sha/asm/sha1-mips.pl

238384Sjkim#!/usr/bin/env perl
238384Sjkim
238384Sjkim# ====================================================================
238384Sjkim# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
238384Sjkim# project. The module is, however, dual licensed under OpenSSL and
238384Sjkim# CRYPTOGAMS licenses depending on where you obtain it. For further
238384Sjkim# details see http://www.openssl.org/~appro/cryptogams/.
238384Sjkim# ====================================================================
238384Sjkim
238384Sjkim# SHA1 block procedure for MIPS.
238384Sjkim
238384Sjkim# Performance improvement is 30% on unaligned input. The "secret" is
238384Sjkim# to deploy lwl/lwr pair to load unaligned input. One could have
238384Sjkim# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32-
238384Sjkim# compatible subroutine. There is room for minor optimization on
238384Sjkim# little-endian platforms...
238384Sjkim
238384Sjkim######################################################################
238384Sjkim# There is a number of MIPS ABI in use, O32 and N32/64 are most
238384Sjkim# widely used. Then there is a new contender: NUBI. It appears that if
238384Sjkim# one picks the latter, it's possible to arrange code in ABI neutral
238384Sjkim# manner. Therefore let's stick to NUBI register layout:
238384Sjkim#
238384Sjkim($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
238384Sjkim($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
238384Sjkim($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
238384Sjkim($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
238384Sjkim#
238384Sjkim# The return value is placed in $a0. Following coding rules facilitate
238384Sjkim# interoperability:
238384Sjkim#
238384Sjkim# - never ever touch $tp, "thread pointer", former $gp;
238384Sjkim# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
238384Sjkim#   old code];
238384Sjkim# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
238384Sjkim#
238384Sjkim# For reference here is register layout for N32/64 MIPS ABIs:
238384Sjkim#
238384Sjkim# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
238384Sjkim# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
238384Sjkim# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
238384Sjkim# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
238384Sjkim# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
238384Sjkim#
238384Sjkim$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
238384Sjkim
238384Sjkimif ($flavour =~ /64|n32/i) {
238384Sjkim	$PTR_ADD="dadd";	# incidentally works even on n32
238384Sjkim	$PTR_SUB="dsub";	# incidentally works even on n32
238384Sjkim	$REG_S="sd";
238384Sjkim	$REG_L="ld";
238384Sjkim	$PTR_SLL="dsll";	# incidentally works even on n32
238384Sjkim	$SZREG=8;
238384Sjkim} else {
238384Sjkim	$PTR_ADD="add";
238384Sjkim	$PTR_SUB="sub";
238384Sjkim	$REG_S="sw";
238384Sjkim	$REG_L="lw";
238384Sjkim	$PTR_SLL="sll";
238384Sjkim	$SZREG=4;
238384Sjkim}
238384Sjkim#
238384Sjkim# <appro@openssl.org>
238384Sjkim#
238384Sjkim######################################################################
238384Sjkim
279264Sdelphij$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
238384Sjkim
238384Sjkimfor (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);   }
238384Sjkimopen STDOUT,">$output";
238384Sjkim
238384Sjkimif (!defined($big_endian))
238384Sjkim            {   $big_endian=(unpack('L',pack('N',1))==1);   }
238384Sjkim
238384Sjkim# offsets of the Most and Least Significant Bytes
238384Sjkim$MSB=$big_endian?0:3;
238384Sjkim$LSB=3&~$MSB;
238384Sjkim
238384Sjkim@X=map("\$$_",(8..23));	# a4-a7,s0-s11
238384Sjkim
238384Sjkim$ctx=$a0;
238384Sjkim$inp=$a1;
238384Sjkim$num=$a2;
238384Sjkim$A="\$1";
238384Sjkim$B="\$2";
238384Sjkim$C="\$3";
238384Sjkim$D="\$7";
238384Sjkim$E="\$24";	@V=($A,$B,$C,$D,$E);
238384Sjkim$t0="\$25";
238384Sjkim$t1=$num;	# $num is offloaded to stack
238384Sjkim$t2="\$30";	# fp
238384Sjkim$K="\$31";	# ra
238384Sjkim
238384Sjkimsub BODY_00_14 {
238384Sjkimmy ($i,$a,$b,$c,$d,$e)=@_;
238384Sjkimmy $j=$i+1;
238384Sjkim$code.=<<___	if (!$big_endian);
238384Sjkim	srl	$t0,@X[$i],24	# byte swap($i)
238384Sjkim	srl	$t1,@X[$i],8
238384Sjkim	andi	$t2,@X[$i],0xFF00
238384Sjkim	sll	@X[$i],@X[$i],24
238384Sjkim	andi	$t1,0xFF00
238384Sjkim	sll	$t2,$t2,8
238384Sjkim	or	@X[$i],$t0
238384Sjkim	or	$t1,$t2
238384Sjkim	or	@X[$i],$t1
238384Sjkim___
238384Sjkim$code.=<<___;
238384Sjkim	 lwl	@X[$j],$j*4+$MSB($inp)
238384Sjkim	sll	$t0,$a,5	# $i
238384Sjkim	addu	$e,$K
238384Sjkim	 lwr	@X[$j],$j*4+$LSB($inp)
238384Sjkim	srl	$t1,$a,27
238384Sjkim	addu	$e,$t0
238384Sjkim	xor	$t0,$c,$d
238384Sjkim	addu	$e,$t1
238384Sjkim	sll	$t2,$b,30
238384Sjkim	and	$t0,$b
238384Sjkim	srl	$b,$b,2
238384Sjkim	xor	$t0,$d
238384Sjkim	addu	$e,@X[$i]
238384Sjkim	or	$b,$t2
238384Sjkim	addu	$e,$t0
238384Sjkim___
238384Sjkim}
238384Sjkim
238384Sjkimsub BODY_15_19 {
238384Sjkimmy ($i,$a,$b,$c,$d,$e)=@_;
238384Sjkimmy $j=$i+1;
238384Sjkim
238384Sjkim$code.=<<___	if (!$big_endian && $i==15);
238384Sjkim	srl	$t0,@X[$i],24	# byte swap($i)
238384Sjkim	srl	$t1,@X[$i],8
238384Sjkim	andi	$t2,@X[$i],0xFF00
238384Sjkim	sll	@X[$i],@X[$i],24
238384Sjkim	andi	$t1,0xFF00
238384Sjkim	sll	$t2,$t2,8
238384Sjkim	or	@X[$i],$t0
238384Sjkim	or	@X[$i],$t1
238384Sjkim	or	@X[$i],$t2
238384Sjkim___
238384Sjkim$code.=<<___;
238384Sjkim	 xor	@X[$j%16],@X[($j+2)%16]
238384Sjkim	sll	$t0,$a,5	# $i
238384Sjkim	addu	$e,$K
238384Sjkim	srl	$t1,$a,27
238384Sjkim	addu	$e,$t0
238384Sjkim	 xor	@X[$j%16],@X[($j+8)%16]
238384Sjkim	xor	$t0,$c,$d
238384Sjkim	addu	$e,$t1
238384Sjkim	 xor	@X[$j%16],@X[($j+13)%16]
238384Sjkim	sll	$t2,$b,30
238384Sjkim	and	$t0,$b
238384Sjkim	 srl	$t1,@X[$j%16],31
238384Sjkim	 addu	@X[$j%16],@X[$j%16]
238384Sjkim	srl	$b,$b,2
238384Sjkim	xor	$t0,$d
238384Sjkim	 or	@X[$j%16],$t1
238384Sjkim	addu	$e,@X[$i%16]
238384Sjkim	or	$b,$t2
238384Sjkim	addu	$e,$t0
238384Sjkim___
238384Sjkim}
238384Sjkim
238384Sjkimsub BODY_20_39 {
238384Sjkimmy ($i,$a,$b,$c,$d,$e)=@_;
238384Sjkimmy $j=$i+1;
238384Sjkim$code.=<<___ if ($i<79);
