/* keccak_permute_64.h - Keccak permute function (simple 64bit)

 * Copyright (C) 2015 Jussi Kivilinna <jussi.kivilinna@iki.fi>

 *

 * This file is part of Libgcrypt.

 *

 * Libgcrypt is free software; you can redistribute it and/or modify

 * it under the terms of the GNU Lesser General Public License as

 * published by the Free Software Foundation; either version 2.1 of

 * the License, or (at your option) any later version.

 *

 * Libgcrypt is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public

 * License along with this program; if not, see <http://www.gnu.org/licenses/>.

 */

/* The code is based on public-domain/CC0 "keccakc1024/simple/Keccak-simple.c"

 * implementation by Ronny Van Keer from SUPERCOP toolkit package.

 */

/* Function that computes the Keccak-f[1600] permutation on the given state. */

static unsigned int

KECCAK_F1600_PERMUTE_FUNC_NAME(KECCAK_STATE *hd)

{

  const u64 *round_consts = _gcry_keccak_round_consts_64bit;

  const u64 *round_consts_end = _gcry_keccak_round_consts_64bit + 24;

  u64 Aba, Abe, Abi, Abo, Abu;

  u64 Aga, Age, Agi, Ago, Agu;

  u64 Aka, Ake, Aki, Ako, Aku;

  u64 Ama, Ame, Ami, Amo, Amu;

  u64 Asa, Ase, Asi, Aso, Asu;

  u64 BCa, BCe, BCi, BCo, BCu;

  u64 Da, De, Di, Do, Du;

  u64 Eba, Ebe, Ebi, Ebo, Ebu;

  u64 Ega, Ege, Egi, Ego, Egu;

  u64 Eka, Eke, Eki, Eko, Eku;

  u64 Ema, Eme, Emi, Emo, Emu;

  u64 Esa, Ese, Esi, Eso, Esu;

  u64 *state = hd->u.state64;

  Aba = state[0];

  Abe = state[1];

  Abi = state[2];

  Abo = state[3];

  Abu = state[4];

  Aga = state[5];

  Age = state[6];

  Agi = state[7];

  Ago = state[8];

  Agu = state[9];

  Aka = state[10];

  Ake = state[11];

  Aki = state[12];

  Ako = state[13];

  Aku = state[14];

  Ama = state[15];

  Ame = state[16];

  Ami = state[17];

  Amo = state[18];

  Amu = state[19];

  Asa = state[20];

  Ase = state[21];

  Asi = state[22];

  Aso = state[23];

  Asu = state[24];

  do

    {

      /* prepareTheta */

      BCa = Aba ^ Aga ^ Aka ^ Ama ^ Asa;

      BCe = Abe ^ Age ^ Ake ^ Ame ^ Ase;

      BCi = Abi ^ Agi ^ Aki ^ Ami ^ Asi;

      BCo = Abo ^ Ago ^ Ako ^ Amo ^ Aso;

      BCu = Abu ^ Agu ^ Aku ^ Amu ^ Asu;

      /* thetaRhoPiChiIotaPrepareTheta(round  , A, E) */

      Da = BCu ^ ROL64(BCe, 1);

      De = BCa ^ ROL64(BCi, 1);

      Di = BCe ^ ROL64(BCo, 1);

      Do = BCi ^ ROL64(BCu, 1);

      Du = BCo ^ ROL64(BCa, 1);

      Aba ^= Da;

      BCa = Aba;

      Age ^= De;

      BCe = ROL64(Age, 44);

      Aki ^= Di;

      BCi = ROL64(Aki, 43);

      Amo ^= Do;

      BCo = ROL64(Amo, 21);

      Asu ^= Du;

      BCu = ROL64(Asu, 14);

      Eba = BCa ^ ANDN64(BCe, BCi);

      Eba ^= *(round_consts++);

      Ebe = BCe ^ ANDN64(BCi, BCo);

      Ebi = BCi ^ ANDN64(BCo, BCu);

      Ebo = BCo ^ ANDN64(BCu, BCa);

      Ebu = BCu ^ ANDN64(BCa, BCe);

      Abo ^= Do;

