1 /*===---- shaintrin.h - SHA intrinsics -------------------------------------=== 2 * 3 * Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 * See https://llvm.org/LICENSE.txt for license information. 5 * SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 * 7 *===-----------------------------------------------------------------------=== 8 */ 9 10 #ifndef __IMMINTRIN_H 11 #error "Never use <shaintrin.h> directly; include <immintrin.h> instead." 12 #endif 13 14 #ifndef __SHAINTRIN_H 15 #define __SHAINTRIN_H 16 17 /* Define the default attributes for the functions in this file. */ 18 #define __DEFAULT_FN_ATTRS __attribute__((__always_inline__, __nodebug__, __target__("sha"), __min_vector_width__(128))) 19 20 /// Performs four iterations of the inner loop of the SHA-1 message digest 21 /// algorithm using the starting SHA-1 state (A, B, C, D) from the 128-bit 22 /// vector of [4 x i32] in \a V1 and the next four 32-bit elements of the 23 /// message from the 128-bit vector of [4 x i32] in \a V2. Note that the 24 /// SHA-1 state variable E must have already been added to \a V2 25 /// (\c _mm_sha1nexte_epu32() can perform this step). Returns the updated 26 /// SHA-1 state (A, B, C, D) as a 128-bit vector of [4 x i32]. 27 /// 28 /// The SHA-1 algorithm has an inner loop of 80 iterations, twenty each 29 /// with a different combining function and rounding constant. This 30 /// intrinsic performs four iterations using a combining function and 31 /// rounding constant selected by \a M[1:0]. 32 /// 33 /// \headerfile <immintrin.h> 34 /// 35 /// \code 36 /// __m128i _mm_sha1rnds4_epu32(__m128i V1, __m128i V2, const int M); 37 /// \endcode 38 /// 39 /// This intrinsic corresponds to the \c SHA1RNDS4 instruction. 40 /// 41 /// \param V1 42 /// A 128-bit vector of [4 x i32] containing the initial SHA-1 state. 43 /// \param V2 44 /// A 128-bit vector of [4 x i32] containing the next four elements of 45 /// the message, plus SHA-1 state variable E. 46 /// \param M 47 /// An immediate value where bits [1:0] select among four possible 48 /// combining functions and rounding constants (not specified here). 49 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-1 state. 50 #define _mm_sha1rnds4_epu32(V1, V2, M) \ 51 __builtin_ia32_sha1rnds4((__v4si)(__m128i)(V1), (__v4si)(__m128i)(V2), (M)) 52 53 /// Calculates the SHA-1 state variable E from the SHA-1 state variables in 54 /// the 128-bit vector of [4 x i32] in \a __X, adds that to the next set of 55 /// four message elements in the 128-bit vector of [4 x i32] in \a __Y, and 56 /// returns the result. 57 /// 58 /// \headerfile <immintrin.h> 59 /// 60 /// This intrinsic corresponds to the \c SHA1NEXTE instruction. 61 /// 62 /// \param __X 63 /// A 128-bit vector of [4 x i32] containing the current SHA-1 state. 64 /// \param __Y 65 /// A 128-bit vector of [4 x i32] containing the next four elements of the 66 /// message. 67 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-1 68 /// values. 69 static __inline__ __m128i __DEFAULT_FN_ATTRS 70 _mm_sha1nexte_epu32(__m128i __X, __m128i __Y) 71 { 72 return (__m128i)__builtin_ia32_sha1nexte((__v4si)__X, (__v4si)__Y); 73 } 74 75 /// Performs an intermediate calculation for deriving the next four SHA-1 76 /// message elements using previous message elements from the 128-bit 77 /// vectors of [4 x i32] in \a __X and \a __Y, and returns the result. 78 /// 79 /// \headerfile <immintrin.h> 80 /// 81 /// This intrinsic corresponds to the \c SHA1MSG1 instruction. 82 /// 83 /// \param __X 84 /// A 128-bit vector of [4 x i32] containing previous message elements. 85 /// \param __Y 86 /// A 128-bit vector of [4 x i32] containing previous message elements. 87 /// \returns A 128-bit vector of [4 x i32] containing the derived SHA-1 88 /// elements. 