diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2020-09-12 10:25:21 +0200 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2020-09-12 19:37:22 +0200 |
| commit | 2325920519e459cbd3dbccc0a29778aae3d7b36e (patch) | |
| tree | ce435b81d24c5315d550e500d0b5f28ce2e29257 | |
| parent | 15b4c8173bdde846e550a78b4da66d5426e5cf2e (diff) | |
| download | nettle-2325920519e459cbd3dbccc0a29778aae3d7b36e.tar.gz | |
Use default m4 quote character in asm files, part 1
Update shared m4 files and x86_64.
46 files changed, 1052 insertions, 1060 deletions
@@ -1,79 +1,77 @@ divert(-1) -changequote(<,>)dnl -dnl (progn (modify-syntax-entry ?< "(>") (modify-syntax-entry ?> ")<") ) dnl FORTRAN style comment character -define(<C>, < -dnl>)dnl +define(`C', ` +dnl')dnl dnl Disable m4 comment processing, since the default, #, is used for dnl constants on some architectures, in particular ARM. changecom()dnl dnl Including files from the srcdir -define(<include_src>, <include(srcdir/$1)>)dnl +define(`include_src', `include(srcdir/$1)')dnl dnl default definition, changed in fat builds -define(<fat_transform>, <$1>) -define(<C_NAME>, <SYMBOL_PREFIX<>fat_transform($1)>) +define(`fat_transform', `$1') +define(`C_NAME', `SYMBOL_PREFIX`'fat_transform($1)') dnl Pseudo ops -define(<DECLARE_FUNC>, -<ifelse(ELF_STYLE,yes, -<.type $1,TYPE_FUNCTION>, +define(`DECLARE_FUNC', +`ifelse(ELF_STYLE,yes, +`.type $1,TYPE_FUNCTION', COFF_STYLE, yes, -<.def $1 +`.def $1 .scl 2 .type 32 -.endef>, -<>)>) +.endef', +`')') -define(<GMP_NUMB_BITS>,<>)dnl +define(`GMP_NUMB_BITS',`')dnl -define(<PROLOGUE>, -<.globl C_NAME($1) +define(`PROLOGUE', +`.globl C_NAME($1) DECLARE_FUNC(C_NAME($1)) -C_NAME($1): ASM_X86_ENDBR>) +C_NAME($1): ASM_X86_ENDBR') -define(<EPILOGUE>, -<ifelse(ELF_STYLE,yes, -<.size C_NAME($1), . - C_NAME($1)>,<>)>) +define(`EPILOGUE', +`ifelse(ELF_STYLE,yes, +`.size C_NAME($1), . - C_NAME($1)',`')') -define(<m4_log2>, <m4_log2_internal($1,1,0)>) -define(<m4_log2_internal>, -<ifelse($3, 10, <not-a-power-of-two>, +define(`m4_log2', `m4_log2_internal($1,1,0)') +define(`m4_log2_internal', +`ifelse($3, 10, `not-a-power-of-two', $1, $2, $3, -<m4_log2_internal($1, eval(2*$2), eval(1 + $3))>)>) +`m4_log2_internal($1, eval(2*$2), eval(1 + $3))')') dnl Argument to ALIGN is always in bytes, and converted to a dnl logarithmic .align if necessary. -define(<ALIGN>, -<.align ifelse(ALIGN_LOG,yes,<m4_log2($1)>,$1) ->) +define(`ALIGN', +`.align ifelse(ALIGN_LOG,yes,`m4_log2($1)',$1) +') -define(<IF_BE>, <ifelse( -WORDS_BIGENDIAN,yes,<$1>, -WORDS_BIGENDIAN,no,<$2>, -<errprint(<Unsupported endianness value>,WORDS_BIGENDIAN,< ->) - m4exit(1)>)>) -define(<IF_LE>, <IF_BE(<$2>, <$1>)>) +define(`IF_BE', `ifelse( +WORDS_BIGENDIAN,yes,`$1', +WORDS_BIGENDIAN,no,`$2', +`errprint(`Unsupported endianness value',WORDS_BIGENDIAN,` +') + m4exit(1)')') +define(`IF_LE', `IF_BE(`$2', `$1')') dnl Struct defining macros dnl STRUCTURE(prefix) -define(<STRUCTURE>, <define(<SOFFSET>, 0)define(<SPREFIX>, <$1>)>)dnl +define(`STRUCTURE', `define(`SOFFSET', 0)define(`SPREFIX', `$1')')dnl dnl STRUCT(name, size) -define(<STRUCT>, -<define(SPREFIX<_>$1, SOFFSET)dnl - define(<SOFFSET>, eval(SOFFSET + ($2)))>)dnl +define(`STRUCT', +`define(SPREFIX`_'$1, SOFFSET)dnl + define(`SOFFSET', eval(SOFFSET + ($2)))')dnl dnl UCHAR(name) -define(<UCHAR>, <STRUCT(<$1>, 1)>)dnl +define(`UCHAR', `STRUCT(`$1', 1)')dnl dnl UNSIGNED(name) -define(<UNSIGNED>, <STRUCT(<$1>, 4)>)dnl +define(`UNSIGNED', `STRUCT(`$1', 4)')dnl dnl Offsets in arcfour_ctx STRUCTURE(ARCFOUR) diff --git a/config.m4.in b/config.m4.in index f7f5f283..f9b7ece4 100644 --- a/config.m4.in +++ b/config.m4.in @@ -1,15 +1,15 @@ -define(<srcdir>, <<@srcdir@>>)dnl -define(<SYMBOL_PREFIX>, <@ASM_SYMBOL_PREFIX@><$1>)dnl -define(<ELF_STYLE>, <@ASM_ELF_STYLE@>)dnl -define(<COFF_STYLE>, <@ASM_COFF_STYLE@>)dnl -define(<TYPE_FUNCTION>, <@ASM_TYPE_FUNCTION@>)dnl -define(<TYPE_PROGBITS>, <@ASM_TYPE_PROGBITS@>)dnl -define(<ALIGN_LOG>, <@ASM_ALIGN_LOG@>)dnl -define(<W64_ABI>, <@W64_ABI@>)dnl -define(<RODATA>, <@ASM_RODATA@>)dnl -define(<WORDS_BIGENDIAN>, <@ASM_WORDS_BIGENDIAN@>)dnl -define(<ASM_X86_ENDBR>,<@ASM_X86_ENDBR@>)dnl -define(<ASM_X86_MARK_CET_ALIGN>,<@ASM_X86_MARK_CET_ALIGN@>)dnl +define(`srcdir', ``@srcdir@'')dnl +define(`SYMBOL_PREFIX', `@ASM_SYMBOL_PREFIX@'`$1')dnl +define(`ELF_STYLE', `@ASM_ELF_STYLE@')dnl +define(`COFF_STYLE', `@ASM_COFF_STYLE@')dnl +define(`TYPE_FUNCTION', `@ASM_TYPE_FUNCTION@')dnl +define(`TYPE_PROGBITS', `@ASM_TYPE_PROGBITS@')dnl +define(`ALIGN_LOG', `@ASM_ALIGN_LOG@')dnl +define(`W64_ABI', `@W64_ABI@')dnl +define(`RODATA', `@ASM_RODATA@')dnl +define(`WORDS_BIGENDIAN', `@ASM_WORDS_BIGENDIAN@')dnl +define(`ASM_X86_ENDBR',`@ASM_X86_ENDBR@')dnl +define(`ASM_X86_MARK_CET_ALIGN',`@ASM_X86_MARK_CET_ALIGN@')dnl divert(1) @ASM_X86_MARK_CET@ @ASM_MARK_NOEXEC_STACK@ diff --git a/x86_64/aes-decrypt-internal.asm b/x86_64/aes-decrypt-internal.asm index 43f2f394..d3bedc25 100644 --- a/x86_64/aes-decrypt-internal.asm +++ b/x86_64/aes-decrypt-internal.asm @@ -1,6 +1,6 @@ C x86_64/aes-decrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2001, 2002, 2005, Rafael R. Sevilla, Niels Möller Copyright (C) 2008, 2013 Niels Möller @@ -29,37 +29,37 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -include_src(<x86_64/aes.m4>) +include_src(`x86_64/aes.m4') C Register usage: C AES state, use two of them -define(<SA>,<%eax>) -define(<SB>,<%ebx>) -define(<SC>,<%ecx>) -define(<SD>,<%edx>) +define(`SA',`%eax') +define(`SB',`%ebx') +define(`SC',`%ecx') +define(`SD',`%edx') -define(<TA>,<%r10d>) -define(<TB>,<%r11d>) -define(<TC>,<%r12d>) +define(`TA',`%r10d') +define(`TB',`%r11d') +define(`TC',`%r12d') C Input argument -define(<ROUNDS>, <%rdi>) -define(<KEYS>, <%rsi>) -define(<PARAM_TABLE>, <%rdx>) -define(<PARAM_LENGTH>,<%rcx>) -define(<DST>, <%r8>) -define(<SRC>, <%r9>) +define(`ROUNDS', `%rdi') +define(`KEYS', `%rsi') +define(`PARAM_TABLE', `%rdx') +define(`PARAM_LENGTH',`%rcx') +define(`DST', `%r8') +define(`SRC', `%r9') -define(<TABLE>, <%r13>) -define(<LENGTH>,<%r14>) -define(<KEY>, <%r15>) +define(`TABLE', `%r13') +define(`LENGTH',`%r14') +define(`KEY', `%r15') C Must correspond to an old-style register, for movzb from %ah--%dh to C work. -define(<TMP>,<%rbp>) +define(`TMP',`%rbp') .file "aes-decrypt-internal.asm" diff --git a/x86_64/aes-encrypt-internal.asm b/x86_64/aes-encrypt-internal.asm index dfb498f5..17d11917 100644 --- a/x86_64/aes-encrypt-internal.asm +++ b/x86_64/aes-encrypt-internal.asm @@ -1,7 +1,7 @@ C x86_64/aes-encrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2001, 2002, 2005, Rafael R. Sevilla, Niels Möller Copyright (C) 2008, 2013 Niels Möller @@ -30,37 +30,37 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -include_src(<x86_64/aes.m4>) +include_src(`x86_64/aes.m4') C Register usage: C AES state, use two of them -define(<SA>,<%eax>) -define(<SB>,<%ebx>) -define(<SC>,<%ecx>) -define(<SD>,<%edx>) +define(`SA',`%eax') +define(`SB',`%ebx') +define(`SC',`%ecx') +define(`SD',`%edx') -define(<TA>,<%r10d>) -define(<TB>,<%r11d>) -define(<TC>,<%r12d>) +define(`TA',`%r10d') +define(`TB',`%r11d') +define(`TC',`%r12d') C Input argument -define(<ROUNDS>, <%rdi>) -define(<KEYS>, <%rsi>) -define(<PARAM_TABLE>, <%rdx>) -define(<PARAM_LENGTH>,<%rcx>) -define(<DST>, <%r8>) -define(<SRC>, <%r9>) +define(`ROUNDS', `%rdi') +define(`KEYS', `%rsi') +define(`PARAM_TABLE', `%rdx') +define(`PARAM_LENGTH',`%rcx') +define(`DST', `%r8') +define(`SRC', `%r9') -define(<TABLE>, <%r13>) -define(<LENGTH>,<%r14>) -define(<KEY>, <%r15>) +define(`TABLE', `%r13') +define(`LENGTH',`%r14') +define(`KEY', `%r15') C Must correspond to an old-style register, for movzb from %ah--%dh to C work. -define(<TMP>,<%rbp>) +define(`TMP',`%rbp') .file "aes-encrypt-internal.asm" diff --git a/x86_64/aes.m4 b/x86_64/aes.m4 index 8034f779..3bec9eae 100644 --- a/x86_64/aes.m4 +++ b/x86_64/aes.m4 @@ -1,5 +1,5 @@ dnl LREG(reg) gives the 8-bit register corresponding to the given 32-bit register. -define(<LREG>,<ifelse( +define(`LREG',`ifelse( $1, %eax, %al, $1, %ebx, %bl, $1, %ecx, %cl, @@ -15,16 +15,16 @@ define(<LREG>,<ifelse( $1, %r12d, %r12b, $1, %r13d, %r13b, $1, %r14d, %r14b, - $1, %r15d, %r15b)>)dnl + $1, %r15d, %r15b)')dnl -define(<HREG>,<ifelse( +define(`HREG',`ifelse( $1, %eax, %ah, $1, %ebx, %bh, $1, %ecx, %ch, $1, %edx, %dh, - error)>) + error)') -define(<XREG>,<ifelse( +define(`XREG',`ifelse( $1, %rax, %eax, $1, %rbx, %ebx, $1, %rcx, %ecx, @@ -40,14 +40,14 @@ define(<XREG>,<ifelse( $1, %r12,%r12d, $1, %r13,%r13d, $1, %r14,%r14d, - $1, %r15,%r15d)>)dnl + $1, %r15,%r15d)')dnl dnl AES_LOAD(a, b, c, d, src, key) dnl Loads the next block of data from src, and add the subkey pointed dnl to by key. dnl Note that x86 allows unaligned accesses. dnl Would it be preferable to interleave the loads and stores? -define(<AES_LOAD>, < +define(`AES_LOAD', ` movl ($5),$1 movl 4($5),$2 movl 8($5),$3 @@ -56,14 +56,14 @@ define(<AES_LOAD>, < xorl ($6),$1 xorl 4($6),$2 xorl 8($6),$3 - xorl 12($6),$4>)dnl + xorl 12($6),$4')dnl dnl AES_STORE(a, b, c, d, key, dst) dnl Adds the subkey to a, b, c, d, dnl and stores the result in the area pointed to by dst. dnl Note that x86 allows unaligned accesses. dnl Would it be preferable to interleave the loads and stores? -define(<AES_STORE>, < +define(`AES_STORE', ` xorl ($5),$1 xorl 4($5),$2 xorl 8($5),$3 @@ -72,59 +72,59 @@ define(<AES_STORE>, < movl $1,($6) movl $2,4($6) movl $3,8($6) - movl $4,12($6)>)dnl + movl $4,12($6)')dnl dnl AES_ROUND(table,a,b,c,d,out,ptr) dnl Computes one word of the AES round. Leaves result in $6. -define(<AES_ROUND>, < +define(`AES_ROUND', ` movzb LREG($2), $7 movl AES_TABLE0 ($1, $7, 4),$6 movzb HREG($3), XREG($7) xorl AES_TABLE1 ($1, $7, 4),$6 movl $4,XREG($7) - shr <$>16,$7 - and <$>0xff,$7 + shr `$'16,$7 + and `$'0xff,$7 xorl AES_TABLE2 ($1, $7, 4),$6 movl $5,XREG($7) - shr <$>24,$7 - xorl AES_TABLE3 ($1, $7, 4),$6>)dnl + shr `$'24,$7 + xorl AES_TABLE3 ($1, $7, 4),$6')dnl dnl AES_FINAL_ROUND(a, b, c, d, table, out, tmp) dnl Computes one word of the final round. Leaves result in $6. Also dnl performs the first substitution step, on the least significant dnl byte, and rotates 8 bits. -define(<AES_FINAL_ROUND>, < +define(`AES_FINAL_ROUND', ` movzb LREG($1),$7 movzbl ($5, $7), $6 movl $2,XREG($7) - andl <$>0x0000ff00,XREG($7) + andl `$'0x0000ff00,XREG($7) orl XREG($7), $6 movl $3,XREG($7) - andl <$>0x00ff0000,XREG($7) + andl `$'0x00ff0000,XREG($7) orl XREG($7), $6 movl $4,XREG($7) - andl <$>0xff000000,XREG($7) + andl `$'0xff000000,XREG($7) orl XREG($7), $6 - roll <$>8, $6>)dnl + roll `$'8, $6')dnl dnl AES_SUBST_BYTE(A, B, C, D, table, tmp) dnl Substitutes the least significant byte of dnl each of eax, ebx, ecx and edx, and also rotates dnl the words one byte to the left. dnl Uses that AES_SBOX == 0 -define(<AES_SUBST_BYTE>, < +define(`AES_SUBST_BYTE', ` movzb LREG($1),$6 movb ($5, $6),LREG($1) - roll <$>8,$1 + roll `$'8,$1 movzb LREG($2),$6 movb ($5, $6),LREG($2) - roll <$>8,$2 + roll `$'8,$2 movzb LREG($3),$6 movb ($5, $6),LREG($3) - roll <$>8,$3 + roll `$'8,$3 movzb LREG($4),$6 movb ($5, $6),LREG($4) - roll <$>8,$4>)dnl + roll `$'8,$4')dnl diff --git a/x86_64/aesni/aes-decrypt-internal.asm b/x86_64/aesni/aes-decrypt-internal.asm index 3d6d6e30..ee960260 100644 --- a/x86_64/aesni/aes-decrypt-internal.asm +++ b/x86_64/aesni/aes-decrypt-internal.asm @@ -1,7 +1,7 @@ C x86_64/aesni/aes-decrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2015, 2018 Niels Möller This file is part of GNU Nettle. @@ -29,32 +29,32 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Input argument -define(<ROUNDS>, <%rdi>) -define(<KEYS>, <%rsi>) -C define(<TABLE>, <%rdx>) C Unused here -define(<LENGTH>,<%rcx>) -define(<DST>, <%r8>) -define(<SRC>, <%r9>) - -define(<KEY0>, <%xmm0>) -define(<KEY1>, <%xmm1>) -define(<KEY2>, <%xmm2>) -define(<KEY3>, <%xmm3>) -define(<KEY4>, <%xmm4>) -define(<KEY5>, <%xmm5>) -define(<KEY6>, <%xmm6>) -define(<KEY7>, <%xmm7>) -define(<KEY8>, <%xmm8>) -define(<KEY9>, <%xmm9>) -define(<KEY10>, <%xmm10>) -define(<KEY11>, <%xmm11>) -define(<KEY12>, <%xmm12>) -define(<KEY13>, <%xmm13>) -define(<KEYLAST>, <%xmm14>) -define(<BLOCK>, <%xmm15>) +define(`ROUNDS', `%rdi') +define(`KEYS', `%rsi') +C define(`TABLE', `%rdx') C Unused here +define(`LENGTH',`%rcx') +define(`DST', `%r8') +define(`SRC', `%r9') + +define(`KEY0', `%xmm0') +define(`KEY1', `%xmm1') +define(`KEY2', `%xmm2') +define(`KEY3', `%xmm3') +define(`KEY4', `%xmm4') +define(`KEY5', `%xmm5') +define(`KEY6', `%xmm6') +define(`KEY7', `%xmm7') +define(`KEY8', `%xmm8') +define(`KEY9', `%xmm9') +define(`KEY10', `%xmm10') +define(`KEY11', `%xmm11') +define(`KEY12', `%xmm12') +define(`KEY13', `%xmm13') +define(`KEYLAST', `%xmm14') +define(`BLOCK', `%xmm15') .file "aes-decrypt-internal.asm" diff --git a/x86_64/aesni/aes-encrypt-internal.asm b/x86_64/aesni/aes-encrypt-internal.asm index 99caf1f8..36ed6df6 100644 --- a/x86_64/aesni/aes-encrypt-internal.asm +++ b/x86_64/aesni/aes-encrypt-internal.asm @@ -1,7 +1,7 @@ C x86_64/aesni/aes-encrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2015, 2018 Niels Möller This file is part of GNU Nettle. @@ -29,32 +29,32 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Input argument -define(<ROUNDS>, <%rdi>) -define(<KEYS>, <%rsi>) -C define(<TABLE>, <%rdx>) C Unused here -define(<LENGTH>,<%rcx>) -define(<DST>, <%r8>) -define(<SRC>, <%r9>) - -define(<KEY0>, <%xmm0>) -define(<KEY1>, <%xmm1>) -define(<KEY2>, <%xmm2>) -define(<KEY3>, <%xmm3>) -define(<KEY4>, <%xmm4>) -define(<KEY5>, <%xmm5>) -define(<KEY6>, <%xmm6>) -define(<KEY7>, <%xmm7>) -define(<KEY8>, <%xmm8>) -define(<KEY9>, <%xmm9>) -define(<KEY10>, <%xmm10>) -define(<KEY11>, <%xmm11>) -define(<KEY12>, <%xmm12>) -define(<KEY13>, <%xmm13>) -define(<KEYLAST>, <%xmm14>) -define(<BLOCK>, <%xmm15>) +define(`ROUNDS', `%rdi') +define(`KEYS', `%rsi') +C define(`TABLE', `%rdx') C Unused here +define(`LENGTH',`%rcx') +define(`DST', `%r8') +define(`SRC', `%r9') + +define(`KEY0', `%xmm0') +define(`KEY1', `%xmm1') +define(`KEY2', `%xmm2') +define(`KEY3', `%xmm3') +define(`KEY4', `%xmm4') +define(`KEY5', `%xmm5') +define(`KEY6', `%xmm6') +define(`KEY7', `%xmm7') +define(`KEY8', `%xmm8') +define(`KEY9', `%xmm9') +define(`KEY10', `%xmm10') +define(`KEY11', `%xmm11') +define(`KEY12', `%xmm12') +define(`KEY13', `%xmm13') +define(`KEYLAST', `%xmm14') +define(`BLOCK', `%xmm15') .file "aes-encrypt-internal.asm" diff --git a/x86_64/camellia-crypt-internal.asm b/x86_64/camellia-crypt-internal.asm index 040e030f..cb057438 100644 --- a/x86_64/camellia-crypt-internal.asm +++ b/x86_64/camellia-crypt-internal.asm @@ -1,6 +1,6 @@ C x86_64/camellia-crypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2010, Niels Möller This file is part of GNU Nettle. @@ -28,7 +28,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Performance, cycles per block C @@ -39,94 +39,94 @@ C Camellia-256 543 461 C Register usage: -define(<NKEYS>, <%rdi>) -define(<KEYS>, <%rsi>) -define(<TABLE>, <%rdx>) -define(<LENGTH>, <%rcx>) -define(<DST>, <%r8>) -define(<SRC>, <%r9>) +define(`NKEYS', `%rdi') +define(`KEYS', `%rsi') +define(`TABLE', `%rdx') +define(`LENGTH', `%rcx') +define(`DST', `%r8') +define(`SRC', `%r9') C Camellia state -define(<I0>, <%rax>) -define(<I1>, <%rbx>) C callee-save -define(<KEY>, <%r13>) C callee-save -define(<TMP>, <%rbp>) C callee-save -define(<CNT>, <%r10>) -define(<IL>, <%r11>) -define(<IR>, <%r12>) C callee-save - -define(<SP1110>, <(TABLE,$1,4)>) -define(<SP0222>, <1024(TABLE,$1,4)>) -define(<SP3033>, <2048(TABLE,$1,4)>) -define(<SP4404>, <3072(TABLE,$1,4)>) +define(`I0', `%rax') +define(`I1', `%rbx') C callee-save +define(`KEY', `%r13') C callee-save +define(`TMP', `%rbp') C callee-save +define(`CNT', `%r10') +define(`IL', `%r11') +define(`IR', `%r12') C callee-save + +define(`SP1110', `(TABLE,$1,4)') +define(`SP0222', `1024(TABLE,$1,4)') +define(`SP3033', `2048(TABLE,$1,4)') +define(`SP4404', `3072(TABLE,$1,4)') C ROUND(x, y, key-offset) -define(<ROUND>, < +define(`ROUND', ` C Byte 0,1 movzbl LREG($1), XREG(TMP) movl SP1110(TMP), XREG(IR) movzbl HREG($1), XREG(TMP) xorl SP4404(TMP), XREG(IR) - ror <$>32, $1 + ror `$'32, $1 C Byte 4,5 movzbl LREG($1), XREG(TMP) movl SP4404(TMP), XREG(IL) movzbl HREG($1), XREG(TMP) xorl SP3033(TMP), XREG(IL) - rol <$>16, $1 + rol `$'16, $1 C Byte 2,3 movzbl LREG($1), XREG(TMP) xorl SP3033(TMP), XREG(IR) movzbl HREG($1), XREG(TMP) xorl SP0222(TMP), XREG(IR) - ror <$>32, $1 + ror `$'32, $1 C Byte 6,7 movzbl LREG($1), XREG(TMP) xorl SP0222(TMP), XREG(IL) movzbl HREG($1), XREG(TMP) xorl SP1110(TMP), XREG(IL) - ror <$>16, $1 + ror `$'16, $1 C 76543210 xorl XREG(IL), XREG(IR) - rorl <$>8, XREG(IL) + rorl `$'8, XREG(IL) xorl XREG(IR), XREG(IL) - shl <$>32, IR + shl `$'32, IR or IL, IR xor $3(KEY), $2 xor IR, $2 ->) +') C FL(x, key-offset) -define(<FL>, < +define(`FL', ` mov $1, TMP - shr <$>32, TMP + shr `$'32, TMP andl $2 + 4(KEY), XREG(TMP) - roll <$>1, XREG(TMP) + roll `$'1, XREG(TMP) C xorl XREG(TMP), XREG($1) xor TMP, $1 movl $2(KEY), XREG(TMP) orl XREG($1), XREG(TMP) - shl <$>32, TMP + shl `$'32, TMP xor TMP, $1 ->) +') C FLINV(x0, key-offset) -define(<FLINV>, < +define(`FLINV', ` movl $2(KEY), XREG(TMP) orl XREG($1), XREG(TMP) - shl <$>32, TMP + shl `$'32, TMP xor TMP, $1 mov $1, TMP - shr <$>32, TMP + shr `$'32, TMP andl $2 + 4(KEY), XREG(TMP) - roll <$>1, XREG(TMP) + roll `$'1, XREG(TMP) C xorl XREG(TMP), XREG($1) xor TMP, $1 ->) +') .file "camellia-crypt-internal.asm" diff --git a/x86_64/chacha-core-internal.asm b/x86_64/chacha-core-internal.asm index 0c6f7424..65ece276 100644 --- a/x86_64/chacha-core-internal.asm +++ b/x86_64/chacha-core-internal.asm @@ -1,6 +1,6 @@ C x86_64/chacha-core-internal.asm -ifelse(< +ifelse(` Copyright (C) 2012, 2014 Niels Möller This file is part of GNU Nettle. @@ -28,34 +28,34 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<DST>, <%rdi>) -define(<SRC>, <%rsi>) -define(<COUNT>, <%rdx>) -define(<X0>, <%xmm0>) -define(<X1>, <%xmm1>) -define(<X2>, <%xmm2>) -define(<X3>, <%xmm3>) -define(<T0>, <%xmm4>) -define(<T1>, <%xmm5>) +define(`DST', `%rdi') +define(`SRC', `%rsi') +define(`COUNT', `%rdx') +define(`X0', `%xmm0') +define(`X1', `%xmm1') +define(`X2', `%xmm2') +define(`X3', `%xmm3') +define(`T0', `%xmm4') +define(`T1', `%xmm5') -define(<USE_PSHUFW>, <yes>) +define(`USE_PSHUFW', `yes') C ROTL_BY_16(REG, TMP) -ifelse(USE_PSHUFW, <yes>, < -define(<ROTL_BY_16>, < - pshufhw <$>0xb1, $1, $1 - pshuflw <$>0xb1, $1, $1 ->)>, < -define(<ROTL_BY_16>, < - pslld <$>16, $1 - psrld <$>16, $2 +ifelse(USE_PSHUFW, `yes', ` +define(`ROTL_BY_16', ` + pshufhw `$'0xb1, $1, $1 + pshuflw `$'0xb1, $1, $1 +')', ` +define(`ROTL_BY_16', ` + pslld `$'16, $1 + psrld `$'16, $2 por $2, $1 ->) ->) +') +') C QROUND(x0, x1, x2, x3) -define(<QROUND>, < +define(`QROUND', ` paddd $2, $1 pxor $1, $4 movaps $4, T0 @@ -64,24 +64,24 @@ define(<QROUND>, < paddd $4, $3 pxor $3, $2 movaps $2, T0 - pslld <$>12, $2 - psrld <$>20, T0 + pslld `$'12, $2 + psrld `$'20, T0 por T0, $2 paddd $2, $1 pxor $1, $4 movaps $4, T0 - pslld <$>8, $4 - psrld <$>24, T0 + pslld `$'8, $4 + psrld `$'24, T0 por T0, $4 paddd $4, $3 pxor $3, $2 movaps $2, T0 - pslld <$>7, $2 - psrld <$>25, T0 + pslld `$'7, $2 + psrld `$'25, T0 por T0, $2 ->) +') C _chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds) .text diff --git a/x86_64/ecc-curve25519-modp.asm b/x86_64/ecc-curve25519-modp.asm index 44dce6df..713fbf3b 100644 --- a/x86_64/ecc-curve25519-modp.asm +++ b/x86_64/ecc-curve25519-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-25519-modp.asm -ifelse(< +ifelse(` Copyright (C) 2014 Niels Möller This file is part of GNU Nettle. @@ -28,18 +28,18 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-25519-modp.asm" -define(<RP>, <%rsi>) -define(<U0>, <%rdi>) C Overlaps unused modulo input -define(<U1>, <%rcx>) -define(<U2>, <%r8>) -define(<U3>, <%r9>) -define(<T0>, <%r10>) -define(<T1>, <%r11>) -define(<M>, <%rbx>) +define(`RP', `%rsi') +define(`U0', `%rdi') C Overlaps unused modulo input +define(`U1', `%rcx') +define(`U2', `%r8') +define(`U3', `%r9') +define(`T0', `%r10') +define(`T1', `%r11') +define(`M', `%rbx') PROLOGUE(_nettle_ecc_curve25519_modp) W64_ENTRY(2, 0) diff --git a/x86_64/ecc-curve448-modp.asm b/x86_64/ecc-curve448-modp.asm index ea2e7886..52ec4b7d 100644 --- a/x86_64/ecc-curve448-modp.asm +++ b/x86_64/ecc-curve448-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-curve448-modp.asm -ifelse(< +ifelse(` Copyright (C) 2019 Niels Möller This file is part of GNU Nettle. @@ -28,22 +28,22 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-curve448-modp.asm" -define(<RP>, <%rsi>) -define(<X0>, <%rax>) -define(<X1>, <%rbx>) -define(<X2>, <%rcx>) -define(<X3>, <%rdx>) -define(<X4>, <%rbp>) -define(<X5>, <%rdi>) -define(<X6>, <%r8>) -define(<X7>, <%r9>) -define(<T0>, <%r10>) -define(<T1>, <%r11>) -define(<T2>, <%r12>) +define(`RP', `%rsi') +define(`X0', `%rax') +define(`X1', `%rbx') +define(`X2', `%rcx') +define(`X3', `%rdx') +define(`X4', `%rbp') +define(`X5', `%rdi') +define(`X6', `%r8') +define(`X7', `%r9') +define(`T0', `%r10') +define(`T1', `%r11') +define(`T2', `%r12') PROLOGUE(_nettle_ecc_curve448_modp) W64_ENTRY(2, 0) diff --git a/x86_64/ecc-secp192r1-modp.asm b/x86_64/ecc-secp192r1-modp.asm index 3a008130..8cdab01d 100644 --- a/x86_64/ecc-secp192r1-modp.asm +++ b/x86_64/ecc-secp192r1-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-secp192r1-modp.