diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-09-14 15:58:09 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-09-25 18:39:43 +0300 |
commit | b50bed1269be493f453c24de196bf89229abd2fd (patch) | |
tree | e1f693b6a888526d0b198e5081a02ebbc435ff7a | |
parent | 0c9323a9e64ca88a6f11d007e6f31c609762e950 (diff) | |
download | libmicrohttpd-b50bed1269be493f453c24de196bf89229abd2fd.tar.gz libmicrohttpd-b50bed1269be493f453c24de196bf89229abd2fd.zip |
sha{256,512_256}: improved performance of the first steps on BE arches
-rw-r--r-- | src/microhttpd/sha256.c | 98 | ||||
-rw-r--r-- | src/microhttpd/sha512_256.c | 98 |
2 files changed, 126 insertions, 70 deletions
diff --git a/src/microhttpd/sha256.c b/src/microhttpd/sha256.c index b03e7555..2f9edf6a 100644 --- a/src/microhttpd/sha256.c +++ b/src/microhttpd/sha256.c | |||
@@ -145,9 +145,7 @@ sha256_transform (uint32_t H[SHA256_DIGEST_SIZE_WORDS], | |||
145 | + (w)[((t) - 7) & 0xf] + sig0 ((w)[((t) - 15) & 0xf]) ) | 145 | + (w)[((t) - 7) & 0xf] + sig0 ((w)[((t) - 15) & 0xf]) ) |
146 | 146 | ||
147 | #ifndef MHD_FAVOR_SMALL_CODE | 147 | #ifndef MHD_FAVOR_SMALL_CODE |
148 | /* During first 16 steps, before making any calculations on each step, | 148 | |
149 | the W element is read from input data buffer as big-endian value and | ||
150 | stored in array of W elements. */ | ||
151 | /* Note: instead of using K constants as array, all K values are specified | 149 | /* Note: instead of using K constants as array, all K values are specified |
152 | individually for each step, see FIPS PUB 180-4 paragraph 4.2.2 for | 150 | individually for each step, see FIPS PUB 180-4 paragraph 4.2.2 for |
153 | K values. */ | 151 | K values. */ |
@@ -157,38 +155,68 @@ sha256_transform (uint32_t H[SHA256_DIGEST_SIZE_WORDS], | |||
157 | SHA2STEP32(h, a, b, c, d, e, f, g, K[1], data[1]); | 155 | SHA2STEP32(h, a, b, c, d, e, f, g, K[1], data[1]); |
158 | so current 'vD' will be used as 'vE' on next step, | 156 | so current 'vD' will be used as 'vE' on next step, |
159 | current 'vH' will be used as 'vA' on next step. */ | 157 | current 'vH' will be used as 'vA' on next step. */ |
160 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0x428a2f98), W[0] = \ | 158 | #if _MHD_BYTE_ORDER == _MHD_BIG_ENDIAN |
161 | GET_W_FROM_DATA (data, 0)); | 159 | if ((const void *) W == data) |
162 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x71374491), W[1] = \ | 160 | { |
163 | GET_W_FROM_DATA (data, 1)); | 161 | /* The input data is already in the cyclic data buffer W[] in correct bytes |
164 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0xb5c0fbcf), W[2] = \ | 162 | order. */ |
165 | GET_W_FROM_DATA (data, 2)); | 163 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0x428a2f98), W[0]); |
166 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0xe9b5dba5), W[3] = \ | 164 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x71374491), W[1]); |
167 | GET_W_FROM_DATA (data, 3)); | 165 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0xb5c0fbcf), W[2]); |
168 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x3956c25b), W[4] = \ | 166 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0xe9b5dba5), W[3]); |
169 | GET_W_FROM_DATA (data, 4)); | 167 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x3956c25b), W[4]); |
170 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x59f111f1), W[5] = \ | 168 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x59f111f1), W[5]); |
171 | GET_W_FROM_DATA (data, 5)); | 169 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x923f82a4), W[6]); |
172 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x923f82a4), W[6] = \ | 170 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xab1c5ed5), W[7]); |
173 | GET_W_FROM_DATA (data, 6)); | 171 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0xd807aa98), W[8]); |
174 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xab1c5ed5), W[7] = \ | 172 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x12835b01), W[9]); |