      BCa = ROL64(Abo, 28);

      Agu ^= Du;

      BCe = ROL64(Agu, 20);

      Aka ^= Da;

      BCi = ROL64(Aka, 3);

      Ame ^= De;

      BCo = ROL64(Ame, 45);

      Asi ^= Di;

      BCu = ROL64(Asi, 61);

      Ega = BCa ^ ANDN64(BCe, BCi);

      Ege = BCe ^ ANDN64(BCi, BCo);

      Egi = BCi ^ ANDN64(BCo, BCu);

      Ego = BCo ^ ANDN64(BCu, BCa);

      Egu = BCu ^ ANDN64(BCa, BCe);

      Abe ^= De;

      BCa = ROL64(Abe, 1);

      Agi ^= Di;

      BCe = ROL64(Agi, 6);

      Ako ^= Do;

      BCi = ROL64(Ako, 25);

      Amu ^= Du;

      BCo = ROL64(Amu, 8);

      Asa ^= Da;

      BCu = ROL64(Asa, 18);

      Eka = BCa ^ ANDN64(BCe, BCi);

      Eke = BCe ^ ANDN64(BCi, BCo);

      Eki = BCi ^ ANDN64(BCo, BCu);

      Eko = BCo ^ ANDN64(BCu, BCa);

      Eku = BCu ^ ANDN64(BCa, BCe);

      Abu ^= Du;

      BCa = ROL64(Abu, 27);

      Aga ^= Da;

      BCe = ROL64(Aga, 36);

      Ake ^= De;

      BCi = ROL64(Ake, 10);

      Ami ^= Di;

      BCo = ROL64(Ami, 15);

      Aso ^= Do;

      BCu = ROL64(Aso, 56);

      Ema = BCa ^ ANDN64(BCe, BCi);

      Eme = BCe ^ ANDN64(BCi, BCo);

      Emi = BCi ^ ANDN64(BCo, BCu);

      Emo = BCo ^ ANDN64(BCu, BCa);

      Emu = BCu ^ ANDN64(BCa, BCe);

      Abi ^= Di;

      BCa = ROL64(Abi, 62);

      Ago ^= Do;

      BCe = ROL64(Ago, 55);

      Aku ^= Du;

      BCi = ROL64(Aku, 39);

      Ama ^= Da;

      BCo = ROL64(Ama, 41);

      Ase ^= De;

      BCu = ROL64(Ase, 2);

      Esa = BCa ^ ANDN64(BCe, BCi);

      Ese = BCe ^ ANDN64(BCi, BCo);

      Esi = BCi ^ ANDN64(BCo, BCu);

      Eso = BCo ^ ANDN64(BCu, BCa);

      Esu = BCu ^ ANDN64(BCa, BCe);

      /* prepareTheta */

      BCa = Eba ^ Ega ^ Eka ^ Ema ^ Esa;

      BCe = Ebe ^ Ege ^ Eke ^ Eme ^ Ese;

      BCi = Ebi ^ Egi ^ Eki ^ Emi ^ Esi;

      BCo = Ebo ^ Ego ^ Eko ^ Emo ^ Eso;

      BCu = Ebu ^ Egu ^ Eku ^ Emu ^ Esu;

      /* thetaRhoPiChiIotaPrepareTheta(round+1, E, A) */

      Da = BCu ^ ROL64(BCe, 1);

      De = BCa ^ ROL64(BCi, 1);

      Di = BCe ^ ROL64(BCo, 1);

      Do = BCi ^ ROL64(BCu, 1);

      Du = BCo ^ ROL64(BCa, 1);

      Eba ^= Da;

      BCa = Eba;

      Ege ^= De;

      BCe = ROL64(Ege, 44);

      Eki ^= Di;

      BCi = ROL64(Eki, 43);

      Emo ^= Do;

      BCo = ROL64(Emo, 21);

      Esu ^= Du;

      BCu = ROL64(Esu, 14);

      Aba = BCa ^ ANDN64(BCe, BCi);

      Aba ^= *(round_consts++);

      Abe = BCe ^ ANDN64(BCi, BCo);

      Abi = BCi ^ ANDN64(BCo, BCu);

