summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/aes
diff options
context:
space:
mode:
authordjm <>2011-11-03 02:32:23 +0000
committerdjm <>2011-11-03 02:32:23 +0000
commit113f799ec7d1728f0a5d7ab5b0e3b42e3de56407 (patch)
tree26d712b25a8fa580b8f2dfc6df470ba5ffea9eb7 /src/lib/libcrypto/aes
parent829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2 (diff)
downloadopenbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.tar.gz
openbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.tar.bz2
openbsd-113f799ec7d1728f0a5d7ab5b0e3b42e3de56407.zip
import OpenSSL 1.0.0e
Diffstat (limited to 'src/lib/libcrypto/aes')
-rw-r--r--src/lib/libcrypto/aes/aes_wrap.c12
-rw-r--r--src/lib/libcrypto/aes/asm/aes-armv4.pl397
2 files changed, 204 insertions, 205 deletions
diff --git a/src/lib/libcrypto/aes/aes_wrap.c b/src/lib/libcrypto/aes/aes_wrap.c
index 9feacd65d8..e2d73d37ce 100644
--- a/src/lib/libcrypto/aes/aes_wrap.c
+++ b/src/lib/libcrypto/aes/aes_wrap.c
@@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
85 A[7] ^= (unsigned char)(t & 0xff); 85 A[7] ^= (unsigned char)(t & 0xff);
86 if (t > 0xff) 86 if (t > 0xff)
87 { 87 {
88 A[6] ^= (unsigned char)((t & 0xff) >> 8); 88 A[6] ^= (unsigned char)((t >> 8) & 0xff);
89 A[5] ^= (unsigned char)((t & 0xff) >> 16); 89 A[5] ^= (unsigned char)((t >> 16) & 0xff);
90 A[4] ^= (unsigned char)((t & 0xff) >> 24); 90 A[4] ^= (unsigned char)((t >> 24) & 0xff);
91 } 91 }
92 memcpy(R, B + 8, 8); 92 memcpy(R, B + 8, 8);
93 } 93 }
@@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
119 A[7] ^= (unsigned char)(t & 0xff); 119 A[7] ^= (unsigned char)(t & 0xff);
120 if (t > 0xff) 120 if (t > 0xff)
121 { 121 {
122 A[6] ^= (unsigned char)((t & 0xff) >> 8); 122 A[6] ^= (unsigned char)((t >> 8) & 0xff);
123 A[5] ^= (unsigned char)((t & 0xff) >> 16); 123 A[5] ^= (unsigned char)((t >> 16) & 0xff);
124 A[4] ^= (unsigned char)((t & 0xff) >> 24); 124 A[4] ^= (unsigned char)((t >> 24) & 0xff);
125 } 125 }
126 memcpy(B + 8, R, 8); 126 memcpy(B + 8, R, 8);
127 AES_decrypt(B, B, key); 127 AES_decrypt(B, B, key);
diff --git a/src/lib/libcrypto/aes/asm/aes-armv4.pl b/src/lib/libcrypto/aes/asm/aes-armv4.pl
index 690244111a..c51ee1fbf6 100644
--- a/src/lib/libcrypto/aes/asm/aes-armv4.pl
+++ b/src/lib/libcrypto/aes/asm/aes-armv4.pl
@@ -16,12 +16,20 @@
16# allows to merge logical or arithmetic operation with shift or rotate 16# allows to merge logical or arithmetic operation with shift or rotate
17# in one instruction and emit combined result every cycle. The module 17# in one instruction and emit combined result every cycle. The module
18# is endian-neutral. The performance is ~42 cycles/byte for 128-bit 18# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
19# key. 19# key [on single-issue Xscale PXA250 core].
20 20
21# May 2007. 21# May 2007.
22# 22#
23# AES_set_[en|de]crypt_key is added. 23# AES_set_[en|de]crypt_key is added.
24 24
25# July 2010.
26#
27# Rescheduling for dual-issue pipeline resulted in 12% improvement on
28# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
29
30while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
31open STDOUT,">$output";
32
25$s0="r0"; 33$s0="r0";
26$s1="r1"; 34$s1="r1";
27$s2="r2"; 35$s2="r2";
@@ -164,24 +172,24 @@ AES_encrypt:
164 ldrb $t2,[$rounds,#1] 172 ldrb $t2,[$rounds,#1]
165 ldrb $t3,[$rounds,#0] 173 ldrb $t3,[$rounds,#0]
166 orr $s0,$s0,$t1,lsl#8 174 orr $s0,$s0,$t1,lsl#8
167 orr $s0,$s0,$t2,lsl#16
168 orr $s0,$s0,$t3,lsl#24
169 ldrb $s1,[$rounds,#7] 175 ldrb $s1,[$rounds,#7]
176 orr $s0,$s0,$t2,lsl#16
170 ldrb $t1,[$rounds,#6] 177 ldrb $t1,[$rounds,#6]
178 orr $s0,$s0,$t3,lsl#24
171 ldrb $t2,[$rounds,#5] 179 ldrb $t2,[$rounds,#5]
172 ldrb $t3,[$rounds,#4] 180 ldrb $t3,[$rounds,#4]
173 orr $s1,$s1,$t1,lsl#8 181 orr $s1,$s1,$t1,lsl#8
174 orr $s1,$s1,$t2,lsl#16
175 orr $s1,$s1,$t3,lsl#24
176 ldrb $s2,[$rounds,#11] 182 ldrb $s2,[$rounds,#11]
183 orr $s1,$s1,$t2,lsl#16
177 ldrb $t1,[$rounds,#10] 184 ldrb $t1,[$rounds,#10]
185 orr $s1,$s1,$t3,lsl#24
178 ldrb $t2,[$rounds,#9] 186 ldrb $t2,[$rounds,#9]
179 ldrb $t3,[$rounds,#8] 187 ldrb $t3,[$rounds,#8]
180 orr $s2,$s2,$t1,lsl#8 188 orr $s2,$s2,$t1,lsl#8
181 orr $s2,$s2,$t2,lsl#16
