BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /programs/ @ 9215

  → /programs/ @ 9216

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

No changes between revisions

Regard whitespace Rev 9215 → Rev 9216

/programs/develop/libraries/libcrash/trunk/md4.asm
File deleted

/programs/develop/libraries/libcrash/trunk/md5.asm
File deleted

/programs/develop/libraries/libcrash/trunk/libcrash.asm
File deleted

/programs/develop/libraries/libcrash/trunk/Tupfile.lua
File deleted

/programs/develop/libraries/libcrash/trunk/crc32.asm
File deleted

/programs/develop/libraries/libcrash/trunk/sha1.asm
File deleted

/programs/develop/libraries/libcrash/trunk/sha3.asm
File deleted

/programs/develop/libraries/libcrash/trunk/sha224_256.asm
File deleted

/programs/develop/libraries/libcrash/trunk/libcrash.inc
File deleted

/programs/develop/libraries/libcrash/trunk/crashtest.asm
File deleted

/programs/develop/libraries/libcrash/trunk/sha384_512.asm
File deleted

/programs/develop/libraries/libcrash/trunk
Property changes:
Deleted: svn:ignore
-libcrash.obj

/programs/develop/libraries/libcrash/Tupfile.lua
0,0 → 1,6
if tup.getconfig("NO_FASM") ~= "" then return end
HELPERDIR = (tup.getconfig("HELPERDIR") == "") and "../../.." or tup.getconfig("HELPERDIR")
tup.include(HELPERDIR .. "/use_fasm.lua")
tup.rule("libcrash.asm", FASM .. " %f %o " .. tup.getconfig("KPACK_CMD"), "libcrash.obj")
tup.rule("crashtest.asm", FASM .. " %f %o " .. tup.getconfig("KPACK_CMD"), "crashtest")

