From bb653e91031fc19a81f753eb90c6a95e10c33809 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Meusel?= Date: Mon, 22 Jul 2024 15:50:18 +0200 Subject: [PATCH] use array-based load_be/le in MD hashes --- src/lib/hash/md4/md4.cpp | 55 +++--- src/lib/hash/md5/md5.cpp | 100 +++++------ src/lib/hash/rmd160/rmd160.cpp | 286 ++++++++++++++++--------------- src/lib/hash/sha1/sha1.cpp | 17 +- src/lib/hash/sha2_32/sha2_32.cpp | 161 ++++++++--------- src/lib/hash/sha2_64/sha2_64.cpp | 187 ++++++++++---------- src/lib/hash/sm3/sm3.cpp | 258 +++++++++++++--------------- 7 files changed, 516 insertions(+), 548 deletions(-) diff --git a/src/lib/hash/md4/md4.cpp b/src/lib/hash/md4/md4.cpp index 4c6227186f2..561f6d1ea94 100644 --- a/src/lib/hash/md4/md4.cpp +++ b/src/lib/hash/md4/md4.cpp @@ -79,40 +79,29 @@ void MD4::compress_n(digest_type& digest, std::span input, size_t BufferSlicer in(input); + std::array M; + for(size_t i = 0; i != blocks; ++i) { - const auto block = in.take(block_bytes).data(); - - uint32_t M00 = load_le(block, 0); - uint32_t M01 = load_le(block, 1); - uint32_t M02 = load_le(block, 2); - uint32_t M03 = load_le(block, 3); - uint32_t M04 = load_le(block, 4); - uint32_t M05 = load_le(block, 5); - uint32_t M06 = load_le(block, 6); - uint32_t M07 = load_le(block, 7); - uint32_t M08 = load_le(block, 8); - uint32_t M09 = load_le(block, 9); - uint32_t M10 = load_le(block, 10); - uint32_t M11 = load_le(block, 11); - uint32_t M12 = load_le(block, 12); - uint32_t M13 = load_le(block, 13); - uint32_t M14 = load_le(block, 14); - uint32_t M15 = load_le(block, 15); - - FF4(A, B, C, D, M00, M01, M02, M03); - FF4(A, B, C, D, M04, M05, M06, M07); - FF4(A, B, C, D, M08, M09, M10, M11); - FF4(A, B, C, D, M12, M13, M14, M15); - - GG4(A, B, C, D, M00, M04, M08, M12); - GG4(A, B, C, D, M01, M05, M09, M13); - GG4(A, B, C, D, M02, M06, M10, M14); - GG4(A, B, C, D, M03, M07, M11, M15); - - HH4(A, B, C, D, M00, M08, M04, M12); - HH4(A, B, C, D, M02, M10, M06, M14); - HH4(A, B, C, D, M01, M09, M05, M13); - HH4(A, B, C, D, M03, M11, M07, M15); + load_le(M, in.take()); + + // clang-format off + + FF4(A, B, C, D, M[ 0], M[ 1], M[ 2], M[ 3]); + FF4(A, B, C, D, M[ 4], M[ 5], M[ 6], M[ 7]); + FF4(A, B, C, D, M[ 8], M[ 9], M[10], M[11]); + FF4(A, B, C, D, M[12], M[13], M[14], M[15]); + + GG4(A, B, C, D, M[ 0], M[ 4], M[ 8], M[12]); + GG4(A, B, C, D, M[ 1], M[ 5], M[ 9], M[13]); + GG4(A, B, C, D, M[ 2], M[ 6], M[10], M[14]); + GG4(A, B, C, D, M[ 3], M[ 7], M[11], M[15]); + + HH4(A, B, C, D, M[ 0], M[ 8], M[ 4], M[12]); + HH4(A, B, C, D, M[ 2], M[10], M[ 6], M[14]); + HH4(A, B, C, D, M[ 1], M[ 9], M[ 5], M[13]); + HH4(A, B, C, D, M[ 3], M[11], M[ 7], M[15]); + + // clang-format on A = (digest[0] += A); B = (digest[1] += B); diff --git a/src/lib/hash/md5/md5.cpp b/src/lib/hash/md5/md5.cpp index 8f509145bfa..ded97323bb3 100644 --- a/src/lib/hash/md5/md5.cpp +++ b/src/lib/hash/md5/md5.cpp @@ -66,75 +66,79 @@ void MD5::compress_n(MD5::digest_type& digest, std::span input, s BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - load_le(M.data(), in.take(block_bytes).data(), M.size()); - - FF<7>(A, B, C, D, M[0] + 0xD76AA478); - FF<12>(D, A, B, C, M[1] + 0xE8C7B756); - FF<17>(C, D, A, B, M[2] + 0x242070DB); - FF<22>(B, C, D, A, M[3] + 0xC1BDCEEE); - FF<7>(A, B, C, D, M[4] + 0xF57C0FAF); - FF<12>(D, A, B, C, M[5] + 0x4787C62A); - FF<17>(C, D, A, B, M[6] + 0xA8304613); - FF<22>(B, C, D, A, M[7] + 0xFD469501); - FF<7>(A, B, C, D, M[8] + 0x698098D8); - FF<12>(D, A, B, C, M[9] + 0x8B44F7AF); + load_le(M, in.take()); + + // clang-format off + + FF< 7>(A, B, C, D, M[ 0] + 0xD76AA478); + FF<12>(D, A, B, C, M[ 1] + 0xE8C7B756); + FF<17>(C, D, A, B, M[ 2] + 0x242070DB); + FF<22>(B, C, D, A, M[ 3] + 0xC1BDCEEE); + FF< 7>(A, B, C, D, M[ 4] + 0xF57C0FAF); + FF<12>(D, A, B, C, M[ 5] + 0x4787C62A); + FF<17>(C, D, A, B, M[ 6] + 0xA8304613); + FF<22>(B, C, D, A, M[ 7] + 0xFD469501); + FF< 7>(A, B, C, D, M[ 8] + 0x698098D8); + FF<12>(D, A, B, C, M[ 9] + 0x8B44F7AF); FF<17>(C, D, A, B, M[10] + 0xFFFF5BB1); FF<22>(B, C, D, A, M[11] + 0x895CD7BE); - FF<7>(A, B, C, D, M[12] + 0x6B901122); + FF< 7>(A, B, C, D, M[12] + 0x6B901122); FF<12>(D, A, B, C, M[13] + 0xFD987193); FF<17>(C, D, A, B, M[14] + 0xA679438E); FF<22>(B, C, D, A, M[15] + 0x49B40821); - GG<5>(A, B, C, D, M[1] + 0xF61E2562); - GG<9>(D, A, B, C, M[6] + 0xC040B340); + GG< 5>(A, B, C, D, M[ 1] + 0xF61E2562); + GG< 9>(D, A, B, C, M[ 6] + 0xC040B340); GG<14>(C, D, A, B, M[11] + 0x265E5A51); - GG<20>(B, C, D, A, M[0] + 0xE9B6C7AA); - GG<5>(A, B, C, D, M[5] + 0xD62F105D); - GG<9>(D, A, B, C, M[10] + 0x02441453); + GG<20>(B, C, D, A, M[ 0] + 0xE9B6C7AA); + GG< 5>(A, B, C, D, M[ 5] + 0xD62F105D); + GG< 9>(D, A, B, C, M[10] + 0x02441453); GG<14>(C, D, A, B, M[15] + 0xD8A1E681); - GG<20>(B, C, D, A, M[4] + 0xE7D3FBC8); - GG<5>(A, B, C, D, M[9] + 0x21E1CDE6); - GG<9>(D, A, B, C, M[14] + 0xC33707D6); - GG<14>(C, D, A, B, M[3] + 0xF4D50D87); - GG<20>(B, C, D, A, M[8] + 0x455A14ED); - GG<5>(A, B, C, D, M[13] + 0xA9E3E905); - GG<9>(D, A, B, C, M[2] + 0xFCEFA3F8); - GG<14>(C, D, A, B, M[7] + 0x676F02D9); + GG<20>(B, C, D, A, M[ 4] + 0xE7D3FBC8); + GG< 5>(A, B, C, D, M[ 9] + 0x21E1CDE6); + GG< 9>(D, A, B, C, M[14] + 0xC33707D6); + GG<14>(C, D, A, B, M[ 3] + 0xF4D50D87); + GG<20>(B, C, D, A, M[ 8] + 0x455A14ED); + GG< 5>(A, B, C, D, M[13] + 0xA9E3E905); + GG< 9>(D, A, B, C, M[ 2] + 0xFCEFA3F8); + GG<14>(C, D, A, B, M[ 7] + 0x676F02D9); GG<20>(B, C, D, A, M[12] + 0x8D2A4C8A); - HH<4>(A, B, C, D, M[5] + 0xFFFA3942); - HH<11>(D, A, B, C, M[8] + 0x8771F681); + HH< 4>(A, B, C, D, M[ 5] + 0xFFFA3942); + HH<11>(D, A, B, C, M[ 8] + 0x8771F681); HH<16>(C, D, A, B, M[11] + 0x6D9D6122); HH<23>(B, C, D, A, M[14] + 0xFDE5380C); - HH<4>(A, B, C, D, M[1] + 0xA4BEEA44); - HH<11>(D, A, B, C, M[4] + 0x4BDECFA9); - HH<16>(C, D, A, B, M[7] + 0xF6BB4B60); + HH< 4>(A, B, C, D, M[ 1] + 0xA4BEEA44); + HH<11>(D, A, B, C, M[ 4] + 0x4BDECFA9); + HH<16>(C, D, A, B, M[ 7] + 0xF6BB4B60); HH<23>(B, C, D, A, M[10] + 0xBEBFBC70); - HH<4>(A, B, C, D, M[13] + 0x289B7EC6); - HH<11>(D, A, B, C, M[0] + 0xEAA127FA); - HH<16>(C, D, A, B, M[3] + 0xD4EF3085); - HH<23>(B, C, D, A, M[6] + 0x04881D05); - HH<4>(A, B, C, D, M[9] + 0xD9D4D039); + HH< 4>(A, B, C, D, M[13] + 0x289B7EC6); + HH<11>(D, A, B, C, M[ 0] + 0xEAA127FA); + HH<16>(C, D, A, B, M[ 3] + 0xD4EF3085); + HH<23>(B, C, D, A, M[ 6] + 0x04881D05); + HH< 4>(A, B, C, D, M[ 9] + 0xD9D4D039); HH<11>(D, A, B, C, M[12] + 0xE6DB99E5); HH<16>(C, D, A, B, M[15] + 0x1FA27CF8); - HH<23>(B, C, D, A, M[2] + 0xC4AC5665); + HH<23>(B, C, D, A, M[ 2] + 0xC4AC5665); - II<6>(A, B, C, D, M[0] + 0xF4292244); - II<10>(D, A, B, C, M[7] + 0x432AFF97); + II< 6>(A, B, C, D, M[ 0] + 0xF4292244); + II<10>(D, A, B, C, M[ 7] + 0x432AFF97); II<15>(C, D, A, B, M[14] + 0xAB9423A7); - II<21>(B, C, D, A, M[5] + 0xFC93A039); - II<6>(A, B, C, D, M[12] + 0x655B59C3); - II<10>(D, A, B, C, M[3] + 0x8F0CCC92); + II<21>(B, C, D, A, M[ 5] + 0xFC93A039); + II< 6>(A, B, C, D, M[12] + 0x655B59C3); + II<10>(D, A, B, C, M[ 3] + 0x8F0CCC92); II<15>(C, D, A, B, M[10] + 0xFFEFF47D); - II<21>(B, C, D, A, M[1] + 0x85845DD1); - II<6>(A, B, C, D, M[8] + 0x6FA87E4F); + II<21>(B, C, D, A, M[ 1] + 0x85845DD1); + II< 6>(A, B, C, D, M[ 8] + 0x6FA87E4F); II<10>(D, A, B, C, M[15] + 0xFE2CE6E0); - II<15>(C, D, A, B, M[6] + 0xA3014314); + II<15>(C, D, A, B, M[ 6] + 0xA3014314); II<21>(B, C, D, A, M[13] + 0x4E0811A1); - II<6>(A, B, C, D, M[4] + 0xF7537E82); + II< 6>(A, B, C, D, M[ 4] + 0xF7537E82); II<10>(D, A, B, C, M[11] + 0xBD3AF235); - II<15>(C, D, A, B, M[2] + 0x2AD7D2BB); - II<21>(B, C, D, A, M[9] + 0xEB86D391); + II<15>(C, D, A, B, M[ 2] + 0x2AD7D2BB); + II<21>(B, C, D, A, M[ 9] + 0xEB86D391); + + // clang-format off A = (digest[0] += A); B = (digest[1] += B); diff --git a/src/lib/hash/rmd160/rmd160.cpp