2 # Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the OpenSSL license (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
9 # ====================================================================
10 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
11 # project. The module is, however, dual licensed under OpenSSL and
12 # CRYPTOGAMS licenses depending on where you obtain it. For further
13 # details see http://www.openssl.org/~appro/cryptogams/.
14 # ====================================================================
16 # Keccak-1600 for PPC64.
20 # This is straightforward KECCAK_1X_ALT implementation that works on
21 # *any* PPC64. Then PowerISA 2.07 adds 2x64-bit vector rotate, and
22 # it's possible to achieve performance better than below, but that is
23 # naturally option only for POWER8 and successors...
25 ######################################################################
26 # Numbers are cycles per processed byte.
30 # PPC970/G5 14.6/+120%
35 # (*) Corresponds to SHA3-256. Percentage after slash is improvement
36 # over gcc-4.x-generated KECCAK_1X_ALT code. Newer compilers do
37 # much better (but watch out for them generating code specific
38 # to processor they execute on).
42 if ($flavour =~ /64/) {
49 } else { die "nonsense $flavour"; }
51 $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
52 ( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
53 ( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
54 die "can't locate ppc-xlate.pl";
56 open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
58 $FRAME=24*$SIZE_T+6*$SIZE_T+32;
60 $TEMP=$LOCALS+6*$SIZE_T;
64 my @A = map([ "r$_", "r".($_+1), "r".($_+2), "r".($_+3), "r".($_+4) ],
66 $A[1][1] = "r6"; # r13 is reserved
68 my @C = map("r$_", (0,3,4,5));
70 my @rhotates = ([ 0, 1, 62, 28, 27 ],
71 [ 36, 44, 6, 55, 20 ],
72 [ 3, 10, 43, 25, 39 ],
73 [ 41, 45, 15, 21, 8 ],
74 [ 18, 2, 61, 56, 14 ]);
79 .type KeccakF1600_int,\@function
87 xor $C[0],$A[0][0],$A[1][0] ; Theta
88 std $A[0][4],`$TEMP+0`($sp)
89 xor $C[1],$A[0][1],$A[1][1]
90 std $A[1][4],`$TEMP+8`($sp)
91 xor $C[2],$A[0][2],$A[1][2]
92 std $A[2][4],`$TEMP+16`($sp)
93 xor $C[3],$A[0][3],$A[1][3]
94 std $A[3][4],`$TEMP+24`($sp)
101 xor $C[4],$A[0][4],$A[1][4]
102 xor $C[0],$C[0],$A[2][0]
103 xor $C[1],$C[1],$A[2][1]
104 xor $C[2],$C[2],$A[2][2]
105 xor $C[3],$C[3],$A[2][3]
106 xor $C[4],$C[4],$A[2][4]
107 xor $C[0],$C[0],$A[3][0]
108 xor $C[1],$C[1],$A[3][1]
109 xor $C[2],$C[2],$A[3][2]
110 xor $C[3],$C[3],$A[3][3]
111 xor $C[4],$C[4],$A[3][4]
