1#include "arm_arch.h"
2.text
3.code	32
4
5.type	AES_Te,%object
6.align	5
7AES_Te:
8.word	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
9.word	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
10.word	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
11.word	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
12.word	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
13.word	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
14.word	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
15.word	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
16.word	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
17.word	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
18.word	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
19.word	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
20.word	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
21.word	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
22.word	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
23.word	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
24.word	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
25.word	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
26.word	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
27.word	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
28.word	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
29.word	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
30.word	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
31.word	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
32.word	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
33.word	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
34.word	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
35.word	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
36.word	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
37.word	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
38.word	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
39.word	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
40.word	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
41.word	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
42.word	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
43.word	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
44.word	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
45.word	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
46.word	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
47.word	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
48.word	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
49.word	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
50.word	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
51.word	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
52.word	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
53.word	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
54.word	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
55.word	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
56.word	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
57.word	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
58.word	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
59.word	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
60.word	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
61.word	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
62.word	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
63.word	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
64.word	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
65.word	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
66.word	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
67.word	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
68.word	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
69.word	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
70.word	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
71.word	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
72@ Te4[256]
73.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
74.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
75.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
76.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
77.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
78.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
79.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
80.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
81.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
82.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
83.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
84.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
85.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
86.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
87.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
88.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
89.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
90.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
91.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
92.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
93.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
94.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
95.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
96.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
97.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
98.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
99.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
100.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
101.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
102.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
103.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
104.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
105@ rcon[]
106.word	0x01000000, 0x02000000, 0x04000000, 0x08000000
107.word	0x10000000, 0x20000000, 0x40000000, 0x80000000
108.word	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
109.size	AES_Te,.-AES_Te
110
111@ void AES_encrypt(const unsigned char *in, unsigned char *out,
112@ 		 const AES_KEY *key) {
113.global AES_encrypt
114.type   AES_encrypt,%function
115.align	5
116AES_encrypt:
117	sub	r3,pc,#8		@ AES_encrypt
118	stmdb   sp!,{r1,r4-r12,lr}
119	mov	r12,r0		@ inp
120	mov	r11,r2
121	sub	r10,r3,#AES_encrypt-AES_Te	@ Te
122#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT)
123	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
124	ldrb	r4,[r12,#2]	@ manner...
125	ldrb	r5,[r12,#1]
126	ldrb	r6,[r12,#0]
127	orr	r0,r0,r4,lsl#8
128	ldrb	r1,[r12,#7]
129	orr	r0,r0,r5,lsl#16
130	ldrb	r4,[r12,#6]
131	orr	r0,r0,r6,lsl#24
132	ldrb	r5,[r12,#5]
133	ldrb	r6,[r12,#4]
134	orr	r1,r1,r4,lsl#8
135	ldrb	r2,[r12,#11]
136	orr	r1,r1,r5,lsl#16
137	ldrb	r4,[r12,#10]
138	orr	r1,r1,r6,lsl#24
139	ldrb	r5,[r12,#9]
140	ldrb	r6,[r12,#8]
141	orr	r2,r2,r4,lsl#8
142	ldrb	r3,[r12,#15]
143	orr	r2,r2,r5,lsl#16
144	ldrb	r4,[r12,#14]
145	orr	r2,r2,r6,lsl#24
146	ldrb	r5,[r12,#13]
147	ldrb	r6,[r12,#12]
148	orr	r3,r3,r4,lsl#8
149	orr	r3,r3,r5,lsl#16
150	orr	r3,r3,r6,lsl#24
151#else
152	ldr	r0,[r12,#0]
153	ldr	r1,[r12,#4]
154	ldr	r2,[r12,#8]
155	ldr	r3,[r12,#12]
156#ifdef __ARMEL__
157	rev	r0,r0
158	rev	r1,r1
159	rev	r2,r2
160	rev	r3,r3
161#endif
162#endif
163	bl	_armv4_AES_encrypt
164
165	ldr	r12,[sp],#4		@ pop out
166#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT)
167#ifdef __ARMEL__
168	rev	r0,r0
169	rev	r1,r1
170	rev	r2,r2
171	rev	r3,r3
172#endif
173	str	r0,[r12,#0]
174	str	r1,[r12,#4]
175	str	r2,[r12,#8]
176	str	r3,[r12,#12]
177#else
178	mov	r4,r0,lsr#24		@ write output in endian-neutral
179	mov	r5,r0,lsr#16		@ manner...