182 orr $s2,$s2,$t3,lsl#24
183 ldrb $s3,[$rounds,#15] 189 ldrb $s3,[$rounds,#15]
190 orr $s2,$s2,$t2,lsl#16
184 ldrb $t1,[$rounds,#14] 191 ldrb $t1,[$rounds,#14]
192 orr $s2,$s2,$t3,lsl#24
185 ldrb $t2,[$rounds,#13] 193 ldrb $t2,[$rounds,#13]
186 ldrb $t3,[$rounds,#12] 194 ldrb $t3,[$rounds,#12]
187 orr $s3,$s3,$t1,lsl#8 195 orr $s3,$s3,$t1,lsl#8
@@ -196,24 +204,24 @@ AES_encrypt:
196 mov $t3,$s0,lsr#8 204 mov $t3,$s0,lsr#8
197 strb $t1,[$rounds,#0] 205 strb $t1,[$rounds,#0]
198 strb $t2,[$rounds,#1] 206 strb $t2,[$rounds,#1]
199 strb $t3,[$rounds,#2]
200 strb $s0,[$rounds,#3]
201 mov $t1,$s1,lsr#24 207 mov $t1,$s1,lsr#24
208 strb $t3,[$rounds,#2]
202 mov $t2,$s1,lsr#16 209 mov $t2,$s1,lsr#16
210 strb $s0,[$rounds,#3]
203 mov $t3,$s1,lsr#8 211 mov $t3,$s1,lsr#8
204 strb $t1,[$rounds,#4] 212 strb $t1,[$rounds,#4]
205 strb $t2,[$rounds,#5] 213 strb $t2,[$rounds,#5]
206 strb $t3,[$rounds,#6]
207 strb $s1,[$rounds,#7]
208 mov $t1,$s2,lsr#24 214 mov $t1,$s2,lsr#24
215 strb $t3,[$rounds,#6]
209 mov $t2,$s2,lsr#16 216 mov $t2,$s2,lsr#16
217 strb $s1,[$rounds,#7]
210 mov $t3,$s2,lsr#8 218 mov $t3,$s2,lsr#8
211 strb $t1,[$rounds,#8] 219 strb $t1,[$rounds,#8]
212 strb $t2,[$rounds,#9] 220 strb $t2,[$rounds,#9]
213 strb $t3,[$rounds,#10]
214 strb $s2,[$rounds,#11]
215 mov $t1,$s3,lsr#24 221 mov $t1,$s3,lsr#24
222 strb $t3,[$rounds,#10]
216 mov $t2,$s3,lsr#16 223 mov $t2,$s3,lsr#16
224 strb $s2,[$rounds,#11]
217 mov $t3,$s3,lsr#8 225 mov $t3,$s3,lsr#8
218 strb $t1,[$rounds,#12] 226 strb $t1,[$rounds,#12]
219 strb $t2,[$rounds,#13] 227 strb $t2,[$rounds,#13]
@@ -230,141 +238,137 @@ AES_encrypt:
230.align 2 238.align 2
231_armv4_AES_encrypt: 239_armv4_AES_encrypt:
232 str lr,[sp,#-4]! @ push lr 240 str lr,[sp,#-4]! @ push lr
233 ldr $t1,[$key],#16 241 ldmia $key!,{$t1-$i1}
234 ldr $t2,[$key,#-12]
235 ldr $t3,[$key,#-8]
236 ldr $i1,[$key,#-4]
237 ldr $rounds,[$key,#240-16]
238 eor $s0,$s0,$t1 242 eor $s0,$s0,$t1
243 ldr $rounds,[$key,#240-16]
239 eor $s1,$s1,$t2 244 eor $s1,$s1,$t2
240 eor $s2,$s2,$t3 245 eor $s2,$s2,$t3
241 eor $s3,$s3,$i1 246 eor $s3,$s3,$i1
242 sub $rounds,$rounds,#1 247 sub $rounds,$rounds,#1
243 mov lr,#255 248 mov lr,#255
244 249
245.Lenc_loop: 250 and $i1,lr,$s0
246 and $i2,lr,$s0,lsr#8 251 and $i2,lr,$s0,lsr#8
247 and $i3,lr,$s0,lsr#16 252 and $i3,lr,$s0,lsr#16
248 and $i1,lr,$s0
249 mov $s0,$s0,lsr#24 253 mov $s0,$s0,lsr#24
254.Lenc_loop:
250 ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0] 255 ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
251 ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
252 ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
253 ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
254
255 and $i1,lr,$s1,lsr#16 @ i0 256 and $i1,lr,$s1,lsr#16 @ i0
257 ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8]
256 and $i2,lr,$s1 258 and $i2,lr,$s1
259 ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16]
257 and $i3,lr,$s1,lsr#8 260 and $i3,lr,$s1,lsr#8
261 ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24]
258 mov $s1,$s1,lsr#24 262 mov $s1,$s1,lsr#24
263
259 ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16] 264 ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
260 ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
261 ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0] 265 ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0]
262 ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8] 266 ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8]
263 eor $s0,$s0,$i1,ror#8 267 eor $s0,$s0,$i1,ror#8
264 eor $s1,$s1,$t1,ror#24 268 ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24]
265 eor $t2,$t2,$i2,ror#8
266 eor $t3,$t3,$i3,ror#8
267
268 and $i1,lr,$s2,lsr#8 @ i0 269 and $i1,lr,$s2,lsr#8 @ i0
270 eor $t2,$t2,$i2,ror#8
269 and $i2,lr,$s2,lsr#16 @ i1 271 and $i2,lr,$s2,lsr#16 @ i1
272 eor $t3,$t3,$i3,ror#8
270 and $i3,lr,$s2 273 and $i3,lr,$s2
271 mov $s2,$s2,lsr#24 274 eor $s1,$s1,$t1,ror#24
272 ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8] 275 ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
276 mov $s2,$s2,lsr#24
277
273 ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16] 278 ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16]
