X-Git-Url: https://git.cryptolib.org/?a=blobdiff_plain;f=keccak%2Fkeccak-asm.S;h=f1fc07a10e561159ec9fd74b3b63c4cc139c18b0;hb=5b6783aa504630809dc982fd92e5a09f6f0d0e63;hp=3b3a48818fdc84a47547b64d61e6b00ad1eca3a9;hpb=29a44972ae3749a6a273d936f2e15327ecae8a94;p=avr-crypto-lib.git

diff --git a/keccak/keccak-asm.S b/keccak/keccak-asm.S
index 3b3a488..f1fc07a 100644
--- a/keccak/keccak-asm.S
+++ b/keccak/keccak-asm.S
@@ -43,10 +43,6 @@ ctx_a:
 	.struct ctx_a + 8 * 5 * 5
 ctx_r:
 	.struct ctx_r + 2
-ctx_c:
-	.struct ctx_c + 2
-ctx_d:
-	.struct ctx_d + 1
 ctx_bs:
 
 	.section .text
@@ -329,7 +325,7 @@ chi_step:
 keccak_nextBlock:
 	movw ZL, r24
 	subi ZL, lo8(-ctx_bs)
-	sbci ZL, hi8(-ctx_bs)
+	sbci ZH, hi8(-ctx_bs)
 	ld r20, Z
 	movw XL, r24
 	movw ZL, r22
@@ -340,8 +336,10 @@ keccak_nextBlock:
 	st X+, r22
 	dec r20
 	brne 10b
+	.endfunc
 
 	.global keccak_f1600
+	.func keccak_f1600
 keccak_f1600:
 	push_range 2, 9
 	push r16
@@ -542,15 +540,17 @@ icall_r16_times:
 */
 	; memcpy(a, b, 200)
 	; X points at b + 32 + 8 = b + 40 = b[1][0] has to point to b[0][0]
-	ldi r16, 200
+	ldi r16, 200 / 8
 	sbiw XL, 5 * 8
 	movw ZL, XL
 	subi YL, lo8(5 * 5 * 8)
 	sbci YH, hi8(5 * 5 * 8)
 	movw r2, YL
 10:
+	.rept 8
 	ld r22, X+
 	st Y+, r22
+	.endr
 	dec r16
 	brne 10b
 
@@ -619,5 +619,109 @@ icall_r16_times:
 	pop_range 28, 29
 	pop r16
 	pop_range 2, 9
+	ret
+	.endfunc
+
 
+	.global keccak224_ctx2hash
+	.func keccak224_ctx2hash
+keccak224_ctx2hash:
+	movw r20, r22
+	ldi r22, lo8(224)
+	ldi r23, hi8(224)
+	rjmp keccak_ctx2hash
+	.endfunc
+
+	.global keccak384_ctx2hash
+	.func keccak384_ctx2hash
+keccak384_ctx2hash:
+	movw r20, r22
+	ldi r22, lo8(384)
+	ldi r23, hi8(384)
+	rjmp keccak_ctx2hash
+	.endfunc
+
+	.global keccak512_ctx2hash
+	.func keccak512_ctx2hash
+keccak512_ctx2hash:
+	movw r20, r22
+	ldi r22, lo8(512)
+	ldi r23, hi8(512)
+	rjmp keccak_ctx2hash
+	.endfunc
+
+	.global keccak256_ctx2hash
+	.func keccak256_ctx2hash
+keccak256_ctx2hash:
+	movw r20, r22
+	ldi r22, lo8(256)
+	ldi r23, hi8(256)
+	.endfunc
+
+/*
+void keccak_ctx2hash(void* dest, uint16_t length_b, keccak_ctx_t* ctx){
+	while(length_b>=ctx->r){
+		memcpy(dest, ctx->a, ctx->bs);
+		dest = (uint8_t*)dest + ctx->bs;
+		length_b -= ctx->r;
+		keccak_f1600(ctx->a);
+	}
+	memcpy(dest, ctx->a, (length_b+7)/8);
+}
+*/
+	.global keccak_ctx2hash
+	.func keccak_ctx2hash
+keccak_ctx2hash:
+	push_range 2, 10
+	movw r4, r20
+	movw r6, r24
+	movw ZL, r20
+	movw r8, r22
+	subi ZL, lo8(-ctx_r)
+	sbci ZH, hi8(-ctx_r)
+	ld r2, Z+
+	ld r3, Z+
+	ldd r10, Z+3 ; load blocksize (in bytes)
+10:
+	; length_b = (r9:r8) ; r = (r3:r2) ; (H:L)
+	cp  r2, r8
+	cpc r3, r9
+;	rjmp 40f
+	brsh 40f
+	movw XL, r4
+	movw ZL, r6
+	mov r24, r10
+20:
+	ld r22, X+
+	st Z+, r22
+	dec r24
+	brne 20b
+	movw r6, ZL
+	sub r8, r2
+	sbc r9, r3
+	movw r24, r4
+	rcall keccak_f1600
+	rjmp 10b
+40:
+	movw XL, r4
+	movw ZL, r6
+	movw r24, r8
+	adiw r24, 7
+	lsr r25
+	ror r24
+	lsr r25
+	ror r24
+	lsr r25
+	ror r24
+	adiw r24, 0
+	breq 99f
+10:
+	ld r22, X+
+	st Z+, r22
+	sbiw r24, 1
+	brne 10b
+99:
+	pop_range 2, 10
 	ret
+	.endfunc
+