diff --git a/.travis.yml b/.travis.yml index 3b5713a4..44ced604 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,8 +7,7 @@ services: language: go go: - - "1.9.x" - - "1.10.x" + - "1.11.x" go_import_path: github.com/docker/distribution diff --git a/context/http.go b/context/http.go index b7447800..bc22f0bb 100644 --- a/context/http.go +++ b/context/http.go @@ -104,18 +104,6 @@ func GetRequestID(ctx context.Context) string { // WithResponseWriter returns a new context and response writer that makes // interesting response statistics available within the context. func WithResponseWriter(ctx context.Context, w http.ResponseWriter) (context.Context, http.ResponseWriter) { - if closeNotifier, ok := w.(http.CloseNotifier); ok { - irwCN := &instrumentedResponseWriterCN{ - instrumentedResponseWriter: instrumentedResponseWriter{ - ResponseWriter: w, - Context: ctx, - }, - CloseNotifier: closeNotifier, - } - - return irwCN, irwCN - } - irw := instrumentedResponseWriter{ ResponseWriter: w, Context: ctx, @@ -270,14 +258,6 @@ func (ctx *muxVarsContext) Value(key interface{}) interface{} { return ctx.Context.Value(key) } -// instrumentedResponseWriterCN provides response writer information in a -// context. It implements http.CloseNotifier so that users can detect -// early disconnects. -type instrumentedResponseWriterCN struct { - instrumentedResponseWriter - http.CloseNotifier -} - // instrumentedResponseWriter provides response writer information in a // context. This variant is only used in the case where CloseNotifier is not // implemented by the parent ResponseWriter. @@ -355,13 +335,3 @@ func (irw *instrumentedResponseWriter) Value(key interface{}) interface{} { fallback: return irw.Context.Value(key) } - -func (irw *instrumentedResponseWriterCN) Value(key interface{}) interface{} { - if keyStr, ok := key.(string); ok { - if keyStr == "http.response" { - return irw - } - } - - return irw.instrumentedResponseWriter.Value(key) -} diff --git a/registry/handlers/api_test.go b/registry/handlers/api_test.go index bed0ab2c..2544efba 100644 --- a/registry/handlers/api_test.go +++ b/registry/handlers/api_test.go @@ -2529,35 +2529,6 @@ func TestRegistryAsCacheMutationAPIs(t *testing.T) { } -// TestCheckContextNotifier makes sure the API endpoints get a ResponseWriter -// that implements http.ContextNotifier. -func TestCheckContextNotifier(t *testing.T) { - env := newTestEnv(t, false) - defer env.Shutdown() - - // Register a new endpoint for testing - env.app.router.Handle("/unittest/{name}/", env.app.dispatcher(func(ctx *Context, r *http.Request) http.Handler { - return handlers.MethodHandler{ - "GET": http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if _, ok := w.(http.CloseNotifier); !ok { - t.Fatal("could not cast ResponseWriter to CloseNotifier") - } - w.WriteHeader(200) - }), - } - })) - - resp, err := http.Get(env.server.URL + "/unittest/reponame/") - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - if resp.StatusCode != 200 { - t.Fatalf("wrong status code - expected 200, got %d", resp.StatusCode) - } -} - func TestProxyManifestGetByTag(t *testing.T) { truthConfig := configuration.Configuration{ Storage: configuration.Storage{ diff --git a/registry/handlers/helpers.go b/registry/handlers/helpers.go index 46ad797e..b02338e9 100644 --- a/registry/handlers/helpers.go +++ b/registry/handlers/helpers.go @@ -27,13 +27,7 @@ func closeResources(handler http.Handler, closers ...io.Closer) http.Handler { // The copy will be limited to `limit` bytes, if limit is greater than zero. func copyFullPayload(ctx context.Context, responseWriter http.ResponseWriter, r *http.Request, destWriter io.Writer, limit int64, action string) error { // Get a channel that tells us if the client disconnects - var clientClosed <-chan bool - if notifier, ok := responseWriter.(http.CloseNotifier); ok { - clientClosed = notifier.CloseNotify() - } else { - dcontext.GetLogger(ctx).Warnf("the ResponseWriter does not implement CloseNotifier (type: %T)", responseWriter) - } - + clientClosed := r.Context().Done() var body = r.Body if limit > 0 { body = http.MaxBytesReader(responseWriter, body, limit) diff --git a/registry/storage/blobwriter.go b/registry/storage/blobwriter.go index 2bb25dcc..54c79b6f 100644 --- a/registry/storage/blobwriter.go +++ b/registry/storage/blobwriter.go @@ -33,7 +33,7 @@ type blobWriter struct { id string startedAt time.Time digester digest.Digester - written int64 // track the contiguous write + written int64 // track the write to digester fileWriter storagedriver.FileWriter driver storagedriver.StorageDriver @@ -119,7 +119,12 @@ func (bw *blobWriter) Write(p []byte) (int, error) { return 0, err } - n, err := io.MultiWriter(bw.fileWriter, bw.digester.Hash()).Write(p) + _, err := bw.fileWriter.Write(p) + if err != nil { + return 0, err + } + + n, err := bw.digester.Hash().Write(p) bw.written += int64(n) return n, err @@ -133,7 +138,11 @@ func (bw *blobWriter) ReadFrom(r io.Reader) (n int64, err error) { return 0, err } - nn, err := io.Copy(io.MultiWriter(bw.fileWriter, bw.digester.Hash()), r) + // Using a TeeReader instead of MultiWriter ensures Copy returns + // the amount written to the digester as well as ensuring that we + // write to the fileWriter first + tee := io.TeeReader(r, bw.fileWriter) + nn, err := io.Copy(bw.digester.Hash(), tee) bw.written += nn return nn, err diff --git a/registry/storage/blobwriter_resumable.go b/registry/storage/blobwriter_resumable.go index b700982a..b970e865 100644 --- a/registry/storage/blobwriter_resumable.go +++ b/registry/storage/blobwriter_resumable.go @@ -4,17 +4,14 @@ package storage import ( "context" + "encoding" "fmt" + "hash" "path" "strconv" storagedriver "github.com/docker/distribution/registry/storage/driver" "github.com/sirupsen/logrus" - "github.com/stevvooe/resumable" - - // register resumable hashes with import - _ "github.com/stevvooe/resumable/sha256" - _ "github.com/stevvooe/resumable/sha512" ) // resumeDigest attempts to restore the state of the internal hash function @@ -24,12 +21,13 @@ func (bw *blobWriter) resumeDigest(ctx context.Context) error { return errResumableDigestNotAvailable } - h, ok := bw.digester.Hash().(resumable.Hash) + h, ok := bw.digester.Hash().(encoding.BinaryUnmarshaler) if !ok { return errResumableDigestNotAvailable } + offset := bw.fileWriter.Size() - if offset == h.Len() { + if offset == bw.written { // State of digester is already at the requested offset. return nil } @@ -52,20 +50,21 @@ func (bw *blobWriter) resumeDigest(ctx context.Context) error { if hashStateMatch.offset == 0 { // No need to load any state, just reset the hasher. - h.Reset() + h.(hash.Hash).Reset() } else { storedState, err := bw.driver.GetContent(ctx, hashStateMatch.path) if err != nil { return err } - if err = h.Restore(storedState); err != nil { + if err = h.UnmarshalBinary(storedState); err != nil { return err } + bw.written = hashStateMatch.offset } // Mind the gap. - if gapLen := offset - h.Len(); gapLen > 0 { + if gapLen := offset - bw.written; gapLen > 0 { return errResumableDigestNotAvailable } @@ -120,26 +119,26 @@ func (bw *blobWriter) storeHashState(ctx context.Context) error { return errResumableDigestNotAvailable } - h, ok := bw.digester.Hash().(resumable.Hash) + h, ok := bw.digester.Hash().(encoding.BinaryMarshaler) if !ok { return errResumableDigestNotAvailable } + state, err := h.MarshalBinary() + if err != nil { + return err + } + uploadHashStatePath, err := pathFor(uploadHashStatePathSpec{ name: bw.blobStore.repository.Named().String(), id: bw.id, alg: bw.digester.Digest().Algorithm(), - offset: h.Len(), + offset: bw.written, }) if err != nil { return err } - hashState, err := h.State() - if err != nil { - return err - } - - return bw.driver.PutContent(ctx, uploadHashStatePath, hashState) + return bw.driver.PutContent(ctx, uploadHashStatePath, state) } diff --git a/registry/storage/digester_resumable_test.go b/registry/storage/digester_resumable_test.go deleted file mode 100644 index 54ece3c4..00000000 --- a/registry/storage/digester_resumable_test.go +++ /dev/null @@ -1,22 +0,0 @@ -// +build !noresumabledigest - -package storage - -import ( - "testing" - - digest "github.com/opencontainers/go-digest" - "github.com/stevvooe/resumable" - _ "github.com/stevvooe/resumable/sha256" -) - -// TestResumableDetection just ensures that the resumable capability of a hash -// is exposed through the digester type, which is just a hash plus a Digest -// method. -func TestResumableDetection(t *testing.T) { - d := digest.Canonical.Digester() - - if _, ok := d.Hash().(resumable.Hash); !ok { - t.Fatalf("expected digester to implement resumable.Hash: %#v, %v", d, d.Hash()) - } -} diff --git a/registry/storage/driver/s3-aws/s3.go b/registry/storage/driver/s3-aws/s3.go index 9cd87dba..800435d0 100644 --- a/registry/storage/driver/s3-aws/s3.go +++ b/registry/storage/driver/s3-aws/s3.go @@ -476,11 +476,11 @@ func New(params DriverParameters) (*Driver, error) { // } d := &driver{ - S3: s3obj, - Bucket: params.Bucket, - ChunkSize: params.ChunkSize, - Encrypt: params.Encrypt, - KeyID: params.KeyID, + S3: s3obj, + Bucket: params.Bucket, + ChunkSize: params.ChunkSize, + Encrypt: params.Encrypt, + KeyID: params.KeyID, MultipartCopyChunkSize: params.MultipartCopyChunkSize, MultipartCopyMaxConcurrency: params.MultipartCopyMaxConcurrency, MultipartCopyThresholdSize: params.MultipartCopyThresholdSize, diff --git a/registry/storage/linkedblobstore.go b/registry/storage/linkedblobstore.go index 3fb1da26..de591c8a 100644 --- a/registry/storage/linkedblobstore.go +++ b/registry/storage/linkedblobstore.go @@ -312,14 +312,14 @@ func (lbs *linkedBlobStore) newBlobUpload(ctx context.Context, uuid, path string } bw := &blobWriter{ - ctx: ctx, - blobStore: lbs, - id: uuid, - startedAt: startedAt, - digester: digest.Canonical.Digester(), - fileWriter: fw, - driver: lbs.driver, - path: path, + ctx: ctx, + blobStore: lbs, + id: uuid, + startedAt: startedAt, + digester: digest.Canonical.Digester(), + fileWriter: fw, + driver: lbs.driver, + path: path, resumableDigestEnabled: lbs.resumableDigestEnabled, } diff --git a/registry/storage/linkedblobstore_test.go b/registry/storage/linkedblobstore_test.go index 85376f71..e0ffd279 100644 --- a/registry/storage/linkedblobstore_test.go +++ b/registry/storage/linkedblobstore_test.go @@ -162,8 +162,8 @@ type mockBlobDescriptorServiceFactory struct { func (f *mockBlobDescriptorServiceFactory) BlobAccessController(svc distribution.BlobDescriptorService) distribution.BlobDescriptorService { return &mockBlobDescriptorService{ BlobDescriptorService: svc, - t: f.t, - stats: f.stats, + t: f.t, + stats: f.stats, } } diff --git a/vendor.conf b/vendor.conf index e676bd8c..7aec1d05 100644 --- a/vendor.conf +++ b/vendor.conf @@ -30,7 +30,6 @@ github.com/prometheus/common 89604d197083d4781071d3c65855d24ecfb0a563 github.com/prometheus/procfs cb4147076ac75738c9a7d279075a253c0cc5acbd github.com/spf13/cobra 312092086bed4968099259622145a0c9ae280064 github.com/spf13/pflag 5644820622454e71517561946e3d94b9f9db6842 -github.com/stevvooe/resumable 2aaf90b2ceea5072cb503ef2a620b08ff3119870 github.com/xenolf/lego a9d8cec0e6563575e5868a005359ac97911b5985 github.com/yvasiyarov/go-metrics 57bccd1ccd43f94bb17fdd8bf3007059b802f85e github.com/yvasiyarov/gorelic a9bba5b9ab508a086f9a12b8c51fab68478e2128 diff --git a/vendor/github.com/stevvooe/resumable/LICENSE b/vendor/github.com/stevvooe/resumable/LICENSE deleted file mode 100644 index 2815cc36..00000000 --- a/vendor/github.com/stevvooe/resumable/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2012 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/vendor/github.com/stevvooe/resumable/README.md b/vendor/github.com/stevvooe/resumable/README.md deleted file mode 100644 index d2d3fb89..00000000 --- a/vendor/github.com/stevvooe/resumable/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# go-crypto -A Subset of the Go `crypto` Package with a Resumable Hash Interface - -### Documentation - -GoDocs: http://godoc.org/github.com/stevvooe/resumable diff --git a/vendor/github.com/stevvooe/resumable/resumable.go b/vendor/github.com/stevvooe/resumable/resumable.go deleted file mode 100644 index 62ec970a..00000000 --- a/vendor/github.com/stevvooe/resumable/resumable.go +++ /dev/null @@ -1,51 +0,0 @@ -// Package resumable registers resumable versions of hash functions. Resumable -// varieties of hash functions are available via the standard crypto package. -// Support can be checked by type assertion against the resumable.Hash -// interface. -// -// While one can use these sub-packages directly, it makes more sense to -// register them using side-effect imports: -// -// import _ "github.com/stevvooe/resumable/sha256" -// -// This will make the resumable hashes available to the application through -// the standard crypto package. For example, if a new sha256 is required, one -// should use the following: -// -// h := crypto.SHA256.New() -// -// Such a features allows one to control the inclusion of resumable hash -// support in a single file. Applications that require the resumable hash -// implementation can type switch to detect support, while other parts of the -// application can be completely oblivious to the presence of the alternative -// hash functions. -// -// Also note that the implementations available in this package are completely -// untouched from their Go counterparts in the standard library. Only an extra -// file is added to each package to implement the extra resumable hash -// functions. -package resumable - -import ( - "fmt" - "hash" -) - -var ( - // ErrBadState is returned if Restore fails post-unmarshaling validation. - ErrBadState = fmt.Errorf("bad hash state") -) - -// Hash is the common interface implemented by all resumable hash functions. -type Hash interface { - hash.Hash - - // Len returns the number of bytes written to the Hash so far. - Len() int64 - - // State returns a snapshot of the state of the Hash. - State() ([]byte, error) - - // Restore resets the Hash to the given state. - Restore(state []byte) error -} diff --git a/vendor/github.com/stevvooe/resumable/sha256/resume.go b/vendor/github.com/stevvooe/resumable/sha256/resume.go deleted file mode 100644 index 4e1cf4e6..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/resume.go +++ /dev/null @@ -1,71 +0,0 @@ -package sha256 - -import ( - "bytes" - "crypto" - "encoding/gob" - - "github.com/stevvooe/resumable" - // import to ensure that our init function runs after the standard package - _ "crypto/sha256" -) - -// Len returns the number of bytes which have been written to the digest. -func (d *digest) Len() int64 { - return int64(d.len) -} - -// State returns a snapshot of the state of the digest. -func (d *digest) State() ([]byte, error) { - var buf bytes.Buffer - encoder := gob.NewEncoder(&buf) - - function := crypto.SHA256 - if d.is224 { - function = crypto.SHA224 - } - - // We encode this way so that we do not have - // to export these fields of the digest struct. - vals := []interface{}{ - d.h, d.x, d.nx, d.len, function, - } - - for _, val := range vals { - if err := encoder.Encode(val); err != nil { - return nil, err - } - } - - return buf.Bytes(), nil -} - -// Restore resets the digest to the given state. -func (d *digest) Restore(state []byte) error { - decoder := gob.NewDecoder(bytes.NewReader(state)) - - var function uint - - // We decode this way so that we do not have - // to export these fields of the digest struct. - vals := []interface{}{ - &d.h, &d.x, &d.nx, &d.len, &function, - } - - for _, val := range vals { - if err := decoder.Decode(val); err != nil { - return err - } - } - - switch crypto.Hash(function) { - case crypto.SHA224: - d.is224 = true - case crypto.SHA256: - d.is224 = false - default: - return resumable.ErrBadState - } - - return nil -} diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256.go b/vendor/github.com/stevvooe/resumable/sha256/sha256.go deleted file mode 100644 index 74b05b92..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256.go +++ /dev/null @@ -1,193 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package sha256 implements the SHA224 and SHA256 hash algorithms as defined -// in FIPS 180-4. -package sha256 - -import ( - "crypto" - "hash" -) - -func init() { - crypto.RegisterHash(crypto.SHA224, New224) - crypto.RegisterHash(crypto.SHA256, New) -} - -// The size of a SHA256 checksum in bytes. -const Size = 32 - -// The size of a SHA224 checksum in bytes. -const Size224 = 28 - -// The blocksize of SHA256 and SHA224 in bytes. -const BlockSize = 64 - -const ( - chunk = 64 - init0 = 0x6A09E667 - init1 = 0xBB67AE85 - init2 = 0x3C6EF372 - init3 = 0xA54FF53A - init4 = 0x510E527F - init5 = 0x9B05688C - init6 = 0x1F83D9AB - init7 = 0x5BE0CD19 - init0_224 = 0xC1059ED8 - init1_224 = 0x367CD507 - init2_224 = 0x3070DD17 - init3_224 = 0xF70E5939 - init4_224 = 0xFFC00B31 - init5_224 = 0x68581511 - init6_224 = 0x64F98FA7 - init7_224 = 0xBEFA4FA4 -) - -// digest represents the partial evaluation of a checksum. -type digest struct { - h [8]uint32 - x [chunk]byte - nx int - len uint64 - is224 bool // mark if this digest is SHA-224 -} - -func (d *digest) Reset() { - if !d.is224 { - d.h[0] = init0 - d.h[1] = init1 - d.h[2] = init2 - d.h[3] = init3 - d.h[4] = init4 - d.h[5] = init5 - d.h[6] = init6 - d.h[7] = init7 - } else { - d.h[0] = init0_224 - d.h[1] = init1_224 - d.h[2] = init2_224 - d.h[3] = init3_224 - d.h[4] = init4_224 - d.h[5] = init5_224 - d.h[6] = init6_224 - d.h[7] = init7_224 - } - d.nx = 0 - d.len = 0 -} - -// New returns a new hash.Hash computing the SHA256 checksum. -func New() hash.Hash { - d := new(digest) - d.Reset() - return d -} - -// New224 returns a new hash.Hash computing the SHA224 checksum. -func New224() hash.Hash { - d := new(digest) - d.is224 = true - d.Reset() - return d -} - -func (d *digest) Size() int { - if !d.is224 { - return Size - } - return Size224 -} - -func (d *digest) BlockSize() int { return BlockSize } - -func (d *digest) Write(p []byte) (nn int, err error) { - nn = len(p) - d.len += uint64(nn) - if d.nx > 0 { - n := copy(d.x[d.nx:], p) - d.nx += n - if d.nx == chunk { - block(d, d.x[:]) - d.nx = 0 - } - p = p[n:] - } - if len(p) >= chunk { - n := len(p) &^ (chunk - 1) - block(d, p[:n]) - p = p[n:] - } - if len(p) > 0 { - d.nx = copy(d.x[:], p) - } - return -} - -func (d0 *digest) Sum(in []byte) []byte { - // Make a copy of d0 so that caller can keep writing and summing. - d := *d0 - hash := d.checkSum() - if d.is224 { - return append(in, hash[:Size224]...) - } - return append(in, hash[:]...) -} - -func (d *digest) checkSum() [Size]byte { - len := d.len - // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. - var tmp [64]byte - tmp[0] = 0x80 - if len%64 < 56 { - d.Write(tmp[0 : 56-len%64]) - } else { - d.Write(tmp[0 : 64+56-len%64]) - } - - // Length in bits. - len <<= 3 - for i := uint(0); i < 8; i++ { - tmp[i] = byte(len >> (56 - 8*i)) - } - d.Write(tmp[0:8]) - - if d.nx != 0 { - panic("d.nx != 0") - } - - h := d.h[:] - if d.is224 { - h = d.h[:7] - } - - var digest [Size]byte - for i, s := range h { - digest[i*4] = byte(s >> 24) - digest[i*4+1] = byte(s >> 16) - digest[i*4+2] = byte(s >> 8) - digest[i*4+3] = byte(s) - } - - return digest -} - -// Sum256 returns the SHA256 checksum of the data. -func Sum256(data []byte) [Size]byte { - var d digest - d.Reset() - d.Write(data) - return d.checkSum() -} - -// Sum224 returns the SHA224 checksum of the data. -func Sum224(data []byte) (sum224 [Size224]byte) { - var d digest - d.is224 = true - d.Reset() - d.Write(data) - sum := d.checkSum() - copy(sum224[:], sum[:Size224]) - return -} diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block.go b/vendor/github.com/stevvooe/resumable/sha256/sha256block.go deleted file mode 100644 index d43bbf02..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block.go +++ /dev/null @@ -1,126 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// SHA256 block step. -// In its own file so that a faster assembly or C version -// can be substituted easily. - -package sha256 - -var _K = []uint32{ - 0x428a2f98, - 0x71374491, - 0xb5c0fbcf, - 0xe9b5dba5, - 0x3956c25b, - 0x59f111f1, - 0x923f82a4, - 0xab1c5ed5, - 0xd807aa98, - 0x12835b01, - 0x243185be, - 0x550c7dc3, - 0x72be5d74, - 0x80deb1fe, - 0x9bdc06a7, - 0xc19bf174, - 0xe49b69c1, - 0xefbe4786, - 0x0fc19dc6, - 0x240ca1cc, - 0x2de92c6f, - 0x4a7484aa, - 0x5cb0a9dc, - 0x76f988da, - 0x983e5152, - 0xa831c66d, - 0xb00327c8, - 0xbf597fc7, - 0xc6e00bf3, - 0xd5a79147, - 0x06ca6351, - 0x14292967, - 0x27b70a85, - 0x2e1b2138, - 0x4d2c6dfc, - 0x53380d13, - 0x650a7354, - 0x766a0abb, - 0x81c2c92e, - 0x92722c85, - 0xa2bfe8a1, - 0xa81a664b, - 0xc24b8b70, - 0xc76c51a3, - 0xd192e819, - 0xd6990624, - 0xf40e3585, - 0x106aa070, - 0x19a4c116, - 0x1e376c08, - 0x2748774c, - 0x34b0bcb5, - 0x391c0cb3, - 0x4ed8aa4a, - 0x5b9cca4f, - 0x682e6ff3, - 0x748f82ee, - 0x78a5636f, - 0x84c87814, - 0x8cc70208, - 0x90befffa, - 0xa4506ceb, - 0xbef9a3f7, - 0xc67178f2, -} - -func blockGeneric(dig *digest, p []byte) { - var w [64]uint32 - h0, h1, h2, h3, h4, h5, h6, h7 := dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4], dig.h[5], dig.h[6], dig.h[7] - for len(p) >= chunk { - // Can interlace the computation of w with the - // rounds below if needed for speed. - for i := 0; i < 16; i++ { - j := i * 4 - w[i] = uint32(p[j])<<24 | uint32(p[j+1])<<16 | uint32(p[j+2])<<8 | uint32(p[j+3]) - } - for i := 16; i < 64; i++ { - v1 := w[i-2] - t1 := (v1>>17 | v1<<(32-17)) ^ (v1>>19 | v1<<(32-19)) ^ (v1 >> 10) - v2 := w[i-15] - t2 := (v2>>7 | v2<<(32-7)) ^ (v2>>18 | v2<<(32-18)) ^ (v2 >> 3) - w[i] = t1 + w[i-7] + t2 + w[i-16] - } - - a, b, c, d, e, f, g, h := h0, h1, h2, h3, h4, h5, h6, h7 - - for i := 0; i < 64; i++ { - t1 := h + ((e>>6 | e<<(32-6)) ^ (e>>11 | e<<(32-11)) ^ (e>>25 | e<<(32-25))) + ((e & f) ^ (^e & g)) + _K[i] + w[i] - - t2 := ((a>>2 | a<<(32-2)) ^ (a>>13 | a<<(32-13)) ^ (a>>22 | a<<(32-22))) + ((a & b) ^ (a & c) ^ (b & c)) - - h = g - g = f - f = e - e = d + t1 - d = c - c = b - b = a - a = t1 + t2 - } - - h0 += a - h1 += b - h2 += c - h3 += d - h4 += e - h5 += f - h6 += g - h7 += h - - p = p[chunk:] - } - - dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4], dig.h[5], dig.h[6], dig.h[7] = h0, h1, h2, h3, h4, h5, h6, h7 -} diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_386.s b/vendor/github.com/stevvooe/resumable/sha256/sha256block_386.s deleted file mode 100644 index 33ed027e..