274 ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
275 ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0] 279 ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0]
276 eor $s0,$s0,$i1,ror#16 280 eor $s0,$s0,$i1,ror#16
277 eor $s1,$s1,$i2,ror#8 281 ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24]
278 eor $s2,$s2,$t2,ror#16
279 eor $t3,$t3,$i3,ror#16
280
281 and $i1,lr,$s3 @ i0 282 and $i1,lr,$s3 @ i0
283 eor $s1,$s1,$i2,ror#8
282 and $i2,lr,$s3,lsr#8 @ i1 284 and $i2,lr,$s3,lsr#8 @ i1
285 eor $t3,$t3,$i3,ror#16
283 and $i3,lr,$s3,lsr#16 @ i2 286 and $i3,lr,$s3,lsr#16 @ i2
284 mov $s3,$s3,lsr#24 287 eor $s2,$s2,$t2,ror#16
285 ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0] 288 ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
289 mov $s3,$s3,lsr#24
290
286 ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8] 291 ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8]
287 ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16] 292 ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16]
288 ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
289 eor $s0,$s0,$i1,ror#24 293 eor $s0,$s0,$i1,ror#24
294 ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24]
290 eor $s1,$s1,$i2,ror#16 295 eor $s1,$s1,$i2,ror#16
296 ldr $i1,[$key],#16
291 eor $s2,$s2,$i3,ror#8 297 eor $s2,$s2,$i3,ror#8
298 ldr $t1,[$key,#-12]
292 eor $s3,$s3,$t3,ror#8 299 eor $s3,$s3,$t3,ror#8
293 300
294 ldr $t1,[$key],#16 301 ldr $t2,[$key,#-8]
295 ldr $t2,[$key,#-12] 302 eor $s0,$s0,$i1
296 ldr $t3,[$key,#-8] 303 ldr $t3,[$key,#-4]
297 ldr $i1,[$key,#-4] 304 and $i1,lr,$s0
298 eor $s0,$s0,$t1 305 eor $s1,$s1,$t1
299 eor $s1,$s1,$t2 306 and $i2,lr,$s0,lsr#8
300 eor $s2,$s2,$t3 307 eor $s2,$s2,$t2
301 eor $s3,$s3,$i1 308 and $i3,lr,$s0,lsr#16
309 eor $s3,$s3,$t3
310 mov $s0,$s0,lsr#24
302 311
303 subs $rounds,$rounds,#1 312 subs $rounds,$rounds,#1
304 bne .Lenc_loop 313 bne .Lenc_loop
305 314
306 add $tbl,$tbl,#2 315 add $tbl,$tbl,#2
307 316
308 and $i1,lr,$s0
309 and $i2,lr,$s0,lsr#8
310 and $i3,lr,$s0,lsr#16
311 mov $s0,$s0,lsr#24
312 ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0] 317 ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
313 ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
314 ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
315 ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
316
317 and $i1,lr,$s1,lsr#16 @ i0 318 and $i1,lr,$s1,lsr#16 @ i0
319 ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8]
318 and $i2,lr,$s1 320 and $i2,lr,$s1
321 ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16]
319 and $i3,lr,$s1,lsr#8 322 and $i3,lr,$s1,lsr#8
323 ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24]
320 mov $s1,$s1,lsr#24 324 mov $s1,$s1,lsr#24
325
321 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16] 326 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
322 ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
323 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0] 327 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0]
324 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8] 328 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8]
325 eor $s0,$i1,$s0,lsl#8 329 eor $s0,$i1,$s0,lsl#8
326 eor $s1,$t1,$s1,lsl#24 330 ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24]
327 eor $t2,$i2,$t2,lsl#8
328 eor $t3,$i3,$t3,lsl#8
329
330 and $i1,lr,$s2,lsr#8 @ i0 331 and $i1,lr,$s2,lsr#8 @ i0
332 eor $t2,$i2,$t2,lsl#8
331 and $i2,lr,$s2,lsr#16 @ i1 333 and $i2,lr,$s2,lsr#16 @ i1
334 eor $t3,$i3,$t3,lsl#8
332 and $i3,lr,$s2 335 and $i3,lr,$s2
333 mov $s2,$s2,lsr#24 336 eor $s1,$t1,$s1,lsl#24
334 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8] 337 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
338 mov $s2,$s2,lsr#24
339
335 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16] 340 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16]
336 ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
337 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0] 341 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0]
338 eor $s0,$i1,$s0,lsl#8 342 eor $s0,$i1,$s0,lsl#8