/programs/develop/libraries/libcrash/cipher/aes.asm
0,0 → 1,1643
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2016> Jeffrey Amelynck
; Copyright (C) <2016,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
AES_MAX_ROUNDS = 14 ; 128/10, 192/12, 256/14
AES_BLOCK_SIZE = 16
AES_ALIGN = 16
AES_ALIGN_MASK = AES_ALIGN - 1
struct ctx_aes
state rd 64
key rd 4*(14+1)
rounds dd ?
ends
proc aes._.init _key, _flags
test [_flags], LIBCRASH_CIPHER_DECRYPT
jnz .decrypt_key
; encrypt key
stdcall aes_set_encrypt_key, ebx, [_key]
jmp .key_done
.decrypt_key:
stdcall aes_set_decrypt_key, ebx, [_key]
.key_done:
ret
endp
proc aes256.init uses ebx esi edi, _ctx, _key, _flags
mov ebx, [_ctx]
mov [ebx+ctx_aes.rounds], 14
stdcall aes._.init, [_key], [_flags]
ret
endp
proc aes_set_encrypt_key uses ebx esi edi, _ctx, _userkey
locals
i dd ?
endl
mov [i], 0
mov ebx, [_ctx]
mov esi, [_userkey]
lea edi, [ebx+ctx_aes.key]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lea esi, [ebx+ctx_aes.key]
.while:
mov ebx, [esi+4*7]
mov ecx, [esi+4*0]
mov eax, ebx
shr eax, 16
movzx eax, al
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, ebx
shr eax, 8
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, ebx
shr eax, 0
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, ebx
shr eax, 24
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov eax, [i]
xor ecx, [rcon+4*eax]
mov [esi+4*8], ecx
xor ecx, [esi+4*1]
mov [esi+4*9], ecx
xor ecx, [esi+4*2]
mov [esi+4*10], ecx
xor ecx, [esi+4*3]
mov [esi+4*11], ecx
inc [i]
cmp [i], 7
jz .done
mov ebx, [esi+4*11]
mov ecx, [esi+4*4]
mov eax, ebx
shr eax, 24
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, ebx
shr eax, 16
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, ebx
shr eax, 8
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, ebx
shr eax, 0
movzx eax, al
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi+4*12], ecx
xor ecx, [esi+4*5]
mov [esi+4*13], ecx
xor ecx, [esi+4*6]
mov [esi+4*14], ecx
xor ecx, [esi+4*7]
mov [esi+4*15], ecx
add esi, 4*8
jmp .while
.done:
xor eax, eax
ret
endp
proc aes_set_decrypt_key uses ebx esi edi, _ctx, _bits, _userkey
stdcall aes_set_encrypt_key, [_ctx], [_bits], [_userkey]
test eax, eax
jnz .error
; Invert the order of the round keys
mov ebx, [_ctx]
lea esi, [ebx+ctx_aes.key]
mov edi, [ebx+ctx_aes.rounds]
shl edi, 4
add edi, esi
@@:
mov eax, [esi+0]
mov ebx, [edi+0]
mov [esi+0], ebx
mov [edi+0], eax
mov eax, [esi+4]
mov ebx, [edi+4]
mov [esi+4], ebx
mov [edi+4], eax
mov eax, [esi+8]
mov ebx, [edi+8]
mov [esi+8], ebx
mov [edi+8], eax
mov eax, [esi+12]
mov ebx, [edi+12]
mov [esi+12], ebx
mov [edi+12], eax
add esi, 4*4
sub edi, 4*4
cmp esi, edi
jb @r
; Apply the inverse MixColumn transform to all round keys but the first and the last
mov ebx, [_ctx]
mov ecx, [ebx+ctx_aes.rounds]
dec ecx
shl ecx, 2
lea edi, [ebx+ctx_aes.key+16]
.inverse:
mov eax, [edi]
shr eax, 24
mov eax, [Te1+4*eax]
movzx eax, al
mov ebx, [Td0+4*eax]
mov eax, [edi]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
movzx eax, al
mov eax, [Td1+4*eax]
xor ebx, eax
mov eax, [edi]
shr eax, 8
movzx eax, al
mov eax, [Te1+4*eax]
movzx eax, al
mov eax, [Td2+4*eax]
xor ebx, eax
mov eax, [edi]
movzx eax, al
mov eax, [Te1+4*eax]
movzx eax, al
mov eax, [Td3+4*eax]
xor eax, ebx
stosd
dec ecx
jnz .inverse
xor eax, eax
.error:
ret
endp
aes256.encrypt = aes.encrypt
proc aes.encrypt uses ebx esi edi, _ctx, _in, _out
locals
s rd 4
t rd 4
r dd ?
endl
mov ebx, [_ctx]
mov esi, [_in]
lea edi, [s]
mov eax, [esi+4*0]
bswap eax
xor eax, [ebx+ctx_aes.key+4*0]
mov [edi+4*0], eax
mov eax, [esi+4*1]
bswap eax
xor eax, [ebx+ctx_aes.key+4*1]
mov [edi+4*1], eax
mov eax, [esi+ 4*2]
bswap eax
xor eax, [ebx+ctx_aes.key+4*2]
mov [edi+4*2], eax
mov eax, [esi+4*3]
bswap eax
xor eax, [ebx+ctx_aes.key+4*3]
mov [edi+4*3], eax
mov eax, [ebx+ctx_aes.rounds]
shr eax, 1
mov [r], eax
.for:
lea esi, [s]
lea edi, [t]
mov ecx, [ebx+ctx_aes.key+4*4]
mov eax, [esi+4*0]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [edi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*5]
mov eax, [esi+4*1]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [edi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*6]
mov eax, [esi+4*2]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [edi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*7]
mov eax, [esi+4*3]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [edi+4*3], ecx
add ebx, 4*8
dec [r]
jz .end_for
mov ecx, [ebx+ctx_aes.key+4*0]
mov eax, [edi+4*0]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [esi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*1]
mov eax, [edi+4*1]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [esi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*2]
mov eax, [edi+4*2]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [esi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*3]
mov eax, [edi+4*3]
shr eax, 24
mov eax, [Te0+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 16
movzx eax, al
mov eax, [Te1+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 8
movzx eax, al
mov eax, [Te2+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
movzx eax, al
mov eax, [Te3+4*eax]
xor ecx, eax
mov [esi+4*3], ecx
jmp .for
.end_for:
mov ecx, [ebx+ctx_aes.key+4*0]
mov eax, [edi+4*0]
shr eax, 24
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 16
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 8
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi+4*3]
movzx eax, al
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*1]
mov eax, [edi+4*1]
shr eax, 24
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 16
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 8
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi+4*0]
movzx eax, al
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*2]
mov eax, [edi+4*2]
shr eax, 24
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 16
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 8
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi+4*1]
movzx eax, al
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*3]
mov eax, [edi+4*3]
shr eax, 24
mov eax, [Te2+4*eax]
and eax, 0xff000000
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 16
movzx eax, al
mov eax, [Te3+4*eax]
and eax, 0x00ff0000
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 8
movzx eax, al
mov eax, [Te0+4*eax]
and eax, 0x0000ff00
xor ecx, eax
mov eax, [edi+4*2]
movzx eax, al
mov eax, [Te1+4*eax]
and eax, 0x000000ff
xor ecx, eax
mov [esi+4*3], ecx
mov edi, [_out]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
ret
endp
aes256.decrypt = aes.decrypt
proc aes.decrypt uses ebx esi edi, _key, _in, _out
locals
s rd 4
t rd 4
r dd ?
endl
mov ebx, [_key]
mov esi, [_in]
lea edi, [s]
mov eax, [esi+4*0]
bswap eax
xor eax, [ebx+ctx_aes.key+4*0]
mov [edi+4*0], eax
mov eax, [esi+4*1]
bswap eax
xor eax, [ebx+ctx_aes.key+4*1]
mov [edi+4*1], eax
mov eax, [esi+4*2]
bswap eax
xor eax, [ebx+ctx_aes.key+4*2]
mov [edi+4*2], eax
mov eax, [esi+4*3]
bswap eax
xor eax, [ebx+ctx_aes.key+4*3]
mov [edi+4*3], eax
mov eax, [ebx+ctx_aes.rounds]
shr eax, 1
mov [r], eax
.for:
lea esi, [s]
lea edi, [t]
mov ecx, [ebx+ctx_aes.key+4*4]
mov eax, [esi+4*0]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [edi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*5]
mov eax, [esi+4*1]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [edi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*6]
mov eax, [esi+4*2]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [esi+4*3]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [edi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*7]
mov eax, [esi+4*3]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [esi+4*2]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [esi+4*1]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [esi+4*0]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [edi+4*3], ecx
add ebx, 4*8
dec [r]
jz .end_for
mov ecx, [ebx+ctx_aes.key+4*0]
mov eax, [edi+4*0]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [esi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*1]
mov eax, [edi+4*1]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [esi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*2]
mov eax, [edi+4*2]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [edi+4*3]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [esi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*3]
mov eax, [edi+4*3]
shr eax, 24
mov eax, [Td0+4*eax]
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 16
movzx eax, al
mov eax, [Td1+4*eax]
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 8
movzx eax, al
mov eax, [Td2+4*eax]
xor ecx, eax
mov eax, [edi+4*0]
movzx eax, al
mov eax, [Td3+4*eax]
xor ecx, eax
mov [esi+4*3], ecx
jmp .for
.end_for:
; Apply last round
mov ecx, [ebx+ctx_aes.key+4*0]
mov eax, [edi+4*0]
shr eax, 24
movzx eax, [Td4+eax]
shl eax, 24
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 16
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 16
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 8
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 8
xor ecx, eax
mov eax, [edi+4*1]
movzx eax, al
movzx eax, [Td4+eax]
xor ecx, eax
mov [esi+4*0], ecx
mov ecx, [ebx+ctx_aes.key+4*1]
mov eax, [edi+4*1]
shr eax, 24
movzx eax, [Td4+eax]
shl eax, 24
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 16
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 16
xor ecx, eax
mov eax, [edi+4*3]
shr eax, 8
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 8
xor ecx, eax
mov eax, [edi+4*2]
movzx eax, al
movzx eax, [Td4+eax]
xor ecx, eax
mov [esi+4*1], ecx
mov ecx, [ebx+ctx_aes.key+4*2]
mov eax, [edi+4*2]
shr eax, 24
movzx eax, [Td4+eax]
shl eax, 24
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 16
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 16
xor ecx, eax
mov eax, [edi+4*0]
shr eax, 8
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 8
xor ecx, eax
mov eax, [edi+4*3]
movzx eax, al
movzx eax, [Td4+eax]
xor ecx, eax
mov [esi+4*2], ecx
mov ecx, [ebx+ctx_aes.key+4*3]
mov eax, [edi+4*3]
shr eax, 24
movzx eax, [Td4+eax]
shl eax, 24
xor ecx, eax
mov eax, [edi+4*2]
shr eax, 16
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 16
xor ecx, eax
mov eax, [edi+4*1]
shr eax, 8
movzx eax, al
movzx eax, [Td4+eax]
shl eax, 8
xor ecx, eax
mov eax, [edi+4*0]
movzx eax, al
movzx eax, [Td4+eax]
xor ecx, eax
mov [esi+4*3], ecx
mov edi, [_out]
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
lodsd
bswap eax
stosd
ret
endp
iglobal
Te0 dd \
0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, \
0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, \
0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, \
0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, \
0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, \
0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, \
0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, \
0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, \
0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, \
0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, \
0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, \
0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, \
0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, \
0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, \
0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, \
0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, \
0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, \
0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, \
0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, \
0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, \
0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, \
0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, \
0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, \
0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, \
0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, \
0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, \
0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, \
0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, \
0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, \
0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, \
0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, \
0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, \
0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, \
0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, \
0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, \
0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, \
0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, \
0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, \
0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, \
0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, \
0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, \
0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, \
0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, \
0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, \
0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, \
0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, \
0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, \
0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, \
0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, \
0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, \
0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, \
0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, \
0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, \
0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, \
0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, \
0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, \
0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, \
0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, \
0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, \
0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, \
0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, \
0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, \
0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, \
0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
Te1 dd \
0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, \
0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5, \
0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b, \
0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, \
0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d, \
0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0, \
0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, \
0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0, \
0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626, \
0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, \
0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1, \
0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515, \
0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, \
0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a, \
0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2, \
0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, \
0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a, \
0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0, \
0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, \
0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484, \
0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded, \
0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, \
0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939, \
0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf, \
0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, \
0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585, \
0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f, \
0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, \
0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f, \
0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5, \
0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, \
0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2, \
0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec, \
0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, \
0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d, \
0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373, \
0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, \
0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888, \
0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414, \
0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, \
0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a, \
0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c, \
0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, \
0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979, \
0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d, \
0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, \
0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea, \
0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808, \
0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, \
0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6, \
0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f, \
0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, \
0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666, \
0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e, \
0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, \
0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e, \
0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111, \
0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, \
0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9, \
0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf, \
0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, \
0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868, \
0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, \
0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
Te2 dd \
0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, \
0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5, \
0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b, \
0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, \
0xca458fca, 0x829d1f82, 0xc94089c9, 0x7d87fa7d, \
0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0, \
0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, \
0x9cbf239c, 0xa4f753a4, 0x7296e472, 0xc05b9bc0, \
0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26, \
0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, \
0x345c6834, 0xa5f451a5, 0xe534d1e5, 0xf108f9f1, \
0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15, \
0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, \
0x18283018, 0x96a13796, 0x050f0a05, 0x9ab52f9a, \
0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2, \
0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, \
0x091b1209, 0x839e1d83, 0x2c74582c, 0x1a2e341a, \
0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0, \
0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, \
0x297b5229, 0xe33edde3, 0x2f715e2f, 0x84971384, \
0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed, \
0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, \
0x6abed46a, 0xcb468dcb, 0xbed967be, 0x394b7239, \
0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf, \
0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, \
0x43c58643, 0x4dd79a4d, 0x33556633, 0x85941185, \
0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f, \
0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, \
0x51f3a251, 0xa3fe5da3, 0x40c08040, 0x8f8a058f, \
0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5, \
0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, \
0x10302010, 0xff1ae5ff, 0xf30efdf3, 0xd26dbfd2, \
0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec, \
0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, \
0xc45793c4, 0xa7f255a7, 0x7e82fc7e, 0x3d477a3d, \
0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673, \
0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, \
0x22664422, 0x2a7e542a, 0x90ab3b90, 0x88830b88, \
0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814, \
0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, \
0xe03bdbe0, 0x32566432, 0x3a4e743a, 0x0a1e140a, \
0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c, \
0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, \
0x91a83991, 0x95a43195, 0xe437d3e4, 0x798bf279, \
0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d, \
0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, \
0x6cb4d86c, 0x56faac56, 0xf407f3f4, 0xea25cfea, \
0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008, \
0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, \
0x1c24381c, 0xa6f157a6, 0xb4c773b4, 0xc65197c6, \
0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f, \
0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, \
0x7090e070, 0x3e427c3e, 0xb5c471b5, 0x66aacc66, \
0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e, \
0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, \
0x86911786, 0xc15899c1, 0x1d273a1d, 0x9eb9279e, \
0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211, \
0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, \
0x9bb62d9b, 0x1e223c1e, 0x87921587, 0xe920c9e9, \
0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df, \
0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, \
0xbfda65bf, 0xe631d7e6, 0x42c68442, 0x68b8d068, \
0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f, \
0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
Te3 dd \
0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, \
0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491, \
0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56, \
0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, \
0xcaca458f, 0x82829d1f, 0xc9c94089, 0x7d7d87fa, \
0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb, \
0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, \
0x9c9cbf23, 0xa4a4f753, 0x727296e4, 0xc0c05b9b, \
0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c, \
0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, \
0x34345c68, 0xa5a5f451, 0xe5e534d1, 0xf1f108f9, \
0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a, \
0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, \
0x18182830, 0x9696a137, 0x05050f0a, 0x9a9ab52f, \
0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf, \
0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, \
0x09091b12, 0x83839e1d, 0x2c2c7458, 0x1a1a2e34, \
0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b, \
0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, \
0x29297b52, 0xe3e33edd, 0x2f2f715e, 0x84849713, \
0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1, \
0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, \
0x6a6abed4, 0xcbcb468d, 0xbebed967, 0x39394b72, \
0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85, \
0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, \
0x4343c586, 0x4d4dd79a, 0x33335566, 0x85859411, \
0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe, \
0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, \
0x5151f3a2, 0xa3a3fe5d, 0x4040c080, 0x8f8f8a05, \
0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1, \
0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, \
0x10103020, 0xffff1ae5, 0xf3f30efd, 0xd2d26dbf, \
0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3, \
0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, \
0xc4c45793, 0xa7a7f255, 0x7e7e82fc, 0x3d3d477a, \
0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6, \
0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, \
0x22226644, 0x2a2a7e54, 0x9090ab3b, 0x8888830b, \
0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28, \
0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, \
0xe0e03bdb, 0x32325664, 0x3a3a4e74, 0x0a0a1e14, \
0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8, \
0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, \
0x9191a839, 0x9595a431, 0xe4e437d3, 0x79798bf2, \
0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da, \
0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, \
0x6c6cb4d8, 0x5656faac, 0xf4f407f3, 0xeaea25cf, \
0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810, \
0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, \
0x1c1c2438, 0xa6a6f157, 0xb4b4c773, 0xc6c65197, \
0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e, \
0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, \
0x707090e0, 0x3e3e427c, 0xb5b5c471, 0x6666aacc, \
0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c, \
0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, \
0x86869117, 0xc1c15899, 0x1d1d273a, 0x9e9eb927, \
0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322, \
0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, \
0x9b9bb62d, 0x1e1e223c, 0x87879215, 0xe9e920c9, \
0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5, \
0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, \
0xbfbfda65, 0xe6e631d7, 0x4242c684, 0x6868b8d0, \
0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e, \
0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
Td0 dd \
0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, \
0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, \
0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, \
0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, \
0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, \
0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, \
0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, \
0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, \
0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, \
0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, \
0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, \
0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, \
0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, \
0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, \
0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, \
0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, \
0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, \
0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, \
0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, \
0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, \
0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, \
0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, \
0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, \
0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, \
0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, \
0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, \
0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, \
0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, \
0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, \
0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, \
0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, \
0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, \
0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, \
0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, \
0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, \
0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, \
0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, \
0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, \
0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, \
0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, \
0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, \
0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, \
0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, \
0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, \
0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, \
0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, \
0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, \
0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, \
0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, \
0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, \
0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, \
0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, \
0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, \
0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, \
0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, \
0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, \
0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, \
0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, \
0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, \
0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, \
0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, \
0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, \
0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, \
0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
Td1 dd \
0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, \
0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303, \
0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c, \
0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, \
0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0, \
0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9, \
0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, \
0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8, \
0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971, \
0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, \
0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f, \
0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b, \
0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, \
0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab, \
0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708, \
0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, \
0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2, \
0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe, \
0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, \
0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10, \
0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd, \
0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, \
0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e, \
0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee, \
0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, \
0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72, \
0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39, \
0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, \
0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91, \
0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a, \
0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, \
0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9, \
0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60, \
0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, \
0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1, \
0xcad731dc, 0x10426385, 0x40139722, 0x2084c611, \
0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, \
0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3, \
0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964, \
0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, \
0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b, \
0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf, \
0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, \
0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af, \
0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512, \
0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, \
0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a, \
0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8, \
0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, \
0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266, \
0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8, \
0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, \
0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604, \
0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551, \
0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, \
0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647, \
0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c, \
0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, \
0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737, \
0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db, \
0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, \
0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95, \
0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1, \
0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
Td2 dd \
0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, \
0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x03934be3, \
0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502, \
0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, \
0x5a49deb1, 0x1b6725ba, 0x0e9845ea, 0xc0e15dfe, \
0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3, \
0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, \
0x832dd4be, 0x21d35874, 0x692949e0, 0xc8448ec9, \
0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9, \
0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, \
0x4a1863df, 0x3182e51a, 0x33609751, 0x7f456253, \
0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908, \
0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, \
0xd323ab73, 0x02e2724b, 0x8f57e31f, 0xab2a6655, \
0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337, \
0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, \
0x1c2b8acf, 0xb492a779, 0xf2f0f307, 0xe2a14e69, \
0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6, \
0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, \
0xec390b83, 0xefaa4060, 0x9f065e71, 0x1051bd6e, \
0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6, \
0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, \
0xfb241998, 0xe997d6bd, 0x43cc8940, 0x9e7767d9, \
0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8, \
0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, \
0x86830980, 0xed48322b, 0x70ac1e11, 0x724e6c5a, \
0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d, \
0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, \
0x67b10c0a, 0xe70f9357, 0x96d2b4ee, 0x919e1b9b, \
0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12, \
0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, \
0x0d0b0e09, 0xc7adf28b, 0xa8b92db6, 0xa9c8141e, \
0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f, \
0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, \
0x29768b43, 0xc6dccb23, 0xfc68b6ed, 0xf163b8e4, \
0xdccad731, 0x85104263, 0x22401397, 0x112084c6, \
0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, \
0x2f4b1d9e, 0x30f3dcb2, 0x52ec0d86, 0xe3d077c1, \
0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9, \
0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, \
0x4ec78749, 0xd1c1d938, 0xa2fe8cca, 0x0b3698d4, \
0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad, \
0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, \
0x13c2f68d, 0xb8e890d8, 0xf75e2e39, 0xaff582c3, \
0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25, \
0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, \
0x7809cd26, 0x18f46e59, 0xb701ec9a, 0x9aa8834f, \
0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15, \
0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, \
0xb2af31a4, 0x23312a3f, 0x9430c6a5, 0x66c035a2, \
0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7, \
0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, \
0xd68d764d, 0xb04d43ef, 0x4d54ccaa, 0x04dfe496, \
0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665, \
0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, \
0x1d5ab367, 0xd25292db, 0x5633e910, 0x47136dd6, \
0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13, \
0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, \
0xdf599cd2, 0x733f55f2, 0xce791814, 0x37bf73c7, \
0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844, \
0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, \
0xc372161d, 0x250cbce2, 0x498b283c, 0x9541ff0d, \
0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456, \
0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
Td3 dd \
0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, \
0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, \
0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5, \
0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, \
0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d, \
0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, \
0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, \
0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e, \
0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, \
0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, \
0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562, \
0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9, \
0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, \
0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66, \
0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, \
0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, \
0xcf1c2b8a, 0x79b492a7, 0x07f2f0f3, 0x69e2a14e, \
0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4, \
0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, \
0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd, \
0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, \
0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, \
0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767, \
0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, \
0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, \
0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c, \
0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, \
0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, \
0x0a67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b, \
0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, \
0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, \
0x090d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814, \
0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, \
0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, \
0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8, \
0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, \
0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, \
0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077, \
0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, \
0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, \
0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698, \
0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, \
0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, \
0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582, \
0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, \
0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, \
0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883, \
0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, \
0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, \
0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035, \
0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, \
0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, \
0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4, \
0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, \
0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, \
0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d, \
0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, \
0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, \
0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73, \
0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, \
0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, \
0x1dc37216, 0xe2250cbc, 0x3c498b28, 0x0d9541ff, \
0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064, \
0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
Td4 db \
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, \
0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, \
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, \
0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, \
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, \
0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, \
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, \
0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, \
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, \
0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, \
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, \
0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, \
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, \
0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, \
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, \
0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, \
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, \
0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, \
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, \
0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, \
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, \
0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, \
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, \
0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, \
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, \
0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, \
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, \
0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, \
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, \
0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, \
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, \
0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
rcon dd \
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, \
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000
endg
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/cipher/aes_cbc.asm
0,0 → 1,235
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2016> Jeffrey Amelynck
; Copyright (C) <2016,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
struct ctx_aes_cbc
aes ctx_aes
cbc ctx_cbc
crypt dd ?
finish dd ?
block rd CBC128_BLOCK_SIZE/4
index dd ?
padding dd ?
ends
assert sizeof.ctx_aes_cbc <= LIBCRASH_CTX_LEN
; _crypt: 0/1 = encrypt/decrypt
proc aes256cbc.init uses ebx esi edi, _ctx, _key, _iv, _flags
mov ebx, [_ctx]
stdcall aes256.init, ebx, [_key], [_flags]
mov ecx, CBC128_BLOCK_SIZE/4
mov esi, [_iv]
lea edi, [ebx+ctx_aes_cbc.cbc.vector]
rep movsd
mov [ebx+ctx_aes_cbc.cbc.has_data], 0
mov [ebx+ctx_aes_cbc.index], 0
mov [ebx+ctx_aes_cbc.crypt], aes256cbc._.encrypt_block
mov [ebx+ctx_aes_cbc.finish], aes256cbc._.finish_encrypt
test [_flags], LIBCRASH_CIPHER_DECRYPT
jz @f
mov [ebx+ctx_aes_cbc.crypt], aes256cbc._.decrypt_block
mov [ebx+ctx_aes_cbc.finish], aes256cbc._.finish_decrypt
@@:
xor eax, eax
test [_flags], LIBCRASH_CIPHER_PADDING
setnz al
mov [ebx+ctx_aes_cbc.padding], eax
ret
endp
proc aes256cbc._.encrypt_block uses ebx esi edi, _ctx, _in, _out
mov ebx, [_ctx]
mov esi, [_in]
lea edi, [ebx+ctx_aes_cbc.cbc.vector]
mov ecx, CBC128_BLOCK_SIZE/4
@@:
lodsd
xor [edi], eax
add edi, 4
dec ecx
jnz @b
lea ecx, [ebx+ctx_aes_cbc.cbc.vector]
lea edx, [ebx+ctx_aes_cbc.aes.state]
stdcall aes.encrypt, ebx, ecx, edx
lea esi, [ebx+ctx_aes_cbc.aes.state]
lea edi, [ebx+ctx_aes_cbc.cbc.vector]
mov ecx, CBC128_BLOCK_SIZE/4
rep movsd
lea esi, [ebx+ctx_aes_cbc.aes.state]
mov edi, [_out]
mov ecx, CBC128_BLOCK_SIZE/4
rep movsd
mov eax, CBC128_BLOCK_SIZE
ret
endp
proc aes256cbc._.decrypt_block uses ebx esi edi, _ctx, _in, _out
locals
.done dd ?
endl
mov [.done], 0
mov ebx, [_ctx]
mov ecx, [_in]
lea edx, [ebx+ctx_aes_cbc.aes.state]
stdcall aes.decrypt, ebx, ecx, edx
bts [ebx+ctx_aes_cbc.cbc.has_data], 0
jnc @f
lea esi, [ebx+ctx_aes_cbc.cbc.block]
mov edi, [_out]
mov ecx, CBC128_BLOCK_SIZE/4
rep movsd
add [.done], CBC128_BLOCK_SIZE
@@:
lea esi, [ebx+ctx_aes_cbc.aes.state]
lea edx, [ebx+ctx_aes_cbc.cbc.vector]
lea edi, [ebx+ctx_aes_cbc.cbc.block]
mov ecx, CBC128_BLOCK_SIZE/4
@@:
lodsd
xor eax, [edx]
add edx, 4
stosd
dec ecx
jnz @b
mov esi, [_in]
lea edi, [ebx+ctx_aes_cbc.cbc.vector]
mov ecx, CBC128_BLOCK_SIZE/4
rep movsd
mov eax, [.done]
ret
endp
proc aes256cbc.update uses ebx esi edi, _ctx, _in, _len, _out
locals
.done dd ?
endl
mov [.done], 0
.next_block:
mov ebx, [_ctx]
mov eax, [ebx+ctx_aes_cbc.index]
test eax, eax
jnz .copy_to_buf
test [_in], LIBCRASH_ALIGN-1
jnz .copy_to_buf
.no_copy:
; data is aligned, process it in place without copying
mov ebx, [_ctx]
cmp [_len], CBC128_BLOCK_SIZE
jb .copy_quit
stdcall [ebx+ctx_aes_cbc.crypt], [_ctx], [_in], [_out]
add [_in], CBC128_BLOCK_SIZE
add [_out], eax
add [.done], eax
sub [_len], CBC128_BLOCK_SIZE
jmp .no_copy
.copy_to_buf:
lea edi, [ebx+ctx_aes_cbc.block]
add edi, [ebx+ctx_aes_cbc.index]
mov ecx, CBC128_BLOCK_SIZE
sub ecx, [ebx+ctx_aes_cbc.index]
cmp [_len], ecx
jb .copy_quit
mov esi, [_in]
sub [_len], ecx
add [_in], ecx
rep movsb
mov [ebx+ctx_aes_cbc.index], 0
lea esi, [ebx+ctx_aes_cbc.block]
stdcall [ebx+ctx_aes_cbc.crypt], [_ctx], esi, [_out]
add [.done], eax
add [_out], eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
mov esi, [_in]
lea edi, [ebx+ctx_aes_cbc.block]
add edi, [ebx+ctx_aes_cbc.index]
mov ecx, [_len]
add [ebx+ctx_aes_cbc.index], ecx
rep movsb
.quit:
mov eax, [.done]
ret
endp
proc aes256cbc.finish uses ebx esi edi, _ctx, _out
mov ebx, [_ctx]
stdcall [ebx+ctx_aes_cbc.finish], ebx, [_out]
ret
endp
proc aes256cbc._.finish_encrypt uses ebx esi edi, _ctx, _out
mov ebx, [_ctx]
xor eax, eax
cmp [ebx+ctx_aes_cbc.padding], 0
jz .no_padding
; add padding
lea edi, [ebx+ctx_aes_cbc.block]
add edi, [ebx+ctx_aes_cbc.index]
mov ecx, CBC128_BLOCK_SIZE
sub ecx, [ebx+ctx_aes_cbc.index]
mov eax, ecx
rep stosb
lea eax, [ebx+ctx_aes_cbc.block]
stdcall aes256cbc._.encrypt_block, [_ctx], eax, [_out]
mov eax, CBC128_BLOCK_SIZE
.no_padding:
ret
endp
proc aes256cbc._.finish_decrypt uses ebx esi edi, _ctx, _out
mov ebx, [_ctx]
xor eax, eax
cmp eax, [ebx+ctx_aes_cbc.cbc.has_data]
jz .done
lea esi, [ebx+ctx_aes_cbc.cbc.block]
mov edi, [_out]
mov ecx, CBC128_BLOCK_SIZE
cmp [ebx+ctx_aes_cbc.padding], eax
jz @f
sub cl, [esi+CBC128_BLOCK_SIZE-1]
@@:
mov eax, ecx
rep movsb
.done:
ret
endp
proc aes256cbc.oneshot _ctx, _key, _iv, _flags, _in, _len, _out
locals
.done dd ?
endl
mov [.done], 0
stdcall aes256cbc.init, [_ctx], [_key], [_iv], [_flags]
stdcall aes256cbc.update, [_ctx], [_in], [_len], [_out]
add [_out], eax
add [.done], eax
stdcall aes256cbc.finish, [_ctx], [_out]
add eax, [.done]
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/cipher/aes_ctr.asm
0,0 → 1,137
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2016> Jeffrey Amelynck
; Copyright (C) <2016,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
struct ctx_aes_ctr
aes ctx_aes
ctr ctx_ctr
ends
assert sizeof.ctx_aes_ctr <= LIBCRASH_CTX_LEN
; _crypt: 0/1 = encrypt/decrypt
proc aes256ctr.init uses ebx, _ctx, _key, _iv, _flags
mov ebx, [_ctx]
stdcall aes256.init, ebx, [_key], LIBCRASH_CIPHER_ENCRYPT
add ebx, ctx_aes_ctr.ctr
stdcall ctr.init, [_iv]
ret
endp
proc a22es_ctr._.block_init _ctx
mov edi, [_ctx]
lea esi, [edi+ctx_aes_ctr.ctr.block_counter]
mov ecx, AES_BLOCK_SIZE/4
rep movsd
ret
endp
proc aes256ctr.update uses ebx esi edi, _ctx, _in, _len, _out
mov eax, [_len]
pushad
mov ebx, [_ctx]
mov edi, [_in]
mov edx, [ebx+ctx_aes_ctr.ctr.partial_cnt]
.next_chunk:
mov ecx, [_len]
test ecx, ecx
jz .done
test edx, edx
jnz @f
pushad
lea ecx, [ebx+ctx_aes_ctr.ctr.block_counter]
lea edx, [ebx+ctx_aes_ctr.aes.state]
stdcall aes.encrypt, ebx, ecx, edx
popad
mov edx, AES_BLOCK_SIZE
pushad
mov esi, ebx
mov eax, dword[esi+ctx_aes_ctr.ctr.block_counter+4*0]
mov ebx, dword[esi+ctx_aes_ctr.ctr.block_counter+4*1]
mov ecx, dword[esi+ctx_aes_ctr.ctr.block_counter+4*2]
mov edx, dword[esi+ctx_aes_ctr.ctr.block_counter+4*3]
bswap eax
bswap ebx
bswap ecx
bswap edx
add edx, 1
adc ecx, 0
adc ebx, 0
adc eax, 0
bswap eax
bswap ebx
bswap ecx
bswap edx
mov dword[esi+ctx_aes_ctr.ctr.block_counter+4*0], eax
mov dword[esi+ctx_aes_ctr.ctr.block_counter+4*1], ebx
mov dword[esi+ctx_aes_ctr.ctr.block_counter+4*2], ecx
mov dword[esi+ctx_aes_ctr.ctr.block_counter+4*3], edx
popad
@@:
cmp ecx, edx
jbe @f
mov ecx, edx
@@:
lea esi, [ebx+ctx_aes_ctr.aes.state]
add esi, AES_BLOCK_SIZE
sub esi, edx
sub [_len], ecx
sub edx, ecx
push ebx
mov edi, [_out]
mov ebx, [_in]
add [_in], ecx
add [_out], ecx
@@:
lodsb
xor al, [ebx]
inc ebx
stosb
loop @b
pop ebx
jmp .next_chunk
.done:
mov [ebx+ctx_aes_ctr.ctr.partial_cnt], edx
popad
ret
endp
proc aes256ctr.finish _ctx, _out
xor eax, eax
ret
endp
proc aes256ctr.oneshot _ctx, _key, _iv, _flags, _in, _len, _out
locals
.done dd ?
endl
mov [.done], 0
stdcall aes256ctr.init, [_ctx], [_key], [_iv], [_flags]
stdcall aes256ctr.update, [_ctx], [_in], [_len], [_out]
add [_out], eax
add [.done], eax
stdcall aes256ctr.finish, [_ctx], [_out]
add eax, [.done]
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/cipher/chacha20.asm
0,0 → 1,204
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
; https://datatracker.ietf.org/doc/html/rfc7539
CHACHA20_BLOCK_SIZE = 64
CHACHA20_KEY_SIZE = 32
CHACHA20_NONCE_SIZE = 12
CHACHA20_IV_SIZE = 16
struct ctx_chacha20
state rd CHACHA20_BLOCK_SIZE/4
key rd CHACHA20_KEY_SIZE/4
block_counter dd ?
nonce rd CHACHA20_NONCE_SIZE/4
partial_cnt dd ?
ends
assert sizeof.ctx_chacha20 <= LIBCRASH_CTX_LEN
proc chacha20.init uses ebx esi edi, _ctx, _key, _iv, _flags
mov ebx, [_ctx]
mov esi, [_key]
lea edi, [ebx+ctx_chacha20.key]
mov ecx, CHACHA20_KEY_SIZE/4
rep movsd
mov esi, [_iv]
lea edi, [ebx+ctx_chacha20.block_counter]
mov ecx, CHACHA20_IV_SIZE/4
rep movsd
mov [ebx+ctx_chacha20.partial_cnt], 0
ret
endp
macro chacha20._.quarter_round a, b, c, d {
; a = PLUS(a,b); d = ROTATE(XOR(d,a),16);
mov eax, [esi+a*4]
add eax, [esi+b*4]
mov [esi+a*4], eax
xor eax, [esi+d*4]
rol eax, 16
mov [esi+d*4], eax
; c = PLUS(c,d); b = ROTATE(XOR(b,c),12);
mov eax, [esi+c*4]
add eax, [esi+d*4]
mov [esi+c*4], eax
xor eax, [esi+b*4]
rol eax, 12
mov [esi+b*4], eax
; a = PLUS(a,b); d = ROTATE(XOR(d,a), 8);
mov eax, [esi+a*4]
add eax, [esi+b*4]
mov [esi+a*4], eax
xor eax, [esi+d*4]
rol eax, 8
mov [esi+d*4], eax
; c = PLUS(c,d); b = ROTATE(XOR(b,c), 7);
mov eax, [esi+c*4]
add eax, [esi+d*4]
mov [esi+c*4], eax
xor eax, [esi+b*4]
rol eax, 7
mov [esi+b*4], eax
}
proc chacha20._.inner_block _state
mov esi, [_state]
chacha20._.quarter_round 0, 4, 8, 12
chacha20._.quarter_round 1, 5, 9, 13
chacha20._.quarter_round 2, 6, 10, 14
chacha20._.quarter_round 3, 7, 11, 15
chacha20._.quarter_round 0, 5, 10, 15
chacha20._.quarter_round 1, 6, 11, 12
chacha20._.quarter_round 2, 7, 8, 13
chacha20._.quarter_round 3, 4, 9, 14
ret
endp
proc chacha20._.block_init _ctx
mov edi, [_ctx]
lea esi, [edi+ctx_chacha20.key]
mov [edi+ctx_chacha20.state+0*4], 'expa' ; magic
mov [edi+ctx_chacha20.state+1*4], 'nd 3' ; constants
mov [edi+ctx_chacha20.state+2*4], '2-by' ; from
mov [edi+ctx_chacha20.state+3*4], 'te k' ; the RFC
add edi, 4*4
mov ecx, CHACHA20_BLOCK_SIZE/4-4 ; the four dwords above
rep movsd
ret
endp
proc chacha20._.block _state
locals
.working_state rd CHACHA20_BLOCK_SIZE/4
.i dd ?
endl
stdcall chacha20._.block_init, [_state]
mov esi, [_state]
lea edi, [.working_state]
mov ecx, CHACHA20_BLOCK_SIZE/4
rep movsd
mov [.i], 10
@@:
lea eax, [.working_state]
stdcall chacha20._.inner_block, eax
dec [.i]
jnz @b
lea esi, [.working_state]
mov edi, [_state]
mov ecx, CHACHA20_BLOCK_SIZE/4-1
@@:
mov eax, [esi+ecx*4]
add [edi+ecx*4], eax
dec ecx
jns @b
ret
endp
proc chacha20.update uses ebx esi edi, _ctx, _in, _len, _out
locals
.bytes_done dd ?
endl
mov eax, [_len]
mov [.bytes_done], eax
mov ebx, [_ctx]
mov edx, [ebx+ctx_chacha20.partial_cnt]
.next_chunk:
mov ecx, [_len]
test ecx, ecx
jz .done
test edx, edx
jnz @f
pushad
stdcall chacha20._.block, [_ctx]
popad
mov edx, CHACHA20_BLOCK_SIZE
inc [ebx+ctx_chacha20.block_counter]
@@:
cmp ecx, edx
jbe @f
mov ecx, edx
@@:
lea esi, [ebx+ctx_chacha20.state]
add esi, CHACHA20_BLOCK_SIZE
sub esi, edx
sub [_len], ecx
sub edx, ecx
push ebx
mov edi, [_out]
mov ebx, [_in]
add [_in], ecx
add [_out], ecx
@@:
lodsb
xor al, [ebx]
inc ebx
stosb
loop @b
pop ebx
jmp .next_chunk
.done:
mov [ebx+ctx_chacha20.partial_cnt], edx
mov eax, [.bytes_done]
ret
endp
proc chacha20.finish _ctx, _out
xor eax, eax
ret
endp
proc chacha20.oneshot _ctx, _key, _iv, _flags, _in, _len, _out
locals
.done dd ?
endl
mov [.done], 0
stdcall chacha20.init, [_ctx], [_key], [_iv], [_flags]
stdcall chacha20.update, [_ctx], [_in], [_len], [_out]
add [_out], eax
add [.done], eax
stdcall chacha20.finish, [_ctx], [_out]
add eax, [.done]
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/cipher/mode/cbc.asm
0,0 → 1,36
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
CBC128_BLOCK_SIZE = 128/8
struct ctx_cbc
vector rd CBC128_BLOCK_SIZE/4
block rd CBC128_BLOCK_SIZE/4
has_data dd ?
ends
; ebx = context
proc cbc.init uses esi edi, _iv
mov esi, [_iv]
lea edi, [ebx+ctx_ctr.block_counter]
mov ecx, CTR128_BLOCK_SIZE/4
rep movsd
mov [ebx+ctx_ctr.partial_cnt], 0
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/cipher/mode/ctr.asm
0,0 → 1,34
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
CTR128_BLOCK_SIZE = 128/8
struct ctx_ctr
block_counter rd 4
partial_cnt dd ?
ends
; ebx = context
proc ctr.init uses esi edi, _iv
mov esi, [_iv]
lea edi, [ebx+ctx_ctr.block_counter]
mov ecx, CTR128_BLOCK_SIZE/4
rep movsd
mov [ebx+ctx_ctr.partial_cnt], 0
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/crashtest.asm
0,0 → 1,164
use32
org 0x0
db 'MENUET01'
dd 0x01,start,i_end,e_end,e_end,0,this_file_name
include 'proc32.inc'
include 'macros.inc'
include 'dll.inc'
;include 'debug-fdo.inc'
include 'libcrash.inc'
BUFFER_SIZE = 0x1000
start:
pushfd
pop eax
; or eax, 1 SHL 18 ; Alignment Check flag, FIXME in libcrash
push eax
popfd
mcall 68, 11
stdcall dll.Load, @IMPORT
or eax, eax
jnz quit
still:
mcall 10
dec eax
jz redraw
dec eax
jz key
button:
mcall 17
shr eax, 8
cmp eax, 1
je quit
redraw:
mcall 12, 1
mcall 0, <0,900>, <0,160>, 0x34000000, 0x80000000, window_title
mov [f70_buf.src], 0
invoke crash.hash, LIBCRASH_SHA2_256, read_data, 0, bin
stdcall bin2hex, bin, SHA2_256_LEN, hex
mcall 4, <0,0>, 0xc0ffffff, hex, 0, 0
invoke crash.hash_oneshot, LIBCRASH_SHA2_256, ctx, 0, i_end
stdcall bin2hex, ctx, SHA2_256_LEN, hex
mcall 4, <0,10>, 0xc0ffffff, hex, 0, 0
invoke sha2_256.oneshot, ctx, 0, i_end
stdcall bin2hex, ctx, SHA2_256_LEN, hex
mcall 4, <0,20>, 0xc0ffffff, hex, 0, 0
invoke sha2_256.init, ctx
invoke sha2_256.update, ctx, 0, 42
invoke sha2_256.update, ctx, 42, i_end-42
invoke sha2_256.finish, ctx
stdcall bin2hex, ctx, SHA2_256_LEN, hex
mcall 4, <0,30>, 0xc0ffffff, hex, 0, 0
mcall 12, 2
jmp still
key:
mcall 2
jmp still
quit:
mcall -1
proc bin2hex uses esi edi, _bin, _len, _hex
mov esi, [_bin]
mov edi, [_hex]
mov ecx, [_len]
.next_byte:
movzx eax, byte[esi]
shr al, 4
cmp al, 10
sbb al, 0x69
das
stosb
lodsb
and al, 0x0f
cmp al, 10
sbb al, 0x69
das
stosb
loop .next_byte
mov byte[edi], 0
ret
endp
proc read_data uses ebx, _user, _buf, _len
mov eax, [_buf]
mov [f70_buf.dst], eax
mov eax, [_len]
mov [f70_buf.count], eax
mcall 70, f70_buf
mov eax, ebx
cmp eax, -1
jnz @f
inc eax
@@:
add [f70_buf.src], eax
ret
endp
sz window_title, 'libcrash example',0
f70_buf:
.funcnum dd 0
.src dd 0
dd 0
.count dd BUFFER_SIZE
.dst dd data_buffer
db 0
.fname dd this_file_name
align 4
@IMPORT:
library \
libcrash, 'libcrash.obj'
import libcrash, \
libcrash.init, 'lib_init', \
crash.hash, 'crash_hash', \
crash.hash_oneshot, 'crash_hash_oneshot', \
crash.mac, 'crash_mac', \
crash.mac_oneshot, 'crash_mac_oneshot', \
crash.crypt, 'crash_crypt', \
crash.crypt_oneshot, 'crash_crypt_oneshot', \
sha2_256.init, 'sha2_256_init', \
sha2_256.update, 'sha2_256_update', \
sha2_256.finish, 'sha2_256_finish', \
sha2_256.oneshot, 'sha2_256_oneshot', \
hmac_sha2_256.init, 'hmac_sha2_256_init', \
hmac_sha2_256.update, 'hmac_sha2_256_update', \
hmac_sha2_256.finish, 'hmac_sha2_256_finish', \
hmac_sha2_256.oneshot, 'hmac_sha2_256_oneshot', \
aes256ctr.init, 'aes256ctr_init', \
aes256ctr.update, 'aes256ctr_update', \
aes256ctr.finish, 'aes256ctr_finish', \
aes256ctr.oneshot, 'aes256ctr_oneshot'
i_end:
bin rb MAX_HASH_LEN
hex rb MAX_HASH_LEN*2+1
data_buffer rb BUFFER_SIZE
this_file_name rb 0x1000
align LIBCRASH_ALIGN
ctx rb LIBCRASH_CTX_LEN
rb 0x1000 ;stack
e_end:

/programs/develop/libraries/libcrash/hash/crc32.asm
0,0 → 1,131
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
CRC32_BLOCK_SIZE = 1
CRC32_ALIGN = 4
CRC32_ALIGN_MASK = CRC32_ALIGN - 1
struct ctx_crc32
hash rd 1
ends
assert sizeof.ctx_crc32 <= LIBCRASH_CTX_LEN
proc crc32.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_crc32.hash]
mov esi, crc32._.hash_init
mov ecx, 1
rep movsd
ret
endp
proc crc32.update uses ebx esi edi, _ctx, _msg, _size
mov ebx, [_ctx]
mov esi, [_msg]
lea edi, [ebx + ctx_crc32.hash]
mov eax, [edi]
mov ecx, [_size]
jecxz .quit
@@:
movzx edx, al
xor dl, byte[esi]
add esi, 1
shr eax, 8
xor eax, [crc32._.table + edx*4]
dec ecx
jnz @b
stosd
.quit:
ret
endp
proc crc32.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea esi, [ebx + ctx_crc32.hash]
mov edi, esi
lodsd
xor eax, 0xffffffff
bswap eax
stosd
ret
endp
proc crc32.oneshot _ctx, _data, _len
stdcall crc32.init, [_ctx]
stdcall crc32.update, [_ctx], [_data], [_len]
stdcall crc32.finish, [_ctx]
ret
endp
iglobal
align CRC32_ALIGN
crc32._.hash_init dd 0xffffffff
crc32._.table dd \
0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,\
0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,\
0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,\
0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,\
0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,\
0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,\
0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,\
0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,\
0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,\
0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,\
0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,\
0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,\
0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,\
0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,\
0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,\
0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,\
0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,\
0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,\
0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,\
0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,\
0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,\
0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,\
0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,\
0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,\
0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,\
0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,\
0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,\
0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,\
0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,\
0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,\
0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,\
0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,\
0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,\
0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,\
0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,\
0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,\
0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,\
0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,\
0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,\
0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,\
0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,\
0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,\
0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
endg

/programs/develop/libraries/libcrash/hash/md5.asm
0,0 → 1,288
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
MD5_BLOCK_SIZE = 64
MD5_ALIGN = 4
MD5_ALIGN_MASK = MD5_ALIGN - 1
struct ctx_md5
hash rb MD5_LEN
block rb MD5_BLOCK_SIZE
index rd 1
msglen_0 rd 1
msglen_1 rd 1
ends
assert sizeof.ctx_md5 <= LIBCRASH_CTX_LEN
macro md5._.f b, c, d
{
push c
xor c, d
and b, c
xor b, d
pop c
}
macro md5._.g b, c, d
{
push c d
and b, d
not d
and c, d
or b, c
pop d c
}
macro md5._.h b, c, d
{
xor b, c
xor b, d
}
macro md5._.i b, c, d
{
push d
not d
or b, d
xor b, c
pop d
}
macro md5._.round func, a, b, c, d, index, shift, ac
{
push b
func b, c, d
lea a, [a + b + ac]
add a, [esi + index*4]
rol a, shift
pop b
add a, b
}
proc md5.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_md5.hash]
mov esi, md5._.hash_init
mov ecx, MD5_LEN/4
rep movsd
xor eax, eax
mov [ebx + ctx_md5.index], eax
mov [ebx + ctx_md5.msglen_0], eax
mov [ebx + ctx_md5.msglen_1], eax
ret
endp
proc md5._.block _hash
mov edi, [_hash]
mov eax, [edi + 0x0]
mov ebx, [edi + 0x4]
mov ecx, [edi + 0x8]
mov edx, [edi + 0xc]
md5._.round md5._.f, eax, ebx, ecx, edx, 0, 7, 0xd76aa478
md5._.round md5._.f, edx, eax, ebx, ecx, 1, 12, 0xe8c7b756
md5._.round md5._.f, ecx, edx, eax, ebx, 2, 17, 0x242070db
md5._.round md5._.f, ebx, ecx, edx, eax, 3, 22, 0xc1bdceee
md5._.round md5._.f, eax, ebx, ecx, edx, 4, 7, 0xf57c0faf
md5._.round md5._.f, edx, eax, ebx, ecx, 5, 12, 0x4787c62a
md5._.round md5._.f, ecx, edx, eax, ebx, 6, 17, 0xa8304613
md5._.round md5._.f, ebx, ecx, edx, eax, 7, 22, 0xfd469501
md5._.round md5._.f, eax, ebx, ecx, edx, 8, 7, 0x698098d8
md5._.round md5._.f, edx, eax, ebx, ecx, 9, 12, 0x8b44f7af
md5._.round md5._.f, ecx, edx, eax, ebx, 10, 17, 0xffff5bb1
md5._.round md5._.f, ebx, ecx, edx, eax, 11, 22, 0x895cd7be
md5._.round md5._.f, eax, ebx, ecx, edx, 12, 7, 0x6b901122
md5._.round md5._.f, edx, eax, ebx, ecx, 13, 12, 0xfd987193
md5._.round md5._.f, ecx, edx, eax, ebx, 14, 17, 0xa679438e
md5._.round md5._.f, ebx, ecx, edx, eax, 15, 22, 0x49b40821
md5._.round md5._.g, eax, ebx, ecx, edx, 1, 5, 0xf61e2562
md5._.round md5._.g, edx, eax, ebx, ecx, 6, 9, 0xc040b340
md5._.round md5._.g, ecx, edx, eax, ebx, 11, 14, 0x265e5a51
md5._.round md5._.g, ebx, ecx, edx, eax, 0, 20, 0xe9b6c7aa
md5._.round md5._.g, eax, ebx, ecx, edx, 5, 5, 0xd62f105d
md5._.round md5._.g, edx, eax, ebx, ecx, 10, 9, 0x02441453
md5._.round md5._.g, ecx, edx, eax, ebx, 15, 14, 0xd8a1e681
md5._.round md5._.g, ebx, ecx, edx, eax, 4, 20, 0xe7d3fbc8
md5._.round md5._.g, eax, ebx, ecx, edx, 9, 5, 0x21e1cde6
md5._.round md5._.g, edx, eax, ebx, ecx, 14, 9, 0xc33707d6
md5._.round md5._.g, ecx, edx, eax, ebx, 3, 14, 0xf4d50d87
md5._.round md5._.g, ebx, ecx, edx, eax, 8, 20, 0x455a14ed
md5._.round md5._.g, eax, ebx, ecx, edx, 13, 5, 0xa9e3e905
md5._.round md5._.g, edx, eax, ebx, ecx, 2, 9, 0xfcefa3f8
md5._.round md5._.g, ecx, edx, eax, ebx, 7, 14, 0x676f02d9
md5._.round md5._.g, ebx, ecx, edx, eax, 12, 20, 0x8d2a4c8a
md5._.round md5._.h, eax, ebx, ecx, edx, 5, 4, 0xfffa3942
md5._.round md5._.h, edx, eax, ebx, ecx, 8, 11, 0x8771f681
md5._.round md5._.h, ecx, edx, eax, ebx, 11, 16, 0x6d9d6122
md5._.round md5._.h, ebx, ecx, edx, eax, 14, 23, 0xfde5380c
md5._.round md5._.h, eax, ebx, ecx, edx, 1, 4, 0xa4beea44
md5._.round md5._.h, edx, eax, ebx, ecx, 4, 11, 0x4bdecfa9
md5._.round md5._.h, ecx, edx, eax, ebx, 7, 16, 0xf6bb4b60
md5._.round md5._.h, ebx, ecx, edx, eax, 10, 23, 0xbebfbc70
md5._.round md5._.h, eax, ebx, ecx, edx, 13, 4, 0x289b7ec6
md5._.round md5._.h, edx, eax, ebx, ecx, 0, 11, 0xeaa127fa
md5._.round md5._.h, ecx, edx, eax, ebx, 3, 16, 0xd4ef3085
md5._.round md5._.h, ebx, ecx, edx, eax, 6, 23, 0x04881d05
md5._.round md5._.h, eax, ebx, ecx, edx, 9, 4, 0xd9d4d039
md5._.round md5._.h, edx, eax, ebx, ecx, 12, 11, 0xe6db99e5
md5._.round md5._.h, ecx, edx, eax, ebx, 15, 16, 0x1fa27cf8
md5._.round md5._.h, ebx, ecx, edx, eax, 2, 23, 0xc4ac5665
md5._.round md5._.i, eax, ebx, ecx, edx, 0, 6, 0xf4292244
md5._.round md5._.i, edx, eax, ebx, ecx, 7, 10, 0x432aff97
md5._.round md5._.i, ecx, edx, eax, ebx, 14, 15, 0xab9423a7
md5._.round md5._.i, ebx, ecx, edx, eax, 5, 21, 0xfc93a039
md5._.round md5._.i, eax, ebx, ecx, edx, 12, 6, 0x655b59c3
md5._.round md5._.i, edx, eax, ebx, ecx, 3, 10, 0x8f0ccc92
md5._.round md5._.i, ecx, edx, eax, ebx, 10, 15, 0xffeff47d
md5._.round md5._.i, ebx, ecx, edx, eax, 1, 21, 0x85845dd1
md5._.round md5._.i, eax, ebx, ecx, edx, 8, 6, 0x6fa87e4f
md5._.round md5._.i, edx, eax, ebx, ecx, 15, 10, 0xfe2ce6e0
md5._.round md5._.i, ecx, edx, eax, ebx, 6, 15, 0xa3014314
md5._.round md5._.i, ebx, ecx, edx, eax, 13, 21, 0x4e0811a1
md5._.round md5._.i, eax, ebx, ecx, edx, 4, 6, 0xf7537e82
md5._.round md5._.i, edx, eax, ebx, ecx, 11, 10, 0xbd3af235
md5._.round md5._.i, ecx, edx, eax, ebx, 2, 15, 0x2ad7d2bb
md5._.round md5._.i, ebx, ecx, edx, eax, 9, 21, 0xeb86d391
mov edi, [_hash]
add [edi + 0x0], eax
add [edi + 0x4], ebx
add [edi + 0x8], ecx
add [edi + 0xc], edx
ret
endp
proc md5.update uses ebx esi edi, _ctx, _msg, _size
mov ebx, [_ctx]
mov ecx, [_size]
add [ebx + ctx_md5.msglen_0], ecx
adc [ebx + ctx_md5.msglen_1], 0
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx + ctx_md5.index]
and eax, MD5_BLOCK_SIZE-1
jnz .copy_to_buf
test esi, MD5_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, hash it in place without copying
mov ebx, [_ctx]
cmp [_size], MD5_BLOCK_SIZE
jb .copy_quit
lea eax, [ebx + ctx_md5.hash]
stdcall md5._.block, eax
sub [_size], MD5_BLOCK_SIZE
add esi, MD5_BLOCK_SIZE
jmp .no_copy
.copy_to_buf:
lea edi, [ebx + ctx_md5.block]
add edi, eax
mov ecx, MD5_BLOCK_SIZE
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx + ctx_md5.index], ecx
rep movsb
lea eax, [ebx + ctx_md5.hash]
lea esi, [ebx + ctx_md5.block]
stdcall md5._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx + ctx_md5.block]
mov eax, [ebx + ctx_md5.index]
and eax, MD5_BLOCK_SIZE-1
add edi, eax
mov ecx, [_size]
add [ebx + ctx_md5.index], ecx
rep movsb
.quit:
ret
endp
proc md5.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_md5.block]
mov ecx, [ebx + ctx_md5.msglen_0]
and ecx, MD5_BLOCK_SIZE-1
add edi, ecx
mov byte[edi], 0x80
inc edi
neg ecx
add ecx, MD5_BLOCK_SIZE
cmp ecx, 8
ja .last
dec ecx
xor eax, eax
rep stosb
lea esi, [ebx + ctx_md5.block]
lea eax, [ebx + ctx_md5.hash]
stdcall md5._.block, eax
mov ebx, [_ctx]
lea edi, [ebx + ctx_md5.block]
mov ecx, MD5_BLOCK_SIZE+1
.last:
dec ecx
sub ecx, 8
xor eax, eax
rep stosb
mov eax, [ebx + ctx_md5.msglen_0]
mov edx, [ebx + ctx_md5.msglen_1]
shld edx, eax, 3
shl eax, 3
mov dword[edi], eax
mov dword[edi+4], edx
lea esi, [ebx + ctx_md5.block]
lea eax, [ebx + ctx_md5.hash]
stdcall md5._.block, eax
ret
endp
proc md5.oneshot _ctx, _data, _len
stdcall md5.init, [_ctx]
stdcall md5.update, [_ctx], [_data], [_len]
stdcall md5.finish, [_ctx]
ret
endp
iglobal
align MD5_ALIGN
md5._.hash_init dd 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0
endg

/programs/develop/libraries/libcrash/hash/sha1.asm
0,0 → 1,296
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
SHA1_BLOCK_SIZE = 64
SHA1_ALIGN = 4
SHA1_ALIGN_MASK = SHA1_ALIGN - 1
struct ctx_sha1
hash rb SHA1_LEN
block rb SHA1_BLOCK_SIZE
index rd 1
msglen_0 rd 1
msglen_1 rd 1
ends
assert sizeof.ctx_sha1 <= LIBCRASH_CTX_LEN
proc sha1._.f
push ebx ecx edx
xor ecx, edx
and ebx, ecx
xor ebx, edx
mov esi, ebx
pop edx ecx ebx
ret
endp
proc sha1._.g
push ebx ecx edx
xor ebx, ecx
xor ebx, edx
mov esi, ebx
pop edx ecx ebx
ret
endp
proc sha1._.h
push ebx ecx edx
mov esi, ebx
and ebx, ecx
and ecx, edx
and esi, edx
or ebx, ecx
or esi, ebx
pop edx ecx ebx
ret
endp
macro sha1._.round f, k, c
{
mov esi, eax
rol esi, 5
mov [temp], esi
call f
add esi, edi
add [temp], esi
mov esi, [w + (c)*4]
add esi, k
add [temp], esi
mov edi, edx
mov edx, ecx
mov ecx, ebx
rol ecx, 30
mov ebx, eax
mov eax, [temp]
}
proc sha1.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha1.hash]
mov esi, sha1._.hash_init
mov ecx, SHA1_LEN/4
rep movsd
xor eax, eax
mov [ebx + ctx_sha1.index], eax
mov [ebx + ctx_sha1.msglen_0], eax
mov [ebx + ctx_sha1.msglen_1], eax
ret
endp
proc sha1._.block _hash
locals
temp rd 1
w rd 80
endl
lea edi, [w]
xor ecx, ecx
@@:
mov eax, [esi]
add esi, 4
bswap eax
mov [edi], eax
add edi, 4
add ecx, 1
cmp ecx, 16
jne @b
@@:
mov eax, [w + (ecx - 3)*4]
xor eax, [w + (ecx - 8)*4]
xor eax, [w + (ecx - 14)*4]
xor eax, [w + (ecx - 16)*4]
rol eax, 1
mov [w + ecx*4], eax
add ecx, 1
cmp ecx, 80
jne @b
mov edi, [_hash]
mov eax, [edi + 0x00]
mov ebx, [edi + 0x04]
mov ecx, [edi + 0x08]
mov edx, [edi + 0x0c]
mov edi, [edi + 0x10]
push esi
repeat 20
sha1._.round sha1._.f, 0x5a827999, %-1
end repeat
repeat 20
sha1._.round sha1._.g, 0x6ed9eba1, %-1+20
end repeat
repeat 20
sha1._.round sha1._.h, 0x8f1bbcdc, %-1+40
end repeat
repeat 20
sha1._.round sha1._.g, 0xca62c1d6, %-1+60
end repeat
pop esi
mov [temp], edi
mov edi, [_hash]
add [edi + 0x00], eax
add [edi + 0x04], ebx
add [edi + 0x08], ecx
add [edi + 0x0c], edx
mov eax, [temp]
add [edi + 0x10], eax
ret
endp
proc sha1.update uses ebx esi edi, _ctx, _msg, _size
mov ebx, [_ctx]
mov ecx, [_size]
add [ebx + ctx_sha1.msglen_0], ecx
adc [ebx + ctx_sha1.msglen_1], 0
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx + ctx_sha1.index]
and eax, SHA1_BLOCK_SIZE-1
jnz .copy_to_buf
test esi, SHA1_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, hash it in place without copying
mov ebx, [_ctx]
cmp [_size], SHA1_BLOCK_SIZE
jb .copy_quit
lea eax, [ebx + ctx_sha1.hash]
stdcall sha1._.block, eax
sub [_size], SHA1_BLOCK_SIZE
; add esi, SHA1_BLOCK_SIZE ; FIXME
jmp .no_copy
.copy_to_buf:
lea edi, [ebx + ctx_sha1.block]
add edi, eax
mov ecx, SHA1_BLOCK_SIZE
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx + ctx_sha1.index], ecx
rep movsb
lea eax, [ebx + ctx_sha1.hash]
lea esi, [ebx + ctx_sha1.block]
stdcall sha1._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha1.block]
mov eax, [ebx + ctx_sha1.index]
and eax, SHA1_BLOCK_SIZE-1
add edi, eax
mov ecx, [_size]
add [ebx + ctx_sha1.index], ecx
rep movsb
.quit:
ret
endp
proc sha1.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha1.block]
mov ecx, [ebx + ctx_sha1.msglen_0]
and ecx, SHA1_BLOCK_SIZE-1
add edi, ecx
mov byte[edi], 0x80
inc edi
neg ecx
add ecx, SHA1_BLOCK_SIZE
cmp ecx, 8
ja .last
dec ecx
xor eax, eax
rep stosb
lea esi, [ebx + ctx_sha1.block]
lea eax, [ebx + ctx_sha1.hash]
stdcall sha1._.block, eax
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha1.block]
mov ecx, SHA1_BLOCK_SIZE+1
.last:
dec ecx
sub ecx, 8
xor eax, eax
rep stosb
mov eax, [ebx + ctx_sha1.msglen_0]
mov edx, [ebx + ctx_sha1.msglen_1]
shld edx, eax, 3
shl eax, 3
bswap eax
bswap edx
mov dword[edi], edx
mov dword[edi+4], eax
lea esi, [ebx + ctx_sha1.block]
lea eax, [ebx + ctx_sha1.hash]
stdcall sha1._.block, eax
mov ebx, [_ctx]
lea eax, [ebx + ctx_sha1.hash]
stdcall sha1._.postprocess, ebx, eax
ret
endp
proc sha1._.postprocess _ctx, _hash
mov ecx, 5
mov esi, [_hash]
mov edi, esi
@@:
lodsd
bswap eax
stosd
dec ecx
jnz @b
ret
endp
proc sha1.oneshot _ctx, _data, _len
stdcall sha1.init, [_ctx]
stdcall sha1.update, [_ctx], [_data], [_len]
stdcall sha1.finish, [_ctx]
ret
endp
iglobal
align SHA1_ALIGN
sha1._.hash_init dd 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0
endg

