Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/arch/x86/crypto/twofish-i586-asm_32.S
170899 views
1
/* SPDX-License-Identifier: GPL-2.0-or-later */

2
/***************************************************************************

3
*   Copyright (C) 2006 by Joachim Fritschi, <[email protected]>        *

4
*                                                                         *

5
***************************************************************************/

6


7
.file "twofish-i586-asm.S"

8
.text

9


10
#include <linux/linkage.h>

11
#include <asm/asm-offsets.h>

12


13
/* return address at 0 */

14


15
#define in_blk    12  /* input byte array address parameter*/

16
#define out_blk   8  /* output byte array address parameter*/

17
#define ctx       4  /* Twofish context structure */

18


19
#define a_offset	0

20
#define b_offset	4

21
#define c_offset	8

22
#define d_offset	12

23


24
/* Structure of the crypto context struct*/

25


26
#define s0	0	/* S0 Array 256 Words each */

27
#define s1	1024	/* S1 Array */

28
#define s2	2048	/* S2 Array */

29
#define s3	3072	/* S3 Array */

30
#define w	4096	/* 8 whitening keys (word) */

31
#define k	4128	/* key 1-32 ( word ) */

32


33
/* define a few register aliases to allow macro substitution */

34


35
#define R0D    %eax

36
#define R0B    %al

37
#define R0H    %ah

38


39
#define R1D    %ebx

40
#define R1B    %bl

41
#define R1H    %bh

42


43
#define R2D    %ecx

44
#define R2B    %cl

45
#define R2H    %ch

46


47
#define R3D    %edx

48
#define R3B    %dl

49
#define R3H    %dh

50


51


52
/* performs input whitening */

53
#define input_whitening(src,context,offset)\

54
	xor	w+offset(context),	src;

55


56
/* performs input whitening */

57
#define output_whitening(src,context,offset)\

58
	xor	w+16+offset(context),	src;

59


60
/*

61
 * a input register containing a (rotated 16)

62
 * b input register containing b

63
 * c input register containing c

64
 * d input register containing d (already rol $1)

65
 * operations on a and b are interleaved to increase performance

66
 */

67
#define encrypt_round(a,b,c,d,round)\

68
	push	d ## D;\

69
	movzx	b ## B,		%edi;\

70
	mov	s1(%ebp,%edi,4),d ## D;\

71
	movzx	a ## B,		%edi;\

72
	mov	s2(%ebp,%edi,4),%esi;\

73
	movzx	b ## H,		%edi;\

74
	ror	$16,		b ## D;\

75
	xor	s2(%ebp,%edi,4),d ## D;\

76
	movzx	a ## H,		%edi;\

77
	ror	$16,		a ## D;\

78
	xor	s3(%ebp,%edi,4),%esi;\

79
	movzx	b ## B,		%edi;\

80
	xor	s3(%ebp,%edi,4),d ## D;\

81
	movzx	a ## B,		%edi;\

82
	xor	(%ebp,%edi,4),	%esi;\

83
	movzx	b ## H,		%edi;\

84
	ror	$15,		b ## D;\

85
	xor	(%ebp,%edi,4),	d ## D;\

86
	movzx	a ## H,		%edi;\

87
	xor	s1(%ebp,%edi,4),%esi;\

88
	pop	%edi;\

89
	add	d ## D,		%esi;\

90
	add	%esi,		d ## D;\

91
	add	k+round(%ebp),	%esi;\

92
	xor	%esi,		c ## D;\

93
	rol	$15,		c ## D;\

94
	add	k+4+round(%ebp),d ## D;\

95
	xor	%edi,		d ## D;

96


97
/*

98
 * a input register containing a (rotated 16)

99
 * b input register containing b

100
 * c input register containing c

101
 * d input register containing d (already rol $1)

102
 * operations on a and b are interleaved to increase performance

103
 * last round has different rotations for the output preparation

104
 */

105
#define encrypt_last_round(a,b,c,d,round)\

106
	push	d ## D;\

107
	movzx	b ## B,		%edi;\

108
	mov	s1(%ebp,%edi,4),d ## D;\

109
	movzx	a ## B,		%edi;\

110
	mov	s2(%ebp,%edi,4),%esi;\

111
	movzx	b ## H,		%edi;\

112
	ror	$16,		b ## D;\

113
	xor	s2(%ebp,%edi,4),d ## D;\

114
	movzx	a ## H,		%edi;\

115
	ror	$16,		a ## D;\

116
	xor	s3(%ebp,%edi,4),%esi;\

117
	movzx	b ## B,		%edi;\

118
	xor	s3(%ebp,%edi,4),d ## D;\

119
	movzx	a ## B,		%edi;\

120
	xor	(%ebp,%edi,4),	%esi;\

121
	movzx	b ## H,		%edi;\

122
	ror	$16,		b ## D;\

123
	xor	(%ebp,%edi,4),	d ## D;\

124
	movzx	a ## H,		%edi;\

125
	xor	s1(%ebp,%edi,4),%esi;\

126
	pop	%edi;\

127
	add	d ## D,		%esi;\

128
	add	%esi,		d ## D;\

129
	add	k+round(%ebp),	%esi;\

130
	xor	%esi,		c ## D;\

131
	ror	$1,		c ## D;\

132
	add	k+4+round(%ebp),d ## D;\

133
	xor	%edi,		d ## D;