238384Sjkim	 xor	@X[$j%16],@X[($j+2)%16]
238384Sjkim	sll	$t0,$a,5	# $i
238384Sjkim	addu	$e,$K
238384Sjkim	srl	$t1,$a,27
238384Sjkim	addu	$e,$t0
238384Sjkim	 xor	@X[$j%16],@X[($j+8)%16]
238384Sjkim	xor	$t0,$c,$d
238384Sjkim	addu	$e,$t1
238384Sjkim	 xor	@X[$j%16],@X[($j+13)%16]
238384Sjkim	sll	$t2,$b,30
238384Sjkim	xor	$t0,$b
238384Sjkim	 srl	$t1,@X[$j%16],31
238384Sjkim	 addu	@X[$j%16],@X[$j%16]
238384Sjkim	srl	$b,$b,2
238384Sjkim	addu	$e,@X[$i%16]
238384Sjkim	 or	@X[$j%16],$t1
238384Sjkim	or	$b,$t2
238384Sjkim	addu	$e,$t0
238384Sjkim___
238384Sjkim$code.=<<___ if ($i==79);
238384Sjkim	 lw	@X[0],0($ctx)
238384Sjkim	sll	$t0,$a,5	# $i
238384Sjkim	addu	$e,$K
238384Sjkim	 lw	@X[1],4($ctx)
238384Sjkim	srl	$t1,$a,27
238384Sjkim	addu	$e,$t0
238384Sjkim	 lw	@X[2],8($ctx)
238384Sjkim	xor	$t0,$c,$d
238384Sjkim	addu	$e,$t1
238384Sjkim	 lw	@X[3],12($ctx)
238384Sjkim	sll	$t2,$b,30
238384Sjkim	xor	$t0,$b
238384Sjkim	 lw	@X[4],16($ctx)
238384Sjkim	srl	$b,$b,2
238384Sjkim	addu	$e,@X[$i%16]
238384Sjkim	or	$b,$t2
238384Sjkim	addu	$e,$t0
238384Sjkim___
238384Sjkim}
238384Sjkim
238384Sjkimsub BODY_40_59 {
238384Sjkimmy ($i,$a,$b,$c,$d,$e)=@_;
238384Sjkimmy $j=$i+1;
238384Sjkim$code.=<<___ if ($i<79);
238384Sjkim	 xor	@X[$j%16],@X[($j+2)%16]
238384Sjkim	sll	$t0,$a,5	# $i
238384Sjkim	addu	$e,$K
238384Sjkim	srl	$t1,$a,27
238384Sjkim	addu	$e,$t0
238384Sjkim	 xor	@X[$j%16],@X[($j+8)%16]
238384Sjkim	and	$t0,$c,$d
238384Sjkim	addu	$e,$t1
238384Sjkim	 xor	@X[$j%16],@X[($j+13)%16]
238384Sjkim	sll	$t2,$b,30
238384Sjkim	addu	$e,$t0
238384Sjkim	 srl	$t1,@X[$j%16],31
238384Sjkim	xor	$t0,$c,$d
238384Sjkim	 addu	@X[$j%16],@X[$j%16]
238384Sjkim	and	$t0,$b
238384Sjkim	srl	$b,$b,2
238384Sjkim	 or	@X[$j%16],$t1
238384Sjkim	addu	$e,@X[$i%16]
238384Sjkim	or	$b,$t2
238384Sjkim	addu	$e,$t0
238384Sjkim___
238384Sjkim}
238384Sjkim
238384Sjkim$FRAMESIZE=16;	# large enough to accomodate NUBI saved registers
238384Sjkim$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
238384Sjkim
238384Sjkim$code=<<___;
238384Sjkim#ifdef OPENSSL_FIPSCANISTER
238384Sjkim# include <openssl/fipssyms.h>
238384Sjkim#endif
238384Sjkim
238384Sjkim.text
238384Sjkim
238384Sjkim.set	noat
238384Sjkim.set	noreorder
238384Sjkim.align	5
238384Sjkim.globl	sha1_block_data_order
238384Sjkim.ent	sha1_block_data_order
238384Sjkimsha1_block_data_order:
238384Sjkim	.frame	$sp,$FRAMESIZE*$SZREG,$ra
238384Sjkim	.mask	$SAVED_REGS_MASK,-$SZREG
238384Sjkim	.set	noreorder
238384Sjkim	$PTR_SUB $sp,$FRAMESIZE*$SZREG
238384Sjkim	$REG_S	$ra,($FRAMESIZE-1)*$SZREG($sp)
238384Sjkim	$REG_S	$fp,($FRAMESIZE-2)*$SZREG($sp)
238384Sjkim	$REG_S	$s11,($FRAMESIZE-3)*$SZREG($sp)
238384Sjkim	$REG_S	$s10,($FRAMESIZE-4)*$SZREG($sp)
238384Sjkim	$REG_S	$s9,($FRAMESIZE-5)*$SZREG($sp)
238384Sjkim	$REG_S	$s8,($FRAMESIZE-6)*$SZREG($sp)
238384Sjkim	$REG_S	$s7,($FRAMESIZE-7)*$SZREG($sp)
238384Sjkim	$REG_S	$s6,($FRAMESIZE-8)*$SZREG($sp)
238384Sjkim	$REG_S	$s5,($FRAMESIZE-9)*$SZREG($sp)
238384Sjkim	$REG_S	$s4,($FRAMESIZE-10)*$SZREG($sp)
238384Sjkim___
238384Sjkim$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
