mirror of
https://github.com/oxen-io/session-android.git
synced 2024-12-20 23:17:29 +00:00
d83a3d71bc
Merge in RedPhone // FREEBIE
1999 lines
32 KiB
ArmAsm
1999 lines
32 KiB
ArmAsm
#ifdef OPENSSL_FIPSCANISTER
|
|
# include <openssl/fipssyms.h>
|
|
#endif
|
|
|
|
.text
|
|
.set noat
|
|
#if !defined(__vxworks) || defined(__pic__)
|
|
.option pic2
|
|
#endif
|
|
|
|
.align 5
|
|
.globl sha256_block_data_order
|
|
.ent sha256_block_data_order
|
|
sha256_block_data_order:
|
|
.frame $29,128,$31
|
|
.mask 3237937152,-4
|
|
.set noreorder
|
|
.cpload $25
|
|
sub $29,128
|
|
sw $31,128-1*4($29)
|
|
sw $30,128-2*4($29)
|
|
sw $23,128-3*4($29)
|
|
sw $22,128-4*4($29)
|
|
sw $21,128-5*4($29)
|
|
sw $20,128-6*4($29)
|
|
sw $19,128-7*4($29)
|
|
sw $18,128-8*4($29)
|
|
sw $17,128-9*4($29)
|
|
sw $16,128-10*4($29)
|
|
sll $23,$6,6
|
|
.set reorder
|
|
la $6,K256 # PIC-ified 'load address'
|
|
|
|
lw $1,0*4($4) # load context
|
|
lw $2,1*4($4)
|
|
lw $3,2*4($4)
|
|
lw $7,3*4($4)
|
|
lw $24,4*4($4)
|
|
lw $25,5*4($4)
|
|
lw $30,6*4($4)
|
|
lw $31,7*4($4)
|
|
|
|
add $23,$5 # pointer to the end of input
|
|
sw $23,16*4($29)
|
|
b .Loop
|
|
|
|
.align 5
|
|
.Loop:
|
|
lwl $8,3($5)
|
|
lwr $8,0($5)
|
|
lwl $9,7($5)
|
|
lwr $9,4($5)
|
|
srl $13,$8,24 # byte swap(0)
|
|
srl $14,$8,8
|
|
andi $15,$8,0xFF00
|
|
sll $8,$8,24
|
|
andi $14,0xFF00
|
|
sll $15,$15,8
|
|
or $8,$13
|
|
or $14,$15
|
|
or $8,$14
|
|
addu $12,$8,$31 # 0
|
|
srl $31,$24,6
|
|
xor $15,$25,$30
|
|
sll $14,$24,7
|
|
and $15,$24
|
|
srl $13,$24,11
|
|
xor $31,$14
|
|
sll $14,$24,21
|
|
xor $31,$13
|
|
srl $13,$24,25
|
|
xor $31,$14
|
|
sll $14,$24,26
|
|
xor $31,$13
|
|
xor $15,$30 # Ch(e,f,g)
|
|
xor $13,$14,$31 # Sigma1(e)
|
|
|
|
srl $31,$1,2
|
|
addu $12,$15
|
|
lw $15,0($6) # K[0]
|
|
sll $14,$1,10
|
|
addu $12,$13
|
|
srl $13,$1,13
|
|
xor $31,$14
|
|
sll $14,$1,19
|
|
xor $31,$13
|
|
srl $13,$1,22
|
|
xor $31,$14
|
|
sll $14,$1,30
|
|
xor $31,$13
|
|
sw $8,0($29) # offload to ring buffer
|
|
xor $31,$14 # Sigma0(a)
|
|
|
|
or $13,$1,$2
|
|
and $14,$1,$2
|
|
and $13,$3
|
|
or $14,$13 # Maj(a,b,c)
|
|
addu $12,$15 # +=K[0]
|
|
addu $31,$14
|
|
|
|
addu $7,$12
|
|
addu $31,$12
|
|
lwl $10,11($5)
|
|
lwr $10,8($5)
|
|
srl $14,$9,24 # byte swap(1)
|
|
srl $15,$9,8
|
|
andi $16,$9,0xFF00
|
|
sll $9,$9,24
|
|
andi $15,0xFF00
|
|
sll $16,$16,8
|
|
or $9,$14
|
|
or $15,$16
|
|
or $9,$15
|
|
addu $13,$9,$30 # 1
|
|
srl $30,$7,6
|
|
xor $16,$24,$25
|
|
sll $15,$7,7
|
|
and $16,$7
|
|
srl $14,$7,11
|
|
xor $30,$15
|
|
sll $15,$7,21
|
|
xor $30,$14
|
|
srl $14,$7,25
|
|
xor $30,$15
|
|
sll $15,$7,26
|
|
xor $30,$14
|
|
xor $16,$25 # Ch(e,f,g)
|
|
xor $14,$15,$30 # Sigma1(e)
|
|
|
|
srl $30,$31,2
|
|
addu $13,$16
|
|
lw $16,4($6) # K[1]
|
|
sll $15,$31,10
|
|
addu $13,$14
|
|
srl $14,$31,13
|
|
xor $30,$15
|
|
sll $15,$31,19
|
|
xor $30,$14
|
|
srl $14,$31,22
|
|
xor $30,$15
|
|
sll $15,$31,30
|
|
xor $30,$14
|
|
sw $9,4($29) # offload to ring buffer
|
|
xor $30,$15 # Sigma0(a)
|
|
|
|
or $14,$31,$1
|
|
and $15,$31,$1
|
|
and $14,$2
|
|
or $15,$14 # Maj(a,b,c)
|
|
addu $13,$16 # +=K[1]
|
|
addu $30,$15
|
|
|
|
addu $3,$13
|
|
addu $30,$13
|
|
lwl $11,15($5)
|
|
lwr $11,12($5)
|
|
srl $15,$10,24 # byte swap(2)
|
|
srl $16,$10,8
|
|
andi $17,$10,0xFF00
|
|
sll $10,$10,24
|
|
andi $16,0xFF00
|
|
sll $17,$17,8
|
|
or $10,$15
|
|
or $16,$17
|
|
or $10,$16
|
|
addu $14,$10,$25 # 2
|
|
srl $25,$3,6
|
|
xor $17,$7,$24
|
|
sll $16,$3,7
|
|
and $17,$3
|
|
srl $15,$3,11
|
|
xor $25,$16
|
|
sll $16,$3,21
|
|
xor $25,$15
|
|
srl $15,$3,25
|
|
xor $25,$16
|
|
sll $16,$3,26
|
|
xor $25,$15
|
|
xor $17,$24 # Ch(e,f,g)
|
|
xor $15,$16,$25 # Sigma1(e)
|
|
|
|
srl $25,$30,2
|
|
addu $14,$17
|
|
lw $17,8($6) # K[2]
|
|
sll $16,$30,10
|
|
addu $14,$15
|
|
srl $15,$30,13
|
|
xor $25,$16
|
|
sll $16,$30,19
|
|
xor $25,$15
|
|
srl $15,$30,22
|
|
xor $25,$16
|
|
sll $16,$30,30
|
|
xor $25,$15
|
|
sw $10,8($29) # offload to ring buffer
|
|
xor $25,$16 # Sigma0(a)
|
|
|
|
or $15,$30,$31
|
|
and $16,$30,$31
|
|
and $15,$1
|
|
or $16,$15 # Maj(a,b,c)
|
|
addu $14,$17 # +=K[2]
|
|
addu $25,$16
|
|
|
|
addu $2,$14
|
|
addu $25,$14
|
|
lwl $12,19($5)
|
|
lwr $12,16($5)
|
|
srl $16,$11,24 # byte swap(3)
|
|
srl $17,$11,8
|
|
andi $18,$11,0xFF00
|
|
sll $11,$11,24
|
|
andi $17,0xFF00
|
|
sll $18,$18,8
|
|
or $11,$16
|
|
or $17,$18
|
|
or $11,$17
|
|
addu $15,$11,$24 # 3
|
|
srl $24,$2,6
|
|
xor $18,$3,$7
|
|
sll $17,$2,7
|
|
and $18,$2
|
|
srl $16,$2,11
|
|
xor $24,$17
|
|
sll $17,$2,21
|
|
xor $24,$16
|
|
srl $16,$2,25
|
|
xor $24,$17
|
|
sll $17,$2,26
|
|
xor $24,$16
|
|
xor $18,$7 # Ch(e,f,g)
|
|
xor $16,$17,$24 # Sigma1(e)
|
|
|
|
srl $24,$25,2
|
|
addu $15,$18
|
|
lw $18,12($6) # K[3]
|
|
sll $17,$25,10
|
|
addu $15,$16
|
|
srl $16,$25,13
|
|
xor $24,$17
|
|
sll $17,$25,19
|
|
xor $24,$16
|
|
srl $16,$25,22
|
|
