1 2@ ==================================================================== 3@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL 4@ project. The module is, however, dual licensed under OpenSSL and 5@ CRYPTOGAMS licenses depending on where you obtain it. For further 6@ details see http://www.openssl.org/~appro/cryptogams/. 7@ ==================================================================== 8 9@ AES for ARMv4 10 11@ January 2007. 12@ 13@ Code uses single 1K S-box and is >2 times faster than code generated 14@ by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which 15@ allows to merge logical or arithmetic operation with shift or rotate 16@ in one instruction and emit combined result every cycle. The module 17@ is endian-neutral. The performance is ~42 cycles/byte for 128-bit 18@ key [on single-issue Xscale PXA250 core]. 19 20@ May 2007. 21@ 22@ AES_set_[en|de]crypt_key is added. 23 24@ July 2010. 25@ 26@ Rescheduling for dual-issue pipeline resulted in 12% improvement on 27@ Cortex A8 core and ~25 cycles per byte processed with 128-bit key. 28 29@ February 2011. 30@ 31@ Profiler-assisted and platform-specific optimization resulted in 16% 32@ improvement on Cortex A8 core and ~21.5 cycles per byte. 33 34#ifndef __KERNEL__ 35# include "arm_arch.h" 36# include "arm_asm.h" 37#else 38# define __ARM_ARCH__ __LINUX_ARM_ARCH__ 39#endif 40 41.text 42#if __ARM_ARCH__<7 43.code 32 44#else 45.syntax unified 46# ifdef __thumb2__ 47.thumb 48# else 49.code 32 50# endif 51#endif 52 53.type AES_Te,%object 54.align 5 55AES_Te: 56.word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d 57.word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 58.word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d 59.word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a 60.word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 61.word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b 62.word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea 63.word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b 64.word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a 65.word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f 66.word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 67.word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f 68.word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e 69.word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 70.word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d 71.word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f 72.word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e 73.word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb 74.word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce 75.word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 76.word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c 77.word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed 78.word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b 79.word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a 80.word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 81.word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 82.word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 83.word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 84.word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a 85.word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 86.word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 87.word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d 88.word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f 89.word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 90.word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 91.word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 92.word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f 93.word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 94.word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c 95.word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 96.word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e 97.word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 98.word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 99.word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b 100.word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 101.word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 102.word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 103.word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 104.word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 105.word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 106.word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 107.word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 108.word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa 109.word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 110.word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 111.word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 112.word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 113.word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 114.word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 115.word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a 116.word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 117.word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 118.word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 119.word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a 120@ Te4[256] 121.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 122.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 123.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 124.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 125.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc 126.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 127.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a 128.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 129.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 130.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 131.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b 132.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf 133.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 134.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 135.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 136.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 137.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 138.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 139.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 140.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb 141.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c 142.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 143.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 144.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 145.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 146.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a 147.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e 148.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e 149.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 150.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf 151.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 152.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 153@ rcon[] 154.word 0x01000000, 0x02000000, 0x04000000, 0x08000000 155.word 0x10000000, 0x20000000, 0x40000000, 0x80000000 156.word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0 157.size AES_Te,.-AES_Te 158 159@ void AES_encrypt(const unsigned char *in, unsigned char *out, 160@ const AES_KEY *key) { 161.global AES_encrypt 162.type AES_encrypt,%function 163.align 5 164AES_encrypt: 165#if __ARM_ARCH__<7 166 sub r3,pc,#8 @ AES_encrypt 167#else 168 adr r3,AES_encrypt 169#endif 170 stmdb sp!,{r1,r4-r12,lr} 171 mov r12,r0 @ inp 172 mov r11,r2 173#ifdef __clang__ 174 @ workaround for clang integrated assembler bug 175 ldr r0,=(AES_encrypt-AES_Te) 176 sub r10,r3,r0 177#else 178 sub r10,r3,#AES_encrypt-AES_Te @ Te 179#endif 180#if __ARM_ARCH__<7 181 ldrb r0,[r12,#3] @ load input data in endian-neutral 182 ldrb r4,[r12,#2] @ manner... 