aes-encrypt-internal.asm 3.75 KB
Newer Older
1
2
C nettle, low-level cryptographics library
C 
Niels Möller's avatar
Niels Möller committed
3
C Copyright (C) 2001, 2002, 2005 Rafael R. Sevilla, Niels Möller
4
5
6
7
8
9
10
11
12
13
14
15
16
C  
C The nettle library is free software; you can redistribute it and/or modify
C it under the terms of the GNU Lesser General Public License as published by
C the Free Software Foundation; either version 2.1 of the License, or (at your
C option) any later version.
C 
C The nettle library is distributed in the hope that it will be useful, but
C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
C or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
C License for more details.
C 
C You should have received a copy of the GNU Lesser General Public License
C along with the nettle library; see the file COPYING.LIB.  If not, write to
17
18
C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
C MA 02111-1301, USA.
19

20
21
include_src(<x86/aes.m4>)

22
23
24
25
26
27
28
29
30
31
32
33
34
C Register usage:

C AES state
define(<SA>,<%eax>)
define(<SB>,<%ebx>)
define(<SC>,<%ecx>)
define(<SD>,<%edx>)

C Primary use of these registers. They're also used temporarily for other things.
define(<T>,<%ebp>)
define(<TMP>,<%edi>)
define(<KEY>,<%esi>)

35
36
37
38
39
40
41
42
43
44
45
define(<FRAME_CTX>,	<40(%esp)>)
define(<FRAME_TABLE>,	<44(%esp)>)
define(<FRAME_LENGTH>,	<48(%esp)>)
define(<FRAME_DST>,	<52(%esp)>)
define(<FRAME_SRC>,	<56(%esp)>)

define(<FRAME_KEY>,	<16(%esp)>)
define(<FRAME_COUNT>,	<12(%esp)>)
define(<TA>,		<8(%esp)>)
define(<TB>,		<4(%esp)>)
define(<TC>,		<(%esp)>)
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

C The aes state is kept in %eax, %ebx, %ecx and %edx
C
C %esi is used as temporary, to point to the input, and to the
C subkeys, etc.
C
C %ebp is used as the round counter, and as a temporary in the final round.
C
C %edi is a temporary, often used as an accumulator.

	.file "aes-encrypt-internal.asm"
	
	C _aes_encrypt(struct aes_context *ctx, 
	C	       const struct aes_table *T,
	C	       unsigned length, uint8_t *dst,
	C	       uint8_t *src)
	.text
63
	ALIGN(16)
64
65
66
67
68
69
70
PROLOGUE(_nettle_aes_encrypt)
	C save all registers that need to be saved
	pushl	%ebx		C  20(%esp)
	pushl	%ebp		C  16(%esp)
	pushl	%esi		C  12(%esp)
	pushl	%edi		C  8(%esp)

71
	subl	$20, %esp	C  loop counter and save area for the key pointer
72
73
74
75
76

	movl	FRAME_LENGTH, %ebp
	testl	%ebp,%ebp
	jz	.Lend

77
	shrl	$4, FRAME_LENGTH
Niels Möller's avatar
Niels Möller committed
78

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
.Lblock_loop:
	movl	FRAME_CTX,KEY	C  address of context struct ctx
	
	movl	FRAME_SRC,TMP	C  address of plaintext
	AES_LOAD(SA, SB, SC, SD, TMP, KEY)
	addl	$16, FRAME_SRC	C Increment src pointer
	movl	FRAME_TABLE, T

	C  get number of rounds to do from ctx struct	
	movl	AES_NROUNDS (KEY),TMP
	subl	$1,TMP

	C Loop counter on stack
	movl	TMP, FRAME_COUNT

	addl	$16,KEY		C  point to next key
	movl	KEY,FRAME_KEY
96
	ALIGN(16)
97
.Lround_loop:
Niels Möller's avatar
Niels Möller committed
98
	AES_ROUND(T, SA,SB,SC,SD, TMP, KEY)
99
	movl	TMP, TA
100

Niels Möller's avatar
Niels Möller committed
101
	AES_ROUND(T, SB,SC,SD,SA, TMP, KEY)
102
	movl	TMP, TB
103

Niels Möller's avatar
Niels Möller committed
104
	AES_ROUND(T, SC,SD,SA,SB, TMP, KEY)
105
	movl	TMP, TC
106

107
	AES_ROUND(T, SD,SA,SB,SC, SD, KEY)
108
	
109
110
111
	movl	TA, SA
	movl	TB, SB
	movl	TC, SC
112
113
114
115
116
117
118
119
120
121
122
123
124
	
	movl	FRAME_KEY, KEY

	xorl	(KEY),SA	C  add current session key to plaintext
	xorl	4(KEY),SB
	xorl	8(KEY),SC
	xorl	12(KEY),SD
	addl	$16,FRAME_KEY	C  point to next key
	decl	FRAME_COUNT
	jnz	.Lround_loop

	C last round

125
	AES_FINAL_ROUND(SA,SB,SC,SD, T, TMP, KEY)
126
	movl	TMP, TA
127

128
	AES_FINAL_ROUND(SB,SC,SD,SA, T, TMP, KEY)
129
	movl	TMP, TB
130

131
	AES_FINAL_ROUND(SC,SD,SA,SB, T, TMP, KEY)
132
	movl	TMP, TC
133

134
	AES_FINAL_ROUND(SD,SA,SB,SC, T, SD, KEY)
135

136
137
138
	movl	TA, SA
	movl	TB, SB
	movl	TC, SC
139
140

	C S-box substitution
141
	mov	$3,TMP
142
.Lsubst:
143
	AES_SUBST_BYTE(SA,SB,SC,SD, T, KEY)
144
145
146
147
148
149
150

	decl	TMP
	jnz	.Lsubst

	C Add last subkey, and store encrypted data
	movl	FRAME_DST,TMP
	movl	FRAME_KEY, KEY
Niels Möller's avatar
Niels Möller committed
151
	AES_STORE(SA,SB,SC,SD, KEY, TMP)
152
153
	
	addl	$16, FRAME_DST		C Increment destination pointer
Niels Möller's avatar
Niels Möller committed
154
	decl	FRAME_LENGTH
155
156
157
158

	jnz	.Lblock_loop

.Lend:
159
	addl	$20, %esp
160
161
162
163
164
165
	popl	%edi
	popl	%esi
	popl	%ebp
	popl	%ebx
	ret
EPILOGUE(_nettle_aes_encrypt)