xor $24,$17
|
|
sll $17,$25,30
|
|
xor $24,$16
|
|
sw $11,12($29) # offload to ring buffer
|
|
xor $24,$17 # Sigma0(a)
|
|
|
|
or $16,$25,$30
|
|
and $17,$25,$30
|
|
and $16,$31
|
|
or $17,$16 # Maj(a,b,c)
|
|
addu $15,$18 # +=K[3]
|
|
addu $24,$17
|
|
|
|
addu $1,$15
|
|
addu $24,$15
|
|
lwl $13,23($5)
|
|
lwr $13,20($5)
|
|
srl $17,$12,24 # byte swap(4)
|
|
srl $18,$12,8
|
|
andi $19,$12,0xFF00
|
|
sll $12,$12,24
|
|
andi $18,0xFF00
|
|
sll $19,$19,8
|
|
or $12,$17
|
|
or $18,$19
|
|
or $12,$18
|
|
addu $16,$12,$7 # 4
|
|
srl $7,$1,6
|
|
xor $19,$2,$3
|
|
sll $18,$1,7
|
|
and $19,$1
|
|
srl $17,$1,11
|
|
xor $7,$18
|
|
sll $18,$1,21
|
|
xor $7,$17
|
|
srl $17,$1,25
|
|
xor $7,$18
|
|
sll $18,$1,26
|
|
xor $7,$17
|
|
xor $19,$3 # Ch(e,f,g)
|
|
xor $17,$18,$7 # Sigma1(e)
|
|
|
|
srl $7,$24,2
|
|
addu $16,$19
|
|
lw $19,16($6) # K[4]
|
|
sll $18,$24,10
|
|
addu $16,$17
|
|
srl $17,$24,13
|
|
xor $7,$18
|
|
sll $18,$24,19
|
|
xor $7,$17
|
|
srl $17,$24,22
|
|
xor $7,$18
|
|
sll $18,$24,30
|
|
xor $7,$17
|
|
sw $12,16($29) # offload to ring buffer
|
|
xor $7,$18 # Sigma0(a)
|
|
|
|
or $17,$24,$25
|
|
and $18,$24,$25
|
|
and $17,$30
|
|
or $18,$17 # Maj(a,b,c)
|
|
addu $16,$19 # +=K[4]
|
|
addu $7,$18
|
|
|
|
addu $31,$16
|
|
addu $7,$16
|
|
lwl $14,27($5)
|
|
lwr $14,24($5)
|
|
srl $18,$13,24 # byte swap(5)
|
|
srl $19,$13,8
|
|
andi $20,$13,0xFF00
|
|
sll $13,$13,24
|
|
andi $19,0xFF00
|
|
sll $20,$20,8
|
|
or $13,$18
|
|
or $19,$20
|
|
or $13,$19
|
|
addu $17,$13,$3 # 5
|
|
srl $3,$31,6
|
|
xor $20,$1,$2
|
|
sll $19,$31,7
|
|
and $20,$31
|
|
srl $18,$31,11
|
|
xor $3,$19
|
|
sll $19,$31,21
|
|
xor $3,$18
|
|
srl $18,$31,25
|
|
xor $3,$19
|
|
sll $19,$31,26
|
|
xor $3,$18
|
|
xor $20,$2 # Ch(e,f,g)
|
|
xor $18,$19,$3 # Sigma1(e)
|
|
|
|
srl $3,$7,2
|
|
addu $17,$20
|
|
lw $20,20($6) # K[5]
|
|
sll $19,$7,10
|
|
addu $17,$18
|
|
srl $18,$7,13
|
|
xor $3,$19
|
|
sll $19,$7,19
|
|
xor $3,$18
|
|
srl $18,$7,22
|
|
xor $3,$19
|
|
sll $19,$7,30
|
|
xor $3,$18
|
|
sw $13,20($29) # offload to ring buffer
|
|
xor $3,$19 # Sigma0(a)
|
|
|
|
or $18,$7,$24
|
|
and $19,$7,$24
|
|
and $18,$25
|
|
or $19,$18 # Maj(a,b,c)
|
|
addu $17,$20 # +=K[5]
|
|
addu $3,$19
|
|
|
|
addu $30,$17
|
|
addu $3,$17
|
|
lwl $15,31($5)
|
|
lwr $15,28($5)
|
|
srl $19,$14,24 # byte swap(6)
|
|
srl $20,$14,8
|
|
andi $21,$14,0xFF00
|
|
sll $14,$14,24
|
|
andi $20,0xFF00
|
|
sll $21,$21,8
|
|
or $14,$19
|
|
or $20,$21
|
|
or $14,$20
|
|
addu $18,$14,$2 # 6
|
|
srl $2,$30,6
|
|
xor $21,$31,$1
|
|
sll $20,$30,7
|
|
and $21,$30
|
|
srl $19,$30,11
|
|
xor $2,$20
|
|
sll $20,$30,21
|
|
xor $2,$19
|
|
srl $19,$30,25
|
|
xor $2,$20
|
|
sll $20,$30,26
|
|
xor $2,$19
|
|
xor $21,$1 # Ch(e,f,g)
|
|
xor $19,$20,$2 # Sigma1(e)
|
|
|
|
srl $2,$3,2
|
|
addu $18,$21
|
|
lw $21,24($6) # K[6]
|
|
sll $20,$3,10
|
|
addu $18,$19
|
|
srl $19,$3,13
|
|
xor $2,$20
|
|
sll $20,$3,19
|
|
xor $2,$19
|
|
srl $19,$3,22
|
|
xor $2,$20
|
|
sll $20,$3,30
|
|
xor $2,$19
|
|
sw $14,24($29) # offload to ring buffer
|
|
xor $2,$20 # Sigma0(a)
|
|
|
|
or $19,$3,$7
|
|
and $20,$3,$7
|
|
and $19,$24
|
|
or $20,$19 # Maj(a,b,c)
|
|
addu $18,$21 # +=K[6]
|
|
addu $2,$20
|
|
|
|
addu $25,$18
|
|
addu $2,$18
|
|
lwl $16,35($5)
|
|
lwr $16,32($5)
|
|
srl $20,$15,24 # byte swap(7)
|
|
srl $21,$15,8
|
|
andi $22,$15,0xFF00
|
|
sll $15,$15,24
|
|
andi $21,0xFF00
|
|
sll $22,$22,8
|
|
or $15,$20
|
|
or $21,$22
|
|
or $15,$21
|
|
addu $19,$15,$1 # 7
|
|
srl $1,$25,6
|
|
xor $22,$30,$31
|
|
sll $21,$25,7
|
|
and $22,$25
|
|
srl $20,$25,11
|
|
xor $1,$21
|
|
sll $21,$25,21
|
|
xor $1,$20
|
|
srl $20,$25,25
|
|
xor $1,$21
|
|
sll $21,$25,26
|
|
xor $1,$20
|
|
xor $22,$31 # Ch(e,f,g)
|
|
xor $20,$21,$1 # Sigma1(e)
|
|
|
|
srl $1,$2,2
|
|
addu $19,$22
|
|
lw $22,28($6) # K[7]
|
|
sll $21,$2,10
|
|
addu $19,$20
|
|
srl $20,$2,13
|
|
xor $1,$21
|
|
sll $21,$2,19
|
|
xor $1,$20
|
|
srl $20,$2,22
|
|
xor $1,$21
|
|
sll $21,$2,30
|
|
xor $1,$20
|
|
sw $15,28($29) # offload to ring buffer
|
|
xor $1,$21 # Sigma0(a)
|
|
|
|
or $20,$2,$3
|
|
and $21,$2,$3
|
|
and $20,$7
|
|
or $21,$20 # Maj(a,b,c)
|
|
addu $19,$22 # +=K[7]
|
|
addu $1,$21
|
|
|
|
addu $24,$19
|
|
addu $1,$19
|
|
lwl $17,39($5)
|
|
lwr $17,36($5)
|
|
srl $21,$16,24 # byte swap(8)
|
|
srl $22,$16,8
|
|
andi $23,$16,0xFF00
|
|
sll $16,$16,24
|
|
andi $22,0xFF00
|
|
sll $23,$23,8
|
|
or $16,$21
|
|
or $22,$23
|
|
or $16,$22
|
|
addu $20,$16,$31 # 8
|
|
srl $31,$24,6
|
|
xor $23,$25,$30
|
|
sll $22,$24,7
|
|
and $23,$24
|
|
srl $21,$24,11
|
|
xor $31,$22
|
|
sll $22,$24,21
|
|
xor $31,$21
|
|
srl $21,$24,25
|
|
xor $31,$22
|
|
sll $22,$24,26
|
|
xor $31,$21
|
|
xor $23,$30 # Ch(e,f,g)
|
|
xor $21,$22,$31 # Sigma1(e)
|
|
|
|
srl $31,$1,2
|
|
addu $20,$23
|
|
lw $23,32($6) # K[8]
|
|
sll $22,$1,10
|
|
addu $20,$21
|
|
srl $21,$1,13
|
|
xor $31,$22
|
|
sll $22,$1,19
|
|
xor $31,$21
|
|
srl $21,$1,22
|
|
xor $31,$22
|
|
sll $22,$1,30
|
|
xor $31,$21
|
|
sw $16,32($29) # offload to ring buffer
|
|
xor $31,$22 # Sigma0(a)
|
|
|
|
or $21,$1,$2
|
|
and $22,$1,$2
|
|
and $21,$3
|
|
or $22,$21 # Maj(a,b,c)
|
|
addu $20,$23 # +=K[8]
|
|
addu $31,$22
|
|
|
|
addu $7,$20
|
|
addu $31,$20
|
|
lwl $18,43($5)
|
|
lwr $18,40($5)
|
|
srl $22,$17,24 # byte swap(9)
|
|
srl $23,$17,8
|
|
andi $8,$17,0xFF00
|
|
sll $17,$17,24
|
|
andi $23,0xFF00
|
|
sll $8,$8,8
|
|
or $17,$22
|
|
or $23,$8
|
|
or $17,$23
|
|
addu $21,$17,$30 # 9
|
|
srl $30,$7,6
|
|
xor $8,$24,$25
|
|
sll $23,$7,7
|
|
and $8,$7
|
|
srl $22,$7,11
|
|
xor $30,$23
|
|
sll $23,$7,21
|
|
xor $30,$22
|
|
srl $22,$7,25
|
|
xor $30,$23
|
|
sll $23,$7,26
|
|
xor $30,$22
|
|
xor $8,$25 # Ch(e,f,g)
|
|
xor $22,$23,$30 # Sigma1(e)
|
|
|
|
srl $30,$31,2
|
|
addu $21,$8
|
|
lw $8,36($6) # K[9]
|
|
sll $23,$31,10
|
|
addu $21,$22
|
|
srl $22,$31,13
|
|
xor $30,$23
|
|
sll $23,$31,19
|
|
xor $30,$22
|
|
srl $22,$31,22
|
|
xor $30,$23
|
|
sll $23,$31,30
|
|
xor $30,$22
|
|
sw $17,36($29) # offload to ring buffer
|
|
xor $30,$23 # Sigma0(a)
|
|
|
|
or $22,$31,$1
|
|
and $23,$31,$1
|
|
and $22,$2
|
|
or $23,$22 # Maj(a,b,c)
|
|
addu $21,$8 # +=K[9]
|
|
addu $30,$23
|
|
|
|
addu $3,$21
|
|
addu $30,$21
|
|
lwl $19,47($5)
|
|
lwr $19,44($5)
|
|
srl $23,$18,24 # byte swap(10)
|
|
srl $8,$18,8
|
|
andi $9,$18,0xFF00
|
|
sll $18,$18,24
|
|
andi $8,0xFF00
|
|
sll $9,$9,8
|
|
or $18,$23
|
|
or $8,$9
|
|
or $18,$8
|
|
addu $22,$18,$25 # 10
|
|
srl $25,$3,6
|
|
xor $9,$7,$24
|
|
sll $8,$3,7
|
|
and $9,$3
|
|
srl $23,$3,11
|
|
xor $25,$8
|
|
sll $8,$3,21
|
|
xor $25,$23
|
|
srl $23,$3,25
|
|
xor $25,$8
|
|
sll $8,$3,26
|
|
xor $25,$23
|
|
xor $9,$24 # Ch(e,f,g)
|
|
xor $23,$8,$25 # Sigma1(e)
|
|
|
|
srl $25,$30,2
|
|
addu $22,$9
|
|
lw $9,40($6) # K[10]
|
|
sll $8,$30,10
|
|
addu $22,$23
|
|
srl $23,$30,13
|
|
xor $25,$8
|
|
sll $8,$30,19
|
|
xor $25,$23
|
|
srl $23,$30,22
|
|
xor $25,$8
|
|
sll $8,$30,30
|
|
xor $25,$23
|
|
sw $18,40($29) # offload to ring buffer
|
|
xor $25,$8 # Sigma0(a)
|
|
|
|
or $23,$30,$31
|
|
and $8,$30,$31
|
|
and $23,$1
|
|
or $8,$23 # Maj(a,b,c)
|
|
addu $22,$9 # +=K[10]
|
|
addu $25,$8
|
|
|
|
addu $2,$22
|
|
addu $25,$22
|
|
lwl $20,51($5)
|
|
lwr $20,48($5)
|
|
srl $8,$19,24 # byte swap(11)
|
|
srl $9,$19,8
|
|
andi $10,$19,0xFF00
|
|
sll $19,$19,24
|
|
andi $9,0xFF00
|
|
sll $10,$10,8
|
|
or $19,$8
|
|
or $9,$10
|
|
or $19,$9
|
|
addu $23,$19,$24 # 11
|
|
srl $24,$2,6
|
|
xor $10,$3,$7
|
|
sll $9,$2,7
|
|
and $10,$2
|
|
srl $8,$2,11
|
|
xor $24,$9
|
|
sll $9,$2,21
|
|
xor $24,$8
|
|
srl $8,$2,25
|
|
xor $24,$9
|
|
sll $9,$2,26
|
|
xor $24,$8
|
|
xor $10,$7 # Ch(e,f,g)
|
|
xor $8,$9,$24 # Sigma1(e)
|
|
|
|
srl $24,$25,2
|
|
addu $23,$10
|
|
lw $10,44($6) # K[11]
|
|
sll $9,$25,10
|
|
addu $23,$8
|
|
srl $8,$25,13
|
|
xor $24,$9
|
|
sll $9,$25,19
|
|
xor $24,$8
|
|
srl $8,$25,22
|
|
xor $24,$9
|
|
sll $9,$25,30
|
|
xor $24,$8
|
|
sw $19,44($29) # offload to ring buffer
|
|
xor $24,$9 # Sigma0(a)
|
|
|
|
or $8,$25,$30
|
|
and $9,$25,$30
|
|
and $8,$31
|
|
or $9,$8 # Maj(a,b,c)
|
|
addu $23,$10 # +=K[11]
|
|
addu $24,$9
|
|
|
|
addu $1,$23
|
|
addu $24,$23
|
|
lwl $21,55($5)
|
|
lwr $21,52($5)
|
|
srl $9,$20,24 # byte swap(12)
|
|
srl $10,$20,8
|
|
andi $11,$20,0xFF00
|
|
sll $20,$20,24
|
|
andi $10,0xFF00
|
|
sll $11,$11,8
|
|
or $20,$9
|
|
or $10,$11
|
|
or $20,$10
|
|
addu $8,$20,$7 # 12
|
|
srl $7,$1,6
|
|
xor $11,$2,$3
|
|
sll $10,$1,7
|
|
and $11,$1
|
|
srl $9,$1,11
|
|
xor $7,$10
|
|
sll $10,$1,21
|
|
xor $7,$9
|
|
srl $9,$1,25
|
|
xor $7,$10
|
|
sll $10,$1,26
|
|
xor $7,$9
|
|
xor $11,$3 # Ch(e,f,g)
|
|
xor $9,$10,$7 # Sigma1(e)
|
|
|
|
srl $7,$24,2
|
|
addu $8,$11
|
|
lw $11,48($6) # K[12]
|
|
sll $10,$24,10
|
|
addu $8,$9
|
|
srl $9,$24,13
|
|
xor $7,$10
|
|
sll $10,$24,19
|
|
xor $7,$9
|
|
srl $9,$24,22
|
|
xor $7,$10
|
|
sll $10,$24,30
|
|
xor $7,$9
|
|
sw $20,48($29) # offload to ring buffer
|
|
xor $7,$10 # Sigma0(a)
|
|
|
|
or $9,$24,$25
|
|
and $10,$24,$25
|
|
and $9,$30
|
|
or $10,$9 # Maj(a,b,c)
|
|
addu $8,$11 # +=K[12]
|
|
addu $7,$10
|
|
|
|
addu $31,$8
|
|
addu $7,$8
|
|
lwl $22,59($5)
|
|
lwr $22,56($5)
|
|
srl $10,$21,24 # byte swap(13)
|
|
srl $11,$21,8
|
|
andi $12,$21,0xFF00
|
|
sll $21,$21,24
|
|
andi $11,0xFF00
|
|
sll $12,$12,8
|
|
or $21,$10
|
|
or $11,$12
|
|
or $21,$11
|
|
addu $9,$21,$3 # 13
|
|
srl $3,$31,6
|
|
xor $12,$1,$2
|
|
sll $11,$31,7
|
|
and $12,$31
|
|
srl $10,$31,11
|
|
xor $3,$11
|
|
sll $11,$31,21
|
|
xor $3,$10
|
|
srl $10,$31,25
|
|
xor $3,$11
|
|
sll $11,$31,26
|
|
xor $3,$10
|
|
xor $12,$2 # Ch(e,f,g)
|
|
xor $10,$11,$3 # Sigma1(e)
|
|
|
|
srl $3,$7,2
|
|
addu $9,$12
|
|
lw $12,52($6) # K[13]
|
|
sll $11,$7,10
|
|
addu $9,$10
|
|
srl $10,$7,13
|
|
xor $3,$11
|
|
sll $11,$7,19
|
|
xor $3,$10
