15 October 2017, 15:39 | #1 |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
Sha256 stand-alone hash function.
Here's a stand-alone, optimized (more so than my previous effort) sha256 hash function that you can drop into just about any code that needs it: sha256.s Related: If anyone wants an optimized AES encrypt and decrypt, let me know in this thread.
Updated version (compress loop optimizations from Wikipedia): sha256standAlone.s Example usage (try it in AsmPro, don't forget the path!): Code:
a lea sha,a0 lea b,a1 lea hash,a2 move.l #c-b,d0 bsr sha256.computeHash rts include "680x0:sha256.s" sha dcb.b sizeof.sha256 hash dcb.b 32 b dc.b "Boring test message." c Code:
rsset 0 sha256.hash rs.b 32 sha256.schedule rs.b 256 sha256.padding rs.b 128 sizeof.sha256 rs.b 0 ; ; a0 = sha256 object ; a1 = message ; a2 = output array ; d0 = message length ; sha256.computeHash movem.l d1/d7/a1/a3-a4,-(sp) ; copy sha hash constants to hash lea sha256.hashConstants,a4 lea sha256.hash(a0),a3 moveq #8-1,d7 .loop move.l (a4)+,(a3)+ dbra d7,.loop ; calculate number of sha blocks and call hash move.l d0,d1 lsr.l #6,d1 beq .singleBlock bsr sha256.hashBlocks .singleBlock ; padding and last block bsr sha256.padMessage lea sha256.padding(a0),a1 bsr sha256.hashBlocks ; copy hash to output array lea sha256.hash(a0),a3 move.l (a3)+,1*4(a2) ; b 1 move.l (a3)+,2*4(a2) ; c 2 move.l (a3)+,5*4(a2) ; f 5 move.l (a3)+,6*4(a2) ; g 6 move.l (a3)+,3*4(a2) ; d 3 move.l (a3)+,0*4(a2) ; a 0 move.l (a3)+,4*4(a2) ; e 4 move.l (a3)+,7*4(a2) ; h 7 movem.l (sp)+,d1/d7/a1/a3-a4 rts ; ; a0 = sha256 object ; a1 = message blocks ; d1 = number of message blocks ; ; a1 <- pointer to remaining message block ; sha256.hashBlocks movem.l d0-a0/a2-a6,-(sp) ; stack variables lea sha256.hash(a0),a2 lea sha256.schedule(a0),a3 move.l a1,-(sp) ; 12 message move.l a2,-(sp) ; 8 hash move.l a3,-(sp) ; 4 schedule move.l d1,-(sp) ; 0 counter ; setup work variables and hash lea sha256.hash(a0),a1 movem.l (a1),d1/d2/d4/d5/a2/a3/a4/a5 .loop ; copy block to schedule move.l 12(sp),a0 ; message move.l 4(sp),a1 ; schedule moveq #4-1,d7 .loopCopy move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ dbra d7,.loopCopy move.l a0,12(sp) ; message ; schedule block lea -2*4(a1),a0 lea -16*4(a1),a6 moveq #48-1,d7 .loopSchedule move.l (a0)+,d3 move.l d3,d6 lsr.l #8,d6 lsr.l #2,d6 swap d3 ror.l #1,d3 eor.l d3,d6 ror.l #2,d3 eor.l d3,d6 add.l (a6)+,d6 move.l (a6),d0 move.l d0,d3 lsr.l #3,d3 ror.l #7,d0 eor.l d0,d3 swap d0 rol.l #5,d0 eor.l d3,d0 add.l -7*4(a1),d0 add.l d6,d0 move.l d0,(a1)+ dbra d7,.loopSchedule ; compress block lea -256(a1),a0 lea sha256.constants,a6 ; main hash loop .loopCompress move.l a3,d3 ror.l #2,d3 move.l d3,d6 swap d6 move.l d6,d7 rol.l #5,d6 eor.l d6,d3 ror.l #4,d7 eor.l d7,d3 move.l a3,d6 and.l d1,d6 move.l a3,d7 and.l d2,d7 eor.l d7,d6 move.l d1,d7 and.l d2,d7 eor.l d7,d6 add.l d6,d3 move.l a4,d0 ror.l #6,d0 move.l d0,d6 ror.l #5,d6 eor.l d6,d0 move.l a4,d6 rol.l #7,d6 eor.l d6,d0 move.l a4,d6 and.l d4,d6 move.l a4,d7 not.l d7 and.l d5,d7 eor.l d7,d6 add.l a5,d0 add.l d6,d0 add.l (a6)+,d0 add.l (a0)+,d0 add.l d0,d3 add.l d0,a2 move.l d5,a5 move.l d4,d5 move.l a4,d4 move.l a2,a4 move.l d2,a2 move.l d1,d2 move.l a3,d1 move.l d3,a3 cmp.l a1,a0 bne .loopCompress ; merge work variables with hash: hash += a..h move.l 8(sp),a0 ; hash add.l (a0)+,d1 ; b add.l (a0)+,d2 ; c add.l (a0)+,d4 ; f add.l (a0)+,d5 ; g add.l (a0)+,a2 ; d add.l (a0)+,a3 ; a add.l (a0)+,a4 ; e add.l (a0)+,a5 ; h movem.l d1/d2/d4/d5/a2/a3/a4/a5,-(a0) ; next message block subq.l #1,(sp) ; counter bne .loop ; point return register to remaining block move.l 12(sp),a1 ; deallocate stack variables and exit add.w #16,sp movem.l (sp)+,d0-a0/a2-a6 rts ; ; a0 = sha object ; a1 = remaining message block ; d0 = full message length ; ; d1 <- number of remaining blocks ; sha256.padMessage movem.l d0/d2/d7/a1-a2,-(sp) lea sha256.padding(a0),a2 ; calculate number of remaining message bytes move.l d0,d1 and.l #63,d1 beq .noCopy ; copy remaining message bytes move.w d1,d7 subq.w #1,d7 .loopCopy move.b (a1)+,(a2)+ dbra d7,.loopCopy .noCopy ; write padding byte move.b #$80,(a2)+ ; write zero padding bytes move.w d1,d2 addq.w #8,d2 and.w #63,d2 moveq #62,d7 sub.w d2,d7 blt .noClear clr.l d2 .loopClear move.b d2,(a2)+ dbra d7,.loopClear .noClear ; write message length in bits rol.l #3,d0 move.l d0,d2 and.l #7,d2 ; high eor.l d2,d0 ; low move.l d2,(a2)+ move.l d0,(a2) ; calculate remaining number of blocks sub.b #56,d1 asr.b #7,d1 addq.b #2,d1 movem.l (sp)+,d0/d2/d7/a1-a2 rts ; sha constants cnop 0,4 ; hash constants are rearranged: b c f g d a e h sha256.hashConstants dc.l $bb67ae85,$3c6ef372,$9b05688c,$1f83d9ab,$a54ff53a,$6a09e667,$510e527f,$5be0cd19 sha256.constants dc.l $428a2f98,$71374491,$b5c0fbcf,$e9b5dba5,$3956c25b,$59f111f1,$923f82a4,$ab1c5ed5 dc.l $d807aa98,$12835b01,$243185be,$550c7dc3,$72be5d74,$80deb1fe,$9bdc06a7,$c19bf174 dc.l $e49b69c1,$efbe4786,$0fc19dc6,$240ca1cc,$2de92c6f,$4a7484aa,$5cb0a9dc,$76f988da dc.l $983e5152,$a831c66d,$b00327c8,$bf597fc7,$c6e00bf3,$d5a79147,$06ca6351,$14292967 dc.l $27b70a85,$2e1b2138,$4d2c6dfc,$53380d13,$650a7354,$766a0abb,$81c2c92e,$92722c85 dc.l $a2bfe8a1,$a81a664b,$c24b8b70,$c76c51a3,$d192e819,$d6990624,$f40e3585,$106aa070 dc.l $19a4c116,$1e376c08,$2748774c,$34b0bcb5,$391c0cb3,$4ed8aa4a,$5b9cca4f,$682e6ff3 dc.l $748f82ee,$78a5636f,$84c87814,$8cc70208,$90befffa,$a4506ceb,$bef9a3f7,$c67178f2 Code:
rsset 0 sha256.hash rs.b 32 sha256.schedule rs.b 256 sha256.padding rs.b 128 sizeof.sha256 rs.b 0 ; ; a0 = sha256 object ; a1 = message ; a2 = output array ; d0 = message length ; sha256.computeHash movem.l d1/d7/a1/a3-a4,-(sp) ; copy sha hash constants to hash lea sha256.hashConstants,a4 lea sha256.hash(a0),a3 moveq #8-1,d7 .loop move.l (a4)+,(a3)+ dbra d7,.loop ; calculate number of sha blocks and call hash move.l d0,d1 lsr.l #6,d1 beq .singleBlock bsr sha256.hashBlocks .singleBlock ; padding and last block bsr sha256.padMessage lea sha256.padding(a0),a1 bsr sha256.hashBlocks ; copy hash to output array lea sha256.hash(a0),a3 move.l (a3)+,1*4(a2) ; b 1 move.l (a3)+,2*4(a2) ; c 2 move.l (a3)+,5*4(a2) ; f 5 move.l (a3)+,6*4(a2) ; g 6 move.l (a3)+,3*4(a2) ; d 3 move.l (a3)+,0*4(a2) ; a 0 move.l (a3)+,4*4(a2) ; e 4 move.l (a3)+,7*4(a2) ; h 7 movem.l (sp)+,d1/d7/a1/a3-a4 rts ; ; a0 = sha256 object ; a1 = message blocks ; d1 = number of message blocks ; ; a1 <- pointer to remaining message block ; sha256.hashBlocks movem.l d0-a0/a2-a6,-(sp) ; stack variables lea sha256.hash(a0),a2 lea sha256.schedule(a0),a3 move.l a1,-(sp) ; 12 message move.l a2,-(sp) ; 8 hash move.l a3,-(sp) ; 4 schedule move.l d1,-(sp) ; 0 counter ; setup work variables and hash lea sha256.hash(a0),a1 movem.l (a1),d1/d2/d4/d5/a2/a3/a4/a5 .loop ; copy block to schedule move.l 12(sp),a0 ; message move.l 4(sp),a1 ; schedule moveq #4-1,d7 .loopCopy move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ move.l (a0)+,(a1)+ dbra d7,.loopCopy move.l a0,12(sp) ; message ; schedule block lea -2*4(a1),a0 lea -16*4(a1),a6 moveq #48-1,d7 .loopSchedule move.l (a0)+,d3 move.l d3,d6 lsr.l #8,d6 lsr.l #2,d6 swap d3 ror.l #1,d3 eor.l d3,d6 ror.l #2,d3 eor.l d3,d6 add.l (a6)+,d6 move.l (a6),d0 move.l d0,d3 lsr.l #3,d3 ror.l #7,d0 eor.l d0,d3 swap d0 rol.l #5,d0 eor.l d3,d0 add.l -7*4(a1),d0 add.l d6,d0 move.l d0,(a1)+ dbra d7,.loopSchedule ; compress block lea -256(a1),a0 lea sha256.constants,a6 ; main hash loop .loopCompress move.l a3,d3 ror.l #2,d3 move.l d3,d6 swap d6 move.l d6,d7 rol.l #5,d6 eor.l d6,d3 ror.l #4,d7 eor.l d7,d3 move.l a3,d7 eor.l d1,d7 and.l d2,d7 move.l a3,d6 and.l d1,d6 eor.l d6,d7 add.l d7,d3 move.l a4,d0 ror.l #6,d0 move.l d0,d6 ror.l #5,d6 eor.l d6,d0 move.l a4,d6 rol.l #7,d6 eor.l d6,d0 move.l d4,d6 eor.l d5,d6 move.l a4,d7 and.l d7,d6 eor.l d5,d6 add.l a5,d0 add.l d6,d0 add.l (a6)+,d0 add.l (a0)+,d0 add.l d0,d3 add.l d0,a2 move.l d5,a5 move.l d4,d5 move.l a4,d4 move.l a2,a4 move.l d2,a2 move.l d1,d2 move.l a3,d1 move.l d3,a3 cmp.l a1,a0 bne .loopCompress ; merge work variables with hash: hash += a..h move.l 8(sp),a0 ; hash add.l (a0)+,d1 ; b add.l (a0)+,d2 ; c add.l (a0)+,d4 ; f add.l (a0)+,d5 ; g add.l (a0)+,a2 ; d add.l (a0)+,a3 ; a add.l (a0)+,a4 ; e add.l (a0)+,a5 ; h movem.l d1/d2/d4/d5/a2/a3/a4/a5,-(a0) ; next message block subq.l #1,(sp) ; counter bne .loop ; point return register to remaining block move.l 12(sp),a1 ; deallocate stack variables and exit add.w #16,sp movem.l (sp)+,d0-a0/a2-a6 rts ; ; a0 = sha object ; a1 = remaining message block ; d0 = full message length ; ; d1 <- number of remaining blocks ; sha256.padMessage movem.l d0/d2/d7/a1-a2,-(sp) lea sha256.padding(a0),a2 ; calculate number of remaining message bytes move.l d0,d1 and.l #63,d1 beq .noCopy ; copy remaining message bytes move.w d1,d7 subq.w #1,d7 .loopCopy move.b (a1)+,(a2)+ dbra d7,.loopCopy .noCopy ; write padding byte move.b #$80,(a2)+ ; write zero padding bytes move.w d1,d2 addq.w #8,d2 and.w #63,d2 moveq #62,d7 sub.w d2,d7 blt .noClear clr.l d2 .loopClear move.b d2,(a2)+ dbra d7,.loopClear .noClear ; write message length in bits rol.l #3,d0 move.l d0,d2 and.l #7,d2 ; high eor.l d2,d0 ; low move.l d2,(a2)+ move.l d0,(a2) ; calculate remaining number of blocks sub.b #56,d1 asr.b #7,d1 addq.b #2,d1 movem.l (sp)+,d0/d2/d7/a1-a2 rts ; sha constants cnop 0,4 ; hash constants are rearranged: b c f g d a e h sha256.hashConstants dc.l $bb67ae85,$3c6ef372,$9b05688c,$1f83d9ab,$a54ff53a,$6a09e667,$510e527f,$5be0cd19 sha256.constants dc.l $428a2f98,$71374491,$b5c0fbcf,$e9b5dba5,$3956c25b,$59f111f1,$923f82a4,$ab1c5ed5 dc.l $d807aa98,$12835b01,$243185be,$550c7dc3,$72be5d74,$80deb1fe,$9bdc06a7,$c19bf174 dc.l $e49b69c1,$efbe4786,$0fc19dc6,$240ca1cc,$2de92c6f,$4a7484aa,$5cb0a9dc,$76f988da dc.l $983e5152,$a831c66d,$b00327c8,$bf597fc7,$c6e00bf3,$d5a79147,$06ca6351,$14292967 dc.l $27b70a85,$2e1b2138,$4d2c6dfc,$53380d13,$650a7354,$766a0abb,$81c2c92e,$92722c85 dc.l $a2bfe8a1,$a81a664b,$c24b8b70,$c76c51a3,$d192e819,$d6990624,$f40e3585,$106aa070 dc.l $19a4c116,$1e376c08,$2748774c,$34b0bcb5,$391c0cb3,$4ed8aa4a,$5b9cca4f,$682e6ff3 dc.l $748f82ee,$78a5636f,$84c87814,$8cc70208,$90befffa,$a4506ceb,$bef9a3f7,$c67178f2 Last edited by Thorham; 04 December 2017 at 11:35. |
16 October 2017, 22:06 | #2 |
Join Date: Jul 2008
Location: Sweden
Posts: 2,269
|
Cool! You could make it more user-friendly by putting the temporary data on the stack, instead of tasking the caller with allocating and freeing that memory.
|
16 October 2017, 23:24 | #3 | |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
Quote:
Code:
; ; a1 = message ; a2 = output array ; d0 = message length ; sha256.computeHash movem.l d1/d7/a0-a1/a3-a4,-(sp) ; allocate sha object memory on stack sub.w #sizeof.sha256,sp move.l sp,a0 ; copy sha hash constants to hash lea sha256.hashConstants,a4 lea sha256.hash(a0),a3 moveq #8-1,d7 .loop move.l (a4)+,(a3)+ dbra d7,.loop ; calculate number of sha blocks and call hash move.l d0,d1 lsr.l #6,d1 beq .singleBlock bsr sha256.hashBlocks .singleBlock ; padding and last block bsr sha256.padMessage lea sha256.padding(a0),a1 bsr sha256.hashBlocks ; copy hash to output array lea sha256.hash(a0),a3 move.l (a3)+,1*4(a2) ; b 1 move.l (a3)+,2*4(a2) ; c 2 move.l (a3)+,5*4(a2) ; f 5 move.l (a3)+,6*4(a2) ; g 6 move.l (a3)+,3*4(a2) ; d 3 move.l (a3)+,0*4(a2) ; a 0 move.l (a3)+,4*4(a2) ; e 4 move.l (a3)+,7*4(a2) ; h 7 add.w #sizeof.sha256,sp movem.l (sp)+,d1/d7/a0-a1/a3-a4 rts Last edited by Thorham; 16 October 2017 at 23:29. |
|
17 October 2017, 15:12 | #4 |
Registered User
Join Date: May 2014
Location: inside the emulator
Posts: 377
|
Nice clean code, thanks!
|
19 October 2017, 07:04 | #5 |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
|
02 December 2017, 14:16 | #6 |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
Anyone interested in standalone AES256? I almost have that ready for posting.
|
04 December 2017, 11:36 | #7 |
Computer Nerd
Join Date: Sep 2007
Location: Rotterdam/Netherlands
Age: 47
Posts: 3,751
|
Updated the code with some optimizations from Wikipedia that didn't seem like they would work, see first post.
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Optimizing SHA-256 crypto hash. | Thorham | Coders. Asm / Hardware | 8 | 21 June 2015 08:11 |
Search Software from Hash Inc | AndreasM | request.Apps | 3 | 03 April 2011 15:23 |
KS3.1 hash | orange | support.Apps | 3 | 11 January 2011 19:15 |
One on One stand alone version... | scifi | request.Old Rare Games | 3 | 30 April 2006 19:42 |
|
|