      Abo = BCo ^ ANDN64(BCu, BCa);

      Abu = BCu ^ ANDN64(BCa, BCe);

      Ebo ^= Do;

      BCa = ROL64(Ebo, 28);

      Egu ^= Du;

      BCe = ROL64(Egu, 20);

      Eka ^= Da;

      BCi = ROL64(Eka, 3);

      Eme ^= De;

      BCo = ROL64(Eme, 45);

      Esi ^= Di;

      BCu = ROL64(Esi, 61);

      Aga = BCa ^ ANDN64(BCe, BCi);

      Age = BCe ^ ANDN64(BCi, BCo);

      Agi = BCi ^ ANDN64(BCo, BCu);

      Ago = BCo ^ ANDN64(BCu, BCa);

      Agu = BCu ^ ANDN64(BCa, BCe);

      Ebe ^= De;

      BCa = ROL64(Ebe, 1);

      Egi ^= Di;

      BCe = ROL64(Egi, 6);

      Eko ^= Do;

      BCi = ROL64(Eko, 25);

      Emu ^= Du;

      BCo = ROL64(Emu, 8);

      Esa ^= Da;

      BCu = ROL64(Esa, 18);

      Aka = BCa ^ ANDN64(BCe, BCi);

      Ake = BCe ^ ANDN64(BCi, BCo);

      Aki = BCi ^ ANDN64(BCo, BCu);

      Ako = BCo ^ ANDN64(BCu, BCa);

      Aku = BCu ^ ANDN64(BCa, BCe);

      Ebu ^= Du;

      BCa = ROL64(Ebu, 27);

      Ega ^= Da;

      BCe = ROL64(Ega, 36);

      Eke ^= De;

      BCi = ROL64(Eke, 10);

      Emi ^= Di;

      BCo = ROL64(Emi, 15);

      Eso ^= Do;

      BCu = ROL64(Eso, 56);

      Ama = BCa ^ ANDN64(BCe, BCi);

      Ame = BCe ^ ANDN64(BCi, BCo);

      Ami = BCi ^ ANDN64(BCo, BCu);

      Amo = BCo ^ ANDN64(BCu, BCa);

      Amu = BCu ^ ANDN64(BCa, BCe);

      Ebi ^= Di;

      BCa = ROL64(Ebi, 62);

      Ego ^= Do;

      BCe = ROL64(Ego, 55);

      Eku ^= Du;

      BCi = ROL64(Eku, 39);

      Ema ^= Da;

      BCo = ROL64(Ema, 41);

      Ese ^= De;

      BCu = ROL64(Ese, 2);

      Asa = BCa ^ ANDN64(BCe, BCi);

      Ase = BCe ^ ANDN64(BCi, BCo);

      Asi = BCi ^ ANDN64(BCo, BCu);

      Aso = BCo ^ ANDN64(BCu, BCa);

      Asu = BCu ^ ANDN64(BCa, BCe);

    }

  while (round_consts < round_consts_end);

  state[0] = Aba;

  state[1] = Abe;

  state[2] = Abi;

  state[3] = Abo;

  state[4] = Abu;

  state[5] = Aga;

  state[6] = Age;

  state[7] = Agi;

  state[8] = Ago;

  state[9] = Agu;

  state[10] = Aka;

  state[11] = Ake;

  state[12] = Aki;

  state[13] = Ako;

  state[14] = Aku;

  state[15] = Ama;

  state[16] = Ame;

  state[17] = Ami;

  state[18] = Amo;

  state[19] = Amu;

  state[20] = Asa;

  state[21] = Ase;

  state[22] = Asi;

  state[23] = Aso;

  state[24] = Asu;

  return sizeof(void *) * 4 + sizeof(u64) * 12 * 5;

}

Unexecuted instantiation: keccak.c:keccak_f1600_state_permute64

keccak.c:keccak_f1600_state_permute64_bmi2

Line

Count

Source

27

730k

{

28

730k

  const u64 *round_consts = _gcry_keccak_round_consts_64bit;

29

730k

  const u64 *round_consts_end = _gcry_keccak_round_consts_64bit + 24;

