2 # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
9 # ====================================================================
10 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
11 # project. The module is, however, dual licensed under OpenSSL and
12 # CRYPTOGAMS licenses depending on where you obtain it. For further
13 # details see http://www.openssl.org/~appro/cryptogams/.
14 # ====================================================================
16 # Keccak-1600 for PPC64.
20 # This is straightforward KECCAK_1X_ALT implementation that works on
21 # *any* PPC64. Then PowerISA 2.07 adds 2x64-bit vector rotate, and
22 # it's possible to achieve performance better than below, but that is
23 # naturally option only for POWER8 and successors...
25 ######################################################################
26 # Numbers are cycles per processed byte.
30 # PPC970/G5 14.0/+130%
35 # (*) Corresponds to SHA3-256. Percentage after slash is improvement
36 # over gcc-4.x-generated KECCAK_1X_ALT code. Newer compilers do
37 # much better (but watch out for them generating code specific
38 # to processor they execute on).
40 # $output is the last argument if it looks like a file (it has an extension)
41 # $flavour is the first argument if it doesn't look like a file
42 $output = $#ARGV >= 0 && $ARGV[$#ARGV] =~ m|\.\w+$| ? pop : undef;
43 $flavour = $#ARGV >= 0 && $ARGV[0] !~ m|\.| ? shift : undef;
45 if ($flavour =~ /64/) {
52 } else { die "nonsense $flavour"; }
54 $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
55 ( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
56 ( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
57 die "can't locate ppc-xlate.pl";
59 open STDOUT,"| $^X $xlate $flavour \"$output\""
60 or die "can't call $xlate: $!";
62 $FRAME=24*$SIZE_T+6*$SIZE_T+32;
64 $TEMP=$LOCALS+6*$SIZE_T;
68 my @A = map([ "r$_", "r".($_+1), "r".($_+2), "r".($_+3), "r".($_+4) ],
70 $A[1][1] = "r6"; # r13 is reserved
72 my @C = map("r$_", (0,3,4,5));
74 my @rhotates = ([ 0, 1, 62, 28, 27 ],
75 [ 36, 44, 6, 55, 20 ],
76 [ 3, 10, 43, 25, 39 ],
77 [ 41, 45, 15, 21, 8 ],
78 [ 18, 2, 61, 56, 14 ]);
83 .type KeccakF1600_int,\@function
91 xor $C[0],$A[0][0],$A[1][0] ; Theta
92 std $A[0][4],`$TEMP+0`($sp)
93 xor $C[1],$A[0][1],$A[1][1]
94 std $A[1][4],`$TEMP+8`($sp)
95 xor $C[2],$A[0][2],$A[1][2]
96 std $A[2][4],`$TEMP+16`($sp)
97 xor $C[3],$A[0][3],$A[1][3]
98 std $A[3][4],`$TEMP+24`($sp)
105 xor $C[4],$A[0][4],$A[1][4]
106 xor $C[0],$C[0],$A[2][0]
