x86.s

UNIX、linux密码的破密程序源代码实现

DES_SPE_F:
.space 0x1000

#else

.globl DES_SPE_L
DES_SPE_L:
#ifdef DUMBAS
.zero 0x800
#else
.space 0x800
#endif

/*
 * Cache bank shift. This should be at least as large as the word size, but
 * smaller than the cache line size. (At least on Intel Pentium, two loads
 * can't dual issue if accessing the same cache bank.)
 */
.long 0

.globl DES_SPE_H
DES_SPE_H:
#ifdef DUMBAS
.zero 0x800
#else
.space 0x800
#endif

#endif

DO_ALIGN(5)

.globl DES_KS_current
DES_KS_current:
#ifdef DUMBAS
.zero 128
#else
.space 128
#endif

.globl DES_KS_table
DES_KS_table:
#ifdef DUMBAS
.zero 0x20000
#else
.space (8 * 128 * 16 * 8)
#endif

/*
 * MD5 stuff, optimized for Intel Pentium only right now.
 */

#define S11				7
#define S12				12
#define S13				17
#define S14				22
#define S21				5
#define S22				9
#define S23				14
#define S24				20
#define S31				4
#define S32				11
#define S33				16
#define S34				23
#define S41				6
#define S42				10
#define S43				15
#define S44				21

#define Ca				0x67452301
#define Cb				0xefcdab89
#define Cc				0x98badcfe
#define Cd				0x10325476

#define a				%esi
#define b				%edi
#define c				%edx
#define d				%ebx
#undef tmp1
#undef tmp2
#define tmp1				%eax
#define tmp2				%ecx
#ifdef DUMBAS
#define x(i)				i+i+i+i(%ebp)
#else
#define x(i)				4*i(%ebp)
#endif

.text

#define FF(a, b, c, d, x, s, ac) \
	andl b,tmp1; \
	addl x,a; \
	xorl d,tmp1; \
	addl $ac,a; \
	addl tmp1,a; \
	movl b,tmp1; \
	roll $s,a; \
	xorl c,tmp1; \
	addl b,a

#define GG(a, b, c, d, x, s, ac) \
	movl x,tmp2; \
	xorl b,tmp1; \
	addl tmp2,a; \
	andl d,tmp1; \
	addl $ac,a; \
	xorl c,tmp1; \
	addl tmp1,a; \
	roll $s,a; \
	movl b,tmp1; \
	addl b,a

#define HH(a, b, c, d, x, s, ac) \
	movl c,tmp1; \
	addl tmp2,a; \
	xorl d,tmp1; \
	addl $ac,a; \
	xorl b,tmp1; \
	movl x,tmp2; \
	addl tmp1,a; \
	roll $s,a; \
	addl b,a

#define II(a, b, c, d, x, s, ac) \
	xorl d,tmp2; \
	addl x,a; \
	orl b,tmp2; \
	addl $ac,a; \
	xorl c,tmp2; \
	addl tmp2,a; \
	movl $-1,tmp2; \
	roll $s,a; \
	addl b,a

