release/src/router/nettle/x86_64/camellia-crypt-internal.asm

   1 C nettle, low-level cryptographics library
   2 C
   3 C Copyright (C) 2010, Niels Möller
   4 C
   5 C The nettle library is free software; you can redistribute it and/or modify
   6 C it under the terms of the GNU Lesser General Public License as published by
   7 C the Free Software Foundation; either version 2.1 of the License, or (at your
   8 C option) any later version.
   9 C
  10 C The nettle library is distributed in the hope that it will be useful, but
  11 C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12 C or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
  13 C License for more details.
  14 C
  15 C You should have received a copy of the GNU Lesser General Public License
  16 C along with the nettle library; see the file COPYING.LIB.  If not, write to
  17 C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  18 C MA 02111-1301, USA.
  19
  20 C Performance, cycles per block
  21 C
  22 C               Intel SU4100
  23 C                 C  asm
  24 C Camellia-128  415  347
  25 C Camellia-256  543  461
  26
  27 C Register usage:
  28
  29 define(<CTX>, <%rdi>)
  30 define(<TABLE>, <%rsi>)
  31 define(<LENGTH>, <%rdx>)
  32 define(<DST>, <%rcx>)
  33 define(<SRC>, <%r8>)
  34
  35 C Camellia state
  36 define(<I0>, <%rax>)
  37 define(<I1>, <%rbx>) C callee-save
  38 define(<KEY>, <%r9>)
  39 define(<TMP>, <%rbp>) C callee-save
  40 define(<CNT>, <%r10>)
  41 define(<IL>,  <%r11>)
  42 define(<IR>,  <%r12>) C callee-save
  43
  44 define(<SP1110>, <(TABLE,$1,4)>)
  45 define(<SP0222>, <1024(TABLE,$1,4)>)
  46 define(<SP3033>, <2048(TABLE,$1,4)>)
  47 define(<SP4404>, <3072(TABLE,$1,4)>)
  48
  49 C ROUND(x, y, key-offset)
  50 define(<ROUND>, <
  51         C Byte 0,1
  52         movzbl  LREG($1), XREG(TMP)
  53         movl    SP1110(TMP), XREG(IR)
  54         movzbl  HREG($1), XREG(TMP)
  55         xorl    SP4404(TMP), XREG(IR)
  56         ror     <$>32, $1
  57
  58         C Byte 4,5
  59         movzbl  LREG($1), XREG(TMP)
  60         movl    SP4404(TMP), XREG(IL)
  61         movzbl  HREG($1), XREG(TMP)
  62         xorl    SP3033(TMP), XREG(IL)
  63         rol     <$>16, $1
  64
  65         C Byte 2,3
  66         movzbl  LREG($1), XREG(TMP)
  67         xorl    SP3033(TMP), XREG(IR)
  68         movzbl  HREG($1), XREG(TMP)
  69         xorl    SP0222(TMP), XREG(IR)
  70         ror     <$>32, $1
  71
  72         C Byte 6,7
  73         movzbl  LREG($1), XREG(TMP)
  74         xorl    SP0222(TMP), XREG(IL)
  75         movzbl  HREG($1), XREG(TMP)
  76         xorl    SP1110(TMP), XREG(IL)
  77         ror     <$>16, $1
  78
  79         C 76543210
  80
  81         xorl    XREG(IL), XREG(IR)
  82         rorl    <$>8, XREG(IL)
  83         xorl    XREG(IR), XREG(IL)
  84         shl     <$>32, IR
  85         or      IL, IR
  86         xor     $3(KEY), $2
  87         xor     IR, $2
  88 >)
  89
  90 C FL(x, key-offset)
  91 define(<FL>, <
  92         mov     $1, TMP
  93         shr     <$>32, TMP
  94         andl    $2 + 4(KEY), XREG(TMP)
  95         roll    <$>1, XREG(TMP)
  96 C       xorl    XREG(TMP), XREG($1)
  97         xor     TMP, $1
  98         movl    $2(KEY), XREG(TMP)
  99         orl     XREG($1), XREG(TMP)
 100         shl     <$>32, TMP
 101         xor     TMP, $1
 102 >)
 103 C FLINV(x0, key-offset)
 104 define(<FLINV>, <
 105         movl    $2(KEY), XREG(TMP)
 106         orl     XREG($1), XREG(TMP)
 107         shl     <$>32, TMP
 108         xor     TMP, $1
 109         mov     $1, TMP
 110         shr     <$>32, TMP
 111         andl    $2 + 4(KEY), XREG(TMP)
 112         roll    <$>1, XREG(TMP)
 113 C       xorl    XREG(TMP), XREG($1)
 114         xor     TMP, $1
 115 >)
 116
 117         .file "camellia-encrypt-internal.asm"
 118
 119         C _camellia_crypt(struct camellia_context *ctx,
 120         C                 const struct camellia_table *T,
 121         C                 unsigned length, uint8_t *dst,
 122         C                 uint8_t *src)
 123         .text
 124         ALIGN(16)
 125 PROLOGUE(_nettle_camellia_crypt)
 126
 127         W64_ENTRY(5, 0)
 128         test    LENGTH, LENGTH
 129         jz      .Lend
 130
 131         push    %rbx
 132         push    %rbp
 133         push    %r12
 134
 135 .Lblock_loop:
 136         C Load data, note that we'll happily do unaligned loads
 137         mov     (SRC), I0
 138         bswap   I0
 139         mov     8(SRC), I1
 140         bswap   I1
 141         add     $16, SRC
 142         mov     CTX, KEY
 143         movl    (KEY), XREG(CNT)
 144         sub     $8, CNT
 145
 146         C       Whitening using first subkey
 147         xor     8(KEY), I0
 148         add     $16, KEY
 149
 150         ROUND(I0, I1, 0)
 151         ROUND(I1, I0, 8)
 152         ROUND(I0, I1, 16)
 153         ROUND(I1, I0, 24)
 154         ROUND(I0, I1, 32)
 155         ROUND(I1, I0, 40)
 156
 157 .Lround_loop:
 158         add     $64, KEY
 159         FL(I0, -16)
 160         FLINV(I1, -8)
 161         ROUND(I0, I1, 0)
 162         ROUND(I1, I0, 8)
 163         ROUND(I0, I1, 16)
 164         ROUND(I1, I0, 24)
 165         ROUND(I0, I1, 32)
 166         ROUND(I1, I0, 40)
 167
 168         sub     $8, CNT
 169         ja      .Lround_loop
 170
 171         bswap   I0
 172         mov     I0, 8(DST)
 173         xor     48(KEY), I1
 174         bswap   I1
 175         mov     I1, (DST)
 176         add     $16, DST
 177         sub     $16, LENGTH
 178
 179         ja      .Lblock_loop
 180
 181         pop     %r12
 182         pop     %rbp
 183         pop     %rbx
 184 .Lend:
 185         W64_EXIT(5, 0)
 186         ret
 187 EPILOGUE(_nettle_camellia_crypt)