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,18 +28,18 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-secp192r1-modp.asm" -define(<RP>, <%rsi>) -define(<T0>, <%rdi>) C Overlaps unused modulo input -define(<T1>, <%rcx>) -define(<T2>, <%rdx>) -define(<T3>, <%r8>) -define(<H>, <%r9>) -define(<C1>, <%r10>) -define(<C2>, <%r11>) +define(`RP', `%rsi') +define(`T0', `%rdi') C Overlaps unused modulo input +define(`T1', `%rcx') +define(`T2', `%rdx') +define(`T3', `%r8') +define(`H', `%r9') +define(`C1', `%r10') +define(`C2', `%r11') C ecc_secp192r1_modp (const struct ecc_modulo *m, mp_limb_t *rp) .text diff --git a/x86_64/ecc-secp224r1-modp.asm b/x86_64/ecc-secp224r1-modp.asm index dfa85a8d..34ab52f4 100644 --- a/x86_64/ecc-secp224r1-modp.asm +++ b/x86_64/ecc-secp224r1-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-secp224r1-modp.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,21 +28,21 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-secp224r1-modp.asm" GMP_NUMB_BITS(64) -define(<RP>, <%rsi>) -define(<T0>, <%rdi>) C Overlaps unused modulo input -define(<T1>, <%rcx>) -define(<H0>, <%rax>) -define(<H1>, <%rdx>) -define(<H2>, <%r8>) -define(<F0>, <%r9>) -define(<F1>, <%r10>) -define(<F2>, <%r11>) +define(`RP', `%rsi') +define(`T0', `%rdi') C Overlaps unused modulo input +define(`T1', `%rcx') +define(`H0', `%rax') +define(`H1', `%rdx') +define(`H2', `%r8') +define(`F0', `%r9') +define(`F1', `%r10') +define(`F2', `%r11') C ecc_secp224r1_modp (const struct ecc_modulo *m, mp_limb_t *rp) PROLOGUE(_nettle_ecc_secp224r1_modp) diff --git a/x86_64/ecc-secp256r1-redc.asm b/x86_64/ecc-secp256r1-redc.asm index 67da065b..38f12b22 100644 --- a/x86_64/ecc-secp256r1-redc.asm +++ b/x86_64/ecc-secp256r1-redc.asm @@ -1,6 +1,6 @@ C x86_64/ecc-secp256r1-redc.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,36 +28,36 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-secp256r1-redc.asm" -define(<RP>, <%rsi>) -define(<U0>, <%rdi>) C Overlaps unused modulo input -define(<U1>, <%rcx>) -define(<U2>, <%rax>) -define(<U3>, <%rdx>) -define(<U4>, <%r8>) -define(<U5>, <%r9>) -define(<U6>, <%r10>) -define(<F0>, <%r11>) -define(<F1>, <%r12>) -define(<F2>, <%rbx>) -define(<F3>, <%rbp>) +define(`RP', `%rsi') +define(`U0', `%rdi') C Overlaps unused modulo input +define(`U1', `%rcx') +define(`U2', `%rax') +define(`U3', `%rdx') +define(`U4', `%r8') +define(`U5', `%r9') +define(`U6', `%r10') +define(`F0', `%r11') +define(`F1', `%r12') +define(`F2', `%rbx') +define(`F3', `%rbp') C FOLD(x), sets (F3,F2,F1,F0) <-- (x << 224) - (x << 128) - (x<<32) -define(<FOLD>, < +define(`FOLD', ` mov $1, F2 mov $1, F3 - shl <$>32, F2 - shr <$>32, F3 + shl `$'32, F2 + shr `$'32, F3 xor F0,F0 xor F1,F1 sub F2, F0 sbb F3, F1 sbb $1, F2 - sbb <$>0, F3 ->) + sbb `$'0, F3 +') PROLOGUE(_nettle_ecc_secp256r1_redc) W64_ENTRY(2, 0) C save all registers that need to be saved diff --git a/x86_64/ecc-secp384r1-modp.asm b/x86_64/ecc-secp384r1-modp.asm index 9bfa0618..24b3d92d 100644 --- a/x86_64/ecc-secp384r1-modp.asm +++ b/x86_64/ecc-secp384r1-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-secp384r1-modp.asm -ifelse(< +ifelse(` Copyright (C) 2013, 2015 Niels Möller This file is part of GNU Nettle. @@ -28,27 +28,27 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-secp384r1-modp.asm" -define(<RP>, <%rsi>) -define(<D5>, <%rax>) -define(<T0>, <%rbx>) -define(<T1>, <%rcx>) -define(<T2>, <%rdx>) -define(<T3>, <%rbp>) -define(<T4>, <%rdi>) -define(<T5>, <%r8>) -define(<H0>, <%r9>) -define(<H1>, <%r10>) -define(<H2>, <%r11>) -define(<H3>, <%r12>) -define(<H4>, <%r13>) -define(<H5>, <%r14>) -define(<C2>, <%r15>) -define(<C0>, H5) C Overlap -define(<TMP>, RP) C Overlap +define(`RP', `%rsi') +define(`D5', `%rax') +define(`T0', `%rbx') +define(`T1', `%rcx') +define(`T2', `%rdx') +define(`T3', `%rbp') +define(`T4', `%rdi') +define(`T5', `%r8') +define(`H0', `%r9') +define(`H1', `%r10') +define(`H2', `%r11') +define(`H3', `%r12') +define(`H4', `%r13') +define(`H5', `%r14') +define(`C2', `%r15') +define(`C0', H5) C Overlap +define(`TMP', RP) C Overlap PROLOGUE(_nettle_ecc_secp384r1_modp) diff --git a/x86_64/ecc-secp521r1-modp.asm b/x86_64/ecc-secp521r1-modp.asm index a6840a60..16727893 100644 --- a/x86_64/ecc-secp521r1-modp.asm +++ b/x86_64/ecc-secp521r1-modp.asm @@ -1,6 +1,6 @@ C x86_64/ecc-secp521r1-modp.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,25 +28,25 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "ecc-secp521r1-modp.asm" GMP_NUMB_BITS(64) -define(<RP>, <%rsi>) -define(<U0>, <%rax>) -define(<U1>, <%rbx>) -define(<U2>, <%rcx>) -define(<U3>, <%rdx>) -define(<U4>, <%rbp>) -define(<U5>, <%rdi>) -define(<U6>, <%r8>) -define(<U7>, <%r9>) -define(<U8>, <%r10>) -define(<U9>, <%r11>) -define(<T0>, <%r12>) -define(<T1>, <%r13>) +define(`RP', `%rsi') +define(`U0', `%rax') +define(`U1', `%rbx') +define(`U2', `%rcx') +define(`U3', `%rdx') +define(`U4', `%rbp') +define(`U5', `%rdi') +define(`U6', `%r8') +define(`U7', `%r9') +define(`U8', `%r10') +define(`U9', `%r11') +define(`T0', `%r12') +define(`T1', `%r13') PROLOGUE(_nettle_ecc_secp521r1_modp) W64_ENTRY(2, 0) diff --git a/x86_64/fat/aes-decrypt-internal-2.asm b/x86_64/fat/aes-decrypt-internal-2.asm index 2dd45959..cd6a72e2 100644 --- a/x86_64/fat/aes-decrypt-internal-2.asm +++ b/x86_64/fat/aes-decrypt-internal-2.asm @@ -1,7 +1,7 @@ C x86_64/fat/aes-decrypt-internal-2.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,7 +29,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <$1_aesni>) -include_src(<x86_64/aesni/aes-decrypt-internal.asm>) +define(`fat_transform', `$1_aesni') +include_src(`x86_64/aesni/aes-decrypt-internal.asm') diff --git a/x86_64/fat/aes-decrypt-internal.asm b/x86_64/fat/aes-decrypt-internal.asm index 26738d66..4b9e8f16 100644 --- a/x86_64/fat/aes-decrypt-internal.asm +++ b/x86_64/fat/aes-decrypt-internal.asm @@ -1,7 +1,7 @@ C x86_64/fat/aes-decrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,7 +29,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <$1_x86_64>) -include_src(<x86_64/aes-decrypt-internal.asm>) +define(`fat_transform', `$1_x86_64') +include_src(`x86_64/aes-decrypt-internal.asm') diff --git a/x86_64/fat/aes-encrypt-internal-2.asm b/x86_64/fat/aes-encrypt-internal-2.asm index 2a5ce7b1..c0a4f3d9 100644 --- a/x86_64/fat/aes-encrypt-internal-2.asm +++ b/x86_64/fat/aes-encrypt-internal-2.asm @@ -1,7 +1,7 @@ C x86_64/fat/aes-encrypt-internal-2.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,7 +29,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <$1_aesni>) -include_src(<x86_64/aesni/aes-encrypt-internal.asm>) +define(`fat_transform', `$1_aesni') +include_src(`x86_64/aesni/aes-encrypt-internal.asm') diff --git a/x86_64/fat/aes-encrypt-internal.asm b/x86_64/fat/aes-encrypt-internal.asm index f0bdf59e..0f7f0134 100644 --- a/x86_64/fat/aes-encrypt-internal.asm +++ b/x86_64/fat/aes-encrypt-internal.asm @@ -1,7 +1,7 @@ C x86_64/fat/aes-encrypt-internal.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,7 +29,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <$1_x86_64>) -include_src(<x86_64/aes-encrypt-internal.asm>) +define(`fat_transform', `$1_x86_64') +include_src(`x86_64/aes-encrypt-internal.asm') diff --git a/x86_64/fat/cpuid.asm b/x86_64/fat/cpuid.asm index f317d56e..3987cc7c 100644 --- a/x86_64/fat/cpuid.asm +++ b/x86_64/fat/cpuid.asm @@ -1,6 +1,6 @@ C x86_64/fat/cpuid.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -28,7 +28,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Input argument C cpuid input: %edi diff --git a/x86_64/fat/memxor-2.asm b/x86_64/fat/memxor-2.asm index e3bf9da8..e96d7180 100644 --- a/x86_64/fat/memxor-2.asm +++ b/x86_64/fat/memxor-2.asm @@ -1,7 +1,7 @@ C x86_64/fat/memxor-2.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,8 +29,8 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <_$1_sse2>) -define(<USE_SSE2>, <yes>) -include_src(<x86_64/memxor.asm>) +define(`fat_transform', `_$1_sse2') +define(`USE_SSE2', `yes') +include_src(`x86_64/memxor.asm') diff --git a/x86_64/fat/memxor.asm b/x86_64/fat/memxor.asm index be33d273..618289c9 100644 --- a/x86_64/fat/memxor.asm +++ b/x86_64/fat/memxor.asm @@ -1,7 +1,7 @@ C x86_64/fat/memxor.asm -ifelse(< +ifelse(` Copyright (C) 2015 Niels Möller This file is part of GNU Nettle. @@ -29,7 +29,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <_$1_x86_64>) -include_src(<x86_64/memxor.asm>) +define(`fat_transform', `_$1_x86_64') +include_src(`x86_64/memxor.asm') diff --git a/x86_64/fat/sha1-compress-2.asm b/x86_64/fat/sha1-compress-2.asm index fddfa965..29ca4759 100644 --- a/x86_64/fat/sha1-compress-2.asm +++ b/x86_64/fat/sha1-compress-2.asm @@ -1,6 +1,6 @@ C x86_64/fat/sha1-compress-2.asm -ifelse(< +ifelse(` Copyright (C) 2018 Niels Möller This file is part of GNU Nettle. @@ -28,7 +28,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <_$1_sha_ni>) -include_src(<x86_64/sha_ni/sha1-compress.asm>) +define(`fat_transform', `_$1_sha_ni') +include_src(`x86_64/sha_ni/sha1-compress.asm') diff --git a/x86_64/fat/sha1-compress.asm b/x86_64/fat/sha1-compress.asm index 0f2c6ec6..2619b79b 100644 --- a/x86_64/fat/sha1-compress.asm +++ b/x86_64/fat/sha1-compress.asm @@ -1,6 +1,6 @@ C x86_64/fat/sha1-compress.asm -ifelse(< +ifelse(` Copyright (C) 2018 Niels Möller This file is part of GNU Nettle. @@ -28,7 +28,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <_$1_x86_64>) -include_src(<x86_64/sha1-compress.asm>) +define(`fat_transform', `_$1_x86_64') +include_src(`x86_64/sha1-compress.asm') diff --git a/x86_64/fat/sha256-compress-2.asm b/x86_64/fat/sha256-compress-2.asm index 50e23d49..996cf8c5 100644 --- a/x86_64/fat/sha256-compress-2.asm +++ b/x86_64/fat/sha256-compress-2.asm @@ -1,6 +1,6 @@ C x86_64/fat/sha256-compress-2.asm -ifelse(< +ifelse(` Copyright (C) 2018 Niels Möller This file is part of GNU Nettle. @@ -28,7 +28,7 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<fat_transform>, <$1_sha_ni>) -include_src(<x86_64/sha_ni/sha256-compress.asm>) +define(`fat_transform', `$1_sha_ni') +include_src(`x86_64/sha_ni/sha256-compress.asm') diff --git a/x86_64/gcm-hash8.asm b/x86_64/gcm-hash8.asm index bfaa6ef8..6c79803c 100644 --- a/x86_64/gcm-hash8.asm +++ b/x86_64/gcm-hash8.asm @@ -1,6 +1,6 @@ C x86_64/gcm-hash8.