1 C nettle, low-level cryptographics library
3 C Copyright (C) 2013 Niels Möller
5 C The nettle library is free software; you can redistribute it and/or modify
6 C it under the terms of the GNU Lesser General Public License as published by
7 C the Free Software Foundation; either version 2.1 of the License, or (at your
8 C option) any later version.
10 C The nettle library is distributed in the hope that it will be useful, but
11 C WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 C or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
13 C License for more details.
15 C You should have received a copy of the GNU Lesser General Public License
16 C along with the nettle library; see the file COPYING.LIB. If not, write to
17 C the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
20 include_src(<arm/aes.m4>)
22 C Benchmarked at at 785, 914, 1051 cycles/block on cortex A9,
23 C for 128, 192 and 256 bit key sizes. Unclear why it is slower
28 define(<LENGTH>, <r2>)
38 define(<ROUND>, <r11>)
40 define(<X0>, <r2>) C Overlaps LENGTH, SRC, DST
43 define(<X3>, <r14>) C lr
46 .file "aes-decrypt-internal.asm"
48 C _aes_decrypt(struct aes_context *ctx,
49 C const struct aes_table *T,
50 C unsigned length, uint8_t *dst,
54 PROLOGUE(_nettle_aes_decrypt)
59 push {r4,r5,r6,r7,r8,r10,r11,lr}
67 push {LENGTH, DST, SRC}
68 ldr ROUND, [CTX, #+AES_NROUNDS]
69 add TABLE, TABLE, #AES_TABLE0
75 AES_DECRYPT_ROUND(X0, X1, X2, X3, W0, W1, W2, W3, KEY)
80 AES_DECRYPT_ROUND(W0, W1, W2, W3, X0, X1, X2, X3, KEY)
84 sub TABLE, TABLE, #AES_TABLE0
86 AES_FINAL_ROUND(X0, X3, X2, X1, KEY, W0)
87 AES_FINAL_ROUND(X1, X0, X3, X2, KEY, W1)
88 AES_FINAL_ROUND(X2, X1, X0, X3, KEY, W2)
89 AES_FINAL_ROUND(X3, X2, X1, X0, KEY, W3)
91 pop {LENGTH, DST, SRC}
98 subs LENGTH, LENGTH, #16
101 pop {r4,r5,r6,r7,r8,r10,r11,pc}
105 EPILOGUE(_nettle_aes_decrypt)