189a0ee4cSChunyang Hui /**********************************************************************
289a0ee4cSChunyang Hui Copyright(c) 2011-2016 Intel Corporation All rights reserved.
389a0ee4cSChunyang Hui
489a0ee4cSChunyang Hui Redistribution and use in source and binary forms, with or without
589a0ee4cSChunyang Hui modification, are permitted provided that the following conditions
689a0ee4cSChunyang Hui are met:
789a0ee4cSChunyang Hui * Redistributions of source code must retain the above copyright
889a0ee4cSChunyang Hui notice, this list of conditions and the following disclaimer.
989a0ee4cSChunyang Hui * Redistributions in binary form must reproduce the above copyright
1089a0ee4cSChunyang Hui notice, this list of conditions and the following disclaimer in
1189a0ee4cSChunyang Hui the documentation and/or other materials provided with the
1289a0ee4cSChunyang Hui distribution.
1389a0ee4cSChunyang Hui * Neither the name of Intel Corporation nor the names of its
1489a0ee4cSChunyang Hui contributors may be used to endorse or promote products derived
1589a0ee4cSChunyang Hui from this software without specific prior written permission.
1689a0ee4cSChunyang Hui
1789a0ee4cSChunyang Hui THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
1889a0ee4cSChunyang Hui "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
1989a0ee4cSChunyang Hui LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
2089a0ee4cSChunyang Hui A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
2189a0ee4cSChunyang Hui OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
2289a0ee4cSChunyang Hui SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
2389a0ee4cSChunyang Hui LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
2489a0ee4cSChunyang Hui DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
2589a0ee4cSChunyang Hui THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
2689a0ee4cSChunyang Hui (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
2789a0ee4cSChunyang Hui OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2889a0ee4cSChunyang Hui **********************************************************************/
2989a0ee4cSChunyang Hui
3089a0ee4cSChunyang Hui #include <string.h>
314e73c0e8SPablo de Lara #include "sha512_mb_internal.h"
3289a0ee4cSChunyang Hui #include "memcpy_inline.h"
3392aa5aa4SGreg Tucker #include "endian_helper.h"
3489a0ee4cSChunyang Hui
3589a0ee4cSChunyang Hui #ifdef _MSC_VER
3689a0ee4cSChunyang Hui #include <intrin.h>
3789a0ee4cSChunyang Hui #define inline __inline
3889a0ee4cSChunyang Hui #endif
3989a0ee4cSChunyang Hui
4089a0ee4cSChunyang Hui /* From the FIPS, these are the same as for SHA256, but operating on 64 bit words
4189a0ee4cSChunyang Hui * instead of 32 bit.
4289a0ee4cSChunyang Hui */
4389a0ee4cSChunyang Hui #define ch(e, f, g) ((e & f) ^ (g & ~e))
4489a0ee4cSChunyang Hui #define maj(a, b, c) ((a & b) ^ (a & c) ^ (b & c))
4589a0ee4cSChunyang Hui
4689a0ee4cSChunyang Hui /* Sigma functions have same form as SHA256 but
4789a0ee4cSChunyang Hui * - change the word size to 64bit
4889a0ee4cSChunyang Hui * - change the amount to rotate
4989a0ee4cSChunyang Hui */
5089a0ee4cSChunyang Hui #define ror64(x, r) (((x) >> (r)) ^ ((x) << (64 - (r))))
5189a0ee4cSChunyang Hui
5289a0ee4cSChunyang Hui /* Technically, s0 should be S0 as these are "capital sigma" functions, and likewise the case
5389a0ee4cSChunyang Hui * of the S0 should be s0, but keep as-is to avoid confusion with the other reference functions.
