studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

318
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/asm/md5-586.pl vendored Normal file
View File

@@ -0,0 +1,318 @@
#!/usr/local/bin/perl
# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
# Normal is the
# md5_block_x86(MD5_CTX *c, ULONG *X);
# version, non-normal is the
# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
# The first two arguments should always be the flavour and output file path.
if ($#ARGV < 1) { die "Not enough arguments provided.
Two arguments are necessary: the flavour and the output file path." }
$normal=0;
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../../perlasm");
require "x86asm.pl";
$output=$ARGV[1];
open STDOUT,">$output";
&asm_init($ARGV[0]);
$A="eax";
$B="ebx";
$C="ecx";
$D="edx";
$tmp1="edi";
$tmp2="ebp";
$X="esi";
# What we need to load into $tmp for the next round
%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
@xo=(
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0
1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1
5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2
0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3
);
&md5_block("md5_block_asm_data_order");
&asm_finish();
close STDOUT or die "error closing STDOUT: $!";
sub Np
{
local($p)=@_;
local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
return($n{$p});
}
sub R0
{
local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
&mov($tmp1,$C) if $pos < 0;
&mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one
# body proper
&comment("R0 $ki");
&xor($tmp1,$d); # F function - part 2
&and($tmp1,$b); # F function - part 3
&lea($a,&DWP($t,$a,$tmp2,1));
&xor($tmp1,$d); # F function - part 4
&add($a,$tmp1);
&mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0
&mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1
&rotl($a,$s);
&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
&add($a,$b);
}
sub R1
{
local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
&comment("R1 $ki");
&lea($a,&DWP($t,$a,$tmp2,1));
&xor($tmp1,$b); # G function - part 2
&and($tmp1,$d); # G function - part 3
&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
&xor($tmp1,$c); # G function - part 4
&add($a,$tmp1);
&mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1
&mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1
&rotl($a,$s);
&add($a,$b);
}
sub R2
{
local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
# This one is different, only 3 logical operations
if (($n & 1) == 0)
{
&comment("R2 $ki");
# make sure to do 'D' first, not 'B', else we clash with
# the last add from the previous round.
&xor($tmp1,$d); # H function - part 2
&xor($tmp1,$b); # H function - part 3
&lea($a,&DWP($t,$a,$tmp2,1));
&add($a,$tmp1);
&rotl($a,$s);
&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
&mov($tmp1,&Np($c));
}
else
{
&comment("R2 $ki");
# make sure to do 'D' first, not 'B', else we clash with
# the last add from the previous round.
&lea($a,&DWP($t,$a,$tmp2,1));
&add($b,$c); # MOVED FORWARD
&xor($tmp1,$d); # H function - part 2
&xor($tmp1,$b); # H function - part 3
&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
&add($a,$tmp1);
&mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1
&mov($tmp1,-1) if $pos == 1; # I function - part 1
&rotl($a,$s);
&add($a,$b);
}
}
sub R3
{
local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
&comment("R3 $ki");
# &not($tmp1)
&xor($tmp1,$d) if $pos < 0; # I function - part 2
&or($tmp1,$b); # I function - part 3
&lea($a,&DWP($t,$a,$tmp2,1));
&xor($tmp1,$c); # I function - part 4
&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value
&mov($tmp2,&wparam(0)) if $pos == 2;
&add($a,$tmp1);
&mov($tmp1,-1) if $pos < 1; # H function - part 1
&add($K,64) if $pos >=1 && !$normal;
&rotl($a,$s);
&xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time
&mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
&add($a,$b);
}
sub md5_block
{
local($name)=@_;
&function_begin_B($name,"",3);
# parameter 1 is the MD5_CTX structure.
# A 0
# B 4
# C 8
# D 12
&push("esi");
&push("edi");
&mov($tmp1, &wparam(0)); # edi
&mov($X, &wparam(1)); # esi
&mov($C, &wparam(2));
&push("ebp");
&shl($C, 6);
&push("ebx");
&add($C, $X); # offset we end at
&sub($C, 64);
&mov($A, &DWP( 0,$tmp1,"",0));
&push($C); # Put on the TOS
&mov($B, &DWP( 4,$tmp1,"",0));
&mov($C, &DWP( 8,$tmp1,"",0));
&mov($D, &DWP(12,$tmp1,"",0));
&set_label("start") unless $normal;
&comment("");
&comment("R0 section");
&R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
&R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
&R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
&R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
&R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
&R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
&R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
&R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
&R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
&R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
&R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
&R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
&R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
&R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
&R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
&R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
&comment("");
&comment("R1 section");
&R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
&R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
&R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
&R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
&R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
&R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
&R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
&R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
&R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
&R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
&R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
&R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
&R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
&R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
&R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
&R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
&comment("");
&comment("R2 section");
&R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
&R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
&R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
&R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
&R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
&R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
&R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
&R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
&R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
&R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
&R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
&R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
&R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
&R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
&R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
&R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
&comment("");
&comment("R3 section");
&R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
&R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
&R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
&R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
&R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
&R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
&R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
&R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
&R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
&R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
&R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
&R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
&R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
&R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
&R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
&R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
# &mov($tmp2,&wparam(0)); # done in the last R3
# &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3
&add($A,$tmp1);
&mov($tmp1, &DWP( 4,$tmp2,"",0));
&add($B,$tmp1);
&mov($tmp1, &DWP( 8,$tmp2,"",0));
&add($C,$tmp1);
&mov($tmp1, &DWP(12,$tmp2,"",0));
&add($D,$tmp1);
&mov(&DWP( 0,$tmp2,"",0),$A);
&mov(&DWP( 4,$tmp2,"",0),$B);
&mov($tmp1,&swtmp(0)) unless $normal;
&mov(&DWP( 8,$tmp2,"",0),$C);
&mov(&DWP(12,$tmp2,"",0),$D);
&cmp($tmp1,$X) unless $normal; # check count
&jae(&label("start")) unless $normal;
&pop("eax"); # pop the temp variable off the stack
&pop("ebx");
&pop("ebp");
&pop("edi");
&pop("esi");
&ret();
&function_end_B($name);
}

715
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/asm/md5-armv8.pl vendored Normal file
View File

@@ -0,0 +1,715 @@
#! /usr/bin/env perl
# Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
# MD5 optimized for aarch64.
use strict;
my $code;
# The first two arguments should always be the flavour and output file path.
if ($#ARGV < 1) { die "Not enough arguments provided.
Two arguments are necessary: the flavour and the output file path."; }
my $flavour = shift;
my $output = shift;
$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../../perlasm/arm-xlate.pl" and -f $xlate) or
die "can't locate arm-xlate.pl";
open OUT, qq{| "$^X" "$xlate" $flavour "$output"}
or die "can't call $xlate: $1";
*STDOUT=*OUT;
$code .= <<EOF;
.text
.globl md5_block_asm_data_order
.type md5_block_asm_data_order,\@function
md5_block_asm_data_order:
.cfi_startproc
// Save all callee-saved registers
stp x19,x20,[sp,#-80]!
