1#if defined(__arm__) 2@ Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved. 3@ 4@ Licensed under the OpenSSL license (the "License"). You may not use 5@ this file except in compliance with the License. You can obtain a copy 6@ in the file LICENSE in the source distribution or at 7@ https://www.openssl.org/source/license.html 8 9 10@ ==================================================================== 11@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL 12@ project. The module is, however, dual licensed under OpenSSL and 13@ CRYPTOGAMS licenses depending on where you obtain it. For further 14@ details see http://www.openssl.org/~appro/cryptogams/. 15@ ==================================================================== 16 17@ AES for ARMv4 18 19@ January 2007. 20@ 21@ Code uses single 1K S-box and is >2 times faster than code generated 22@ by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which 23@ allows to merge logical or arithmetic operation with shift or rotate 24@ in one instruction and emit combined result every cycle. The module 25@ is endian-neutral. The performance is ~42 cycles/byte for 128-bit 26@ key [on single-issue Xscale PXA250 core]. 27 28@ May 2007. 29@ 30@ AES_set_[en|de]crypt_key is added. 31 32@ July 2010. 33@ 34@ Rescheduling for dual-issue pipeline resulted in 12% improvement on 35@ Cortex A8 core and ~25 cycles per byte processed with 128-bit key. 36 37@ February 2011. 38@ 39@ Profiler-assisted and platform-specific optimization resulted in 16% 40@ improvement on Cortex A8 core and ~21.5 cycles per byte. 41 42#ifndef __KERNEL__ 43# include <openssl/arm_arch.h> 44#else 45# define __ARM_ARCH__ __LINUX_ARM_ARCH__ 46#endif 47 48@ Silence ARMv8 deprecated IT instruction warnings. This file is used by both 49@ ARMv7 and ARMv8 processors and does not use ARMv8 instructions. (ARMv8 AES 50@ instructions are in aesv8-armx.pl.) 51.arch armv7-a 52 53.text 54#if defined(__thumb2__) && !defined(__APPLE__) 55.syntax unified 56.thumb 57#else 58.code 32 59#undef __thumb2__ 60#endif 61 62.type AES_Te,%object 63.align 5 64AES_Te: 65.word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d 66.word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 67.word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d 68.word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a 69.word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 70.word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b 71.word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea 72.word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b 73.word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a 74.word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f 75.word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 76.word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f 77.word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e 78.word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 79.word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d 80.word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f 81.word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e 82.word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb 83.word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce 84.word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 85.word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c 86.word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed 87.word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b 88.word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a 89.word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 90.word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 91.word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 92.word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 93.word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a 94.word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 95.word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 96.word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d 97.word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f 98.word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 99.word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 100.word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 101.word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f 102.word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 103.word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c 