SHA2 algorithm is defined using 32-bit and 64-bit variables in big-endian. This patch updates sha512-ppc.pl to generate code that byte swaps the input data when needed.
Signed-off-by: Marcelo Cerri <[email protected]> --- crypto/sha/asm/sha512-ppc.pl | 196 +++++++++++++++++++++++++++++-------------- 1 file changed, 133 insertions(+), 63 deletions(-) diff --git a/crypto/sha/asm/sha512-ppc.pl b/crypto/sha/asm/sha512-ppc.pl index d934903..55f0f5b 100755 --- a/crypto/sha/asm/sha512-ppc.pl +++ b/crypto/sha/asm/sha512-ppc.pl @@ -56,6 +56,14 @@ if ($flavour =~ /64/) { $PUSH="stw"; } else { die "nonsense $flavour"; } +$LITTLE_ENDIAN=0; +if ($flavour =~ /le$/) { + if ($SIZE_T == 4) { + die "little-endian is 64-bit only: $flavour"; + } + $LITTLE_ENDIAN=1; +} + $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; ( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or ( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or @@ -353,16 +361,44 @@ Lsha2_block_private: $LD $t1,0($Tbl) ___ for($i=0;$i<16;$i++) { +# Load input as 32-bit words for SHA-224 and SHA256. $code.=<<___ if ($SZ==4); lwz @X[$i],`$i*$SZ`($inp) ___ -# 64-bit loads are split to 2x32-bit ones, as CPU can't handle -# unaligned 64-bit loads, only 32-bit ones... -$code.=<<___ if ($SZ==8); +$code.=<<___ if ($SZ==4 && $LITTLE_ENDIAN); + ; swap bytes + rotlwi $a0,$X[$i],8 + rlwimi $a0,$X[$i],24,0,7 + rlwimi $a0,$X[$i],24,16,23 + clrldi $X[$i],$a0,32 +___ +# Load input as 64-bit words for SHA-512. +# Notes: +# - SHA512 for 32-bit processors is handled by a separated code below +# and little-endian is not supported for 32-bit. +# - 64-bit loads are split to 2x32-bit ones, as CPU can't handle +# unaligned 64-bit loads, only 32-bit ones... +$code.=<<___ if ($SZ==8 && !$LITTLE_ENDIAN); lwz $t0,`$i*$SZ`($inp) lwz @X[$i],`$i*$SZ+4`($inp) insrdi @X[$i],$t0,32,0 ___ +$code.=<<___ if ($SZ==8 && $LITTLE_ENDIAN); + ; load 64 bit value + lwz $t0,`$i*$SZ+4`($inp) + lwz @X[$i],`$i*$SZ`($inp) + insrdi @X[$i],$t0,32,0 + ; swap bytes + rldicl $t0,@X[$i],32,32 + rotlwi $a0,$t0,8 + rlwimi $a0,$t0,24,0,7 + rlwimi $a0,$t0,24,16,23 + rotlwi $t0,@X[$i],8 + rlwimi $t0,@X[$i],24,0,7 + rlwimi $t0,@X[$i],24,16,23 + rldicr $t0,$t0,32,31 + or @X[$i],$t0,$a0 +___ &ROUND_00_15($i,@V); unshift(@V,pop(@V)); } @@ -669,6 +705,40 @@ $code.=<<___; ___ } +# SHA512 uses 64-bits constants and the assembly ".long" directive only +# produces 32-bits values. For big-endian, all you have to do is to split +# the 64-bit value into two 32-bit numbers: +# +# 0x1122334455667788 -> 0x11223344,0x55667788 +# +# But for little-endian, the same 32-bit values need to be swap in order +# to generate the correct 64-bit value: +# +# 0x1122334455667788 -> 0x55667788,0x11223344 +# +# This function is used to properly handle 64-bit constants in little and +# big-endian platforms. +sub long64 { + foreach $n (@_) { + my $lo = (0xffffffff & $n); + my $hi = ($n >> 32); + if ($LITTLE_ENDIAN) { + my $tmp = $lo; + $lo = $hi; + $hi = $tmp; + } + $code .= sprintf("\t.long 0x%08x,0x%08x\n", $hi, $lo); + } +} + +# This function is used just to keep the code coherent with the 64-bit +# constant definitions. +sub long32 { + foreach $n (@_) { + $code .= sprintf("\t.long 0x%08x\n", $n); + } +} + # Ugly hack here, because PPC assembler syntax seem to vary too # much from platforms to platform... $code.=<<___; @@ -684,66 +754,66 @@ LPICmeup: .byte 0,12,0x14,0,0,0,0,0 .space `64-9*4` ___ -$code.=<<___ if ($SZ==8); - .long 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd - .long 0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc - .long 0x3956c25b,0xf348b538,0x59f111f1,0xb605d019 - .long 0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118 - .long 0xd807aa98,0xa3030242,0x12835b01,0x45706fbe - .long 0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2 - .long 0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1 - .long 0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694 - .long 0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3 - .long 0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65 - .long 0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483 - .long 0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5 - .long 0x983e5152,0xee66dfab,0xa831c66d,0x2db43210 - .long 0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4 - .long 0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725 - .long 0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70 - .long 0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926 - .long 0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df - .long 0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8 - .long 0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b - .long 0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001 - .long 0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30 - .long 0xd192e819,0xd6ef5218,0xd6990624,0x5565a910 - .long 0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8 - .long 0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53 - .long 0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8 - .long 