238384Sjkim	$REG_S	$s3,($FRAMESIZE-11)*$SZREG($sp)
238384Sjkim	$REG_S	$s2,($FRAMESIZE-12)*$SZREG($sp)
238384Sjkim	$REG_S	$s1,($FRAMESIZE-13)*$SZREG($sp)
238384Sjkim	$REG_S	$s0,($FRAMESIZE-14)*$SZREG($sp)
238384Sjkim	$REG_S	$gp,($FRAMESIZE-15)*$SZREG($sp)
238384Sjkim___
238384Sjkim$code.=<<___;
238384Sjkim	$PTR_SLL $num,6
238384Sjkim	$PTR_ADD $num,$inp
238384Sjkim	$REG_S	$num,0($sp)
238384Sjkim	lw	$A,0($ctx)
238384Sjkim	lw	$B,4($ctx)
238384Sjkim	lw	$C,8($ctx)
238384Sjkim	lw	$D,12($ctx)
238384Sjkim	b	.Loop
238384Sjkim	lw	$E,16($ctx)
238384Sjkim.align	4
238384Sjkim.Loop:
238384Sjkim	.set	reorder
238384Sjkim	lwl	@X[0],$MSB($inp)
238384Sjkim	lui	$K,0x5a82
238384Sjkim	lwr	@X[0],$LSB($inp)
238384Sjkim	ori	$K,0x7999	# K_00_19
238384Sjkim___
238384Sjkimfor ($i=0;$i<15;$i++)	{ &BODY_00_14($i,@V); unshift(@V,pop(@V)); }
238384Sjkimfor (;$i<20;$i++)	{ &BODY_15_19($i,@V); unshift(@V,pop(@V)); }
238384Sjkim$code.=<<___;
238384Sjkim	lui	$K,0x6ed9
238384Sjkim	ori	$K,0xeba1	# K_20_39
238384Sjkim___
238384Sjkimfor (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
238384Sjkim$code.=<<___;
238384Sjkim	lui	$K,0x8f1b
238384Sjkim	ori	$K,0xbcdc	# K_40_59
238384Sjkim___
238384Sjkimfor (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
238384Sjkim$code.=<<___;
238384Sjkim	lui	$K,0xca62
238384Sjkim	ori	$K,0xc1d6	# K_60_79
238384Sjkim___
238384Sjkimfor (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
238384Sjkim$code.=<<___;
238384Sjkim	$PTR_ADD $inp,64
238384Sjkim	$REG_L	$num,0($sp)
238384Sjkim
238384Sjkim	addu	$A,$X[0]
238384Sjkim	addu	$B,$X[1]
238384Sjkim	sw	$A,0($ctx)
238384Sjkim	addu	$C,$X[2]
238384Sjkim	addu	$D,$X[3]
238384Sjkim	sw	$B,4($ctx)
238384Sjkim	addu	$E,$X[4]
238384Sjkim	sw	$C,8($ctx)
238384Sjkim	sw	$D,12($ctx)
238384Sjkim	sw	$E,16($ctx)
238384Sjkim	.set	noreorder
238384Sjkim	bne	$inp,$num,.Loop
238384Sjkim	nop
238384Sjkim
238384Sjkim	.set	noreorder
238384Sjkim	$REG_L	$ra,($FRAMESIZE-1)*$SZREG($sp)
238384Sjkim	$REG_L	$fp,($FRAMESIZE-2)*$SZREG($sp)
238384Sjkim	$REG_L	$s11,($FRAMESIZE-3)*$SZREG($sp)
238384Sjkim	$REG_L	$s10,($FRAMESIZE-4)*$SZREG($sp)
238384Sjkim	$REG_L	$s9,($FRAMESIZE-5)*$SZREG($sp)
238384Sjkim	$REG_L	$s8,($FRAMESIZE-6)*$SZREG($sp)
238384Sjkim	$REG_L	$s7,($FRAMESIZE-7)*$SZREG($sp)
238384Sjkim	$REG_L	$s6,($FRAMESIZE-8)*$SZREG($sp)
238384Sjkim	$REG_L	$s5,($FRAMESIZE-9)*$SZREG($sp)
238384Sjkim	$REG_L	$s4,($FRAMESIZE-10)*$SZREG($sp)
238384Sjkim___
238384Sjkim$code.=<<___ if ($flavour =~ /nubi/i);
238384Sjkim	$REG_L	$s3,($FRAMESIZE-11)*$SZREG($sp)
238384Sjkim	$REG_L	$s2,($FRAMESIZE-12)*$SZREG($sp)
238384Sjkim	$REG_L	$s1,($FRAMESIZE-13)*$SZREG($sp)
238384Sjkim	$REG_L	$s0,($FRAMESIZE-14)*$SZREG($sp)
238384Sjkim	$REG_L	$gp,($FRAMESIZE-15)*$SZREG($sp)
238384Sjkim___
238384Sjkim$code.=<<___;
238384Sjkim	jr	$ra
238384Sjkim	$PTR_ADD $sp,$FRAMESIZE*$SZREG
238384Sjkim.end	sha1_block_data_order
238384Sjkim.rdata
238384Sjkim.asciiz	"SHA1 for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
238384Sjkim___
238384Sjkimprint $code;
238384Sjkimclose STDOUT;