112 xor $C[0],$C[0],$A[4][0]
113 xor $C[2],$C[2],$A[4][2]
114 xor $C[1],$C[1],$A[4][1]
115 xor $C[3],$C[3],$A[4][3]
117 xor $C[4],$C[4],$A[4][4]
119 xor $C[5],$C[5],$C[0]
122 xor $A[0][1],$A[0][1],$C[5]
123 xor $A[1][1],$A[1][1],$C[5]
124 xor $A[2][1],$A[2][1],$C[5]
125 xor $A[3][1],$A[3][1],$C[5]
126 xor $A[4][1],$A[4][1],$C[5]
129 xor $C[6],$C[6],$C[1]
130 xor $C[2],$C[2],$C[7]
132 xor $C[3],$C[3],$C[5]
133 xor $C[4],$C[4],$C[7]
135 xor $C[1], $A[0][2],$C[6] ;mr $C[1],$A[0][2]
136 xor $A[1][2],$A[1][2],$C[6]
137 xor $A[2][2],$A[2][2],$C[6]
138 xor $A[3][2],$A[3][2],$C[6]
139 xor $A[4][2],$A[4][2],$C[6]
141 xor $A[0][0],$A[0][0],$C[4]
142 xor $A[1][0],$A[1][0],$C[4]
143 xor $A[2][0],$A[2][0],$C[4]
144 xor $A[3][0],$A[3][0],$C[4]
145 xor $A[4][0],$A[4][0],$C[4]
152 ld $A[0][4],`$TEMP+0`($sp)
153 xor $C[0], $A[0][3],$C[2] ;mr $C[0],$A[0][3]
154 ld $A[1][4],`$TEMP+8`($sp)
155 xor $A[1][3],$A[1][3],$C[2]
156 ld $A[2][4],`$TEMP+16`($sp)
157 xor $A[2][3],$A[2][3],$C[2]
158 ld $A[3][4],`$TEMP+24`($sp)
159 xor $A[3][3],$A[3][3],$C[2]
160 xor $A[4][3],$A[4][3],$C[2]
162 xor $C[2], $A[0][4],$C[3] ;mr $C[2],$A[0][4]
163 xor $A[1][4],$A[1][4],$C[3]
164 xor $A[2][4],$A[2][4],$C[3]
165 xor $A[3][4],$A[3][4],$C[3]
166 xor $A[4][4],$A[4][4],$C[3]
168 mr $C[3],$A[0][1] ; Rho+Pi
169 rotldi $A[0][1],$A[1][1],$rhotates[1][1]
171 rotldi $A[0][2],$A[2][2],$rhotates[2][2]
173 rotldi $A[0][3],$A[3][3],$rhotates[3][3]
175 rotldi $A[0][4],$A[4][4],$rhotates[4][4]
177 rotldi $A[1][1],$A[1][4],$rhotates[1][4]
178 rotldi $A[2][2],$A[2][3],$rhotates[2][3]
179 rotldi $A[3][3],$A[3][2],$rhotates[3][2]
180 rotldi $A[4][4],$A[4][1],$rhotates[4][1]
182 rotldi $A[1][4],$A[4][2],$rhotates[4][2]
183 rotldi $A[2][3],$A[3][4],$rhotates[3][4]
184 rotldi $A[3][2],$A[2][1],$rhotates[2][1]
185 rotldi $A[4][1],$A[1][3],$rhotates[1][3]
187 rotldi $A[4][2],$A[2][4],$rhotates[2][4]
188 rotldi $A[3][4],$A[4][3],$rhotates[4][3]
189 rotldi $A[2][1],$A[1][2],$rhotates[1][2]
190 rotldi $A[1][3],$A[3][1],$rhotates[3][1]
192 rotldi $A[2][4],$A[4][0],$rhotates[4][0]
193 rotldi $A[4][3],$A[3][0],$rhotates[3][0]
194 rotldi $A[1][2],$A[2][0],$rhotates[2][0]
195 rotldi $A[3][1],$A[1][0],$rhotates[1][0]
197 rotldi $A[1][0],$C[0],$rhotates[0][3]
198 rotldi $A[2][0],$C[3],$rhotates[0][1]
199 rotldi $A[3][0],$C[2],$rhotates[0][4]
200 rotldi $A[4][0],$C[1],$rhotates[0][2]
202 andc $C[0],$A[0][2],$A[0][1] ; Chi+Iota
203 andc $C[1],$A[0][3],$A[0][2]
204 andc $C[2],$A[0][0],$A[0][4]
205 andc $C[3],$A[0][1],$A[0][0]
206 xor $A[0][0],$A[0][0],$C[0]