.cfi_def_cfa_offset 80
.cfi_offset x19, -80
.cfi_offset x20, -72
stp x21,x22,[sp,#16]
.cfi_offset x21, -64
.cfi_offset x22, -56
stp x23,x24,[sp,#32]
.cfi_offset x23, -48
.cfi_offset x24, -40
stp x25,x26,[sp,#48]
.cfi_offset x25, -32
.cfi_offset x26, -24
stp x27,x28,[sp,#64]
.cfi_offset x27, -16
.cfi_offset x28, -8
ldp w10, w11, [x0, #0] // Load MD5 state->A and state->B
ldp w12, w13, [x0, #8] // Load MD5 state->C and state->D
.align 5
.Lmd5_blocks_loop:
eor x17, x12, x13 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
and x16, x17, x11 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
ldp x15, x3, [x1] // Load 4 words of input data0 M[0]/0
eor x14, x16, x13 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x9, #0xa478 // Load lower half of constant 0xd76aa478
movk x9, #0xd76a, lsl #16 // Load upper half of constant 0xd76aa478
add w8, w10, w15 // Add dest value
add w7, w8, w9 // Add constant 0xd76aa478
add w6, w7, w14 // Add aux function result
ror w6, w6, #25 // Rotate left s=7 bits
eor x5, x11, x12 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w4, w11, w6 // Add X parameter round 1 A=FF(A, B, C, D, 0xd76aa478, s=7, M[0])
and x8, x5, x4 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x17, x8, x12 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x16, #0xb756 // Load lower half of constant 0xe8c7b756
movk x16, #0xe8c7, lsl #16 // Load upper half of constant 0xe8c7b756
lsr x20, x15, #32 // Right shift high input value containing M[1]
add w9, w13, w20 // Add dest value
add w7, w9, w16 // Add constant 0xe8c7b756
add w14, w7, w17 // Add aux function result
ror w14, w14, #20 // Rotate left s=12 bits
eor x6, x4, x11 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w5, w4, w14 // Add X parameter round 1 D=FF(D, A, B, C, 0xe8c7b756, s=12, M[1])
and x8, x6, x5 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x9, x8, x11 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x16, #0x70db // Load lower half of constant 0x242070db
movk x16, #0x2420, lsl #16 // Load upper half of constant 0x242070db
add w7, w12, w3 // Add dest value
add w17, w7, w16 // Add constant 0x242070db
add w14, w17, w9 // Add aux function result
ror w14, w14, #15 // Rotate left s=17 bits
eor x6, x5, x4 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w8, w5, w14 // Add X parameter round 1 C=FF(C, D, A, B, 0x242070db, s=17, M[2])
and x7, x6, x8 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x16, x7, x4 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x9, #0xceee // Load lower half of constant 0xc1bdceee
movk x9, #0xc1bd, lsl #16 // Load upper half of constant 0xc1bdceee
lsr x21, x3, #32 // Right shift high input value containing M[3]
add w14, w11, w21 // Add dest value
add w6, w14, w9 // Add constant 0xc1bdceee
add w7, w6, w16 // Add aux function result
ror w7, w7, #10 // Rotate left s=22 bits
eor x17, x8, x5 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w9, w8, w7 // Add X parameter round 1 B=FF(B, C, D, A, 0xc1bdceee, s=22, M[3])
ldp x14, x7, [x1, #16] // Load 4 words of input data0 M[4]/0w
and x16, x17, x9 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x16, x5 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x16, #0xfaf // Load lower half of constant 0xf57c0faf
movk x16, #0xf57c, lsl #16 // Load upper half of constant 0xf57c0faf
add w17, w4, w14 // Add dest value
add w16, w17, w16 // Add constant 0xf57c0faf
add w4, w16, w6 // Add aux function result
ror w4, w4, #25 // Rotate left s=7 bits
eor x16, x9, x8 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w17, w9, w4 // Add X parameter round 1 A=FF(A, B, C, D, 0xf57c0faf, s=7, M[4])
and x16, x16, x17 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x16, x8 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x4, #0xc62a // Load lower half of constant 0x4787c62a
movk x4, #0x4787, lsl #16 // Load upper half of constant 0x4787c62a
lsr x22, x14, #32 // Right shift high input value containing M[5]
add w16, w5, w22 // Add dest value
add w16, w16, w4 // Add constant 0x4787c62a
add w5, w16, w6 // Add aux function result
ror w5, w5, #20 // Rotate left s=12 bits
eor x4, x17, x9 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w19, w17, w5 // Add X parameter round 1 D=FF(D, A, B, C, 0x4787c62a, s=12, M[5])
and x6, x4, x19 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x5, x6, x9 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x4, #0x4613 // Load lower half of constant 0xa8304613
movk x4, #0xa830, lsl #16 // Load upper half of constant 0xa8304613
add w6, w8, w7 // Add dest value
add w8, w6, w4 // Add constant 0xa8304613
add w4, w8, w5 // Add aux function result
ror w4, w4, #15 // Rotate left s=17 bits
eor x6, x19, x17 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w8, w19, w4 // Add X parameter round 1 C=FF(C, D, A, B, 0xa8304613, s=17, M[6])
and x5, x6, x8 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x4, x5, x17 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x6, #0x9501 // Load lower half of constant 0xfd469501
movk x6, #0xfd46, lsl #16 // Load upper half of constant 0xfd469501
lsr x23, x7, #32 // Right shift high input value containing M[7]
add w9, w9, w23 // Add dest value
add w5, w9, w6 // Add constant 0xfd469501
add w9, w5, w4 // Add aux function result
ror w9, w9, #10 // Rotate left s=22 bits
eor x6, x8, x19 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w4, w8, w9 // Add X parameter round 1 B=FF(B, C, D, A, 0xfd469501, s=22, M[7])
ldp x5, x16, [x1, #32] // Load 4 words of input data0 M[8]/0
and x9, x6, x4 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x9, x19 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x9, #0x98d8 // Load lower half of constant 0x698098d8
movk x9, #0x6980, lsl #16 // Load upper half of constant 0x698098d8
add w17, w17, w5 // Add dest value
add w9, w17, w9 // Add constant 0x698098d8
add w17, w9, w6 // Add aux function result
ror w17, w17, #25 // Rotate left s=7 bits
eor x9, x4, x8 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w6, w4, w17 // Add X parameter round 1 A=FF(A, B, C, D, 0x698098d8, s=7, M[8])
and x17, x9, x6 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x9, x17, x8 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x17, #0xf7af // Load lower half of constant 0x8b44f7af
movk x17, #0x8b44, lsl #16 // Load upper half of constant 0x8b44f7af
lsr x24, x5, #32 // Right shift high input value containing M[9]
add w19, w19, w24 // Add dest value
add w17, w19, w17 // Add constant 0x8b44f7af
add w19, w17, w9 // Add aux function result
ror w19, w19, #20 // Rotate left s=12 bits
eor x9, x6, x4 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w17, w6, w19 // Add X parameter round 1 D=FF(D, A, B, C, 0x8b44f7af, s=12, M[9])
and x9, x9, x17 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x9, x9, x4 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x11, #0x5bb1 // Load lower half of constant 0xffff5bb1
movk x11, #0xffff, lsl #16 // Load upper half of constant 0xffff5bb1
add w8, w8, w16 // Add dest value
add w8, w8, w11 // Add constant 0xffff5bb1
add w8, w8, w9 // Add aux function result
ror w8, w8, #15 // Rotate left s=17 bits
eor x9, x17, x6 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w8, w17, w8 // Add X parameter round 1 C=FF(C, D, A, B, 0xffff5bb1, s=17, M[10])
and x9, x9, x8 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x9, x9, x6 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x11, #0xd7be // Load lower half of constant 0x895cd7be
movk x11, #0x895c, lsl #16 // Load upper half of constant 0x895cd7be
lsr x25, x16, #32 // Right shift high input value containing M[11]
add w4, w4, w25 // Add dest value
add w4, w4, w11 // Add constant 0x895cd7be
add w9, w4, w9 // Add aux function result
ror w9, w9, #10 // Rotate left s=22 bits
eor x4, x8, x17 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w9, w8, w9 // Add X parameter round 1 B=FF(B, C, D, A, 0x895cd7be, s=22, M[11])
ldp x11, x12, [x1, #48] // Load 4 words of input data0 M[12]/0
and x4, x4, x9 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x4, x4, x17 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x19, #0x1122 // Load lower half of constant 0x6b901122
movk x19, #0x6b90, lsl #16 // Load upper half of constant 0x6b901122
add w6, w6, w11 // Add dest value
add w6, w6, w19 // Add constant 0x6b901122
add w4, w6, w4 // Add aux function result
ror w4, w4, #25 // Rotate left s=7 bits
eor x6, x9, x8 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w4, w9, w4 // Add X parameter round 1 A=FF(A, B, C, D, 0x6b901122, s=7, M[12])
and x6, x6, x4 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x6, x8 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x19, #0x7193 // Load lower half of constant 0xfd987193
movk x19, #0xfd98, lsl #16 // Load upper half of constant 0xfd987193
