10 #if defined(CRYPTOPP_DISABLE_TIGER_ASM)
11 # undef CRYPTOPP_X86_ASM_AVAILABLE
12 # undef CRYPTOPP_X32_ASM_AVAILABLE
13 # undef CRYPTOPP_X64_ASM_AVAILABLE
14 # undef CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
17 NAMESPACE_BEGIN(CryptoPP)
19 void
Tiger::InitState(HashWordType *state)
21 state[0] = W64LIT(0x0123456789ABCDEF);
22 state[1] = W64LIT(0xFEDCBA9876543210);
23 state[2] = W64LIT(0xF096A5B4C3B2E187);
28 ThrowIfInvalidTruncatedSize(size);
30 PadLastBlock(56, 0x01);
33 m_data[7] = GetBitCountLo();
35 Transform(m_state, m_data);
37 memcpy(hash, m_state, size);
42 void Tiger::Transform (word64 *digest,
const word64 *X)
44 #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE && (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32)
54 const word64 *t = table;
57 AS2( lea edx, [table])
63 AS2( movq mm1, [eax+1*8])
65 AS2( movq mm2, [eax+2*8])
66 AS2( movq mm7, [edx+4*2048+0*8])
67 AS2( movq mm6, [edx+4*2048+1*8])
69 AS2( and esp, 0xfffffff0)
73 #define SSE2_round(a,b,c,x,mul) \
77 AS2( movq mm3, [edx+0*2048+edi*8])\
79 AS2( movq mm4, [edx+3*2048+edi*8])\
82 AS2( pxor mm3, [edx+1*2048+edi*8])\
84 AS2( pxor mm4, [edx+2*2048+edi*8])\
85 AS3( pextrw ecx, c, 2)\
87 AS2( pxor mm3, [edx+2*2048+edi*8])\
89 AS2( pxor mm4, [edx+1*2048+edi*8])\
90 AS3( pextrw ecx, c, 3)\
92 AS2( pxor mm3, [edx+3*2048+edi*8])\
95 AS2( pxor mm4, [edx+0*2048+edi*8])\
99 #define SSE2_mul_5(b) \
104 #define SSE2_mul_7(b) \
109 #define SSE2_mul_9(b) \
118 #define SSE2_pass(A,B,C,mul,X) \
121 SSE2_round(A,B,C,X+0*8+ebx,mul)\
122 SSE2_round(B,C,A,X+1*8+ebx,mul)\
124 ASJ( je, label2_##mul, f)\
125 SSE2_round(C,A,B,X+2*8+ebx,mul)\
130 #define SSE2_key_schedule(Y,X) \
131 AS2( movq mm3, [X+7*8])\
133 AS2( movq mm4, [X+0*8])\
134 AS2( psubq mm4, mm3)\
135 AS2( movq [Y+0*8], mm4)\
136 AS2( pxor mm4, [X+1*8])\
138 AS2( movq [Y+1*8], mm4)\
139 AS2( paddq mm4, [X+2*8])\
142 AS2( movq [Y+2*8], mm4)\
144 AS2( movq mm4, [X+3*8])\
145 AS2( psubq mm4, mm3)\
146 AS2( movq [Y+3*8], mm4)\
147 AS2( pxor mm4, [X+4*8])\
149 AS2( movq [Y+4*8], mm4)\
150 AS2( paddq mm4, [X+5*8])\
153 AS2( movq [Y+5*8], mm4)\
155 AS2( movq mm4, [X+6*8])\
156 AS2( psubq mm4, mm3)\
157 AS2( movq [Y+6*8], mm4)\
158 AS2( pxor mm4, [X+7*8])\
160 AS2( movq [Y+7*8], mm4)\
161 AS2( paddq mm4, [Y+0*8])\
164 AS2( movq [Y+0*8], mm4)\
166 AS2( movq mm4, [Y+1*8])\
167 AS2( psubq mm4, mm3)\
168 AS2( movq [Y+1*8], mm4)\
169 AS2( pxor mm4, [Y+2*8])\
