2014-02-10 11:26:29 +01:00
/ *
* aesce- c c m - c o r e . S - A E S - C C M t r a n s f o r m f o r A R M v8 w i t h C r y p t o E x t e n s i o n s
*
2017-07-24 11:28:10 +01:00
* Copyright ( C ) 2 0 1 3 - 2 0 1 7 L i n a r o L t d < a r d . b i e s h e u v e l @linaro.org>
2014-02-10 11:26:29 +01:00
*
* This p r o g r a m i s f r e e s o f t w a r e ; you can redistribute it and/or modify
* it u n d e r t h e t e r m s o f t h e G N U G e n e r a l P u b l i c L i c e n s e v e r s i o n 2 a s
* published b y t h e F r e e S o f t w a r e F o u n d a t i o n .
* /
# include < l i n u x / l i n k a g e . h >
2016-10-11 19:15:17 +01:00
# include < a s m / a s s e m b l e r . h >
2014-02-10 11:26:29 +01:00
.text
.arch armv8 - a + c r y p t o
/ *
* void c e _ a e s _ c c m _ a u t h _ d a t a ( u 8 m a c [ ] , u 8 c o n s t i n [ ] , u 3 2 a b y t e s ,
* u3 2 * m a c p , u 8 c o n s t r k [ ] , u 3 2 r o u n d s ) ;
* /
ENTRY( c e _ a e s _ c c m _ a u t h _ d a t a )
2018-04-30 18:18:23 +02:00
frame_ p u s h 7
mov x19 , x0
mov x20 , x1
mov x21 , x2
mov x22 , x3
mov x23 , x4
mov x24 , x5
ldr w25 , [ x22 ] / * l e f t o v e r f r o m p r e v r o u n d ? * /
2016-10-11 19:15:17 +01:00
ld1 { v0 . 1 6 b } , [ x0 ] / * l o a d m a c * /
2018-04-30 18:18:23 +02:00
cbz w25 , 1 f
sub w25 , w25 , #16
2014-02-10 11:26:29 +01:00
eor v1 . 1 6 b , v1 . 1 6 b , v1 . 1 6 b
2018-04-30 18:18:23 +02:00
0 : ldrb w7 , [ x20 ] , #1 / * g e t 1 b y t e o f i n p u t * /
subs w21 , w21 , #1
add w25 , w25 , #1
2014-02-10 11:26:29 +01:00
ins v1 . b [ 0 ] , w7
ext v1 . 1 6 b , v1 . 1 6 b , v1 . 1 6 b , #1 / * r o t a t e i n t h e i n p u t b y t e s * /
beq 8 f / * o u t o f i n p u t ? * /
2018-04-30 18:18:23 +02:00
cbnz w25 , 0 b
2014-02-10 11:26:29 +01:00
eor v0 . 1 6 b , v0 . 1 6 b , v1 . 1 6 b
2018-04-30 18:18:23 +02:00
1 : ld1 { v3 . 4 s } , [ x23 ] / * l o a d f i r s t r o u n d k e y * /
prfm p l d l 1 s t r m , [ x20 ]
cmp w24 , #12 / * w h i c h k e y s i z e ? * /
add x6 , x23 , #16
sub w7 , w24 , #2 / * m o d i f i e d # o f r o u n d s * /
2014-02-10 11:26:29 +01:00
bmi 2 f
bne 5 f
mov v5 . 1 6 b , v3 . 1 6 b
b 4 f
2 : mov v4 . 1 6 b , v3 . 1 6 b
2017-07-24 11:28:10 +01:00
ld1 { v5 . 4 s } , [ x6 ] , #16 / * l o a d 2 n d r o u n d k e y * /
2014-02-10 11:26:29 +01:00
3 : aese v0 . 1 6 b , v4 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2017-07-24 11:28:10 +01:00
4 : ld1 { v3 . 4 s } , [ x6 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
aese v0 . 1 6 b , v5 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2017-07-24 11:28:10 +01:00
5 : ld1 { v4 . 4 s } , [ x6 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
subs w7 , w7 , #3
aese v0 . 1 6 b , v3 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2017-07-24 11:28:10 +01:00
