• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1// This file is generated from a similarly-named Perl script in the BoringSSL
2// source tree. Do not edit by hand.
3
4#if !defined(__has_feature)
5#define __has_feature(x) 0
6#endif
7#if __has_feature(memory_sanitizer) && !defined(OPENSSL_NO_ASM)
8#define OPENSSL_NO_ASM
9#endif
10
11#if !defined(OPENSSL_NO_ASM)
12#if defined(__arm__)
13#if defined(BORINGSSL_PREFIX)
14#include <boringssl_prefix_symbols_asm.h>
15#endif
16@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
17@
18@ Licensed under the OpenSSL license (the "License").  You may not use
19@ this file except in compliance with the License.  You can obtain a copy
20@ in the file LICENSE in the source distribution or at
21@ https://www.openssl.org/source/license.html
22
23
24@ ====================================================================
25@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
26@ project. The module is, however, dual licensed under OpenSSL and
27@ CRYPTOGAMS licenses depending on where you obtain it. For further
28@ details see http://www.openssl.org/~appro/cryptogams/.
29@ ====================================================================
30
31@ AES for ARMv4
32
33@ January 2007.
34@
35@ Code uses single 1K S-box and is >2 times faster than code generated
36@ by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
37@ allows to merge logical or arithmetic operation with shift or rotate
38@ in one instruction and emit combined result every cycle. The module
39@ is endian-neutral. The performance is ~42 cycles/byte for 128-bit
40@ key [on single-issue Xscale PXA250 core].
41
42@ May 2007.
43@
44@ AES_set_[en|de]crypt_key is added.
45
46@ July 2010.
47@
48@ Rescheduling for dual-issue pipeline resulted in 12% improvement on
49@ Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
50
51@ February 2011.
52@
53@ Profiler-assisted and platform-specific optimization resulted in 16%
54@ improvement on Cortex A8 core and ~21.5 cycles per byte.
55
56#ifndef __KERNEL__
57# include <openssl/arm_arch.h>
58#else
59# define __ARM_ARCH__ __LINUX_ARM_ARCH__
60#endif
61
62@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both
63@ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES
64@ instructions are in aesv8-armx.pl.)
65.arch	armv7-a
66
67.text
68#if defined(__thumb2__) && !defined(__APPLE__)
69.syntax	unified
70.thumb
71#else
72.code	32
73#undef __thumb2__
74#endif
75
76.type	AES_Te,%object
77.align	5
78AES_Te:
79.word	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
80.word	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
81.word	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
82.word	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
83.word	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
84.word	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
85.word	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
86.word	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
87.word	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
88.word	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
89.word	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
90.word	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
91.word	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
92.word	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
93.word	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
94.word	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
95.word	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
96.word	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
97.word	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
98.word	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
99.word	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
100.word	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
101.word	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
102.word	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
103.word	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
104.word	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
105.word	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
106.word	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
107.word	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
108.word	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
109.word	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
110.word	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
111.word	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
112.word	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
113.word	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
114.word	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
115.word	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
116.word	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
117.word	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
118.word	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
119.word	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
120.word	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
121.word	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
122.word	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
123.word	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
124.word	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
125.word	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
126.word	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
127.word	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
128.word	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
129.word	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
130.word	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
131.word	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
132.word	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
133.word	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
134.word	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
135.word	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
136.word	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
137.word	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
138.word	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
139.word	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
140.word	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
141.word	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
142.word	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
143@ Te4[256]
144.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
145.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
146.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
147.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
148.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
149.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
150.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
151.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
152.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
153.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
154.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
155.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
156.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
157.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
158.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
159.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
160.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
161.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
162.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
163.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
164.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
165.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
166.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
167.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
168.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
169.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
170.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
171.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
172.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
173.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
174.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
175.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
176@ rcon[]
177.word	0x01000000, 0x02000000, 0x04000000, 0x08000000
178.word	0x10000000, 0x20000000, 0x40000000, 0x80000000
179.word	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
180.size	AES_Te,.-AES_Te
181
182@ void aes_nohw_encrypt(const unsigned char *in, unsigned char *out,
183@ 		                  const AES_KEY *key) {
184.globl	aes_nohw_encrypt
185.hidden	aes_nohw_encrypt
186.type	aes_nohw_encrypt,%function
187.align	5
188aes_nohw_encrypt:
189#ifndef	__thumb2__
190	sub	r3,pc,#8		@ aes_nohw_encrypt
191#else
192	adr	r3,.
193#endif
194	stmdb	sp!,{r1,r4-r12,lr}
195#if defined(__thumb2__) || defined(__APPLE__)
196	adr	r10,AES_Te
197#else
198	sub	r10,r3,#aes_nohw_encrypt-AES_Te	@ Te
199#endif
200	mov	r12,r0		@ inp
201	mov	r11,r2
202#if __ARM_ARCH__<7
203	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
204	ldrb	r4,[r12,#2]	@ manner...