0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb - .long 0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3 - .long 0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60 - .long 0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec - .long 0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9 - .long 0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b - .long 0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207 - .long 0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178 - .long 0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6 - .long 0x113f9804,0xbef90dae,0x1b710b35,0x131c471b - .long 0x28db77f5,0x23047d84,0x32caab7b,0x40c72493 - .long 0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c - .long 0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a - .long 0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817 -___ -$code.=<<___ if ($SZ==4); - .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 - .long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 - .long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 - .long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 - .long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc - .long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da - .long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 - .long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 - .long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 - .long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 - .long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 - .long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 - .long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 - .long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 - .long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 - .long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -___ +if ($SZ==8) { + long64(0x428a2f98d728ae22,0x7137449123ef65cd); + long64(0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc); + long64(0x3956c25bf348b538,0x59f111f1b605d019); + long64(0x923f82a4af194f9b,0xab1c5ed5da6d8118); + long64(0xd807aa98a3030242,0x12835b0145706fbe); + long64(0x243185be4ee4b28c,0x550c7dc3d5ffb4e2); + long64(0x72be5d74f27b896f,0x80deb1fe3b1696b1); + long64(0x9bdc06a725c71235,0xc19bf174cf692694); + long64(0xe49b69c19ef14ad2,0xefbe4786384f25e3); + long64(0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65); + long64(0x2de92c6f592b0275,0x4a7484aa6ea6e483); + long64(0x5cb0a9dcbd41fbd4,0x76f988da831153b5); + long64(0x983e5152ee66dfab,0xa831c66d2db43210); + long64(0xb00327c898fb213f,0xbf597fc7beef0ee4); + long64(0xc6e00bf33da88fc2,0xd5a79147930aa725); + long64(0x06ca6351e003826f,0x142929670a0e6e70); + long64(0x27b70a8546d22ffc,0x2e1b21385c26c926); + long64(0x4d2c6dfc5ac42aed,0x53380d139d95b3df); + long64(0x650a73548baf63de,0x766a0abb3c77b2a8); + long64(0x81c2c92e47edaee6,0x92722c851482353b); + long64(0xa2bfe8a14cf10364,0xa81a664bbc423001); + long64(0xc24b8b70d0f89791,0xc76c51a30654be30); + long64(0xd192e819d6ef5218,0xd69906245565a910); + long64(0xf40e35855771202a,0x106aa07032bbd1b8); + long64(0x19a4c116b8d2d0c8,0x1e376c085141ab53); + long64(0x2748774cdf8eeb99,0x34b0bcb5e19b48a8); + long64(0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb); + long64(0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3); + long64(0x748f82ee5defb2fc,0x78a5636f43172f60); + long64(0x84c87814a1f0ab72,0x8cc702081a6439ec); + long64(0x90befffa23631e28,0xa4506cebde82bde9); + long64(0xbef9a3f7b2c67915,0xc67178f2e372532b); + long64(0xca273eceea26619c,0xd186b8c721c0c207); + long64(0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178); + long64(0x06f067aa72176fba,0x0a637dc5a2c898a6); + long64(0x113f9804bef90dae,0x1b710b35131c471b); + long64(0x28db77f523047d84,0x32caab7b40c72493); + long64(0x3c9ebe0a15c9bebc,0x431d67c49c100d4c); + long64(0x4cc5d4becb3e42b6,0x597f299cfc657e2a); + long64(0x5fcb6fab3ad6faec,0x6c44198c4a475817); +} +if ($SZ==4) { + long32(0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5); + long32(0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5); + long32(0xd807aa98,0x12835b01,0x243185be,0x550c7dc3); + long32(0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174); + long32(0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc); + long32(0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da); + long32(0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7); + long32(0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967); + long32(0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13); + long32(0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85); + long32(0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3); + long32(0xd192e819,0xd6990624,0xf40e3585,0x106aa070); + long32(0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5); + long32(0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3); + long32(0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208); + long32(0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2); +} $code =~ s/\`([^\`]*)\`/eval $1/gem; print $code; -- 1.7.12 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