207 andc $C[0],$A[0][4],$A[0][3]
208 xor $A[0][1],$A[0][1],$C[1]
209 ld $C[1],`$LOCALS+4*$SIZE_T`($sp)
210 xor $A[0][3],$A[0][3],$C[2]
211 xor $A[0][4],$A[0][4],$C[3]
212 xor $A[0][2],$A[0][2],$C[0]
213 ldu $C[3],8($C[1]) ; Iota[i++]
215 andc $C[0],$A[1][2],$A[1][1]
216 std $C[1],`$LOCALS+4*$SIZE_T`($sp)
217 andc $C[1],$A[1][3],$A[1][2]
218 andc $C[2],$A[1][0],$A[1][4]
219 xor $A[0][0],$A[0][0],$C[3] ; A[0][0] ^= Iota
220 andc $C[3],$A[1][1],$A[1][0]
221 xor $A[1][0],$A[1][0],$C[0]
222 andc $C[0],$A[1][4],$A[1][3]
223 xor $A[1][1],$A[1][1],$C[1]
224 xor $A[1][3],$A[1][3],$C[2]
225 xor $A[1][4],$A[1][4],$C[3]
226 xor $A[1][2],$A[1][2],$C[0]
228 andc $C[0],$A[2][2],$A[2][1]
229 andc $C[1],$A[2][3],$A[2][2]
230 andc $C[2],$A[2][0],$A[2][4]
231 andc $C[3],$A[2][1],$A[2][0]
232 xor $A[2][0],$A[2][0],$C[0]
233 andc $C[0],$A[2][4],$A[2][3]
234 xor $A[2][1],$A[2][1],$C[1]
235 xor $A[2][3],$A[2][3],$C[2]
236 xor $A[2][4],$A[2][4],$C[3]
237 xor $A[2][2],$A[2][2],$C[0]
239 andc $C[0],$A[3][2],$A[3][1]
240 andc $C[1],$A[3][3],$A[3][2]
241 andc $C[2],$A[3][0],$A[3][4]
242 andc $C[3],$A[3][1],$A[3][0]
243 xor $A[3][0],$A[3][0],$C[0]
244 andc $C[0],$A[3][4],$A[3][3]
245 xor $A[3][1],$A[3][1],$C[1]
246 xor $A[3][3],$A[3][3],$C[2]
247 xor $A[3][4],$A[3][4],$C[3]
248 xor $A[3][2],$A[3][2],$C[0]
250 andc $C[0],$A[4][2],$A[4][1]
251 andc $C[1],$A[4][3],$A[4][2]
252 andc $C[2],$A[4][0],$A[4][4]
253 andc $C[3],$A[4][1],$A[4][0]
254 xor $A[4][0],$A[4][0],$C[0]
255 andc $C[0],$A[4][4],$A[4][3]
256 xor $A[4][1],$A[4][1],$C[1]
257 xor $A[4][3],$A[4][3],$C[2]
258 xor $A[4][4],$A[4][4],$C[3]
259 xor $A[4][2],$A[4][2],$C[0]
265 .byte 0,12,0x14,0,0,0,0,0
266 .size KeccakF1600_int,.-KeccakF1600_int
268 .type KeccakF1600,\@function
271 $STU $sp,-$FRAME($sp)
273 $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
274 $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
275 $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
276 $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
277 $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
278 $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
279 $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
280 $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
281 $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
282 $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
283 $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
284 $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
285 $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