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,23 +28,23 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Register usage: -define(<KEY>, <%rdi>) -define(<XP>, <%rsi>) -define(<LENGTH>, <%rdx>) -define(<SRC>, <%rcx>) -define(<X0>, <%rax>) -define(<X1>, <%rbx>) -define(<CNT>, <%ebp>) -define(<T0>, <%r8>) -define(<T1>, <%r9>) -define(<T2>, <%r10>) -define(<Z0>, <%r11>) -define(<Z1>, <%r12>) -define(<SHIFT_TABLE>, <%r13>) +define(`KEY', `%rdi') +define(`XP', `%rsi') +define(`LENGTH', `%rdx') +define(`SRC', `%rcx') +define(`X0', `%rax') +define(`X1', `%rbx') +define(`CNT', `%ebp') +define(`T0', `%r8') +define(`T1', `%r9') +define(`T2', `%r10') +define(`Z0', `%r11') +define(`Z1', `%r12') +define(`SHIFT_TABLE', `%r13') .file "gcm-hash8.asm" @@ -200,7 +200,7 @@ ALIGN(16) ret EPILOGUE(_nettle_gcm_hash8) -define(<W>, <0x$2$1>) +define(`W', `0x$2$1') RODATA ALIGN(2) C NOTE: Sun/Oracle assembler doesn't support ".short". diff --git a/x86_64/machine.m4 b/x86_64/machine.m4 index 397e9b25..28b258cd 100644 --- a/x86_64/machine.m4 +++ b/x86_64/machine.m4 @@ -1,13 +1,13 @@ C OFFSET(i) C Expands to 4*i, or to the empty string if i is zero -define(<OFFSET>, <ifelse($1,0,,eval(4*$1))>) +define(`OFFSET', `ifelse($1,0,,eval(4*$1))') C OFFSET64(i) C Expands to 8*i, or to the empty string if i is zero -define(<OFFSET64>, <ifelse($1,0,,eval(8*$1))>) +define(`OFFSET64', `ifelse($1,0,,eval(8*$1))') dnl LREG(reg) gives the 8-bit register corresponding to the given 64-bit register. -define(<LREG>,<ifelse( +define(`LREG',`ifelse( $1, %rax, %al, $1, %rbx, %bl, $1, %rcx, %cl, @@ -22,15 +22,15 @@ define(<LREG>,<ifelse( $1, %r12, %r12b, $1, %r13, %r13b, $1, %r14, %r14b, - $1, %r15, %r15b)>)dnl + $1, %r15, %r15b)')dnl -define(<HREG>,<ifelse( +define(`HREG',`ifelse( $1, %rax, %ah, $1, %rbx, %bh, $1, %rcx, %ch, - $1, %rdx, %dh)>)dnl + $1, %rdx, %dh)')dnl -define(<WREG>,<ifelse( +define(`WREG',`ifelse( $1, %rax, %ax, $1, %rbx, %bx, $1, %rcx, %cx, @@ -45,9 +45,9 @@ define(<WREG>,<ifelse( $1, %r12, %r12w, $1, %r13, %r13w, $1, %r14, %r14w, - $1, %r15, %r15w)>)dnl + $1, %r15, %r15w)')dnl -define(<XREG>,<ifelse( +define(`XREG',`ifelse( $1, %rax, %eax, $1, %rbx, %ebx, $1, %rcx, %ecx, @@ -62,112 +62,106 @@ define(<XREG>,<ifelse( $1, %r12, %r12d, $1, %r13, %r13d, $1, %r14, %r14d, - $1, %r15, %r15d)>)dnl + $1, %r15, %r15d)')dnl dnl W64_ENTRY(nargs, xmm_used) -define(<W64_ENTRY>, < - changequote([,])dnl - ifelse(<<<<<<<<<<<<<<<<<< ignored; only for balancing) - ifelse(W64_ABI,yes,[ +define(`W64_ENTRY', ` + ifelse(W64_ABI,yes,` dnl unconditionally push %rdi, making %rsp 16-byte aligned push %rdi dnl Save %xmm6, ..., if needed - ifelse(eval($2 > 6), 1, [ - sub [$]eval(16*($2 - 6)), %rsp + ifelse(eval($2 > 6), 1, ` + sub `$'eval(16*($2 - 6)), %rsp movdqa %xmm6, 0(%rsp) - ]) - ifelse(eval($2 > 7), 1, [ + ') + ifelse(eval($2 > 7), 1, ` movdqa %xmm7, 16(%rsp) - ]) - ifelse(eval($2 > 8), 1, [ + ') + ifelse(eval($2 > 8), 1, ` movdqa %xmm8, 32(%rsp) - ]) - ifelse(eval($2 > 9), 1, [ + ') + ifelse(eval($2 > 9), 1, ` movdqa %xmm9, 48(%rsp) - ]) - ifelse(eval($2 > 10), 1, [ + ') + ifelse(eval($2 > 10), 1, ` movdqa %xmm10, 64(%rsp) - ]) - ifelse(eval($2 > 11), 1, [ + ') + ifelse(eval($2 > 11), 1, ` movdqa %xmm11, 80(%rsp) - ]) - ifelse(eval($2 > 12), 1, [ + ') + ifelse(eval($2 > 12), 1, ` movdqa %xmm12, 96(%rsp) - ]) - ifelse(eval($2 > 13), 1, [ + ') + ifelse(eval($2 > 13), 1, ` movdqa %xmm13, 112(%rsp) - ]) - ifelse(eval($2 > 14), 1, [ + ') + ifelse(eval($2 > 14), 1, ` movdqa %xmm14, 128(%rsp) - ]) - ifelse(eval($2 > 15), 1, [ + ') + ifelse(eval($2 > 15), 1, ` movdqa %xmm15, 144(%rsp) - ]) + ') dnl Move around arguments - ifelse(eval($1 >= 1), 1, [ + ifelse(eval($1 >= 1), 1, ` mov %rcx, %rdi - ]) - ifelse(eval($1 >= 2), 1, [ + ') + ifelse(eval($1 >= 2), 1, ` dnl NOTE: Breaks 16-byte %rsp alignment push %rsi mov %rdx, %rsi - ]) - ifelse(eval($1 >= 3), 1, [ + ') + ifelse(eval($1 >= 3), 1, ` mov %r8, %rdx - ]) - ifelse(eval($1 >= 4), 1, [ + ') + ifelse(eval($1 >= 4), 1, ` mov %r9, %rcx - ]) - ifelse(eval($1 >= 5), 1, [ + ') + ifelse(eval($1 >= 5), 1, ` mov ifelse(eval($2 > 6), 1, eval(16*($2-6)+56),56)(%rsp), %r8 - ]) - ifelse(eval($1 >= 6), 1, [ + ') + ifelse(eval($1 >= 6), 1, ` mov ifelse(eval($2 > 6), 1, eval(16*($2-6)+64),64)(%rsp), %r9 - ]) - ]) - changequote(<,>)dnl ->) + ') + ') +') dnl W64_EXIT(nargs, xmm_used) -define(<W64_EXIT>, < - changequote([,])dnl - ifelse(<<<<<<<<<<< ignored; only for balancing) - ifelse(W64_ABI,yes,[ - ifelse(eval($1 >= 2), 1, [ +define(`W64_EXIT', ` + ifelse(W64_ABI,yes,` + ifelse(eval($1 >= 2), 1, ` pop %rsi - ]) - ifelse(eval($2 > 15), 1, [ + ') + ifelse(eval($2 > 15), 1, ` movdqa 144(%rsp), %xmm15 - ]) - ifelse(eval($2 > 14), 1, [ + ') + ifelse(eval($2 > 14), 1, ` movdqa 128(%rsp), %xmm14 - ]) - ifelse(eval($2 > 13), 1, [ + ') + ifelse(eval($2 > 13), 1, ` movdqa 112(%rsp), %xmm13 - ]) - ifelse(eval($2 > 12), 1, [ + ') + ifelse(eval($2 > 12), 1, ` movdqa 96(%rsp), %xmm12 - ]) - ifelse(eval($2 > 11), 1, [ + ') + ifelse(eval($2 > 11), 1, ` movdqa 80(%rsp), %xmm11 - ]) - ifelse(eval($2 > 10), 1, [ + ') + ifelse(eval($2 > 10), 1, ` movdqa 64(%rsp), %xmm10 - ]) - ifelse(eval($2 > 9), 1, [ + ') + ifelse(eval($2 > 9), 1, ` movdqa 48(%rsp), %xmm9 - ]) - ifelse(eval($2 > 8), 1, [ + ') + ifelse(eval($2 > 8), 1, ` movdqa 32(%rsp), %xmm8 - ]) - ifelse(eval($2 > 7), 1, [ + ') + ifelse(eval($2 > 7), 1, ` movdqa 16(%rsp), %xmm7 - ]) - ifelse(eval($2 > 6), 1, [ + ') + ifelse(eval($2 > 6), 1, ` movdqa (%rsp), %xmm6 - add [$]eval(16*($2 - 6)), %rsp - ]) + add `$'eval(16*($2 - 6)), %rsp + ') pop %rdi - ]) - changequote(<,>)dnl ->) + ') +') diff --git a/x86_64/md5-compress.asm b/x86_64/md5-compress.asm index 182b8f18..defce60f 100644 --- a/x86_64/md5-compress.asm +++ b/x86_64/md5-compress.asm @@ -1,6 +1,6 @@ C x86_64/md5-compress.asm -ifelse(< +ifelse(` Copyright (C) 2005, 2013 Niels Möller This file is part of GNU Nettle. @@ -28,54 +28,54 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Registers: -define(<STATE>, <%rdi>) -define(<INPUT>, <%rsi>) -define(<SA>,<%rax>) -define(<SB>,<%rbx>) -define(<SC>,<%rcx>) -define(<SD>,<%rbp>) -define(<TMP>, <%r8>) +define(`STATE', `%rdi') +define(`INPUT', `%rsi') +define(`SA',`%rax') +define(`SB',`%rbx') +define(`SC',`%rcx') +define(`SD',`%rbp') +define(`TMP', `%r8') C F1(x,y,z) = (z ^ (x & (y ^ z))) -define(<F1>, < +define(`F1', ` movl XREG($3), XREG(TMP) xorl XREG($2), XREG(TMP) andl XREG($1), XREG(TMP) - xorl XREG($3), XREG(TMP)>) + xorl XREG($3), XREG(TMP)') -define(<F2>,<F1($3, $1, $2)>) +define(`F2',`F1($3, $1, $2)') C F3(x,y,z) = x ^ y ^ z -define(<F3>,< +define(`F3',` movl XREG($1), XREG(TMP) xorl XREG($2), XREG(TMP) - xorl XREG($3), XREG(TMP)>) + xorl XREG($3), XREG(TMP)') C F4(x,y,z) = y ^ (x | ~z) -define(<F4>,< +define(`F4',` movl XREG($3), XREG(TMP) notl XREG(TMP) orl XREG($1), XREG(TMP) - xorl XREG($2), XREG(TMP)>) + xorl XREG($2), XREG(TMP)') C Index to 4*i, or to the empty string if zero -define(<REF>,<ifelse($1,0,,eval(4*$1))(INPUT)>) +define(`REF',`ifelse($1,0,,eval(4*$1))(INPUT)') C ROUND(f, w, x, y, z, k, data, s): C w += f(x,y,z) + data + k C w <<< s C w += x -define(<ROUND>,< - addl <$>$7, XREG($2) +define(`ROUND',` + addl `$'$7, XREG($2) $1($3, $4, $5) addl $6, XREG($2) addl XREG(TMP), XREG($2) - roll <$>$8, XREG($2) - addl XREG($3), XREG($2)>) + roll `$'$8, XREG($2) + addl XREG($3), XREG($2)') .file "md5-compress.asm" @@ -94,73 +94,73 @@ PROLOGUE(nettle_md5_compress) movl 8(STATE), XREG(SC) movl 12(STATE), XREG(SD) - ROUND(<F1>, SA, SB, SC, SD, REF( 0), 0xd76aa478, 7) - ROUND(<F1>, SD, SA, SB, SC, REF( 1), 0xe8c7b756, 12) - ROUND(<F1>, SC, SD, SA, SB, REF( 2), 0x242070db, 17) - ROUND(<F1>, SB, SC, SD, SA, REF( 3), 0xc1bdceee, 22) - ROUND(<F1>, SA, SB, SC, SD, REF( 4), 0xf57c0faf, 7) - ROUND(<F1>, SD, SA, SB, SC, REF( 5), 0x4787c62a, 12) - ROUND(<F1>, SC, SD, SA, SB, REF( 6), 0xa8304613, 17) - ROUND(<F1>, SB, SC, SD, SA, REF( 7), 0xfd469501, 22) - ROUND(<F1>, SA, SB, SC, SD, REF( 8), 0x698098d8, 7) - ROUND(<F1>, SD, SA, SB, SC, REF( 9), 0x8b44f7af, 12) - ROUND(<F1>, SC, SD, SA, SB, REF(10), 0xffff5bb1, 17) - ROUND(<F1>, SB, SC, SD, SA, REF(11), 0x895cd7be, 22) - ROUND(<F1>, SA, SB, SC, SD, REF(12), 0x6b901122, 7) - ROUND(<F1>, SD, SA, SB, SC, REF(13), 0xfd987193, 12) - ROUND(<F1>, SC, SD, SA, SB, REF(14), 0xa679438e, 17) - ROUND(<F1>, SB, SC, SD, SA, REF(15), 0x49b40821, 22) - - ROUND(<F2>, SA, SB, SC, SD, REF( 1), 0xf61e2562, 5) - ROUND(<F2>, SD, SA, SB, SC, REF( 6), 0xc040b340, 9) - ROUND(<F2>, SC, SD, SA, SB, REF(11), 0x265e5a51, 14) - ROUND(<F2>, SB, SC, SD, SA, REF( 0), 0xe9b6c7aa, 20) - ROUND(<F2>, SA, SB, SC, SD, REF( 5), 0xd62f105d, 5) - ROUND(<F2>, SD, SA, SB, SC, REF(10), 0x02441453, 9) - ROUND(<F2>, SC, SD, SA, SB, REF(15), 0xd8a1e681, 14) - ROUND(<F2>, SB, SC, SD, SA, REF( 4), 0xe7d3fbc8, 20) - ROUND(<F2>, SA, SB, SC, SD, REF( 9), 0x21e1cde6, 5) - ROUND(<F2>, SD, SA, SB, SC, REF(14), 0xc33707d6, 9) - ROUND(<F2>, SC, SD, SA, SB, REF( 3), 0xf4d50d87, 14) - ROUND(<F2>, SB, SC, SD, SA, REF( 8), 0x455a14ed, 20) - ROUND(<F2>, SA, SB, SC, SD, REF(13), 0xa9e3e905, 5) - ROUND(<F2>, SD, SA, SB, SC, REF( 2), 0xfcefa3f8, 9) - ROUND(<F2>, SC, SD, SA, SB, REF( 7), 0x676f02d9, 14) - ROUND(<F2>, SB, SC, SD, SA, REF(12), 0x8d2a4c8a, 20) - - ROUND(<F3>, SA, SB, SC, SD, REF( 5), 0xfffa3942, 4) - ROUND(<F3>, SD, SA, SB, SC, REF( 8), 0x8771f681, 11) - ROUND(<F3>, SC, SD, SA, SB, REF(11), 0x6d9d6122, 16) - ROUND(<F3>, SB, SC, SD, SA, REF(14), 0xfde5380c, 23) - ROUND(<F3>, SA, SB, SC, SD, REF( 1), 0xa4beea44, 4) - ROUND(<F3>, SD, SA, SB, SC, REF( 4), 0x4bdecfa9, 11) - ROUND(<F3>, SC, SD, SA, SB, REF( 7), 0xf6bb4b60, 16) - ROUND(<F3>, SB, SC, SD, SA, REF(10), 0xbebfbc70, 23) - ROUND(<F3>, SA, SB, SC, SD, REF(13), 0x289b7ec6, 4) - ROUND(<F3>, SD, SA, SB, SC, REF( 0), 0xeaa127fa, 11) - ROUND(<F3>, SC, SD, SA, SB, REF( 3), 0xd4ef3085, 16) - ROUND(<F3>, SB, SC, SD, SA, REF( 6), 0x04881d05, 23) - ROUND(<F3>, SA, SB, SC, SD, REF( 9), 0xd9d4d039, 4) - ROUND(<F3>, SD, SA, SB, SC, REF(12), 0xe6db99e5, 11) - ROUND(<F3>, SC, SD, SA, SB, REF(15), 