30

730k

  u64 Aba, Abe, Abi, Abo, Abu;

31

730k

  u64 Aga, Age, Agi, Ago, Agu;

32

730k

  u64 Aka, Ake, Aki, Ako, Aku;

33

730k

  u64 Ama, Ame, Ami, Amo, Amu;

34

730k

  u64 Asa, Ase, Asi, Aso, Asu;

35

730k

  u64 BCa, BCe, BCi, BCo, BCu;

36

730k

  u64 Da, De, Di, Do, Du;

37

730k

  u64 Eba, Ebe, Ebi, Ebo, Ebu;

38

730k

  u64 Ega, Ege, Egi, Ego, Egu;

39

730k

  u64 Eka, Eke, Eki, Eko, Eku;

40

730k

  u64 Ema, Eme, Emi, Emo, Emu;

41

730k

  u64 Esa, Ese, Esi, Eso, Esu;

42

730k

  u64 *state = hd->u.state64;

43

44

730k

  Aba = state[0];

45

730k

  Abe = state[1];

46

730k

  Abi = state[2];

47

730k

  Abo = state[3];

48

730k

  Abu = state[4];

49

730k

  Aga = state[5];

50

730k

  Age = state[6];

51

730k

  Agi = state[7];

52

730k

  Ago = state[8];

53

730k

  Agu = state[9];

54

730k

  Aka = state[10];

55

730k

  Ake = state[11];

56

730k

  Aki = state[12];

57

730k

  Ako = state[13];

58

730k

  Aku = state[14];

59

730k

  Ama = state[15];

60

730k

  Ame = state[16];

61

730k

  Ami = state[17];

62

730k

  Amo = state[18];

63

730k

  Amu = state[19];

64

730k

  Asa = state[20];

65

730k

  Ase = state[21];

66

730k

  Asi = state[22];

67

730k

  Aso = state[23];

68

730k

  Asu = state[24];

69

70

730k

  do

71

8.76M

    {

72

      /* prepareTheta */

73

8.76M

      BCa = Aba ^ Aga ^ Aka ^ Ama ^ Asa;

74

8.76M

      BCe = Abe ^ Age ^ Ake ^ Ame ^ Ase;

75

8.76M

      BCi = Abi ^ Agi ^ Aki ^ Ami ^ Asi;

76

8.76M

      BCo = Abo ^ Ago ^ Ako ^ Amo ^ Aso;

77

8.76M

      BCu = Abu ^ Agu ^ Aku ^ Amu ^ Asu;

78

79

      /* thetaRhoPiChiIotaPrepareTheta(round  , A, E) */

80

8.76M

      Da = BCu ^ ROL64(BCe, 1);

81

8.76M

      De = BCa ^ ROL64(BCi, 1);

82

8.76M

      Di = BCe ^ ROL64(BCo, 1);

83

8.76M

      Do = BCi ^ ROL64(BCu, 1);

84

8.76M

      Du = BCo ^ ROL64(BCa, 1);

85

86

8.76M

      Aba ^= Da;

87

8.76M

      BCa = Aba;

88

8.76M

      Age ^= De;

89

8.76M

      BCe = ROL64(Age, 44);

90

8.76M

      Aki ^= Di;

91

8.76M

      BCi = ROL64(Aki, 43);

92

8.76M

      Amo ^= Do;

93

8.76M

      BCo = ROL64(Amo, 21);

94

8.76M

      Asu ^= Du;

95

8.76M

      BCu = ROL64(Asu, 14);

96

8.76M

      Eba = BCa ^ ANDN64(BCe, BCi);

97

8.76M

      Eba ^= *(round_consts++);

98

8.76M

      Ebe = BCe ^ ANDN64(BCi, BCo);

99

8.76M

      Ebi = BCi ^ ANDN64(BCo, BCu);

100

8.76M

      Ebo = BCo ^ ANDN64(BCu, BCa);

101

8.76M

      Ebu = BCu ^ ANDN64(BCa, BCe);

102

103

8.76M

      Abo ^= Do;

104

8.76M

      BCa = ROL64(Abo, 28);

105

8.76M

      Agu ^= Du;

106

8.76M

      BCe = ROL64(Agu, 20);

107

8.76M

      Aka ^= Da;

108

8.76M

      BCi = ROL64(Aka, 3);

109

8.76M

      Ame ^= De;

110

8.76M

      BCo = ROL64(Ame, 45);

111

8.76M

      Asi ^= Di;

112

8.76M

      BCu = ROL64(Asi, 61);

113

8.76M

      Ega = BCa ^ ANDN64(BCe, BCi);

114

8.76M

      Ege = BCe ^ ANDN64(BCi, BCo);

115

8.76M

      Egi = BCi ^ ANDN64(BCo, BCu);

116

8.76M

      Ego = BCo ^ ANDN64(BCu, BCa);

117

8.76M

      Egu = BCu ^ ANDN64(BCa, BCe);

118

119

8.76M

      Abe ^= De;

120

8.76M

      BCa = ROL64(Abe, 1);

121

8.76M

      Agi ^= Di;

122

8.76M

      BCe = ROL64(Agi, 6);

123

8.76M

      Ako ^= Do;

124

8.76M

      BCi = ROL64(Ako, 25);

125

8.76M

      Amu ^= Du;

126

8.76M

      BCo = ROL64(Amu, 8);

127

8.76M

      Asa ^= Da;

128

8.76M

      BCu = ROL64(Asa, 18);

129

8.76M

      Eka = BCa ^ ANDN64(BCe, BCi);

130

8.76M

      Eke = BCe ^ ANDN64(BCi, BCo);

131

8.76M

      Eki = BCi ^ ANDN64(BCo, BCu);

132

8.76M

      Eko = BCo ^ ANDN64(BCu, BCa);

133

8.76M

      Eku = BCu ^ ANDN64(BCa, BCe);

134

135

8.76M

      Abu ^= Du;

136

8.76M

      BCa = ROL64(Abu, 27);

137

8.76M

      Aga ^= Da;

138

8.76M

      BCe = ROL64(Aga, 36);

139

8.76M

      Ake ^= De;

140

8.76M

      BCi = ROL64(Ake, 10);

141

8.76M

      Ami ^= Di;

142

8.76M

      BCo = ROL64(Ami, 15);

143

8.76M

      Aso ^= Do;

144

8.76M

      BCu = ROL64(Aso, 56);

145

8.76M

      Ema = BCa ^ ANDN64(BCe, BCi);

146

8.76M

      Eme = BCe ^ ANDN64(BCi, BCo);

147

8.76M

      Emi = BCi ^ ANDN64(BCo, BCu);

148

8.76M

      Emo = BCo ^ ANDN64(BCu, BCa);

149

8.76M

      Emu = BCu ^ ANDN64(BCa, BCe);

150

151

8.76M

      Abi ^= Di;

152

8.76M

      BCa = ROL64(Abi, 62);

153

8.76M

      Ago ^= Do;

154

8.76M

      BCe = ROL64(Ago, 55);

155

8.76M

      Aku ^= Du;

156

8.76M

      BCi = ROL64(Aku, 39);

157

8.76M

      Ama ^= Da;

158

8.76M

      BCo = ROL64(Ama, 41);

159

8.76M

      Ase ^= De;

160

8.76M

      BCu = ROL64(Ase, 2);

161

8.76M

      Esa = BCa ^ ANDN64(BCe, BCi);

162

8.76M

      Ese = BCe ^ ANDN64(BCi, BCo);

163

8.76M

      Esi = BCi ^ ANDN64(BCo, BCu);

164

8.76M

      Eso = BCo ^ ANDN64(BCu, BCa);

165

8.76M

      Esu = BCu ^ ANDN64(BCa, BCe);

166

167

      /* prepareTheta */

168

8.76M

      BCa = Eba ^ Ega ^ Eka ^ Ema ^ Esa;

169

8.76M

      BCe = Ebe ^ Ege ^ Eke ^ Eme ^ Ese;

170

8.76M

      BCi = Ebi ^ Egi ^ Eki ^ Emi ^ Esi;

171

8.76M

      BCo = Ebo ^ Ego ^ Eko ^ Emo ^ Eso;

