Hello community, here is the log from the commit of package libnettle for openSUSE:Factory checked in at 2013-06-25 17:14:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libnettle (Old) and /work/SRC/openSUSE:Factory/.libnettle.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libnettle" Changes: -------- --- /work/SRC/openSUSE:Factory/libnettle/libnettle.changes 2013-05-16 16:12:38.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libnettle.new/libnettle.changes 2013-06-25 17:15:12.000000000 +0200 @@ -1,0 +2,10 @@ +Tue Jun 25 14:15:48 UTC 2013 - [email protected] + +- Update to version 2.7.1 + * Fixed ecc_modp_mul call, to avoid invalid overlap of arguments to + mpn_mul_n. Problem tracked down by Magnus Holmgren. + * ARM fixes. +- reference gpg signatures and keyring. checking not enabled as to + avoid cycles. + +------------------------------------------------------------------- Old: ---- nettle-2.7.tar.gz New: ---- libnettle.keyring nettle-2.7.1.tar.gz nettle-2.7.1.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libnettle.spec ++++++ --- /var/tmp/diff_new_pack.766mZ5/_old 2013-06-25 17:15:13.000000000 +0200 +++ /var/tmp/diff_new_pack.766mZ5/_new 2013-06-25 17:15:13.000000000 +0200 @@ -18,7 +18,7 @@ Name: libnettle -Version: 2.7 +Version: 2.7.1 Release: 0 %define soname 4 %define hogweed_soname 2 @@ -26,7 +26,9 @@ License: LGPL-2.1+ and GPL-2.0+ Group: System/Libraries Source0: http://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.gz -Source1: baselibs.conf +Source1: http://www.lysator.liu.se/~nisse/archive/nettle-%{version}.tar.gz.sig +Source2: %name.keyring +Source3: baselibs.conf BuildRequires: gmp-devel BuildRequires: makeinfo BuildRequires: pkgconfig ++++++ nettle-2.7.tar.gz -> nettle-2.7.1.tar.gz ++++++ ++++ 1627 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/ChangeLog new/nettle-2.7.1/ChangeLog --- old/nettle-2.7/ChangeLog 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/ChangeLog 2013-05-28 16:21:53.000000000 +0200 @@ -1,3 +1,35 @@ +2013-05-28 Niels Möller <[email protected]> + + * Released nettle-2.7.1. + +2013-05-21 Niels Möller <[email protected]> + + From master (2013-05-20): + * arm/v6/sha1-compress.asm: Moved into v6 directory, since it uses + the v6 instruction uadd8, sel and rev. + * arm/v6/sha256-compress.asm: Likewise. + + From master (2013-05-15): + * configure.ac (asm_path): Handle armv6 and armv7 differently from + older ARMs. Add the arm/v6 directory to asm_path when appropriate. + + * arm/v6/aes-encrypt-internal.asm: Moved into v6 directory. Uses + the uxtb instruction which is not available for older ARMs. + * arm/v6/aes-decrypt-internal.asm: Likewise. + +2013-05-21 Niels Möller <[email protected]> + + * configure.ac: Changed version number to 2.7.1. + (LIBHOGWEED_MINOR): Bumped library version, to 4.7. + (LIBHOGWEED_MINOR): And to 2.5. + +2013-05-17 Niels Möller <[email protected]> + + From master branch: + * ecc-j-to-a.c (ecc_j_to_a): Fixed ecc_modp_mul call, to avoid + invalid overlap of arguments to mpn_mul_n. Problem tracked down by + Magnus Holmgren. + 2013-04-24 Niels Möller <[email protected]> * Released nettle-2.7. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/NEWS new/nettle-2.7.1/NEWS --- old/nettle-2.7/NEWS 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/NEWS 2013-05-28 16:21:53.000000000 +0200 @@ -1,3 +1,50 @@ +NEWS for the 2.7.1 release + + This is a bugfix release. + + Bug fixes: + + * Fixed a bug in the new ECC code. The ecc_j_to_a function + called GMP:s mpn_mul_n (via ecc_modp_mul) with overlapping + input and output arguments, which is not supported. + + * The assembly files for SHA1, SHA256 and AES depend on ARMv6 + instructions, breaking nettle-2.7 for pre-v6 ARM processors. + The configure script now enables those assembly files only + when building for ARMv6 or later. + + * Use a more portable C expression for rotations. The + previous version used the following "standard" expression + for 32-bit rotation: + + (x << n) | (x >> (32 - n)) + + But this gives undefined behavior (according to the C + specification) for n = 0. The rotate expression is replaced + by the more portable: + + (x << n) | (x >> ((-n)&31)) + + This change affects only CAST128, which uses non-constant + rotation counts. Unfortunately, the new expression is poorly + optimized by released versions of gcc, making CAST128 a bit + slower. This is being fixed by the gcc hackers, see + http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57157. + + The following problems have been reported, but are *not* fixed + in this release: + + * ARM assembly files use instruction syntax which is not + supported by all assemblers. Workaround: Use a current + version of GNU as, or configure with --disable-assembler. + + * Configuring with --disable-static doesn't work on windows. + + The libraries are intended to be binary compatible with + nettle-2.2 and later. The shared library names are + libnettle.so.4.7 and libhogweed.so.2.5, with sonames still + libnettle.so.4 and libhogweed.so.2. + NEWS for the 2.7 release This release includes an implementation of elliptic curve diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/aes-decrypt-internal.asm new/nettle-2.7.1/arm/aes-decrypt-internal.asm --- old/nettle-2.7/arm/aes-decrypt-internal.asm 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/arm/aes-decrypt-internal.asm 1970-01-01 01:00:00.000000000 +0100 @@ -1,105 +0,0 @@ -C nettle, low-level cryptographics library -C -C Copyright (C) 2013 Niels Möller -C -C The nettle library is free software; you can redistribute it and/or modify -C it under the terms of the GNU Lesser General Public License as published by -C the Free Software Foundation; either version 2.1 of the License, or (at your -C option) any later version. -C -C The nettle library is distributed in the hope that it will be useful, but -C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public -C License for more details. -C -C You should have received a copy of the GNU Lesser General Public License -C along with the nettle library; see the file COPYING.LIB. If not, write to -C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -C MA 02111-1301, USA. - -include_src(<arm/aes.m4>) - -C Benchmarked at at 785, 914, 1051 cycles/block on cortex A9, -C for 128, 192 and 256 bit key sizes. Unclear why it is slower -C than _aes_encrypt. - -define(<CTX>, <r0>) -define(<TABLE>, <r1>) -define(<LENGTH>, <r2>) -define(<DST>, <r3>) -define(<SRC>, <r12>) - -define(<W0>, <r4>) -define(<W1>, <r5>) -define(<W2>, <r6>) -define(<W3>, <r7>) -define(<T0>, <r8>) -define(<KEY>, <r10>) -define(<ROUND>, <r11>) - -define(<X0>, <r2>) C Overlaps LENGTH, SRC, DST -define(<X1>, <r3>) -define(<X2>, <r12>) -define(<X3>, <r14>) C lr - - - .file "aes-decrypt-internal.asm" - - C _aes_decrypt(struct aes_context *ctx, - C const struct aes_table *T, - C unsigned length, uint8_t *dst, - C uint8_t *src) - .text - .align 2 -PROLOGUE(_nettle_aes_decrypt) - teq LENGTH, #0 - beq .Lend - ldr SRC, [sp] - - push {r4,r5,r6,r7,r8,r10,r11,lr} -.Lblock_loop: - mov KEY, CTX - AES_LOAD(SRC,KEY,W0) - AES_LOAD(SRC,KEY,W1) - AES_LOAD(SRC,KEY,W2) - AES_LOAD(SRC,KEY,W3) - - push {LENGTH, DST, SRC} - ldr ROUND, [CTX, #+AES_NROUNDS] - add TABLE, TABLE, #AES_TABLE0 - - b .Lentry - .align 2 -.Lround_loop: - C Transform X -> W - AES_DECRYPT_ROUND(X0, X1, X2, X3, W0, W1, W2, W3, KEY) - -.Lentry: - subs ROUND, ROUND,#2 - C Transform W -> X - AES_DECRYPT_ROUND(W0, W1, W2, W3, X0, X1, X2, X3, KEY) - - bne .Lround_loop - - sub TABLE, TABLE, #AES_TABLE0 - C Final round - AES_FINAL_ROUND(X0, X3, X2, X1, KEY, W0) - AES_FINAL_ROUND(X1, X0, X3, X2, KEY, W1) - AES_FINAL_ROUND(X2, X1, X0, X3, KEY, W2) - AES_FINAL_ROUND(X3, X2, X1, X0, KEY, W3) - - pop {LENGTH, DST, SRC} - - AES_STORE(DST,W0) - AES_STORE(DST,W1) - AES_STORE(DST,W2) - AES_STORE(DST,W3) - - subs LENGTH, LENGTH, #16 - bhi .Lblock_loop - - pop {r4,r5,r6,r7,r8,r10,r11,pc} - -.Lend: - bx lr -EPILOGUE(_nettle_aes_decrypt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/aes-encrypt-internal.asm new/nettle-2.7.1/arm/aes-encrypt-internal.asm --- old/nettle-2.7/arm/aes-encrypt-internal.asm 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/arm/aes-encrypt-internal.asm 1970-01-01 01:00:00.000000000 +0100 @@ -1,107 +0,0 @@ -C nettle, low-level cryptographics library -C -C Copyright (C) 2013 Niels Möller -C -C The nettle library is free software; you can redistribute it and/or modify -C it under the terms of the GNU Lesser General Public License as published by -C the Free Software Foundation; either version 2.1 of the License, or (at your -C option) any later version. -C -C The nettle library is distributed in the hope that it will be useful, but -C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public -C License for more details. -C -C You should have received a copy of the GNU Lesser General Public License -C along with the nettle library; see the file COPYING.LIB. If not, write to -C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -C MA 02111-1301, USA. - -include_src(<arm/aes.m4>) - -C Benchmarked at at 693, 824, 950 cycles/block on cortex A9, -C for 128, 192 and 256 bit key sizes. - -C Possible improvements: More efficient load and store with -C aligned accesses. Better scheduling. - -define(<CTX>, <r0>) -define(<TABLE>, <r1>) -define(<LENGTH>, <r2>) -define(<DST>, <r3>) -define(<SRC>, <r12>) - -define(<W0>, <r4>) -define(<W1>, <r5>) -define(<W2>, <r6>) -define(<W3>, <r7>) -define(<T0>, <r8>) -define(<KEY>, <r10>) -define(<ROUND>, <r11>) - -define(<X0>, <r2>) C Overlaps LENGTH, SRC, DST -define(<X1>, <r3>) -define(<X2>, <r12>) -define(<X3>, <r14>) C lr - - - .file "aes-encrypt-internal.asm" - - C _aes_encrypt(struct aes_context *ctx, - C const struct aes_table *T, - C unsigned length, uint8_t *dst, - C uint8_t *src) - .text - .align 2 -PROLOGUE(_nettle_aes_encrypt) - teq LENGTH, #0 - beq .Lend - ldr SRC, [sp] - - push {r4,r5,r6,r7,r8,r10,r11,lr} -.Lblock_loop: - mov KEY, CTX - AES_LOAD(SRC,KEY,W0) - AES_LOAD(SRC,KEY,W1) - AES_LOAD(SRC,KEY,W2) - AES_LOAD(SRC,KEY,W3) - - push {LENGTH, DST, SRC} - ldr ROUND, [CTX, #+AES_NROUNDS] - add TABLE, TABLE, #AES_TABLE0 - - b .Lentry - .align 2 -.Lround_loop: - C Transform X -> W - AES_ENCRYPT_ROUND(X0, X1, X2, X3, W0, W1, W2, W3, KEY) - -.Lentry: - subs ROUND, ROUND,#2 - C Transform W -> X - AES_ENCRYPT_ROUND(W0, W1, W2, W3, X0, X1, X2, X3, KEY) - - bne .Lround_loop - - sub TABLE, TABLE, #AES_TABLE0 - C Final round - AES_FINAL_ROUND(X0, X1, X2, X3, KEY, W0) - AES_FINAL_ROUND(X1, X2, X3, X0, KEY, W1) - AES_FINAL_ROUND(X2, X3, X0, X1, KEY, W2) - AES_FINAL_ROUND(X3, X0, X1, X2, KEY, W3) - - pop {LENGTH, DST, SRC} - - AES_STORE(DST,W0) - AES_STORE(DST,W1) - AES_STORE(DST,W2) - AES_STORE(DST,W3) - - subs LENGTH, LENGTH, #16 - bhi .Lblock_loop - - pop {r4,r5,r6,r7,r8,r10,r11,pc} - -.Lend: - bx lr -EPILOGUE(_nettle_aes_encrypt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/sha1-compress.asm new/nettle-2.7.1/arm/sha1-compress.asm --- old/nettle-2.7/arm/sha1-compress.asm 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/arm/sha1-compress.asm 1970-01-01 01:00:00.000000000 +0100 @@ -1,234 +0,0 @@ -C nettle, low-level cryptographics library -C -C Copyright (C) 2013 Niels Möller -C -C The nettle library is free software; you can redistribute it and/or modify -C it under the terms of the GNU Lesser General Public License as published by -C the Free Software Foundation; either version 2.1 of the License, or (at your -C option) any later version. -C -C The nettle library is distributed in the hope that it will be useful, but -C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public -C License for more details. -C -C You should have received a copy of the GNU Lesser General Public License -C along with the nettle library; see the file COPYING.LIB. If not, write to -C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -C MA 02111-1301, USA. - - .file "sha1-compress.asm" - -define(<STATE>, <r0>) -define(<INPUT>, <r1>) -define(<SA>, <r2>) -define(<SB>, <r3>) -define(<SC>, <r4>) -define(<SD>, <r5>) -define(<SE>, <r6>) -define(<T0>, <r7>) -define(<SHIFT>, <r8>) -define(<WPREV>, <r10>) -define(<W>, <r12>) -define(<K>, <lr>) - -C FIXME: Could avoid a mov with even and odd variants. -define(<LOAD>, < - ldr T0, [INPUT], #+4 - sel W, WPREV, T0 - ror W, W, SHIFT - mov WPREV, T0 - rev W, W - str W, [SP,#eval(4*$1)] ->) -define(<EXPN>, < - ldr W, [sp, #+eval(4*$1)] - ldr T0, [sp, #+eval(4*(($1 + 2) % 16))] - eor W, W, T0 - ldr T0, [sp, #+eval(4*(($1 + 8) % 16))] - eor W, W, T0 - ldr T0, [sp, #+eval(4*(($1 + 13) % 16))] - eor W, W, T0 - ror W, W, #31 - str W, [sp, #+eval(4*$1)] ->) - -C F1(B,C,D) = D^(B&(C^D)) -C ROUND1(A,B,C,D,E) -define(<ROUND1>, < - eor T0, $3, $4 - add $5, $5, K - and T0, T0, $2 - add $5, $5, $1, ror #27 - eor T0, T0, $4 - add $5, $5, W - ror $2, $2, #2 - add $5, $5, T0 ->) -C F2(B,C,D) = B^C^D -define(<ROUND2>, < - eor T0, $2, $4 - add $5, $5, K - eor T0, T0, $3 - add $5, $5, $1, ror #27 - add $5, $5, W - ror $2, $2, #2 - add $5, $5, T0 ->) -C F3(B,C,D) = (B&C) | (D & (B|C)) = (B & (C ^ D)) + (C & D) -define(<ROUND3>, < - eor T0, $3, $4 - add $5, $5, K - and T0, T0, $2 - add $5, $5, $1, ror #27 - add $5, $5, T0 - add $5, $5, W - and T0, $3, $4 - ror $2, $2, #2 - add $5, $5, T0 ->) - C void _nettle_sha1_compress(uint32_t *state, const uint8_t *input) - - .text - .align 2 -.LK1: - .int 0x5A827999 -.LK2: - .int 0x6ED9EBA1 -.LK3: - .int 0x8F1BBCDC - -PROLOGUE(_nettle_sha1_compress) - push {r4,r5,r6,r7,r8,r10,lr} - sub sp, sp, #64 - - C Sets SHIFT to 8*low bits of input pointer. Sets up GE flags - C as follows, corresponding to bytes to be used from WPREV - C SHIFT 0 8 16 24 - C CPSR.GE 0000 1110 1100 1000 - ands SHIFT, INPUT, #3 - and INPUT, INPUT, $-4 - ldr WPREV, [INPUT] - addne INPUT, INPUT, #4 C Unaligned input - lsl SHIFT, SHIFT, #3 - mov T0, #0 - movne T0, #-1 - lsl W, T0, SHIFT - uadd8 T0, T0, W C Sets APSR.GE bits - - ldr K, .LK1 - ldm STATE, {SA,SB,SC,SD,SE} - - LOAD( 0) ROUND1(SA, SB, SC, SD, SE) - LOAD( 1) ROUND1(SE, SA, SB, SC, SD) - LOAD( 2) ROUND1(SD, SE, SA, SB, SC) - LOAD( 3) ROUND1(SC, SD, SE, SA, SB) - LOAD( 4) ROUND1(SB, SC, SD, SE, SA) - - LOAD( 5) ROUND1(SA, SB, SC, SD, SE) - LOAD( 6) ROUND1(SE, SA, SB, SC, SD) - LOAD( 7) ROUND1(SD, SE, SA, SB, SC) - LOAD( 8) ROUND1(SC, SD, SE, SA, SB) - LOAD( 9) ROUND1(SB, SC, SD, SE, SA) - - LOAD(10) ROUND1(SA, SB, SC, SD, SE) - LOAD(11) ROUND1(SE, SA, SB, SC, SD) - LOAD(12) ROUND1(SD, SE, SA, SB, SC) - LOAD(13) ROUND1(SC, SD, SE, SA, SB) - LOAD(14) ROUND1(SB, SC, SD, SE, SA) - - LOAD(15) ROUND1(SA, SB, SC, SD, SE) - EXPN( 0) ROUND1(SE, SA, SB, SC, SD) - EXPN( 1) ROUND1(SD, SE, SA, SB, SC) - EXPN( 2) ROUND1(SC, SD, SE, SA, SB) - EXPN( 3) ROUND1(SB, SC, SD, SE, SA) - - ldr K, .LK2 - EXPN( 4) ROUND2(SA, SB, SC, SD, SE) - EXPN( 5) ROUND2(SE, SA, SB, SC, SD) - EXPN( 6) ROUND2(SD, SE, SA, SB, SC) - EXPN( 7) ROUND2(SC, SD, SE, SA, SB) - EXPN( 8) ROUND2(SB, SC, SD, SE, SA) - - EXPN( 9) ROUND2(SA, SB, SC, SD, SE) - EXPN(10) ROUND2(SE, SA, SB, SC, SD) - EXPN(11) ROUND2(SD, SE, SA, SB, SC) - EXPN(12) ROUND2(SC, SD, SE, SA, SB) - EXPN(13) ROUND2(SB, SC, SD, SE, SA) - - EXPN(14) ROUND2(SA, SB, SC, SD, SE) - EXPN(15) ROUND2(SE, SA, SB, SC, SD) - EXPN( 0) ROUND2(SD, SE, SA, SB, SC) - EXPN( 1) ROUND2(SC, SD, SE, SA, SB) - EXPN( 2) ROUND2(SB, SC, SD, SE, SA) - - EXPN( 3) ROUND2(SA, SB, SC, SD, SE) - EXPN( 4) ROUND2(SE, SA, SB, SC, SD) - EXPN( 5) ROUND2(SD, SE, SA, SB, SC) - EXPN( 6) ROUND2(SC, SD, SE, SA, SB) - EXPN( 7) ROUND2(SB, SC, SD, SE, SA) - - ldr K, .LK3 - EXPN( 8) ROUND3(SA, SB, SC, SD, SE) - EXPN( 9) ROUND3(SE, SA, SB, SC, SD) - EXPN(10) ROUND3(SD, SE, SA, SB, SC) - EXPN(11) ROUND3(SC, SD, SE, SA, SB) - EXPN(12) ROUND3(SB, SC, SD, SE, SA) - - EXPN(13) ROUND3(SA, SB, SC, SD, SE) - EXPN(14) ROUND3(SE, SA, SB, SC, SD) - EXPN(15) ROUND3(SD, SE, SA, SB, SC) - EXPN( 0) ROUND3(SC, SD, SE, SA, SB) - EXPN( 1) ROUND3(SB, SC, SD, SE, SA) - - EXPN( 2) ROUND3(SA, SB, SC, SD, SE) - EXPN( 3) ROUND3(SE, SA, SB, SC, SD) - EXPN( 4) ROUND3(SD, SE, SA, SB, SC) - EXPN( 5) ROUND3(SC, SD, SE, SA, SB) - EXPN( 6) ROUND3(SB, SC, SD, SE, SA) - - EXPN( 7) ROUND3(SA, SB, SC, SD, SE) - EXPN( 8) ROUND3(SE, SA, SB, SC, SD) - EXPN( 9) ROUND3(SD, SE, SA, SB, SC) - EXPN(10) ROUND3(SC, SD, SE, SA, SB) - EXPN(11) ROUND3(SB, SC, SD, SE, SA) - - ldr K, .LK4 - EXPN(12) ROUND2(SA, SB, SC, SD, SE) - EXPN(13) ROUND2(SE, SA, SB, SC, SD) - EXPN(14) ROUND2(SD, SE, SA, SB, SC) - EXPN(15) ROUND2(SC, SD, SE, SA, SB) - EXPN( 0) ROUND2(SB, SC, SD, SE, SA) - - EXPN( 1) ROUND2(SA, SB, SC, SD, SE) - EXPN( 2) ROUND2(SE, SA, SB, SC, SD) - EXPN( 3) ROUND2(SD, SE, SA, SB, SC) - EXPN( 4) ROUND2(SC, SD, SE, SA, SB) - EXPN( 5) ROUND2(SB, SC, SD, SE, SA) - - EXPN( 6) ROUND2(SA, SB, SC, SD, SE) - EXPN( 7) ROUND2(SE, SA, SB, SC, SD) - EXPN( 8) ROUND2(SD, SE, SA, SB, SC) - EXPN( 9) ROUND2(SC, SD, SE, SA, SB) - EXPN(10) ROUND2(SB, SC, SD, SE, SA) - - EXPN(11) ROUND2(SA, SB, SC, SD, SE) - EXPN(12) ROUND2(SE, SA, SB, SC, SD) - EXPN(13) ROUND2(SD, SE, SA, SB, SC) - EXPN(14) ROUND2(SC, SD, SE, SA, SB) - EXPN(15) ROUND2(SB, SC, SD, SE, SA) - - C Use registers we no longer need. - ldm STATE, {INPUT,T0,SHIFT,W,K} - add SA, SA, INPUT - add SB, SB, T0 - add SC, SC, SHIFT - add SD, SD, W - add SE, SE, K - add sp, sp, #64 - stm STATE, {SA,SB,SC,SD,SE} - pop {r4,r5,r6,r7,r8,r10,pc} -EPILOGUE(_nettle_sha1_compress) - -.LK4: - .int 0xCA62C1D6 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/sha256-compress.asm new/nettle-2.7.1/arm/sha256-compress.asm --- old/nettle-2.7/arm/sha256-compress.asm 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/arm/sha256-compress.asm 1970-01-01 01:00:00.000000000 +0100 @@ -1,204 +0,0 @@ -C nettle, low-level cryptographics library -C -C Copyright (C) 2013 Niels Möller -C -C The nettle library is free software; you can redistribute it and/or modify -C it under the terms of the GNU Lesser General Public License as published by -C the Free Software Foundation; either version 2.1 of the License, or (at your -C option) any later version. -C -C The nettle library is distributed in the hope that it will be useful, but -C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public -C License for more details. -C -C You should have received a copy of the GNU Lesser General Public License -C along with the nettle library; see the file COPYING.LIB. If not, write to -C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -C MA 02111-1301, USA. - - .file "sha256-compress.asm" - -define(<STATE>, <r0>) -define(<INPUT>, <r1>) -define(<K>, <r2>) -define(<SA>, <r3>) -define(<SB>, <r4>) -define(<SC>, <r5>) -define(<SD>, <r6>) -define(<SE>, <r7>) -define(<SF>, <r8>) -define(<SG>, <r10>) -define(<SH>, <r11>) -define(<T0>, <r12>) -define(<T1>, <r1>) C Overlap INPUT -define(<COUNT>, <r0>) C Overlap STATE -define(<W>, <r14>) - -C Used for data load -define(<I0>, <r3>) -define(<I1>, <r4>) -define(<I2>, <r5>) -define(<I3>, <r6>) -define(<I4>, <r7>) -define(<DST>, <r8>) -define(<SHIFT>, <r10>) -define(<ILEFT>, <r11>) - -define(<EXPN>, < - ldr W, [sp, #+eval(4*$1)] - ldr T0, [sp, #+eval(4*(($1 + 14) % 16))] - ror T1, T0, #17 - eor T1, T1, T0, ror #19 - eor T1, T1, T0, lsr #10 - add W, W, T1 - ldr T0, [sp, #+eval(4*(($1 + 9) % 16))] - add W, W, T0 - ldr T0, [sp, #+eval(4*(($1 + 1) % 16))] - ror T1, T0, #7 - eor T1, T1, T0, ror #18 - eor T1, T1, T0, lsr #3 - add W, W, T1 - str W, [sp, #+eval(4*$1)] ->) - -C ROUND(A,B,C,D,E,F,G,H) -C -C H += S1(E) + Choice(E,F,G) + K + W -C D += H -C H += S0(A) + Majority(A,B,C) -C -C Where -C -C S1(E) = E<<<26 ^ E<<<21 ^ E<<<7 -C S0(A) = A<<<30 ^ A<<<19 ^ A<<<10 -C Choice (E, F, G) = G^(E&(F^G)) -C Majority (A,B,C) = (A&B) + (C&(A^B)) - -define(<ROUND>, < - ror T0, $5, #6 - eor T0, T0, $5, ror #11 - eor T0, T0, $5, ror #25 - add $8, $8, T0 - eor T0, $6, $7 - and T0, T0, $5 - eor T0, T0, $7 - add $8,$8, T0 - ldr T0, [K], #+4 - add $8, $8, W - add $8, $8, T0 - add $4, $4, $8 - ror T0, $1, #2 - eor T0, T0, $1, ror #13 - eor T0, T0, $1, ror #22 - add $8, $8, T0 - and T0, $1, $2 - add $8, $8, T0 - eor T0, $1, $2 - and T0, T0, $3 - add $8, $8, T0 ->) - -define(<NOEXPN>, < - ldr W, [sp, + $1] - add $1, $1, #4 ->) - C void - C _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k) - - .text - .align 2 - -PROLOGUE(_nettle_sha256_compress) - push {r4,r5,r6,r7,r8,r10,r11,r14} - sub sp, sp, #68 - str STATE, [sp, +#64] - - C Load data up front, since we don't have enough registers - C to load and shift on-the-fly - ands SHIFT, INPUT, #3 - and INPUT, INPUT, $-4 - ldr I0, [INPUT] - addne INPUT, INPUT, #4 - lsl SHIFT, SHIFT, #3 - mov T0, #0 - movne T0, #-1 - lsl I1, T0, SHIFT - uadd8 T0, T0, I1 C Sets APSR.GE bits - - mov DST, sp - mov ILEFT, #4 -.Lcopy: - ldm INPUT!, {I1,I2,I3,I4} - sel I0, I0, I1 - ror I0, I0, SHIFT - rev I0, I0 - sel I1, I1, I2 - ror I1, I1, SHIFT - rev I1, I1 - sel I2, I2, I3 - ror I2, I2, SHIFT - rev I2, I2 - sel I3, I3, I4 - ror I3, I3, SHIFT - rev I3, I3 - subs ILEFT, ILEFT, #1 - stm DST!, {I0,I1,I2,I3} - mov I0, I4 - bne .Lcopy - - ldm STATE, {SA,SB,SC,SD,SE,SF,SG,SH} - - mov COUNT,#0 - -.Loop1: - NOEXPN(COUNT) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) - NOEXPN(COUNT) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) - NOEXPN(COUNT) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) - NOEXPN(COUNT) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) - NOEXPN(COUNT) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) - NOEXPN(COUNT) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) - NOEXPN(COUNT) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) - NOEXPN(COUNT) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) - cmp COUNT,#64 - bne .Loop1 - - mov COUNT, #3 -.Loop2: - - EXPN( 0) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) - EXPN( 1) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) - EXPN( 2) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) - EXPN( 3) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) - EXPN( 4) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) - EXPN( 5) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) - EXPN( 6) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) - EXPN( 7) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) - EXPN( 8) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) - EXPN( 9) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) - EXPN(10) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) - EXPN(11) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) - EXPN(12) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) - EXPN(13) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) - EXPN(14) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) - subs COUNT, COUNT, #1 - EXPN(15) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) - bne .Loop2 - - ldr STATE, [sp, +#64] - C No longer needed registers - ldm STATE, {r1,r2,r12,r14} - add SA, SA, r1 - add SB, SB, r2 - add SC, SC, r12 - add SD, SD, r14 - stm STATE!, {SA,SB,SC,SD} - ldm STATE, {r1,r2,r12,r14} - add SE, SE, r1 - add SF, SF, r2 - add SG, SG, r12 - add SH, SH, r14 - stm STATE!, {SE,SF,SG,SH} - add sp, sp, #68 - pop {r4,r5,r6,r7,r8,r10,r11,pc} -EPILOGUE(_nettle_sha256_compress) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/v6/aes-decrypt-internal.asm new/nettle-2.7.1/arm/v6/aes-decrypt-internal.asm --- old/nettle-2.7/arm/v6/aes-decrypt-internal.asm 1970-01-01 01:00:00.000000000 +0100 +++ new/nettle-2.7.1/arm/v6/aes-decrypt-internal.asm 2013-05-28 16:21:54.000000000 +0200 @@ -0,0 +1,105 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2013 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +C MA 02111-1301, USA. + +include_src(<arm/aes.m4>) + +C Benchmarked at at 785, 914, 1051 cycles/block on cortex A9, +C for 128, 192 and 256 bit key sizes. Unclear why it is slower +C than _aes_encrypt. + +define(<CTX>, <r0>) +define(<TABLE>, <r1>) +define(<LENGTH>, <r2>) +define(<DST>, <r3>) +define(<SRC>, <r12>) + +define(<W0>, <r4>) +define(<W1>, <r5>) +define(<W2>, <r6>) +define(<W3>, <r7>) +define(<T0>, <r8>) +define(<KEY>, <r10>) +define(<ROUND>, <r11>) + +define(<X0>, <r2>) C Overlaps LENGTH, SRC, DST +define(<X1>, <r3>) +define(<X2>, <r12>) +define(<X3>, <r14>) C lr + + + .file "aes-decrypt-internal.asm" + + C _aes_decrypt(struct aes_context *ctx, + C const struct aes_table *T, + C unsigned length, uint8_t *dst, + C uint8_t *src) + .text + .align 2 +PROLOGUE(_nettle_aes_decrypt) + teq LENGTH, #0 + beq .Lend + ldr SRC, [sp] + + push {r4,r5,r6,r7,r8,r10,r11,lr} +.Lblock_loop: + mov KEY, CTX + AES_LOAD(SRC,KEY,W0) + AES_LOAD(SRC,KEY,W1) + AES_LOAD(SRC,KEY,W2) + AES_LOAD(SRC,KEY,W3) + + push {LENGTH, DST, SRC} + ldr ROUND, [CTX, #+AES_NROUNDS] + add TABLE, TABLE, #AES_TABLE0 + + b .Lentry + .align 2 +.Lround_loop: + C Transform X -> W + AES_DECRYPT_ROUND(X0, X1, X2, X3, W0, W1, W2, W3, KEY) + +.Lentry: + subs ROUND, ROUND,#2 + C Transform W -> X + AES_DECRYPT_ROUND(W0, W1, W2, W3, X0, X1, X2, X3, KEY) + + bne .Lround_loop + + sub TABLE, TABLE, #AES_TABLE0 + C Final round + AES_FINAL_ROUND(X0, X3, X2, X1, KEY, W0) + AES_FINAL_ROUND(X1, X0, X3, X2, KEY, W1) + AES_FINAL_ROUND(X2, X1, X0, X3, KEY, W2) + AES_FINAL_ROUND(X3, X2, X1, X0, KEY, W3) + + pop {LENGTH, DST, SRC} + + AES_STORE(DST,W0) + AES_STORE(DST,W1) + AES_STORE(DST,W2) + AES_STORE(DST,W3) + + subs LENGTH, LENGTH, #16 + bhi .Lblock_loop + + pop {r4,r5,r6,r7,r8,r10,r11,pc} + +.Lend: + bx lr +EPILOGUE(_nettle_aes_decrypt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/v6/aes-encrypt-internal.asm new/nettle-2.7.1/arm/v6/aes-encrypt-internal.asm --- old/nettle-2.7/arm/v6/aes-encrypt-internal.asm 1970-01-01 01:00:00.000000000 +0100 +++ new/nettle-2.7.1/arm/v6/aes-encrypt-internal.asm 2013-05-28 16:21:54.000000000 +0200 @@ -0,0 +1,107 