Use lea to free one more register. Rescheduled so we start with 35 cycles.

Rev: nettle/x86/sha1-f2.nlms:1.2

diff --git a/x86/sha1-f2.nlms b/x86/sha1-f2.nlms
index 2eb6ed6c8d5bb4e938d7b299f988581dfe202d15..34e660739ebd701bb79f8a8509abb53d7dd92b31 100644 (file)
--- a/x86/sha1-f2.nlms
+++ b/x86/sha1-f2.nlms
@@ -13,36 +13,41 @@ define(`SD',`%edx')
 define(`SE',`%ebp')
 define(`DATA',`%esp')
 define(`TMP',`%edi')
-dnl define(`TMP2',`%esi')
-define(`KVALUE',`%esi')
-
+define(`TMP2',`%esi')
+dnl define(`KVALUE',`%esi')
+define(`TMP3',`%esi')
 define(`COUNT', `84(%esp)')
 
+define(<K2VALUE>, <<$>0x6ED9EBA1>) 
+
 dnl Expands to 4*i, or to the empty string if i is zero
 define(`OFFSET', `ifelse($1,0,,eval(4*$1))')
 
+dnl The F2 round sets
+dnl
+dnl e += (a <<< 5) + (b ^ c ^ d) + k + w
+dnl 
+dnl Access inputs in order d, c, b, a, to give maximum time to
+dnl have values ready.
+
 dnl ROUND(a, b, c, d, e, i)
 define(`ROUND', `
        mov     OFFSET(eval($6 % 16)) (DATA), TMP
        xor     OFFSET(eval(($6 +  2) % 16)) (DATA), TMP
+       mov     $4, TMP2
+       xor     $3, TMP2
        xor     OFFSET(eval(($6 +  8) % 16)) (DATA), TMP
        xor     OFFSET(eval(($6 + 13) % 16)) (DATA), TMP
        rol     `$'1, TMP
        mov     TMP, OFFSET(eval($6 % 16)) (DATA)
-
-       add     KVALUE, $5
-       add     TMP, $5
-
-       mov     $2, TMP
-       xor     $3, TMP
-       xor     $4, TMP
-       add     TMP, $5
-
-       mov     $1, TMP
-       rol     `$'5, TMP
-       add     TMP, $5
-
+       xor     $2, TMP2
+       lea     K2VALUE(TMP, $5), TMP
+       add     TMP2, TMP
        rol     `$'30, $2
+       mov     $1, TMP3
+       rol     `$'5, TMP3
+       add     TMP3, $5
+       add     TMP, $5
 ')
 
 .text