180	mov	r6,r0,lsr#8
181	strb	r4,[r12,#0]
182	strb	r5,[r12,#1]
183	mov	r4,r1,lsr#24
184	strb	r6,[r12,#2]
185	mov	r5,r1,lsr#16
186	strb	r0,[r12,#3]
187	mov	r6,r1,lsr#8
188	strb	r4,[r12,#4]
189	strb	r5,[r12,#5]
190	mov	r4,r2,lsr#24
191	strb	r6,[r12,#6]
192	mov	r5,r2,lsr#16
193	strb	r1,[r12,#7]
194	mov	r6,r2,lsr#8
195	strb	r4,[r12,#8]
196	strb	r5,[r12,#9]
197	mov	r4,r3,lsr#24
198	strb	r6,[r12,#10]
199	mov	r5,r3,lsr#16
200	strb	r2,[r12,#11]
201	mov	r6,r3,lsr#8
202	strb	r4,[r12,#12]
203	strb	r5,[r12,#13]
204	strb	r6,[r12,#14]
205	strb	r3,[r12,#15]
206#endif
207#if __ARM_ARCH__>=5
208	ldmia	sp!,{r4-r12,pc}
209#else
210	ldmia   sp!,{r4-r12,lr}
211	tst	lr,#1
212	moveq	pc,lr			@ be binary compatible with V4, yet
213	.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
214#endif
215.size	AES_encrypt,.-AES_encrypt
216
217.type   _armv4_AES_encrypt,%function
218.align	2
219_armv4_AES_encrypt:
220	str	lr,[sp,#-4]!		@ push lr
221	ldmia	r11!,{r4-r7}
222	eor	r0,r0,r4
223	ldr	r12,[r11,#240-16]
224	eor	r1,r1,r5
225	eor	r2,r2,r6
226	eor	r3,r3,r7
227	sub	r12,r12,#1
228	mov	lr,#255
229
230	and	r7,lr,r0
231	and	r8,lr,r0,lsr#8
232	and	r9,lr,r0,lsr#16
233	mov	r0,r0,lsr#24
234.Lenc_loop:
235	ldr	r4,[r10,r7,lsl#2]	@ Te3[s0>>0]
236	and	r7,lr,r1,lsr#16	@ i0
237	ldr	r5,[r10,r8,lsl#2]	@ Te2[s0>>8]
238	and	r8,lr,r1
239	ldr	r6,[r10,r9,lsl#2]	@ Te1[s0>>16]
240	and	r9,lr,r1,lsr#8
241	ldr	r0,[r10,r0,lsl#2]	@ Te0[s0>>24]
242	mov	r1,r1,lsr#24
243
244	ldr	r7,[r10,r7,lsl#2]	@ Te1[s1>>16]
245	ldr	r8,[r10,r8,lsl#2]	@ Te3[s1>>0]
246	ldr	r9,[r10,r9,lsl#2]	@ Te2[s1>>8]
247	eor	r0,r0,r7,ror#8
248	ldr	r1,[r10,r1,lsl#2]	@ Te0[s1>>24]
249	and	r7,lr,r2,lsr#8	@ i0
250	eor	r5,r5,r8,ror#8
251	and	r8,lr,r2,lsr#16	@ i1
252	eor	r6,r6,r9,ror#8
253	and	r9,lr,r2
254	ldr	r7,[r10,r7,lsl#2]	@ Te2[s2>>8]
255	eor	r1,r1,r4,ror#24
256	ldr	r8,[r10,r8,lsl#2]	@ Te1[s2>>16]
257	mov	r2,r2,lsr#24
258
259	ldr	r9,[r10,r9,lsl#2]	@ Te3[s2>>0]
260	eor	r0,r0,r7,ror#16
261	ldr	r2,[r10,r2,lsl#2]	@ Te0[s2>>24]
262	and	r7,lr,r3		@ i0
263	eor	r1,r1,r8,ror#8
264	and	r8,lr,r3,lsr#8	@ i1
265	eor	r6,r6,r9,ror#16
266	and	r9,lr,r3,lsr#16	@ i2
267	ldr	r7,[r10,r7,lsl#2]	@ Te3[s3>>0]
268	eor	r2,r2,r5,ror#16
269	ldr	r8,[r10,r8,lsl#2]	@ Te2[s3>>8]
270	mov	r3,r3,lsr#24
271
272	ldr	r9,[r10,r9,lsl#2]	@ Te1[s3>>16]
273	eor	r0,r0,r7,ror#24
274	ldr	r7,[r11],#16
275	eor	r1,r1,r8,ror#16
276	ldr	r3,[r10,r3,lsl#2]	@ Te0[s3>>24]
277	eor	r2,r2,r9,ror#8
278	ldr	r4,[r11,#-12]
279	eor	r3,r3,r6,ror#8
280
281	ldr	r5,[r11,#-8]
282	eor	r0,r0,r7
283	ldr	r6,[r11,#-4]
284	and	r7,lr,r0
285	eor	r1,r1,r4
286	and	r8,lr,r0,lsr#8
287	eor	r2,r2,r5
288	and	r9,lr,r0,lsr#16
289	eor	r3,r3,r6
290	mov	r0,r0,lsr#24
291
292	subs	r12,r12,#1
293	bne	.Lenc_loop
294
295	add	r10,r10,#2
296
297	ldrb	r4,[r10,r7,lsl#2]	@ Te4[s0>>0]
298	and	r7,lr,r1,lsr#16	@ i0
299	ldrb	r5,[r10,r8,lsl#2]	@ Te4[s0>>8]
300	and	r8,lr,r1
301	ldrb	r6,[r10,r9,lsl#2]	@ Te4[s0>>16]
302	and	r9,lr,r1,lsr#8
303	ldrb	r0,[r10,r0,lsl#2]	@ Te4[s0>>24]
304	mov	r1,r1,lsr#24
305
306	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s1>>16]
307	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s1>>0]
308	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s1>>8]
309	eor	r0,r7,r0,lsl#8
310	ldrb	r1,[r10,r1,lsl#2]	@ Te4[s1>>24]
311	and	r7,lr,r2,lsr#8	@ i0
312	eor	r5,r8,r5,lsl#8
