blob: 7c3a9d1e0297de9cafa9d56739add092d521f089 [file] [log] [blame] [edit]
/* Copyright 2016 The ChromiumOS Authors
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
#include "dcrypto.h"
#include "internal.h"
#include "registers.h"
#include "cryptoc/sha512.h"
#ifdef CRYPTO_TEST_SETUP
/* test and benchmark */
#include "common.h"
#include "console.h"
#include "hooks.h"
#include "task.h"
#define cyclecounter() GREG32(M3, DWT_CYCCNT)
#define START_PROFILE(x) \
{ \
x -= cyclecounter(); \
}
#define END_PROFILE(x) \
{ \
x += cyclecounter(); \
}
static uint32_t t_sw;
static uint32_t t_hw;
static uint32_t t_transform;
static uint32_t t_dcrypto;
#else /* CRYPTO_TEST_SETUP */
#define START_PROFILE(x)
#define END_PROFILE(x)
#endif /* CRYPTO_TEST_SETUP */
/* auto-generated from go test haven -test.run=TestSha512 -test.v */
/* clang-format off */
static const uint32_t IMEM_dcrypto[] = {
/* @0x0: function tag[1] { */
#define CF_tag_adr 0
0xf8000003, /* sigini #3 */
/* } */
/* @0x1: function expandw[84] { */
#define CF_expandw_adr 1
0x4c3def00, /* xor r15, r15, r15 */
0x803c0013, /* movi r15.0l, #19 */
0x80bc0016, /* movi r15.1l, #22 */
0x97800f00, /* ldrfp r15 */
0x05004003, /* loop #4 ( */
0x8c001800, /* ld *0, *0++ */
0x906c0800, /* st *0++, *3++ */
0xfc000000, /* nop */
/* ) */
0x0501004a, /* loop #16 ( */
0x684a6080, /* rshi r18, r0, r19 >> 128 */
0x68443340, /* rshi r17, r19, r1 >> 64 */
0x683e3201, /* rshi r15, r18, r17 >> 1 */
0x68423208, /* rshi r16, r18, r17 >> 8 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f207, /* rshi r16, r18, r31 >> 7 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x505df398, /* add r23, r19, r15 >> 192 */
0x505eb788, /* add r23, r23, r21 >> 64 */
0x684ac0c0, /* rshi r18, r0, r22 >> 192 */
0x68443680, /* rshi r17, r22, r1 >> 128 */
0x683e3213, /* rshi r15, r18, r17 >> 19 */
0x6842323d, /* rshi r16, r18, r17 >> 61 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f206, /* rshi r16, r18, r31 >> 6 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x505df798, /* add r23, r23, r15 >> 192 */
0x684a60c0, /* rshi r18, r0, r19 >> 192 */
0x68443380, /* rshi r17, r19, r1 >> 128 */
0x683e3201, /* rshi r15, r18, r17 >> 1 */
0x68423208, /* rshi r16, r18, r17 >> 8 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f207, /* rshi r16, r18, r31 >> 7 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x50627f88, /* add r24, r31, r19 >> 64 */
0x5061f898, /* add r24, r24, r15 >> 192 */
0x5062b890, /* add r24, r24, r21 >> 128 */
0x684416c0, /* rshi r17, r22, r0 >> 192 */
0x683e3613, /* rshi r15, r22, r17 >> 19 */
0x6842363d, /* rshi r16, r22, r17 >> 61 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f606, /* rshi r16, r22, r31 >> 6 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x5061f898, /* add r24, r24, r15 >> 192 */
0x684433c0, /* rshi r17, r19, r1 >> 192 */
0x683e3301, /* rshi r15, r19, r17 >> 1 */