5489a0ee4cSChunyang Hui */
5589a0ee4cSChunyang Hui #define s0(a) (ror64(a, 28) ^ ror64(a, 34) ^ ror64(a, 39))
5689a0ee4cSChunyang Hui #define s1(e) (ror64(e, 14) ^ ror64(e, 18) ^ ror64(e, 41))
5789a0ee4cSChunyang Hui
5889a0ee4cSChunyang Hui #define S0(w) (ror64(w, 1) ^ ror64(w, 8) ^ (w >> 7))
5989a0ee4cSChunyang Hui #define S1(w) (ror64(w, 19) ^ ror64(w, 61) ^ (w >> 6))
6089a0ee4cSChunyang Hui
6189a0ee4cSChunyang Hui #define W(x) w[(x) & 15]
6289a0ee4cSChunyang Hui
6389a0ee4cSChunyang Hui #define step(i, a, b, c, d, e, f, g, h, k) \
643fb7b5f1SMarcel Cornu if (i < 16) \
653fb7b5f1SMarcel Cornu W(i) = to_be64(ww[i]); \
6689a0ee4cSChunyang Hui else \
6789a0ee4cSChunyang Hui W(i) = W(i - 16) + S0(W(i - 15)) + W(i - 7) + S1(W(i - 2)); \
6889a0ee4cSChunyang Hui t2 = s0(a) + maj(a, b, c); \
6989a0ee4cSChunyang Hui t1 = h + s1(e) + ch(e, f, g) + k + W(i); \
7089a0ee4cSChunyang Hui d += t1; \
7189a0ee4cSChunyang Hui h = t1 + t2;
7289a0ee4cSChunyang Hui
733fb7b5f1SMarcel Cornu static void
74*592e639eSPablo de Lara sha512_init(ISAL_SHA512_HASH_CTX *ctx, const void *buffer, uint32_t len);
753fb7b5f1SMarcel Cornu static void
76*592e639eSPablo de Lara sha512_update(ISAL_SHA512_HASH_CTX *ctx, const void *buffer, uint32_t len);
773fb7b5f1SMarcel Cornu static void
78*592e639eSPablo de Lara sha512_final(ISAL_SHA512_HASH_CTX *ctx);
793fb7b5f1SMarcel Cornu static void
803fb7b5f1SMarcel Cornu sha512_single(const void *data, uint64_t digest[]);
813fb7b5f1SMarcel Cornu static inline void
82*592e639eSPablo de Lara hash_init_digest(ISAL_SHA512_WORD_T *digest);
8389a0ee4cSChunyang Hui
843fb7b5f1SMarcel Cornu void
_sha512_ctx_mgr_init_base(ISAL_SHA512_HASH_CTX_MGR * mgr)85*592e639eSPablo de Lara _sha512_ctx_mgr_init_base(ISAL_SHA512_HASH_CTX_MGR *mgr)
8689a0ee4cSChunyang Hui {
8789a0ee4cSChunyang Hui }
8889a0ee4cSChunyang Hui
89*592e639eSPablo de Lara ISAL_SHA512_HASH_CTX *
_sha512_ctx_mgr_submit_base(ISAL_SHA512_HASH_CTX_MGR * mgr,ISAL_SHA512_HASH_CTX * ctx,const void * buffer,uint32_t len,ISAL_HASH_CTX_FLAG flags)90*592e639eSPablo de Lara _sha512_ctx_mgr_submit_base(ISAL_SHA512_HASH_CTX_MGR *mgr, ISAL_SHA512_HASH_CTX *ctx,
91*592e639eSPablo de Lara const void *buffer, uint32_t len, ISAL_HASH_CTX_FLAG flags)
9289a0ee4cSChunyang Hui {
938cb7fe78SPablo de Lara if (flags & (~ISAL_HASH_ENTIRE)) {
9489a0ee4cSChunyang Hui // User should not pass anything other than FIRST, UPDATE, or LAST
958cb7fe78SPablo de Lara ctx->error = ISAL_HASH_CTX_ERROR_INVALID_FLAGS;
96093c179eSJerry Yu return ctx;
9789a0ee4cSChunyang Hui }
9889a0ee4cSChunyang Hui
998cb7fe78SPablo de Lara if ((ctx->status & ISAL_HASH_CTX_STS_PROCESSING) && (flags == ISAL_HASH_ENTIRE)) {
10089a0ee4cSChunyang Hui // Cannot submit a new entire job to a currently processing job.