lsr x26, x11, #32 // Right shift high input value containing M[13]
add w17, w17, w26 // Add dest value
add w17, w17, w19 // Add constant 0xfd987193
add w17, w17, w6 // Add aux function result
ror w17, w17, #20 // Rotate left s=12 bits
eor x6, x4, x9 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w17, w4, w17 // Add X parameter round 1 D=FF(D, A, B, C, 0xfd987193, s=12, M[13])
and x6, x6, x17 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x6, x9 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x13, #0x438e // Load lower half of constant 0xa679438e
movk x13, #0xa679, lsl #16 // Load upper half of constant 0xa679438e
add w8, w8, w12 // Add dest value
add w8, w8, w13 // Add constant 0xa679438e
add w8, w8, w6 // Add aux function result
ror w8, w8, #15 // Rotate left s=17 bits
eor x6, x17, x4 // Begin aux function round 1 F(x,y,z)=(((y^z)&x)^z)
add w8, w17, w8 // Add X parameter round 1 C=FF(C, D, A, B, 0xa679438e, s=17, M[14])
and x6, x6, x8 // Continue aux function round 1 F(x,y,z)=(((y^z)&x)^z)
eor x6, x6, x4 // End aux function round 1 F(x,y,z)=(((y^z)&x)^z)
movz x13, #0x821 // Load lower half of constant 0x49b40821
movk x13, #0x49b4, lsl #16 // Load upper half of constant 0x49b40821
lsr x27, x12, #32 // Right shift high input value containing M[15]
add w9, w9, w27 // Add dest value
add w9, w9, w13 // Add constant 0x49b40821
add w9, w9, w6 // Add aux function result
ror w9, w9, #10 // Rotate left s=22 bits
bic x6, x8, x17 // Aux function round 2 (~z & y)
add w9, w8, w9 // Add X parameter round 1 B=FF(B, C, D, A, 0x49b40821, s=22, M[15])
movz x13, #0x2562 // Load lower half of constant 0xf61e2562
movk x13, #0xf61e, lsl #16 // Load upper half of constant 0xf61e2562
add w4, w4, w20 // Add dest value
add w4, w4, w13 // Add constant 0xf61e2562
and x13, x9, x17 // Aux function round 2 (x & z)
add w4, w4, w6 // Add (~z & y)
add w4, w4, w13 // Add (x & z)
ror w4, w4, #27 // Rotate left s=5 bits
bic x6, x9, x8 // Aux function round 2 (~z & y)
add w4, w9, w4 // Add X parameter round 2 A=GG(A, B, C, D, 0xf61e2562, s=5, M[1])
movz x13, #0xb340 // Load lower half of constant 0xc040b340
movk x13, #0xc040, lsl #16 // Load upper half of constant 0xc040b340
add w17, w17, w7 // Add dest value
add w17, w17, w13 // Add constant 0xc040b340
and x13, x4, x8 // Aux function round 2 (x & z)
add w17, w17, w6 // Add (~z & y)
add w17, w17, w13 // Add (x & z)
ror w17, w17, #23 // Rotate left s=9 bits
bic x6, x4, x9 // Aux function round 2 (~z & y)
add w17, w4, w17 // Add X parameter round 2 D=GG(D, A, B, C, 0xc040b340, s=9, M[6])
movz x13, #0x5a51 // Load lower half of constant 0x265e5a51
movk x13, #0x265e, lsl #16 // Load upper half of constant 0x265e5a51
add w8, w8, w25 // Add dest value
add w8, w8, w13 // Add constant 0x265e5a51
and x13, x17, x9 // Aux function round 2 (x & z)
add w8, w8, w6 // Add (~z & y)
add w8, w8, w13 // Add (x & z)
ror w8, w8, #18 // Rotate left s=14 bits
bic x6, x17, x4 // Aux function round 2 (~z & y)
add w8, w17, w8 // Add X parameter round 2 C=GG(C, D, A, B, 0x265e5a51, s=14, M[11])
movz x13, #0xc7aa // Load lower half of constant 0xe9b6c7aa
movk x13, #0xe9b6, lsl #16 // Load upper half of constant 0xe9b6c7aa
add w9, w9, w15 // Add dest value
add w9, w9, w13 // Add constant 0xe9b6c7aa
and x13, x8, x4 // Aux function round 2 (x & z)
add w9, w9, w6 // Add (~z & y)
add w9, w9, w13 // Add (x & z)
ror w9, w9, #12 // Rotate left s=20 bits
bic x6, x8, x17 // Aux function round 2 (~z & y)
add w9, w8, w9 // Add X parameter round 2 B=GG(B, C, D, A, 0xe9b6c7aa, s=20, M[0])
movz x13, #0x105d // Load lower half of constant 0xd62f105d
movk x13, #0xd62f, lsl #16 // Load upper half of constant 0xd62f105d
add w4, w4, w22 // Add dest value
add w4, w4, w13 // Add constant 0xd62f105d
and x13, x9, x17 // Aux function round 2 (x & z)
add w4, w4, w6 // Add (~z & y)
add w4, w4, w13 // Add (x & z)
ror w4, w4, #27 // Rotate left s=5 bits
bic x6, x9, x8 // Aux function round 2 (~z & y)
add w4, w9, w4 // Add X parameter round 2 A=GG(A, B, C, D, 0xd62f105d, s=5, M[5])
movz x13, #0x1453 // Load lower half of constant 0x2441453
movk x13, #0x244, lsl #16 // Load upper half of constant 0x2441453
add w17, w17, w16 // Add dest value
add w17, w17, w13 // Add constant 0x2441453
and x13, x4, x8 // Aux function round 2 (x & z)
add w17, w17, w6 // Add (~z & y)
add w17, w17, w13 // Add (x & z)
ror w17, w17, #23 // Rotate left s=9 bits
bic x6, x4, x9 // Aux function round 2 (~z & y)
add w17, w4, w17 // Add X parameter round 2 D=GG(D, A, B, C, 0x2441453, s=9, M[10])
movz x13, #0xe681 // Load lower half of constant 0xd8a1e681
movk x13, #0xd8a1, lsl #16 // Load upper half of constant 0xd8a1e681
add w8, w8, w27 // Add dest value
add w8, w8, w13 // Add constant 0xd8a1e681
and x13, x17, x9 // Aux function round 2 (x & z)
add w8, w8, w6 // Add (~z & y)
add w8, w8, w13 // Add (x & z)
ror w8, w8, #18 // Rotate left s=14 bits
bic x6, x17, x4 // Aux function round 2 (~z & y)
add w8, w17, w8 // Add X parameter round 2 C=GG(C, D, A, B, 0xd8a1e681, s=14, M[15])
movz x13, #0xfbc8 // Load lower half of constant 0xe7d3fbc8
movk x13, #0xe7d3, lsl #16 // Load upper half of constant 0xe7d3fbc8
add w9, w9, w14 // Add dest value
add w9, w9, w13 // Add constant 0xe7d3fbc8
and x13, x8, x4 // Aux function round 2 (x & z)
add w9, w9, w6 // Add (~z & y)
add w9, w9, w13 // Add (x & z)
ror w9, w9, #12 // Rotate left s=20 bits
bic x6, x8, x17 // Aux function round 2 (~z & y)
add w9, w8, w9 // Add X parameter round 2 B=GG(B, C, D, A, 0xe7d3fbc8, s=20, M[4])
movz x13, #0xcde6 // Load lower half of constant 0x21e1cde6
movk x13, #0x21e1, lsl #16 // Load upper half of constant 0x21e1cde6
add w4, w4, w24 // Add dest value
add w4, w4, w13 // Add constant 0x21e1cde6
and x13, x9, x17 // Aux function round 2 (x & z)
add w4, w4, w6 // Add (~z & y)
add w4, w4, w13 // Add (x & z)
ror w4, w4, #27 // Rotate left s=5 bits
bic x6, x9, x8 // Aux function round 2 (~z & y)
add w4, w9, w4 // Add X parameter round 2 A=GG(A, B, C, D, 0x21e1cde6, s=5, M[9])
movz x13, #0x7d6 // Load lower half of constant 0xc33707d6
movk x13, #0xc337, lsl #16 // Load upper half of constant 0xc33707d6
add w17, w17, w12 // Add dest value
add w17, w17, w13 // Add constant 0xc33707d6
and x13, x4, x8 // Aux function round 2 (x & z)
add w17, w17, w6 // Add (~z & y)
add w17, w17, w13 // Add (x & z)
ror w17, w17, #23 // Rotate left s=9 bits
bic x6, x4, x9 // Aux function round 2 (~z & y)
add w17, w4, w17 // Add X parameter round 2 D=GG(D, A, B, C, 0xc33707d6, s=9, M[14])
movz x13, #0xd87 // Load lower half of constant 0xf4d50d87
movk x13, #0xf4d5, lsl #16 // Load upper half of constant 0xf4d50d87
add w8, w8, w21 // Add dest value
add w8, w8, w13 // Add constant 0xf4d50d87
and x13, x17, x9 // Aux function round 2 (x & z)
add w8, w8, w6 // Add (~z & y)
add w8, w8, w13 // Add (x & z)
ror w8, w8, #18 // Rotate left s=14 bits
bic x6, x17, x4 // Aux function round 2 (~z & y)
add w8, w17, w8 // Add X parameter round 2 C=GG(C, D, A, B, 0xf4d50d87, s=14, M[3])
movz x13, #0x14ed // Load lower half of constant 0x455a14ed
movk x13, #0x455a, lsl #16 // Load upper half of constant 0x455a14ed
add w9, w9, w5 // Add dest value
add w9, w9, w13 // Add constant 0x455a14ed
and x13, x8, x4 // Aux function round 2 (x & z)
add w9, w9, w6 // Add (~z & y)
add w9, w9, w13 // Add (x & z)
ror w9, w9, #12 // Rotate left s=20 bits
bic x6, x8, x17 // Aux function round 2 (~z & y)
add w9, w8, w9 // Add X parameter round 2 B=GG(B, C, D, A, 0x455a14ed, s=20, M[8])
movz x13, #0xe905 // Load lower half of constant 0xa9e3e905
movk x13, #0xa9e3, lsl #16 // Load upper half of constant 0xa9e3e905
add w4, w4, w26 // Add dest value
add w4, w4, w13 // Add constant 0xa9e3e905
and x13, x9, x17 // Aux function round 2 (x & z)
add w4, w4, w6 // Add (~z & y)
add w4, w4, w13 // Add (x & z)
ror w4, w4, #27 // Rotate left s=5 bits
bic x6, x9, x8 // Aux function round 2 (~z & y)
add w4, w9, w4 // Add X parameter round 2 A=GG(A, B, C, D, 0xa9e3e905, s=5, M[13])
movz x13, #0xa3f8 // Load lower half of constant 0xfcefa3f8
movk x13, #0xfcef, lsl #16 // Load upper half of constant 0xfcefa3f8
add w17, w17, w3 // Add dest value
add w17, w17, w13 // Add constant 0xfcefa3f8
and x13, x4, x8 // Aux function round 2 (x & z)
add w17, w17, w6 // Add (~z & y)
add w17, w17, w13 // Add (x & z)
ror w17, w17, #23 // Rotate left s=9 bits
bic x6, x4, x9 // Aux function round 2 (~z & y)
add w17, w4, w17 // Add X parameter round 2 D=GG(D, A, B, C, 0xfcefa3f8, s=9, M[2])
movz x13, #0x2d9 // Load lower half of constant 0x676f02d9
movk x13, #0x676f, lsl #16 // Load upper half of constant 0x676f02d9
add w8, w8, w23 // Add dest value
add w8, w8, w13 // Add constant 0x676f02d9
and x13, x17, x9 // Aux function round 2 (x & z)
add w8, w8, w6 // Add (~z & y)
add w8, w8, w13 // Add (x & z)
ror w8, w8, #18 // Rotate left s=14 bits
bic x6, x17, x4 // Aux function round 2 (~z & y)