339 eor $s1,$s1,$i2,lsl#16 343 ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24]
340 eor $s2,$t2,$s2,lsl#24
341 eor $t3,$i3,$t3,lsl#8
342
343 and $i1,lr,$s3 @ i0 344 and $i1,lr,$s3 @ i0
345 eor $s1,$s1,$i2,lsl#16
344 and $i2,lr,$s3,lsr#8 @ i1 346 and $i2,lr,$s3,lsr#8 @ i1
347 eor $t3,$i3,$t3,lsl#8
345 and $i3,lr,$s3,lsr#16 @ i2 348 and $i3,lr,$s3,lsr#16 @ i2
346 mov $s3,$s3,lsr#24 349 eor $s2,$t2,$s2,lsl#24
347 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0] 350 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
351 mov $s3,$s3,lsr#24
352
348 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8] 353 ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8]
349 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16] 354 ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16]
350 ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
351 eor $s0,$i1,$s0,lsl#8 355 eor $s0,$i1,$s0,lsl#8
356 ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24]
357 ldr $i1,[$key,#0]
352 eor $s1,$s1,$i2,lsl#8 358 eor $s1,$s1,$i2,lsl#8
359 ldr $t1,[$key,#4]
353 eor $s2,$s2,$i3,lsl#16 360 eor $s2,$s2,$i3,lsl#16
361 ldr $t2,[$key,#8]
354 eor $s3,$t3,$s3,lsl#24 362 eor $s3,$t3,$s3,lsl#24
363 ldr $t3,[$key,#12]
355 364
356 ldr lr,[sp],#4 @ pop lr 365 eor $s0,$s0,$i1
357 ldr $t1,[$key,#0] 366 eor $s1,$s1,$t1
358 ldr $t2,[$key,#4] 367 eor $s2,$s2,$t2
359 ldr $t3,[$key,#8] 368 eor $s3,$s3,$t3
360 ldr $i1,[$key,#12]
361 eor $s0,$s0,$t1
362 eor $s1,$s1,$t2
363 eor $s2,$s2,$t3
364 eor $s3,$s3,$i1
365 369
366 sub $tbl,$tbl,#2 370 sub $tbl,$tbl,#2
367 mov pc,lr @ return 371 ldr pc,[sp],#4 @ pop and return
368.size _armv4_AES_encrypt,.-_armv4_AES_encrypt 372.size _armv4_AES_encrypt,.-_armv4_AES_encrypt
369 373
370.global AES_set_encrypt_key 374.global AES_set_encrypt_key
@@ -399,31 +403,31 @@ AES_set_encrypt_key:
399 ldrb $t2,[$rounds,#1] 403 ldrb $t2,[$rounds,#1]
400 ldrb $t3,[$rounds,#0] 404 ldrb $t3,[$rounds,#0]
401 orr $s0,$s0,$t1,lsl#8 405 orr $s0,$s0,$t1,lsl#8
402 orr $s0,$s0,$t2,lsl#16
403 orr $s0,$s0,$t3,lsl#24
404 ldrb $s1,[$rounds,#7] 406 ldrb $s1,[$rounds,#7]
407 orr $s0,$s0,$t2,lsl#16
405 ldrb $t1,[$rounds,#6] 408 ldrb $t1,[$rounds,#6]
409 orr $s0,$s0,$t3,lsl#24
406 ldrb $t2,[$rounds,#5] 410 ldrb $t2,[$rounds,#5]
407 ldrb $t3,[$rounds,#4] 411 ldrb $t3,[$rounds,#4]
408 orr $s1,$s1,$t1,lsl#8 412 orr $s1,$s1,$t1,lsl#8
409 orr $s1,$s1,$t2,lsl#16
410 orr $s1,$s1,$t3,lsl#24
411 ldrb $s2,[$rounds,#11] 413 ldrb $s2,[$rounds,#11]
414 orr $s1,$s1,$t2,lsl#16
412 ldrb $t1,[$rounds,#10] 415 ldrb $t1,[$rounds,#10]
416 orr $s1,$s1,$t3,lsl#24
413 ldrb $t2,[$rounds,#9] 417 ldrb $t2,[$rounds,#9]
414 ldrb $t3,[$rounds,#8] 418 ldrb $t3,[$rounds,#8]
415 orr $s2,$s2,$t1,lsl#8 419 orr $s2,$s2,$t1,lsl#8
416 orr $s2,$s2,$t2,lsl#16
417 orr $s2,$s2,$t3,lsl#24
418 ldrb $s3,[$rounds,#15] 420 ldrb $s3,[$rounds,#15]
421 orr $s2,$s2,$t2,lsl#16
419 ldrb $t1,[$rounds,#14] 422 ldrb $t1,[$rounds,#14]
423 orr $s2,$s2,$t3,lsl#24
420 ldrb $t2,[$rounds,#13] 424 ldrb $t2,[$rounds,#13]
421 ldrb $t3,[$rounds,#12] 425 ldrb $t3,[$rounds,#12]
422 orr $s3,$s3,$t1,lsl#8 426 orr $s3,$s3,$t1,lsl#8
423 orr $s3,$s3,$t2,lsl#16
424 orr $s3,$s3,$t3,lsl#24
425 str $s0,[$key],#16 427 str $s0,[$key],#16
428 orr $s3,$s3,$t2,lsl#16
426 str $s1,[$key,#-12] 429 str $s1,[$key,#-12]
430 orr $s3,$s3,$t3,lsl#24
427 str $s2,[$key,#-8] 431 str $s2,[$key,#-8]
428 str $s3,[$key,#-4] 432 str $s3,[$key,#-4]
429 433
@@ -437,27 +441,26 @@ AES_set_encrypt_key:
437.L128_loop: 441.L128_loop:
438 and $t2,lr,$s3,lsr#24 442 and $t2,lr,$s3,lsr#24
439 and $i1,lr,$s3,lsr#16 443 and $i1,lr,$s3,lsr#16
440 and $i2,lr,$s3,lsr#8
441 and $i3,lr,$s3
442 ldrb $t2,[$tbl,$t2] 444 ldrb $t2,[$tbl,$t2]
445 and $i2,lr,$s3,lsr#8
443 ldrb $i1,[$tbl,$i1] 446 ldrb $i1,[$tbl,$i1]
447 and $i3,lr,$s3
444 ldrb $i2,[$tbl,$i2] 448 ldrb $i2,[$tbl,$i2]
445 ldrb $i3,[$tbl,$i3]
446 ldr $t1,[$t3],#4 @ rcon[i++]
447 orr $t2,$t2,$i1,lsl#24 449 orr $t2,$t2,$i1,lsl#24
450 ldrb $i3,[$tbl,$i3]
448 orr $t2,$t2,$i2,lsl#16 451 orr $t2,$t2,$i2,lsl#16
452 ldr $t1,[$t3],#4 @ rcon[i++]
449 orr $t2,$t2,$i3,lsl#8 453 orr $t2,$t2,$i3,lsl#8
450 eor $t2,$t2,$t1 454 eor $t2,$t2,$t1
451 eor $s0,$s0,$t2 @ rk[4]=rk[0]^... 455 eor $s0,$s0,$t2 @ rk[4]=rk[0]^...