DO_ALIGN(5)
.globl MD5_body
MD5_body:
	pushl %ebp
	movl 8(%esp),%ebp
	pushl %ebx
	pushl %esi
	pushl %edi
/* Round 1 */
	movl x(0),a
	movl x(1),d
	addl $0xd76aa477,a
	roll $S11,a
	addl $0xf8fa0bcc,d
	addl $Cb,a
	movl x(2),c
	movl a,tmp1
	movl a,tmp2
	andl $0x77777777,tmp1
	xorl $Cb,tmp2
	xorl $Cc,tmp1
	addl $0xbcdb4dd9,c
	addl tmp1,d
	roll $S12,d
	addl a,d
	andl d,tmp2
	xorl $Cb,tmp2
	addl tmp2,c
	movl d,tmp1
	roll $S13,c
	xorl a,tmp1
	addl d,c
	andl c,tmp1
	movl x(3),b
	xorl a,tmp1
	addl $0xb18b7a77,b
	addl tmp1,b
	movl c,tmp1
	roll $S14,b
	xorl d,tmp1
	addl c,b
	FF (a, b, c, d, x( 4), S11, 0xf57c0faf) /* 5 */
	FF (d, a, b, c, x( 5), S12, 0x4787c62a) /* 6 */
	FF (c, d, a, b, x( 6), S13, 0xa8304613) /* 7 */
	FF (b, c, d, a, x( 7), S14, 0xfd469501) /* 8 */
	FF (a, b, c, d, x( 8), S11, 0x698098d8) /* 9 */
	FF (d, a, b, c, x( 9), S12, 0x8b44f7af) /* 10 */
	FF (c, d, a, b, x(10), S13, 0xffff5bb1) /* 11 */
	FF (b, c, d, a, x(11), S14, 0x895cd7be) /* 12 */
	FF (a, b, c, d, x(12), S11, 0x6b901122) /* 13 */
	FF (d, a, b, c, x(13), S12, 0xfd987193) /* 14 */
	FF (c, d, a, b, x(14), S13, 0xa679438e) /* 15 */
	andl c,tmp1
	addl $0x49b40821,b
	xorl a,tmp1
	addl tmp1,b
	roll $S14,b
	movl c,tmp1
	addl c,b
/* Round 2 */
	GG (a, b, c, d, x( 1), S21, 0xf61e2562) /* 17 */
	GG (d, a, b, c, x( 6), S22, 0xc040b340) /* 18 */
	GG (c, d, a, b, x(11), S23, 0x265e5a51) /* 19 */
	GG (b, c, d, a, x( 0), S24, 0xe9b6c7aa) /* 20 */
	GG (a, b, c, d, x( 5), S21, 0xd62f105d) /* 21 */
	GG (d, a, b, c, x(10), S22,  0x2441453) /* 22 */
	xorl d,tmp1
	andl b,tmp1
	addl $0xd8a1e681,c
	xorl a,tmp1
	addl tmp1,c
	roll $S23,c
	movl d,tmp1
	addl d,c
	GG (b, c, d, a, x( 4), S24, 0xe7d3fbc8) /* 24 */
	GG (a, b, c, d, x( 9), S21, 0x21e1cde6) /* 25 */
	GG (d, a, b, c, x(14), S22, 0xc33707d6) /* 26 */
	GG (c, d, a, b, x( 3), S23, 0xf4d50d87) /* 27 */
	GG (b, c, d, a, x( 8), S24, 0x455a14ed) /* 28 */
	GG (a, b, c, d, x(13), S21, 0xa9e3e905) /* 29 */
	GG (d, a, b, c, x( 2), S22, 0xfcefa3f8) /* 30 */
	GG (c, d, a, b, x( 7), S23, 0x676f02d9) /* 31 */
	movl x(12),tmp2
	xorl c,tmp1
	addl tmp2,b
	andl a,tmp1
	addl $0x8d2a4c8a,b
	xorl d,tmp1
	movl x(5),tmp2
	addl tmp1,b
	roll $S24,b
	addl c,b
/* Round 3 */
	HH (a, b, c, d, x( 8), S31, 0xfffa3942) /* 33 */
	HH (d, a, b, c, x(11), S32, 0x8771f681) /* 34 */
	HH (c, d, a, b, x(14), S33, 0x6d9d6122) /* 35 */
	HH (b, c, d, a, x( 1), S34, 0xfde5380c) /* 36 */
	HH (a, b, c, d, x( 4), S31, 0xa4beea44) /* 37 */
	HH (d, a, b, c, x( 7), S32, 0x4bdecfa9) /* 38 */
	HH (c, d, a, b, x(10), S33, 0xf6bb4b60) /* 39 */
	HH (b, c, d, a, x(13), S34, 0xbebfbc70) /* 40 */
	HH (a, b, c, d, x( 0), S31, 0x289b7ec6) /* 41 */
	HH (d, a, b, c, x( 3), S32, 0xeaa127fa) /* 42 */
	HH (c, d, a, b, x( 6), S33, 0xd4ef3085) /* 43 */
	HH (b, c, d, a, x( 9), S34,  0x4881d05) /* 44 */
	HH (a, b, c, d, x(12), S31, 0xd9d4d039) /* 45 */
	HH (d, a, b, c, x( 2), S32, 0xe6db99e5) /* 46 */
	movl a,tmp1
	xorl b,tmp1
	addl $0x1fa27cf8,c
	xorl d,tmp1
	addl tmp1,c
	roll $S33,c
	addl d,c
	HH (b, c, d, a,   $-1, S34, 0xc4ac5665) /* 48 */
/* Round 4 */
	II (a, b, c, d, x( 0), S41, 0xf4292244) /* 49 */
	II (d, a, b, c, x( 7), S42, 0x432aff97) /* 50 */
	II (c, d, a, b, x(14), S43, 0xab9423a7) /* 51 */
	II (b, c, d, a, x( 5), S44, 0xfc93a039) /* 52 */
	II (a, b, c, d, x(12), S41, 0x655b59c3) /* 53 */
	II (d, a, b, c, x( 3), S42, 0x8f0ccc92) /* 54 */
	II (c, d, a, b, x(10), S43, 0xffeff47d) /* 55 */
	II (b, c, d, a, x( 1), S44, 0x85845dd1) /* 56 */
	II (a, b, c, d, x( 8), S41, 0x6fa87e4f) /* 57 */
	xorl c,tmp2
	orl a,tmp2
	addl $0xfe2ce6e0,d
	xorl b,tmp2
	addl tmp2,d
	movl $-1,tmp2
	roll $S42,d
	addl a,d
	II (c, d, a, b, x( 6), S43, 0xa3014314) /* 59 */
	II (b, c, d, a, x(13), S44, 0x4e0811a1) /* 60 */
	II (a, b, c, d, x( 4), S41, 0xf7537e82) /* 61 */
	II (d, a, b, c, x(11), S42, 0xbd3af235) /* 62 */
	II (c, d, a, b, x( 2), S43, 0x2ad7d2bb) /* 63 */
	xorl a,tmp2
	addl x(9),b
	orl c,tmp2
	addl $0xeb86d391,b
	xorl d,tmp2
	addl tmp2,b
	movl 24(%esp),tmp1
	roll $S44,b
/* Update the state and return */
	addl $Ca,a
	addl $Cd,d
	movl a,(tmp1)
	leal Cb(b,c),b
	addl $Cc,c
	movl b,4(tmp1)
	movl c,8(tmp1)
	movl d,12(tmp1)
	popl %edi
	popl %esi
	popl %ebx
	popl %ebp
	ret