313	and	r8,lr,r2,lsr#16	@ i1
314	eor	r6,r9,r6,lsl#8
315	and	r9,lr,r2
316	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s2>>8]
317	eor	r1,r4,r1,lsl#24
318	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s2>>16]
319	mov	r2,r2,lsr#24
320
321	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s2>>0]
322	eor	r0,r7,r0,lsl#8
323	ldrb	r2,[r10,r2,lsl#2]	@ Te4[s2>>24]
324	and	r7,lr,r3		@ i0
325	eor	r1,r1,r8,lsl#16
326	and	r8,lr,r3,lsr#8	@ i1
327	eor	r6,r9,r6,lsl#8
328	and	r9,lr,r3,lsr#16	@ i2
329	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s3>>0]
330	eor	r2,r5,r2,lsl#24
331	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s3>>8]
332	mov	r3,r3,lsr#24
333
334	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s3>>16]
335	eor	r0,r7,r0,lsl#8
336	ldr	r7,[r11,#0]
337	ldrb	r3,[r10,r3,lsl#2]	@ Te4[s3>>24]
338	eor	r1,r1,r8,lsl#8
339	ldr	r4,[r11,#4]
340	eor	r2,r2,r9,lsl#16
341	ldr	r5,[r11,#8]
342	eor	r3,r6,r3,lsl#24
343	ldr	r6,[r11,#12]
344
345	eor	r0,r0,r7
346	eor	r1,r1,r4
347	eor	r2,r2,r5
348	eor	r3,r3,r6
349
350	sub	r10,r10,#2
351	ldr	pc,[sp],#4		@ pop and return
352.size	_armv4_AES_encrypt,.-_armv4_AES_encrypt
353
354.global AES_set_encrypt_key
355.type   AES_set_encrypt_key,%function
356.align	5
357AES_set_encrypt_key:
358_armv4_AES_set_encrypt_key:
359	sub	r3,pc,#8		@ AES_set_encrypt_key
360	teq	r0,#0
361	moveq	r0,#-1
362	beq	.Labrt
363	teq	r2,#0
364	moveq	r0,#-1
365	beq	.Labrt
366
367	teq	r1,#128
368	beq	.Lok
369	teq	r1,#192
370	beq	.Lok
371	teq	r1,#256
372	movne	r0,#-1
373	bne	.Labrt
374
375.Lok:	stmdb   sp!,{r4-r12,lr}
376	sub	r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024	@ Te4
377
378	mov	r12,r0		@ inp
379	mov	lr,r1			@ bits
380	mov	r11,r2			@ key
381
382#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT)
383	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
384	ldrb	r4,[r12,#2]	@ manner...
385	ldrb	r5,[r12,#1]
386	ldrb	r6,[r12,#0]
387	orr	r0,r0,r4,lsl#8
388	ldrb	r1,[r12,#7]
389	orr	r0,r0,r5,lsl#16
390	ldrb	r4,[r12,#6]
391	orr	r0,r0,r6,lsl#24
392	ldrb	r5,[r12,#5]
393	ldrb	r6,[r12,#4]
394	orr	r1,r1,r4,lsl#8
395	ldrb	r2,[r12,#11]
396	orr	r1,r1,r5,lsl#16
397	ldrb	r4,[r12,#10]
398	orr	r1,r1,r6,lsl#24
399	ldrb	r5,[r12,#9]
400	ldrb	r6,[r12,#8]
401	orr	r2,r2,r4,lsl#8
402	ldrb	r3,[r12,#15]
403	orr	r2,r2,r5,lsl#16
404	ldrb	r4,[r12,#14]
405	orr	r2,r2,r6,lsl#24
406	ldrb	r5,[r12,#13]
407	ldrb	r6,[r12,#12]
408	orr	r3,r3,r4,lsl#8
409	str	r0,[r11],#16
410	orr	r3,r3,r5,lsl#16
411	str	r1,[r11,#-12]
412	orr	r3,r3,r6,lsl#24
413	str	r2,[r11,#-8]
414	str	r3,[r11,#-4]
415#else
416	ldr	r0,[r12,#0]
417	ldr	r1,[r12,#4]
418	ldr	r2,[r12,#8]
419	ldr	r3,[r12,#12]
420#ifdef __ARMEL__
421	rev	r0,r0
422	rev	r1,r1
423	rev	r2,r2
424	rev	r3,r3
425#endif
426	str	r0,[r11],#16
427	str	r1,[r11,#-12]
428	str	r2,[r11,#-8]
429	str	r3,[r11,#-4]
430#endif
431
432	teq	lr,#128
433	bne	.Lnot128
434	mov	r12,#10
435	str	r12,[r11,#240-16]
436	add	r6,r10,#256			@ rcon
437	mov	lr,#255
438
439.L128_loop:
440	and	r5,lr,r3,lsr#24
441	and	r7,lr,r3,lsr#16
442	ldrb	r5,[r10,r5]
443	and	r8,lr,r3,lsr#8
444	ldrb	r7,[r10,r7]
445	and	r9,lr,r3
446	ldrb	r8,[r10,r8]
447	orr	r5,r5,r7,lsl#24
448	ldrb	r9,[r10,r9]
449	orr	r5,r5,r8,lsl#16
450	ldr	r4,[r6],#4			@ rcon[i++]
451	orr	r5,r5,r9,lsl#8
452	eor	r5,r5,r4
453	eor	r0,r0,r5			@ rk[4]=rk[0]^...