0x1fa27cf8, 16) - ROUND(<F3>, SB, SC, SD, SA, REF( 2), 0xc4ac5665, 23) - - ROUND(<F4>, SA, SB, SC, SD, REF( 0), 0xf4292244, 6) - ROUND(<F4>, SD, SA, SB, SC, REF( 7), 0x432aff97, 10) - ROUND(<F4>, SC, SD, SA, SB, REF(14), 0xab9423a7, 15) - ROUND(<F4>, SB, SC, SD, SA, REF( 5), 0xfc93a039, 21) - ROUND(<F4>, SA, SB, SC, SD, REF(12), 0x655b59c3, 6) - ROUND(<F4>, SD, SA, SB, SC, REF( 3), 0x8f0ccc92, 10) - ROUND(<F4>, SC, SD, SA, SB, REF(10), 0xffeff47d, 15) - ROUND(<F4>, SB, SC, SD, SA, REF( 1), 0x85845dd1, 21) - ROUND(<F4>, SA, SB, SC, SD, REF( 8), 0x6fa87e4f, 6) - ROUND(<F4>, SD, SA, SB, SC, REF(15), 0xfe2ce6e0, 10) - ROUND(<F4>, SC, SD, SA, SB, REF( 6), 0xa3014314, 15) - ROUND(<F4>, SB, SC, SD, SA, REF(13), 0x4e0811a1, 21) - ROUND(<F4>, SA, SB, SC, SD, REF( 4), 0xf7537e82, 6) - ROUND(<F4>, SD, SA, SB, SC, REF(11), 0xbd3af235, 10) - ROUND(<F4>, SC, SD, SA, SB, REF( 2), 0x2ad7d2bb, 15) - ROUND(<F4>, SB, SC, SD, SA, REF( 9), 0xeb86d391, 21) + ROUND(`F1', SA, SB, SC, SD, REF( 0), 0xd76aa478, 7) + ROUND(`F1', SD, SA, SB, SC, REF( 1), 0xe8c7b756, 12) + ROUND(`F1', SC, SD, SA, SB, REF( 2), 0x242070db, 17) + ROUND(`F1', SB, SC, SD, SA, REF( 3), 0xc1bdceee, 22) + ROUND(`F1', SA, SB, SC, SD, REF( 4), 0xf57c0faf, 7) + ROUND(`F1', SD, SA, SB, SC, REF( 5), 0x4787c62a, 12) + ROUND(`F1', SC, SD, SA, SB, REF( 6), 0xa8304613, 17) + ROUND(`F1', SB, SC, SD, SA, REF( 7), 0xfd469501, 22) + ROUND(`F1', SA, SB, SC, SD, REF( 8), 0x698098d8, 7) + ROUND(`F1', SD, SA, SB, SC, REF( 9), 0x8b44f7af, 12) + ROUND(`F1', SC, SD, SA, SB, REF(10), 0xffff5bb1, 17) + ROUND(`F1', SB, SC, SD, SA, REF(11), 0x895cd7be, 22) + ROUND(`F1', SA, SB, SC, SD, REF(12), 0x6b901122, 7) + ROUND(`F1', SD, SA, SB, SC, REF(13), 0xfd987193, 12) + ROUND(`F1', SC, SD, SA, SB, REF(14), 0xa679438e, 17) + ROUND(`F1', SB, SC, SD, SA, REF(15), 0x49b40821, 22) + + ROUND(`F2', SA, SB, SC, SD, REF( 1), 0xf61e2562, 5) + ROUND(`F2', SD, SA, SB, SC, REF( 6), 0xc040b340, 9) + ROUND(`F2', SC, SD, SA, SB, REF(11), 0x265e5a51, 14) + ROUND(`F2', SB, SC, SD, SA, REF( 0), 0xe9b6c7aa, 20) + ROUND(`F2', SA, SB, SC, SD, REF( 5), 0xd62f105d, 5) + ROUND(`F2', SD, SA, SB, SC, REF(10), 0x02441453, 9) + ROUND(`F2', SC, SD, SA, SB, REF(15), 0xd8a1e681, 14) + ROUND(`F2', SB, SC, SD, SA, REF( 4), 0xe7d3fbc8, 20) + ROUND(`F2', SA, SB, SC, SD, REF( 9), 0x21e1cde6, 5) + ROUND(`F2', SD, SA, SB, SC, REF(14), 0xc33707d6, 9) + ROUND(`F2', SC, SD, SA, SB, REF( 3), 0xf4d50d87, 14) + ROUND(`F2', SB, SC, SD, SA, REF( 8), 0x455a14ed, 20) + ROUND(`F2', SA, SB, SC, SD, REF(13), 0xa9e3e905, 5) + ROUND(`F2', SD, SA, SB, SC, REF( 2), 0xfcefa3f8, 9) + ROUND(`F2', SC, SD, SA, SB, REF( 7), 0x676f02d9, 14) + ROUND(`F2', SB, SC, SD, SA, REF(12), 0x8d2a4c8a, 20) + + ROUND(`F3', SA, SB, SC, SD, REF( 5), 0xfffa3942, 4) + ROUND(`F3', SD, SA, SB, SC, REF( 8), 0x8771f681, 11) + ROUND(`F3', SC, SD, SA, SB, REF(11), 0x6d9d6122, 16) + ROUND(`F3', SB, SC, SD, SA, REF(14), 0xfde5380c, 23) + ROUND(`F3', SA, SB, SC, SD, REF( 1), 0xa4beea44, 4) + ROUND(`F3', SD, SA, SB, SC, REF( 4), 0x4bdecfa9, 11) + ROUND(`F3', SC, SD, SA, SB, REF( 7), 0xf6bb4b60, 16) + ROUND(`F3', SB, SC, SD, SA, REF(10), 0xbebfbc70, 23) + ROUND(`F3', SA, SB, SC, SD, REF(13), 0x289b7ec6, 4) + ROUND(`F3', SD, SA, SB, SC, REF( 0), 0xeaa127fa, 11) + ROUND(`F3', SC, SD, SA, SB, REF( 3), 0xd4ef3085, 16) + ROUND(`F3', SB, SC, SD, SA, REF( 6), 0x04881d05, 23) + ROUND(`F3', SA, SB, SC, SD, REF( 9), 0xd9d4d039, 4) + ROUND(`F3', SD, SA, SB, SC, REF(12), 0xe6db99e5, 11) + ROUND(`F3', SC, SD, SA, SB, REF(15), 0x1fa27cf8, 16) + ROUND(`F3', SB, SC, SD, SA, REF( 2), 0xc4ac5665, 23) + + ROUND(`F4', SA, SB, SC, SD, REF( 0), 0xf4292244, 6) + ROUND(`F4', SD, SA, SB, SC, REF( 7), 0x432aff97, 10) + ROUND(`F4', SC, SD, SA, SB, REF(14), 0xab9423a7, 15) + ROUND(`F4', SB, SC, SD, SA, REF( 5), 0xfc93a039, 21) + ROUND(`F4', SA, SB, SC, SD, REF(12), 0x655b59c3, 6) + ROUND(`F4', SD, SA, SB, SC, REF( 3), 0x8f0ccc92, 10) + ROUND(`F4', SC, SD, SA, SB, REF(10), 0xffeff47d, 15) + ROUND(`F4', SB, SC, SD, SA, REF( 1), 0x85845dd1, 21) + ROUND(`F4', SA, SB, SC, SD, REF( 8), 0x6fa87e4f, 6) + ROUND(`F4', SD, SA, SB, SC, REF(15), 0xfe2ce6e0, 10) + ROUND(`F4', SC, SD, SA, SB, REF( 6), 0xa3014314, 15) + ROUND(`F4', SB, SC, SD, SA, REF(13), 0x4e0811a1, 21) + ROUND(`F4', SA, SB, SC, SD, REF( 4), 0xf7537e82, 6) + ROUND(`F4', SD, SA, SB, SC, REF(11), 0xbd3af235, 10) + ROUND(`F4', SC, SD, SA, SB, REF( 2), 0x2ad7d2bb, 15) + ROUND(`F4', SB, SC, SD, SA, REF( 9), 0xeb86d391, 21) C Update the state vector addl XREG(SA), (STATE) diff --git a/x86_64/memxor.asm b/x86_64/memxor.asm index f07f0017..4d236263 100644 --- a/x86_64/memxor.asm +++ b/x86_64/memxor.asm @@ -1,6 +1,6 @@ C x86_64/memxor.asm -ifelse(< +ifelse(` Copyright (C) 2010, 2014, Niels Möller This file is part of GNU Nettle. @@ -28,19 +28,19 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Register usage: -define(<DST>, <%rax>) C Originally in %rdi -define(<SRC>, <%rsi>) -define(<N>, <%rdx>) -define(<TMP>, <%r8>) -define(<TMP2>, <%r9>) -define(<CNT>, <%rdi>) -define(<S0>, <%r11>) -define(<S1>, <%rdi>) C Overlaps with CNT +define(`DST', `%rax') C Originally in %rdi +define(`SRC', `%rsi') +define(`N', `%rdx') +define(`TMP', `%r8') +define(`TMP2', `%r9') +define(`CNT', `%rdi') +define(`S0', `%r11') +define(`S1', `%rdi') C Overlaps with CNT -define(<USE_SSE2>, <no>) +define(`USE_SSE2', `no') .file "memxor.asm" @@ -79,10 +79,10 @@ PROLOGUE(nettle_memxor) jnz .Lalign_loop .Laligned: -ifdef(<USE_SSE2>, < +ifdef(`USE_SSE2', ` cmp $16, N jnc .Lsse2_case ->) +') C Next destination word is -8(DST, N) C Setup for unrolling @@ -135,7 +135,7 @@ ifdef(<USE_SSE2>, < W64_EXIT(3, 0) ret -ifdef(<USE_SSE2>, < +ifdef(`USE_SSE2', ` .Lsse2_case: lea (DST, N), TMP @@ -168,6 +168,6 @@ ifdef(<USE_SSE2>, < W64_EXIT(3, 0) ret ->) +') EPILOGUE(nettle_memxor) diff --git a/x86_64/memxor3.asm b/x86_64/memxor3.asm index 8ff3e79c..694adf4c 100644 --- a/x86_64/memxor3.asm +++ b/x86_64/memxor3.asm @@ -1,6 +1,6 @@ C x86_64/memxor3.asm -ifelse(< +ifelse(` Copyright (C) 2010, 2014 Niels Möller This file is part of GNU Nettle. @@ -28,20 +28,20 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Register usage: -define(<DST>, <%rax>) C Originally in %rdi -define(<AP>, <%rsi>) -define(<BP>, <%rdx>) -define(<N>, <%r10>) -define(<TMP>, <%r8>) -define(<TMP2>, <%r9>) -define(<CNT>, <%rdi>) -define(<S0>, <%r11>) -define(<S1>, <%rdi>) C Overlaps with CNT - -define(<USE_SSE2>, <no>) +define(`DST', `%rax') C Originally in %rdi +define(`AP', `%rsi') +define(`BP', `%rdx') +define(`N', `%r10') +define(`TMP', `%r8') +define(`TMP2', `%r9') +define(`CNT', `%rdi') +define(`S0', `%r11') +define(`S1', `%rdi') C Overlaps with CNT + +define(`USE_SSE2', `no') .file "memxor3.asm" @@ -83,10 +83,10 @@ PROLOGUE(nettle_memxor3) jnz .Lalign_loop .Laligned: -ifelse(USE_SSE2, yes, < +ifelse(USE_SSE2, yes, ` cmp $16, N jnc .Lsse2_case ->) +') C Check for the case that AP and BP have the same alignment, C but different from DST. mov AP, TMP @@ -223,7 +223,7 @@ C jz .Ldone W64_EXIT(4, 0) ret -ifelse(USE_SSE2, yes, < +ifelse(USE_SSE2, yes, ` .Lsse2_case: lea (DST, N), TMP @@ -257,7 +257,7 @@ ifelse(USE_SSE2, yes, < C ENTRY might have been 3 args, too, but it doesn't matter for the exit W64_EXIT(4, 0) ret ->) +') EPILOGUE(nettle_memxor3) diff --git a/x86_64/poly1305-internal.asm b/x86_64/poly1305-internal.asm index 8012e49f..1e2c60b6 100644 --- a/x86_64/poly1305-internal.asm +++ b/x86_64/poly1305-internal.asm @@ -1,6 +1,6 @@ C x86_64/poly1305-internal.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,18 +28,18 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "poly1305-internal.asm" C Registers mainly used by poly1305_block -define(<CTX>, <%rdi>) -define(<T0>, <%rcx>) -define(<T1>, <%rsi>) -define(<T2>, <%r8>) -define(<H0>, <%r9>) -define(<H1>, <%r10>) -define(<H2>, <%r11>) +define(`CTX', `%rdi') +define(`T0', `%rcx') +define(`T1', `%rsi') +define(`T2', `%r8') +define(`H0', `%r9') +define(`H1', `%r10') +define(`H2', `%r11') C _poly1305_set_key(struct poly1305_ctx *ctx, const uint8_t key[16]) .text @@ -162,7 +162,7 @@ PROLOGUE(_nettle_poly1305_digest) adc $0, XREG(H2) C Use %rax instead of %rsi -define(<T1>, <%rax>) +define(`T1', `%rax') C Add 5, use result if >= 2^130 mov $5, T0 xor T1, T1 diff --git a/x86_64/salsa20-2core.asm b/x86_64/salsa20-2core.asm index 1b9edc85..d293098e 100644 --- a/x86_64/salsa20-2core.asm +++ b/x86_64/salsa20-2core.asm @@ -1,6 +1,6 @@ C x86_64/salsa20-2core.asm -ifelse(< +ifelse(` Copyright (C) 2012, 2020 Niels Möller This file is part of GNU Nettle. @@ -28,30 +28,30 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<DST>, <%rdi>) -define(<SRC>, <%rsi>) -define(<COUNT>, <%rdx>) +define(`DST', `%rdi') +define(`SRC', `%rsi') +define(`COUNT', `%rdx') C State, even elements in X, odd elements in Y -define(<X0>, <%xmm0>) -define(<X1>, <%xmm1>) -define(<X2>, <%xmm2>) -define(<X3>, <%xmm3>) -define(<Y0>, <%xmm4>) -define(<Y1>, <%xmm5>) -define(<Y2>, <%xmm6>) -define(<Y3>, <%xmm7>) - -define(<T0>, <%xmm8>) -define(<T1>, <%xmm9>) -define(<T2>, <%xmm10>) -define(<T3>, <%xmm11>) - -define(<M0011>, <%xmm12>) - -include_src(<x86_64/salsa20.m4>) +define(`X0', `%xmm0') +define(`X1', `%xmm1') +define(`X2', `%xmm2') +define(`X3', `%xmm3') +define(`Y0', `%xmm4') +define(`Y1', `%xmm5') +define(`Y2', `%xmm6') +define(`Y3', `%xmm7') + +define(`T0', `%xmm8') +define(`T1', `%xmm9') +define(`T2', `%xmm10') +define(`T3', `%xmm11') + +define(`M0011', `%xmm12') + +include_src(`x86_64/salsa20.m4') .text ALIGN(16) diff --git a/x86_64/salsa20-core-internal.asm b/x86_64/salsa20-core-internal.asm index 4ef07be0..708a1c0b 100644 --- a/x86_64/salsa20-core-internal.asm +++ b/x86_64/salsa20-core-internal.asm @@ -1,6 +1,6 @@ C x86_64/salsa20-core-internal.asm -ifelse(< +ifelse(` Copyright (C) 2012 Niels Möller This file is part of GNU Nettle. @@ -28,22 +28,22 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) - -define(<DST>, <%rdi>) -define(<SRC>, <%rsi>) -define(<COUNT>, <%rdx>) -define(<X0>, <%xmm0>) -define(<X1>, <%xmm1>) -define(<X2>, <%xmm2>) -define(<X3>, <%xmm3>) -define(<T0>, <%xmm4>) -define(<T1>, <%xmm5>) -define(<M0101>, <%xmm6>) -define(<M0110>, <%xmm7>) -define(<M0011>, <%xmm8>) - -include_src(<x86_64/salsa20.m4>) +') + +define(`DST', `%rdi') +define(`SRC', `%rsi') +define(`COUNT', `%rdx') +define(`X0', `%xmm0') +define(`X1', `%xmm1') +define(`X2', `%xmm2') +define(`X3', `%xmm3') +define(`T0', `%xmm4') +define(`T1', `%xmm5') +define(`M0101', `%xmm6') +define(`M0110', `%xmm7') +define(`M0011', `%xmm8') + +include_src(`x86_64/salsa20.m4') C _salsa20_core(uint32_t *dst, const uint32_t *src, unsigned rounds) .text diff --git a/x86_64/salsa20.m4 b/x86_64/salsa20.m4 index 708c4896..c7711aa7 100644 --- a/x86_64/salsa20.m4 +++ b/x86_64/salsa20.m4 @@ -1,45 +1,45 @@ C Needs T0 and T1 C QROUND(x0, x1, x2, x3) -define(<QROUND>, < +define(`QROUND', ` movaps $4, T0 C 0 paddd $1, T0 C 1 movaps T0, T1 C 2 - pslld <$>7, T0 C 2 - psrld <$>25, T1 C 3 + pslld `$'7, T0 C 2 + psrld `$'25, T1 C 3 pxor T0, $2 C 3 pxor T1, $2 C 4 movaps $1, T0 C 0 paddd $2, T0 C 5 movaps T0, T1 C 6 - pslld <$>9, T0 C 6 - psrld <$>23, T1 C 7 + pslld `$'9, T0 C 6 + psrld `$'23, T1 C 7 pxor T0, $3 C 7 pxor T1, $3 C 8 movaps $2, T0 C 0 paddd $3, T0 C 9 movaps T0, T1 C 10 - pslld <$>13, T0 C 10 - psrld <$>19, T1 C 11 + pslld `$'13, T0 C 10 + psrld `$'19, T1 C 11 pxor T0, $4 C 11 pxor T1, $4 C 12 movaps $3, T0 C 0 paddd $4, T0 C 13 movaps T0, T1 C 14 - pslld <$>18, T0 C 14 - psrld <$>14, T1 C 15 + pslld `$'18, T0 C 14 + psrld `$'14, T1 C 15 pxor T0, $1 C 15 pxor T1, $1 C 16 ->) +') C SWAP(x0, x1, mask) C Swaps bits in x0 and x1, with bits selected by the mask -define(<SWAP>, < +define(`SWAP', ` movaps $1, T0 pxor $2, $1 pand $3, $1 pxor $1, $2 pxor T0, $1 ->) +') diff --git a/x86_64/serpent-decrypt.asm b/x86_64/serpent-decrypt.asm index 031c41c8..e8928c89 100644 --- a/x86_64/serpent-decrypt.asm +++ b/x86_64/serpent-decrypt.asm @@ -1,6 +1,6 @@ C x86_64/serpent-decrypt.asm -ifelse(< +ifelse(` Copyright (C) 2011 Niels Möller This file is part of GNU Nettle. @@ -28,52 +28,52 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -include_src(<x86_64/serpent.m4>) +include_src(`x86_64/serpent.m4') C Register usage: C Single block serpent state, two copies -define(<x0>, <%eax>) -define(<x1>, <%ebx>) -define(<x2>, <%ebp>) -define(<x3>, <%r8d>) +define(`x0', `%eax') +define(`x1', `%ebx') +define(`x2', `%ebp') +define(`x3', `%r8d') -define(<y0>, <%r9d>) -define(<y1>, <%r10d>) -define(<y2>, <%r11d>) -define(<y3>, <%r12d>) +define(`y0', `%r9d') +define(`y1', `%r10d') +define(`y2', `%r11d') +define(`y3', `%r12d') C Quadruple block serpent state, two copies -define(<X0>, <%xmm0>) -define(<X1>, <%xmm1>) -define(<X2>, <%xmm2>) -define(<X3>, <%xmm3>) - -define(<Y0>, <%xmm4>) -define(<Y1>, <%xmm5>) -define(<Y2>, <%xmm6>) -define(<Y3>, <%xmm7>) - -define(<MINUS1>, <%xmm8>) -define(<T0>, <%xmm9>) -define(<T1>, <%xmm10>) -define(<T2>, <%xmm11>) -define(<T3>, <%xmm12>) +define(`X0', `%xmm0') +define(`X1', `%xmm1') +define(`X2', `%xmm2') +define(`X3', `%xmm3') + +define(`Y0', `%xmm4') +define(`Y1', `%xmm5') +define(`Y2', `%xmm6') +define(`Y3', `%xmm7') + +define(`MINUS1', `%xmm8') +define(`T0', `%xmm9') +define(`T1', `%xmm10') +define(`T2', `%xmm11') +define(`T3', `%xmm12') C Arguments -define(<CTX>, <%rdi>) -define(<N>, <%rsi>) -define(<DST>, <%rdx>) -define(<SRC>, <%rcx>) +define(`CTX', `%rdi') +define(`N', `%rsi') +define(`DST', `%rdx') +define(`SRC', `%rcx') -define(<CNT>, <%r13>) -define(<TMP32>, <%r14d>) +define(`CNT', `%r13') +define(`TMP32', `%r14d') C SBOX macros. Inputs $1 - $4 (destroyed), outputs $5 - $8 -define(<SBOX0I>, < +define(`SBOX0I', ` mov $1, $5 xor $3, $5 mov $1, $7 @@ -98,9 +98,9 @@ define(<SBOX0I>, < xor $4, $8 or $4, $2 xor $2, $5 ->) +') -define(<SBOX1I>, < +define(`SBOX1I', ` mov $2, $6 or $4, $6 xor $3, $6 @@ -123,9 +123,9 @@ define(<SBOX1I>, < xor $3, $5 or $7, $1 xor $1, $5 ->) +') -define(<SBOX2I>, < +define(`SBOX2I', ` mov $1, $5 xor $4, $5 mov $3, $7 @@ -150,9 +150,9 @@ define(<SBOX2I>, < mov $5, $7 xor $6, $7 xor $3, $7 ->) +') -define(<SBOX3I>, < +define(`SBOX3I', ` mov $3, $8 or $4, $8 mov $2, $5 @@ -174,9 +174,9 @@ define(<SBOX3I>, < and $7, $1 or $2, $1 xor $1, $8 ->) +') -define(<SBOX4I>, < +define(`SBOX4I', ` mov $3, $6 xor $4, $6 mov $3, $7 @@ -198,9 +198,9 @@ define(<SBOX4I>, < xor $1, $5 xor $2, $1 xor $1, $7 ->) +') -define(<SBOX5I>, < +define(`SBOX5I', ` mov $1, $6 and $4, $6 mov $3, $8 @@ -223,9 +223,9 @@ define(<SBOX5I>, < not $2 or $1, $2 xor $2, $8 ->) +') -define(<SBOX6I>, < +define(`SBOX6I', ` mov $1, $7 xor $3, $7 not $3 @@ -250,9 +250,9 @@ define(<SBOX6I>, < and $5, $2 xor $2, $7 xor $4, $7 ->) +') -define(<SBOX7I>, < +define(`SBOX7I', ` mov $1, $8 and $2, $8 mov $2, $7 @@ -276,34 +276,34 @@ define(<SBOX7I>, < xor $1, $6 or $6, $4 xor $4, $5 ->) +') -define(<LTI>, < - rol <$>10, $3 - rol <$>27, $1 +define(`LTI', ` + rol `$'10, $3 + rol `$'27, $1 mov $2, TMP32 - shl <$>7, TMP32 + shl `$'7, TMP32 xor $4, $3 xor TMP32, $3 xor $2, $1 xor $4, $1 - rol <$>25, $4 - rol <$>31, $2 + rol `$'25, $4 + rol `$'31, $2 mov $1, TMP32 - shl <$>3, TMP32 + shl `$'3, TMP32 xor $3, $4 xor TMP32, $4 xor $1, $2 xor $3, $2 - rol <$>29, $3 - rol <$>19, $1 ->) + rol `$'29, $3 + rol `$'19, $1 +') -define(<PNOT>, < +define(`PNOT', ` pxor MINUS1, $1 ->) +') -define(<WSBOX0I>, < +define(`WSBOX0I', ` movdqa $1, $5 pxor $3, $5 movdqa $1, $7 @@ -328,9 +328,9 @@ define(<WSBOX0I>, < pxor $4, $8 por $4, $2 pxor $2, $5 ->) +') -define(<WSBOX1I>, < +define(`WSBOX1I', ` movdqa $2, $6 por $4, $6 pxor $3, $6 @@ -353,9 +353,9 @@ define(<WSBOX1I>, < pxor $3, $5 por $7, $1 pxor $1, $5 ->) +') -define(<WSBOX2I>, < +define(`WSBOX2I', ` movdqa $1, $5 pxor $4, $5 movdqa $3, $7 @@ -380,9 +380,9 @@ define(<WSBOX2I>, < movdqa $5, $7 pxor $6, $7 pxor $3, $7 ->) +') -define(<WSBOX3I>, < +define(`WSBOX3I', ` movdqa $3, $8 por $4, $8 movdqa $2, $5 @@ -404,9 +404,9 @@ define(<WSBOX3I>, < pand $7, $1 por $2, $1 pxor $1, $8 ->) +') -define(<WSBOX4I>, < +define(`WSBOX4I', ` movdqa $3, $6 pxor $4, $6 movdqa $3, $7 @@ -428,9 +428,9 @@ define(<WSBOX4I>, < pxor $1, $5 pxor $2, $1 pxor $1, $7 ->) +') -define(<WSBOX5I>, < +define(`WSBOX5I', ` movdqa $1, $6 pand $4, $6 movdqa $3, $8 @@ -453,9 +453,9 @@ define(<WSBOX5I>, < PNOT($2) por $1, $2 pxor $2, $8 ->) +') -define(<WSBOX6I>, < +define(`WSBOX6I', ` movdqa $1, $7 pxor $3, $7 PNOT($3) @@ -480,9 +480,9 @@ define(<WSBOX6I>, < pand $5, $2 pxor $2, $7 pxor $4, $7 ->) +') -define(<WSBOX7I>, < +define(`WSBOX7I', ` movdqa $1, $8 pand $2, $8 movdqa $2, $7 @@ -506,13 +506,13 @@ define(<WSBOX7I>, < pxor $1, $6 por $6, $4 pxor $4, $5 ->) +') -define(<WLTI>, < +define(`WLTI', ` WROL(10, $3) WROL(27, $1) movdqa $2, T0 - pslld <$>7, T0 + pslld `$'7, T0 pxor $4, $3 pxor T0, $3 pxor $2, $1 @@ -520,14 +520,14 @@ define(<WLTI>, < WROL(25, $4) WROL(31, $2) movdqa $1, T0 - pslld <$>3, T0 + pslld `$'3, T0 pxor $3, $4 pxor T0, $4 pxor $1, $2 pxor $3, $2 WROL(29, $3) WROL(19, $1) ->) +') .file "serpent-decrypt.asm" diff --git a/x86_64/serpent-encrypt.asm b/x86_64/serpent-encrypt.asm index 99cba00c..5f10351e 100644 --- a/x86_64/serpent-encrypt.asm +++ b/x86_64/serpent-encrypt.asm @@ -1,6 +1,6 @@ C x86_64/serpent-encrypt.asm -ifelse(< +ifelse(` Copyright (C) 2011 Niels Möller This file is part of GNU Nettle. @@ -28,52 +28,52 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -include_src(<x86_64/serpent.m4>) +include_src(`x86_64/serpent.m4') C Register usage: C Single block serpent state, two copies -define(<x0>, <%eax>) -define(<x1>, <%ebx>) -define(<x2>, <%ebp>) -define(<x3>, <%r8d>) +define(`x0', `%eax') +define(`x1', `%ebx') +define(`x2', `%ebp') +define(`x3', `%r8d') -define(<y0>, <%r9d>) -define(<y1>, <%r10d>) -define(<y2>, <%r11d>) -define(<y3>, <%r12d>) +define(`y0', `%r9d') +define(`y1', `%r10d') +define(`y2', `%r11d') +define(`y3', `%r12d') C Quadruple block serpent state, two copies -define(<X0>, <%xmm0>) -define(<X1>, <%xmm1>) -define(<X2>, <%xmm2>) -define(<X3>, <%xmm3>) - -define(<Y0>, <%xmm4>) -define(<Y1>, <%xmm5>) -define(<Y2>, <%xmm6>) -define(<Y3>, <%xmm7>) - -define(<MINUS1>, <%xmm8>) -define(<T0>, <%xmm9>) -define(<T1>, <%xmm10>) -define(<T2>, <%xmm11>) -define(<T3>, <%xmm12>) +define(`X0', `%xmm0') +define(`X1', `%xmm1') +define(`X2', `%xmm2') +define(`X3', `%xmm3') + +define(`Y0', `%xmm4') +define(`Y1', `%xmm5') +define(`Y2', `%xmm6') +define(`Y3', `%xmm7') + +define(`MINUS1', `%xmm8') +define(`T0', `%xmm9') +define(`T1', `%xmm10') +define(`T2', `%xmm11') +define(`T3', `%xmm12') C Arguments -define(<CTX>, <%rdi>) -define(<N>, <%rsi>) -define(<DST>, <%rdx>) -define(<SRC>, <%rcx>) +define(`CTX', `%rdi') +define(`N', `%rsi') +define(`DST', `%rdx') +define(`SRC', `%rcx') -define(<CNT>, <%r13>) -define(<TMP32>, <%r14d>) +define(`CNT', `%r13') +define(`TMP32', `%r14d') C SBOX macros. Inputs $1 - $4 (destroyed), outputs $5 - $8 -define(<SBOX0>, < +define(`SBOX0', ` mov $2, $8 C y3 = x1 ^ x2 xor $3, $8 mov $1, $5 C y0 = x0 | x3 @@ -98,9 +98,9 @@ define(<SBOX0>, < mov $5, $6 C y1 = y0 ^ x1 xor $2, $6 xor $4, $6 C y1 ^= x3 ->) +') -define(<SBOX1>, < +define(`SBOX1', ` mov $1, $6 C y1 = x0 | x3 or $4, $6 mov $3, $7 C y2 = x2 ^ x3 @@ -127,9 +127,9 @@ define(<SBOX1>, < not $8 C y3 = ~y3 and $4, $5 C y0 &= x3 xor $3, $5 C y0 ^= x2 ->) +') -define(<SBOX2>, < +define(`SBOX2', ` mov $1, $7 C y2 = x1 | x2 or $3, $7 mov $1, $6 @@ -152,9 +152,9 @@ define(<SBOX2>, < xor $2, $7 not $8 xor $4, $7 ->) +') -define(<SBOX3>, < +define(`SBOX3', ` mov $1, $6 xor $3, $6 mov $1, $5 @@ -180,9 +180,9 @@ define(<SBOX3>, < and $4, $2 mov $1, $5 xor $2, $5 ->) +') -define(<SBOX4>, < +define(`SBOX4', ` mov $1, $8 or $2, $8 mov $2, $7 @@ -206,9 +206,9 @@ define(<SBOX4>, < and $4, $5 xor $3, $5 not $5 ->) +') -define(<SBOX5>, < +define(`SBOX5', ` mov $2, $5 or $4, $5 xor $3, $5 @@ -231,9 +231,9 @@ define(<SBOX5>, < xor $7, $6 or $4, $7 xor $2, $7 ->) +') -define(<SBOX6>, < +define(`SBOX6', ` mov $1, $5 xor $4, $5 mov $1, $6 @@ -257,9 +257,9 @@ define(<SBOX6>, < not $7 xor $7, $5 xor $1, $5 ->) +') -define(<SBOX7>, < +define(`SBOX7', ` mov $1, $5 and $3, $5 mov $2, $8 @@ -287,39 +287,39 @@ define(<SBOX7>, < not $4 C t02 or $4, $5 xor $3, $5 ->) +') -define(<LT>, < - rol <$>13, $1 - rol <$>3, $3 +define(`LT', ` + rol `$'13, $1 + rol `$'3, $3 xor $1, $2 xor $3, $2 mov $1, TMP32 - shl <$>3, TMP32 + shl `$'3, TMP32 xor $3, $4 xor TMP32, $4 rol $2 - rol <$>7, $4 + rol `$'7, $4 xor $2, $1 xor $4, $1 mov $2, TMP32 - shl <$>7, TMP32 + shl `$'7, TMP32 xor $4, $3 xor TMP32, $3 - rol <$>5, $1 - rol <$>22, $3 ->) + rol `$'5, $1 + rol `$'22, $3 +') C Parallel operation on four blocks at a time. C pnot instruction is missing. For lack of a spare register, XOR with C constant in memory. -define(<PNOT>, < +define(`PNOT', ` pxor MINUS1, $1 ->) +') -define(<WSBOX0>, < +define(`WSBOX0', ` movdqa $2, $8 C y3 = x1 ^ x2 