b/src/lib/hash/rmd160/rmd160.cpp index 87b626f3956..5d60f0d76d0 100644 --- a/src/lib/hash/rmd160/rmd160.cpp +++ b/src/lib/hash/rmd160/rmd160.cpp @@ -81,176 +81,180 @@ void RIPEMD_160::compress_n(digest_type& digest, std::span input, BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - load_le(M.data(), in.take(block_bytes).data(), M.size()); + load_le(M, in.take()); uint32_t A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1, C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1, E1 = digest[4], E2 = E1; - F1<11>(A1, B1, C1, D1, E1, M[0]); - F5<8>(A2, B2, C2, D2, E2, M[5] + MAGIC6); - F1<14>(E1, A1, B1, C1, D1, M[1]); - F5<9>(E2, A2, B2, C2, D2, M[14] + MAGIC6); - F1<15>(D1, E1, A1, B1, C1, M[2]); - F5<9>(D2, E2, A2, B2, C2, M[7] + MAGIC6); - F1<12>(C1, D1, E1, A1, B1, M[3]); - F5<11>(C2, D2, E2, A2, B2, M[0] + MAGIC6); - F1<5>(B1, C1, D1, E1, A1, M[4]); - F5<13>(B2, C2, D2, E2, A2, M[9] + MAGIC6); - F1<8>(A1, B1, C1, D1, E1, M[5]); - F5<15>(A2, B2, C2, D2, E2, M[2] + MAGIC6); - F1<7>(E1, A1, B1, C1, D1, M[6]); + // clang-format off + + F1<11>(A1, B1, C1, D1, E1, M[ 0]); + F5< 8>(A2, B2, C2, D2, E2, M[ 5] + MAGIC6); + F1<14>(E1, A1, B1, C1, D1, M[ 1]); + F5< 9>(E2, A2, B2, C2, D2, M[14] + MAGIC6); + F1<15>(D1, E1, A1, B1, C1, M[ 2]); + F5< 9>(D2, E2, A2, B2, C2, M[ 7] + MAGIC6); + F1<12>(C1, D1, E1, A1, B1, M[ 3]); + F5<11>(C2, D2, E2, A2, B2, M[ 0] + MAGIC6); + F1< 5>(B1, C1, D1, E1, A1, M[ 4]); + F5<13>(B2, C2, D2, E2, A2, M[ 9] + MAGIC6); + F1< 8>(A1, B1, C1, D1, E1, M[ 5]); + F5<15>(A2, B2, C2, D2, E2, M[ 2] + MAGIC6); + F1< 7>(E1, A1, B1, C1, D1, M[ 6]); F5<15>(E2, A2, B2, C2, D2, M[11] + MAGIC6); - F1<9>(D1, E1, A1, B1, C1, M[7]); - F5<5>(D2, E2, A2, B2, C2, M[4] + MAGIC6); - F1<11>(C1, D1, E1, A1, B1, M[8]); - F5<7>(C2, D2, E2, A2, B2, M[13] + MAGIC6); - F1<13>(B1, C1, D1, E1, A1, M[9]); - F5<7>(B2, C2, D2, E2, A2, M[6] + MAGIC6); + F1< 9>(D1, E1, A1, B1, C1, M[ 7]); + F5< 5>(D2, E2, A2, B2, C2, M[ 4] + MAGIC6); + F1<11>(C1, D1, E1, A1, B1, M[ 8]); + F5< 7>(C2, D2, E2, A2, B2, M[13] + MAGIC6); + F1<13>(B1, C1, D1, E1, A1, M[ 9]); + F5< 7>(B2, C2, D2, E2, A2, M[ 6] + MAGIC6); F1<14>(A1, B1, C1, D1, E1, M[10]); - F5<8>(A2, B2, C2, D2, E2, M[15] + MAGIC6); + F5< 8>(A2, B2, C2, D2, E2, M[15] + MAGIC6); F1<15>(E1, A1, B1, C1, D1, M[11]); - F5<11>(E2, A2, B2, C2, D2, M[8] + MAGIC6); - F1<6>(D1, E1, A1, B1, C1, M[12]); - F5<14>(D2, E2, A2, B2, C2, M[1] + MAGIC6); - F1<7>(C1, D1, E1, A1, B1, M[13]); + F5<11>(E2, A2, B2, C2, D2, M[ 8] + MAGIC6); + F1< 6>(D1, E1, A1, B1, C1, M[12]); + F5<14>(D2, E2, A2, B2, C2, M[ 1] + MAGIC6); + F1< 7>(C1, D1, E1, A1, B1, M[13]); F5<14>(C2, D2, E2, A2, B2, M[10] + MAGIC6); - F1<9>(B1, C1, D1, E1, A1, M[14]); - F5<12>(B2, C2, D2, E2, A2, M[3] + MAGIC6); - F1<8>(A1, B1, C1, D1, E1, M[15]); - F5<6>(A2, B2, C2, D2, E2, M[12] + MAGIC6); + F1< 9>(B1, C1, D1, E1, A1, M[14]); + F5<12>(B2, C2, D2, E2, A2, M[ 3] + MAGIC6); + F1< 8>(A1, B1, C1, D1, E1, M[15]); + F5< 6>(A2, B2, C2, D2, E2, M[12] + MAGIC6); - F2<7>(E1, A1, B1, C1, D1, M[7] + MAGIC2); - F4<9>(E2, A2, B2, C2, D2, M[6] + MAGIC7); - F2<6>(D1, E1, A1, B1, C1, M[4] + MAGIC2); + F2< 7>(E1, A1, B1, C1, D1, M[ 7] + MAGIC2); + F4< 9>(E2, A2, B2, C2, D2, M[ 6] + MAGIC7); + F2< 6>(D1, E1, A1, B1, C1, M[ 4] + MAGIC2); F4<13>(D2, E2, A2, B2, C2, M[11] + MAGIC7); - F2<8>(C1, D1, E1, A1, B1, M[13] + MAGIC2); - F4<15>(C2, D2, E2, A2, B2, M[3] + MAGIC7); - F2<13>(B1, C1, D1, E1, A1, M[1] + MAGIC2); - F4<7>(B2, C2, D2, E2, A2, M[7] + MAGIC7); + F2< 8>(C1, D1, E1, A1, B1, M[13] + MAGIC2); + F4<15>(C2, D2, E2, A2, B2, M[ 3] + MAGIC7); + F2<13>(B1, C1, D1, E1, A1, M[ 1] + MAGIC2); + F4< 7>(B2, C2, D2, E2, A2, M[ 7] + MAGIC7); F2<11>(A1, B1, C1, D1, E1, M[10] + MAGIC2); - F4<12>(A2, B2, C2, D2, E2, M[0] + MAGIC7); - F2<9>(E1, A1, B1, C1, D1, M[6] + MAGIC2); - F4<8>(E2, A2, B2, C2, D2, M[13] + MAGIC7); - F2<7>(D1, E1, A1, B1, C1, M[15] + MAGIC2); - F4<9>(D2, E2, A2, B2, C2, M[5] + MAGIC7); - F2<15>(C1, D1, E1, A1, B1, M[3] + MAGIC2); + F4<12>(A2, B2, C2, D2, E2, M[ 0] + MAGIC7); + F2< 9>(E1, A1, B1, C1, D1, M[ 6] + MAGIC2); + F4< 8>(E2, A2, B2, C2, D2, M[13] + MAGIC7); + F2< 7>(D1, E1, A1, B1, C1, M[15] + MAGIC2); + F4< 9>(D2, E2, A2, B2, C2, M[ 5] + MAGIC7); + F2<15>(C1, D1, E1, A1, B1, M[ 3] + MAGIC2); F4<11>(C2, D2, E2, A2, B2, M[10] + MAGIC7); - F2<7>(B1, C1, D1, E1, A1, M[12] + MAGIC2); - F4<7>(B2, C2, D2, E2, A2, M[14] + MAGIC7); - F2<12>(A1, B1, C1, D1, E1, M[0] + MAGIC2); - F4<7>(A2, B2, C2, D2, E2, M[15] + MAGIC7); - F2<15>(E1, A1, B1, C1, D1, M[9] + MAGIC2); - F4<12>(E2, A2, B2, C2, D2, M[8] + MAGIC7); - F2<9>(D1, E1, A1, B1, C1, M[5] + MAGIC2); - F4<7>(D2, E2, A2, B2, C2, M[12] + MAGIC7); - F2<11>(C1, D1, E1, A1, B1, M[2] + MAGIC2); - F4<6>(C2, D2, E2, A2, B2, M[4] + MAGIC7); - F2<7>(B1, C1, D1, E1, A1, M[14] + MAGIC2); - F4<15>(B2, C2, D2, E2, A2, M[9] + MAGIC7); + F2< 7>(B1, C1, D1, E1, A1, M[12] + MAGIC2); + F4< 7>(B2, C2, D2, E2, A2, M[14] + MAGIC7); + F2<12>(A1, B1, C1, D1, E1, M[ 0] + MAGIC2); + F4< 7>(A2, B2, C2, D2, E2, M[15] + MAGIC7); + F2<15>(E1, A1, B1, C1, D1, M[ 9] + MAGIC2); + F4<12>(E2, A2, B2, C2, D2, M[ 8] + MAGIC7); + F2< 9>(D1, E1, A1, B1, C1, M[ 5] + MAGIC2); + F4< 7>(D2, E2, A2, B2, C2, M[12] + MAGIC7); + F2<11>(C1, D1, E1, A1, B1, M[ 2] + MAGIC2); + F4< 6>(C2, D2, E2, A2, B2, M[ 4] + MAGIC7); + F2< 7>(B1, C1, D1, E1, A1, M[14] + MAGIC2); + F4<15>(B2, C2, D2, E2, A2, M[ 9] + MAGIC7); F2<13>(A1, B1, C1, D1, E1, M[11] + MAGIC2); - F4<13>(A2, B2, C2, D2, E2, M[1] + MAGIC7); - F2<12>(E1, A1, B1, C1, D1, M[8] + MAGIC2); - F4<11>(E2, A2, B2, C2, D2, M[2] + MAGIC7); + F4<13>(A2, B2, C2, D2, E2, M[ 1] + MAGIC7); + F2<12>(E1, A1, B1, C1, D1, M[ 8] + MAGIC2); + F4<11>(E2, A2, B2, C2, D2, M[ 2] + MAGIC7); - F3<11>(D1, E1, A1, B1, C1, M[3] + MAGIC3); - F3<9>(D2, E2, A2, B2, C2, M[15] + MAGIC8); + F3<11>(D1, E1, A1, B1, C1, M[ 3] + MAGIC3); + F3< 9>(D2, E2, A2, B2, C2, M[15] + MAGIC8); F3<13>(C1, D1, E1, A1, B1, M[10] + MAGIC3); - F3<7>(C2, D2, E2, A2, B2, M[5] + MAGIC8); - F3<6>(B1, C1, D1, E1, A1, M[14] + MAGIC3); - F3<15>(B2, C2, D2, E2, A2, M[1] + MAGIC8); - F3<7>(A1, B1, C1, D1, E1, M[4] + MAGIC3); - F3<11>(A2, B2, C2, D2, E2, M[3] + MAGIC8); - F3<14>(E1, A1, B1, C1, D1, M[9] + MAGIC3); - F3<8>(E2, A2, B2, C2, D2, M[7] + MAGIC8); - F3<9>(D1, E1, A1, B1, C1, M[15] + MAGIC3); - F3<6>(D2, E2, A2, B2, C2, M[14] + MAGIC8); - F3<13>(C1, D1, E1, A1, B1, M[8] + MAGIC3); - F3<6>(C2, D2, E2, A2, B2, M[6] + MAGIC8); - F3<15>(B1, C1, D1, E1, A1, M[1] + MAGIC3); - F3<14>(B2, C2, D2, E2, A2, M[9] + MAGIC8); - F3<14>(A1, B1, C1, D1, E1, M[2] + MAGIC3); + F3< 7>(C2, D2, E2, A2, B2, M[ 5] + MAGIC8); + F3< 6>(B1, C1, D1, E1, A1, M[14] + MAGIC3); + F3<15>(B2, C2, D2, E2, A2, M[ 1] + MAGIC8); + F3< 7>(A1, B1, C1, D1, E1, M[ 4] + MAGIC3); + F3<11>(A2, B2, C2, D2, E2, M[ 3] + MAGIC8); + F3<14>(E1, A1, B1, C1, D1, M[ 9] + MAGIC3); + F3< 8>(E2, A2, B2, C2, D2, M[ 7] + MAGIC8); + F3< 9>(D1, E1, A1, B1, C1, M[15] + MAGIC3); + F3< 6>(D2, E2, A2, B2, C2, M[14] + MAGIC8); + F3<13>(C1, D1, E1, A1, B1, M[ 8] + MAGIC3); + F3< 6>(C2, D2, E2, A2, B2, M[ 6] + MAGIC8); + F3<15>(B1, C1, D1, E1, A1, M[ 1] + MAGIC3); + F3<14>(B2, C2, D2, E2, A2, M[ 9] + MAGIC8); + F3<14>(A1, B1, C1, D1, E1, M[ 2] + MAGIC3); F3<12>(A2, B2, C2, D2, E2, M[11] + MAGIC8); - F3<8>(E1, A1, B1, C1, D1, M[7] + MAGIC3); - F3<13>(E2, A2, B2, C2, D2, M[8] + MAGIC8); - F3<13>(D1, E1, A1, B1, C1, M[0] + MAGIC3); - F3<5>(D2, E2, A2, B2, C2, M[12] + MAGIC8); - F3<6>(C1, D1, E1, A1, B1, M[6] + MAGIC3); - F3<14>(C2, D2, E2, A2, B2, M[2] + MAGIC8); - F3<5>(B1, C1, D1, E1, A1, M[13] + MAGIC3); + F3< 8>(E1, A1, B1, C1, D1, M[ 7] + MAGIC3); + F3<13>(E2, A2, B2, C2, D2, M[ 8] + MAGIC8); + F3<13>(D1, E1, A1, B1, C1, M[ 0] + MAGIC3); + F3< 5>(D2, E2, A2, B2, C2, M[12] + MAGIC8); + F3< 6>(C1, D1, E1, A1, B1, M[ 