| blob | c4d70657e643a99400e8ee9c5dde24f4a6c2c637 |
1 #if defined(__arm__)
3 @ ====================================================================
4 @ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
5 @ project. The module is, however, dual licensed under OpenSSL and
6 @ CRYPTOGAMS licenses depending on where you obtain it. For further
7 @ details see http://www.openssl.org/~appro/cryptogams/.
8 @ ====================================================================
10 @ AES for ARMv4
12 @ January 2007.
13 @
14 @ Code uses single 1K S-box and is >2 times faster than code generated
15 @ by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
16 @ allows to merge logical or arithmetic operation with shift or rotate
17 @ in one instruction and emit combined result every cycle. The module
18 @ is endian-neutral. The performance is ~42 cycles/byte for 128-bit
19 @ key [on single-issue Xscale PXA250 core].
21 @ May 2007.
22 @
23 @ AES_set_[en|de]crypt_key is added.
25 @ July 2010.
26 @
27 @ Rescheduling for dual-issue pipeline resulted in 12% improvement on
28 @ Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
30 @ February 2011.
31 @
32 @ Profiler-assisted and platform-specific optimization resulted in 16%
33 @ improvement on Cortex A8 core and ~21.5 cycles per byte.
35 #if defined(__arm__)
36 #ifndef __KERNEL__
37 # include <openssl/arm_arch.h>
38 #else
39 # define __ARM_ARCH__ __LINUX_ARM_ARCH__
40 #endif
42 .text
43 #if __ARM_ARCH__<7
44 .code 32
45 #else
46 .syntax unified
47 # if defined(__thumb2__) && !defined(__APPLE__)
48 .thumb
49 # else
50 .code 32
51 # endif
52 #endif
54 .type AES_Te,%object
55 .align 5
56 AES_Te:
57 .word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
58 .word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
59 .word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
60 .word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
61 .word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
62 .word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
63 .word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
64 .word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
65 .word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
66 .word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
67 .word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
68 .word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
69 .word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
70 .word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
71 .word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
72 .word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
73 .word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
74 .word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
75 .word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
76 .word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
77 .word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
78 .word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
79 .word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
80 .word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
81 .word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
82 .word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
83 .word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
84 .word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
85 .word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
86 .word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
87 .word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
88 .word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
89 .word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
90 .word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
91 .word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
92 .word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
93 .word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
94 .word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
95 .word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
96 .word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
97 .word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
98 .word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
99 .word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
100 .word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
101 .word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
102 .word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
103 .word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
104 .word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
105 .word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
106 .word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
107 .word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
108 .word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
109 .word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
110 .word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
111 .word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
112 .word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
113 .word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
114 .word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
115 .word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
116 .word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
117 .word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
118 .word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
119 .word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
120 .word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
121 @ Te4[256]
122 .byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
123 .byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
124 .byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
125 .byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
126 .byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
127 .byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
128 .byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
129 .byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
130 .byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
131 .byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
132 .byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
133 .byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
134 .byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
135 .byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
136 .byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
137 .byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
138 .byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
139 .byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
140 .byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
141 .byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
142 .byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
143 .byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
144 .byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
145 .byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
146 .byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
147 .byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
148 .byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
149 .byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
150 .byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
151 .byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
152 .byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
153 .byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
154 @ rcon[]
155 .word 0x01000000, 0x02000000, 0x04000000, 0x08000000
156 .word 0x10000000, 0x20000000, 0x40000000, 0x80000000
157 .word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
158 .size AES_Te,.-AES_Te
160 @ void asm_AES_encrypt(const unsigned char *in, unsigned char *out,
161 @ const AES_KEY *key) {
162 .globl asm_AES_encrypt
163 .hidden asm_AES_encrypt
164 .type asm_AES_encrypt,%function
165 .align 5
166 asm_AES_encrypt:
167 #if __ARM_ARCH__<7
168 sub r3,pc,#8 @ asm_AES_encrypt
169 #else
170 adr r3,asm_AES_encrypt
171 #endif
172 stmdb sp!,{r1,r4-r12,lr}
173 #ifdef __APPLE__
174 adr r10,AES_Te
175 #else
176 sub r10,r3,#asm_AES_encrypt-AES_Te @ Te
177 #endif
178 mov r12,r0 @ inp
179 mov r11,r2
180 #if __ARM_ARCH__<7
181 ldrb r0,[r12,#3] @ load input data in endian-neutral
182 ldrb r4,[r12,#2] @ manner...
183 ldrb r5,[r12,#1]
184 ldrb r6,[r12,#0]
185 orr r0,r0,r4,lsl#8
186 ldrb r1,[r12,#7]
187 orr r0,r0,r5,lsl#16
188 ldrb r4,[r12,#6]
189 orr r0,r0,r6,lsl#24
190 ldrb r5,[r12,#5]
191 ldrb r6,[r12,#4]
192 orr r1,r1,r4,lsl#8
193 ldrb r2,[r12,#11]
194 orr r1,r1,r5,lsl#16
195 ldrb r4,[r12,#10]
196 orr r1,r1,r6,lsl#24
197 ldrb r5,[r12,#9]
198 ldrb r6,[r12,#8]
199 orr r2,r2,r4,lsl#8
200 ldrb r3,[r12,#15]
201 orr r2,r2,r5,lsl#16
202 ldrb r4,[r12,#14]
203 orr r2,r2,r6,lsl#24
204 ldrb r5,[r12,#13]
205 ldrb r6,[r12,#12]
206 orr r3,r3,r4,lsl#8
207 orr r3,r3,r5,lsl#16
208 orr r3,r3,r6,lsl#24
209 #else
210 ldr r0,[r12,#0]
211 ldr r1,[r12,#4]
212 ldr r2,[r12,#8]
213 ldr r3,[r12,#12]
214 #ifdef __ARMEL__
215 rev r0,r0
216 rev r1,r1
217 rev r2,r2
218 rev r3,r3
219 #endif
220 #endif
221 bl _armv4_AES_encrypt
223 ldr r12,[sp],#4 @ pop out
224 #if __ARM_ARCH__>=7
225 #ifdef __ARMEL__
226 rev r0,r0
227 rev r1,r1
228 rev r2,r2
229 rev r3,r3
230 #endif
231 str r0,[r12,#0]
232 str r1,[r12,#4]
233 str r2,[r12,#8]
234 str r3,[r12,#12]
235 #else
236 mov r4,r0,lsr#24 @ write output in endian-neutral
237 mov r5,r0,lsr#16 @ manner...
