1 // Copyright (c) 2010 Satoshi Nakamoto
2 // Distributed under the MIT/X11 software license, see the accompanying
3 // file license.txt or http://www.opensource.org/licenses/mit-license.php.
10 #include <xmmintrin.h>
16 static const unsigned int sha256_consts[] = {
17 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, /* 0 */
18 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
19 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, /* 8 */
20 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
21 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, /* 16 */
22 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
23 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, /* 24 */
24 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
25 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, /* 32 */
26 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
27 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, /* 40 */
28 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
29 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, /* 48 */
30 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
31 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, /* 56 */
32 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
36 static inline __m128i Ch(const __m128i b, const __m128i c, const __m128i d) {
37 return (b & c) ^ (~b & d);
40 static inline __m128i Maj(const __m128i b, const __m128i c, const __m128i d) {
41 return (b & c) ^ (b & d) ^ (c & d);
44 static inline __m128i ROTR(__m128i x, const int n) {
45 return _mm_srli_epi32(x, n) | _mm_slli_epi32(x, 32 - n);
48 static inline __m128i SHR(__m128i x, const int n) {
49 return _mm_srli_epi32(x, n);
52 /* SHA256 Functions */
53 #define BIGSIGMA0_256(x) (ROTR((x), 2) ^ ROTR((x), 13) ^ ROTR((x), 22))
54 #define BIGSIGMA1_256(x) (ROTR((x), 6) ^ ROTR((x), 11) ^ ROTR((x), 25))
55 #define SIGMA0_256(x) (ROTR((x), 7) ^ ROTR((x), 18) ^ SHR((x), 3))
56 #define SIGMA1_256(x) (ROTR((x), 17) ^ ROTR((x), 19) ^ SHR((x), 10))
58 static inline unsigned int store32(const __m128i x, int i) {
59 union { unsigned int ret[4]; __m128i x; } box;
64 static inline void store_epi32(const __m128i x, unsigned int *x0, unsigned int *x1, unsigned int *x2, unsigned int *x3) {
65 union { unsigned int ret[4]; __m128i x; } box;
67 *x0 = box.ret[3]; *x1 = box.ret[2]; *x2 = box.ret[1]; *x3 = box.ret[0];
70 #define add4(x0, x1, x2, x3) _mm_add_epi32(_mm_add_epi32(_mm_add_epi32(x0, x1), x2), x3)
71 #define add5(x0, x1, x2, x3, x4) _mm_add_epi32(add4(x0, x1, x2, x3), x4)
73 #define SHA256ROUND(a, b, c, d, e, f, g, h, i, w) \
74 T1 = add5(h, BIGSIGMA1_256(e), Ch(e, f, g), _mm_set1_epi32(sha256_consts[i]), w); \
75 d = _mm_add_epi32(d, T1); \
76 h = _mm_add_epi32(T1, _mm_add_epi32(BIGSIGMA0_256(a), Maj(a, b, c)));
78 static inline void dumpreg(__m128i x, char *msg) {
79 union { unsigned int ret[4]; __m128i x; } box;
81 printf("%s %08x %08x %08x %08x\n", msg, box.ret[0], box.ret[1], box.ret[2], box.ret[3]);
85 #define dumpstate(i) printf("%s: %08x %08x %08x %08x %08x %08x %08x %08x %08x\n", \
86 __func__, store32(w0, i), store32(a, i), store32(b, i), store32(c, i), store32(d, i), store32(e, i), store32(f, i), store32(g, i), store32(h, i));
90 void Double_BlockSHA256(const void* pin, void* pad, const void *pre, unsigned int thash[9][NPAR], const void *init)
92 unsigned int* In = (unsigned int*)pin;
93 unsigned int* Pad = (unsigned int*)pad;
94 unsigned int* hPre = (unsigned int*)pre;
95 unsigned int* hInit = (unsigned int*)init;
98 /* vectors used in calculation */