104.word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 105.word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e 106.word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 107.word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 108.word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b 109.word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 110.word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 111.word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 112.word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 113.word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 114.word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 115.word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 116.word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 117.word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa 118.word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 119.word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 120.word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 121.word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 122.word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 123.word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 124.word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a 125.word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 126.word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 127.word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 128.word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a 129@ Te4[256] 130.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 131.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 132.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 133.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 134.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc 135.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 136.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a 137.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 138.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 139.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 140.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b 141.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf 142.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 143.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 144.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 145.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 146.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 147.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 148.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 149.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb 150.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c 151.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 152.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 153.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 154.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 155.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a 156.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e 157.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e 158.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 159.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf 160.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 161.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 162@ rcon[] 163.word 0x01000000, 0x02000000, 0x04000000, 0x08000000 164.word 0x10000000, 0x20000000, 0x40000000, 0x80000000 165.word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0 166.size AES_Te,.-AES_Te 167 168@ void asm_AES_encrypt(const unsigned char *in, unsigned char *out, 169@ const AES_KEY *key) { 170.globl asm_AES_encrypt 171.hidden asm_AES_encrypt 172.type asm_AES_encrypt,%function 173.align 5 174asm_AES_encrypt: 175#ifndef __thumb2__ 176 sub r3,pc,#8 @ asm_AES_encrypt 177#else 178 adr r3,. 179#endif 180 stmdb sp!,{r1,r4-r12,lr} 181#ifdef __APPLE__ 182 adr r10,AES_Te 183#else 184 sub r10,r3,#asm_AES_encrypt-AES_Te @ Te 185#endif 186 mov r12,r0 @ inp 187 mov r11,r2 188#if __ARM_ARCH__<7 189 ldrb r0,[r12,#3] @ load input data in endian-neutral 190 ldrb r4,[r12,#2] @ manner... 