Commit 934c1628 authored by Niels Möller's avatar Niels Möller

* x86/aes-decrypt.asm (aes_decrypt): Moved function to a separate

file...
* x86/aes.asm: ... from here.

Rev: src/nettle/x86/aes-decrypt.asm:1.2
Rev: src/nettle/x86/aes-encrypt.asm:1.14
Rev: src/nettle/x86/aes.asm:1.12
parent 9e6cf9fe
......@@ -17,4 +17,269 @@ C along with the nettle library; see the file COPYING.LIB. If not, write to
C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
C MA 02111-1307, USA.
.file "aes-encrypt.asm"
.file "aes-decrypt.asm"
C aes_decrypt(struct aes_context *ctx,
C unsigned length, uint8_t *dst,
C uint8_t *src)
.align 16
.globl aes_decrypt
.type aes_decrypt,@function
aes_decrypt:
C // save all registers that need to be saved
pushl %ebx C 16(%esp)
pushl %ebp C 12(%esp)
pushl %esi C 8(%esp)
pushl %edi C 4(%esp)
C ctx = 20(%esp)
C length = 24(%esp)
C dst = 28(%esp)
C src = 32(%esp)
movl 24(%esp), %ebp
C What's the right way to set the flags?
addl $0, %ebp
jz .Ldecrypt_end
.Ldecrypt_block_loop:
movl 32(%esp),%esi C address of ciphertext
movl (%esi),%eax C load ciphertext into registers
movl 4(%esi),%ebx
movl 8(%esi),%ecx
movl 12(%esi),%edx
addl $16, 32(%esp) C Increment src pointer
movl 20(%esp),%esi C address of context struct ctx
xorl (%esi),%eax C add first key to ciphertext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
movl AES_NROUNDS (%esi),%ebp C get number of rounds to do from struct
C shll $4,%ebp
C leal 240(%esi, %ebp),%esi
C shrl $4,%ebp
C xorl (%esi),%eax C add last key to ciphertext
C xorl 4(%esi),%ebx
C xorl 8(%esi),%ecx
C xorl 12(%esi),%edx
subl $1,%ebp C one round is complete
addl $16,%esi C point to next key
.Ldecrypt_loop:
pushl %esi C save this first: we'll clobber it later
C Why???
xchgl %ebx,%edx
C // First column
C a b c d
movl %eax,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi C save first on stack
C // Second column
C d a b c
movl %edx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi
C // Third column
C c d a b
movl %ecx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi C save first on stack
C // Fourth column
C b c d a
movl %ebx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
movl %edi,%edx
popl %ecx
popl %ebx
popl %eax
popl %esi
xorl (%esi),%eax C add current session key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
addl $16,%esi C point to next key
decl %ebp
jnz .Ldecrypt_loop
C Foo?
xchgl %ebx,%edx
C // last round
C // first column
C a b c d
movl %eax,%edi
andl $0x000000ff,%edi
movl %ebx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
pushl %edi
C // second column
C b c d a
movl %eax,%edi
andl $0xff000000,%edi
movl %ebx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
pushl %edi
C // third column
C c d a b
movl %eax,%edi
andl $0x00ff0000,%edi
movl %ebx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
pushl %edi
C // fourth column
C d a b c
movl %eax,%edi
andl $0x0000ff00,%edi
movl %ebx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %edi,%edx
popl %ecx
popl %ebx
popl %eax
xchgl %ebx,%edx
C // inverse S-box substitution
mov $4,%edi
.Lisubst:
movl %eax,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%al
roll $8,%eax
movl %ebx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%bl
roll $8,%ebx
movl %ecx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%cl
roll $8,%ecx
movl %edx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%dl
roll $8,%edx
decl %edi
jnz .Lisubst
xorl (%esi),%eax C add last key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
C // store decrypted data back to caller's buffer
movl 28(%esp),%edi
movl %eax,(%edi)
movl %ebx,4(%edi)
movl %ecx,8(%edi)
movl %edx,12(%edi)
addl $16, 28(%esp) C Increment destination pointer
subl $16, 24(%esp)
jnz .Ldecrypt_block_loop
.Ldecrypt_end:
popl %edi
popl %esi
popl %ebp
popl %ebx
ret
.eord:
.size aes_decrypt,.eord-aes_decrypt
......@@ -154,3 +154,5 @@ aes_encrypt:
popl %ebp
popl %ebx
ret
.Leord:
.size aes_encrypt,.Leord-aes_encrypt
......@@ -20,276 +20,6 @@ C MA 02111-1307, USA.
.file "aes.asm"
.data
C include_src(<x86/aes_tables.asm>)