238 mov r6,r0,lsr#8
239 strb r4,[r12,#0]
240 strb r5,[r12,#1]
241 mov r4,r1,lsr#24
242 strb r6,[r12,#2]
243 mov r5,r1,lsr#16
244 strb r0,[r12,#3]
245 mov r6,r1,lsr#8
246 strb r4,[r12,#4]
247 strb r5,[r12,#5]
248 mov r4,r2,lsr#24
249 strb r6,[r12,#6]
250 mov r5,r2,lsr#16
251 strb r1,[r12,#7]
252 mov r6,r2,lsr#8
253 strb r4,[r12,#8]
254 strb r5,[r12,#9]
255 mov r4,r3,lsr#24
256 strb r6,[r12,#10]
257 mov r5,r3,lsr#16
258 strb r2,[r12,#11]
259 mov r6,r3,lsr#8
260 strb r4,[r12,#12]
261 strb r5,[r12,#13]
262 strb r6,[r12,#14]
263 strb r3,[r12,#15]
264 #endif
265 #if __ARM_ARCH__>=5
266 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
267 #else
268 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
269 tst lr,#1
270 moveq pc,lr @ be binary compatible with V4, yet
271 .word 0xe12fff1e @ interoperable with Thumb ISA:-)
272 #endif
273 .size asm_AES_encrypt,.-asm_AES_encrypt
275 .type _armv4_AES_encrypt,%function
276 .align 2
277 _armv4_AES_encrypt:
278 str lr,[sp,#-4]! @ push lr
279 ldmia r11!,{r4,r5,r6,r7}
280 eor r0,r0,r4
281 ldr r12,[r11,#240-16]
282 eor r1,r1,r5
283 eor r2,r2,r6
284 eor r3,r3,r7
285 sub r12,r12,#1
286 mov lr,#255
288 and r7,lr,r0
289 and r8,lr,r0,lsr#8
290 and r9,lr,r0,lsr#16
291 mov r0,r0,lsr#24
292 .Lenc_loop:
293 ldr r4,[r10,r7,lsl#2] @ Te3[s0>>0]
294 and r7,lr,r1,lsr#16 @ i0
295 ldr r5,[r10,r8,lsl#2] @ Te2[s0>>8]
296 and r8,lr,r1
297 ldr r6,[r10,r9,lsl#2] @ Te1[s0>>16]
298 and r9,lr,r1,lsr#8
299 ldr r0,[r10,r0,lsl#2] @ Te0[s0>>24]
300 mov r1,r1,lsr#24
302 ldr r7,[r10,r7,lsl#2] @ Te1[s1>>16]
303 ldr r8,[r10,r8,lsl#2] @ Te3[s1>>0]
304 ldr r9,[r10,r9,lsl#2] @ Te2[s1>>8]
305 eor r0,r0,r7,ror#8
306 ldr r1,[r10,r1,lsl#2] @ Te0[s1>>24]
307 and r7,lr,r2,lsr#8 @ i0
308 eor r5,r5,r8,ror#8
309 and r8,lr,r2,lsr#16 @ i1
310 eor r6,r6,r9,ror#8
311 and r9,lr,r2
312 ldr r7,[r10,r7,lsl#2] @ Te2[s2>>8]
313 eor r1,r1,r4,ror#24
314 ldr r8,[r10,r8,lsl#2] @ Te1[s2>>16]
315 mov r2,r2,lsr#24
317 ldr r9,[r10,r9,lsl#2] @ Te3[s2>>0]
318 eor r0,r0,r7,ror#16
319 ldr r2,[r10,r2,lsl#2] @ Te0[s2>>24]
320 and r7,lr,r3 @ i0
321 eor r1,r1,r8,ror#8
322 and r8,lr,r3,lsr#8 @ i1
323 eor r6,r6,r9,ror#16
324 and r9,lr,r3,lsr#16 @ i2
325 ldr r7,[r10,r7,lsl#2] @ Te3[s3>>0]
326 eor r2,r2,r5,ror#16
327 ldr r8,[r10,r8,lsl#2] @ Te2[s3>>8]
328 mov r3,r3,lsr#24
330 ldr r9,[r10,r9,lsl#2] @ Te1[s3>>16]
331 eor r0,r0,r7,ror#24
332 ldr r7,[r11],#16
333 eor r1,r1,r8,ror#16
334 ldr r3,[r10,r3,lsl#2] @ Te0[s3>>24]
335 eor r2,r2,r9,ror#8
336 ldr r4,[r11,#-12]
337 eor r3,r3,r6,ror#8
339 ldr r5,[r11,#-8]
340 eor r0,r0,r7
341 ldr r6,[r11,#-4]
342 and r7,lr,r0
343 eor r1,r1,r4
344 and r8,lr,r0,lsr#8
345 eor r2,r2,r5
346 and r9,lr,r0,lsr#16
347 eor r3,r3,r6