191 ldrb r5,[r12,#1] 192 ldrb r6,[r12,#0] 193 orr r0,r0,r4,lsl#8 194 ldrb r1,[r12,#7] 195 orr r0,r0,r5,lsl#16 196 ldrb r4,[r12,#6] 197 orr r0,r0,r6,lsl#24 198 ldrb r5,[r12,#5] 199 ldrb r6,[r12,#4] 200 orr r1,r1,r4,lsl#8 201 ldrb r2,[r12,#11] 202 orr r1,r1,r5,lsl#16 203 ldrb r4,[r12,#10] 204 orr r1,r1,r6,lsl#24 205 ldrb r5,[r12,#9] 206 ldrb r6,[r12,#8] 207 orr r2,r2,r4,lsl#8 208 ldrb r3,[r12,#15] 209 orr r2,r2,r5,lsl#16 210 ldrb r4,[r12,#14] 211 orr r2,r2,r6,lsl#24 212 ldrb r5,[r12,#13] 213 ldrb r6,[r12,#12] 214 orr r3,r3,r4,lsl#8 215 orr r3,r3,r5,lsl#16 216 orr r3,r3,r6,lsl#24 217#else 218 ldr r0,[r12,#0] 219 ldr r1,[r12,#4] 220 ldr r2,[r12,#8] 221 ldr r3,[r12,#12] 222#ifdef __ARMEL__ 223 rev r0,r0 224 rev r1,r1 225 rev r2,r2 226 rev r3,r3 227#endif 228#endif 229 bl _armv4_AES_encrypt 230 231 ldr r12,[sp],#4 @ pop out 232#if __ARM_ARCH__>=7 233#ifdef __ARMEL__ 234 rev r0,r0 235 rev r1,r1 236 rev r2,r2 237 rev r3,r3 238#endif 239 str r0,[r12,#0] 240 str r1,[r12,#4] 241 str r2,[r12,#8] 242 str r3,[r12,#12] 243#else 244 mov r4,r0,lsr#24 @ write output in endian-neutral 245 mov r5,r0,lsr#16 @ manner... 246 mov r6,r0,lsr#8 247 strb r4,[r12,#0] 248 strb r5,[r12,#1] 249 mov r4,r1,lsr#24 250 strb r6,[r12,#2] 251 mov r5,r1,lsr#16 252 strb r0,[r12,#3] 253 mov r6,r1,lsr#8 254 strb r4,[r12,#4] 255 strb r5,[r12,#5] 256 mov r4,r2,lsr#24 257 strb r6,[r12,#6] 258 mov r5,r2,lsr#16 259 strb r1,[r12,#7] 260 mov r6,r2,lsr#8 261 strb r4,[r12,#8] 262 strb r5,[r12,#9] 263 mov r4,r3,lsr#24 264 strb r6,[r12,#10] 265 mov r5,r3,lsr#16 266 strb r2,[r12,#11] 267 mov r6,r3,lsr#8 268 strb r4,[r12,#12] 269 strb r5,[r12,#13] 270 strb r6,[r12,#14] 271 strb r3,[r12,#15] 272#endif 273#if __ARM_ARCH__>=5 274 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc} 275#else 276 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 277 tst lr,#1 278 moveq pc,lr @ be binary compatible with V4, yet 279.word 0xe12fff1e @ interoperable with Thumb ISA:-) 280#endif 281.size asm_AES_encrypt,.-asm_AES_encrypt 282 283.type _armv4_AES_encrypt,%function 284.align 2 285_armv4_AES_encrypt: 286 str lr,[sp,#-4]! @ push lr 287 ldmia r11!,{r4,r5,r6,r7} 288 eor r0,r0,r4 289 ldr r12,[r11,#240-16] 290 eor r1,r1,r5 291 eor r2,r2,r6 292 eor r3,r3,r7 293 sub r12,r12,#1 294 mov lr,#255 295 296 and r7,lr,r0 297 and r8,lr,r0,lsr#8 298 and r9,lr,r0,lsr#16 299 mov r0,r0,lsr#24 300.Lenc_loop: 301 ldr r4,[r10,r7,lsl#2] @ Te3[s0>>0] 302 and r7,lr,r1,lsr#16 @ i0 303 ldr r5,[r10,r8,lsl#2] @ Te2[s0>>8] 304 and r8,lr,r1 305 ldr r6,[r10,r9,lsl#2] @ Te1[s0>>16] 306 and r9,lr,r1,lsr#8 307 ldr r0,[r10,r0,lsl#2] @ Te0[s0>>24] 308 mov r1,r1,lsr#24 309 310 ldr r7,[r10,r7,lsl#2] @ Te1[s1>>16] 311 ldr r8,[r10,r8,lsl#2] @ Te3[s1>>0] 312 ldr r9,[r10,r9,lsl#2] @ Te2[s1>>8] 313 eor r0,r0,r7,ror#8 314 ldr r1,[r10,r1,lsl#2] @ Te0[s1>>24] 315 and r7,lr,r2,lsr#8 @ i0 316 eor r5,r5,r8,ror#8 317 and r8,lr,r2,lsr#16 @ i1 318 eor r6,r6,r9,ror#8 319 and r9,lr,r2 320 ldr r7,[r10,r7,lsl#2] @ Te2[s2>>8] 321 eor r1,r1,r4,ror#24 322 ldr r8,[r10,r8,lsl#2] @ Te1[s2>>16] 323 mov r2,r2,lsr#24 324 325 ldr r9,[r10,r9,lsl#2] @ Te3[s2>>0] 326 eor r0,r0,r7,ror#16 327 ldr r2,[r10,r2,lsl#2] @ Te0[s2>>24] 328 and r7,lr,r3 @ i0 329 eor r1,r1,r8,ror#8 330 and r8,lr,r3,lsr#8 @ i1 331 eor r6,r6,r9,ror#16 332 and r9,lr,r3,lsr#16 @ i2 333 ldr r7,[r10,r7,lsl#2] @ Te3[s3>>0] 334 eor r2,r2,r5,ror#16 335 ldr r8,[r10,r8,lsl#2] @ Te2[s3>>8] 336 mov r3,r3,lsr#24 337 338 ldr r9,[r10,r9,lsl#2] @ Te1[s3>>16] 339 eor r0,r0,r7,ror#24 340 ldr r7,[r11],#16 341 eor r1,r1,r8,ror#16 342 ldr r3,[r10,r3,lsl#2] @ Te0[s3>>24] 343 eor r2,r2,r9,ror#8 344 ldr r4,[r11,#-12] 345 eor r3,r3,r6,ror#8 346 347 ldr r5,[r11,#-8] 348 eor r0,r0,r7 349 ldr r6,[r11,#-4] 350 and r7,lr,r0 351 eor r1,r1,r4 352 and r8,lr,r0,lsr#8 353 eor r2,r2,r5 354 and r9,lr,r0,lsr#16 355 eor r3,r3,r6 356 mov r0,r0,lsr#24 357 358 subs r12,r12,#1 359 bne .Lenc_loop 360 361 add r10,r10,#2 362 363 ldrb r4,[r10,r7,lsl#2] @ Te4[s0>>0] 364 and r7,lr,r1,lsr#16 @ i0 365 ldrb r5,[r10,r8,lsl#2] @ Te4[s0>>8] 366 and r8,lr,r1 367 ldrb r6,[r10,r9,lsl#2] @ Te4[s0>>16] 368 and r9,lr,r1,lsr#8 369 ldrb r0,[r10,r0,lsl#2] @ Te4[s0>>24] 370 mov r1,r1,lsr#24 371 372 ldrb r7,[r10,r7,lsl#2] @ Te4[s1>>16] 373 ldrb r8,[r10,r8,lsl#2] @ Te4[s1>>0] 374 ldrb r9,[r10,r9,lsl#2] @ Te4[s1>>8] 375 eor r0,r7,r0,lsl#8 376 ldrb r1,[r10,r1,lsl#2] @ Te4[s1>>24] 377 and r7,lr,r2,lsr#8 @ i0 378 eor r5,r8,r5,lsl#8 379 and r8,lr,r2,lsr#16 @ i1 380 eor r6,r9,r6,lsl#8 381 and r9,lr,r2 382 ldrb r7,[r10,r7,lsl#2] @ Te4[s2>>8] 383 eor r1,r4,r1,lsl#24 384 ldrb r8,[r10,r8,lsl#2] @ Te4[s2>>16] 385 mov r2,r2,lsr#24 386 387 ldrb r9,[r10,r9,lsl#2] @ Te4[s2>>0] 388 eor r0,r7,r0,lsl#8 389 ldrb r2,[r10,r2,lsl#2] @ Te4[s2>>24] 390 and r7,lr,r3 @ i0 391 eor r1,r1,r8,lsl#16 392 and r8,lr,r3,lsr#8 @ i1 393 eor r6,r9,r6,lsl#8 394 and r9,lr,r3,lsr#16 @ i2 395 ldrb r7,[r10,r7,lsl#2] @ Te4[s3>>0] 396 eor r2,r5,r2,lsl#24 397 ldrb r8,[r10,r8,lsl#2] @ Te4[s3>>8] 398 mov r3,r3,lsr#24 399 400 ldrb r9,[r10,r9,lsl#2] @ Te4[s3>>16] 401 eor r0,r7,r0,lsl#8 402 ldr r7,[r11,#0] 403 ldrb r3,[r10,r3,lsl#2] @ Te4[s3>>24] 404 eor r1,r1,r8,lsl#8 405 ldr r4,[r11,#4] 406 eor r2,r2,r9,lsl#16 407 ldr r5,[r11,#8] 408 eor r3,r6,r3,lsl#24 409 ldr r6,[r11,#12] 410 411 eor r0,r0,r7 412 eor r1,r1,r4 413 eor r2,r2,r5 414 eor r3,r3,r6 415 416 sub r10,r10,#2 417 ldr pc,[sp],#4 @ pop and return 418.size _armv4_AES_encrypt,.