452 eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4] 456 eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4]
453 eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
454 eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
455 str $s0,[$key],#16 457 str $s0,[$key],#16
458 eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5]
456 str $s1,[$key,#-12] 459 str $s1,[$key,#-12]
460 eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6]
457 str $s2,[$key,#-8] 461 str $s2,[$key,#-8]
458 str $s3,[$key,#-4]
459
460 subs $rounds,$rounds,#1 462 subs $rounds,$rounds,#1
463 str $s3,[$key,#-4]
461 bne .L128_loop 464 bne .L128_loop
462 sub r2,$key,#176 465 sub r2,$key,#176
463 b .Ldone 466 b .Ldone
@@ -468,16 +471,16 @@ AES_set_encrypt_key:
468 ldrb $t2,[$rounds,#17] 471 ldrb $t2,[$rounds,#17]
469 ldrb $t3,[$rounds,#16] 472 ldrb $t3,[$rounds,#16]
470 orr $i2,$i2,$t1,lsl#8 473 orr $i2,$i2,$t1,lsl#8
471 orr $i2,$i2,$t2,lsl#16
472 orr $i2,$i2,$t3,lsl#24
473 ldrb $i3,[$rounds,#23] 474 ldrb $i3,[$rounds,#23]
475 orr $i2,$i2,$t2,lsl#16
474 ldrb $t1,[$rounds,#22] 476 ldrb $t1,[$rounds,#22]
477 orr $i2,$i2,$t3,lsl#24
475 ldrb $t2,[$rounds,#21] 478 ldrb $t2,[$rounds,#21]
476 ldrb $t3,[$rounds,#20] 479 ldrb $t3,[$rounds,#20]
477 orr $i3,$i3,$t1,lsl#8 480 orr $i3,$i3,$t1,lsl#8
478 orr $i3,$i3,$t2,lsl#16 481 orr $i3,$i3,$t2,lsl#16
479 orr $i3,$i3,$t3,lsl#24
480 str $i2,[$key],#8 482 str $i2,[$key],#8
483 orr $i3,$i3,$t3,lsl#24
481 str $i3,[$key,#-4] 484 str $i3,[$key,#-4]
482 485
483 teq lr,#192 486 teq lr,#192
@@ -491,27 +494,26 @@ AES_set_encrypt_key:
491.L192_loop: 494.L192_loop:
492 and $t2,lr,$i3,lsr#24 495 and $t2,lr,$i3,lsr#24
493 and $i1,lr,$i3,lsr#16 496 and $i1,lr,$i3,lsr#16
494 and $i2,lr,$i3,lsr#8
495 and $i3,lr,$i3
496 ldrb $t2,[$tbl,$t2] 497 ldrb $t2,[$tbl,$t2]
498 and $i2,lr,$i3,lsr#8
497 ldrb $i1,[$tbl,$i1] 499 ldrb $i1,[$tbl,$i1]
500 and $i3,lr,$i3
498 ldrb $i2,[$tbl,$i2] 501 ldrb $i2,[$tbl,$i2]
499 ldrb $i3,[$tbl,$i3]
500 ldr $t1,[$t3],#4 @ rcon[i++]
501 orr $t2,$t2,$i1,lsl#24 502 orr $t2,$t2,$i1,lsl#24
503 ldrb $i3,[$tbl,$i3]
502 orr $t2,$t2,$i2,lsl#16 504 orr $t2,$t2,$i2,lsl#16
505 ldr $t1,[$t3],#4 @ rcon[i++]
503 orr $t2,$t2,$i3,lsl#8 506 orr $t2,$t2,$i3,lsl#8
504 eor $i3,$t2,$t1 507 eor $i3,$t2,$t1
505 eor $s0,$s0,$i3 @ rk[6]=rk[0]^... 508 eor $s0,$s0,$i3 @ rk[6]=rk[0]^...
506 eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6] 509 eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6]
507 eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
508 eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
509 str $s0,[$key],#24 510 str $s0,[$key],#24
511 eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7]
510 str $s1,[$key,#-20] 512 str $s1,[$key,#-20]
513 eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8]
511 str $s2,[$key,#-16] 514 str $s2,[$key,#-16]
512 str $s3,[$key,#-12]
513
514 subs $rounds,$rounds,#1 515 subs $rounds,$rounds,#1
516 str $s3,[$key,#-12]
515 subeq r2,$key,#216 517 subeq r2,$key,#216
516 beq .Ldone 518 beq .Ldone
517 519
@@ -529,16 +531,16 @@ AES_set_encrypt_key:
529 ldrb $t2,[$rounds,#25] 531 ldrb $t2,[$rounds,#25]
530 ldrb $t3,[$rounds,#24] 532 ldrb $t3,[$rounds,#24]
531 orr $i2,$i2,$t1,lsl#8 533 orr $i2,$i2,$t1,lsl#8
532 orr $i2,$i2,$t2,lsl#16
533 orr $i2,$i2,$t3,lsl#24
534 ldrb $i3,[$rounds,#31] 534 ldrb $i3,[$rounds,#31]
535 orr $i2,$i2,$t2,lsl#16
535 ldrb $t1,[$rounds,#30] 536 ldrb $t1,[$rounds,#30]
537 orr $i2,$i2,$t3,lsl#24
536 ldrb $t2,[$rounds,#29] 538 ldrb $t2,[$rounds,#29]
537 ldrb $t3,[$rounds,#28] 539 ldrb $t3,[$rounds,#28]
538 orr $i3,$i3,$t1,lsl#8 540 orr $i3,$i3,$t1,lsl#8
539 orr $i3,$i3,$t2,lsl#16 541 orr $i3,$i3,$t2,lsl#16
540 orr $i3,$i3,$t3,lsl#24
541 str $i2,[$key],#8 542 str $i2,[$key],#8
543 orr $i3,$i3,$t3,lsl#24
542 str $i3,[$key,#-4] 544 str $i3,[$key,#-4]
543 545
544 mov $rounds,#14 546 mov $rounds,#14
@@ -550,52 +552,51 @@ AES_set_encrypt_key:
550.L256_loop: 552.L256_loop:
551 and $t2,lr,$i3,lsr#24 553 and $t2,lr,$i3,lsr#24
552 and $i1,lr,$i3,lsr#16 554 and $i1,lr,$i3,lsr#16
553 and $i2,lr,$i3,lsr#8
554 and $i3,lr,$i3
555 ldrb $t2,[$tbl,$t2] 555 ldrb $t2,[$tbl,$t2]
556 and $i2,lr,$i3,lsr#8
556 ldrb $i1,[$tbl,$i1] 557 ldrb $i1,[$tbl,$i1]
558 and $i3,lr,$i3
557 ldrb $i2,[$tbl,$i2] 559 ldrb $i2,[$tbl,$i2]
558 ldrb $i3,[$tbl,$i3]
559 ldr $t1,[$t3],#4 @ rcon[i++]
560 orr $t2,$t2,$i1,lsl#24 560 orr $t2,$t2,$i1,lsl#24
561 ldrb $i3,[$tbl,$i3]
561 orr $t2,$t2,$i2,lsl#16 562 orr $t2,$t2,$i2,lsl#16
563 ldr $t1,[$t3],#4 @ rcon[i++]
562 orr $t2,$t2,$i3,lsl#8 564 orr $t2,$t2,$i3,lsl#8
563 eor $i3,$t2,$t1 565 eor $i3,$t2,$t1
564 eor $s0,$s0,$i3 @ rk[8]=rk[0]^... 566 eor $s0,$s0,$i3 @ rk[8]=rk[0]^...