171 AS2( movq [Y+2*8], mm4)\
172 AS2( paddq mm4, [Y+3*8])\
175 AS2( movq [Y+3*8], mm4)\
177 AS2( movq mm4, [Y+4*8])\
178 AS2( psubq mm4, mm3)\
179 AS2( movq [Y+4*8], mm4)\
180 AS2( pxor mm4, [Y+5*8])\
181 AS2( movq [Y+5*8], mm4)\
182 AS2( paddq mm4, [Y+6*8])\
183 AS2( movq [Y+6*8], mm4)\
184 AS2( pxor mm4, [edx+4*2048+2*8])\
185 AS2( movq mm3, [Y+7*8])\
186 AS2( psubq mm3, mm4)\
187 AS2( movq [Y+7*8], mm3)
189 #if CRYPTOPP_BOOL_X32
190 SSE2_pass(mm0, mm1, mm2, 5, esi)
191 SSE2_key_schedule(esp+8, esi)
192 SSE2_pass(mm2, mm0, mm1, 7, esp+8)
193 SSE2_key_schedule(esp+8, esp+8)
194 SSE2_pass(mm1, mm2, mm0, 9, esp+8)
196 SSE2_pass(mm0, mm1, mm2, 5, esi)
197 SSE2_key_schedule(esp+4, esi)
198 SSE2_pass(mm2, mm0, mm1, 7, esp+4)
199 SSE2_key_schedule(esp+4, esp+4)
200 SSE2_pass(mm1, mm2, mm0, 9, esp+4)
203 AS2( pxor mm0, [eax+0*8])
204 AS2( movq [eax+0*8], mm0)
206 AS2( movq [eax+1*8], mm1)
207 AS2( paddq mm2, [eax+2*8])
208 AS2( movq [eax+2*8], mm2)
217 : "a" (digest), "S" (X), "d" (table)
218 : "%ecx", "%edi", "memory", "cc"
225 word64 a = digest[0];
226 word64 b = digest[1];
227 word64 c = digest[2];
231 #define t2 (table+256)
232 #define t3 (table+256*2)
233 #define t4 (table+256*3)
235 #define round(a,b,c,x,mul) \
237 a -= t1[GETBYTE(c,0)] ^ t2[GETBYTE(c,2)] ^ t3[GETBYTE(c,4)] ^ t4[GETBYTE(c,6)]; \
238 b += t4[GETBYTE(c,1)] ^ t3[GETBYTE(c,3)] ^ t2[GETBYTE(c,5)] ^ t1[GETBYTE(c,7)]; \
241 #define pass(a,b,c,mul,X) {\
245 round(a,b,c,X[i+0],mul); \
246 round(b,c,a,X[i+1],mul); \
249 round(c,a,b,X[i+2],mul); \
253 #define key_schedule(Y,X) \
254 Y[0] = X[0] - (X[7]^W64LIT(0xA5A5A5A5A5A5A5A5)); \
255 Y[1] = X[1] ^ Y[0]; \
256 Y[2] = X[2] + Y[1]; \
257 Y[3] = X[3] - (Y[2] ^ ((~Y[1])<<19)); \
258 Y[4] = X[4] ^ Y[3]; \
259 Y[5] = X[5] + Y[4]; \
260 Y[6] = X[6] - (Y[5] ^ ((~Y[4])>>23)); \
261 Y[7] = X[7] ^ Y[6]; \
263 Y[1] -= Y[0] ^ ((~Y[7])<<19); \
266 Y[4] -= Y[3] ^ ((~Y[2])>>23); \
269 Y[7] -= Y[6] ^ W64LIT(0x0123456789ABCDEF)
277 digest[0] = a ^ digest[0];
278 digest[1] = b - digest[1];
279 digest[2] = c + digest[2];
Utility functions for the Crypto++ library.
Library configuration file.
void CorrectEndianess(HashWordType *out, const HashWordType *in, size_t byteCount)
Adjusts the byte ordering of the hash.
Functions for CPU features and intrinsics.
void Restart()
Restart the hash.
bool HasSSE2()
Determines SSE2 availability.
void TruncatedFinal(byte *hash, size_t size)
Computes the hash of the current message.