348 mov r0,r0,lsr#24
350 subs r12,r12,#1
351 bne .Lenc_loop
353 add r10,r10,#2
355 ldrb r4,[r10,r7,lsl#2] @ Te4[s0>>0]
356 and r7,lr,r1,lsr#16 @ i0
357 ldrb r5,[r10,r8,lsl#2] @ Te4[s0>>8]
358 and r8,lr,r1
359 ldrb r6,[r10,r9,lsl#2] @ Te4[s0>>16]
360 and r9,lr,r1,lsr#8
361 ldrb r0,[r10,r0,lsl#2] @ Te4[s0>>24]
362 mov r1,r1,lsr#24
364 ldrb r7,[r10,r7,lsl#2] @ Te4[s1>>16]
365 ldrb r8,[r10,r8,lsl#2] @ Te4[s1>>0]
366 ldrb r9,[r10,r9,lsl#2] @ Te4[s1>>8]
367 eor r0,r7,r0,lsl#8
368 ldrb r1,[r10,r1,lsl#2] @ Te4[s1>>24]
369 and r7,lr,r2,lsr#8 @ i0
370 eor r5,r8,r5,lsl#8
371 and r8,lr,r2,lsr#16 @ i1
372 eor r6,r9,r6,lsl#8
373 and r9,lr,r2
374 ldrb r7,[r10,r7,lsl#2] @ Te4[s2>>8]
375 eor r1,r4,r1,lsl#24
376 ldrb r8,[r10,r8,lsl#2] @ Te4[s2>>16]
377 mov r2,r2,lsr#24
379 ldrb r9,[r10,r9,lsl#2] @ Te4[s2>>0]
380 eor r0,r7,r0,lsl#8
381 ldrb r2,[r10,r2,lsl#2] @ Te4[s2>>24]
382 and r7,lr,r3 @ i0
383 eor r1,r1,r8,lsl#16
384 and r8,lr,r3,lsr#8 @ i1
385 eor r6,r9,r6,lsl#8
386 and r9,lr,r3,lsr#16 @ i2
387 ldrb r7,[r10,r7,lsl#2] @ Te4[s3>>0]
388 eor r2,r5,r2,lsl#24
389 ldrb r8,[r10,r8,lsl#2] @ Te4[s3>>8]
390 mov r3,r3,lsr#24
392 ldrb r9,[r10,r9,lsl#2] @ Te4[s3>>16]
393 eor r0,r7,r0,lsl#8
394 ldr r7,[r11,#0]
395 ldrb r3,[r10,r3,lsl#2] @ Te4[s3>>24]
396 eor r1,r1,r8,lsl#8
397 ldr r4,[r11,#4]
398 eor r2,r2,r9,lsl#16
399 ldr r5,[r11,#8]
400 eor r3,r6,r3,lsl#24
401 ldr r6,[r11,#12]
403 eor r0,r0,r7
404 eor r1,r1,r4
405 eor r2,r2,r5
406 eor r3,r3,r6
408 sub r10,r10,#2
409 ldr pc,[sp],#4 @ pop and return
410 .size _armv4_AES_encrypt,.-_armv4_AES_encrypt
412 .globl asm_AES_set_encrypt_key
413 .hidden asm_AES_set_encrypt_key
414 .type asm_AES_set_encrypt_key,%function
415 .align 5
416 asm_AES_set_encrypt_key:
417 _armv4_AES_set_encrypt_key:
418 #if __ARM_ARCH__<7
419 sub r3,pc,#8 @ asm_AES_set_encrypt_key
420 #else
421 adr r3,asm_AES_set_encrypt_key
422 #endif
423 teq r0,#0
424 #if __ARM_ARCH__>=7
425 itt eq @ Thumb2 thing, sanity check in ARM
426 #endif
427 moveq r0,#-1
428 beq .Labrt
429 teq r2,#0
430 #if __ARM_ARCH__>=7
431 itt eq @ Thumb2 thing, sanity check in ARM
432 #endif
433 moveq r0,#-1
434 beq .Labrt
436 teq r1,#128
437 beq .Lok
438 teq r1,#192
439 beq .Lok
440 teq r1,#256
441 #if __ARM_ARCH__>=7
442 itt ne @ Thumb2 thing, sanity check in ARM
443 #endif
444 movne r0,#-1
445 bne .Labrt
447 .Lok: stmdb sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
448 mov r12,r0 @ inp
449 mov lr,r1 @ bits
450 mov r11,r2 @ key
452 #ifdef __APPLE__
453 adr r10,AES_Te+1024 @ Te4
454 #else
455 sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
456 #endif
458 #if __ARM_ARCH__<7
459 ldrb r0,[r12,#3] @ load input data in endian-neutral
460 ldrb r4,[r12,#2] @ manner...