205	ldrb	r5,[r12,#1]
206	ldrb	r6,[r12,#0]
207	orr	r0,r0,r4,lsl#8
208	ldrb	r1,[r12,#7]
209	orr	r0,r0,r5,lsl#16
210	ldrb	r4,[r12,#6]
211	orr	r0,r0,r6,lsl#24
212	ldrb	r5,[r12,#5]
213	ldrb	r6,[r12,#4]
214	orr	r1,r1,r4,lsl#8
215	ldrb	r2,[r12,#11]
216	orr	r1,r1,r5,lsl#16
217	ldrb	r4,[r12,#10]
218	orr	r1,r1,r6,lsl#24
219	ldrb	r5,[r12,#9]
220	ldrb	r6,[r12,#8]
221	orr	r2,r2,r4,lsl#8
222	ldrb	r3,[r12,#15]
223	orr	r2,r2,r5,lsl#16
224	ldrb	r4,[r12,#14]
225	orr	r2,r2,r6,lsl#24
226	ldrb	r5,[r12,#13]
227	ldrb	r6,[r12,#12]
228	orr	r3,r3,r4,lsl#8
229	orr	r3,r3,r5,lsl#16
230	orr	r3,r3,r6,lsl#24
231#else
232	ldr	r0,[r12,#0]
233	ldr	r1,[r12,#4]
234	ldr	r2,[r12,#8]
235	ldr	r3,[r12,#12]
236#ifdef __ARMEL__
237	rev	r0,r0
238	rev	r1,r1
239	rev	r2,r2
240	rev	r3,r3
241#endif
242#endif
243	bl	_armv4_AES_encrypt
244
245	ldr	r12,[sp],#4		@ pop out
246#if __ARM_ARCH__>=7
247#ifdef __ARMEL__
248	rev	r0,r0
249	rev	r1,r1
250	rev	r2,r2
251	rev	r3,r3
252#endif
253	str	r0,[r12,#0]
254	str	r1,[r12,#4]
255	str	r2,[r12,#8]
256	str	r3,[r12,#12]
257#else
258	mov	r4,r0,lsr#24		@ write output in endian-neutral
259	mov	r5,r0,lsr#16		@ manner...
260	mov	r6,r0,lsr#8
261	strb	r4,[r12,#0]
262	strb	r5,[r12,#1]
263	mov	r4,r1,lsr#24
264	strb	r6,[r12,#2]
265	mov	r5,r1,lsr#16
266	strb	r0,[r12,#3]
267	mov	r6,r1,lsr#8
268	strb	r4,[r12,#4]
269	strb	r5,[r12,#5]
270	mov	r4,r2,lsr#24
271	strb	r6,[r12,#6]
272	mov	r5,r2,lsr#16
273	strb	r1,[r12,#7]
274	mov	r6,r2,lsr#8
275	strb	r4,[r12,#8]
276	strb	r5,[r12,#9]
277	mov	r4,r3,lsr#24
278	strb	r6,[r12,#10]
279	mov	r5,r3,lsr#16
280	strb	r2,[r12,#11]
281	mov	r6,r3,lsr#8
282	strb	r4,[r12,#12]
283	strb	r5,[r12,#13]
284	strb	r6,[r12,#14]
285	strb	r3,[r12,#15]
286#endif
287#if __ARM_ARCH__>=5
288	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
289#else
290	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
291	tst	lr,#1
292	moveq	pc,lr			@ be binary compatible with V4, yet
293.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
294#endif
295.size	aes_nohw_encrypt,.-aes_nohw_encrypt
296
297.type	_armv4_AES_encrypt,%function
298.align	2
299_armv4_AES_encrypt:
300	str	lr,[sp,#-4]!		@ push lr
301	ldmia	r11!,{r4,r5,r6,r7}
302	eor	r0,r0,r4
303	ldr	r12,[r11,#240-16]
304	eor	r1,r1,r5
305	eor	r2,r2,r6
306	eor	r3,r3,r7
307	sub	r12,r12,#1
308	mov	lr,#255
309
310	and	r7,lr,r0
311	and	r8,lr,r0,lsr#8
312	and	r9,lr,r0,lsr#16
313	mov	r0,r0,lsr#24
314.Lenc_loop:
315	ldr	r4,[r10,r7,lsl#2]	@ Te3[s0>>0]
316	and	r7,lr,r1,lsr#16	@ i0
317	ldr	r5,[r10,r8,lsl#2]	@ Te2[s0>>8]
318	and	r8,lr,r1
319	ldr	r6,[r10,r9,lsl#2]	@ Te1[s0>>16]
320	and	r9,lr,r1,lsr#8
321	ldr	r0,[r10,r0,lsl#2]	@ Te0[s0>>24]
322	mov	r1,r1,lsr#24
323
324	ldr	r7,[r10,r7,lsl#2]	@ Te1[s1>>16]
325	ldr	r8,[r10,r8,lsl#2]	@ Te3[s1>>0]
326	ldr	r9,[r10,r9,lsl#2]	@ Te2[s1>>8]
327	eor	r0,r0,r7,ror#8
328	ldr	r1,[r10,r1,lsl#2]	@ Te0[s1>>24]
329	and	r7,lr,r2,lsr#8	@ i0
330	eor	r5,r5,r8,ror#8
331	and	r8,lr,r2,lsr#16	@ i1
332	eor	r6,r6,r9,ror#8
333	and	r9,lr,r2
334	ldr	r7,[r10,r7,lsl#2]	@ Te2[s2>>8]
335	eor	r1,r1,r4,ror#24
336	ldr	r8,[r10,r8,lsl#2]	@ Te1[s2>>16]
337	mov	r2,r2,lsr#24
338
339	ldr	r9,[r10,r9,lsl#2]	@ Te3[s2>>0]
340	eor	r0,r0,r7,ror#16
341	ldr	r2,[r10,r2,lsl#2]	@ Te0[s2>>24]
342	and	r7,lr,r3		@ i0
343	eor	r1,r1,r8,ror#8
344	and	r8,lr,r3,lsr#8	@ i1
345	eor	r6,r6,r9,ror#16
346	and	r9,lr,r3,lsr#16	@ i2
347	ldr	r7,[r10,r7,lsl#2]	@ Te3[s3>>0]
348	eor	r2,r2,r5,ror#16
349	ldr	r8,[r10,r8,lsl#2]	@ Te2[s3>>8]
350	mov	r3,r3,lsr#24
351
352	ldr	r9,[r10,r9,lsl#2]	@ Te1[s3>>16]
353	eor	r0,r0,r7,ror#24
354	ldr	r7,[r11],#16
355	eor	r1,r1,r8,ror#16
356	ldr	r3,[r10,r3,lsl#2]	@ Te0[s3>>24]
357	eor	r2,r2,r9,ror#8
358	ldr	r4,[r11,#-12]
359	eor	r3,r3,r6,ror#8
360
361	ldr	r5,[r11,#-8]
362	eor	r0,r0,r7
363	ldr	r6,[r11,#-4]
364	and	r7,lr,r0
365	eor	r1,r1,r4
366	and	r8,lr,r0,lsr#8
367	eor	r2,r2,r5
368	and	r9,lr,r0,lsr#16
369	eor	r3,r3,r6
370	mov	r0,r0,lsr#24
371
372	subs	r12,r12,#1
373	bne	.Lenc_loop
374
375	add	r10,r10,#2
376
377	ldrb	r4,[r10,r7,lsl#2]	@ Te4[s0>>0]
378	and	r7,lr,r1,lsr#16	@ i0
379	ldrb	r5,[r10,r8,lsl#2]	@ Te4[s0>>8]
380	and	r8,lr,r1
381	ldrb	r6,[r10,r9,lsl#2]	@ Te4[s0>>16]
382	and	r9,lr,r1,lsr#8
383	ldrb	r0,[r10,r0,lsl#2]	@ Te4[s0>>24]
384	mov	r1,r1,lsr#24
385
386	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s1>>16]
387	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s1>>0]
388	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s1>>8]
389	eor	r0,r7,r0,lsl#8
390	ldrb	r1,[r10,r1,lsl#2]	@ Te4[s1>>24]
391	and	r7,lr,r2,lsr#8	@ i0
392	eor	r5,r8,r5,lsl#8
393	and	r8,lr,r2,lsr#16	@ i1
394	eor	r6,r9,r6,lsl#8
395	and	r9,lr,r2
396	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s2>>8]
397	eor	r1,r4,r1,lsl#24
398	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s2>>16]
399	mov	r2,r2,lsr#24
400
401	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s2>>0]
402	eor	r0,r7,r0,lsl#8
403	ldrb	r2,[r10,r2,lsl#2]	@ Te4[s2>>24]
404	and	r7,lr,r3		@ i0
405	eor	r1,r1,r8,lsl#16
406	and	r8,lr,r3,lsr#8	@ i1
407	eor	r6,r9,r6,lsl#8
408	and	r9,lr,r3,lsr#16	@ i2
409	ldrb	r7,[r10,r7,lsl#2]	@ Te4[s3>>0]
410	eor	r2,r5,r2,lsl#24
411	ldrb	r8,[r10,r8,lsl#2]	@ Te4[s3>>8]
412	mov	r3,r3,lsr#24
413
414	ldrb	r9,[r10,r9,lsl#2]	@ Te4[s3>>16]
415	eor	r0,r7,r0,lsl#8
416	ldr	r7,[r11,#0]
417	ldrb	r3,[r10,r3,lsl#2]	@ Te4[s3>>24]
418	eor	r1,r1,r8,lsl#8
419	ldr	r4,[r11,#4]
420	eor	r2,r2,r9,lsl#16
421	ldr	r5,[r11,#8]
422	eor	r3,r6,r3,lsl#24
423	ldr	r6,[r11,#12]
424
425	eor	r0,r0,r7
426	eor	r1,r1,r4
427	eor	r2,r2,r5
428	eor	r3,r3,r6
429
430	sub	r10,r10,#2
431	ldr	pc,[sp],#4		@ pop and return
432.size	_armv4_AES_encrypt,.-_armv4_AES_encrypt
433
434.globl	aes_nohw_set_encrypt_key
435.hidden	aes_nohw_set_encrypt_key
436.type	aes_nohw_set_encrypt_key,%function
437.align	5
438aes_nohw_set_encrypt_key:
439_armv4_AES_set_encrypt_key:
440#ifndef	__thumb2__
441	sub	r3,pc,#8		@ aes_nohw_set_encrypt_key
442#else
443	adr	r3,.
444#endif
445	teq	r0,#0
446#ifdef	__thumb2__
447	itt	eq			@ Thumb2 thing, sanity check in ARM
448#endif
449	moveq	r0,#-1
450	beq	.Labrt
451	teq	r2,#0
452#ifdef	__thumb2__
453	itt	eq			@ Thumb2 thing, sanity check in ARM
454#endif
455	moveq	r0,#-1
456	beq	.Labrt
457
458	teq	r1,#128
459	beq	.Lok
460	teq	r1,#192
461	beq	.Lok
462	teq	r1,#256
463#ifdef	__thumb2__
464	itt	ne			@ Thumb2 thing, sanity check in ARM
465#endif
466	movne	r0,#-1
467	bne	.Labrt
468
469.Lok:	stmdb	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
470	mov	r12,r0		@ inp
471	mov	lr,r1			@ bits
472	mov	r11,r2			@ key
473
474#if defined(__thumb2__) || defined(__APPLE__)
475	adr	r10,AES_Te+1024				@ Te4
476#else
477	sub	r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024	@ Te4
478#endif
479
480#if __ARM_ARCH__<7
481	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
482	ldrb	r4,[r12,#2]	@ manner...