286 $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
287 $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
288 $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
289 $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
290 $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
291 $PUSH r0,`$FRAME+$LRSAVE`($sp)
294 subi r12,r12,8 ; prepare for ldu
296 $PUSH r3,`$LOCALS+0*$SIZE_T`($sp)
297 ;$PUSH r4,`$LOCALS+1*$SIZE_T`($sp)
298 ;$PUSH r5,`$LOCALS+2*$SIZE_T`($sp)
299 ;$PUSH r6,`$LOCALS+3*$SIZE_T`($sp)
300 $PUSH r12,`$LOCALS+4*$SIZE_T`($sp)
302 ld $A[0][0],`8*0`(r3) ; load A[5][5]
303 ld $A[0][1],`8*1`(r3)
304 ld $A[0][2],`8*2`(r3)
305 ld $A[0][3],`8*3`(r3)
306 ld $A[0][4],`8*4`(r3)
307 ld $A[1][0],`8*5`(r3)
308 ld $A[1][1],`8*6`(r3)
309 ld $A[1][2],`8*7`(r3)
310 ld $A[1][3],`8*8`(r3)
311 ld $A[1][4],`8*9`(r3)
312 ld $A[2][0],`8*10`(r3)
313 ld $A[2][1],`8*11`(r3)
314 ld $A[2][2],`8*12`(r3)
315 ld $A[2][3],`8*13`(r3)
316 ld $A[2][4],`8*14`(r3)
317 ld $A[3][0],`8*15`(r3)
318 ld $A[3][1],`8*16`(r3)
319 ld $A[3][2],`8*17`(r3)
320 ld $A[3][3],`8*18`(r3)
321 ld $A[3][4],`8*19`(r3)
322 ld $A[4][0],`8*20`(r3)
323 ld $A[4][1],`8*21`(r3)
324 ld $A[4][2],`8*22`(r3)
325 ld $A[4][3],`8*23`(r3)
326 ld $A[4][4],`8*24`(r3)
330 $POP r3,`$LOCALS+0*$SIZE_T`($sp)
331 std $A[0][0],`8*0`(r3) ; return A[5][5]
332 std $A[0][1],`8*1`(r3)
333 std $A[0][2],`8*2`(r3)
334 std $A[0][3],`8*3`(r3)
335 std $A[0][4],`8*4`(r3)
336 std $A[1][0],`8*5`(r3)
337 std $A[1][1],`8*6`(r3)
338 std $A[1][2],`8*7`(r3)
339 std $A[1][3],`8*8`(r3)
340 std $A[1][4],`8*9`(r3)
341 std $A[2][0],`8*10`(r3)
342 std $A[2][1],`8*11`(r3)
343 std $A[2][2],`8*12`(r3)
344 std $A[2][3],`8*13`(r3)
345 std $A[2][4],`8*14`(r3)
346 std $A[3][0],`8*15`(r3)
347 std $A[3][1],`8*16`(r3)
348 std $A[3][2],`8*17`(r3)
349 std $A[3][3],`8*18`(r3)
350 std $A[3][4],`8*19`(r3)
351 std $A[4][0],`8*20`(r3)
352 std $A[4][1],`8*21`(r3)
353 std $A[4][2],`8*22`(r3)
354 std $A[4][3],`8*23`(r3)
355 std $A[4][4],`8*24`(r3)
357 $POP r0,`$FRAME+$LRSAVE`($sp)
358 $POP r14,`$FRAME-$SIZE_T*18`($sp)
359 $POP r15,`$FRAME-$SIZE_T*17`($sp)
360 $POP r16,`$FRAME-$SIZE_T*16`($sp)
361 $POP r17,`$FRAME-$SIZE_T*15`($sp)
362 $POP r18,`$FRAME-$SIZE_T*14`($sp)
363 $POP r19,`$FRAME-$SIZE_T*13`($sp)
364 $POP r20,`$FRAME-$SIZE_T*12`($sp)
365 $POP r21,`$FRAME-$SIZE_T*11`($sp)
366 $POP r22,`$FRAME-$SIZE_T*10`($sp)
367 $POP r23,`$FRAME-$SIZE_T*9`($sp)
368 $POP r24,`$FRAME-$SIZE_T*8`($sp)
369 $POP r25,`$FRAME-$SIZE_T*7`($sp)
370 $POP r26,`$FRAME-$SIZE_T*6`($sp)