99 __m128i w0, w1, w2, w3, w4, w5, w6, w7;
100 __m128i w8, w9, w10, w11, w12, w13, w14, w15;
102 __m128i a, b, c, d, e, f, g, h;
105 /* nonce offset for vector */
106 __m128i offset = _mm_set_epi32(0x00000003, 0x00000002, 0x00000001, 0x00000000);
109 for(k = 0; k<NPAR; k+=4) {
110 w0 = _mm_set1_epi32(In[0]);
111 w1 = _mm_set1_epi32(In[1]);
112 w2 = _mm_set1_epi32(In[2]);
113 //w3 = _mm_set1_epi32(In[3]); nonce will be later hacked into the hash
114 w4 = _mm_set1_epi32(In[4]);
115 w5 = _mm_set1_epi32(In[5]);
116 w6 = _mm_set1_epi32(In[6]);
117 w7 = _mm_set1_epi32(In[7]);
118 w8 = _mm_set1_epi32(In[8]);
119 w9 = _mm_set1_epi32(In[9]);
120 w10 = _mm_set1_epi32(In[10]);
121 w11 = _mm_set1_epi32(In[11]);
122 w12 = _mm_set1_epi32(In[12]);
123 w13 = _mm_set1_epi32(In[13]);
124 w14 = _mm_set1_epi32(In[14]);
125 w15 = _mm_set1_epi32(In[15]);
127 /* hack nonce into lowest byte of w3 */
128 nonce = _mm_set1_epi32(In[3]);
129 nonce = _mm_add_epi32(nonce, offset);
130 nonce = _mm_add_epi32(nonce, _mm_set1_epi32(k));
133 a = _mm_set1_epi32(hPre[0]);
134 b = _mm_set1_epi32(hPre[1]);
135 c = _mm_set1_epi32(hPre[2]);
136 d = _mm_set1_epi32(hPre[3]);
137 e = _mm_set1_epi32(hPre[4]);
138 f = _mm_set1_epi32(hPre[5]);
139 g = _mm_set1_epi32(hPre[6]);
140 h = _mm_set1_epi32(hPre[7]);
142 SHA256ROUND(a, b, c, d, e, f, g, h, 0, w0);
143 SHA256ROUND(h, a, b, c, d, e, f, g, 1, w1);
144 SHA256ROUND(g, h, a, b, c, d, e, f, 2, w2);
145 SHA256ROUND(f, g, h, a, b, c, d, e, 3, w3);
146 SHA256ROUND(e, f, g, h, a, b, c, d, 4, w4);
147 SHA256ROUND(d, e, f, g, h, a, b, c, 5, w5);
148 SHA256ROUND(c, d, e, f, g, h, a, b, 6, w6);
149 SHA256ROUND(b, c, d, e, f, g, h, a, 7, w7);
150 SHA256ROUND(a, b, c, d, e, f, g, h, 8, w8);
151 SHA256ROUND(h, a, b, c, d, e, f, g, 9, w9);
152 SHA256ROUND(g, h, a, b, c, d, e, f, 10, w10);
153 SHA256ROUND(f, g, h, a, b, c, d, e, 11, w11);
154 SHA256ROUND(e, f, g, h, a, b, c, d, 12, w12);
155 SHA256ROUND(d, e, f, g, h, a, b, c, 13, w13);
156 SHA256ROUND(c, d, e, f, g, h, a, b, 14, w14);
157 SHA256ROUND(b, c, d, e, f, g, h, a, 15, w15);
159 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
160 SHA256ROUND(a, b, c, d, e, f, g, h, 16, w0);
161 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
162 SHA256ROUND(h, a, b, c, d, e, f, g, 17, w1);
163 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
164 SHA256ROUND(g, h, a, b, c, d, e, f, 18, w2);
165 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
166 SHA256ROUND(f, g, h, a, b, c, d, e, 19, w3);
167 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
168 SHA256ROUND(e, f, g, h, a, b, c, d, 20, w4);
169 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
170 SHA256ROUND(d, e, f, g, h, a, b, c, 21, w5);
171 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
172 SHA256ROUND(c, d, e, f, g, h, a, b, 22, w6);
173 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
174 SHA256ROUND(b, c, d, e, f, g, h, a, 23, w7);
175 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
176 SHA256ROUND(a, b, c, d, e, f, g, h, 24, w8);
177 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
178 SHA256ROUND(h, a, b, c, d, e, f, g, 25, w9);
179 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
180 SHA256ROUND(g, h, a, b, c, d, e, f, 26, w10);
181 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
182 SHA256ROUND(f, g, h, a, b, c, d, e, 27, w11);
183 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
184 SHA256ROUND(e, f, g, h, a, b, c, d, 28, w12);
185 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
186 SHA256ROUND(d, e, f, g, h, a, b, c, 29, w13);