add w8, w17, w8 // Add X parameter round 2 C=GG(C, D, A, B, 0x676f02d9, s=14, M[7])
movz x13, #0x4c8a // Load lower half of constant 0x8d2a4c8a
movk x13, #0x8d2a, lsl #16 // Load upper half of constant 0x8d2a4c8a
add w9, w9, w11 // Add dest value
add w9, w9, w13 // Add constant 0x8d2a4c8a
and x13, x8, x4 // Aux function round 2 (x & z)
add w9, w9, w6 // Add (~z & y)
add w9, w9, w13 // Add (x & z)
eor x6, x8, x17 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w9, w9, #12 // Rotate left s=20 bits
movz x10, #0x3942 // Load lower half of constant 0xfffa3942
add w9, w8, w9 // Add X parameter round 2 B=GG(B, C, D, A, 0x8d2a4c8a, s=20, M[12])
movk x10, #0xfffa, lsl #16 // Load upper half of constant 0xfffa3942
add w4, w4, w22 // Add dest value
eor x6, x6, x9 // End aux function round 3 H(x,y,z)=(x^y^z)
add w4, w4, w10 // Add constant 0xfffa3942
add w4, w4, w6 // Add aux function result
ror w4, w4, #28 // Rotate left s=4 bits
eor x6, x9, x8 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x10, #0xf681 // Load lower half of constant 0x8771f681
add w4, w9, w4 // Add X parameter round 3 A=HH(A, B, C, D, 0xfffa3942, s=4, M[5])
movk x10, #0x8771, lsl #16 // Load upper half of constant 0x8771f681
add w17, w17, w5 // Add dest value
eor x6, x6, x4 // End aux function round 3 H(x,y,z)=(x^y^z)
add w17, w17, w10 // Add constant 0x8771f681
add w17, w17, w6 // Add aux function result
eor x6, x4, x9 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w17, w17, #21 // Rotate left s=11 bits
movz x13, #0x6122 // Load lower half of constant 0x6d9d6122
add w17, w4, w17 // Add X parameter round 3 D=HH(D, A, B, C, 0x8771f681, s=11, M[8])
movk x13, #0x6d9d, lsl #16 // Load upper half of constant 0x6d9d6122
add w8, w8, w25 // Add dest value
eor x6, x6, x17 // End aux function round 3 H(x,y,z)=(x^y^z)
add w8, w8, w13 // Add constant 0x6d9d6122
add w8, w8, w6 // Add aux function result
ror w8, w8, #16 // Rotate left s=16 bits
eor x6, x17, x4 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x13, #0x380c // Load lower half of constant 0xfde5380c
add w8, w17, w8 // Add X parameter round 3 C=HH(C, D, A, B, 0x6d9d6122, s=16, M[11])
movk x13, #0xfde5, lsl #16 // Load upper half of constant 0xfde5380c
add w9, w9, w12 // Add dest value
eor x6, x6, x8 // End aux function round 3 H(x,y,z)=(x^y^z)
add w9, w9, w13 // Add constant 0xfde5380c
add w9, w9, w6 // Add aux function result
eor x6, x8, x17 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w9, w9, #9 // Rotate left s=23 bits
movz x10, #0xea44 // Load lower half of constant 0xa4beea44
add w9, w8, w9 // Add X parameter round 3 B=HH(B, C, D, A, 0xfde5380c, s=23, M[14])
movk x10, #0xa4be, lsl #16 // Load upper half of constant 0xa4beea44
add w4, w4, w20 // Add dest value
eor x6, x6, x9 // End aux function round 3 H(x,y,z)=(x^y^z)
add w4, w4, w10 // Add constant 0xa4beea44
add w4, w4, w6 // Add aux function result
ror w4, w4, #28 // Rotate left s=4 bits
eor x6, x9, x8 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x10, #0xcfa9 // Load lower half of constant 0x4bdecfa9
add w4, w9, w4 // Add X parameter round 3 A=HH(A, B, C, D, 0xa4beea44, s=4, M[1])
movk x10, #0x4bde, lsl #16 // Load upper half of constant 0x4bdecfa9
add w17, w17, w14 // Add dest value
eor x6, x6, x4 // End aux function round 3 H(x,y,z)=(x^y^z)
add w17, w17, w10 // Add constant 0x4bdecfa9
add w17, w17, w6 // Add aux function result
eor x6, x4, x9 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w17, w17, #21 // Rotate left s=11 bits
movz x13, #0x4b60 // Load lower half of constant 0xf6bb4b60
add w17, w4, w17 // Add X parameter round 3 D=HH(D, A, B, C, 0x4bdecfa9, s=11, M[4])
movk x13, #0xf6bb, lsl #16 // Load upper half of constant 0xf6bb4b60
add w8, w8, w23 // Add dest value
eor x6, x6, x17 // End aux function round 3 H(x,y,z)=(x^y^z)
add w8, w8, w13 // Add constant 0xf6bb4b60
add w8, w8, w6 // Add aux function result
ror w8, w8, #16 // Rotate left s=16 bits
eor x6, x17, x4 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x13, #0xbc70 // Load lower half of constant 0xbebfbc70
add w8, w17, w8 // Add X parameter round 3 C=HH(C, D, A, B, 0xf6bb4b60, s=16, M[7])
movk x13, #0xbebf, lsl #16 // Load upper half of constant 0xbebfbc70
add w9, w9, w16 // Add dest value
eor x6, x6, x8 // End aux function round 3 H(x,y,z)=(x^y^z)
add w9, w9, w13 // Add constant 0xbebfbc70
add w9, w9, w6 // Add aux function result
eor x6, x8, x17 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w9, w9, #9 // Rotate left s=23 bits
movz x10, #0x7ec6 // Load lower half of constant 0x289b7ec6
add w9, w8, w9 // Add X parameter round 3 B=HH(B, C, D, A, 0xbebfbc70, s=23, M[10])
movk x10, #0x289b, lsl #16 // Load upper half of constant 0x289b7ec6
add w4, w4, w26 // Add dest value
eor x6, x6, x9 // End aux function round 3 H(x,y,z)=(x^y^z)
add w4, w4, w10 // Add constant 0x289b7ec6
add w4, w4, w6 // Add aux function result
ror w4, w4, #28 // Rotate left s=4 bits
eor x6, x9, x8 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x10, #0x27fa // Load lower half of constant 0xeaa127fa
add w4, w9, w4 // Add X parameter round 3 A=HH(A, B, C, D, 0x289b7ec6, s=4, M[13])
movk x10, #0xeaa1, lsl #16 // Load upper half of constant 0xeaa127fa
add w17, w17, w15 // Add dest value
eor x6, x6, x4 // End aux function round 3 H(x,y,z)=(x^y^z)
add w17, w17, w10 // Add constant 0xeaa127fa
add w17, w17, w6 // Add aux function result
eor x6, x4, x9 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w17, w17, #21 // Rotate left s=11 bits
movz x13, #0x3085 // Load lower half of constant 0xd4ef3085
add w17, w4, w17 // Add X parameter round 3 D=HH(D, A, B, C, 0xeaa127fa, s=11, M[0])
movk x13, #0xd4ef, lsl #16 // Load upper half of constant 0xd4ef3085
add w8, w8, w21 // Add dest value
eor x6, x6, x17 // End aux function round 3 H(x,y,z)=(x^y^z)
add w8, w8, w13 // Add constant 0xd4ef3085
add w8, w8, w6 // Add aux function result
ror w8, w8, #16 // Rotate left s=16 bits
eor x6, x17, x4 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x13, #0x1d05 // Load lower half of constant 0x4881d05
add w8, w17, w8 // Add X parameter round 3 C=HH(C, D, A, B, 0xd4ef3085, s=16, M[3])
movk x13, #0x488, lsl #16 // Load upper half of constant 0x4881d05
add w9, w9, w7 // Add dest value
eor x6, x6, x8 // End aux function round 3 H(x,y,z)=(x^y^z)
add w9, w9, w13 // Add constant 0x4881d05
add w9, w9, w6 // Add aux function result
eor x6, x8, x17 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w9, w9, #9 // Rotate left s=23 bits
movz x10, #0xd039 // Load lower half of constant 0xd9d4d039
add w9, w8, w9 // Add X parameter round 3 B=HH(B, C, D, A, 0x4881d05, s=23, M[6])
movk x10, #0xd9d4, lsl #16 // Load upper half of constant 0xd9d4d039
add w4, w4, w24 // Add dest value
eor x6, x6, x9 // End aux function round 3 H(x,y,z)=(x^y^z)
add w4, w4, w10 // Add constant 0xd9d4d039
add w4, w4, w6 // Add aux function result
ror w4, w4, #28 // Rotate left s=4 bits
eor x6, x9, x8 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x10, #0x99e5 // Load lower half of constant 0xe6db99e5
add w4, w9, w4 // Add X parameter round 3 A=HH(A, B, C, D, 0xd9d4d039, s=4, M[9])
movk x10, #0xe6db, lsl #16 // Load upper half of constant 0xe6db99e5
add w17, w17, w11 // Add dest value
eor x6, x6, x4 // End aux function round 3 H(x,y,z)=(x^y^z)
add w17, w17, w10 // Add constant 0xe6db99e5
add w17, w17, w6 // Add aux function result
eor x6, x4, x9 // Begin aux function round 3 H(x,y,z)=(x^y^z)
ror w17, w17, #21 // Rotate left s=11 bits
movz x13, #0x7cf8 // Load lower half of constant 0x1fa27cf8
add w17, w4, w17 // Add X parameter round 3 D=HH(D, A, B, C, 0xe6db99e5, s=11, M[12])
movk x13, #0x1fa2, lsl #16 // Load upper half of constant 0x1fa27cf8
add w8, w8, w27 // Add dest value
eor x6, x6, x17 // End aux function round 3 H(x,y,z)=(x^y^z)
add w8, w8, w13 // Add constant 0x1fa27cf8
add w8, w8, w6 // Add aux function result
ror w8, w8, #16 // Rotate left s=16 bits
eor x6, x17, x4 // Begin aux function round 3 H(x,y,z)=(x^y^z)
movz x13, #0x5665 // Load lower half of constant 0xc4ac5665
add w8, w17, w8 // Add X parameter round 3 C=HH(C, D, A, B, 0x1fa27cf8, s=16, M[15])
movk x13, #0xc4ac, lsl #16 // Load upper half of constant 0xc4ac5665
add w9, w9, w3 // Add dest value
eor x6, x6, x8 // End aux function round 3 H(x,y,z)=(x^y^z)
add w9, w9, w13 // Add constant 0xc4ac5665
add w9, w9, w6 // Add aux function result
ror w9, w9, #9 // Rotate left s=23 bits
movz x6, #0x2244 // Load lower half of constant 0xf4292244
movk x6, #0xf429, lsl #16 // Load upper half of constant 0xf4292244
add w9, w8, w9 // Add X parameter round 3 B=HH(B, C, D, A, 0xc4ac5665, s=23, M[2])
add w4, w4, w15 // Add dest value
orn x13, x9, x17 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w4, w4, w6 // Add constant 0xf4292244