183 ldrb r5,[r12,#1] 184 ldrb r6,[r12,#0] 185 orr r0,r0,r4,lsl#8 186 ldrb r1,[r12,#7] 187 orr r0,r0,r5,lsl#16 188 ldrb r4,[r12,#6] 189 orr r0,r0,r6,lsl#24 190 ldrb r5,[r12,#5] 191 ldrb r6,[r12,#4] 192 orr r1,r1,r4,lsl#8 193 ldrb r2,[r12,#11] 194 orr r1,r1,r5,lsl#16 195 ldrb r4,[r12,#10] 196 orr r1,r1,r6,lsl#24 197 ldrb r5,[r12,#9] 198 ldrb r6,[r12,#8] 199 orr r2,r2,r4,lsl#8 200 ldrb r3,[r12,#15] 201 orr r2,r2,r5,lsl#16 202 ldrb r4,[r12,#14] 203 orr r2,r2,r6,lsl#24 204 ldrb r5,[r12,#13] 205 ldrb r6,[r12,#12] 206 orr r3,r3,r4,lsl#8 207 orr r3,r3,r5,lsl#16 208 orr r3,r3,r6,lsl#24 209#else 210 ldr r0,[r12,#0] 211 ldr r1,[r12,#4] 212 ldr r2,[r12,#8] 213 ldr r3,[r12,#12] 214#ifdef __ARMEL__ 215 rev r0,r0 216 rev r1,r1 217 rev r2,r2 218 rev r3,r3 219#endif 220#endif 221 bl _armv4_AES_encrypt 222 223 ldr r12,[sp],#4 @ pop out 224#if __ARM_ARCH__>=7 225#ifdef __ARMEL__ 226 rev r0,r0 227 rev r1,r1 228 rev r2,r2 229 rev r3,r3 230#endif 231 str r0,[r12,#0] 232 str r1,[r12,#4] 233 str r2,[r12,#8] 234 str r3,[r12,#12] 235#else 236 mov r4,r0,lsr#24 @ write output in endian-neutral 237 mov r5,r0,lsr#16 @ manner... 238 mov r6,r0,lsr#8 239 strb r4,[r12,#0] 240 strb r5,[r12,#1] 241 mov r4,r1,lsr#24 242 strb r6,[r12,#2] 243 mov r5,r1,lsr#16 244 strb r0,[r12,#3] 245 mov r6,r1,lsr#8 246 strb r4,[r12,#4] 247 strb r5,[r12,#5] 248 mov r4,r2,lsr#24 249 strb r6,[r12,#6] 250 mov r5,r2,lsr#16 251 strb r1,[r12,#7] 252 mov r6,r2,lsr#8 253 strb r4,[r12,#8] 254 strb r5,[r12,#9] 255 mov r4,r3,lsr#24 256 strb r6,[r12,#10] 257 mov r5,r3,lsr#16 258 strb r2,[r12,#11] 259 mov r6,r3,lsr#8 260 strb r4,[r12,#12] 261 strb r5,[r12,#13] 262 strb r6,[r12,#14] 263 strb r3,[r12,#15] 264#endif 265#if __ARM_ARCH__>=5 266 ldmia sp!,{r4-r12,pc} 267#else 268 ldmia sp!,{r4-r12,lr} 269 tst lr,#1 270 moveq pc,lr @ be binary compatible with V4, yet 271 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 272#endif 273.size AES_encrypt,.-AES_encrypt 274 275.type _armv4_AES_encrypt,%function 276.align 2 277_armv4_AES_encrypt: 278 str lr,[sp,#-4]! @ push lr 279 ldmia r11!,{r4-r7} 280 eor r0,r0,r4 281 ldr r12,[r11,#240-16] 282 eor r1,r1,r5 283 eor r2,r2,r6 284 eor r3,r3,r7 285 sub r12,r12,#1 286 mov lr,#255 287 288 and r7,lr,r0 289 and r8,lr,r0,lsr#8 290 and r9,lr,r0,lsr#16 291 mov r0,r0,lsr#24 292.Lenc_loop: 293 ldr r4,[r10,r7,lsl#2] @ Te3[s0>>0] 294 and r7,lr,r1,lsr#16 @ i0 295 ldr r5,[r10,r8,lsl#2] @ Te2[s0>>8] 296 and r8,lr,r1 297 ldr r6,[r10,r9,lsl#2] @ Te1[s0>>16] 298 and r9,lr,r1,lsr#8 299 ldr r0,[r10,r0,lsl#2] @ Te0[s0>>24] 300 mov r1,r1,lsr#24 301 302 ldr r7,[r10,r7,lsl#2] @ Te1[s1>>16] 303 ldr r8,[r10,r8,lsl#2] @ Te3[s1>>0] 304 ldr r9,[r10,r9,lsl#2] @ Te2[s1>>8] 305 eor r0,r0,r7,ror#8 306 ldr r1,[r10,r1,lsl#2] @ Te0[s1>>24] 307 and r7,lr,r2,lsr#8 @ i0 308 eor r5,r5,r8,ror#8 309 and r8,lr,r2,lsr#16 @ i1 310 eor r6,r6,r9,ror#8 311 and r9,lr,r2 312 ldr r7,[r10,r7,lsl#2] @ Te2[s2>>8] 313 eor r1,r1,r4,ror#24 314 ldr r8,[r10,r8,lsl#2] @ Te1[s2>>16] 315 mov r2,r2,lsr#24 316 317 ldr r9,[r10,r9,lsl#2] @ Te3[s2>>0] 318 eor r0,r0,r7,ror#16 319 ldr r2,[r10,r2,lsl#2] @ Te0[s2>>24] 320 and r7,lr,r3 @ i0 321 eor r1,r1,r8,ror#8 322 and r8,lr,r3,lsr#8 @ i1 323 eor r6,r6,r9,ror#16 324 and r9,lr,r3,lsr#16 @ i2 325 ldr r7,[r10,r7,lsl#2] @ Te3[s3>>0] 326 eor r2,r2,r5,ror#16 327 ldr r8,[r10,r8,lsl#2] @ Te2[s3>>8] 328 mov r3,r3,lsr#24 329 330 ldr r9,[r10,r9,lsl#2] @ Te1[s3>>16] 331 eor r0,r0,r7,ror#24 332 ldr r7,[r11],#16 333 eor r1,r1,r8,ror#16 334 ldr r3,[r10,r3,lsl#2] @ Te0[s3>>24] 335 eor r2,r2,r9,ror#8 336 ldr r4,[r11,#-12] 337 eor r3,r3,r6,ror#8 338 339 ldr r5,[r11,#-8] 340 eor r0,r0,r7 341 ldr r6,[r11,#-4] 342 and r7,lr,r0 343 eor r1,r1,r4 344 and r8,lr,r0,lsr#8 345 eor r2,r2,r5 346 and r9,lr,r0,lsr#16 347 eor r3,r3,r6 348 mov r0,r0,lsr#24 349 350 subs r12,r12,#1 351 bne .Lenc_loop 352 353 add r10,r10,#2 354 355 ldrb r4,[r10,r7,lsl#2] @ Te4[s0>>0] 356 and r7,lr,r1,lsr#16 @ i0 357 ldrb r5,[r10,r8,lsl#2] @ Te4[s0>>8] 358 and r8,lr,r1 359 ldrb r6,[r10,r9,lsl#2] @ Te4[s0>>16] 360 and r9,lr,r1,lsr#8 361 ldrb r0,[r10,r0,lsl#2] @ Te4[s0>>24] 362 mov r1,r1,lsr#24 363 364 ldrb r7,[r10,r7,lsl#2] @ Te4[s1>>16] 365 ldrb r8,[r10,r8,lsl#2] @ Te4[s1>>0] 366 ldrb r9,[r10,r9,lsl#2] @ Te4[s1>>8] 367 eor r0,r7,r0,lsl#8 368 ldrb r1,[r10,r1,lsl#2] @ Te4[s1>>24] 369 and r7,lr,r2,lsr#8 @ i0 370 eor r5,r8,r5,lsl#8 371 and r8,lr,r2,lsr#16 @ i1 372 eor r6,r9,r6,lsl#8 373 and r9,lr,r2 374 ldrb r7,[r10,r7,lsl#2] @ Te4[s2>>8] 375 eor r1,r4,r1,lsl#24 376 ldrb r8,[r10,r8,lsl#2] @ Te4[s2>>16] 377 mov r2,r2,lsr#24 378 379 ldrb r9,[r10,r9,lsl#2] @ Te4[s2>>0] 380 eor r0,r7,r0,lsl#8 381 ldrb r2,[r10,r2,lsl#2] @ Te4[s2>>24] 382 and r7,lr,r3 @ i0 383 eor r1,r1,r8,lsl#16 384 and r8,lr,r3,lsr#8 @ i1 385 eor r6,r9,r6,lsl#8 386 and r9,lr,r3,lsr#16 @ i2 387 ldrb r7,[r10,r7,lsl#2] @ Te4[s3>>0] 388 eor r2,r5,r2,lsl#24 389 ldrb r8,[r10,r8,lsl#2] @ Te4[s3>>8] 390 mov r3,r3,lsr#24 391 392 ldrb r9,[r10,r9,lsl#2] @ Te4[s3>>16] 393 eor r0,r7,r0,lsl#8 394 ldr r7,[r11,#0] 395 ldrb r3,[r10,r3,lsl#2] @ Te4[s3>>24] 396 eor r1,r1,r8,lsl#8 397 ldr r4,[r11,#4] 398 eor r2,r2,r9,lsl#16 399 ldr r5,[r11,#8] 400 eor r3,r6,r3,lsl#24 401 ldr r6,[r11,#12] 402 403 eor r0,r0,r7 404 eor r1,r1,r4 405 eor r2,r2,r5 406 eor r3,r3,r6 407 408 sub r10,r10,#2 409 ldr pc,[sp],#4 @ pop and return 410.size _armv4_AES_encrypt,.