187 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
188 SHA256ROUND(c, d, e, f, g, h, a, b, 30, w14);
189 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
190 SHA256ROUND(b, c, d, e, f, g, h, a, 31, w15);
192 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
193 SHA256ROUND(a, b, c, d, e, f, g, h, 32, w0);
194 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
195 SHA256ROUND(h, a, b, c, d, e, f, g, 33, w1);
196 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
197 SHA256ROUND(g, h, a, b, c, d, e, f, 34, w2);
198 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
199 SHA256ROUND(f, g, h, a, b, c, d, e, 35, w3);
200 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
201 SHA256ROUND(e, f, g, h, a, b, c, d, 36, w4);
202 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
203 SHA256ROUND(d, e, f, g, h, a, b, c, 37, w5);
204 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
205 SHA256ROUND(c, d, e, f, g, h, a, b, 38, w6);
206 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
207 SHA256ROUND(b, c, d, e, f, g, h, a, 39, w7);
208 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
209 SHA256ROUND(a, b, c, d, e, f, g, h, 40, w8);
210 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
211 SHA256ROUND(h, a, b, c, d, e, f, g, 41, w9);
212 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
213 SHA256ROUND(g, h, a, b, c, d, e, f, 42, w10);
214 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
215 SHA256ROUND(f, g, h, a, b, c, d, e, 43, w11);
216 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
217 SHA256ROUND(e, f, g, h, a, b, c, d, 44, w12);
218 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
219 SHA256ROUND(d, e, f, g, h, a, b, c, 45, w13);
220 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
221 SHA256ROUND(c, d, e, f, g, h, a, b, 46, w14);
222 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
223 SHA256ROUND(b, c, d, e, f, g, h, a, 47, w15);
225 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
226 SHA256ROUND(a, b, c, d, e, f, g, h, 48, w0);
227 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
228 SHA256ROUND(h, a, b, c, d, e, f, g, 49, w1);
229 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
230 SHA256ROUND(g, h, a, b, c, d, e, f, 50, w2);
231 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
232 SHA256ROUND(f, g, h, a, b, c, d, e, 51, w3);
233 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
234 SHA256ROUND(e, f, g, h, a, b, c, d, 52, w4);
235 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
236 SHA256ROUND(d, e, f, g, h, a, b, c, 53, w5);
237 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
238 SHA256ROUND(c, d, e, f, g, h, a, b, 54, w6);
239 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
240 SHA256ROUND(b, c, d, e, f, g, h, a, 55, w7);
241 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
242 SHA256ROUND(a, b, c, d, e, f, g, h, 56, w8);
243 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
244 SHA256ROUND(h, a, b, c, d, e, f, g, 57, w9);
245 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
246 SHA256ROUND(g, h, a, b, c, d, e, f, 58, w10);
247 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
248 SHA256ROUND(f, g, h, a, b, c, d, e, 59, w11);
249 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
250 SHA256ROUND(e, f, g, h, a, b, c, d, 60, w12);
251 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
252 SHA256ROUND(d, e, f, g, h, a, b, c, 61, w13);
253 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
254 SHA256ROUND(c, d, e, f, g, h, a, b, 62, w14);
255 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
256 SHA256ROUND(b, c, d, e, f, g, h, a, 63, w15);
258 #define store_load(x, i, dest) \
259 T1 = _mm_set1_epi32((hPre)[i]); \
260 dest = _mm_add_epi32(T1, x);
262 store_load(a, 0, w0);
263 store_load(b, 1, w1);
264 store_load(c, 2, w2);
265 store_load(d, 3, w3);
266 store_load(e, 4, w4);
267 store_load(f, 5, w5);
268 store_load(g, 6, w6);
269 store_load(h, 7, w7);
271 w8 = _mm_set1_epi32(Pad[8]);
272 w9 = _mm_set1_epi32(Pad[9]);
273 w10 = _mm_set1_epi32(Pad[10]);
274 w11 = _mm_set1_epi32(Pad[11]);
275 w12 = _mm_set1_epi32(Pad[12]);
276 w13 = _mm_set1_epi32(Pad[13]);
277 w14 = _mm_set1_epi32(Pad[14]);
278 w15 = _mm_set1_epi32(Pad[15]);
280 a = _mm_set1_epi32(hInit[0]);
281 b = _mm_set1_epi32(hInit[1]);
282 c = _mm_set1_epi32(hInit[2]);
283 d = _mm_set1_epi32(hInit[3]);
284 e = _mm_set1_epi32(hInit[4]);
285 f = _mm_set1_epi32(hInit[5]);
286 g = _mm_set1_epi32(hInit[6]);
287 h = _mm_set1_epi32(hInit[7]);
289 SHA256ROUND(a, b, c, d, e, f, g, h, 0, w0);
290 SHA256ROUND(h, a, b, c, d, e, f, g, 1, w1);
291 SHA256ROUND(g, h, a, b, c, d, e, f, 2, w2);
292 SHA256ROUND(f, g, h, a, b, c, d, e, 3, w3);
293 SHA256ROUND(e, f, g, h, a, b, c, d, 4, w4);
294 SHA256ROUND(d, e, f, g, h, a, b, c, 5, w5);
295 SHA256ROUND(c, d, e, f, g, h, a, b, 6, w6);
296 SHA256ROUND(b, c, d, e, f, g, h, a, 7, w7);
297 SHA256ROUND(a, b, c, d, e, f, g, h, 8, w8);
298 SHA256ROUND(h, a, b, c, d, e, f, g, 9, w9);
299 SHA256ROUND(g, h, a, b, c, d, e, f, 10, w10);
300 SHA256ROUND(f, g, h, a, b, c, d, e, 11, w11);
301 SHA256ROUND(e, f, g, h, a, b, c, d, 12, w12);
302 SHA256ROUND(d, e, f, g, h, a, b, c, 13, w13);
303 SHA256ROUND(c, d, e, f, g, h, a, b, 14, w14);
304 SHA256ROUND(b, c, d, e, f, g, h, a, 15, w15);
306 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
307 SHA256ROUND(a, b, c, d, e, f, g, h, 16, w0);
308 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
309 SHA256ROUND(h, a, b, c, d, e, f, g, 17, w1);
310 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
311 SHA256ROUND(g, h, a, b, c, d, e, f, 18, w2);
312 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
313 SHA256ROUND(f, g, h, a, b, c, d, e, 19, w3);
314 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
315 SHA256ROUND(e, f, g, h, a, b, c, d, 20, w4);
316 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
317 SHA256ROUND(d, e, f, g, h, a, b, c, 21, w5);
318 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
319 SHA256ROUND(c, d, e, f, g, h, a, b, 22, w6);
320 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
321 SHA256ROUND(b, c, d, e, f, g, h, a, 23, w7);
322 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
323 SHA256ROUND(a, b, c, d, e, f, g, h, 24, w8);
324 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
325 SHA256ROUND(h, a, b, c, d, e, f, g, 25, w9);
326 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
327 SHA256ROUND(g, h, a, b, c, d, e, f, 26, w10);
328 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
329 SHA256ROUND(f, g, h, a, b, c, d, e, 27, w11);
330 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
331 SHA256ROUND(e, f, g, h, a, b, c, d, 28, w12);
332 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
333 SHA256ROUND(d, e, f, g, h, a, b, c, 29, w13);
334 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
335 SHA256ROUND(c, d, e, f, g, h, a, b, 30, w14);
336 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
337 SHA256ROUND(b, c, d, e, f, g, h, a, 31, w15);
339 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
340 SHA256ROUND(a, b, c, d, e, f, g, h, 32, w0);