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2013 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +C MA 02111-1301, USA. + +include_src(<arm/aes.m4>) + +C Benchmarked at at 693, 824, 950 cycles/block on cortex A9, +C for 128, 192 and 256 bit key sizes. + +C Possible improvements: More efficient load and store with +C aligned accesses. Better scheduling. + +define(<CTX>, <r0>) +define(<TABLE>, <r1>) +define(<LENGTH>, <r2>) +define(<DST>, <r3>) +define(<SRC>, <r12>) + +define(<W0>, <r4>) +define(<W1>, <r5>) +define(<W2>, <r6>) +define(<W3>, <r7>) +define(<T0>, <r8>) +define(<KEY>, <r10>) +define(<ROUND>, <r11>) + +define(<X0>, <r2>) C Overlaps LENGTH, SRC, DST +define(<X1>, <r3>) +define(<X2>, <r12>) +define(<X3>, <r14>) C lr + + + .file "aes-encrypt-internal.asm" + + C _aes_encrypt(struct aes_context *ctx, + C const struct aes_table *T, + C unsigned length, uint8_t *dst, + C uint8_t *src) + .text + .align 2 +PROLOGUE(_nettle_aes_encrypt) + teq LENGTH, #0 + beq .Lend + ldr SRC, [sp] + + push {r4,r5,r6,r7,r8,r10,r11,lr} +.Lblock_loop: + mov KEY, CTX + AES_LOAD(SRC,KEY,W0) + AES_LOAD(SRC,KEY,W1) + AES_LOAD(SRC,KEY,W2) + AES_LOAD(SRC,KEY,W3) + + push {LENGTH, DST, SRC} + ldr ROUND, [CTX, #+AES_NROUNDS] + add TABLE, TABLE, #AES_TABLE0 + + b .Lentry + .align 2 +.Lround_loop: + C Transform X -> W + AES_ENCRYPT_ROUND(X0, X1, X2, X3, W0, W1, W2, W3, KEY) + +.Lentry: + subs ROUND, ROUND,#2 + C Transform W -> X + AES_ENCRYPT_ROUND(W0, W1, W2, W3, X0, X1, X2, X3, KEY) + + bne .Lround_loop + + sub TABLE, TABLE, #AES_TABLE0 + C Final round + AES_FINAL_ROUND(X0, X1, X2, X3, KEY, W0) + AES_FINAL_ROUND(X1, X2, X3, X0, KEY, W1) + AES_FINAL_ROUND(X2, X3, X0, X1, KEY, W2) + AES_FINAL_ROUND(X3, X0, X1, X2, KEY, W3) + + pop {LENGTH, DST, SRC} + + AES_STORE(DST,W0) + AES_STORE(DST,W1) + AES_STORE(DST,W2) + AES_STORE(DST,W3) + + subs LENGTH, LENGTH, #16 + bhi .Lblock_loop + + pop {r4,r5,r6,r7,r8,r10,r11,pc} + +.Lend: + bx lr +EPILOGUE(_nettle_aes_encrypt) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/v6/sha1-compress.asm new/nettle-2.7.1/arm/v6/sha1-compress.asm --- old/nettle-2.7/arm/v6/sha1-compress.asm 1970-01-01 01:00:00.000000000 +0100 +++ new/nettle-2.7.1/arm/v6/sha1-compress.asm 2013-05-28 16:21:54.000000000 +0200 @@ -0,0 +1,234 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2013 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +C MA 02111-1301, USA. + + .file "sha1-compress.asm" + +define(<STATE>, <r0>) +define(<INPUT>, <r1>) +define(<SA>, <r2>) +define(<SB>, <r3>) +define(<SC>, <r4>) +define(<SD>, <r5>) +define(<SE>, <r6>) +define(<T0>, <r7>) +define(<SHIFT>, <r8>) +define(<WPREV>, <r10>) +define(<W>, <r12>) +define(<K>, <lr>) + +C FIXME: Could avoid a mov with even and odd variants. +define(<LOAD>, < + ldr T0, [INPUT], #+4 + sel W, WPREV, T0 + ror W, W, SHIFT + mov WPREV, T0 + rev W, W + str W, [SP,#eval(4*$1)] +>) +define(<EXPN>, < + ldr W, [sp, #+eval(4*$1)] + ldr T0, [sp, #+eval(4*(($1 + 2) % 16))] + eor W, W, T0 + ldr T0, [sp, #+eval(4*(($1 + 8) % 16))] + eor W, W, T0 + ldr T0, [sp, #+eval(4*(($1 + 13) % 16))] + eor W, W, T0 + ror W, W, #31 + str W, [sp, #+eval(4*$1)] +>) + +C F1(B,C,D) = D^(B&(C^D)) +C ROUND1(A,B,C,D,E) +define(<ROUND1>, < + eor T0, $3, $4 + add $5, $5, K + and T0, T0, $2 + add $5, $5, $1, ror #27 + eor T0, T0, $4 + add $5, $5, W + ror $2, $2, #2 + add $5, $5, T0 +>) +C F2(B,C,D) = B^C^D +define(<ROUND2>, < + eor T0, $2, $4 + add $5, $5, K + eor T0, T0, $3 + add $5, $5, $1, ror #27 + add $5, $5, W + ror $2, $2, #2 + add $5, $5, T0 +>) +C F3(B,C,D) = (B&C) | (D & (B|C)) = (B & (C ^ D)) + (C & D) +define(<ROUND3>, < + eor T0, $3, $4 + add $5, $5, K + and T0, T0, $2 + add $5, $5, $1, ror #27 + add $5, $5, T0 + add $5, $5, W + and T0, $3, $4 + ror $2, $2, #2 + add $5, $5, T0 +>) + C void _nettle_sha1_compress(uint32_t *state, const uint8_t *input) + + .text + .align 2 +.LK1: + .int 0x5A827999 +.LK2: + .int 0x6ED9EBA1 +.LK3: + .int 0x8F1BBCDC + +PROLOGUE(_nettle_sha1_compress) + push {r4,r5,r6,r7,r8,r10,lr} + sub sp, sp, #64 + + C Sets SHIFT to 8*low bits of input pointer. Sets up GE flags + C as follows, corresponding to bytes to be used from WPREV + C SHIFT 0 8 16 24 + C CPSR.GE 0000 1110 1100 1000 + ands SHIFT, INPUT, #3 + and INPUT, INPUT, $-4 + ldr WPREV, [INPUT] + addne INPUT, INPUT, #4 C Unaligned input + lsl SHIFT, SHIFT, #3 + mov T0, #0 + movne T0, #-1 + lsl W, T0, SHIFT + uadd8 T0, T0, W C Sets APSR.GE bits + + ldr K, .LK1 + ldm STATE, {SA,SB,SC,SD,SE} + + LOAD( 0) ROUND1(SA, SB, SC, SD, SE) + LOAD( 1) ROUND1(SE, SA, SB, SC, SD) + LOAD( 2) ROUND1(SD, SE, SA, SB, SC) + LOAD( 3) ROUND1(SC, SD, SE, SA, SB) + LOAD( 4) ROUND1(SB, SC, SD, SE, SA) + + LOAD( 5) ROUND1(SA, SB, SC, SD, SE) + LOAD( 6) ROUND1(SE, SA, SB, SC, SD) + LOAD( 7) ROUND1(SD, SE, SA, SB, SC) + LOAD( 8) ROUND1(SC, SD, SE, SA, SB) + LOAD( 9) ROUND1(SB, SC, SD, SE, SA) + + LOAD(10) ROUND1(SA, SB, SC, SD, SE) + LOAD(11) ROUND1(SE, SA, SB, SC, SD) + LOAD(12) ROUND1(SD, SE, SA, SB, SC) + LOAD(13) ROUND1(SC, SD, SE, SA, SB) + LOAD(14) ROUND1(SB, SC, SD, SE, SA) + + LOAD(15) ROUND1(SA, SB, SC, SD, SE) + EXPN( 0) ROUND1(SE, SA, SB, SC, SD) + EXPN( 