-! nettle, low-level cryptographics library
-!
-! Copyright (C) 2001, 2002 Rafael R. Sevilla
-!
-! The nettle library is free software; you can redistribute it and/or modify
-! it under the terms of the GNU Lesser General Public License as published by
-! the Free Software Foundation; either version 2.1 of the License, or (at your
-! option) any later version.
-!
-! The nettle library is distributed in the hope that it will be useful, but
-! WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-! or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
-! License for more details.
-!
-! You should have received a copy of the GNU Lesser General Public License
-! along with the nettle library; see the file COPYING.LIB. If not, write to
-! the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
-! MA 02111-1307, USA.
-
- .file "rijndael.s"
+C nettle, low-level cryptographics library
+C
+C Copyright (C) 2001, 2002 Rafael R. Sevilla
+C
+C The nettle library is free software; you can redistribute it and/or modify
+C it under the terms of the GNU Lesser General Public License as published by
+C the Free Software Foundation; either version 2.1 of the License, or (at your
+C option) any later version.
+C
+C The nettle library is distributed in the hope that it will be useful, but
+C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+C License for more details.
+C
+C You should have received a copy of the GNU Lesser General Public License
+C along with the nettle library; see the file COPYING.LIB. If not, write to
+C the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+C MA 02111-1307, USA.
+
+ .file "aes.asm"
.data
-#include "rijndaeltbls.S"
+include_src(<x86/aes_tables.asm>)
.text
.globl print_word
- //// rijndael_encrypt(RIJNDAEL_context *ctx, const UINT8 *plaintext
- //// UINT8 *ciphertext)
+ C aes_encrypt(struct aes_context *ctx,
+ C unsigned length, uint8_t *dst,
+ C uint8_t *src)
+ C const UINT8 *plaintext
+ C // UINT8 *ciphertext)
.align 16
-.globl rijndael_encrypt
- .type rijndael_encrypt,@function
-rijndael_encrypt:
- //// save all registers that need to be saved
- pushl %ebx // 16(%esp)
- pushl %ebp // 12(%esp)
- pushl %esi // 8(%esp)
- pushl %edi // 4(%esp)
- movl 24(%esp),%esi // address of plaintext
- movl (%esi),%eax // load plaintext into registers
+.globl aes_encrypt
+ .type aes_encrypt,@function
+aes_encrypt:
+ C // save all registers that need to be saved
+ pushl %ebx C 16(%esp)
+ pushl %ebp C 12(%esp)
+ pushl %esi C 8(%esp)
+ pushl %edi C 4(%esp)
+ movl 24(%esp),%esi C address of plaintext
+ movl (%esi),%eax C load plaintext into registers
movl 4(%esi),%ebx
movl 8(%esi),%ecx
movl 12(%esi),%edx
- movl 20(%esp),%esi // address of context struct ctx
- xorl (%esi),%eax // add first key to plaintext
+ movl 20(%esp),%esi C address of context struct ctx
+ xorl (%esi),%eax C add first key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- movl 20(%esp),%ebp // address of context struct
- movl 480(%ebp),%ebp // get number of rounds to do from struct
+ movl 20(%esp),%ebp C address of context struct
+ movl 480(%ebp),%ebp C get number of rounds to do from struct
subl $1,%ebp
- addl $16,%esi // point to next key
+ addl $16,%esi C point to next key
.encrypt_loop:
- pushl %esi // save this first: we'll clobber it later
+ pushl %esi C save this first: we'll clobber it later
- //// First column
- shll $2,%esi // index in dtbl1
+ C // First column
+ shll $2,%esi C index in dtbl1
movl dtbl1(%esi),%edi
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl dtbl2(%esi),%edi
- movl %ecx,%esi // third one
+ movl %ecx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl dtbl3(%esi),%edi
- movl %edx,%esi // fourth one
+ movl %edx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl dtbl4(%esi),%edi
- pushl %edi // save first on stack
+ pushl %edi C save first on stack
- //// Second column
- movl %ebx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in dtbl1
+ C // Second column
+ movl %ebx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in dtbl1
movl dtbl1(%esi),%edi
- movl %ecx,%esi // second one
+ movl %ecx,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl dtbl2(%esi),%edi
- movl %edx,%esi // third one
+ movl %edx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl dtbl3(%esi),%edi
- movl %eax,%esi // fourth one
+ movl %eax,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl dtbl4(%esi),%edi
- pushl %edi // save first on stack
+ pushl %edi C save first on stack
- //// Third column
- movl %ecx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in dtbl1
+ C // Third column
+ movl %ecx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in dtbl1
movl dtbl1(%esi),%edi
- movl %edx,%esi // second one
+ movl %edx,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl dtbl2(%esi),%edi
- movl %eax,%esi // third one
+ movl %eax,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl dtbl3(%esi),%edi
- movl %ebx,%esi // fourth one
+ movl %ebx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl dtbl4(%esi),%edi
- pushl %edi // save first on stack
+ pushl %edi C save first on stack
- //// Fourth column
- movl %edx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in dtbl1
+ C // Fourth column
+ movl %edx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in dtbl1
movl dtbl1(%esi),%edi
- movl %eax,%esi // second one
+ movl %eax,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl dtbl2(%esi),%edi
- movl %ebx,%esi // third one
+ movl %ebx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl dtbl3(%esi),%edi
- movl %ecx,%esi // fourth one
+ movl %ecx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl dtbl4(%esi),%edi
popl %ebx
popl %eax
popl %esi
- xorl (%esi),%eax // add current session key to plaintext
+ xorl (%esi),%eax C add current session key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- addl $16,%esi // point to next key
+ addl $16,%esi C point to next key
decl %ebp
jnz .encrypt_loop
- //// last round
- //// first column
+ C // last round
+ C // first column
movl %eax,%edi
andl $0x000000ff,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// second column
+ C // second column
movl %eax,%edi
andl $0x0000ff00,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// third column
+ C // third column
movl %eax,%edi
andl $0x00ff0000,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// fourth column
+ C // fourth column
movl %eax,%edi
andl $0xff000000,%edi
movl %ebx,%ebp
popl %eax
xchgl %ebx,%edx
- //// S-box substitution
+ C // S-box substitution
mov $4,%edi
.sb_sub:
movl %eax,%ebp
decl %edi
jnz .sb_sub
- xorl (%esi),%eax // add last key to plaintext
+ xorl (%esi),%eax C add last key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- //// store encrypted data back to caller's buffer
+ C // store encrypted data back to caller's buffer
movl 28(%esp),%edi
movl %eax,(%edi)
movl %ebx,4(%edi)
popl %ebx
ret
.eore:
- .size rijndael_encrypt,.eore-rijndael_encrypt
+ .size aes_encrypt,.eore-aes_encrypt
- //// rijndael_decrypt(RIJNDAEL_context *ctx, const UINT8 *ciphertext
- //// UINT8 *plaintext)
+ C // aes_decrypt(AES_context *ctx, const UINT8 *ciphertext
+ C // UINT8 *plaintext)
.align 16
-.globl rijndael_decrypt
- .type rijndael_decrypt,@function
-rijndael_decrypt:
- //// save all registers that need to be saved
- pushl %ebx // 16(%esp)
- pushl %ebp // 12(%esp)
- pushl %esi // 8(%esp)
- pushl %edi // 4(%esp)
- movl 24(%esp),%esi // address of ciphertext
- movl (%esi),%eax // load ciphertext into registers
+.globl aes_decrypt
+ .type aes_decrypt,@function
+aes_decrypt:
+ C // save all registers that need to be saved
+ pushl %ebx C 16(%esp)
+ pushl %ebp C 12(%esp)
+ pushl %esi C 8(%esp)
+ pushl %edi C 4(%esp)
+ movl 24(%esp),%esi C address of ciphertext
+ movl (%esi),%eax C load ciphertext into registers
movl 4(%esi),%ebx
movl 8(%esi),%ecx
movl 12(%esi),%edx
- movl 20(%esp),%esi // address of context struct ctx
- movl 480(%esi),%ebp // get number of rounds to do from struct
+ movl 20(%esp),%esi C address of context struct ctx
+ movl 480(%esi),%ebp C get number of rounds to do from struct
shll $4,%ebp
leal 240(%esi, %ebp),%esi
shrl $4,%ebp
- xorl (%esi),%eax // add last key to ciphertext
+ xorl (%esi),%eax C add last key to ciphertext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- subl $1,%ebp // one round is complete
- subl $16,%esi // point to previous key
+ subl $1,%ebp C one round is complete
+ subl $16,%esi C point to previous key
.decrypt_loop:
- pushl %esi // save this first: we'll clobber it later
+ pushl %esi C save this first: we'll clobber it later
xchgl %ebx,%edx
- //// First column
- movl %eax,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in itbl1
+ C // First column
+ movl %eax,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in itbl1
movl itbl1(%esi),%edi
- movl %ebx,%esi // second one
+ movl %ebx,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl itbl2(%esi),%edi
- movl %ecx,%esi // third one
+ movl %ecx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl itbl3(%esi),%edi
- movl %edx,%esi // fourth one
+ movl %edx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl itbl4(%esi),%edi
- pushl %edi // save first on stack
+ pushl %edi C save first on stack
- //// Second column
- movl %edx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in itbl1
+ C // Second column
+ movl %edx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in itbl1
movl itbl1(%esi),%edi
- movl %eax,%esi // second one
+ movl %eax,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl itbl2(%esi),%edi
- movl %ebx,%esi // third one
+ movl %ebx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl itbl3(%esi),%edi
- movl %ecx,%esi // fourth one
+ movl %ecx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl itbl4(%esi),%edi
pushl %edi
- //// Third column
- movl %ecx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in itbl1
+ C // Third column
+ movl %ecx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in itbl1
movl itbl1(%esi),%edi
- movl %edx,%esi // second one
+ movl %edx,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl itbl2(%esi),%edi
- movl %eax,%esi // third one
+ movl %eax,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl itbl3(%esi),%edi
- movl %ebx,%esi // fourth one
+ movl %ebx,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl itbl4(%esi),%edi
- pushl %edi // save first on stack
+ pushl %edi C save first on stack
- //// Fourth column
- movl %ebx,%esi // copy first in
- andl $0x000000ff,%esi // clear all but offset
- shll $2,%esi // index in itbl1
+ C // Fourth column
+ movl %ebx,%esi C copy first in
+ andl $0x000000ff,%esi C clear all but offset
+ shll $2,%esi C index in itbl1
movl itbl1(%esi),%edi
- movl %ecx,%esi // second one
+ movl %ecx,%esi C second one
shrl $6,%esi
- andl $0x000003fc,%esi // clear all but offset bytes
+ andl $0x000003fc,%esi C clear all but offset bytes
xorl itbl2(%esi),%edi
- movl %edx,%esi // third one
+ movl %edx,%esi C third one
shrl $14,%esi
andl $0x000003fc,%esi
xorl itbl3(%esi),%edi
- movl %eax,%esi // fourth one
+ movl %eax,%esi C fourth one
shrl $22,%esi
andl $0x000003fc,%esi
xorl itbl4(%esi),%edi
popl %ebx
popl %eax
popl %esi
- xorl (%esi),%eax // add current session key to plaintext
+ xorl (%esi),%eax C add current session key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- subl $16,%esi // point to previous key
+ subl $16,%esi C point to previous key
decl %ebp
jnz .decrypt_loop
xchgl %ebx,%edx
- //// last round
- //// first column
+ C // last round
+ C // first column
movl %eax,%edi
andl $0x000000ff,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// second column
+ C // second column
movl %eax,%edi
andl $0xff000000,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// third column
+ C // third column
movl %eax,%edi
andl $0x00ff0000,%edi
movl %ebx,%ebp
orl %ebp,%edi
pushl %edi
- //// second column
+ C // second column
movl %eax,%edi
andl $0x0000ff00,%edi
movl %ebx,%ebp
popl %eax
xchgl %ebx,%edx
- //// inverse S-box substitution
+ C // inverse S-box substitution
mov $4,%edi
.isb_sub:
movl %eax,%ebp
decl %edi
jnz .isb_sub
- xorl (%esi),%eax // add first key to plaintext
+ xorl (%esi),%eax C add first key to plaintext
xorl 4(%esi),%ebx
xorl 8(%esi),%ecx
xorl 12(%esi),%edx
- //// store decrypted data back to caller's buffer
+ C // store decrypted data back to caller's buffer
movl 28(%esp),%edi
movl %eax,(%edi)
movl %ebx,4(%edi)
popl %ebx
ret
.eord:
- .size rijndael_decrypt,.eord-rijndael_decrypt
-
- .align 16
-.globl rijndael_setup
- .type rijndael_setup,@function
-rijndael_decrypt:
- //// save all registers that need to be saved
- pushl %ebx // 16(%esp)
- pushl %ebp // 12(%esp)
- pushl %esi // 8(%esp)
- pushl %edi // 4(%esp)
- movl 20(%esp),%esi /* context structure */
- movl 24(%esp),%ecx /* key size */
- movl 28(%esp),%edi /* original key */
- /* This code assumes that the key length given is greater than
- or equal to 4 words (128 bits). BAD THINGS WILL HAPPEN
- OTHERWISE! */
- shrl $2,%ecx /* divide by 4 to get total key length */
- movl %ecx,%edx /* calculate the number of rounds */
- addl $6,%edx /* key length in words + 6 = num. rounds */
- /* copy the initial key into the context structure */
- pushl %ecx
-.key_copy_loop:
- movl (%edi),%eax
- addl $4,%edi
- movl %eax,(%esi)
- addl $4,%esi
- decl %ecx
- jnz .key_copy_loop
- popl %ecx
- incl %edx /* number of rounds + 1 */
- shll $2,%edx /* times rijndael blk size 4words */
- subl %ecx,%edx /* # of other keys to make */
- movl %ecx,%ebp
- decl %ecx /* turn ecx into a mask */
- movl $1,%ebx /* round constant */
-.keygen_loop:
- movl -4(%esi),%eax /* previous key */
- testl %ecx,%ebp
- jnz .testnk
- /* rotate and substitute */
- roll $8,%eax
- movl %eax,%edi
- andl $0xff,%eax
+ .size aes_decrypt,.eord-aes_decrypt
+
+C .align 16
+C .globl aes_setup
+C .type aes_setup,@function
+C aes_decrypt:
+C C // save all registers that need to be saved
+C pushl %ebx C 16(%esp)
+C pushl %ebp C 12(%esp)
+C pushl %esi C 8(%esp)
+C pushl %edi C 4(%esp)
+C movl 20(%esp),%esi /* context structure */
+C movl 24(%esp),%ecx /* key size */
+C movl 28(%esp),%edi /* original key */
+C /* This code assumes that the key length given is greater than
+C or equal to 4 words (128 bits). BAD THINGS WILL HAPPEN
+C OTHERWISEC */
+C shrl $2,%ecx /* divide by 4 to get total key length */
+C movl %ecx,%edx /* calculate the number of rounds */
+C addl $6,%edx /* key length in words + 6 = num. rounds */
+C /* copy the initial key into the context structure */
+C pushl %ecx
+C .key_copy_loop:
+C movl (%edi),%eax
+C addl $4,%edi
+C movl %eax,(%esi)
+C addl $4,%esi
+C decl %ecx
+C jnz .key_copy_loop
+C popl %ecx
+C incl %edx /* number of rounds + 1 */
+C shll $2,%edx /* times aes blk size 4words */
+C subl %ecx,%edx /* # of other keys to make */
+C movl %ecx,%ebp
+C decl %ecx /* turn ecx into a mask */
+C movl $1,%ebx /* round constant */
+C .keygen_loop:
+C movl -4(%esi),%eax /* previous key */
+C testl %ecx,%ebp
+C jnz .testnk
+C /* rotate and substitute */
+C roll $8,%eax
+C movl %eax,%edi
+C andl $0xff,%eax
projects / thirdparty / nettle.git / commitdiff