107 xor $C[1],$C[1],$A[2][1]
108 xor $C[2],$C[2],$A[2][2]
109 xor $C[3],$C[3],$A[2][3]
110 xor $C[4],$C[4],$A[2][4]
111 xor $C[0],$C[0],$A[3][0]
112 xor $C[1],$C[1],$A[3][1]
113 xor $C[2],$C[2],$A[3][2]
114 xor $C[3],$C[3],$A[3][3]
115 xor $C[4],$C[4],$A[3][4]
116 xor $C[0],$C[0],$A[4][0]
117 xor $C[2],$C[2],$A[4][2]
118 xor $C[1],$C[1],$A[4][1]
119 xor $C[3],$C[3],$A[4][3]
121 xor $C[4],$C[4],$A[4][4]
123 xor $C[5],$C[5],$C[0]
126 xor $A[0][1],$A[0][1],$C[5]
127 xor $A[1][1],$A[1][1],$C[5]
128 xor $A[2][1],$A[2][1],$C[5]
129 xor $A[3][1],$A[3][1],$C[5]
130 xor $A[4][1],$A[4][1],$C[5]
133 xor $C[6],$C[6],$C[1]
134 xor $C[2],$C[2],$C[7]
136 xor $C[3],$C[3],$C[5]
137 xor $C[4],$C[4],$C[7]
139 xor $C[1], $A[0][2],$C[6] ;mr $C[1],$A[0][2]
140 xor $A[1][2],$A[1][2],$C[6]
141 xor $A[2][2],$A[2][2],$C[6]
142 xor $A[3][2],$A[3][2],$C[6]
143 xor $A[4][2],$A[4][2],$C[6]
145 xor $A[0][0],$A[0][0],$C[4]
146 xor $A[1][0],$A[1][0],$C[4]
147 xor $A[2][0],$A[2][0],$C[4]
148 xor $A[3][0],$A[3][0],$C[4]
149 xor $A[4][0],$A[4][0],$C[4]
156 ld $A[0][4],`$TEMP+0`($sp)
157 xor $C[0], $A[0][3],$C[2] ;mr $C[0],$A[0][3]
158 ld $A[1][4],`$TEMP+8`($sp)
159 xor $A[1][3],$A[1][3],$C[2]
160 ld $A[2][4],`$TEMP+16`($sp)
161 xor $A[2][3],$A[2][3],$C[2]
162 ld $A[3][4],`$TEMP+24`($sp)
163 xor $A[3][3],$A[3][3],$C[2]
164 xor $A[4][3],$A[4][3],$C[2]
166 xor $C[2], $A[0][4],$C[3] ;mr $C[2],$A[0][4]
167 xor $A[1][4],$A[1][4],$C[3]
168 xor $A[2][4],$A[2][4],$C[3]
169 xor $A[3][4],$A[3][4],$C[3]
170 xor $A[4][4],$A[4][4],$C[3]
172 mr $C[3],$A[0][1] ; Rho+Pi
173 rotldi $A[0][1],$A[1][1],$rhotates[1][1]
175 rotldi $A[0][2],$A[2][2],$rhotates[2][2]
177 rotldi $A[0][3],$A[3][3],$rhotates[3][3]
179 rotldi $A[0][4],$A[4][4],$rhotates[4][4]
181 rotldi $A[1][1],$A[1][4],$rhotates[1][4]
182 rotldi $A[2][2],$A[2][3],$rhotates[2][3]
183 rotldi $A[3][3],$A[3][2],$rhotates[3][2]
184 rotldi $A[4][4],$A[4][1],$rhotates[4][1]
186 rotldi $A[1][4],$A[4][2],$rhotates[4][2]
187 rotldi $A[2][3],$A[3][4],$rhotates[3][4]
188 rotldi $A[3][2],$A[2][1],$rhotates[2][1]
189 rotldi $A[4][1],$A[1][3],$rhotates[1][3]
191 rotldi $A[4][2],$A[2][4],$rhotates[2][4]
192 rotldi $A[3][4],$A[4][3],$rhotates[4][3]
193 rotldi $A[2][1],$A[1][2],$rhotates[1][2]
194 rotldi $A[1][3],$A[3][1],$rhotates[3][1]
196 rotldi $A[2][4],$A[4][0],$rhotates[4][0]
197 rotldi $A[4][3],$A[3][0],$rhotates[3][0]
198 rotldi $A[1][2],$A[2][0],$rhotates[2][0]
199 rotldi $A[3][1],$A[1][0],$rhotates[1][0]
201 rotldi $A[1][0],$C[0],$rhotates[0][3]