175 | GET_W_FROM_DATA (data, 7)); | 173 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0x243185be), W[10]); |
176 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0xd807aa98), W[8] = \ | 174 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0x550c7dc3), W[11]); |
177 | GET_W_FROM_DATA (data, 8)); | 175 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x72be5d74), W[12]); |
178 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x12835b01), W[9] = \ | 176 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x80deb1fe), W[13]); |
179 | GET_W_FROM_DATA (data, 9)); | 177 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x9bdc06a7), W[14]); |
180 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0x243185be), W[10] = \ | 178 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xc19bf174), W[15]); |
181 | GET_W_FROM_DATA (data, 10)); | 179 | } |
182 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0x550c7dc3), W[11] = \ | 180 | else /* Combined with the next 'if' */ |
183 | GET_W_FROM_DATA (data, 11)); | 181 | #endif /* _MHD_BYTE_ORDER == _MHD_BIG_ENDIAN */ |
184 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x72be5d74), W[12] = \ | 182 | if (1) |
185 | GET_W_FROM_DATA (data, 12)); | 183 | { |
186 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x80deb1fe), W[13] = \ | 184 | /* During first 16 steps, before making any calculations on each step, |
187 | GET_W_FROM_DATA (data, 13)); | 185 | the W element is read from input data buffer as big-endian value and |
188 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x9bdc06a7), W[14] = \ | 186 | stored in array of W elements. */ |
189 | GET_W_FROM_DATA (data, 14)); | 187 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0x428a2f98), W[0] = \ |
190 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xc19bf174), W[15] = \ | 188 | GET_W_FROM_DATA (data, 0)); |
191 | GET_W_FROM_DATA (data, 15)); | 189 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x71374491), W[1] = \ |
190 | GET_W_FROM_DATA (data, 1)); | ||
191 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0xb5c0fbcf), W[2] = \ | ||
192 | GET_W_FROM_DATA (data, 2)); | ||
193 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0xe9b5dba5), W[3] = \ | ||
194 | GET_W_FROM_DATA (data, 3)); | ||
195 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x3956c25b), W[4] = \ | ||
196 | GET_W_FROM_DATA (data, 4)); | ||
197 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x59f111f1), W[5] = \ | ||
198 | GET_W_FROM_DATA (data, 5)); | ||
199 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x923f82a4), W[6] = \ | ||
200 | GET_W_FROM_DATA (data, 6)); | ||
201 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xab1c5ed5), W[7] = \ | ||
202 | GET_W_FROM_DATA (data, 7)); | ||
203 | SHA2STEP32 (a, b, c, d, e, f, g, h, UINT32_C (0xd807aa98), W[8] = \ | ||
204 | GET_W_FROM_DATA (data, 8)); | ||
205 | SHA2STEP32 (h, a, b, c, d, e, f, g, UINT32_C (0x12835b01), W[9] = \ | ||
206 | GET_W_FROM_DATA (data, 9)); | ||
207 | SHA2STEP32 (g, h, a, b, c, d, e, f, UINT32_C (0x243185be), W[10] = \ | ||
208 | GET_W_FROM_DATA (data, 10)); | ||
209 | SHA2STEP32 (f, g, h, a, b, c, d, e, UINT32_C (0x550c7dc3), W[11] = \ | ||
210 | GET_W_FROM_DATA (data, 11)); | ||
211 | SHA2STEP32 (e, f, g, h, a, b, c, d, UINT32_C (0x72be5d74), W[12] = \ | ||
212 | GET_W_FROM_DATA (data, 12)); | ||
213 | SHA2STEP32 (d, e, f, g, h, a, b, c, UINT32_C (0x80deb1fe), W[13] = \ | ||
214 | GET_W_FROM_DATA (data, 13)); | ||
215 | SHA2STEP32 (c, d, e, f, g, h, a, b, UINT32_C (0x9bdc06a7), W[14] = \ | ||
216 | GET_W_FROM_DATA (data, 14)); | ||
217 | SHA2STEP32 (b, c, d, e, f, g, h, a, UINT32_C (0xc19bf174), W[15] = \ | ||
218 | GET_W_FROM_DATA (data, 15)); | ||
219 | } | ||
192 | 220 | ||
193 | /* During last 48 steps, before making any calculations on each step, | 221 | /* During last 48 steps, before making any calculations on each step, |