172

8.76M

      BCu = Ebu ^ Egu ^ Eku ^ Emu ^ Esu;

173

174

      /* thetaRhoPiChiIotaPrepareTheta(round+1, E, A) */

175

8.76M

      Da = BCu ^ ROL64(BCe, 1);

176

8.76M

      De = BCa ^ ROL64(BCi, 1);

177

8.76M

      Di = BCe ^ ROL64(BCo, 1);

178

8.76M

      Do = BCi ^ ROL64(BCu, 1);

179

8.76M

      Du = BCo ^ ROL64(BCa, 1);

180

181

8.76M

      Eba ^= Da;

182

8.76M

      BCa = Eba;

183

8.76M

      Ege ^= De;

184

8.76M

      BCe = ROL64(Ege, 44);

185

8.76M

      Eki ^= Di;

186

8.76M

      BCi = ROL64(Eki, 43);

187

8.76M

      Emo ^= Do;

188

8.76M

      BCo = ROL64(Emo, 21);

189

8.76M

      Esu ^= Du;

190

8.76M

      BCu = ROL64(Esu, 14);

191

8.76M

      Aba = BCa ^ ANDN64(BCe, BCi);

192

8.76M

      Aba ^= *(round_consts++);

193

8.76M

      Abe = BCe ^ ANDN64(BCi, BCo);

194

8.76M

      Abi = BCi ^ ANDN64(BCo, BCu);

195

8.76M

      Abo = BCo ^ ANDN64(BCu, BCa);

196

8.76M

      Abu = BCu ^ ANDN64(BCa, BCe);

197

198

8.76M

      Ebo ^= Do;

199

8.76M

      BCa = ROL64(Ebo, 28);

200

8.76M

      Egu ^= Du;

201

8.76M

      BCe = ROL64(Egu, 20);

202

8.76M

      Eka ^= Da;

203

8.76M

      BCi = ROL64(Eka, 3);

204

8.76M

      Eme ^= De;

205

8.76M

      BCo = ROL64(Eme, 45);

206

8.76M

      Esi ^= Di;

207

8.76M

      BCu = ROL64(Esi, 61);

208

8.76M

      Aga = BCa ^ ANDN64(BCe, BCi);

209

8.76M

      Age = BCe ^ ANDN64(BCi, BCo);

210

8.76M

      Agi = BCi ^ ANDN64(BCo, BCu);

211

8.76M

      Ago = BCo ^ ANDN64(BCu, BCa);

212

8.76M

      Agu = BCu ^ ANDN64(BCa, BCe);

213

214

8.76M

      Ebe ^= De;

215

8.76M

      BCa = ROL64(Ebe, 1);

216

8.76M

      Egi ^= Di;

217

8.76M

      BCe = ROL64(Egi, 6);

218

8.76M

      Eko ^= Do;

219

8.76M

      BCi = ROL64(Eko, 25);

220

8.76M

      Emu ^= Du;

221

8.76M

      BCo = ROL64(Emu, 8);

222

8.76M

      Esa ^= Da;

223

8.76M

      BCu = ROL64(Esa, 18);

224

8.76M

      Aka = BCa ^ ANDN64(BCe, BCi);

225

8.76M

      Ake = BCe ^ ANDN64(BCi, BCo);

226

8.76M

      Aki = BCi ^ ANDN64(BCo, BCu);

227

8.76M

      Ako = BCo ^ ANDN64(BCu, BCa);

228

8.76M

      Aku = BCu ^ ANDN64(BCa, BCe);

229

230

8.76M

      Ebu ^= Du;

231

8.76M

      BCa = ROL64(Ebu, 27);

232

8.76M

      Ega ^= Da;

233

8.76M

      BCe = ROL64(Ega, 36);

234

8.76M

      Eke ^= De;

235

8.76M

      BCi = ROL64(Eke, 10);

236

8.76M

      Emi ^= Di;

237

8.76M

      BCo = ROL64(Emi, 15);

238

8.76M

      Eso ^= Do;

239

8.76M

      BCu = ROL64(Eso, 56);