1) ROUND1(SD, SE, SA, SB, SC) + EXPN( 2) ROUND1(SC, SD, SE, SA, SB) + EXPN( 3) ROUND1(SB, SC, SD, SE, SA) + + ldr K, .LK2 + EXPN( 4) ROUND2(SA, SB, SC, SD, SE) + EXPN( 5) ROUND2(SE, SA, SB, SC, SD) + EXPN( 6) ROUND2(SD, SE, SA, SB, SC) + EXPN( 7) ROUND2(SC, SD, SE, SA, SB) + EXPN( 8) ROUND2(SB, SC, SD, SE, SA) + + EXPN( 9) ROUND2(SA, SB, SC, SD, SE) + EXPN(10) ROUND2(SE, SA, SB, SC, SD) + EXPN(11) ROUND2(SD, SE, SA, SB, SC) + EXPN(12) ROUND2(SC, SD, SE, SA, SB) + EXPN(13) ROUND2(SB, SC, SD, SE, SA) + + EXPN(14) ROUND2(SA, SB, SC, SD, SE) + EXPN(15) ROUND2(SE, SA, SB, SC, SD) + EXPN( 0) ROUND2(SD, SE, SA, SB, SC) + EXPN( 1) ROUND2(SC, SD, SE, SA, SB) + EXPN( 2) ROUND2(SB, SC, SD, SE, SA) + + EXPN( 3) ROUND2(SA, SB, SC, SD, SE) + EXPN( 4) ROUND2(SE, SA, SB, SC, SD) + EXPN( 5) ROUND2(SD, SE, SA, SB, SC) + EXPN( 6) ROUND2(SC, SD, SE, SA, SB) + EXPN( 7) ROUND2(SB, SC, SD, SE, SA) + + ldr K, .LK3 + EXPN( 8) ROUND3(SA, SB, SC, SD, SE) + EXPN( 9) ROUND3(SE, SA, SB, SC, SD) + EXPN(10) ROUND3(SD, SE, SA, SB, SC) + EXPN(11) ROUND3(SC, SD, SE, SA, SB) + EXPN(12) ROUND3(SB, SC, SD, SE, SA) + + EXPN(13) ROUND3(SA, SB, SC, SD, SE) + EXPN(14) ROUND3(SE, SA, SB, SC, SD) + EXPN(15) ROUND3(SD, SE, SA, SB, SC) + EXPN( 0) ROUND3(SC, SD, SE, SA, SB) + EXPN( 1) ROUND3(SB, SC, SD, SE, SA) + + EXPN( 2) ROUND3(SA, SB, SC, SD, SE) + EXPN( 3) ROUND3(SE, SA, SB, SC, SD) + EXPN( 4) ROUND3(SD, SE, SA, SB, SC) + EXPN( 5) ROUND3(SC, SD, SE, SA, SB) + EXPN( 6) ROUND3(SB, SC, SD, SE, SA) + + EXPN( 7) ROUND3(SA, SB, SC, SD, SE) + EXPN( 8) ROUND3(SE, SA, SB, SC, SD) + EXPN( 9) ROUND3(SD, SE, SA, SB, SC) + EXPN(10) ROUND3(SC, SD, SE, SA, SB) + EXPN(11) ROUND3(SB, SC, SD, SE, SA) + + ldr K, .LK4 + EXPN(12) ROUND2(SA, SB, SC, SD, SE) + EXPN(13) ROUND2(SE, SA, SB, SC, SD) + EXPN(14) ROUND2(SD, SE, SA, SB, SC) + EXPN(15) ROUND2(SC, SD, SE, SA, SB) + EXPN( 0) ROUND2(SB, SC, SD, SE, SA) + + EXPN( 1) ROUND2(SA, SB, SC, SD, SE) + EXPN( 2) ROUND2(SE, SA, SB, SC, SD) + EXPN( 3) ROUND2(SD, SE, SA, SB, SC) + EXPN( 4) ROUND2(SC, SD, SE, SA, SB) + EXPN( 5) ROUND2(SB, SC, SD, SE, SA) + + EXPN( 6) ROUND2(SA, SB, SC, SD, SE) + EXPN( 7) ROUND2(SE, SA, SB, SC, SD) + EXPN( 8) ROUND2(SD, SE, SA, SB, SC) + EXPN( 9) ROUND2(SC, SD, SE, SA, SB) + EXPN(10) ROUND2(SB, SC, SD, SE, SA) + + EXPN(11) ROUND2(SA, SB, SC, SD, SE) + EXPN(12) ROUND2(SE, SA, SB, SC, SD) + EXPN(13) ROUND2(SD, SE, SA, SB, SC) + EXPN(14) ROUND2(SC, SD, SE, SA, SB) + EXPN(15) ROUND2(SB, SC, SD, SE, SA) + + C Use registers we no longer need. + ldm STATE, {INPUT,T0,SHIFT,W,K} + add SA, SA, INPUT + add SB, SB, T0 + add SC, SC, SHIFT + add SD, SD, W + add SE, SE, K + add sp, sp, #64 + stm STATE, {SA,SB,SC,SD,SE} + pop {r4,r5,r6,r7,r8,r10,pc} +EPILOGUE(_nettle_sha1_compress) + +.LK4: + .int 0xCA62C1D6 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/arm/v6/sha256-compress.asm new/nettle-2.7.1/arm/v6/sha256-compress.asm --- old/nettle-2.7/arm/v6/sha256-compress.asm 1970-01-01 01:00:00.000000000 +0100 +++ new/nettle-2.7.1/arm/v6/sha256-compress.asm 2013-05-28 16:21:54.000000000 +0200 @@ -0,0 +1,204 @@ +C nettle, low-level cryptographics library +C +C Copyright (C) 2013 Niels Möller +C +C The nettle library is free software; you can redistribute it and/or modify +C it under the terms of the GNU Lesser General Public License as published by +C the Free Software Foundation; either version 2.1 of the License, or (at your +C option) any later version. +C +C The nettle library is distributed in the hope that it will be useful, but +C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public +C License for more details. +C +C You should have received a copy of the GNU Lesser General Public License +C along with the nettle library; see the file COPYING.LIB. If not, write to +C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +C MA 02111-1301, USA. + + .file "sha256-compress.asm" + +define(<STATE>, <r0>) +define(<INPUT>, <r1>) +define(<K>, <r2>) +define(<SA>, <r3>) +define(<SB>, <r4>) +define(<SC>, <r5>) +define(<SD>, <r6>) +define(<SE>, <r7>) +define(<SF>, <r8>) +define(<SG>, <r10>) +define(<SH>, <r11>) +define(<T0>, <r12>) +define(<T1>, <r1>) C Overlap INPUT +define(<COUNT>, <r0>) C Overlap STATE +define(<W>, <r14>) + +C Used for data load +define(<I0>, <r3>) +define(<I1>, <r4>) +define(<I2>, <r5>) +define(<I3>, <r6>) +define(<I4>, <r7>) +define(<DST>, <r8>) +define(<SHIFT>, <r10>) +define(<ILEFT>, <r11>) + +define(<EXPN>, < + ldr W, [sp, #+eval(4*$1)] + ldr T0, [sp, #+eval(4*(($1 + 14) % 16))] + ror T1, T0, #17 + eor T1, T1, T0, ror #19 + eor T1, T1, T0, lsr #10 + add W, W, T1 + ldr T0, [sp, #+eval(4*(($1 + 9) % 16))] + add W, W, T0 + ldr T0, [sp, #+eval(4*(($1 + 1) % 16))] + ror T1, T0, #7 + eor T1, T1, T0, ror #18 + eor T1, T1, T0, lsr #3 + add W, W, T1 + str W, [sp, #+eval(4*$1)] +>) + +C ROUND(A,B,C,D,E,F,G,H) +C +C H += S1(E) + Choice(E,F,G) + K + W +C D += H +C H += S0(A) + Majority(A,B,C) +C +C Where +C +C S1(E) = E<<<26 ^ E<<<21 ^ E<<<7 +C S0(A) = A<<<30 ^ A<<<19 ^ A<<<10 +C Choice (E, F, G) = G^(E&(F^G)) +C Majority (A,B,C) = (A&B) + (C&(A^B)) + +define(<ROUND>, < + ror T0, $5, #6 + eor T0, T0, $5, ror #11 + eor T0, T0, $5, ror #25 + add $8, $8, T0 + eor T0, $6, $7 + and T0, T0, $5 + eor T0, T0, $7 + add $8,$8, T0 + ldr T0, [K], #+4 + add $8, $8, W + add $8, $8, T0 + add $4, $4, $8 + ror T0, $1, #2 + eor T0, T0, $1, ror #13 + eor T0, T0, $1, ror #22 + add $8, $8, T0 + and T0, $1, $2 + add $8, $8, T0 + eor T0, $1, $2 + and T0, T0, $3 + add $8, $8, T0 +>) + +define(<NOEXPN>, < + ldr W, [sp, + $1] + add $1, $1, #4 +>) + C void + C _nettle_sha256_compress(uint32_t *state, const uint8_t *input, const uint32_t *k) + + .text + .align 2 + +PROLOGUE(_nettle_sha256_compress) + push {r4,r5,r6,r7,r8,r10,r11,r14} + sub sp, sp, #68 + str STATE, [sp, +#64] + + C Load data up front, since we don't have enough registers + C to load and shift on-the-fly + ands SHIFT, INPUT, #3 + and INPUT, INPUT, $-4 + ldr I0, [INPUT] + addne INPUT, INPUT, #4 + lsl SHIFT, SHIFT, #3 + mov T0, #0 + movne T0, #-1 + lsl I1, T0, SHIFT + uadd8 T0, T0, I1 C Sets APSR.GE bits + + mov DST, sp + mov ILEFT, #4 +.Lcopy: + ldm INPUT!, {I1,I2,I3,I4} + sel I0, I0, I1 + ror I0, I0, SHIFT + rev I0, I0 + sel I1, I1, I2 + ror I1, I1, SHIFT + rev I1, I1 + sel I2, I2, I3 + ror I2, I2, SHIFT + rev I2, I2 + sel I3, I3, I4 + ror I3, I3, SHIFT + rev I3, I3 + subs ILEFT, ILEFT, #1 + stm DST!, {I0,I1,I2,I3} + mov I0, I4 + bne .Lcopy + + ldm STATE, {SA,SB,SC,SD,SE,SF,SG,SH} + + mov COUNT,#0 + +.Loop1: + NOEXPN(COUNT) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) + NOEXPN(COUNT) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) + NOEXPN(COUNT) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) + NOEXPN(COUNT) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) + NOEXPN(COUNT) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) + NOEXPN(COUNT) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) + NOEXPN(COUNT) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) + NOEXPN(COUNT) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) + cmp COUNT,#64 + bne .Loop1 + + mov COUNT, #3 +.Loop2: + + EXPN( 0) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) + EXPN( 1) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) + EXPN( 2) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) + EXPN( 3) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) + EXPN( 4) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) + EXPN( 5) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) + EXPN( 6) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) + EXPN( 7) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) + EXPN( 8) ROUND(SA,SB,SC,SD,SE,SF,SG,SH) + EXPN( 9) ROUND(SH,SA,SB,SC,SD,SE,SF,SG) + EXPN(10) ROUND(SG,SH,SA,SB,SC,SD,SE,SF) + EXPN(11) ROUND(SF,SG,SH,SA,SB,SC,SD,SE) + EXPN(12) ROUND(SE,SF,SG,SH,SA,SB,SC,SD) + EXPN(13) ROUND(SD,SE,SF,SG,SH,SA,SB,SC) + EXPN(14) ROUND(SC,SD,SE,SF,SG,SH,SA,SB) + subs COUNT, COUNT, #1 + EXPN(15) ROUND(SB,SC,SD,SE,SF,SG,SH,SA) + bne .Loop2 + + ldr STATE, [sp, +#64] + C No longer needed registers + ldm STATE, {r1,r2,r12,r14} + add SA, SA, r1 + add SB, SB, r2 + add SC, SC, r12 + add SD, SD, r14 + stm STATE!, {SA,SB,SC,SD} + ldm STATE, {r1,r2,r12,r14} + add SE, SE, r1 + add SF, SF, r2 + add SG, SG, r12 + add SH, SH, r14 + stm STATE!, {SE,SF,SG,SH} + add sp, sp, #68 + pop {r4,r5,r6,r7,r8,r10,r11,pc} +EPILOGUE(_nettle_sha256_compress) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/configure.ac new/nettle-2.7.1/configure.ac --- old/nettle-2.7/configure.ac 2013-04-24 15:26:53.000000000 +0200 +++ new/nettle-2.7.1/configure.ac 2013-05-28 16:21:53.000000000 +0200 @@ -2,7 +2,7 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([nettle], [2.7], [[email protected]]) +AC_INIT([nettle], [2.7.1], [[email protected]]) AC_PREREQ(2.61) AC_CONFIG_SRCDIR([arcfour.c]) # Needed to stop autoconf from looking for files in parent directories. @@ -11,10 +11,10 @@ AC_CONFIG_HEADER([config.h]) LIBNETTLE_MAJOR=4 -LIBNETTLE_MINOR=6 +LIBNETTLE_MINOR=7 LIBHOGWEED_MAJOR=2 -LIBHOGWEED_MINOR=4 +LIBHOGWEED_MINOR=5 AC_CANONICAL_HOST @@ -237,14 +237,18 @@ asm_path=sparc32 fi ;; - arm*) + armv6* | armv7*) NETTLE_CHECK_ARM_NEON - asm_path=arm + asm_path="arm/v6 arm" + if test "x$enable_arm_neon" = xyes ; then asm_path="arm/neon $asm_path" fi ;; + arm*) + asm_path=arm + ;; *) enable_assembler=no ;; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/nettle-2.7/ecc-j-to-a.c new/nettle-2.7.1/ecc-j-to-a.c --- old/nettle-2.7/ecc-j-to-a.c 2013-04-24 15:26:52.000000000 +0200 +++ new/nettle-2.7.1/ecc-j-to-a.c 2013-05-28 16:21:53.000000000 +0200 @@ -46,6 +46,7 @@ #define up (scratch + ecc->size) #define iz2p (scratch + ecc->size) #define iz3p (scratch + 2*ecc->size) +#define izBp (scratch + 3*ecc->size) #define tp scratch mp_limb_t cy; @@ -72,11 +73,11 @@ if (flags & 1) { /* Divide this common factor by B */ - mpn_copyi (iz3p, izp, ecc->size); - mpn_zero (iz3p + ecc->size, ecc->size); - ecc->redc (ecc, iz3p); - - ecc_modp_mul (ecc, iz2p, izp, iz3p); + mpn_copyi (izBp, izp, ecc->size); + mpn_zero (izBp + ecc->size, ecc->size); + ecc->redc (ecc, izBp); + + ecc_modp_mul (ecc, iz2p, izp, izBp); } else ecc_modp_sqr (ecc, iz2p, izp); Files old/nettle-2.7/nettle.pdf and new/nettle-2.7.1/nettle.pdf differ -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