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_386.s +++ /dev/null @@ -1,283 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// SHA256 block routine. See sha256block.go for Go equivalent. -// -// The algorithm is detailed in FIPS 180-4: -// -// http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf -// -// Wt = Mt; for 0 <= t <= 15 -// Wt = SIGMA1(Wt-2) + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 -// -// a = H0 -// b = H1 -// c = H2 -// d = H3 -// e = H4 -// f = H5 -// g = H6 -// h = H7 -// -// for t = 0 to 63 { -// T1 = h + BIGSIGMA1(e) + Ch(e,f,g) + Kt + Wt -// T2 = BIGSIGMA0(a) + Maj(a,b,c) -// h = g -// g = f -// f = e -// e = d + T1 -// d = c -// c = b -// b = a -// a = T1 + T2 -// } -// -// H0 = a + H0 -// H1 = b + H1 -// H2 = c + H2 -// H3 = d + H3 -// H4 = e + H4 -// H5 = f + H5 -// H6 = g + H6 -// H7 = h + H7 - -// Wt = Mt; for 0 <= t <= 15 -#define MSGSCHEDULE0(index) \ - MOVL (index*4)(SI), AX; \ - BSWAPL AX; \ - MOVL AX, (index*4)(BP) - -// Wt = SIGMA1(Wt-2) + Wt-7 + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 -// SIGMA0(x) = ROTR(7,x) XOR ROTR(18,x) XOR SHR(3,x) -// SIGMA1(x) = ROTR(17,x) XOR ROTR(19,x) XOR SHR(10,x) -#define MSGSCHEDULE1(index) \ - MOVL ((index-2)*4)(BP), AX; \ - MOVL AX, CX; \ - RORL $17, AX; \ - MOVL CX, DX; \ - RORL $19, CX; \ - SHRL $10, DX; \ - MOVL ((index-15)*4)(BP), BX; \ - XORL CX, AX; \ - MOVL BX, CX; \ - XORL DX, AX; \ - RORL $7, BX; \ - MOVL CX, DX; \ - SHRL $3, DX; \ - RORL $18, CX; \ - ADDL ((index-7)*4)(BP), AX; \ - XORL CX, BX; \ - XORL DX, BX; \ - ADDL ((index-16)*4)(BP), BX; \ - ADDL BX, AX; \ - MOVL AX, ((index)*4)(BP) - -// Calculate T1 in AX - uses AX, BX, CX and DX registers. -// Wt is passed in AX. -// T1 = h + BIGSIGMA1(e) + Ch(e, f, g) + Kt + Wt -// BIGSIGMA1(x) = ROTR(6,x) XOR ROTR(11,x) XOR ROTR(25,x) -// Ch(x, y, z) = (x AND y) XOR (NOT x AND z) -#define SHA256T1(const, e, f, g, h) \ - MOVL (h*4)(DI), BX; \ - ADDL AX, BX; \ - MOVL (e*4)(DI), AX; \ - ADDL $const, BX; \ - MOVL (e*4)(DI), CX; \ - RORL $6, AX; \ - MOVL (e*4)(DI), DX; \ - RORL $11, CX; \ - XORL CX, AX; \ - MOVL (e*4)(DI), CX; \ - RORL $25, DX; \ - ANDL (f*4)(DI), CX; \ - XORL AX, DX; \ - MOVL (e*4)(DI), AX; \ - NOTL AX; \ - ADDL DX, BX; \ - ANDL (g*4)(DI), AX; \ - XORL CX, AX; \ - ADDL BX, AX - -// Calculate T2 in BX - uses AX, BX, CX and DX registers. -// T2 = BIGSIGMA0(a) + Maj(a, b, c) -// BIGSIGMA0(x) = ROTR(2,x) XOR ROTR(13,x) XOR ROTR(22,x) -// Maj(x, y, z) = (x AND y) XOR (x AND z) XOR (y AND z) -#define SHA256T2(a, b, c) \ - MOVL (a*4)(DI), AX; \ - MOVL (c*4)(DI), BX; \ - RORL $2, AX; \ - MOVL (a*4)(DI), DX; \ - ANDL (b*4)(DI), BX; \ - RORL $13, DX; \ - MOVL (a*4)(DI), CX; \ - ANDL (c*4)(DI), CX; \ - XORL DX, AX; \ - XORL CX, BX; \ - MOVL (a*4)(DI), DX; \ - MOVL (b*4)(DI), CX; \ - RORL $22, DX; \ - ANDL (a*4)(DI), CX; \ - XORL CX, BX; \ - XORL DX, AX; \ - ADDL AX, BX - -// Calculate T1 and T2, then e = d + T1 and a = T1 + T2. -// The values for e and a are stored in d and h, ready for rotation. -#define SHA256ROUND(index, const, a, b, c, d, e, f, g, h) \ - SHA256T1(const, e, f, g, h); \ - MOVL AX, 292(SP); \ - SHA256T2(a, b, c); \ - MOVL 292(SP), AX; \ - ADDL AX, BX; \ - ADDL AX, (d*4)(DI); \ - MOVL BX, (h*4)(DI) - -#define SHA256ROUND0(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE0(index); \ - SHA256ROUND(index, const, a, b, c, d, e, f, g, h) - -#define SHA256ROUND1(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE1(index); \ - SHA256ROUND(index, const, a, b, c, d, e, f, g, h) - -TEXT ·block(SB),0,$296-16 - MOVL p_base+4(FP), SI - MOVL p_len+8(FP), DX - SHRL $6, DX - SHLL $6, DX - - LEAL (SI)(DX*1), DI - MOVL DI, 288(SP) - CMPL SI, DI - JEQ end - - LEAL 256(SP), DI // variables - - MOVL dig+0(FP), BP - MOVL (0*4)(BP), AX // a = H0 - MOVL AX, (0*4)(DI) - MOVL (1*4)(BP), BX // b = H1 - MOVL BX, (1*4)(DI) - MOVL (2*4)(BP), CX // c = H2 - MOVL CX, (2*4)(DI) - MOVL (3*4)(BP), DX // d = H3 - MOVL DX, (3*4)(DI) - MOVL (4*4)(BP), AX // e = H4 - MOVL AX, (4*4)(DI) - MOVL (5*4)(BP), BX // f = H5 - MOVL BX, (5*4)(DI) - MOVL (6*4)(BP), CX // g = H6 - MOVL CX, (6*4)(DI) - MOVL (7*4)(BP), DX // h = H7 - MOVL DX, (7*4)(DI) - -loop: - MOVL SP, BP // message schedule - - SHA256ROUND0(0, 0x428a2f98, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND0(1, 0x71374491, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND0(2, 0xb5c0fbcf, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND0(3, 0xe9b5dba5, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND0(4, 0x3956c25b, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND0(5, 0x59f111f1, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND0(6, 0x923f82a4, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND0(7, 0xab1c5ed5, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND0(8, 0xd807aa98, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND0(9, 0x12835b01, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND0(10, 0x243185be, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND0(11, 0x550c7dc3, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND0(12, 0x72be5d74, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND0(13, 0x80deb1fe, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND0(14, 0x9bdc06a7, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND0(15, 0xc19bf174, 1, 2, 3, 4, 5, 6, 7, 0) - - SHA256ROUND1(16, 0xe49b69c1, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(17, 0xefbe4786, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(18, 0x0fc19dc6, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(19, 0x240ca1cc, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(20, 0x2de92c6f, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(21, 0x4a7484aa, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(22, 0x5cb0a9dc, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(23, 0x76f988da, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND1(24, 0x983e5152, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(25, 0xa831c66d, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(26, 0xb00327c8, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(27, 0xbf597fc7, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(28, 0xc6e00bf3, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(29, 0xd5a79147, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(30, 0x06ca6351, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(31, 0x14292967, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND1(32, 0x27b70a85, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(33, 0x2e1b2138, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(34, 0x4d2c6dfc, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(35, 0x53380d13, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(36, 0x650a7354, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(37, 0x766a0abb, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(38, 0x81c2c92e, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(39, 0x92722c85, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND1(40, 0xa2bfe8a1, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(41, 0xa81a664b, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(42, 0xc24b8b70, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(43, 0xc76c51a3, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(44, 0xd192e819, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(45, 0xd6990624, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(46, 0xf40e3585, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(47, 0x106aa070, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND1(48, 0x19a4c116, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(49, 0x1e376c08, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(50, 0x2748774c, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(51, 0x34b0bcb5, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(52, 0x391c0cb3, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(53, 0x4ed8aa4a, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(54, 0x5b9cca4f, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(55, 0x682e6ff3, 1, 2, 3, 4, 5, 6, 7, 0) - SHA256ROUND1(56, 0x748f82ee, 0, 1, 2, 3, 4, 5, 6, 7) - SHA256ROUND1(57, 0x78a5636f, 7, 0, 1, 2, 3, 4, 5, 6) - SHA256ROUND1(58, 0x84c87814, 6, 7, 0, 1, 2, 3, 4, 5) - SHA256ROUND1(59, 0x8cc70208, 5, 6, 7, 0, 1, 2, 3, 4) - SHA256ROUND1(60, 0x90befffa, 4, 5, 6, 7, 0, 1, 2, 3) - SHA256ROUND1(61, 0xa4506ceb, 3, 4, 5, 6, 7, 0, 1, 2) - SHA256ROUND1(62, 0xbef9a3f7, 2, 3, 4, 5, 6, 7, 0, 1) - SHA256ROUND1(63, 0xc67178f2, 1, 2, 3, 4, 5, 6, 7, 0) - - MOVL dig+0(FP), BP - MOVL (0*4)(BP), AX // H0 = a + H0 - ADDL (0*4)(DI), AX - MOVL AX, (0*4)(DI) - MOVL AX, (0*4)(BP) - MOVL (1*4)(BP), BX // H1 = b + H1 - ADDL (1*4)(DI), BX - MOVL BX, (1*4)(DI) - MOVL BX, (1*4)(BP) - MOVL (2*4)(BP), CX // H2 = c + H2 - ADDL (2*4)(DI), CX - MOVL CX, (2*4)(DI) - MOVL CX, (2*4)(BP) - MOVL (3*4)(BP), DX // H3 = d + H3 - ADDL (3*4)(DI), DX - MOVL DX, (3*4)(DI) - MOVL DX, (3*4)(BP) - MOVL (4*4)(BP), AX // H4 = e + H4 - ADDL (4*4)(DI), AX - MOVL AX, (4*4)(DI) - MOVL AX, (4*4)(BP) - MOVL (5*4)(BP), BX // H5 = f + H5 - ADDL (5*4)(DI), BX - MOVL BX, (5*4)(DI) - MOVL BX, (5*4)(BP) - MOVL (6*4)(BP), CX // H6 = g + H6 - ADDL (6*4)(DI), CX - MOVL CX, (6*4)(DI) - MOVL CX, (6*4)(BP) - MOVL (7*4)(BP), DX // H7 = h + H7 - ADDL (7*4)(DI), DX - MOVL DX, (7*4)(DI) - MOVL DX, (7*4)(BP) - - ADDL $64, SI - CMPL SI, 288(SP) - JB loop - -end: - RET diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_amd64.s b/vendor/github.com/stevvooe/resumable/sha256/sha256block_amd64.s deleted file mode 100644 index e9705b94..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_amd64.s +++ /dev/null @@ -1,1044 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -#include "textflag.h" - -// SHA256 block routine. See sha256block.go for Go equivalent. -// -// The algorithm is detailed in FIPS 180-4: -// -// http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf - -// The avx2-version is described in an Intel White-Paper: -// "Fast SHA-256 Implementations on Intel Architecture Processors" -// To find it, surf to http://www.intel.com/p/en_US/embedded -// and search for that title. -// AVX2 version by Intel, same algorithm as code in Linux kernel: -// https://github.com/torvalds/linux/blob/master/arch/x86/crypto/sha256-avx2-asm.S -// by -// James Guilford -// Kirk Yap -// Tim Chen - -// Wt = Mt; for 0 <= t <= 15 -// Wt = SIGMA1(Wt-2) + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 -// -// a = H0 -// b = H1 -// c = H2 -// d = H3 -// e = H4 -// f = H5 -// g = H6 -// h = H7 -// -// for t = 0 to 63 { -// T1 = h + BIGSIGMA1(e) + Ch(e,f,g) + Kt + Wt -// T2 = BIGSIGMA0(a) + Maj(a,b,c) -// h = g -// g = f -// f = e -// e = d + T1 -// d = c -// c = b -// b = a -// a = T1 + T2 -// } -// -// H0 = a + H0 -// H1 = b + H1 -// H2 = c + H2 -// H3 = d + H3 -// H4 = e + H4 -// H5 = f + H5 -// H6 = g + H6 -// H7 = h + H7 - -// Wt = Mt; for 0 <= t <= 15 -#define MSGSCHEDULE0(index) \ - MOVL (index*4)(SI), AX; \ - BSWAPL AX; \ - MOVL AX, (index*4)(BP) - -// Wt = SIGMA1(Wt-2) + Wt-7 + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 63 -// SIGMA0(x) = ROTR(7,x) XOR ROTR(18,x) XOR SHR(3,x) -// SIGMA1(x) = ROTR(17,x) XOR ROTR(19,x) XOR SHR(10,x) -#define MSGSCHEDULE1(index) \ - MOVL ((index-2)*4)(BP), AX; \ - MOVL AX, CX; \ - RORL $17, AX; \ - MOVL CX, DX; \ - RORL $19, CX; \ - SHRL $10, DX; \ - MOVL ((index-15)*4)(BP), BX; \ - XORL CX, AX; \ - MOVL BX, CX; \ - XORL DX, AX; \ - RORL $7, BX; \ - MOVL CX, DX; \ - SHRL $3, DX; \ - RORL $18, CX; \ - ADDL ((index-7)*4)(BP), AX; \ - XORL CX, BX; \ - XORL DX, BX; \ - ADDL ((index-16)*4)(BP), BX; \ - ADDL BX, AX; \ - MOVL AX, ((index)*4)(BP) - -// Calculate T1 in AX - uses AX, CX and DX registers. -// h is also used as an accumulator. Wt is passed in AX. -// T1 = h + BIGSIGMA1(e) + Ch(e, f, g) + Kt + Wt -// BIGSIGMA1(x) = ROTR(6,x) XOR ROTR(11,x) XOR ROTR(25,x) -// Ch(x, y, z) = (x AND y) XOR (NOT x AND z) -#define SHA256T1(const, e, f, g, h) \ - ADDL AX, h; \ - MOVL e, AX; \ - ADDL $const, h; \ - MOVL e, CX; \ - RORL $6, AX; \ - MOVL e, DX; \ - RORL $11, CX; \ - XORL CX, AX; \ - MOVL e, CX; \ - RORL $25, DX; \ - ANDL f, CX; \ - XORL AX, DX; \ - MOVL e, AX; \ - NOTL AX; \ - ADDL DX, h; \ - ANDL g, AX; \ - XORL CX, AX; \ - ADDL h, AX - -// Calculate T2 in BX - uses BX, CX, DX and DI registers. -// T2 = BIGSIGMA0(a) + Maj(a, b, c) -// BIGSIGMA0(x) = ROTR(2,x) XOR ROTR(13,x) XOR ROTR(22,x) -// Maj(x, y, z) = (x AND y) XOR (x AND z) XOR (y AND z) -#define SHA256T2(a, b, c) \ - MOVL a, DI; \ - MOVL c, BX; \ - RORL $2, DI; \ - MOVL a, DX; \ - ANDL b, BX; \ - RORL $13, DX; \ - MOVL a, CX; \ - ANDL c, CX; \ - XORL DX, DI; \ - XORL CX, BX; \ - MOVL a, DX; \ - MOVL b, CX; \ - RORL $22, DX; \ - ANDL a, CX; \ - XORL CX, BX; \ - XORL DX, DI; \ - ADDL DI, BX - -// Calculate T1 and T2, then e = d + T1 and a = T1 + T2. -// The values for e and a are stored in d and h, ready for rotation. -#define SHA256ROUND(index, const, a, b, c, d, e, f, g, h) \ - SHA256T1(const, e, f, g, h); \ - SHA256T2(a, b, c); \ - MOVL BX, h; \ - ADDL AX, d; \ - ADDL AX, h - -#define SHA256ROUND0(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE0(index); \ - SHA256ROUND(index, const, a, b, c, d, e, f, g, h) - -#define SHA256ROUND1(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE1(index); \ - SHA256ROUND(index, const, a, b, c, d, e, f, g, h) - - -// Definitions for AVX2 version - -// addm (mem), reg -// Add reg to mem using reg-mem add and store -#define addm(P1, P2) \ - ADDL P2, P1; \ - MOVL P1, P2 - -#define XDWORD0 Y4 -#define XDWORD1 Y5 -#define XDWORD2 Y6 -#define XDWORD3 Y7 - -#define XWORD0 X4 -#define XWORD1 X5 -#define XWORD2 X6 -#define XWORD3 X7 - -#define XTMP0 Y0 -#define XTMP1 Y1 -#define XTMP2 Y2 -#define XTMP3 Y3 -#define XTMP4 Y8 -#define XTMP5 Y11 - -#define XFER Y9 - -#define BYTE_FLIP_MASK Y13 // mask to convert LE -> BE -#define X_BYTE_FLIP_MASK X13 - -#define NUM_BYTES DX -#define INP DI - -#define CTX SI // Beginning of digest in memory (a, b, c, ... , h) - -#define a AX -#define b BX -#define c CX -#define d R8 -#define e DX -#define f R9 -#define g R10 -#define h R11 - -#define old_h R11 - -#define TBL BP - -#define SRND SI // SRND is same register as CTX - -#define T1 R12 - -#define y0 R13 -#define y1 R14 -#define y2 R15 -#define y3 DI - -// Offsets -#define XFER_SIZE 2*64*4 -#define INP_END_SIZE 8 -#define INP_SIZE 8 -#define TMP_SIZE 4 - -#define _XFER 0 -#define _INP_END _XFER + XFER_SIZE -#define _INP _INP_END + INP_END_SIZE -#define _TMP _INP + INP_SIZE -#define STACK_SIZE _TMP + TMP_SIZE - -#define ROUND_AND_SCHED_N_0(disp, a, b, c, d, e, f, g, h, XDWORD0, XDWORD1, XDWORD2, XDWORD3) \ - ; \ // ############################# RND N + 0 ############################// - MOVL a, y3; \ // y3 = a // MAJA - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - ; \ - ADDL (disp + 0*4)(SP)(SRND*1), h; \ // h = k + w + h // disp = k + w - ORL c, y3; \ // y3 = a|c // MAJA - VPALIGNR $4, XDWORD2, XDWORD3, XTMP0; \ // XTMP0 = W[-7] - MOVL f, y2; \ // y2 = f // CH - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - XORL g, y2; \ // y2 = f^g // CH - VPADDD XDWORD0, XTMP0, XTMP0; \ // XTMP0 = W[-7] + W[-16] // y1 = (e >> 6) // S1 - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ; \ - ANDL e, y2; \ // y2 = (f^g)&e // CH - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - ADDL h, d; \ // d = k + w + h + d // -- - ; \ - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - VPALIGNR $4, XDWORD0, XDWORD1, XTMP1; \ // XTMP1 = W[-15] - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ; \ - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - VPSRLD $7, XTMP1, XTMP2; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL c, T1; \ // T1 = a&c // MAJB - ; \ - ADDL y0, y2; \ // y2 = S1 + CH // -- - VPSLLD $(32-7), XTMP1, XTMP3; \ - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ; \ - ADDL y2, d; \ // d = k + w + h + d + S1 + CH = d + t1 // -- - VPOR XTMP2, XTMP3, XTMP3; \ // XTMP3 = W[-15] ror 7 - ; \ - VPSRLD $18, XTMP1, XTMP2; \ - ADDL y2, h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - ADDL y3, h // h = t1 + S0 + MAJ // -- - -#define ROUND_AND_SCHED_N_1(disp, a, b, c, d, e, f, g, h, XDWORD0, XDWORD1, XDWORD2, XDWORD3) \ - ; \ // ################################### RND N + 1 ############################ - ; \ - MOVL a, y3; \ // y3 = a // MAJA - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - ADDL (disp + 1*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - VPSRLD $3, XTMP1, XTMP4; \ // XTMP4 = W[-15] >> 3 - MOVL f, y2; \ // y2 = f // CH - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - XORL g, y2; \ // y2 = f^g // CH - ; \ - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - ANDL e, y2; \ // y2 = (f^g)&e // CH - ADDL h, d; \ // d = k + w + h + d // -- - ; \ - VPSLLD $(32-18), XTMP1, XTMP1; \ - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - ; \ - VPXOR XTMP1, XTMP3, XTMP3; \ - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - ; \ - VPXOR XTMP2, XTMP3, XTMP3; \ // XTMP3 = W[-15] ror 7 ^ W[-15] ror 18 - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - VPXOR XTMP4, XTMP3, XTMP1; \ // XTMP1 = s0 - VPSHUFD $0xFA, XDWORD3, XTMP2; \ // XTMP2 = W[-2] {BBAA} - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ; \ - VPADDD XTMP1, XTMP0, XTMP0; \ // XTMP0 = W[-16] + W[-7] + s0 - ADDL y2, d; \ // d = k + w + h + d + S1 + CH = d + t1 // -- - ADDL y2, h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - ADDL y3, h; \ // h = t1 + S0 + MAJ // -- - ; \ - VPSRLD $10, XTMP2, XTMP4 // XTMP4 = W[-2] >> 10 {BBAA} - -#define ROUND_AND_SCHED_N_2(disp, a, b, c, d, e, f, g, h, XDWORD0, XDWORD1, XDWORD2, XDWORD3) \ - ; \ // ################################### RND N + 2 ############################ - ; \ - MOVL a, y3; \ // y3 = a // MAJA - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - ADDL (disp + 2*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ; \ - VPSRLQ $19, XTMP2, XTMP3; \ // XTMP3 = W[-2] ror 19 {xBxA} - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - ORL c, y3; \ // y3 = a|c // MAJA - MOVL f, y2; \ // y2 = f // CH - XORL g, y2; \ // y2 = f^g // CH - ; \ - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - VPSRLQ $17, XTMP2, XTMP2; \ // XTMP2 = W[-2] ror 17 {xBxA} - ANDL e, y2; \ // y2 = (f^g)&e // CH - ; \ - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - VPXOR XTMP3, XTMP2, XTMP2; \ - ADDL h, d; \ // d = k + w + h + d // -- - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - VPXOR XTMP2, XTMP4, XTMP4; \ // XTMP4 = s1 {xBxA} - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - ; \ - MOVL f, _TMP(SP); \ - MOVQ $shuff_00BA<>(SB), f; \ // f is used to keep SHUF_00BA - VPSHUFB (f), XTMP4, XTMP4; \ // XTMP4 = s1 {00BA} - MOVL _TMP(SP), f; \ // f is restored - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - VPADDD XTMP4, XTMP0, XTMP0; \ // XTMP0 = {..., ..., W[1], W[0]} - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - VPSHUFD $80, XTMP0, XTMP2; \ // XTMP2 = W[-2] {DDCC} - ; \ - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ADDL y2, d; \ // d = k + w + h + d + S1 + CH = d + t1 // -- - ADDL y2, h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - ; \ - ADDL y3, h // h = t1 + S0 + MAJ // -- - -#define ROUND_AND_SCHED_N_3(disp, a, b, c, d, e, f, g, h, XDWORD0, XDWORD1, XDWORD2, XDWORD3) \ - ; \ // ################################### RND N + 3 ############################ - ; \ - MOVL a, y3; \ // y3 = a // MAJA - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - ADDL (disp + 3*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - VPSRLD $10, XTMP2, XTMP5; \ // XTMP5 = W[-2] >> 10 {DDCC} - MOVL f, y2; \ // y2 = f // CH - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - XORL g, y2; \ // y2 = f^g // CH - ; \ - VPSRLQ $19, XTMP2, XTMP3; \ // XTMP3 = W[-2] ror 19 {xDxC} - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ANDL e, y2; \ // y2 = (f^g)&e // CH - ADDL h, d; \ // d = k + w + h + d // -- - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ; \ - VPSRLQ $17, XTMP2, XTMP2; \ // XTMP2 = W[-2] ror 17 {xDxC} - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - ; \ - VPXOR XTMP3, XTMP2, XTMP2; \ - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - VPXOR XTMP2, XTMP5, XTMP5; \ // XTMP5 = s1 {xDxC} - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - ADDL y2, d; \ // d = k + w + h + d + S1 + CH = d + t1 // -- - ; \ - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ; \ - MOVL f, _TMP(SP); \ // Save f - MOVQ $shuff_DC00<>(SB), f; \ // SHUF_00DC - VPSHUFB (f), XTMP5, XTMP5; \ // XTMP5 = s1 {DC00} - MOVL _TMP(SP), f; \ // Restore f - ; \ - VPADDD XTMP0, XTMP5, XDWORD0; \ // XDWORD0 = {W[3], W[2], W[1], W[0]} - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL c, T1; \ // T1 = a&c // MAJB - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ; \ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ADDL y2, h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - ADDL y3, h // h = t1 + S0 + MAJ // -- - -#define DO_ROUND_N_0(disp, a, b, c, d, e, f, g, h, old_h) \ - ; \ // ################################### RND N + 0 ########################### - MOVL f, y2; \ // y2 = f // CH - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - XORL g, y2; \ // y2 = f^g // CH - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ANDL e, y2; \ // y2 = (f^g)&e // CH - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - MOVL a, y3; \ // y3 = a // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ADDL (disp + 0*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - ADDL h, d; \ // d = k + w + h + d // -- - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ADDL y2, d // d = k + w + h + d + S1 + CH = d + t1 // -- - -#define DO_ROUND_N_1(disp, a, b, c, d, e, f, g, h, old_h) \ - ; \ // ################################### RND N + 1 ########################### - ADDL y2, old_h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0 // -- - MOVL f, y2; \ // y2 = f // CH - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - XORL g, y2; \ // y2 = f^g // CH - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ANDL e, y2; \ // y2 = (f^g)&e // CH - ADDL y3, old_h; \ // h = t1 + S0 + MAJ // -- - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - MOVL a, y3; \ // y3 = a // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ADDL (disp + 1*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - ADDL h, d; \ // d = k + w + h + d // -- - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ; \ - ADDL y2, d // d = k + w + h + d + S1 + CH = d + t1 // -- - -#define DO_ROUND_N_2(disp, a, b, c, d, e, f, g, h, old_h) \ - ; \ // ################################### RND N + 2 ############################## - ADDL y2, old_h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - MOVL f, y2; \ // y2 = f // CH - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - XORL g, y2; \ // y2 = f^g // CH - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ANDL e, y2; \ // y2 = (f^g)&e // CH - ADDL y3, old_h; \ // h = t1 + S0 + MAJ // -- - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - MOVL a, y3; \ // y3 = a // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ADDL (disp + 2*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - ADDL h, d; \ // d = k + w + h + d // -- - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ; \ - ADDL y2, d // d = k + w + h + d + S1 + CH = d + t1 // -- - -#define DO_ROUND_N_3(disp, a, b, c, d, e, f, g, h, old_h) \ - ; \ // ################################### RND N + 3 ########################### - ADDL y2, old_h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - MOVL f, y2; \ // y2 = f // CH - RORXL $25, e, y0; \ // y0 = e >> 25 // S1A - RORXL $11, e, y1; \ // y1 = e >> 11 // S1B - XORL g, y2; \ // y2 = f^g // CH - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) // S1 - RORXL $6, e, y1; \ // y1 = (e >> 6) // S1 - ANDL e, y2; \ // y2 = (f^g)&e // CH - ADDL y3, old_h; \ // h = t1 + S0 + MAJ // -- - ; \ - XORL y1, y0; \ // y0 = (e>>25) ^ (e>>11) ^ (e>>6) // S1 - RORXL $13, a, T1; \ // T1 = a >> 13 // S0B - XORL g, y2; \ // y2 = CH = ((f^g)&e)^g // CH - RORXL $22, a, y1; \ // y1 = a >> 22 // S0A - MOVL a, y3; \ // y3 = a // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) // S0 - RORXL $2, a, T1; \ // T1 = (a >> 2) // S0 - ADDL (disp + 3*4)(SP)(SRND*1), h; \ // h = k + w + h // -- - ORL c, y3; \ // y3 = a|c // MAJA - ; \ - XORL T1, y1; \ // y1 = (a>>22) ^ (a>>13) ^ (a>>2) // S0 - MOVL a, T1; \ // T1 = a // MAJB - ANDL b, y3; \ // y3 = (a|c)&b // MAJA - ANDL c, T1; \ // T1 = a&c // MAJB - ADDL y0, y2; \ // y2 = S1 + CH // -- - ; \ - ADDL h, d; \ // d = k + w + h + d // -- - ORL T1, y3; \ // y3 = MAJ = (a|c)&b)|(a&c) // MAJ - ADDL y1, h; \ // h = k + w + h + S0 // -- - ; \ - ADDL y2, d; \ // d = k + w + h + d + S1 + CH = d + t1 // -- - ; \ - ADDL y2, h; \ // h = k + w + h + S0 + S1 + CH = t1 + S0// -- - ; \ - ADDL y3, h // h = t1 + S0 + MAJ // -- - -TEXT ·block(SB), 0, $536-32 - CMPB runtime·support_avx2(SB), $0 - JE noavx2bmi2 - CMPB runtime·support_bmi2(SB), $1 // check for RORXL instruction - JE avx2 -noavx2bmi2: - - MOVQ p_base+8(FP), SI - MOVQ p_len+16(FP), DX - SHRQ $6, DX - SHLQ $6, DX - - LEAQ (SI)(DX*1), DI - MOVQ DI, 256(SP) - CMPQ SI, DI - JEQ end - - MOVQ dig+0(FP), BP - MOVL (0*4)(BP), R8 // a = H0 - MOVL (1*4)(BP), R9 // b = H1 - MOVL (2*4)(BP), R10 // c = H2 - MOVL (3*4)(BP), R11 // d = H3 - MOVL (4*4)(BP), R12 // e = H4 - MOVL (5*4)(BP), R13 // f = H5 - MOVL (6*4)(BP), R14 // g = H6 - MOVL (7*4)(BP), R15 // h = H7 - -loop: - MOVQ SP, BP - - SHA256ROUND0(0, 0x428a2f98, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND0(1, 0x71374491, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND0(2, 0xb5c0fbcf, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND0(3, 0xe9b5dba5, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND0(4, 0x3956c25b, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND0(5, 0x59f111f1, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND0(6, 0x923f82a4, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND0(7, 0xab1c5ed5, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND0(8, 0xd807aa98, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND0(9, 0x12835b01, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND0(10, 0x243185be, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND0(11, 0x550c7dc3, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND0(12, 0x72be5d74, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND0(13, 0x80deb1fe, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND0(14, 0x9bdc06a7, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND0(15, 0xc19bf174, R9, R10, R11, R12, R13, R14, R15, R8) - - SHA256ROUND1(16, 0xe49b69c1, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(17, 0xefbe4786, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(18, 0x0fc19dc6, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(19, 0x240ca1cc, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(20, 0x2de92c6f, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(21, 0x4a7484aa, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(22, 0x5cb0a9dc, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(23, 0x76f988da, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND1(24, 0x983e5152, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(25, 0xa831c66d, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(26, 0xb00327c8, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(27, 0xbf597fc7, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(28, 0xc6e00bf3, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(29, 0xd5a79147, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(30, 0x06ca6351, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(31, 0x14292967, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND1(32, 0x27b70a85, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(33, 0x2e1b2138, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(34, 0x4d2c6dfc, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(35, 0x53380d13, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(36, 0x650a7354, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(37, 0x766a0abb, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(38, 0x81c2c92e, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(39, 0x92722c85, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND1(40, 0xa2bfe8a1, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(41, 0xa81a664b, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(42, 0xc24b8b70, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(43, 0xc76c51a3, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(44, 0xd192e819, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(45, 0xd6990624, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(46, 0xf40e3585, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(47, 0x106aa070, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND1(48, 0x19a4c116, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(49, 0x1e376c08, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(50, 0x2748774c, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(51, 0x34b0bcb5, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(52, 0x391c0cb3, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(53, 0x4ed8aa4a, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(54, 0x5b9cca4f, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(55, 0x682e6ff3, R9, R10, R11, R12, R13, R14, R15, R8) - SHA256ROUND1(56, 0x748f82ee, R8, R9, R10, R11, R12, R13, R14, R15) - SHA256ROUND1(57, 0x78a5636f, R15, R8, R9, R10, R11, R12, R13, R14) - SHA256ROUND1(58, 0x84c87814, R14, R15, R8, R9, R10, R11, R12, R13) - SHA256ROUND1(59, 0x8cc70208, R13, R14, R15, R8, R9, R10, R11, R12) - SHA256ROUND1(60, 0x90befffa, R12, R13, R14, R15, R8, R9, R10, R11) - SHA256ROUND1(61, 0xa4506ceb, R11, R12, R13, R14, R15, R8, R9, R10) - SHA256ROUND1(62, 0xbef9a3f7, R10, R11, R12, R13, R14, R15, R8, R9) - SHA256ROUND1(63, 0xc67178f2, R9, R10, R11, R12, R13, R14, R15, R8) - - MOVQ dig+0(FP), BP - ADDL (0*4)(BP), R8 // H0 = a + H0 - MOVL R8, (0*4)(BP) - ADDL (1*4)(BP), R9 // H1 = b + H1 - MOVL R9, (1*4)(BP) - ADDL (2*4)(BP), R10 // H2 = c + H2 - MOVL R10, (2*4)(BP) - ADDL (3*4)(BP), R11 // H3 = d + H3 - MOVL R11, (3*4)(BP) - ADDL (4*4)(BP), R12 // H4 = e + H4 - MOVL R12, (4*4)(BP) - ADDL (5*4)(BP), R13 // H5 = f + H5 - MOVL R13, (5*4)(BP) - ADDL (6*4)(BP), R14 // H6 = g + H6 - MOVL R14, (6*4)(BP) - ADDL (7*4)(BP), R15 // H7 = h + H7 - MOVL R15, (7*4)(BP) - - ADDQ $64, SI - CMPQ SI, 256(SP) - JB loop - -end: - RET - -avx2: - MOVQ dig+0(FP), CTX // d.h[8] - MOVQ p_base+8(FP), INP - MOVQ p_len+16(FP), NUM_BYTES - - LEAQ -64(INP)(NUM_BYTES*1), NUM_BYTES // Pointer to the last block - MOVQ NUM_BYTES, _INP_END(SP) - - CMPQ NUM_BYTES, INP - JE avx2_only_one_block - - // Load initial digest - MOVL 0(CTX), a // a = H0 - MOVL 4(CTX), b // b = H1 - MOVL 8(CTX), c // c = H2 - MOVL 12(CTX), d // d = H3 - MOVL 16(CTX), e // e = H4 - MOVL 20(CTX), f // f = H5 - MOVL 24(CTX), g // g = H6 - MOVL 28(CTX), h // h = H7 - -avx2_loop0: // at each iteration works with one block (512 bit) - - VMOVDQU (0*32)(INP), XTMP0 - VMOVDQU (1*32)(INP), XTMP1 - VMOVDQU (2*32)(INP), XTMP2 - VMOVDQU (3*32)(INP), XTMP3 - - MOVQ $flip_mask<>(SB), BP // BYTE_FLIP_MASK - VMOVDQU (BP), BYTE_FLIP_MASK - - // Apply Byte Flip Mask: LE -> BE - VPSHUFB BYTE_FLIP_MASK, XTMP0, XTMP0 - VPSHUFB BYTE_FLIP_MASK, XTMP1, XTMP1 - VPSHUFB BYTE_FLIP_MASK, XTMP2, XTMP2 - VPSHUFB BYTE_FLIP_MASK, XTMP3, XTMP3 - - // Transpose data into high/low parts - VPERM2I128 $0x20, XTMP2, XTMP0, XDWORD0 // w3, w2, w1, w0 - VPERM2I128 $0x31, XTMP2, XTMP0, XDWORD1 // w7, w6, w5, w4 - VPERM2I128 $0x20, XTMP3, XTMP1, XDWORD2 // w11, w10, w9, w8 - VPERM2I128 $0x31, XTMP3, XTMP1, XDWORD3 // w15, w14, w13, w12 - - MOVQ $K256<>(SB), TBL // Loading address of table with round-specific constants - -avx2_last_block_enter: - ADDQ $64, INP - MOVQ INP, _INP(SP) - XORQ SRND, SRND - -avx2_loop1: // for w0 - w47 - // Do 4 rounds and scheduling - VPADDD 0*32(TBL)(SRND*1), XDWORD0, XFER - VMOVDQU XFER, (_XFER + 0*32)(SP)(SRND*1) - ROUND_AND_SCHED_N_0(_XFER + 0*32, a, b, c, d, e, f, g, h, XDWORD0, XDWORD1, XDWORD2, XDWORD3) - ROUND_AND_SCHED_N_1(_XFER + 0*32, h, a, b, c, d, e, f, g, XDWORD0, XDWORD1, XDWORD2, XDWORD3) - ROUND_AND_SCHED_N_2(_XFER + 0*32, g, h, a, b, c, d, e, f, XDWORD0, XDWORD1, XDWORD2, XDWORD3) - ROUND_AND_SCHED_N_3(_XFER + 0*32, f, g, h, a, b, c, d, e, XDWORD0, XDWORD1, XDWORD2, XDWORD3) - - // Do 4 rounds and scheduling - VPADDD 1*32(TBL)(SRND*1), XDWORD1, XFER - VMOVDQU XFER, (_XFER + 1*32)(SP)(SRND*1) - ROUND_AND_SCHED_N_0(_XFER + 1*32, e, f, g, h, a, b, c, d, XDWORD1, XDWORD2, XDWORD3, XDWORD0) - ROUND_AND_SCHED_N_1(_XFER + 1*32, d, e, f, g, h, a, b, c, XDWORD1, XDWORD2, XDWORD3, XDWORD0) - ROUND_AND_SCHED_N_2(_XFER + 1*32, c, d, e, f, g, h, a, b, XDWORD1, XDWORD2, XDWORD3, XDWORD0) - ROUND_AND_SCHED_N_3(_XFER + 1*32, b, c, d, e, f, g, h, a, XDWORD1, XDWORD2, XDWORD3, XDWORD0) - - // Do 4 rounds and scheduling - VPADDD 2*32(TBL)(SRND*1), XDWORD2, XFER - VMOVDQU XFER, (_XFER + 2*32)(SP)(SRND*1) - ROUND_AND_SCHED_N_0(_XFER + 2*32, a, b, c, d, e, f, g, h, XDWORD2, XDWORD3, XDWORD0, XDWORD1) - ROUND_AND_SCHED_N_1(_XFER + 2*32, h, a, b, c, d, e, f, g, XDWORD2, XDWORD3, XDWORD0, XDWORD1) - ROUND_AND_SCHED_N_2(_XFER + 2*32, g, h, a, b, c, d, e, f, XDWORD2, XDWORD3, XDWORD0, XDWORD1) - ROUND_AND_SCHED_N_3(_XFER + 2*32, f, g, h, a, b, c, d, e, XDWORD2, XDWORD3, XDWORD0, XDWORD1) - - // Do 4 rounds and scheduling - VPADDD 3*32(TBL)(SRND*1), XDWORD3, XFER - VMOVDQU XFER, (_XFER + 3*32)(SP)(SRND*1) - ROUND_AND_SCHED_N_0(_XFER + 3*32, e, f, g, h, a, b, c, d, XDWORD3, XDWORD0, XDWORD1, XDWORD2) - ROUND_AND_SCHED_N_1(_XFER + 3*32, d, e, f, g, h, a, b, c, XDWORD3, XDWORD0, XDWORD1, XDWORD2) - ROUND_AND_SCHED_N_2(_XFER + 3*32, c, d, e, f, g, h, a, b, XDWORD3, XDWORD0, XDWORD1, XDWORD2) - ROUND_AND_SCHED_N_3(_XFER + 3*32, b, c, d, e, f, g, h, a, XDWORD3, XDWORD0, XDWORD1, XDWORD2) - - ADDQ $4*32, SRND - CMPQ SRND, $3*4*32 - JB avx2_loop1 - -avx2_loop2: - // w48 - w63 processed with no scheduliung (last 16 rounds) - VPADDD 0*32(TBL)(SRND*1), XDWORD0, XFER - VMOVDQU XFER, (_XFER + 0*32)(SP)(SRND*1) - DO_ROUND_N_0(_XFER + 0*32, a, b, c, d, e, f, g, h, h) - DO_ROUND_N_1(_XFER + 0*32, h, a, b, c, d, e, f, g, h) - DO_ROUND_N_2(_XFER + 0*32, g, h, a, b, c, d, e, f, g) - DO_ROUND_N_3(_XFER + 0*32, f, g, h, a, b, c, d, e, f) - - VPADDD 1*32(TBL)(SRND*1), XDWORD1, XFER - VMOVDQU XFER, (_XFER + 1*32)(SP)(SRND*1) - DO_ROUND_N_0(_XFER + 1*32, e, f, g, h, a, b, c, d, e) - DO_ROUND_N_1(_XFER + 1*32, d, e, f, g, h, a, b, c, d) - DO_ROUND_N_2(_XFER + 1*32, c, d, e, f, g, h, a, b, c) - DO_ROUND_N_3(_XFER + 1*32, b, c, d, e, f, g, h, a, b) - - ADDQ $2*32, SRND - - VMOVDQU XDWORD2, XDWORD0 - VMOVDQU XDWORD3, XDWORD1 - - CMPQ SRND, $4*4*32 - JB avx2_loop2 - - MOVQ dig+0(FP), CTX // d.h[8] - MOVQ _INP(SP), INP - - addm( 0(CTX), a) - addm( 4(CTX), b) - addm( 8(CTX), c) - addm( 12(CTX), d) - addm( 16(CTX), e) - addm( 20(CTX), f) - addm( 24(CTX), g) - addm( 28(CTX), h) - - CMPQ _INP_END(SP), INP - JB done_hash - - XORQ SRND, SRND - -avx2_loop3: // Do second block using previously scheduled results - DO_ROUND_N_0(_XFER + 0*32 + 16, a, b, c, d, e, f, g, h, a) - DO_ROUND_N_1(_XFER + 0*32 + 16, h, a, b, c, d, e, f, g, h) - DO_ROUND_N_2(_XFER + 0*32 + 16, g, h, a, b, c, d, e, f, g) - DO_ROUND_N_3(_XFER + 0*32 + 16, f, g, h, a, b, c, d, e, f) - - DO_ROUND_N_0(_XFER + 1*32 + 16, e, f, g, h, a, b, c, d, e) - DO_ROUND_N_1(_XFER + 1*32 + 16, d, e, f, g, h, a, b, c, d) - DO_ROUND_N_2(_XFER + 1*32 + 16, c, d, e, f, g, h, a, b, c) - DO_ROUND_N_3(_XFER + 1*32 + 16, b, c, d, e, f, g, h, a, b) - - ADDQ $2*32, SRND - CMPQ SRND, $4*4*32 - JB avx2_loop3 - - MOVQ dig+0(FP), CTX // d.h[8] - MOVQ _INP(SP), INP - ADDQ $64, INP - - addm( 0(CTX), a) - addm( 4(CTX), b) - addm( 8(CTX), c) - addm( 12(CTX), d) - addm( 16(CTX), e) - addm( 20(CTX), f) - addm( 24(CTX), g) - addm( 28(CTX), h) - - CMPQ _INP_END(SP), INP - JA avx2_loop0 - JB done_hash - -avx2_do_last_block: - - VMOVDQU 0(INP), XWORD0 - VMOVDQU 16(INP), XWORD1 - VMOVDQU 32(INP), XWORD2 - VMOVDQU 48(INP), XWORD3 - - MOVQ $flip_mask<>(SB), BP - VMOVDQU (BP), X_BYTE_FLIP_MASK - - VPSHUFB X_BYTE_FLIP_MASK, XWORD0, XWORD0 - VPSHUFB X_BYTE_FLIP_MASK, XWORD1, XWORD1 - VPSHUFB X_BYTE_FLIP_MASK, XWORD2, XWORD2 - VPSHUFB X_BYTE_FLIP_MASK, XWORD3, XWORD3 - - MOVQ $K256<>(SB), TBL - - JMP avx2_last_block_enter - -avx2_only_one_block: - // Load initial digest - MOVL 0(CTX), a // a = H0 - MOVL 4(CTX), b // b = H1 - MOVL 8(CTX), c // c = H2 - MOVL 12(CTX), d // d = H3 - MOVL 16(CTX), e // e = H4 - MOVL 20(CTX), f // f = H5 - MOVL 24(CTX), g // g = H6 - MOVL 28(CTX), h // h = H7 - - JMP avx2_do_last_block - -done_hash: - VZEROUPPER - RET - -// shuffle byte order from LE to BE -DATA flip_mask<>+0x00(SB)/8, $0x0405060700010203 -DATA flip_mask<>+0x08(SB)/8, $0x0c0d0e0f08090a0b -DATA flip_mask<>+0x10(SB)/8, $0x0405060700010203 -DATA flip_mask<>+0x18(SB)/8, $0x0c0d0e0f08090a0b -GLOBL flip_mask<>(SB), 8, $32 - -// shuffle xBxA -> 00BA -DATA shuff_00BA<>+0x00(SB)/8, $0x0b0a090803020100 -DATA shuff_00BA<>+0x08(SB)/8, $0xFFFFFFFFFFFFFFFF -DATA shuff_00BA<>+0x10(SB)/8, $0x0b0a090803020100 -DATA shuff_00BA<>+0x18(SB)/8, $0xFFFFFFFFFFFFFFFF -GLOBL shuff_00BA<>(SB), 8, $32 - -// shuffle xDxC -> DC00 -DATA shuff_DC00<>+0x00(SB)/8, $0xFFFFFFFFFFFFFFFF -DATA shuff_DC00<>+0x08(SB)/8, $0x0b0a090803020100 -DATA shuff_DC00<>+0x10(SB)/8, $0xFFFFFFFFFFFFFFFF -DATA shuff_DC00<>+0x18(SB)/8, $0x0b0a090803020100 -GLOBL shuff_DC00<>(SB), 8, $32 - -// Round specific constants -DATA K256<>+0x00(SB)/4, $0x428a2f98 // k1 -DATA K256<>+0x04(SB)/4, $0x71374491 // k2 -DATA K256<>+0x08(SB)/4, $0xb5c0fbcf // k3 -DATA K256<>+0x0c(SB)/4, $0xe9b5dba5 // k4 -DATA K256<>+0x10(SB)/4, $0x428a2f98 // k1 -DATA K256<>+0x14(SB)/4, $0x71374491 // k2 -DATA K256<>+0x18(SB)/4, $0xb5c0fbcf // k3 -DATA K256<>+0x1c(SB)/4, $0xe9b5dba5 // k4 - -DATA K256<>+0x20(SB)/4, $0x3956c25b // k5 - k8 -DATA K256<>+0x24(SB)/4, $0x59f111f1 -DATA K256<>+0x28(SB)/4, $0x923f82a4 -DATA K256<>+0x2c(SB)/4, $0xab1c5ed5 -DATA K256<>+0x30(SB)/4, $0x3956c25b -DATA K256<>+0x34(SB)/4, $0x59f111f1 -DATA K256<>+0x38(SB)/4, $0x923f82a4 -DATA K256<>+0x3c(SB)/4, $0xab1c5ed5 - -DATA K256<>+0x40(SB)/4, $0xd807aa98 // k9 - k12 -DATA K256<>+0x44(SB)/4, $0x12835b01 -DATA K256<>+0x48(SB)/4, $0x243185be -DATA K256<>+0x4c(SB)/4, $0x550c7dc3 -DATA K256<>+0x50(SB)/4, $0xd807aa98 -DATA K256<>+0x54(SB)/4, $0x12835b01 -DATA K256<>+0x58(SB)/4, $0x243185be -DATA K256<>+0x5c(SB)/4, $0x550c7dc3 - -DATA K256<>+0x60(SB)/4, $0x72be5d74 // k13 - k16 -DATA K256<>+0x64(SB)/4, $0x80deb1fe -DATA K256<>+0x68(SB)/4, $0x9bdc06a7 -DATA K256<>+0x6c(SB)/4, $0xc19bf174 -DATA K256<>+0x70(SB)/4, $0x72be5d74 -DATA K256<>+0x74(SB)/4, $0x80deb1fe -DATA K256<>+0x78(SB)/4, $0x9bdc06a7 -DATA K256<>+0x7c(SB)/4, $0xc19bf174 - -DATA K256<>+0x80(SB)/4, $0xe49b69c1 // k17 - k20 -DATA K256<>+0x84(SB)/4, $0xefbe4786 -DATA K256<>+0x88(SB)/4, $0x0fc19dc6 -DATA K256<>+0x8c(SB)/4, $0x240ca1cc -DATA K256<>+0x90(SB)/4, $0xe49b69c1 -DATA K256<>+0x94(SB)/4, $0xefbe4786 -DATA K256<>+0x98(SB)/4, $0x0fc19dc6 -DATA K256<>+0x9c(SB)/4, $0x240ca1cc - -DATA K256<>+0xa0(SB)/4, $0x2de92c6f // k21 - k24 -DATA K256<>+0xa4(SB)/4, $0x4a7484aa -DATA K256<>+0xa8(SB)/4, $0x5cb0a9dc -DATA K256<>+0xac(SB)/4, $0x76f988da -DATA K256<>+0xb0(SB)/4, $0x2de92c6f -DATA K256<>+0xb4(SB)/4, $0x4a7484aa -DATA K256<>+0xb8(SB)/4, $0x5cb0a9dc -DATA K256<>+0xbc(SB)/4, $0x76f988da - -DATA K256<>+0xc0(SB)/4, $0x983e5152 // k25 - k28 -DATA K256<>+0xc4(SB)/4, $0xa831c66d -DATA K256<>+0xc8(SB)/4, $0xb00327c8 -DATA K256<>+0xcc(SB)/4, $0xbf597fc7 -DATA K256<>+0xd0(SB)/4, $0x983e5152 -DATA K256<>+0xd4(SB)/4, $0xa831c66d -DATA K256<>+0xd8(SB)/4, $0xb00327c8 -DATA K256<>+0xdc(SB)/4, $0xbf597fc7 - -DATA K256<>+0xe0(SB)/4, $0xc6e00bf3 // k29 - k32 -DATA K256<>+0xe4(SB)/4, $0xd5a79147 -DATA K256<>+0xe8(SB)/4, $0x06ca6351 -DATA K256<>+0xec(SB)/4, $0x14292967 -DATA K256<>+0xf0(SB)/4, $0xc6e00bf3 -DATA K256<>+0xf4(SB)/4, $0xd5a79147 -DATA K256<>+0xf8(SB)/4, $0x06ca6351 -DATA K256<>+0xfc(SB)/4, $0x14292967 - -DATA K256<>+0x100(SB)/4, $0x27b70a85 -DATA K256<>+0x104(SB)/4, $0x2e1b2138 -DATA K256<>+0x108(SB)/4, $0x4d2c6dfc -DATA K256<>+0x10c(SB)/4, $0x53380d13 -DATA K256<>+0x110(SB)/4, $0x27b70a85 -DATA K256<>+0x114(SB)/4, $0x2e1b2138 -DATA K256<>+0x118(SB)/4, $0x4d2c6dfc -DATA K256<>+0x11c(SB)/4, $0x53380d13 - -DATA K256<>+0x120(SB)/4, $0x650a7354 -DATA K256<>+0x124(SB)/4, $0x766a0abb -DATA K256<>+0x128(SB)/4, $0x81c2c92e -DATA K256<>+0x12c(SB)/4, $0x92722c85 -DATA K256<>+0x130(SB)/4, $0x650a7354 -DATA K256<>+0x134(SB)/4, $0x766a0abb -DATA K256<>+0x138(SB)/4, $0x81c2c92e -DATA K256<>+0x13c(SB)/4, $0x92722c85 - -DATA K256<>+0x140(SB)/4, $0xa2bfe8a1 -DATA K256<>+0x144(SB)/4, $0xa81a664b -DATA K256<>+0x148(SB)/4, $0xc24b8b70 -DATA K256<>+0x14c(SB)/4, $0xc76c51a3 -DATA K256<>+0x150(SB)/4, $0xa2bfe8a1 -DATA K256<>+0x154(SB)/4, $0xa81a664b -DATA K256<>+0x158(SB)/4, $0xc24b8b70 -DATA K256<>+0x15c(SB)/4, $0xc76c51a3 - -DATA K256<>+0x160(SB)/4, $0xd192e819 -DATA K256<>+0x164(SB)/4, $0xd6990624 -DATA K256<>+0x168(SB)/4, $0xf40e3585 -DATA K256<>+0x16c(SB)/4, $0x106aa070 -DATA K256<>+0x170(SB)/4, $0xd192e819 -DATA K256<>+0x174(SB)/4, $0xd6990624 -DATA K256<>+0x178(SB)/4, $0xf40e3585 -DATA K256<>+0x17c(SB)/4, $0x106aa070 - -DATA K256<>+0x180(SB)/4, $0x19a4c116 -DATA K256<>+0x184(SB)/4, $0x1e376c08 -DATA K256<>+0x188(SB)/4, $0x2748774c -DATA K256<>+0x18c(SB)/4, $0x34b0bcb5 -DATA K256<>+0x190(SB)/4, $0x19a4c116 -DATA K256<>+0x194(SB)/4, $0x1e376c08 -DATA K256<>+0x198(SB)/4, $0x2748774c -DATA K256<>+0x19c(SB)/4, $0x34b0bcb5 - -DATA K256<>+0x1a0(SB)/4, $0x391c0cb3 -DATA K256<>+0x1a4(SB)/4, $0x4ed8aa4a -DATA K256<>+0x1a8(SB)/4, $0x5b9cca4f -DATA K256<>+0x1ac(SB)/4, $0x682e6ff3 -DATA K256<>+0x1b0(SB)/4, $0x391c0cb3 -DATA K256<>+0x1b4(SB)/4, $0x4ed8aa4a -DATA K256<>+0x1b8(SB)/4, $0x5b9cca4f -DATA K256<>+0x1bc(SB)/4, $0x682e6ff3 - -DATA K256<>+0x1c0(SB)/4, $0x748f82ee -DATA K256<>+0x1c4(SB)/4, $0x78a5636f -DATA K256<>+0x1c8(SB)/4, $0x84c87814 -DATA K256<>+0x1cc(SB)/4, $0x8cc70208 -DATA K256<>+0x1d0(SB)/4, $0x748f82ee -DATA K256<>+0x1d4(SB)/4, $0x78a5636f -DATA K256<>+0x1d8(SB)/4, $0x84c87814 -DATA K256<>+0x1dc(SB)/4, $0x8cc70208 - -DATA K256<>+0x1e0(SB)/4, $0x90befffa -DATA K256<>+0x1e4(SB)/4, $0xa4506ceb -DATA K256<>+0x1e8(SB)/4, $0xbef9a3f7 -DATA K256<>+0x1ec(SB)/4, $0xc67178f2 -DATA K256<>+0x1f0(SB)/4, $0x90befffa -DATA K256<>+0x1f4(SB)/4, $0xa4506ceb -DATA K256<>+0x1f8(SB)/4, $0xbef9a3f7 -DATA K256<>+0x1fc(SB)/4, $0xc67178f2 - -GLOBL K256<>(SB), (NOPTR + RODATA), $512 diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_decl.go b/vendor/github.com/stevvooe/resumable/sha256/sha256block_decl.go deleted file mode 100644 index fe07e53b..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_decl.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build 386 amd64 s390x ppc64le - -package sha256 - -//go:noescape - -func block(dig *digest, p []byte) diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_generic.go b/vendor/github.com/stevvooe/resumable/sha256/sha256block_generic.go deleted file mode 100644 index a182a5ea..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_generic.go +++ /dev/null @@ -1,9 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !amd64,!386,!s390x,!ppc64le - -package sha256 - -var block = blockGeneric diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.go b/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.go deleted file mode 100644 index b7beefef..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package sha256 - -// featureCheck reports whether the CPU supports the -// SHA256 compute intermediate message digest (KIMD) -// function code. -func featureCheck() bool - -var useAsm = featureCheck() diff --git a/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.s b/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.s deleted file mode 100644 index ee35991f..00000000 --- a/vendor/github.com/stevvooe/resumable/sha256/sha256block_s390x.s +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -#include "textflag.h" - -// func featureCheck() bool -TEXT ·featureCheck(SB),NOSPLIT,$16-1 - LA tmp-16(SP), R1 - XOR R0, R0 // query function code is 0 - WORD $0xB93E0006 // KIMD (R6 is ignored) - MOVBZ tmp-16(SP), R4 // get the first byte - AND $0x20, R4 // bit 2 (big endian) for SHA256 - CMPBEQ R4, $0, nosha256 - MOVB $1, ret+0(FP) - RET -nosha256: - MOVB $0, ret+0(FP) - RET - -// func block(dig *digest, p []byte) -TEXT ·block(SB),NOSPLIT,$0-32 - MOVBZ ·useAsm(SB), R4 - LMG dig+0(FP), R1, R3 // R2 = &p[0], R3 = len(p) - CMPBNE R4, $1, generic - MOVBZ $2, R0 // SHA256 function code -loop: - WORD $0xB93E0002 // KIMD R2 - BVS loop // continue if interrupted -done: - XOR R0, R0 // restore R0 - RET -generic: - BR ·blockGeneric(SB) diff --git a/vendor/github.com/stevvooe/resumable/sha512/resume.go b/vendor/github.com/stevvooe/resumable/sha512/resume.go deleted file mode 100644 index ed9173e5..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/resume.go +++ /dev/null @@ -1,63 +0,0 @@ -package sha512 - -import ( - "bytes" - "crypto" - "encoding/gob" - - "github.com/stevvooe/resumable" - - // import to ensure that our init function runs after the standard package - _ "crypto/sha512" -) - -// Len returns the number of bytes which have been written to the digest. -func (d *digest) Len() int64 { - return int64(d.len) -} - -// State returns a snapshot of the state of the digest. -func (d *digest) State() ([]byte, error) { - var buf bytes.Buffer - encoder := gob.NewEncoder(&buf) - - // We encode this way so that we do not have - // to export these fields of the digest struct. - vals := []interface{}{ - d.h, d.x, d.nx, d.len, d.function, - } - - for _, val := range vals { - if err := encoder.Encode(val); err != nil { - return nil, err - } - } - - return buf.Bytes(), nil -} - -// Restore resets the digest to the given state. -func (d *digest) Restore(state []byte) error { - decoder := gob.NewDecoder(bytes.NewReader(state)) - - // We decode this way so that we do not have - // to export these fields of the digest struct. - vals := []interface{}{ - &d.h, &d.x, &d.nx, &d.len, &d.function, - } - - for _, val := range vals { - if err := decoder.Decode(val); err != nil { - return err - } - } - - switch d.function { - case crypto.SHA384, crypto.SHA512, crypto.SHA512_224, crypto.SHA512_256: - break - default: - return resumable.ErrBadState - } - - return nil -} diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512.go b/vendor/github.com/stevvooe/resumable/sha512/sha512.go deleted file mode 100644 index 5603c90f..