/programs/develop/libraries/libcrash/hash/sha2_224_256.asm
0,0 → 1,436
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
SHA2_224256_BLOCK_SIZE = 64
SHA2_224_BLOCK_SIZE = SHA2_224256_BLOCK_SIZE
SHA2_256_BLOCK_SIZE = SHA2_224256_BLOCK_SIZE
SHA2_224256_INIT_SIZE = 32
SHA2_224256_ALIGN = 4
SHA2_224256_ALIGN_MASK = SHA2_224256_ALIGN - 1
struct ctx_sha2_224256
hash rb SHA2_224256_INIT_SIZE
block rb SHA2_224256_BLOCK_SIZE
index rd 1
msglen_0 rd 1
msglen_1 rd 1
ends
assert sizeof.ctx_sha2_224256 <= LIBCRASH_CTX_LEN
macro sha2_224256._.chn x, y, z
{
mov eax, [y]
xor eax, [z]
and eax, [x]
xor eax, [z]
}
macro sha2_224256._.maj x, y, z
{
mov eax, [x]
xor eax, [y]
and eax, [z]
mov ecx, [x]
and ecx, [y]
xor eax, ecx
}
macro sha2_224256._.Sigma0 x
{
mov eax, x
mov ecx, eax
ror ecx, 2
ror eax, 13
xor eax, ecx
mov ecx, x
ror ecx, 22
xor eax, ecx
}
macro sha2_224256._.Sigma1 x
{
mov eax, x
mov ecx, eax
ror ecx, 6
ror eax, 11
xor eax, ecx
mov ecx, x
ror ecx, 25
xor eax, ecx
}
macro sha2_224256._.sigma0 x
{
mov eax, x
mov ecx, eax
ror ecx, 7
ror eax, 18
xor eax, ecx
mov ecx, x
shr ecx, 3
xor eax, ecx
}
macro sha2_224256._.sigma1 x
{
mov eax, x
mov ecx, eax
ror ecx, 17
ror eax, 19
xor eax, ecx
mov ecx, x
shr ecx, 10
xor eax, ecx
}
macro sha2_224256._.recalculate_w n
{
mov edx, [w + ((n-2) and 15)*4]
sha2_224256._.sigma1 edx
add eax, [w + ((n-7) and 15)*4]
push eax
mov edx, [w + ((n-15) and 15)*4]
sha2_224256._.sigma0 edx
pop ecx
add eax, ecx
add [w + (n)*4], eax
}
macro sha2_224256._.round a, b, c, d, e, f, g, h, k
{
mov ebx, [h]
mov edx, [e]
sha2_224256._.Sigma1 edx
add ebx, eax
sha2_224256._.chn e, f, g
add ebx, eax
add ebx, [k]
add ebx, edi
add [d], ebx
mov edx, [a]
sha2_224256._.Sigma0 edx
add ebx, eax
sha2_224256._.maj a, b, c
add eax, ebx
mov [h], eax
}
macro sha2_224256._.round_1_16 a, b, c, d, e, f, g, h, n
{
mov eax, [esi + (n)*4]
bswap eax
mov dword[w + (n)*4], eax
mov edi, eax
sha2_224256._.round a, b, c, d, e, f, g, h, (sha2_256_table + (n)*4)
}
macro sha2_224256._.round_17_64 a, b, c, d, e, f, g, h, n, rep_num
{
sha2_224256._.recalculate_w n
mov edi, [w + (n)*4]
sha2_224256._.round a, b, c, d, e, f, g, h, (sha2_256_table + (n+16*rep_num)*4)
}
proc sha2_224.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_224256.hash]
mov esi, sha2_224._.hash_init
mov ecx, SHA2_224256_INIT_SIZE/4
rep movsd
xor eax, eax
mov [ebx + ctx_sha2_224256.index], eax
mov [ebx + ctx_sha2_224256.msglen_0], eax
mov [ebx + ctx_sha2_224256.msglen_1], eax
ret
endp
proc sha2_256.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_224256.hash]
mov esi, sha2_256._.hash_init
mov ecx, SHA2_224256_INIT_SIZE/4
rep movsd
xor eax, eax
mov [ebx + ctx_sha2_224256.index], eax
mov [ebx + ctx_sha2_224256.msglen_0], eax
mov [ebx + ctx_sha2_224256.msglen_1], eax
ret
endp
proc sha2_224256._.block _hash
locals
w rd 64
A rd 1
B rd 1
C rd 1
D rd 1
E rd 1
F rd 1
G rd 1
H rd 1
endl
mov edi, [_hash]
mov eax, [edi + 0x00]
mov [A], eax
mov eax, [edi + 0x04]
mov [B], eax
mov eax, [edi + 0x08]
mov [C], eax
mov eax, [edi + 0x0c]
mov [D], eax
mov eax, [edi + 0x10]
mov [E], eax
mov eax, [edi + 0x14]
mov [F], eax
mov eax, [edi + 0x18]
mov [G], eax
mov eax, [edi + 0x1c]
mov [H], eax
sha2_224256._.round_1_16 A, B, C, D, E, F, G, H, 0
sha2_224256._.round_1_16 H, A, B, C, D, E, F, G, 1
sha2_224256._.round_1_16 G, H, A, B, C, D, E, F, 2
sha2_224256._.round_1_16 F, G, H, A, B, C, D, E, 3
sha2_224256._.round_1_16 E, F, G, H, A, B, C, D, 4
sha2_224256._.round_1_16 D, E, F, G, H, A, B, C, 5
sha2_224256._.round_1_16 C, D, E, F, G, H, A, B, 6
sha2_224256._.round_1_16 B, C, D, E, F, G, H, A, 7
sha2_224256._.round_1_16 A, B, C, D, E, F, G, H, 8
sha2_224256._.round_1_16 H, A, B, C, D, E, F, G, 9
sha2_224256._.round_1_16 G, H, A, B, C, D, E, F, 10
sha2_224256._.round_1_16 F, G, H, A, B, C, D, E, 11
sha2_224256._.round_1_16 E, F, G, H, A, B, C, D, 12
sha2_224256._.round_1_16 D, E, F, G, H, A, B, C, 13
sha2_224256._.round_1_16 C, D, E, F, G, H, A, B, 14
sha2_224256._.round_1_16 B, C, D, E, F, G, H, A, 15
repeat 3
sha2_224256._.round_17_64 A, B, C, D, E, F, G, H, 0, %
sha2_224256._.round_17_64 H, A, B, C, D, E, F, G, 1, %
sha2_224256._.round_17_64 G, H, A, B, C, D, E, F, 2, %
sha2_224256._.round_17_64 F, G, H, A, B, C, D, E, 3, %
sha2_224256._.round_17_64 E, F, G, H, A, B, C, D, 4, %
sha2_224256._.round_17_64 D, E, F, G, H, A, B, C, 5, %
sha2_224256._.round_17_64 C, D, E, F, G, H, A, B, 6, %
sha2_224256._.round_17_64 B, C, D, E, F, G, H, A, 7, %
sha2_224256._.round_17_64 A, B, C, D, E, F, G, H, 8, %
sha2_224256._.round_17_64 H, A, B, C, D, E, F, G, 9, %
sha2_224256._.round_17_64 G, H, A, B, C, D, E, F, 10, %
sha2_224256._.round_17_64 F, G, H, A, B, C, D, E, 11, %
sha2_224256._.round_17_64 E, F, G, H, A, B, C, D, 12, %
sha2_224256._.round_17_64 D, E, F, G, H, A, B, C, 13, %
sha2_224256._.round_17_64 C, D, E, F, G, H, A, B, 14, %
sha2_224256._.round_17_64 B, C, D, E, F, G, H, A, 15, %
end repeat
mov edi, [_hash]
mov eax, [A]
add [edi + 0x00], eax
mov eax, [B]
add [edi + 0x04], eax
mov eax, [C]
add [edi + 0x08], eax
mov eax, [D]
add [edi + 0x0c], eax
mov eax, [E]
add [edi + 0x10], eax
mov eax, [F]
add [edi + 0x14], eax
mov eax, [G]
add [edi + 0x18], eax
mov eax, [H]
add [edi + 0x1c], eax
ret
endp
sha2_224.update = sha2_224256.update
sha2_256.update = sha2_224256.update
proc sha2_224256.update uses ebx esi edi, _ctx, _msg, _size
mov ebx, [_ctx]
mov ecx, [_size]
add [ebx + ctx_sha2_224256.msglen_0], ecx
adc [ebx + ctx_sha2_224256.msglen_1], 0
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx + ctx_sha2_224256.index]
and eax, SHA2_224256_BLOCK_SIZE-1
jnz .copy_to_buf
test esi, SHA2_224256_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, hash it in place without copying
mov ebx, [_ctx]
cmp [_size], SHA2_224256_BLOCK_SIZE
jb .copy_quit
lea eax, [ebx + ctx_sha2_224256.hash]
stdcall sha2_224256._.block, eax
sub [_size], SHA2_224256_BLOCK_SIZE
add esi, SHA2_224256_BLOCK_SIZE ; FIXME
jmp .no_copy
.copy_to_buf:
lea edi, [ebx + ctx_sha2_224256.block]
add edi, eax
mov ecx, SHA2_224256_BLOCK_SIZE
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx + ctx_sha2_224256.index], ecx
rep movsb
lea eax, [ebx + ctx_sha2_224256.hash]
lea esi, [ebx + ctx_sha2_224256.block]
stdcall sha2_224256._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_224256.block]
mov eax, [ebx + ctx_sha2_224256.index]
and eax, SHA2_224256_BLOCK_SIZE-1
add edi, eax
mov ecx, [_size]
add [ebx + ctx_sha2_224256.index], ecx
rep movsb
.quit:
ret
endp
sha2_224.finish = sha2_224256.finish
sha2_256.finish = sha2_224256.finish
proc sha2_224256.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_224256.block]
mov ecx, [ebx + ctx_sha2_224256.msglen_0]
and ecx, SHA2_224256_BLOCK_SIZE-1
add edi, ecx
mov byte[edi], 0x80
inc edi
neg ecx
add ecx, SHA2_224256_BLOCK_SIZE
cmp ecx, 8
ja .last
dec ecx
xor eax, eax
rep stosb
lea esi, [ebx + ctx_sha2_224256.block]
lea eax, [ebx + ctx_sha2_224256.hash]
stdcall sha2_224256._.block, eax
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_224256.block]
mov ecx, SHA2_224256_BLOCK_SIZE+1
.last:
dec ecx
sub ecx, 8
xor eax, eax
rep stosb
mov eax, [ebx + ctx_sha2_224256.msglen_0]
mov edx, [ebx + ctx_sha2_224256.msglen_1]
shld edx, eax, 3
shl eax, 3
bswap eax
bswap edx
mov dword[edi], edx
mov dword[edi+4], eax
lea esi, [ebx + ctx_sha2_224256.block]
lea eax, [ebx + ctx_sha2_224256.hash]
stdcall sha2_224256._.block, eax
mov ebx, [_ctx]
lea eax, [ebx + ctx_sha2_224256.hash]
stdcall sha2_224256._.postprocess, ebx, eax
ret
endp
proc sha2_224256._.postprocess _ctx, _hash
mov ecx, 8
mov esi, [_hash]
mov edi, esi
@@:
lodsd
bswap eax
stosd
dec ecx
jnz @b
ret
endp
proc sha2_224.oneshot _ctx, _data, _len
stdcall sha2_224.init, [_ctx]
stdcall sha2_224.update, [_ctx], [_data], [_len]
stdcall sha2_224.finish, [_ctx]
ret
endp
proc sha2_256.oneshot _ctx, _data, _len
stdcall sha2_256.init, [_ctx]
stdcall sha2_256.update, [_ctx], [_data], [_len]
stdcall sha2_256.finish, [_ctx]
ret
endp
iglobal
align SHA2_224256_ALIGN
sha2_224._.hash_init dd 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,\
0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
sha2_256._.hash_init dd 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,\
0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
sha2_256_table dd 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,\
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,\
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,\
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,\
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,\
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,\
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,\
0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,\
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,\
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,\
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,\
0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,\
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,\
0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,\
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,\
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
endg

/programs/develop/libraries/libcrash/hash/sha2_384_512.asm
0,0 → 1,562
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
SHA2_384512_BLOCK_SIZE = 128
SHA2_384_BLOCK_SIZE = SHA2_384512_BLOCK_SIZE
SHA2_512_BLOCK_SIZE = SHA2_384512_BLOCK_SIZE
SHA2_384512_INIT_SIZE = 64
SHA2_384512_ALIGN = 16
SHA2_384512_ALIGN_MASK = SHA2_384512_ALIGN - 1
struct ctx_sha2_384512
hash rb SHA2_384512_INIT_SIZE
block rb SHA2_384512_BLOCK_SIZE
index rd 1
msglen_0 rd 1
msglen_1 rd 1
msglen_2 rd 1
msglen_3 rd 1
rd 3 ; align
; tmp vars
w rq 80
A rq 1
B rq 1
C rq 1
D rq 1
E rq 1
F rq 1
G rq 1
H rq 1
temp rq 1
ends
assert sizeof.ctx_sha2_384512 <= LIBCRASH_CTX_LEN
macro sha2_384512._.chn x, y, z
{
movq mm0, [y]
pxor mm0, [z]
pand mm0, [x]
pxor mm0, [z]
}
macro sha2_384512._.maj x, y, z
{
movq mm0, [x]
pxor mm0, [y]
pand mm0, [z]
movq mm2, [x]
pand mm2, [y]
pxor mm0, mm2
}
macro sha2_384512._.Sigma0 x
{
movq mm0, x
movq mm2, mm0
movq mm7, mm2
psrlq mm2, 28
psllq mm7, 36
por mm2, mm7
movq mm7, mm0
psrlq mm0, 34
psllq mm7, 30
por mm0, mm7
pxor mm0, mm2
movq mm2, x
movq mm7, mm2
psrlq mm2, 39
psllq mm7, 25
por mm2, mm7
pxor mm0, mm2
}
macro sha2_384512._.Sigma1 x
{
movq mm0, x
movq mm2, mm0
movq mm7, mm2
psrlq mm2, 14
psllq mm7, 50
por mm2, mm7
movq mm7, mm0
psrlq mm0, 18
psllq mm7, 46
por mm0, mm7
pxor mm0, mm2
movq mm2, x
movq mm7, mm2
psrlq mm2, 41
psllq mm7, 23
por mm2, mm7
pxor mm0, mm2
}
macro sha2_384512._.sigma0 x
{
movq mm0, x
movq mm2, mm0
movq mm7, mm2
psrlq mm2, 1
psllq mm7, 63
por mm2, mm7
movq mm7, mm0
psrlq mm0, 8
psllq mm7, 56
por mm0, mm7
pxor mm0, mm2
movq mm2, x
psrlq mm2, 7
pxor mm0, mm2
}
macro sha2_384512._.sigma1 x
{
movq mm0, x
movq mm2, mm0
movq mm7, mm2
psrlq mm2, 19
psllq mm7, 45
por mm2, mm7
movq mm7, mm0
psrlq mm0, 61
psllq mm7, 3
por mm0, mm7
pxor mm0, mm2
movq mm2, x
psrlq mm2, 6
pxor mm0, mm2
}
macro sha2_384512._.recalculate_w n
{
movq mm3, [w + ((n-2) and 15)*8]
sha2_384512._.sigma1 mm3
paddq mm0, [w + ((n-7) and 15)*8]
movq mm6, mm0
movq mm3, [w + ((n-15) and 15)*8]
sha2_384512._.sigma0 mm3
movq mm2, mm6
paddq mm0, mm2
movq mm7, [w + (n)*8]
paddq mm7, mm0
movq [w + (n)*8], mm7
}
macro sha2_384512._.round a, b, c, d, e, f, g, h, k
{
movq mm1, [h]
movq mm3, [e]
sha2_384512._.Sigma1 mm3
paddq mm1, mm0
sha2_384512._.chn e, f, g
paddq mm1, mm0
paddq mm1, [k]
paddq mm1, mm5
movq mm7, [d]
paddq mm7, mm1
movq [d], mm7
movq mm3, [a]
sha2_384512._.Sigma0 mm3
paddq mm1, mm0
sha2_384512._.maj a, b, c
paddq mm0, mm1
movq [h], mm0
}
macro sha2_384512._.round_1_16 a, b, c, d, e, f, g, h, n
{
movq mm0, [esi + (n)*8]
movq [temp], mm0
mov eax, dword[temp]
bswap eax
push eax
mov eax, dword[temp + 4]
bswap eax
mov dword[temp], eax
pop eax
mov dword[temp + 4], eax
movq mm0, [temp]
movq [w + (n)*8], mm0
movq mm5, mm0
sha2_384512._.round a, b, c, d, e, f, g, h, (sha2_384512._.table + (n)*8)
}
macro sha2_384512._.round_17_64 a, b, c, d, e, f, g, h, n, rep_num
{
sha2_384512._.recalculate_w n
movq mm5, [w + (n)*8]
sha2_384512._.round a, b, c, d, e, f, g, h, (sha2_384512._.table + (n+16*rep_num)*8)
}
proc sha2_384.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_384512.hash]
mov esi, sha2_384._.hash_init
mov ecx, SHA2_384512_INIT_SIZE/4
rep movsd
xor eax, eax
mov [ebx + ctx_sha2_384512.index], eax
mov [ebx + ctx_sha2_384512.msglen_0], eax
mov [ebx + ctx_sha2_384512.msglen_1], eax
mov [ebx + ctx_sha2_384512.msglen_2], eax
mov [ebx + ctx_sha2_384512.msglen_3], eax
ret
endp
proc sha2_512.init uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_384512.hash]
mov esi, sha2_512._.hash_init
mov ecx, SHA2_384512_INIT_SIZE/4
rep movsd
xor eax, eax
mov [ebx + ctx_sha2_384512.index], eax
mov [ebx + ctx_sha2_384512.msglen_0], eax
mov [ebx + ctx_sha2_384512.msglen_1], eax
mov [ebx + ctx_sha2_384512.msglen_2], eax
mov [ebx + ctx_sha2_384512.msglen_3], eax
ret
endp
proc sha2_384512._.block _hash
;locals
; w rq 80
; A rq 1
; B rq 1
; C rq 1
; D rq 1
; E rq 1
; F rq 1
; G rq 1
; H rq 1
; temp rq 1
;endl
w equ ebx + ctx_sha2_384512.w
A equ ebx + ctx_sha2_384512.A
B equ ebx + ctx_sha2_384512.B
C equ ebx + ctx_sha2_384512.C
D equ ebx + ctx_sha2_384512.D
E equ ebx + ctx_sha2_384512.E
F equ ebx + ctx_sha2_384512.F
G equ ebx + ctx_sha2_384512.G
H equ ebx + ctx_sha2_384512.H
temp equ ebx + ctx_sha2_384512.temp
mov edi, [_hash]
movq mm0, [edi + 0x00]
movq [A], mm0
movq mm0, [edi + 0x08]
movq [B], mm0
movq mm0, [edi + 0x10]
movq [C], mm0
movq mm0, [edi + 0x18]
movq [D], mm0
movq mm0, [edi + 0x20]
movq [E], mm0
movq mm0, [edi + 0x28]
movq [F], mm0
movq mm0, [edi + 0x30]
movq [G], mm0
movq mm0, [edi + 0x38]
movq [H], mm0
sha2_384512._.round_1_16 A, B, C, D, E, F, G, H, 0
sha2_384512._.round_1_16 H, A, B, C, D, E, F, G, 1
sha2_384512._.round_1_16 G, H, A, B, C, D, E, F, 2
sha2_384512._.round_1_16 F, G, H, A, B, C, D, E, 3
sha2_384512._.round_1_16 E, F, G, H, A, B, C, D, 4
sha2_384512._.round_1_16 D, E, F, G, H, A, B, C, 5
sha2_384512._.round_1_16 C, D, E, F, G, H, A, B, 6
sha2_384512._.round_1_16 B, C, D, E, F, G, H, A, 7
sha2_384512._.round_1_16 A, B, C, D, E, F, G, H, 8
sha2_384512._.round_1_16 H, A, B, C, D, E, F, G, 9
sha2_384512._.round_1_16 G, H, A, B, C, D, E, F, 10
sha2_384512._.round_1_16 F, G, H, A, B, C, D, E, 11
sha2_384512._.round_1_16 E, F, G, H, A, B, C, D, 12
sha2_384512._.round_1_16 D, E, F, G, H, A, B, C, 13
sha2_384512._.round_1_16 C, D, E, F, G, H, A, B, 14
sha2_384512._.round_1_16 B, C, D, E, F, G, H, A, 15
repeat 4
sha2_384512._.round_17_64 A, B, C, D, E, F, G, H, 0, %
sha2_384512._.round_17_64 H, A, B, C, D, E, F, G, 1, %
sha2_384512._.round_17_64 G, H, A, B, C, D, E, F, 2, %
sha2_384512._.round_17_64 F, G, H, A, B, C, D, E, 3, %
sha2_384512._.round_17_64 E, F, G, H, A, B, C, D, 4, %
sha2_384512._.round_17_64 D, E, F, G, H, A, B, C, 5, %
sha2_384512._.round_17_64 C, D, E, F, G, H, A, B, 6, %
sha2_384512._.round_17_64 B, C, D, E, F, G, H, A, 7, %
sha2_384512._.round_17_64 A, B, C, D, E, F, G, H, 8, %
sha2_384512._.round_17_64 H, A, B, C, D, E, F, G, 9, %
sha2_384512._.round_17_64 G, H, A, B, C, D, E, F, 10, %
sha2_384512._.round_17_64 F, G, H, A, B, C, D, E, 11, %
sha2_384512._.round_17_64 E, F, G, H, A, B, C, D, 12, %
sha2_384512._.round_17_64 D, E, F, G, H, A, B, C, 13, %
sha2_384512._.round_17_64 C, D, E, F, G, H, A, B, 14, %
sha2_384512._.round_17_64 B, C, D, E, F, G, H, A, 15, %
end repeat
mov edi, [_hash]
movq mm0, [A]
paddq mm0, [edi + 0x00]
movq [edi + 0x00], mm0
movq mm0, [B]
paddq mm0, [edi + 0x08]
movq [edi + 0x08], mm0
movq mm0, [C]
paddq mm0, [edi + 0x10]
movq [edi + 0x10], mm0
movq mm0, [D]
paddq mm0, [edi + 0x18]
movq [edi + 0x18], mm0
movq mm0, [E]
paddq mm0, [edi + 0x20]
movq [edi + 0x20], mm0
movq mm0, [F]
paddq mm0, [edi + 0x28]
movq [edi + 0x28], mm0
movq mm0, [G]
paddq mm0, [edi + 0x30]
movq [edi + 0x30], mm0
movq mm0, [H]
paddq mm0, [edi + 0x38]
movq [edi + 0x38], mm0
ret
restore w,A,B,C,D,E,F,G,H,temp
endp
sha2_384.update = sha2_384512.update
sha2_512.update = sha2_384512.update
proc sha2_384512.update uses ebx esi edi, _ctx, _msg, _size
mov ebx, [_ctx]
mov ecx, [_size]
add [ebx + ctx_sha2_384512.msglen_0], ecx
adc [ebx + ctx_sha2_384512.msglen_1], 0
adc [ebx + ctx_sha2_384512.msglen_2], 0
adc [ebx + ctx_sha2_384512.msglen_3], 0
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx + ctx_sha2_384512.index]
and eax, SHA2_384512_BLOCK_SIZE-1
jnz .copy_to_buf
test esi, SHA2_384512_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, hash it in place without copying
mov ebx, [_ctx]
cmp [_size], SHA2_384512_BLOCK_SIZE
jb .copy_quit
lea eax, [ebx + ctx_sha2_384512.hash]
stdcall sha2_384512._.block, eax
sub [_size], SHA2_384512_BLOCK_SIZE
add esi, SHA2_384512_BLOCK_SIZE ; FIXME
jmp .no_copy
.copy_to_buf:
lea edi, [ebx + ctx_sha2_384512.block]
add edi, eax
mov ecx, SHA2_384512_BLOCK_SIZE
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx + ctx_sha2_384512.index], ecx
rep movsb
lea eax, [ebx + ctx_sha2_384512.hash]
lea esi, [ebx + ctx_sha2_384512.block]
stdcall sha2_384512._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_384512.block]
mov eax, [ebx + ctx_sha2_384512.index]
and eax, SHA2_384512_BLOCK_SIZE-1
add edi, eax
mov ecx, [_size]
add [ebx + ctx_sha2_384512.index], ecx
rep movsb
.quit:
ret
endp
sha2_384.finish = sha2_384512.finish
sha2_512.finish = sha2_384512.finish
proc sha2_384512.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_384512.block]
mov ecx, [ebx + ctx_sha2_384512.msglen_0]
and ecx, SHA2_384512_BLOCK_SIZE-1
add edi, ecx
mov byte[edi], 0x80
inc edi
neg ecx
add ecx, SHA2_384512_BLOCK_SIZE
cmp ecx, 16
ja .last
dec ecx
xor eax, eax
rep stosb
lea esi, [ebx + ctx_sha2_384512.block]
lea eax, [ebx + ctx_sha2_384512.hash]
stdcall sha2_384512._.block, eax
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha2_384512.block]
mov ecx, SHA2_384512_BLOCK_SIZE+1
.last:
dec ecx
sub ecx, 16
xor eax, eax
rep stosb
mov eax, [ebx + ctx_sha2_384512.msglen_1]
shld [ebx + ctx_sha2_384512.msglen_0], eax, 3
mov eax, [ebx + ctx_sha2_384512.msglen_2]
shld [ebx + ctx_sha2_384512.msglen_1], eax, 3
mov eax, [ebx + ctx_sha2_384512.msglen_3]
shld [ebx + ctx_sha2_384512.msglen_2], eax, 3
shl eax, 3
bswap eax
mov dword[edi + 0], eax
mov eax, [ebx + ctx_sha2_384512.msglen_2]
bswap eax
mov dword[edi + 4], eax
mov eax, [ebx + ctx_sha2_384512.msglen_1]
bswap eax
mov dword[edi + 8], eax
mov eax, [ebx + ctx_sha2_384512.msglen_0]
bswap eax
mov dword[edi + 12], eax
mov ebx, [_ctx]
lea esi, [ebx + ctx_sha2_384512.block]
lea eax, [ebx + ctx_sha2_384512.hash]
stdcall sha2_384512._.block, eax
mov ebx, [_ctx]
lea eax, [ebx + ctx_sha2_384512.hash]
stdcall sha2_384512._.postprocess, ebx, eax
ret
endp
proc sha2_384512._.postprocess _ctx, _hash
mov ecx, 8
mov esi, [_hash]
mov edi, esi
@@:
lodsd
mov ebx, eax
lodsd
bswap eax
bswap ebx
stosd
mov eax, ebx
stosd
dec ecx ; FIXME: what should I fix here?
jnz @b
emms
ret
endp
proc sha2_384.oneshot _ctx, _data, _len
stdcall sha2_384.init, [_ctx]
stdcall sha2_384.update, [_ctx], [_data], [_len]
stdcall sha2_384.finish, [_ctx]
ret
endp
proc sha2_512.oneshot _ctx, _data, _len
stdcall sha2_512.init, [_ctx]
stdcall sha2_512.update, [_ctx], [_data], [_len]
stdcall sha2_512.finish, [_ctx]
ret
endp
iglobal
align SHA2_384512_ALIGN
sha2_384._.hash_init dq 0xcbbb9d5dc1059ed8, 0x629a292a367cd507,\
0x9159015a3070dd17, 0x152fecd8f70e5939,\
0x67332667ffc00b31, 0x8eb44a8768581511,\
0xdb0c2e0d64f98fa7, 0x47b5481dbefa4fa4
sha2_512._.hash_init dq 0x6a09e667f3bcc908, 0xbb67ae8584caa73b,\
0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1,\
0x510e527fade682d1, 0x9b05688c2b3e6c1f,\
0x1f83d9abfb41bd6b, 0x5be0cd19137e2179
sha2_384512._.table dq 0x428a2f98d728ae22, 0x7137449123ef65cd,\
0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,\
0x3956c25bf348b538, 0x59f111f1b605d019,\
0x923f82a4af194f9b, 0xab1c5ed5da6d8118,\
0xd807aa98a3030242, 0x12835b0145706fbe,\
0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,\
0x72be5d74f27b896f, 0x80deb1fe3b1696b1,\
0x9bdc06a725c71235, 0xc19bf174cf692694,\
0xe49b69c19ef14ad2, 0xefbe4786384f25e3,\
0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,\
0x2de92c6f592b0275, 0x4a7484aa6ea6e483,\
0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,\
0x983e5152ee66dfab, 0xa831c66d2db43210,\
0xb00327c898fb213f, 0xbf597fc7beef0ee4,\
0xc6e00bf33da88fc2, 0xd5a79147930aa725,\
0x06ca6351e003826f, 0x142929670a0e6e70,\
0x27b70a8546d22ffc, 0x2e1b21385c26c926,\
0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,\
0x650a73548baf63de, 0x766a0abb3c77b2a8,\
0x81c2c92e47edaee6, 0x92722c851482353b,\
0xa2bfe8a14cf10364, 0xa81a664bbc423001,\
0xc24b8b70d0f89791, 0xc76c51a30654be30,\
0xd192e819d6ef5218, 0xd69906245565a910,\
0xf40e35855771202a, 0x106aa07032bbd1b8,\
0x19a4c116b8d2d0c8, 0x1e376c085141ab53,\
0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,\
0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb,\
0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,\
0x748f82ee5defb2fc, 0x78a5636f43172f60,\
0x84c87814a1f0ab72, 0x8cc702081a6439ec,\
0x90befffa23631e28, 0xa4506cebde82bde9,\
0xbef9a3f7b2c67915, 0xc67178f2e372532b,\
0xca273eceea26619c, 0xd186b8c721c0c207,\
0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,\
0x06f067aa72176fba, 0x0a637dc5a2c898a6,\
0x113f9804bef90dae, 0x1b710b35131c471b,\
0x28db77f523047d84, 0x32caab7b40c72493,\
0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,\
0x4cc5d4becb3e42b6, 0x597f299cfc657e2a,\
0x5fcb6fab3ad6faec, 0x6c44198c4a475817
endg