194 | current W element is generated from other W elements of the cyclic buffer | 222 | current W element is generated from other W elements of the cyclic buffer |
diff --git a/src/microhttpd/sha512_256.c b/src/microhttpd/sha512_256.c index a42a9b8e..b7682b28 100644 --- a/src/microhttpd/sha512_256.c +++ b/src/microhttpd/sha512_256.c | |||
@@ -144,9 +144,7 @@ sha512_256_transform (uint64_t H[SHA512_256_HASH_SIZE_WORDS], | |||
144 | + (w)[((t) - 7) & 15] + sig0 ((w)[((t) - 15) & 15]) ) | 144 | + (w)[((t) - 7) & 15] + sig0 ((w)[((t) - 15) & 15]) ) |
145 | 145 | ||
146 | #ifndef MHD_FAVOR_SMALL_CODE | 146 | #ifndef MHD_FAVOR_SMALL_CODE |
147 | /* During first 16 steps, before making any calculations on each step, | 147 | |
148 | the W element is read from the input data buffer as big-endian value and | ||
149 | stored in the array of W elements. */ | ||
150 | /* Note: instead of using K constants as array, all K values are specified | 148 | /* Note: instead of using K constants as array, all K values are specified |
151 | individually for each step, see FIPS PUB 180-4 clause 4.2.3 for | 149 | individually for each step, see FIPS PUB 180-4 clause 4.2.3 for |
152 | K values. */ | 150 | K values. */ |
@@ -156,38 +154,68 @@ sha512_256_transform (uint64_t H[SHA512_256_HASH_SIZE_WORDS], | |||
156 | SHA2STEP64(h, a, b, c, d, e, f, g, K[1], data[1]); | 154 | SHA2STEP64(h, a, b, c, d, e, f, g, K[1], data[1]); |
157 | so current 'vD' will be used as 'vE' on next step, | 155 | so current 'vD' will be used as 'vE' on next step, |
158 | current 'vH' will be used as 'vA' on next step. */ | 156 | current 'vH' will be used as 'vA' on next step. */ |
159 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0x428a2f98d728ae22), \ | 157 | #if _MHD_BYTE_ORDER == _MHD_BIG_ENDIAN |
160 | W[0] = GET_W_FROM_DATA (data, 0)); | 158 | if ((const void *) W == data) |
161 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x7137449123ef65cd), \ | 159 | { |
162 | W[1] = GET_W_FROM_DATA (data, 1)); | 160 | /* The input data is already in the cyclic data buffer W[] in correct bytes |
163 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0xb5c0fbcfec4d3b2f), \ | 161 | order. */ |
164 | W[2] = GET_W_FROM_DATA (data, 2)); | 162 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0x428a2f98d728ae22), W[0]); |
165 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0xe9b5dba58189dbbc), \ | 163 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x7137449123ef65cd), W[1]); |
166 | W[3] = GET_W_FROM_DATA (data, 3)); | 164 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0xb5c0fbcfec4d3b2f), W[2]); |
167 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x3956c25bf348b538), \ | 165 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0xe9b5dba58189dbbc), W[3]); |
168 | W[4] = GET_W_FROM_DATA (data, 4)); | 166 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x3956c25bf348b538), W[4]); |
169 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x59f111f1b605d019), \ | 167 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x59f111f1b605d019), W[5]); |
170 | W[5] = GET_W_FROM_DATA (data, 5)); | 168 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x923f82a4af194f9b), W[6]); |
171 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x923f82a4af194f9b), \ | 169 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xab1c5ed5da6d8118), W[7]); |
172 | W[6] = GET_W_FROM_DATA (data, 6)); | 170 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0xd807aa98a3030242), W[8]); |
173 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xab1c5ed5da6d8118), \ | 171 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x12835b0145706fbe), W[9]); |
174 | W[7] = GET_W_FROM_DATA (data, 7)); | 172 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0x243185be4ee4b28c), W[10]); |
175 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0xd807aa98a3030242), \ | 173 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0x550c7dc3d5ffb4e2), W[11]); |