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512.go +++ /dev/null @@ -1,288 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 -// hash algorithms as defined in FIPS 180-4. -package sha512 - -import ( - "crypto" - "hash" -) - -func init() { - crypto.RegisterHash(crypto.SHA384, New384) - crypto.RegisterHash(crypto.SHA512, New) - crypto.RegisterHash(crypto.SHA512_224, New512_224) - crypto.RegisterHash(crypto.SHA512_256, New512_256) -} - -const ( - // Size is the size, in bytes, of a SHA-512 checksum. - Size = 64 - - // Size224 is the size, in bytes, of a SHA-512/224 checksum. - Size224 = 28 - - // Size256 is the size, in bytes, of a SHA-512/256 checksum. - Size256 = 32 - - // Size384 is the size, in bytes, of a SHA-384 checksum. - Size384 = 48 - - // BlockSize is the block size, in bytes, of the SHA-512/224, - // SHA-512/256, SHA-384 and SHA-512 hash functions. - BlockSize = 128 -) - -const ( - chunk = 128 - init0 = 0x6a09e667f3bcc908 - init1 = 0xbb67ae8584caa73b - init2 = 0x3c6ef372fe94f82b - init3 = 0xa54ff53a5f1d36f1 - init4 = 0x510e527fade682d1 - init5 = 0x9b05688c2b3e6c1f - init6 = 0x1f83d9abfb41bd6b - init7 = 0x5be0cd19137e2179 - init0_224 = 0x8c3d37c819544da2 - init1_224 = 0x73e1996689dcd4d6 - init2_224 = 0x1dfab7ae32ff9c82 - init3_224 = 0x679dd514582f9fcf - init4_224 = 0x0f6d2b697bd44da8 - init5_224 = 0x77e36f7304c48942 - init6_224 = 0x3f9d85a86a1d36c8 - init7_224 = 0x1112e6ad91d692a1 - init0_256 = 0x22312194fc2bf72c - init1_256 = 0x9f555fa3c84c64c2 - init2_256 = 0x2393b86b6f53b151 - init3_256 = 0x963877195940eabd - init4_256 = 0x96283ee2a88effe3 - init5_256 = 0xbe5e1e2553863992 - init6_256 = 0x2b0199fc2c85b8aa - init7_256 = 0x0eb72ddc81c52ca2 - init0_384 = 0xcbbb9d5dc1059ed8 - init1_384 = 0x629a292a367cd507 - init2_384 = 0x9159015a3070dd17 - init3_384 = 0x152fecd8f70e5939 - init4_384 = 0x67332667ffc00b31 - init5_384 = 0x8eb44a8768581511 - init6_384 = 0xdb0c2e0d64f98fa7 - init7_384 = 0x47b5481dbefa4fa4 -) - -// digest represents the partial evaluation of a checksum. -type digest struct { - h [8]uint64 - x [chunk]byte - nx int - len uint64 - function crypto.Hash -} - -func (d *digest) Reset() { - switch d.function { - case crypto.SHA384: - d.h[0] = init0_384 - d.h[1] = init1_384 - d.h[2] = init2_384 - d.h[3] = init3_384 - d.h[4] = init4_384 - d.h[5] = init5_384 - d.h[6] = init6_384 - d.h[7] = init7_384 - case crypto.SHA512_224: - d.h[0] = init0_224 - d.h[1] = init1_224 - d.h[2] = init2_224 - d.h[3] = init3_224 - d.h[4] = init4_224 - d.h[5] = init5_224 - d.h[6] = init6_224 - d.h[7] = init7_224 - case crypto.SHA512_256: - d.h[0] = init0_256 - d.h[1] = init1_256 - d.h[2] = init2_256 - d.h[3] = init3_256 - d.h[4] = init4_256 - d.h[5] = init5_256 - d.h[6] = init6_256 - d.h[7] = init7_256 - default: - d.h[0] = init0 - d.h[1] = init1 - d.h[2] = init2 - d.h[3] = init3 - d.h[4] = init4 - d.h[5] = init5 - d.h[6] = init6 - d.h[7] = init7 - } - d.nx = 0 - d.len = 0 -} - -// New returns a new hash.Hash computing the SHA-512 checksum. -func New() hash.Hash { - d := &digest{function: crypto.SHA512} - d.Reset() - return d -} - -// New512_224 returns a new hash.Hash computing the SHA-512/224 checksum. -func New512_224() hash.Hash { - d := &digest{function: crypto.SHA512_224} - d.Reset() - return d -} - -// New512_256 returns a new hash.Hash computing the SHA-512/256 checksum. -func New512_256() hash.Hash { - d := &digest{function: crypto.SHA512_256} - d.Reset() - return d -} - -// New384 returns a new hash.Hash computing the SHA-384 checksum. -func New384() hash.Hash { - d := &digest{function: crypto.SHA384} - d.Reset() - return d -} - -func (d *digest) Size() int { - switch d.function { - case crypto.SHA512_224: - return Size224 - case crypto.SHA512_256: - return Size256 - case crypto.SHA384: - return Size384 - default: - return Size - } -} - -func (d *digest) BlockSize() int { return BlockSize } - -func (d *digest) Write(p []byte) (nn int, err error) { - nn = len(p) - d.len += uint64(nn) - if d.nx > 0 { - n := copy(d.x[d.nx:], p) - d.nx += n - if d.nx == chunk { - block(d, d.x[:]) - d.nx = 0 - } - p = p[n:] - } - if len(p) >= chunk { - n := len(p) &^ (chunk - 1) - block(d, p[:n]) - p = p[n:] - } - if len(p) > 0 { - d.nx = copy(d.x[:], p) - } - return -} - -func (d0 *digest) Sum(in []byte) []byte { - // Make a copy of d0 so that caller can keep writing and summing. - d := new(digest) - *d = *d0 - hash := d.checkSum() - switch d.function { - case crypto.SHA384: - return append(in, hash[:Size384]...) - case crypto.SHA512_224: - return append(in, hash[:Size224]...) - case crypto.SHA512_256: - return append(in, hash[:Size256]...) - default: - return append(in, hash[:]...) - } -} - -func (d *digest) checkSum() [Size]byte { - // Padding. Add a 1 bit and 0 bits until 112 bytes mod 128. - len := d.len - var tmp [128]byte - tmp[0] = 0x80 - if len%128 < 112 { - d.Write(tmp[0 : 112-len%128]) - } else { - d.Write(tmp[0 : 128+112-len%128]) - } - - // Length in bits. - len <<= 3 - for i := uint(0); i < 16; i++ { - tmp[i] = byte(len >> (120 - 8*i)) - } - d.Write(tmp[0:16]) - - if d.nx != 0 { - panic("d.nx != 0") - } - - h := d.h[:] - if d.function == crypto.SHA384 { - h = d.h[:6] - } - - var digest [Size]byte - for i, s := range h { - digest[i*8] = byte(s >> 56) - digest[i*8+1] = byte(s >> 48) - digest[i*8+2] = byte(s >> 40) - digest[i*8+3] = byte(s >> 32) - digest[i*8+4] = byte(s >> 24) - digest[i*8+5] = byte(s >> 16) - digest[i*8+6] = byte(s >> 8) - digest[i*8+7] = byte(s) - } - - return digest -} - -// Sum512 returns the SHA512 checksum of the data. -func Sum512(data []byte) [Size]byte { - d := digest{function: crypto.SHA512} - d.Reset() - d.Write(data) - return d.checkSum() -} - -// Sum384 returns the SHA384 checksum of the data. -func Sum384(data []byte) (sum384 [Size384]byte) { - d := digest{function: crypto.SHA384} - d.Reset() - d.Write(data) - sum := d.checkSum() - copy(sum384[:], sum[:Size384]) - return -} - -// Sum512_224 returns the Sum512/224 checksum of the data. -func Sum512_224(data []byte) (sum224 [Size224]byte) { - d := digest{function: crypto.SHA512_224} - d.Reset() - d.Write(data) - sum := d.checkSum() - copy(sum224[:], sum[:Size224]) - return -} - -// Sum512_256 returns the Sum512/256 checksum of the data. -func Sum512_256(data []byte) (sum256 [Size256]byte) { - d := digest{function: crypto.SHA512_256} - d.Reset() - d.Write(data) - sum := d.checkSum() - copy(sum256[:], sum[:Size256]) - return -} diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block.go b/vendor/github.com/stevvooe/resumable/sha512/sha512block.go deleted file mode 100644 index 42e8d19f..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block.go +++ /dev/null @@ -1,142 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// SHA512 block step. -// In its own file so that a faster assembly or C version -// can be substituted easily. - -package sha512 - -var _K = []uint64{ - 0x428a2f98d728ae22, - 0x7137449123ef65cd, - 0xb5c0fbcfec4d3b2f, - 0xe9b5dba58189dbbc, - 0x3956c25bf348b538, - 0x59f111f1b605d019, - 0x923f82a4af194f9b, - 0xab1c5ed5da6d8118, - 0xd807aa98a3030242, - 0x12835b0145706fbe, - 0x243185be4ee4b28c, - 0x550c7dc3d5ffb4e2, - 0x72be5d74f27b896f, - 0x80deb1fe3b1696b1, - 0x9bdc06a725c71235, - 0xc19bf174cf692694, - 0xe49b69c19ef14ad2, - 0xefbe4786384f25e3, - 0x0fc19dc68b8cd5b5, - 0x240ca1cc77ac9c65, - 0x2de92c6f592b0275, - 0x4a7484aa6ea6e483, - 0x5cb0a9dcbd41fbd4, - 0x76f988da831153b5, - 0x983e5152ee66dfab, - 0xa831c66d2db43210, - 0xb00327c898fb213f, - 0xbf597fc7beef0ee4, - 0xc6e00bf33da88fc2, - 0xd5a79147930aa725, - 0x06ca6351e003826f, - 0x142929670a0e6e70, - 0x27b70a8546d22ffc, - 0x2e1b21385c26c926, - 0x4d2c6dfc5ac42aed, - 0x53380d139d95b3df, - 0x650a73548baf63de, - 0x766a0abb3c77b2a8, - 0x81c2c92e47edaee6, - 0x92722c851482353b, - 0xa2bfe8a14cf10364, - 0xa81a664bbc423001, - 0xc24b8b70d0f89791, - 0xc76c51a30654be30, - 0xd192e819d6ef5218, - 0xd69906245565a910, - 0xf40e35855771202a, - 0x106aa07032bbd1b8, - 0x19a4c116b8d2d0c8, - 0x1e376c085141ab53, - 0x2748774cdf8eeb99, - 0x34b0bcb5e19b48a8, - 0x391c0cb3c5c95a63, - 0x4ed8aa4ae3418acb, - 0x5b9cca4f7763e373, - 0x682e6ff3d6b2b8a3, - 0x748f82ee5defb2fc, - 0x78a5636f43172f60, - 0x84c87814a1f0ab72, - 0x8cc702081a6439ec, - 0x90befffa23631e28, - 0xa4506cebde82bde9, - 0xbef9a3f7b2c67915, - 0xc67178f2e372532b, - 0xca273eceea26619c, - 0xd186b8c721c0c207, - 0xeada7dd6cde0eb1e, - 0xf57d4f7fee6ed178, - 0x06f067aa72176fba, - 0x0a637dc5a2c898a6, - 0x113f9804bef90dae, - 0x1b710b35131c471b, - 0x28db77f523047d84, - 0x32caab7b40c72493, - 0x3c9ebe0a15c9bebc, - 0x431d67c49c100d4c, - 0x4cc5d4becb3e42b6, - 0x597f299cfc657e2a, - 0x5fcb6fab3ad6faec, - 0x6c44198c4a475817, -} - -func blockGeneric(dig *digest, p []byte) { - var w [80]uint64 - h0, h1, h2, h3, h4, h5, h6, h7 := dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4], dig.h[5], dig.h[6], dig.h[7] - for len(p) >= chunk { - for i := 0; i < 16; i++ { - j := i * 8 - w[i] = uint64(p[j])<<56 | uint64(p[j+1])<<48 | uint64(p[j+2])<<40 | uint64(p[j+3])<<32 | - uint64(p[j+4])<<24 | uint64(p[j+5])<<16 | uint64(p[j+6])<<8 | uint64(p[j+7]) - } - for i := 16; i < 80; i++ { - v1 := w[i-2] - t1 := (v1>>19 | v1<<(64-19)) ^ (v1>>61 | v1<<(64-61)) ^ (v1 >> 6) - v2 := w[i-15] - t2 := (v2>>1 | v2<<(64-1)) ^ (v2>>8 | v2<<(64-8)) ^ (v2 >> 7) - - w[i] = t1 + w[i-7] + t2 + w[i-16] - } - - a, b, c, d, e, f, g, h := h0, h1, h2, h3, h4, h5, h6, h7 - - for i := 0; i < 80; i++ { - t1 := h + ((e>>14 | e<<(64-14)) ^ (e>>18 | e<<(64-18)) ^ (e>>41 | e<<(64-41))) + ((e & f) ^ (^e & g)) + _K[i] + w[i] - - t2 := ((a>>28 | a<<(64-28)) ^ (a>>34 | a<<(64-34)) ^ (a>>39 | a<<(64-39))) + ((a & b) ^ (a & c) ^ (b & c)) - - h = g - g = f - f = e - e = d + t1 - d = c - c = b - b = a - a = t1 + t2 - } - - h0 += a - h1 += b - h2 += c - h3 += d - h4 += e - h5 += f - h6 += g - h7 += h - - p = p[chunk:] - } - - dig.h[0], dig.h[1], dig.h[2], dig.h[3], dig.h[4], dig.h[5], dig.h[6], dig.h[7] = h0, h1, h2, h3, h4, h5, h6, h7 -} diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block_amd64.s b/vendor/github.com/stevvooe/resumable/sha512/sha512block_amd64.s deleted file mode 100644 index 87502cdf..