|
|
srl $10,$7,22
|
|
xor $3,$11
|
|
sll $11,$7,30
|
|
xor $3,$10
|
|
sw $21,52($29) # offload to ring buffer
|
|
xor $3,$11 # Sigma0(a)
|
|
|
|
or $10,$7,$24
|
|
and $11,$7,$24
|
|
and $10,$25
|
|
or $11,$10 # Maj(a,b,c)
|
|
addu $9,$12 # +=K[13]
|
|
addu $3,$11
|
|
|
|
addu $30,$9
|
|
addu $3,$9
|
|
lw $8,0($29) # prefetch from ring buffer
|
|
lwl $23,63($5)
|
|
lwr $23,60($5)
|
|
srl $11,$22,24 # byte swap(14)
|
|
srl $12,$22,8
|
|
andi $13,$22,0xFF00
|
|
sll $22,$22,24
|
|
andi $12,0xFF00
|
|
sll $13,$13,8
|
|
or $22,$11
|
|
or $12,$13
|
|
or $22,$12
|
|
addu $10,$22,$2 # 14
|
|
srl $2,$30,6
|
|
xor $13,$31,$1
|
|
sll $12,$30,7
|
|
and $13,$30
|
|
srl $11,$30,11
|
|
xor $2,$12
|
|
sll $12,$30,21
|
|
xor $2,$11
|
|
srl $11,$30,25
|
|
xor $2,$12
|
|
sll $12,$30,26
|
|
xor $2,$11
|
|
xor $13,$1 # Ch(e,f,g)
|
|
xor $11,$12,$2 # Sigma1(e)
|
|
|
|
srl $2,$3,2
|
|
addu $10,$13
|
|
lw $13,56($6) # K[14]
|
|
sll $12,$3,10
|
|
addu $10,$11
|
|
srl $11,$3,13
|
|
xor $2,$12
|
|
sll $12,$3,19
|
|
xor $2,$11
|
|
srl $11,$3,22
|
|
xor $2,$12
|
|
sll $12,$3,30
|
|
xor $2,$11
|
|
sw $22,56($29) # offload to ring buffer
|
|
xor $2,$12 # Sigma0(a)
|
|
|
|
or $11,$3,$7
|
|
and $12,$3,$7
|
|
and $11,$24
|
|
or $12,$11 # Maj(a,b,c)
|
|
addu $10,$13 # +=K[14]
|
|
addu $2,$12
|
|
|
|
addu $25,$10
|
|
addu $2,$10
|
|
lw $9,4($29) # prefetch from ring buffer
|
|
srl $12,$23,24 # byte swap(15)
|
|
srl $13,$23,8
|
|
andi $14,$23,0xFF00
|
|
sll $23,$23,24
|
|
andi $13,0xFF00
|
|
sll $14,$14,8
|
|
or $23,$12
|
|
or $13,$14
|
|
or $23,$13
|
|
addu $11,$23,$1 # 15
|
|
srl $1,$25,6
|
|
xor $14,$30,$31
|
|
sll $13,$25,7
|
|
and $14,$25
|
|
srl $12,$25,11
|
|
xor $1,$13
|
|
sll $13,$25,21
|
|
xor $1,$12
|
|
srl $12,$25,25
|
|
xor $1,$13
|
|
sll $13,$25,26
|
|
xor $1,$12
|
|
xor $14,$31 # Ch(e,f,g)
|
|
xor $12,$13,$1 # Sigma1(e)
|
|
|
|
srl $1,$2,2
|
|
addu $11,$14
|
|
lw $14,60($6) # K[15]
|
|
sll $13,$2,10
|
|
addu $11,$12
|
|
srl $12,$2,13
|
|
xor $1,$13
|
|
sll $13,$2,19
|
|
xor $1,$12
|
|
srl $12,$2,22
|
|
xor $1,$13
|
|
sll $13,$2,30
|
|
xor $1,$12
|
|
sw $23,60($29) # offload to ring buffer
|
|
xor $1,$13 # Sigma0(a)
|
|
|
|
or $12,$2,$3
|
|
and $13,$2,$3
|
|
and $12,$7
|
|
or $13,$12 # Maj(a,b,c)
|
|
addu $11,$14 # +=K[15]
|
|
addu $1,$13
|
|
|
|
addu $24,$11
|
|
addu $1,$11
|
|
lw $10,8($29) # prefetch from ring buffer
|
|
b .L16_xx
|
|
.align 4
|
|
.L16_xx:
|
|
srl $14,$9,3 # Xupdate(16)
|
|
addu $8,$17 # +=X[i+9]
|
|
sll $13,$9,14
|
|
srl $12,$9,7
|
|
xor $14,$13
|
|
sll $13,11
|
|
xor $14,$12
|
|
srl $12,$9,18
|
|
xor $14,$13
|
|
|
|
srl $15,$22,10
|
|
xor $14,$12 # sigma0(X[i+1])
|
|
sll $13,$22,13
|
|
addu $8,$14
|
|
srl $12,$22,17
|
|
xor $15,$13
|
|
sll $13,2
|
|
xor $15,$12
|
|
srl $12,$22,19
|
|
xor $15,$13
|
|
|
|
xor $15,$12 # sigma1(X[i+14])
|
|
addu $8,$15
|
|
addu $12,$8,$31 # 16
|
|
srl $31,$24,6
|
|
xor $15,$25,$30
|
|
sll $14,$24,7
|
|
and $15,$24
|
|
srl $13,$24,11
|
|
xor $31,$14
|
|
sll $14,$24,21
|
|
xor $31,$13
|
|
srl $13,$24,25
|
|
xor $31,$14
|
|
sll $14,$24,26
|
|
xor $31,$13
|
|
xor $15,$30 # Ch(e,f,g)
|
|
xor $13,$14,$31 # Sigma1(e)
|
|
|
|
srl $31,$1,2
|
|
addu $12,$15
|
|
lw $15,64($6) # K[16]
|
|
sll $14,$1,10
|
|
addu $12,$13
|
|
srl $13,$1,13
|
|
xor $31,$14
|
|
sll $14,$1,19
|
|
xor $31,$13
|
|
srl $13,$1,22
|
|
xor $31,$14
|
|
sll $14,$1,30
|
|
xor $31,$13
|
|
sw $8,0($29) # offload to ring buffer
|
|
xor $31,$14 # Sigma0(a)
|
|
|
|
or $13,$1,$2
|
|
and $14,$1,$2
|
|
and $13,$3
|
|
or $14,$13 # Maj(a,b,c)
|
|
addu $12,$15 # +=K[16]
|
|
addu $31,$14
|
|
|
|
addu $7,$12
|
|
addu $31,$12
|
|
lw $11,12($29) # prefetch from ring buffer
|
|
srl $15,$10,3 # Xupdate(17)
|
|
addu $9,$18 # +=X[i+9]
|
|
sll $14,$10,14
|
|
srl $13,$10,7
|
|
xor $15,$14
|
|
sll $14,11
|
|
xor $15,$13
|
|
srl $13,$10,18
|
|
xor $15,$14
|
|
|
|
srl $16,$23,10
|
|
xor $15,$13 # sigma0(X[i+1])
|
|
sll $14,$23,13
|
|
addu $9,$15
|
|
srl $13,$23,17
|
|
xor $16,$14
|
|
sll $14,2
|
|
xor $16,$13
|
|
srl $13,$23,19
|
|
xor $16,$14
|
|
|
|
xor $16,$13 # sigma1(X[i+14])
|
|
addu $9,$16
|
|
addu $13,$9,$30 # 17
|
|
srl $30,$7,6
|
|
xor $16,$24,$25
|
|
sll $15,$7,7
|
|
and $16,$7
|
|
srl $14,$7,11
|
|
xor $30,$15
|
|
sll $15,$7,21
|
|
xor $30,$14
|
|
srl $14,$7,25
|
|
xor $30,$15
|
|
sll $15,$7,26
|
|
xor $30,$14
|
|
xor $16,$25 # Ch(e,f,g)
|
|
xor $14,$15,$30 # Sigma1(e)
|
|
|
|
srl $30,$31,2
|
|
addu $13,$16
|
|
lw $16,68($6) # K[17]
|
|
sll $15,$31,10
|
|
addu $13,$14
|
|
srl $14,$31,13
|
|
xor $30,$15
|
|
sll $15,$31,19
|
|
xor $30,$14
|
|
srl $14,$31,22
|
|
xor $30,$15
|
|
sll $15,$31,30
|
|
xor $30,$14
|
|
sw $9,4($29) # offload to ring buffer
|
|
xor $30,$15 # Sigma0(a)
|
|
|
|
or $14,$31,$1
|
|
and $15,$31,$1
|
|
and $14,$2
|
|
or $15,$14 # Maj(a,b,c)
|
|
addu $13,$16 # +=K[17]
|
|
addu $30,$15
|
|
|
|
addu $3,$13
|
|
addu $30,$13
|
|