eor x6, x8, x13 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w4, w4, w6 // Add aux function result
ror w4, w4, #26 // Rotate left s=6 bits
movz x6, #0xff97 // Load lower half of constant 0x432aff97
movk x6, #0x432a, lsl #16 // Load upper half of constant 0x432aff97
add w4, w9, w4 // Add X parameter round 4 A=II(A, B, C, D, 0xf4292244, s=6, M[0])
orn x10, x4, x8 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w17, w17, w23 // Add dest value
eor x10, x9, x10 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w17, w17, w6 // Add constant 0x432aff97
add w6, w17, w10 // Add aux function result
ror w6, w6, #22 // Rotate left s=10 bits
movz x17, #0x23a7 // Load lower half of constant 0xab9423a7
movk x17, #0xab94, lsl #16 // Load upper half of constant 0xab9423a7
add w6, w4, w6 // Add X parameter round 4 D=II(D, A, B, C, 0x432aff97, s=10, M[7])
add w8, w8, w12 // Add dest value
orn x10, x6, x9 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w8, w17 // Add constant 0xab9423a7
eor x17, x4, x10 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w8, w17 // Add aux function result
ror w8, w8, #17 // Rotate left s=15 bits
movz x17, #0xa039 // Load lower half of constant 0xfc93a039
movk x17, #0xfc93, lsl #16 // Load upper half of constant 0xfc93a039
add w8, w6, w8 // Add X parameter round 4 C=II(C, D, A, B, 0xab9423a7, s=15, M[14])
orn x13, x8, x4 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w9, w22 // Add dest value
eor x13, x6, x13 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w9, w17 // Add constant 0xfc93a039
add w17, w9, w13 // Add aux function result
ror w17, w17, #11 // Rotate left s=21 bits
movz x9, #0x59c3 // Load lower half of constant 0x655b59c3
movk x9, #0x655b, lsl #16 // Load upper half of constant 0x655b59c3
add w17, w8, w17 // Add X parameter round 4 B=II(B, C, D, A, 0xfc93a039, s=21, M[5])
add w4, w4, w11 // Add dest value
orn x13, x17, x6 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w4, w9 // Add constant 0x655b59c3
eor x4, x8, x13 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w9, w4 // Add aux function result
ror w9, w9, #26 // Rotate left s=6 bits
movz x4, #0xcc92 // Load lower half of constant 0x8f0ccc92
movk x4, #0x8f0c, lsl #16 // Load upper half of constant 0x8f0ccc92
add w9, w17, w9 // Add X parameter round 4 A=II(A, B, C, D, 0x655b59c3, s=6, M[12])
orn x10, x9, x8 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w6, w6, w21 // Add dest value
eor x10, x17, x10 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w4, w6, w4 // Add constant 0x8f0ccc92
add w6, w4, w10 // Add aux function result
ror w6, w6, #22 // Rotate left s=10 bits
movz x4, #0xf47d // Load lower half of constant 0xffeff47d
movk x4, #0xffef, lsl #16 // Load upper half of constant 0xffeff47d
add w6, w9, w6 // Add X parameter round 4 D=II(D, A, B, C, 0x8f0ccc92, s=10, M[3])
add w8, w8, w16 // Add dest value
orn x10, x6, x17 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w8, w4 // Add constant 0xffeff47d
eor x4, x9, x10 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w8, w4 // Add aux function result
ror w8, w8, #17 // Rotate left s=15 bits
movz x4, #0x5dd1 // Load lower half of constant 0x85845dd1
movk x4, #0x8584, lsl #16 // Load upper half of constant 0x85845dd1
add w8, w6, w8 // Add X parameter round 4 C=II(C, D, A, B, 0xffeff47d, s=15, M[10])
orn x10, x8, x9 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w17, w20 // Add dest value
eor x17, x6, x10 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w15, w4 // Add constant 0x85845dd1
add w4, w15, w17 // Add aux function result
ror w4, w4, #11 // Rotate left s=21 bits
movz x15, #0x7e4f // Load lower half of constant 0x6fa87e4f
movk x15, #0x6fa8, lsl #16 // Load upper half of constant 0x6fa87e4f
add w17, w8, w4 // Add X parameter round 4 B=II(B, C, D, A, 0x85845dd1, s=21, M[1])
add w4, w9, w5 // Add dest value
orn x9, x17, x6 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w4, w15 // Add constant 0x6fa87e4f
eor x4, x8, x9 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w15, w4 // Add aux function result
ror w9, w9, #26 // Rotate left s=6 bits
movz x15, #0xe6e0 // Load lower half of constant 0xfe2ce6e0
movk x15, #0xfe2c, lsl #16 // Load upper half of constant 0xfe2ce6e0
add w4, w17, w9 // Add X parameter round 4 A=II(A, B, C, D, 0x6fa87e4f, s=6, M[8])
orn x9, x4, x8 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w6, w6, w27 // Add dest value
eor x9, x17, x9 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w6, w15 // Add constant 0xfe2ce6e0
add w6, w15, w9 // Add aux function result
ror w6, w6, #22 // Rotate left s=10 bits
movz x9, #0x4314 // Load lower half of constant 0xa3014314
movk x9, #0xa301, lsl #16 // Load upper half of constant 0xa3014314
add w15, w4, w6 // Add X parameter round 4 D=II(D, A, B, C, 0xfe2ce6e0, s=10, M[15])
add w6, w8, w7 // Add dest value
orn x7, x15, x17 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w6, w9 // Add constant 0xa3014314
eor x9, x4, x7 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w6, w8, w9 // Add aux function result
ror w6, w6, #17 // Rotate left s=15 bits
movz x7, #0x11a1 // Load lower half of constant 0x4e0811a1
movk x7, #0x4e08, lsl #16 // Load upper half of constant 0x4e0811a1
add w8, w15, w6 // Add X parameter round 4 C=II(C, D, A, B, 0xa3014314, s=15, M[6])
orn x9, x8, x4 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w6, w17, w26 // Add dest value
eor x17, x15, x9 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w9, w6, w7 // Add constant 0x4e0811a1
add w7, w9, w17 // Add aux function result
ror w7, w7, #11 // Rotate left s=21 bits
movz x6, #0x7e82 // Load lower half of constant 0xf7537e82
movk x6, #0xf753, lsl #16 // Load upper half of constant 0xf7537e82
add w9, w8, w7 // Add X parameter round 4 B=II(B, C, D, A, 0x4e0811a1, s=21, M[13])
add w17, w4, w14 // Add dest value
orn x7, x9, x15 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w14, w17, w6 // Add constant 0xf7537e82
eor x4, x8, x7 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w17, w14, w4 // Add aux function result
ror w17, w17, #26 // Rotate left s=6 bits
movz x6, #0xf235 // Load lower half of constant 0xbd3af235
movk x6, #0xbd3a, lsl #16 // Load upper half of constant 0xbd3af235
add w7, w9, w17 // Add X parameter round 4 A=II(A, B, C, D, 0xf7537e82, s=6, M[4])
orn x14, x7, x8 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w4, w15, w25 // Add dest value
eor x17, x9, x14 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w4, w6 // Add constant 0xbd3af235
add w16, w15, w17 // Add aux function result
ror w16, w16, #22 // Rotate left s=10 bits
movz x14, #0xd2bb // Load lower half of constant 0x2ad7d2bb
movk x14, #0x2ad7, lsl #16 // Load upper half of constant 0x2ad7d2bb
add w4, w7, w16 // Add X parameter round 4 D=II(D, A, B, C, 0xbd3af235, s=10, M[11])
add w6, w8, w3 // Add dest value
orn x15, x4, x9 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w17, w6, w14 // Add constant 0x2ad7d2bb
eor x16, x7, x15 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w8, w17, w16 // Add aux function result
ror w8, w8, #17 // Rotate left s=15 bits
movz x3, #0xd391 // Load lower half of constant 0xeb86d391
movk x3, #0xeb86, lsl #16 // Load upper half of constant 0xeb86d391
add w14, w4, w8 // Add X parameter round 4 C=II(C, D, A, B, 0x2ad7d2bb, s=15, M[2])
orn x6, x14, x7 // Begin aux function round 4 I(x,y,z)=((~z|x)^y)
add w15, w9, w24 // Add dest value
eor x17, x4, x6 // End aux function round 4 I(x,y,z)=((~z|x)^y)
add w16, w15, w3 // Add constant 0xeb86d391
add w8, w16, w17 // Add aux function result
ror w8, w8, #11 // Rotate left s=21 bits
ldp w6, w15, [x0] // Reload MD5 state->A and state->B
ldp w5, w9, [x0, #8] // Reload MD5 state->C and state->D
add w3, w14, w8 // Add X parameter round 4 B=II(B, C, D, A, 0xeb86d391, s=21, M[9])
add w13, w4, w9 // Add result of MD5 rounds to state->D
add w12, w14, w5 // Add result of MD5 rounds to state->C
add w10, w7, w6 // Add result of MD5 rounds to state->A
add w11, w3, w15 // Add result of MD5 rounds to state->B
stp w12, w13, [x0, #8] // Store MD5 states C,D
stp w10, w11, [x0] // Store MD5 states A,B
add x1, x1, #64 // Increment data pointer
subs w2, w2, #1 // Decrement block counter
b.ne Lmd5_blocks_loop
ldp x21,x22,[sp,#16]
.cfi_restore x21
.cfi_restore x22
ldp x23,x24,[sp,#32]
.cfi_restore x23
.cfi_restore x24
ldp x25,x26,[sp,#48]
.cfi_restore x25
.cfi_restore x26
ldp x27,x28,[sp,#64]
.cfi_restore x27
.cfi_restore x28
ldp x19,x20,[sp],#80
.cfi_restore x19
.cfi_restore x20
.cfi_def_cfa_offset 0
ret
.cfi_endproc
EOF
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
# CONTEXT *context,DISPATCHER_CONTEXT *disp)
print $code;
close STDOUT or die "error closing STDOUT: $!";

387
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/asm/md5-x86_64.pl vendored Normal file
View File