-_armv4_AES_encrypt 411 412.global private_AES_set_encrypt_key 413.type private_AES_set_encrypt_key,%function 414.align 5 415private_AES_set_encrypt_key: 416_armv4_AES_set_encrypt_key: 417#if __ARM_ARCH__<7 418 sub r3,pc,#8 @ AES_set_encrypt_key 419#else 420 adr r3,private_AES_set_encrypt_key 421#endif 422 teq r0,#0 423#if __ARM_ARCH__>=7 424 itt eq @ Thumb2 thing, sanity check in ARM 425#endif 426 moveq r0,#-1 427 beq .Labrt 428 teq r2,#0 429#if __ARM_ARCH__>=7 430 itt eq @ Thumb2 thing, sanity check in ARM 431#endif 432 moveq r0,#-1 433 beq .Labrt 434 435 teq r1,#128 436 beq .Lok 437 teq r1,#192 438 beq .Lok 439 teq r1,#256 440#if __ARM_ARCH__>=7 441 itt ne @ Thumb2 thing, sanity check in ARM 442#endif 443 movne r0,#-1 444 bne .Labrt 445 446.Lok: stmdb sp!,{r4-r12,lr} 447 sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4 448 449 mov r12,r0 @ inp 450 mov lr,r1 @ bits 451 mov r11,r2 @ key 452 453#if __ARM_ARCH__<7 454 ldrb r0,[r12,#3] @ load input data in endian-neutral 455 ldrb r4,[r12,#2] @ manner... 456 ldrb r5,[r12,#1] 457 ldrb r6,[r12,#0] 458 orr r0,r0,r4,lsl#8 459 ldrb r1,[r12,#7] 460 orr r0,r0,r5,lsl#16 461 ldrb r4,[r12,#6] 462 orr r0,r0,r6,lsl#24 463 ldrb r5,[r12,#5] 464 ldrb r6,[r12,#4] 465 orr r1,r1,r4,lsl#8 466 ldrb r2,[r12,#11] 467 orr r1,r1,r5,lsl#16 468 ldrb r4,[r12,#10] 469 orr r1,r1,r6,lsl#24 470 ldrb r5,[r12,#9] 471 ldrb r6,[r12,#8] 472 orr r2,r2,r4,lsl#8 473 ldrb r3,[r12,#15] 474 orr r2,r2,r5,lsl#16 475 ldrb r4,[r12,#14] 476 orr r2,r2,r6,lsl#24 477 ldrb r5,[r12,#13] 478 ldrb r6,[r12,#12] 479 orr r3,r3,r4,lsl#8 480 str r0,[r11],#16 481 orr r3,r3,r5,lsl#16 482 str r1,[r11,#-12] 483 orr r3,r3,r6,lsl#24 484 str r2,[r11,#-8] 485 str r3,[r11,#-4] 486#else 487 ldr r0,[r12,#0] 488 ldr r1,[r12,#4] 489 ldr r2,[r12,#8] 490 ldr r3,[r12,#12] 491#ifdef __ARMEL__ 492 rev r0,r0 493 rev r1,r1 494 rev r2,r2 495 rev r3,r3 496#endif 497 str r0,[r11],#16 498 str r1,[r11,#-12] 499 str r2,[r11,#-8] 500 str r3,[r11,#-4] 501#endif 502 503 teq lr,#128 504 bne .Lnot128 505 mov r12,#10 506 str r12,[r11,#240-16] 507 add r6,r10,#256 @ rcon 508 mov lr,#255 509 510.L128_loop: 511 and r5,lr,r3,lsr#24 512 and r7,lr,r3,lsr#16 513 ldrb r5,[r10,r5] 514 and r8,lr,r3,lsr#8 515 ldrb r7,[r10,r7] 516 and r9,lr,r3 517 ldrb r8,[r10,r8] 518 orr r5,r5,r7,lsl#24 519 ldrb r9,[r10,r9] 520 orr r5,r5,r8,lsl#16 521 ldr r4,[r6],#4 @ rcon[i++] 522 orr r5,r5,r9,lsl#8 523 eor r5,r5,r4 524 eor r0,r0,r5 @ rk[4]=rk[0]^... 525 eor r1,r1,r0 @ rk[5]=rk[1]^rk[4] 526 str r0,[r11],#16 527 eor r2,r2,r1 @ rk[6]=rk[2]^rk[5] 528 str r1,[r11,#-12] 529 eor r3,r3,r2 @ rk[7]=rk[3]^rk[6] 530 str r2,[r11,#-8] 531 subs r12,r12,#1 532 str r3,[r11,#-4] 533 bne .L128_loop 534 sub r2,r11,#176 535 b .Ldone 536 537.Lnot128: 538#if __ARM_ARCH__<7 539 ldrb r8,[r12,#19] 540 ldrb r4,[r12,#18] 541 ldrb r5,[r12,#17] 542 ldrb r6,[r12,#16] 543 orr r8,r8,r4,lsl#8 544 ldrb r9,[r12,#23] 545 orr r8,r8,r5,lsl#16 546 ldrb r4,[r12,#22] 547 orr r8,r8,r6,lsl#24 548 ldrb r5,[r12,#21] 549 ldrb r6,[r12,#20] 550 orr r9,r9,r4,lsl#8 551 orr r9,r9,r5,lsl#16 552 str r8,[r11],#8 553 orr r9,r9,r6,lsl#24 554 str r9,[r11,#-4] 555#else 556 ldr r8,[r12,#16] 557 ldr r9,[r12,#20] 558#ifdef __ARMEL__ 559 rev r8,r8 560 rev r9,r9 561#endif 562 str r8,[r11],#8 563 str r9,[r11,#-4] 564#endif 565 566 teq lr,#192 567 bne .Lnot192 568 mov r12,#12 569 str r12,[r11,#240-24] 570 add r6,r10,#256 @ rcon 571 mov lr,#255 572 mov r12,#8 573 574.L192_loop: 575 and r5,lr,r9,lsr#24 576 and r7,lr,r9,lsr#16 577 ldrb r5,[r10,r5] 578 and r8,lr,r9,lsr#8 579 ldrb r7,[r10,r7] 580 and r9,lr,r9 581 ldrb r8,[r10,r8] 582 orr r5,r5,r7,lsl#24 583 ldrb r9,[r10,r9] 584 orr r5,r5,r8,lsl#16 585 ldr r4,[r6],#4 @ rcon[i++] 586 orr r5,r5,r9,lsl#8 587 eor r9,r5,r4 588 eor r0,r0,r9 @ rk[6]=rk[0]^... 