0x68423308, /* rshi r16, r19, r17 >> 8 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f307, /* rshi r16, r19, r31 >> 7 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x50667f90, /* add r25, r31, r19 >> 128 */
0x5065f998, /* add r25, r25, r15 >> 192 */
0x5066b998, /* add r25, r25, r21 >> 192 */
0x684ae040, /* rshi r18, r0, r23 >> 64 */
0x683ef213, /* rshi r15, r18, r23 >> 19 */
0x6842f23d, /* rshi r16, r18, r23 >> 61 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f206, /* rshi r16, r18, r31 >> 6 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x5065f998, /* add r25, r25, r15 >> 192 */
0x684a8040, /* rshi r18, r0, r20 >> 64 */
0x683e9201, /* rshi r15, r18, r20 >> 1 */
0x68429208, /* rshi r16, r18, r20 >> 8 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f207, /* rshi r16, r18, r31 >> 7 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x506a7f98, /* add r26, r31, r19 >> 192 */
0x5069fa98, /* add r26, r26, r15 >> 192 */
0x506ada00, /* add r26, r26, r22 */
0x684b0040, /* rshi r18, r0, r24 >> 64 */
0x683f1213, /* rshi r15, r18, r24 >> 19 */
0x6843123d, /* rshi r16, r18, r24 >> 61 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x6843f206, /* rshi r16, r18, r31 >> 6 */
0x4c3e0f00, /* xor r15, r15, r16 */
0x5069fa98, /* add r26, r26, r15 >> 192 */
0x7c4c1400, /* mov r19, r20 */
0x7c501500, /* mov r20, r21 */
0x7c541600, /* mov r21, r22 */
0x685af640, /* rshi r22, r22, r23 >> 64 */
0x685b1640, /* rshi r22, r22, r24 >> 64 */
0x685b3640, /* rshi r22, r22, r25 >> 64 */
0x685b5640, /* rshi r22, r22, r26 >> 64 */
0x906c0100, /* st *1, *3++ */
/* ) */
0x0c000000, /* ret */
/* } */
/* @0x55: function Sha512_a[125] { */
#define CF_Sha512_a_adr 85
0x68580c40, /* rshi r22, r12, r0 >> 64 */
0x683c161c, /* rshi r15, r22, r0 >> 28 */
0x68541622, /* rshi r21, r22, r0 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x68541627, /* rshi r21, r22, r0 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x40402000, /* and r16, r0, r1 */
0x40544000, /* and r21, r0, r2 */
0x4c42b000, /* xor r16, r16, r21 */
0x40544100, /* and r21, r1, r2 */
0x4c42b000, /* xor r16, r16, r21 */
0x68458fc0, /* rshi r17, r15, r12 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x68588d40, /* rshi r22, r13, r4 >> 64 */
0x6848960e, /* rshi r18, r22, r4 >> 14 */
0x68549612, /* rshi r21, r22, r4 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684c9629, /* rshi r19, r22, r4 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404ca400, /* and r19, r4, r5 */
0x48548000, /* not r21, r4 */
0x4054d500, /* and r21, r21, r6 */
0x4c4eb300, /* xor r19, r19, r21 */
0x6851b2c0, /* rshi r20, r18, r13 >> 192 */
0x5050f400, /* add r20, r20, r7 */
0x50515480, /* add r20, r20, r10 >> 0 */
0x68558b00, /* rshi r21, r11, r12 >> 0 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x500e8300, /* add r3, r3, r20 */
0x501e3400, /* add r7, r20, r17 */
0x6858ec40, /* rshi r22, r12, r7 >> 64 */
0x683cf61c, /* rshi r15, r22, r7 >> 28 */
0x6854f622, /* rshi r21, r22, r7 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x6854f627, /* rshi r21, r22, r7 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x40400700, /* and r16, r7, r0 */
0x40542700, /* and r21, r7, r1 */
0x4c42b000, /* xor r16, r16, r21 */
0x40542000, /* and r21, r0, r1 */
0x4c42b000, /* xor r16, r16, r21 */
0x68458fc0, /* rshi r17, r15, r12 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x68586d40, /* rshi r22, r13, r3 >> 64 */
0x6848760e, /* rshi r18, r22, r3 >> 14 */
0x68547612, /* rshi r21, r22, r3 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684c7629, /* rshi r19, r22, r3 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404c8300, /* and r19, r3, r4 */
0x48546000, /* not r21, r3 */
0x4054b500, /* and r21, r21, r5 */
0x4c4eb300, /* xor r19, r19, r21 */
0x6851b2c0, /* rshi r20, r18, r13 >> 192 */
0x5050d400, /* add r20, r20, r6 */
0x50515488, /* add r20, r20, r10 >> 64 */
0x68558b40, /* rshi r21, r11, r12 >> 64 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x500a8200, /* add r2, r2, r20 */
0x501a3400, /* add r6, r20, r17 */
0x6858cc40, /* rshi r22, r12, r6 >> 64 */
0x683cd61c, /* rshi r15, r22, r6 >> 28 */
0x6854d622, /* rshi r21, r22, r6 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x6854d627, /* rshi r21, r22, r6 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x4040e600, /* and r16, r6, r7 */
0x40540600, /* and r21, r6, r0 */
0x4c42b000, /* xor r16, r16, r21 */
0x40540700, /* and r21, r7, r0 */
0x4c42b000, /* xor r16, r16, r21 */
0x68458fc0, /* rshi r17, r15, r12 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x68584d40, /* rshi r22, r13, r2 >> 64 */
0x6848560e, /* rshi r18, r22, r2 >> 14 */
0x68545612, /* rshi r21, r22, r2 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684c5629, /* rshi r19, r22, r2 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404c6200, /* and r19, r2, r3 */
0x48544000, /* not r21, r2 */
0x40549500, /* and r21, r21, r4 */
0x4c4eb300, /* xor r19, r19, r21 */
0x6851b2c0, /* rshi r20, r18, r13 >> 192 */
0x5050b400, /* add r20, r20, r5 */
0x50515490, /* add r20, r20, r10 >> 128 */
0x68558b80, /* rshi r21, r11, r12 >> 128 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x50068100, /* add r1, r1, r20 */
0x50163400, /* add r5, r20, r17 */
0x6858ac40, /* rshi r22, r12, r5 >> 64 */
0x683cb61c, /* rshi r15, r22, r5 >> 28 */
0x6854b622, /* rshi r21, r22, r5 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x6854b627, /* rshi r21, r22, r5 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x4040c500, /* and r16, r5, r6 */
0x4054e500, /* and r21, r5, r7 */
0x4c42b000, /* xor r16, r16, r21 */
0x4054e600, /* and r21, r6, r7 */
0x4c42b000, /* xor r16, r16, r21 */
0x68458fc0, /* rshi r17, r15, r12 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x68582d40, /* rshi r22, r13, r1 >> 64 */