202 rotldi $A[2][0],$C[3],$rhotates[0][1]
203 rotldi $A[3][0],$C[2],$rhotates[0][4]
204 rotldi $A[4][0],$C[1],$rhotates[0][2]
206 andc $C[0],$A[0][2],$A[0][1] ; Chi+Iota
207 andc $C[1],$A[0][3],$A[0][2]
208 andc $C[2],$A[0][0],$A[0][4]
209 andc $C[3],$A[0][1],$A[0][0]
210 xor $A[0][0],$A[0][0],$C[0]
211 andc $C[0],$A[0][4],$A[0][3]
212 xor $A[0][1],$A[0][1],$C[1]
213 ld $C[1],`$LOCALS+4*$SIZE_T`($sp)
214 xor $A[0][3],$A[0][3],$C[2]
215 xor $A[0][4],$A[0][4],$C[3]
216 xor $A[0][2],$A[0][2],$C[0]
217 ldu $C[3],8($C[1]) ; Iota[i++]
219 andc $C[0],$A[1][2],$A[1][1]
220 std $C[1],`$LOCALS+4*$SIZE_T`($sp)
221 andc $C[1],$A[1][3],$A[1][2]
222 andc $C[2],$A[1][0],$A[1][4]
223 xor $A[0][0],$A[0][0],$C[3] ; A[0][0] ^= Iota
224 andc $C[3],$A[1][1],$A[1][0]
225 xor $A[1][0],$A[1][0],$C[0]
226 andc $C[0],$A[1][4],$A[1][3]
227 xor $A[1][1],$A[1][1],$C[1]
228 xor $A[1][3],$A[1][3],$C[2]
229 xor $A[1][4],$A[1][4],$C[3]
230 xor $A[1][2],$A[1][2],$C[0]
232 andc $C[0],$A[2][2],$A[2][1]
233 andc $C[1],$A[2][3],$A[2][2]
234 andc $C[2],$A[2][0],$A[2][4]
235 andc $C[3],$A[2][1],$A[2][0]
236 xor $A[2][0],$A[2][0],$C[0]
237 andc $C[0],$A[2][4],$A[2][3]
238 xor $A[2][1],$A[2][1],$C[1]
239 xor $A[2][3],$A[2][3],$C[2]
240 xor $A[2][4],$A[2][4],$C[3]
241 xor $A[2][2],$A[2][2],$C[0]
243 andc $C[0],$A[3][2],$A[3][1]
244 andc $C[1],$A[3][3],$A[3][2]
245 andc $C[2],$A[3][0],$A[3][4]
246 andc $C[3],$A[3][1],$A[3][0]
247 xor $A[3][0],$A[3][0],$C[0]
248 andc $C[0],$A[3][4],$A[3][3]
249 xor $A[3][1],$A[3][1],$C[1]
250 xor $A[3][3],$A[3][3],$C[2]
251 xor $A[3][4],$A[3][4],$C[3]
252 xor $A[3][2],$A[3][2],$C[0]
254 andc $C[0],$A[4][2],$A[4][1]
255 andc $C[1],$A[4][3],$A[4][2]
256 andc $C[2],$A[4][0],$A[4][4]
257 andc $C[3],$A[4][1],$A[4][0]
258 xor $A[4][0],$A[4][0],$C[0]
259 andc $C[0],$A[4][4],$A[4][3]
260 xor $A[4][1],$A[4][1],$C[1]
261 xor $A[4][3],$A[4][3],$C[2]
262 xor $A[4][4],$A[4][4],$C[3]
263 xor $A[4][2],$A[4][2],$C[0]
269 .byte 0,12,0x14,0,0,0,0,0
270 .size KeccakF1600_int,.-KeccakF1600_int
272 .type KeccakF1600,\@function
275 $STU $sp,-$FRAME($sp)
277 $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
278 $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
279 $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
280 $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
281 $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
282 $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
283 $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
284 $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