341 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
342 SHA256ROUND(h, a, b, c, d, e, f, g, 33, w1);
343 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
344 SHA256ROUND(g, h, a, b, c, d, e, f, 34, w2);
345 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
346 SHA256ROUND(f, g, h, a, b, c, d, e, 35, w3);
347 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
348 SHA256ROUND(e, f, g, h, a, b, c, d, 36, w4);
349 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
350 SHA256ROUND(d, e, f, g, h, a, b, c, 37, w5);
351 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
352 SHA256ROUND(c, d, e, f, g, h, a, b, 38, w6);
353 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
354 SHA256ROUND(b, c, d, e, f, g, h, a, 39, w7);
355 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
356 SHA256ROUND(a, b, c, d, e, f, g, h, 40, w8);
357 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
358 SHA256ROUND(h, a, b, c, d, e, f, g, 41, w9);
359 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
360 SHA256ROUND(g, h, a, b, c, d, e, f, 42, w10);
361 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
362 SHA256ROUND(f, g, h, a, b, c, d, e, 43, w11);
363 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
364 SHA256ROUND(e, f, g, h, a, b, c, d, 44, w12);
365 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
366 SHA256ROUND(d, e, f, g, h, a, b, c, 45, w13);
367 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
368 SHA256ROUND(c, d, e, f, g, h, a, b, 46, w14);
369 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
370 SHA256ROUND(b, c, d, e, f, g, h, a, 47, w15);
372 w0 = add4(SIGMA1_256(w14), w9, SIGMA0_256(w1), w0);
373 SHA256ROUND(a, b, c, d, e, f, g, h, 48, w0);
374 w1 = add4(SIGMA1_256(w15), w10, SIGMA0_256(w2), w1);
375 SHA256ROUND(h, a, b, c, d, e, f, g, 49, w1);
376 w2 = add4(SIGMA1_256(w0), w11, SIGMA0_256(w3), w2);
377 SHA256ROUND(g, h, a, b, c, d, e, f, 50, w2);
378 w3 = add4(SIGMA1_256(w1), w12, SIGMA0_256(w4), w3);
379 SHA256ROUND(f, g, h, a, b, c, d, e, 51, w3);
380 w4 = add4(SIGMA1_256(w2), w13, SIGMA0_256(w5), w4);
381 SHA256ROUND(e, f, g, h, a, b, c, d, 52, w4);
382 w5 = add4(SIGMA1_256(w3), w14, SIGMA0_256(w6), w5);
383 SHA256ROUND(d, e, f, g, h, a, b, c, 53, w5);
384 w6 = add4(SIGMA1_256(w4), w15, SIGMA0_256(w7), w6);
385 SHA256ROUND(c, d, e, f, g, h, a, b, 54, w6);
386 w7 = add4(SIGMA1_256(w5), w0, SIGMA0_256(w8), w7);
387 SHA256ROUND(b, c, d, e, f, g, h, a, 55, w7);
388 w8 = add4(SIGMA1_256(w6), w1, SIGMA0_256(w9), w8);
389 SHA256ROUND(a, b, c, d, e, f, g, h, 56, w8);
390 w9 = add4(SIGMA1_256(w7), w2, SIGMA0_256(w10), w9);
391 SHA256ROUND(h, a, b, c, d, e, f, g, 57, w9);
392 w10 = add4(SIGMA1_256(w8), w3, SIGMA0_256(w11), w10);
393 SHA256ROUND(g, h, a, b, c, d, e, f, 58, w10);
394 w11 = add4(SIGMA1_256(w9), w4, SIGMA0_256(w12), w11);
395 SHA256ROUND(f, g, h, a, b, c, d, e, 59, w11);
396 w12 = add4(SIGMA1_256(w10), w5, SIGMA0_256(w13), w12);
397 SHA256ROUND(e, f, g, h, a, b, c, d, 60, w12);
398 w13 = add4(SIGMA1_256(w11), w6, SIGMA0_256(w14), w13);
399 SHA256ROUND(d, e, f, g, h, a, b, c, 61, w13);
400 w14 = add4(SIGMA1_256(w12), w7, SIGMA0_256(w15), w14);
401 SHA256ROUND(c, d, e, f, g, h, a, b, 62, w14);
402 w15 = add4(SIGMA1_256(w13), w8, SIGMA0_256(w0), w15);
403 SHA256ROUND(b, c, d, e, f, g, h, a, 63, w15);
405 /* store resulsts directly in thash */
406 #define store_2(x,i) \
407 w0 = _mm_set1_epi32(hInit[i]); \
408 *(__m128i *)&(thash)[i][0+k] = _mm_add_epi32(w0, x);
418 *(__m128i *)&(thash)[8][0+k] = nonce;
423 #endif // FOURWAYSSE2