search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Correct PPTP server firewall rules chain.
[tomato/davidwu.git] / release / src / router / nettle / sparc32 / aes-decrypt-internal.asm
blob380a9ee4732e98093a7c51fd5d69b4636c064b8f
1 C -*- mode: asm; asm-comment-char: ?C; -*-
2 C nettle, low-level cryptographics library
3 C
4 C Copyright (C) 2002, 2005 Niels Möller
5 C
6 C The nettle library is free software; you can redistribute it and/or modify
7 C it under the terms of the GNU Lesser General Public License as published by
8 C the Free Software Foundation; either version 2.1 of the License, or (at your
9 C option) any later version.
10 C
11 C The nettle library is distributed in the hope that it will be useful, but
12 C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
14 C License for more details.
15 C
16 C You should have received a copy of the GNU Lesser General Public License
17 C along with the nettle library; see the file COPYING.LIB. If not, write to
18 C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
19 C MA 02111-1301, USA.
20
21 include_src(<sparc32/aes.m4>)
22
23 C Arguments
24 define(<CTX>, <%i0>)
25 define(<T>, <%i1>)
26 define(<LENGTH>,<%i2>)
27 define(<DST>, <%i3>)
28 define(<SRC>, <%i4>)
29
30 C AES state, two copies for unrolling
31
32 define(<W0>, <%l0>)
33 define(<W1>, <%l1>)
34 define(<W2>, <%l2>)
35 define(<W3>, <%l3>)
36
37 define(<X0>, <%l4>)
38 define(<X1>, <%l5>)
39 define(<X2>, <%l6>)
40 define(<X3>, <%l7>)
41
42 C %o0-%03 are used for loop invariants T0-T3
43 define(<KEY>, <%o4>)
44 define(<ROUND>, <%o5>)
45
46 C %g1, %g2, %g3 are TMP1, TMP2 and TMP3
47
48 C The sparc32 stack frame looks like
49 C
50 C %fp - 4: OS-dependent link field
51 C %fp - 8: OS-dependent link field
52 C %fp - 104: OS register save area.
53 define(<FRAME_SIZE>, 104)
54
55 .file "aes-decrypt-internal.asm"
56
57 C _aes_decrypt(struct aes_context *ctx,
58 C const struct aes_table *T,
59 C unsigned length, uint8_t *dst,
60 C uint8_t *src)
61
62 .section ".text"
63 .align 16
64 .proc 020
65
66 PROLOGUE(_nettle_aes_decrypt)
67
68 save %sp, -FRAME_SIZE, %sp
69 cmp LENGTH, 0
70 be .Lend
71
72 C Loop invariants
73 add T, AES_TABLE0, T0
74 add T, AES_TABLE1, T1
75 add T, AES_TABLE2, T2
76 add T, AES_TABLE3, T3
77
78 .Lblock_loop:
79 C Read src, and add initial subkey
80 add CTX, AES_KEYS, KEY
81 AES_LOAD(0, SRC, KEY, W0)
82 AES_LOAD(1, SRC, KEY, W1)
83 AES_LOAD(2, SRC, KEY, W2)
84 AES_LOAD(3, SRC, KEY, W3)
85
86 C Must be even, and includes the final round
87 ld [AES_NROUNDS + CTX], ROUND
88 add SRC, 16, SRC
89 add KEY, 16, KEY
90
91 srl ROUND, 1, ROUND
92 C Last two rounds handled specially
93 sub ROUND, 1, ROUND
94 .Lround_loop:
95 C The AES_ROUND macro uses T0,... T3
96 C Transform W -> X
97 AES_ROUND(0, W0, W3, W2, W1, KEY, X0)
98 AES_ROUND(1, W1, W0, W3, W2, KEY, X1)
99 AES_ROUND(2, W2, W1, W0, W3, KEY, X2)
100 AES_ROUND(3, W3, W2, W1, W0, KEY, X3)
101
102 C Transform X -> W
103 AES_ROUND(4, X0, X3, X2, X1, KEY, W0)
104 AES_ROUND(5, X1, X0, X3, X2, KEY, W1)
105 AES_ROUND(6, X2, X1, X0, X3, KEY, W2)
106 AES_ROUND(7, X3, X2, X1, X0, KEY, W3)
107
108 subcc ROUND, 1, ROUND
109 bne .Lround_loop
110 add KEY, 32, KEY
111
112 C Penultimate round
113 AES_ROUND(0, W0, W3, W2, W1, KEY, X0)
114 AES_ROUND(1, W1, W0, W3, W2, KEY, X1)
115 AES_ROUND(2, W2, W1, W0, W3, KEY, X2)
116 AES_ROUND(3, W3, W2, W1, W0, KEY, X3)
117
118 add KEY, 16, KEY
119 C Final round
120 AES_FINAL_ROUND(0, T, X0, X3, X2, X1, KEY, DST)
121 AES_FINAL_ROUND(1, T, X1, X0, X3, X2, KEY, DST)
122 AES_FINAL_ROUND(2, T, X2, X1, X0, X3, KEY, DST)
123 AES_FINAL_ROUND(3, T, X3, X2, X1, X0, KEY, DST)
124
125 subcc LENGTH, 16, LENGTH
126 bne .Lblock_loop
127 add DST, 16, DST
128
129 .Lend:
130 ret
131 restore
132 EPILOGUE(_nettle_aes_decrypt)