134


135
/*

136
 * a input register containing a

137
 * b input register containing b (rotated 16)

138
 * c input register containing c

139
 * d input register containing d (already rol $1)

140
 * operations on a and b are interleaved to increase performance

141
 */

142
#define decrypt_round(a,b,c,d,round)\

143
	push	c ## D;\

144
	movzx	a ## B,		%edi;\

145
	mov	(%ebp,%edi,4),	c ## D;\

146
	movzx	b ## B,		%edi;\

147
	mov	s3(%ebp,%edi,4),%esi;\

148
	movzx	a ## H,		%edi;\

149
	ror	$16,		a ## D;\

150
	xor	s1(%ebp,%edi,4),c ## D;\

151
	movzx	b ## H,		%edi;\

152
	ror	$16,		b ## D;\

153
	xor	(%ebp,%edi,4),	%esi;\

154
	movzx	a ## B,		%edi;\

155
	xor	s2(%ebp,%edi,4),c ## D;\

156
	movzx	b ## B,		%edi;\

157
	xor	s1(%ebp,%edi,4),%esi;\

158
	movzx	a ## H,		%edi;\

159
	ror	$15,		a ## D;\

160
	xor	s3(%ebp,%edi,4),c ## D;\

161
	movzx	b ## H,		%edi;\

162
	xor	s2(%ebp,%edi,4),%esi;\

163
	pop	%edi;\

164
	add	%esi,		c ## D;\

165
	add	c ## D,		%esi;\

166
	add	k+round(%ebp),	c ## D;\

167
	xor	%edi,		c ## D;\

168
	add	k+4+round(%ebp),%esi;\

169
	xor	%esi,		d ## D;\

170
	rol	$15,		d ## D;

171


172
/*

173
 * a input register containing a

174
 * b input register containing b (rotated 16)

175
 * c input register containing c

176
 * d input register containing d (already rol $1)

177
 * operations on a and b are interleaved to increase performance

178
 * last round has different rotations for the output preparation

179
 */

180
#define decrypt_last_round(a,b,c,d,round)\

181
	push	c ## D;\

182
	movzx	a ## B,		%edi;\

183
	mov	(%ebp,%edi,4),	c ## D;\

184
	movzx	b ## B,		%edi;\

185
	mov	s3(%ebp,%edi,4),%esi;\

186
	movzx	a ## H,		%edi;\

187
	ror	$16,		a ## D;\

188
	xor	s1(%ebp,%edi,4),c ## D;\

189
	movzx	b ## H,		%edi;\

190
	ror	$16,		b ## D;\

191
	xor	(%ebp,%edi,4),	%esi;\

192
	movzx	a ## B,		%edi;\

193
	xor	s2(%ebp,%edi,4),c ## D;\

194
	movzx	b ## B,		%edi;\

195
	xor	s1(%ebp,%edi,4),%esi;\

196
	movzx	a ## H,		%edi;\

197
	ror	$16,		a ## D;\

198
	xor	s3(%ebp,%edi,4),c ## D;\

199
	movzx	b ## H,		%edi;\

200
	xor	s2(%ebp,%edi,4),%esi;\

201
	pop	%edi;\

202
	add	%esi,		c ## D;\

203
	add	c ## D,		%esi;\

204
	add	k+round(%ebp),	c ## D;\

205
	xor	%edi,		c ## D;\

206
	add	k+4+round(%ebp),%esi;\

207
	xor	%esi,		d ## D;\

208
	ror	$1,		d ## D;

209


210
SYM_FUNC_START(twofish_enc_blk)

211
	push	%ebp			/* save registers according to calling convention*/

212
	push    %ebx

213
	push    %esi

214
	push    %edi

215


216
	mov	ctx + 16(%esp),	%ebp	/* abuse the base pointer: set new base

217
					 * pointer to the ctx address */

218
	mov     in_blk+16(%esp),%edi	/* input address in edi */

219


220
	mov	(%edi),		%eax

221
	mov	b_offset(%edi),	%ebx

222
	mov	c_offset(%edi),	%ecx

223
	mov	d_offset(%edi),	%edx

224
	input_whitening(%eax,%ebp,a_offset)