0x6848360e, /* rshi r18, r22, r1 >> 14 */
0x68543612, /* rshi r21, r22, r1 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684c3629, /* rshi r19, r22, r1 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404c4100, /* and r19, r1, r2 */
0x48542000, /* not r21, r1 */
0x40547500, /* and r21, r21, r3 */
0x4c4eb300, /* xor r19, r19, r21 */
0x6851b2c0, /* rshi r20, r18, r13 >> 192 */
0x50509400, /* add r20, r20, r4 */
0x50515498, /* add r20, r20, r10 >> 192 */
0x68558bc0, /* rshi r21, r11, r12 >> 192 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x50028000, /* add r0, r0, r20 */
0x50123400, /* add r4, r20, r17 */
0x0c000000, /* ret */
/* } */
/* @0xd2: function Sha512_b[125] { */
#define CF_Sha512_b_adr 210
0x68588d40, /* rshi r22, r13, r4 >> 64 */
0x683c961c, /* rshi r15, r22, r4 >> 28 */
0x68549622, /* rshi r21, r22, r4 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x68549627, /* rshi r21, r22, r4 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x4040a400, /* and r16, r4, r5 */
0x4054c400, /* and r21, r4, r6 */
0x4c42b000, /* xor r16, r16, r21 */
0x4054c500, /* and r21, r5, r6 */
0x4c42b000, /* xor r16, r16, r21 */
0x6845afc0, /* rshi r17, r15, r13 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x68580c40, /* rshi r22, r12, r0 >> 64 */
0x6848160e, /* rshi r18, r22, r0 >> 14 */
0x68541612, /* rshi r21, r22, r0 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684c1629, /* rshi r19, r22, r0 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404c2000, /* and r19, r0, r1 */
0x48540000, /* not r21, r0 */
0x40545500, /* and r21, r21, r2 */
0x4c4eb300, /* xor r19, r19, r21 */
0x685192c0, /* rshi r20, r18, r12 >> 192 */
0x50507400, /* add r20, r20, r3 */
0x50515480, /* add r20, r20, r10 >> 0 */
0x6855ab00, /* rshi r21, r11, r13 >> 0 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x501e8700, /* add r7, r7, r20 */
0x500e3400, /* add r3, r20, r17 */
0x68586d40, /* rshi r22, r13, r3 >> 64 */
0x683c761c, /* rshi r15, r22, r3 >> 28 */
0x68547622, /* rshi r21, r22, r3 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x68547627, /* rshi r21, r22, r3 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x40408300, /* and r16, r3, r4 */
0x4054a300, /* and r21, r3, r5 */
0x4c42b000, /* xor r16, r16, r21 */
0x4054a400, /* and r21, r4, r5 */
0x4c42b000, /* xor r16, r16, r21 */
0x6845afc0, /* rshi r17, r15, r13 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x6858ec40, /* rshi r22, r12, r7 >> 64 */
0x6848f60e, /* rshi r18, r22, r7 >> 14 */
0x6854f612, /* rshi r21, r22, r7 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684cf629, /* rshi r19, r22, r7 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404c0700, /* and r19, r7, r0 */
0x4854e000, /* not r21, r7 */
0x40543500, /* and r21, r21, r1 */
0x4c4eb300, /* xor r19, r19, r21 */
0x685192c0, /* rshi r20, r18, r12 >> 192 */