176 | W[8] = GET_W_FROM_DATA (data, 8)); | 174 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x72be5d74f27b896f), W[12]); |
177 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x12835b0145706fbe), \ | 175 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x80deb1fe3b1696b1), W[13]); |
178 | W[9] = GET_W_FROM_DATA (data, 9)); | 176 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x9bdc06a725c71235), W[14]); |
179 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0x243185be4ee4b28c), \ | 177 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xc19bf174cf692694), W[15]); |
180 | W[10] = GET_W_FROM_DATA (data, 10)); | 178 | } |
181 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0x550c7dc3d5ffb4e2), \ | 179 | else /* Combined with the next 'if' */ |
182 | W[11] = GET_W_FROM_DATA (data, 11)); | 180 | #endif /* _MHD_BYTE_ORDER == _MHD_BIG_ENDIAN */ |
183 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x72be5d74f27b896f), \ | 181 | if (1) |
184 | W[12] = GET_W_FROM_DATA (data, 12)); | 182 | { |
185 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x80deb1fe3b1696b1), \ | 183 | /* During first 16 steps, before making any calculations on each step, |
186 | W[13] = GET_W_FROM_DATA (data, 13)); | 184 | the W element is read from the input data buffer as big-endian value and |
187 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x9bdc06a725c71235), \ | 185 | stored in the array of W elements. */ |
188 | W[14] = GET_W_FROM_DATA (data, 14)); | 186 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0x428a2f98d728ae22), \ |
189 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xc19bf174cf692694), \ | 187 | W[0] = GET_W_FROM_DATA (data, 0)); |
190 | W[15] = GET_W_FROM_DATA (data, 15)); | 188 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x7137449123ef65cd), \ |
189 | W[1] = GET_W_FROM_DATA (data, 1)); | ||
190 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0xb5c0fbcfec4d3b2f), \ | ||
191 | W[2] = GET_W_FROM_DATA (data, 2)); | ||
192 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0xe9b5dba58189dbbc), \ | ||
193 | W[3] = GET_W_FROM_DATA (data, 3)); | ||
194 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x3956c25bf348b538), \ | ||
195 | W[4] = GET_W_FROM_DATA (data, 4)); | ||
196 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x59f111f1b605d019), \ | ||
197 | W[5] = GET_W_FROM_DATA (data, 5)); | ||
198 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x923f82a4af194f9b), \ | ||
199 | W[6] = GET_W_FROM_DATA (data, 6)); | ||
200 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xab1c5ed5da6d8118), \ | ||
201 | W[7] = GET_W_FROM_DATA (data, 7)); | ||
202 | SHA2STEP64 (a, b, c, d, e, f, g, h, UINT64_C (0xd807aa98a3030242), \ | ||
203 | W[8] = GET_W_FROM_DATA (data, 8)); | ||
204 | SHA2STEP64 (h, a, b, c, d, e, f, g, UINT64_C (0x12835b0145706fbe), \ | ||
205 | W[9] = GET_W_FROM_DATA (data, 9)); | ||
206 | SHA2STEP64 (g, h, a, b, c, d, e, f, UINT64_C (0x243185be4ee4b28c), \ | ||
207 | W[10] = GET_W_FROM_DATA (data, 10)); | ||
208 | SHA2STEP64 (f, g, h, a, b, c, d, e, UINT64_C (0x550c7dc3d5ffb4e2), \ | ||
209 | W[11] = GET_W_FROM_DATA (data, 11)); | ||
210 | SHA2STEP64 (e, f, g, h, a, b, c, d, UINT64_C (0x72be5d74f27b896f), \ | ||
211 | W[12] = GET_W_FROM_DATA (data, 12)); | ||
212 | SHA2STEP64 (d, e, f, g, h, a, b, c, UINT64_C (0x80deb1fe3b1696b1), \ | ||
213 | W[13] = GET_W_FROM_DATA (data, 13)); | ||
214 | SHA2STEP64 (c, d, e, f, g, h, a, b, UINT64_C (0x9bdc06a725c71235), \ | ||
215 | W[14] = GET_W_FROM_DATA (data, 14)); | ||
216 | SHA2STEP64 (b, c, d, e, f, g, h, a, UINT64_C (0xc19bf174cf692694), \ | ||
217 | W[15] = GET_W_FROM_DATA (data, 15)); | ||
218 | } | ||
191 | 219 | ||
192 | /* During last 64 steps, before making any calculations on each step, | 220 | /* During last 64 steps, before making any calculations on each step, |
193 | current W element is generated from other W elements of the cyclic buffer | 221 | current W element is generated from other W elements of the cyclic buffer |