Lines Matching +full:- +full:i1
2 # Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
21 # Code uses single 1K S-box and is >2 times faster than code generated
22 # by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
25 # is endian-neutral. The performance is ~42 cycles/byte for 128-bit
26 # key [on single-issue Xscale PXA250 core].
34 # Rescheduling for dual-issue pipeline resulted in 12% improvement on
35 # Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
39 # Profiler-assisted and platform-specific optimization resulted in 16%
49 ( $xlate="${dir}arm-xlate.pl" and -f $xlate ) or
50 ( $xlate="${dir}../../perlasm/arm-xlate.pl" and -f $xlate) or
51 die "can't locate arm-xlate.pl";
66 $i1="r7";
195 .size AES_Te,.-AES_Te
208 stmdb sp!,{r1,r4-r12,lr}
212 sub $tbl,r3,#AES_encrypt-AES_Te @ Te
217 ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
272 mov $t1,$s0,lsr#24 @ write output in endian-neutral
302 ldmia sp!,{r4-r12,pc}
304 ldmia sp!,{r4-r12,lr}
307 bx lr @ interoperable with Thumb ISA:-)
309 .size AES_encrypt,.-AES_encrypt
314 str lr,[sp,#-4]! @ push lr
315 ldmia $key!,{$t1-$i1}
317 ldr $rounds,[$key,#240-16]
320 eor $s3,$s3,$i1
324 and $i1,lr,$s0
329 ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0]
330 and $i1,lr,$s1,lsr#16 @ i0
338 ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16]
341 eor $s0,$s0,$i1,ror#8
343 and $i1,lr,$s2,lsr#8 @ i0
345 and $i2,lr,$s2,lsr#16 @ i1
348 ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8]
354 eor $s0,$s0,$i1,ror#16
356 and $i1,lr,$s3 @ i0
358 and $i2,lr,$s3,lsr#8 @ i1
361 ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0]
367 eor $s0,$s0,$i1,ror#24
368 ldr $i1,[$key],#16
372 ldr $t1,[$key,#-12]
375 ldr $t2,[$key,#-8]
376 eor $s0,$s0,$i1
377 ldr $t3,[$key,#-4]
378 and $i1,lr,$s0
391 ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0]
392 and $i1,lr,$s1,lsr#16 @ i0
400 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16]
403 eor $s0,$i1,$s0,lsl#8
405 and $i1,lr,$s2,lsr#8 @ i0
407 and $i2,lr,$s2,lsr#16 @ i1
410 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8]
416 eor $s0,$i1,$s0,lsl#8
418 and $i1,lr,$s3 @ i0
420 and $i2,lr,$s3,lsr#8 @ i1
423 ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0]
429 eor $s0,$i1,$s0,lsl#8
430 ldr $i1,[$key,#0]
439 eor $s0,$s0,$i1
446 .size _armv4_AES_encrypt,.-_armv4_AES_encrypt
462 moveq r0,#-1
468 moveq r0,#-1
479 movne r0,#-1
482 .Lok: stmdb sp!,{r4-r12,lr}
490 sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4
494 ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
522 str $s1,[$key,#-12]
524 str $s2,[$key,#-8]
525 str $s3,[$key,#-4]
538 str $s1,[$key,#-12]
539 str $s2,[$key,#-8]
540 str $s3,[$key,#-4]
546 str $rounds,[$key,#240-16]
552 and $i1,lr,$s3,lsr#16
555 ldrb $i1,[$tbl,$i1]
558 orr $t2,$t2,$i1,lsl#24
568 str $s1,[$key,#-12]
570 str $s2,[$key,#-8]
572 str $s3,[$key,#-4]
594 str $i3,[$key,#-4]
603 str $i3,[$key,#-4]
609 str $rounds,[$key,#240-24]
616 and $i1,lr,$i3,lsr#16
619 ldrb $i1,[$tbl,$i1]
622 orr $t2,$t2,$i1,lsl#24
632 str $s1,[$key,#-20]
634 str $s2,[$key,#-16]
636 str $s3,[$key,#-12]
643 ldr $i1,[$key,#-32]
644 ldr $i2,[$key,#-28]