461 ldrb r5,[r12,#1]
462 ldrb r6,[r12,#0]
463 orr r0,r0,r4,lsl#8
464 ldrb r1,[r12,#7]
465 orr r0,r0,r5,lsl#16
466 ldrb r4,[r12,#6]
467 orr r0,r0,r6,lsl#24
468 ldrb r5,[r12,#5]
469 ldrb r6,[r12,#4]
470 orr r1,r1,r4,lsl#8
471 ldrb r2,[r12,#11]
472 orr r1,r1,r5,lsl#16
473 ldrb r4,[r12,#10]
474 orr r1,r1,r6,lsl#24
475 ldrb r5,[r12,#9]
476 ldrb r6,[r12,#8]
477 orr r2,r2,r4,lsl#8
478 ldrb r3,[r12,#15]
479 orr r2,r2,r5,lsl#16
480 ldrb r4,[r12,#14]
481 orr r2,r2,r6,lsl#24
482 ldrb r5,[r12,#13]
483 ldrb r6,[r12,#12]
484 orr r3,r3,r4,lsl#8
485 str r0,[r11],#16
486 orr r3,r3,r5,lsl#16
487 str r1,[r11,#-12]
488 orr r3,r3,r6,lsl#24
489 str r2,[r11,#-8]
490 str r3,[r11,#-4]
491 #else
492 ldr r0,[r12,#0]
493 ldr r1,[r12,#4]
494 ldr r2,[r12,#8]
495 ldr r3,[r12,#12]
496 #ifdef __ARMEL__
497 rev r0,r0
498 rev r1,r1
499 rev r2,r2
500 rev r3,r3
501 #endif
502 str r0,[r11],#16
503 str r1,[r11,#-12]
504 str r2,[r11,#-8]
505 str r3,[r11,#-4]
506 #endif
508 teq lr,#128
509 bne .Lnot128
510 mov r12,#10
511 str r12,[r11,#240-16]
512 add r6,r10,#256 @ rcon
513 mov lr,#255
515 .L128_loop:
516 and r5,lr,r3,lsr#24
517 and r7,lr,r3,lsr#16
518 ldrb r5,[r10,r5]
519 and r8,lr,r3,lsr#8
520 ldrb r7,[r10,r7]
521 and r9,lr,r3
522 ldrb r8,[r10,r8]
523 orr r5,r5,r7,lsl#24
524 ldrb r9,[r10,r9]
525 orr r5,r5,r8,lsl#16
526 ldr r4,[r6],#4 @ rcon[i++]
527 orr r5,r5,r9,lsl#8
528 eor r5,r5,r4
529 eor r0,r0,r5 @ rk[4]=rk[0]^...
530 eor r1,r1,r0 @ rk[5]=rk[1]^rk[4]
531 str r0,[r11],#16
532 eor r2,r2,r1 @ rk[6]=rk[2]^rk[5]
533 str r1,[r11,#-12]
534 eor r3,r3,r2 @ rk[7]=rk[3]^rk[6]
535 str r2,[r11,#-8]
536 subs r12,r12,#1
537 str r3,[r11,#-4]
538 bne .L128_loop
539 sub r2,r11,#176
540 b .Ldone
542 .Lnot128:
543 #if __ARM_ARCH__<7
544 ldrb r8,[r12,#19]
545 ldrb r4,[r12,#18]
546 ldrb r5,[r12,#17]
547 ldrb r6,[r12,#16]
548 orr r8,r8,r4,lsl#8
549 ldrb r9,[r12,#23]
550 orr r8,r8,r5,lsl#16
551 ldrb r4,[r12,#22]
552 orr r8,r8,r6,lsl#24
553 ldrb r5,[r12,#21]
554 ldrb r6,[r12,#20]
555 orr r9,r9,r4,lsl#8
556 orr r9,r9,r5,lsl#16
557 str r8,[r11],#8
558 orr r9,r9,r6,lsl#24
559 str r9,[r11,#-4]
560 #else
561 ldr r8,[r12,#16]
562 ldr r9,[r12,#20]
563 #ifdef __ARMEL__
564 rev r8,r8
565 rev r9,r9
566 #endif
567 str r8,[r11],#8
568 str r9,[r11,#-4]
569 #endif
571 teq lr,#192
572 bne .Lnot192
573 mov r12,#12
574 str r12,[r11,#240-24]
575 add r6,r10,#256 @ rcon
576 mov lr,#255
577 mov r12,#8
579 .L192_loop:
580 and r5,lr,r9,lsr#24
581 and r7,lr,r9,lsr#16
582 ldrb r5,[r10,r5]
583 and r8,lr,r9,lsr#8
584 ldrb r7,[r10,r7]
585 and r9,lr,r9
586 ldrb r8,[r10,r8]
587 orr r5,r5,r7,lsl#24
588 ldrb r9,[r10,r9]
589 orr r5,r5,r8,lsl#16
590 ldr r4,[r6],#4 @ rcon[i++]
591 orr r5,r5,r9,lsl#8
592 eor r9,r5,r4
593 eor r0,r0,r9 @ rk[6]=rk[0]^...