/*
 * Blowfish stuff.
 */

#ifdef DUMBAS
#define P(N)				BF_current+0x1000+N+N+N+N
#else
#define P(N)				BF_current+0x1000+4*N
#endif

/*
 * Intel Pentium optimized version, extra operations are used to avoid
 * imperfect pairing.  Also used on the Pentium 4.
 */

#undef L
#undef R
#undef tmp1
#undef tmp2
#define L				%esi
#define R				%edi
#define tmp1				%eax
#define tmp1_lo				%al
#define tmp2				%ecx
#define tmp2_hi				%ch
#define tmp3				%edx
#define tmp3_lo				%dl
#define tmp4				%ebx
#define tmp4_hi				%bh
#define tmp5				%ebp

.text

#define BF_ROUND_P5(L, R, N) \
	xorl L,tmp2; \
	xorl tmp1,tmp1; \
	movl tmp2,L; \
	shrl $16,tmp2; \
	movl L,tmp4; \
	movb tmp2_hi,tmp1_lo; \
	andl $0xFF,tmp2; \
	movb tmp4_hi,tmp3_lo; \
	andl $0xFF,tmp4; \
	movl BF_current(,tmp1,4),tmp1; \
	movl BF_current+0x400(,tmp2,4),tmp5; \
	addl tmp5,tmp1; \
	movl BF_current+0x800(,tmp3,4),tmp5; \
	xorl tmp5,tmp1; \
	movl BF_current+0xC00(,tmp4,4),tmp5; \
	addl tmp1,tmp5; \
	movl P(N)+4,tmp2; \
	xorl tmp5,R

#define BF_ENCRYPT_START_P5 \
	BF_ROUND_P5(L, R, 0); \
	BF_ROUND_P5(R, L, 1); \
	BF_ROUND_P5(L, R, 2); \
	BF_ROUND_P5(R, L, 3); \
	BF_ROUND_P5(L, R, 4); \
	BF_ROUND_P5(R, L, 5); \
	BF_ROUND_P5(L, R, 6); \
	BF_ROUND_P5(R, L, 7); \
	BF_ROUND_P5(L, R, 8); \
	BF_ROUND_P5(R, L, 9); \
	BF_ROUND_P5(L, R, 10); \
	BF_ROUND_P5(R, L, 11); \
	BF_ROUND_P5(L, R, 12); \
	BF_ROUND_P5(R, L, 13); \
	BF_ROUND_P5(L, R, 14); \
	BF_ROUND_P5(R, L, 15); \
	movl BF_ptr,tmp5; \
	xorl L,tmp2; \
	movl P(17),L

