Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 30 Jul 2013 01:59:10 +0200
From: Katja Malvoni <>
Subject: Re: Parallella: bcrypt

I'm sorry about empty mail, I was trying to write draft from my phone and
accidentally sent it.

On Tue, Jul 30, 2013 at 1:38 AM, Solar Designer <> wrote:

> Katja, Yaniv -
> On Tue, Jul 30, 2013 at 12:44:09AM +0200, Katja Malvoni wrote:
> > I moved to separate assembly file and my code from yesterday worked. I
> > implemented whole BF_encrypt2() in assembly.
> > There are no enough registers to preload both P arrays so I'm preloading
> > only one.
> How is that - not enough registers to preload both P arrays?  We got 64
> registers and little demand for them other than for the two P's (need 36
> for them).

8 for tmp1-4 for both instances, 10 for pointers (P, S[0], S[1], S[2],
S[3]), 2 for ptr and end for controlling the loop, 2 as offset between
first and second BF_ctx, 3 for constants (0xff, 0x3cf and 4 for imul), 4
for R0, L0, R1, L1, 2 as function arguments which gives 31. There are 33
left, I can't use stack pointer so that's 32. If I preload P array than I
don't need pointer to P array so that's 34. What about r28-r31? I thought I
can't use those. If I can than there must be a way to find two "missing"

> Have you tried replacing the right shift by 22 followed by AND with
> right shift by 24 followed by IMUL?  (AND is non-free, whereas IMUL is
> potentially free.)

I am doing that 3 out of 4 times in one macro.


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.