lw $12,16($29) # prefetch from ring buffer
|
|
srl $16,$11,3 # Xupdate(18)
|
|
addu $10,$19 # +=X[i+9]
|
|
sll $15,$11,14
|
|
srl $14,$11,7
|
|
xor $16,$15
|
|
sll $15,11
|
|
xor $16,$14
|
|
srl $14,$11,18
|
|
xor $16,$15
|
|
|
|
srl $17,$8,10
|
|
xor $16,$14 # sigma0(X[i+1])
|
|
sll $15,$8,13
|
|
addu $10,$16
|
|
srl $14,$8,17
|
|
xor $17,$15
|
|
sll $15,2
|
|
xor $17,$14
|
|
srl $14,$8,19
|
|
xor $17,$15
|
|
|
|
xor $17,$14 # sigma1(X[i+14])
|
|
addu $10,$17
|
|
addu $14,$10,$25 # 18
|
|
srl $25,$3,6
|
|
xor $17,$7,$24
|
|
sll $16,$3,7
|
|
and $17,$3
|
|
srl $15,$3,11
|
|
xor $25,$16
|
|
sll $16,$3,21
|
|
xor $25,$15
|
|
srl $15,$3,25
|
|
xor $25,$16
|
|
sll $16,$3,26
|
|
xor $25,$15
|
|
xor $17,$24 # Ch(e,f,g)
|
|
xor $15,$16,$25 # Sigma1(e)
|
|
|
|
srl $25,$30,2
|
|
addu $14,$17
|
|
lw $17,72($6) # K[18]
|
|
sll $16,$30,10
|
|
addu $14,$15
|
|
srl $15,$30,13
|
|
xor $25,$16
|
|
sll $16,$30,19
|
|
xor $25,$15
|
|
srl $15,$30,22
|
|
xor $25,$16
|
|
sll $16,$30,30
|
|
xor $25,$15
|
|
sw $10,8($29) # offload to ring buffer
|
|
xor $25,$16 # Sigma0(a)
|
|
|
|
or $15,$30,$31
|
|
and $16,$30,$31
|
|
and $15,$1
|
|
or $16,$15 # Maj(a,b,c)
|
|
addu $14,$17 # +=K[18]
|
|
addu $25,$16
|
|
|
|
addu $2,$14
|
|
addu $25,$14
|
|
lw $13,20($29) # prefetch from ring buffer
|
|
srl $17,$12,3 # Xupdate(19)
|
|
addu $11,$20 # +=X[i+9]
|
|
sll $16,$12,14
|
|
srl $15,$12,7
|
|
xor $17,$16
|
|
sll $16,11
|
|
xor $17,$15
|
|
srl $15,$12,18
|
|
xor $17,$16
|
|
|
|
srl $18,$9,10
|
|
xor $17,$15 # sigma0(X[i+1])
|
|
sll $16,$9,13
|
|
addu $11,$17
|
|
srl $15,$9,17
|
|
xor $18,$16
|
|
sll $16,2
|
|
xor $18,$15
|
|
srl $15,$9,19
|
|
xor $18,$16
|
|
|
|
xor $18,$15 # sigma1(X[i+14])
|
|
addu $11,$18
|
|
addu $15,$11,$24 # 19
|
|
srl $24,$2,6
|
|
xor $18,$3,$7
|
|
sll $17,$2,7
|
|
and $18,$2
|
|
srl $16,$2,11
|
|
xor $24,$17
|
|
sll $17,$2,21
|
|
xor $24,$16
|
|
srl $16,$2,25
|
|
xor $24,$17
|
|
sll $17,$2,26
|
|
xor $24,$16
|
|
xor $18,$7 # Ch(e,f,g)
|
|
xor $16,$17,$24 # Sigma1(e)
|
|
|
|
srl $24,$25,2
|
|
addu $15,$18
|
|
lw $18,76($6) # K[19]
|
|
sll $17,$25,10
|
|
addu $15,$16
|
|
srl $16,$25,13
|
|
xor $24,$17
|
|
sll $17,$25,19
|
|
xor $24,$16
|
|
srl $16,$25,22
|
|
xor $24,$17
|
|
sll $17,$25,30
|
|
xor $24,$16
|
|
sw $11,12($29) # offload to ring buffer
|
|
xor $24,$17 # Sigma0(a)
|
|
|
|
or $16,$25,$30
|
|
and $17,$25,$30
|
|
and $16,$31
|
|
or $17,$16 # Maj(a,b,c)
|
|
addu $15,$18 # +=K[19]
|
|
addu $24,$17
|
|
|
|
addu $1,$15
|
|
addu $24,$15
|
|
lw $14,24($29) # prefetch from ring buffer
|
|
srl $18,$13,3 # Xupdate(20)
|
|
addu $12,$21 # +=X[i+9]
|
|
sll $17,$13,14
|
|
srl $16,$13,7
|
|
xor $18,$17
|
|
sll $17,11
|
|
xor $18,$16
|
|
srl $16,$13,18
|
|
xor $18,$17
|
|
|
|
srl $19,$10,10
|
|
xor $18,$16 # sigma0(X[i+1])
|
|
sll $17,$10,13
|
|
addu $12,$18
|
|
srl $16,$10,17
|
|
xor $19,$17
|
|
sll $17,2
|
|
xor $19,$16
|
|
srl $16,$10,19
|
|
xor $19,$17
|
|
|
|
xor $19,$16 # sigma1(X[i+14])
|
|
addu $12,$19
|
|
addu $16,$12,$7 # 20
|
|
srl $7,$1,6
|
|
xor $19,$2,$3
|
|
sll $18,$1,7
|
|
and $19,$1
|
|
srl $17,$1,11
|
|
xor $7,$18
|
|
sll $18,$1,21
|
|
xor $7,$17
|
|
srl $17,$1,25
|
|
xor $7,$18
|
|
sll $18,$1,26
|
|
xor $7,$17
|
|
xor $19,$3 # Ch(e,f,g)
|
|
xor $17,$18,$7 # Sigma1(e)
|
|
|
|
srl $7,$24,2
|
|
addu $16,$19
|
|
lw $19,80($6) # K[20]
|
|
sll $18,$24,10
|
|
addu $16,$17
|
|
srl $17,$24,13
|
|
xor $7,$18
|
|
sll $18,$24,19
|
|
xor $7,$17
|
|
srl $17,$24,22
|
|
xor $7,$18
|
|
sll $18,$24,30
|
|
xor $7,$17
|
|
sw $12,16($29) # offload to ring buffer
|
|
xor $7,$18 # Sigma0(a)
|
|
|
|
or $17,$24,$25
|
|
and $18,$24,$25
|
|
and $17,$30
|
|
or $18,$17 # Maj(a,b,c)
|
|
addu $16,$19 # +=K[20]
|
|
addu $7,$18
|
|
|
|
addu $31,$16
|
|
addu $7,$16
|
|
lw $15,28($29) # prefetch from ring buffer
|
|
srl $19,$14,3 # Xupdate(21)
|
|
addu $13,$22 # +=X[i+9]
|
|
sll $18,$14,14
|
|
srl $17,$14,7
|
|
xor $19,$18
|
|
sll $18,11
|
|
xor $19,$17
|
|
srl $17,$14,18
|
|
xor $19,$18
|
|
|
|
srl $20,$11,10
|
|
xor $19,$17 # sigma0(X[i+1])
|
|
sll $18,$11,13
|
|
addu $13,$19
|
|
srl $17,$11,17
|
|
xor $20,$18
|
|
sll $18,2
|
|
xor $20,$17
|
|
srl $17,$11,19
|
|
xor $20,$18
|
|
|
|
xor $20,$17 # sigma1(X[i+14])
|
|
addu $13,$20
|
|
addu $17,$13,$3 # 21
|
|
srl $3,$31,6
|
|
xor $20,$1,$2
|
|
sll $19,$31,7
|
|
and $20,$31
|
|
srl $18,$31,11
|
|
xor $3,$19
|
|
sll $19,$31,21
|
|
xor $3,$18
|
|
srl $18,$31,25
|
|
xor $3,$19
|
|
sll $19,$31,26
|
|
xor $3,$18
|
|
xor $20,$2 # Ch(e,f,g)
|
|
xor $18,$19,$3 # Sigma1(e)
|
|
|
|
srl $3,$7,2
|
|
addu $17,$20
|
|
lw $20,84($6) # K[21]
|
|
sll $19,$7,10
|
|
addu $17,$18
|
|
srl $18,$7,13
|
|
xor $3,$19
|
|
sll $19,$7,19
|
|
xor $3,$18
|
|
srl $18,$7,22
|
|
xor $3,$19
|
|
sll $19,$7,30
|
|
xor $3,$18
|
|
sw $13,20($29) # offload to ring buffer
|
|
xor $3,$19 # Sigma0(a)
|
|
|
|
or $18,$7,$24
|
|
and $19,$7,$24
|
|
and $18,$25
|
|