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block_amd64.s +++ /dev/null @@ -1,273 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -#include "textflag.h" - -// SHA512 block routine. See sha512block.go for Go equivalent. -// -// The algorithm is detailed in FIPS 180-4: -// -// http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf -// -// Wt = Mt; for 0 <= t <= 15 -// Wt = SIGMA1(Wt-2) + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 79 -// -// a = H0 -// b = H1 -// c = H2 -// d = H3 -// e = H4 -// f = H5 -// g = H6 -// h = H7 -// -// for t = 0 to 79 { -// T1 = h + BIGSIGMA1(e) + Ch(e,f,g) + Kt + Wt -// T2 = BIGSIGMA0(a) + Maj(a,b,c) -// h = g -// g = f -// f = e -// e = d + T1 -// d = c -// c = b -// b = a -// a = T1 + T2 -// } -// -// H0 = a + H0 -// H1 = b + H1 -// H2 = c + H2 -// H3 = d + H3 -// H4 = e + H4 -// H5 = f + H5 -// H6 = g + H6 -// H7 = h + H7 - -// Wt = Mt; for 0 <= t <= 15 -#define MSGSCHEDULE0(index) \ - MOVQ (index*8)(SI), AX; \ - BSWAPQ AX; \ - MOVQ AX, (index*8)(BP) - -// Wt = SIGMA1(Wt-2) + Wt-7 + SIGMA0(Wt-15) + Wt-16; for 16 <= t <= 79 -// SIGMA0(x) = ROTR(1,x) XOR ROTR(8,x) XOR SHR(7,x) -// SIGMA1(x) = ROTR(19,x) XOR ROTR(61,x) XOR SHR(6,x) -#define MSGSCHEDULE1(index) \ - MOVQ ((index-2)*8)(BP), AX; \ - MOVQ AX, CX; \ - RORQ $19, AX; \ - MOVQ CX, DX; \ - RORQ $61, CX; \ - SHRQ $6, DX; \ - MOVQ ((index-15)*8)(BP), BX; \ - XORQ CX, AX; \ - MOVQ BX, CX; \ - XORQ DX, AX; \ - RORQ $1, BX; \ - MOVQ CX, DX; \ - SHRQ $7, DX; \ - RORQ $8, CX; \ - ADDQ ((index-7)*8)(BP), AX; \ - XORQ CX, BX; \ - XORQ DX, BX; \ - ADDQ ((index-16)*8)(BP), BX; \ - ADDQ BX, AX; \ - MOVQ AX, ((index)*8)(BP) - -// Calculate T1 in AX - uses AX, CX and DX registers. -// h is also used as an accumulator. Wt is passed in AX. -// T1 = h + BIGSIGMA1(e) + Ch(e, f, g) + Kt + Wt -// BIGSIGMA1(x) = ROTR(14,x) XOR ROTR(18,x) XOR ROTR(41,x) -// Ch(x, y, z) = (x AND y) XOR (NOT x AND z) -#define SHA512T1(const, e, f, g, h) \ - MOVQ $const, DX; \ - ADDQ AX, h; \ - MOVQ e, AX; \ - ADDQ DX, h; \ - MOVQ e, CX; \ - RORQ $14, AX; \ - MOVQ e, DX; \ - RORQ $18, CX; \ - XORQ CX, AX; \ - MOVQ e, CX; \ - RORQ $41, DX; \ - ANDQ f, CX; \ - XORQ AX, DX; \ - MOVQ e, AX; \ - NOTQ AX; \ - ADDQ DX, h; \ - ANDQ g, AX; \ - XORQ CX, AX; \ - ADDQ h, AX - -// Calculate T2 in BX - uses BX, CX, DX and DI registers. -// T2 = BIGSIGMA0(a) + Maj(a, b, c) -// BIGSIGMA0(x) = ROTR(28,x) XOR ROTR(34,x) XOR ROTR(39,x) -// Maj(x, y, z) = (x AND y) XOR (x AND z) XOR (y AND z) -#define SHA512T2(a, b, c) \ - MOVQ a, DI; \ - MOVQ c, BX; \ - RORQ $28, DI; \ - MOVQ a, DX; \ - ANDQ b, BX; \ - RORQ $34, DX; \ - MOVQ a, CX; \ - ANDQ c, CX; \ - XORQ DX, DI; \ - XORQ CX, BX; \ - MOVQ a, DX; \ - MOVQ b, CX; \ - RORQ $39, DX; \ - ANDQ a, CX; \ - XORQ CX, BX; \ - XORQ DX, DI; \ - ADDQ DI, BX - -// Calculate T1 and T2, then e = d + T1 and a = T1 + T2. -// The values for e and a are stored in d and h, ready for rotation. -#define SHA512ROUND(index, const, a, b, c, d, e, f, g, h) \ - SHA512T1(const, e, f, g, h); \ - SHA512T2(a, b, c); \ - MOVQ BX, h; \ - ADDQ AX, d; \ - ADDQ AX, h - -#define SHA512ROUND0(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE0(index); \ - SHA512ROUND(index, const, a, b, c, d, e, f, g, h) - -#define SHA512ROUND1(index, const, a, b, c, d, e, f, g, h) \ - MSGSCHEDULE1(index); \ - SHA512ROUND(index, const, a, b, c, d, e, f, g, h) - -TEXT ·block(SB),0,$648-32 - MOVQ p_base+8(FP), SI - MOVQ p_len+16(FP), DX - SHRQ $7, DX - SHLQ $7, DX - - LEAQ (SI)(DX*1), DI - MOVQ DI, 640(SP) - CMPQ SI, DI - JEQ end - - MOVQ dig+0(FP), BP - MOVQ (0*8)(BP), R8 // a = H0 - MOVQ (1*8)(BP), R9 // b = H1 - MOVQ (2*8)(BP), R10 // c = H2 - MOVQ (3*8)(BP), R11 // d = H3 - MOVQ (4*8)(BP), R12 // e = H4 - MOVQ (5*8)(BP), R13 // f = H5 - MOVQ (6*8)(BP), R14 // g = H6 - MOVQ (7*8)(BP), R15 // h = H7 - -loop: - MOVQ SP, BP // message schedule - - SHA512ROUND0(0, 0x428a2f98d728ae22, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND0(1, 0x7137449123ef65cd, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND0(2, 0xb5c0fbcfec4d3b2f, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND0(3, 0xe9b5dba58189dbbc, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND0(4, 0x3956c25bf348b538, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND0(5, 0x59f111f1b605d019, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND0(6, 0x923f82a4af194f9b, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND0(7, 0xab1c5ed5da6d8118, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND0(8, 0xd807aa98a3030242, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND0(9, 0x12835b0145706fbe, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND0(10, 0x243185be4ee4b28c, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND0(11, 0x550c7dc3d5ffb4e2, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND0(12, 0x72be5d74f27b896f, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND0(13, 0x80deb1fe3b1696b1, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND0(14, 0x9bdc06a725c71235, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND0(15, 0xc19bf174cf692694, R9, R10, R11, R12, R13, R14, R15, R8) - - SHA512ROUND1(16, 0xe49b69c19ef14ad2, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(17, 0xefbe4786384f25e3, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(18, 0x0fc19dc68b8cd5b5, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(19, 0x240ca1cc77ac9c65, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(20, 0x2de92c6f592b0275, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(21, 0x4a7484aa6ea6e483, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(22, 0x5cb0a9dcbd41fbd4, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(23, 0x76f988da831153b5, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(24, 0x983e5152ee66dfab, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(25, 0xa831c66d2db43210, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(26, 0xb00327c898fb213f, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(27, 0xbf597fc7beef0ee4, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(28, 0xc6e00bf33da88fc2, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(29, 0xd5a79147930aa725, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(30, 0x06ca6351e003826f, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(31, 0x142929670a0e6e70, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(32, 0x27b70a8546d22ffc, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(33, 0x2e1b21385c26c926, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(34, 0x4d2c6dfc5ac42aed, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(35, 0x53380d139d95b3df, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(36, 0x650a73548baf63de, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(37, 0x766a0abb3c77b2a8, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(38, 0x81c2c92e47edaee6, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(39, 0x92722c851482353b, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(40, 0xa2bfe8a14cf10364, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(41, 0xa81a664bbc423001, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(42, 0xc24b8b70d0f89791, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(43, 0xc76c51a30654be30, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(44, 0xd192e819d6ef5218, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(45, 0xd69906245565a910, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(46, 0xf40e35855771202a, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(47, 0x106aa07032bbd1b8, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(48, 0x19a4c116b8d2d0c8, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(49, 0x1e376c085141ab53, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(50, 0x2748774cdf8eeb99, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(51, 0x34b0bcb5e19b48a8, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(52, 0x391c0cb3c5c95a63, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(53, 0x4ed8aa4ae3418acb, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(54, 0x5b9cca4f7763e373, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(55, 0x682e6ff3d6b2b8a3, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(56, 0x748f82ee5defb2fc, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(57, 0x78a5636f43172f60, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(58, 0x84c87814a1f0ab72, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(59, 0x8cc702081a6439ec, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(60, 0x90befffa23631e28, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(61, 0xa4506cebde82bde9, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(62, 0xbef9a3f7b2c67915, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(63, 0xc67178f2e372532b, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(64, 0xca273eceea26619c, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(65, 0xd186b8c721c0c207, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(66, 0xeada7dd6cde0eb1e, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(67, 0xf57d4f7fee6ed178, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(68, 0x06f067aa72176fba, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(69, 0x0a637dc5a2c898a6, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(70, 0x113f9804bef90dae, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(71, 0x1b710b35131c471b, R9, R10, R11, R12, R13, R14, R15, R8) - SHA512ROUND1(72, 0x28db77f523047d84, R8, R9, R10, R11, R12, R13, R14, R15) - SHA512ROUND1(73, 0x32caab7b40c72493, R15, R8, R9, R10, R11, R12, R13, R14) - SHA512ROUND1(74, 0x3c9ebe0a15c9bebc, R14, R15, R8, R9, R10, R11, R12, R13) - SHA512ROUND1(75, 0x431d67c49c100d4c, R13, R14, R15, R8, R9, R10, R11, R12) - SHA512ROUND1(76, 0x4cc5d4becb3e42b6, R12, R13, R14, R15, R8, R9, R10, R11) - SHA512ROUND1(77, 0x597f299cfc657e2a, R11, R12, R13, R14, R15, R8, R9, R10) - SHA512ROUND1(78, 0x5fcb6fab3ad6faec, R10, R11, R12, R13, R14, R15, R8, R9) - SHA512ROUND1(79, 0x6c44198c4a475817, R9, R10, R11, R12, R13, R14, R15, R8) - - MOVQ dig+0(FP), BP - ADDQ (0*8)(BP), R8 // H0 = a + H0 - MOVQ R8, (0*8)(BP) - ADDQ (1*8)(BP), R9 // H1 = b + H1 - MOVQ R9, (1*8)(BP) - ADDQ (2*8)(BP), R10 // H2 = c + H2 - MOVQ R10, (2*8)(BP) - ADDQ (3*8)(BP), R11 // H3 = d + H3 - MOVQ R11, (3*8)(BP) - ADDQ (4*8)(BP), R12 // H4 = e + H4 - MOVQ R12, (4*8)(BP) - ADDQ (5*8)(BP), R13 // H5 = f + H5 - MOVQ R13, (5*8)(BP) - ADDQ (6*8)(BP), R14 // H6 = g + H6 - MOVQ R14, (6*8)(BP) - ADDQ (7*8)(BP), R15 // H7 = h + H7 - MOVQ R15, (7*8)(BP) - - ADDQ $128, SI - CMPQ SI, 640(SP) - JB loop - -end: - RET diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block_decl.go b/vendor/github.com/stevvooe/resumable/sha512/sha512block_decl.go deleted file mode 100644 index 8194506b..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block_decl.go +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build amd64 s390x ppc64le - -package sha512 - -//go:noescape - -func block(dig *digest, p []byte) diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block_generic.go b/vendor/github.com/stevvooe/resumable/sha512/sha512block_generic.go deleted file mode 100644 index 08f2e071..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block_generic.go +++ /dev/null @@ -1,9 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !amd64,!s390x,!ppc64le - -package sha512 - -var block = blockGeneric diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.go b/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.go deleted file mode 100644 index f05dc18e..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package sha512 - -// featureCheck reports whether the CPU supports the -// SHA512 compute intermediate message digest (KIMD) -// function code. -func featureCheck() bool - -var useAsm = featureCheck() diff --git a/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.s b/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.s deleted file mode 100644 index aab81e2b..00000000 --- a/vendor/github.com/stevvooe/resumable/sha512/sha512block_s390x.s +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -#include "textflag.h" - -// func featureCheck() bool -TEXT ·featureCheck(SB),NOSPLIT,$16-1 - LA tmp-16(SP), R1 - XOR R0, R0 // query function code is 0 - WORD $0xB93E0006 // KIMD (R6 is ignored) - MOVBZ tmp-16(SP), R4 // get the first byte - AND $0x10, R4 // bit 3 (big endian) for SHA512 - CMPBEQ R4, $0, nosha512 - MOVB $1, ret+0(FP) - RET -nosha512: - MOVB $0, ret+0(FP) - RET - -// func block(dig *digest, p []byte) -TEXT ·block(SB),NOSPLIT,$0-32 - MOVBZ ·useAsm(SB), R4 - LMG dig+0(FP), R1, R3 // R2 = &p[0], R3 = len(p) - CMPBNE R4, $1, generic - MOVBZ $3, R0 // SHA512 function code -loop: - WORD $0xB93E0002 // KIMD R2 - BVS loop // continue if interrupted -done: - XOR R0, R0 // restore R0 - RET -generic: - BR ·blockGeneric(SB)