8].hi
(p6) mov pr.rot=0x7<<16 };;
{ .mmi; ld8 r18=[r8],16 // Htable[9].lo
ld8 r19=[r9],16 } // Htable[9].hi
{ .mii; st8 [Hlo]=Zlo
{ .mmi; rum 1<<5 // clear um.mfh
(p6) xor Zlo=Zlo,Zlo
shrp r16=r17,r16,4 };;
(p6) add Hi[1]=Htbl,Hi[1] };;
___
{ .mib; st8 [Hhi]=Zhi
for
(
$i
=
0
;
$i
<
6
;
$i
++
)
{
# generate second half of Hshr4[]
(p6) xor Zhi=Zhi,Zhi
$code
.=
<<___;
(p6) br.cond.dptk.many .LoopN };;
{ .mmi; ld8 r`20+2*$i`=[r8],16 // Htable[`10+$i`].lo
ld8 r`20+2*$i+1`=[r9],16 // Htable[`10+$i`].hi
shr.u r`16+2*$i+1`=r`16+2*$i+1`,4 };;
{ .mmi; st8 [r14]=r`16+2*$i`,16 // Htable[`8+$i`].lo>>4
st8 [r15]=r`16+2*$i+1`,16 // Htable[`8+$i`].hi>>4
shrp r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4 }
___
}
$code
.=
<<___;
{ .mmi; shr.u r`16+2*$i+1`=r`16+2*$i+1`,4 };;
{ .mmi; st8 [r14]=r`16+2*$i`,16 // Htable[`8+$i`].lo>>4
st8 [r15]=r`16+2*$i+1`,16 // Htable[`8+$i`].hi>>4
shrp r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4 }
{ .mmi; add $Htbl=256,sp // &Htable[0]
add $rem_8bit=rem_8bit#-gcm_ghash_4bit#,$rem_8bit
shr.u r`18+2*$i+1`=r`18+2*$i+1`,4 };;
{ .mmi; st8 [r14]=r`18+2*$i` // Htable[`8+$i`].lo>>4
st8 [r15]=r`18+2*$i+1` } // Htable[`8+$i`].hi>>4
___
$in
=
"
r15
";
@xi
=
("
r16
","
r17
");
@rem
=
("
r18
","
r19
");
(
$Alo
,
$Ahi
,
$Blo
,
$Bhi
,
$Zlo
,
$Zhi
)
=
("
r20
","
r21
","
r22
","
r23
","
r24
","
r25
");
(
$Atbl
,
$Btbl
)
=
("
r26
","
r27
");
$code
.=<<
___
;
# (p16)
{
.
mmi
;
ld1
$in
=
[
$inp
],
-
1
//
(
p16
)
*inp
--
ld1
$xi
[
0
]
=
[
$Xip
],
-
1
//
(
p16
)
*Xi
--
cmp
.
eq
p0
,
p6
=
r0
,
r0
};;
//
clear
p6
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
$code
.=<<
___
;
# (p16),(p17)
{
.
mmi
;
ld1
$xi
[
0
]
=
[
$Xip
],
-
1
//
(
p16
)
*Xi
--
xor
$xi
[
1
]
=
$xi
[
1
],
$in
};;
//
(
p17
)
xi
=
$xi
[
i
]
^
inp
[
i
]
{
.
mii
;
ld1
$in
=
[
$inp
],
-
1
//
(
p16
)
*inp
--
dep
$Atbl
=
$xi
[
1
],
$Htbl
,
4
,
4
//
(
p17
)
&Htable
[
nlo
]
.
lo
and
$xi
[
1
]
=-
16
,
$xi
[
1
]
};;
//
(
p17
)
nhi
=
xi
&
0xf0
.
align
32
.
LOOP:
{
.
mmi
;
(
p6
)
st8
[
$Xip
]
=
$Zhi
,
13
xor
$Zlo
=
$Zlo
,
$Zlo
add
$Btbl
=
$xi
[
1
],
$Htbl
};;
//
(
p17
)
&Htable
[
nhi
]
.
lo
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
$code
.=<<
___
;
# (p16),(p17),(p18)
{
.
mmi
;
ld8
$Alo
=
[
$Atbl
],
8
//
(
p18
)
Htable
[
nlo
]
.
lo
,
&Htable
[
nlo
]
.
hi
ld8
$rem
[
0
]
=
[
$Btbl
],
-
256
//
(
p18
)
Htable
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
lo
xor
$xi
[
1
]
=
$xi
[
1
],
$in
};;
//
(
p17
)
xi
=
$xi
[
i
]
^
inp
[
i
]
{
.
mfi
;
ld8
$Ahi
=
[
$Atbl
]
//
(
p18
)
Htable
[
nlo
]
.
hi
dep
$Atbl
=
$xi
[
1
],
$Htbl
,
4
,
4
}
//
(
p17
)
&Htable
[
nlo
]
.
lo
{
.
mfi
;
shladd
$rem
[
0
]
=
$rem
[
0
],
4
,
r0
//
(
p18
)
Htable
[
nhi
]
.
lo
<<
4
xor
$Zlo
=
$Zlo
,
$Alo
};;
//
(
p18
)
Z
.
lo
^=
Htable
[
nlo
]
.
lo
{
.
mmi
;
ld8
$Blo
=
[
$Btbl
],
8
//
(
p18
)
Hshr4
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
hi
ld1
$in
=
[
$inp
],
-
1
}
//
(
p16
)
*inp
--
{
.
mmi
;
xor
$rem
[
0
]
=
$rem
[
0
],
$Zlo
//
(
p18
)
Z
.
lo
^
(
Htable
[
nhi
]
.
lo
<<
4
)
mov
$Zhi
=
$Ahi
//
(
p18
)
Z
.
hi
^=
Htable
[
nlo
]
.
hi
and
$xi
[
1
]
=-
16
,
$xi
[
1
]
};;
//
(
p17
)
nhi
=
xi
&
0xf0
{
.
mmi
;
ld8
$Bhi
=
[
$Btbl
]
//
(
p18
)
Hshr4
[
nhi
]
.
hi
ld1
$xi
[
0
]
=
[
$Xip
],
-
1
//
(
p16
)
*Xi
--
shrp
$Zlo
=
$Zhi
,
$Zlo
,
8
}
//
(
p18
)
Z
.
lo
=
(
Z
.
hi
<<
56
)
|
(
Z
.
lo
>>
8
)
{
.
mmi
;
and
$rem
[
0
]
=
$rem
[
0
],
$mask0xff
//
(
p18
)
rem
=
(
$Zlo
^
(
Htable
[
nhi
]
.
lo
<<
4
))
&
0xff
add
$Btbl
=
$xi
[
1
],
$Htbl
};;
//
(
p17
)
&Htable
[
nhi
]
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
for
(
$i
=
1
;
$i
<
14
;
$i
++
)
{
# Above and below fragments are derived from this one by removing
# unsuitable (p??) instructions.
$code
.=<<
___
;
# (p16),(p17),(p18),(p19)
{
.
mmi
;
ld8
$Alo
=
[
$Atbl
],
8
//
(
p18
)
Htable
[
nlo
]
.
lo
,
&Htable
[
nlo
]
.
hi
ld8
$rem
[
0
]
=
[
$Btbl
],
-
256
//
(
p18
)
Htable
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
lo
shr
.
u
$Zhi
=
$Zhi
,
8
}
//
(
p19
)
Z
.
hi
>>=
8
{
.
mmi
;
shladd
$rem
[
1
]
=
$rem
[
1
],
1
,
$rem_8bit
//
(
p19
)
&rem_8bit
[
rem
]
xor
$Zlo
=
$Zlo
,
$Blo
//
(
p19
)
Z
.
lo
^=
Hshr4
[
nhi
]
.
lo
xor
$xi
[
1
]
=
$xi
[
1
],
$in
};;
//
(
p17
)
xi
=
$xi
[
i
]
^
inp
[
i
]
{
.
mmi
;
ld8
$Ahi
=
[
$Atbl
]
//
(
p18
)
Htable
[
nlo
]
.
hi
ld2
$rem
[
1
]
=
[
$rem
[
1
]]
//
(
p19
)
rem_8bit
[
rem
]
dep
$Atbl
=
$xi
[
1
],
$Htbl
,
4
,
4
}
//
(
p17
)
&Htable
[
nlo
]
.
lo
{
.
mmi
;
shladd
$rem
[
0
]
=
$rem
[
0
],
4
,
r0
//
(
p18
)
Htable
[
nhi
]
.
lo
<<
4
xor
$Zlo
=
$Zlo
,
$Alo
//
(
p18
)
Z
.
lo
^=
Htable
[
nlo
]
.
lo
xor
$Zhi
=
$Zhi
,
$Bhi
};;
//
(
p19
)
Z
.
hi
^=
Hshr4
[
nhi
]
.
hi
{
.
mmi
;
ld8
$Blo
=
[
$Btbl
],
8
//
(
p18
)
Hshr4
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
hi
ld1
$in
=
[
$inp
],
-
1
//
(
p16
)
*inp
--
shl
$rem
[
1
]
=
$rem
[
1
],
48
}
//
(
p19
)
rem_8bit
[
rem
]
<<
48
{
.
mmi
;
xor
$rem
[
0
]
=
$rem
[
0
],
$Zlo
//
(
p18
)
Z
.
lo
^
(
Htable
[
nhi
]
.
lo
<<
4
)
xor
$Zhi
=
$Zhi
,
$Ahi
//
(
p18
)
Z
.
hi
^=
Htable
[
nlo
]
.
hi
and
$xi
[
1
]
=-
16
,
$xi
[
1
]
};;
//
(
p17
)
nhi
=
xi
&
0xf0
{
.
mmi
;
ld8
$Bhi
=
[
$Btbl
]
//
(
p18
)
Hshr4
[
nhi
]
.
hi
ld1
$xi
[
0
]
=
[
$Xip
],
-
1
//
(
p16
)
*Xi
--
shrp
$Zlo
=
$Zhi
,
$Zlo
,
8
}
//
(
p18
)
Z
.
lo
=
(
Z
.
hi
<<
56
)
|
(
Z
.
lo
>>
8
)
{
.
mmi
;
and
$rem
[
0
]
=
$rem
[
0
],
$mask0xff
//
(
p18
)
rem
=
(
$Zlo
^
(
Htable
[
nhi
]
.
lo
<<
4
))
&
0xff
xor
$Zhi
=
$Zhi
,
$rem
[
1
]
//
(
p19
)
Z
.
hi
^=
rem_8bit
[
rem
]
<<
48
add
$Btbl
=
$xi
[
1
],
$Htbl
};;
//
(
p17
)
&Htable
[
nhi
]
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
}
$code
.=<<
___
;
# (p17),(p18),(p19)
{
.
mmi
;
ld8
$Alo
=
[
$Atbl
],
8
//
(
p18
)
Htable
[
nlo
]
.
lo
,
&Htable
[
nlo
]
.
hi
ld8
$rem
[
0
]
=
[
$Btbl
],
-
256
//
(
p18
)
Htable
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
lo
shr
.
u
$Zhi
=
$Zhi
,
8
}
//
(
p19
)
Z
.
hi
>>=
8
{
.
mmi
;
shladd
$rem
[
1
]
=
$rem
[
1
],
1
,
$rem_8bit
//
(
p19
)
&rem_8bit
[
rem
]
xor
$Zlo
=
$Zlo
,
$Blo
//
(
p19
)
Z
.
lo
^=
Hshr4
[
nhi
]
.
lo
xor
$xi
[
1
]
=
$xi
[
1
],
$in
};;
//
(
p17
)
xi
=
$xi
[
i
]
^
inp
[
i
]
{
.
mmi
;
ld8
$Ahi
=
[
$Atbl
]
//
(
p18
)
Htable
[
nlo
]
.
hi
ld2
$rem
[
1
]
=
[
$rem
[
1
]]
//
(
p19
)
rem_8bit
[
rem
]
dep
$Atbl
=
$xi
[
1
],
$Htbl
,
4
,
4
};;
//
(
p17
)
&Htable
[
nlo
]
.
lo
{
.