@@ -0,0 +1,387 @@
#!/usr/bin/perl -w
#
# MD5 optimized for AMD64.
#
# Author: Marc Bevand <bevand_m (at) epita.fr>
# Licence: I hereby disclaim the copyright on this code and place it
# in the public domain.
#
use strict;
my $code;
# round1_step() does:
# dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = z' (copy of z for the next step)
# Each round1_step() takes about 5.3 clocks (9 instructions, 1.7 IPC)
sub round1_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= <<EOF;
xor $y, %r11d /* y ^ ... */
lea $T_i($dst,%r10d),$dst /* Const + dst + ... */
and $x, %r11d /* x & ... */
xor $z, %r11d /* z ^ ... */
mov $k_next*4(%rsi),%r10d /* (NEXT STEP) X[$k_next] */
add %r11d, $dst /* dst += ... */
rol \$$s, $dst /* dst <<< s */
mov $y, %r11d /* (NEXT STEP) z' = $y */
add $x, $dst /* dst += x */
EOF
}
# round2_step() does:
# dst = x + ((dst + G(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = z' (copy of z for the next step)
# %r12d = z' (copy of z for the next step)
sub round2_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
$code .= " mov 1*4(%rsi), %r10d /* (NEXT STEP) X[1] */\n" if ($pos == -1);
$code .= " mov %edx, %r11d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= " mov %edx, %r12d /* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
$code .= <<EOF;
not %r11d /* not z */
lea $T_i($dst,%r10d),$dst /* Const + dst + ... */
and $x, %r12d /* x & z */
and $y, %r11d /* y & (not z) */
mov $k_next*4(%rsi),%r10d /* (NEXT STEP) X[$k_next] */
add %r11d, $dst /* dst += (y & (not z)) */
mov $y, %r11d /* (NEXT STEP) z' = $y */
add %r12d, $dst /* dst += (x & z) */
mov $y, %r12d /* (NEXT STEP) z' = $y */
rol \$$s, $dst /* dst <<< s */
add $x, $dst /* dst += x */
EOF
}
# round3_step() does:
# dst = x + ((dst + H(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = y' (copy of y for the next step)
# Each round3_step() takes about 4.2 clocks (8 instructions, 1.9 IPC)
sub round3_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
$code .= " mov 5*4(%rsi), %r10d /* (NEXT STEP) X[5] */\n" if ($pos == -1);
$code .= " mov %ecx, %r11d /* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
$code .= <<EOF;
lea $T_i($dst,%r10d),$dst /* Const + dst + ... */
mov $k_next*4(%rsi),%r10d /* (NEXT STEP) X[$k_next] */
xor $z, %r11d /* z ^ ... */
xor $x, %r11d /* x ^ ... */
add %r11d, $dst /* dst += ... */
rol \$$s, $dst /* dst <<< s */
mov $x, %r11d /* (NEXT STEP) y' = $x */
add $x, $dst /* dst += x */
EOF
}
# round4_step() does:
# dst = x + ((dst + I(x,y,z) + X[k] + T_i) <<< s)
# %r10d = X[k_next]
# %r11d = not z' (copy of not z for the next step)
# Each round4_step() takes about 5.2 clocks (9 instructions, 1.7 IPC)
sub round4_step
{
my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
$code .= " mov 0*4(%rsi), %r10d /* (NEXT STEP) X[0] */\n" if ($pos == -1);
$code .= " mov \$0xffffffff, %r11d\n" if ($pos == -1);
$code .= " xor %edx, %r11d /* (NEXT STEP) not z' = not %edx*/\n"
if ($pos == -1);
$code .= <<EOF;
lea $T_i($dst,%r10d),$dst /* Const + dst + ... */
or $x, %r11d /* x | ... */
xor $y, %r11d /* y ^ ... */
add %r11d, $dst /* dst += ... */
mov $k_next*4(%rsi),%r10d /* (NEXT STEP) X[$k_next] */
mov \$0xffffffff, %r11d
rol \$$s, $dst /* dst <<< s */
xor $y, %r11d /* (NEXT STEP) not z' = not $y */
add $x, $dst /* dst += x */
EOF
}
no warnings qw(uninitialized);
# The first two arguments should always be the flavour and output file path.
if ($#ARGV < 1) { die "Not enough arguments provided.
Two arguments are necessary: the flavour and the output file path."; }
my $flavour = shift;
my $output = shift;
my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
( $xlate="${dir}../../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
$code .= <<EOF;
.text
.align 16
.globl md5_block_asm_data_order
.type md5_block_asm_data_order,\@function,3
md5_block_asm_data_order:
.cfi_startproc
_CET_ENDBR
push %rbp
.cfi_push rbp
push %rbx
.cfi_push rbx
push %r12
.cfi_push r12
push %r14
.cfi_push r14
push %r15
.cfi_push r15
.Lprologue:
# rdi = arg #1 (ctx, MD5_CTX pointer)
# rsi = arg #2 (ptr, data pointer)
# rdx = arg #3 (nbr, number of 16-word blocks to process)
mov %rdi, %rbp # rbp = ctx
shl \$6, %rdx # rdx = nbr in bytes
lea (%rsi,%rdx), %rdi # rdi = end
mov 0*4(%rbp), %eax # eax = ctx->A
mov 1*4(%rbp), %ebx # ebx = ctx->B
mov 2*4(%rbp), %ecx # ecx = ctx->C
mov 3*4(%rbp), %edx # edx = ctx->D
# end is 'rdi'
# ptr is 'rsi'
# A is 'eax'
# B is 'ebx'
# C is 'ecx'
# D is 'edx'
cmp %rdi, %rsi # cmp end with ptr
je .Lend # jmp if ptr == end
# BEGIN of loop over 16-word blocks
.Lloop: # save old values of A, B, C, D
mov %eax, %r8d
mov %ebx, %r9d
mov %ecx, %r14d
mov %edx, %r15d
EOF
round1_step(-1,'%eax','%ebx','%ecx','%edx', '1','0xd76aa478', '7');
round1_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xe8c7b756','12');
round1_step( 0,'%ecx','%edx','%eax','%ebx', '3','0x242070db','17');
round1_step( 0,'%ebx','%ecx','%edx','%eax', '4','0xc1bdceee','22');
round1_step( 0,'%eax','%ebx','%ecx','%edx', '5','0xf57c0faf', '7');
round1_step( 0,'%edx','%eax','%ebx','%ecx', '6','0x4787c62a','12');
round1_step( 0,'%ecx','%edx','%eax','%ebx', '7','0xa8304613','17');
round1_step( 0,'%ebx','%ecx','%edx','%eax', '8','0xfd469501','22');
round1_step( 0,'%eax','%ebx','%ecx','%edx', '9','0x698098d8', '7');
round1_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8b44f7af','12');
round1_step( 0,'%ecx','%edx','%eax','%ebx','11','0xffff5bb1','17');
round1_step( 0,'%ebx','%ecx','%edx','%eax','12','0x895cd7be','22');
round1_step( 0,'%eax','%ebx','%ecx','%edx','13','0x6b901122', '7');
round1_step( 0,'%edx','%eax','%ebx','%ecx','14','0xfd987193','12');
round1_step( 0,'%ecx','%edx','%eax','%ebx','15','0xa679438e','17');
round1_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x49b40821','22');
round2_step(-1,'%eax','%ebx','%ecx','%edx', '6','0xf61e2562', '5');
round2_step( 0,'%edx','%eax','%ebx','%ecx','11','0xc040b340', '9');
round2_step( 0,'%ecx','%edx','%eax','%ebx', '0','0x265e5a51','14');
round2_step( 0,'%ebx','%ecx','%edx','%eax', '5','0xe9b6c7aa','20');
round2_step( 0,'%eax','%ebx','%ecx','%edx','10','0xd62f105d', '5');
round2_step( 0,'%edx','%eax','%ebx','%ecx','15', '0x2441453', '9');
round2_step( 0,'%ecx','%edx','%eax','%ebx', '4','0xd8a1e681','14');
round2_step( 0,'%ebx','%ecx','%edx','%eax', '9','0xe7d3fbc8','20');
round2_step( 0,'%eax','%ebx','%ecx','%edx','14','0x21e1cde6', '5');
round2_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xc33707d6', '9');
round2_step( 0,'%ecx','%edx','%eax','%ebx', '8','0xf4d50d87','14');
round2_step( 0,'%ebx','%ecx','%edx','%eax','13','0x455a14ed','20');
round2_step( 0,'%eax','%ebx','%ecx','%edx', '2','0xa9e3e905', '5');
round2_step( 0,'%edx','%eax','%ebx','%ecx', '7','0xfcefa3f8', '9');
round2_step( 0,'%ecx','%edx','%eax','%ebx','12','0x676f02d9','14');