pxor $3, $8 movdqa $1, $5 C y0 = x0 | x3 @@ -344,9 +344,9 @@ define(<WSBOX0>, < movdqa $5, $6 C y1 = y0 ^ x1 pxor $2, $6 pxor $4, $6 C y1 ^= x3 ->) +') -define(<WSBOX1>, < +define(`WSBOX1', ` movdqa $1, $6 C y1 = x0 | x3 por $4, $6 movdqa $3, $7 C y2 = x2 ^ x3 @@ -373,9 +373,9 @@ define(<WSBOX1>, < PNOT($8) C y3 = ~y3 pand $4, $5 C y0 &= x3 pxor $3, $5 C y0 ^= x2 ->) +') -define(<WSBOX2>, < +define(`WSBOX2', ` movdqa $1, $7 C y2 = x1 | x2 por $3, $7 movdqa $1, $6 @@ -398,9 +398,9 @@ define(<WSBOX2>, < pxor $2, $7 PNOT($8) pxor $4, $7 ->) +') -define(<WSBOX3>, < +define(`WSBOX3', ` movdqa $1, $6 pxor $3, $6 movdqa $1, $5 @@ -426,9 +426,9 @@ define(<WSBOX3>, < pand $4, $2 movdqa $1, $5 pxor $2, $5 ->) +') -define(<WSBOX4>, < +define(`WSBOX4', ` movdqa $1, $8 por $2, $8 movdqa $2, $7 @@ -452,9 +452,9 @@ define(<WSBOX4>, < pand $4, $5 pxor $3, $5 PNOT($5) ->) +') -define(<WSBOX5>, < +define(`WSBOX5', ` movdqa $2, $5 por $4, $5 pxor $3, $5 @@ -477,9 +477,9 @@ define(<WSBOX5>, < pxor $7, $6 por $4, $7 pxor $2, $7 ->) +') -define(<WSBOX6>, < +define(`WSBOX6', ` movdqa $1, $5 pxor $4, $5 movdqa $1, $6 @@ -503,9 +503,9 @@ define(<WSBOX6>, < PNOT($7) pxor $7, $5 pxor $1, $5 ->) +') -define(<WSBOX7>, < +define(`WSBOX7', ` movdqa $1, $5 pand $3, $5 movdqa $2, $8 @@ -532,16 +532,16 @@ define(<WSBOX7>, < PNOT($4) C t02 por $4, $5 pxor $3, $5 ->) +') C WLT(x0, x1, x2, x3) -define(<WLT>, < +define(`WLT', ` WROL(13, $1) WROL(3, $3) pxor $1, $2 pxor $3, $2 movdqa $1, T0 - pslld <$>3, T0 + pslld `$'3, T0 pxor $3, $4 pxor T0, $4 WROL(1, $2) @@ -549,12 +549,12 @@ define(<WLT>, < pxor $2, $1 pxor $4, $1 movdqa $2, T0 - pslld <$>7, T0 + pslld `$'7, T0 pxor $4, $3 pxor T0, $3 WROL(5, $1) WROL(22, $3) ->) +') .file "serpent-encrypt.asm" diff --git a/x86_64/serpent.m4 b/x86_64/serpent.m4 index c19bc4e4..a21efe39 100644 --- a/x86_64/serpent.m4 +++ b/x86_64/serpent.m4 @@ -1,6 +1,6 @@ C x86_64/serpent.m4 -ifelse(< +ifelse(` Copyright (C) 2011 Niels Möller This file is part of GNU Nettle. @@ -28,15 +28,15 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C WROL(count, w) -define(<WROL>, < +define(`WROL', ` movdqa $2, T0 - pslld <$>$1, $2 - psrld <$>eval(32 - $1), T0 + pslld `$'$1, $2 + psrld `$'eval(32 - $1), T0 por T0, $2 ->) +') C Note: Diagrams use little-endian representation, with least C significant word to the left. @@ -56,18 +56,18 @@ C x2: | a2 | b2 | c2 | d2 | C x3: | a3 | b3 | c3 | d3 | C +----+----+----+----+ -define(<WTRANSPOSE>, < +define(`WTRANSPOSE', ` movdqa $1, T0 punpcklqdq $3, T0 C |a0 a1 c0 c1| punpckhqdq $3, $1 C |a2 a3 c2 c3| - pshufd <$>0xd8, T0, T0 C |a0 c0 a1 c1| - pshufd <$>0xd8, $1, T1 C |a2 c2 a3 c3| + pshufd `$'0xd8, T0, T0 C |a0 c0 a1 c1| + pshufd `$'0xd8, $1, T1 C |a2 c2 a3 c3| movdqa $2, T2 punpcklqdq $4, T2 C |b0 b1 d0 11| punpckhqdq $4, $2 C |b2 b3 d2 d3| - pshufd <$>0xd8, T2, T2 C |b0 d0 b1 d1| - pshufd <$>0xd8, $2, T3 C |b2 d2 b3 d3| + pshufd `$'0xd8, T2, T2 C |b0 d0 b1 d1| + pshufd `$'0xd8, $2, T3 C |b2 d2 b3 d3| movdqa T0, $1 punpckldq T2, $1 C |a0 b0 c0 d0| @@ -78,17 +78,17 @@ define(<WTRANSPOSE>, < punpckldq T3, $3 C |a2 b2 c2 d2| movdqa T1, $4 punpckhdq T3, $4 C |a3 b3 c3 d3| ->) +') C FIXME: Arrange 16-byte alignment, so we can use movaps? -define(<WKEYXOR>, < +define(`WKEYXOR', ` movups $1(CTX, CNT), T0 - pshufd <$>0x55, T0, T1 - pshufd <$>0xaa, T0, T2 + pshufd `$'0x55, T0, T1 + pshufd `$'0xaa, T0, T2 pxor T1, $3 pxor T2, $4 - pshufd <$>0xff, T0, T1 - pshufd <$>0x00, T0, T0 + pshufd `$'0xff, T0, T1 + pshufd `$'0x00, T0, T0 pxor T1, $5 pxor T0, $2 ->) +') diff --git a/x86_64/sha1-compress.asm b/x86_64/sha1-compress.asm index dd48de0e..d0b0244f 100644 --- a/x86_64/sha1-compress.asm +++ b/x86_64/sha1-compress.asm @@ -1,6 +1,6 @@ C x86_64/sha1-compress.asm -ifelse(< +ifelse(` Copyright (C) 2004, 2008, 2013 Niels Möller This file is part of GNU Nettle. @@ -28,36 +28,36 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Register usage. KVALUE and INPUT share a register. -define(<SA>,<%eax>)dnl -define(<SB>,<%r8d>)dnl -define(<SC>,<%ecx>)dnl -define(<SD>,<%edx>)dnl -define(<SE>,<%r9d>)dnl -define(<DATA>,<%rsp>)dnl -define(<T1>,<%r10d>)dnl -define(<T2>,<%r11d>)dnl -define(<KVALUE>, <%esi>)dnl +define(`SA',`%eax')dnl +define(`SB',`%r8d')dnl +define(`SC',`%ecx')dnl +define(`SD',`%edx')dnl +define(`SE',`%r9d')dnl +define(`DATA',`%rsp')dnl +define(`T1',`%r10d')dnl +define(`T2',`%r11d')dnl +define(`KVALUE', `%esi')dnl C Arguments -define(<STATE>,<%rdi>)dnl -define(<INPUT>,<%rsi>)dnl +define(`STATE',`%rdi')dnl +define(`INPUT',`%rsi')dnl C Constants -define(<K1VALUE>, <<$>0x5A827999>)dnl C Rounds 0-19 -define(<K2VALUE>, <<$>0x6ED9EBA1>)dnl C Rounds 20-39 -define(<K3VALUE>, <<$>0x8F1BBCDC>)dnl C Rounds 40-59 -define(<K4VALUE>, <<$>0xCA62C1D6>)dnl C Rounds 60-79 +define(`K1VALUE', ``$'0x5A827999')dnl C Rounds 0-19 +define(`K2VALUE', ``$'0x6ED9EBA1')dnl C Rounds 20-39 +define(`K3VALUE', ``$'0x8F1BBCDC')dnl C Rounds 40-59 +define(`K4VALUE', ``$'0xCA62C1D6')dnl C Rounds 60-79 C Reads the input into register, byteswaps it, and stores it in the DATA array. C SWAP(index, register) -define(<SWAP>, < +define(`SWAP', ` movl OFFSET($1)(INPUT), $2 bswap $2 movl $2, OFFSET($1) (DATA) ->)dnl +')dnl C The f functions, C @@ -91,28 +91,28 @@ C e += a <<< 5 + f( b, c, d ) + k + w; C b <<<= 30 dnl ROUND_F1(a, b, c, d, e, i) -define(<ROUND_F1>, < +define(`ROUND_F1', ` movl OFFSET(eval($6 % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 2) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 8) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 13) % 16)) (DATA), T1 - roll <$>1, T1 + roll `$'1, T1 movl T1, OFFSET(eval($6 % 16)) (DATA) movl $4, T2 xorl $3, T2 andl $2, T2 xorl $4, T2 - roll <$>30, $2 + roll `$'30, $2 addl T1, $5 addl KVALUE, $5 movl $1, T1 - roll <$>5, T1 + roll `$'5, T1 addl T1, $5 addl T2, $5 ->) +') dnl ROUND_F1_NOEXP(a, b, c, d, e, i) -define(<ROUND_F1_NOEXP>, < +define(`ROUND_F1_NOEXP', ` movl $4, T2 xorl $3, T2 movl $1, T1 @@ -120,39 +120,39 @@ define(<ROUND_F1_NOEXP>, < addl OFFSET($6) (DATA), $5 xorl $4, T2 addl T2, $5 - roll <$>30, $2 - roll <$>5, T1 + roll `$'30, $2 + roll `$'5, T1 addl T1, $5 addl KVALUE, $5 ->) +') dnl ROUND_F2(a, b, c, d, e, i) -define(<ROUND_F2>, < +define(`ROUND_F2', ` movl OFFSET(eval($6 % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 2) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 8) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 13) % 16)) (DATA), T1 - roll <$>1, T1 + roll `$'1, T1 movl T1, OFFSET(eval($6 % 16)) (DATA) movl $4, T2 xorl $3, T2 xorl $2, T2 - roll <$>30, $2 + roll `$'30, $2 addl T1, $5 addl KVALUE, $5 movl $1, T1 - roll <$>5, T1 + roll `$'5, T1 addl T1, $5 addl T2, $5 ->) +') dnl ROUND_F3(a, b, c, d, e, i) -define(<ROUND_F3>, < +define(`ROUND_F3', ` movl OFFSET(eval($6 % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 2) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 8) % 16)) (DATA), T1 xorl OFFSET(eval(($6 + 13) % 16)) (DATA), T1 - roll <$>1, T1 + roll `$'1, T1 movl T1, OFFSET(eval($6 % 16)) (DATA) movl $4, T2 andl $3, T2 @@ -162,12 +162,12 @@ define(<ROUND_F3>, < xorl $3, T1 andl $2, T1 addl T2, $5 - roll <$>30, $2 + roll `$'30, $2 movl $1, T2 - roll <$>5, T2 + roll `$'5, T2 addl T1, $5 addl T2, $5 ->) +') .file "sha1-compress.asm" diff --git a/x86_64/sha256-compress.asm b/x86_64/sha256-compress.asm index 5b7d0dcd..5ed669b1 100644 --- a/x86_64/sha256-compress.asm +++ b/x86_64/sha256-compress.asm @@ -1,6 +1,6 @@ C x86_64/sha256-compress.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,46 +28,46 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "sha256-compress.asm" -define(<STATE>, <%rdi>) -define(<INPUT>, <%rsi>) -define(<K>, <%rdx>) -define(<SA>, <%eax>) -define(<SB>, <%ebx>) -define(<SC>, <%ecx>) -define(<SD>, <%r8d>) -define(<SE>, <%r9d>) -define(<SF>, <%r10d>) -define(<SG>, <%r11d>) -define(<SH>, <%r12d>) -define(<T0>, <%r13d>) -define(<T1>, <%edi>) C Overlap STATE -define(<COUNT>, <%r14>) -define(<W>, <%r15d>) - -define(<EXPN>, < +define(`STATE', `%rdi') +define(`INPUT', `%rsi') +define(`K', `%rdx') +define(`SA', `%eax') +define(`SB', `%ebx') +define(`SC', `%ecx') +define(`SD', `%r8d') +define(`SE', `%r9d') +define(`SF', `%r10d') +define(`SG', `%r11d') +define(`SH', `%r12d') +define(`T0', `%r13d') +define(`T1', `%edi') C Overlap STATE +define(`COUNT', `%r14') +define(`W', `%r15d') + +define(`EXPN', ` movl OFFSET($1)(%rsp), W movl OFFSET(eval(($1 + 14) % 16))(%rsp), T0 movl T0, T1 - shrl <$>10, T0 - roll <$>13, T1 + shrl `$'10, T0 + roll `$'13, T1 xorl T1, T0 - roll <$>2, T1 + roll `$'2, T1 xorl T1, T0 addl T0, W movl OFFSET(eval(($1 + 1) % 16))(%rsp), T0 movl T0, T1 - shrl <$>3, T0 - roll <$>14, T1 + shrl `$'3, T0 + roll `$'14, T1 xorl T1, T0 - roll <$>11, T1 + roll `$'11, T1 xorl T1, T0 addl T0, W addl OFFSET(eval(($1 + 9) % 16))(%rsp), W movl W, OFFSET($1)(%rsp) ->) +') C ROUND(A,B,C,D,E,F,G,H,K) C @@ -82,13 +82,13 @@ C S0(A) = A<<<30 ^ A<<<19 ^ A<<<10 C Choice (E, F, G) = G^(E&(F^G)) C Majority (A,B,C) = (A&B) + (C&(A^B)) -define(<ROUND>, < +define(`ROUND', ` movl $5, T0 movl $5, T1 - roll <$>7, T0 - roll <$>21, T1 + roll `$'7, T0 + roll `$'21, T1 xorl T0, T1 - roll <$>19, T0 + roll `$'19, T0 xorl T0, T1 addl W, $8 addl T1, $8 @@ -102,10 +102,10 @@ define(<ROUND>, < movl $1, T0 movl $1, T1 - roll <$>10, T0 - roll <$>19, T1 + roll `$'10, T0 + roll `$'19, T1 xorl T0, T1 - roll <$>20, T0 + roll `$'20, T0 xorl T0, T1 addl T1, $8 movl $1, T0 @@ -115,13 +115,13 @@ define(<ROUND>, < addl T0, $8 andl $3, T1 addl T1, $8 ->) +') -define(<NOEXPN>, < +define(`NOEXPN', ` movl OFFSET($1)(INPUT, COUNT, 4), W bswapl W movl W, OFFSET($1)(%rsp, COUNT, 4) ->) +') C void C _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k) diff --git a/x86_64/sha3-permute.asm b/x86_64/sha3-permute.asm index 805b59af..1a421cfa 100644 --- a/x86_64/sha3-permute.asm +++ b/x86_64/sha3-permute.asm @@ -1,6 +1,6 @@ C x86_64/sha3-permute.asm -ifelse(< +ifelse(` Copyright (C) 2012 Niels Möller This file is part of GNU Nettle. @@ -28,80 +28,80 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<CTX>, <%rdi>) C 25 64-bit values, 200 bytes. -define(<COUNT>, <%r8>) C Avoid clobbering %rsi, for W64. +define(`CTX', `%rdi') C 25 64-bit values, 200 bytes. +define(`COUNT', `%r8') C Avoid clobbering %rsi, for