0x50505400, /* add r20, r20, r2 */
0x50515488, /* add r20, r20, r10 >> 64 */
0x6855ab40, /* rshi r21, r11, r13 >> 64 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x501a8600, /* add r6, r6, r20 */
0x500a3400, /* add r2, r20, r17 */
0x68584d40, /* rshi r22, r13, r2 >> 64 */
0x683c561c, /* rshi r15, r22, r2 >> 28 */
0x68545622, /* rshi r21, r22, r2 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x68545627, /* rshi r21, r22, r2 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x40406200, /* and r16, r2, r3 */
0x40548200, /* and r21, r2, r4 */
0x4c42b000, /* xor r16, r16, r21 */
0x40548300, /* and r21, r3, r4 */
0x4c42b000, /* xor r16, r16, r21 */
0x6845afc0, /* rshi r17, r15, r13 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x6858cc40, /* rshi r22, r12, r6 >> 64 */
0x6848d60e, /* rshi r18, r22, r6 >> 14 */
0x6854d612, /* rshi r21, r22, r6 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684cd629, /* rshi r19, r22, r6 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404ce600, /* and r19, r6, r7 */
0x4854c000, /* not r21, r6 */
0x40541500, /* and r21, r21, r0 */
0x4c4eb300, /* xor r19, r19, r21 */
0x685192c0, /* rshi r20, r18, r12 >> 192 */
0x50503400, /* add r20, r20, r1 */
0x50515490, /* add r20, r20, r10 >> 128 */
0x6855ab80, /* rshi r21, r11, r13 >> 128 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x50168500, /* add r5, r5, r20 */
0x50063400, /* add r1, r20, r17 */
0x68582d40, /* rshi r22, r13, r1 >> 64 */
0x683c361c, /* rshi r15, r22, r1 >> 28 */
0x68543622, /* rshi r21, r22, r1 >> 34 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x68543627, /* rshi r21, r22, r1 >> 39 */
0x4c3eaf00, /* xor r15, r15, r21 */
0x40404100, /* and r16, r1, r2 */
0x40546100, /* and r21, r1, r3 */
0x4c42b000, /* xor r16, r16, r21 */
0x40546200, /* and r21, r2, r3 */
0x4c42b000, /* xor r16, r16, r21 */
0x6845afc0, /* rshi r17, r15, r13 >> 192 */
0x50461100, /* add r17, r17, r16 */
0x6858ac40, /* rshi r22, r12, r5 >> 64 */
0x6848b60e, /* rshi r18, r22, r5 >> 14 */
0x6854b612, /* rshi r21, r22, r5 >> 18 */
0x4c4ab200, /* xor r18, r18, r21 */
0x684cb629, /* rshi r19, r22, r5 >> 41 */
0x4c4a7200, /* xor r18, r18, r19 */
0x404cc500, /* and r19, r5, r6 */
0x4854a000, /* not r21, r5 */
0x4054f500, /* and r21, r21, r7 */
0x4c4eb300, /* xor r19, r19, r21 */
0x685192c0, /* rshi r20, r18, r12 >> 192 */
0x50501400, /* add r20, r20, r0 */
0x50515498, /* add r20, r20, r10 >> 192 */
0x6855abc0, /* rshi r21, r11, r13 >> 192 */
0x50567500, /* add r21, r21, r19 */
0x5052b400, /* add r20, r20, r21 */
0x50128400, /* add r4, r4, r20 */
0x50023400, /* add r0, r20, r17 */
0x0c000000, /* ret */
/* } */
/* @0x14f: function compress[70] { */
#define CF_compress_adr 335
0xfc000000, /* nop */
0x4c7fff00, /* xor r31, r31, r31 */
0x4c000000, /* xor r0, r0, r0 */
0x4c042100, /* xor r1, r1, r1 */
0x55000001, /* subi r0, r0, #1 */
0x55040101, /* subi r1, r1, #1 */