or $19,$18 # Maj(a,b,c)
|
|
addu $17,$20 # +=K[21]
|
|
addu $3,$19
|
|
|
|
addu $30,$17
|
|
addu $3,$17
|
|
lw $16,32($29) # prefetch from ring buffer
|
|
srl $20,$15,3 # Xupdate(22)
|
|
addu $14,$23 # +=X[i+9]
|
|
sll $19,$15,14
|
|
srl $18,$15,7
|
|
xor $20,$19
|
|
sll $19,11
|
|
xor $20,$18
|
|
srl $18,$15,18
|
|
xor $20,$19
|
|
|
|
srl $21,$12,10
|
|
xor $20,$18 # sigma0(X[i+1])
|
|
sll $19,$12,13
|
|
addu $14,$20
|
|
srl $18,$12,17
|
|
xor $21,$19
|
|
sll $19,2
|
|
xor $21,$18
|
|
srl $18,$12,19
|
|
xor $21,$19
|
|
|
|
xor $21,$18 # sigma1(X[i+14])
|
|
addu $14,$21
|
|
addu $18,$14,$2 # 22
|
|
srl $2,$30,6
|
|
xor $21,$31,$1
|
|
sll $20,$30,7
|
|
and $21,$30
|
|
srl $19,$30,11
|
|
xor $2,$20
|
|
sll $20,$30,21
|
|
xor $2,$19
|
|
srl $19,$30,25
|
|
xor $2,$20
|
|
sll $20,$30,26
|
|
xor $2,$19
|
|
xor $21,$1 # Ch(e,f,g)
|
|
xor $19,$20,$2 # Sigma1(e)
|
|
|
|
srl $2,$3,2
|
|
addu $18,$21
|
|
lw $21,88($6) # K[22]
|
|
sll $20,$3,10
|
|
addu $18,$19
|
|
srl $19,$3,13
|
|
xor $2,$20
|
|
sll $20,$3,19
|
|
xor $2,$19
|
|
srl $19,$3,22
|
|
xor $2,$20
|
|
sll $20,$3,30
|
|
xor $2,$19
|
|
sw $14,24($29) # offload to ring buffer
|
|
xor $2,$20 # Sigma0(a)
|
|
|
|
or $19,$3,$7
|
|
and $20,$3,$7
|
|
and $19,$24
|
|
or $20,$19 # Maj(a,b,c)
|
|
addu $18,$21 # +=K[22]
|
|
addu $2,$20
|
|
|
|
addu $25,$18
|
|
addu $2,$18
|
|
lw $17,36($29) # prefetch from ring buffer
|
|
srl $21,$16,3 # Xupdate(23)
|
|
addu $15,$8 # +=X[i+9]
|
|
sll $20,$16,14
|
|
srl $19,$16,7
|
|
xor $21,$20
|
|
sll $20,11
|
|
xor $21,$19
|
|
srl $19,$16,18
|
|
xor $21,$20
|
|
|
|
srl $22,$13,10
|
|
xor $21,$19 # sigma0(X[i+1])
|
|
sll $20,$13,13
|
|
addu $15,$21
|
|
srl $19,$13,17
|
|
xor $22,$20
|
|
sll $20,2
|
|
xor $22,$19
|
|
srl $19,$13,19
|
|
xor $22,$20
|
|
|
|
xor $22,$19 # sigma1(X[i+14])
|
|
addu $15,$22
|
|
addu $19,$15,$1 # 23
|
|
srl $1,$25,6
|
|
xor $22,$30,$31
|
|
sll $21,$25,7
|
|
and $22,$25
|
|
srl $20,$25,11
|
|
xor $1,$21
|
|
sll $21,$25,21
|
|
xor $1,$20
|
|
srl $20,$25,25
|
|
xor $1,$21
|
|
sll $21,$25,26
|
|
xor $1,$20
|
|
xor $22,$31 # Ch(e,f,g)
|
|
xor $20,$21,$1 # Sigma1(e)
|
|
|
|
srl $1,$2,2
|
|
addu $19,$22
|
|
lw $22,92($6) # K[23]
|
|
sll $21,$2,10
|
|
addu $19,$20
|
|
srl $20,$2,13
|
|
xor $1,$21
|
|
sll $21,$2,19
|
|
xor $1,$20
|
|
srl $20,$2,22
|
|
xor $1,$21
|
|
sll $21,$2,30
|
|
xor $1,$20
|
|
sw $15,28($29) # offload to ring buffer
|
|
xor $1,$21 # Sigma0(a)
|
|
|
|
or $20,$2,$3
|
|
and $21,$2,$3
|
|
and $20,$7
|
|
or $21,$20 # Maj(a,b,c)
|
|
addu $19,$22 # +=K[23]
|
|
addu $1,$21
|
|
|
|
addu $24,$19
|
|
addu $1,$19
|
|
lw $18,40($29) # prefetch from ring buffer
|
|
srl $22,$17,3 # Xupdate(24)
|
|
addu $16,$9 # +=X[i+9]
|
|
sll $21,$17,14
|
|
srl $20,$17,7
|
|
xor $22,$21
|
|
sll $21,11
|
|
xor $22,$20
|
|
srl $20,$17,18
|
|
xor $22,$21
|
|
|
|
srl $23,$14,10
|
|
xor $22,$20 # sigma0(X[i+1])
|
|
sll $21,$14,13
|
|
addu $16,$22
|
|
srl $20,$14,17
|
|
xor $23,$21
|
|
sll $21,2
|
|
xor $23,$20
|
|
srl $20,$14,19
|
|
xor $23,$21
|
|
|
|
xor $23,$20 # sigma1(X[i+14])
|
|
addu $16,$23
|
|
addu $20,$16,$31 # 24
|
|
srl $31,$24,6
|
|
xor $23,$25,$30
|
|
sll $22,$24,7
|
|
and $23,$24
|
|
srl $21,$24,11
|
|
xor $31,$22
|
|
sll $22,$24,21
|
|
xor $31,$21
|
|
srl $21,$24,25
|
|
xor $31,$22
|
|
sll $22,$24,26
|
|
xor $31,$21
|
|
xor $23,$30 # Ch(e,f,g)
|
|
xor $21,$22,$31 # Sigma1(e)
|
|
|
|
srl $31,$1,2
|
|
addu $20,$23
|
|
lw $23,96($6) # K[24]
|
|
sll $22,$1,10
|
|
addu $20,$21
|
|
srl $21,$1,13
|
|
xor $31,$22
|
|
sll $22,$1,19
|
|
xor $31,$21
|
|
srl $21,$1,22
|
|
xor $31,$22
|
|
sll $22,$1,30
|
|
xor $31,$21
|
|
sw $16,32($29) # offload to ring buffer
|
|
xor $31,$22 # Sigma0(a)
|
|
|
|
or $21,$1,$2
|
|
and $22,$1,$2
|
|
and $21,$3
|
|
or $22,$21 # Maj(a,b,c)
|
|
addu $20,$23 # +=K[24]
|
|
addu $31,$22
|
|
|
|
addu $7,$20
|
|
addu $31,$20
|
|
lw $19,44($29) # prefetch from ring buffer
|
|
srl $23,$18,3 # Xupdate(25)
|
|
addu $17,$10 # +=X[i+9]
|
|
sll $22,$18,14
|
|
srl $21,$18,7
|
|
xor $23,$22
|
|
sll $22,11
|
|
xor $23,$21
|
|
srl $21,$18,18
|
|
xor $23,$22
|
|
|
|
srl $8,$15,10
|
|
xor $23,$21 # sigma0(X[i+1])
|
|
sll $22,$15,13
|
|
addu $17,$23
|
|
srl $21,$15,17
|
|
xor $8,$22
|
|
sll $22,2
|
|
xor $8,$21
|
|
srl $21,$15,19
|
|
xor $8,$22
|
|
|
|
xor $8,$21 # sigma1(X[i+14])
|
|
addu $17,$8
|
|
addu $21,$17,$30 # 25
|
|
srl $30,$7,6
|
|
xor $8,$24,$25
|
|
sll $23,$7,7
|
|
and $8,$7
|
|
srl $22,$7,11
|
|
xor $30,$23
|
|
sll $23,$7,21
|
|
xor $30,$22
|
|
srl $22,$7,25
|
|
xor $30,$23
|
|
sll $23,$7,26
|
|
xor $30,$22
|
|
xor $8,$25 # Ch(e,f,g)
|
|
xor $22,$23,$30 # Sigma1(e)
|
|
|
|
srl $30,$31,2
|
|
addu $21,$8
|
|
lw $8,100($6) # K[25]
|
|
sll $23,$31,10
|
|
addu $21,$22
|
|
srl $22,$31,13
|
|
xor $30,$23
|
|
sll $23,$31,19
|
|
xor $30,$22
|
|
srl $22,$31,22
|
|
xor $30,$23
|
|
sll $23,$31,30
|
|
xor $30,$22
|
|
sw $17,36($29) # offload to ring buffer