589 eor r1,r1,r0 @ rk[7]=rk[1]^rk[6] 590 str r0,[r11],#24 591 eor r2,r2,r1 @ rk[8]=rk[2]^rk[7] 592 str r1,[r11,#-20] 593 eor r3,r3,r2 @ rk[9]=rk[3]^rk[8] 594 str r2,[r11,#-16] 595 subs r12,r12,#1 596 str r3,[r11,#-12] 597#if __ARM_ARCH__>=7 598 itt eq @ Thumb2 thing, sanity check in ARM 599#endif 600 subeq r2,r11,#216 601 beq .Ldone 602 603 ldr r7,[r11,#-32] 604 ldr r8,[r11,#-28] 605 eor r7,r7,r3 @ rk[10]=rk[4]^rk[9] 606 eor r9,r8,r7 @ rk[11]=rk[5]^rk[10] 607 str r7,[r11,#-8] 608 str r9,[r11,#-4] 609 b .L192_loop 610 611.Lnot192: 612#if __ARM_ARCH__<7 613 ldrb r8,[r12,#27] 614 ldrb r4,[r12,#26] 615 ldrb r5,[r12,#25] 616 ldrb r6,[r12,#24] 617 orr r8,r8,r4,lsl#8 618 ldrb r9,[r12,#31] 619 orr r8,r8,r5,lsl#16 620 ldrb r4,[r12,#30] 621 orr r8,r8,r6,lsl#24 622 ldrb r5,[r12,#29] 623 ldrb r6,[r12,#28] 624 orr r9,r9,r4,lsl#8 625 orr r9,r9,r5,lsl#16 626 str r8,[r11],#8 627 orr r9,r9,r6,lsl#24 628 str r9,[r11,#-4] 629#else 630 ldr r8,[r12,#24] 631 ldr r9,[r12,#28] 632#ifdef __ARMEL__ 633 rev r8,r8 634 rev r9,r9 635#endif 636 str r8,[r11],#8 637 str r9,[r11,#-4] 638#endif 639 640 mov r12,#14 641 str r12,[r11,#240-32] 642 add r6,r10,#256 @ rcon 643 mov lr,#255 644 mov r12,#7 645 646.L256_loop: 647 and r5,lr,r9,lsr#24 648 and r7,lr,r9,lsr#16 649 ldrb r5,[r10,r5] 650 and r8,lr,r9,lsr#8 651 ldrb r7,[r10,r7] 652 and r9,lr,r9 653 ldrb r8,[r10,r8] 654 orr r5,r5,r7,lsl#24 655 ldrb r9,[r10,r9] 656 orr r5,r5,r8,lsl#16 657 ldr r4,[r6],#4 @ rcon[i++] 658 orr r5,r5,r9,lsl#8 659 eor r9,r5,r4 660 eor r0,r0,r9 @ rk[8]=rk[0]^... 661 eor r1,r1,r0 @ rk[9]=rk[1]^rk[8] 662 str r0,[r11],#32 663 eor r2,r2,r1 @ rk[10]=rk[2]^rk[9] 664 str r1,[r11,#-28] 665 eor r3,r3,r2 @ rk[11]=rk[3]^rk[10] 666 str r2,[r11,#-24] 667 subs r12,r12,#1 668 str r3,[r11,#-20] 669#if __ARM_ARCH__>=7 670 itt eq @ Thumb2 thing, sanity check in ARM 671#endif 672 subeq r2,r11,#256 673 beq .Ldone 674 675 and r5,lr,r3 676 and r7,lr,r3,lsr#8 677 ldrb r5,[r10,r5] 678 and r8,lr,r3,lsr#16 679 ldrb r7,[r10,r7] 680 and r9,lr,r3,lsr#24 681 ldrb r8,[r10,r8] 682 orr r5,r5,r7,lsl#8 683 ldrb r9,[r10,r9] 684 orr r5,r5,r8,lsl#16 685 ldr r4,[r11,#-48] 686 orr r5,r5,r9,lsl#24 687 688 ldr r7,[r11,#-44] 689 ldr r8,[r11,#-40] 690 eor r4,r4,r5 @ rk[12]=rk[4]^... 691 ldr r9,[r11,#-36] 692 eor r7,r7,r4 @ rk[13]=rk[5]^rk[12] 693 str r4,[r11,#-16] 694 eor r8,r8,r7 @ rk[14]=rk[6]^rk[13] 695 str r7,[r11,#-12] 696 eor r9,r9,r8 @ rk[15]=rk[7]^rk[14] 697 str r8,[r11,#-8] 698 str r9,[r11,#-4] 699 b .L256_loop 700 701.align 2 702.Ldone: mov r0,#0 703 ldmia sp!,{r4-r12,lr} 704.Labrt: 705#if __ARM_ARCH__>=5 706 RET @ .word 0xe12fff1e 707#else 708 tst lr,#1 709 moveq pc,lr @ be binary compatible with V4, yet 710 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 711#endif 712.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key 713 714.global private_AES_set_decrypt_key 715.type private_AES_set_decrypt_key,%function 716.align 5 717private_AES_set_decrypt_key: 718 str lr,[sp,#-4]! @ push lr 719 bl _armv4_AES_set_encrypt_key 720 teq r0,#0 721 ldr lr,[sp],#4 @ pop lr 722 bne .Labrt 723 724 mov r0,r2 @ AES_set_encrypt_key preserves r2, 725 mov r1,r2 @ which is AES_KEY *key 726 b _armv4_AES_set_enc2dec_key 727.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key 728 729@ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out) 730.global AES_set_enc2dec_key 731.type AES_set_enc2dec_key,%function 732.align 5 733AES_set_enc2dec_key: 734_armv4_AES_set_enc2dec_key: 735 stmdb sp!,{r4-r12,lr} 736 737 ldr r12,[r0,#240] 738 mov r7,r0 @ input 739 add r8,r0,r12,lsl#4 740 mov r11,r1 @ ouput 741 add r10,r1,r12,lsl#4 742 str r12,[r1,#240] 743 744.Linv: ldr r0,[r7],#16 745 ldr r1,[r7,#-12] 746 ldr r2,[r7,#-8] 747 ldr r3,[r7,#-4] 748 ldr r4,[r8],#-16 749 ldr r5,[r8,#16+4] 750 ldr r6,[r8,#16+8] 751 ldr r9,[r8,#16+12] 752 str r0,[r10],#-16 753 str r1,[r10,#16+4] 754 str r2,[r10,#16+8] 755 str r3,[r10,#16+12] 756 str r4,[r11],#16 757 str r5,[r11,#-12] 758 str r6,[r11,#-8] 759 str r9,[r11,#-4] 760 teq r7,r8 761 bne .Linv 762 763 ldr r0,[r7] 764 ldr r1,[r7,#4] 765 ldr r2,[r7,#8] 766 ldr r3,[r7,#12] 767 str r0,[r11] 768 str r1,[r11,#4] 769 str r2,[r11,#8] 770 str r3,[r11,#12] 771 sub r11,r11,r12,lsl#3 772 ldr r0,[r11,#16]! @ prefetch tp1 773 mov r7,#0x80 774 mov r8,#0x1b 775 orr r7,r7,#0x8000 776 orr r8,r8,#0x1b00 777 orr r7,r7,r7,lsl#16 778 orr r8,r8,r8,lsl#16 779 sub r12,r12,#1 780 mvn r9,r7 781 mov r12,r12,lsl#2 @ (rounds-1)*4 782 783.Lmix: and r4,r0,r7 784 and r1,r0,r9 785 sub r4,r4,r4,lsr#7 786 and r4,r4,r8 787 eor r1,r4,r1,lsl#1 @ tp2 788 789 and r4,r1,r7 790 and r2,r1,r9 791 sub r4,r4,r4,lsr#7 792 and r4,r4,r8 793 eor r2,r4,r2,lsl#1 @ tp4 794 795 and r4,r2,r7 796 and r3,r2,r9 797 sub r4,r4,r4,lsr#7 798 and r4,r4,r8 799 eor r3,r4,r3,lsl#1 @ tp8 800 801 eor r4,r1,r2 802 eor r5,r0,r3 @ tp9 803 eor r4,r4,r3 @ tpe 804 eor r4,r4,r1,ror#24 805 eor r4,r4,r5,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8) 806 eor r4,r4,r2,ror#16 807 eor r4,r4,r5,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16) 808 eor r4,r4,r5,ror#8 @ ^= ROTATE(tp9,24) 809 810 ldr r0,[r11,#4] @ prefetch tp1 811 str r4,[r11],#4 812 subs r12,r12,#1 813 bne .Lmix 814 815 mov r0,#0 816#if __ARM_ARCH__>=5 817 ldmia sp!,{r4-r12,pc} 818#else 819 ldmia sp!,{r4-r12,lr} 820 tst lr,#1 821 moveq pc,lr @ be binary compatible with V4, yet 822 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 823#endif 824.size AES_set_enc2dec_key,.-AES_set_enc2dec_key 825 826.type AES_Td,%object 827.align 5 828AES_Td: 829.word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 830.word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 831.word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 832.word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f 833.word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 834.word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 835.word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da 836.word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 837.word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd 838.word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 839.word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 840.word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 841.word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 842.word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a 843.word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 844.word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c 845.word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 846.word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a 847.word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 848.word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 849.word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 850.word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff 851.word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 852.word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb 853.word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 854.word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e 855.word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 856.word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a 857.word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e 858.word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 859.word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d 860.word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 861.word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd 862.word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 863.word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 864.word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 865.word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d 866.word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 867.word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 868.word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef 869.word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 870.word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 871.word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 872.word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 873.word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 874.word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b 875.word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 876.word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 877.word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 878.word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 879.word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 880.word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f 881.word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df 882.word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f 883.word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e 884.word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 885.word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 886.word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c 887.word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf 888.word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 889.word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f 890.word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 891.word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 892.word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 893@ Td4[256] 894.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 895.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb 896.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 897.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb 898.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d 899.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e 900.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 901.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 902.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 903.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 904.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda 905.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 906.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a 907.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 908.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 909.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b 910.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea 911.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 912.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 913.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e 914.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 915.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b 916.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 917.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 918.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 919.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f 920.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d 921.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef 922.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 923.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 924.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 925.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d 926.size AES_Td,.-AES_Td 927 928@ void AES_decrypt(const unsigned char *in, unsigned char *out, 929@ const AES_KEY *key) { 930.global AES_decrypt 931.type AES_decrypt,%function 932.align 5 933AES_decrypt: 934#if __ARM_ARCH__<7 935 sub r3,pc,#8 @ AES_decrypt 936#else 937 adr r3,AES_decrypt 938#endif 939 stmdb sp!,{r1,r4-r12,lr} 940 mov r12,r0 @ inp 941 mov r11,r2 942 sub r10,r3,#AES_decrypt-AES_Td @ Td 943#if __ARM_ARCH__<7 944 ldrb r0,[r12,#3] @ load input data in endian-neutral 945 ldrb r4,[r12,#2] @ manner... 946 ldrb r5,[r12,#1] 947 ldrb r6,[r12,#0] 948 orr r0,r0,r4,lsl#8 949 ldrb r1,[r12,#7] 950 orr r0,r0,r5,lsl#16 951 ldrb r4,[r12,#6] 952 orr r0,r0,r6,lsl#24 953 ldrb r5,[r12,#5] 954 ldrb r6,[r12,#4] 955 orr r1,r1,r4,lsl#8 956 ldrb r2,[r12,#11] 957 orr r1,r1,r5,lsl#16 958 ldrb r4,[r12,#10] 959 orr r1,r1,r6,lsl#24 960 ldrb r5,[r12,#9] 961 ldrb r6,[r12,#8] 962 orr r2,r2,r4,lsl#8 963 ldrb r3,[r12,#15] 964 orr r2,r2,r5,lsl#16 965 ldrb r4,[r12,#14] 966 orr r2,r2,r6,lsl#24 967 ldrb r5,[r12,#13] 968 ldrb r6,[r12,#12] 969 orr r3,r3,r4,lsl#8 970 orr r3,r3,r5,lsl#16 971 orr r3,r3,r6,lsl#24 972#else 973 ldr r0,[r12,#0] 974 ldr r1,[r12,#4] 975 ldr r2,[r12,#8] 976 ldr r3,[r12,#12] 977#ifdef __ARMEL__ 978 rev r0,r0 979 rev r1,r1 980 rev r2,r2 981 rev r3,r3 982#endif 983#endif 984 bl _armv4_AES_decrypt 985 986 ldr r12,[sp],#4 @ pop out 987#if __ARM_ARCH__>=7 988#ifdef __ARMEL__ 989 rev r0,r0 990 rev r1,r1 991 rev r2,r2 992 rev r3,r3 993#endif 994 str r0,[r12,#0] 995 str r1,[r12,#4] 996 str r2,[r12,#8] 997 str r3,[r12,#12] 998#else 999 mov r4,r0,lsr#24 @ write output in endian-neutral 1000 mov r5,r0,lsr#16 @ manner... 1001 mov r6,r0,lsr#8 1002 strb r4,[r12,#0] 1003 strb r5,[r12,#1] 1004 mov r4,r1,lsr#24 1005 strb r6,[r12,#2] 1006 mov r5,r1,lsr#16 1007 strb r0,[r12,#3] 1008 mov r6,r1,lsr#8 1009 strb r4,[r12,#4] 1010 strb r5,[r12,#5] 1011 mov r4,r2,lsr#24 1012 strb r6,[r12,#6] 1013 mov r5,r2,lsr#16 1014 strb r1,[r12,#7] 1015 mov r6,r2,lsr#8 1016 strb r4,[r12,#8] 1017 strb r5,[r12,#9] 1018 mov r4,r3,lsr#24 1019 strb r6,[r12,#10] 1020 mov r5,r3,lsr#16 1021 strb r2,[r12,#11] 1022 mov r6,r3,lsr#8 1023 strb r4,[r12,#12] 1024 strb r5,[r12,#13] 1025 strb r6,[r12,#14] 1026 strb r3,[r12,#15] 1027#endif 1028#if __ARM_ARCH__>=5 1029 ldmia sp!,{r4-r12,pc} 1030#else 1031 ldmia sp!,{r4-r12,lr} 1032 tst lr,#1 1033 moveq pc,lr @ be binary compatible with V4, yet 1034 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 1035#endif 1036.size AES_decrypt,.-AES_decrypt 1037 1038.type _armv4_AES_decrypt,%function 1039.align 2 1040_armv4_AES_decrypt: 1041 str lr,[sp,#-4]! @ push lr 1042 ldmia r11!,{r4-r7} 1043 eor r0,r0,r4 1044 ldr r12,[r11,#240-16] 1045 eor r1,r1,r5 1046 eor r2,r2,r6 1047 eor r3,r3,r7 1048 sub r12,r12,#1 1049 mov lr,#255 1050 1051 and r7,lr,r0,lsr#16 1052 and r8,lr,r0,lsr#8 1053 and r9,lr,r0 1054 mov r0,r0,lsr#24 1055.Ldec_loop: 1056 ldr r4,[r10,r7,lsl#2] @ Td1[s0>>16] 1057 and r7,lr,r1 @ i0 1058 ldr r5,[r10,r8,lsl#2] @ Td2[s0>>8] 1059 and r8,lr,r1,lsr#16 1060 ldr r6,[r10,r9,lsl#2] @ Td3[s0>>0] 1061 and r9,lr,r1,lsr#8 1062 ldr r0,[r10,r0,lsl#2] @ Td0[s0>>24] 1063 mov r1,r1,lsr#24 1064 1065 ldr r7,[r10,r7,lsl#2] @ Td3[s1>>0] 1066 ldr r8,[r10,r8,lsl#2] @ Td1[s1>>16] 1067 ldr r9,[r10,r9,lsl#2] @ Td2[s1>>8] 1068 eor r0,r0,r7,ror#24 1069 ldr r1,[r10,r1,lsl#2] @ Td0[s1>>24] 1070 and r7,lr,r2,lsr#8 @ i0 1071 eor r5,r8,r5,ror#8 1072 and r8,lr,r2 @ i1 1073 eor r6,r9,r6,ror#8 1074 and r9,lr,r2,lsr#16 1075 ldr r7,[r10,r7,lsl#2] @ Td2[s2>>8] 1076 eor r1,r1,r4,ror#8 1077 ldr r8,[r10,r8,lsl#2] @ Td3[s2>>0] 1078 mov r2,r2,lsr#24 1079 1080 ldr r9,[r10,r9,lsl#2] @ Td1[s2>>16] 1081 eor r0,r0,r7,ror#16 1082 ldr r2,[r10,r2,lsl#2] @ Td0[s2>>24] 1083 and r7,lr,r3,lsr#16 @ i0 1084 eor r1,r1,r8,ror#24 1085 and r8,lr,r3,lsr#8 @ i1 1086 eor r6,r9,r6,ror#8 1087 and r9,lr,r3 @ i2 1088 ldr r7,[r10,r7,lsl#2] @ Td1[s3>>16] 1089 eor r2,r2,r5,ror#8 1090 ldr r8,[r10,r8,lsl#2] @ Td2[s3>>8] 1091 mov r3,r3,lsr#24 1092 1093 ldr r9,[r10,r9,lsl#2] @ Td3[s3>>0] 1094 eor r0,r0,r7,ror#8 1095 ldr r7,[r11],#16 1096 eor r1,r1,r8,ror#16 1097 ldr r3,[r10,r3,lsl#2] @ Td0[s3>>24] 1098 eor r2,r2,r9,ror#24 1099 1100 ldr r4,[r11,#-12] 1101 eor r0,r0,r7 1102 ldr r5,[r11,#-8] 1103 eor r3,r3,r6,ror#8 1104 ldr r6,[r11,#-4] 1105 and r7,lr,r0,lsr#16 1106 eor r1,r1,r4 1107 and r8,lr,r0,lsr#8 1108 eor r2,r2,r5 1109 and r9,lr,r0 1110 eor r3,r3,r6 1111 mov r0,r0,lsr#24 1112 1113 subs r12,r12,#1 1114 bne .Ldec_loop 1115 1116 add r10,r10,#1024 1117 1118 ldr r5,[r10,#0] @ prefetch Td4 1119 ldr r6,[r10,#32] 1120 ldr r4,[r10,#64] 1121 ldr r5,[r10,#96] 1122 ldr r6,[r10,#128] 1123 ldr r4,[r10,#160] 1124 ldr r5,[r10,#192] 1125 ldr r6,[r10,#224] 1126 1127 ldrb r0,[r10,r0] @ Td4[s0>>24] 1128 ldrb r4,[r10,r7] @ Td4[s0>>16] 1129 and r7,lr,r1 @ i0 1130 ldrb r5,[r10,r8] @ Td4[s0>>8] 1131 and r8,lr,r1,lsr#16 1132 ldrb r6,[r10,r9] @ Td4[s0>>0] 1133 and r9,lr,r1,lsr#8 1134 1135 add r1,r10,r1,lsr#24 1136 ldrb r7,[r10,r7] @ Td4[s1>>0] 1137 ldrb r1,[r1] @ Td4[s1>>24] 1138 ldrb r8,[r10,r8] @ Td4[s1>>16] 1139 eor r0,r7,r0,lsl#24 1140 ldrb r9,[r10,r9] @ Td4[s1>>8] 1141 eor r1,r4,r1,lsl#8 1142 and r7,lr,r2,lsr#8 @ i0 1143 eor r5,r5,r8,lsl#8 1144 and r8,lr,r2 @ i1 1145 ldrb r7,[r10,r7] @ Td4[s2>>8] 1146 eor r6,r6,r9,lsl#8 1147 ldrb r8,[r10,r8] @ Td4[s2>>0] 1148 and r9,lr,r2,lsr#16 1149 1150 add r2,r10,r2,lsr#24 1151 ldrb r2,[r2] @ Td4[s2>>24] 1152 eor r0,r0,r7,lsl#8 1153 ldrb r9,[r10,r9] @ Td4[s2>>16] 1154 eor r1,r8,r1,lsl#16 1155 and r7,lr,r3,lsr#16 @ i0 1156 eor r2,r5,r2,lsl#16 1157 and r8,lr,r3,lsr#8 @ i1 1158 ldrb r7,[r10,r7] @ Td4[s3>>16] 1159 eor r6,r6,r9,lsl#16 1160 ldrb r8,[r10,r8] @ Td4[s3>>8] 1161 and r9,lr,r3 @ i2 1162 1163 add r3,r10,r3,lsr#24 1164 ldrb r9,[r10,r9] @ Td4[s3>>0] 1165 ldrb r3,[r3] @ Td4[s3>>24] 1166 eor r0,r0,r7,lsl#16 1167 ldr r7,[r11,#0] 1168 eor r1,r1,r8,lsl#8 1169 ldr r4,[r11,#4] 1170 eor r2,r9,r2,lsl#8 1171 ldr r5,[r11,#8] 1172 eor r3,r6,r3,lsl#24 1173 ldr r6,[r11,#12] 1174 1175 eor r0,r0,r7 1176 eor r1,r1,r4 1177 eor r2,r2,r5 1178 eor r3,r3,r6 1179 1180 sub r10,r10,#1024 1181 ldr pc,[sp],#4 @ pop and return 1182.size _armv4_AES_decrypt,.-_armv4_AES_decrypt 1183.asciz "AES for ARMv4, CRYPTOGAMS by <appro@openssl.org>" 1184.align 2 1185