From 2d34a9d25e43f8339fc59284155a687e56af2272 Mon Sep 17 00:00:00 2001
From: Nicholas Ward <npward@berkeley.edu>
Date: Mon, 1 Aug 2022 10:59:06 -0700
Subject: [PATCH] finished sha2 pad

---
 evm/src/cpu/kernel/asm/sha2.asm              | 105 ++++----------
 evm/src/cpu/kernel/asm/sha2_write_length.asm | 143 +++++++++++++++++++
 2 files changed, 173 insertions(+), 75 deletions(-)
 create mode 100644 evm/src/cpu/kernel/asm/sha2_write_length.asm

diff --git a/evm/src/cpu/kernel/asm/sha2.asm b/evm/src/cpu/kernel/asm/sha2.asm
index a45854ec..6a122063 100644
--- a/evm/src/cpu/kernel/asm/sha2.asm
+++ b/evm/src/cpu/kernel/asm/sha2.asm
@@ -82,90 +82,45 @@ global sha2_pad:
     %mload_kernel_general
     // stack: num_bytes, retdest
     // STEP 1: append 1
-    // add 1 << (8*(32-k)-1) to x[num_bytes//32], where k := num_bytes%32
+    // insert 128 (= 1 << 7) at x[num_bytes]
+    // stack: num_bytes, retdest
+    push 1
+    push 7
+    shl
+    // stack: 128, num_bytes, retdest
+    dup2
+    // stack: num_bytes, 128, num_bytes, retdest
+    %mstore_kernel_general
+    // stack: num_bytes, retdest
+    // STEP 2: calculate num_blocks := (num_bytes+8)//64 + 1
     dup1
     // stack: num_bytes, num_bytes, retdest
-    dup1
-    // stack: num_bytes, num_bytes, num_bytes, retdest
-    push 32
-    // stack: 32, num_bytes, num_bytes, num_bytes, retdest
-    swap1
-    // stack: num_bytes, 32, num_bytes, num_bytes, retdest
-    mod
-    // stack: k := num_bytes % 32, num_bytes, num_bytes, retdest
-    push 32
-    sub
-    // stack: 32 - k, num_bytes, num_bytes, retdest
     push 8
-    mul
-    // stack: 8 * (32 - k), num_bytes, num_bytes, retdest
-    %decrement
-    // stack: 8 * (32 - k) - 1, num_bytes, num_bytes, retdest
-    push 1
-    swap1
-    shl
-    // stack: 1 << (8 * (32 - k) - 1), num_bytes, num_bytes, retdest
-    swap1
-    // stack: num_bytes, 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    push 32
-    swap1
-    div
-    // stack: num_bytes // 32, 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    dup1
-    // stack: num_bytes // 32, num_bytes // 32, 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    mload
-    // stack: x[num_bytes // 32], num_bytes // 32, 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    swap1
-    // stack: num_bytes // 32, x[num_bytes // 32], 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    swap2
-    // stack: x[num_bytes // 32], 1 << (8 * (32 - k) - 1), num_bytes // 32, num_bytes, retdest
     add
-    // stack: x[num_bytes // 32] + 1 << (8 * (32 - k) - 1), num_bytes // 32, num_bytes, retdest
-    swap1
-    // stack: num_bytes // 32, x[num_bytes // 32] + 1 << (8 * (32 - k) - 1), num_bytes, retdest
-    mstore
-    // stack: num_bytes, retdest
-    // STEP 2: insert length
-    // (add length := num_bytes*8+1 to x[(num_bytes//64)*2-1])
-    dup1
-    dup1
-    // stack: num_bytes, num_bytes, num_bytes, retdest
-    push 8
-    mul
-    %increment
-    // stack: length := num_bytes*8+1, num_bytes, num_bytes, retdest
-    swap1
-    // stack: num_bytes, length := num_bytes*8+1, num_bytes, retdest
-    push 64
-    swap1
-    div
-    // stack: num_bytes // 64, length := num_bytes*8+1, num_bytes, retdest
-    push 2
-    mul
-    %decrement
-    // stack: (num_bytes // 64) * 2 - 1, length := num_bytes*8+1, num_bytes, retdest
-    dup1
-    // stack: (num_bytes // 64) * 2 - 1, (num_bytes // 64) * 2 - 1, length, num_bytes, retdest
-    mload
-    // stack: x[(num_bytes // 64) * 2 - 1], (num_bytes // 64) * 2 - 1, length, num_bytes, retdest
-    swap1
-    // stack: (num_bytes // 64) * 2 - 1, x[(num_bytes // 64) * 2 - 1], length, num_bytes, retdest
-    swap2
-    // stack: length, x[(num_bytes // 64) * 2 - 1], (num_bytes // 64) * 2 - 1, num_bytes, retdest
-    add
-    // stack: x[(num_bytes // 64) * 2 - 1] + length, (num_bytes // 64) * 2 - 1, num_bytes
-    swap1
-    // stack: (num_bytes // 64) * 2 - 1, x[(num_bytes // 64) * 2 - 1] + length, num_bytes, retdest
-    mstore
-    // stack: num_bytes, retdest
-    // STEP 3: insert num_blocks at start
     push 64
     swap1
     div
     %increment
-    // stack: num_blocks := num_bytes // 64 + 1, retdest
+    // stack: num_blocks = (num_bytes+8)//64 + 1, num_bytes, retdest
+    // STEP 3: calculate length := num_bytes*8+1
+    swap1
+    // stack: num_bytes, num_blocks, retdest
+    push 8
+    mul
+    %increment
+    // stack: length = num_bytes*8+1, num_blocks, retdest
+    // STEP 4: write length to x[num_blocks*64-8..num_blocks*64-1] 
+    dup2
+    // stack: num_blocks, length, num_blocks, retdest
+    push 64
+    mul
+    %decrement
+    // stack: last_addr = num_blocks*64-1, length, num_blocks, retdest
+    %sha2_write_length
+    // stack: num_blocks, retdest
+    // STEP 5: write num_blocks to x[0]
     push 0
-    mstore
+    %mstore_kernel_general
     // stack: retdest
     JUMP
 