mmi
;
shladd
$rem
[
0
]
=
$rem
[
0
],
4
,
r0
//
(
p18
)
Htable
[
nhi
]
.
lo
<<
4
xor
$Zlo
=
$Zlo
,
$Alo
//
(
p18
)
Z
.
lo
^=
Htable
[
nlo
]
.
lo
xor
$Zhi
=
$Zhi
,
$Bhi
};;
//
(
p19
)
Z
.
hi
^=
Hshr4
[
nhi
]
.
hi
{
.
mmi
;
ld8
$Blo
=
[
$Btbl
],
8
//
(
p18
)
Hshr4
[
nhi
]
.
lo
,
&Hshr4
[
nhi
]
.
hi
shl
$rem
[
1
]
=
$rem
[
1
],
48
}
//
(
p19
)
rem_8bit
[
rem
]
<<
48
{
.
mmi
;
xor
$rem
[
0
]
=
$rem
[
0
],
$Zlo
//
(
p18
)
Z
.
lo
^
(
Htable
[
nhi
]
.
lo
<<
4
)
xor
$Zhi
=
$Zhi
,
$Ahi
//
(
p18
)
Z
.
hi
^=
Htable
[
nlo
]
.
hi
and
$xi
[
1
]
=-
16
,
$xi
[
1
]
};;
//
(
p17
)
nhi
=
xi
&
0xf0
{
.
mmi
;
ld8
$Bhi
=
[
$Btbl
]
//
(
p18
)
Hshr4
[
nhi
]
.
hi
shrp
$Zlo
=
$Zhi
,
$Zlo
,
8
}
//
(
p18
)
Z
.
lo
=
(
Z
.
hi
<<
56
)
|
(
Z
.
lo
>>
8
)
{
.
mmi
;
and
$rem
[
0
]
=
$rem
[
0
],
$mask0xff
//
(
p18
)
rem
=
(
$Zlo
^
(
Htable
[
nhi
]
.
lo
<<
4
))
&
0xff
xor
$Zhi
=
$Zhi
,
$rem
[
1
]
//
(
p19
)
Z
.
hi
^=
rem_8bit
[
rem
]
<<
48
add
$Btbl
=
$xi
[
1
],
$Htbl
};;
//
(
p17
)
&Htable
[
nhi
]
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
$code
.=<<
___
;
# (p18),(p19)
{
.
mfi
;
ld8
$Alo
=
[
$Atbl
],
8
//
(
p18
)
Htable
[
nlo
]
.
lo
,
&Htable
[
nlo
]
.
hi
shr
.
u
$Zhi
=
$Zhi
,
8
}
//
(
p19
)
Z
.
hi
>>=
8
{
.
mfi
;
shladd
$rem
[
1
]
=
$rem
[
1
],
1
,
$rem_8bit
//
(
p19
)
&rem_8bit
[
rem
]
xor
$Zlo
=
$Zlo
,
$Blo
};;
//
(
p19
)
Z
.
lo
^=
Hshr4
[
nhi
]
.
lo
{
.
mfi
;
ld8
$Ahi
=
[
$Atbl
]
//
(
p18
)
Htable
[
nlo
]
.
hi
xor
$Zlo
=
$Zlo
,
$Alo
}
//
(
p18
)
Z
.
lo
^=
Htable
[
nlo
]
.
lo
{
.
mfi
;
ld2
$rem
[
1
]
=
[
$rem
[
1
]]
//
(
p19
)
rem_8bit
[
rem
]
xor
$Zhi
=
$Zhi
,
$Bhi
};;
//
(
p19
)
Z
.
hi
^=
Hshr4
[
nhi
]
.
hi
{
.
mfi
;
ld8
$Blo
=
[
$Btbl
],
8
//
(
p18
)
Htable
[
nhi
]
.
lo
,
&Htable
[
nhi
]
.
hi
shl
$rem
[
1
]
=
$rem
[
1
],
48
}
//
(
p19
)
rem_8bit
[
rem
]
<<
48
{
.
mfi
;
shladd
$rem
[
0
]
=
$Zlo
,
4
,
r0
//
(
p18
)
Z
.
lo
<<
4
xor
$Zhi
=
$Zhi
,
$Ahi
};;
//
(
p18
)
Z
.