594 eor r1,r1,r0 @ rk[7]=rk[1]^rk[6]
595 str r0,[r11],#24
596 eor r2,r2,r1 @ rk[8]=rk[2]^rk[7]
597 str r1,[r11,#-20]
598 eor r3,r3,r2 @ rk[9]=rk[3]^rk[8]
599 str r2,[r11,#-16]
600 subs r12,r12,#1
601 str r3,[r11,#-12]
602 #if __ARM_ARCH__>=7
603 itt eq @ Thumb2 thing, sanity check in ARM
604 #endif
605 subeq r2,r11,#216
606 beq .Ldone
608 ldr r7,[r11,#-32]
609 ldr r8,[r11,#-28]
610 eor r7,r7,r3 @ rk[10]=rk[4]^rk[9]
611 eor r9,r8,r7 @ rk[11]=rk[5]^rk[10]
612 str r7,[r11,#-8]
613 str r9,[r11,#-4]
614 b .L192_loop
616 .Lnot192:
617 #if __ARM_ARCH__<7
618 ldrb r8,[r12,#27]
619 ldrb r4,[r12,#26]
620 ldrb r5,[r12,#25]
621 ldrb r6,[r12,#24]
622 orr r8,r8,r4,lsl#8
623 ldrb r9,[r12,#31]
624 orr r8,r8,r5,lsl#16
625 ldrb r4,[r12,#30]
626 orr r8,r8,r6,lsl#24
627 ldrb r5,[r12,#29]
628 ldrb r6,[r12,#28]
629 orr r9,r9,r4,lsl#8
630 orr r9,r9,r5,lsl#16
631 str r8,[r11],#8
632 orr r9,r9,r6,lsl#24
633 str r9,[r11,#-4]
634 #else
635 ldr r8,[r12,#24]
636 ldr r9,[r12,#28]
637 #ifdef __ARMEL__
638 rev r8,r8
639 rev r9,r9
640 #endif
641 str r8,[r11],#8
642 str r9,[r11,#-4]
643 #endif
645 mov r12,#14
646 str r12,[r11,#240-32]
647 add r6,r10,#256 @ rcon
648 mov lr,#255
649 mov r12,#7
651 .L256_loop:
652 and r5,lr,r9,lsr#24
653 and r7,lr,r9,lsr#16
654 ldrb r5,[r10,r5]
655 and r8,lr,r9,lsr#8
656 ldrb r7,[r10,r7]
657 and r9,lr,r9
658 ldrb r8,[r10,r8]
659 orr r5,r5,r7,lsl#24
660 ldrb r9,[r10,r9]
661 orr r5,r5,r8,lsl#16
662 ldr r4,[r6],#4 @ rcon[i++]
663 orr r5,r5,r9,lsl#8
664 eor r9,r5,r4
665 eor r0,r0,r9 @ rk[8]=rk[0]^...
666 eor r1,r1,r0 @ rk[9]=rk[1]^rk[8]
667 str r0,[r11],#32
668 eor r2,r2,r1 @ rk[10]=rk[2]^rk[9]
669 str r1,[r11,#-28]
670 eor r3,r3,r2 @ rk[11]=rk[3]^rk[10]
671 str r2,[r11,#-24]
672 subs r12,r12,#1
673 str r3,[r11,#-20]
674 #if __ARM_ARCH__>=7
675 itt eq @ Thumb2 thing, sanity check in ARM
676 #endif
677 subeq r2,r11,#256
678 beq .Ldone
680 and r5,lr,r3
681 and r7,lr,r3,lsr#8
682 ldrb r5,[r10,r5]
683 and r8,lr,r3,lsr#16
684 ldrb r7,[r10,r7]
685 and r9,lr,r3,lsr#24
686 ldrb r8,[r10,r8]
687 orr r5,r5,r7,lsl#8
688 ldrb r9,[r10,r9]
689 orr r5,r5,r8,lsl#16
690 ldr r4,[r11,#-48]
691 orr r5,r5,r9,lsl#24
693 ldr r7,[r11,#-44]
694 ldr r8,[r11,#-40]
695 eor r4,r4,r5 @ rk[12]=rk[4]^...
696 ldr r9,[r11,#-36]
697 eor r7,r7,r4 @ rk[13]=rk[5]^rk[12]
698 str r4,[r11,#-16]
699 eor r8,r8,r7 @ rk[14]=rk[6]^rk[13]
700 str r7,[r11,#-12]
701 eor r9,r9,r8 @ rk[15]=rk[7]^rk[14]
702 str r8,[r11,#-8]
703 str r9,[r11,#-4]
704 b .L256_loop
706 .align 2
707 .Ldone: mov r0,#0
708 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
709 .Labrt:
710 #if __ARM_ARCH__>=5
711 bx lr @ .word 0xe12fff1e
712 #else
713 tst lr,#1
714 moveq pc,lr @ be binary compatible with V4, yet
715 .word 0xe12fff1e @ interoperable with Thumb ISA:-)
716 #endif
717 .size asm_AES_set_encrypt_key,.-asm_AES_set_encrypt_key
719 .globl asm_AES_set_decrypt_key
720 .hidden asm_AES_set_decrypt_key
721 .type asm_AES_set_decrypt_key,%function
722 .align 5
723 asm_AES_set_decrypt_key:
724 str lr,[sp,#-4]! @ push lr
725 bl _armv4_AES_set_encrypt_key
726 teq r0,#0
727 ldr lr,[sp],#4 @ pop lr
728 bne .Labrt
730 mov r0,r2 @ asm_AES_set_encrypt_key preserves r2,
731 mov r1,r2 @ which is AES_KEY *key
732 b _armv4_AES_set_enc2dec_key
733 .size asm_AES_set_decrypt_key,.-asm_AES_set_decrypt_key
735 @ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out)
736 .globl AES_set_enc2dec_key
737 .hidden AES_set_enc2dec_key
738 .type AES_set_enc2dec_key,%function
739 .align 5
740 AES_set_enc2dec_key:
741 _armv4_AES_set_enc2dec_key:
742 stmdb sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
744 ldr r12,[r0,#240]
745 mov r7,r0 @ input
746 add r8,r0,r12,lsl#4
747 mov r11,r1 @ ouput
748 add r10,r1,r12,lsl#4
749 str r12,[r1,#240]
751 .Linv: ldr r0,[r7],#16
752 ldr r1,[r7,#-12]
753 ldr r2,[r7,#-8]
754 ldr r3,[r7,#-4]
755 ldr r4,[r8],#-16
756 ldr r5,[r8,#16+4]
757 ldr r6,[r8,#16+8]
758 ldr r9,[r8,#16+12]
759 str r0,[r10],#-16
760 str r1,[r10,#16+4]
761 str r2,[r10,#16+8]
762 str r3,[r10,#16+12]
763 str r4,[r11],#16
764 str r5,[r11,#-12]
765 str r6,[r11,#-8]
766 str r9,[r11,#-4]
767 teq r7,r8
768 bne .Linv
770 ldr r0,[r7]
771 ldr r1,[r7,#4]
772 ldr r2,[r7,#8]
773 ldr r3,[r7,#12]
774 str r0,[r11]
775 str r1,[r11,#4]
776 str r2,[r11,#8]
777 str r3,[r11,#12]
778 sub r11,r11,r12,lsl#3
779 ldr r0,[r11,#16]! @ prefetch tp1
780 mov r7,#0x80
781 mov r8,#0x1b
782 orr r7,r7,#0x8000
783 orr r8,r8,#0x1b00
784 orr r7,r7,r7,lsl#16
785 orr r8,r8,r8,lsl#16
786 sub r12,r12,#1
787 mvn r9,r7
788 mov r12,r12,lsl#2 @ (rounds-1)*4
790 .Lmix: and r4,r0,r7
791 and r1,r0,r9
792 sub r4,r4,r4,lsr#7
793 and r4,r4,r8
794 eor r1,r4,r1,lsl#1 @ tp2
796 and r4,r1,r7
797 and r2,r1,r9
798 sub r4,r4,r4,lsr#7
799 and r4,r4,r8
800 eor r2,r4,r2,lsl#1 @ tp4
802 and r4,r2,r7
803 and r3,r2,r9
804 sub r4,r4,r4,lsr#7
805 and r4,r4,r8
806 eor r3,r4,r3,lsl#1 @ tp8
808 eor r4,r1,r2
809 eor r5,r0,r3 @ tp9
810 eor r4,r4,r3 @ tpe
811 eor r4,r4,r1,ror#24
812 eor r4,r4,r5,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8)
813 eor r4,r4,r2,ror#16
814 eor r4,r4,r5,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16)
815 eor r4,r4,r5,ror#8 @ ^= ROTATE(tp9,24)
817 ldr r0,[r11,#4] @ prefetch tp1
818 str r4,[r11],#4
819 subs r12,r12,#1
820 bne .Lmix
822 mov r0,#0
823 #if __ARM_ARCH__>=5
824 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
825 #else
826 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
827 tst lr,#1
828 moveq pc,lr @ be binary compatible with V4, yet
829 .word 0xe12fff1e @ interoperable with Thumb ISA:-)
830 #endif
831 .size AES_set_enc2dec_key,.-AES_set_enc2dec_key
833 .type AES_Td,%object
834 .align 5
835 AES_Td:
836 .word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
837 .word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
838 .word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
839 .word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
840 .word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
841 .word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
842 .word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
843 .word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