6] + MAGIC3); + F3<14>(C2, D2, E2, A2, B2, M[ 2] + MAGIC8); + F3< 5>(B1, C1, D1, E1, A1, M[13] + MAGIC3); F3<13>(B2, C2, D2, E2, A2, M[10] + MAGIC8); F3<12>(A1, B1, C1, D1, E1, M[11] + MAGIC3); - F3<13>(A2, B2, C2, D2, E2, M[0] + MAGIC8); - F3<7>(E1, A1, B1, C1, D1, M[5] + MAGIC3); - F3<7>(E2, A2, B2, C2, D2, M[4] + MAGIC8); - F3<5>(D1, E1, A1, B1, C1, M[12] + MAGIC3); - F3<5>(D2, E2, A2, B2, C2, M[13] + MAGIC8); + F3<13>(A2, B2, C2, D2, E2, M[ 0] + MAGIC8); + F3< 7>(E1, A1, B1, C1, D1, M[ 5] + MAGIC3); + F3< 7>(E2, A2, B2, C2, D2, M[ 4] + MAGIC8); + F3< 5>(D1, E1, A1, B1, C1, M[12] + MAGIC3); + F3< 5>(D2, E2, A2, B2, C2, M[13] + MAGIC8); - F4<11>(C1, D1, E1, A1, B1, M[1] + MAGIC4); - F2<15>(C2, D2, E2, A2, B2, M[8] + MAGIC9); - F4<12>(B1, C1, D1, E1, A1, M[9] + MAGIC4); - F2<5>(B2, C2, D2, E2, A2, M[6] + MAGIC9); + F4<11>(C1, D1, E1, A1, B1, M[ 1] + MAGIC4); + F2<15>(C2, D2, E2, A2, B2, M[ 8] + MAGIC9); + F4<12>(B1, C1, D1, E1, A1, M[ 9] + MAGIC4); + F2< 5>(B2, C2, D2, E2, A2, M[ 6] + MAGIC9); F4<14>(A1, B1, C1, D1, E1, M[11] + MAGIC4); - F2<8>(A2, B2, C2, D2, E2, M[4] + MAGIC9); + F2< 8>(A2, B2, C2, D2, E2, M[ 4] + MAGIC9); F4<15>(E1, A1, B1, C1, D1, M[10] + MAGIC4); - F2<11>(E2, A2, B2, C2, D2, M[1] + MAGIC9); - F4<14>(D1, E1, A1, B1, C1, M[0] + MAGIC4); - F2<14>(D2, E2, A2, B2, C2, M[3] + MAGIC9); - F4<15>(C1, D1, E1, A1, B1, M[8] + MAGIC4); + F2<11>(E2, A2, B2, C2, D2, M[ 1] + MAGIC9); + F4<14>(D1, E1, A1, B1, C1, M[ 0] + MAGIC4); + F2<14>(D2, E2, A2, B2, C2, M[ 3] + MAGIC9); + F4<15>(C1, D1, E1, A1, B1, M[ 8] + MAGIC4); F2<14>(C2, D2, E2, A2, B2, M[11] + MAGIC9); - F4<9>(B1, C1, D1, E1, A1, M[12] + MAGIC4); - F2<6>(B2, C2, D2, E2, A2, M[15] + MAGIC9); - F4<8>(A1, B1, C1, D1, E1, M[4] + MAGIC4); - F2<14>(A2, B2, C2, D2, E2, M[0] + MAGIC9); - F4<9>(E1, A1, B1, C1, D1, M[13] + MAGIC4); - F2<6>(E2, A2, B2, C2, D2, M[5] + MAGIC9); - F4<14>(D1, E1, A1, B1, C1, M[3] + MAGIC4); - F2<9>(D2, E2, A2, B2, C2, M[12] + MAGIC9); - F4<5>(C1, D1, E1, A1, B1, M[7] + MAGIC4); - F2<12>(C2, D2, E2, A2, B2, M[2] + MAGIC9); - F4<6>(B1, C1, D1, E1, A1, M[15] + MAGIC4); - F2<9>(B2, C2, D2, E2, A2, M[13] + MAGIC9); - F4<8>(A1, B1, C1, D1, E1, M[14] + MAGIC4); - F2<12>(A2, B2, C2, D2, E2, M[9] + MAGIC9); - F4<6>(E1, A1, B1, C1, D1, M[5] + MAGIC4); - F2<5>(E2, A2, B2, C2, D2, M[7] + MAGIC9); - F4<5>(D1, E1, A1, B1, C1, M[6] + MAGIC4); + F4< 9>(B1, C1, D1, E1, A1, M[12] + MAGIC4); + F2< 6>(B2, C2, D2, E2, A2, M[15] + MAGIC9); + F4< 8>(A1, B1, C1, D1, E1, M[ 4] + MAGIC4); + F2<14>(A2, B2, C2, D2, E2, M[ 0] + MAGIC9); + F4< 9>(E1, A1, B1, C1, D1, M[13] + MAGIC4); + F2< 6>(E2, A2, B2, C2, D2, M[ 5] + MAGIC9); + F4<14>(D1, E1, A1, B1, C1, M[ 3] + MAGIC4); + F2< 9>(D2, E2, A2, B2, C2, M[12] + MAGIC9); + F4< 5>(C1, D1, E1, A1, B1, M[ 7] + MAGIC4); + F2<12>(C2, D2, E2, A2, B2, M[ 2] + MAGIC9); + F4< 6>(B1, C1, D1, E1, A1, M[15] + MAGIC4); + F2< 9>(B2, C2, D2, E2, A2, M[13] + MAGIC9); + F4< 8>(A1, B1, C1, D1, E1, M[14] + MAGIC4); + F2<12>(A2, B2, C2, D2, E2, M[ 9] + MAGIC9); + F4< 6>(E1, A1, B1, C1, D1, M[ 5] + MAGIC4); + F2< 5>(E2, A2, B2, C2, D2, M[ 7] + MAGIC9); + F4< 5>(D1, E1, A1, B1, C1, M[ 6] + MAGIC4); F2<15>(D2, E2, A2, B2, C2, M[10] + MAGIC9); - F4<12>(C1, D1, E1, A1, B1, M[2] + MAGIC4); - F2<8>(C2, D2, E2, A2, B2, M[14] + MAGIC9); + F4<12>(C1, D1, E1, A1, B1, M[ 2] + MAGIC4); + F2< 8>(C2, D2, E2, A2, B2, M[14] + MAGIC9); - F5<9>(B1, C1, D1, E1, A1, M[4] + MAGIC5); - F1<8>(B2, C2, D2, E2, A2, M[12]); - F5<15>(A1, B1, C1, D1, E1, M[0] + MAGIC5); - F1<5>(A2, B2, C2, D2, E2, M[15]); - F5<5>(E1, A1, B1, C1, D1, M[5] + MAGIC5); + F5< 9>(B1, C1, D1, E1, A1, M[ 4] + MAGIC5); + F1< 8>(B2, C2, D2, E2, A2, M[12]); + F5<15>(A1, B1, C1, D1, E1, M[ 0] + MAGIC5); + F1< 5>(A2, B2, C2, D2, E2, M[15]); + F5< 5>(E1, A1, B1, C1, D1, M[ 5] + MAGIC5); F1<12>(E2, A2, B2, C2, D2, M[10]); - F5<11>(D1, E1, A1, B1, C1, M[9] + MAGIC5); - F1<9>(D2, E2, A2, B2, C2, M[4]); - F5<6>(C1, D1, E1, A1, B1, M[7] + MAGIC5); - F1<12>(C2, D2, E2, A2, B2, M[1]); - F5<8>(B1, C1, D1, E1, A1, M[12] + MAGIC5); - F1<5>(B2, C2, D2, E2, A2, M[5]); - F5<13>(A1, B1, C1, D1, E1, M[2] + MAGIC5); - F1<14>(A2, B2, C2, D2, E2, M[8]); + F5<11>(D1, E1, A1, B1, C1, M[ 9] + MAGIC5); + F1< 9>(D2, E2, A2, B2, C2, M[ 4]); + F5< 6>(C1, D1, E1, A1, B1, M[ 7] + MAGIC5); + F1<12>(C2, D2, E2, A2, B2, M[ 1]); + F5< 8>(B1, C1, D1, E1, A1, M[12] + MAGIC5); + F1< 5>(B2, C2, D2, E2, A2, M[ 5]); + F5<13>(A1, B1, C1, D1, E1, M[ 2] + MAGIC5); + F1<14>(A2, B2, C2, D2, E2, M[ 8]); F5<12>(E1, A1, B1, C1, D1, M[10] + MAGIC5); - F1<6>(E2, A2, B2, C2, D2, M[7]); - F5<5>(D1, E1, A1, B1, C1, M[14] + MAGIC5); - F1<8>(D2, E2, A2, B2, C2, M[6]); - F5<12>(C1, D1, E1, A1, B1, M[1] + MAGIC5); - F1<13>(C2, D2, E2, A2, B2, M[2]); - F5<13>(B1, C1, D1, E1, A1, M[3] + MAGIC5); - F1<6>(B2, C2, D2, E2, A2, M[13]); - F5<14>(A1, B1, C1, D1, E1, M[8] + MAGIC5); - F1<5>(A2, B2, C2, D2, E2, M[14]); + F1< 6>(E2, A2, B2, C2, D2, M[ 7]); + F5< 5>(D1, E1, A1, B1, C1, M[14] + MAGIC5); + F1< 8>(D2, E2, A2, B2, C2, M[ 6]); + F5<12>(C1, D1, E1, A1, B1, M[ 1] + MAGIC5); + F1<13>(C2, D2, E2, A2, B2, M[ 2]); + F5<13>(B1, C1, D1, E1, A1, M[ 3] + MAGIC5); + F1< 6>(B2, C2, D2, E2, A2, M[13]); + F5<14>(A1, B1, C1, D1, E1, M[ 8] + MAGIC5); + F1< 5>(A2, B2, C2, D2, E2, M[14]); F5<11>(E1, A1, B1, C1, D1, M[11] + MAGIC5); - F1<15>(E2, A2, B2, C2, D2, M[0]); - F5<8>(D1, E1, A1, B1, C1, M[6] + MAGIC5); - F1<13>(D2, E2, A2, B2, C2, M[3]); - F5<5>(C1, D1, E1, A1, B1, M[15] + MAGIC5); - F1<11>(C2, D2, E2, A2, B2, M[9]); - F5<6>(B1, C1, D1, E1, A1, M[13] + MAGIC5); + F1<15>(E2, A2, B2, C2, D2, M[ 0]); + F5< 8>(D1, E1, A1, B1, C1, M[ 6] + MAGIC5); + F1<13>(D2, E2, A2, B2, C2, M[ 3]); + F5< 5>(C1, D1, E1, A1, B1, M[15] + MAGIC5); + F1<11>(C2, D2, E2, A2, B2, M[ 9]); + F5< 6>(B1, C1, D1, E1, A1, M[13] + MAGIC5); F1<11>(B2, C2, D2, E2, A2, M[11]); + // clang-format on + C1 = digest[1] + C1 + D2; digest[1] = digest[2] + D1 + E2; digest[2] = digest[3] + E1 + A2; diff --git a/src/lib/hash/sha1/sha1.cpp b/src/lib/hash/sha1/sha1.cpp index 445faf234c0..41f0aae07d6 100644 --- a/src/lib/hash/sha1/sha1.cpp +++ b/src/lib/hash/sha1/sha1.cpp @@ -84,23 +84,28 @@ void SHA_1::compress_n(digest_type& digest, std::span input, size uint32_t A = digest[0], B = digest[1], C = digest[2], D = digest[3], E = digest[4]; std::array W; + auto W_in = std::span{W}.first(); BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - load_be(W.data(), in.take(block_bytes).data(), 16); + load_be(W_in, in.take()); + + // clang-format off for(size_t j = 16; j != 80; j += 8) { - W[j] = rotl<1>(W[j - 3] ^ W[j - 8] ^ W[j - 14] ^ W[j - 16]); + W[j + 0] = rotl<1>(W[j - 3] ^ W[j - 8] ^ W[j - 14] ^ W[j - 16]); W[j + 1] = rotl<1>(W[j - 2] ^ W[j - 7] ^ W[j - 13] ^ W[j - 15]); W[j + 2] = rotl<1>(W[j - 1] ^ W[j - 6] ^ W[j - 12] ^ W[j - 14]); - W[j + 3] = rotl<1>(W[j] ^ W[j - 5] ^ W[j - 11] ^ W[j - 13]); + W[j + 3] = rotl<1>(W[j ] ^ W[j - 5] ^ W[j - 11] ^ W[j - 13]); W[j + 4] = rotl<1>(W[j + 1] ^ W[j - 4] ^ W[j - 10] ^ W[j - 12]); - W[j + 5] = rotl<1>(W[j + 2] ^ W[j - 3] ^ W[j - 9] ^ W[j - 11]); - W[j + 6] = rotl<1>(W[j + 3] ^ W[j - 2] ^ W[j - 8] ^ W[j - 10]); - W[j + 7] = rotl<1>(W[j + 4] ^ W[j - 1] ^ W[j - 7] ^ W[j - 9]); + W[j + 5] = rotl<1>(W[j + 2] ^ W[j - 3] ^ W[j - 9] ^ W[j - 11]); + W[j + 6] = rotl<1>(W[j + 3] ^ W[j - 2] ^ W[j - 8] ^ W[j - 10]); + W[j + 7] = rotl<1>(W[j + 4] ^ W[j - 1] ^ W[j - 7] ^ W[j - 9]); } + // clang-format on + F1(A, B, C, D, E, W[0]); F1(E, A, B, C, D, W[1]); F1(D, E, A, B, C, W[2]); diff --git a/src/lib/hash/sha2_32/sha2_32.cpp b/src/lib/hash/sha2_32/sha2_32.cpp index c07365052f6..e1a1c638aa4 100644 --- a/src/lib/hash/sha2_32/sha2_32.cpp +++ b/src/lib/hash/sha2_32/sha2_32.cpp @@ -68,95 +68,84 @@ void SHA_256::compress_digest(digest_type& digest, std::span inpu uint32_t A = digest[0], B = digest[1], C = digest[2], D = digest[3], E = digest[4], F = digest[5], G = digest[6], H = digest[7]; + std::array W; + BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - const auto block = in.take(block_bytes); - - uint32_t W00 = load_be(block.data(), 0); - uint32_t W01 = load_be(block.data(), 1); - uint32_t W02 = load_be(block.data(), 2); - uint32_t W03 = load_be(block.data(), 3); - uint32_t W04 = load_be(block.data(), 4); - uint32_t W05 = load_be(block.data(), 5); - uint32_t W06 = load_be(block.data(), 6); - uint32_t W07 = load_be(block.data(), 7); - uint32_t W08 = load_be(block.data(), 8); - uint32_t W09 = load_be(block.data(), 9); - uint32_t W10 = load_be(block.data(), 10); - uint32_t W11 = load_be(block.data(), 11); - uint32_t W12 = load_be(block.data(), 12); - uint32_t W13 = load_be(block.data(), 13); - uint32_t W14 = load_be(block.data(), 14); - uint32_t W15 = load_be(block.data(), 15); - - SHA2_32_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x428A2F98); - SHA2_32_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x71374491); - SHA2_32_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0xB5C0FBCF); - SHA2_32_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0xE9B5DBA5); - SHA2_32_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x3956C25B); - SHA2_32_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x59F111F1); - SHA2_32_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x923F82A4); - SHA2_32_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0xAB1C5ED5); - SHA2_32_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xD807AA98); - SHA2_32_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x12835B01); - SHA2_32_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x243185BE); - SHA2_32_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x550C7DC3); - SHA2_32_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x72BE5D74); - SHA2_32_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0x80DEB1FE); - SHA2_32_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x9BDC06A7); - SHA2_32_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC19BF174); - - SHA2_32_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0xE49B69C1); - SHA2_32_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0xEFBE4786); - SHA2_32_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x0FC19DC6); - SHA2_32_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x240CA1CC); - SHA2_32_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x2DE92C6F); - SHA2_32_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4A7484AA); - SHA2_32_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5CB0A9DC); - SHA2_32_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x76F988DA); - SHA2_32_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x983E5152); - SHA2_32_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA831C66D); - SHA2_32_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xB00327C8); - SHA2_32_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xBF597FC7); - SHA2_32_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xC6E00BF3); - SHA2_32_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD5A79147); - SHA2_32_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x06CA6351); - SHA2_32_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x14292967); - - SHA2_32_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x27B70A85); - SHA2_32_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x2E1B2138); - SHA2_32_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x4D2C6DFC); - SHA2_32_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x53380D13); - SHA2_32_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x650A7354); - SHA2_32_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x766A0ABB); - SHA2_32_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x81C2C92E); - SHA2_32_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x92722C85); - SHA2_32_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xA2BFE8A1); - SHA2_32_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA81A664B); - SHA2_32_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xC24B8B70); - SHA2_32_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xC76C51A3); - SHA2_32_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xD192E819); - SHA2_32_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD6990624); - SHA2_32_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xF40E3585); - SHA2_32_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x106AA070); - - SHA2_32_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x19A4C116); - SHA2_32_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x1E376C08); - SHA2_32_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x2748774C); - SHA2_32_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x34B0BCB5); - SHA2_32_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x391C0CB3); - SHA2_32_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4ED8AA4A); - SHA2_32_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5B9CCA4F); - SHA2_32_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x682E6FF3); - SHA2_32_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x748F82EE); - SHA2_32_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x78A5636F); - SHA2_32_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x84C87814); - SHA2_32_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x8CC70208); - SHA2_32_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x90BEFFFA); - SHA2_32_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xA4506CEB); - SHA2_32_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xBEF9A3F7); - SHA2_32_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC67178F2); + load_be(W, in.take()); + + // clang-format off + + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x428A2F98); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x71374491); + SHA2_32_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0xB5C0FBCF); + SHA2_32_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0xE9B5DBA5); + SHA2_32_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x3956C25B); + SHA2_32_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x59F111F1); + SHA2_32_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x923F82A4); + SHA2_32_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0xAB1C5ED5); + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0xD807AA98); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0x12835B01); + SHA2_32_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0x243185BE); + SHA2_32_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0x550C7DC3); + SHA2_32_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0x72BE5D74); + SHA2_32_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0x80DEB1FE); + SHA2_32_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0x9BDC06A7); + SHA2_32_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0xC19BF174); + + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0xE49B69C1); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0xEFBE4786); + SHA2_32_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x0FC19DC6); + SHA2_32_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x240CA1CC); + SHA2_32_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x2DE92C6F); + SHA2_32_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x4A7484AA); + SHA2_32_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x5CB0A9DC); + SHA2_32_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x76F988DA); + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0x983E5152); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0xA831C66D); + SHA2_32_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0xB00327C8); + SHA2_32_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0xBF597FC7); + SHA