0x84204100, /* ldi r8, [#8] */
0x94800800, /* ldlc r8 */
0x4c3def00, /* xor r15, r15, r15 */
0x803c000a, /* movi r15.0l, #10 */
0x95800f00, /* lddmp r15 */
0x06000039, /* loop *0 ( */
0x953c0000, /* stdmp r15 */
0x81bc002a, /* movi r15.3l, #42 */
0x95800f00, /* lddmp r15 */
0x08000001, /* call &expandw */
0x84004000, /* ldi r0, [#0] */
0x84044020, /* ldi r1, [#1] */
0x84084040, /* ldi r2, [#2] */
0x840c4060, /* ldi r3, [#3] */
0x84104080, /* ldi r4, [#4] */
0x841440a0, /* ldi r5, [#5] */
0x841840c0, /* ldi r6, [#6] */
0x841c40e0, /* ldi r7, [#7] */
0x4c3def00, /* xor r15, r15, r15 */
0x803c0060, /* movi r15.0l, #96 */
0x80bc000a, /* movi r15.1l, #10 */
0x813c000b, /* movi r15.2l, #11 */
0x96800f00, /* lddrp r15 */
0x97800f00, /* ldrfp r15 */
0x953c0000, /* stdmp r15 */
0x81bc002a, /* movi r15.3l, #42 */
0x95800f00, /* lddmp r15 */
0x4c318c00, /* xor r12, r12, r12 */
0x4c35ad00, /* xor r13, r13, r13 */
0x55300c01, /* subi r12, r12, #1 */
0x55340d01, /* subi r13, r13, #1 */
0x0500a007, /* loop #10 ( */
0x8c440800, /* ldc *1, *0++ */
0x8c081b00, /* ld *2, *3++ */
0x08000055, /* call &Sha512_a */
0x8c440800, /* ldc *1, *0++ */
0x8c081b00, /* ld *2, *3++ */
0x080000d2, /* call &Sha512_b */
0xfc000000, /* nop */
/* ) */
0x843c4000, /* ldi r15, [#0] */
0x5001e000, /* add r0, r0, r15 */
0x843c4020, /* ldi r15, [#1] */
0x5005e100, /* add r1, r1, r15 */
0x843c4040, /* ldi r15, [#2] */
0x5009e200, /* add r2, r2, r15 */
0x843c4060, /* ldi r15, [#3] */
0x500de300, /* add r3, r3, r15 */
0x843c4080, /* ldi r15, [#4] */
0x5011e400, /* add r4, r4, r15 */
0x843c40a0, /* ldi r15, [#5] */
0x5015e500, /* add r5, r5, r15 */
0x843c40c0, /* ldi r15, [#6] */
0x5019e600, /* add r6, r6, r15 */
0x843c40e0, /* ldi r15, [#7] */
0x501de700, /* add r7, r7, r15 */
0x88004000, /* sti r0, [#0] */
0x88044020, /* sti r1, [#1] */
0x88084040, /* sti r2, [#2] */
0x880c4060, /* sti r3, [#3] */
0x88104080, /* sti r4, [#4] */
0x881440a0, /* sti r5, [#5] */
0x881840c0, /* sti r6, [#6] */
0x881c40e0, /* sti r7, [#7] */
/* ) */
0x0c000000, /* ret */
/* } */
};
/* clang-format on */
struct DMEM_sha512 {
uint64_t H0[4];
uint64_t H1[4];
uint64_t H2[4];
uint64_t H3[4];
uint64_t H4[4];
uint64_t H5[4];
uint64_t H6[4];
uint64_t H7[4];
uint32_t nblocks;
uint32_t unused[2 * 8 - 1];
uint32_t input[4 * 8 * 8]; // dmem[10..41]
};
static void copy_words(const void *in, uint32_t *dst, size_t nwords)
{
const uint32_t *src = (const uint32_t *) in;
do {
uint32_t w1 = __builtin_bswap32(*src++);
uint32_t w2 = __builtin_bswap32(*src++);
*dst++ = w2;
*dst++ = w1;
} while (nwords -= 2);
}
static void dcrypto_SHA512_setup(void)
{
dcrypto_imem_load(0, IMEM_dcrypto, ARRAY_SIZE(IMEM_dcrypto));
}
static void dcrypto_SHA512_Transform(LITE_SHA512_CTX *ctx, const uint32_t *buf,
size_t nwords)
{
int result = 0;
struct DMEM_sha512 *p512 =
(struct DMEM_sha512 *) GREG32_ADDR(CRYPTO, DMEM_DUMMY);