565 eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8] 567 eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8]
566 eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
567 eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
568 str $s0,[$key],#32 568 str $s0,[$key],#32
569 eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9]
569 str $s1,[$key,#-28] 570 str $s1,[$key,#-28]
571 eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10]
570 str $s2,[$key,#-24] 572 str $s2,[$key,#-24]
571 str $s3,[$key,#-20]
572
573 subs $rounds,$rounds,#1 573 subs $rounds,$rounds,#1
574 str $s3,[$key,#-20]
574 subeq r2,$key,#256 575 subeq r2,$key,#256
575 beq .Ldone 576 beq .Ldone
576 577
577 and $t2,lr,$s3 578 and $t2,lr,$s3
578 and $i1,lr,$s3,lsr#8 579 and $i1,lr,$s3,lsr#8
579 and $i2,lr,$s3,lsr#16
580 and $i3,lr,$s3,lsr#24
581 ldrb $t2,[$tbl,$t2] 580 ldrb $t2,[$tbl,$t2]
581 and $i2,lr,$s3,lsr#16
582 ldrb $i1,[$tbl,$i1] 582 ldrb $i1,[$tbl,$i1]
583 and $i3,lr,$s3,lsr#24
583 ldrb $i2,[$tbl,$i2] 584 ldrb $i2,[$tbl,$i2]
584 ldrb $i3,[$tbl,$i3]
585 orr $t2,$t2,$i1,lsl#8 585 orr $t2,$t2,$i1,lsl#8
586 ldrb $i3,[$tbl,$i3]
586 orr $t2,$t2,$i2,lsl#16 587 orr $t2,$t2,$i2,lsl#16
588 ldr $t1,[$key,#-48]
587 orr $t2,$t2,$i3,lsl#24 589 orr $t2,$t2,$i3,lsl#24
588 590
589 ldr $t1,[$key,#-48]
590 ldr $i1,[$key,#-44] 591 ldr $i1,[$key,#-44]
591 ldr $i2,[$key,#-40] 592 ldr $i2,[$key,#-40]
592 ldr $i3,[$key,#-36]
593 eor $t1,$t1,$t2 @ rk[12]=rk[4]^... 593 eor $t1,$t1,$t2 @ rk[12]=rk[4]^...
594 ldr $i3,[$key,#-36]
594 eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12] 595 eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
595 eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
596 eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
597 str $t1,[$key,#-16] 596 str $t1,[$key,#-16]
597 eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
598 str $i1,[$key,#-12] 598 str $i1,[$key,#-12]
599 eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14]
599 str $i2,[$key,#-8] 600 str $i2,[$key,#-8]
600 str $i3,[$key,#-4] 601 str $i3,[$key,#-4]
601 b .L256_loop 602 b .L256_loop
@@ -816,24 +817,24 @@ AES_decrypt:
816 ldrb $t2,[$rounds,#1] 817 ldrb $t2,[$rounds,#1]
817 ldrb $t3,[$rounds,#0] 818 ldrb $t3,[$rounds,#0]
818 orr $s0,$s0,$t1,lsl#8 819 orr $s0,$s0,$t1,lsl#8
819 orr $s0,$s0,$t2,lsl#16
820 orr $s0,$s0,$t3,lsl#24
821 ldrb $s1,[$rounds,#7] 820 ldrb $s1,[$rounds,#7]
821 orr $s0,$s0,$t2,lsl#16
822 ldrb $t1,[$rounds,#6] 822 ldrb $t1,[$rounds,#6]
823 orr $s0,$s0,$t3,lsl#24
823 ldrb $t2,[$rounds,#5] 824 ldrb $t2,[$rounds,#5]
824 ldrb $t3,[$rounds,#4] 825 ldrb $t3,[$rounds,#4]
825 orr $s1,$s1,$t1,lsl#8 826 orr $s1,$s1,$t1,lsl#8
826 orr $s1,$s1,$t2,lsl#16
827 orr $s1,$s1,$t3,lsl#24
828 ldrb $s2,[$rounds,#11] 827 ldrb $s2,[$rounds,#11]
828 orr $s1,$s1,$t2,lsl#16
829 ldrb $t1,[$rounds,#10] 829 ldrb $t1,[$rounds,#10]
830 orr $s1,$s1,$t3,lsl#24
830 ldrb $t2,[$rounds,#9] 831 ldrb $t2,[$rounds,#9]
831 ldrb $t3,[$rounds,#8] 832 ldrb $t3,[$rounds,#8]
832 orr $s2,$s2,$t1,lsl#8 833 orr $s2,$s2,$t1,lsl#8
833 orr $s2,$s2,$t2,lsl#16
834 orr $s2,$s2,$t3,lsl#24
835 ldrb $s3,[$rounds,#15] 834 ldrb $s3,[$rounds,#15]
835 orr $s2,$s2,$t2,lsl#16
836 ldrb $t1,[$rounds,#14] 836 ldrb $t1,[$rounds,#14]
837 orr $s2,$s2,$t3,lsl#24
837 ldrb $t2,[$rounds,#13] 838 ldrb $t2,[$rounds,#13]
838 ldrb $t3,[$rounds,#12] 839 ldrb $t3,[$rounds,#12]
839 orr $s3,$s3,$t1,lsl#8 840 orr $s3,$s3,$t1,lsl#8
@@ -848,24 +849,24 @@ AES_decrypt:
848 mov $t3,$s0,lsr#8 849 mov $t3,$s0,lsr#8
849 strb $t1,[$rounds,#0] 850 strb $t1,[$rounds,#0]
850 strb $t2,[$rounds,#1] 851 strb $t2,[$rounds,#1]
851 strb $t3,[$rounds,#2]
852 strb $s0,[$rounds,#3]
853 mov $t1,$s1,lsr#24 852 mov $t1,$s1,lsr#24
853 strb $t3,[$rounds,#2]
854 mov $t2,$s1,lsr#16 854 mov $t2,$s1,lsr#16
855 strb $s0,[$rounds,#3]
855 mov $t3,$s1,lsr#8 856 mov $t3,$s1,lsr#8
856 strb $t1,[$rounds,#4] 857 strb $t1,[$rounds,#4]
857 strb $t2,[$rounds,#5] 858 strb $t2,[$rounds,#5]
858 strb $t3,[$rounds,#6]
859 strb $s1,[$rounds,#7]
860 mov $t1,$s2,lsr#24 859 mov $t1,$s2,lsr#24
860 strb $t3,[$rounds,#6]
861 mov $t2,$s2,lsr#16 861 mov $t2,$s2,lsr#16
862 strb $s1,[$rounds,#7]
862 mov $t3,$s2,lsr#8 863 mov $t3,$s2,lsr#8
863 strb $t1,[$rounds,#8] 864 strb $t1,[$rounds,#8]
864 strb $t2,[$rounds,#9] 865 strb $t2,[$rounds,#9]
865 strb $t3,[$rounds,#10]
866 strb $s2,[$rounds,#11]
867 mov $t1,$s3,lsr#24 866 mov $t1,$s3,lsr#24
867 strb $t3,[$rounds,#10]
868 mov $t2,$s3,lsr#16 868 mov $t2,$s3,lsr#16
869 strb $s2,[$rounds,#11]