hi
^=
Htable
[
nlo
]
.
hi
{
.
mfi
;
ld8
$Bhi
=
[
$Btbl
]
//
(
p18
)
Htable
[
nhi
]
.
hi
shrp
$Zlo
=
$Zhi
,
$Zlo
,
4
}
//
(
p18
)
Z
.
lo
=
(
Z
.
hi
<<
60
)
|
(
Z
.
lo
>>
4
)
{
.
mfi
;
and
$rem
[
0
]
=
$rem
[
0
],
$mask0xff
//
(
p18
)
rem
=
(
$Zlo
^
(
Htable
[
nhi
]
.
lo
<<
4
))
&
0xff
xor
$Zhi
=
$Zhi
,
$rem
[
1
]
};;
//
(
p19
)
Z
.
hi
^=
rem_8bit
[
rem
]
<<
48
___
push
(
@xi
,
shift
(
@xi
));
push
(
@rem
,
shift
(
@rem
));
# "rotate" registers
$code
.=<<
___
;
# (p19)
{
.
mmi
;
cmp
.
ltu
p6
,
p0
=
$inp
,
$len
add
$inp
=
32
,
$inp
shr
.
u
$Zhi
=
$Zhi
,
4
}
//
(
p19
)
Z
.
hi
>>=
4
{
.
mmi
;
shladd
$rem
[
1
]
=
$rem
[
1
],
1
,
$rem_8bit
//
(
p19
)
&rem_8bit
[
rem
]
xor
$Zlo
=
$Zlo
,
$Blo
//
(
p19
)
Z
.
lo
^=
Hshr4
[
nhi
]
.
lo
add
$Xip
=
9
,
$Xip
};;
//
&Xi
.
lo
{
.
mmi
;
ld2
$rem
[
1
]
=
[
$rem
[
1
]]
//
(
p19
)
rem_8bit
[
rem
]
(
p6
)
ld1
$in
=
[
$inp
],
-
1
//
[
p16
]
*inp
--
(
p6
)
extr
.
u
$xi
[
1
]
=
$Zlo
,
8
,
8
}
//
[
p17
]
Xi
[
14
]
{
.
mmi
;
xor
$Zhi
=
$Zhi
,
$Bhi
//
(
p19
)
Z
.
hi
^=
Hshr4
[
nhi
]
.
hi
(
p6
)
and
$xi
[
0
]
=
$Zlo
,
$mask0xff
};;
//
[
p16
]
Xi
[
15
]
{
.
mmi
;
st8
[
$Xip
]
=
$Zlo
,
-
8
(
p6
)
xor
$xi
[
0
]
=
$xi
[
0
],
$in
//
[
p17
]
xi
=
$xi
[
i
]
^
inp
[
i
]
shl
$rem
[
1
]
=
$rem
[
1
],
48
};;
//
(
p19
)
rem_8bit
[
rem
]
<<
48
{
.
mmi
;
(
p6
)
ld1
$in
=
[
$inp
],
-
1
//
[
p16
]
*inp
--
xor
$Zhi
=
$Zhi
,
$rem
[
1
]
//
(
p19
)
Z
.
hi
^=
rem_8bit
[
rem
]
<<
48
(
p6
)
dep
$Atbl
=
$xi
[
0
],
$Htbl
,
4
,
4
}
//
[
p17
]
&Htable
[
nlo
]
.
lo
{
.
mib
;
(
p6
)
and
$xi
[
0
]
=-
16
,
$xi
[
0
]
//
[
p17
]
nhi
=
xi
&
0xf0
(
p6
)
br
.
cond
.
dptk
.
many
.
LOOP
};;
{ .mib; mov pr=prevpr,-2 }
{
.
mib
;
st8
[
$Xip
]
=
$Zhi
};;
{ .mib; mov ar.lc=prevlc
{
.
mib
;
$rum
1
<<
1
//
return
to
little
-
endian
.
restore
sp
mov
sp
=
prevsp
br
.
ret
.
sptk
.
many
b0
};;
br
.
ret
.
sptk
.
many
b0
};;
.
endp
gcm_ghash_4bit
#
.
endp
gcm_ghash_4bit
#
___
$code
.=
<<___;
.align 128;;
.align 128;;
.type rem_4bit#,\@object
.type rem_4bit#,\@object
rem_4bit:
rem_4bit:
...