ld1 { v5 . 4 s } , [ x6 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
bpl 3 b
aese v0 . 1 6 b , v4 . 1 6 b
2018-04-30 18:18:23 +02:00
subs w21 , w21 , #16 / * l a s t d a t a ? * /
2014-02-10 11:26:29 +01:00
eor v0 . 1 6 b , v0 . 1 6 b , v5 . 1 6 b / * f i n a l r o u n d * /
bmi 6 f
2018-04-30 18:18:23 +02:00
ld1 { v1 . 1 6 b } , [ x20 ] , #16 / * l o a d n e x t i n p u t b l o c k * /
2014-02-10 11:26:29 +01:00
eor v0 . 1 6 b , v0 . 1 6 b , v1 . 1 6 b / * x o r w i t h m a c * /
2018-04-30 18:18:23 +02:00
beq 6 f
if_ w i l l _ c o n d _ y i e l d _ n e o n
st1 { v0 . 1 6 b } , [ x19 ] / * s t o r e m a c * /
do_ c o n d _ y i e l d _ n e o n
ld1 { v0 . 1 6 b } , [ x19 ] / * r e l o a d m a c * /
endif_ y i e l d _ n e o n
b 1 b
6 : st1 { v0 . 1 6 b } , [ x19 ] / * s t o r e m a c * /
2014-02-10 11:26:29 +01:00
beq 1 0 f
2018-04-30 18:18:23 +02:00
adds w21 , w21 , #16
2014-02-10 11:26:29 +01:00
beq 1 0 f
2018-04-30 18:18:23 +02:00
mov w25 , w21
7 : ldrb w7 , [ x20 ] , #1
2014-02-10 11:26:29 +01:00
umov w6 , v0 . b [ 0 ]
eor w6 , w6 , w7
2018-04-30 18:18:23 +02:00
strb w6 , [ x19 ] , #1
subs w21 , w21 , #1
2014-02-10 11:26:29 +01:00
beq 1 0 f
ext v0 . 1 6 b , v0 . 1 6 b , v0 . 1 6 b , #1 / * r o t a t e o u t t h e m a c b y t e s * /
b 7 b
2018-04-30 18:18:23 +02:00
8 : mov w7 , w25
add w25 , w25 , #16
2014-02-10 11:26:29 +01:00
9 : ext v1 . 1 6 b , v1 . 1 6 b , v1 . 1 6 b , #1
adds w7 , w7 , #1
bne 9 b
eor v0 . 1 6 b , v0 . 1 6 b , v1 . 1 6 b
2018-04-30 18:18:23 +02:00
st1 { v0 . 1 6 b } , [ x19 ]
10 : str w25 , [ x22 ]
frame_ p o p
2014-02-10 11:26:29 +01:00
ret
ENDPROC( c e _ a e s _ c c m _ a u t h _ d a t a )
/ *
* void c e _ a e s _ c c m _ f i n a l ( u 8 m a c [ ] , u 8 c o n s t c t r [ ] , u 8 c o n s t r k [ ] ,
* u3 2 r o u n d s ) ;
* /
ENTRY( c e _ a e s _ c c m _ f i n a l )
2017-07-24 11:28:10 +01:00
ld1 { v3 . 4 s } , [ x2 ] , #16 / * l o a d f i r s t r o u n d k e y * /
2016-10-11 19:15:17 +01:00
ld1 { v0 . 1 6 b } , [ x0 ] / * l o a d m a c * /
2014-02-10 11:26:29 +01:00
cmp w3 , #12 / * w h i c h k e y s i z e ? * /
sub w3 , w3 , #2 / * m o d i f i e d # o f r o u n d s * /
2016-10-11 19:15:17 +01:00
ld1 { v1 . 1 6 b } , [ x1 ] / * l o a d 1 s t c t r i v * /
2014-02-10 11:26:29 +01:00
bmi 0 f
bne 3 f
mov v5 . 1 6 b , v3 . 1 6 b
b 2 f
0 : mov v4 . 1 6 b , v3 . 1 6 b
2017-07-24 11:28:10 +01:00
1 : ld1 { v5 . 4 s } , [ x2 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
aese v0 . 1 6 b , v4 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v4 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
2017-07-24 11:28:10 +01:00
2 : ld1 { v3 . 4 s } , [ x2 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
aese v0 . 1 6 b , v5 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v5 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