1018cb7fe78SPablo de Lara ctx->error = ISAL_HASH_CTX_ERROR_ALREADY_PROCESSING;
102093c179eSJerry Yu return ctx;
10389a0ee4cSChunyang Hui }
10489a0ee4cSChunyang Hui
1058cb7fe78SPablo de Lara if ((ctx->status & ISAL_HASH_CTX_STS_COMPLETE) && !(flags & ISAL_HASH_FIRST)) {
10689a0ee4cSChunyang Hui // Cannot update a finished job.
1078cb7fe78SPablo de Lara ctx->error = ISAL_HASH_CTX_ERROR_ALREADY_COMPLETED;
108093c179eSJerry Yu return ctx;
10989a0ee4cSChunyang Hui }
11089a0ee4cSChunyang Hui
1118cb7fe78SPablo de Lara if (flags == ISAL_HASH_FIRST) {
11289a0ee4cSChunyang Hui
11389a0ee4cSChunyang Hui sha512_init(ctx, buffer, len);
11489a0ee4cSChunyang Hui sha512_update(ctx, buffer, len);
11589a0ee4cSChunyang Hui }
11689a0ee4cSChunyang Hui
1178cb7fe78SPablo de Lara if (flags == ISAL_HASH_UPDATE) {
11889a0ee4cSChunyang Hui sha512_update(ctx, buffer, len);
11989a0ee4cSChunyang Hui }
12089a0ee4cSChunyang Hui
1218cb7fe78SPablo de Lara if (flags == ISAL_HASH_LAST) {
1227df6a1ebSChunsong Feng sha512_update(ctx, buffer, len);
1237df6a1ebSChunsong Feng sha512_final(ctx);
12489a0ee4cSChunyang Hui }
12589a0ee4cSChunyang Hui
1268cb7fe78SPablo de Lara if (flags == ISAL_HASH_ENTIRE) {
12789a0ee4cSChunyang Hui sha512_init(ctx, buffer, len);
1287df6a1ebSChunsong Feng sha512_update(ctx, buffer, len);
1297df6a1ebSChunsong Feng sha512_final(ctx);
13089a0ee4cSChunyang Hui }
13189a0ee4cSChunyang Hui
13289a0ee4cSChunyang Hui return ctx;
13389a0ee4cSChunyang Hui }
13489a0ee4cSChunyang Hui
135*592e639eSPablo de Lara ISAL_SHA512_HASH_CTX *
_sha512_ctx_mgr_flush_base(ISAL_SHA512_HASH_CTX_MGR * mgr)136*592e639eSPablo de Lara _sha512_ctx_mgr_flush_base(ISAL_SHA512_HASH_CTX_MGR *mgr)
13789a0ee4cSChunyang Hui {
13889a0ee4cSChunyang Hui return NULL;
13989a0ee4cSChunyang Hui }
14089a0ee4cSChunyang Hui
1413fb7b5f1SMarcel Cornu static void
sha512_init(ISAL_SHA512_HASH_CTX * ctx,const void * buffer,uint32_t len)142*592e639eSPablo de Lara sha512_init(ISAL_SHA512_HASH_CTX *ctx, const void *buffer, uint32_t len)
14389a0ee4cSChunyang Hui {
14489a0ee4cSChunyang Hui // Init digest
14589a0ee4cSChunyang Hui hash_init_digest(ctx->job.result_digest);
14689a0ee4cSChunyang Hui
14789a0ee4cSChunyang Hui // Reset byte counter
14889a0ee4cSChunyang Hui ctx->total_length = 0;
14989a0ee4cSChunyang Hui
15089a0ee4cSChunyang Hui // Clear extra blocks
15189a0ee4cSChunyang Hui ctx->partial_block_buffer_length = 0;
15289a0ee4cSChunyang Hui
15389a0ee4cSChunyang Hui // If we made it here, there were no errors during this call to submit
1548cb7fe78SPablo de Lara ctx->error = ISAL_HASH_CTX_ERROR_NONE;
15589a0ee4cSChunyang Hui
15689a0ee4cSChunyang Hui // Mark it as processing
1578cb7fe78SPablo de Lara ctx->status = ISAL_HASH_CTX_STS_PROCESSING;
15889a0ee4cSChunyang Hui }
15989a0ee4cSChunyang Hui
1603fb7b5f1SMarcel Cornu static void
sha512_update(ISAL_SHA512_HASH_CTX * ctx,const void * buffer,uint32_t len)161*592e639eSPablo de Lara sha512_update(ISAL_SHA512_HASH_CTX *ctx, const void *buffer, uint32_t len)
16289a0ee4cSChunyang Hui {
16389a0ee4cSChunyang Hui uint32_t remain_len = len;
16489a0ee4cSChunyang Hui uint64_t *digest = ctx->job.result_digest;
16589a0ee4cSChunyang Hui
1667df6a1ebSChunsong Feng // Advance byte counter
1677df6a1ebSChunsong Feng ctx->total_length += len;
1687df6a1ebSChunsong Feng
1693fb7b5f1SMarcel Cornu // If there is anything currently buffered in the extra blocks, append to it until it
1703fb7b5f1SMarcel Cornu // contains a whole block. Or if the user's buffer contains less than a whole block, append
1713fb7b5f1SMarcel Cornu // as much as possible to the extra block.