371 $POP r27,`$FRAME-$SIZE_T*5`($sp)
372 $POP r28,`$FRAME-$SIZE_T*4`($sp)
373 $POP r29,`$FRAME-$SIZE_T*3`($sp)
374 $POP r30,`$FRAME-$SIZE_T*2`($sp)
375 $POP r31,`$FRAME-$SIZE_T*1`($sp)
380 .byte 0,12,4,1,0x80,18,1,0
382 .size KeccakF1600,.-KeccakF1600
384 .type dword_le_load,\@function
404 .byte 0,12,0x14,0,0,0,1,0
406 .size dword_le_load,.-dword_le_load
409 .type SHA3_absorb,\@function
412 $STU $sp,-$FRAME($sp)
414 $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
415 $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
416 $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
417 $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
418 $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
419 $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
420 $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
421 $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
422 $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
423 $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
424 $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
425 $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
426 $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
427 $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
428 $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
429 $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
430 $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
431 $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
432 $PUSH r0,`$FRAME+$LRSAVE`($sp)
435 subi r4,r4,1 ; prepare for lbzu
436 subi r12,r12,8 ; prepare for ldu
438 $PUSH r3,`$LOCALS+0*$SIZE_T`($sp) ; save A[][]
439 $PUSH r4,`$LOCALS+1*$SIZE_T`($sp) ; save inp
440 $PUSH r5,`$LOCALS+2*$SIZE_T`($sp) ; save len
441 $PUSH r6,`$LOCALS+3*$SIZE_T`($sp) ; save bsz
443 $PUSH r12,`$LOCALS+4*$SIZE_T`($sp)
445 ld $A[0][0],`8*0`(r3) ; load A[5][5]
446 ld $A[0][1],`8*1`(r3)
447 ld $A[0][2],`8*2`(r3)
448 ld $A[0][3],`8*3`(r3)
449 ld $A[0][4],`8*4`(r3)
450 ld $A[1][0],`8*5`(r3)
451 ld $A[1][1],`8*6`(r3)
452 ld $A[1][2],`8*7`(r3)
453 ld $A[1][3],`8*8`(r3)
454 ld $A[1][4],`8*9`(r3)
455 ld $A[2][0],`8*10`(r3)
456 ld $A[2][1],`8*11`(r3)
457 ld $A[2][2],`8*12`(r3)
458 ld $A[2][3],`8*13`(r3)
459 ld $A[2][4],`8*14`(r3)
460 ld $A[3][0],`8*15`(r3)
461 ld $A[3][1],`8*16`(r3)
462 ld $A[3][2],`8*17`(r3)
463 ld $A[3][3],`8*18`(r3)
464 ld $A[3][4],`8*19`(r3)
465 ld $A[4][0],`8*20`(r3)
466 ld $A[4][1],`8*21`(r3)
467 ld $A[4][2],`8*22`(r3)
468 ld $A[4][3],`8*23`(r3)
469 ld $A[4][4],`8*24`(r3)
479 $UCMP r4,r5 ; len < bsz?