/programs/develop/libraries/libcrash/hash/sha3.asm
0,0 → 1,462
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2013,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
SHA3_224_BLOCK_SIZE = 144
SHA3_256_BLOCK_SIZE = 136
SHA3_384_BLOCK_SIZE = 104
SHA3_512_BLOCK_SIZE = 72
SHA3_MAX_BLOCK_SIZE = SHA3_224_BLOCK_SIZE
SHA3_INIT_SIZE = 200
SHA3_ALIGN = 16
SHA3_ALIGN_MASK = SHA3_ALIGN-1
struct ctx_sha3
hash rb SHA3_INIT_SIZE
rb SHA3_ALIGN - (SHA3_INIT_SIZE mod SHA3_ALIGN)
block rb SHA3_MAX_BLOCK_SIZE
rb SHA3_ALIGN - (SHA3_MAX_BLOCK_SIZE mod SHA3_ALIGN)
index rd 1
block_size rd 1
rounds_cnt rd 1
rd 1 ; align
; tmp vars
C rq 5
D rq 5
ends
assert sizeof.ctx_sha3 <= LIBCRASH_CTX_LEN
macro sha3._.rol_xor nd, ncl, ncr
{
movq mm0, [C + 8*(ncl)]
movq mm1, mm0
psllq mm0, 1
psrlq mm1, 63
por mm0, mm1
pxor mm0, [C + 8*(ncr)]
movq [D + 8*(nd)], mm0
}
proc sha3._.theta
;locals
; C rq 5
; D rq 5
;endl
C equ ebx + ctx_sha3.C
D equ ebx + ctx_sha3.D
repeat 5
movq mm0, [edi + 8*(%-1 + 0)]
pxor mm0, [edi + 8*(%-1 + 5)]
pxor mm0, [edi + 8*(%-1 + 10)]
pxor mm0, [edi + 8*(%-1 + 15)]
pxor mm0, [edi + 8*(%-1 + 20)]
movq [C + 8*(%-1)], mm0
end repeat
sha3._.rol_xor 0, 1, 4
sha3._.rol_xor 1, 2, 0
sha3._.rol_xor 2, 3, 1
sha3._.rol_xor 3, 4, 2
sha3._.rol_xor 4, 0, 3
repeat 5
movq mm1, [D + 8*(%-1)]
movq mm0, mm1
pxor mm0, [edi + 8*(%-1 + 0)]
movq [edi + 8*(%-1 + 0)], mm0
movq mm0, mm1
pxor mm0, [edi + 8*(%-1 + 5)]
movq [edi + 8*(%-1 + 5)], mm0
movq mm0, mm1
pxor mm0, [edi + 8*(%-1 + 10)]
movq [edi + 8*(%-1 + 10)], mm0
movq mm0, mm1
pxor mm0, [edi + 8*(%-1 + 15)]
movq [edi + 8*(%-1 + 15)], mm0
movq mm0, mm1
pxor mm0, [edi + 8*(%-1 + 20)]
movq [edi + 8*(%-1 + 20)], mm0
end repeat
restore C,D
ret
endp
proc sha3._.pi
movq mm1, [edi + 8*1]
movq mm0, [edi + 8*6]
movq [edi + 8*1], mm0
movq mm0, [edi + 8*9]
movq [edi + 8*6], mm0
movq mm0, [edi + 8*22]
movq [edi + 8*9], mm0
movq mm0, [edi + 8*14]
movq [edi + 8*22], mm0
movq mm0, [edi + 8*20]
movq [edi + 8*14], mm0
movq mm0, [edi + 8*2]
movq [edi + 8*20], mm0
movq mm0, [edi + 8*12]
movq [edi + 8*2], mm0
movq mm0, [edi + 8*13]
movq [edi + 8*12], mm0
movq mm0, [edi + 8*19]
movq [edi + 8*13], mm0
movq mm0, [edi + 8*23]
movq [edi + 8*19], mm0
movq mm0, [edi + 8*15]
movq [edi + 8*23], mm0
movq mm0, [edi + 8*4]
movq [edi + 8*15], mm0
movq mm0, [edi + 8*24]
movq [edi + 8*4], mm0
movq mm0, [edi + 8*21]
movq [edi + 8*24], mm0
movq mm0, [edi + 8*8]
movq [edi + 8*21], mm0
movq mm0, [edi + 8*16]
movq [edi + 8*8], mm0
movq mm0, [edi + 8*5]
movq [edi + 8*16], mm0
movq mm0, [edi + 8*3]
movq [edi + 8*5], mm0
movq mm0, [edi + 8*18]
movq [edi + 8*3], mm0
movq mm0, [edi + 8*17]
movq [edi + 8*18], mm0
movq mm0, [edi + 8*11]
movq [edi + 8*17], mm0
movq mm0, [edi + 8*7]
movq [edi + 8*11], mm0
movq mm0, [edi + 8*10]
movq [edi + 8*7], mm0
movq [edi + 8*10], mm1
ret
endp
proc sha3._.chi
mov eax, 0xffffffff
movd mm0, eax
movq mm2, mm0
punpckldq mm2, mm0
repeat 5
movq mm6, [edi + 8*(0 + 5*(%-1))]
movq mm7, [edi + 8*(1 + 5*(%-1))]
movq mm0, [edi + 8*(0 + 5*(%-1))]
movq mm1, mm7
pandn mm1, mm2
pand mm1, [edi + 8*(2 + 5*(%-1))]
pxor mm0, mm1
movq [edi + 8*(0 + 5*(%-1))], mm0
movq mm0, [edi + 8*(1 + 5*(%-1))]
movq mm1, [edi + 8*(2 + 5*(%-1))]
pandn mm1, mm2
pand mm1, [edi + 8*(3 + 5*(%-1))]
pxor mm0, mm1
movq [edi + 8*(1 + 5*(%-1))], mm0
movq mm0, [edi + 8*(2 + 5*(%-1))]
movq mm1, [edi + 8*(3 + 5*(%-1))]
pandn mm1, mm2
pand mm1, [edi + 8*(4 + 5*(%-1))]
pxor mm0, mm1
movq [edi + 8*(2 + 5*(%-1))], mm0
movq mm0, [edi + 8*(3 + 5*(%-1))]
movq mm1, [edi + 8*(4 + 5*(%-1))]
pandn mm1, mm2
pand mm1, mm6
pxor mm0, mm1
movq [edi + 8*(3 + 5*(%-1))], mm0
movq mm0, [edi + 8*(4 + 5*(%-1))]
movq mm1, mm6
pandn mm1, mm2
pand mm1, mm7
pxor mm0, mm1
movq [edi + 8*(4 + 5*(%-1))], mm0
end repeat
ret
endp
macro sha3._.rol_mov n, c
{
movq mm0, [edi + 8*(n)]
movq mm1, mm0
psllq mm0, (c)
psrlq mm1, (64-(c))
por mm0, mm1
movq [edi + 8*(n)], mm0
}
proc sha3._.permutation
repeat 24
stdcall sha3._.theta
sha3._.rol_mov 1, 1
sha3._.rol_mov 2, 62
sha3._.rol_mov 3, 28
sha3._.rol_mov 4, 27
sha3._.rol_mov 5, 36
sha3._.rol_mov 6, 44
sha3._.rol_mov 7, 6
sha3._.rol_mov 8, 55
sha3._.rol_mov 9, 20
sha3._.rol_mov 10, 3
sha3._.rol_mov 11, 10
sha3._.rol_mov 12, 43
sha3._.rol_mov 13, 25
sha3._.rol_mov 14, 39
sha3._.rol_mov 15, 41
sha3._.rol_mov 16, 45
sha3._.rol_mov 17, 15
sha3._.rol_mov 18, 21
sha3._.rol_mov 19, 8
sha3._.rol_mov 20, 18
sha3._.rol_mov 21, 2
sha3._.rol_mov 22, 61
sha3._.rol_mov 23, 56
sha3._.rol_mov 24, 14
stdcall sha3._.pi
stdcall sha3._.chi
movq mm0, [edi + 8*(0)]
pxor mm0, [sha3._.round + 8*(%-1)]
movq [edi + 8*(0)], mm0
end repeat
ret
endp
proc sha3._.init uses edi
mov [ebx + ctx_sha3.block_size], eax
shr eax, 3
dec eax
mov [ebx + ctx_sha3.rounds_cnt], eax
xor eax, eax
lea edi, [ebx + ctx_sha3.hash]
mov ecx, SHA3_INIT_SIZE/4
rep stosd
mov [ebx + ctx_sha3.index], eax
ret
endp
proc sha3_224.init uses ebx, _ctx
mov ebx, [_ctx]
mov eax, SHA3_224_BLOCK_SIZE
stdcall sha3._.init
ret
endp
proc sha3_256.init uses ebx, _ctx
mov ebx, [_ctx]
mov eax, SHA3_256_BLOCK_SIZE
stdcall sha3._.init
ret
endp
proc sha3_384.init uses ebx, _ctx
mov ebx, [_ctx]
mov eax, SHA3_384_BLOCK_SIZE
stdcall sha3._.init
ret
endp
proc sha3_512.init uses ebx, _ctx
mov ebx, [_ctx]
mov eax, SHA3_512_BLOCK_SIZE
stdcall sha3._.init
ret
endp
proc sha3._.block _hash
mov ecx, [ebx + ctx_sha3.rounds_cnt]
mov edi, [_hash]
@@:
movq mm0, [esi + 8*ecx]
pxor mm0, [edi + 8*ecx]
movq [edi + 8*ecx], mm0
dec ecx
jns @b
stdcall sha3._.permutation
ret
endp
sha3_224.update = sha3.update
sha3_256.update = sha3.update
sha3_384.update = sha3.update
sha3_512.update = sha3.update
proc sha3.update uses ebx esi edi, _ctx, _msg, _size
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx + ctx_sha3.index]
test eax, eax
jnz .copy_to_buf
test esi, SHA3_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, hash it in place without copying
mov ebx, [_ctx]
mov eax, [ebx + ctx_sha3.block_size]
cmp [_size], eax
jb .copy_quit
lea eax, [ebx + ctx_sha3.hash]
push ebx esi
stdcall sha3._.block, eax
pop esi ebx
mov eax, [ebx + ctx_sha3.block_size]
sub [_size], eax
add esi, [ebx + ctx_sha3.block_size]
jmp .no_copy
.copy_to_buf:
lea edi, [ebx + ctx_sha3.block]
add edi, eax
mov ecx, [ebx + ctx_sha3.block_size]
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx + ctx_sha3.index], ecx
mov eax, [ebx + ctx_sha3.block_size]
cmp [ebx + ctx_sha3.index], eax
jb @f
sub [ebx + ctx_sha3.index], eax
@@:
rep movsb
lea eax, [ebx + ctx_sha3.hash]
lea esi, [ebx + ctx_sha3.block]
stdcall sha3._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx + ctx_sha3.block]
mov eax, [ebx + ctx_sha3.index]
add edi, eax
mov ecx, [_size]
add [ebx + ctx_sha3.index], ecx
rep movsb
.quit:
ret
endp
sha3_224.finish = sha3.finish
sha3_256.finish = sha3.finish
sha3_384.finish = sha3.finish
sha3_512.finish = sha3.finish
proc sha3.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
mov eax, [ebx + ctx_sha3.index]
mov ecx, [ebx + ctx_sha3.block_size]
sub ecx, eax
lea edi, [ebx+ctx_sha3.block]
add edi, eax
mov byte[edi], 0x06
inc edi
dec ecx
xor eax, eax
rep stosb
or byte[edi - 1], 0x80
mov ebx, [_ctx]
lea esi, [ebx + ctx_sha3.block]
lea eax, [ebx + ctx_sha3.hash]
stdcall sha3._.block, eax
mov ebx, [_ctx]
lea eax, [ebx + ctx_sha3.hash]
stdcall sha3._.postprocess, ebx, eax
ret
endp
proc sha3._.postprocess _ctx, _hash
emms
ret
endp
proc sha3_224.oneshot _ctx, _data, _len
stdcall sha3_224.init, [_ctx]
stdcall sha3.update, [_ctx], [_data], [_len]
stdcall sha3.finish, [_ctx]
ret
endp
proc sha3_256.oneshot _ctx, _data, _len
stdcall sha3_256.init, [_ctx]
stdcall sha3.update, [_ctx], [_data], [_len]
stdcall sha3.finish, [_ctx]
ret
endp
proc sha3_384.oneshot _ctx, _data, _len
stdcall sha3_384.init, [_ctx]
stdcall sha3.update, [_ctx], [_data], [_len]
stdcall sha3.finish, [_ctx]
ret
endp
proc sha3_512.oneshot _ctx, _data, _len
stdcall sha3_512.init, [_ctx]
stdcall sha3.update, [_ctx], [_data], [_len]
stdcall sha3.finish, [_ctx]
ret
endp
iglobal
align SHA3_ALIGN
sha3._.round dq 0x0000000000000001, 0x0000000000008082, 0x800000000000808A,\
0x8000000080008000, 0x000000000000808B, 0x0000000080000001,\
0x8000000080008081, 0x8000000000008009, 0x000000000000008A,\
0x0000000000000088, 0x0000000080008009, 0x000000008000000A,\
0x000000008000808B, 0x800000000000008B, 0x8000000000008089,\
0x8000000000008003, 0x8000000000008002, 0x8000000000000080,\
0x000000000000800A, 0x800000008000000A, 0x8000000080008081,\
0x8000000000008080, 0x0000000080000001, 0x8000000080008008
endg

/programs/develop/libraries/libcrash/libcrash.asm
0,0 → 1,468
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2014,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
format MS COFF
public @EXPORT as 'EXPORTS'
include 'proc32.inc'
include 'struct.inc'
include 'macros.inc'
include 'kglobals.inc'
purge section,mov,add,sub
section '.flat' code readable align 16
include 'libcrash.inc'
include 'hash/crc32.asm'
include 'hash/md5.asm'
include 'hash/sha1.asm'
include 'hash/sha2_224_256.asm'
include 'hash/sha2_384_512.asm'
include 'hash/sha3.asm'
include 'mac/poly1305.asm'
include 'mac/hmac.asm'
include 'cipher/chacha20.asm'
include 'cipher/mode/ctr.asm'
include 'cipher/mode/cbc.asm'
include 'cipher/aes.asm'
include 'cipher/aes_ctr.asm'
include 'cipher/aes_cbc.asm'
LIBCRASH_BUF_SIZE = 0x1000
struct hash_item
init dd ?
update dd ?
finish dd ?
oneshot dd ?
ctx_size dd ?
out_size dd ?
ends
struct mac_item
init dd ?
update dd ?
finish dd ?
oneshot dd ?
ctx_size dd ?
out_size dd ?
ends
struct cipher_item ; FIXME merge *_item, why not
init dd ?
update dd ?
finish dd ?
oneshot dd ?
ctx_size dd ?
dd ? ; placeholder for out_size
ends
; Initialize the library.
; This must be the first called function of the library.
; Parameters:
; eax = function pointer to allocate memory:
; stdcall void *alloc(size_t size)
; ebx = function pointer to free memory:
; stdcall void free(void *ptr)
; Return value: none
proc crash.init
mov [mem.alloc], eax
mov [mem.free], ebx
ret
endp
; Hash data read by a callback read function.
; The function calls the read callback until it returns 0, and hashes the read
; data with the specified algorithm. The result is written to the specified
; buffer in binary format.
; Parameters:
; [_id] = ID of a hash function to use.
; [_clbk_read] = function pointer to read data:
; stdcall ssize_t clbk_read(void *user, void *buf, size_t size)
; [_user] = pointer to user-specified data passed to the read callback as is.
; [_out] = buffer pointer where a hash value is to be written to.
; Return value:
; binary hash value in [_out] buffer.
proc crash.hash uses ebx esi edi, _id, _clbk_read, _user, _out
locals
.ctx dd ?
.buf dd ?
endl
; alloc buf
mov eax, [io_buf_size]
add eax, LIBCRASH_MAX_PAD_LEN
stdcall [mem.alloc], eax
test eax, eax
jz .quit
mov [.buf], eax
; alloc ctx
mov eax, [_id]
imul eax, sizeof.hash_item
lea ebx, [crash._.hash_table+eax]
stdcall [mem.alloc], [ebx+hash_item.ctx_size]
test eax, eax
jz .quit_free_buf
mov [.ctx], eax
stdcall [ebx+hash_item.init], [.ctx]
.update:
stdcall [_clbk_read], [_user], [.buf], [io_buf_size]
test eax, eax
jz .finish
stdcall [ebx+hash_item.update], [.ctx], [.buf], eax
jmp .update
.finish:
stdcall [ebx+hash_item.finish], [.ctx]
mov esi, [.ctx]
mov edi, [_out]
mov ecx, [ebx+hash_item.out_size]
rep movsd
.quit_free_buf_ctx:
stdcall [mem.free], [.ctx]
.quit_free_buf:
stdcall [mem.free], [.buf]
.quit:
ret
endp
; Calculate MAC of data read by a callback read function.
; The function calls the read callback until it returns 0, and calculates a MAC
; using a specified algorithm and a key. The result is written to the specified
; buffer.
; Parameters:
; [_id] = ID of a MAC function to use.
; [_key] = key pointer, no NULL terminator is needed
; [_key_len] = length of the [_key] data, in bytes
; [_clbk_read] = function pointer to read data:
; stdcall ssize_t clbk_read(void *user, void *buf, size_t size)
; [_user] = pointer to user-specified data passed to the read callback as is.
; [_out] = buffer pointer where a MAC value is to be written to.
; Return value:
; Binary MAC value in [_out] buffer.
proc crash.mac uses ebx esi edi, _id, _key, _key_len, _clbk_read, _user, _out
locals
.ctx dd ?
.buf dd ?
endl
; alloc buf
mov eax, [io_buf_size]
add eax, LIBCRASH_MAX_PAD_LEN
stdcall [mem.alloc], eax
test eax, eax
jz .quit
mov [.buf], eax
; alloc ctx
mov eax, [_id]
imul eax, sizeof.mac_item
lea ebx, [crash._.mac_table+eax]
stdcall [mem.alloc], [ebx+mac_item.ctx_size]
test eax, eax
jz .quit_free_buf
mov [.ctx], eax
stdcall [ebx+mac_item.init], [.ctx], [_key], [_key_len]
.update:
stdcall [_clbk_read], [_user], [.buf], [io_buf_size]
test eax, eax
jz .finish
stdcall [ebx+mac_item.update], [.ctx], [.buf], eax
jmp .update
.finish:
stdcall [ebx+mac_item.finish], [.ctx]
mov esi, [.ctx]
mov edi, [_out]
mov ecx, [ebx+mac_item.out_size]
rep movsd
.quit_free_buf_ctx:
stdcall [mem.free], [.ctx]
.quit_free_buf:
stdcall [mem.free], [.buf]
.quit:
ret
endp
; Encrypt or decrypt data read by a callback read function.
; The function calls the read callback until it returns 0, and encrypts or
; decrypts the data using a specified algorithm, a key and an input vector.
; The result is passed to the write callback function.
; * The maximum difference in input/output data lengths is LIBCRASH_MAX_PAD_LEN.
; * The input and output buffers can sometimes be the same buffer depending on
; the cipher. If unsure, use different buffers.
; Parameters:
; [_id] = ID of a MAC function to use.
; [_flags] = see LIBCRASH_CIPHER_* in libcrash.inc
; [_key] = key pointer, NULL terminated
; [_iv] = input vector pointer, no NULL terminator is needed
; [_clbk_read] = function pointer to read data:
; stdcall ssize_t clbk_read(void *user, void *buf, size_t size)
; [_user_read] = pointer to user-specified data passed to the read callback.
; [_clbk_write] = function pointer to write data:
; stdcall void clbk_write(void *user, void *buf, size_t size)
; [_user_write] = pointer to user-specified data passed to the write callback.
; Return value: none
proc crash.crypt uses ebx esi edi, _id, _flags, _key, _iv, _clbk_read, \
_user_read, _clbk_write, _user_write
locals
.ctx dd ?
.buf dd ?
.buf_in dd ?
.buf_out dd ?
endl
; alloc buf
mov eax, [io_buf_size]
mov [.buf_out], eax
shl eax, 1
add eax, LIBCRASH_MAX_PAD_LEN
stdcall [mem.alloc], eax
test eax, eax
jz .quit
mov [.buf], eax
mov [.buf_in], eax
add [.buf_out], eax
; alloc ctx
mov eax, [_id]
imul eax, sizeof.cipher_item
lea ebx, [crash._.cipher_table+eax]
stdcall [mem.alloc], [ebx+cipher_item.ctx_size]
test eax, eax
jz .quit_free_buf
mov [.ctx], eax
stdcall [ebx+cipher_item.init], [.ctx], [_key], [_iv], [_flags]
.update:
stdcall [_clbk_read], [_user_read], [.buf_in], [io_buf_size]
test eax, eax
jz .finish
stdcall [ebx+cipher_item.update], [.ctx], [.buf_in], eax, [.buf_out]
stdcall [_clbk_write], [_user_write], [.buf_out], eax
jmp .update
.finish:
stdcall [ebx+cipher_item.finish], [.ctx], [.buf_out]
stdcall [_clbk_write], [_user_write], [.buf_out], eax
.quit_free_buf_ctx:
stdcall [mem.free], [.ctx]
.quit_free_buf:
stdcall [mem.free], [.buf]
.quit:
ret
endp
; These crash.*_oneshot functions below are wrappers to <hash_name>.oneshot,
; <mac_name>.oneshot and <cipher_name>.oneshot functions. The functions pop
; [_id] argument from the stack and jump to the oneshot function of the
; corresponding algorithm with all the other arguments in place.
; You can also call <hash_name/mac_name/cipher_name>.oneshot functions directly.
; Hash data in a buffer.
; The function hashes data in the specified buffer with the specified algorithm.
; The result is written to the very beginning of the specified context buffer in
; binary format.
; Parameters:
; [_id] = ID of a hash function to use.
; [_ctx] = buffer pointer for internal use, LIBCRASH_CTX_LEN bytes is enough.
; [_in] = pointer to input data
; [_len] = length of input data
; Return value:
; binary hash value in [_ctx] buffer.
crash.hash_oneshot: ; _id, _ctx, _in, _len
pop eax
xchg eax, [esp]
imul eax, sizeof.hash_item
lea eax, [crash._.hash_table+eax]
jmp [eax+hash_item.oneshot]
; Calculate MAC of data in the buffer.
; The function calculates a MAC of data in the specified buffer with the
; specified algorithm and key. The result is written to the very beginning of
; the specified context buffer in binary format.
; Parameters:
; [_id] = ID of a hash function to use.
; [_ctx] = buffer pointer for internal use, LIBCRASH_CTX_LEN bytes is enough.
; [_in] = pointer to input data
; [_len] = length of input data
; [_key] = key pointer, no NULL terminator is needed
; [_key_len] = length of the [_key] data, in bytes
; Return value:
; binary MAC value in [_ctx] buffer.
crash.mac_oneshot: ; _id, _ctx, _in, _len, _key, _key_len
pop eax
xchg eax, [esp]
imul eax, sizeof.mac_item
lea eax, [crash._.mac_table+eax]
jmp [eax+mac_item.oneshot]
; Encrypt or decrypt data in buffer.
; The function encrypts or decrypts data in the specified buffer using a
; specified algorithm, a key and an input vector. The result is written to
; another specified buffer.
; * The input and output buffers can sometimes be the same buffer depending on
; the cipher. If unsure, use different buffers.
; * The maximum difference in input/output data lengths is LIBCRASH_MAX_PAD_LEN.
; Parameters:
; [_id] = ID of a MAC function to use.
; [_ctx] = buffer pointer for internal use, LIBCRASH_CTX_LEN bytes is enough.
; [_key] = key pointer, NULL terminated
; [_iv] = input vector pointer, no NULL terminator is needed
; [_flags] = see LIBCRASH_CIPHER_* in libcrash.inc
; [_in] = pointer to input data
; [_len] = length of input data
; [_out] = pointer to output data
; Return value: none
crash.crypt_oneshot: ; _id, _ctx, _key, _iv, _flags, _in, _len, _out
pop eax
xchg eax, [esp]
imul eax, sizeof.cipher_item
lea eax, [crash._.cipher_table+eax]
jmp [eax+cipher_item.oneshot]
section '.data' writeable align 16
mem.alloc dd ?
mem.free dd ?
io_buf_size dd LIBCRASH_BUF_SIZE
; FIXME: IDs shouldn't be indexes, should they?
align 4
crash._.hash_table dd \
crc32.init, crc32.update, crc32.finish, crc32.oneshot, \
sizeof.ctx_crc32, CRC32_LEN/4, \
md5.init, md5.update, md5.finish, md5.oneshot, \
sizeof.ctx_md5, MD5_LEN/4, \
sha1.init, sha1.update, sha1.finish, sha1.oneshot, \
sizeof.ctx_sha1, SHA1_LEN/4, \
sha2_224.init, sha2_224.update, sha2_224.finish, sha2_224.oneshot, \
sizeof.ctx_sha2_224256, SHA2_224_LEN/4, \
sha2_256.init, sha2_256.update, sha2_256.finish, sha2_256.oneshot, \
sizeof.ctx_sha2_224256, SHA2_256_LEN/4, \
sha2_384.init, sha2_384.update, sha2_384.finish, sha2_384.oneshot, \
sizeof.ctx_sha2_384512, SHA2_384_LEN/4, \
sha2_512.init, sha2_512.update, sha2_512.finish, sha2_512.oneshot, \
sizeof.ctx_sha2_384512, SHA2_512_LEN/4, \
sha3_224.init, sha3.update, sha3.finish, sha3_224.oneshot, \
sizeof.ctx_sha3, SHA3_224_LEN/4, \
sha3_256.init, sha3.update, sha3.finish, sha3_256.oneshot, \
sizeof.ctx_sha3, SHA3_256_LEN/4, \
sha3_384.init, sha3.update, sha3.finish, sha3_384.oneshot, \
sizeof.ctx_sha3, SHA3_384_LEN/4, \
sha3_512.init, sha3.update, sha3.finish, sha3_512.oneshot, \
sizeof.ctx_sha3, SHA3_512_LEN/4, \
0
align 4
crash._.mac_table dd \
poly1305.init, poly1305.update, poly1305.finish, \
poly1305.oneshot, sizeof.ctx_poly1305, POLY1305_LEN/4, \
hmac_sha2_256.init, hmac_sha2_256.update, hmac_sha2_256.finish, \
hmac_sha2_256.oneshot, sizeof.ctx_hmac, HMAC_SHA2_256_LEN/4, \
hmac_sha2_512.init, hmac_sha2_512.update, hmac_sha2_512.finish, \
hmac_sha2_512.oneshot, sizeof.ctx_hmac, HMAC_SHA2_512_LEN/4, \
0
align 4
crash._.cipher_table dd \
chacha20.init, chacha20.update, chacha20.finish, chacha20.oneshot, \
sizeof.ctx_chacha20, 0, \
aes256ctr.init, aes256ctr.update, aes256ctr.finish, aes256ctr.oneshot, \
sizeof.ctx_aes_ctr, 0, \
aes256cbc.init, aes256cbc.update, aes256cbc.finish, aes256cbc.oneshot, \
sizeof.ctx_aes_cbc, 0, \
0
IncludeIGlobals
align 4
@EXPORT:
export \
crash.init, "lib_init", \
crash.hash, "crash_hash", \
crash.mac, "crash_mac", \
crash.crypt, "crash_crypt", \
crash.hash_oneshot, "crash_hash_oneshot", \
crash.mac_oneshot, "crash_mac_oneshot", \
crash.crypt_oneshot, "crash_crypt_oneshot", \
\
crc32.init, "crc32_init", \
crc32.update, "crc32_update", \
crc32.finish, "crc32_finish", \
crc32.oneshot, "crc32_oneshot", \
md5.init, "md5_init", \
md5.update, "md5_update", \
md5.finish, "md5_finish", \
md5.oneshot, "md5_oneshot", \
sha1.init, "sha1_init", \
sha1.update, "sha1_update", \
sha1.finish, "sha1_finish", \
sha1.oneshot, "sha1_oneshot", \
sha2_224.init, "sha2_224_init", \
sha2_224.update, "sha2_224_update", \
sha2_224.finish, "sha2_224_finish", \
sha2_224.oneshot, "sha2_224_oneshot", \
sha2_256.init, "sha2_256_init", \
sha2_256.update, "sha2_256_update", \
sha2_256.finish, "sha2_256_finish", \
sha2_256.oneshot, "sha2_256_oneshot", \
sha2_384.init, "sha2_384_init", \
sha2_384.update, "sha2_384_update", \
sha2_384.finish, "sha2_384_finish", \
sha2_384.oneshot, "sha2_384_oneshot", \
sha2_512.init, "sha2_512_init", \
sha2_512.update, "sha2_512_update", \
sha2_512.finish, "sha2_512_finish", \
sha2_512.oneshot, "sha2_512_oneshot", \
sha3_224.init, "sha3_224_init", \
sha3_224.update, "sha3_224_update", \
sha3_224.finish, "sha3_224_finish", \
sha3_224.oneshot, "sha3_224_oneshot", \
sha3_256.init, "sha3_256_init", \
sha3_256.update, "sha3_256_update", \
sha3_256.finish, "sha3_256_finish", \
sha3_256.oneshot, "sha3_256_oneshot", \
sha3_384.init, "sha3_384_init", \
sha3_384.update, "sha3_384_update", \
sha3_384.finish, "sha3_384_finish", \
sha3_384.oneshot, "sha3_384_oneshot", \
sha3_512.init, "sha3_512_init", \
sha3_512.update, "sha3_512_update", \
sha3_512.finish, "sha3_512_finish", \
sha3_512.oneshot, "sha3_512_oneshot", \
\
poly1305.init, "poly1305_init", \
poly1305.update, "poly1305_update", \
poly1305.finish, "poly1305_finish", \
poly1305.oneshot, "poly1305_oneshot", \
hmac_sha2_256.init, "hmac_sha2_256_init", \
hmac_sha2_256.update, "hmac_sha2_256_update", \
hmac_sha2_256.finish, "hmac_sha2_256_finish", \
hmac_sha2_256.oneshot, "hmac_sha2_256_oneshot", \
hmac_sha2_512.init, "hmac_sha2_512_init", \
hmac_sha2_512.update, "hmac_sha2_512_update", \
hmac_sha2_512.finish, "hmac_sha2_512_finish", \
hmac_sha2_512.oneshot, "hmac_sha2_512_oneshot", \
\
chacha20.init, "chacha20_init", \
chacha20.update, "chacha20_update", \
chacha20.finish, "chacha20_finish", \
chacha20.oneshot, "chacha20_oneshot", \
aes256ctr.init, "aes256ctr_init", \
aes256ctr.update, "aes256ctr_update", \
aes256ctr.finish, "aes256ctr_finish", \
aes256ctr.oneshot, "aes256ctr_oneshot", \
aes256cbc.init, "aes256cbc_init", \
aes256cbc.update, "aes256cbc_update", \
aes256cbc.finish, "aes256cbc_finish", \
aes256cbc.oneshot, "aes256cbc_oneshot"

/programs/develop/libraries/libcrash/libcrash.inc
0,0 → 1,70
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2012-2014,2016,2019,2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
LIBCRASH_ALIGN = 16 ; align your data for speed
; hash IDs
LIBCRASH_CRC32 = 0
LIBCRASH_MD5 = 1
LIBCRASH_SHA1 = 2
LIBCRASH_SHA2_224 = 3
LIBCRASH_SHA2_256 = 4
LIBCRASH_SHA2_384 = 5
LIBCRASH_SHA2_512 = 6
LIBCRASH_SHA3_224 = 7
LIBCRASH_SHA3_256 = 8
LIBCRASH_SHA3_384 = 9
LIBCRASH_SHA3_512 = 10
; mac IDs
LIBCRASH_POLY1305 = 0
LIBCRASH_HMAC_SHA2_256 = 1
LIBCRASH_HMAC_SHA2_512 = 2
; cipher IDs
LIBCRASH_CHACHA20 = 0
LIBCRASH_AES_256_CTR = 1
LIBCRASH_AES_256_CBC = 2
; cipher flags for crash_crypt
LIBCRASH_CIPHER_ENCRYPT = 0000b
LIBCRASH_CIPHER_DECRYPT = 0001b
LIBCRASH_CIPHER_PADDING = 0010b ; PKCS#5
; cipher output can be larger than input, e.g. for CBC mode with padding
CBC128_MAX_PAD_LEN = 128/8
LIBCRASH_MAX_PAD_LEN = CBC128_MAX_PAD_LEN
CRC32_LEN = 4
MD5_LEN = 16
SHA1_LEN = 20
SHA2_224_LEN = 28
SHA2_256_LEN = 32
SHA2_384_LEN = 48
SHA2_512_LEN = 64
SHA3_224_LEN = 28
SHA3_256_LEN = 32
SHA3_384_LEN = 48
SHA3_512_LEN = 64
MAX_HASH_LEN = SHA3_512_LEN
POLY1305_LEN = 16
HMAC_SHA2_256_LEN = SHA2_256_LEN
HMAC_SHA2_512_LEN = SHA2_512_LEN
LIBCRASH_CTX_LEN = 0x500

/programs/develop/libraries/libcrash/mac/hmac.asm
0,0 → 1,161
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
macro max target, [source] {
common
target = 0
forward
if target < source
target = source
end if
}
max MAX_HMAC_HASH_CTX_SIZE, sizeof.ctx_sha2_224256, sizeof.ctx_sha2_384512
max MAX_HMAC_HASH_BLOCK_SIZE, SHA2_224256_BLOCK_SIZE, SHA2_384512_BLOCK_SIZE
max MAX_HMAC_HASH_LEN, SHA2_256_LEN, SHA2_512_LEN
struct ctx_hmac
ctx_hash rb MAX_HMAC_HASH_CTX_SIZE
key_pad rb MAX_HMAC_HASH_BLOCK_SIZE
mac rd MAX_HMAC_HASH_LEN/4
hash_init dd ?
hash_update dd ?
hash_finish dd ?
hash_oneshot dd ?
block_size dd ?
hash_size dd ?
ends
assert sizeof.ctx_hmac <= LIBCRASH_CTX_LEN
; ebx = _ctx
proc hmac._.init uses ebx esi edi, _key, _key_len
mov ecx, [_key_len]
cmp ecx, [ebx+ctx_hmac.block_size]
mov esi, [_key]
jbe .pad
; hash
lea esi, [ebx+ctx_hmac.ctx_hash]
stdcall [ebx+ctx_hmac.hash_oneshot], esi, [_key], [_key_len]
mov ecx, [ebx+ctx_hmac.hash_size]
.pad:
lea edi, [ebx+ctx_hmac.key_pad]
mov edx, [ebx+ctx_hmac.block_size]
sub edx, ecx
xor eax, eax
rep movsb
mov ecx, edx
rep stosb
; xor with 0x36
mov eax, 0x36363636
lea edx, [ebx+ctx_hmac.key_pad]
mov ecx, [ebx+ctx_hmac.block_size]
shr ecx, 2
@@:
xor [edx], eax
add edx, 4
dec ecx
jnz @b
lea esi, [ebx+ctx_hmac.ctx_hash]
stdcall [ebx+ctx_hmac.hash_init], esi
lea eax, [ebx+ctx_hmac.key_pad]
stdcall [ebx+ctx_hmac.hash_update], esi, eax, [ebx+ctx_hmac.block_size]
; xor with 0x36 xor 0x5c
mov eax, 0x36363636 XOR 0x5c5c5c5c
lea edx, [ebx+ctx_hmac.key_pad]
mov ecx, [ebx+ctx_hmac.block_size]
shr ecx, 2
@@:
xor [edx], eax
add edx, 4
dec ecx
jnz @b
ret
endp
proc hmac_sha2_256.init uses ebx, _ctx, _key, _key_len
mov ebx, [_ctx]
mov [ebx+ctx_hmac.hash_init], sha2_256.init
mov [ebx+ctx_hmac.hash_update], sha2_256.update
mov [ebx+ctx_hmac.hash_finish], sha2_256.finish
mov [ebx+ctx_hmac.hash_oneshot], sha2_256.oneshot
mov [ebx+ctx_hmac.block_size], SHA2_256_BLOCK_SIZE
mov [ebx+ctx_hmac.hash_size], SHA2_256_LEN
stdcall hmac._.init, [_key], [_key_len]
ret
endp
proc hmac_sha2_512.init uses ebx, _ctx, _key, _key_len
mov ebx, [_ctx]
mov [ebx+ctx_hmac.hash_init], sha2_512.init
mov [ebx+ctx_hmac.hash_update], sha2_512.update
mov [ebx+ctx_hmac.hash_finish], sha2_512.finish
mov [ebx+ctx_hmac.hash_oneshot], sha2_512.oneshot
mov [ebx+ctx_hmac.block_size], SHA2_512_BLOCK_SIZE
mov [ebx+ctx_hmac.hash_size], SHA2_512_LEN
stdcall hmac._.init, [_key], [_key_len]
ret
endp
hmac_sha2_256.update = hmac._.update
hmac_sha2_512.update = hmac._.update
proc hmac._.update uses ebx esi edi, _ctx, _in, _len
mov ebx, [_ctx]
lea eax, [ebx+ctx_hmac.ctx_hash]
stdcall [ebx+ctx_hmac.hash_update], eax, [_in], [_len]
.quit:
ret
endp
hmac_sha2_256.finish = hmac._.finish
hmac_sha2_512.finish = hmac._.finish
proc hmac._.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
lea esi, [ebx+ctx_hmac.ctx_hash]
stdcall [ebx+ctx_hmac.hash_finish], esi
lea edi, [ebx+ctx_hmac.mac]
mov ecx, [ebx+ctx_hmac.hash_size]
rep movsb
lea esi, [ebx+ctx_hmac.ctx_hash]
stdcall [ebx+ctx_hmac.hash_init], esi
lea eax, [ebx+ctx_hmac.key_pad]
stdcall [ebx+ctx_hmac.hash_update], esi, eax, [ebx+ctx_hmac.block_size]
lea eax, [ebx+ctx_hmac.mac]
stdcall [ebx+ctx_hmac.hash_update], esi, eax, [ebx+ctx_hmac.hash_size]
stdcall [ebx+ctx_hmac.hash_finish], esi
ret
endp
proc hmac_sha2_256.oneshot _ctx, _in, _len, _key, _key_len
stdcall hmac_sha2_256.init, [_ctx], [_key], [_key_len]
stdcall hmac_sha2_256.update, [_ctx], [_in], [_len]
stdcall hmac_sha2_256.finish, [_ctx]
ret
endp
proc hmac_sha2_512.oneshot _ctx, _in, _len, _key, _key_len
stdcall hmac_sha2_512.init, [_ctx], [_key], [_key_len]
stdcall hmac_sha2_512.update, [_ctx], [_in], [_len]
stdcall hmac_sha2_512.finish, [_ctx]
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/develop/libraries/libcrash/mac/poly1305.asm
0,0 → 1,538
; libcrash -- cryptographic hash (and other) functions
;
; Copyright (C) <2021> Ivan Baravy
;
; SPDX-License-Identifier: GPL-2.0-or-later
;
; This program is free software: you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation, either version 2 of the License, or (at your option) any later
; version.
;
; This program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License along with
; this program. If not, see <http://www.gnu.org/licenses/>.
; Based on rfc7539 and implementation of libressl
POLY1305_BLOCK_SIZE = 16
POLY1305_ALIGN = 16
POLY1305_ALIGN_MASK = POLY1305_ALIGN-1
struct ctx_poly1305
mac rd 5
rd 3
block rb POLY1305_BLOCK_SIZE
rb POLY1305_ALIGN-(POLY1305_BLOCK_SIZE mod POLY1305_ALIGN)
index dd ?
block_size dd ?
hibit dd ?
rd 2 ; align
; tmp vars
r rd 5
s rd 4
d rd 5*2 ; 5 dq
ends
assert sizeof.ctx_poly1305 <= LIBCRASH_CTX_LEN
proc poly1305.init uses ebx, _ctx, _key, _key_len
mov ebx, [_ctx]
mov [ebx+ctx_poly1305.block_size], POLY1305_BLOCK_SIZE
mov [ebx+ctx_poly1305.hibit], 1 SHL 24
; accumulator
mov [ebx+ctx_poly1305.mac+0*4], 0
mov [ebx+ctx_poly1305.mac+1*4], 0
mov [ebx+ctx_poly1305.mac+2*4], 0
mov [ebx+ctx_poly1305.mac+3*4], 0
mov [ebx+ctx_poly1305.mac+4*4], 0
; r &= 0xffffffc0ffffffc0ffffffc0fffffff
mov ecx, [_key]
mov eax, [ecx+0]
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.r+0*4], eax
mov eax, [ecx+3]
shr eax, 2
and eax, 0x3ffff03
mov [ebx+ctx_poly1305.r+1*4], eax
mov eax, [ecx+6]
shr eax, 4
and eax, 0x3ffc0ff
mov [ebx+ctx_poly1305.r+2*4], eax
mov eax, [ecx+9]
shr eax, 6
and eax, 0x3f03fff
mov [ebx+ctx_poly1305.r+3*4], eax
mov eax, [ecx+12]
shr eax, 8
and eax, 0xfffff
mov [ebx+ctx_poly1305.r+4*4], eax
; s
mov eax, [ecx+4*4]
mov [ebx+ctx_poly1305.s+0*4], eax
mov eax, [ecx+5*4]
mov [ebx+ctx_poly1305.s+1*4], eax
mov eax, [ecx+6*4]
mov [ebx+ctx_poly1305.s+2*4], eax
mov eax, [ecx+7*4]
mov [ebx+ctx_poly1305.s+3*4], eax
ret
endp
proc poly1305._.block _mac
; mov ecx, [ebx+ctx_poly1305.rounds_cnt]
mov edi, [_mac]
; a += m[i]
mov eax, [esi+0]
and eax, 0x3ffffff
add [ebx+ctx_poly1305.mac+0*4], eax
mov eax, [esi+3]
shr eax, 2
and eax, 0x3ffffff
add [ebx+ctx_poly1305.mac+1*4], eax
mov eax, [esi+6]
shr eax, 4
and eax, 0x3ffffff
add [ebx+ctx_poly1305.mac+2*4], eax
mov eax, [esi+9]
shr eax, 6
and eax, 0x3ffffff
add [ebx+ctx_poly1305.mac+3*4], eax
mov eax, [esi+12]
shr eax, 8
or eax, [ebx+ctx_poly1305.hibit]
add [ebx+ctx_poly1305.mac+4*4], eax
; a *= r
; d0
; r0*a0
mov eax, [ebx+ctx_poly1305.r+0*4]
mul [ebx+ctx_poly1305.mac+0*4]
mov ecx, eax
mov edi, edx
; s4*a1
mov eax, [ebx+ctx_poly1305.r+4*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+1*4]
add ecx, eax
adc edi, edx
; s3*a2
mov eax, [ebx+ctx_poly1305.r+3*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+2*4]
add ecx, eax
adc edi, edx
; s2*a3
mov eax, [ebx+ctx_poly1305.r+2*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+3*4]
add ecx, eax
adc edi, edx
; s1*a4
mov eax, [ebx+ctx_poly1305.r+1*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+4*4]
add ecx, eax
adc edi, edx
mov [ebx+ctx_poly1305.d+0*8+0], ecx
mov [ebx+ctx_poly1305.d+0*8+4], edi
; d1
; r1*a0
mov eax, [ebx+ctx_poly1305.r+1*4]
mul [ebx+ctx_poly1305.mac+0*4]
mov ecx, eax
mov edi, edx
; r0*a1
mov eax, [ebx+ctx_poly1305.r+0*4]
mul [ebx+ctx_poly1305.mac+1*4]
add ecx, eax
adc edi, edx
; s4*a2
mov eax, [ebx+ctx_poly1305.r+4*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+2*4]
add ecx, eax
adc edi, edx
; s3*a3
mov eax, [ebx+ctx_poly1305.r+3*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+3*4]
add ecx, eax
adc edi, edx
; s2*a4
mov eax, [ebx+ctx_poly1305.r+2*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+4*4]
add ecx, eax
adc edi, edx
mov [ebx+ctx_poly1305.d+1*8+0], ecx
mov [ebx+ctx_poly1305.d+1*8+4], edi
; d2
; r2*a0
mov eax, [ebx+ctx_poly1305.r+2*4]
mul [ebx+ctx_poly1305.mac+0*4]
mov ecx, eax
mov edi, edx
; r1*a1
mov eax, [ebx+ctx_poly1305.r+1*4]
mul [ebx+ctx_poly1305.mac+1*4]
add ecx, eax
adc edi, edx
; r0*a2
mov eax, [ebx+ctx_poly1305.r+0*4]
mul [ebx+ctx_poly1305.mac+2*4]
add ecx, eax
adc edi, edx
; s4*a3
mov eax, [ebx+ctx_poly1305.r+4*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+3*4]
add ecx, eax
adc edi, edx
; s3*a4
mov eax, [ebx+ctx_poly1305.r+3*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+4*4]
add ecx, eax
adc edi, edx
mov [ebx+ctx_poly1305.d+2*8+0], ecx
mov [ebx+ctx_poly1305.d+2*8+4], edi
; d3
; r3*a0
mov eax, [ebx+ctx_poly1305.r+3*4]
mul [ebx+ctx_poly1305.mac+0*4]
mov ecx, eax
mov edi, edx
; r2*a1
mov eax, [ebx+ctx_poly1305.r+2*4]
mul [ebx+ctx_poly1305.mac+1*4]
add ecx, eax
adc edi, edx
; r1*a2
mov eax, [ebx+ctx_poly1305.r+1*4]
mul [ebx+ctx_poly1305.mac+2*4]
add ecx, eax
adc edi, edx
; r0*a3
mov eax, [ebx+ctx_poly1305.r+0*4]
mul [ebx+ctx_poly1305.mac+3*4]
add ecx, eax
adc edi, edx
; s4*a4
mov eax, [ebx+ctx_poly1305.r+4*4]
lea eax, [eax*5]
mul [ebx+ctx_poly1305.mac+4*4]
add ecx, eax
adc edi, edx
mov [ebx+ctx_poly1305.d+3*8+0], ecx
mov [ebx+ctx_poly1305.d+3*8+4], edi
; d4
; r4*a0
mov eax, [ebx+ctx_poly1305.r+4*4]
mul [ebx+ctx_poly1305.mac+0*4]
mov ecx, eax
mov edi, edx
; r3*a1
mov eax, [ebx+ctx_poly1305.r+3*4]
mul [ebx+ctx_poly1305.mac+1*4]
add ecx, eax
adc edi, edx
; r2*a2
mov eax, [ebx+ctx_poly1305.r+2*4]
mul [ebx+ctx_poly1305.mac+2*4]
add ecx, eax
adc edi, edx
; r1*a3
mov eax, [ebx+ctx_poly1305.r+1*4]
mul [ebx+ctx_poly1305.mac+3*4]
add ecx, eax
adc edi, edx
; r0*a4
mov eax, [ebx+ctx_poly1305.r+0*4]
mul [ebx+ctx_poly1305.mac+4*4]
add ecx, eax
adc edi, edx
mov [ebx+ctx_poly1305.d+4*8+0], ecx
mov [ebx+ctx_poly1305.d+4*8+4], edi
; (partial) a %= p
mov eax, [ebx+ctx_poly1305.d+0*8+0]
mov edx, [ebx+ctx_poly1305.d+0*8+4]
; d0
mov ecx, edx
shld ecx, eax, 6
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+0*4], eax
mov eax, [ebx+ctx_poly1305.d+1*8+0]
mov edx, [ebx+ctx_poly1305.d+1*8+4]
add eax, ecx
adc edx, 0
; d1
mov ecx, edx
shld ecx, eax, 6
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+1*4], eax
mov eax, [ebx+ctx_poly1305.d+2*8+0]
mov edx, [ebx+ctx_poly1305.d+2*8+4]
add eax, ecx
adc edx, 0
; d2
mov ecx, edx
shld ecx, eax, 6
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+2*4], eax
mov eax, [ebx+ctx_poly1305.d+3*8+0]
mov edx, [ebx+ctx_poly1305.d+3*8+4]
add eax, ecx
adc edx, 0
; d3
mov ecx, edx
shld ecx, eax, 6
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+3*4], eax
mov eax, [ebx+ctx_poly1305.d+4*8+0]
mov edx, [ebx+ctx_poly1305.d+4*8+4]
add eax, ecx
adc edx, 0
; d4
mov ecx, edx
shld ecx, eax, 6
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+4*4], eax
lea ecx, [ecx*5]
add ecx, [ebx+ctx_poly1305.mac+0*4]
mov eax, ecx
shr ecx, 26
and eax, 0x3ffffff
mov [ebx+ctx_poly1305.mac+0*4], eax
add [ebx+ctx_poly1305.mac+1*4], ecx
ret
endp
proc poly1305.update uses ebx esi edi, _ctx, _msg, _size
.next_block:
mov ebx, [_ctx]
mov esi, [_msg]
mov eax, [ebx+ctx_poly1305.index]
test eax, eax
jnz .copy_to_buf
test esi, POLY1305_ALIGN_MASK
jnz .copy_to_buf
.no_copy:
; data is aligned, process it in place without copying
mov ebx, [_ctx]
mov eax, [ebx+ctx_poly1305.block_size]
cmp [_size], eax
jb .copy_quit
lea eax, [ebx+ctx_poly1305.mac]
push ebx esi
stdcall poly1305._.block, eax
pop esi ebx
mov eax, [ebx+ctx_poly1305.block_size]
sub [_size], eax
add esi, [ebx+ctx_poly1305.block_size]
jmp .no_copy
.copy_to_buf:
lea edi, [ebx+ctx_poly1305.block]
add edi, eax
mov ecx, [ebx+ctx_poly1305.block_size]
sub ecx, eax
cmp [_size], ecx
jb .copy_quit
sub [_size], ecx
add [_msg], ecx
add [ebx+ctx_poly1305.index], ecx
mov eax, [ebx+ctx_poly1305.block_size]
cmp [ebx+ctx_poly1305.index], eax
jb @f
sub [ebx+ctx_poly1305.index], eax
@@:
rep movsb
lea eax, [ebx+ctx_poly1305.mac]
lea esi, [ebx+ctx_poly1305.block]
stdcall poly1305._.block, eax
jmp .next_block
.copy_quit:
mov ebx, [_ctx]
lea edi, [ebx+ctx_poly1305.block]
mov eax, [ebx+ctx_poly1305.index]
add edi, eax
mov ecx, [_size]
add [ebx+ctx_poly1305.index], ecx
rep movsb
.quit:
ret
endp
proc poly1305.finish uses ebx esi edi, _ctx
mov ebx, [_ctx]
mov eax, [ebx+ctx_poly1305.index]
test eax, eax
jz .skip
mov ecx, [ebx+ctx_poly1305.block_size]
sub ecx, eax
lea edi, [ebx+ctx_poly1305.block]
add edi, eax
mov byte[edi], 0x01
inc edi
dec ecx
xor eax, eax
rep stosb
mov ebx, [_ctx]
mov [ebx+ctx_poly1305.hibit], 0
lea esi, [ebx+ctx_poly1305.block]
lea eax, [ebx+ctx_poly1305.mac]
stdcall poly1305._.block, eax
.skip:
mov ebx, [_ctx]
lea eax, [ebx+ctx_poly1305.mac]
stdcall poly1305._.postprocess, ebx, eax
; fully carry a
mov ecx, [ebx+ctx_poly1305.mac+1*4]
shr ecx, 26
and [ebx+ctx_poly1305.mac+1*4], 0x3ffffff
add ecx, [ebx+ctx_poly1305.mac+2*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.mac+2*4], eax
add ecx, [ebx+ctx_poly1305.mac+3*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.mac+3*4], eax
add ecx, [ebx+ctx_poly1305.mac+4*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.mac+4*4], eax
lea ecx, [ecx*5]
add ecx, [ebx+ctx_poly1305.mac+0*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.mac+0*4], eax
add [ebx+ctx_poly1305.mac+1*4], ecx
; compute a + -p
mov ecx, [ebx+ctx_poly1305.mac+0*4]
add ecx, 5
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.r+0*4], eax
add ecx, [ebx+ctx_poly1305.mac+1*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.r+1*4], eax
add ecx, [ebx+ctx_poly1305.mac+2*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.r+2*4], eax
add ecx, [ebx+ctx_poly1305.mac+3*4]
mov eax, ecx
and eax, 0x3ffffff
shr ecx, 26
mov [ebx+ctx_poly1305.r+3*4], eax
add ecx, [ebx+ctx_poly1305.mac+4*4]
sub ecx, 1 SHL 26
mov [ebx+ctx_poly1305.r+4*4], ecx
; select a if a < p, or a + -p if a >= p
shr ecx, 31
dec ecx
and [ebx+ctx_poly1305.r+0*4], ecx
and [ebx+ctx_poly1305.r+1*4], ecx
and [ebx+ctx_poly1305.r+2*4], ecx
and [ebx+ctx_poly1305.r+3*4], ecx
and [ebx+ctx_poly1305.r+4*4], ecx
not ecx
mov eax, [ebx+ctx_poly1305.r+0*4]
and [ebx+ctx_poly1305.mac+0*4], ecx
or [ebx+ctx_poly1305.mac+0*4], eax
mov eax, [ebx+ctx_poly1305.r+1*4]
and [ebx+ctx_poly1305.mac+1*4], ecx
or [ebx+ctx_poly1305.mac+1*4], eax
mov eax, [ebx+ctx_poly1305.r+2*4]
and [ebx+ctx_poly1305.mac+2*4], ecx
or [ebx+ctx_poly1305.mac+2*4], eax
mov eax, [ebx+ctx_poly1305.r+3*4]
and [ebx+ctx_poly1305.mac+3*4], ecx
or [ebx+ctx_poly1305.mac+3*4], eax
mov eax, [ebx+ctx_poly1305.r+4*4]
and [ebx+ctx_poly1305.mac+4*4], ecx
or [ebx+ctx_poly1305.mac+4*4], eax
; a = a % (2^128)
; a0
mov eax, [ebx+ctx_poly1305.mac+0*4]
mov ecx, [ebx+ctx_poly1305.mac+1*4]
shl ecx, 26
or eax, ecx
mov [ebx+ctx_poly1305.mac+0*4], eax
; a1
mov eax, [ebx+ctx_poly1305.mac+1*4]
shr eax, 6
mov ecx, [ebx+ctx_poly1305.mac+2*4]
shl ecx, 20
or eax, ecx
mov [ebx+ctx_poly1305.mac+1*4], eax
; a2
mov eax, [ebx+ctx_poly1305.mac+2*4]
shr eax, 12
mov ecx, [ebx+ctx_poly1305.mac+3*4]
shl ecx, 14
or eax, ecx
mov [ebx+ctx_poly1305.mac+2*4], eax
; a3
mov eax, [ebx+ctx_poly1305.mac+3*4]
shr eax, 18
mov ecx, [ebx+ctx_poly1305.mac+4*4]
shl ecx, 8
or eax, ecx
mov [ebx+ctx_poly1305.mac+3*4], eax
; mac = (a + pad) % (2^128)
xor edx, edx
; a0
mov eax, [ebx+ctx_poly1305.mac+0*4]
add eax, [ebx+ctx_poly1305.s+0*4]
mov [ebx+ctx_poly1305.mac+0*4], eax
; a1
mov eax, [ebx+ctx_poly1305.mac+1*4]
adc eax, [ebx+ctx_poly1305.s+1*4]
mov [ebx+ctx_poly1305.mac+1*4], eax
; a2
mov eax, [ebx+ctx_poly1305.mac+2*4]
adc eax, [ebx+ctx_poly1305.s+2*4]
mov [ebx+ctx_poly1305.mac+2*4], eax
; a3
mov eax, [ebx+ctx_poly1305.mac+3*4]
adc eax, [ebx+ctx_poly1305.s+3*4]
mov [ebx+ctx_poly1305.mac+3*4], eax
ret
endp
proc poly1305._.postprocess _ctx, _mac
ret
endp
proc poly1305.oneshot _ctx, _in, _len, _key, _key_len
stdcall poly1305.init, [_ctx], [_key], [_key_len]
stdcall poly1305.update, [_ctx], [_in], [_len]
stdcall poly1305.finish, [_ctx]
ret
endp
Property changes:
Added: svn:eol-style
+native
\ No newline at end of property

/programs/network/ssh/hmac_md5.inc
20,10 → 20,12
; To compute HMAC over the data `text' we perform
; H(K XOR opad, H(K XOR ipad, text))
MD5_BLOCK_SIZE = 64
struct hmac_md5_context
hash rb MD5_HASH_SIZE
ipad_ctx crash_ctx
opad_ctx crash_ctx
hash rb MD5_LEN
ipad_ctx rb LIBCRASH_CTX_LEN
opad_ctx rb LIBCRASH_CTX_LEN
ends
; We will precompute partial hashes of K XOR ipad and K XOR opad,

/programs/network/ssh/hmac_sha1.inc
20,10 → 20,12
; To compute HMAC over the data `text' we perform
; H(K XOR opad, H(K XOR ipad, text))
SHA1_BLOCK_SIZE = 64
struct hmac_sha1_context
hash rb SHA1_HASH_SIZE
ipad_ctx crash_ctx
opad_ctx crash_ctx
hash rb SHA1_LEN
ipad_ctx rb LIBCRASH_CTX_LEN
opad_ctx rb LIBCRASH_CTX_LEN
ends
; We will precompute partial hashes of K XOR ipad and K XOR opad,

/programs/network/ssh/hmac_sha256.inc
20,10 → 20,12
; To compute HMAC over the data `text' we perform
; H(K XOR opad, H(K XOR ipad, text))
SHA2_256_BLOCK_SIZE = 64
struct hmac_sha256_context
hash rb SHA256_HASH_SIZE
ipad_ctx crash_ctx
opad_ctx crash_ctx
hash rb SHA2_256_LEN
ipad_ctx rb LIBCRASH_CTX_LEN
opad_ctx rb LIBCRASH_CTX_LEN
ends
; We will precompute partial hashes of K XOR ipad and K XOR opad,
32,7 → 34,7
proc hmac_sha256_setkey ctx, key, key_length
locals
k_temp rb SHA256_BLOCK_SIZE
k_temp rb SHA2_256_BLOCK_SIZE
endl
pusha
39,7 → 41,7
; input esi = key, ecx=key_length
mov ecx, [key_length]
cmp ecx, SHA256_BLOCK_SIZE
cmp ecx, SHA2_256_BLOCK_SIZE
ja .hash_it
; Key is smaller then or equal to blocksize,
; copy key to ipad
46,7 → 48,7
mov esi, [key]
lea edi, [k_temp]
rep movsb
mov ecx, SHA256_BLOCK_SIZE
mov ecx, SHA2_256_BLOCK_SIZE
sub ecx, [key_length]
jz .finish
; append zeros to the key
56,21 → 58,21
; Given key is larger then key size, hash it
.hash_it:
invoke sha256_init, [ctx]
invoke sha256_update, [ctx], [key], [key_length]
invoke sha256_final, [ctx]
invoke sha2_256_init, [ctx]
invoke sha2_256_update, [ctx], [key], [key_length]
invoke sha2_256_finish, [ctx]
mov esi, [ctx]
lea edi, [k_temp]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
xor eax, eax
mov ecx, (SHA256_BLOCK_SIZE-SHA256_HASH_SIZE)/4
mov ecx, (SHA2_256_BLOCK_SIZE-SHA2_256_LEN)/4
rep stosd
.finish:
; xor ipad buffer with 0x36363...
lea esi, [k_temp]
mov ecx, SHA256_BLOCK_SIZE/4
mov ecx, SHA2_256_BLOCK_SIZE/4
@@:
xor dword[esi], 0x36363636 ; ipad constant
add esi, 4
80,19 → 82,19
; Init our hash with k_xor_ipad
mov ebx, [ctx]
lea edi, [ebx+hmac_sha256_context.ipad_ctx]
invoke sha256_init, edi
invoke sha2_256_init, edi
lea esi, [k_temp]
DEBUGF 1, "HASH: "
stdcall dump_hex, esi, SHA256_BLOCK_SIZE/4
stdcall dump_hex, esi, SHA2_256_BLOCK_SIZE/4
mov ebx, [ctx]
lea edi, [ebx+hmac_sha256_context.ipad_ctx]
invoke sha256_update, edi, esi, SHA256_BLOCK_SIZE
invoke sha2_256_update, edi, esi, SHA2_256_BLOCK_SIZE
; xor opad buffer with 0x5c5c5...
lea esi, [k_temp]
mov ecx, SHA256_BLOCK_SIZE/4
mov ecx, SHA2_256_BLOCK_SIZE/4
@@:
xor dword[esi], 0x36363636 xor 0x5c5c5c5c ; opad constant
add esi, 4
102,15 → 104,15
; Init our hash with k_xor_opad
mov ebx, [ctx]
lea edi, [ebx+hmac_sha256_context.opad_ctx]
invoke sha256_init, edi
invoke sha2_256_init, edi
lea esi, [k_temp]
DEBUGF 1, "HASH: "
stdcall dump_hex, esi, SHA256_BLOCK_SIZE/4
stdcall dump_hex, esi, SHA2_256_BLOCK_SIZE/4
mov ebx, [ctx]
lea edi, [ebx+hmac_sha256_context.opad_ctx]
invoke sha256_update, edi, esi, SHA256_BLOCK_SIZE
invoke sha2_256_update, edi, esi, SHA2_256_BLOCK_SIZE
popa
ret
124,8 → 126,8
proc hmac_sha256 ctx, _data, _length
locals
inner_ctx crash_ctx
outer_ctx crash_ctx
inner_ctx rb LIBCRASH_CTX_LEN
outer_ctx rb LIBCRASH_CTX_LEN
endl
pusha
138,30 → 140,30
mov esi, [ctx]
lea esi, [esi+hmac_sha256_context.ipad_ctx]
lea edi, [inner_ctx]
repeat (sizeof.crash_ctx)/4*2
repeat (LIBCRASH_CTX_LEN)/4*2
movsd
end repeat
; Append provided data to inner hash and finalize
lea ebx, [inner_ctx]
invoke sha256_update, ebx, [_data], [_length]
invoke sha2_256_update, ebx, [_data], [_length]
lea ebx, [inner_ctx]
invoke sha256_final, ebx
invoke sha2_256_finish, ebx
DEBUGF 1, "Inner Hash: "
lea esi, [inner_ctx.hash]
stdcall dump_hex, esi, SHA256_HASH_SIZE/4
lea esi, [inner_ctx]
stdcall dump_hex, esi, SHA2_256_LEN/4
; Calculate outer hash
lea ebx, [outer_ctx]
lea esi, [inner_ctx.hash]
invoke sha256_update, ebx, esi, SHA256_HASH_SIZE
lea esi, [inner_ctx]
invoke sha2_256_update, ebx, esi, SHA2_256_LEN
lea ebx, [outer_ctx]
invoke sha256_final, ebx
invoke sha2_256_finish, ebx
; Copy output hash to ctx structure ; FIXME
lea esi, [outer_ctx.hash]
lea esi, [outer_ctx]
mov edi, [ctx]
repeat SHA256_HASH_SIZE/4
repeat SHA2_256_LEN/4
movsd
end repeat

/programs/network/ssh/ssh.asm
49,7 → 49,7
include '../../dll.inc'
include '../../debug-fdo.inc'
include '../../network.inc'
include '../../develop/libraries/libcrash/trunk/libcrash.inc'
include '../../develop/libraries/libcrash/libcrash.inc'
; macros for network byte order
macro dd_n op {
621,18 → 621,18
con_get_input, 'con_get_input'
import libcrash, \
sha512_init, 'sha512_init', \
sha512_update, 'sha512_update', \
sha512_final, 'sha512_final',\
sha256_init, 'sha256_init', \
sha256_update, 'sha256_update', \
sha256_final, 'sha256_final',\
sha2_512_init, 'sha2_512_init', \
sha2_512_update, 'sha2_512_update', \
sha2_512_finish, 'sha2_512_finish',\
sha2_256_init, 'sha2_256_init', \
sha2_256_update, 'sha2_256_update', \
sha2_256_finish, 'sha2_256_finish',\
sha1_init, 'sha1_init', \
sha1_update, 'sha1_update', \
sha1_final, 'sha1_final', \
sha1_finish, 'sha1_finish', \
md5_init, 'md5_init', \
md5_update, 'md5_update', \
md5_final, 'md5_final'
md5_finish, 'md5_finish'
import libini, \
ini_get_str, 'ini_get_str', \

/programs/network/ssh/sshlib.inc
125,8 → 125,8
tx_buffer ssh_packet_header
rb PACKETSIZE-sizeof.ssh_packet_header
part_ex_hash_ctx crash_ctx
session_id rb SHA256_HASH_SIZE
part_ex_hash_ctx rb LIBCRASH_CTX_LEN
session_id rb SHA2_256_LEN
algo_kex dd ?
algo_hostkey dd ?

/programs/network/ssh/sshlib_connection.inc
109,9 → 109,9
jnz .err_sock
; Start calculating hash
invoke sha256_init, [ctx_ptr]
invoke sha2_256_init, [ctx_ptr]
; HASH: string V_C, the client's version string (CR and NL excluded)
invoke sha256_update, [ctx_ptr], ssh_ident_ha, ssh_msg_ident.length+4-2
invoke sha2_256_update, [ctx_ptr], ssh_ident_ha, ssh_msg_ident.length+4-2
; >> Send our identification string
DEBUGF 2, "Sending ID string\n"
138,7 → 138,7
bswap eax
sub edx, 4
mov dword[edx], eax
invoke sha256_update, [ctx_ptr], edx, ecx
invoke sha2_256_update, [ctx_ptr], edx, ecx
; >> Key Exchange init
mov eax, [con_ptr]
191,7 → 191,7
bswap eax
lea esi, [esi+sshlib_connection.tx_buffer+1]
mov dword[esi], eax
invoke sha256_update, [ctx_ptr], esi, edx
invoke sha2_256_update, [ctx_ptr], esi, edx
; << Check key exchange init of server
stdcall sshlib_recv_packet, [con_ptr], 0
269,7 → 269,7
bswap eax
lea esi, [esi+sshlib_connection.rx_buffer+1]
mov dword[esi], eax
invoke sha256_update, [ctx_ptr], esi, edx
invoke sha2_256_update, [ctx_ptr], esi, edx
; Exchange keys with the server

/programs/network/ssh/sshlib_dh_gex.inc
44,7 → 44,7
K_length dd ?
session_id_x rb SHA256_HASH_SIZE+1
session_id_x rb SHA2_256_LEN+1
str_K_S dd ? ; server public host key and certificates (K_S)
mpint_f_big dd ? ; pointer to original
54,7 → 54,7
; Allocate memory for temp variables
mov ecx, 7*(MAX_BITS/8+4) + 7*SHA256_HASH_SIZE + 2*sizeof.crash_ctx
mov ecx, 7*(MAX_BITS/8+4) + 7*SHA2_256_LEN + 2*LIBCRASH_CTX_LEN
mcall 68, 12
test eax, eax
jz .err_nomem
77,24 → 77,24
add eax, (MAX_BITS/8+4)
mov [k_h_ctx], eax
add eax, sizeof.crash_ctx
add eax, LIBCRASH_CTX_LEN
mov [temp_ctx], eax
add eax, sizeof.crash_ctx
add eax, LIBCRASH_CTX_LEN
mov [H], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [rx_iv], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [tx_iv], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [rx_enc_key], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [tx_enc_key], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [rx_int_key], eax
add eax, SHA256_HASH_SIZE
add eax, SHA2_256_LEN
mov [tx_int_key], eax
; add eax, SHA256_HASH_SIZE
; add eax, SHA2_256_LEN
; Copy the partial exchange hash to our temporary one
101,7 → 101,7
mov esi, [con_ptr]
lea esi, [esi+sshlib_connection.part_ex_hash_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
;----------------------------------------------
201,13 → 201,13
add edx, 4
lea eax, [esi+edx]
mov [mpint_f_big], eax
invoke sha256_update, [temp_ctx], esi, edx
invoke sha2_256_update, [temp_ctx], esi, edx
;--------------------------------------------------------------------------
; HASH: uint32 min, minimal size in bits of an acceptable group
; uint32 n, preferred size in bits of the group the server will send
; uint32 max, maximal size in bits of an acceptable group
invoke sha256_update, [temp_ctx], ssh_msg_gex_req+sizeof.ssh_packet_header-ssh_packet_header.message_code, 12
invoke sha2_256_update, [temp_ctx], ssh_msg_gex_req+sizeof.ssh_packet_header-ssh_packet_header.message_code, 12
;----------------------------
; HASH: mpint p, safe prime
214,7 → 214,7
stdcall mpint_shrink, [mpint_p]
stdcall mpint_to_big_endian, [mpint_tmp], [mpint_p]
add eax, 4
invoke sha256_update, [temp_ctx], [mpint_tmp], eax
invoke sha2_256_update, [temp_ctx], [mpint_tmp], eax
;----------------------------------------
; HASH: mpint g, generator for subgroup
221,7 → 221,7
stdcall mpint_shrink, [mpint_g]
stdcall mpint_to_big_endian, [mpint_tmp], [mpint_g]
add eax, 4
invoke sha256_update, [temp_ctx], [mpint_tmp], eax
invoke sha2_256_update, [temp_ctx], [mpint_tmp], eax
;---------------------------------------------------
; HASH: mpint e, exchange value sent by the client
230,7 → 230,7
mov edx, [esi]
bswap edx
add edx, 4
invoke sha256_update, [temp_ctx], esi, edx
invoke sha2_256_update, [temp_ctx], esi, edx
;---------------------------------------------------
; HASH: mpint f, exchange value sent by the server
238,7 → 238,7
mov edx, [esi]
bswap edx
add edx, 4
invoke sha256_update, [temp_ctx], esi, edx
invoke sha2_256_update, [temp_ctx], esi, edx
stdcall mpint_to_little_endian, [mpint_f], [mpint_f_big]
mov esi, [mpint_f_big]
260,19 → 260,18
;-----------------------------------
; HASH: mpint K, the shared secret
add eax, 4
invoke sha256_update, [temp_ctx], [mpint_K_big], eax
invoke sha2_256_update, [temp_ctx], [mpint_K_big], eax
;-------------------------------
; Finalize the exchange hash (H)
invoke sha256_final, [temp_ctx]
invoke sha2_256_finish, [temp_ctx]
mov esi, [temp_ctx]
add esi, crash_ctx.hash
mov edi, [H]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Exchange hash H: "
stdcall dump_hex, [H], SHA256_HASH_SIZE/4
stdcall dump_hex, [H], SHA2_256_LEN/4
;--------------------------
; Set or get the session id
282,7 → 281,7
jae @f
; If first KEX, verify host public key
stdcall sshlib_host_verify, [con_ptr], [str_K_S], [str_s_of_H], [H], SHA256_HASH_SIZE
stdcall sshlib_host_verify, [con_ptr], [str_K_S], [str_s_of_H], [H], SHA2_256_LEN
test eax, eax
jnz .err
289,13 → 288,13
mov eax, [con_ptr]
mov esi, [H]
lea edi, [eax + sshlib_connection.session_id]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
@@:
lea esi, [eax + sshlib_connection.session_id]
lea edi, [session_id_x+1]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
304,12 → 303,12
; First, calculate partial hash of K and H so we can re-use it for every key.
invoke sha256_init, [k_h_ctx]
invoke sha2_256_init, [k_h_ctx]
mov ecx, [K_length]
add ecx, 4
invoke sha256_update, [k_h_ctx], [mpint_K_big], ecx
invoke sha256_update, [k_h_ctx], [H], SHA256_HASH_SIZE
invoke sha2_256_update, [k_h_ctx], [mpint_K_big], ecx
invoke sha2_256_update, [k_h_ctx], [H], SHA2_256_LEN
;---------------------------------------------------------------
; Initial IV client to server: HASH(K || H || "A" || session_id)
316,19 → 315,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'A'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [tx_iv]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Remote IV: "
stdcall dump_hex, [tx_iv], SHA256_HASH_SIZE/4
stdcall dump_hex, [tx_iv], SHA2_256_LEN/4
;---------------------------------------------------------------
; Initial IV server to client: HASH(K || H || "B" || session_id)
335,19 → 334,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'B'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [rx_iv]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Local IV: "
stdcall dump_hex, [rx_iv], SHA256_HASH_SIZE/4
stdcall dump_hex, [rx_iv], SHA2_256_LEN/4
;-------------------------------------------------------------------
; Encryption key client to server: HASH(K || H || "C" || session_id)
354,19 → 353,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'C'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [tx_enc_key]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Remote key: "
stdcall dump_hex, [tx_enc_key], SHA256_HASH_SIZE/4
stdcall dump_hex, [tx_enc_key], SHA2_256_LEN/4
;-------------------------------------------------------------------
; Encryption key server to client: HASH(K || H || "D" || session_id)
373,19 → 372,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'D'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [rx_enc_key]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Local key: "
stdcall dump_hex, [rx_enc_key], SHA256_HASH_SIZE/4
stdcall dump_hex, [rx_enc_key], SHA2_256_LEN/4
;------------------------------------------------------------------
; Integrity key client to server: HASH(K || H || "E" || session_id)
392,19 → 391,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'E'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [tx_int_key]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Remote Integrity key: "
stdcall dump_hex, [tx_int_key], SHA256_HASH_SIZE/4
stdcall dump_hex, [tx_int_key], SHA2_256_LEN/4
;------------------------------------------------------------------
; Integrity key server to client: HASH(K || H || "F" || session_id)
411,19 → 410,19
mov esi, [k_h_ctx]
mov edi, [temp_ctx]
mov ecx, sizeof.crash_ctx/4
mov ecx, LIBCRASH_CTX_LEN/4
rep movsd
lea edx, [session_id_x]
mov byte[edx], 'F'
invoke sha256_update, [temp_ctx], edx, SHA256_HASH_SIZE+1
invoke sha256_final, [temp_ctx]
invoke sha2_256_update, [temp_ctx], edx, SHA2_256_LEN+1
invoke sha2_256_finish, [temp_ctx]
mov edi, [rx_int_key]
mov esi, [temp_ctx]
mov ecx, SHA256_HASH_SIZE/4
mov ecx, SHA2_256_LEN/4
rep movsd
DEBUGF 1, "Local Integrity key: "
stdcall dump_hex, [rx_int_key] , SHA256_HASH_SIZE/4
stdcall dump_hex, [rx_int_key] , SHA2_256_LEN/4
;-------------------------------------
; << Parse Diffie-Hellman New Keys MSG
471,14 → 470,14
mov [ebx + sshlib_connection.tx_pad_proc], MBRandom
lea ecx, [ebx + sshlib_connection.rx_mac_ctx]
stdcall hmac_sha256_setkey, ecx, [rx_int_key], SHA256_HASH_SIZE
stdcall hmac_sha256_setkey, ecx, [rx_int_key], SHA2_256_LEN
mov [ebx + sshlib_connection.rx_mac_proc], hmac_sha256
mov [ebx + sshlib_connection.rx_mac_length], SHA256_HASH_SIZE
mov [ebx + sshlib_connection.rx_mac_length], SHA2_256_LEN
lea ecx, [ebx + sshlib_connection.tx_mac_ctx]
stdcall hmac_sha256_setkey, ecx, [tx_int_key], SHA256_HASH_SIZE
stdcall hmac_sha256_setkey, ecx, [tx_int_key], SHA2_256_LEN
mov [ebx + sshlib_connection.tx_mac_proc], hmac_sha256
mov [ebx + sshlib_connection.tx_mac_length], SHA256_HASH_SIZE
mov [ebx + sshlib_connection.tx_mac_length], SHA2_256_LEN
mov [ebx + sshlib_connection.status], SSHLIB_CON_STAT_KEX_DONE
xor eax, eax
486,7 → 485,7
.err:
push eax
xor eax, eax
mov ecx, (7*(MAX_BITS/8+4) + 7*SHA256_HASH_SIZE + 2*sizeof.crash_ctx)/4
mov ecx, (7*(MAX_BITS/8+4) + 7*SHA2_256_LEN + 2*LIBCRASH_CTX_LEN)/4
mov edi, [mpint_tmp]
rep stosd

/programs/network/ssh/sshlib_host.inc
134,11 → 134,11
DEBUGF 3, "SSH: Performing RSA verification\n"
mcall 68, 12, sizeof.crash_ctx + 5*(MAX_BITS/8+4)
mcall 68, 12, LIBCRASH_CTX_LEN + 5*(MAX_BITS/8+4)
test eax, eax
jz .err_nomem
mov [h_ctx], eax
add eax, sizeof.crash_ctx
add eax, LIBCRASH_CTX_LEN
mov [mpint_e], eax
add eax, MAX_BITS/8+4
mov [mpint_n], eax
211,7 → 211,7
; EMSA-PKCS1-v1_5
invoke sha1_init, [h_ctx]
invoke sha1_update, [h_ctx], [M], [message_len]
invoke sha1_final, [h_ctx]
invoke sha1_finish, [h_ctx]
mov edi, [EM_accent]
mov al, 0x00
219,7 → 219,7
mov al, 0x01
stosb
mov ecx, [k]
sub ecx, (rsa_sha1_T.len + 3 + SHA1_HASH_SIZE)
sub ecx, (rsa_sha1_T.len + 3 + SHA1_LEN)
jl .err_key
jz @f
mov al, 0xff
231,7 → 231,7
mov ecx, rsa_sha1_T.len
rep movsb
mov esi, [h_ctx]
mov ecx, SHA1_HASH_SIZE
mov ecx, SHA1_LEN
rep movsb
pop esi
243,9 → 243,9
push esi
; EMSA-PKCS1-v1_5
invoke sha256_init, [h_ctx]
invoke sha256_update, [h_ctx], [M], [message_len]
invoke sha256_final, [h_ctx]
invoke sha2_256_init, [h_ctx]
invoke sha2_256_update, [h_ctx], [M], [message_len]
invoke sha2_256_finish, [h_ctx]
mov edi, [EM_accent]
mov al, 0x00
253,7 → 253,7
mov al, 0x01
stosb
mov ecx, [k]
sub ecx, (rsa_sha256_T.len + 3 + SHA256_HASH_SIZE)
sub ecx, (rsa_sha256_T.len + 3 + SHA2_256_LEN)
jl .err_key
jz @f
mov al, 0xff
265,7 → 265,7
mov ecx, rsa_sha256_T.len
rep movsb
mov esi, [h_ctx]
mov ecx, SHA256_HASH_SIZE
mov ecx, SHA2_256_LEN
rep movsb
pop esi
277,9 → 277,9
push esi
; EMSA-PKCS1-v1_5
invoke sha512_init, [h_ctx]
invoke sha512_update, [h_ctx], [M], [message_len]
invoke sha512_final, [h_ctx]
invoke sha2_512_init, [h_ctx]
invoke sha2_512_update, [h_ctx], [M], [message_len]
invoke sha2_512_finish, [h_ctx]
mov edi, [EM_accent]
mov al, 0x00
287,7 → 287,7
mov al, 0x01
stosb
mov ecx, [k]
sub ecx, (rsa_sha512_T.len + 3 + SHA512_HASH_SIZE)
sub ecx, (rsa_sha512_T.len + 3 + SHA2_512_LEN)
jl .err_key
jz @f
mov al, 0xff
299,7 → 299,7
mov ecx, rsa_sha512_T.len
rep movsb
mov esi, [h_ctx]
mov ecx, SHA512_HASH_SIZE
mov ecx, SHA2_512_LEN
rep movsb
pop esi