round2_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x8d2a4c8a','20');
round3_step(-1,'%eax','%ebx','%ecx','%edx', '8','0xfffa3942', '4');
round3_step( 0,'%edx','%eax','%ebx','%ecx','11','0x8771f681','11');
round3_step( 0,'%ecx','%edx','%eax','%ebx','14','0x6d9d6122','16');
round3_step( 0,'%ebx','%ecx','%edx','%eax', '1','0xfde5380c','23');
round3_step( 0,'%eax','%ebx','%ecx','%edx', '4','0xa4beea44', '4');
round3_step( 0,'%edx','%eax','%ebx','%ecx', '7','0x4bdecfa9','11');
round3_step( 0,'%ecx','%edx','%eax','%ebx','10','0xf6bb4b60','16');
round3_step( 0,'%ebx','%ecx','%edx','%eax','13','0xbebfbc70','23');
round3_step( 0,'%eax','%ebx','%ecx','%edx', '0','0x289b7ec6', '4');
round3_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xeaa127fa','11');
round3_step( 0,'%ecx','%edx','%eax','%ebx', '6','0xd4ef3085','16');
round3_step( 0,'%ebx','%ecx','%edx','%eax', '9', '0x4881d05','23');
round3_step( 0,'%eax','%ebx','%ecx','%edx','12','0xd9d4d039', '4');
round3_step( 0,'%edx','%eax','%ebx','%ecx','15','0xe6db99e5','11');
round3_step( 0,'%ecx','%edx','%eax','%ebx', '2','0x1fa27cf8','16');
round3_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xc4ac5665','23');
round4_step(-1,'%eax','%ebx','%ecx','%edx', '7','0xf4292244', '6');
round4_step( 0,'%edx','%eax','%ebx','%ecx','14','0x432aff97','10');
round4_step( 0,'%ecx','%edx','%eax','%ebx', '5','0xab9423a7','15');
round4_step( 0,'%ebx','%ecx','%edx','%eax','12','0xfc93a039','21');
round4_step( 0,'%eax','%ebx','%ecx','%edx', '3','0x655b59c3', '6');
round4_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8f0ccc92','10');
round4_step( 0,'%ecx','%edx','%eax','%ebx', '1','0xffeff47d','15');
round4_step( 0,'%ebx','%ecx','%edx','%eax', '8','0x85845dd1','21');
round4_step( 0,'%eax','%ebx','%ecx','%edx','15','0x6fa87e4f', '6');
round4_step( 0,'%edx','%eax','%ebx','%ecx', '6','0xfe2ce6e0','10');
round4_step( 0,'%ecx','%edx','%eax','%ebx','13','0xa3014314','15');
round4_step( 0,'%ebx','%ecx','%edx','%eax', '4','0x4e0811a1','21');
round4_step( 0,'%eax','%ebx','%ecx','%edx','11','0xf7537e82', '6');
round4_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xbd3af235','10');
round4_step( 0,'%ecx','%edx','%eax','%ebx', '9','0x2ad7d2bb','15');
round4_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xeb86d391','21');
$code .= <<EOF;
# add old values of A, B, C, D
add %r8d, %eax
add %r9d, %ebx
add %r14d, %ecx
add %r15d, %edx
# loop control
add \$64, %rsi # ptr += 64
cmp %rdi, %rsi # cmp end with ptr
jb .Lloop # jmp if ptr < end
# END of loop over 16-word blocks
.Lend:
mov %eax, 0*4(%rbp) # ctx->A = A
mov %ebx, 1*4(%rbp) # ctx->B = B
mov %ecx, 2*4(%rbp) # ctx->C = C
mov %edx, 3*4(%rbp) # ctx->D = D
mov (%rsp),%r15
.cfi_restore r15
mov 8(%rsp),%r14
.cfi_restore r14
mov 16(%rsp),%r12
.cfi_restore r12
mov 24(%rsp),%rbx
.cfi_restore rbx
mov 32(%rsp),%rbp
.cfi_restore rbp
add \$40,%rsp
.cfi_adjust_cfa_offset -40
.Lepilogue:
ret
.cfi_endproc
.size md5_block_asm_data_order,.-md5_block_asm_data_order
EOF
# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
# CONTEXT *context,DISPATCHER_CONTEXT *disp)
if ($win64) {
my $rec="%rcx";
my $frame="%rdx";
my $context="%r8";
my $disp="%r9";
$code.=<<___;
.extern __imp_RtlVirtualUnwind
.type se_handler,\@abi-omnipotent
.align 16
se_handler:
push %rsi
push %rdi
push %rbx
push %rbp
push %r12
push %r13
push %r14
push %r15
pushfq
sub \$64,%rsp
mov 120($context),%rax # pull context->Rax
mov 248($context),%rbx # pull context->Rip
lea .Lprologue(%rip),%r10
cmp %r10,%rbx # context->Rip<.Lprologue
jb .Lin_prologue
mov 152($context),%rax # pull context->Rsp
lea .Lepilogue(%rip),%r10
cmp %r10,%rbx # context->Rip>=.Lepilogue
jae .Lin_prologue
lea 40(%rax),%rax
mov -8(%rax),%rbp
mov -16(%rax),%rbx
mov -24(%rax),%r12
mov -32(%rax),%r14
mov -40(%rax),%r15
mov %rbx,144($context) # restore context->Rbx
mov %rbp,160($context) # restore context->Rbp
mov %r12,216($context) # restore context->R12
mov %r14,232($context) # restore context->R14
mov %r15,240($context) # restore context->R15
.Lin_prologue:
mov 8(%rax),%rdi
mov 16(%rax),%rsi
mov %rax,152($context) # restore context->Rsp
mov %rsi,168($context) # restore context->Rsi
mov %rdi,176($context) # restore context->Rdi
mov 40($disp),%rdi # disp->ContextRecord
mov $context,%rsi # context
mov \$154,%ecx # sizeof(CONTEXT)
.long 0xa548f3fc # cld; rep movsq
mov $disp,%rsi
xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER
mov 8(%rsi),%rdx # arg2, disp->ImageBase
mov 0(%rsi),%r8 # arg3, disp->ControlPc
mov 16(%rsi),%r9 # arg4, disp->FunctionEntry
mov 40(%rsi),%r10 # disp->ContextRecord
lea 56(%rsi),%r11 # &disp->HandlerData
lea 24(%rsi),%r12 # &disp->EstablisherFrame
mov %r10,32(%rsp) # arg5
mov %r11,40(%rsp) # arg6
mov %r12,48(%rsp) # arg7
mov %rcx,56(%rsp) # arg8, (NULL)
call *__imp_RtlVirtualUnwind(%rip)
mov \$1,%eax # ExceptionContinueSearch
add \$64,%rsp
popfq
pop %r15
pop %r14
pop %r13
pop %r12
pop %rbp
pop %rbx
pop %rdi
pop %rsi
ret
.size se_handler,.-se_handler
.section .pdata
.align 4
.rva .LSEH_begin_md5_block_asm_data_order
.rva .LSEH_end_md5_block_asm_data_order
.rva .LSEH_info_md5_block_asm_data_order
.section .xdata
.align 4
.LSEH_info_md5_block_asm_data_order:
.byte 9,0,0,0
.rva se_handler
___
}
print $code;
close STDOUT or die "error closing STDOUT: $!";

49
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/internal.h vendored Normal file
View File

@@ -0,0 +1,49 @@
// Copyright (c) 2018, Google Inc.
// SPDX-License-Identifier: ISC
#ifndef OPENSSL_HEADER_MD5_INTERNAL_H
#define OPENSSL_HEADER_MD5_INTERNAL_H
#include <openssl/base.h>
#if defined(__cplusplus)
extern "C" {
#endif
// MD5_CHAINING_LENGTH is the chaining length in bytes of MD5
// It corresponds to the length in bytes of the h part of the state
#define MD5_CHAINING_LENGTH 16
// MD5_Init_from_state is a low-level function that initializes |sha| with a
// custom state. |h| is the hash state in big endian. |n| is the number of bits
// processed at this point. It must be a multiple of |MD5_CBLOCK*8|.
// It returns one on success and zero on error.
// This function is for internal use only and should never be directly called.
OPENSSL_EXPORT int MD5_Init_from_state(MD5_CTX *sha,
const uint8_t h[MD5_CHAINING_LENGTH],
uint64_t n);
// MD5_get_state is a low-level function that exports the hash state in big
// endian into |out_n| and the number of bits processed at this point in
// |out_n|. |MD5_Final| must not have been called before (otherwise results
// are not guaranteed). Furthermore, the number of bytes processed by
// |MD5_Update| must be a multiple of the block length |MD5_CBLOCK|
// (otherwise it fails). It returns one on success and zero on error.
// This function is for internal use only and should never be directly called.