|
|
xor $30,$23 # Sigma0(a)
|
|
|
|
or $22,$31,$1
|
|
and $23,$31,$1
|
|
and $22,$2
|
|
or $23,$22 # Maj(a,b,c)
|
|
addu $21,$8 # +=K[25]
|
|
addu $30,$23
|
|
|
|
addu $3,$21
|
|
addu $30,$21
|
|
lw $20,48($29) # prefetch from ring buffer
|
|
srl $8,$19,3 # Xupdate(26)
|
|
addu $18,$11 # +=X[i+9]
|
|
sll $23,$19,14
|
|
srl $22,$19,7
|
|
xor $8,$23
|
|
sll $23,11
|
|
xor $8,$22
|
|
srl $22,$19,18
|
|
xor $8,$23
|
|
|
|
srl $9,$16,10
|
|
xor $8,$22 # sigma0(X[i+1])
|
|
sll $23,$16,13
|
|
addu $18,$8
|
|
srl $22,$16,17
|
|
xor $9,$23
|
|
sll $23,2
|
|
xor $9,$22
|
|
srl $22,$16,19
|
|
xor $9,$23
|
|
|
|
xor $9,$22 # sigma1(X[i+14])
|
|
addu $18,$9
|
|
addu $22,$18,$25 # 26
|
|
srl $25,$3,6
|
|
xor $9,$7,$24
|
|
sll $8,$3,7
|
|
and $9,$3
|
|
srl $23,$3,11
|
|
xor $25,$8
|
|
sll $8,$3,21
|
|
xor $25,$23
|
|
srl $23,$3,25
|
|
xor $25,$8
|
|
sll $8,$3,26
|
|
xor $25,$23
|
|
xor $9,$24 # Ch(e,f,g)
|
|
xor $23,$8,$25 # Sigma1(e)
|
|
|
|
srl $25,$30,2
|
|
addu $22,$9
|
|
lw $9,104($6) # K[26]
|
|
sll $8,$30,10
|
|
addu $22,$23
|
|
srl $23,$30,13
|
|
xor $25,$8
|
|
sll $8,$30,19
|
|
xor $25,$23
|
|
srl $23,$30,22
|
|
xor $25,$8
|
|
sll $8,$30,30
|
|
xor $25,$23
|
|
sw $18,40($29) # offload to ring buffer
|
|
xor $25,$8 # Sigma0(a)
|
|
|
|
or $23,$30,$31
|
|
and $8,$30,$31
|
|
and $23,$1
|
|
or $8,$23 # Maj(a,b,c)
|
|
addu $22,$9 # +=K[26]
|
|
addu $25,$8
|
|
|
|
addu $2,$22
|
|
addu $25,$22
|
|
lw $21,52($29) # prefetch from ring buffer
|
|
srl $9,$20,3 # Xupdate(27)
|
|
addu $19,$12 # +=X[i+9]
|
|
sll $8,$20,14
|
|
srl $23,$20,7
|
|
xor $9,$8
|
|
sll $8,11
|
|
xor $9,$23
|
|
srl $23,$20,18
|
|
xor $9,$8
|
|
|
|
srl $10,$17,10
|
|
xor $9,$23 # sigma0(X[i+1])
|
|
sll $8,$17,13
|
|
addu $19,$9
|
|
srl $23,$17,17
|
|
xor $10,$8
|
|
sll $8,2
|
|
xor $10,$23
|
|
srl $23,$17,19
|
|
xor $10,$8
|
|
|
|
xor $10,$23 # sigma1(X[i+14])
|
|
addu $19,$10
|
|
addu $23,$19,$24 # 27
|
|
srl $24,$2,6
|
|
xor $10,$3,$7
|
|
sll $9,$2,7
|
|
and $10,$2
|
|
srl $8,$2,11
|
|
xor $24,$9
|
|
sll $9,$2,21
|
|
xor $24,$8
|
|
srl $8,$2,25
|
|
xor $24,$9
|
|
sll $9,$2,26
|
|
xor $24,$8
|
|
xor $10,$7 # Ch(e,f,g)
|
|
xor $8,$9,$24 # Sigma1(e)
|
|
|
|
srl $24,$25,2
|
|
addu $23,$10
|
|
lw $10,108($6) # K[27]
|
|
sll $9,$25,10
|
|
addu $23,$8
|
|
srl $8,$25,13
|
|
xor $24,$9
|
|
sll $9,$25,19
|
|
xor $24,$8
|
|
srl $8,$25,22
|
|
xor $24,$9
|
|
sll $9,$25,30
|
|
xor $24,$8
|
|
sw $19,44($29) # offload to ring buffer
|
|
xor $24,$9 # Sigma0(a)
|
|
|
|
or $8,$25,$30
|
|
and $9,$25,$30
|
|
and $8,$31
|
|
or $9,$8 # Maj(a,b,c)
|
|
addu $23,$10 # +=K[27]
|
|
addu $24,$9
|
|
|
|
addu $1,$23
|
|
addu $24,$23
|
|
lw $22,56($29) # prefetch from ring buffer
|
|
srl $10,$21,3 # Xupdate(28)
|
|
addu $20,$13 # +=X[i+9]
|
|
sll $9,$21,14
|
|
srl $8,$21,7
|
|
xor $10,$9
|
|
sll $9,11
|
|
xor $10,$8
|
|
srl $8,$21,18
|
|
xor $10,$9
|
|
|
|
srl $11,$18,10
|
|
xor $10,$8 # sigma0(X[i+1])
|
|
sll $9,$18,13
|
|
addu $20,$10
|
|
srl $8,$18,17
|
|
xor $11,$9
|
|
sll $9,2
|
|
xor $11,$8
|
|
srl $8,$18,19
|
|
xor $11,$9
|
|
|
|
xor $11,$8 # sigma1(X[i+14])
|
|
addu $20,$11
|
|
addu $8,$20,$7 # 28
|
|
srl $7,$1,6
|
|
xor $11,$2,$3
|
|
sll $10,$1,7
|
|
and $11,$1
|
|
srl $9,$1,11
|
|
xor $7,$10
|
|
sll $10,$1,21
|
|
xor $7,$9
|
|
srl $9,$1,25
|
|
xor $7,$10
|
|
sll $10,$1,26
|
|
xor $7,$9
|
|
xor $11,$3 # Ch(e,f,g)
|
|
xor $9,$10,$7 # Sigma1(e)
|
|
|
|
srl $7,$24,2
|
|
addu $8,$11
|
|
lw $11,112($6) # K[28]
|
|
sll $10,$24,10
|
|
addu $8,$9
|
|
srl $9,$24,13
|
|
xor $7,$10
|
|
sll $10,$24,19
|
|
xor $7,$9
|
|
srl $9,$24,22
|
|
xor $7,$10
|
|
sll $10,$24,30
|
|
xor $7,$9
|
|
sw $20,48($29) # offload to ring buffer
|
|
xor $7,$10 # Sigma0(a)
|
|
|
|
or $9,$24,$25
|
|
and $10,$24,$25
|
|
and $9,$30
|
|
or $10,$9 # Maj(a,b,c)
|
|
addu $8,$11 # +=K[28]
|
|
addu $7,$10
|
|
|
|
addu $31,$8
|
|
addu $7,$8
|
|
lw $23,60($29) # prefetch from ring buffer
|
|
srl $11,$22,3 # Xupdate(29)
|
|
addu $21,$14 # +=X[i+9]
|
|
sll $10,$22,14
|
|
srl $9,$22,7
|
|
xor $11,$10
|
|
sll $10,11
|
|
xor $11,$9
|
|
srl $9,$22,18
|
|
xor $11,$10
|
|
|
|
srl $12,$19,10
|
|
xor $11,$9 # sigma0(X[i+1])
|
|
sll $10,$19,13
|
|
addu $21,$11
|
|
srl $9,$19,17
|
|
xor $12,$10
|
|
sll $10,2
|
|
xor $12,$9
|
|
srl $9,$19,19
|
|
xor $12,$10
|
|
|
|
xor $12,$9 # sigma1(X[i+14])
|
|
addu $21,$12
|
|
addu $9,$21,$3 # 29
|
|
srl $3,$31,6
|
|
xor $12,$1,$2
|
|
sll $11,$31,7
|
|
and $12,$31
|
|
srl $10,$31,11
|
|
xor $3,$11
|
|
sll $11,$31,21
|
|
xor $3,$10
|
|
srl $10,$31,25
|
|
xor $3,$11
|
|
sll $11,$31,26
|
|
xor $3,$10
|
|
xor $12,$2 # Ch(e,f,g)
|
|
xor $10,$11,$3 # Sigma1(e)
|
|
|
|
srl $3,$7,2
|
|
addu $9,$12
|
|
lw $12,116($6) # K[29]
|
|
sll $11,$7,10
|
|
addu $9,$10
|
|
srl $10,$7,13
|
|
xor $3,$11
|
|
sll $11,$7,19
|
|
xor $3,$10
|
|
srl $10,$7,22
|
|
xor $3,$11
|
|
sll $11,$7,30
|
|
xor $3,$10
|
|