START_PROFILE(t_transform)
/* Pass in H[] */
p512->H0[0] = ctx->state[0];
p512->H1[0] = ctx->state[1];
p512->H2[0] = ctx->state[2];
p512->H3[0] = ctx->state[3];
p512->H4[0] = ctx->state[4];
p512->H5[0] = ctx->state[5];
p512->H6[0] = ctx->state[6];
p512->H7[0] = ctx->state[7];
p512->nblocks = nwords / 32;
/* Pass in buf[] */
copy_words(buf, p512->input, nwords);
START_PROFILE(t_dcrypto)
result |= dcrypto_call(CF_compress_adr);
END_PROFILE(t_dcrypto)
/* Retrieve new H[] */
ctx->state[0] = p512->H0[0];
ctx->state[1] = p512->H1[0];
ctx->state[2] = p512->H2[0];
ctx->state[3] = p512->H3[0];
ctx->state[4] = p512->H4[0];
ctx->state[5] = p512->H5[0];
ctx->state[6] = p512->H6[0];
ctx->state[7] = p512->H7[0];
/* TODO: errno or such to capture errors */
(void) (result == 0);
END_PROFILE(t_transform)
}
static void dcrypto_SHA512_update(LITE_SHA512_CTX *ctx, const void *data,
size_t len)
{
int i = (int) (ctx->count & (sizeof(ctx->buf) - 1));
const uint8_t *p = (const uint8_t *) data;
uint8_t *d = &ctx->buf[i];
ctx->count += len;
dcrypto_init_and_lock();
dcrypto_SHA512_setup();
/* Take fast path for 32-bit aligned 1KB inputs */
if (i == 0 && len == 1024 && (((intptr_t) data) & 3) == 0) {
dcrypto_SHA512_Transform(ctx, (const uint32_t *) data, 8 * 32);
} else {
if (len <= sizeof(ctx->buf) - i) {
memcpy(d, p, len);
if (len == sizeof(ctx->buf) - i) {
dcrypto_SHA512_Transform(
ctx, (uint32_t *) (ctx->buf), 32);
}
} else {
memcpy(d, p, sizeof(ctx->buf) - i);
dcrypto_SHA512_Transform(ctx, (uint32_t *) (ctx->buf),
32);
d = ctx->buf;
len -= (sizeof(ctx->buf) - i);
p += (sizeof(ctx->buf) - i);
while (len >= sizeof(ctx->buf)) {
memcpy(d, p, sizeof(ctx->buf));
p += sizeof(ctx->buf);
len -= sizeof(ctx->buf);
dcrypto_SHA512_Transform(
ctx, (uint32_t *) (ctx->buf), 32);
}
/* Leave remainder in ctx->buf */
memcpy(d, p, len);
}
}
dcrypto_unlock();
}
static const uint8_t *dcrypto_SHA512_final(LITE_SHA512_CTX *ctx)
{
uint64_t cnt = ctx->count * 8;
int i = (int) (ctx->count & (sizeof(ctx->buf) - 1));
uint8_t *p = &ctx->buf[i];
*p++ = 0x80;
i++;
dcrypto_init_and_lock();
dcrypto_SHA512_setup();
if (i > sizeof(ctx->buf) - 16) {
memset(p, 0, sizeof(ctx->buf) - i);
dcrypto_SHA512_Transform(ctx, (uint32_t *) (ctx->buf), 32);
i = 0;
p = ctx->buf;
}
memset(p, 0, sizeof(ctx->buf) - 8 - i);
p += sizeof(ctx->buf) - 8 - i;
for (i = 0; i < 8; ++i) {
uint8_t tmp = (uint8_t)(cnt >> 56);
cnt <<= 8;
*p++ = tmp;
}
dcrypto_SHA512_Transform(ctx, (uint32_t *) (ctx->buf), 32);
p = ctx->buf;
for (i = 0; i < 8; i++) {
uint64_t tmp = ctx->state[i];
*p++ = (uint8_t)(tmp >> 56);
*p++ = (uint8_t)(tmp >> 48);
*p++ = (uint8_t)(tmp >> 40);
*p++ = (uint8_t)(tmp >> 32);
*p++ = (uint8_t)(tmp >> 24);
*p++ = (uint8_t)(tmp >> 16);
*p++ = (uint8_t)(tmp >> 8);
*p++ = (uint8_t)(tmp >> 0);
}
dcrypto_unlock();
return ctx->buf;
}
const uint8_t *DCRYPTO_SHA512_hash(const void *data, size_t len,
uint8_t *digest)
{
