bg
/
avr-crypto-lib
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
avr-crypto-lib/aes_enc-asm.S

410 lines
5.2 KiB
ArmAsm
Raw Blame History

/* aes_enc-asm.S */
/*
This file is part of the Crypto-avr-lib/microcrypt-lib.
Copyright (C) 2008, 2009 Daniel Otte (daniel.otte@rub.de)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file aes_enc-asm.S
* \email daniel.otte@rub.de
* \author Daniel Otte
* \date 2009-01-10
* \license GPLv3 or later
*
*/
#include "avr-asm-macros.S"
/*
* param a: r24
* param b: r22
* param reducer: r0
*/
A = 28
B = 29
P = 0
xREDUCER = 25
gf256mul:
clr P
1:
lsr A
breq 4f
brcc 2f
eor P, B
2:
lsl B
brcc 3f
eor B, xREDUCER
3:
rjmp 1b
4:
brcc 5f
eor P, B
5:
ret
.global aes256_enc
aes256_enc:
ldi r20, 14
rjmp aes_encrypt_core
.global aes192_enc
aes192_enc:
ldi r20, 12
rjmp aes_encrypt_core
.global aes128_enc
aes128_enc:
ldi r20, 10
/*
void aes_encrypt_core(aes_cipher_state_t* state, const aes_genctx_t* ks, uint8_t rounds)
*/
T0= 2
T1= 3
T2= 4
T3= 5
SBOX_SAVE0 = 6
SBOX_SAVE1 = 7
ST00 = 8
ST01 = 9
ST02 = 10
ST03 = 11
ST10 = 12
ST11 = 13
ST12 = 14
ST13 = 15
ST20 = 16
ST21 = 17
ST22 = 18
ST23 = 19
ST30 = 20
ST31 = 21
ST32 = 22
ST33 = 23
CTR = 24
/*
* param state: r24:r25
* param ks: r22:r23
* param rounds: r20
*/
.global aes_encrypt_core
aes_encrypt_core:
push_range 2, 17
push r28
push r29
push r24
push r25
movw r26, r22
movw r30, r24
mov CTR, r20
clt
.irp param,ST00, ST01, ST02, ST03, ST10, ST11, ST12, ST13, ST20, ST21, ST22, ST23, ST30, ST31, ST32, ST33
ld \param, Z+
.endr
ldi xREDUCER, 0x1b /* load reducer */
ldi r31, hi8(aes_sbox)
/* key whitening */
1:
.irp param,ST00, ST01, ST02, ST03, ST10, ST11, ST12, ST13, ST20, ST21, ST22, ST23, ST30, ST31, ST32, ST33
ld r0, X+
eor \param, r0
.endr
brtc 2f
rjmp exit
2: dec CTR
brne 3f
set
3:
/* encryption loop */
/* SBOX substitution and shifting */
mov r30, ST00
lpm ST00, Z
mov r30, ST10
lpm ST10, Z
mov r30, ST20
lpm ST20, Z
mov r30, ST30
lpm ST30, Z
mov r30, ST01
lpm T0, Z
mov r30, ST11
lpm ST01, Z
mov r30, ST21
lpm ST11, Z
mov r30, ST31
lpm ST21, Z
mov ST31, T0
mov r30, ST02
lpm T0, Z
mov r30, ST12
lpm T1, Z
mov r30, ST22
lpm ST02, Z
mov r30, ST32
lpm ST12, Z
mov ST22, T0
mov ST32, T1
mov r30, ST03
lpm T0, Z
mov r30, ST13
lpm T1, Z
mov r30, ST23
lpm T2, Z
mov r30, ST33
lpm ST03, Z
mov ST13, T0
mov ST23, T1
mov ST33, T2
/* mixcols (or rows in our case) */
brtc 2f
rjmp 1b
2:
mov r1, ST00
eor r1, ST01
eor r1, ST02
eor r1, ST03
mov T0, ST00
eor T0, ST01
lsl T0
brcc 3f
eor T0, xREDUCER
3:
eor T0, r1
eor T0, ST00
mov T1, ST01
eor T1, ST02
lsl T1
brcc 3f
eor T1, xREDUCER
3:
eor T1, r1
eor T1, ST01
mov T2, ST02
eor T2, ST03
lsl T2
brcc 3f
eor T2, xREDUCER
3:
eor T2, r1
eor T2, ST02
mov T3, ST03
eor T3, ST00
lsl T3
brcc 3f
eor T3, xREDUCER
3:
eor T3, r1
eor T3, ST03
mov ST00, T0
mov ST01, T1
mov ST02, T2
mov ST03, T3
mov r1, ST10
eor r1, ST11
eor r1, ST12
eor r1, ST13
mov T0, ST10
eor T0, ST11
lsl T0
brcc 3f
eor T0, xREDUCER
3:
eor T0, r1
eor T0, ST10
mov T1, ST11
eor T1, ST12
lsl T1
brcc 3f
eor T1, xREDUCER
3:
eor T1, r1
eor T1, ST11
mov T2, ST12
eor T2, ST13
lsl T2
brcc 3f
eor T2, xREDUCER
3:
eor T2, r1
eor T2, ST12
mov T3, ST13
eor T3, ST10
lsl T3
brcc 3f
eor T3, xREDUCER
3:
eor T3, r1
eor T3, ST13
mov ST10, T0
mov ST11, T1
mov ST12, T2
mov ST13, T3
mov r1, ST20
eor r1, ST21
eor r1, ST22
eor r1, ST23
mov T0, ST20
eor T0, ST21
lsl T0
brcc 3f
eor T0, xREDUCER
3:
eor T0, r1
eor T0, ST20
mov T1, ST21
eor T1, ST22
lsl T1
brcc 3f
eor T1, xREDUCER
3:
eor T1, r1
eor T1, ST21
mov T2, ST22
eor T2, ST23
lsl T2
brcc 3f
eor T2, xREDUCER
3:
eor T2, r1
eor T2, ST22
mov T3, ST23
eor T3, ST20
lsl T3
brcc 3f
eor T3, xREDUCER
3:
eor T3, r1
eor T3, ST23
mov ST20, T0
mov ST21, T1
mov ST22, T2
mov ST23, T3
mov r1, ST30
eor r1, ST31
eor r1, ST32
eor r1, ST33
mov T0, ST30
eor T0, ST31
lsl T0
brcc 3f
eor T0, xREDUCER
3:
eor T0, r1
eor T0, ST30
mov T1, ST31
eor T1, ST32
lsl T1
brcc 3f
eor T1, xREDUCER
3:
eor T1, r1
eor T1, ST31
mov T2, ST32
eor T2, ST33
lsl T2
brcc 3f
eor T2, xREDUCER
3:
eor T2, r1
eor T2, ST32
mov T3, ST33
eor T3, ST30
lsl T3
brcc 3f
eor T3, xREDUCER
3:
eor T3, r1
eor T3, ST33
mov ST30, T0
mov ST31, T1
mov ST32, T2
mov ST33, T3
/* mix colums (rows) done */
/* add key*/
rjmp 1b
exit:
pop r31
pop r30
st Z+, ST00
st Z+, ST01
st Z+, ST02
st Z+, ST03
st Z+, ST10
st Z+, ST11
st Z+, ST12
st Z+, ST13
st Z+, ST20
st Z+, ST21
st Z+, ST22
st Z+, ST23
st Z+, ST30
st Z+, ST31
st Z+, ST32
st Z+, ST33
clr r1
pop r29
pop r28
pop_range 2, 17
ret
Reference in New Issue View Git Blame Copy Permalink