844 .word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
845 .word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
846 .word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
847 .word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
848 .word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
849 .word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
850 .word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
851 .word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
852 .word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
853 .word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
854 .word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
855 .word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
856 .word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
857 .word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
858 .word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
859 .word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
860 .word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
861 .word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
862 .word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
863 .word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
864 .word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
865 .word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
866 .word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
867 .word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
868 .word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
869 .word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
870 .word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
871 .word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
872 .word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
873 .word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
874 .word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
875 .word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
876 .word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
877 .word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
878 .word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
879 .word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
880 .word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
881 .word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
882 .word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
883 .word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
884 .word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
885 .word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
886 .word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
887 .word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
888 .word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
889 .word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
890 .word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
891 .word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
892 .word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
893 .word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
894 .word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
895 .word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
896 .word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
897 .word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
898 .word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
899 .word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
900 @ Td4[256]
901 .byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
902 .byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
903 .byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
904 .byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
905 .byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
906 .byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
907 .byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
908 .byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
909 .byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
910 .byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
911 .byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
912 .byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
913 .byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
914 .byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
915 .byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
916 .byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
917 .byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
918 .byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
919 .byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
920 .byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
921 .byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
922 .byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
923 .byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
924 .byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
925 .byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
926 .byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
927 .byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
928 .byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
929 .byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
930 .byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
931 .byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
932 .byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
933 .size AES_Td,.-AES_Td
935 @ void asm_AES_decrypt(const unsigned char *in, unsigned char *out,
936 @ const AES_KEY *key) {
937 .globl asm_AES_decrypt
938 .hidden asm_AES_decrypt
939 .type asm_AES_decrypt,%function
940 .align 5
941 asm_AES_decrypt:
942 #if __ARM_ARCH__<7
943 sub r3,pc,#8 @ asm_AES_decrypt
944 #else
945 adr r3,asm_AES_decrypt
946 #endif
947 stmdb sp!,{r1,r4-r12,lr}
948 #ifdef __APPLE__
949 adr r10,AES_Td
950 #else
951 sub r10,r3,#asm_AES_decrypt-AES_Td @ Td
952 #endif
953 mov r12,r0 @ inp
954 mov r11,r2
955 #if __ARM_ARCH__<7
956 ldrb r0,[r12,#3] @ load input data in endian-neutral
957 ldrb r4,[r12,#2] @ manner...
