3 * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
5 * This file is part of CyaSSL.
7 * CyaSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * CyaSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
23 /* See IntelĀ® Advanced Encryption Standard (AES) Instructions Set White Paper
24 * by Intel Mobility Group, Israel Development Center, Israel Shay Gueron
28 //AES_CBC_encrypt (const unsigned char *in,
29 // unsigned char *out,
30 // unsigned char ivec[16],
31 // unsigned long length,
32 // const unsigned char *KS,
34 .globl AES_CBC_encrypt
78 aesenclast %xmm2,%xmm1
85 //AES_CBC_decrypt (const unsigned char *in,
86 // unsigned char *out,
87 // unsigned char ivec[16],
88 // unsigned long length,
89 // const unsigned char *KS,
91 .globl AES_CBC_decrypt
115 movdqu 16(%rdi), %xmm2
116 movdqu 32(%rdi), %xmm3
117 movdqu 48(%rdi), %xmm4
123 movdqa 16(%r8), %xmm10
124 movdqa 32(%r8), %xmm11
125 movdqa 48(%r8), %xmm12
143 movdqa 64(%r8), %xmm9
144 movdqa 80(%r8), %xmm10
145 movdqa 96(%r8), %xmm11
146 movdqa 112(%r8), %xmm12
163 movdqa 128(%r8), %xmm9
164 movdqa 144(%r8), %xmm10
165 movdqa 160(%r8), %xmm11
176 movdqa 160(%r8), %xmm9
177 movdqa 176(%r8), %xmm10
178 movdqa 192(%r8), %xmm11
190 movdqa 192(%r8), %xmm9
191 movdqa 208(%r8), %xmm10
192 movdqa 224(%r8), %xmm11
205 aesdeclast %xmm11, %xmm1
206 aesdeclast %xmm11, %xmm2
207 aesdeclast %xmm11, %xmm3
208 aesdeclast %xmm11, %xmm4
214 movdqu %xmm2, 16(%rsi)
215 movdqu %xmm3, 32(%rsi)
216 movdqu %xmm4, 48(%rsi)
228 movdqu 160(%r8), %xmm2
230 aesdec 16(%r8), %xmm1
231 aesdec 32(%r8), %xmm1
232 aesdec 48(%r8), %xmm1
233 aesdec 64(%r8), %xmm1
234 aesdec 80(%r8), %xmm1
235 aesdec 96(%r8), %xmm1
236 aesdec 112(%r8), %xmm1
237 aesdec 128(%r8), %xmm1
238 aesdec 144(%r8), %xmm1
240 movdqu 192(%r8), %xmm2
242 aesdec 160(%r8), %xmm1
243 aesdec 176(%r8), %xmm1
245 movdqu 224(%r8), %xmm2
246 aesdec 192(%r8), %xmm1
247 aesdec 208(%r8), %xmm1
249 aesdeclast %xmm2, %xmm1
263 //void AES_128_Key_Expansion(const unsigned char* userkey,
264 // unsigned char* key_schedule);
266 .globl AES_128_Key_Expansion
267 AES_128_Key_Expansion:
277 aeskeygenassist $1, %xmm1, %xmm2
278 call PREPARE_ROUNDKEY_128
279 movdqa %xmm1, 16(%rsi)
280 aeskeygenassist $2, %xmm1, %xmm2
281 call PREPARE_ROUNDKEY_128
282 movdqa %xmm1, 32(%rsi)
283 aeskeygenassist $4, %xmm1, %xmm2
284 call PREPARE_ROUNDKEY_128
285 movdqa %xmm1, 48(%rsi)
286 aeskeygenassist $8, %xmm1, %xmm2
287 call PREPARE_ROUNDKEY_128
288 movdqa %xmm1, 64(%rsi)
289 aeskeygenassist $16, %xmm1, %xmm2
290 call PREPARE_ROUNDKEY_128
291 movdqa %xmm1, 80(%rsi)
292 aeskeygenassist $32, %xmm1, %xmm2
293 call PREPARE_ROUNDKEY_128
294 movdqa %xmm1, 96(%rsi)
295 aeskeygenassist $64, %xmm1, %xmm2
296 call PREPARE_ROUNDKEY_128
297 movdqa %xmm1, 112(%rsi)
298 aeskeygenassist $0x80, %xmm1, %xmm2
299 call PREPARE_ROUNDKEY_128