#define BF_ENCRYPT_END_P5 \
	xorl R,L; \
	movl tmp2,R

DO_ALIGN(12)
.globl BF_body_P5
BF_body_P5:
	pushl %ebp
	pushl %ebx
	pushl %esi
	pushl %edi
	xorl L,L
	xorl R,R
	movl P(0),tmp2
	xorl tmp3,tmp3
	movl $P(0),BF_ptr
BF_loop_P_P5:
	BF_ENCRYPT_START_P5
	addl $8,tmp5
	BF_ENCRYPT_END_P5
	movl tmp5,BF_ptr
	cmpl $P(18),tmp5
	movl L,-8(tmp5)
	movl R,-4(tmp5)
	movl P(0),tmp2
	jb BF_loop_P_P5
#ifndef DONT_AVOID_PENTIUMPRO_FAMILY_PARTIAL_REGISTER_STALLS
	xorl tmp3,tmp3
#endif
	movl $BF_current,BF_ptr
BF_loop_S_P5:
	BF_ENCRYPT_START_P5
	BF_ENCRYPT_END_P5
	movl P(0),tmp2
	movl L,(tmp5)
	movl R,4(tmp5)
	BF_ENCRYPT_START_P5
	BF_ENCRYPT_END_P5
	movl P(0),tmp2
	movl L,8(tmp5)
	movl R,12(tmp5)
	BF_ENCRYPT_START_P5
	BF_ENCRYPT_END_P5
	movl P(0),tmp2
	movl L,16(tmp5)
	movl R,20(tmp5)
	BF_ENCRYPT_START_P5
	addl $32,tmp5
	BF_ENCRYPT_END_P5
	movl tmp5,BF_ptr
	cmpl $BF_current+0x1000,tmp5
	movl P(0),tmp2
	movl L,-8(tmp5)
	movl R,-4(tmp5)
	jb BF_loop_S_P5
	popl %edi
	popl %esi
	popl %ebx
	popl %ebp
	ret

/*
 * Generic x86 version.
 */

#undef L
#undef R
#undef tmp1
#undef tmp1_lo
#undef tmp2
#undef tmp2_hi
#undef tmp3
#undef tmp3_lo
#undef tmp4
#undef tmp4_hi
#undef tmp5
#define L				%edx
#define L_lo				%dl
#define L_hi				%dh
#define R				%ebx
#define R_lo				%bl
#define R_hi				%bh
#define tmp1				%eax
#define tmp2				%ecx
#define tmp2_hi				%ch
#define tmp3				%esi
#define tmp4				%edi
#define ptr				%ebp

#define BF_ROUND_START(L, L_lo, L_hi) \
	shldl $16,L,tmp2; \
	movzbl L_hi,tmp3; \
	movzbl tmp2_hi,tmp1; \
	andl $0xFF,tmp2; \
	movzbl L_lo,tmp4; \
	movl BF_current(,tmp1,4),tmp1; \
	addl BF_current+0x400(,tmp2,4),tmp1

#define BF_ROUND_END(R, N) \
	xorl BF_current+0x800(,tmp3,4),tmp1; \
	addl BF_current+0xC00(,tmp4,4),tmp1; \
	xorl P(N)+4,R; \
	xorl tmp1,R

#define BF_ROUND(L, L_lo, L_hi, R, N) \
	BF_ROUND_START(L, L_lo, L_hi); \
	BF_ROUND_END(R, N)

#define BF_ENCRYPT_START \
	xorl P(0),L; \
	BF_ROUND(L, L_lo, L_hi, R, 0); \
	BF_ROUND(R, R_lo, R_hi, L, 1); \
	BF_ROUND(L, L_lo, L_hi, R, 2); \
	BF_ROUND(R, R_lo, R_hi, L, 3); \
	BF_ROUND(L, L_lo, L_hi, R, 4); \
	BF_ROUND(R, R_lo, R_hi, L, 5); \
	BF_ROUND(L, L_lo, L_hi, R, 6); \
	BF_ROUND(R, R_lo, R_hi, L, 7); \
	BF_ROUND(L, L_lo, L_hi, R, 8); \
	BF_ROUND(R, R_lo, R_hi, L, 9); \
	BF_ROUND(L, L_lo, L_hi, R, 10); \
	BF_ROUND(R, R_lo, R_hi, L, 11); \
	BF_ROUND(L, L_lo, L_hi, R, 12); \
	BF_ROUND(R, R_lo, R_hi, L, 13); \
	BF_ROUND(L, L_lo, L_hi, R, 14); \
	BF_ROUND_START(R, R_lo, R_hi); \
	movl R,tmp2; \
	movl P(16),R; \
	xorl BF_current+0x800(,tmp3,4),tmp1; \
	xorl L,R; \
	addl BF_current+0xC00(,tmp4,4),tmp1; \
	movl P(17),L; \
	xorl tmp1,R; \