diff --git a/evm/src/cpu/kernel/asm/sha2_write_length.asm b/evm/src/cpu/kernel/asm/sha2_write_length.asm
new file mode 100644
index 00000000..f1717878
--- /dev/null
+++ b/evm/src/cpu/kernel/asm/sha2_write_length.asm
@@ -0,0 +1,143 @@
+%macro sha2_write_length
+    // stack: length, last_addr
+    push 1
+    push 8
+    shl
+
+    // stack: 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, length, last_addr
+    mod
+    // stack: length % (1 << 8), length, last_addr
+    dup3
+    // stack: last_addr, length % (1 << 8), length, last_addr
+    %mstore_kernel_general
+    
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 8
+    shr
+    // stack: length >> 8, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 8) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 8) % (1 << 8), 1 << 8, length, last_addr
+    push 1
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 8) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 16
+    shr
+    // stack: length >> 16, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 16) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 16) % (1 << 8), 1 << 8, length, last_addr
+    push 2
+    swap1
+    sub
+    // stack: last_addr - 2, (length >> 16) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 24
+    shr
+    // stack: length >> 24, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 24) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 24) % (1 << 8), 1 << 8, length, last_addr
+    push 3
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 24) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 32
+    shr
+    // stack: length >> 32, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 32) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 32) % (1 << 8), 1 << 8, length, last_addr
+    push 4
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 32) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 40
+    shr
+    // stack: length >> 40, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 40) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 40) % (1 << 8), 1 << 8, length, last_addr
+    push 5
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 40) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 48
+    shr
+    // stack: length >> 48, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 48) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 48) % (1 << 8), 1 << 8, length, last_addr
+    push 6
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 48) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+
+    // stack: 1 << 8, length, last_addr
+    dup1
+    // stack: 1 << 8, 1 << 8, length, last_addr
+    dup2
+    // stack: length, 1 << 8, 1 << 8, length, last_addr
+    push 56
+    shr
+    // stack: length >> 56, 1 << 8, 1 << 8, length, last_addr
+    mod
+    // stack: (length >> 56) % (1 << 8), 1 << 8, length, last_addr
+    dup3
+    // stack: last_addr, (length >> 56) % (1 << 8), 1 << 8, length, last_addr
+    push 7
+    swap1
+    sub
+    // stack: last_addr - 1, (length >> 56) % (1 << 8), 1 << 8, length, last_addr
+    %mstore_kernel_general
+    %pop3
+    // stack: (empty)
+%endmacro