285 $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
286 $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
287 $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
288 $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
289 $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
290 $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
291 $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
292 $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
293 $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
294 $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
295 $PUSH r0,`$FRAME+$LRSAVE`($sp)
298 subi r12,r12,8 ; prepare for ldu
300 $PUSH r3,`$LOCALS+0*$SIZE_T`($sp)
301 ;$PUSH r4,`$LOCALS+1*$SIZE_T`($sp)
302 ;$PUSH r5,`$LOCALS+2*$SIZE_T`($sp)
303 ;$PUSH r6,`$LOCALS+3*$SIZE_T`($sp)
304 $PUSH r12,`$LOCALS+4*$SIZE_T`($sp)
306 ld $A[0][0],`8*0`(r3) ; load A[5][5]
307 ld $A[0][1],`8*1`(r3)
308 ld $A[0][2],`8*2`(r3)
309 ld $A[0][3],`8*3`(r3)
310 ld $A[0][4],`8*4`(r3)
311 ld $A[1][0],`8*5`(r3)
312 ld $A[1][1],`8*6`(r3)
313 ld $A[1][2],`8*7`(r3)
314 ld $A[1][3],`8*8`(r3)
315 ld $A[1][4],`8*9`(r3)
316 ld $A[2][0],`8*10`(r3)
317 ld $A[2][1],`8*11`(r3)
318 ld $A[2][2],`8*12`(r3)
319 ld $A[2][3],`8*13`(r3)
320 ld $A[2][4],`8*14`(r3)
321 ld $A[3][0],`8*15`(r3)
322 ld $A[3][1],`8*16`(r3)
323 ld $A[3][2],`8*17`(r3)
324 ld $A[3][3],`8*18`(r3)
325 ld $A[3][4],`8*19`(r3)
326 ld $A[4][0],`8*20`(r3)
327 ld $A[4][1],`8*21`(r3)
328 ld $A[4][2],`8*22`(r3)
329 ld $A[4][3],`8*23`(r3)
330 ld $A[4][4],`8*24`(r3)
334 $POP r3,`$LOCALS+0*$SIZE_T`($sp)
335 std $A[0][0],`8*0`(r3) ; return A[5][5]
336 std $A[0][1],`8*1`(r3)
337 std $A[0][2],`8*2`(r3)
338 std $A[0][3],`8*3`(r3)
339 std $A[0][4],`8*4`(r3)
340 std $A[1][0],`8*5`(r3)
341 std $A[1][1],`8*6`(r3)
342 std $A[1][2],`8*7`(r3)
343 std $A[1][3],`8*8`(r3)
344 std $A[1][4],`8*9`(r3)
345 std $A[2][0],`8*10`(r3)
346 std $A[2][1],`8*11`(r3)
347 std $A[2][2],`8*12`(r3)
348 std $A[2][3],`8*13`(r3)
349 std $A[2][4],`8*14`(r3)
350 std $A[3][0],`8*15`(r3)
351 std $A[3][1],`8*16`(r3)
352 std $A[3][2],`8*17`(r3)
353 std $A[3][3],`8*18`(r3)
354 std $A[3][4],`8*19`(r3)
355 std $A[4][0],`8*20`(r3)
356 std $A[4][1],`8*21`(r3)
357 std $A[4][2],`8*22`(r3)
358 std $A[4][3],`8*23`(r3)
359 std $A[4][4],`8*24`(r3)
361 $POP r0,`$FRAME+$LRSAVE`($sp)
362 $POP r14,`$FRAME-$SIZE_T*18`($sp)
363 $POP r15,`$FRAME-$SIZE_T*17`($sp)
364 $POP r16,`$FRAME-$SIZE_T*16`($sp)
365 $POP r17,`$FRAME-$SIZE_T*15`($sp)