454	eor	r1,r1,r0			@ rk[5]=rk[1]^rk[4]
455	str	r0,[r11],#16
456	eor	r2,r2,r1			@ rk[6]=rk[2]^rk[5]
457	str	r1,[r11,#-12]
458	eor	r3,r3,r2			@ rk[7]=rk[3]^rk[6]
459	str	r2,[r11,#-8]
460	subs	r12,r12,#1
461	str	r3,[r11,#-4]
462	bne	.L128_loop
463	sub	r2,r11,#176
464	b	.Ldone
465
466.Lnot128:
467#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT)
468	ldrb	r8,[r12,#19]
469	ldrb	r4,[r12,#18]
470	ldrb	r5,[r12,#17]
471	ldrb	r6,[r12,#16]
472	orr	r8,r8,r4,lsl#8
473	ldrb	r9,[r12,#23]
474	orr	r8,r8,r5,lsl#16
475	ldrb	r4,[r12,#22]
476	orr	r8,r8,r6,lsl#24
477	ldrb	r5,[r12,#21]
478	ldrb	r6,[r12,#20]
479	orr	r9,r9,r4,lsl#8
480	orr	r9,r9,r5,lsl#16
481	str	r8,[r11],#8
482	orr	r9,r9,r6,lsl#24
483	str	r9,[r11,#-4]
484#else
485	ldr	r8,[r12,#16]
486	ldr	r9,[r12,#20]
487#ifdef __ARMEL__
488	rev	r8,r8
489	rev	r9,r9
490#endif
491	str	r8,[r11],#8
492	str	r9,[r11,#-4]
493#endif
494
495	teq	lr,#192
496	bne	.Lnot192
497	mov	r12,#12
498	str	r12,[r11,#240-24]
499	add	r6,r10,#256			@ rcon
500	mov	lr,#255
501	mov	r12,#8
502
503.L192_loop:
504	and	r5,lr,r9,lsr#24
505	and	r7,lr,r9,lsr#16
506	ldrb	r5,[r10,r5]
507	and	r8,lr,r9,lsr#8
508	ldrb	r7,[r10,r7]
509	and	r9,lr,r9
510	ldrb	r8,[r10,r8]
511	orr	r5,r5,r7,lsl#24
512	ldrb	r9,[r10,r9]
513	orr	r5,r5,r8,lsl#16
514	ldr	r4,[r6],#4			@ rcon[i++]
515	orr	r5,r5,r9,lsl#8
516	eor	r9,r5,r4
517	eor	r0,r0,r9			@ rk[6]=rk[0]^...
518	eor	r1,r1,r0			@ rk[7]=rk[1]^rk[6]
519	str	r0,[r11],#24
520	eor	r2,r2,r1			@ rk[8]=rk[2]^rk[7]
521	str	r1,[r11,#-20]
522	eor	r3,r3,r2			@ rk[9]=rk[3]^rk[8]
523	str	r2,[r11,#-16]
524	subs	r12,r12,#1
525	str	r3,[r11,#-12]
526	subeq	r2,r11,#216
527	beq	.Ldone
528
529	ldr	r7,[r11,#-32]
530	ldr	r8,[r11,#-28]
531	eor	r7,r7,r3			@ rk[10]=rk[4]^rk[9]
532	eor	r9,r8,r7			@ rk[11]=rk[5]^rk[10]
533	str	r7,[r11,#-8]
534	str	r9,[r11,#-4]
535	b	.L192_loop
536
537.Lnot192:
538#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT)
539	ldrb	r8,[r12,#27]
540	ldrb	r4,[r12,#26]
541	ldrb	r5,[r12,#25]
542	ldrb	r6,[r12,#24]
543	orr	r8,r8,r4,lsl#8
544	ldrb	r9,[r12,#31]
545	orr	r8,r8,r5,lsl#16
546	ldrb	r4,[r12,#30]
547	orr	r8,r8,r6,lsl#24
548	ldrb	r5,[r12,#29]
549	ldrb	r6,[r12,#28]
550	orr	r9,r9,r4,lsl#8
551	orr	r9,r9,r5,lsl#16
552	str	r8,[r11],#8
553	orr	r9,r9,r6,lsl#24
554	str	r9,[r11,#-4]
555#else
556	ldr	r8,[r12,#24]
557	ldr	r9,[r12,#28]
558#ifdef __ARMEL__
559	rev	r8,r8
560	rev	r9,r9
561#endif
562	str	r8,[r11],#8
563	str	r9,[r11,#-4]
564#endif
565
566	mov	r12,#14
567	str	r12,[r11,#240-32]
568	add	r6,r10,#256			@ rcon
569	mov	lr,#255
570	mov	r12,#7
571
572.L256_loop:
573	and	r5,lr,r9,lsr#24
574	and	r7,lr,r9,lsr#16
575	ldrb	r5,[r10,r5]
576	and	r8,lr,r9,lsr#8
577	ldrb	r7,[r10,r7]
578	and	r9,lr,r9
579	ldrb	r8,[r10,r8]
580	orr	r5,r5,r7,lsl#24
581	ldrb	r9,[r10,r9]
582	orr	r5,r5,r8,lsl#16
583	ldr	r4,[r6],#4			@ rcon[i++]
584	orr	r5,r5,r9,lsl#8
585	eor	r9,r5,r4
586	eor	r0,r0,r9			@ rk[8]=rk[0]^...