C aes_encrypt(struct aes_context *ctx,
C unsigned length, uint8_t *dst,
C uint8_t *src)
.align 16
.globl aes_decrypt
.type aes_decrypt,@function
aes_decrypt:
C // save all registers that need to be saved
pushl %ebx C 16(%esp)
pushl %ebp C 12(%esp)
pushl %esi C 8(%esp)
pushl %edi C 4(%esp)
C ctx = 20(%esp)
C length = 24(%esp)
C dst = 28(%esp)
C src = 32(%esp)
movl 24(%esp), %ebp
C What's the right way to set the flags?
addl $0, %ebp
jz .Ldecrypt_end
.Ldecrypt_block_loop:
movl 32(%esp),%esi C address of ciphertext
movl (%esi),%eax C load ciphertext into registers
movl 4(%esi),%ebx
movl 8(%esi),%ecx
movl 12(%esi),%edx
addl $16, 32(%esp) C Increment src pointer
movl 20(%esp),%esi C address of context struct ctx
xorl (%esi),%eax C add first key to ciphertext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
movl AES_NROUNDS (%esi),%ebp C get number of rounds to do from struct
C shll $4,%ebp
C leal 240(%esi, %ebp),%esi
C shrl $4,%ebp
C xorl (%esi),%eax C add last key to ciphertext
C xorl 4(%esi),%ebx
C xorl 8(%esi),%ecx
C xorl 12(%esi),%edx
subl $1,%ebp C one round is complete
addl $16,%esi C point to next key
.Ldecrypt_loop:
pushl %esi C save this first: we'll clobber it later
C Why???
xchgl %ebx,%edx
C // First column
C a b c d
movl %eax,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi C save first on stack
C // Second column
C d a b c
movl %edx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi
C // Third column
C c d a b
movl %ecx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %ebx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
pushl %edi C save first on stack
C // Fourth column
C b c d a
movl %ebx,%esi C copy first in
andl $0x000000ff,%esi C clear all but offset
shll $2,%esi C index in itbl1
movl AES_TABLE0 + _aes_decrypt_table (%esi),%edi
movl %ecx,%esi C second one
shrl $6,%esi
andl $0x000003fc,%esi C clear all but offset bytes
xorl AES_TABLE1 + _aes_decrypt_table (%esi),%edi
movl %edx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl AES_TABLE2 + _aes_decrypt_table (%esi),%edi
movl %eax,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl AES_TABLE3 + _aes_decrypt_table (%esi),%edi
movl %edi,%edx
popl %ecx
popl %ebx
popl %eax
popl %esi
xorl (%esi),%eax C add current session key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
addl $16,%esi C point to next key
decl %ebp
jnz .Ldecrypt_loop
C Foo?
xchgl %ebx,%edx
C // last round
C // first column
C a b c d
movl %eax,%edi
andl $0x000000ff,%edi
movl %ebx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
pushl %edi
C // second column
C b c d a
movl %eax,%edi
andl $0xff000000,%edi
movl %ebx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
pushl %edi
C // third column
C c d a b
movl %eax,%edi
andl $0x00ff0000,%edi
movl %ebx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x0000ff00,%ebp
orl %ebp,%edi
pushl %edi
C // fourth column
C d a b c
movl %eax,%edi
andl $0x0000ff00,%edi
movl %ebx,%ebp
andl $0x00ff0000,%ebp
orl %ebp,%edi
movl %ecx,%ebp
andl $0xff000000,%ebp
orl %ebp,%edi
movl %edx,%ebp
andl $0x000000ff,%ebp
orl %ebp,%edi
movl %edi,%edx
popl %ecx
popl %ebx
popl %eax
xchgl %ebx,%edx
C // inverse S-box substitution
mov $4,%edi
.Lisubst:
movl %eax,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%al
roll $8,%eax
movl %ebx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%bl
roll $8,%ebx
movl %ecx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%cl
roll $8,%ecx
movl %edx,%ebp
andl $0x000000ff,%ebp
movb AES_SBOX + _aes_decrypt_table (%ebp),%dl
roll $8,%edx
decl %edi
jnz .Lisubst
xorl (%esi),%eax C add last key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
C // store decrypted data back to caller's buffer
movl 28(%esp),%edi
movl %eax,(%edi)
movl %ebx,4(%edi)
movl %ecx,8(%edi)
movl %edx,12(%edi)
addl $16, 28(%esp) C Increment destination pointer
subl $16, 24(%esp)
jnz .Ldecrypt_block_loop
.Ldecrypt_end:
popl %edi
popl %esi
popl %ebp
popl %ebx
ret
.eord:
.size aes_decrypt,.eord-aes_decrypt
C .align 16
C .globl aes_setup
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment