1 2@ ==================================================================== 3@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL 4@ project. The module is, however, dual licensed under OpenSSL and 5@ CRYPTOGAMS licenses depending on where you obtain it. For further 6@ details see http://www.openssl.org/~appro/cryptogams/. 7@ ==================================================================== 8 9@ AES for ARMv4 10 11@ January 2007. 12@ 13@ Code uses single 1K S-box and is >2 times faster than code generated 14@ by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which 15@ allows to merge logical or arithmetic operation with shift or rotate 16@ in one instruction and emit combined result every cycle. The module 17@ is endian-neutral. The performance is ~42 cycles/byte for 128-bit 18@ key [on single-issue Xscale PXA250 core]. 19 20@ May 2007. 21@ 22@ AES_set_[en|de]crypt_key is added. 23 24@ July 2010. 25@ 26@ Rescheduling for dual-issue pipeline resulted in 12% improvement on 27@ Cortex A8 core and ~25 cycles per byte processed with 128-bit key. 28 29@ February 2011. 30@ 31@ Profiler-assisted and platform-specific optimization resulted in 16% 32@ improvement on Cortex A8 core and ~21.5 cycles per byte. 33 34#ifndef __KERNEL__ 35# include "arm_arch.h" 36#else 37# define __ARM_ARCH__ __LINUX_ARM_ARCH__ 38#endif 39 40.text 41#if __ARM_ARCH__<7 42.code 32 43#else 44.syntax unified 45# ifdef __thumb2__ 46.thumb 47# else 48.code 32 49# endif 50#endif 51 52.type AES_Te,%object 53.align 5 54AES_Te: 55.word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d 56.word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 57.word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d 58.word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a 59.word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 60.word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b 61.word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea 62.word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b 63.word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a 64.word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f 65.word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 66.word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f 67.word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e 68.word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 69.word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d 70.word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f 71.word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e 72.word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb 73.word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce 74.word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 75.word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c 76.word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed 77.word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b 78.word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a 79.word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 80.word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 81.word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 82.word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 83.word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a 84.word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 85.word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 86.word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d 87.word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f 88.word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 89.word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 90.word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 91.word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f 92.word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 93.word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c 94.word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 95.word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e 96.word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 97.word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 98.word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b 99.word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 100.word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 101.word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 102.word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 103.word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 104.word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 105.word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 106.word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 107.word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa 108.word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 109.word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 110.word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 111.word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 112.word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 113.word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 114.word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a 115.word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 116.word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 117.word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 118.word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a 119@ Te4[256] 120.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 121.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 122.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 123.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 124.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc 125.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 126.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a 127.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 128.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 129.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 130.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b 131.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf 132.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 133.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 134.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 135.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 136.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 137.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 138.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 139.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb 140.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c 141.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 142.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 143.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 144.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 145.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a 146.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e 147.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e 148.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 149.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf 150.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 151.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 152@ rcon[] 153.word 0x01000000, 0x02000000, 0x04000000, 0x08000000 154.word 0x10000000, 0x20000000, 0x40000000, 0x80000000 155.word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0 156.size AES_Te,.-AES_Te 157 158@ void AES_encrypt(const unsigned char *in, unsigned char *out, 159@ const AES_KEY *key) { 160.global AES_encrypt 161.type AES_encrypt,%function 162.align 5 163AES_encrypt: 164#if __ARM_ARCH__<7 165 sub r3,pc,#8 @ AES_encrypt 166#else 167 adr r3,AES_encrypt 168#endif 169 stmdb sp!,{r1,r4-r12,lr} 170 mov r12,r0 @ inp 171 mov r11,r2 172 sub r10,r3,#AES_encrypt-AES_Te @ Te 173#if __ARM_ARCH__<7 174 ldrb r0,[r12,#3] @ load input data in endian-neutral 175 ldrb r4,[r12,#2] @ manner... 176 ldrb r5,[r12,#1] 177 ldrb r6,[r12,#0] 178 orr r0,r0,r4,lsl#8 179 ldrb r1,[r12,#7] 180 orr r0,r0,r5,lsl#16 181 ldrb r4,[r12,#6] 182 orr r0,r0,r6,lsl#24 183 ldrb r5,[r12,#5] 184 ldrb r6,[r12,#4] 185 orr r1,r1,r4,lsl#8 186 ldrb r2,[r12,#11] 187 orr r1,r1,r5,lsl#16 188 ldrb r4,[r12,#10] 189 orr r1,r1,r6,lsl#24 190 ldrb r5,[r12,#9] 191 ldrb r6,[r12,#8] 192 orr r2,r2,r4,lsl#8 193 ldrb r3,[r12,#15] 194 orr r2,r2,r5,lsl#16 195 ldrb r4,[r12,#14] 196 orr r2,r2,r6,lsl#24 197 ldrb r5,[r12,#13] 198 ldrb r6,[r12,#12] 199 orr r3,r3,r4,lsl#8 200 orr r3,r3,r5,lsl#16 201 orr r3,r3,r6,lsl#24 202#else 203 ldr r0,[r12,#0] 204 ldr r1,[r12,#4] 205 ldr r2,[r12,#8] 206 ldr r3,[r12,#12] 207#ifdef __ARMEL__ 208 rev r0,r0 209 rev r1,r1 210 rev r2,r2 211 rev r3,r3 212#endif 213#endif 214 bl _armv4_AES_encrypt 215 216 ldr r12,[sp],#4 @ pop out 217#if __ARM_ARCH__>=7 218#ifdef __ARMEL__ 219 rev r0,r0 220 rev r1,r1 221 rev r2,r2 222 rev r3,r3 223#endif 224 str r0,[r12,#0] 225 str r1,[r12,#4] 226 str r2,[r12,#8] 227 str r3,[r12,#12] 228#else 229 mov r4,r0,lsr#24 @ write output in endian-neutral 230 mov r5,r0,lsr#16 @ manner... 231 mov r6,r0,lsr#8 232 strb r4,[r12,#0] 233 strb r5,[r12,#1] 234 mov r4,r1,lsr#24 235 strb r6,[r12,#2] 236 mov r5,r1,lsr#16 237 strb r0,[r12,#3] 238 mov r6,r1,lsr#8 239 strb r4,[r12,#4] 240 strb r5,[r12,#5] 241 mov r4,r2,lsr#24 242 strb r6,[r12,#6] 243 mov r5,r2,lsr#16 244 strb r1,[r12,#7] 245 mov r6,r2,lsr#8 246 strb r4,[r12,#8] 247 strb r5,[r12,#9] 248 mov r4,r3,lsr#24 249 strb r6,[r12,#10] 250 mov r5,r3,lsr#16 251 strb r2,[r12,#11] 252 mov r6,r3,lsr#8 253 strb r4,[r12,#12] 254 strb r5,[r12,#13] 255 strb r6,[r12,#14] 256 strb r3,[r12,#15] 257#endif 258#if __ARM_ARCH__>=5 259 ldmia sp!,{r4-r12,pc} 260#else 261 ldmia sp!,{r4-r12,lr} 262 tst lr,#1 263 moveq pc,lr @ be binary compatible with V4, yet 264 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 265#endif 266.size AES_encrypt,.-AES_encrypt 267 268.type _armv4_AES_encrypt,%function 269.align 2 270_armv4_AES_encrypt: 271 str lr,[sp,#-4]! @ push lr 272 ldmia r11!,{r4-r7} 273 eor r0,r0,r4 274 ldr r12,[r11,#240-16] 275 eor r1,r1,r5 276 eor r2,r2,r6 277 eor r3,r3,r7 278 sub r12,r12,#1 279 mov lr,#255 280 281 and r7,lr,r0 282 and r8,lr,r0,lsr#8 283 and r9,lr,r0,lsr#16 284 mov r0,r0,lsr#24 285.Lenc_loop: 286 ldr r4,[r10,r7,lsl#2] @ Te3[s0>>0] 287 and r7,lr,r1,lsr#16 @ i0 288 ldr r5,[r10,r8,lsl#2] @ Te2[s0>>8] 289 and r8,lr,r1 290 ldr r6,[r10,r9,lsl#2] @ Te1[s0>>16] 291 and r9,lr,r1,lsr#8 292 ldr r0,[r10,r0,lsl#2] @ Te0[s0>>24] 293 mov r1,r1,lsr#24 294 295 ldr r7,[r10,r7,lsl#2] @ Te1[s1>>16] 296 ldr r8,[r10,r8,lsl#2] @ Te3[s1>>0] 297 ldr r9,[r10,r9,lsl#2] @ Te2[s1>>8] 298 eor r0,r0,r7,ror#8 299 ldr r1,[r10,r1,lsl#2] @ Te0[s1>>24] 300 and r7,lr,r2,lsr#8 @ i0 301 eor r5,r5,r8,ror#8 302 and r8,lr,r2,lsr#16 @ i1 303 eor r6,r6,r9,ror#8 304 and r9,lr,r2 305 ldr r7,[r10,r7,lsl#2] @ Te2[s2>>8] 306 eor r1,r1,r4,ror#24 307 ldr r8,[r10,r8,lsl#2] @ Te1[s2>>16] 308 mov r2,r2,lsr#24 309 310 ldr r9,[r10,r9,lsl#2] @ Te3[s2>>0] 311 eor r0,r0,r7,ror#16 312 ldr r2,[r10,r2,lsl#2] @ Te0[s2>>24] 313 and r7,lr,r3 @ i0 314 eor r1,r1,r8,ror#8 315 and r8,lr,r3,lsr#8 @ i1 316 eor r6,r6,r9,ror#16 317 and r9,lr,r3,lsr#16 @ i2 318 ldr r7,[r10,r7,lsl#2] @ Te3[s3>>0] 319 eor r2,r2,r5,ror#16 320 ldr r8,[r10,r8,lsl#2] @ Te2[s3>>8] 321 mov r3,r3,lsr#24 322 323 ldr r9,[r10,r9,lsl#2] @ Te1[s3>>16] 324 eor r0,r0,r7,ror#24 325 ldr r7,[r11],#16 326 eor r1,r1,r8,ror#16 327 ldr r3,[r10,r3,lsl#2] @ Te0[s3>>24] 328 eor r2,r2,r9,ror#8 329 ldr r4,[r11,#-12] 330 eor r3,r3,r6,ror#8 331 332 ldr r5,[r11,#-8] 333 eor r0,r0,r7 334 ldr r6,[r11,#-4] 335 and r7,lr,r0 336 eor r1,r1,r4 337 and r8,lr,r0,lsr#8 338 eor r2,r2,r5 339 and r9,lr,r0,lsr#16 340 eor r3,r3,r6 341 mov r0,r0,lsr#24 342 343 subs r12,r12,#1 344 bne .Lenc_loop 345 346 add r10,r10,#2 347 348 ldrb r4,[r10,r7,lsl#2] @ Te4[s0>>0] 349 and r7,lr,r1,lsr#16 @ i0 350 ldrb r5,[r10,r8,lsl#2] @ Te4[s0>>8] 351 and r8,lr,r1 352 ldrb r6,[r10,r9,lsl#2] @ Te4[s0>>16] 353 and r9,lr,r1,lsr#8 354 ldrb r0,[r10,r0,lsl#2] @ Te4[s0>>24] 355 mov r1,r1,lsr#24 356 357 ldrb r7,[r10,r7,lsl#2] @ Te4[s1>>16] 358 ldrb r8,[r10,r8,lsl#2] @ Te4[s1>>0] 359 ldrb r9,[r10,r9,lsl#2] @ Te4[s1>>8] 360 eor r0,r7,r0,lsl#8 361 ldrb r1,[r10,r1,lsl#2] @ Te4[s1>>24] 362 and r7,lr,r2,lsr#8 @ i0 363 eor r5,r8,r5,lsl#8 364 and r8,lr,r2,lsr#16 @ i1 365 eor r6,r9,r6,lsl#8 366 and r9,lr,r2 367 ldrb r7,[r10,r7,lsl#2] @ Te4[s2>>8] 368 eor r1,r4,r1,lsl#24 369 ldrb r8,[r10,r8,lsl#2] @ Te4[s2>>16] 370 mov r2,r2,lsr#24 371 372 ldrb r9,[r10,r9,lsl#2] @ Te4[s2>>0] 373 eor r0,r7,r0,lsl#8 374 ldrb r2,[r10,r2,lsl#2] @ Te4[s2>>24] 375 and r7,lr,r3 @ i0 376 eor r1,r1,r8,lsl#16 377 and r8,lr,r3,lsr#8 @ i1 378 eor r6,r9,r6,lsl#8 379 and r9,lr,r3,lsr#16 @ i2 380 ldrb r7,[r10,r7,lsl#2] @ Te4[s3>>0] 381 eor r2,r5,r2,lsl#24 382 ldrb r8,[r10,r8,lsl#2] @ Te4[s3>>8] 383 mov r3,r3,lsr#24 384 385 ldrb r9,[r10,r9,lsl#2] @ Te4[s3>>16] 386 eor r0,r7,r0,lsl#8 387 ldr r7,[r11,#0] 388 ldrb r3,[r10,r3,lsl#2] @ Te4[s3>>24] 389 eor r1,r1,r8,lsl#8 390 ldr r4,[r11,#4] 391 eor r2,r2,r9,lsl#16 392 ldr r5,[r11,#8] 393 eor r3,r6,r3,lsl#24 394 ldr r6,[r11,#12] 395 396 eor r0,r0,r7 397 eor r1,r1,r4 398 eor r2,r2,r5 399 eor r3,r3,r6 400 401 sub r10,r10,#2 402 ldr pc,[sp],#4 @ pop and return 403.size _armv4_AES_encrypt,.-_armv4_AES_encrypt 404 405.global private_AES_set_encrypt_key 406.type private_AES_set_encrypt_key,%function 407.align 5 408private_AES_set_encrypt_key: 409_armv4_AES_set_encrypt_key: 410#if __ARM_ARCH__<7 411 sub r3,pc,#8 @ AES_set_encrypt_key 412#else 413 adr r3,private_AES_set_encrypt_key 414#endif 415 teq r0,#0 416#if __ARM_ARCH__>=7 417 itt eq @ Thumb2 thing, sanity check in ARM 418#endif 419 moveq r0,#-1 420 beq .Labrt 421 teq r2,#0 422#if __ARM_ARCH__>=7 423 itt eq @ Thumb2 thing, sanity check in ARM 424#endif 425 moveq r0,#-1 426 beq .Labrt 427 428 teq r1,#128 429 beq .Lok 430 teq r1,#192 431 beq .Lok 432 teq r1,#256 433#if __ARM_ARCH__>=7 434 itt ne @ Thumb2 thing, sanity check in ARM 435#endif 436 movne r0,#-1 437 bne .Labrt 438 439.Lok: stmdb sp!,{r4-r12,lr} 440 sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4 441 442 mov r12,r0 @ inp 443 mov lr,r1 @ bits 444 mov r11,r2 @ key 445 446#if __ARM_ARCH__<7 447 ldrb r0,[r12,#3] @ load input data in endian-neutral 448 ldrb r4,[r12,#2] @ manner... 449 ldrb r5,[r12,#1] 450 ldrb r6,[r12,#0] 451 orr r0,r0,r4,lsl#8 452 ldrb r1,[r12,#7] 453 orr r0,r0,r5,lsl#16 454 ldrb r4,[r12,#6] 455 orr r0,r0,r6,lsl#24 456 ldrb r5,[r12,#5] 457 ldrb r6,[r12,#4] 458 orr r1,r1,r4,lsl#8 459 ldrb r2,[r12,#11] 460 orr r1,r1,r5,lsl#16 461 ldrb r4,[r12,#10] 462 orr r1,r1,r6,lsl#24 463 ldrb r5,[r12,#9] 464 ldrb r6,[r12,#8] 465 orr r2,r2,r4,lsl#8 466 ldrb r3,[r12,#15] 467 orr r2,r2,r5,lsl#16 468 ldrb r4,[r12,#14] 469 orr r2,r2,r6,lsl#24 470 ldrb r5,[r12,#13] 471 ldrb r6,[r12,#12] 472 orr r3,r3,r4,lsl#8 473 str r0,[r11],#16 474 orr r3,r3,r5,lsl#16 475 str r1,[r11,#-12] 476 orr r3,r3,r6,lsl#24 477 str r2,[r11,#-8] 478 str r3,[r11,#-4] 479#else 480 ldr r0,[r12,#0] 481 ldr r1,[r12,#4] 482 ldr r2,[r12,#8] 483 ldr r3,[r12,#12] 484#ifdef __ARMEL__ 485 rev r0,r0 486 rev r1,r1 487 rev r2,r2 488 rev r3,r3 489#endif 490 str r0,[r11],#16 491 str r1,[r11,#-12] 492 str r2,[r11,#-8] 493 str r3,[r11,#-4] 494#endif 495 496 teq lr,#128 497 bne .Lnot128 498 mov r12,#10 499 str r12,[r11,#240-16] 500 add r6,r10,#256 @ rcon 501 mov lr,#255 502 503.L128_loop: 504 and r5,lr,r3,lsr#24 505 and r7,lr,r3,lsr#16 506 ldrb r5,[r10,r5] 507 and r8,lr,r3,lsr#8 508 ldrb r7,[r10,r7] 509 and r9,lr,r3 510 ldrb r8,[r10,r8] 511 orr r5,r5,r7,lsl#24 512 ldrb r9,[r10,r9] 513 orr r5,r5,r8,lsl#16 514 ldr r4,[r6],#4 @ rcon[i++] 515 orr r5,r5,r9,lsl#8 516 eor r5,r5,r4 517 eor r0,r0,r5 @ rk[4]=rk[0]^... 518 eor r1,r1,r0 @ rk[5]=rk[1]^rk[4] 519 str r0,[r11],#16 520 eor r2,r2,r1 @ rk[6]=rk[2]^rk[5] 521 str r1,[r11,#-12] 522 eor r3,r3,r2 @ rk[7]=rk[3]^rk[6] 523 str r2,[r11,#-8] 524 subs r12,r12,#1 525 str r3,[r11,#-4] 526 bne .L128_loop 527 sub r2,r11,#176 528 b .Ldone 529 530.Lnot128: 531#if __ARM_ARCH__<7 532 ldrb r8,[r12,#19] 533 ldrb r4,[r12,#18] 534 ldrb r5,[r12,#17] 535 ldrb r6,[r12,#16] 536 orr r8,r8,r4,lsl#8 537 ldrb r9,[r12,#23] 538 orr r8,r8,r5,lsl#16 539 ldrb r4,[r12,#22] 540 orr r8,r8,r6,lsl#24 541 ldrb r5,[r12,#21] 542 ldrb r6,[r12,#20] 543 orr r9,r9,r4,lsl#8 544 orr r9,r9,r5,lsl#16 545 str r8,[r11],#8 546 orr r9,r9,r6,lsl#24 547 str r9,[r11,#-4] 548#else 549 ldr r8,[r12,#16] 550 ldr r9,[r12,#20] 551#ifdef __ARMEL__ 552 rev r8,r8 553 rev r9,r9 554#endif 555 str r8,[r11],#8 556 str r9,[r11,#-4] 557#endif 558 559 teq lr,#192 560 bne .Lnot192 561 mov r12,#12 562 str r12,[r11,#240-24] 563 add r6,r10,#256 @ rcon 564 mov lr,#255 565 mov r12,#8 566 567.L192_loop: 568 and r5,lr,r9,lsr#24 569 and r7,lr,r9,lsr#16 570 ldrb r5,[r10,r5] 571 and r8,lr,r9,lsr#8 572 ldrb r7,[r10,r7] 573 and r9,lr,r9 574 ldrb r8,[r10,r8] 575 orr r5,r5,r7,lsl#24 576 ldrb r9,[r10,r9] 577 orr r5,r5,r8,lsl#16 578 ldr r4,[r6],#4 @ rcon[i++] 579 orr r5,r5,r9,lsl#8 580 eor r9,r5,r4 581 eor r0,r0,r9 @ rk[6]=rk[0]^... 582 eor r1,r1,r0 @ rk[7]=rk[1]^rk[6] 583 str r0,[r11],#24 584 eor r2,r2,r1 @ rk[8]=rk[2]^rk[7] 585 str r1,[r11,#-20] 586 eor r3,r3,r2 @ rk[9]=rk[3]^rk[8] 587 str r2,[r11,#-16] 588 subs r12,r12,#1 589 str r3,[r11,#-12] 590#if __ARM_ARCH__>=7 591 itt eq @ Thumb2 thing, sanity check in ARM 592#endif 593 subeq r2,r11,#216 594 beq .Ldone 595 596 ldr r7,[r11,#-32] 597 ldr r8,[r11,#-28] 598 eor r7,r7,r3 @ rk[10]=rk[4]^rk[9] 599 eor r9,r8,r7 @ rk[11]=rk[5]^rk[10] 600 str r7,[r11,#-8] 601 str r9,[r11,#-4] 602 b .L192_loop 603 604.Lnot192: 605#if __ARM_ARCH__<7 606 ldrb r8,[r12,#27] 607 ldrb r4,[r12,#26] 608 ldrb r5,[r12,#25] 609 ldrb r6,[r12,#24] 610 orr r8,r8,r4,lsl#8 611 ldrb r9,[r12,#31] 612 orr r8,r8,r5,lsl#16 613 ldrb r4,[r12,#30] 614 orr r8,r8,r6,lsl#24 615 ldrb r5,[r12,#29] 616 ldrb r6,[r12,#28] 617 orr r9,r9,r4,lsl#8 618 orr r9,r9,r5,lsl#16 619 str r8,[r11],#8 620 orr r9,r9,r6,lsl#24 621 str r9,[r11,#-4] 622#else 623 ldr r8,[r12,#24] 624 ldr r9,[r12,#28] 625#ifdef __ARMEL__ 626 rev r8,r8 627 rev r9,r9 628#endif 629 str r8,[r11],#8 630 str r9,[r11,#-4] 631#endif 632 633 mov r12,#14 634 str r12,[r11,#240-32] 635 add r6,r10,#256 @ rcon 636 mov lr,#255 637 mov r12,#7 638 639.L256_loop: 640 and r5,lr,r9,lsr#24 641 and r7,lr,r9,lsr#16 642 ldrb r5,[r10,r5] 643 and r8,lr,r9,lsr#8 644 ldrb r7,[r10,r7] 645 and r9,lr,r9 646 ldrb r8,[r10,r8] 647 orr r5,r5,r7,lsl#24 648 ldrb r9,[r10,r9] 649 orr r5,r5,r8,lsl#16 650 ldr r4,[r6],#4 @ rcon[i++] 651 orr r5,r5,r9,lsl#8 652 eor r9,r5,r4 653 eor r0,r0,r9 @ rk[8]=rk[0]^... 654 eor r1,r1,r0 @ rk[9]=rk[1]^rk[8] 655 str r0,[r11],#32 656 eor r2,r2,r1 @ rk[10]=rk[2]^rk[9] 657 str r1,[r11,#-28] 658 eor r3,r3,r2 @ rk[11]=rk[3]^rk[10] 659 str r2,[r11,#-24] 660 subs r12,r12,#1 661 str r3,[r11,#-20] 662#if __ARM_ARCH__>=7 663 itt eq @ Thumb2 thing, sanity check in ARM 664#endif 665 subeq r2,r11,#256 666 beq .Ldone 667 668 and r5,lr,r3 669 and r7,lr,r3,lsr#8 670 ldrb r5,[r10,r5] 671 and r8,lr,r3,lsr#16 672 ldrb r7,[r10,r7] 673 and r9,lr,r3,lsr#24 674 ldrb r8,[r10,r8] 675 orr r5,r5,r7,lsl#8 676 ldrb r9,[r10,r9] 677 orr r5,r5,r8,lsl#16 678 ldr r4,[r11,#-48] 679 orr r5,r5,r9,lsl#24 680 681 ldr r7,[r11,#-44] 682 ldr r8,[r11,#-40] 683 eor r4,r4,r5 @ rk[12]=rk[4]^... 684 ldr r9,[r11,#-36] 685 eor r7,r7,r4 @ rk[13]=rk[5]^rk[12] 686 str r4,[r11,#-16] 687 eor r8,r8,r7 @ rk[14]=rk[6]^rk[13] 688 str r7,[r11,#-12] 689 eor r9,r9,r8 @ rk[15]=rk[7]^rk[14] 690 str r8,[r11,#-8] 691 str r9,[r11,#-4] 692 b .L256_loop 693 694.align 2 695.Ldone: mov r0,#0 696 ldmia sp!,{r4-r12,lr} 697.Labrt: 698#if __ARM_ARCH__>=5 699 bx lr @ .word 0xe12fff1e 700#else 701 tst lr,#1 702 moveq pc,lr @ be binary compatible with V4, yet 703 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 704#endif 705.size private_AES_set_encrypt_key,.-private_AES_set_encrypt_key 706 707.global private_AES_set_decrypt_key 708.type private_AES_set_decrypt_key,%function 709.align 5 710private_AES_set_decrypt_key: 711 str lr,[sp,#-4]! @ push lr 712 bl _armv4_AES_set_encrypt_key 713 teq r0,#0 714 ldr lr,[sp],#4 @ pop lr 715 bne .Labrt 716 717 mov r0,r2 @ AES_set_encrypt_key preserves r2, 718 mov r1,r2 @ which is AES_KEY *key 719 b _armv4_AES_set_enc2dec_key 720.size private_AES_set_decrypt_key,.-private_AES_set_decrypt_key 721 722@ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out) 723.global AES_set_enc2dec_key 724.type AES_set_enc2dec_key,%function 725.align 5 726AES_set_enc2dec_key: 727_armv4_AES_set_enc2dec_key: 728 stmdb sp!,{r4-r12,lr} 729 730 ldr r12,[r0,#240] 731 mov r7,r0 @ input 732 add r8,r0,r12,lsl#4 733 mov r11,r1 @ ouput 734 add r10,r1,r12,lsl#4 735 str r12,[r1,#240] 736 737.Linv: ldr r0,[r7],#16 738 ldr r1,[r7,#-12] 739 ldr r2,[r7,#-8] 740 ldr r3,[r7,#-4] 741 ldr r4,[r8],#-16 742 ldr r5,[r8,#16+4] 743 ldr r6,[r8,#16+8] 744 ldr r9,[r8,#16+12] 745 str r0,[r10],#-16 746 str r1,[r10,#16+4] 747 str r2,[r10,#16+8] 748 str r3,[r10,#16+12] 749 str r4,[r11],#16 750 str r5,[r11,#-12] 751 str r6,[r11,#-8] 752 str r9,[r11,#-4] 753 teq r7,r8 754 bne .Linv 755 756 ldr r0,[r7] 757 ldr r1,[r7,#4] 758 ldr r2,[r7,#8] 759 ldr r3,[r7,#12] 760 str r0,[r11] 761 str r1,[r11,#4] 762 str r2,[r11,#8] 763 str r3,[r11,#12] 764 sub r11,r11,r12,lsl#3 765 ldr r0,[r11,#16]! @ prefetch tp1 766 mov r7,#0x80 767 mov r8,#0x1b 768 orr r7,r7,#0x8000 769 orr r8,r8,#0x1b00 770 orr r7,r7,r7,lsl#16 771 orr r8,r8,r8,lsl#16 772 sub r12,r12,#1 773 mvn r9,r7 774 mov r12,r12,lsl#2 @ (rounds-1)*4 775 776.Lmix: and r4,r0,r7 777 and r1,r0,r9 778 sub r4,r4,r4,lsr#7 779 and r4,r4,r8 780 eor r1,r4,r1,lsl#1 @ tp2 781 782 and r4,r1,r7 783 and r2,r1,r9 784 sub r4,r4,r4,lsr#7 785 and r4,r4,r8 786 eor r2,r4,r2,lsl#1 @ tp4 787 788 and r4,r2,r7 789 and r3,r2,r9 790 sub r4,r4,r4,lsr#7 791 and r4,r4,r8 792 eor r3,r4,r3,lsl#1 @ tp8 793 794 eor r4,r1,r2 795 eor r5,r0,r3 @ tp9 796 eor r4,r4,r3 @ tpe 797 eor r4,r4,r1,ror#24 798 eor r4,r4,r5,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8) 799 eor r4,r4,r2,ror#16 800 eor r4,r4,r5,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16) 801 eor r4,r4,r5,ror#8 @ ^= ROTATE(tp9,24) 802 803 ldr r0,[r11,#4] @ prefetch tp1 804 str r4,[r11],#4 805 subs r12,r12,#1 806 bne .Lmix 807 808 mov r0,#0 809#if __ARM_ARCH__>=5 810 ldmia sp!,{r4-r12,pc} 811#else 812 ldmia sp!,{r4-r12,lr} 813 tst lr,#1 814 moveq pc,lr @ be binary compatible with V4, yet 815 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 816#endif 817.size AES_set_enc2dec_key,.-AES_set_enc2dec_key 818 819.type AES_Td,%object 820.align 5 821AES_Td: 822.word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 823.word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 824.word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 825.word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f 826.word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 827.word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 828.word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da 829.word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 830.word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd 831.word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 832.word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 833.word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 834.word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 835.word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a 836.word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 837.word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c 838.word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 839.word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a 840.word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 841.word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 842.word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 843.word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff 844.word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 845.word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb 846.word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 847.word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e 848.word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 849.word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a 850.word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e 851.word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 852.word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d 853.word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 854.word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd 855.word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 856.word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 857.word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 858.word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d 859.word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 860.word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 861.word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef 862.word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 863.word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 864.word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 865.word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 866.word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 867.word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b 868.word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 869.word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 870.word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 871.word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 872.word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 873.word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f 874.word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df 875.word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f 876.word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e 877.word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 878.word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 879.word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c 880.word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf 881.word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 882.word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f 883.word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 884.word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 885.word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 886@ Td4[256] 887.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 888.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb 889.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 890.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb 891.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d 892.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e 893.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 894.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 895.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 896.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 897.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda 898.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 899.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a 900.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 901.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 902.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b 903.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea 904.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 905.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 906.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e 907.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 908.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b 909.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 910.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 911.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 912.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f 913.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d 914.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef 915.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 916.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 917.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 918.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d 919.size AES_Td,.-AES_Td 920 921@ void AES_decrypt(const unsigned char *in, unsigned char *out, 922@ const AES_KEY *key) { 923.global AES_decrypt 924.type AES_decrypt,%function 925.align 5 926AES_decrypt: 927#if __ARM_ARCH__<7 928 sub r3,pc,#8 @ AES_decrypt 929#else 930 adr r3,AES_decrypt 931#endif 932 stmdb sp!,{r1,r4-r12,lr} 933 mov r12,r0 @ inp 934 mov r11,r2 935 sub r10,r3,#AES_decrypt-AES_Td @ Td 936#if __ARM_ARCH__<7 937 ldrb r0,[r12,#3] @ load input data in endian-neutral 938 ldrb r4,[r12,#2] @ manner... 939 ldrb r5,[r12,#1] 940 ldrb r6,[r12,#0] 941 orr r0,r0,r4,lsl#8 942 ldrb r1,[r12,#7] 943 orr r0,r0,r5,lsl#16 944 ldrb r4,[r12,#6] 945 orr r0,r0,r6,lsl#24 946 ldrb r5,[r12,#5] 947 ldrb r6,[r12,#4] 948 orr r1,r1,r4,lsl#8 949 ldrb r2,[r12,#11] 950 orr r1,r1,r5,lsl#16 951 ldrb r4,[r12,#10] 952 orr r1,r1,r6,lsl#24 953 ldrb r5,[r12,#9] 954 ldrb r6,[r12,#8] 955 orr r2,r2,r4,lsl#8 956 ldrb r3,[r12,#15] 957 orr r2,r2,r5,lsl#16 958 ldrb r4,[r12,#14] 959 orr r2,r2,r6,lsl#24 960 ldrb r5,[r12,#13] 961 ldrb r6,[r12,#12] 962 orr r3,r3,r4,lsl#8 963 orr r3,r3,r5,lsl#16 964 orr r3,r3,r6,lsl#24 965#else 966 ldr r0,[r12,#0] 967 ldr r1,[r12,#4] 968 ldr r2,[r12,#8] 969 ldr r3,[r12,#12] 970#ifdef __ARMEL__ 971 rev r0,r0 972 rev r1,r1 973 rev r2,r2 974 rev r3,r3 975#endif 976#endif 977 bl _armv4_AES_decrypt 978 979 ldr r12,[sp],#4 @ pop out 980#if __ARM_ARCH__>=7 981#ifdef __ARMEL__ 982 rev r0,r0 983 rev r1,r1 984 rev r2,r2 985 rev r3,r3 986#endif 987 str r0,[r12,#0] 988 str r1,[r12,#4] 989 str r2,[r12,#8] 990 str r3,[r12,#12] 991#else 992 mov r4,r0,lsr#24 @ write output in endian-neutral 993 mov r5,r0,lsr#16 @ manner... 994 mov r6,r0,lsr#8 995 strb r4,[r12,#0] 996 strb r5,[r12,#1] 997 mov r4,r1,lsr#24 998 strb r6,[r12,#2] 999 mov r5,r1,lsr#16 1000 strb r0,[r12,#3] 1001 mov r6,r1,lsr#8 1002 strb r4,[r12,#4] 1003 strb r5,[r12,#5] 1004 mov r4,r2,lsr#24 1005 strb r6,[r12,#6] 1006 mov r5,r2,lsr#16 1007 strb r1,[r12,#7] 1008 mov r6,r2,lsr#8 1009 strb r4,[r12,#8] 1010 strb r5,[r12,#9] 1011 mov r4,r3,lsr#24 1012 strb r6,[r12,#10] 1013 mov r5,r3,lsr#16 1014 strb r2,[r12,#11] 1015 mov r6,r3,lsr#8 1016 strb r4,[r12,#12] 1017 strb r5,[r12,#13] 1018 strb r6,[r12,#14] 1019 strb r3,[r12,#15] 1020#endif 1021#if __ARM_ARCH__>=5 1022 ldmia sp!,{r4-r12,pc} 1023#else 1024 ldmia sp!,{r4-r12,lr} 1025 tst lr,#1 1026 moveq pc,lr @ be binary compatible with V4, yet 1027 .word 0xe12fff1e @ interoperable with Thumb ISA:-) 1028#endif 1029.size AES_decrypt,.-AES_decrypt 1030 1031.type _armv4_AES_decrypt,%function 1032.align 2 1033_armv4_AES_decrypt: 1034 str lr,[sp,#-4]! @ push lr 1035 ldmia r11!,{r4-r7} 1036 eor r0,r0,r4 1037 ldr r12,[r11,#240-16] 1038 eor r1,r1,r5 1039 eor r2,r2,r6 1040 eor r3,r3,r7 1041 sub r12,r12,#1 1042 mov lr,#255 1043 1044 and r7,lr,r0,lsr#16 1045 and r8,lr,r0,lsr#8 1046 and r9,lr,r0 1047 mov r0,r0,lsr#24 1048.Ldec_loop: 1049 ldr r4,[r10,r7,lsl#2] @ Td1[s0>>16] 1050 and r7,lr,r1 @ i0 1051 ldr r5,[r10,r8,lsl#2] @ Td2[s0>>8] 1052 and r8,lr,r1,lsr#16 1053 ldr r6,[r10,r9,lsl#2] @ Td3[s0>>0] 1054 and r9,lr,r1,lsr#8 1055 ldr r0,[r10,r0,lsl#2] @ Td0[s0>>24] 1056 mov r1,r1,lsr#24 1057 1058 ldr r7,[r10,r7,lsl#2] @ Td3[s1>>0] 1059 ldr r8,[r10,r8,lsl#2] @ Td1[s1>>16] 1060 ldr r9,[r10,r9,lsl#2] @ Td2[s1>>8] 1061 eor r0,r0,r7,ror#24 1062 ldr r1,[r10,r1,lsl#2] @ Td0[s1>>24] 1063 and r7,lr,r2,lsr#8 @ i0 1064 eor r5,r8,r5,ror#8 1065 and r8,lr,r2 @ i1 1066 eor r6,r9,r6,ror#8 1067 and r9,lr,r2,lsr#16 1068 ldr r7,[r10,r7,lsl#2] @ Td2[s2>>8] 1069 eor r1,r1,r4,ror#8 1070 ldr r8,[r10,r8,lsl#2] @ Td3[s2>>0] 1071 mov r2,r2,lsr#24 1072 1073 ldr r9,[r10,r9,lsl#2] @ Td1[s2>>16] 1074 eor r0,r0,r7,ror#16 1075 ldr r2,[r10,r2,lsl#2] @ Td0[s2>>24] 1076 and r7,lr,r3,lsr#16 @ i0 1077 eor r1,r1,r8,ror#24 1078 and r8,lr,r3,lsr#8 @ i1 1079 eor r6,r9,r6,ror#8 1080 and r9,lr,r3 @ i2 1081 ldr r7,[r10,r7,lsl#2] @ Td1[s3>>16] 1082 eor r2,r2,r5,ror#8 1083 ldr r8,[r10,r8,lsl#2] @ Td2[s3>>8] 1084 mov r3,r3,lsr#24 1085 1086 ldr r9,[r10,r9,lsl#2] @ Td3[s3>>0] 1087 eor r0,r0,r7,ror#8 1088 ldr r7,[r11],#16 1089 eor r1,r1,r8,ror#16 1090 ldr r3,[r10,r3,lsl#2] @ Td0[s3>>24] 1091 eor r2,r2,r9,ror#24 1092 1093 ldr r4,[r11,#-12] 1094 eor r0,r0,r7 1095 ldr r5,[r11,#-8] 1096 eor r3,r3,r6,ror#8 1097 ldr r6,[r11,#-4] 1098 and r7,lr,r0,lsr#16 1099 eor r1,r1,r4 1100 and r8,lr,r0,lsr#8 1101 eor r2,r2,r5 1102 and r9,lr,r0 1103 eor r3,r3,r6 1104 mov r0,r0,lsr#24 1105 1106 subs r12,r12,#1 1107 bne .Ldec_loop 1108 1109 add r10,r10,#1024 1110 1111 ldr r5,[r10,#0] @ prefetch Td4 1112 ldr r6,[r10,#32] 1113 ldr r4,[r10,#64] 1114 ldr r5,[r10,#96] 1115 ldr r6,[r10,#128] 1116 ldr r4,[r10,#160] 1117 ldr r5,[r10,#192] 1118 ldr r6,[r10,#224] 1119 1120 ldrb r0,[r10,r0] @ Td4[s0>>24] 1121 ldrb r4,[r10,r7] @ Td4[s0>>16] 1122 and r7,lr,r1 @ i0 1123 ldrb r5,[r10,r8] @ Td4[s0>>8] 1124 and r8,lr,r1,lsr#16 1125 ldrb r6,[r10,r9] @ Td4[s0>>0] 1126 and r9,lr,r1,lsr#8 1127 1128 add r1,r10,r1,lsr#24 1129 ldrb r7,[r10,r7] @ Td4[s1>>0] 1130 ldrb r1,[r1] @ Td4[s1>>24] 1131 ldrb r8,[r10,r8] @ Td4[s1>>16] 1132 eor r0,r7,r0,lsl#24 1133 ldrb r9,[r10,r9] @ Td4[s1>>8] 1134 eor r1,r4,r1,lsl#8 1135 and r7,lr,r2,lsr#8 @ i0 1136 eor r5,r5,r8,lsl#8 1137 and r8,lr,r2 @ i1 1138 ldrb r7,[r10,r7] @ Td4[s2>>8] 1139 eor r6,r6,r9,lsl#8 1140 ldrb r8,[r10,r8] @ Td4[s2>>0] 1141 and r9,lr,r2,lsr#16 1142 1143 add r2,r10,r2,lsr#24 1144 ldrb r2,[r2] @ Td4[s2>>24] 1145 eor r0,r0,r7,lsl#8 1146 ldrb r9,[r10,r9] @ Td4[s2>>16] 1147 eor r1,r8,r1,lsl#16 1148 and r7,lr,r3,lsr#16 @ i0 1149 eor r2,r5,r2,lsl#16 1150 and r8,lr,r3,lsr#8 @ i1 1151 ldrb r7,[r10,r7] @ Td4[s3>>16] 1152 eor r6,r6,r9,lsl#16 1153 ldrb r8,[r10,r8] @ Td4[s3>>8] 1154 and r9,lr,r3 @ i2 1155 1156 add r3,r10,r3,lsr#24 1157 ldrb r9,[r10,r9] @ Td4[s3>>0] 1158 ldrb r3,[r3] @ Td4[s3>>24] 1159 eor r0,r0,r7,lsl#16 1160 ldr r7,[r11,#0] 1161 eor r1,r1,r8,lsl#8 1162 ldr r4,[r11,#4] 1163 eor r2,r9,r2,lsl#8 1164 ldr r5,[r11,#8] 1165 eor r3,r6,r3,lsl#24 1166 ldr r6,[r11,#12] 1167 1168 eor r0,r0,r7 1169 eor r1,r1,r4 1170 eor r2,r2,r5 1171 eor r3,r3,r6 1172 1173 sub r10,r10,#1024 1174 ldr pc,[sp],#4 @ pop and return 1175.size _armv4_AES_decrypt,.-_armv4_AES_decrypt 1176.asciz "AES for ARMv4, CRYPTOGAMS by <appro@openssl.org>" 1177.align 2 1178