2_32_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0xC6E00BF3); + SHA2_32_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xD5A79147); + SHA2_32_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0x06CA6351); + SHA2_32_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0x14292967); + + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x27B70A85); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x2E1B2138); + SHA2_32_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x4D2C6DFC); + SHA2_32_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x53380D13); + SHA2_32_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x650A7354); + SHA2_32_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x766A0ABB); + SHA2_32_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x81C2C92E); + SHA2_32_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x92722C85); + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0xA2BFE8A1); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0xA81A664B); + SHA2_32_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0xC24B8B70); + SHA2_32_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0xC76C51A3); + SHA2_32_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0xD192E819); + SHA2_32_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xD6990624); + SHA2_32_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0xF40E3585); + SHA2_32_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0x106AA070); + + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x19A4C116); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x1E376C08); + SHA2_32_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x2748774C); + SHA2_32_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x34B0BCB5); + SHA2_32_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x391C0CB3); + SHA2_32_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x4ED8AA4A); + SHA2_32_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x5B9CCA4F); + SHA2_32_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x682E6FF3); + SHA2_32_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0x748F82EE); + SHA2_32_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0x78A5636F); + SHA2_32_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0x84C87814); + SHA2_32_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0x8CC70208); + SHA2_32_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0x90BEFFFA); + SHA2_32_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xA4506CEB); + SHA2_32_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0xBEF9A3F7); + SHA2_32_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0xC67178F2); + + // clang-format on A = (digest[0] += A); B = (digest[1] += B); diff --git a/src/lib/hash/sha2_64/sha2_64.cpp b/src/lib/hash/sha2_64/sha2_64.cpp index 55c2675f358..912ef3386ea 100644 --- a/src/lib/hash/sha2_64/sha2_64.cpp +++ b/src/lib/hash/sha2_64/sha2_64.cpp @@ -56,108 +56,97 @@ void SHA_512::compress_digest(digest_type& digest, std::span inpu uint64_t A = digest[0], B = digest[1], C = digest[2], D = digest[3], E = digest[4], F = digest[5], G = digest[6], H = digest[7]; + std::array W; + BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - const auto block = in.take(block_bytes); - - uint64_t W00 = load_be(block.data(), 0); - uint64_t W01 = load_be(block.data(), 1); - uint64_t W02 = load_be(block.data(), 2); - uint64_t W03 = load_be(block.data(), 3); - uint64_t W04 = load_be(block.data(), 4); - uint64_t W05 = load_be(block.data(), 5); - uint64_t W06 = load_be(block.data(), 6); - uint64_t W07 = load_be(block.data(), 7); - uint64_t W08 = load_be(block.data(), 8); - uint64_t W09 = load_be(block.data(), 9); - uint64_t W10 = load_be(block.data(), 10); - uint64_t W11 = load_be(block.data(), 11); - uint64_t W12 = load_be(block.data(), 12); - uint64_t W13 = load_be(block.data(), 13); - uint64_t W14 = load_be(block.data(), 14); - uint64_t W15 = load_be(block.data(), 15); - - SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x428A2F98D728AE22); - SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x7137449123EF65CD); - SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0xB5C0FBCFEC4D3B2F); - SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0xE9B5DBA58189DBBC); - SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x3956C25BF348B538); - SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x59F111F1B605D019); - SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x923F82A4AF194F9B); - SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0xAB1C5ED5DA6D8118); - SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xD807AA98A3030242); - SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x12835B0145706FBE); - SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x243185BE4EE4B28C); - SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x550C7DC3D5FFB4E2); - SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x72BE5D74F27B896F); - SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0x80DEB1FE3B1696B1); - SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x9BDC06A725C71235); - SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC19BF174CF692694); - SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0xE49B69C19EF14AD2); - SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0xEFBE4786384F25E3); - SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x0FC19DC68B8CD5B5); - SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x240CA1CC77AC9C65); - SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x2DE92C6F592B0275); - SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4A7484AA6EA6E483); - SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5CB0A9DCBD41FBD4); - SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x76F988DA831153B5); - SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x983E5152EE66DFAB); - SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA831C66D2DB43210); - SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xB00327C898FB213F); - SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xBF597FC7BEEF0EE4); - SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xC6E00BF33DA88FC2); - SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD5A79147930AA725); - SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x06CA6351E003826F); - SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x142929670A0E6E70); - SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x27B70A8546D22FFC); - SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x2E1B21385C26C926); - SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x4D2C6DFC5AC42AED); - SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x53380D139D95B3DF); - SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x650A73548BAF63DE); - SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x766A0ABB3C77B2A8); - SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x81C2C92E47EDAEE6); - SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x92722C851482353B); - SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0xA2BFE8A14CF10364); - SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0xA81A664BBC423001); - SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0xC24B8B70D0F89791); - SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0xC76C51A30654BE30); - SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0xD192E819D6EF5218); - SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xD69906245565A910); - SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xF40E35855771202A); - SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x106AA07032BBD1B8); - SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0x19A4C116B8D2D0C8); - SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0x1E376C085141AB53); - SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0x2748774CDF8EEB99); - SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0x34B0BCB5E19B48A8); - SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x391C0CB3C5C95A63); - SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x4ED8AA4AE3418ACB); - SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x5B9CCA4F7763E373); - SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x682E6FF3D6B2B8A3); - SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x748F82EE5DEFB2FC); - SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x78A5636F43172F60); - SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x84C87814A1F0AB72); - SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x8CC702081A6439EC); - SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x90BEFFFA23631E28); - SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0xA4506CEBDE82BDE9); - SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0xBEF9A3F7B2C67915); - SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0xC67178F2E372532B); - SHA2_64_F(A, B, C, D, E, F, G, H, W00, W14, W09, W01, 