creationix/gimli-core.lua

## gimli-core.lua
local ffi = require 'ffi'
local bit = require 'bit'
local bxor = bit.bxor
local rol = bit.rol
local lshift = bit.lshift
local band = bit.band
local bor = bit.bor

local function gimli(state)
  for round = 24,1,-1 do
    for column = 0,3,1 do
      local x = rol(state[    column], 24)
      local y = rol(state[4 + column], 9)
      local z =     state[8 + column]

      state[8 + column] = bxor(x, lshift(z, 1), lshift(band(y, z), 2))
      state[4 + column] = bxor(y, x,            lshift( bor(x, z), 1))
      state[    column] = bxor(z, y,            lshift(band(x, y), 3))
    end

    local t = band(round, 3)
    if t == 2 then
      -- big swap: pattern ..S...S...S. etc.
      state[0], state[2] = state[2], state[0]
      state[1], state[3] = state[3], state[1]
    elseif t == 0 then
      -- small swap: pattern s...s...s... etc.
      state[0], state[1] = state[1], state[0]
      state[2], state[3] = state[3], state[2]
      -- add constant: pattern c...c...c... etc.
      state[0] = bxor(state[0], bor(0x9e377900, round))
    end

  end
end

local function dump(state)
  print(string.format('%08x %08x %08x %08x %08x %08x', state[0], state[1], state[2], state[3], state[4], state[5]))
  print(string.format('%08x %08x %08x %08x %08x %08x', state[6], state[7], state[8], state[9], state[10], state[11]))
  end

local state = ffi.new 'uint32_t[3*4]'
dump(state)
gimli(state)
print()
dump(state)

## gimli-core.wat
(module
  (type $t0 (func))
  (type $t1 (func (param i32)))
  (type $t2 (func (result i32)))
  (func $__wasm_call_ctors (type $t0))
  (func $gimli_core (export "gimli_core") (type $t1) (param $p0 i32)
    (local $l0 i32) (local $l1 i32) (local $l2 i32) (local $l3 i32) (local $l4 i32) (local $l5 i32) (local $l6 i32) (local $l7 i32) (local $l8 i32) (local $l9 i32) (local $l10 i32) (local $l11 i32) (local $l12 i32) (local $l13 i32) (local $l14 i32) (local $l15 i32) (local $l16 i32) (local $l17 i32) (local $l18 i32) (local $l19 i32) (local $l20 i32) (local $l21 i32) (local $l22 i32) (local $l23 i32) (local $l24 i32) (local $l25 i32)
    get_local $p0
    i32.load offset=44
    set_local $l0
    get_local $p0
    i32.load offset=28
    set_local $l1
    get_local $p0
    i32.load offset=12
    set_local $l2
    get_local $p0
    i32.load offset=40
    set_local $l3
    get_local $p0
    i32.load offset=24
    set_local $l4
    get_local $p0
    i32.load offset=8
    set_local $l5
    get_local $p0
    i32.load offset=36
    set_local $l6
    get_local $p0
    i32.load offset=20
    set_local $l7
    get_local $p0
    i32.load offset=4
    set_local $l8
    get_local $p0
    i32.load offset=32
    set_local $l9
    get_local $p0
    i32.load offset=16
    set_local $l10
    get_local $p0
    i32.load
    set_local $l11
    i32.const 24
    set_local $l12
    loop $L0
      get_local $l1
      i32.const 9
      i32.rotl
      tee_local $l1
      get_local $l0
      i32.xor
      get_local $l1
      get_local $l2
      i32.const 24
      i32.rotl
      tee_local $l13
      i32.and
      i32.const 3
      i32.shl
      i32.xor
      set_local $l14
      get_local $l1
      get_local $l13
      i32.xor
      set_local $l15
      get_local $l13
      get_local $l0
      i32.or
      i32.const 1
      i32.shl
      set_local $l16
      get_local $l4
      i32.const 9
      i32.rotl
      tee_local $l2
      get_local $l3
      i32.xor
      get_local $l2
      get_local $l5
      i32.const 24
      i32.rotl
      tee_local $l17
      i32.and
      i32.const 3
      i32.shl
      i32.xor
      set_local $l18
      get_local $l2
      get_local $l17
      i32.xor
      set_local $l19
      get_local $l17
      get_local $l3
      i32.or
      i32.const 1
      i32.shl
      set_local $l20
      get_local $l7
      i32.const 9
      i32.rotl
      tee_local $l4
      get_local $l6
      i32.xor
      get_local $l4
      get_local $l8
      i32.const 24
      i32.rotl
      tee_local $l21
      i32.and
      i32.const 3
      i32.shl
      i32.xor
      set_local $l8
      get_local $l4
      get_local $l21
      i32.xor
      set_local $l7
      get_local $l21
      get_local $l6
      i32.or
      i32.const 1
      i32.shl
      set_local $l22
      get_local $l10
      i32.const 9
      i32.rotl
      tee_local $l5
      get_local $l9
      i32.xor
      get_local $l5
      get_local $l11
      i32.const 24
      i32.rotl
      tee_local $l23
      i32.and
      i32.const 3
      i32.shl
      i32.xor
      set_local $l10
      get_local $l5
      get_local $l23
      i32.xor
      set_local $l24
      get_local $l23
      get_local $l9
      i32.or
      i32.const 1
      i32.shl
      set_local $l25
      get_local $l0
      i32.const 1
      i32.shl
      get_local $l1
      get_local $l0
      i32.and
      i32.const 2
      i32.shl
      i32.xor
      set_local $l0
      get_local $l3
      i32.const 1
      i32.shl
      get_local $l2
      get_local $l3
      i32.and
      i32.const 2
      i32.shl
      i32.xor
      set_local $l3
      get_local $l6
      i32.const 1
      i32.shl
      get_local $l4
      get_local $l6
      i32.and
      i32.const 2
      i32.shl
      i32.xor
      set_local $l6
      get_local $l9
      i32.const 1
      i32.shl
      get_local $l5
      get_local $l9
      i32.and
      i32.const 2
      i32.shl
      i32.xor
      set_local $l9
      block $B1
        block $B2
          block $B3
            get_local $l12
            i32.const 3
            i32.and
            tee_local $l1
            i32.const 2
            i32.eq
            br_if $B3
            get_local $l1
            br_if $B2
            get_local $l8
            get_local $l12
            i32.const -1640531712
            i32.or
            i32.xor
            set_local $l11
            get_local $l18
            set_local $l2
            get_local $l14
            set_local $l5
            get_local $l10
            set_local $l8
            br $B1
          end
          get_local $l8
          set_local $l2
          get_local $l10
          set_local $l5
          get_local $l14
          set_local $l8
          get_local $l18
          set_local $l11
          br $B1
        end
        get_local $l14
        set_local $l2
        get_local $l18
        set_local $l5
        get_local $l10
        set_local $l11
      end
      get_local $l15
      get_local $l16
      i32.xor
      set_local $l1
      get_local $l19
      get_local $l20
      i32.xor
      set_local $l4
      get_local $l7
      get_local $l22
      i32.xor
      set_local $l7
      get_local $l24
      get_local $l25
      i32.xor
      set_local $l10
      get_local $l0
      get_local $l13
      i32.xor
      set_local $l0
      get_local $l3
      get_local $l17
      i32.xor
      set_local $l3
      get_local $l6
      get_local $l21
      i32.xor
      set_local $l6
      get_local $l9
      get_local $l23
      i32.xor
      set_local $l9
      get_local $l12
      i32.const -1
      i32.add
      tee_local $l12
      br_if $L0
    end
    get_local $p0
    get_local $l11
    i32.store
    get_local $p0
    i32.const 16
    i32.add
    get_local $l10
    i32.store
    get_local $p0
    i32.const 32
    i32.add
    get_local $l9
    i32.store
    get_local $p0
    i32.const 36
    i32.add
    get_local $l6
    i32.store
    get_local $p0
    i32.const 20
    i32.add
    get_local $l7
    i32.store
    get_local $p0
    i32.const 4
    i32.add
    get_local $l8
    i32.store
    get_local $p0
    i32.const 40
    i32.add
    get_local $l3
    i32.store
    get_local $p0
    i32.const 24
    i32.add
    get_local $l4
    i32.store
    get_local $p0
    i32.const 8
    i32.add
    get_local $l5
    i32.store
    get_local $p0
    i32.const 44
    i32.add
    get_local $l0
    i32.store
    get_local $p0
    i32.const 28
    i32.add
    get_local $l1
    i32.store
    get_local $p0
    i32.const 12
    i32.add
    get_local $l2
    i32.store)
  (func $main (export "main") (type $t2) (result i32)
    (local $l0 i32) (local $l1 i32)
    get_global $g0
    i32.const 48
    i32.sub
    tee_local $l0
    set_global $g0
    get_local $l0
    call $gimli_core
    get_local $l0
    i32.load offset=44
    set_local $l1
    get_local $l0
    i32.const 48
    i32.add
    set_global $g0
    get_local $l1)
  (table $T0 1 1 anyfunc)
  (memory $memory (export "memory") 2)
  (global $g0 (mut i32) (i32.const 66560))
  (global $__heap_base (export "__heap_base") i32 (i32.const 66560))
  (global $__data_end (export "__data_end") i32 (i32.const 1024)))
	local ffi = require 'ffi'
	local bit = require 'bit'
	local bxor = bit.bxor
	local rol = bit.rol
	local lshift = bit.lshift
	local band = bit.band
	local bor = bit.bor

	local function gimli(state)
	for round = 24,1,-1 do
	for column = 0,3,1 do
	local x = rol(state[ column], 24)
	local y = rol(state[4 + column], 9)
	local z = state[8 + column]

	state[8 + column] = bxor(x, lshift(z, 1), lshift(band(y, z), 2))
	state[4 + column] = bxor(y, x, lshift( bor(x, z), 1))
	state[ column] = bxor(z, y, lshift(band(x, y), 3))
	end

	local t = band(round, 3)
	if t == 2 then
	-- big swap: pattern ..S...S...S. etc.
	state[0], state[2] = state[2], state[0]
	state[1], state[3] = state[3], state[1]
	elseif t == 0 then
	-- small swap: pattern s...s...s... etc.
	state[0], state[1] = state[1], state[0]
	state[2], state[3] = state[3], state[2]
	-- add constant: pattern c...c...c... etc.
	state[0] = bxor(state[0], bor(0x9e377900, round))
	end

	end
	end

	local function dump(state)
	print(string.format('%08x %08x %08x %08x %08x %08x', state[0], state[1], state[2], state[3], state[4], state[5]))
	print(string.format('%08x %08x %08x %08x %08x %08x', state[6], state[7], state[8], state[9], state[10], state[11]))
	end

	local state = ffi.new 'uint32_t[3*4]'
	dump(state)
	gimli(state)
	print()
	dump(state)
	(module
	(type $t0 (func))
	(type $t1 (func (param i32)))
	(type $t2 (func (result i32)))
	(func $__wasm_call_ctors (type $t0))
	(func $gimli_core (export "gimli_core") (type $t1) (param $p0 i32)
	(local $l0 i32) (local $l1 i32) (local $l2 i32) (local $l3 i32) (local $l4 i32) (local $l5 i32) (local $l6 i32) (local $l7 i32) (local $l8 i32) (local $l9 i32) (local $l10 i32) (local $l11 i32) (local $l12 i32) (local $l13 i32) (local $l14 i32) (local $l15 i32) (local $l16 i32) (local $l17 i32) (local $l18 i32) (local $l19 i32) (local $l20 i32) (local $l21 i32) (local $l22 i32) (local $l23 i32) (local $l24 i32) (local $l25 i32)
	get_local $p0
	i32.load offset=44
	set_local $l0
	get_local $p0
	i32.load offset=28
	set_local $l1
	get_local $p0
	i32.load offset=12
	set_local $l2
	get_local $p0
	i32.load offset=40
	set_local $l3
	get_local $p0
	i32.load offset=24
	set_local $l4
	get_local $p0
	i32.load offset=8
	set_local $l5
	get_local $p0
	i32.load offset=36
	set_local $l6
	get_local $p0
	i32.load offset=20
	set_local $l7
	get_local $p0
	i32.load offset=4
	set_local $l8
	get_local $p0
	i32.load offset=32
	set_local $l9
	get_local $p0
	i32.load offset=16
	set_local $l10
	get_local $p0
	i32.load
	set_local $l11
	i32.const 24
	set_local $l12
	loop $L0
	get_local $l1
	i32.const 9
	i32.rotl
	tee_local $l1
	get_local $l0
	i32.xor
	get_local $l1
	get_local $l2
	i32.const 24
	i32.rotl
	tee_local $l13
	i32.and
	i32.const 3
	i32.shl
	i32.xor
	set_local $l14
	get_local $l1
	get_local $l13
	i32.xor
	set_local $l15
	get_local $l13
	get_local $l0
	i32.or
	i32.const 1
	i32.shl
	set_local $l16
	get_local $l4
	i32.const 9
	i32.rotl
	tee_local $l2
	get_local $l3
	i32.xor
	get_local $l2
	get_local $l5
	i32.const 24
	i32.rotl
	tee_local $l17
	i32.and
	i32.const 3
	i32.shl
	i32.xor
	set_local $l18
	get_local $l2
	get_local $l17
	i32.xor
	set_local $l19
	get_local $l17
	get_local $l3
	i32.or
	i32.const 1
	i32.shl
	set_local $l20
	get_local $l7
	i32.const 9
	i32.rotl
	tee_local $l4
	get_local $l6
	i32.xor
	get_local $l4
	get_local $l8
	i32.const 24
	i32.rotl
	tee_local $l21
	i32.and
	i32.const 3
	i32.shl
	i32.xor
	set_local $l8
	get_local $l4
	get_local $l21
	i32.xor
	set_local $l7
	get_local $l21
	get_local $l6
	i32.or
	i32.const 1
	i32.shl
	set_local $l22
	get_local $l10
	i32.const 9
	i32.rotl
	tee_local $l5
	get_local $l9
	i32.xor
	get_local $l5
	get_local $l11
	i32.const 24
	i32.rotl
	tee_local $l23
	i32.and
	i32.const 3
	i32.shl
	i32.xor
	set_local $l10
	get_local $l5
	get_local $l23
	i32.xor
	set_local $l24
	get_local $l23
	get_local $l9
	i32.or
	i32.const 1
	i32.shl
	set_local $l25
	get_local $l0
	i32.const 1
	i32.shl
	get_local $l1
	get_local $l0
	i32.and
	i32.const 2
	i32.shl
	i32.xor
	set_local $l0
	get_local $l3
	i32.const 1
	i32.shl
	get_local $l2
	get_local $l3
	i32.and
	i32.const 2
	i32.shl
	i32.xor
	set_local $l3
	get_local $l6
	i32.const 1
	i32.shl
	get_local $l4
	get_local $l6
	i32.and
	i32.const 2
	i32.shl
	i32.xor
	set_local $l6
	get_local $l9
	i32.const 1
	i32.shl
	get_local $l5
	get_local $l9
	i32.and
	i32.const 2
	i32.shl
	i32.xor
	set_local $l9
	block $B1
	block $B2
	block $B3
	get_local $l12
	i32.const 3
	i32.and
	tee_local $l1
	i32.const 2
	i32.eq
	br_if $B3
	get_local $l1
	br_if $B2
	get_local $l8
	get_local $l12
	i32.const -1640531712
	i32.or
	i32.xor
	set_local $l11
	get_local $l18
	set_local $l2
	get_local $l14
	set_local $l5
	get_local $l10
	set_local $l8
	br $B1
	end
	get_local $l8
	set_local $l2
	get_local $l10
	set_local $l5
	get_local $l14
	set_local $l8
	get_local $l18
	set_local $l11
	br $B1
	end
	get_local $l14
	set_local $l2
	get_local $l18
	set_local $l5
	get_local $l10
	set_local $l11
	end
	get_local $l15
	get_local $l16
	i32.xor
	set_local $l1
	get_local $l19
	get_local $l20
	i32.xor
	set_local $l4
	get_local $l7
	get_local $l22
	i32.xor
	set_local $l7
	get_local $l24
	get_local $l25
	i32.xor
	set_local $l10
	get_local $l0
	get_local $l13
	i32.xor
	set_local $l0
	get_local $l3
	get_local $l17
	i32.xor
	set_local $l3
	get_local $l6
	get_local $l21
	i32.xor
	set_local $l6
	get_local $l9
	get_local $l23
	i32.xor
	set_local $l9
	get_local $l12
	i32.const -1
	i32.add
	tee_local $l12
	br_if $L0
	end
	get_local $p0
	get_local $l11
	i32.store
	get_local $p0
	i32.const 16
	i32.add
	get_local $l10
	i32.store
	get_local $p0
	i32.const 32
	i32.add
	get_local $l9
	i32.store
	get_local $p0
	i32.const 36
	i32.add
	get_local $l6
	i32.store
	get_local $p0
	i32.const 20
	i32.add
	get_local $l7
	i32.store
	get_local $p0
	i32.const 4
	i32.add
	get_local $l8
	i32.store
	get_local $p0
	i32.const 40
	i32.add
	get_local $l3
	i32.store
	get_local $p0
	i32.const 24
	i32.add
	get_local $l4
	i32.store
	get_local $p0
	i32.const 8
	i32.add
	get_local $l5
	i32.store
	get_local $p0
	i32.const 44
	i32.add
	get_local $l0
	i32.store
	get_local $p0
	i32.const 28
	i32.add
	get_local $l1
	i32.store
	get_local $p0
	i32.const 12
	i32.add
	get_local $l2
	i32.store)
	(func $main (export "main") (type $t2) (result i32)
	(local $l0 i32) (local $l1 i32)
	get_global $g0
	i32.const 48
	i32.sub
	tee_local $l0
	set_global $g0
	get_local $l0
	call $gimli_core
	get_local $l0
	i32.load offset=44
	set_local $l1
	get_local $l0
	i32.const 48
	i32.add
	set_global $g0
	get_local $l1)
	(table $T0 1 1 anyfunc)
	(memory $memory (export "memory") 2)
	(global $g0 (mut i32) (i32.const 66560))
	(global $__heap_base (export "__heap_base") i32 (i32.const 66560))
	(global $__data_end (export "__data_end") i32 (i32.const 1024)))