Commit 1b1c44a8 authored by Niels Möller's avatar Niels Möller
Browse files

(aes_decrypt): Adapted to the current interface.

Notably, the order of the subkeys was reversed. Single block
encrypt/decrypt works now.
(aes_encrypt, aes_decrypt): Added an outer loop, so that we can
encrypt more than one block at a time.

Rev: src/nettle/x86/aes.asm:1.6
parent 23fd9d62
...@@ -55,25 +55,33 @@ aes_encrypt: ...@@ -55,25 +55,33 @@ aes_encrypt:
C dst = 28(%esp) C dst = 28(%esp)
C src = 32(%esp) C src = 32(%esp)
movl 24(%esp), %ebp
C What's the right way to set the flags?
add $0, %ebp
jz .Lencrypt_end
.Lencrypt_block_loop:
movl 32(%esp),%esi C address of plaintext movl 32(%esp),%esi C address of plaintext
movl (%esi),%eax C load plaintext into registers movl (%esi),%eax C load plaintext into registers
movl 4(%esi),%ebx movl 4(%esi),%ebx
movl 8(%esi),%ecx movl 8(%esi),%ecx
movl 12(%esi),%edx movl 12(%esi),%edx
aes_got_plain:
add $16, 32(%esp) C Increment src pointer
C .Laes_got_plain:
movl 20(%esp),%esi C address of context struct ctx movl 20(%esp),%esi C address of context struct ctx
xorl (%esi),%eax C add first key to plaintext xorl (%esi),%eax C add first key to plaintext
xorl 4(%esi),%ebx xorl 4(%esi),%ebx
xorl 8(%esi),%ecx xorl 8(%esi),%ecx
xorl 12(%esi),%edx xorl 12(%esi),%edx
aes_xored_initial: C .Laes_xored_initial:
C FIXME: Use %esi instead C FIXME: Use %esi instead
movl 20(%esp),%ebp C address of context struct movl 20(%esp),%ebp C address of context struct
movl AES_NROUNDS (%ebp),%ebp C get number of rounds to do from struct movl AES_NROUNDS (%ebp),%ebp C get number of rounds to do from struct
subl $1,%ebp subl $1,%ebp
addl $16,%esi C point to next key addl $16,%esi C point to next key
aes_encrypt_loop: .Laes_encrypt_loop:
pushl %esi C save this first: we'll clobber it later pushl %esi C save this first: we'll clobber it later
C Computation of the new %eax is broken, in the first test case, C Computation of the new %eax is broken, in the first test case,
...@@ -169,14 +177,14 @@ aes_encrypt_loop: ...@@ -169,14 +177,14 @@ aes_encrypt_loop:
popl %ebx popl %ebx
popl %eax popl %eax
popl %esi popl %esi
aes_got_t: C .Laes_got_t:
xorl (%esi),%eax C add current session key to plaintext xorl (%esi),%eax C add current session key to plaintext
xorl 4(%esi),%ebx xorl 4(%esi),%ebx
xorl 8(%esi),%ecx xorl 8(%esi),%ecx
xorl 12(%esi),%edx xorl 12(%esi),%edx
addl $16,%esi C point to next key addl $16,%esi C point to next key
decl %ebp decl %ebp
jnz aes_encrypt_loop jnz .Laes_encrypt_loop
C // last round C // last round
C // first column C // first column
...@@ -245,7 +253,7 @@ aes_got_t: ...@@ -245,7 +253,7 @@ aes_got_t:
C // S-box substitution C // S-box substitution
mov $4,%edi mov $4,%edi
.sb_sub: .Lsubst:
movl %eax,%ebp movl %eax,%ebp
andl $0x000000ff,%ebp andl $0x000000ff,%ebp
movb sbox(%ebp),%al movb sbox(%ebp),%al
...@@ -267,20 +275,26 @@ aes_got_t: ...@@ -267,20 +275,26 @@ aes_got_t:
roll $8,%edx roll $8,%edx
decl %edi decl %edi
jnz .sb_sub jnz .Lsubst
aes_got_tlast: C .Laes_got_tlast:
xorl (%esi),%eax C add last key to plaintext xorl (%esi),%eax C add last key to plaintext