@@ -228,10 +418,46 @@ rem_4bit:
...
@@ -228,10 +418,46 @@ rem_4bit:
data8 0xE100<<48, 0xFD20<<48, 0xD940<<48, 0xC560<<48
data8 0xE100<<48, 0xFD20<<48, 0xD940<<48, 0xC560<<48
data8 0x9180<<48, 0x8DA0<<48, 0xA9C0<<48, 0xB5E0<<48
data8 0x9180<<48, 0x8DA0<<48, 0xA9C0<<48, 0xB5E0<<48
.size rem_4bit#,128
.size rem_4bit#,128
.type rem_8bit#,\@object
rem_8bit:
data1 0x00,0x00, 0x01,0xC2, 0x03,0x84, 0x02,0x46, 0x07,0x08, 0x06,0xCA, 0x04,0x8C, 0x05,0x4E
data1 0x0E,0x10, 0x0F,0xD2, 0x0D,0x94, 0x0C,0x56, 0x09,0x18, 0x08,0xDA, 0x0A,0x9C, 0x0B,0x5E
data1 0x1C,0x20, 0x1D,0xE2, 0x1F,0xA4, 0x1E,0x66, 0x1B,0x28, 0x1A,0xEA, 0x18,0xAC, 0x19,0x6E
data1 0x12,0x30, 0x13,0xF2, 0x11,0xB4, 0x10,0x76, 0x15,0x38, 0x14,0xFA, 0x16,0xBC, 0x17,0x7E
data1 0x38,0x40, 0x39,0x82, 0x3B,0xC4, 0x3A,0x06, 0x3F,0x48, 0x3E,0x8A, 0x3C,0xCC, 0x3D,0x0E
data1 0x36,0x50, 0x37,0x92, 0x35,0xD4, 0x34,0x16, 0x31,0x58, 0x30,0x9A, 0x32,0xDC, 0x33,0x1E
data1 0x24,0x60, 0x25,0xA2, 0x27,0xE4, 0x26,0x26, 0x23,0x68, 0x22,0xAA, 0x20,0xEC, 0x21,0x2E
data1 0x2A,0x70, 0x2B,0xB2, 0x29,0xF4, 0x28,0x36, 0x2D,0x78, 0x2C,0xBA, 0x2E,0xFC, 0x2F,0x3E
data1 0x70,0x80, 0x71,0x42, 0x73,0x04, 0x72,0xC6, 0x77,0x88, 0x76,0x4A, 0x74,0x0C, 0x75,0xCE
data1 0x7E,0x90, 0x7F,0x52, 0x7D,0x14, 0x7C,0xD6, 0x79,0x98, 0x78,0x5A, 0x7A,0x1C, 0x7B,0xDE
data1 0x6C,0xA0, 0x6D,0x62, 0x6F,0x24, 0x6E,0xE6, 0x6B,0xA8, 0x6A,0x6A, 0x68,0x2C, 0x69,0xEE
data1 0x62,0xB0, 0x63,0x72, 0x61,0x34, 0x60,0xF6, 0x65,0xB8, 0x64,0x7A, 0x66,0x3C, 0x67,0xFE
data1 0x48,0xC0, 0x49,0x02, 0x4B,0x44, 0x4A,0x86, 0x4F,0xC8, 0x4E,0x0A, 0x4C,0x4C, 0x4D,0x8E
data1 0x46,0xD0, 0x47,0x12, 0x45,0x54, 0x44,0x96, 0x41,0xD8, 0x40,0x1A, 0x42,0x5C, 0x43,0x9E
data1 0x54,0xE0, 0x55,0x22, 0x57,0x64, 0x56,0xA6, 0x53,0xE8, 0x52,0x2A, 0x50,0x6C, 0x51,0xAE
data1 0x5A,0xF0, 0x5B,0x32, 0x59,0x74, 0x58,0xB6, 0x5D,0xF8, 0x5C,0x3A, 0x5E,0x7C, 0x5F,0xBE