366 $POP r18,`$FRAME-$SIZE_T*14`($sp)
367 $POP r19,`$FRAME-$SIZE_T*13`($sp)
368 $POP r20,`$FRAME-$SIZE_T*12`($sp)
369 $POP r21,`$FRAME-$SIZE_T*11`($sp)
370 $POP r22,`$FRAME-$SIZE_T*10`($sp)
371 $POP r23,`$FRAME-$SIZE_T*9`($sp)
372 $POP r24,`$FRAME-$SIZE_T*8`($sp)
373 $POP r25,`$FRAME-$SIZE_T*7`($sp)
374 $POP r26,`$FRAME-$SIZE_T*6`($sp)
375 $POP r27,`$FRAME-$SIZE_T*5`($sp)
376 $POP r28,`$FRAME-$SIZE_T*4`($sp)
377 $POP r29,`$FRAME-$SIZE_T*3`($sp)
378 $POP r30,`$FRAME-$SIZE_T*2`($sp)
379 $POP r31,`$FRAME-$SIZE_T*1`($sp)
384 .byte 0,12,4,1,0x80,18,1,0
386 .size KeccakF1600,.-KeccakF1600
388 .type dword_le_load,\@function
408 .byte 0,12,0x14,0,0,0,1,0
410 .size dword_le_load,.-dword_le_load
413 .type SHA3_absorb,\@function
416 $STU $sp,-$FRAME($sp)
418 $PUSH r14,`$FRAME-$SIZE_T*18`($sp)
419 $PUSH r15,`$FRAME-$SIZE_T*17`($sp)
420 $PUSH r16,`$FRAME-$SIZE_T*16`($sp)
421 $PUSH r17,`$FRAME-$SIZE_T*15`($sp)
422 $PUSH r18,`$FRAME-$SIZE_T*14`($sp)
423 $PUSH r19,`$FRAME-$SIZE_T*13`($sp)
424 $PUSH r20,`$FRAME-$SIZE_T*12`($sp)
425 $PUSH r21,`$FRAME-$SIZE_T*11`($sp)
426 $PUSH r22,`$FRAME-$SIZE_T*10`($sp)
427 $PUSH r23,`$FRAME-$SIZE_T*9`($sp)
428 $PUSH r24,`$FRAME-$SIZE_T*8`($sp)
429 $PUSH r25,`$FRAME-$SIZE_T*7`($sp)
430 $PUSH r26,`$FRAME-$SIZE_T*6`($sp)
431 $PUSH r27,`$FRAME-$SIZE_T*5`($sp)
432 $PUSH r28,`$FRAME-$SIZE_T*4`($sp)
433 $PUSH r29,`$FRAME-$SIZE_T*3`($sp)
434 $PUSH r30,`$FRAME-$SIZE_T*2`($sp)
435 $PUSH r31,`$FRAME-$SIZE_T*1`($sp)
436 $PUSH r0,`$FRAME+$LRSAVE`($sp)
439 subi r4,r4,1 ; prepare for lbzu
440 subi r12,r12,8 ; prepare for ldu
442 $PUSH r3,`$LOCALS+0*$SIZE_T`($sp) ; save A[][]
443 $PUSH r4,`$LOCALS+1*$SIZE_T`($sp) ; save inp
444 $PUSH r5,`$LOCALS+2*$SIZE_T`($sp) ; save len
445 $PUSH r6,`$LOCALS+3*$SIZE_T`($sp) ; save bsz
447 $PUSH r12,`$LOCALS+4*$SIZE_T`($sp)
449 ld $A[0][0],`8*0`(r3) ; load A[5][5]
450 ld $A[0][1],`8*1`(r3)
451 ld $A[0][2],`8*2`(r3)
452 ld $A[0][3],`8*3`(r3)
453 ld $A[0][4],`8*4`(r3)
454 ld $A[1][0],`8*5`(r3)
455 ld $A[1][1],`8*6`(r3)
456 ld $A[1][2],`8*7`(r3)
457 ld $A[1][3],`8*8`(r3)
458 ld $A[1][4],`8*9`(r3)
459 ld $A[2][0],`8*10`(r3)
460 ld $A[2][1],`8*11`(r3)
461 ld $A[2][2],`8*12`(r3)
462 ld $A[2][3],`8*13`(r3)
463 ld $A[2][4],`8*14`(r3)
464 ld $A[3][0],`8*15`(r3)
465 ld $A[3][1],`8*16`(r3)
466 ld $A[3][2],`8*17`(r3)
467 ld $A[3][3],`8*18`(r3)
468 ld $A[3][4],`8*19`(r3)
469 ld $A[4][0],`8*20`(r3)
470 ld $A[4][1],`8*21`(r3)
471 ld $A[4][2],`8*22`(r3)
472 ld $A[4][3],`8*23`(r3)
473 ld $A[4][4],`8*24`(r3)
483 $UCMP r4,r5 ; len < bsz?