483	ldrb	r5,[r12,#1]
484	ldrb	r6,[r12,#0]
485	orr	r0,r0,r4,lsl#8
486	ldrb	r1,[r12,#7]
487	orr	r0,r0,r5,lsl#16
488	ldrb	r4,[r12,#6]
489	orr	r0,r0,r6,lsl#24
490	ldrb	r5,[r12,#5]
491	ldrb	r6,[r12,#4]
492	orr	r1,r1,r4,lsl#8
493	ldrb	r2,[r12,#11]
494	orr	r1,r1,r5,lsl#16
495	ldrb	r4,[r12,#10]
496	orr	r1,r1,r6,lsl#24
497	ldrb	r5,[r12,#9]
498	ldrb	r6,[r12,#8]
499	orr	r2,r2,r4,lsl#8
500	ldrb	r3,[r12,#15]
501	orr	r2,r2,r5,lsl#16
502	ldrb	r4,[r12,#14]
503	orr	r2,r2,r6,lsl#24
504	ldrb	r5,[r12,#13]
505	ldrb	r6,[r12,#12]
506	orr	r3,r3,r4,lsl#8
507	str	r0,[r11],#16
508	orr	r3,r3,r5,lsl#16
509	str	r1,[r11,#-12]
510	orr	r3,r3,r6,lsl#24
511	str	r2,[r11,#-8]
512	str	r3,[r11,#-4]
513#else
514	ldr	r0,[r12,#0]
515	ldr	r1,[r12,#4]
516	ldr	r2,[r12,#8]
517	ldr	r3,[r12,#12]
518#ifdef __ARMEL__
519	rev	r0,r0
520	rev	r1,r1
521	rev	r2,r2
522	rev	r3,r3
523#endif
524	str	r0,[r11],#16
525	str	r1,[r11,#-12]
526	str	r2,[r11,#-8]
527	str	r3,[r11,#-4]
528#endif
529
530	teq	lr,#128
531	bne	.Lnot128
532	mov	r12,#10
533	str	r12,[r11,#240-16]
534	add	r6,r10,#256			@ rcon
535	mov	lr,#255
536
537.L128_loop:
538	and	r5,lr,r3,lsr#24
539	and	r7,lr,r3,lsr#16
540	ldrb	r5,[r10,r5]
541	and	r8,lr,r3,lsr#8
542	ldrb	r7,[r10,r7]
543	and	r9,lr,r3
544	ldrb	r8,[r10,r8]
545	orr	r5,r5,r7,lsl#24
546	ldrb	r9,[r10,r9]
547	orr	r5,r5,r8,lsl#16
548	ldr	r4,[r6],#4			@ rcon[i++]
549	orr	r5,r5,r9,lsl#8
550	eor	r5,r5,r4
551	eor	r0,r0,r5			@ rk[4]=rk[0]^...
552	eor	r1,r1,r0			@ rk[5]=rk[1]^rk[4]
553	str	r0,[r11],#16
554	eor	r2,r2,r1			@ rk[6]=rk[2]^rk[5]
555	str	r1,[r11,#-12]
556	eor	r3,r3,r2			@ rk[7]=rk[3]^rk[6]
557	str	r2,[r11,#-8]
558	subs	r12,r12,#1
559	str	r3,[r11,#-4]
560	bne	.L128_loop
561	sub	r2,r11,#176
562	b	.Ldone
563
564.Lnot128:
565#if __ARM_ARCH__<7
566	ldrb	r8,[r12,#19]
567	ldrb	r4,[r12,#18]
568	ldrb	r5,[r12,#17]
569	ldrb	r6,[r12,#16]
570	orr	r8,r8,r4,lsl#8
571	ldrb	r9,[r12,#23]
572	orr	r8,r8,r5,lsl#16
573	ldrb	r4,[r12,#22]
574	orr	r8,r8,r6,lsl#24
575	ldrb	r5,[r12,#21]
576	ldrb	r6,[r12,#20]
577	orr	r9,r9,r4,lsl#8
578	orr	r9,r9,r5,lsl#16
579	str	r8,[r11],#8
580	orr	r9,r9,r6,lsl#24
581	str	r9,[r11,#-4]
582#else
583	ldr	r8,[r12,#16]
584	ldr	r9,[r12,#20]
585#ifdef __ARMEL__
586	rev	r8,r8
587	rev	r9,r9
588#endif
589	str	r8,[r11],#8
590	str	r9,[r11,#-4]
591#endif
592
593	teq	lr,#192
594	bne	.Lnot192
595	mov	r12,#12
596	str	r12,[r11,#240-24]
597	add	r6,r10,#256			@ rcon
598	mov	lr,#255
599	mov	r12,#8
600
601.L192_loop:
602	and	r5,lr,r9,lsr#24
603	and	r7,lr,r9,lsr#16
604	ldrb	r5,[r10,r5]
605	and	r8,lr,r9,lsr#8
606	ldrb	r7,[r10,r7]
607	and	r9,lr,r9
608	ldrb	r8,[r10,r8]
609	orr	r5,r5,r7,lsl#24
610	ldrb	r9,[r10,r9]
611	orr	r5,r5,r8,lsl#16
612	ldr	r4,[r6],#4			@ rcon[i++]
613	orr	r5,r5,r9,lsl#8
614	eor	r9,r5,r4
615	eor	r0,r0,r9			@ rk[6]=rk[0]^...