2017-07-24 11:28:10 +01:00
3 : ld1 { v4 . 4 s } , [ x2 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
subs w3 , w3 , #3
aese v0 . 1 6 b , v3 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v3 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
bpl 1 b
aese v0 . 1 6 b , v4 . 1 6 b
aese v1 . 1 6 b , v4 . 1 6 b
/* final round key cancels out */
eor v0 . 1 6 b , v0 . 1 6 b , v1 . 1 6 b / * e n - / d e c r y p t t h e m a c * /
2016-10-11 19:15:17 +01:00
st1 { v0 . 1 6 b } , [ x0 ] / * s t o r e r e s u l t * /
2014-02-10 11:26:29 +01:00
ret
ENDPROC( c e _ a e s _ c c m _ f i n a l )
.macro aes_ c c m _ d o _ c r y p t ,e n c
2018-04-30 18:18:23 +02:00
frame_ p u s h 8
mov x19 , x0
mov x20 , x1
mov x21 , x2
mov x22 , x3
mov x23 , x4
mov x24 , x5
mov x25 , x6
ldr x26 , [ x25 , #8 ] / * l o a d l o w e r c t r * /
ld1 { v0 . 1 6 b } , [ x24 ] / * l o a d m a c * /
CPU_ L E ( r e v x26 , x26 ) / * k e e p s w a b b e d c t r i n r e g * /
2014-02-10 11:26:29 +01:00
0 : /* outer loop */
2018-04-30 18:18:23 +02:00
ld1 { v1 . 8 b } , [ x25 ] / * l o a d u p p e r c t r * /
prfm p l d l 1 s t r m , [ x20 ]
add x26 , x26 , #1
rev x9 , x26
cmp w23 , #12 / * w h i c h k e y s i z e ? * /
sub w7 , w23 , #2 / * g e t m o d i f i e d # o f r o u n d s * /
2014-02-10 11:26:29 +01:00
ins v1 . d [ 1 ] , x9 / * n o c a r r y i n l o w e r c t r * /
2018-04-30 18:18:23 +02:00
ld1 { v3 . 4 s } , [ x22 ] / * l o a d f i r s t r o u n d k e y * /
add x10 , x22 , #16
2014-02-10 11:26:29 +01:00
bmi 1 f
bne 4 f
mov v5 . 1 6 b , v3 . 1 6 b
b 3 f
1 : mov v4 . 1 6 b , v3 . 1 6 b
2017-07-24 11:28:10 +01:00
ld1 { v5 . 4 s } , [ x10 ] , #16 / * l o a d 2 n d r o u n d k e y * /
2014-02-10 11:26:29 +01:00
2 : /* inner loop: 3 rounds, 2x interleaved */
aese v0 . 1 6 b , v4 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v4 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
2017-07-24 11:28:10 +01:00
3 : ld1 { v3 . 4 s } , [ x10 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
aese v0 . 1 6 b , v5 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v5 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
2017-07-24 11:28:10 +01:00
4 : ld1 { v4 . 4 s } , [ x10 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
subs w7 , w7 , #3
aese v0 . 1 6 b , v3 . 1 6 b
aesmc v0 . 1 6 b , v0 . 1 6 b
2015-03-17 18:05:13 +00:00
aese v1 . 1 6 b , v3 . 1 6 b
2014-02-10 11:26:29 +01:00
aesmc v1 . 1 6 b , v1 . 1 6 b
2017-07-24 11:28:10 +01:00
ld1 { v5 . 4 s } , [ x10 ] , #16 / * l o a d n e x t r o u n d k e y * /
2014-02-10 11:26:29 +01:00
bpl 2 b
aese v0 . 1 6 b , v4 . 1 6 b
aese v1 . 1 6 b , v4 . 1 6 b
2018-04-30 18:18:23 +02:00
subs w21 , w21 , #16
bmi 7 f / * p a r t i a l b l o c k ? * /