958 ldrb r5,[r12,#1]
959 ldrb r6,[r12,#0]
960 orr r0,r0,r4,lsl#8
961 ldrb r1,[r12,#7]
962 orr r0,r0,r5,lsl#16
963 ldrb r4,[r12,#6]
964 orr r0,r0,r6,lsl#24
965 ldrb r5,[r12,#5]
966 ldrb r6,[r12,#4]
967 orr r1,r1,r4,lsl#8
968 ldrb r2,[r12,#11]
969 orr r1,r1,r5,lsl#16
970 ldrb r4,[r12,#10]
971 orr r1,r1,r6,lsl#24
972 ldrb r5,[r12,#9]
973 ldrb r6,[r12,#8]
974 orr r2,r2,r4,lsl#8
975 ldrb r3,[r12,#15]
976 orr r2,r2,r5,lsl#16
977 ldrb r4,[r12,#14]
978 orr r2,r2,r6,lsl#24
979 ldrb r5,[r12,#13]
980 ldrb r6,[r12,#12]
981 orr r3,r3,r4,lsl#8
982 orr r3,r3,r5,lsl#16
983 orr r3,r3,r6,lsl#24
984 #else
985 ldr r0,[r12,#0]
986 ldr r1,[r12,#4]
987 ldr r2,[r12,#8]
988 ldr r3,[r12,#12]
989 #ifdef __ARMEL__
990 rev r0,r0
991 rev r1,r1
992 rev r2,r2
993 rev r3,r3
994 #endif
995 #endif
996 bl _armv4_AES_decrypt
998 ldr r12,[sp],#4 @ pop out
999 #if __ARM_ARCH__>=7
1000 #ifdef __ARMEL__
1001 rev r0,r0
1002 rev r1,r1
1003 rev r2,r2
1004 rev r3,r3
1005 #endif
1006 str r0,[r12,#0]
1007 str r1,[r12,#4]
1008 str r2,[r12,#8]
1009 str r3,[r12,#12]
1010 #else
1011 mov r4,r0,lsr#24 @ write output in endian-neutral
1012 mov r5,r0,lsr#16 @ manner...
1013 mov r6,r0,lsr#8
1014 strb r4,[r12,#0]
1015 strb r5,[r12,#1]
1016 mov r4,r1,lsr#24
1017 strb r6,[r12,#2]
1018 mov r5,r1,lsr#16
1019 strb r0,[r12,#3]
1020 mov r6,r1,lsr#8
1021 strb r4,[r12,#4]
1022 strb r5,[r12,#5]
1023 mov r4,r2,lsr#24
1024 strb r6,[r12,#6]
1025 mov r5,r2,lsr#16
1026 strb r1,[r12,#7]
1027 mov r6,r2,lsr#8
1028 strb r4,[r12,#8]
1029 strb r5,[r12,#9]
1030 mov r4,r3,lsr#24
1031 strb r6,[r12,#10]
1032 mov r5,r3,lsr#16
1033 strb r2,[r12,#11]
1034 mov r6,r3,lsr#8
1035 strb r4,[r12,#12]
1036 strb r5,[r12,#13]
1037 strb r6,[r12,#14]
1038 strb r3,[r12,#15]
1039 #endif
1040 #if __ARM_ARCH__>=5
1041 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
1042 #else
1043 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
1044 tst lr,#1
1045 moveq pc,lr @ be binary compatible with V4, yet
1046 .word 0xe12fff1e @ interoperable with Thumb ISA:-)
1047 #endif
1048 .size asm_AES_decrypt,.-asm_AES_decrypt
1050 .type _armv4_AES_decrypt,%function
1051 .align 2
1052 _armv4_AES_decrypt:
1053 str lr,[sp,#-4]! @ push lr
1054 ldmia r11!,{r4,r5,r6,r7}
1055 eor r0,r0,r4
1056 ldr r12,[r11,#240-16]
1057 eor r1,r1,r5
1058 eor r2,r2,r6
1059 eor r3,r3,r7
1060 sub r12,r12,#1
1061 mov lr,#255
1063 and r7,lr,r0,lsr#16
1064 and r8,lr,r0,lsr#8
1065 and r9,lr,r0
1066 mov r0,r0,lsr#24
1067 .Ldec_loop:
1068 ldr r4,[r10,r7,lsl#2] @ Td1[s0>>16]
1069 and r7,lr,r1 @ i0
1070 ldr r5,[r10,r8,lsl#2] @ Td2[s0>>8]
1071 and r8,lr,r1,lsr#16
1072 ldr r6,[r10,r9,lsl#2] @ Td3[s0>>0]
1073 and r9,lr,r1,lsr#8
1074 ldr r0,[r10,r0,lsl#2] @ Td0[s0>>24]
1075 mov r1,r1,lsr#24
1077 ldr r7,[r10,r7,lsl#2] @ Td3[s1>>0]
1078 ldr r8,[r10,r8,lsl#2] @ Td1[s1>>16]
1079 ldr r9,[r10,r9,lsl#2] @ Td2[s1>>8]
1080 eor r0,r0,r7,ror#24
1081 ldr r1,[r10,r1,lsl#2] @ Td0[s1>>24]