#define BF_ENCRYPT_END \
	xorl tmp2,L

DO_ALIGN(12)
.globl BF_body_generic
BF_body_generic:
	pushl %ebp
	pushl %ebx
	pushl %esi
	pushl %edi
	xorl L,L
	xorl R,R
	movl $P(0),ptr
BF_loop_P_generic:
	BF_ENCRYPT_START
	addl $8,ptr
	BF_ENCRYPT_END
	cmpl $P(18),ptr
	movl L,-8(ptr)
	movl R,-4(ptr)
	jb BF_loop_P_generic
	movl $BF_current,ptr
BF_loop_S_generic:
	BF_ENCRYPT_START
	BF_ENCRYPT_END
	movl L,(ptr)
	movl R,4(ptr)
	BF_ENCRYPT_START
	BF_ENCRYPT_END
	movl L,8(ptr)
	movl R,12(ptr)
	BF_ENCRYPT_START
	BF_ENCRYPT_END
	movl L,16(ptr)
	movl R,20(ptr)
	BF_ENCRYPT_START
	addl $32,ptr
	BF_ENCRYPT_END
	cmpl $BF_current+0x1000,ptr
	movl L,-8(ptr)
	movl R,-4(ptr)
	jb BF_loop_S_generic
	popl %edi
	popl %esi
	popl %ebx
	popl %ebp
	ret

#ifdef BSD
.data
#else
.bss
#endif

#ifdef DUMBAS
DO_ALIGN(12)
.zero 0x1000 - 96
#elif defined(__DJGPP__)
.text
DO_ALIGN(12)
.space (0x1000 - 96 - 0x100)
#else
DO_ALIGN(12)
.space (0x1000 - 96)
#endif

.globl BF_current
BF_current:
#ifdef DUMBAS
.zero 0x1000 + 72
#else
.space (0x1000 + 72)
#endif

BF_ptr:
.long 0

/*
 * The function pointer, set by CPU_detect().
 */
.globl BF_body
BF_body:
.long 0

#ifdef __DJGPP__
.space 32
#endif

/*
 * CPU detection.
 */

#define EF_ID				$0x00200000
#define CF_MMX				$0x00800000
/* "GenuineIntel" */
#define CV_INTEL			$0x6C65746E
/* "AuthenticAMD" */
#define CV_AMD				$0x444D4163
/* "CentaurHauls" */
#define CV_CENTAUR			$0x736C7561

.text

#if !DES_X2
#define cpuid \
	.byte 0x0F; \
	.byte 0xA2
#endif

.globl CPU_detect
CPU_detect:
	pushl %ebx
	movl $BF_body_generic,BF_body
	pushfl
	pushfl
	xorl EF_ID,(%esp)
	popfl
	pushfl
	popl %eax
	xorl (%esp),%eax
	popfl
	andl EF_ID,%eax
	jz CPU_detect_ret		/* 386/486 */
	xorl %eax,%eax
	cpuid
	testl %eax,%eax
	jz CPU_detect_ret		/* Newer 486's */
	pushl %ecx
	movl $1,%eax
	cpuid
	popl %ecx
#if DES_X2
	xchgl %edx,%eax
	andl CF_MMX,%eax
	jz CPU_detect_ret		/* No MMX */
	xchgl %edx,%eax
#endif
	andb $0x0F,%ah
	cmpl CV_AMD,%ecx
	je CPU_detect_AMD		/* Is an AMD processor */
	cmpl CV_CENTAUR,%ecx
	je CPU_detect_P5		/* Is a Centaur Technology processor */
	cmpl CV_INTEL,%ecx
	jne CPU_detect_yes		/* Not an Intel or AMD */
	cmpb $5,%ah
	je CPU_detect_P5		/* Intel Pentium */
	cmpb $15,%ah
	je CPU_detect_P5		/* Intel Pentium 4 */
	jmp CPU_detect_yes		/* Not one of the above */
CPU_detect_AMD:
	cmpb $6,%ah
	jne CPU_detect_yes		/* Not an AMD Athlon */
CPU_detect_P5:
/*
 * Enable Intel Pentium optimizations when running on one of:
 *
 * Intel Pentium
 * Intel Pentium 4
 * AMD Athlon
 * Centaur Technology processors (IDT Winchip to VIA C3 and beyond)
 *
 */
#if !DES_X2
	movl $DES_std_crypt_P5,DES_std_crypt
#endif
	movl $BF_body_P5,BF_body
CPU_detect_yes:
#if DES_X2
	movb $1,%al
#endif
CPU_detect_ret:
	popl %ebx
	ret