-_armv4_AES_encrypt 419 420.globl asm_AES_set_encrypt_key 421.hidden asm_AES_set_encrypt_key 422.type asm_AES_set_encrypt_key,%function 423.align 5 424asm_AES_set_encrypt_key: 425_armv4_AES_set_encrypt_key: 426#ifndef __thumb2__ 427 sub r3,pc,#8 @ asm_AES_set_encrypt_key 428#else 429 adr r3,. 430#endif 431 teq r0,#0 432#ifdef __thumb2__ 433 itt eq @ Thumb2 thing, sanity check in ARM 434#endif 435 moveq r0,#-1 436 beq .Labrt 437 teq r2,#0 438#ifdef __thumb2__ 439 itt eq @ Thumb2 thing, sanity check in ARM 440#endif 441 moveq r0,#-1 442 beq .Labrt 443 444 teq r1,#128 445 beq .Lok 446 teq r1,#192 447 beq .Lok 448 teq r1,#256 449#ifdef __thumb2__ 450 itt ne @ Thumb2 thing, sanity check in ARM 451#endif 452 movne r0,#-1 453 bne .Labrt 454 455.Lok: stmdb sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 456 mov r12,r0 @ inp 457 mov lr,r1 @ bits 458 mov r11,r2 @ key 459 460#ifdef __APPLE__ 461 adr r10,AES_Te+1024 @ Te4 462#else 463 sub r10,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4 464#endif 465 466#if __ARM_ARCH__<7 467 ldrb r0,[r12,#3] @ load input data in endian-neutral 468 ldrb r4,[r12,#2] @ manner... 469 ldrb r5,[r12,#1] 470 ldrb r6,[r12,#0] 471 orr r0,r0,r4,lsl#8 472 ldrb r1,[r12,#7] 473 orr r0,r0,r5,lsl#16 474 ldrb r4,[r12,#6] 475 orr r0,r0,r6,lsl#24 476 ldrb r5,[r12,#5] 477 ldrb r6,[r12,#4] 478 orr r1,r1,r4,lsl#8 479 ldrb r2,[r12,#11] 480 orr r1,r1,r5,lsl#16 481 ldrb r4,[r12,#10] 482 orr r1,r1,r6,lsl#24 483 ldrb r5,[r12,#9] 484 ldrb r6,[r12,#8] 485 orr r2,r2,r4,lsl#8 486 ldrb r3,[r12,#15] 487 orr r2,r2,r5,lsl#16 488 ldrb r4,[r12,#14] 489 orr r2,r2,r6,lsl#24 490 ldrb r5,[r12,#13] 491 ldrb r6,[r12,#12] 492 orr r3,r3,r4,lsl#8 493 str r0,[r11],#16 494 orr r3,r3,r5,lsl#16 495 str r1,[r11,#-12] 496 orr r3,r3,r6,lsl#24 497 str r2,[r11,#-8] 498 str r3,[r11,#-4] 499#else 500 ldr r0,[r12,#0] 501 ldr r1,[r12,#4] 502 ldr r2,[r12,#8] 503 ldr r3,[r12,#12] 504#ifdef __ARMEL__ 505 rev r0,r0 506 rev r1,r1 507 rev r2,r2 508 rev r3,r3 509#endif 510 str r0,[r11],#16 511 str r1,[r11,#-12] 512 str r2,[r11,#-8] 513 str r3,[r11,#-4] 514#endif 515 516 teq lr,#128 517 bne .Lnot128 518 mov r12,#10 519 str r12,[r11,#240-16] 520 add r6,r10,#256 @ rcon 521 mov lr,#255 522 523.L128_loop: 524 and r5,lr,r3,lsr#24 525 and r7,lr,r3,lsr#16 526 ldrb r5,[r10,r5] 527 and r8,lr,r3,lsr#8 528 ldrb r7,[r10,r7] 529 and r9,lr,r3 530 ldrb r8,[r10,r8] 531 orr r5,r5,r7,lsl#24 532 ldrb r9,[r10,r9] 533 orr r5,r5,r8,lsl#16 534 ldr r4,[r6],#4 @ rcon[i++] 535 orr r5,r5,r9,lsl#8 536 eor r5,r5,r4 537 eor r0,r0,r5 @ rk[4]=rk[0]^... 538 eor r1,r1,r0 @ rk[5]=rk[1]^rk[4] 539 str r0,[r11],#16 540 eor r2,r2,r1 @ rk[6]=rk[2]^rk[5] 541 str r1,[r11,#-12] 542 eor r3,r3,r2 @ rk[7]=rk[3]^rk[6] 543 str r2,[r11,#-8] 544 subs r12,r12,#1 545 str r3,[r11,#-4] 546 bne .L128_loop 547 sub r2,r11,#176 548 b .Ldone 549 550.Lnot128: 551#if __ARM_ARCH__<7 552 ldrb r8,[r12,#19] 553 ldrb r4,[r12,#18] 554 ldrb r5,[r12,#17] 555 ldrb r6,[r12,#16] 556 orr r8,r8,r4,lsl#8 557 ldrb r9,[r12,#23] 558 orr r8,r8,r5,lsl#16 559 ldrb r4,[r12,#22] 560 orr r8,r8,r6,lsl#24 561 ldrb r5,[r12,#21] 562 ldrb r6,[r12,#20] 563 orr r9,r9,r4,lsl#8 564 orr r9,r9,r5,lsl#16 565 str r8,[r11],#8 566 orr r9,r9,r6,lsl#24 567 str r9,[r11,#-4] 568#else 569 ldr r8,[r12,#16] 570 ldr r9,[r12,#20] 571#ifdef __ARMEL__ 572 rev r8,r8 573 rev r9,r9 574#endif 575 str r8,[r11],#8 576 str r9,[r11,#-4] 577#endif 578 579 teq lr,#192 580 bne .Lnot192 581 mov r12,#12 582 str r12,[r11,#240-24] 583 add r6,r10,#256 @ rcon 584 mov lr,#255 585 mov r12,#8 586 587.L192_loop: 588 and r5,lr,r9,lsr#24 589 and r7,lr,r9,lsr#16 590 ldrb r5,[r10,r5] 591 and r8,lr,r9,lsr#8 592 ldrb r7,[r10,r7] 593 and r9,lr,r9 594 ldrb r8,[r10,r8] 595 orr r5,r5,r7,lsl#24 596 ldrb r9,[r10,r9] 597 orr r5,r5,r8,lsl#16 598 ldr r4,[r6],#4 @ rcon[i++] 599 orr r5,r5,r9,lsl#8 600 eor r9,r5,r4 601 eor r0,r0,r9 @ rk[6]=rk[0]^... 