482 sub r4,r4,r5 ; len -= bsz
484 $PUSH r4,`$LOCALS+2*$SIZE_T`($sp) ; save len
486 bl dword_le_load ; *inp++
487 xor $A[0][0],$A[0][0],r0
489 bl dword_le_load ; *inp++
490 xor $A[0][1],$A[0][1],r0
492 bl dword_le_load ; *inp++
493 xor $A[0][2],$A[0][2],r0
495 bl dword_le_load ; *inp++
496 xor $A[0][3],$A[0][3],r0
498 bl dword_le_load ; *inp++
499 xor $A[0][4],$A[0][4],r0
501 bl dword_le_load ; *inp++
502 xor $A[1][0],$A[1][0],r0
504 bl dword_le_load ; *inp++
505 xor $A[1][1],$A[1][1],r0
507 bl dword_le_load ; *inp++
508 xor $A[1][2],$A[1][2],r0
510 bl dword_le_load ; *inp++
511 xor $A[1][3],$A[1][3],r0
513 bl dword_le_load ; *inp++
514 xor $A[1][4],$A[1][4],r0
516 bl dword_le_load ; *inp++
517 xor $A[2][0],$A[2][0],r0
519 bl dword_le_load ; *inp++
520 xor $A[2][1],$A[2][1],r0
522 bl dword_le_load ; *inp++
523 xor $A[2][2],$A[2][2],r0
525 bl dword_le_load ; *inp++
526 xor $A[2][3],$A[2][3],r0
528 bl dword_le_load ; *inp++
529 xor $A[2][4],$A[2][4],r0
531 bl dword_le_load ; *inp++
532 xor $A[3][0],$A[3][0],r0
534 bl dword_le_load ; *inp++
535 xor $A[3][1],$A[3][1],r0
537 bl dword_le_load ; *inp++
538 xor $A[3][2],$A[3][2],r0
540 bl dword_le_load ; *inp++
541 xor $A[3][3],$A[3][3],r0
543 bl dword_le_load ; *inp++
544 xor $A[3][4],$A[3][4],r0
546 bl dword_le_load ; *inp++
547 xor $A[4][0],$A[4][0],r0
549 bl dword_le_load ; *inp++
550 xor $A[4][1],$A[4][1],r0
552 bl dword_le_load ; *inp++
553 xor $A[4][2],$A[4][2],r0
555 bl dword_le_load ; *inp++
556 xor $A[4][3],$A[4][3],r0
558 bl dword_le_load ; *inp++
559 xor $A[4][4],$A[4][4],r0
562 $PUSH r3,`$LOCALS+1*$SIZE_T`($sp) ; save inp
566 $POP r0,`$LOCALS+4*$SIZE_T`($sp) ; pull iotas[24]
567 $POP r5,`$LOCALS+3*$SIZE_T`($sp) ; restore bsz
568 $POP r4,`$LOCALS+2*$SIZE_T`($sp) ; restore len
569 $POP r3,`$LOCALS+1*$SIZE_T`($sp) ; restore inp
570 addic r0,r0,`-8*24` ; rewind iotas
571 $PUSH r0,`$LOCALS+4*$SIZE_T`($sp)
577 $POP r3,`$LOCALS+0*$SIZE_T`($sp)
578 std $A[0][0],`8*0`(r3) ; return A[5][5]
579 std $A[0][1],`8*1`(r3)
580 std $A[0][2],`8*2`(r3)
581 std $A[0][3],`8*3`(r3)
582 std $A[0][4],`8*4`(r3)
583 std $A[1][0],`8*5`(r3)
584 std $A[1][1],`8*6`(r3)
585 std $A[1][2],`8*7`(r3)
586 std $A[1][3],`8*8`(r3)
587 std $A[1][4],`8*9`(r3)
588 std $A[2][0],`8*10`(r3)
589 std $A[2][1],`8*11`(r3)
590 std $A[2][2],`8*12`(r3)
591 std $A[2][3],`8*13`(r3)
592 std $A[2][4],`8*14`(r3)
593 std $A[3][0],`8*15`(r3)
594 std $A[3][1],`8*16`(r3)
595 std $A[3][2],`8*17`(r3)
596 std $A[3][3],`8*18`(r3)
597 std $A[3][4],`8*19`(r3)
598 std $A[4][0],`8*20`(r3)
599 std $A[4][1],`8*21`(r3)
600 std $A[4][2],`8*22`(r3)