587	eor	r1,r1,r0			@ rk[9]=rk[1]^rk[8]
588	str	r0,[r11],#32
589	eor	r2,r2,r1			@ rk[10]=rk[2]^rk[9]
590	str	r1,[r11,#-28]
591	eor	r3,r3,r2			@ rk[11]=rk[3]^rk[10]
592	str	r2,[r11,#-24]
593	subs	r12,r12,#1
594	str	r3,[r11,#-20]
595	subeq	r2,r11,#256
596	beq	.Ldone
597
598	and	r5,lr,r3
599	and	r7,lr,r3,lsr#8
600	ldrb	r5,[r10,r5]
601	and	r8,lr,r3,lsr#16
602	ldrb	r7,[r10,r7]
603	and	r9,lr,r3,lsr#24
604	ldrb	r8,[r10,r8]
605	orr	r5,r5,r7,lsl#8
606	ldrb	r9,[r10,r9]
607	orr	r5,r5,r8,lsl#16
608	ldr	r4,[r11,#-48]
609	orr	r5,r5,r9,lsl#24
610
611	ldr	r7,[r11,#-44]
612	ldr	r8,[r11,#-40]
613	eor	r4,r4,r5			@ rk[12]=rk[4]^...
614	ldr	r9,[r11,#-36]
615	eor	r7,r7,r4			@ rk[13]=rk[5]^rk[12]
616	str	r4,[r11,#-16]
617	eor	r8,r8,r7			@ rk[14]=rk[6]^rk[13]
618	str	r7,[r11,#-12]
619	eor	r9,r9,r8			@ rk[15]=rk[7]^rk[14]
620	str	r8,[r11,#-8]
621	str	r9,[r11,#-4]
622	b	.L256_loop
623
624.Ldone:	mov	r0,#0
625	ldmia   sp!,{r4-r12,lr}
626.Labrt:	tst	lr,#1
627	moveq	pc,lr			@ be binary compatible with V4, yet
628	.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
629.size	AES_set_encrypt_key,.-AES_set_encrypt_key
630
631.global AES_set_decrypt_key
632.type   AES_set_decrypt_key,%function
633.align	5
634AES_set_decrypt_key:
635	str	lr,[sp,#-4]!            @ push lr
636	bl	_armv4_AES_set_encrypt_key
637	teq	r0,#0
638	ldrne	lr,[sp],#4              @ pop lr
639	bne	.Labrt
640
641	stmdb   sp!,{r4-r12}
642
643	ldr	r12,[r2,#240]	@ AES_set_encrypt_key preserves r2,
644	mov	r11,r2			@ which is AES_KEY *key
645	mov	r7,r2
646	add	r8,r2,r12,lsl#4
647
648.Linv:	ldr	r0,[r7]
649	ldr	r1,[r7,#4]
650	ldr	r2,[r7,#8]
651	ldr	r3,[r7,#12]
652	ldr	r4,[r8]
653	ldr	r5,[r8,#4]
654	ldr	r6,[r8,#8]
655	ldr	r9,[r8,#12]
656	str	r0,[r8],#-16
657	str	r1,[r8,#16+4]
658	str	r2,[r8,#16+8]
659	str	r3,[r8,#16+12]
660	str	r4,[r7],#16
661	str	r5,[r7,#-12]
662	str	r6,[r7,#-8]
663	str	r9,[r7,#-4]
664	teq	r7,r8
665	bne	.Linv
666	ldr	r0,[r11,#16]!		@ prefetch tp1
667	mov	r7,#0x80
668	mov	r8,#0x1b
669	orr	r7,r7,#0x8000
670	orr	r8,r8,#0x1b00
671	orr	r7,r7,r7,lsl#16
672	orr	r8,r8,r8,lsl#16
673	sub	r12,r12,#1
674	mvn	r9,r7
675	mov	r12,r12,lsl#2	@ (rounds-1)*4
676
677.Lmix:	and	r4,r0,r7
678	and	r1,r0,r9
679	sub	r4,r4,r4,lsr#7
680	and	r4,r4,r8
681	eor	r1,r4,r1,lsl#1	@ tp2
682
683	and	r4,r1,r7
684	and	r2,r1,r9
685	sub	r4,r4,r4,lsr#7
686	and	r4,r4,r8
687	eor	r2,r4,r2,lsl#1	@ tp4
688
689	and	r4,r2,r7
690	and	r3,r2,r9
691	sub	r4,r4,r4,lsr#7
692	and	r4,r4,r8
693	eor	r3,r4,r3,lsl#1	@ tp8
694
695	eor	r4,r1,r2
696	eor	r5,r0,r3		@ tp9
697	eor	r4,r4,r3		@ tpe
698	eor	r4,r4,r1,ror#24
699	eor	r4,r4,r5,ror#24	@ ^= ROTATE(tpb=tp9^tp2,8)
700	eor	r4,r4,r2,ror#16
701	eor	r4,r4,r5,ror#16	@ ^= ROTATE(tpd=tp9^tp4,16)
702	eor	r4,r4,r5,ror#8	@ ^= ROTATE(tp9,24)
703
704	ldr	r0,[r11,#4]		@ prefetch tp1
705	str	r4,[r11],#4
706	subs	r12,r12,#1
707	bne	.Lmix
708
709	mov	r0,#0
710#if __ARM_ARCH__>=5
711	ldmia	sp!,{r4-r12,pc}
712#else
713	ldmia   sp!,{r4-r12,lr}
714	tst	lr,#1
715	moveq	pc,lr			@ be binary compatible with V4, yet
716	.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
717#endif
718.size	AES_set_decrypt_key,.-AES_set_decrypt_key
719
720.type	AES_Td,%object
721.align	5
722AES_Td:
723.word	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
724.word	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
725.word	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
726.word	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
727.word	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
728.word	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
729.word	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
730.word	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
731.word	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
732.word	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
733.word	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
734.word	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
735.word	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
736.word	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
737.word	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
738.word	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
739.word	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
740.word	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
741.word	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
742.word	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
743.word	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
744.word	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
745.word	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
746.word	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
747.word	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
748.word	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
