From 934c16289064b25600ecef391da7a5311268a6b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se> Date: Wed, 15 May 2002 11:12:22 +0200 Subject: [PATCH] * x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate file... * x86/aes.asm: ... from here. Rev: src/nettle/x86/aes-decrypt.asm:1.2 Rev: src/nettle/x86/aes-encrypt.asm:1.14 Rev: src/nettle/x86/aes.asm:1.12 --- x86/aes-decrypt.asm | 267 ++++++++++++++++++++++++++++++++++++++++++- x86/aes-encrypt.asm | 2 + x86/aes.asm | 270 -------------------------------------------- 3 files changed, 268 insertions(+), 271 deletions(-) diff --git a/x86/aes-decrypt.asm b/x86/aes-decrypt.asm index 888538b5..63dd703c 100644 --- a/x86/aes-decrypt.asm +++ b/x86/aes-decrypt.asm @@ -17,4 +17,269 @@ C along with the nettle library; see the file COPYING.LIB. If not, write to C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, C MA 02111-1307, USA. - .file "aes-encrypt.asm" + .file "aes-decrypt.asm" + + C aes_decrypt(struct aes_context *ctx, + C unsigned length, uint8_t *dst, + C uint8_t *src) + .align 16 +.globl aes_decrypt + .type aes_decrypt,@function +aes_decrypt: + C // save all registers that need to be saved + pushl %ebx C 16(%esp) + pushl %ebp C 12(%esp) + pushl %esi C 8(%esp) + pushl %edi C 4(%esp) + + C ctx = 20(%esp) + C length = 24(%esp) + C dst = 28(%esp) + C src = 32(%esp) + + movl 24(%esp), %ebp + C What's the right way to set the flags? + addl $0, %ebp + jz .Ldecrypt_end + +.Ldecrypt_block_loop: + movl 32(%esp),%esi C address of ciphertext + movl (%esi),%eax C load ciphertext into registers + movl 4(%esi),%ebx + movl 8(%esi),%ecx + movl 12(%esi),%edx + + addl $16, 32(%esp) C Increment src pointer + + movl 20(%esp),%esi C address of context struct ctx + xorl (%esi),%eax C add first key to ciphertext + xorl 4(%esi),%ebx + xorl 8(%esi),%ecx + xorl 12(%esi),%edx + movl AES_NROUNDS (%esi),%ebp C get number of rounds to do from struct + C shll $4,%ebp + C leal 240(%esi, %ebp),%esi + C shrl $4,%ebp + C xorl (%esi),%eax C add last key to ciphertext + C xorl 4(%esi),%ebx + C xorl 8(%esi),%ecx + C xorl 12(%esi),%edx + + subl $1,%ebp C one round is complete + addl $16,%esi C point to next key +.Ldecrypt_loop: + pushl %esi C save this first: we'll clobber it later + + C Why??? + xchgl %ebx,%edx + + C // First column + C a b c d + movl %eax,%esi C copy first in + andl $0x000000ff,%esi C clear all but offset + shll $2,%esi C index in itbl1 + movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi + movl %ebx,%esi C second one + shrl $6,%esi + andl $0x000003fc,%esi C clear all but offset bytes + xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi + movl %ecx,%esi C third one + shrl $14,%esi + andl $0x000003fc,%esi + xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi + movl %edx,%esi C fourth one + shrl $22,%esi + andl $0x000003fc,%esi + xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi + pushl %edi C save first on stack + + C // Second column + C d a b c + movl %edx,%esi C copy first in + andl $0x000000ff,%esi C clear all but offset + shll $2,%esi C index in itbl1 + movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi + movl %eax,%esi C second one + shrl $6,%esi + andl $0x000003fc,%esi C clear all but offset bytes + xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi + movl %ebx,%esi C third one + shrl $14,%esi + andl $0x000003fc,%esi + xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi + movl %ecx,%esi C fourth one + shrl $22,%esi + andl $0x000003fc,%esi + xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi + pushl %edi + + C // Third column + C c d a b + movl %ecx,%esi C copy first in + andl $0x000000ff,%esi C clear all but offset + shll $2,%esi C index in itbl1 + movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi + movl %edx,%esi C second one + shrl $6,%esi + andl $0x000003fc,%esi C clear all but offset bytes + xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi + movl %eax,%esi C third one + shrl $14,%esi + andl $0x000003fc,%esi + xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi + movl %ebx,%esi C fourth one + shrl $22,%esi + andl $0x000003fc,%esi + xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi + pushl %edi C save first on stack + + C // Fourth column + C b c d a + movl %ebx,%esi C copy first in + andl $0x000000ff,%esi C clear all but offset + shll $2,%esi C index in itbl1 + movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi + movl %ecx,%esi C second one + shrl $6,%esi + andl $0x000003fc,%esi C clear all but offset bytes + xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi + movl %edx,%esi C third one + shrl $14,%esi + andl $0x000003fc,%esi + xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi + movl %eax,%esi C fourth one + shrl $22,%esi + andl $0x000003fc,%esi + xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi + + movl %edi,%edx + popl %ecx + popl %ebx + popl %eax + popl %esi + xorl (%esi),%eax C add current session key to plaintext + xorl 4(%esi),%ebx + xorl 8(%esi),%ecx + xorl 12(%esi),%edx + addl $16,%esi C point to next key + decl %ebp + jnz .Ldecrypt_loop + + C Foo? + xchgl %ebx,%edx + + C // last round + C // first column + C a b c d + movl %eax,%edi + andl $0x000000ff,%edi + movl %ebx,%ebp + andl $0x0000ff00,%ebp + orl %ebp,%edi + movl %ecx,%ebp + andl $0x00ff0000,%ebp + orl %ebp,%edi + movl %edx,%ebp + andl $0xff000000,%ebp + orl %ebp,%edi + pushl %edi + + C // second column + C b c d a + movl %eax,%edi + andl $0xff000000,%edi + movl %ebx,%ebp + andl $0x000000ff,%ebp + orl %ebp,%edi + movl %ecx,%ebp + andl $0x0000ff00,%ebp + orl %ebp,%edi + movl %edx,%ebp + andl $0x00ff0000,%ebp + orl %ebp,%edi + pushl %edi + + C // third column + C c d a b + movl %eax,%edi + andl $0x00ff0000,%edi + movl %ebx,%ebp + andl $0xff000000,%ebp + orl %ebp,%edi + movl %ecx,%ebp + andl $0x000000ff,%ebp + orl %ebp,%edi + movl %edx,%ebp + andl $0x0000ff00,%ebp + orl %ebp,%edi + pushl %edi + + C // fourth column + C d a b c + movl %eax,%edi + andl $0x0000ff00,%edi + movl %ebx,%ebp + andl $0x00ff0000,%ebp + orl %ebp,%edi + movl %ecx,%ebp + andl $0xff000000,%ebp + orl %ebp,%edi + movl %edx,%ebp + andl $0x000000ff,%ebp + orl %ebp,%edi + movl %edi,%edx + popl %ecx + popl %ebx + popl %eax + xchgl %ebx,%edx + + C // inverse S-box substitution + mov $4,%edi +.Lisubst: + movl %eax,%ebp + andl $0x000000ff,%ebp + movb AES_SBOX + _aes_decrypt_table (%ebp),%al + roll $8,%eax + + movl %ebx,%ebp + andl $0x000000ff,%ebp + movb AES_SBOX + _aes_decrypt_table (%ebp),%bl + roll $8,%ebx + + movl %ecx,%ebp + andl $0x000000ff,%ebp + movb AES_SBOX + _aes_decrypt_table (%ebp),%cl + roll $8,%ecx + + movl %edx,%ebp + andl $0x000000ff,%ebp + movb AES_SBOX + _aes_decrypt_table (%ebp),%dl + roll $8,%edx + + decl %edi + jnz .Lisubst + + xorl (%esi),%eax C add last key to plaintext + xorl 4(%esi),%ebx + xorl 8(%esi),%ecx + xorl 12(%esi),%edx + + C // store decrypted data back to caller's buffer + movl 28(%esp),%edi + movl %eax,(%edi) + movl %ebx,4(%edi) + movl %ecx,8(%edi) + movl %edx,12(%edi) + + addl $16, 28(%esp) C Increment destination pointer + subl $16, 24(%esp) + jnz .Ldecrypt_block_loop + +.Ldecrypt_end: + popl %edi + popl %esi + popl %ebp + popl %ebx + ret +.eord: + .size aes_decrypt,.eord-aes_decrypt diff --git a/x86/aes-encrypt.asm b/x86/aes-encrypt.asm index 34f21b3b..576e5691 100644 --- a/x86/aes-encrypt.asm +++ b/x86/aes-encrypt.asm @@ -154,3 +154,5 @@ aes_encrypt: popl %ebp popl %ebx ret +.Leord: + .size aes_encrypt,.Leord-aes_encrypt diff --git a/x86/aes.asm b/x86/aes.asm index e90b244e..4c339dd3 100644 --- a/x86/aes.asm +++ b/x86/aes.asm @@ -20,276 +20,6 @@ C MA 02111-1307, USA. .file "aes.asm" - .data - -C include_src(<x86/aes_tables.asm>) - - - - C aes_encrypt(struct aes_context *ctx, - C unsigned length, uint8_t *dst, - C uint8_t *src) - .align 16 -.globl aes_decrypt - .type aes_decrypt,@function -aes_decrypt: - C // save all registers that need to be saved - pushl %ebx C 16(%esp) - pushl %ebp C 12(%esp) - pushl %esi C 8(%esp) - pushl %edi C 4(%esp) - - C ctx = 20(%esp) - C length = 24(%esp) - C dst = 28(%esp) - C src = 32(%esp) - - movl 24(%esp), %ebp - C What's the right way to set the flags? - addl $0, %ebp - jz .Ldecrypt_end - -.Ldecrypt_block_loop: - movl 32(%esp),%esi C address of ciphertext - movl (%esi),%eax C load ciphertext into registers - movl 4(%esi),%ebx - movl 8(%esi),%ecx - movl 12(%esi),%edx - - addl $16, 32(%esp) C Increment src pointer - - movl 20(%esp),%esi C address of context struct ctx - xorl (%esi),%eax C add first key to ciphertext - xorl 4(%esi),%ebx - xorl 8(%esi),%ecx - xorl 12(%esi),%edx - movl AES_NROUNDS (%esi),%ebp C get number of rounds to do from struct - C shll $4,%ebp - C leal 240(%esi, %ebp),%esi - C shrl $4,%ebp - C xorl (%esi),%eax C add last key to ciphertext - C xorl 4(%esi),%ebx - C xorl 8(%esi),%ecx - C xorl 12(%esi),%edx - - subl $1,%ebp C one round is complete - addl $16,%esi C point to next key -.Ldecrypt_loop: - pushl %esi C save this first: we'll clobber it later - - C Why??? - xchgl %ebx,%edx - - C // First column - C a b c d - movl %eax,%esi C copy first in - andl $0x000000ff,%esi C clear all but offset - shll $2,%esi C index in itbl1 - movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi - movl %ebx,%esi C second one - shrl $6,%esi - andl $0x000003fc,%esi C clear all but offset bytes - xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi - movl %ecx,%esi C third one - shrl $14,%esi - andl $0x000003fc,%esi - xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi - movl %edx,%esi C fourth one - shrl $22,%esi - andl $0x000003fc,%esi - xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi - pushl %edi C save first on stack - - C // Second column - C d a b c - movl %edx,%esi C copy first in - andl $0x000000ff,%esi C clear all but offset - shll $2,%esi C index in itbl1 - movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi - movl %eax,%esi C second one - shrl $6,%esi - andl $0x000003fc,%esi C clear all but offset bytes - xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi - movl %ebx,%esi C third one - shrl $14,%esi - andl $0x000003fc,%esi - xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi - movl %ecx,%esi C fourth one - shrl $22,%esi - andl $0x000003fc,%esi - xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi - pushl %edi - - C // Third column - C c d a b - movl %ecx,%esi C copy first in - andl $0x000000ff,%esi C clear all but offset - shll $2,%esi C index in itbl1 - movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi - movl %edx,%esi C second one - shrl $6,%esi - andl $0x000003fc,%esi C clear all but offset bytes - xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi - movl %eax,%esi C third one - shrl $14,%esi - andl $0x000003fc,%esi - xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi - movl %ebx,%esi C fourth one - shrl $22,%esi - andl $0x000003fc,%esi - xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi - pushl %edi C save first on stack - - C // Fourth column - C b c d a - movl %ebx,%esi C copy first in - andl $0x000000ff,%esi C clear all but offset - shll $2,%esi C index in itbl1 - movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi - movl %ecx,%esi C second one - shrl $6,%esi - andl $0x000003fc,%esi C clear all but offset bytes - xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi - movl %edx,%esi C third one - shrl $14,%esi - andl $0x000003fc,%esi - xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi - movl %eax,%esi C fourth one - shrl $22,%esi - andl $0x000003fc,%esi - xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi - - movl %edi,%edx - popl %ecx - popl %ebx - popl %eax - popl %esi - xorl (%esi),%eax C add current session key to plaintext - xorl 4(%esi),%ebx - xorl 8(%esi),%ecx - xorl 12(%esi),%edx - addl $16,%esi C point to next key - decl %ebp - jnz .Ldecrypt_loop - - C Foo? - xchgl %ebx,%edx - - C // last round - C // first column - C a b c d - movl %eax,%edi - andl $0x000000ff,%edi - movl %ebx,%ebp - andl $0x0000ff00,%ebp - orl %ebp,%edi - movl %ecx,%ebp - andl $0x00ff0000,%ebp - orl %ebp,%edi - movl %edx,%ebp - andl $0xff000000,%ebp - orl %ebp,%edi - pushl %edi - - C // second column - C b c d a - movl %eax,%edi - andl $0xff000000,%edi - movl %ebx,%ebp - andl $0x000000ff,%ebp - orl %ebp,%edi - movl %ecx,%ebp - andl $0x0000ff00,%ebp - orl %ebp,%edi - movl %edx,%ebp - andl $0x00ff0000,%ebp - orl %ebp,%edi - pushl %edi - - C // third column - C c d a b - movl %eax,%edi - andl $0x00ff0000,%edi - movl %ebx,%ebp - andl $0xff000000,%ebp - orl %ebp,%edi - movl %ecx,%ebp - andl $0x000000ff,%ebp - orl %ebp,%edi - movl %edx,%ebp - andl $0x0000ff00,%ebp - orl %ebp,%edi - pushl %edi - - C // fourth column - C d a b c - movl %eax,%edi - andl $0x0000ff00,%edi - movl %ebx,%ebp - andl $0x00ff0000,%ebp - orl %ebp,%edi - movl %ecx,%ebp - andl $0xff000000,%ebp - orl %ebp,%edi - movl %edx,%ebp - andl $0x000000ff,%ebp - orl %ebp,%edi - movl %edi,%edx - popl %ecx - popl %ebx - popl %eax - xchgl %ebx,%edx - - C // inverse S-box substitution - mov $4,%edi -.Lisubst: - movl %eax,%ebp - andl $0x000000ff,%ebp - movb AES_SBOX + _aes_decrypt_table (%ebp),%al - roll $8,%eax - - movl %ebx,%ebp - andl $0x000000ff,%ebp - movb AES_SBOX + _aes_decrypt_table (%ebp),%bl - roll $8,%ebx - - movl %ecx,%ebp - andl $0x000000ff,%ebp - movb AES_SBOX + _aes_decrypt_table (%ebp),%cl - roll $8,%ecx - - movl %edx,%ebp - andl $0x000000ff,%ebp - movb AES_SBOX + _aes_decrypt_table (%ebp),%dl - roll $8,%edx - - decl %edi - jnz .Lisubst - - xorl (%esi),%eax C add last key to plaintext - xorl 4(%esi),%ebx - xorl 8(%esi),%ecx - xorl 12(%esi),%edx - - C // store decrypted data back to caller's buffer - movl 28(%esp),%edi - movl %eax,(%edi) - movl %ebx,4(%edi) - movl %ecx,8(%edi) - movl %edx,12(%edi) - - addl $16, 28(%esp) C Increment destination pointer - subl $16, 24(%esp) - jnz .Ldecrypt_block_loop - -.Ldecrypt_end: - popl %edi - popl %esi - popl %ebp - popl %ebx - ret -.eord: - .size aes_decrypt,.eord-aes_decrypt C .align 16 C .globl aes_setup -- GitLab