601 std $A[4][3],`8*23`(r3)
602 std $A[4][4],`8*24`(r3)
604 mr r3,r4 ; return value
605 $POP r0,`$FRAME+$LRSAVE`($sp)
606 $POP r14,`$FRAME-$SIZE_T*18`($sp)
607 $POP r15,`$FRAME-$SIZE_T*17`($sp)
608 $POP r16,`$FRAME-$SIZE_T*16`($sp)
609 $POP r17,`$FRAME-$SIZE_T*15`($sp)
610 $POP r18,`$FRAME-$SIZE_T*14`($sp)
611 $POP r19,`$FRAME-$SIZE_T*13`($sp)
612 $POP r20,`$FRAME-$SIZE_T*12`($sp)
613 $POP r21,`$FRAME-$SIZE_T*11`($sp)
614 $POP r22,`$FRAME-$SIZE_T*10`($sp)
615 $POP r23,`$FRAME-$SIZE_T*9`($sp)
616 $POP r24,`$FRAME-$SIZE_T*8`($sp)
617 $POP r25,`$FRAME-$SIZE_T*7`($sp)
618 $POP r26,`$FRAME-$SIZE_T*6`($sp)
619 $POP r27,`$FRAME-$SIZE_T*5`($sp)
620 $POP r28,`$FRAME-$SIZE_T*4`($sp)
621 $POP r29,`$FRAME-$SIZE_T*3`($sp)
622 $POP r30,`$FRAME-$SIZE_T*2`($sp)
623 $POP r31,`$FRAME-$SIZE_T*1`($sp)
628 .byte 0,12,4,1,0x80,18,4,0
630 .size SHA3_absorb,.-SHA3_absorb
633 my ($A_flat,$out,$len,$bsz) = map("r$_",(28..31));
636 .type SHA3_squeeze,\@function
639 $STU $sp,`-10*$SIZE_T`($sp)
641 $PUSH r28,`6*$SIZE_T`($sp)
642 $PUSH r29,`7*$SIZE_T`($sp)
643 $PUSH r30,`8*$SIZE_T`($sp)
644 $PUSH r31,`9*$SIZE_T`($sp)
645 $PUSH r0,`10*$SIZE_T+$LRSAVE`($sp)
648 subi r3,r3,8 ; prepare for ldu
649 subi $out,r4,1 ; prepare for stbu
684 subi r3,$A_flat,8 ; prepare for ldu
697 $POP r0,`10*$SIZE_T+$LRSAVE`($sp)
698 $POP r28,`6*$SIZE_T`($sp)
699 $POP r29,`7*$SIZE_T`($sp)
700 $POP r30,`8*$SIZE_T`($sp)
701 $POP r31,`9*$SIZE_T`($sp)
703 addi $sp,$sp,`10*$SIZE_T`
706 .byte 0,12,4,1,0x80,4,4,0
708 .size SHA3_squeeze,.-SHA3_squeeze
712 # Ugly hack here, because PPC assembler syntax seem to vary too
713 # much from platforms to platform...
719 mflr r12 ; vvvvvv "distance" between . and 1st data entry
724 .byte 0,12,0x14,0,0,0,0,0
728 .quad 0x0000000000000001
729 .quad 0x0000000000008082
730 .quad 0x800000000000808a
731 .quad 0x8000000080008000
732 .quad 0x000000000000808b
733 .quad 0x0000000080000001
734 .quad 0x8000000080008081
735 .quad 0x8000000000008009
736 .quad 0x000000000000008a
737 .quad 0x0000000000000088
738 .quad 0x0000000080008009
739 .quad 0x000000008000000a
740 .quad 0x000000008000808b
741 .quad 0x800000000000008b
742 .quad 0x8000000000008089
743 .quad 0x8000000000008003
744 .quad 0x8000000000008002
745 .quad 0x8000000000000080
746 .quad 0x000000000000800a
747 .quad 0x800000008000000a
748 .quad 0x8000000080008081
749 .quad 0x8000000000008080
750 .quad 0x0000000080000001
751 .quad 0x8000000080008008
753 .asciz "Keccak-1600 absorb and squeeze for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
756 $code =~ s/\`([^\`]*)\`/eval $1/gem;
projects / openssl.git / blob