616	eor	r1,r1,r0			@ rk[7]=rk[1]^rk[6]
617	str	r0,[r11],#24
618	eor	r2,r2,r1			@ rk[8]=rk[2]^rk[7]
619	str	r1,[r11,#-20]
620	eor	r3,r3,r2			@ rk[9]=rk[3]^rk[8]
621	str	r2,[r11,#-16]
622	subs	r12,r12,#1
623	str	r3,[r11,#-12]
624#ifdef	__thumb2__
625	itt	eq				@ Thumb2 thing, sanity check in ARM
626#endif
627	subeq	r2,r11,#216
628	beq	.Ldone
629
630	ldr	r7,[r11,#-32]
631	ldr	r8,[r11,#-28]
632	eor	r7,r7,r3			@ rk[10]=rk[4]^rk[9]
633	eor	r9,r8,r7			@ rk[11]=rk[5]^rk[10]
634	str	r7,[r11,#-8]
635	str	r9,[r11,#-4]
636	b	.L192_loop
637
638.Lnot192:
639#if __ARM_ARCH__<7
640	ldrb	r8,[r12,#27]
641	ldrb	r4,[r12,#26]
642	ldrb	r5,[r12,#25]
643	ldrb	r6,[r12,#24]
644	orr	r8,r8,r4,lsl#8
645	ldrb	r9,[r12,#31]
646	orr	r8,r8,r5,lsl#16
647	ldrb	r4,[r12,#30]
648	orr	r8,r8,r6,lsl#24
649	ldrb	r5,[r12,#29]
650	ldrb	r6,[r12,#28]
651	orr	r9,r9,r4,lsl#8
652	orr	r9,r9,r5,lsl#16
653	str	r8,[r11],#8
654	orr	r9,r9,r6,lsl#24
655	str	r9,[r11,#-4]
656#else
657	ldr	r8,[r12,#24]
658	ldr	r9,[r12,#28]
659#ifdef __ARMEL__
660	rev	r8,r8
661	rev	r9,r9
662#endif
663	str	r8,[r11],#8
664	str	r9,[r11,#-4]
665#endif
666
667	mov	r12,#14
668	str	r12,[r11,#240-32]
669	add	r6,r10,#256			@ rcon
670	mov	lr,#255
671	mov	r12,#7
672
673.L256_loop:
674	and	r5,lr,r9,lsr#24
675	and	r7,lr,r9,lsr#16
676	ldrb	r5,[r10,r5]
677	and	r8,lr,r9,lsr#8
678	ldrb	r7,[r10,r7]
679	and	r9,lr,r9
680	ldrb	r8,[r10,r8]
681	orr	r5,r5,r7,lsl#24
682	ldrb	r9,[r10,r9]
683	orr	r5,r5,r8,lsl#16
684	ldr	r4,[r6],#4			@ rcon[i++]
685	orr	r5,r5,r9,lsl#8
686	eor	r9,r5,r4
687	eor	r0,r0,r9			@ rk[8]=rk[0]^...
688	eor	r1,r1,r0			@ rk[9]=rk[1]^rk[8]
689	str	r0,[r11],#32
690	eor	r2,r2,r1			@ rk[10]=rk[2]^rk[9]
691	str	r1,[r11,#-28]
692	eor	r3,r3,r2			@ rk[11]=rk[3]^rk[10]
693	str	r2,[r11,#-24]
694	subs	r12,r12,#1
695	str	r3,[r11,#-20]
696#ifdef	__thumb2__
697	itt	eq				@ Thumb2 thing, sanity check in ARM
698#endif
699	subeq	r2,r11,#256
700	beq	.Ldone
701
702	and	r5,lr,r3
703	and	r7,lr,r3,lsr#8
704	ldrb	r5,[r10,r5]
705	and	r8,lr,r3,lsr#16
706	ldrb	r7,[r10,r7]
707	and	r9,lr,r3,lsr#24
708	ldrb	r8,[r10,r8]
709	orr	r5,r5,r7,lsl#8
710	ldrb	r9,[r10,r9]
711	orr	r5,r5,r8,lsl#16
712	ldr	r4,[r11,#-48]
713	orr	r5,r5,r9,lsl#24
714
715	ldr	r7,[r11,#-44]
716	ldr	r8,[r11,#-40]
717	eor	r4,r4,r5			@ rk[12]=rk[4]^...
718	ldr	r9,[r11,#-36]
719	eor	r7,r7,r4			@ rk[13]=rk[5]^rk[12]
720	str	r4,[r11,#-16]
721	eor	r8,r8,r7			@ rk[14]=rk[6]^rk[13]
722	str	r7,[r11,#-12]
723	eor	r9,r9,r8			@ rk[15]=rk[7]^rk[14]
724	str	r8,[r11,#-8]
725	str	r9,[r11,#-4]
726	b	.L256_loop
727
728.align	2
729.Ldone:	mov	r0,#0
730	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
731.Labrt:
732#if __ARM_ARCH__>=5
733	bx	lr				@ .word	0xe12fff1e
734#else
735	tst	lr,#1
736	moveq	pc,lr			@ be binary compatible with V4, yet
737.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
738#endif
739.size	aes_nohw_set_encrypt_key,.-aes_nohw_set_encrypt_key
740
741.globl	aes_nohw_set_decrypt_key
742.hidden	aes_nohw_set_decrypt_key
743.type	aes_nohw_set_decrypt_key,%function
744.align	5
745aes_nohw_set_decrypt_key:
746	str	lr,[sp,#-4]!            @ push lr
747	bl	_armv4_AES_set_encrypt_key
748	teq	r0,#0
749	ldr	lr,[sp],#4              @ pop lr
750	bne	.Labrt
751
752	mov	r0,r2			@ aes_nohw_set_encrypt_key preserves r2,
753	mov	r1,r2			@ which is AES_KEY *key
754	b	_armv4_AES_set_enc2dec_key
755.size	aes_nohw_set_decrypt_key,.-aes_nohw_set_decrypt_key
756
757@ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out)
758.globl	AES_set_enc2dec_key
759.hidden	AES_set_enc2dec_key
760.type	AES_set_enc2dec_key,%function
761.align	5
762AES_set_enc2dec_key:
763_armv4_AES_set_enc2dec_key:
764	stmdb	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
765
766	ldr	r12,[r0,#240]
767	mov	r7,r0			@ input
768	add	r8,r0,r12,lsl#4
769	mov	r11,r1			@ output
770	add	r10,r1,r12,lsl#4
771	str	r12,[r1,#240]
772
773.Linv:	ldr	r0,[r7],#16
774	ldr	r1,[r7,#-12]
775	ldr	r2,[r7,#-8]
776	ldr	r3,[r7,#-4]
777	ldr	r4,[r8],#-16
778	ldr	r5,[r8,#16+4]
779	ldr	r6,[r8,#16+8]
780	ldr	r9,[r8,#16+12]
781	str	r0,[r10],#-16
782	str	r1,[r10,#16+4]
783	str	r2,[r10,#16+8]
784	str	r3,[r10,#16+12]
785	str	r4,[r11],#16
786	str	r5,[r11,#-12]
787	str	r6,[r11,#-8]
788	str	r9,[r11,#-4]
789	teq	r7,r8
790	bne	.Linv
791
792	ldr	r0,[r7]
793	ldr	r1,[r7,#4]
794	ldr	r2,[r7,#8]
795	ldr	r3,[r7,#12]
796	str	r0,[r11]
797	str	r1,[r11,#4]
798	str	r2,[r11,#8]
799	str	r3,[r11,#12]
800	sub	r11,r11,r12,lsl#3
801	ldr	r0,[r11,#16]!		@ prefetch tp1
802	mov	r7,#0x80
803	mov	r8,#0x1b
804	orr	r7,r7,#0x8000
805	orr	r8,r8,#0x1b00
806	orr	r7,r7,r7,lsl#16
807	orr	r8,r8,r8,lsl#16
808	sub	r12,r12,#1
809	mvn	r9,r7
810	mov	r12,r12,lsl#2	@ (rounds-1)*4
811
812.Lmix:	and	r4,r0,r7
813	and	r1,r0,r9
814	sub	r4,r4,r4,lsr#7
815	and	r4,r4,r8
816	eor	r1,r4,r1,lsl#1	@ tp2
817
818	and	r4,r1,r7
819	and	r2,r1,r9
820	sub	r4,r4,r4,lsr#7
821	and	r4,r4,r8
822	eor	r2,r4,r2,lsl#1	@ tp4
823
824	and	r4,r2,r7
825	and	r3,r2,r9
826	sub	r4,r4,r4,lsr#7
827	and	r4,r4,r8
828	eor	r3,r4,r3,lsl#1	@ tp8
829
830	eor	r4,r1,r2
831	eor	r5,r0,r3		@ tp9
832	eor	r4,r4,r3		@ tpe
833	eor	r4,r4,r1,ror#24
834	eor	r4,r4,r5,ror#24	@ ^= ROTATE(tpb=tp9^tp2,8)
835	eor	r4,r4,r2,ror#16
836	eor	r4,r4,r5,ror#16	@ ^= ROTATE(tpd=tp9^tp4,16)
837	eor	r4,r4,r5,ror#8	@ ^= ROTATE(tp9,24)
838
839	ldr	r0,[r11,#4]		@ prefetch tp1
840	str	r4,[r11],#4
841	subs	r12,r12,#1
842	bne	.Lmix
843
844	mov	r0,#0
845#if __ARM_ARCH__>=5
846	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
847#else
848	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
849	tst	lr,#1
850	moveq	pc,lr			@ be binary compatible with V4, yet
851.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
852#endif
853.size	AES_set_enc2dec_key,.-AES_set_enc2dec_key
854
855.type	AES_Td,%object
856.align	5
857AES_Td:
858.word	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
859.word	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
860.word	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
861.word	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
862.word	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
863.word	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
864.word	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