1082 and r7,lr,r2,lsr#8 @ i0
1083 eor r5,r8,r5,ror#8
1084 and r8,lr,r2 @ i1
1085 eor r6,r9,r6,ror#8
1086 and r9,lr,r2,lsr#16
1087 ldr r7,[r10,r7,lsl#2] @ Td2[s2>>8]
1088 eor r1,r1,r4,ror#8
1089 ldr r8,[r10,r8,lsl#2] @ Td3[s2>>0]
1090 mov r2,r2,lsr#24
1092 ldr r9,[r10,r9,lsl#2] @ Td1[s2>>16]
1093 eor r0,r0,r7,ror#16
1094 ldr r2,[r10,r2,lsl#2] @ Td0[s2>>24]
1095 and r7,lr,r3,lsr#16 @ i0
1096 eor r1,r1,r8,ror#24
1097 and r8,lr,r3,lsr#8 @ i1
1098 eor r6,r9,r6,ror#8
1099 and r9,lr,r3 @ i2
1100 ldr r7,[r10,r7,lsl#2] @ Td1[s3>>16]
1101 eor r2,r2,r5,ror#8
1102 ldr r8,[r10,r8,lsl#2] @ Td2[s3>>8]
1103 mov r3,r3,lsr#24
1105 ldr r9,[r10,r9,lsl#2] @ Td3[s3>>0]
1106 eor r0,r0,r7,ror#8
1107 ldr r7,[r11],#16
1108 eor r1,r1,r8,ror#16
1109 ldr r3,[r10,r3,lsl#2] @ Td0[s3>>24]
1110 eor r2,r2,r9,ror#24
1112 ldr r4,[r11,#-12]
1113 eor r0,r0,r7
1114 ldr r5,[r11,#-8]
1115 eor r3,r3,r6,ror#8
1116 ldr r6,[r11,#-4]
1117 and r7,lr,r0,lsr#16
1118 eor r1,r1,r4
1119 and r8,lr,r0,lsr#8
1120 eor r2,r2,r5
1121 and r9,lr,r0
1122 eor r3,r3,r6
1123 mov r0,r0,lsr#24
1125 subs r12,r12,#1
1126 bne .Ldec_loop
1128 add r10,r10,#1024
1130 ldr r5,[r10,#0] @ prefetch Td4
1131 ldr r6,[r10,#32]
1132 ldr r4,[r10,#64]
1133 ldr r5,[r10,#96]
1134 ldr r6,[r10,#128]
1135 ldr r4,[r10,#160]
1136 ldr r5,[r10,#192]
1137 ldr r6,[r10,#224]
1139 ldrb r0,[r10,r0] @ Td4[s0>>24]
1140 ldrb r4,[r10,r7] @ Td4[s0>>16]
1141 and r7,lr,r1 @ i0
1142 ldrb r5,[r10,r8] @ Td4[s0>>8]
1143 and r8,lr,r1,lsr#16
1144 ldrb r6,[r10,r9] @ Td4[s0>>0]
1145 and r9,lr,r1,lsr#8
1147 add r1,r10,r1,lsr#24
1148 ldrb r7,[r10,r7] @ Td4[s1>>0]
1149 ldrb r1,[r1] @ Td4[s1>>24]
1150 ldrb r8,[r10,r8] @ Td4[s1>>16]
1151 eor r0,r7,r0,lsl#24
1152 ldrb r9,[r10,r9] @ Td4[s1>>8]
1153 eor r1,r4,r1,lsl#8
1154 and r7,lr,r2,lsr#8 @ i0
1155 eor r5,r5,r8,lsl#8
1156 and r8,lr,r2 @ i1
1157 ldrb r7,[r10,r7] @ Td4[s2>>8]
1158 eor r6,r6,r9,lsl#8
1159 ldrb r8,[r10,r8] @ Td4[s2>>0]
1160 and r9,lr,r2,lsr#16
1162 add r2,r10,r2,lsr#24
1163 ldrb r2,[r2] @ Td4[s2>>24]
1164 eor r0,r0,r7,lsl#8
1165 ldrb r9,[r10,r9] @ Td4[s2>>16]
1166 eor r1,r8,r1,lsl#16
1167 and r7,lr,r3,lsr#16 @ i0
1168 eor r2,r5,r2,lsl#16
1169 and r8,lr,r3,lsr#8 @ i1
1170 ldrb r7,[r10,r7] @ Td4[s3>>16]
1171 eor r6,r6,r9,lsl#16
1172 ldrb r8,[r10,r8] @ Td4[s3>>8]
1173 and r9,lr,r3 @ i2
1175 add r3,r10,r3,lsr#24
1176 ldrb r9,[r10,r9] @ Td4[s3>>0]
1177 ldrb r3,[r3] @ Td4[s3>>24]
1178 eor r0,r0,r7,lsl#16
1179 ldr r7,[r11,#0]
1180 eor r1,r1,r8,lsl#8
1181 ldr r4,[r11,#4]
1182 eor r2,r9,r2,lsl#8
1183 ldr r5,[r11,#8]
1184 eor r3,r6,r3,lsl#24
1185 ldr r6,[r11,#12]
1187 eor r0,r0,r7
1188 eor r1,r1,r4
1189 eor r2,r2,r5
1190 eor r3,r3,r6
1192 sub r10,r10,#1024
1193 ldr pc,[sp],#4 @ pop and return
1194 .size _armv4_AES_decrypt,.-_armv4_AES_decrypt
1195 .byte 65,69,83,32,102,111,114,32,65,82,77,118,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
1196 .align 2
1197 .align 2
1199 #endif
1200 #endif