240

8.76M

      Ama = BCa ^ ANDN64(BCe, BCi);

241

8.76M

      Ame = BCe ^ ANDN64(BCi, BCo);

242

8.76M

      Ami = BCi ^ ANDN64(BCo, BCu);

243

8.76M

      Amo = BCo ^ ANDN64(BCu, BCa);

244

8.76M

      Amu = BCu ^ ANDN64(BCa, BCe);

245

246

8.76M

      Ebi ^= Di;

247

8.76M

      BCa = ROL64(Ebi, 62);

248

8.76M

      Ego ^= Do;

249

8.76M

      BCe = ROL64(Ego, 55);

250

8.76M

      Eku ^= Du;

251

8.76M

      BCi = ROL64(Eku, 39);

252

8.76M

      Ema ^= Da;

253

8.76M

      BCo = ROL64(Ema, 41);

254

8.76M

      Ese ^= De;

255

8.76M

      BCu = ROL64(Ese, 2);

256

8.76M

      Asa = BCa ^ ANDN64(BCe, BCi);

257

8.76M

      Ase = BCe ^ ANDN64(BCi, BCo);

258

8.76M

      Asi = BCi ^ ANDN64(BCo, BCu);

259

8.76M

      Aso = BCo ^ ANDN64(BCu, BCa);

260

8.76M

      Asu = BCu ^ ANDN64(BCa, BCe);

261

8.76M

    }

262

8.76M

  while (round_consts < round_consts_end);

263

264

730k

  state[0] = Aba;

265

730k

  state[1] = Abe;

266

730k

  state[2] = Abi;

267

730k

  state[3] = Abo;

268

730k

  state[4] = Abu;

269

730k

  state[5] = Aga;

270

730k

  state[6] = Age;

271

730k

  state[7] = Agi;

272

730k

  state[8] = Ago;

273

730k

  state[9] = Agu;

274

730k

  state[10] = Aka;

275

730k

  state[11] = Ake;

276

730k

  state[12] = Aki;

277

730k

  state[13] = Ako;

278

730k

  state[14] = Aku;

279

730k

  state[15] = Ama;

280

730k

  state[16] = Ame;

281

730k

  state[17] = Ami;

282

730k

  state[18] = Amo;

283

730k

  state[19] = Amu;

284

730k

  state[20] = Asa;

285

730k

  state[21] = Ase;

286

730k

  state[22] = Asi;

287

730k

  state[23] = Aso;

288

730k

  state[24] = Asu;

289

290

730k

  return sizeof(void *) * 4 + sizeof(u64) * 12 * 5;

291

730k

}

Unexecuted instantiation: keccak.c:keccak_f1600_state_permute64_shld

static unsigned int

KECCAK_F1600_ABSORB_FUNC_NAME(KECCAK_STATE *hd, int pos, const byte *lanes,

            size_t nlanes, int blocklanes)

{

  unsigned int burn = 0;

  while (nlanes)

    {

      switch (blocklanes)

  {

  case 21:

    /* SHAKE128 */

    while (pos == 0 && nlanes >= 21)

      {

        nlanes -= 21;

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

        absorb_lanes64_4(&hd->u.state64[16], lanes); lanes += 8 * 4;

        absorb_lanes64_1(&hd->u.state64[20], lanes); lanes += 8 * 1;

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

      }

    break;

  case 18:

    /* SHA3-224 */

    while (pos == 0 && nlanes >= 18)

      {

        nlanes -= 18;

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

        absorb_lanes64_2(&hd->u.state64[16], lanes); lanes += 8 * 2;

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

      }

    break;

  case 17:

    /* SHA3-256 & SHAKE256 */

    while (pos == 0 && nlanes >= 17)

      {

        nlanes -= 17;

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

        absorb_lanes64_1(&hd->u.state64[16], lanes); lanes += 8 * 1;

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

      }

    break;

  case 13:

    /* SHA3-384 */

    while (pos == 0 && nlanes >= 13)

      {

        nlanes -= 13;

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

        absorb_lanes64_4(&hd->u.state64[8], lanes); lanes += 8 * 4;

        absorb_lanes64_1(&hd->u.state64[12], lanes); lanes += 8 * 1;

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

      }

    break;

  case 9:

    /* SHA3-512 */

    while (pos == 0 && nlanes >= 9)

      {

        nlanes -= 9;

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

        absorb_lanes64_1(&hd->u.state64[8], lanes); lanes += 8 * 1;

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

      }

    break;

  }

      while (nlanes)

  {

    hd->u.state64[pos] ^= buf_get_le64(lanes);

    lanes += 8;

    nlanes--;

    if (++pos == blocklanes)

      {

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

        pos = 0;

        break;

      }

  }

    }

  return burn;

}

Unexecuted instantiation: keccak.c:keccak_absorb_lanes64

keccak.c:keccak_absorb_lanes64_bmi2

Line

Count

Source

296

93.3k

{

297

93.3k

  unsigned int burn = 0;

298

299

195k

  while (nlanes)

300

101k

    {

301

101k

      switch (blocklanes)

302

101k

  {

303

781

  case 21:

304

    /* SHAKE128 */

305

20.1k

    while (pos == 0 && nlanes >= 21)

306

19.3k

      {

307

19.3k

        nlanes -= 21;

308

19.3k

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

309

19.3k

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

310

19.3k

        absorb_lanes64_4(&hd->u.state64[16], lanes); lanes += 8 * 4;

311

19.3k

        absorb_lanes64_1(&hd->u.state64[20], lanes); lanes += 8 * 1;

312

313

19.3k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

314

19.3k

      }

315

781

    break;

316

317

11.8k

  case 18:

318

    /* SHA3-224 */

319

131k

    while (pos == 0 && nlanes >= 18)

320

120k

      {

321

120k

        nlanes -= 18;

322

120k

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

323

120k

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

324

120k

        absorb_lanes64_2(&hd->u.state64[16], lanes); lanes += 8 * 2;

325

326

120k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

327

120k

      }

328

11.8k

    break;

329

330

8.14k

  case 17:

331

    /* SHA3-256 & SHAKE256 */

332

116k

    while (pos == 0 && nlanes >= 17)

333

108k

      {

334

108k

        nlanes -= 17;

335

108k

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

336

108k

        absorb_lanes64_8(&hd->u.state64[8], lanes); lanes += 8 * 8;

337

108k

        absorb_lanes64_1(&hd->u.state64[16], lanes); lanes += 8 * 1;

338

339

108k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

340

108k

      }

341

8.14k

    break;

342

343

8.68k

  case 13:

344

    /* SHA3-384 */

345

147k

    while (pos == 0 && nlanes >= 13)

346

139k

      {

347

139k

        nlanes -= 13;

348

139k

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

349

139k

        absorb_lanes64_4(&hd->u.state64[8], lanes); lanes += 8 * 4;

350

139k

        absorb_lanes64_1(&hd->u.state64[12], lanes); lanes += 8 * 1;

351

352

139k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

353

139k

      }

354

8.68k

    break;

355

356

13.6k

  case 9:

357

    /* SHA3-512 */

358

329k

    while (pos == 0 && nlanes >= 9)

359

315k

      {

360

315k

        nlanes -= 9;

361

315k

        absorb_lanes64_8(&hd->u.state64[0], lanes); lanes += 8 * 8;

362

315k

        absorb_lanes64_1(&hd->u.state64[8], lanes); lanes += 8 * 1;

363

364

315k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

365

315k

      }

366

13.6k

    break;

367

101k

  }

368

369

386k

      while (nlanes)

370

294k

  {

371

294k

    hd->u.state64[pos] ^= buf_get_le64(lanes);

372

294k

    lanes += 8;

373

294k

    nlanes--;

374

375

294k

    if (++pos == blocklanes)

376

9.51k

      {

377

9.51k

        burn = KECCAK_F1600_PERMUTE_FUNC_NAME(hd);

378

9.51k

        pos = 0;

379

9.51k

        break;

380

9.51k

      }

381

294k

  }

382

101k

    }

383

384

93.3k

  return burn;

385

93.3k

}

Unexecuted instantiation: keccak.c:keccak_absorb_lanes64_shld