869 mov $t3,$s3,lsr#8 870 mov $t3,$s3,lsr#8
870 strb $t1,[$rounds,#12] 871 strb $t1,[$rounds,#12]
871 strb $t2,[$rounds,#13] 872 strb $t2,[$rounds,#13]
@@ -882,146 +883,143 @@ AES_decrypt:
882.align 2 883.align 2
883_armv4_AES_decrypt: 884_armv4_AES_decrypt:
884 str lr,[sp,#-4]! @ push lr 885 str lr,[sp,#-4]! @ push lr
885 ldr $t1,[$key],#16 886 ldmia $key!,{$t1-$i1}
886 ldr $t2,[$key,#-12]
887 ldr $t3,[$key,#-8]
888 ldr $i1,[$key,#-4]
889 ldr $rounds,[$key,#240-16]
890 eor $s0,$s0,$t1 887 eor $s0,$s0,$t1
888 ldr $rounds,[$key,#240-16]
891 eor $s1,$s1,$t2 889 eor $s1,$s1,$t2
892 eor $s2,$s2,$t3 890 eor $s2,$s2,$t3
893 eor $s3,$s3,$i1 891 eor $s3,$s3,$i1
894 sub $rounds,$rounds,#1 892 sub $rounds,$rounds,#1
895 mov lr,#255 893 mov lr,#255
896 894
897.Ldec_loop:
898 and $i1,lr,$s0,lsr#16 895 and $i1,lr,$s0,lsr#16
899 and $i2,lr,$s0,lsr#8 896 and $i2,lr,$s0,lsr#8
900 and $i3,lr,$s0 897 and $i3,lr,$s0
901 mov $s0,$s0,lsr#24 898 mov $s0,$s0,lsr#24
899.Ldec_loop:
902 ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16] 900 ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
903 ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
904 ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
905 ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
906
907 and $i1,lr,$s1 @ i0 901 and $i1,lr,$s1 @ i0
902 ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8]
908 and $i2,lr,$s1,lsr#16 903 and $i2,lr,$s1,lsr#16
904 ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0]
909 and $i3,lr,$s1,lsr#8 905 and $i3,lr,$s1,lsr#8
906 ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24]
910 mov $s1,$s1,lsr#24 907 mov $s1,$s1,lsr#24
908
911 ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0] 909 ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
912 ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
913 ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16] 910 ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16]
914 ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8] 911 ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8]
915 eor $s0,$s0,$i1,ror#24 912 eor $s0,$s0,$i1,ror#24
916 eor $s1,$s1,$t1,ror#8 913 ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24]
917 eor $t2,$i2,$t2,ror#8
918 eor $t3,$i3,$t3,ror#8
919
920 and $i1,lr,$s2,lsr#8 @ i0 914 and $i1,lr,$s2,lsr#8 @ i0
915 eor $t2,$i2,$t2,ror#8
921 and $i2,lr,$s2 @ i1 916 and $i2,lr,$s2 @ i1
917 eor $t3,$i3,$t3,ror#8
922 and $i3,lr,$s2,lsr#16 918 and $i3,lr,$s2,lsr#16
923 mov $s2,$s2,lsr#24 919 eor $s1,$s1,$t1,ror#8
924 ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8] 920 ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
921 mov $s2,$s2,lsr#24
922
925 ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0] 923 ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0]
926 ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
927 ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16] 924 ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16]
928 eor $s0,$s0,$i1,ror#16 925 eor $s0,$s0,$i1,ror#16
929 eor $s1,$s1,$i2,ror#24 926 ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24]
930 eor $s2,$s2,$t2,ror#8
931 eor $t3,$i3,$t3,ror#8
932
933 and $i1,lr,$s3,lsr#16 @ i0 927 and $i1,lr,$s3,lsr#16 @ i0
928 eor $s1,$s1,$i2,ror#24
934 and $i2,lr,$s3,lsr#8 @ i1 929 and $i2,lr,$s3,lsr#8 @ i1
930 eor $t3,$i3,$t3,ror#8
935 and $i3,lr,$s3 @ i2 931 and $i3,lr,$s3 @ i2
936 mov $s3,$s3,lsr#24 932 eor $s2,$s2,$t2,ror#8
937 ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16] 933 ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
934 mov $s3,$s3,lsr#24
935
938 ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8] 936 ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8]
939 ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0] 937 ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0]
940 ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
941 eor $s0,$s0,$i1,ror#8 938 eor $s0,$s0,$i1,ror#8
939 ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24]
942 eor $s1,$s1,$i2,ror#16 940 eor $s1,$s1,$i2,ror#16
943 eor $s2,$s2,$i3,ror#24 941 eor $s2,$s2,$i3,ror#24
942 ldr $i1,[$key],#16
944 eor $s3,$s3,$t3,ror#8 943 eor $s3,$s3,$t3,ror#8
945 944
946 ldr $t1,[$key],#16 945 ldr $t1,[$key,#-12]
947 ldr $t2,[$key,#-12] 946 ldr $t2,[$key,#-8]
948 ldr $t3,[$key,#-8] 947 eor $s0,$s0,$i1
949 ldr $i1,[$key,#-4] 948 ldr $t3,[$key,#-4]
950 eor $s0,$s0,$t1 949 and $i1,lr,$s0,lsr#16
951 eor $s1,$s1,$t2 950 eor $s1,$s1,$t1
952 eor $s2,$s2,$t3 951 and $i2,lr,$s0,lsr#8