LITE_SHA512_CTX ctx;
DCRYPTO_SHA512_init(&ctx);
dcrypto_SHA512_update(&ctx, data, len);
memcpy(digest, dcrypto_SHA512_final(&ctx), SHA512_DIGEST_SIZE);
return digest;
}
static const HASH_VTAB dcrypto_SHA512_VTAB = {
DCRYPTO_SHA512_init, dcrypto_SHA512_update, dcrypto_SHA512_final,
DCRYPTO_SHA512_hash, SHA512_DIGEST_SIZE};
void DCRYPTO_SHA512_init(LITE_SHA512_CTX *ctx)
{
SHA512_init(ctx);
ctx->f = &dcrypto_SHA512_VTAB;
}
#ifdef CRYPTO_TEST_SETUP
static uint32_t msg[256]; // 1KB
static int msg_len;
static int msg_loops;
static LITE_SHA512_CTX sw;
static LITE_SHA512_CTX hw;
static const uint8_t *sw_digest;
static const uint8_t *hw_digest;
static uint32_t t_sw;
static uint32_t t_hw;
static void run_sha512_cmd(void)
{
int i;
t_transform = 0;
t_dcrypto = 0;
t_sw = 0;
t_hw = 0;
START_PROFILE(t_sw)
SHA512_init(&sw);
for (i = 0; i < msg_loops; ++i) {
HASH_update(&sw, msg, msg_len);
}
sw_digest = HASH_final(&sw);
END_PROFILE(t_sw)
START_PROFILE(t_hw)
DCRYPTO_SHA512_init(&hw);
for (i = 0; i < msg_loops; ++i) {
HASH_update(&hw, msg, msg_len);
}
hw_digest = HASH_final(&hw);
END_PROFILE(t_hw)
ccprintf("sw(%u):\n", t_sw);
for (i = 0; i < 64; ++i)
ccprintf("%02x", sw_digest[i]);
ccprintf("\n");
ccprintf("hw(%u/%u/%u):\n", t_hw, t_transform, t_dcrypto);
for (i = 0; i < 64; ++i)
ccprintf("%02x", hw_digest[i]);
ccprintf("\n");
task_set_event(TASK_ID_CONSOLE, TASK_EVENT_CUSTOM_BIT(0), 0);
}
DECLARE_DEFERRED(run_sha512_cmd);
static int cmd_sha512_bench(int argc, char *argv[])
{
const int max_time = 1000000;
uint32_t events;
memset(msg, '!', sizeof(msg));
if (argc > 1) {
msg_loops = 1;
msg_len = strlen(argv[1]);
memcpy(msg, argv[1], msg_len);
} else {
msg_loops = 64; // benchmark 64K
msg_len = sizeof(msg);
}
hook_call_deferred(&run_sha512_cmd_data, 0);
ccprintf("Will wait up to %d ms\n", (max_time + 500) / 1000);
events = task_wait_event_mask(TASK_EVENT_CUSTOM_BIT(0), max_time);
if (!(events & TASK_EVENT_CUSTOM_BIT(0))) {
ccprintf("Timed out, you might want to reboot...\n");
return EC_ERROR_TIMEOUT;
}
return EC_SUCCESS;
}
DECLARE_SAFE_CONSOLE_COMMAND(sha512_bench, cmd_sha512_bench, NULL, NULL);
static void run_sha512_test(void)
{
int i;
for (i = 0; i < 129; ++i) {
memset(msg, i, i);
SHA512_init(&sw);
HASH_update(&sw, msg, i);
sw_digest = HASH_final(&sw);
DCRYPTO_SHA512_init(&hw);
HASH_update(&hw, msg, i);
hw_digest = HASH_final(&hw);
if (memcmp(sw_digest, hw_digest, SHA512_DIGEST_SIZE) != 0) {
ccprintf("sha512 self-test fail at %d!\n", i);
cflush();
}
}
ccprintf("sha512 self-test PASS!\n");
task_set_event(TASK_ID_CONSOLE, TASK_EVENT_CUSTOM_BIT(0), 0);
}
DECLARE_DEFERRED(run_sha512_test);
static int cmd_sha512_test(int argc, char *argv[])
{
hook_call_deferred(&run_sha512_test_data, 0);
task_wait_event_mask(TASK_EVENT_CUSTOM_BIT(0), 1000000);
return EC_SUCCESS;
}
DECLARE_SAFE_CONSOLE_COMMAND(sha512_test, cmd_sha512_test, NULL, NULL);
#endif /* CRYPTO_TEST_SETUP */