749.word	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
750.word	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
751.word	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
752.word	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
753.word	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
754.word	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
755.word	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
756.word	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
757.word	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
758.word	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
759.word	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
760.word	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
761.word	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
762.word	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
763.word	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
764.word	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
765.word	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
766.word	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
767.word	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
768.word	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
769.word	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
770.word	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
771.word	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
772.word	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
773.word	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
774.word	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
775.word	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
776.word	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
777.word	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
778.word	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
779.word	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
780.word	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
781.word	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
782.word	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
783.word	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
784.word	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
785.word	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
786.word	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
787@ Td4[256]
788.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
789.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
790.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
791.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
792.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
793.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
794.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
795.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
796.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
797.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
798.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
799.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
800.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
801.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
802.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
803.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
804.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
805.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
806.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
807.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
808.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
809.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
810.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
811.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
812.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
813.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
814.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
815.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
816.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
817.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
818.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
819.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
820.size	AES_Td,.-AES_Td
821
822@ void AES_decrypt(const unsigned char *in, unsigned char *out,
823@ 		 const AES_KEY *key) {
824.global AES_decrypt
825.type   AES_decrypt,%function
826.align	5
827AES_decrypt:
828	sub	r3,pc,#8		@ AES_decrypt
829	stmdb   sp!,{r1,r4-r12,lr}
830	mov	r12,r0		@ inp
831	mov	r11,r2
832	sub	r10,r3,#AES_decrypt-AES_Td		@ Td
833#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT)
834	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
835	ldrb	r4,[r12,#2]	@ manner...