0xCA273ECEEA26619C); - SHA2_64_F(H, A, B, C, D, E, F, G, W01, W15, W10, W02, 0xD186B8C721C0C207); - SHA2_64_F(G, H, A, B, C, D, E, F, W02, W00, W11, W03, 0xEADA7DD6CDE0EB1E); - SHA2_64_F(F, G, H, A, B, C, D, E, W03, W01, W12, W04, 0xF57D4F7FEE6ED178); - SHA2_64_F(E, F, G, H, A, B, C, D, W04, W02, W13, W05, 0x06F067AA72176FBA); - SHA2_64_F(D, E, F, G, H, A, B, C, W05, W03, W14, W06, 0x0A637DC5A2C898A6); - SHA2_64_F(C, D, E, F, G, H, A, B, W06, W04, W15, W07, 0x113F9804BEF90DAE); - SHA2_64_F(B, C, D, E, F, G, H, A, W07, W05, W00, W08, 0x1B710B35131C471B); - SHA2_64_F(A, B, C, D, E, F, G, H, W08, W06, W01, W09, 0x28DB77F523047D84); - SHA2_64_F(H, A, B, C, D, E, F, G, W09, W07, W02, W10, 0x32CAAB7B40C72493); - SHA2_64_F(G, H, A, B, C, D, E, F, W10, W08, W03, W11, 0x3C9EBE0A15C9BEBC); - SHA2_64_F(F, G, H, A, B, C, D, E, W11, W09, W04, W12, 0x431D67C49C100D4C); - SHA2_64_F(E, F, G, H, A, B, C, D, W12, W10, W05, W13, 0x4CC5D4BECB3E42B6); - SHA2_64_F(D, E, F, G, H, A, B, C, W13, W11, W06, W14, 0x597F299CFC657E2A); - SHA2_64_F(C, D, E, F, G, H, A, B, W14, W12, W07, W15, 0x5FCB6FAB3AD6FAEC); - SHA2_64_F(B, C, D, E, F, G, H, A, W15, W13, W08, W00, 0x6C44198C4A475817); + load_be(W, in.take()); + + // clang-format off + + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x428A2F98D728AE22); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x7137449123EF65CD); + SHA2_64_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0xB5C0FBCFEC4D3B2F); + SHA2_64_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0xE9B5DBA58189DBBC); + SHA2_64_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x3956C25BF348B538); + SHA2_64_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x59F111F1B605D019); + SHA2_64_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x923F82A4AF194F9B); + SHA2_64_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0xAB1C5ED5DA6D8118); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0xD807AA98A3030242); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0x12835B0145706FBE); + SHA2_64_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0x243185BE4EE4B28C); + SHA2_64_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0x550C7DC3D5FFB4E2); + SHA2_64_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0x72BE5D74F27B896F); + SHA2_64_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0x80DEB1FE3B1696B1); + SHA2_64_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0x9BDC06A725C71235); + SHA2_64_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0xC19BF174CF692694); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0xE49B69C19EF14AD2); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0xEFBE4786384F25E3); + SHA2_64_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x0FC19DC68B8CD5B5); + SHA2_64_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x240CA1CC77AC9C65); + SHA2_64_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x2DE92C6F592B0275); + SHA2_64_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x4A7484AA6EA6E483); + SHA2_64_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x5CB0A9DCBD41FBD4); + SHA2_64_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x76F988DA831153B5); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0x983E5152EE66DFAB); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0xA831C66D2DB43210); + SHA2_64_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0xB00327C898FB213F); + SHA2_64_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0xBF597FC7BEEF0EE4); + SHA2_64_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0xC6E00BF33DA88FC2); + SHA2_64_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xD5A79147930AA725); + SHA2_64_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0x06CA6351E003826F); + SHA2_64_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0x142929670A0E6E70); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x27B70A8546D22FFC); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x2E1B21385C26C926); + SHA2_64_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x4D2C6DFC5AC42AED); + SHA2_64_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x53380D139D95B3DF); + SHA2_64_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x650A73548BAF63DE); + SHA2_64_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x766A0ABB3C77B2A8); + SHA2_64_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x81C2C92E47EDAEE6); + SHA2_64_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x92722C851482353B); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0xA2BFE8A14CF10364); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0xA81A664BBC423001); + SHA2_64_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0xC24B8B70D0F89791); + SHA2_64_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0xC76C51A30654BE30); + SHA2_64_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0xD192E819D6EF5218); + SHA2_64_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xD69906245565A910); + SHA2_64_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0xF40E35855771202A); + SHA2_64_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0x106AA07032BBD1B8); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0x19A4C116B8D2D0C8); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0x1E376C085141AB53); + SHA2_64_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0x2748774CDF8EEB99); + SHA2_64_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0x34B0BCB5E19B48A8); + SHA2_64_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x391C0CB3C5C95A63); + SHA2_64_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x4ED8AA4AE3418ACB); + SHA2_64_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x5B9CCA4F7763E373); + SHA2_64_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x682E6FF3D6B2B8A3); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0x748F82EE5DEFB2FC); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0x78A5636F43172F60); + SHA2_64_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0x84C87814A1F0AB72); + SHA2_64_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0x8CC702081A6439EC); + SHA2_64_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0x90BEFFFA23631E28); + SHA2_64_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0xA4506CEBDE82BDE9); + SHA2_64_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0xBEF9A3F7B2C67915); + SHA2_64_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0xC67178F2E372532B); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 0], W[14], W[ 9], W[ 1], 0xCA273ECEEA26619C); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 1], W[15], W[10], W[ 2], 0xD186B8C721C0C207); + SHA2_64_F(G, H, A, B, C, D, E, F, W[ 2], W[ 0], W[11], W[ 3], 0xEADA7DD6CDE0EB1E); + SHA2_64_F(F, G, H, A, B, C, D, E, W[ 