172*592e639eSPablo de Lara if ((ctx->partial_block_buffer_length) | (remain_len < ISAL_SHA512_BLOCK_SIZE)) {
1737df6a1ebSChunsong Feng // Compute how many bytes to copy from user buffer into extra block
174*592e639eSPablo de Lara uint32_t copy_len = ISAL_SHA512_BLOCK_SIZE - ctx->partial_block_buffer_length;
1757df6a1ebSChunsong Feng if (remain_len < copy_len) {
1767df6a1ebSChunsong Feng copy_len = remain_len;
1777df6a1ebSChunsong Feng }
1787df6a1ebSChunsong Feng
1797df6a1ebSChunsong Feng if (copy_len) {
1807df6a1ebSChunsong Feng // Copy and update relevant pointers and counters
1813fb7b5f1SMarcel Cornu memcpy(&ctx->partial_block_buffer[ctx->partial_block_buffer_length], buffer,
1823fb7b5f1SMarcel Cornu copy_len);
1837df6a1ebSChunsong Feng
1847df6a1ebSChunsong Feng ctx->partial_block_buffer_length += copy_len;
1857df6a1ebSChunsong Feng remain_len -= copy_len;
1867df6a1ebSChunsong Feng buffer = (void *) ((uint8_t *) buffer + copy_len);
1877df6a1ebSChunsong Feng }
1887df6a1ebSChunsong Feng // The extra block should never contain more than 1 block here
189*592e639eSPablo de Lara assert(ctx->partial_block_buffer_length <= ISAL_SHA512_BLOCK_SIZE);
1907df6a1ebSChunsong Feng
1917df6a1ebSChunsong Feng // If the extra block buffer contains exactly 1 block, it can be hashed.
192*592e639eSPablo de Lara if (ctx->partial_block_buffer_length >= ISAL_SHA512_BLOCK_SIZE) {
1937df6a1ebSChunsong Feng ctx->partial_block_buffer_length = 0;
1947df6a1ebSChunsong Feng sha512_single(ctx->partial_block_buffer, digest);
1957df6a1ebSChunsong Feng }
1967df6a1ebSChunsong Feng }
1977df6a1ebSChunsong Feng // If the extra blocks are empty, begin hashing what remains in the user's buffer.
1987df6a1ebSChunsong Feng if (ctx->partial_block_buffer_length == 0) {
199*592e639eSPablo de Lara while (remain_len >= ISAL_SHA512_BLOCK_SIZE) {
20089a0ee4cSChunyang Hui sha512_single(buffer, digest);
201*592e639eSPablo de Lara buffer = (void *) ((uint8_t *) buffer + ISAL_SHA512_BLOCK_SIZE);
202*592e639eSPablo de Lara remain_len -= ISAL_SHA512_BLOCK_SIZE;
20389a0ee4cSChunyang Hui }
2047df6a1ebSChunsong Feng }
2057df6a1ebSChunsong Feng
2067df6a1ebSChunsong Feng if (remain_len > 0) {
2077df6a1ebSChunsong Feng memcpy(&ctx->partial_block_buffer, buffer, remain_len);
2087df6a1ebSChunsong Feng ctx->partial_block_buffer_length = remain_len;
2097df6a1ebSChunsong Feng }
2107df6a1ebSChunsong Feng
2118cb7fe78SPablo de Lara ctx->status = ISAL_HASH_CTX_STS_IDLE;
2127df6a1ebSChunsong Feng return;
2137df6a1ebSChunsong Feng }
2147df6a1ebSChunsong Feng
2153fb7b5f1SMarcel Cornu static void
sha512_final(ISAL_SHA512_HASH_CTX * ctx)216*592e639eSPablo de Lara sha512_final(ISAL_SHA512_HASH_CTX *ctx)
21789a0ee4cSChunyang Hui {
2187df6a1ebSChunsong Feng const void *buffer = ctx->partial_block_buffer;
2197df6a1ebSChunsong Feng uint32_t i = ctx->partial_block_buffer_length;
220*592e639eSPablo de Lara uint8_t buf[2 * ISAL_SHA512_BLOCK_SIZE];
22189a0ee4cSChunyang Hui uint64_t *digest = ctx->job.result_digest;
22289a0ee4cSChunyang Hui
22389a0ee4cSChunyang Hui memcpy(buf, buffer, i);
22489a0ee4cSChunyang Hui buf[i++] = 0x80;
225*592e639eSPablo de Lara for (uint32_t j = i; j < (2 * ISAL_SHA512_BLOCK_SIZE); j++) {
22689a0ee4cSChunyang Hui buf[j] = 0;
2277df6a1ebSChunsong Feng }
22889a0ee4cSChunyang Hui
229*592e639eSPablo de Lara if (i > ISAL_SHA512_BLOCK_SIZE - ISAL_SHA512_PADLENGTHFIELD_SIZE) {
230*592e639eSPablo de Lara i = 2 * ISAL_SHA512_BLOCK_SIZE;
2317df6a1ebSChunsong Feng } else {
232*592e639eSPablo de Lara i = ISAL_SHA512_BLOCK_SIZE;
2337df6a1ebSChunsong Feng }
23489a0ee4cSChunyang Hui
235e3f7d4fbSUlrich Weigand *(uint64_t *) (buf + i - 8) = to_be64((uint64_t) ctx->total_length * 8);
23689a0ee4cSChunyang Hui
23789a0ee4cSChunyang Hui sha512_single(buf, digest);
238*592e639eSPablo de Lara if (i == 2 * ISAL_SHA512_BLOCK_SIZE) {
239*592e639eSPablo de Lara sha512_single(buf + ISAL_SHA512_BLOCK_SIZE, digest);
24089a0ee4cSChunyang Hui }
24189a0ee4cSChunyang Hui
2428cb7fe78SPablo de Lara ctx->status = ISAL_HASH_CTX_STS_COMPLETE;
24389a0ee4cSChunyang Hui }
24489a0ee4cSChunyang Hui
2453fb7b5f1SMarcel Cornu void
sha512_single(const void * data,uint64_t digest[])2463fb7b5f1SMarcel Cornu sha512_single(const void *data, uint64_t digest[])
24789a0ee4cSChunyang Hui {
24889a0ee4cSChunyang Hui /* Check these are all uint64_t */
24989a0ee4cSChunyang Hui uint64_t a, b, c, d, e, f, g, h, t1, t2;
25089a0ee4cSChunyang Hui uint64_t w[16];
25189a0ee4cSChunyang Hui uint64_t *ww = (uint64_t *) data;