865.word	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
866.word	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
867.word	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
868.word	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
869.word	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
870.word	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
871.word	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
872.word	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
873.word	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
874.word	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
875.word	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
876.word	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
877.word	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
878.word	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
879.word	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
880.word	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
881.word	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
882.word	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
883.word	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
884.word	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
885.word	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
886.word	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
887.word	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
888.word	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
889.word	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
890.word	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
891.word	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
892.word	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
893.word	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
894.word	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
895.word	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
896.word	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
897.word	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
898.word	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
899.word	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
900.word	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
901.word	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
902.word	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
903.word	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
904.word	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
905.word	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
906.word	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
907.word	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
908.word	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
909.word	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
910.word	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
911.word	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
912.word	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
913.word	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
914.word	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
915.word	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
916.word	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
917.word	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
918.word	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
919.word	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
920.word	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
921.word	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
922@ Td4[256]
923.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
924.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
925.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
926.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
927.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
928.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
929.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
930.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
931.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
932.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
933.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
934.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
935.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
936.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
937.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
938.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
939.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
940.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
941.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
942.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
943.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
944.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
945.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
946.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
947.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
948.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
949.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
950.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
951.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
952.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
953.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
954.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
955.size	AES_Td,.-AES_Td
956
957@ void aes_nohw_decrypt(const unsigned char *in, unsigned char *out,
958@ 		                  const AES_KEY *key) {
959.globl	aes_nohw_decrypt
960.hidden	aes_nohw_decrypt
961.type	aes_nohw_decrypt,%function
962.align	5
963aes_nohw_decrypt:
964#ifndef	__thumb2__
965	sub	r3,pc,#8		@ aes_nohw_decrypt
966#else
967	adr	r3,.
968#endif
969	stmdb	sp!,{r1,r4-r12,lr}
970#if defined(__thumb2__) || defined(__APPLE__)
971	adr	r10,AES_Td
972#else
973	sub	r10,r3,#aes_nohw_decrypt-AES_Td	@ Td
974#endif
975	mov	r12,r0		@ inp
976	mov	r11,r2
977#if __ARM_ARCH__<7
978	ldrb	r0,[r12,#3]	@ load input data in endian-neutral
979	ldrb	r4,[r12,#2]	@ manner...
980	ldrb	r5,[r12,#1]
981	ldrb	r6,[r12,#0]
982	orr	r0,r0,r4,lsl#8
983	ldrb	r1,[r12,#7]
984	orr	r0,r0,r5,lsl#16
985	ldrb	r4,[r12,#6]
986	orr	r0,r0,r6,lsl#24
987	ldrb	r5,[r12,#5]
988	ldrb	r6,[r12,#4]
989	orr	r1,r1,r4,lsl#8
990	ldrb	r2,[r12,#11]
991	orr	r1,r1,r5,lsl#16
992	ldrb	r4,[r12,#10]
993	orr	r1,r1,r6,lsl#24
994	ldrb	r5,[r12,#9]
995	ldrb	r6,[r12,#8]
996	orr	r2,r2,r4,lsl#8
997	ldrb	r3,[r12,#15]
998	orr	r2,r2,r5,lsl#16
999	ldrb	r4,[r12,#14]
1000	orr	r2,r2,r6,lsl#24
1001	ldrb	r5,[r12,#13]
1002	ldrb	r6,[r12,#12]
1003	orr	r3,r3,r4,lsl#8
1004	orr	r3,r3,r5,lsl#16
1005	orr	r3,r3,r6,lsl#24
1006#else
1007	ldr	r0,[r12,#0]
1008	ldr	r1,[r12,#4]
1009	ldr	r2,[r12,#8]
1010	ldr	r3,[r12,#12]
1011#ifdef __ARMEL__
1012	rev	r0,r0
1013	rev	r1,r1
1014	rev	r2,r2
1015	rev	r3,r3
1016#endif
1017#endif
1018	bl	_armv4_AES_decrypt
1019
1020	ldr	r12,[sp],#4		@ pop out
1021#if __ARM_ARCH__>=7
1022#ifdef __ARMEL__
1023	rev	r0,r0
1024	rev	r1,r1
1025	rev	r2,r2
1026	rev	r3,r3
1027#endif
1028	str	r0,[r12,#0]
1029	str	r1,[r12,#4]
1030	str	r2,[r12,#8]
1031	str	r3,[r12,#12]
1032#else
1033	mov	r4,r0,lsr#24		@ write output in endian-neutral
1034	mov	r5,r0,lsr#16		@ manner...
1035	mov	r6,r0,lsr#8
1036	strb	r4,[r12,#0]
1037	strb	r5,[r12,#1]
1038	mov	r4,r1,lsr#24
1039	strb	r6,[r12,#2]
1040	mov	r5,r1,lsr#16
1041	strb	r0,[r12,#3]
1042	mov	r6,r1,lsr#8
1043	strb	r4,[r12,#4]
1044	strb	r5,[r12,#5]
1045	mov	r4,r2,lsr#24
1046	strb	r6,[r12,#6]
1047	mov	r5,r2,lsr#16
1048	strb	r1,[r12,#7]
1049	mov	r6,r2,lsr#8
1050	strb	r4,[r12,#8]
1051	strb	r5,[r12,#9]
1052	mov	r4,r3,lsr#24
1053	strb	r6,[r12,#10]
1054	mov	r5,r3,lsr#16
1055	strb	r2,[r12,#11]
1056	mov	r6,r3,lsr#8
1057	strb	r4,[r12,#12]
1058	strb	r5,[r12,#13]
1059	strb	r6,[r12,#14]
1060	strb	r3,[r12,#15]
1061#endif
1062#if __ARM_ARCH__>=5
1063	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc}
1064#else
1065	ldmia	sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr}
1066	tst	lr,#1
1067	moveq	pc,lr			@ be binary compatible with V4, yet
1068.word	0xe12fff1e			@ interoperable with Thumb ISA:-)
1069#endif
1070.size	aes_nohw_decrypt,.-aes_nohw_decrypt
1071
1072.type	_armv4_AES_decrypt,%function
1073.align	2
1074_armv4_AES_decrypt:
1075	str	lr,[sp,#-4]!		@ push lr
1076	ldmia	r11!,{r4,r5,r6,r7}
1077	eor	r0,r0,r4
1078	ldr	r12,[r11,#240-16]
1079	eor	r1,r1,r5
1080	eor	r2,r2,r6
1081	eor	r3,r3,r7
1082	sub	r12,r12,#1
1083	mov	lr,#255
1084
1085	and	r7,lr,r0,lsr#16
1086	and	r8,lr,r0,lsr#8
1087	and	r9,lr,r0
1088	mov	r0,r0,lsr#24
1089.Ldec_loop:
1090	ldr	r4,[r10,r7,lsl#2]	@ Td1[s0>>16]
1091	and	r7,lr,r1		@ i0
1092	ldr	r5,[r10,r8,lsl#2]	@ Td2[s0>>8]
1093	and	r8,lr,r1,lsr#16
1094	ldr	r6,[r10,r9,lsl#2]	@ Td3[s0>>0]
1095	and	r9,lr,r1,lsr#8
1096	ldr	r0,[r10,r0,lsl#2]	@ Td0[s0>>24]
1097	mov	r1,r1,lsr#24
1098
1099	ldr	r7,[r10,r7,lsl#2]	@ Td3[s1>>0]
1100	ldr	r8,[r10,r8,lsl#2]	@ Td1[s1>>16]
1101	ldr	r9,[r10,r9,lsl#2]	@ Td2[s1>>8]
1102	eor	r0,r0,r7,ror#24
1103	ldr	r1,[r10,r1,lsl#2]	@ Td0[s1>>24]
1104	and	r7,lr,r2,lsr#8	@ i0
1105	eor	r5,r8,r5,ror#8
1106	and	r8,lr,r2		@ i1
1107	eor	r6,r9,r6,ror#8
1108	and	r9,lr,r2,lsr#16
1109	ldr	r7,[r10,r7,lsl#2]	@ Td2[s2>>8]
1110	eor	r1,r1,r4,ror#8
1111	ldr	r8,[r10,r8,lsl#2]	@ Td3[s2>>0]
1112	mov	r2,r2,lsr#24
1113
1114	ldr	r9,[r10,r9,lsl#2]	@ Td1[s2>>16]
1115	eor	r0,r0,r7,ror#16
1116	ldr	r2,[r10,r2,lsl#2]	@ Td0[s2>>24]
1117	and	r7,lr,r3,lsr#16	@ i0
1118	eor	r1,r1,r8,ror#24
1119	and	r8,lr,r3,lsr#8	@ i1
1120	eor	r6,r9,r6,ror#8
1121	and	r9,lr,r3		@ i2
1122	ldr	r7,[r10,r7,lsl#2]	@ Td1[s3>>16]
1123	eor	r2,r2,r5,ror#8
1124	ldr	r8,[r10,r8,lsl#2]	@ Td2[s3>>8]
1125	mov	r3,r3,lsr#24
1126
1127	ldr	r9,[r10,r9,lsl#2]	@ Td3[s3>>0]
1128	eor	r0,r0,r7,ror#8
1129	ldr	r7,[r11],#16
1130	eor	r1,r1,r8,ror#16
1131	ldr	r3,[r10,r3,lsl#2]	@ Td0[s3>>24]
1132	eor	r2,r2,r9,ror#24
1133
1134	ldr	r4,[r11,#-12]
1135	eor	r0,r0,r7
1136	ldr	r5,[r11,#-8]
1137	eor	r3,r3,r6,ror#8
1138	ldr	r6,[r11,#-4]
1139	and	r7,lr,r0,lsr#16
1140	eor	r1,r1,r4
1141	and	r8,lr,r0,lsr#8
1142	eor	r2,r2,r5
1143	and	r9,lr,r0
1144	eor	r3,r3,r6
1145	mov	r0,r0,lsr#24
1146
1147	subs	r12,r12,#1
1148	bne	.Ldec_loop
1149
1150	add	r10,r10,#1024
1151
1152	ldr	r5,[r10,#0]		@ prefetch Td4
1153	ldr	r6,[r10,#32]
1154	ldr	r4,[r10,#64]
1155	ldr	r5,[r10,#96]
1156	ldr	r6,[r10,#128]
1157	ldr	r4,[r10,#160]
1158	ldr	r5,[r10,#192]
1159	ldr	r6,[r10,#224]
1160
1161	ldrb	r0,[r10,r0]		@ Td4[s0>>24]
1162	ldrb	r4,[r10,r7]		@ Td4[s0>>16]
1163	and	r7,lr,r1		@ i0
1164	ldrb	r5,[r10,r8]		@ Td4[s0>>8]
1165	and	r8,lr,r1,lsr#16
1166	ldrb	r6,[r10,r9]		@ Td4[s0>>0]
1167	and	r9,lr,r1,lsr#8
1168
1169	add	r1,r10,r1,lsr#24
1170	ldrb	r7,[r10,r7]		@ Td4[s1>>0]
1171	ldrb	r1,[r1]		@ Td4[s1>>24]
1172	ldrb	r8,[r10,r8]		@ Td4[s1>>16]
1173	eor	r0,r7,r0,lsl#24
1174	ldrb	r9,[r10,r9]		@ Td4[s1>>8]
1175	eor	r1,r4,r1,lsl#8
1176	and	r7,lr,r2,lsr#8	@ i0
1177	eor	r5,r5,r8,lsl#8
1178	and	r8,lr,r2		@ i1
1179	ldrb	r7,[r10,r7]		@ Td4[s2>>8]
1180	eor	r6,r6,r9,lsl#8
1181	ldrb	r8,[r10,r8]		@ Td4[s2>>0]
1182	and	r9,lr,r2,lsr#16
1183
1184	add	r2,r10,r2,lsr#24
1185	ldrb	r2,[r2]		@ Td4[s2>>24]
1186	eor	r0,r0,r7,lsl#8
1187	ldrb	r9,[r10,r9]		@ Td4[s2>>16]
1188	eor	r1,r8,r1,lsl#16
1189	and	r7,lr,r3,lsr#16	@ i0
1190	eor	r2,r5,r2,lsl#16
1191	and	r8,lr,r3,lsr#8	@ i1
1192	ldrb	r7,[r10,r7]		@ Td4[s3>>16]
1193	eor	r6,r6,r9,lsl#16
1194	ldrb	r8,[r10,r8]		@ Td4[s3>>8]
1195	and	r9,lr,r3		@ i2
1196
1197	add	r3,r10,r3,lsr#24
1198	ldrb	r9,[r10,r9]		@ Td4[s3>>0]
1199	ldrb	r3,[r3]		@ Td4[s3>>24]
1200	eor	r0,r0,r7,lsl#16
1201	ldr	r7,[r11,#0]
1202	eor	r1,r1,r8,lsl#8
1203	ldr	r4,[r11,#4]
1204	eor	r2,r9,r2,lsl#8
1205	ldr	r5,[r11,#8]
1206	eor	r3,r6,r3,lsl#24
1207	ldr	r6,[r11,#12]
1208
1209	eor	r0,r0,r7
1210	eor	r1,r1,r4
1211	eor	r2,r2,r5
1212	eor	r3,r3,r6
1213
1214	sub	r10,r10,#1024
1215	ldr	pc,[sp],#4		@ pop and return
1216.size	_armv4_AES_decrypt,.-_armv4_AES_decrypt
1217.byte	65,69,83,32,102,111,114,32,65,82,77,118,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0
1218.align	2
1219.align	2
1220#endif
1221#endif  // !OPENSSL_NO_ASM
1222.section	.note.GNU-stack,"",%progbits
1223