486 sub r4,r4,r5 ; len -= bsz
488 $PUSH r4,`$LOCALS+2*$SIZE_T`($sp) ; save len
490 bl dword_le_load ; *inp++
491 xor $A[0][0],$A[0][0],r0
493 bl dword_le_load ; *inp++
494 xor $A[0][1],$A[0][1],r0
496 bl dword_le_load ; *inp++
497 xor $A[0][2],$A[0][2],r0
499 bl dword_le_load ; *inp++
500 xor $A[0][3],$A[0][3],r0
502 bl dword_le_load ; *inp++
503 xor $A[0][4],$A[0][4],r0
505 bl dword_le_load ; *inp++
506 xor $A[1][0],$A[1][0],r0
508 bl dword_le_load ; *inp++
509 xor $A[1][1],$A[1][1],r0
511 bl dword_le_load ; *inp++
512 xor $A[1][2],$A[1][2],r0
514 bl dword_le_load ; *inp++
515 xor $A[1][3],$A[1][3],r0
517 bl dword_le_load ; *inp++
518 xor $A[1][4],$A[1][4],r0
520 bl dword_le_load ; *inp++
521 xor $A[2][0],$A[2][0],r0
523 bl dword_le_load ; *inp++
524 xor $A[2][1],$A[2][1],r0
526 bl dword_le_load ; *inp++
527 xor $A[2][2],$A[2][2],r0
529 bl dword_le_load ; *inp++
530 xor $A[2][3],$A[2][3],r0
532 bl dword_le_load ; *inp++
533 xor $A[2][4],$A[2][4],r0
535 bl dword_le_load ; *inp++
536 xor $A[3][0],$A[3][0],r0
538 bl dword_le_load ; *inp++
539 xor $A[3][1],$A[3][1],r0
541 bl dword_le_load ; *inp++
542 xor $A[3][2],$A[3][2],r0
544 bl dword_le_load ; *inp++
545 xor $A[3][3],$A[3][3],r0
547 bl dword_le_load ; *inp++
548 xor $A[3][4],$A[3][4],r0
550 bl dword_le_load ; *inp++
551 xor $A[4][0],$A[4][0],r0
553 bl dword_le_load ; *inp++
554 xor $A[4][1],$A[4][1],r0
556 bl dword_le_load ; *inp++
557 xor $A[4][2],$A[4][2],r0
559 bl dword_le_load ; *inp++
560 xor $A[4][3],$A[4][3],r0
562 bl dword_le_load ; *inp++
563 xor $A[4][4],$A[4][4],r0
566 $PUSH r3,`$LOCALS+1*$SIZE_T`($sp) ; save inp
570 $POP r0,`$LOCALS+4*$SIZE_T`($sp) ; pull iotas[24]
571 $POP r5,`$LOCALS+3*$SIZE_T`($sp) ; restore bsz
572 $POP r4,`$LOCALS+2*$SIZE_T`($sp) ; restore len
573 $POP r3,`$LOCALS+1*$SIZE_T`($sp) ; restore inp
574 addic r0,r0,`-8*24` ; rewind iotas
575 $PUSH r0,`$LOCALS+4*$SIZE_T`($sp)
581 $POP r3,`$LOCALS+0*$SIZE_T`($sp)
582 std $A[0][0],`8*0`(r3) ; return A[5][5]
583 std $A[0][1],`8*1`(r3)
584 std $A[0][2],`8*2`(r3)
585 std $A[0][3],`8*3`(r3)
586 std $A[0][4],`8*4`(r3)
587 std $A[1][0],`8*5`(r3)
588 std $A[1][1],`8*6`(r3)
589 std $A[1][2],`8*7`(r3)
590 std $A[1][3],`8*8`(r3)
591 std $A[1][4],`8*9`(r3)
592 std $A[2][0],`8*10`(r3)
593 std $A[2][1],`8*11`(r3)
594 std $A[2][2],`8*12`(r3)
595 std $A[2][3],`8*13`(r3)
596 std $A[2][4],`8*14`(r3)
597 std $A[3][0],`8*15`(r3)
598 std $A[3][1],`8*16`(r3)
599 std $A[3][2],`8*17`(r3)
600 std $A[3][3],`8*18`(r3)
601 std $A[3][4],`8*19`(r3)
602 std $A[4][0],`8*20`(r3)
603 std $A[4][1],`8*21`(r3)
604 std $A[4][2],`8*22`(r3)
605 std $A[4][3],`8*23`(r3)