25289a0ee4cSChunyang Hui
25389a0ee4cSChunyang Hui a = digest[0];
25489a0ee4cSChunyang Hui b = digest[1];
25589a0ee4cSChunyang Hui c = digest[2];
25689a0ee4cSChunyang Hui d = digest[3];
25789a0ee4cSChunyang Hui e = digest[4];
25889a0ee4cSChunyang Hui f = digest[5];
25989a0ee4cSChunyang Hui g = digest[6];
26089a0ee4cSChunyang Hui h = digest[7];
26189a0ee4cSChunyang Hui
26289a0ee4cSChunyang Hui step(0, a, b, c, d, e, f, g, h, 0x428a2f98d728ae22);
26389a0ee4cSChunyang Hui step(1, h, a, b, c, d, e, f, g, 0x7137449123ef65cd);
26489a0ee4cSChunyang Hui step(2, g, h, a, b, c, d, e, f, 0xb5c0fbcfec4d3b2f);
26589a0ee4cSChunyang Hui step(3, f, g, h, a, b, c, d, e, 0xe9b5dba58189dbbc);
26689a0ee4cSChunyang Hui step(4, e, f, g, h, a, b, c, d, 0x3956c25bf348b538);
26789a0ee4cSChunyang Hui step(5, d, e, f, g, h, a, b, c, 0x59f111f1b605d019);
26889a0ee4cSChunyang Hui step(6, c, d, e, f, g, h, a, b, 0x923f82a4af194f9b);
26989a0ee4cSChunyang Hui step(7, b, c, d, e, f, g, h, a, 0xab1c5ed5da6d8118);
27089a0ee4cSChunyang Hui step(8, a, b, c, d, e, f, g, h, 0xd807aa98a3030242);
27189a0ee4cSChunyang Hui step(9, h, a, b, c, d, e, f, g, 0x12835b0145706fbe);
27289a0ee4cSChunyang Hui step(10, g, h, a, b, c, d, e, f, 0x243185be4ee4b28c);
27389a0ee4cSChunyang Hui step(11, f, g, h, a, b, c, d, e, 0x550c7dc3d5ffb4e2);
27489a0ee4cSChunyang Hui step(12, e, f, g, h, a, b, c, d, 0x72be5d74f27b896f);
27589a0ee4cSChunyang Hui step(13, d, e, f, g, h, a, b, c, 0x80deb1fe3b1696b1);
27689a0ee4cSChunyang Hui step(14, c, d, e, f, g, h, a, b, 0x9bdc06a725c71235);
27789a0ee4cSChunyang Hui step(15, b, c, d, e, f, g, h, a, 0xc19bf174cf692694);
27889a0ee4cSChunyang Hui step(16, a, b, c, d, e, f, g, h, 0xe49b69c19ef14ad2);
27989a0ee4cSChunyang Hui step(17, h, a, b, c, d, e, f, g, 0xefbe4786384f25e3);
28089a0ee4cSChunyang Hui step(18, g, h, a, b, c, d, e, f, 0x0fc19dc68b8cd5b5);
28189a0ee4cSChunyang Hui step(19, f, g, h, a, b, c, d, e, 0x240ca1cc77ac9c65);
28289a0ee4cSChunyang Hui step(20, e, f, g, h, a, b, c, d, 0x2de92c6f592b0275);
28389a0ee4cSChunyang Hui step(21, d, e, f, g, h, a, b, c, 0x4a7484aa6ea6e483);
28489a0ee4cSChunyang Hui step(22, c, d, e, f, g, h, a, b, 0x5cb0a9dcbd41fbd4);
28589a0ee4cSChunyang Hui step(23, b, c, d, e, f, g, h, a, 0x76f988da831153b5);
28689a0ee4cSChunyang Hui step(24, a, b, c, d, e, f, g, h, 0x983e5152ee66dfab);
28789a0ee4cSChunyang Hui step(25, h, a, b, c, d, e, f, g, 0xa831c66d2db43210);
28889a0ee4cSChunyang Hui step(26, g, h, a, b, c, d, e, f, 0xb00327c898fb213f);
28989a0ee4cSChunyang Hui step(27, f, g, h, a, b, c, d, e, 0xbf597fc7beef0ee4);
29089a0ee4cSChunyang Hui step(28, e, f, g, h, a, b, c, d, 0xc6e00bf33da88fc2);
29189a0ee4cSChunyang Hui step(29, d, e, f, g, h, a, b, c, 0xd5a79147930aa725);
29289a0ee4cSChunyang Hui step(30, c, d, e, f, g, h, a, b, 0x06ca6351e003826f);