836	ldrb	r5,[r12,#1]
837	ldrb	r6,[r12,#0]
838	orr	r0,r0,r4,lsl#8
839	ldrb	r1,[r12,#7]
840	orr	r0,r0,r5,lsl#16
841	ldrb	r4,[r12,#6]
842	orr	r0,r0,r6,lsl#24
843	ldrb	r5,[r12,#5]
844	ldrb	r6,[r12,#4]
845	orr	r1,r1,r4,lsl#8
846	ldrb	r2,[r12,#11]
847	orr	r1,r1,r5,lsl#16
848	ldrb	r4,[r12,#10]
849	orr	r1,r1,r6,lsl#24
850	ldrb	r5,[r12,#9]
851	ldrb	r6,[r12,#8]
852	orr	r2,r2,r4,lsl#8
853	ldrb	r3,[r12,#15]
854	orr	r2,r2,r5,lsl#16
855	ldrb	r4,[r12,#14]
856	orr	r2,r2,r6,lsl#24
857	ldrb	r5,[r12,#13]
858	ldrb	r6,[r12,#12]
859	orr	r3,r3,r4,lsl#8
860	orr	r3,r3,r5,lsl#16
861	orr	r3,r3,r6,lsl#24
862#else
863	ldr	r0,[r12,#0]
864	ldr	r1,[r12,#4]
865	ldr	r2,[r12,#8]
866	ldr	r3,[r12,#12]
867#ifdef __ARMEL__
868	rev	r0,r0
869	rev	r1,r1
870	rev	r2,r2
871	rev	r3,r3
872#endif
873#endif
874	bl	_armv4_AES_decrypt
875
876	ldr	r12,[sp],#4		@ pop out
877#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT)
878#ifdef __ARMEL__
879	rev	r0,r0
880	rev	r1,r1
881	rev	r2,r2
882	rev	r3,r3
883#endif
884	str	r0,[r12,#0]
885	str	r1,[r12,#4]
886	str	r2,[r12,#8]
887	str	r3,[r12,#12]
888#else
889	mov	r4,r0,lsr#24		@ write output in endian-neutral
890	mov	r5,r0,lsr#16		@ manner...
891	mov	r6,r0,lsr#8
892	strb	r4,[r12,#0]
893	strb	r5,[r12,#1]
894	mov	r4,r1,lsr#24
895	strb	r6,[r12,#2]
896	mov	r5,r1,lsr#16
897	strb	r0,[r12,#3]
898	mov	r6,r1,lsr#8
899	strb	r4,[r12,#4]
900	strb	r5,[r12,#5]
901	mov	r4,r2,lsr#24
902	strb	r6,[r12,#6]
903	mov	r5,r2,lsr#16
904	strb	r1,[r12,#7]
905	mov	r6,r2,lsr#8
906	strb	r4,[r12,#8]
907	strb	r5,[r12,#9]
908	mov	r4,r3,lsr#24
909	strb	r6,[r12,#10]
910	mov	r5,r3,lsr#16
911	strb	r2,[r12,#11]
912	mov	r6,r3,lsr#8
913	strb	r4,[r12,#12]
914	strb	r5,[r12,#13]
915	strb	r6,[r12,#14]
916	strb	r3,[r12,#15]
917#endif
918#if __ARM_ARCH__>=5
919	ldmia	sp!,{r4-r12,pc}
920#else
921	ldmia   sp!,{r4-r12,lr}
922	tst	lr,#1
923	moveq	pc,lr			@ be binary compatible with V4, yet
924	.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
925#endif
926.size	AES_decrypt,.-AES_decrypt
927
928.type   _armv4_AES_decrypt,%function
929.align	2
930_armv4_AES_decrypt:
931	str	lr,[sp,#-4]!		@ push lr
932	ldmia	r11!,{r4-r7}
933	eor	r0,r0,r4
934	ldr	r12,[r11,#240-16]
935	eor	r1,r1,r5
936	eor	r2,r2,r6
937	eor	r3,r3,r7
938	sub	r12,r12,#1
939	mov	lr,#255
940
941	and	r7,lr,r0,lsr#16
942	and	r8,lr,r0,lsr#8
943	and	r9,lr,r0
944	mov	r0,r0,lsr#24
945.Ldec_loop:
946	ldr	r4,[r10,r7,lsl#2]	@ Td1[s0>>16]
947	and	r7,lr,r1		@ i0
948	ldr	r5,[r10,r8,lsl#2]	@ Td2[s0>>8]
949	and	r8,lr,r1,lsr#16
950	ldr	r6,[r10,r9,lsl#2]	@ Td3[s0>>0]
951	and	r9,lr,r1,lsr#8
952	ldr	r0,[r10,r0,lsl#2]	@ Td0[s0>>24]
953	mov	r1,r1,lsr#24
954
955	ldr	r7,[r10,r7,lsl#2]	@ Td3[s1>>0]
956	ldr	r8,[r10,r8,lsl#2]	@ Td1[s1>>16]
957	ldr	r9,[r10,r9,lsl#2]	@ Td2[s1>>8]
958	eor	r0,r0,r7,ror#24
959	ldr	r1,[r10,r1,lsl#2]	@ Td0[s1>>24]
960	and	r7,lr,r2,lsr#8	@ i0
961	eor	r5,r8,r5,ror#8