606 std $A[4][4],`8*24`(r3)
608 mr r3,r4 ; return value
609 $POP r0,`$FRAME+$LRSAVE`($sp)
610 $POP r14,`$FRAME-$SIZE_T*18`($sp)
611 $POP r15,`$FRAME-$SIZE_T*17`($sp)
612 $POP r16,`$FRAME-$SIZE_T*16`($sp)
613 $POP r17,`$FRAME-$SIZE_T*15`($sp)
614 $POP r18,`$FRAME-$SIZE_T*14`($sp)
615 $POP r19,`$FRAME-$SIZE_T*13`($sp)
616 $POP r20,`$FRAME-$SIZE_T*12`($sp)
617 $POP r21,`$FRAME-$SIZE_T*11`($sp)
618 $POP r22,`$FRAME-$SIZE_T*10`($sp)
619 $POP r23,`$FRAME-$SIZE_T*9`($sp)
620 $POP r24,`$FRAME-$SIZE_T*8`($sp)
621 $POP r25,`$FRAME-$SIZE_T*7`($sp)
622 $POP r26,`$FRAME-$SIZE_T*6`($sp)
623 $POP r27,`$FRAME-$SIZE_T*5`($sp)
624 $POP r28,`$FRAME-$SIZE_T*4`($sp)
625 $POP r29,`$FRAME-$SIZE_T*3`($sp)
626 $POP r30,`$FRAME-$SIZE_T*2`($sp)
627 $POP r31,`$FRAME-$SIZE_T*1`($sp)
632 .byte 0,12,4,1,0x80,18,4,0
634 .size SHA3_absorb,.-SHA3_absorb
637 my ($A_flat,$out,$len,$bsz) = map("r$_",(28..31));
640 .type SHA3_squeeze,\@function
643 $STU $sp,`-10*$SIZE_T`($sp)
645 $PUSH r28,`6*$SIZE_T`($sp)
646 $PUSH r29,`7*$SIZE_T`($sp)
647 $PUSH r30,`8*$SIZE_T`($sp)
648 $PUSH r31,`9*$SIZE_T`($sp)
649 $PUSH r0,`10*$SIZE_T+$LRSAVE`($sp)
652 subi r3,r3,8 ; prepare for ldu
653 subi $out,r4,1 ; prepare for stbu
688 subi r3,$A_flat,8 ; prepare for ldu
701 $POP r0,`10*$SIZE_T+$LRSAVE`($sp)
702 $POP r28,`6*$SIZE_T`($sp)
703 $POP r29,`7*$SIZE_T`($sp)
704 $POP r30,`8*$SIZE_T`($sp)
705 $POP r31,`9*$SIZE_T`($sp)
707 addi $sp,$sp,`10*$SIZE_T`
710 .byte 0,12,4,1,0x80,4,4,0
712 .size SHA3_squeeze,.-SHA3_squeeze
716 # Ugly hack here, because PPC assembler syntax seem to vary too
717 # much from platforms to platform...
723 mflr r12 ; vvvvvv "distance" between . and 1st data entry
728 .byte 0,12,0x14,0,0,0,0,0
732 .quad 0x0000000000000001
733 .quad 0x0000000000008082
734 .quad 0x800000000000808a
735 .quad 0x8000000080008000
736 .quad 0x000000000000808b
737 .quad 0x0000000080000001
738 .quad 0x8000000080008081
739 .quad 0x8000000000008009
740 .quad 0x000000000000008a
741 .quad 0x0000000000000088
742 .quad 0x0000000080008009
743 .quad 0x000000008000000a
744 .quad 0x000000008000808b
745 .quad 0x800000000000008b
746 .quad 0x8000000000008089
747 .quad 0x8000000000008003
748 .quad 0x8000000000008002
749 .quad 0x8000000000000080
750 .quad 0x000000000000800a
751 .quad 0x800000008000000a
752 .quad 0x8000000080008081
753 .quad 0x8000000000008080
754 .quad 0x0000000080000001
755 .quad 0x8000000080008008
757 .asciz "Keccak-1600 absorb and squeeze for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
760 $code =~ s/\`([^\`]*)\`/eval $1/gem;
762 close STDOUT or die "error closing STDOUT: $!";
projects / openssl.git / blob