29389a0ee4cSChunyang Hui step(31, b, c, d, e, f, g, h, a, 0x142929670a0e6e70);
29489a0ee4cSChunyang Hui step(32, a, b, c, d, e, f, g, h, 0x27b70a8546d22ffc);
29589a0ee4cSChunyang Hui step(33, h, a, b, c, d, e, f, g, 0x2e1b21385c26c926);
29689a0ee4cSChunyang Hui step(34, g, h, a, b, c, d, e, f, 0x4d2c6dfc5ac42aed);
29789a0ee4cSChunyang Hui step(35, f, g, h, a, b, c, d, e, 0x53380d139d95b3df);
29889a0ee4cSChunyang Hui step(36, e, f, g, h, a, b, c, d, 0x650a73548baf63de);
29989a0ee4cSChunyang Hui step(37, d, e, f, g, h, a, b, c, 0x766a0abb3c77b2a8);
30089a0ee4cSChunyang Hui step(38, c, d, e, f, g, h, a, b, 0x81c2c92e47edaee6);
30189a0ee4cSChunyang Hui step(39, b, c, d, e, f, g, h, a, 0x92722c851482353b);
30289a0ee4cSChunyang Hui step(40, a, b, c, d, e, f, g, h, 0xa2bfe8a14cf10364);
30389a0ee4cSChunyang Hui step(41, h, a, b, c, d, e, f, g, 0xa81a664bbc423001);
30489a0ee4cSChunyang Hui step(42, g, h, a, b, c, d, e, f, 0xc24b8b70d0f89791);
30589a0ee4cSChunyang Hui step(43, f, g, h, a, b, c, d, e, 0xc76c51a30654be30);
30689a0ee4cSChunyang Hui step(44, e, f, g, h, a, b, c, d, 0xd192e819d6ef5218);
30789a0ee4cSChunyang Hui step(45, d, e, f, g, h, a, b, c, 0xd69906245565a910);
30889a0ee4cSChunyang Hui step(46, c, d, e, f, g, h, a, b, 0xf40e35855771202a);
30989a0ee4cSChunyang Hui step(47, b, c, d, e, f, g, h, a, 0x106aa07032bbd1b8);
31089a0ee4cSChunyang Hui step(48, a, b, c, d, e, f, g, h, 0x19a4c116b8d2d0c8);
31189a0ee4cSChunyang Hui step(49, h, a, b, c, d, e, f, g, 0x1e376c085141ab53);
31289a0ee4cSChunyang Hui step(50, g, h, a, b, c, d, e, f, 0x2748774cdf8eeb99);
31389a0ee4cSChunyang Hui step(51, f, g, h, a, b, c, d, e, 0x34b0bcb5e19b48a8);
31489a0ee4cSChunyang Hui step(52, e, f, g, h, a, b, c, d, 0x391c0cb3c5c95a63);
31589a0ee4cSChunyang Hui step(53, d, e, f, g, h, a, b, c, 0x4ed8aa4ae3418acb);
31689a0ee4cSChunyang Hui step(54, c, d, e, f, g, h, a, b, 0x5b9cca4f7763e373);
31789a0ee4cSChunyang Hui step(55, b, c, d, e, f, g, h, a, 0x682e6ff3d6b2b8a3);
31889a0ee4cSChunyang Hui step(56, a, b, c, d, e, f, g, h, 0x748f82ee5defb2fc);
31989a0ee4cSChunyang Hui step(57, h, a, b, c, d, e, f, g, 0x78a5636f43172f60);
32089a0ee4cSChunyang Hui step(58, g, h, a, b, c, d, e, f, 0x84c87814a1f0ab72);
32189a0ee4cSChunyang Hui step(59, f, g, h, a, b, c, d, e, 0x8cc702081a6439ec);
32289a0ee4cSChunyang Hui step(60, e, f, g, h, a, b, c, d, 0x90befffa23631e28);
32389a0ee4cSChunyang Hui step(61, d, e, f, g, h, a, b, c, 0xa4506cebde82bde9);
32489a0ee4cSChunyang Hui step(62, c, d, e, f, g, h, a, b, 0xbef9a3f7b2c67915);
32589a0ee4cSChunyang Hui step(63, b, c, d, e, f, g, h, a, 0xc67178f2e372532b); // step 63
32689a0ee4cSChunyang Hui step(64, a, b, c, d, e, f, g, h, 0xca273eceea26619c);
32789a0ee4cSChunyang Hui step(65, h, a, b, c, d, e, f, g, 0xd186b8c721c0c207);
32889a0ee4cSChunyang Hui step(66, g, h, a, b, c, d, e, f, 0xeada7dd6cde0eb1e);