sw $21,52($29) # offload to ring buffer
|
|
xor $3,$11 # Sigma0(a)
|
|
|
|
or $10,$7,$24
|
|
and $11,$7,$24
|
|
and $10,$25
|
|
or $11,$10 # Maj(a,b,c)
|
|
addu $9,$12 # +=K[29]
|
|
addu $3,$11
|
|
|
|
addu $30,$9
|
|
addu $3,$9
|
|
lw $8,0($29) # prefetch from ring buffer
|
|
srl $12,$23,3 # Xupdate(30)
|
|
addu $22,$15 # +=X[i+9]
|
|
sll $11,$23,14
|
|
srl $10,$23,7
|
|
xor $12,$11
|
|
sll $11,11
|
|
xor $12,$10
|
|
srl $10,$23,18
|
|
xor $12,$11
|
|
|
|
srl $13,$20,10
|
|
xor $12,$10 # sigma0(X[i+1])
|
|
sll $11,$20,13
|
|
addu $22,$12
|
|
srl $10,$20,17
|
|
xor $13,$11
|
|
sll $11,2
|
|
xor $13,$10
|
|
srl $10,$20,19
|
|
xor $13,$11
|
|
|
|
xor $13,$10 # sigma1(X[i+14])
|
|
addu $22,$13
|
|
addu $10,$22,$2 # 30
|
|
srl $2,$30,6
|
|
xor $13,$31,$1
|
|
sll $12,$30,7
|
|
and $13,$30
|
|
srl $11,$30,11
|
|
xor $2,$12
|
|
sll $12,$30,21
|
|
xor $2,$11
|
|
srl $11,$30,25
|
|
xor $2,$12
|
|
sll $12,$30,26
|
|
xor $2,$11
|
|
xor $13,$1 # Ch(e,f,g)
|
|
xor $11,$12,$2 # Sigma1(e)
|
|
|
|
srl $2,$3,2
|
|
addu $10,$13
|
|
lw $13,120($6) # K[30]
|
|
sll $12,$3,10
|
|
addu $10,$11
|
|
srl $11,$3,13
|
|
xor $2,$12
|
|
sll $12,$3,19
|
|
xor $2,$11
|
|
srl $11,$3,22
|
|
xor $2,$12
|
|
sll $12,$3,30
|
|
xor $2,$11
|
|
sw $22,56($29) # offload to ring buffer
|
|
xor $2,$12 # Sigma0(a)
|
|
|
|
or $11,$3,$7
|
|
and $12,$3,$7
|
|
and $11,$24
|
|
or $12,$11 # Maj(a,b,c)
|
|
addu $10,$13 # +=K[30]
|
|
addu $2,$12
|
|
|
|
addu $25,$10
|
|
addu $2,$10
|
|
lw $9,4($29) # prefetch from ring buffer
|
|
srl $13,$8,3 # Xupdate(31)
|
|
addu $23,$16 # +=X[i+9]
|
|
sll $12,$8,14
|
|
srl $11,$8,7
|
|
xor $13,$12
|
|
sll $12,11
|
|
xor $13,$11
|
|
srl $11,$8,18
|
|
xor $13,$12
|
|
|
|
srl $14,$21,10
|
|
xor $13,$11 # sigma0(X[i+1])
|
|
sll $12,$21,13
|
|
addu $23,$13
|
|
srl $11,$21,17
|
|
xor $14,$12
|
|
sll $12,2
|
|
xor $14,$11
|
|
srl $11,$21,19
|
|
xor $14,$12
|
|
|
|
xor $14,$11 # sigma1(X[i+14])
|
|
addu $23,$14
|
|
addu $11,$23,$1 # 31
|
|
srl $1,$25,6
|
|
xor $14,$30,$31
|
|
sll $13,$25,7
|
|
and $14,$25
|
|
srl $12,$25,11
|
|
xor $1,$13
|
|
sll $13,$25,21
|
|
xor $1,$12
|
|
srl $12,$25,25
|
|
xor $1,$13
|
|
sll $13,$25,26
|
|
xor $1,$12
|
|
xor $14,$31 # Ch(e,f,g)
|
|
xor $12,$13,$1 # Sigma1(e)
|
|
|
|
srl $1,$2,2
|
|
addu $11,$14
|
|
lw $14,124($6) # K[31]
|
|
sll $13,$2,10
|
|
addu $11,$12
|
|
srl $12,$2,13
|
|
xor $1,$13
|
|
sll $13,$2,19
|
|
xor $1,$12
|
|
srl $12,$2,22
|
|
xor $1,$13
|
|
sll $13,$2,30
|
|
xor $1,$12
|
|
sw $23,60($29) # offload to ring buffer
|
|
xor $1,$13 # Sigma0(a)
|
|
|
|
or $12,$2,$3
|
|
and $13,$2,$3
|
|
and $12,$7
|
|
or $13,$12 # Maj(a,b,c)
|
|
addu $11,$14 # +=K[31]
|
|
addu $1,$13
|
|
|
|
addu $24,$11
|
|
addu $1,$11
|
|
lw $10,8($29) # prefetch from ring buffer
|
|
and $14,0xfff
|
|
li $15,2290
|
|
.set noreorder
|
|
bne $14,$15,.L16_xx
|
|
add $6,16*4 # Ktbl+=16
|
|
|
|
lw $23,16*4($29) # restore pointer to the end of input
|
|
lw $8,0*4($4)
|
|
lw $9,1*4($4)
|
|
lw $10,2*4($4)
|
|
add $5,16*4
|
|
lw $11,3*4($4)
|
|
addu $1,$8
|
|
lw $12,4*4($4)
|
|
addu $2,$9
|
|
lw $13,5*4($4)
|
|
addu $3,$10
|
|
lw $14,6*4($4)
|
|
addu $7,$11
|
|
lw $15,7*4($4)
|
|
addu $24,$12
|
|
sw $1,0*4($4)
|
|
addu $25,$13
|
|
sw $2,1*4($4)
|
|
addu $30,$14
|
|
sw $3,2*4($4)
|
|
addu $31,$15
|
|
sw $7,3*4($4)
|
|
sw $24,4*4($4)
|
|
sw $25,5*4($4)
|
|
sw $30,6*4($4)
|
|
sw $31,7*4($4)
|
|
|
|
bne $5,$23,.Loop
|
|
sub $6,192 # rewind $6
|
|
|
|
lw $31,128-1*4($29)
|
|
lw $30,128-2*4($29)
|
|
lw $23,128-3*4($29)
|
|
lw $22,128-4*4($29)
|
|
lw $21,128-5*4($29)
|
|
lw $20,128-6*4($29)
|
|
lw $19,128-7*4($29)
|
|
lw $18,128-8*4($29)
|
|
lw $17,128-9*4($29)
|
|
lw $16,128-10*4($29)
|
|
jr $31
|
|
add $29,128
|
|
.end sha256_block_data_order
|
|
|
|
.rdata
|
|
.align 5
|
|
K256:
|
|
.word 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
|
|
.word 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
|
|
.word 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
|
|
.word 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
|
|
.word 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
|
|
.word 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
|
|
.word 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
|
|
.word 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
|
|
.word 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
|
|
.word 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
|
|
.word 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
|
|
.word 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
|
|
.word 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
|
|
.word 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
|
|
.word 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
|
|
.word 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
|
.asciiz "SHA256 for MIPS, CRYPTOGAMS by <appro@openssl.org>"
|
|
.align 5
|
|
|