300 movdqa %xmm1, 128(%rsi)
301 aeskeygenassist $0x1b, %xmm1, %xmm2
302 call PREPARE_ROUNDKEY_128
303 movdqa %xmm1, 144(%rsi)
304 aeskeygenassist $0x36, %xmm1, %xmm2
305 call PREPARE_ROUNDKEY_128
306 movdqa %xmm1, 160(%rsi)
309 PREPARE_ROUNDKEY_128:
310 pshufd $255, %xmm2, %xmm2
322 //void AES_192_Key_Expansion (const unsigned char *userkey,
323 // unsigned char *key)
324 .globl AES_192_Key_Expansion
325 AES_192_Key_Expansion:
330 movdqu 16(%rdi), %xmm3
334 aeskeygenassist $0x1, %xmm3, %xmm2
335 call PREPARE_ROUNDKEY_192
336 shufpd $0, %xmm1, %xmm5
337 movdqa %xmm5, 16(%rsi)
339 shufpd $1, %xmm3, %xmm6
340 movdqa %xmm6, 32(%rsi)
342 aeskeygenassist $0x2, %xmm3, %xmm2
343 call PREPARE_ROUNDKEY_192
344 movdqa %xmm1, 48(%rsi)
347 aeskeygenassist $0x4, %xmm3, %xmm2
348 call PREPARE_ROUNDKEY_192
349 shufpd $0, %xmm1, %xmm5
350 movdqa %xmm5, 64(%rsi)
352 shufpd $1, %xmm3, %xmm6
353 movdqa %xmm6, 80(%rsi)
355 aeskeygenassist $0x8, %xmm3, %xmm2
356 call PREPARE_ROUNDKEY_192
357 movdqa %xmm1, 96(%rsi)
360 aeskeygenassist $0x10, %xmm3, %xmm2
361 call PREPARE_ROUNDKEY_192
362 shufpd $0, %xmm1, %xmm5
363 movdqa %xmm5, 112(%rsi)
365 shufpd $1, %xmm3, %xmm6
366 movdqa %xmm6, 128(%rsi)
368 aeskeygenassist $0x20, %xmm3, %xmm2
369 call PREPARE_ROUNDKEY_192
370 movdqa %xmm1, 144(%rsi)
373 aeskeygenassist $0x40, %xmm3, %xmm2
374 call PREPARE_ROUNDKEY_192
375 shufpd $0, %xmm1, %xmm5
376 movdqa %xmm5, 160(%rsi)
378 shufpd $1, %xmm3, %xmm6
379 movdqa %xmm6, 176(%rsi)
381 aeskeygenassist $0x80, %xmm3, %xmm2
382 call PREPARE_ROUNDKEY_192
383 movdqa %xmm1, 192(%rsi)
384 movdqa %xmm3, 208(%rsi)
387 PREPARE_ROUNDKEY_192:
388 pshufd $0x55, %xmm2, %xmm2
398 pshufd $0xff, %xmm1, %xmm2
406 //void AES_256_Key_Expansion (const unsigned char *userkey,
407 // unsigned char *key)
408 .globl AES_256_Key_Expansion
409 AES_256_Key_Expansion:
414 movdqu 16(%rdi), %xmm3
416 movdqa %xmm3, 16(%rsi)
418 aeskeygenassist $0x1, %xmm3, %xmm2
420 movdqa %xmm1, 32(%rsi)
421 aeskeygenassist $0x0, %xmm1, %xmm2
423 movdqa %xmm3, 48(%rsi)
424 aeskeygenassist $0x2, %xmm3, %xmm2
426 movdqa %xmm1, 64(%rsi)
427 aeskeygenassist $0x0, %xmm1, %xmm2
429 movdqa %xmm3, 80(%rsi)
430 aeskeygenassist $0x4, %xmm3, %xmm2
432 movdqa %xmm1, 96(%rsi)
433 aeskeygenassist $0x0, %xmm1, %xmm2
435 movdqa %xmm3, 112(%rsi)
436 aeskeygenassist $0x8, %xmm3, %xmm2
438 movdqa %xmm1, 128(%rsi)
439 aeskeygenassist $0x0, %xmm1, %xmm2
441 movdqa %xmm3, 144(%rsi)
442 aeskeygenassist $0x10, %xmm3, %xmm2
444 movdqa %xmm1, 160(%rsi)
445 aeskeygenassist $0x0, %xmm1, %xmm2
447 movdqa %xmm3, 176(%rsi)
448 aeskeygenassist $0x20, %xmm3, %xmm2
450 movdqa %xmm1, 192(%rsi)
452 aeskeygenassist $0x0, %xmm1, %xmm2
454 movdqa %xmm3, 208(%rsi)
455 aeskeygenassist $0x40, %xmm3, %xmm2
457 movdqa %xmm1, 224(%rsi)
462 pshufd $0xff, %xmm2, %xmm2
474 pshufd $0xaa, %xmm2, %xmm2