3], W[ 1], W[12], W[ 4], 0xF57D4F7FEE6ED178); + SHA2_64_F(E, F, G, H, A, B, C, D, W[ 4], W[ 2], W[13], W[ 5], 0x06F067AA72176FBA); + SHA2_64_F(D, E, F, G, H, A, B, C, W[ 5], W[ 3], W[14], W[ 6], 0x0A637DC5A2C898A6); + SHA2_64_F(C, D, E, F, G, H, A, B, W[ 6], W[ 4], W[15], W[ 7], 0x113F9804BEF90DAE); + SHA2_64_F(B, C, D, E, F, G, H, A, W[ 7], W[ 5], W[ 0], W[ 8], 0x1B710B35131C471B); + SHA2_64_F(A, B, C, D, E, F, G, H, W[ 8], W[ 6], W[ 1], W[ 9], 0x28DB77F523047D84); + SHA2_64_F(H, A, B, C, D, E, F, G, W[ 9], W[ 7], W[ 2], W[10], 0x32CAAB7B40C72493); + SHA2_64_F(G, H, A, B, C, D, E, F, W[10], W[ 8], W[ 3], W[11], 0x3C9EBE0A15C9BEBC); + SHA2_64_F(F, G, H, A, B, C, D, E, W[11], W[ 9], W[ 4], W[12], 0x431D67C49C100D4C); + SHA2_64_F(E, F, G, H, A, B, C, D, W[12], W[10], W[ 5], W[13], 0x4CC5D4BECB3E42B6); + SHA2_64_F(D, E, F, G, H, A, B, C, W[13], W[11], W[ 6], W[14], 0x597F299CFC657E2A); + SHA2_64_F(C, D, E, F, G, H, A, B, W[14], W[12], W[ 7], W[15], 0x5FCB6FAB3AD6FAEC); + SHA2_64_F(B, C, D, E, F, G, H, A, W[15], W[13], W[ 8], W[ 0], 0x6C44198C4A475817); + + // clang-format on A = (digest[0] += A); B = (digest[1] += B); diff --git a/src/lib/hash/sm3/sm3.cpp b/src/lib/hash/sm3/sm3.cpp index 2bd4089121f..3c24b9a3373 100644 --- a/src/lib/hash/sm3/sm3.cpp +++ b/src/lib/hash/sm3/sm3.cpp @@ -81,145 +81,133 @@ inline uint32_t SM3_E(uint32_t W0, uint32_t W7, uint32_t W13, uint32_t W3, uint3 void SM3::compress_n(digest_type& digest, std::span input, size_t blocks) { uint32_t A = digest[0], B = digest[1], C = digest[2], D = digest[3], E = digest[4], F = digest[5], G = digest[6], H = digest[7]; + std::array W; BufferSlicer in(input); for(size_t i = 0; i != blocks; ++i) { - const auto block = in.take(block_bytes); - - uint32_t W00 = load_be(block.data(), 0); - uint32_t W01 = load_be(block.data(), 1); - uint32_t W02 = load_be(block.data(), 2); - uint32_t W03 = load_be(block.data(), 3); - uint32_t W04 = load_be(block.data(), 4); - uint32_t W05 = load_be(block.data(), 5); - uint32_t W06 = load_be(block.data(), 6); - uint32_t W07 = load_be(block.data(), 7); - uint32_t W08 = load_be(block.data(), 8); - uint32_t W09 = load_be(block.data(), 9); - uint32_t W10 = load_be(block.data(), 10); - uint32_t W11 = load_be(block.data(), 11); - uint32_t W12 = load_be(block.data(), 12); - uint32_t W13 = load_be(block.data(), 13); - uint32_t W14 = load_be(block.data(), 14); - uint32_t W15 = load_be(block.data(), 15); - - R1(A, B, C, D, E, F, G, H, 0x79CC4519, W00, W00 ^ W04); - W00 = SM3_E(W00, W07, W13, W03, W10); - R1(D, A, B, C, H, E, F, G, 0xF3988A32, W01, W01 ^ W05); - W01 = SM3_E(W01, W08, W14, W04, W11); - R1(C, D, A, B, G, H, E, F, 0xE7311465, W02, W02 ^ W06); - W02 = SM3_E(W02, W09, W15, W05, W12); - R1(B, C, D, A, F, G, H, E, 0xCE6228CB, W03, W03 ^ W07); - W03 = SM3_E(W03, W10, W00, W06, W13); - R1(A, B, C, D, E, F, G, H, 0x9CC45197, W04, W04 ^ W08); - W04 = SM3_E(W04, W11, W01, W07, W14); - R1(D, A, B, C, H, E, F, G, 0x3988A32F, W05, W05 ^ W09); - W05 = SM3_E(W05, W12, W02, W08, W15); - R1(C, D, A, B, G, H, E, F, 0x7311465E, W06, W06 ^ W10); - W06 = SM3_E(W06, W13, W03, W09, W00); - R1(B, C, D, A, F, G, H, E, 0xE6228CBC, W07, W07 ^ W11); - W07 = SM3_E(W07, W14, W04, W10, W01); - R1(A, B, C, D, E, F, G, H, 0xCC451979, W08, W08 ^ W12); - W08 = SM3_E(W08, W15, W05, W11, W02); - R1(D, A, B, C, H, E, F, G, 0x988A32F3, W09, W09 ^ W13); - W09 = SM3_E(W09, W00, W06, W12, W03); - R1(C, D, A, B, G, H, E, F, 0x311465E7, W10, W10 ^ W14); - W10 = SM3_E(W10, W01, W07, W13, W04); - R1(B, C, D, A, F, G, H, E, 0x6228CBCE, W11, W11 ^ W15); - W11 = SM3_E(W11, W02, W08, W14, W05); - R1(A, B, C, D, E, F, G, H, 0xC451979C, W12, W12 ^ W00); - W12 = SM3_E(W12, W03, W09, W15, W06); - R1(D, A, B, C, H, E, F, G, 0x88A32F39, W13, W13 ^ W01); - W13 = SM3_E(W13, W04, W10, W00, W07); - R1(C, D, A, B, G, H, E, F, 0x11465E73, W14, W14 ^ W02); - W14 = SM3_E(W14, W05, W11, W01, W08); - R1(B, C, D, A, F, G, H, E, 0x228CBCE6, W15, W15 ^ W03); - W15 = SM3_E(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W00, W00 ^ W04); - W00 = SM3_E(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W01, W01 ^ W05); - W01 = SM3_E(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W02, W02 ^ W06); - W02 = SM3_E(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W03, W03 ^ W07); - W03 = SM3_E(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W04, W04 ^ W08); - W04 = SM3_E(W04, W11, W01, W07, W14); - R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W05, W05 ^ W09); - W05 = SM3_E(W05, W12, W02, W08, W15); - R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W06, W06 ^ W10); - W06 = SM3_E(W06, W13, W03, W09, W00); - R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W07, W07 ^ W11); - W07 = SM3_E(W07, W14, W04, W10, W01); - R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W08, W08 ^ W12); - W08 = SM3_E(W08, W15, W05, W11, W02); - R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W09, W09 ^ W13); - W09 = SM3_E(W09, W00, W06, W12, W03); - R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W10, W10 ^ W14); - W10 = SM3_E(W10, W01, W07, W13, W04); - R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W11, W11 ^ W15); - W11 = SM3_E(W11, W02, W08, W14, W05); - R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W12, W12 ^ W00); - W12 = SM3_E(W12, W03, W09, W15, W06); - R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W13, W13 ^ W01); - W13 = SM3_E(W13, W04, W10, W00, W07); - R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W14, W14 ^ W02); - W14 = SM3_E(W14, W05, W11, W01, W08); - R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W15, W15 ^ W03); - W15 = SM3_E(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x7A879D8A, W00, W00 ^ W04); - W00 = SM3_E(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0xF50F3B14, W01, W01 ^ W05); - W01 = SM3_E(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0xEA1E7629, W02, W02 ^ W06); - W02 = SM3_E(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xD43CEC53, W03, W03 ^ W07); - W03 = SM3_E(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xA879D8A7, W04, W04 ^ W08); - W04 = SM3_E(W04, W11, W01, W07, W14); - R2(D, A, B, C, H, E, F, G, 0x50F3B14F, W05, W05 ^ W09); - W05 = SM3_E(W05, W12, W02, W08, W15); - R2(C, D, A, B, G, H, E, F, 0xA1E7629E, W06, W06 ^ W10); - W06 = SM3_E(W06, W13, W03, W09, W00); - R2(B, C, D, A, F, G, H, E, 0x43CEC53D, W07, W07 ^ W11); - W07 = SM3_E(W07, W14, W04, W10, W01); - R2(A, B, C, D, E, F, G, H, 0x879D8A7A, W08, W08 ^ W12); - W08 = SM3_E(W08, W15, W05, W11, W02); - R2(D, A, B, C, H, E, F, G, 0x0F3B14F5, W09, W09 ^ W13); - W09 = SM3_E(W09, W00, W06, W12, W03); - R2(C, D, A, B, G, H, E, F, 0x1E7629EA, W10, W10 ^ W14); - W10 = SM3_E(W10, W01, W07, W13, W04); - R2(B, C, D, A, F, G, H, E, 0x3CEC53D4, W11, W11 ^ W15); - W11 = SM3_E(W11, W02, W08, W14, W05); - R2(A, B, C, D, E, F, G, H, 0x79D8A7A8, W12, W12 ^ W00); - W12 = SM3_E(W12, W03, W09, W15, W06); - R2(D, A, B, C, H, E, F, G, 0xF3B14F50, W13, W13 ^ W01); - W13 = SM3_E(W13, W04, W10, W00, W07); - R2(C, D, A, B, G, H, E, F, 0xE7629EA1, W14, W14 ^ W02); - W14 = SM3_E(W14, W05, W11, W01, W08); - R2(B, C, D, A, F, G, H, E, 0xCEC53D43, W15, W15 ^ W03); - W15 = SM3_E(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W00, W00 ^ W04); - W00 = SM3_E(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W01, W01 ^ W05); - W01 = SM3_E(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W02, W02 ^ W06); - W02 = SM3_E(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W03, W03 ^ W07); - W03 = SM3_E(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W04, W04 ^ W08); - R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W05, W05 ^ W09); - R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W06, W06 ^ W10); - R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W07, W07 ^ W11); - R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W08, W08 ^ W12); - R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W09, W09 ^ W13); - R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W10, W10 ^ W14); - R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W11, W11 ^ W15); - R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W12, W12 ^ W00); - R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W13, W13 ^ W01); - R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W14, W14 ^ W02); - R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W15, W15 ^ W03); + load_be(W, in.take()); + + // clang-format off + + R1(A, B, C, D, E, F, G, H, 0x79CC4519, W[ 0], W[ 0] ^ W[ 4]); + W[ 0] = SM3_E(W[ 0], W[ 7], W[13], W[ 3], W[10]); + R1(D, A, B, C, H, E, F, G, 0xF3988A32, W[ 1], W[ 1] ^ W[ 5]); + W[ 1] = SM3_E(W[ 1], W[ 8], W[14], W[ 4], W[11]); + R1(C, D, A, B, G, H, E, F, 0xE7311465, W[ 2], W[ 2] ^ W[ 6]); + W[ 2] = SM3_E(W[ 2], W[ 9], W[15], W[ 5], W[12]); + R1(B, C, D, A, F, G, H, E, 0xCE6228CB, W[ 3], W[ 3] ^ W[ 7]); + W[ 3] = SM3_E(W[ 3], W[10], W[ 0], W[ 6], W[13]); + R1(A, B, C, D, E, F, G, H, 0x9CC45197, W[ 4], W[ 4] ^ W[ 8]); + W[ 4] = SM3_E(W[ 4], W[11], W[ 1], W[ 7], W[14]); + R1(D, A, B, C, H, E, F, G, 0x3988A32F, W[ 5], W[ 5] ^ W[ 9]); + W[ 5] = SM3_E(W[ 5], W[12], W[ 2], W[ 8], W[15]); + R1(C, D, A, B, G, H, E, F, 0x7311465E, W[ 6], W[ 6] ^ W[10]); + W[ 6] = SM3_E(W[ 6], W[13], W[ 3], W[ 9], W[ 0]); + R1(B, C, D, A, F, G, H, E, 0xE6228CBC, W[ 7], W[ 7] ^ W[11]); + W[ 7] = SM3_E(W[ 7], W[14], W[ 4], W[10], W[ 1]); + R1(A, B, C, D, E, F, G, H, 0xCC451979, W[ 8], W[ 8] ^ W[12]); + W[ 8] = SM3_E(W[ 8], W[15], W[ 5], W[11], W[ 2]); + R1(D, A, B, C, H, E, F, G, 0x988A32F3, W[ 9], W[ 9] ^ W[13]); + W[ 9] = SM3_E(W[ 9], W[ 0], W[ 6], W[12], W[ 3]); + R1(C, D, A, B, G, H, E, F, 0x311465E7, W[10], W[10] ^ W[14]); + W[10] = SM3_E(W[10], W[ 1], W[ 7], W[13], W[ 4]); + R1(B, C, D, A, F, G, H, E, 0x6228CBCE, W[11], W[11] ^ W[15]); + W[11] = SM3_E(W[11], W[ 2], W[ 8], W[14], W[ 5]); + R1(A, B, C, D, E, F, G, H, 0xC451979C, W[12], W[12] ^ W[ 0]); + W[12] = SM3_E(W[12], W[ 3], W[ 9], W[15], W[ 6]); + R1(D, A, B, C, H, E, F, G, 0x88A32F39, W[13], W[13] ^ W[ 1]); + W[13] = SM3_E(W[13], W[ 4], W[10], W[ 0], W[ 7]); + R1(C, D, A, B, G, H, E, F, 0x11465E73, W[14], W[14] ^ W[ 2]); + W[14] = SM3_E(W[14], W[ 5], W[11], W[ 1], W[ 8]); + R1(B, C, D, A, F, G, H, E, 0x228CBCE6, W[15], W[15] ^ W[ 3]); + W[15] = SM3_E(W[15], W[ 6], W[12], W[ 2], W[ 9]); + R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W[ 0], W[ 0] ^ W[ 4]); + W[ 0] = SM3_E(W[ 0], W[ 7], W[13], W[ 3], W[10]); + R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W[ 1], W[ 1] ^ W[ 5]); + W[ 1] = SM3_E(W[ 1], W[ 8], W[14], W[ 4], W[11]); + R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W[ 2], W[ 2] ^ W[ 6]); + W[ 2] = SM3_E(W[ 2], W[ 9], W[15], W[ 5], W[12]); + R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W[ 3], W[ 3] ^ W[ 7]); + W[ 3] = SM3_E(W[ 3], W[10], W[ 0], W[ 6], W[13]); + R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W[ 4], W[ 4] ^ W[ 8]); + W[ 4] = SM3_E(W[ 4], W[11], W[ 1], W[ 7], W[14]); + R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W[ 5], W[ 5] ^ W[ 9]); + W[ 5] = SM3_E(W[ 5], W[12], W[ 2], W[ 8], W[15]); + R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W[ 6], W[ 6] ^ W[10]); + W[ 6] = SM3_E(W[ 6], W[13], W[ 3], W[ 9], W[ 0]); + R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W[ 7], W[ 7] ^ W[11]); + W[ 7] = SM3_E(W[ 7], W[14], W[ 4], W[10], W[ 1]); + R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W[ 8], W[ 8] ^ W[12]); + W[ 8] = SM3_E(W[ 8], W[15], W[ 5], W[11], W[ 2]); + R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W[ 9], W[ 9] ^ W[13]); + W[ 9] = SM3_E(W[ 9], W[ 0], W[ 6], W[12], W[ 3]); + R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W[10], W[10] ^ W[14]); + W[10] = SM3_E(W[10], W[ 1], W[ 7], W[13], W[ 4]); + R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W[11], W[11] ^ W[15]); + W[11] = SM3_E(W[11], W[ 2], W[ 8], W[14], W[ 5]); + R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W[12], W[12] ^ W[ 0]); + W[12] = SM3_E(W[12], W[ 3], W[ 9], W[15], W[ 6]); + R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W[13], W[13] ^ W[ 1]); + W[13] = SM3_E(W[13], W[ 4], W[10], W[ 0], W[ 7]); + R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W[14], W[14] ^ W[ 2]); + W[14] = SM3_E(W[14], W[ 5], W[11], W[ 1], W[ 8]); + R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W[15], W[15] ^ W[ 3]); + W[15] = SM3_E(W[15], W[ 6], W[12], W[ 2], W[ 9]); + R2(A, B, C, D, E, F, G, H, 0x7A879D8A, W[ 0], W[ 0] ^ W[ 4]); + W[ 0] = SM3_E(W[ 0], W[ 7], W[13], W[ 3], W[10]); + R2(D, A, B, C, H, E, F, G, 0xF50F3B14, W[ 1], W[ 1] ^ W[ 5]); + W[ 1] = SM3_E(W[ 1], W[ 8], W[14], W[ 4], W[11]); + R2(C, D, A, B, G, H, E, F, 0xEA1E7629, W[ 2], W[ 2] ^ W[ 6]); + W[ 2] = SM3_E(W[ 2], W[ 9], W[15], W[ 5], W[12]); + R2(B, C, D, A, F, G, H, E, 0xD43CEC53, W[ 3], W[ 3] ^ W[ 7]); + W[ 3] = SM3_E(W[ 3], W[10], W[ 0], W[ 6], W[13]); + R2(A, B, C, D, E, F, G, H, 0xA879D8A7, W[ 4], W[ 4] ^ W[ 8]); + W[ 4] = SM3_E(W[ 4], W[11], W[ 1], W[ 7], W[14]); + R2(D, A, B, C, H, E, F, G, 0x50F3B14F, W[ 5], W[ 5] ^ W[ 9]); + W[ 5] = SM3_E(W[ 5], W[12], W[ 2], W[ 8], W[15]); + R2(C, D, A, B, G, H, E, F, 0xA1E7629E, W[ 6], W[ 6] ^ W[10]); + W[ 6] = SM3_E(W[ 6], W[13], W[ 3], W[ 9], W[ 0]); + R2(B, C, D, A, F, G, H, E, 0x43CEC53D, W[ 7], W[ 7] ^ W[11]); + W[ 7] = SM3_E(W[ 7], W[14], W[ 4], W[10], W[ 1]); + R2(A, B, C, D, E, F, G, H, 0x879D8A7A, W[ 8], W[ 8] ^ W[12]); + W[ 8] = SM3_E(W[ 8], W[15], W[ 5], W[11], W[ 2]); + R2(D, A, B, C, H, E, F, G, 0x0F3B14F5, W[ 9], W[ 9] ^ W[13]); + W[ 9] = SM3_E(W[ 9], W[ 0], W[ 6], W[12], W[ 3]); + R2(C, D, A, B, G, H, E, F, 0x1E7629EA, W[10], W[10] ^ W[14]); + W[10] = SM3_E(W[10], W[ 1], W[ 7], W[13], W[ 4]); + R2(B, C, D, A, F, G, H, E, 0x3CEC53D4, W[11], W[11] ^ W[15]); + W[11] = SM3_E(W[11], W[ 2], W[ 8], W[14], W[ 5]); + R2(A, B, C, D, E, F, G, H, 0x79D8A7A8, W[12], W[12] ^ W[ 0]); + W[12] = SM3_E(W[12], W[ 3], W[ 9], W[15], W[ 6]); + R2(D, A, B, C, H, E, F, G, 0xF3B14F50, W[13], W[13] ^ W[ 1]); + W[13] = SM3_E(W[13], W[ 4], W[10], W[ 0], W[ 7]); + R2(C, D, A, B, G, H, E, F, 0xE7629EA1, W[14], W[14] ^ W[ 2]); + W[14] = SM3_E(W[14], W[ 5], W[11], W[ 1], W[ 8]); + R2(B, C, D, A, F, G, H, E, 0xCEC53D43, W[15], W[15] ^ W[ 3]); + W[15] = SM3_E(W[15], W[ 6], W[12], W[ 2], W[ 9]); + R2(A, B, C, D, E, F, G, H, 0x9D8A7A87, W[ 0], W[ 0] ^ W[ 4]); + W[ 0] = SM3_E(W[ 0], W[ 7], W[13], W[ 3], W[10]); + R2(D, A, B, C, H, E, F, G, 0x3B14F50F, W[ 1], W[ 1] ^ W[ 5]); + W[ 1] = SM3_E(W[ 1], W[ 8], W[14], W[ 4], W[11]); + R2(C, D, A, B, G, H, E, F, 0x7629EA1E, W[ 2], W[ 2] ^ W[ 6]); + W[ 2] = SM3_E(W[ 2], W[ 9], W[15], W[ 5], W[12]); + R2(B, C, D, A, F, G, H, E, 0xEC53D43C, W[ 3], W[ 3] ^ W[ 7]); + W[ 3] = SM3_E(W[ 3], W[10], W[ 0], W[ 6], W[13]); + R2(A, B, C, D, E, F, G, H, 0xD8A7A879, W[ 4], W[ 4] ^ W[ 8]); + R2(D, A, B, C, H, E, F, G, 0xB14F50F3, W[ 5], W[ 5] ^ W[ 9]); + R2(C, D, A, B, G, H, E, F, 0x629EA1E7, W[ 6], W[ 6] ^ W[10]); + R2(B, C, D, A, F, G, H, E, 0xC53D43CE, W[ 7], W[ 7] ^ W[11]); + R2(A, B, C, D, E, F, G, H, 0x8A7A879D, W[ 8], W[ 8] ^ W[12]); + R2(D, A, B, C, H, E, F, G, 0x14F50F3B, W[ 9], W[ 9] ^ W[13]); + R2(C, D, A, B, G, H, E, F, 0x29EA1E76, W[10], W[10] ^ W[14]); + R2(B, C, D, A, F, G, H, E, 0x53D43CEC, W[11], W[11] ^ W[15]); + R2(A, B, C, D, E, F, G, H, 0xA7A879D8, W[12], W[12] ^ W[ 0]); + R2(D, A, B, C, H, E, F, G, 0x4F50F3B1, W[13], W[13] ^ W[ 1]); + R2(C, D, A, B, G, H, E, F, 0x9EA1E762, W[14], W[14] ^ W[ 2]); + R2(B, C, D, A, F, G, H, E, 0x3D43CEC5, W[15], W[15] ^ W[ 3]); + + // clang-format on A = (digest[0] ^= A); B = (digest[1] ^= B);