1 /* 2 BLAKE2 reference source code package - optimized C implementations 3 4 Copyright 2012, Samuel Neves <sneves@dei.uc.pt>. You may use this under the 5 terms of the CC0, the OpenSSL Licence, or the Apache Public License 2.0, at 6 your option. The terms of these licenses can be found at: 7 8 - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0 9 - OpenSSL license : https://www.openssl.org/source/license.html 10 - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0 11 12 More information about the BLAKE2 hash function can be found at 13 https://blake2.net. 14 */ 15 #ifndef BLAKE2B_ROUND_H 16 #define BLAKE2B_ROUND_H 17 18 #define LOADU(p) _mm_loadu_si128( (const __m128i *)(p) ) 19 #define STOREU(p,r) _mm_storeu_si128((__m128i *)(p), r) 20 21 #define TOF(reg) _mm_castsi128_ps((reg)) 22 #define TOI(reg) _mm_castps_si128((reg)) 23 24 #define LIKELY(x) __builtin_expect((x),1) 25 26 27 /* Microarchitecture-specific macros */ 28 #ifndef HAVE_XOP 29 #ifdef HAVE_SSSE3 30 #define _mm_roti_epi64(x, c) \ 31 (-(c) == 32) ? _mm_shuffle_epi32((x), _MM_SHUFFLE(2,3,0,1)) \ 32 : (-(c) == 24) ? _mm_shuffle_epi8((x), r24) \ 33 : (-(c) == 16) ? _mm_shuffle_epi8((x), r16) \ 34 : (-(c) == 63) ? _mm_xor_si128(_mm_srli_epi64((x), -(c)), _mm_add_epi64((x), (x))) \ 35 : _mm_xor_si128(_mm_srli_epi64((x), -(c)), _mm_slli_epi64((x), 64-(-(c)))) 36 #else 37 #define _mm_roti_epi64(r, c) _mm_xor_si128(_mm_srli_epi64( (r), -(c) ),_mm_slli_epi64( (r), 64-(-(c)) )) 38 #endif 39 #else 40 /* ... */ 41 #endif 42 43 44 45 #define G1(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1) \ 46 row1l = _mm_add_epi64(_mm_add_epi64(row1l, b0), row2l); \ 47 row1h = _mm_add_epi64(_mm_add_epi64(row1h, b1), row2h); \ 48 \ 49 row4l = _mm_xor_si128(row4l, row1l); \ 50 row4h = _mm_xor_si128(row4h, row1h); \ 51 \ 52 row4l = _mm_roti_epi64(row4l, -32); \ 53 row4h = _mm_roti_epi64(row4h, -32); \ 54 \ 55 row3l = _mm_add_epi64(row3l, row4l); \ 56 row3h = _mm_add_epi64(row3h, row4h); \ 57 \ 58 row2l = _mm_xor_si128(row2l, row3l); \ 59 row2h = _mm_xor_si128(row2h, row3h); \ 60 \ 61 row2l = _mm_roti_epi64(row2l, -24); \ 62 row2h = _mm_roti_epi64(row2h, -24); \ 63 64 #define G2(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1) \ 65 row1l = _mm_add_epi64(_mm_add_epi64(row1l, b0), row2l); \ 66 row1h = _mm_add_epi64(_mm_add_epi64(row1h, b1), row2h); \ 67 \ 68 row4l = _mm_xor_si128(row4l, row1l); \ 69 row4h = _mm_xor_si128(row4h, row1h); \ 70 \ 71 row4l = _mm_roti_epi64(row4l, -16); \ 72 row4h = _mm_roti_epi64(row4h, -16); \ 73 \ 74 row3l = _mm_add_epi64(row3l, row4l); \ 75 row3h = _mm_add_epi64(row3h, row4h); \ 76 \ 77 row2l = _mm_xor_si128(row2l, row3l); \ 78 row2h = _mm_xor_si128(row2h, row3h); \ 79 \ 80 row2l = _mm_roti_epi64(row2l, -63); \ 81 row2h = _mm_roti_epi64(row2h, -63); \ 82 83 #if defined(HAVE_SSSE3) 84 #define DIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h) \ 85 t0 = _mm_alignr_epi8(row2h, row2l, 8); \ 86 t1 = _mm_alignr_epi8(row2l, row2h, 8); \ 87 row2l = t0; \ 88 row2h = t1; \ 89 \ 90 t0 = row3l; \ 91 row3l = row3h; \ 92 row3h = t0; \ 93 \ 94 t0 = _mm_alignr_epi8(row4h, row4l, 8); \ 95 t1 = _mm_alignr_epi8(row4l, row4h, 8); \ 96 row4l = t1; \ 97 row4h = t0; 98 99 #define UNDIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h) \ 100 t0 = _mm_alignr_epi8(row2l, row2h, 8); \ 101 t1 = _mm_alignr_epi8(row2h, row2l, 8); \ 102 row2l = t0; \ 103 row2h = t1; \ 104 \ 105 t0 = row3l; \ 106 row3l = row3h; \ 107 row3h = t0; \ 108 \ 109 t0 = _mm_alignr_epi8(row4l, row4h, 8); \ 110 t1 = _mm_alignr_epi8(row4h, row4l, 8); \ 111 row4l = t1; \ 112 row4h = t0; 113 #else 114 115 #define DIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h) \ 116 t0 = row4l;\ 117 t1 = row2l;\ 118 row4l = row3l;\ 119 row3l = row3h;\ 120 row3h = row4l;\ 121 row4l = _mm_unpackhi_epi64(row4h, _mm_unpacklo_epi64(t0, t0)); \ 122 row4h = _mm_unpackhi_epi64(t0, _mm_unpacklo_epi64(row4h, row4h)); \ 123 row2l = _mm_unpackhi_epi64(row2l, _mm_unpacklo_epi64(row2h, row2h)); \ 124 row2h = _mm_unpackhi_epi64(row2h, _mm_unpacklo_epi64(t1, t1)) 125 126 #define UNDIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h) \ 127 t0 = row3l;\ 128 row3l = row3h;\ 129 row3h = t0;\ 130 t0 = row2l;\ 131 t1 = row4l;\ 132 row2l = _mm_unpackhi_epi64(row2h, _mm_unpacklo_epi64(row2l, row2l)); \ 133 row2h = _mm_unpackhi_epi64(t0, _mm_unpacklo_epi64(row2h, row2h)); \ 134 row4l = _mm_unpackhi_epi64(row4l, _mm_unpacklo_epi64(row4h, row4h)); \ 135 row4h = _mm_unpackhi_epi64(row4h, _mm_unpacklo_epi64(t1, t1)) 136 137 #endif 138 139 #if defined(HAVE_SSE41) 140 #include "blake2b-load-sse41.h" 141 #else 142 #include "blake2b-load-sse2.h" 143 #endif 144 145 #define ROUND(r) \ 146 LOAD_MSG_ ##r ##_1(b0, b1); \ 147 G1(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1); \ 148 LOAD_MSG_ ##r ##_2(b0, b1); \ 149 G2(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1); \ 150 DIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h); \ 151 LOAD_MSG_ ##r ##_3(b0, b1); \ 152 G1(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1); \ 153 LOAD_MSG_ ##r ##_4(b0, b1); \ 154 G2(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h,b0,b1); \ 155 UNDIAGONALIZE(row1l,row2l,row3l,row4l,row1h,row2h,row3h,row4h); 156 157 #endif 158