W64. -define(<A00>, <%rax>) -define(<A0102>, <%xmm0>) -define(<A0304>, <%xmm1>) +define(`A00', `%rax') +define(`A0102', `%xmm0') +define(`A0304', `%xmm1') -define(<A05>, <%rcx>) -define(<A0607>, <%xmm2>) -define(<A0809>, <%xmm3>) +define(`A05', `%rcx') +define(`A0607', `%xmm2') +define(`A0809', `%xmm3') -define(<A10>, <%rdx>) -define(<A1112>, <%xmm4>) -define(<A1314>, <%xmm5>) +define(`A10', `%rdx') +define(`A1112', `%xmm4') +define(`A1314', `%xmm5') -define(<A15>, <%rbp>) -define(<A1617>, <%xmm6>) -define(<A1819>, <%xmm7>) +define(`A15', `%rbp') +define(`A1617', `%xmm6') +define(`A1819', `%xmm7') -define(<A20>, <%r9>) -define(<A2122>, <%xmm8>) -define(<A2324>, <%xmm9>) +define(`A20', `%r9') +define(`A2122', `%xmm8') +define(`A2324', `%xmm9') -define(<C0>, <%r10>) -define(<C12>, <%xmm10>) -define(<C34>, <%xmm11>) +define(`C0', `%r10') +define(`C12', `%xmm10') +define(`C34', `%xmm11') -define(<D0>, <%r11>) -define(<D12>, <%xmm12>) -define(<D34>, <%xmm13>) +define(`D0', `%r11') +define(`D12', `%xmm12') +define(`D34', `%xmm13') C Wide temporaries -define(<W0>, <%xmm14>) -define(<W1>, <%xmm15>) -define(<W2>, <%xmm12>) C Overlap D12 -define(<W3>, <%xmm13>) C Overlap D34 +define(`W0', `%xmm14') +define(`W1', `%xmm15') +define(`W2', `%xmm12') C Overlap D12 +define(`W3', `%xmm13') C Overlap D34 -define(<T0>, <%r12>) -define(<T1>, <%r13>) -define(<T2>, <%r11>) C Overlap D0 -define(<T3>, <%r10>) C Overlap C0 +define(`T0', `%r12') +define(`T1', `%r13') +define(`T2', `%r11') C Overlap D0 +define(`T3', `%r10') C Overlap C0 -define(<RC>, <%r14>) +define(`RC', `%r14') -define(<OFFSET>, <ifelse($1,0,,eval(8*$1))>) -define(<STATE>, <OFFSET($1)(CTX)>) +define(`OFFSET', `ifelse($1,0,,eval(8*$1))') +define(`STATE', `OFFSET($1)(CTX)') -define(<SWAP64>, <pshufd <$>0x4e,>) +define(`SWAP64', `pshufd `$'0x4e,') -define(<DIRECT_MOVQ>, <no>) +define(`DIRECT_MOVQ', `no') C MOVQ(src, dst), for moves between a general register and an xmm C register. -ifelse(DIRECT_MOVQ, yes, < +ifelse(DIRECT_MOVQ, yes, ` C movq calls that are equal to the corresponding movd, C where the Apple assembler requires them to be written as movd. -define(<MOVQ>, <movd $1, $2>) ->, < +define(`MOVQ', `movd $1, $2') +', ` C Moving via (cached) memory is generally faster. -define(<MOVQ>, < +define(`MOVQ', ` movq $1, (CTX) movq (CTX), $2 ->)>) +')') C ROTL64(rot, register, temp) C Caller needs to or together the result. -define(<ROTL64>, < +define(`ROTL64', ` movdqa $2, $3 - psllq <$>$1, $2 - psrlq <$>eval(64-$1), $3 ->) + psllq `$'$1, $2 + psrlq `$'eval(64-$1), $3 +') .file "sha3-permute.asm" diff --git a/x86_64/sha512-compress.asm b/x86_64/sha512-compress.asm index 4ff1f32a..35a2a275 100644 --- a/x86_64/sha512-compress.asm +++ b/x86_64/sha512-compress.asm @@ -1,6 +1,6 @@ C x86_64/sha512-compress.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,46 +28,46 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "sha512-compress.asm" -define(<STATE>, <%rdi>) -define(<INPUT>, <%rsi>) -define(<K>, <%rdx>) -define(<SA>, <%rax>) -define(<SB>, <%rbx>) -define(<SC>, <%rcx>) -define(<SD>, <%r8>) -define(<SE>, <%r9>) -define(<SF>, <%r10>) -define(<SG>, <%r11>) -define(<SH>, <%r12>) -define(<T0>, <%r13>) -define(<T1>, <%rdi>) C Overlap STATE -define(<COUNT>, <%r14>) -define(<W>, <%r15>) - -define(<EXPN>, < +define(`STATE', `%rdi') +define(`INPUT', `%rsi') +define(`K', `%rdx') +define(`SA', `%rax') +define(`SB', `%rbx') +define(`SC', `%rcx') +define(`SD', `%r8') +define(`SE', `%r9') +define(`SF', `%r10') +define(`SG', `%r11') +define(`SH', `%r12') +define(`T0', `%r13') +define(`T1', `%rdi') C Overlap STATE +define(`COUNT', `%r14') +define(`W', `%r15') + +define(`EXPN', ` mov OFFSET64($1)(%rsp), W mov OFFSET64(eval(($1 + 14) % 16))(%rsp), T0 mov T0, T1 - shr <$>6, T0 - rol <$>3, T1 + shr `$'6, T0 + rol `$'3, T1 xor T1, T0 - rol <$>42, T1 + rol `$'42, T1 xor T1, T0 add T0, W mov OFFSET64(eval(($1 + 1) % 16))(%rsp), T0 mov T0, T1 - shr <$>7, T0 - rol <$>56, T1 + shr `$'7, T0 + rol `$'56, T1 xor T1, T0 - rol <$>7, T1 + rol `$'7, T1 xor T1, T0 add T0, W add OFFSET64(eval(($1 + 9) % 16))(%rsp), W mov W, OFFSET64($1)(%rsp) ->) +') C ROUND(A,B,C,D,E,F,G,H,K) C @@ -82,13 +82,13 @@ C S0(A) = A<<<36 ^ A<<<30 ^ A<<<25 C Choice (E, F, G) = G^(E&(F^G)) C Majority (A,B,C) = (A&B) + (C&(A^B)) -define(<ROUND>, < +define(`ROUND', ` mov $5, T0 mov $5, T1 - rol <$>23, T0 - rol <$>46, T1 + rol `$'23, T0 + rol `$'46, T1 xor T0, T1 - rol <$>27, T0 + rol `$'27, T0 xor T0, T1 add W, $8 add T1, $8 @@ -102,10 +102,10 @@ define(<ROUND>, < mov $1, T0 mov $1, T1 - rol <$>25, T0 - rol <$>30, T1 + rol `$'25, T0 + rol `$'30, T1 xor T0, T1 - rol <$>11, T0 + rol `$'11, T0 xor T0, T1 add T1, $8 mov $1, T0 @@ -115,13 +115,13 @@ define(<ROUND>, < add T0, $8 and $3, T1 add T1, $8 ->) +') -define(<NOEXPN>, < +define(`NOEXPN', ` mov OFFSET64($1)(INPUT, COUNT, 8), W bswap W mov W, OFFSET64($1)(%rsp, COUNT, 8) ->) +') C void C _nettle_sha512_compress(uint64_t *state, const uint8_t *input, const uint64_t *k) diff --git a/x86_64/sha_ni/sha1-compress.asm b/x86_64/sha_ni/sha1-compress.asm index ab848fdd..7959e36e 100644 --- a/x86_64/sha_ni/sha1-compress.asm +++ b/x86_64/sha_ni/sha1-compress.asm @@ -1,6 +1,6 @@ C x86_64/sha_ni/sha1-compress.asm -ifelse(< +ifelse(` Copyright (C) 2018 Niels Möller This file is part of GNU Nettle. @@ -28,34 +28,34 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') C Register usage. C Arguments -define(<STATE>,<%rdi>)dnl -define(<INPUT>,<%rsi>)dnl - -define(<MSG0>,<%xmm0>) -define(<MSG1>,<%xmm1>) -define(<MSG2>,<%xmm2>) -define(<MSG3>,<%xmm3>) -define(<ABCD>,<%xmm4>) -define(<E0>,<%xmm5>) -define(<E1>,<%xmm6>) -define(<ABCD_ORIG>, <%xmm7>) -define(<E_ORIG>, <%xmm8>) -define(<SWAP_MASK>,<%xmm9>) +define(`STATE',`%rdi')dnl +define(`INPUT',`%rsi')dnl + +define(`MSG0',`%xmm0') +define(`MSG1',`%xmm1') +define(`MSG2',`%xmm2') +define(`MSG3',`%xmm3') +define(`ABCD',`%xmm4') +define(`E0',`%xmm5') +define(`E1',`%xmm6') +define(`ABCD_ORIG', `%xmm7') +define(`E_ORIG', `%xmm8') +define(`SWAP_MASK',`%xmm9') C QROUND(M0, M1, M2, M3, E0, E1, TYPE) -define(<QROUND>, < +define(`QROUND', ` sha1nexte $1, $5 movdqa ABCD, $6 sha1msg2 $1, $2 - sha1rnds4 <$>$7, $5, ABCD + sha1rnds4 `$'$7, $5, ABCD sha1msg1 $1, $4 pxor $1, $3 ->) +') .file "sha1-compress.asm" diff --git a/x86_64/sha_ni/sha256-compress.asm b/x86_64/sha_ni/sha256-compress.asm index f2a4bd32..00bd3cd3 100644 --- a/x86_64/sha_ni/sha256-compress.asm +++ b/x86_64/sha_ni/sha256-compress.asm @@ -1,6 +1,6 @@ C x86_64/sha_ni/sha256-compress.asm -ifelse(< +ifelse(` Copyright (C) 2018 Niels Möller This file is part of GNU Nettle. @@ -28,46 +28,46 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') .file "sha256-compress.asm" -define(<STATE>, <%rdi>) -define(<INPUT>, <%rsi>) -define(<K>, <%rdx>) - -define(<MSGK>,<%xmm0>) C Implicit operand of sha256rnds2 -define(<MSG0>,<%xmm1>) -define(<MSG1>,<%xmm2>) -define(<MSG2>,<%xmm3>) -define(<MSG3>,<%xmm4>) -define(<ABEF>,<%xmm5>) -define(<CDGH>,<%xmm6>) -define(<ABEF_ORIG>,<%xmm7>) -define(<CDGH_ORIG>, <%xmm8>) -define(<SWAP_MASK>,<%xmm9>) -define(<TMP>, <%xmm9>) C Overlaps SWAP_MASK +define(`STATE', `%rdi') +define(`INPUT', `%rsi') +define(`K', `%rdx') + +define(`MSGK',`%xmm0') C Implicit operand of sha256rnds2 +define(`MSG0',`%xmm1') +define(`MSG1',`%xmm2') +define(`MSG2',`%xmm3') +define(`MSG3',`%xmm4') +define(`ABEF',`%xmm5') +define(`CDGH',`%xmm6') +define(`ABEF_ORIG',`%xmm7') +define(`CDGH_ORIG', `%xmm8') +define(`SWAP_MASK',`%xmm9') +define(`TMP', `%xmm9') C Overlaps SWAP_MASK C QROUND(M0, M1, M2, M3, R) -define(<QROUND>, < +define(`QROUND', ` movdqa eval($5*4)(K), MSGK paddd $1, MSGK sha256rnds2 ABEF, CDGH - pshufd <$>0xe, MSGK, MSGK + pshufd `$'0xe, MSGK, MSGK sha256rnds2 CDGH, ABEF movdqa $1, TMP - palignr <$>4, $4, TMP + palignr `$'4, $4, TMP paddd TMP, $2 sha256msg2 $1, $2 sha256msg1 $1, $4 - >) + ') C FIXME: Do something more clever, taking the pshufd into account. C TRANSPOSE(ABCD, EFGH, scratch) --> untouched, ABEF, CDGH -define(<TRANSPOSE>, < +define(`TRANSPOSE', ` movdqa $2, $3 punpckhqdq $1, $2 punpcklqdq $1, $3 ->) +') C void C _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k) diff --git a/x86_64/umac-nh-n.asm b/x86_64/umac-nh-n.asm index ecb6396a..3c764967 100644 --- a/x86_64/umac-nh-n.asm +++ b/x86_64/umac-nh-n.asm @@ -1,6 +1,6 @@ C x86_64/umac-nh-n.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,31 +28,31 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) - -define(<OUT>, <%rdi>) -define(<ITERS>, <%rsi>) -define(<KEY>, <%rdx>) -define(<LENGTH>, <%rcx>) -define(<MSG>, <%r8>) - -define(<XM0>, <%xmm0>) -define(<XM1>, <%xmm1>) -define(<XM2>, <%xmm2>) -define(<XM3>, <%xmm3>) -define(<XK0>, <%xmm4>) -define(<XK1>, <%xmm5>) -define(<XK2>, <%xmm6>) -define(<XK3>, <%xmm7>) -define(<XT0>, <%xmm8>) -define(<XT1>, <%xmm9>) -define(<XT2>, <%xmm10>) -define(<XT3>, <%xmm11>) -define(<XY0>, <%xmm12>) -define(<XY1>, <%xmm13>) +') + +define(`OUT', `%rdi') +define(`ITERS', `%rsi') +define(`KEY', `%rdx') +define(`LENGTH', `%rcx') +define(`MSG', `%r8') + +define(`XM0', `%xmm0') +define(`XM1', `%xmm1') +define(`XM2', `%xmm2') +define(`XM3', `%xmm3') +define(`XK0', `%xmm4') +define(`XK1', `%xmm5') +define(`XK2', `%xmm6') +define(`XK3', `%xmm7') +define(`XT0', `%xmm8') +define(`XT1', `%xmm9') +define(`XT2', `%xmm10') +define(`XT3', `%xmm11') +define(`XY0', `%xmm12') +define(`XY1', `%xmm13') C Copy [0,1,2,3] to [1,1,3,3] -define(<HI2LO>, <pshufd <$>0xf5,>) +define(`HI2LO', `pshufd `$'0xf5,') C FIXME: Would be nice if we could force the key array to be 16-byte C aligned. diff --git a/x86_64/umac-nh.asm b/x86_64/umac-nh.asm index a6938e02..e8aa94e4 100644 --- a/x86_64/umac-nh.asm +++ b/x86_64/umac-nh.asm @@ -1,6 +1,6 @@ C x86_64/umac-nh.asm -ifelse(< +ifelse(` Copyright (C) 2013 Niels Möller This file is part of GNU Nettle. @@ -28,19 +28,19 @@ ifelse(< You should have received copies of the GNU General Public License and the GNU Lesser General Public License along with this program. If not, see http://www.gnu.org/licenses/. ->) +') -define(<KEY>, <%rdi>) -define(<LENGTH>, <%rsi>) -define(<MSG>, <%rdx>) +define(`KEY', `%rdi') +define(`LENGTH', `%rsi') +define(`MSG', `%rdx') -define(<XA>, <%xmm0>) -define(<XB>, <%xmm1>) -define(<XK0>, <%xmm2>) -define(<XK1>, <%xmm3>) -define(<XY>, <%xmm4>) -define(<XT0>, <%xmm5>) -define(<XT1>, <%xmm6>) +define(`XA', `%xmm0') +define(`XB', `%xmm1') +define(`XK0', `%xmm2') +define(`XK1', `%xmm3') +define(`XY', `%xmm4') +define(`XT0', `%xmm5') +define(`XT1', `%xmm6') C FIXME: Would be nice if we could force the key array to be 16-byte C aligned. |