89 static __inline__ __m128i __DEFAULT_FN_ATTRS 90 _mm_sha1msg1_epu32(__m128i __X, __m128i __Y) 91 { 92 return (__m128i)__builtin_ia32_sha1msg1((__v4si)__X, (__v4si)__Y); 93 } 94 95 /// Performs the final calculation for deriving the next four SHA-1 message 96 /// elements using previous message elements from the 128-bit vectors of 97 /// [4 x i32] in \a __X and \a __Y, and returns the result. 98 /// 99 /// \headerfile <immintrin.h> 100 /// 101 /// This intrinsic corresponds to the \c SHA1MSG2 instruction. 102 /// 103 /// \param __X 104 /// A 128-bit vector of [4 x i32] containing an intermediate result. 105 /// \param __Y 106 /// A 128-bit vector of [4 x i32] containing previous message values. 107 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-1 108 /// values. 109 static __inline__ __m128i __DEFAULT_FN_ATTRS 110 _mm_sha1msg2_epu32(__m128i __X, __m128i __Y) 111 { 112 return (__m128i)__builtin_ia32_sha1msg2((__v4si)__X, (__v4si)__Y); 113 } 114 115 /// Performs two rounds of SHA-256 operation using the following inputs: a 116 /// starting SHA-256 state (C, D, G, H) from the 128-bit vector of 117 /// [4 x i32] in \a __X; a starting SHA-256 state (A, B, E, F) from the 118 /// 128-bit vector of [4 x i32] in \a __Y; and a pre-computed sum of the 119 /// next two message elements (unsigned 32-bit integers) and corresponding 120 /// rounding constants from the 128-bit vector of [4 x i32] in \a __Z. 121 /// Returns the updated SHA-256 state (A, B, E, F) as a 128-bit vector of 122 /// [4 x i32]. 123 /// 124 /// The SHA-256 algorithm has a core loop of 64 iterations. This intrinsic 125 /// performs two of those iterations. 126 /// 127 /// \headerfile <immintrin.h> 128 /// 129 /// This intrinsic corresponds to the \c SHA256RNDS2 instruction. 130 /// 131 /// \param __X 132 /// A 128-bit vector of [4 x i32] containing part of the initial SHA-256 133 /// state. 134 /// \param __Y 135 /// A 128-bit vector of [4 x i32] containing part of the initial SHA-256 136 /// state. 137 /// \param __Z 138 /// A 128-bit vector of [4 x i32] containing additional input to the 139 /// SHA-256 operation. 140 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-1 state. 141 static __inline__ __m128i __DEFAULT_FN_ATTRS 142 _mm_sha256rnds2_epu32(__m128i __X, __m128i __Y, __m128i __Z) 143 { 144 return (__m128i)__builtin_ia32_sha256rnds2((__v4si)__X, (__v4si)__Y, (__v4si)__Z); 145 } 146 147 /// Performs an intermediate calculation for deriving the next four SHA-256 148 /// message elements using previous message elements from the 128-bit 149 /// vectors of [4 x i32] in \a __X and \a __Y, and returns the result. 150 /// 151 /// \headerfile <immintrin.h> 152 /// 153 /// This intrinsic corresponds to the \c SHA256MSG1 instruction. 154 /// 155 /// \param __X 156 /// A 128-bit vector of [4 x i32] containing previous message elements. 157 /// \param __Y 158 /// A 128-bit vector of [4 x i32] containing previous message elements. 159 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-256 160 /// values. 161 static __inline__ __m128i __DEFAULT_FN_ATTRS 162 _mm_sha256msg1_epu32(__m128i __X, __m128i __Y) 163 { 164 return (__m128i)__builtin_ia32_sha256msg1((__v4si)__X, (__v4si)__Y); 165 } 166 167 /// Performs the final calculation for deriving the next four SHA-256 message 168 /// elements using previous message elements from the 128-bit vectors of 169 /// [4 x i32] in \a __X and \a __Y, and returns the result. 170 /// 171 /// \headerfile <immintrin.h> 172 /// 173 /// This intrinsic corresponds to the \c SHA256MSG2 instruction. 174 /// 175 /// \param __X 176 /// A 128-bit vector of [4 x i32] containing an intermediate result. 177 /// \param __Y 178 /// A 128-bit vector of [4 x i32] containing previous message values. 179 /// \returns A 128-bit vector of [4 x i32] containing the updated SHA-256 180 /// values. 181 static __inline__ __m128i __DEFAULT_FN_ATTRS 182 _mm_sha256msg2_epu32(__m128i __X, __m128i __Y) 183 { 184 return (__m128i)__builtin_ia32_sha256msg2((__v4si)__X, (__v4si)__Y); 185 } 186 187 #undef __DEFAULT_FN_ATTRS 188 189 #endif /* __SHAINTRIN_H */ 190