data1 0xE1,0x00, 0xE0,0xC2, 0xE2,0x84, 0xE3,0x46, 0xE6,0x08, 0xE7,0xCA, 0xE5,0x8C, 0xE4,0x4E
data1 0xEF,0x10, 0xEE,0xD2, 0xEC,0x94, 0xED,0x56, 0xE8,0x18, 0xE9,0xDA, 0xEB,0x9C, 0xEA,0x5E
data1 0xFD,0x20, 0xFC,0xE2, 0xFE,0xA4, 0xFF,0x66, 0xFA,0x28, 0xFB,0xEA, 0xF9,0xAC, 0xF8,0x6E
data1 0xF3,0x30, 0xF2,0xF2, 0xF0,0xB4, 0xF1,0x76, 0xF4,0x38, 0xF5,0xFA, 0xF7,0xBC, 0xF6,0x7E
data1 0xD9,0x40, 0xD8,0x82, 0xDA,0xC4, 0xDB,0x06, 0xDE,0x48, 0xDF,0x8A, 0xDD,0xCC, 0xDC,0x0E
data1 0xD7,0x50, 0xD6,0x92, 0xD4,0xD4, 0xD5,0x16, 0xD0,0x58, 0xD1,0x9A, 0xD3,0xDC, 0xD2,0x1E
data1 0xC5,0x60, 0xC4,0xA2, 0xC6,0xE4, 0xC7,0x26, 0xC2,0x68, 0xC3,0xAA, 0xC1,0xEC, 0xC0,0x2E
data1 0xCB,0x70, 0xCA,0xB2, 0xC8,0xF4, 0xC9,0x36, 0xCC,0x78, 0xCD,0xBA, 0xCF,0xFC, 0xCE,0x3E
data1 0x91,0x80, 0x90,0x42, 0x92,0x04, 0x93,0xC6, 0x96,0x88, 0x97,0x4A, 0x95,0x0C, 0x94,0xCE
data1 0x9F,0x90, 0x9E,0x52, 0x9C,0x14, 0x9D,0xD6, 0x98,0x98, 0x99,0x5A, 0x9B,0x1C, 0x9A,0xDE
data1 0x8D,0xA0, 0x8C,0x62, 0x8E,0x24, 0x8F,0xE6, 0x8A,0xA8, 0x8B,0x6A, 0x89,0x2C, 0x88,0xEE
data1 0x83,0xB0, 0x82,0x72, 0x80,0x34, 0x81,0xF6, 0x84,0xB8, 0x85,0x7A, 0x87,0x3C, 0x86,0xFE
data1 0xA9,0xC0, 0xA8,0x02, 0xAA,0x44, 0xAB,0x86, 0xAE,0xC8, 0xAF,0x0A, 0xAD,0x4C, 0xAC,0x8E
data1 0xA7,0xD0, 0xA6,0x12, 0xA4,0x54, 0xA5,0x96, 0xA0,0xD8, 0xA1,0x1A, 0xA3,0x5C, 0xA2,0x9E
data1 0xB5,0xE0, 0xB4,0x22, 0xB6,0x64, 0xB7,0xA6, 0xB2,0xE8, 0xB3,0x2A, 0xB1,0x6C, 0xB0,0xAE
data1 0xBB,0xF0, 0xBA,0x32, 0xB8,0x74, 0xB9,0xB6, 0xBC,0xF8, 0xBD,0x3A, 0xBF,0x7C, 0xBE,0xBE
.size rem_8bit#,512
stringz "GHASH for IA64, CRYPTOGAMS by <appro\@openssl.org>"
stringz "GHASH for IA64, CRYPTOGAMS by <appro\@openssl.org>"
___
___
$code
=~
s/mux1(\s+)\S+\@rev/nop.i$1 0x0/gm
if
(
$big_endian
);
$code
=~
s/mux1(\s+)\S+\@rev/nop.i$1 0x0/gm
if
(
$big_endian
);
$code
=~
s/\`([^\`]*)\`/eval $1/g
em
;
print
$code
;
print
$code
;
close
STDOUT
;
close
STDOUT
;
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录