32989a0ee4cSChunyang Hui step(67, f, g, h, a, b, c, d, e, 0xf57d4f7fee6ed178);
33089a0ee4cSChunyang Hui step(68, e, f, g, h, a, b, c, d, 0x06f067aa72176fba);
33189a0ee4cSChunyang Hui step(69, d, e, f, g, h, a, b, c, 0x0a637dc5a2c898a6);
33289a0ee4cSChunyang Hui step(70, c, d, e, f, g, h, a, b, 0x113f9804bef90dae);
33389a0ee4cSChunyang Hui step(71, b, c, d, e, f, g, h, a, 0x1b710b35131c471b);
33489a0ee4cSChunyang Hui step(72, a, b, c, d, e, f, g, h, 0x28db77f523047d84);
33589a0ee4cSChunyang Hui step(73, h, a, b, c, d, e, f, g, 0x32caab7b40c72493);
33689a0ee4cSChunyang Hui step(74, g, h, a, b, c, d, e, f, 0x3c9ebe0a15c9bebc);
33789a0ee4cSChunyang Hui step(75, f, g, h, a, b, c, d, e, 0x431d67c49c100d4c);
33889a0ee4cSChunyang Hui step(76, e, f, g, h, a, b, c, d, 0x4cc5d4becb3e42b6);
33989a0ee4cSChunyang Hui step(77, d, e, f, g, h, a, b, c, 0x597f299cfc657e2a);
34089a0ee4cSChunyang Hui step(78, c, d, e, f, g, h, a, b, 0x5fcb6fab3ad6faec);
34189a0ee4cSChunyang Hui step(79, b, c, d, e, f, g, h, a, 0x6c44198c4a475817); // step 79
34289a0ee4cSChunyang Hui
34389a0ee4cSChunyang Hui digest[0] += a;
34489a0ee4cSChunyang Hui digest[1] += b;
34589a0ee4cSChunyang Hui digest[2] += c;
34689a0ee4cSChunyang Hui digest[3] += d;
34789a0ee4cSChunyang Hui digest[4] += e;
34889a0ee4cSChunyang Hui digest[5] += f;
34989a0ee4cSChunyang Hui digest[6] += g;
35089a0ee4cSChunyang Hui digest[7] += h;
35189a0ee4cSChunyang Hui }
35289a0ee4cSChunyang Hui
3533fb7b5f1SMarcel Cornu static inline void
hash_init_digest(ISAL_SHA512_WORD_T * digest)354*592e639eSPablo de Lara hash_init_digest(ISAL_SHA512_WORD_T *digest)
35589a0ee4cSChunyang Hui {
356*592e639eSPablo de Lara static const ISAL_SHA512_WORD_T hash_initial_digest[ISAL_SHA512_DIGEST_NWORDS] = {
357*592e639eSPablo de Lara ISAL_SHA512_INITIAL_DIGEST
3583fb7b5f1SMarcel Cornu };
35989a0ee4cSChunyang Hui memcpy_fixedlen(digest, hash_initial_digest, sizeof(hash_initial_digest));
36089a0ee4cSChunyang Hui }
36189a0ee4cSChunyang Hui
36289a0ee4cSChunyang Hui struct slver {
36389a0ee4cSChunyang Hui uint16_t snum;
36489a0ee4cSChunyang Hui uint8_t ver;
36589a0ee4cSChunyang Hui uint8_t core;
36689a0ee4cSChunyang Hui };
36789a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_init_base_slver_000002f3;
36889a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_init_base_slver = { 0x02f3, 0x00, 0x00 };
36989a0ee4cSChunyang Hui
37089a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_submit_base_slver_000002f4;
37189a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_submit_base_slver = { 0x02f4, 0x00, 0x00 };
37289a0ee4cSChunyang Hui
37389a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_flush_base_slver_000002f5;
37489a0ee4cSChunyang Hui struct slver sha512_ctx_mgr_flush_base_slver = { 0x02f5, 0x00, 0x00 };
375