602 eor r1,r1,r0 @ rk[7]=rk[1]^rk[6] 603 str r0,[r11],#24 604 eor r2,r2,r1 @ rk[8]=rk[2]^rk[7] 605 str r1,[r11,#-20] 606 eor r3,r3,r2 @ rk[9]=rk[3]^rk[8] 607 str r2,[r11,#-16] 608 subs r12,r12,#1 609 str r3,[r11,#-12] 610#ifdef __thumb2__ 611 itt eq @ Thumb2 thing, sanity check in ARM 612#endif 613 subeq r2,r11,#216 614 beq .Ldone 615 616 ldr r7,[r11,#-32] 617 ldr r8,[r11,#-28] 618 eor r7,r7,r3 @ rk[10]=rk[4]^rk[9] 619 eor r9,r8,r7 @ rk[11]=rk[5]^rk[10] 620 str r7,[r11,#-8] 621 str r9,[r11,#-4] 622 b .L192_loop 623 624.Lnot192: 625#if __ARM_ARCH__<7 626 ldrb r8,[r12,#27] 627 ldrb r4,[r12,#26] 628 ldrb r5,[r12,#25] 629 ldrb r6,[r12,#24] 630 orr r8,r8,r4,lsl#8 631 ldrb r9,[r12,#31] 632 orr r8,r8,r5,lsl#16 633 ldrb r4,[r12,#30] 634 orr r8,r8,r6,lsl#24 635 ldrb r5,[r12,#29] 636 ldrb r6,[r12,#28] 637 orr r9,r9,r4,lsl#8 638 orr r9,r9,r5,lsl#16 639 str r8,[r11],#8 640 orr r9,r9,r6,lsl#24 641 str r9,[r11,#-4] 642#else 643 ldr r8,[r12,#24] 644 ldr r9,[r12,#28] 645#ifdef __ARMEL__ 646 rev r8,r8 647 rev r9,r9 648#endif 649 str r8,[r11],#8 650 str r9,[r11,#-4] 651#endif 652 653 mov r12,#14 654 str r12,[r11,#240-32] 655 add r6,r10,#256 @ rcon 656 mov lr,#255 657 mov r12,#7 658 659.L256_loop: 660 and r5,lr,r9,lsr#24 661 and r7,lr,r9,lsr#16 662 ldrb r5,[r10,r5] 663 and r8,lr,r9,lsr#8 664 ldrb r7,[r10,r7] 665 and r9,lr,r9 666 ldrb r8,[r10,r8] 667 orr r5,r5,r7,lsl#24 668 ldrb r9,[r10,r9] 669 orr r5,r5,r8,lsl#16 670 ldr r4,[r6],#4 @ rcon[i++] 671 orr r5,r5,r9,lsl#8 672 eor r9,r5,r4 673 eor r0,r0,r9 @ rk[8]=rk[0]^... 674 eor r1,r1,r0 @ rk[9]=rk[1]^rk[8] 675 str r0,[r11],#32 676 eor r2,r2,r1 @ rk[10]=rk[2]^rk[9] 677 str r1,[r11,#-28] 678 eor r3,r3,r2 @ rk[11]=rk[3]^rk[10] 679 str r2,[r11,#-24] 680 subs r12,r12,#1 681 str r3,[r11,#-20] 682#ifdef __thumb2__ 683 itt eq @ Thumb2 thing, sanity check in ARM 684#endif 685 subeq r2,r11,#256 686 beq .Ldone 687 688 and r5,lr,r3 689 and r7,lr,r3,lsr#8 690 ldrb r5,[r10,r5] 691 and r8,lr,r3,lsr#16 692 ldrb r7,[r10,r7] 693 and r9,lr,r3,lsr#24 694 ldrb r8,[r10,r8] 695 orr r5,r5,r7,lsl#8 696 ldrb r9,[r10,r9] 697 orr r5,r5,r8,lsl#16 698 ldr r4,[r11,#-48] 699 orr r5,r5,r9,lsl#24 700 701 ldr r7,[r11,#-44] 702 ldr r8,[r11,#-40] 703 eor r4,r4,r5 @ rk[12]=rk[4]^... 704 ldr r9,[r11,#-36] 705 eor r7,r7,r4 @ rk[13]=rk[5]^rk[12] 706 str r4,[r11,#-16] 707 eor r8,r8,r7 @ rk[14]=rk[6]^rk[13] 708 str r7,[r11,#-12] 709 eor r9,r9,r8 @ rk[15]=rk[7]^rk[14] 710 str r8,[r11,#-8] 711 str r9,[r11,#-4] 712 b .L256_loop 713 714.align 2 715.Ldone: mov r0,#0 716 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 717.Labrt: 718#if __ARM_ARCH__>=5 719 bx lr @ .word 0xe12fff1e 720#else 721 tst lr,#1 722 moveq pc,lr @ be binary compatible with V4, yet 723.word 0xe12fff1e @ interoperable with Thumb ISA:-) 724#endif 725.size asm_AES_set_encrypt_key,.-asm_AES_set_encrypt_key 726 727.globl asm_AES_set_decrypt_key 728.hidden asm_AES_set_decrypt_key 729.type asm_AES_set_decrypt_key,%function 730.align 5 731asm_AES_set_decrypt_key: 732 str lr,[sp,#-4]! @ push lr 733 bl _armv4_AES_set_encrypt_key 734 teq r0,#0 735 ldr lr,[sp],#4 @ pop lr 736 bne .Labrt 737 738 mov r0,r2 @ asm_AES_set_encrypt_key preserves r2, 739 mov r1,r2 @ which is AES_KEY *key 740 b _armv4_AES_set_enc2dec_key 741.size asm_AES_set_decrypt_key,.-asm_AES_set_decrypt_key 742 743@ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out) 744.globl AES_set_enc2dec_key 745.hidden AES_set_enc2dec_key 746.type AES_set_enc2dec_key,%function 747.align 5 748AES_set_enc2dec_key: 749_armv4_AES_set_enc2dec_key: 750 stmdb sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 751 752 ldr r12,[r0,#240] 753 mov r7,r0 @ input 754 add r8,r0,r12,lsl#4 755 mov r11,r1 @ output 756 add r10,r1,r12,lsl#4 757 str r12,[r1,#240] 758 759.Linv: ldr r0,[r7],#16 760 ldr r1,[r7,#-12] 761 ldr r2,[r7,#-8] 762 ldr r3,[r7,#-4] 763 ldr r4,[r8],#-16 764 ldr r5,[r8,#16+4] 765 ldr r6,[r8,#16+8] 766 ldr r9,[r8,#16+12] 767 str r0,[r10],#-16 768 str r1,[r10,#16+4] 769 str r2,[r10,#16+8] 770 str r3,[r10,#16+12] 771 str r4,[r11],#16 772 str r5,[r11,#-12] 773 str r6,[r11,#-8] 774 str r9,[r11,#-4] 775 teq r7,r8 776 bne .Linv 777 778 ldr r0,[r7] 779 ldr r1,[r7,#4] 780 ldr r2,[r7,#8] 781 ldr r3,[r7,#12] 782 str r0,[r11] 783 str r1,[r11,#4] 784 str r2,[r11,#8] 785 str r3,[r11,#12] 786 sub r11,r11,r12,lsl#3 787 ldr r0,[r11,#16]! @ prefetch tp1 788 mov r7,#0x80 789 mov r8,#0x1b 790 orr r7,r7,#0x8000 791 orr r8,r8,#0x1b00 792 orr r7,r7,r7,lsl#16 793 orr r8,r8,r8,lsl#16 794 sub r12,r12,#1 795 mvn r9,r7 796 mov r12,r12,lsl#2 @ (rounds-1)*4 797 798.Lmix: and r4,r0,r7 799 and r1,r0,r9 800 sub r4,r4,r4,lsr#7 801 and r4,r4,r8 802 eor r1,r4,r1,lsl#1 @ tp2 803 804 and r4,r1,r7 805 and r2,r1,r9 806 sub r4,r4,r4,lsr#7 807 and r4,r4,r8 808 eor r2,r4,r2,lsl#1 @ tp4 809 810 and r4,r2,r7 811 and r3,r2,r9 812 sub r4,r4,r4,lsr#7 813 and r4,r4,r8 814 eor r3,r4,r3,lsl#1 @ tp8 815 816 eor r4,r1,r2 817 eor r5,r0,r3 @ tp9 818 eor r4,r4,r3 @ tpe 819 eor r4,r4,r1,ror#24 820 eor r4,r4,r5,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8) 821 eor r4,r4,r2,ror#16 822 eor r4,r4,r5,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16) 823 eor r4,r4,r5,ror#8 @ ^= ROTATE(tp9,24) 824 825 ldr r0,[r11,#4] @ prefetch tp1 826 str r4,[r11],#4 827 subs r12,r12,#1 828 bne .Lmix 829 830 mov r0,#0 831#if __ARM_ARCH__>=5 832 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc} 833#else 834 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 835 tst lr,#1 836 moveq pc,lr @ be binary compatible with V4, yet 837.word 0xe12fff1e @ interoperable with Thumb ISA:-) 838#endif 839.size AES_set_enc2dec_key,.-AES_set_enc2dec_key 840 841.type AES_Td,%object 842.align 5 843AES_Td: 844.word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 845.word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 846.word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 847.word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f 848.word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 849.word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 850.word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da 851.word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 852.word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd 853.word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 854.word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 855.word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 856.word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 857.word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a 858.word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 859.word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c 860.word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 861.word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a 862.word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 863.word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 864.word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 865.word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff 866.word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 867.word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb 868.word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 869.word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e 870.word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 871.word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a 872.word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e 873.word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 874.word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d 875.word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 876.word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd 877.word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 878.word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 879.word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 880.word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d 881.word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 882.word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 883.word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef 884.word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 885.word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 886.word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 887.word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 888.word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 889.word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b 890.word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 891.word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 892.word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 893.word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 894.word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 895.word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f 896.word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df 897.word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f 898.word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e 899.word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 900.word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 901.word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c 902.word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf 903.word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 904.word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f 905.word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 906.word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 907.word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 908@ Td4[256] 909.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 910.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb 911.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 912.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb 913.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d 914.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e 915.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 916.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 917.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 918.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 919.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda 920.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 921.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a 922.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 923.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 924.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b 925.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea 926.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 927.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 928.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e 929.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 930.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b 931.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 932.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 933.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 934.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f 935.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d 936.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef 937.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 938.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 939.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 940.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d 941.size AES_Td,.-AES_Td 942 943@ void asm_AES_decrypt(const unsigned char *in, unsigned char *out, 944@ const AES_KEY *key) { 945.globl asm_AES_decrypt 946.hidden asm_AES_decrypt 947.type asm_AES_decrypt,%function 948.align 5 949asm_AES_decrypt: 950#ifndef __thumb2__ 951 sub r3,pc,#8 @ asm_AES_decrypt 952#else 953 adr r3,. 954#endif 955 stmdb sp!,{r1,r4-r12,lr} 956#ifdef __APPLE__ 957 adr r10,AES_Td 958#else 959 sub r10,r3,#asm_AES_decrypt-AES_Td @ Td 960#endif 961 mov r12,r0 @ inp 962 mov r11,r2 963#if __ARM_ARCH__<7 964 ldrb r0,[r12,#3] @ load input data in endian-neutral 965 ldrb r4,[r12,#2] @ manner... 966 ldrb r5,[r12,#1] 967 ldrb r6,[r12,#0] 968 orr r0,r0,r4,lsl#8 969 ldrb r1,[r12,#7] 970 orr r0,r0,r5,lsl#16 971 ldrb r4,[r12,#6] 972 orr r0,r0,r6,lsl#24 973 ldrb r5,[r12,#5] 974 ldrb r6,[r12,#4] 975 orr r1,r1,r4,lsl#8 976 ldrb r2,[r12,#11] 977 orr r1,r1,r5,lsl#16 978 ldrb r4,[r12,#10] 979 orr r1,r1,r6,lsl#24 980 ldrb r5,[r12,#9] 981 ldrb r6,[r12,#8] 982 orr r2,r2,r4,lsl#8 983 ldrb r3,[r12,#15] 984 orr r2,r2,r5,lsl#16 985 ldrb r4,[r12,#14] 986 orr r2,r2,r6,lsl#24 987 ldrb r5,[r12,#13] 988 ldrb r6,[r12,#12] 989 orr r3,r3,r4,lsl#8 990 orr r3,r3,r5,lsl#16 991 orr r3,r3,r6,lsl#24 992#else 993 ldr r0,[r12,#0] 994 ldr r1,[r12,#4] 995 ldr r2,[r12,#8] 996 ldr r3,[r12,#12] 997#ifdef __ARMEL__ 998 rev r0,r0 999 rev r1,r1 1000 rev r2,r2 1001 rev r3,r3 1002#endif 1003#endif 1004 bl _armv4_AES_decrypt 1005 1006 ldr r12,[sp],#4 @ pop out 1007#if __ARM_ARCH__>=7 1008#ifdef __ARMEL__ 1009 rev r0,r0 1010 rev r1,r1 1011 rev r2,r2 1012 rev r3,r3 1013#endif 1014 str r0,[r12,#0] 1015 str r1,[r12,#4] 1016 str r2,[r12,#8] 1017 str r3,[r12,#12] 1018#else 1019 mov r4,r0,lsr#24 @ write output in endian-neutral 1020 mov r5,r0,lsr#16 @ manner... 1021 mov r6,r0,lsr#8 1022 strb r4,[r12,#0] 1023 strb r5,[r12,#1] 1024 mov r4,r1,lsr#24 1025 strb r6,[r12,#2] 1026 mov r5,r1,lsr#16 1027 strb r0,[r12,#3] 1028 mov r6,r1,lsr#8 1029 strb r4,[r12,#4] 1030 strb r5,[r12,#5] 1031 mov r4,r2,lsr#24 1032 strb r6,[r12,#6] 1033 mov r5,r2,lsr#16 1034 strb r1,[r12,#7] 1035 mov r6,r2,lsr#8 1036 strb r4,[r12,#8] 1037 strb r5,[r12,#9] 1038 mov r4,r3,lsr#24 1039 strb r6,[r12,#10] 1040 mov r5,r3,lsr#16 1041 strb r2,[r12,#11] 1042 mov r6,r3,lsr#8 1043 strb r4,[r12,#12] 1044 strb r5,[r12,#13] 1045 strb r6,[r12,#14] 1046 strb r3,[r12,#15] 1047#endif 1048#if __ARM_ARCH__>=5 1049 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,pc} 1050#else 1051 ldmia sp!,{r4,r5,r6,r7,r8,r9,r10,r11,r12,lr} 1052 tst lr,#1 1053 moveq pc,lr @ be binary compatible with V4, yet 1054.word 0xe12fff1e @ interoperable with Thumb ISA:-) 1055#endif 1056.size asm_AES_decrypt,.-asm_AES_decrypt 1057 1058.type _armv4_AES_decrypt,%function 1059.align 2 1060_armv4_AES_decrypt: 1061 str lr,[sp,#-4]! @ push lr 1062 ldmia r11!,{r4,r5,r6,r7} 1063 eor r0,r0,r4 1064 ldr r12,[r11,#240-16] 1065 eor r1,r1,r5 1066 eor r2,r2,r6 1067 eor r3,r3,r7 1068 sub r12,r12,#1 1069 mov lr,#255 1070 1071 and r7,lr,r0,lsr#16 1072 and r8,lr,r0,lsr#8 1073 and r9,lr,r0 1074 mov r0,r0,lsr#24 1075.Ldec_loop: 1076 ldr r4,[r10,r7,lsl#2] @ Td1[s0>>16] 1077 and r7,lr,r1 @ i0 1078 ldr r5,[r10,r8,lsl#2] @ Td2[s0>>8] 1079 and r8,lr,r1,lsr#16 1080 ldr r6,[r10,r9,lsl#2] @ Td3[s0>>0] 1081 and r9,lr,r1,lsr#8 1082 ldr r0,[r10,r0,lsl#2] @ Td0[s0>>24] 1083 mov r1,r1,lsr#24 1084 1085 ldr r7,[r10,r7,lsl#2] @ Td3[s1>>0] 1086 ldr r8,[r10,r8,lsl#2] @ Td1[s1>>16] 1087 ldr r9,[r10,r9,lsl#2] @ Td2[s1>>8] 1088 eor r0,r0,r7,ror#24 1089 ldr r1,[r10,r1,lsl#2] @ Td0[s1>>24] 1090 and r7,lr,r2,lsr#8 @ i0 1091 eor r5,r8,r5,ror#8 1092 and r8,lr,r2 @ i1 1093 eor r6,r9,r6,ror#8 1094 and r9,lr,r2,lsr#16 1095 ldr r7,[r10,r7,lsl#2] @ Td2[s2>>8] 1096 eor r1,r1,r4,ror#8 1097 ldr r8,[r10,r8,lsl#2] @ Td3[s2>>0] 1098 mov r2,r2,lsr#24 1099 1100 ldr r9,[r10,r9,lsl#2] @ Td1[s2>>16] 1101 eor r0,r0,r7,ror#16 1102 ldr r2,[r10,r2,lsl#2] @ Td0[s2>>24] 1103 and r7,lr,r3,lsr#16 @ i0 1104 eor r1,r1,r8,ror#24 1105 and r8,lr,r3,lsr#8 @ i1 1106 eor r6,r9,r6,ror#8 1107 and r9,lr,r3 @ i2 1108 ldr r7,[r10,r7,lsl#2] @ Td1[s3>>16] 1109 eor r2,r2,r5,ror#8 1110 ldr r8,[r10,r8,lsl#2] @ Td2[s3>>8] 1111 mov r3,r3,lsr#24 1112 1113 ldr r9,[r10,r9,lsl#2] @ Td3[s3>>0] 1114 eor r0,r0,r7,ror#8 1115 ldr r7,[r11],#16 1116 eor r1,r1,r8,ror#16 1117 ldr r3,[r10,r3,lsl#2] @ Td0[s3>>24] 1118 eor r2,r2,r9,ror#24 1119 1120 ldr r4,[r11,#-12] 1121 eor r0,r0,r7 1122 ldr r5,[r11,#-8] 1123 eor r3,r3,r6,ror#8 1124 ldr r6,[r11,#-4] 1125 and r7,lr,r0,lsr#16 1126 eor r1,r1,r4 1127 and r8,lr,r0,lsr#8 1128 eor r2,r2,r5 1129 and r9,lr,r0 1130 eor r3,r3,r6 1131 mov r0,r0,lsr#24 1132 1133 subs r12,r12,#1 1134 bne .Ldec_loop 1135 1136 add r10,r10,#1024 1137 1138 ldr r5,[r10,#0] @ prefetch Td4 1139 ldr r6,[r10,#32] 1140 ldr r4,[r10,#64] 1141 ldr r5,[r10,#96] 1142 ldr r6,[r10,#128] 1143 ldr r4,[r10,#160] 1144 ldr r5,[r10,#192] 1145 ldr r6,[r10,#224] 1146 1147 ldrb r0,[r10,r0] @ Td4[s0>>24] 1148 ldrb r4,[r10,r7] @ Td4[s0>>16] 1149 and r7,lr,r1 @ i0 1150 ldrb r5,[r10,r8] @ Td4[s0>>8] 1151 and r8,lr,r1,lsr#16 1152 ldrb r6,[r10,r9] @ Td4[s0>>0] 1153 and r9,lr,r1,lsr#8 1154 1155 add r1,r10,r1,lsr#24 1156 ldrb r7,[r10,r7] @ Td4[s1>>0] 1157 ldrb r1,[r1] @ Td4[s1>>24] 1158 ldrb r8,[r10,r8] @ Td4[s1>>16] 1159 eor r0,r7,r0,lsl#24 1160 ldrb r9,[r10,r9] @ Td4[s1>>8] 1161 eor r1,r4,r1,lsl#8 1162 and r7,lr,r2,lsr#8 @ i0 1163 eor r5,r5,r8,lsl#8 1164 and r8,lr,r2 @ i1 1165 ldrb r7,[r10,r7] @ Td4[s2>>8] 1166 eor r6,r6,r9,lsl#8 1167 ldrb r8,[r10,r8] @ Td4[s2>>0] 1168 and r9,lr,r2,lsr#16 1169 1170 add r2,r10,r2,lsr#24 1171 ldrb r2,[r2] @ Td4[s2>>24] 1172 eor r0,r0,r7,lsl#8 1173 ldrb r9,[r10,r9] @ Td4[s2>>16] 1174 eor r1,r8,r1,lsl#16 1175 and r7,lr,r3,lsr#16 @ i0 1176 eor r2,r5,r2,lsl#16 1177 and r8,lr,r3,lsr#8 @ i1 1178 ldrb r7,[r10,r7] @ Td4[s3>>16] 1179 eor r6,r6,r9,lsl#16 1180 ldrb r8,[r10,r8] @ Td4[s3>>8] 1181 and r9,lr,r3 @ i2 1182 1183 add r3,r10,r3,lsr#24 1184 ldrb r9,[r10,r9] @ Td4[s3>>0] 1185 ldrb r3,[r3] @ Td4[s3>>24] 1186 eor r0,r0,r7,lsl#16 1187 ldr r7,[r11,#0] 1188 eor r1,r1,r8,lsl#8 1189 ldr r4,[r11,#4] 1190 eor r2,r9,r2,lsl#8 1191 ldr r5,[r11,#8] 1192 eor r3,r6,r3,lsl#24 1193 ldr r6,[r11,#12] 1194 1195 eor r0,r0,r7 1196 eor r1,r1,r4 1197 eor r2,r2,r5 1198 eor r3,r3,r6 1199 1200 sub r10,r10,#1024 1201 ldr pc,[sp],#4 @ pop and return 1202.size _armv4_AES_decrypt,.-_armv4_AES_decrypt 1203.byte 65,69,83,32,102,111,114,32,65,82,77,118,52,44,32,67,82,89,80,84,79,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,46,111,114,103,62,0 1204.align 2 1205.align 2 1206#endif 1207