OPENSSL_EXPORT int MD5_get_state(MD5_CTX *ctx,
uint8_t out_h[MD5_CHAINING_LENGTH],
uint64_t *out_n);
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86_64) || defined(OPENSSL_X86) || defined(OPENSSL_AARCH64))
#define MD5_ASM
extern void md5_block_asm_data_order(uint32_t *state, const uint8_t *data,
size_t num);
#endif
#if defined(__cplusplus)
} // extern "C"
#endif
#endif // OPENSSL_HEADER_MD5_INTERNAL_H

270
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/md5.c vendored Normal file
View File

@@ -0,0 +1,270 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/md5.h>
#include <string.h>
#include <openssl/mem.h>
#include "../../internal.h"
#include "../digest/md32_common.h"
#include "internal.h"
uint8_t *MD5(const uint8_t *data, size_t len, uint8_t out[MD5_DIGEST_LENGTH]) {
MD5_CTX ctx;
MD5_Init(&ctx);
MD5_Update(&ctx, data, len);
MD5_Final(out, &ctx);
return out;
}
int MD5_Init(MD5_CTX *md5) {
OPENSSL_memset(md5, 0, sizeof(MD5_CTX));
md5->h[0] = 0x67452301UL;
md5->h[1] = 0xefcdab89UL;
md5->h[2] = 0x98badcfeUL;
md5->h[3] = 0x10325476UL;
return 1;
}
int MD5_Init_from_state(MD5_CTX *md5, const uint8_t h[MD5_CHAINING_LENGTH],
uint64_t n) {
if (n % ((uint64_t)MD5_CBLOCK * 8) != 0) {
// n is not a multiple of the block size in bits, so it fails
return 0;
}
OPENSSL_memset(md5, 0, sizeof(MD5_CTX));
const size_t out_words = MD5_CHAINING_LENGTH / 4;
for (size_t i = 0; i < out_words; i++) {
md5->h[i] = CRYPTO_load_u32_be(h);
h += 4;
}
md5->Nh = n >> 32;
md5->Nl = n & 0xffffffff;
return 1;
}
#if defined(MD5_ASM)
#define md5_block_data_order md5_block_asm_data_order
#else
static void md5_block_data_order(uint32_t *state, const uint8_t *data,
size_t num);
#endif
void MD5_Transform(MD5_CTX *c, const uint8_t data[MD5_CBLOCK]) {
md5_block_data_order(c->h, data, 1);
}
int MD5_Update(MD5_CTX *c, const void *data, size_t len) {
crypto_md32_update(&md5_block_data_order, c->h, c->data, MD5_CBLOCK, &c->num,
&c->Nh, &c->Nl, data, len);
return 1;
}
int MD5_Final(uint8_t out[MD5_DIGEST_LENGTH], MD5_CTX *c) {
crypto_md32_final(&md5_block_data_order, c->h, c->data, MD5_CBLOCK, &c->num,
c->Nh, c->Nl, /*is_big_endian=*/0);
CRYPTO_store_u32_le(out, c->h[0]);
CRYPTO_store_u32_le(out + 4, c->h[1]);
CRYPTO_store_u32_le(out + 8, c->h[2]);
CRYPTO_store_u32_le(out + 12, c->h[3]);
return 1;
}
int MD5_get_state(MD5_CTX *ctx, uint8_t out_h[MD5_CHAINING_LENGTH],
uint64_t *out_n) {
if (ctx->Nl % ((uint64_t)MD5_CBLOCK * 8) != 0) {
// ctx->Nl is not a multiple of the block size in bits, so it fails
return 0;
}
const size_t out_words = MD5_CHAINING_LENGTH / 4;
for (size_t i = 0; i < out_words; i++) {
CRYPTO_store_u32_be(out_h, ctx->h[i]);
out_h += 4;
}
*out_n = (((uint64_t)ctx->Nh) << 32) + ctx->Nl;
return 1;
}
// As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
// simplified to the code below. Wei attributes these optimizations
// to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
#define F(b, c, d) ((((c) ^ (d)) & (b)) ^ (d))
#define G(b, c, d) ((((b) ^ (c)) & (d)) ^ (c))
#define H(b, c, d) ((b) ^ (c) ^ (d))
#define I(b, c, d) (((~(d)) | (b)) ^ (c))
#define R0(a, b, c, d, k, s, t) \
do { \
(a) += ((k) + (t) + F((b), (c), (d))); \
(a) = CRYPTO_rotl_u32(a, s); \
(a) += (b); \
} while (0)
#define R1(a, b, c, d, k, s, t) \
do { \
(a) += ((k) + (t) + G((b), (c), (d))); \
(a) = CRYPTO_rotl_u32(a, s); \
(a) += (b); \
} while (0)
#define R2(a, b, c, d, k, s, t) \
do { \
(a) += ((k) + (t) + H((b), (c), (d))); \
(a) = CRYPTO_rotl_u32(a, s); \
(a) += (b); \
} while (0)
#define R3(a, b, c, d, k, s, t) \
do { \
(a) += ((k) + (t) + I((b), (c), (d))); \
(a) = CRYPTO_rotl_u32(a, s); \
(a) += (b); \
} while (0)
#ifndef MD5_ASM
#ifdef X
#undef X
#endif
static void md5_block_data_order(uint32_t *state, const uint8_t *data,
size_t num) {
uint32_t A, B, C, D;
uint32_t XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12,
XX13, XX14, XX15;
#define X(i) XX##i
A = state[0];
B = state[1];
C = state[2];
D = state[3];
for (; num--;) {
X(0) = CRYPTO_load_u32_le(data);
data += 4;
X(1) = CRYPTO_load_u32_le(data);
data += 4;
// Round 0
R0(A, B, C, D, X(0), 7, 0xd76aa478L);
X(2) = CRYPTO_load_u32_le(data);
data += 4;
R0(D, A, B, C, X(1), 12, 0xe8c7b756L);
X(3) = CRYPTO_load_u32_le(data);
data += 4;
R0(C, D, A, B, X(2), 17, 0x242070dbL);
X(4) = CRYPTO_load_u32_le(data);
data += 4;
R0(B, C, D, A, X(3), 22, 0xc1bdceeeL);
X(5) = CRYPTO_load_u32_le(data);
data += 4;
R0(A, B, C, D, X(4), 7, 0xf57c0fafL);
X(6) = CRYPTO_load_u32_le(data);
data += 4;
R0(D, A, B, C, X(5), 12, 0x4787c62aL);
X(7) = CRYPTO_load_u32_le(data);
data += 4;
R0(C, D, A, B, X(6), 17, 0xa8304613L);
X(8) = CRYPTO_load_u32_le(data);
data += 4;
R0(B, C, D, A, X(7), 22, 0xfd469501L);
X(9) = CRYPTO_load_u32_le(data);
data += 4;
R0(A, B, C, D, X(8), 7, 0x698098d8L);
X(10) = CRYPTO_load_u32_le(data);
data += 4;
R0(D, A, B, C, X(9), 12, 0x8b44f7afL);
X(11) = CRYPTO_load_u32_le(data);
data += 4;
R0(C, D, A, B, X(10), 17, 0xffff5bb1L);
X(12) = CRYPTO_load_u32_le(data);
data += 4;
R0(B, C, D, A, X(11), 22, 0x895cd7beL);
X(13) = CRYPTO_load_u32_le(data);
data += 4;
R0(A, B, C, D, X(12), 7, 0x6b901122L);
X(14) = CRYPTO_load_u32_le(data);
data += 4;
R0(D, A, B, C, X(13), 12, 0xfd987193L);
X(15) = CRYPTO_load_u32_le(data);
data += 4;
R0(C, D, A, B, X(14), 17, 0xa679438eL);
R0(B, C, D, A, X(15), 22, 0x49b40821L);
// Round 1
R1(A, B, C, D, X(1), 5, 0xf61e2562L);
R1(D, A, B, C, X(6), 9, 0xc040b340L);
R1(C, D, A, B, X(11), 14, 0x265e5a51L);
R1(B, C, D, A, X(0), 20, 0xe9b6c7aaL);
R1(A, B, C, D, X(5), 5, 0xd62f105dL);
R1(D, A, B, C, X(10), 9, 0x02441453L);
R1(C, D, A, B, X(15), 14, 0xd8a1e681L);
R1(B, C, D, A, X(4), 20, 0xe7d3fbc8L);
R1(A, B, C, D, X(9), 5, 0x21e1cde6L);
R1(D, A, B, C, X(14), 9, 0xc33707d6L);
R1(C, D, A, B, X(3), 14, 0xf4d50d87L);
R1(B, C, D, A, X(8), 20, 0x455a14edL);
R1(A, B, C, D, X(13), 5, 0xa9e3e905L);
R1(D, A, B, C, X(2), 9, 0xfcefa3f8L);
R1(C, D, A, B, X(7), 14, 0x676f02d9L);
R1(B, C, D, A, X(12), 20, 0x8d2a4c8aL);
// Round 2
R2(A, B, C, D, X(5), 4, 0xfffa3942L);
R2(D, A, B, C, X(8), 11, 0x8771f681L);
R2(C, D, A, B, X(11), 16, 0x6d9d6122L);
R2(B, C, D, A, X(14), 23, 0xfde5380cL);
R2(A, B, C, D, X(1), 4, 0xa4beea44L);
R2(D, A, B, C, X(4), 11, 0x4bdecfa9L);
R2(C, D, A, B, X(7), 16, 0xf6bb4b60L);
R2(B, C, D, A, X(10), 23, 0xbebfbc70L);
R2(A, B, C, D, X(13), 4, 0x289b7ec6L);
R2(D, A, B, C, X(0), 11, 0xeaa127faL);
R2(C, D, A, B, X(3), 16, 0xd4ef3085L);
R2(B, C, D, A, X(6), 23, 0x04881d05L);
R2(A, B, C, D, X(9), 4, 0xd9d4d039L);
R2(D, A, B, C, X(12), 11, 0xe6db99e5L);
R2(C, D, A, B, X(15), 16, 0x1fa27cf8L);
R2(B, C, D, A, X(2), 23, 0xc4ac5665L);
// Round 3
R3(A, B, C, D, X(0), 6, 0xf4292244L);
R3(D, A, B, C, X(7), 10, 0x432aff97L);
R3(C, D, A, B, X(14), 15, 0xab9423a7L);
R3(B, C, D, A, X(5), 21, 0xfc93a039L);
R3(A, B, C, D, X(12), 6, 0x655b59c3L);
R3(D, A, B, C, X(3), 10, 0x8f0ccc92L);
R3(C, D, A, B, X(10), 15, 0xffeff47dL);
R3(B, C, D, A, X(1), 21, 0x85845dd1L);
R3(A, B, C, D, X(8), 6, 0x6fa87e4fL);
R3(D, A, B, C, X(15), 10, 0xfe2ce6e0L);
R3(C, D, A, B, X(6), 15, 0xa3014314L);
R3(B, C, D, A, X(13), 21, 0x4e0811a1L);
R3(A, B, C, D, X(4), 6, 0xf7537e82L);
R3(D, A, B, C, X(11), 10, 0xbd3af235L);
R3(C, D, A, B, X(2), 15, 0x2ad7d2bbL);
R3(B, C, D, A, X(9), 21, 0xeb86d391L);
A = state[0] += A;
B = state[1] += B;
C = state[2] += C;
D = state[3] += D;
}
}
#undef X
#endif
#undef F
#undef G
#undef H
#undef I
#undef R0
#undef R1
#undef R2
#undef R3

23
vendor/aws-lc-sys/aws-lc/crypto/fipsmodule/md5/md5_test.cc vendored Normal file
View File

@@ -0,0 +1,23 @@
// Copyright (c) 2018, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/md5.h>
#include <gtest/gtest.h>
#include "internal.h"
#include "../../test/abi_test.h"
#if defined(MD5_ASM) && defined(SUPPORTS_ABI_TEST)
TEST(MD5Test, ABI) {
MD5_CTX ctx;
MD5_Init(&ctx);
static const uint8_t kBuf[MD5_CBLOCK * 8] = {0};
CHECK_ABI(md5_block_asm_data_order, ctx.h, kBuf, 1);
CHECK_ABI(md5_block_asm_data_order, ctx.h, kBuf, 2);
CHECK_ABI(md5_block_asm_data_order, ctx.h, kBuf, 4);
CHECK_ABI(md5_block_asm_data_order, ctx.h, kBuf, 8);
}
#endif // MD5_ASM && SUPPORTS_ABI_TEST