ld1 { v2 . 1 6 b } , [ x20 ] , #16 / * l o a d n e x t i n p u t b l o c k * /
2014-02-10 11:26:29 +01:00
.if \ enc = = 1
eor v2 . 1 6 b , v2 . 1 6 b , v5 . 1 6 b / * f i n a l r o u n d e n c + m a c * /
eor v1 . 1 6 b , v1 . 1 6 b , v2 . 1 6 b / * x o r w i t h c r y p t e d c t r * /
.else
eor v2 . 1 6 b , v2 . 1 6 b , v1 . 1 6 b / * x o r w i t h c r y p t e d c t r * /
eor v1 . 1 6 b , v2 . 1 6 b , v5 . 1 6 b / * f i n a l r o u n d e n c * /
.endif
eor v0 . 1 6 b , v0 . 1 6 b , v2 . 1 6 b / * x o r m a c w i t h p t ^ r k [ l a s t ] * /
2018-04-30 18:18:23 +02:00
st1 { v1 . 1 6 b } , [ x19 ] , #16 / * w r i t e o u t p u t b l o c k * /
beq 5 f
if_ w i l l _ c o n d _ y i e l d _ n e o n
st1 { v0 . 1 6 b } , [ x24 ] / * s t o r e m a c * /
do_ c o n d _ y i e l d _ n e o n
ld1 { v0 . 1 6 b } , [ x24 ] / * r e l o a d m a c * /
endif_ y i e l d _ n e o n
b 0 b
5 :
CPU_ L E ( r e v x26 , x26 )
st1 { v0 . 1 6 b } , [ x24 ] / * s t o r e m a c * /
str x26 , [ x25 , #8 ] / * s t o r e l s b e n d o f c t r ( B E ) * /
6 : frame_ p o p
ret
7 : eor v0 . 1 6 b , v0 . 1 6 b , v5 . 1 6 b / * f i n a l r o u n d m a c * /
2014-02-10 11:26:29 +01:00
eor v1 . 1 6 b , v1 . 1 6 b , v5 . 1 6 b / * f i n a l r o u n d e n c * /
2018-04-30 18:18:23 +02:00
st1 { v0 . 1 6 b } , [ x24 ] / * s t o r e m a c * /
add w21 , w21 , #16 / * p r o c e s s p a r t i a l t a i l b l o c k * /
8 : ldrb w9 , [ x20 ] , #1 / * g e t 1 b y t e o f i n p u t * /
2014-02-10 11:26:29 +01:00
umov w6 , v1 . b [ 0 ] / * g e t t o p c r y p t e d c t r b y t e * /
umov w7 , v0 . b [ 0 ] / * g e t t o p m a c b y t e * /
.if \ enc = = 1
eor w7 , w7 , w9
eor w9 , w9 , w6
.else
eor w9 , w9 , w6
eor w7 , w7 , w9
.endif
2018-04-30 18:18:23 +02:00
strb w9 , [ x19 ] , #1 / * s t o r e o u t b y t e * /
strb w7 , [ x24 ] , #1 / * s t o r e m a c b y t e * /
subs w21 , w21 , #1
beq 6 b
2014-02-10 11:26:29 +01:00
ext v0 . 1 6 b , v0 . 1 6 b , v0 . 1 6 b , #1 / * s h i f t o u t m a c b y t e * /
ext v1 . 1 6 b , v1 . 1 6 b , v1 . 1 6 b , #1 / * s h i f t o u t c t r b y t e * /
2018-04-30 18:18:23 +02:00
b 8 b
2014-02-10 11:26:29 +01:00
.endm
/ *
* void c e _ a e s _ c c m _ e n c r y p t ( u 8 o u t [ ] , u 8 c o n s t i n [ ] , u 3 2 c b y t e s ,
* u8 c o n s t r k [ ] , u 3 2 r o u n d s , u 8 m a c [ ] ,
* u8 c t r [ ] ) ;
* void c e _ a e s _ c c m _ d e c r y p t ( u 8 o u t [ ] , u 8 c o n s t i n [ ] , u 3 2 c b y t e s ,
* u8 c o n s t r k [ ] , u 3 2 r o u n d s , u 8 m a c [ ] ,
* u8 c t r [ ] ) ;
* /
ENTRY( c e _ a e s _ c c m _ e n c r y p t )
aes_ c c m _ d o _ c r y p t 1
ENDPROC( c e _ a e s _ c c m _ e n c r y p t )
ENTRY( c e _ a e s _ c c m _ d e c r y p t )
aes_ c c m _ d o _ c r y p t 0
ENDPROC( c e _ a e s _ c c m _ d e c r y p t )