953 eor $s3,$s3,$i1 952 eor $s2,$s2,$t2
953 and $i3,lr,$s0
954 eor $s3,$s3,$t3
955 mov $s0,$s0,lsr#24
954 956
955 subs $rounds,$rounds,#1 957 subs $rounds,$rounds,#1
956 bne .Ldec_loop 958 bne .Ldec_loop
957 959
958 add $tbl,$tbl,#1024 960 add $tbl,$tbl,#1024
959 961
960 ldr $t1,[$tbl,#0] @ prefetch Td4 962 ldr $t2,[$tbl,#0] @ prefetch Td4
961 ldr $t2,[$tbl,#32] 963 ldr $t3,[$tbl,#32]
962 ldr $t3,[$tbl,#64] 964 ldr $t1,[$tbl,#64]
963 ldr $i1,[$tbl,#96] 965 ldr $t2,[$tbl,#96]
964 ldr $i2,[$tbl,#128] 966 ldr $t3,[$tbl,#128]
965 ldr $i3,[$tbl,#160] 967 ldr $t1,[$tbl,#160]
966 ldr $t1,[$tbl,#192] 968 ldr $t2,[$tbl,#192]
967 ldr $t2,[$tbl,#224] 969 ldr $t3,[$tbl,#224]
968 970
969 and $i1,lr,$s0,lsr#16 971 ldrb $s0,[$tbl,$s0] @ Td4[s0>>24]
970 and $i2,lr,$s0,lsr#8
971 and $i3,lr,$s0
972 ldrb $s0,[$tbl,$s0,lsr#24] @ Td4[s0>>24]
973 ldrb $t1,[$tbl,$i1] @ Td4[s0>>16] 972 ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
974 ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
975 ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
976
977 and $i1,lr,$s1 @ i0 973 and $i1,lr,$s1 @ i0
974 ldrb $t2,[$tbl,$i2] @ Td4[s0>>8]
978 and $i2,lr,$s1,lsr#16 975 and $i2,lr,$s1,lsr#16
976 ldrb $t3,[$tbl,$i3] @ Td4[s0>>0]
979 and $i3,lr,$s1,lsr#8 977 and $i3,lr,$s1,lsr#8
978
980 ldrb $i1,[$tbl,$i1] @ Td4[s1>>0] 979 ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
981 ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24] 980 ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24]
982 ldrb $i2,[$tbl,$i2] @ Td4[s1>>16] 981 ldrb $i2,[$tbl,$i2] @ Td4[s1>>16]
983 ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
984 eor $s0,$i1,$s0,lsl#24 982 eor $s0,$i1,$s0,lsl#24
983 ldrb $i3,[$tbl,$i3] @ Td4[s1>>8]
985 eor $s1,$t1,$s1,lsl#8 984 eor $s1,$t1,$s1,lsl#8
986 eor $t2,$t2,$i2,lsl#8
987 eor $t3,$t3,$i3,lsl#8
988
989 and $i1,lr,$s2,lsr#8 @ i0 985 and $i1,lr,$s2,lsr#8 @ i0
986 eor $t2,$t2,$i2,lsl#8
990 and $i2,lr,$s2 @ i1 987 and $i2,lr,$s2 @ i1
991 and $i3,lr,$s2,lsr#16 988 eor $t3,$t3,$i3,lsl#8
992 ldrb $i1,[$tbl,$i1] @ Td4[s2>>8] 989 ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
990 and $i3,lr,$s2,lsr#16
991
993 ldrb $i2,[$tbl,$i2] @ Td4[s2>>0] 992 ldrb $i2,[$tbl,$i2] @ Td4[s2>>0]
994 ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24] 993 ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24]
995 ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
996 eor $s0,$s0,$i1,lsl#8 994 eor $s0,$s0,$i1,lsl#8
995 ldrb $i3,[$tbl,$i3] @ Td4[s2>>16]
997 eor $s1,$i2,$s1,lsl#16 996 eor $s1,$i2,$s1,lsl#16
998 eor $s2,$t2,$s2,lsl#16
999 eor $t3,$t3,$i3,lsl#16
1000
1001 and $i1,lr,$s3,lsr#16 @ i0 997 and $i1,lr,$s3,lsr#16 @ i0
998 eor $s2,$t2,$s2,lsl#16
1002 and $i2,lr,$s3,lsr#8 @ i1 999 and $i2,lr,$s3,lsr#8 @ i1
1003 and $i3,lr,$s3 @ i2 1000 eor $t3,$t3,$i3,lsl#16
1004 ldrb $i1,[$tbl,$i1] @ Td4[s3>>16] 1001 ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
1002 and $i3,lr,$s3 @ i2
1003
1005 ldrb $i2,[$tbl,$i2] @ Td4[s3>>8] 1004 ldrb $i2,[$tbl,$i2] @ Td4[s3>>8]
1006 ldrb $i3,[$tbl,$i3] @ Td4[s3>>0] 1005 ldrb $i3,[$tbl,$i3] @ Td4[s3>>0]
1007 ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24] 1006 ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24]
1008 eor $s0,$s0,$i1,lsl#16 1007 eor $s0,$s0,$i1,lsl#16
1008 ldr $i1,[$key,#0]
1009 eor $s1,$s1,$i2,lsl#8 1009 eor $s1,$s1,$i2,lsl#8
1010 ldr $t1,[$key,#4]
1010 eor $s2,$i3,$s2,lsl#8 1011 eor $s2,$i3,$s2,lsl#8
1012 ldr $t2,[$key,#8]
1011 eor $s3,$t3,$s3,lsl#24 1013 eor $s3,$t3,$s3,lsl#24
1014 ldr $t3,[$key,#12]
1012 1015
1013 ldr lr,[sp],#4 @ pop lr 1016 eor $s0,$s0,$i1
1014 ldr $t1,[$key,#0] 1017 eor $s1,$s1,$t1
1015 ldr $t2,[$key,#4] 1018 eor $s2,$s2,$t2
1016 ldr $t3,[$key,#8] 1019 eor $s3,$s3,$t3
1017 ldr $i1,[$key,#12]
1018 eor $s0,$s0,$t1
1019 eor $s1,$s1,$t2
1020 eor $s2,$s2,$t3
1021 eor $s3,$s3,$i1
1022 1020
1023 sub $tbl,$tbl,#1024 1021 sub $tbl,$tbl,#1024
1024 mov pc,lr @ return 1022 ldr pc,[sp],#4 @ pop and return
1025.size _armv4_AES_decrypt,.-_armv4_AES_decrypt 1023.size _armv4_AES_decrypt,.-_armv4_AES_decrypt
1026.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>" 1024.asciz "AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
1027.align 2 1025.align 2
@@ -1029,3 +1027,4 @@ ___
1029 1027
1030$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 1028$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4
1031print $code; 1029print $code;
1030close STDOUT; # enforce flush
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 06:53:57 +0000