xorl 4(%esi),%ebx xorl 4(%esi),%ebx
xorl 8(%esi),%ecx xorl 8(%esi),%ecx
xorl 12(%esi),%edx xorl 12(%esi),%edx
aes_got_result: C .Laes_got_result:
C // store encrypted data back to caller's buffer C // store encrypted data back to caller's buffer
movl 28(%esp),%edi movl 28(%esp),%edi
movl %eax,(%edi) movl %eax,(%edi)
movl %ebx,4(%edi) movl %ebx,4(%edi)
movl %ecx,8(%edi) movl %ecx,8(%edi)
movl %edx,12(%edi) movl %edx,12(%edi)
add $16, 28(%esp) C Increment destination pointer
sub $16, 24(%esp)
jnz .Lencrypt_block_loop
.Lencrypt_end:
popl %edi popl %edi
popl %esi popl %esi
popl %ebp popl %ebp
...@@ -308,12 +322,20 @@ aes_decrypt: ...@@ -308,12 +322,20 @@ aes_decrypt:
C dst = 28(%esp) C dst = 28(%esp)
C src = 32(%esp) C src = 32(%esp)
movl 24(%esp), %ebp
C What's the right way to set the flags?
add $0, %ebp
jz .Ldecrypt_end
.Ldecrypt_block_loop:
movl 32(%esp),%esi C address of ciphertext movl 32(%esp),%esi C address of ciphertext
movl (%esi),%eax C load ciphertext into registers movl (%esi),%eax C load ciphertext into registers
movl 4(%esi),%ebx movl 4(%esi),%ebx
movl 8(%esi),%ecx movl 8(%esi),%ecx
movl 12(%esi),%edx movl 12(%esi),%edx
add $16, 32(%esp) C Increment src pointer
movl 20(%esp),%esi C address of context struct ctx movl 20(%esp),%esi C address of context struct ctx
xorl (%esi),%eax C add first key to ciphertext xorl (%esi),%eax C add first key to ciphertext
xorl 4(%esi),%ebx xorl 4(%esi),%ebx
...@@ -330,7 +352,7 @@ aes_decrypt: ...@@ -330,7 +352,7 @@ aes_decrypt:
subl $1,%ebp C one round is complete subl $1,%ebp C one round is complete
addl $16,%esi C point to next key addl $16,%esi C point to next key
Ldecrypt_loop: .Ldecrypt_loop:
pushl %esi C save this first: we'll clobber it later pushl %esi C save this first: we'll clobber it later
C Why??? C Why???
...@@ -426,7 +448,7 @@ Ldecrypt_loop: ...@@ -426,7 +448,7 @@ Ldecrypt_loop:
xorl 12(%esi),%edx xorl 12(%esi),%edx
addl $16,%esi C point to next key addl $16,%esi C point to next key
decl %ebp decl %ebp
jnz Ldecrypt_loop jnz .Ldecrypt_loop
C Foo? C Foo?
xchgl %ebx,%edx xchgl %ebx,%edx
...@@ -498,7 +520,7 @@ Ldecrypt_loop: ...@@ -498,7 +520,7 @@ Ldecrypt_loop:
C // inverse S-box substitution C // inverse S-box substitution
mov $4,%edi mov $4,%edi
.isb_sub: .Lisubst:
movl %eax,%ebp movl %eax,%ebp
andl $0x000000ff,%ebp andl $0x000000ff,%ebp
movb isbox(%ebp),%al movb isbox(%ebp),%al
...@@ -520,7 +542,7 @@ Ldecrypt_loop: ...@@ -520,7 +542,7 @@ Ldecrypt_loop:
roll $8,%edx roll $8,%edx
decl %edi decl %edi
jnz .isb_sub jnz .Lisubst
xorl (%esi),%eax C add last key to plaintext xorl (%esi),%eax C add last key to plaintext
xorl 4(%esi),%ebx xorl 4(%esi),%ebx
...@@ -533,6 +555,12 @@ Ldecrypt_loop: ...@@ -533,6 +555,12 @@ Ldecrypt_loop:
movl %ebx,4(%edi) movl %ebx,4(%edi)
movl %ecx,8(%edi) movl %ecx,8(%edi)
movl %edx,12(%edi) movl %edx,12(%edi)
add $16, 28(%esp) C Increment destination pointer
sub $16, 24(%esp)
jnz .Ldecrypt_block_loop
.Ldecrypt_end:
popl %edi popl %edi
popl %esi popl %esi
popl %ebp popl %ebp
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment