From: Niels Möller <nisse@lysator.liu.se>
Date: Sat, 13 Sep 2008 17:37:28 +0000 (+0200)
Subject: * x86/aes.m4 (AES_ROUND): Use movzbl.
X-Git-Tag: nettle_2.0_release_20090608~70
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=843dda13c1d4deed3ba04700eada70f41d1c04c8;p=thirdparty%2Fnettle.git

* x86/aes.m4 (AES_ROUND): Use movzbl.
(AES_SUBST_BYTE): Likewise.

Rev: nettle/x86/aes.m4:1.3
---

diff --git a/x86/aes.m4 b/x86/aes.m4
index 97cb03af..98f4e816 100644
--- a/x86/aes.m4
+++ b/x86/aes.m4
@@ -1,3 +1,24 @@
+dnl BYTEREG(reg) gives the 8-bit register corresponding to the given 32-bit register.
+dnl Use in AES_SUBST_BYTE below, and is used by both the x86 and the x86_64 assembler.
+define(<BYTEREG>,<ifelse(
+	$1, %eax, %al,
+	$1, %ebx, %bl,
+	$1, %ecx, %cl,
+	$1, %edx, %dl,
+	dnl The rest are x86_64 only	
+	$1, %esi, %sil,
+	$1, %edi, %dil,
+	$1, %ebp, %bpl,
+	$1, %esp, %spl,
+	$1, %r8d, %r8b,
+	$1, %r9d, %r9b,
+	$1, %r10d, %r10b,
+	$1, %r11d, %r11b,
+	$1, %r12d, %r12b,
+	$1, %r13d, %r13b,
+	$1, %r14d, %r14b,
+	$1, %r15d, %r15b)>)dnl
+
 dnl AES_LOAD(a, b, c, d, src, key)
 dnl Loads the next block of data from src, and add the subkey pointed
 dnl to by key.
@@ -33,8 +54,7 @@ define(<AES_STORE>, <
 dnl AES_ROUND(table,a,b,c,d,out,tmp)
 dnl Computes one word of the AES round. Leaves result in $6.
 define(<AES_ROUND>, <
-	movl	$2, $7
-	andl	<$>0xff, $7
+	movzbl	BYTEREG($2), $7
 	movl	AES_TABLE0 ($1, $7,4),$6
 	movl	$3, $7
 	shrl	<$>8,$7
@@ -46,7 +66,6 @@ define(<AES_ROUND>, <
 	xorl	AES_TABLE2 ($1, $7, 4),$6
 	movl	$5,$7			C  fourth one
 	shrl	<$>24,$7
-	andl	<$>0xff,$7
 	xorl	AES_TABLE3 ($1, $7, 4),$6>)dnl
 
 dnl AES_FINAL_ROUND(a, b, c, d, out, tmp)
@@ -67,49 +86,24 @@ define(<AES_FINAL_ROUND>, <
 	andl	<$>0xff000000,$6
 	orl	$6, $5>)dnl
 
-dnl BYTEREG(reg) gives the 8-bit register corresponding to the given 32-bit register.
-dnl Use in AES_SUBST_BYTE below, and is used by both the x86 and the x86_64 assembler.
-define(<BYTEREG>,<ifelse(
-	$1, %eax, %al,
-	$1, %ebx, %bl,
-	$1, %ecx, %cl,
-	$1, %edx, %dl,
-	dnl The rest are x86_64 only	
-	$1, %esi, %sil,
-	$1, %edi, %dil,
-	$1, %ebp, %bpl,
-	$1, %esp, %spl,
-	$1, %r8d, %r8b,
-	$1, %r9d, %r9b,
-	$1, %r10d, %r10b,
-	$1, %r11d, %r11b,
-	$1, %r12d, %r12b,
-	$1, %r13d, %r13b,
-	$1, %r14d, %r14b,
-	$1, %r15d, %r15b)>)dnl
-
 dnl AES_SUBST_BYTE(A, B, C, D, table, tmp)
 dnl Substitutes the least significant byte of
 dnl each of eax, ebx, ecx and edx, and also rotates
 dnl the words one byte to the left.
 dnl Uses that AES_SBOX == 0
 define(<AES_SUBST_BYTE>, <
-	movl	$1,$6
-	andl	<$>0x000000ff,$6
+	movzbl  BYTEREG($1),$6
 	movb	($5, $6),BYTEREG($1)
 	roll	<$>8,$1
 
-	movl	$2,$6
-	andl	<$>0x000000ff,$6
+	movzbl  BYTEREG($2),$6
 	movb	($5, $6),BYTEREG($2)
 	roll	<$>8,$2
 
-	movl	$3,$6
-	andl	<$>0x000000ff,$6
+	movzbl  BYTEREG($3),$6
 	movb	($5, $6),BYTEREG($3)
 	roll	<$>8,$3
 
-	movl	$4,$6
-	andl	<$>0x000000ff,$6
+	movzbl  BYTEREG($4),$6
 	movb	($5, $6),BYTEREG($4)
 	roll	<$>8,$4>)dnl