645 eor $i1,$i1,$s3 @ rk[10]=rk[4]^rk[9]
646 eor $i3,$i2,$i1 @ rk[11]=rk[5]^rk[10]
647 str $i1,[$key,#-8]
648 str $i3,[$key,#-4]
668 str $i3,[$key,#-4]
677 str $i3,[$key,#-4]
681 str $rounds,[$key,#240-32]
688 and $i1,lr,$i3,lsr#16
691 ldrb $i1,[$tbl,$i1]
694 orr $t2,$t2,$i1,lsl#24
704 str $s1,[$key,#-28]
706 str $s2,[$key,#-24]
708 str $s3,[$key,#-20]
716 and $i1,lr,$s3,lsr#8
719 ldrb $i1,[$tbl,$i1]
722 orr $t2,$t2,$i1,lsl#8
725 ldr $t1,[$key,#-48]
728 ldr $i1,[$key,#-44]
729 ldr $i2,[$key,#-40]
731 ldr $i3,[$key,#-36]
732 eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12]
733 str $t1,[$key,#-16]
734 eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13]
735 str $i1,[$key,#-12]
737 str $i2,[$key,#-8]
738 str $i3,[$key,#-4]
743 ldmia sp!,{r4-r12,lr}
750 bx lr @ interoperable with Thumb ISA:-)
752 .size AES_set_encrypt_key,.-AES_set_encrypt_key
758 str lr,[sp,#-4]! @ push lr
767 .size AES_set_decrypt_key,.-AES_set_decrypt_key
775 stmdb sp!,{r4-r12,lr}
778 mov $i1,r0 @ input
784 .Linv: ldr $s0,[$i1],#16
785 ldr $s1,[$i1,#-12]
786 ldr $s2,[$i1,#-8]
787 ldr $s3,[$i1,#-4]
788 ldr $t1,[$i2],#-16
792 str $s0,[$tbl],#-16
797 str $t2,[$key,#-12]
798 str $t3,[$key,#-8]
799 str $i3,[$key,#-4]
800 teq $i1,$i2
803 ldr $s0,[$i1]
804 ldr $s1,[$i1,#4]
805 ldr $s2,[$i1,#8]
806 ldr $s3,[$i1,#12]
813 $mask80=$i1;
826 mov $rounds,$rounds,lsl#2 @ (rounds-1)*4
862 ldmia sp!,{r4-r12,pc}
864 ldmia sp!,{r4-r12,lr}
867 bx lr @ interoperable with Thumb ISA:-)
869 .size AES_set_enc2dec_key,.-AES_set_enc2dec_key
971 .size AES_Td,.-AES_Td
984 stmdb sp!,{r1,r4-r12,lr}
988 sub $tbl,r3,#AES_decrypt-AES_Td @ Td
993 ldrb $s0,[$rounds,#3] @ load input data in endian-neutral
1048 mov $t1,$s0,lsr#24 @ write output in endian-neutral
1078 ldmia sp!,{r4-r12,pc}
1080 ldmia sp!,{r4-r12,lr}
1083 bx lr @ interoperable with Thumb ISA:-)
1085 .size AES_decrypt,.-AES_decrypt
1090 str lr,[sp,#-4]! @ push lr
1091 ldmia $key!,{$t1-$i1}
1093 ldr $rounds,[$key,#240-16]
1096 eor $s3,$s3,$i1
1100 and $i1,lr,$s0,lsr#16
1105 ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16]
1106 and $i1,lr,$s1 @ i0
1114 ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0]
1117 eor $s0,$s0,$i1,ror#24
1119 and $i1,lr,$s2,lsr#8 @ i0
1121 and $i2,lr,$s2 @ i1
1124 ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8]
1130 eor $s0,$s0,$i1,ror#16
1132 and $i1,lr,$s3,lsr#16 @ i0
1134 and $i2,lr,$s3,lsr#8 @ i1
1137 ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16]
1143 eor $s0,$s0,$i1,ror#8
1144 ldr $i1,[$key],#16
1149 ldr $t1,[$key,#-12]
1150 eor $s0,$s0,$i1
1151 ldr $t2,[$key,#-8]
1153 ldr $t3,[$key,#-4]
1154 and $i1,lr,$s0,lsr#16
1177 ldrb $t1,[$tbl,$i1] @ Td4[s0>>16]
1178 and $i1,lr,$s1 @ i0
1185 ldrb $i1,[$tbl,$i1] @ Td4[s1>>0]
1188 eor $s0,$i1,$s0,lsl#24
1191 and $i1,lr,$s2,lsr#8 @ i0
1193 and $i2,lr,$s2 @ i1
1194 ldrb $i1,[$tbl,$i1] @ Td4[s2>>8]
1201 eor $s0,$s0,$i1,lsl#8
1204 and $i1,lr,$s3,lsr#16 @ i0
1206 and $i2,lr,$s3,lsr#8 @ i1
1207 ldrb $i1,[$tbl,$i1] @ Td4[s3>>16]
1215 eor $s0,$s0,$i1,lsl#16
1216 ldr $i1,[$key,#0]
1224 eor $s0,$s0,$i1
1231 .size _armv4_AES_decrypt,.-_armv4_AES_decrypt
1236 $code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4