962	and	r8,lr,r2		@ i1
963	eor	r6,r9,r6,ror#8
964	and	r9,lr,r2,lsr#16
965	ldr	r7,[r10,r7,lsl#2]	@ Td2[s2>>8]
966	eor	r1,r1,r4,ror#8
967	ldr	r8,[r10,r8,lsl#2]	@ Td3[s2>>0]
968	mov	r2,r2,lsr#24
969
970	ldr	r9,[r10,r9,lsl#2]	@ Td1[s2>>16]
971	eor	r0,r0,r7,ror#16
972	ldr	r2,[r10,r2,lsl#2]	@ Td0[s2>>24]
973	and	r7,lr,r3,lsr#16	@ i0
974	eor	r1,r1,r8,ror#24
975	and	r8,lr,r3,lsr#8	@ i1
976	eor	r6,r9,r6,ror#8
977	and	r9,lr,r3		@ i2
978	ldr	r7,[r10,r7,lsl#2]	@ Td1[s3>>16]
979	eor	r2,r2,r5,ror#8
980	ldr	r8,[r10,r8,lsl#2]	@ Td2[s3>>8]
981	mov	r3,r3,lsr#24
982
983	ldr	r9,[r10,r9,lsl#2]	@ Td3[s3>>0]
984	eor	r0,r0,r7,ror#8
985	ldr	r7,[r11],#16
986	eor	r1,r1,r8,ror#16
987	ldr	r3,[r10,r3,lsl#2]	@ Td0[s3>>24]
988	eor	r2,r2,r9,ror#24
989
990	ldr	r4,[r11,#-12]
991	eor	r0,r0,r7
992	ldr	r5,[r11,#-8]
993	eor	r3,r3,r6,ror#8
994	ldr	r6,[r11,#-4]
995	and	r7,lr,r0,lsr#16
996	eor	r1,r1,r4
997	and	r8,lr,r0,lsr#8
998	eor	r2,r2,r5
999	and	r9,lr,r0
1000	eor	r3,r3,r6
1001	mov	r0,r0,lsr#24
1002
1003	subs	r12,r12,#1
1004	bne	.Ldec_loop
1005
1006	add	r10,r10,#1024
1007
1008	ldr	r5,[r10,#0]		@ prefetch Td4
1009	ldr	r6,[r10,#32]
1010	ldr	r4,[r10,#64]
1011	ldr	r5,[r10,#96]
1012	ldr	r6,[r10,#128]
1013	ldr	r4,[r10,#160]
1014	ldr	r5,[r10,#192]
1015	ldr	r6,[r10,#224]
1016
1017	ldrb	r0,[r10,r0]		@ Td4[s0>>24]
1018	ldrb	r4,[r10,r7]		@ Td4[s0>>16]
1019	and	r7,lr,r1		@ i0
1020	ldrb	r5,[r10,r8]		@ Td4[s0>>8]
1021	and	r8,lr,r1,lsr#16
1022	ldrb	r6,[r10,r9]		@ Td4[s0>>0]
1023	and	r9,lr,r1,lsr#8
1024
1025	ldrb	r7,[r10,r7]		@ Td4[s1>>0]
1026	ldrb	r1,[r10,r1,lsr#24]	@ Td4[s1>>24]
1027	ldrb	r8,[r10,r8]		@ Td4[s1>>16]
1028	eor	r0,r7,r0,lsl#24
1029	ldrb	r9,[r10,r9]		@ Td4[s1>>8]
1030	eor	r1,r4,r1,lsl#8
1031	and	r7,lr,r2,lsr#8	@ i0
1032	eor	r5,r5,r8,lsl#8
1033	and	r8,lr,r2		@ i1
1034	ldrb	r7,[r10,r7]		@ Td4[s2>>8]
1035	eor	r6,r6,r9,lsl#8
1036	ldrb	r8,[r10,r8]		@ Td4[s2>>0]
1037	and	r9,lr,r2,lsr#16
1038
1039	ldrb	r2,[r10,r2,lsr#24]	@ Td4[s2>>24]
1040	eor	r0,r0,r7,lsl#8
1041	ldrb	r9,[r10,r9]		@ Td4[s2>>16]
1042	eor	r1,r8,r1,lsl#16
1043	and	r7,lr,r3,lsr#16	@ i0
1044	eor	r2,r5,r2,lsl#16
1045	and	r8,lr,r3,lsr#8	@ i1
1046	ldrb	r7,[r10,r7]		@ Td4[s3>>16]
1047	eor	r6,r6,r9,lsl#16
1048	ldrb	r8,[r10,r8]		@ Td4[s3>>8]
1049	and	r9,lr,r3		@ i2
1050
1051	ldrb	r9,[r10,r9]		@ Td4[s3>>0]
1052	ldrb	r3,[r10,r3,lsr#24]	@ Td4[s3>>24]
1053	eor	r0,r0,r7,lsl#16
1054	ldr	r7,[r11,#0]
1055	eor	r1,r1,r8,lsl#8
1056	ldr	r4,[r11,#4]
1057	eor	r2,r9,r2,lsl#8
1058	ldr	r5,[r11,#8]
1059	eor	r3,r6,r3,lsl#24
1060	ldr	r6,[r11,#12]
1061
1062	eor	r0,r0,r7
1063	eor	r1,r1,r4
1064	eor	r2,r2,r5
1065	eor	r3,r3,r6
1066
1067	sub	r10,r10,#1024
1068	ldr	pc,[sp],#4		@ pop and return
1069.size	_armv4_AES_decrypt,.-_armv4_AES_decrypt
1070.asciz	"AES for ARMv4, CRYPTOGAMS by <appro@openssl.org>"
1071.align	2
1072#if defined(HAVE_GNU_STACK)
1073.section .note.GNU-stack,"",%progbits
1074#endif
1075