aes-encrypt.asm 3.52 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
C nettle, low-level cryptographics library
C 
C Copyright (C) 2001, 2002 Rafael R. Sevilla, Niels Mller
C  
C The nettle library is free software; you can redistribute it and/or modify
C it under the terms of the GNU Lesser General Public License as published by
C the Free Software Foundation; either version 2.1 of the License, or (at your
C option) any later version.
C 
C The nettle library is distributed in the hope that it will be useful, but
C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
C or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
C License for more details.
C 
C You should have received a copy of the GNU Lesser General Public License
C along with the nettle library; see the file COPYING.LIB.  If not, write to
C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
C MA 02111-1307, USA.

20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
C Register usage:
C
C The aes state is kept in %eax, %ebx, %ecx and %edx
C
C %esi is used as temporary, to point to the input, and to the
C subkeys, etc.
C
C %ebp is used as the round counter, and as a temporary in the final round.
C
C %edi is a temporary, often used as an accumulator.

	.file "aes-encrypt.asm"
	
	C aes_encrypt(struct aes_context *ctx, 
	C             unsigned length, uint8_t *dst,
	C 	      uint8_t *src)
	.text
	.align 16
	.globl aes_encrypt
	.type	aes_encrypt,@function
aes_encrypt:
41
	C save all registers that need to be saved
42
43
44
45
46
47
48
49
50
51
52
	pushl	%ebx		C  16(%esp)
	pushl	%ebp		C  12(%esp)
	pushl	%esi		C  8(%esp)
	pushl	%edi		C  4(%esp)

	C ctx = 20(%esp)
	C length = 24(%esp)
	C dst = 28(%esp)
	C src = 32(%esp)

	movl	24(%esp), %ebp
53
	testl	%ebp,%ebp
54
55
56
57
	jz	.Lencrypt_end
	
.Lencrypt_block_loop:
	movl	20(%esp),%esi	C  address of context struct ctx
58
59
60
	movl	32(%esp),%ebp	C  address of plaintext
	AES_LOAD(%esi, %ebp)
	addl	$16, 32(%esp)	C Increment src pointer
61
62
63

	C  get number of rounds to do from ctx struct	
	movl	AES_NROUNDS (%esi),%ebp
64
65
66
67
68
69

	subl	$1,%ebp
	addl	$16,%esi	C  point to next key
.Laes_encrypt_loop:
	pushl	%esi		C  save this first: we'll clobber it later

70
	AES_ROUND(_aes_encrypt_table,a,b,c,d)
71
72
	pushl	%edi		C  save first on stack

73
	AES_ROUND(_aes_encrypt_table,b,c,d,a)
74
75
	pushl	%edi		C  save first on stack

76
	AES_ROUND(_aes_encrypt_table,c,d,a,b)
77
78
	pushl	%edi		C  save first on stack

79
80
	AES_ROUND(_aes_encrypt_table,d,a,b,c)
	
81
82
83
84
	movl	%edi,%edx
	popl	%ecx
	popl	%ebx
	popl	%eax
85
	
86
	popl	%esi
87

88
89
90
91
92
93
94
95
	xorl	(%esi),%eax	C  add current session key to plaintext
	xorl	4(%esi),%ebx
	xorl	8(%esi),%ecx
	xorl	12(%esi),%edx
	addl	$16,%esi	C  point to next key
	decl	%ebp
	jnz	.Laes_encrypt_loop

96
97
98
	C last round

	AES_LAST_ROUND(a,b,c,d)
99
100
	pushl	%edi

101
	AES_LAST_ROUND(b,c,d,a)
102
103
	pushl	%edi

104
	AES_LAST_ROUND(c,d,a,b)
105
106
	pushl	%edi

107
	AES_LAST_ROUND(d,a,b,c)
108
	movl	%edi,%edx
109
	
110
111
112
113
	popl	%ecx
	popl	%ebx
	popl	%eax

114
	C S-box substitution
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
	mov	$4,%edi
.Lsubst:	
	movl	%eax,%ebp
	andl	$0x000000ff,%ebp
	movb	AES_SBOX + _aes_encrypt_table (%ebp),%al
	roll	$8,%eax

	movl	%ebx,%ebp
	andl	$0x000000ff,%ebp
	movb	AES_SBOX + _aes_encrypt_table (%ebp),%bl
	roll	$8,%ebx

	movl	%ecx,%ebp
	andl	$0x000000ff,%ebp
	movb	AES_SBOX + _aes_encrypt_table (%ebp),%cl
	roll	$8,%ecx

	movl	%edx,%ebp
	andl	$0x000000ff,%ebp
	movb	AES_SBOX + _aes_encrypt_table (%ebp),%dl
	roll	$8,%edx

	decl	%edi
	jnz	.Lsubst

140
	C Add last subkey, and store encrypted data
141
	movl	28(%esp),%edi
142
143
	AES_STORE(%esi, %edi)
	
144
	addl	$16, 28(%esp)	C Increment destination pointer
145
146
147
148
	subl	$16, 24(%esp)	C Length

	C NOTE: Will loop forever if input data is not an
	C integer number of blocks.
149
150
151
152
153
154
155
156
	jnz	.Lencrypt_block_loop

.Lencrypt_end: 
	popl	%edi
	popl	%esi
	popl	%ebp
	popl	%ebx
	ret