225
	ror	$16,	%eax

226
	input_whitening(%ebx,%ebp,b_offset)

227
	input_whitening(%ecx,%ebp,c_offset)

228
	input_whitening(%edx,%ebp,d_offset)

229
	rol	$1,	%edx

230


231
	encrypt_round(R0,R1,R2,R3,0);

232
	encrypt_round(R2,R3,R0,R1,8);

233
	encrypt_round(R0,R1,R2,R3,2*8);

234
	encrypt_round(R2,R3,R0,R1,3*8);

235
	encrypt_round(R0,R1,R2,R3,4*8);

236
	encrypt_round(R2,R3,R0,R1,5*8);

237
	encrypt_round(R0,R1,R2,R3,6*8);

238
	encrypt_round(R2,R3,R0,R1,7*8);

239
	encrypt_round(R0,R1,R2,R3,8*8);

240
	encrypt_round(R2,R3,R0,R1,9*8);

241
	encrypt_round(R0,R1,R2,R3,10*8);

242
	encrypt_round(R2,R3,R0,R1,11*8);

243
	encrypt_round(R0,R1,R2,R3,12*8);

244
	encrypt_round(R2,R3,R0,R1,13*8);

245
	encrypt_round(R0,R1,R2,R3,14*8);

246
	encrypt_last_round(R2,R3,R0,R1,15*8);

247


248
	output_whitening(%eax,%ebp,c_offset)

249
	output_whitening(%ebx,%ebp,d_offset)

250
	output_whitening(%ecx,%ebp,a_offset)

251
	output_whitening(%edx,%ebp,b_offset)

252
	mov	out_blk+16(%esp),%edi;

253
	mov	%eax,		c_offset(%edi)

254
	mov	%ebx,		d_offset(%edi)

255
	mov	%ecx,		(%edi)

256
	mov	%edx,		b_offset(%edi)

257


258
	pop	%edi

259
	pop	%esi

260
	pop	%ebx

261
	pop	%ebp

262
	mov	$1,	%eax

263
	RET

264
SYM_FUNC_END(twofish_enc_blk)

265


266
SYM_FUNC_START(twofish_dec_blk)

267
	push	%ebp			/* save registers according to calling convention*/

268
	push    %ebx

269
	push    %esi

270
	push    %edi

271


272


273
	mov	ctx + 16(%esp),	%ebp	/* abuse the base pointer: set new base

274
					 * pointer to the ctx address */

275
	mov     in_blk+16(%esp),%edi	/* input address in edi */

276


277
	mov	(%edi),		%eax

278
	mov	b_offset(%edi),	%ebx

279
	mov	c_offset(%edi),	%ecx

280
	mov	d_offset(%edi),	%edx

281
	output_whitening(%eax,%ebp,a_offset)

282
	output_whitening(%ebx,%ebp,b_offset)

283
	ror	$16,	%ebx

284
	output_whitening(%ecx,%ebp,c_offset)

285
	output_whitening(%edx,%ebp,d_offset)

286
	rol	$1,	%ecx

287


288
	decrypt_round(R0,R1,R2,R3,15*8);

289
	decrypt_round(R2,R3,R0,R1,14*8);

290
	decrypt_round(R0,R1,R2,R3,13*8);

291
	decrypt_round(R2,R3,R0,R1,12*8);

292
	decrypt_round(R0,R1,R2,R3,11*8);

293
	decrypt_round(R2,R3,R0,R1,10*8);

294
	decrypt_round(R0,R1,R2,R3,9*8);

295
	decrypt_round(R2,R3,R0,R1,8*8);

296
	decrypt_round(R0,R1,R2,R3,7*8);

297
	decrypt_round(R2,R3,R0,R1,6*8);

298
	decrypt_round(R0,R1,R2,R3,5*8);

299
	decrypt_round(R2,R3,R0,R1,4*8);

300
	decrypt_round(R0,R1,R2,R3,3*8);

301
	decrypt_round(R2,R3,R0,R1,2*8);

302
	decrypt_round(R0,R1,R2,R3,1*8);

303
	decrypt_last_round(R2,R3,R0,R1,0);

304


305
	input_whitening(%eax,%ebp,c_offset)

306
	input_whitening(%ebx,%ebp,d_offset)

307
	input_whitening(%ecx,%ebp,a_offset)

308
	input_whitening(%edx,%ebp,b_offset)

309
	mov	out_blk+16(%esp),%edi;

310
	mov	%eax,		c_offset(%edi)

311
	mov	%ebx,		d_offset(%edi)

312
	mov	%ecx,		(%edi)

313
	mov	%edx,		b_offset(%edi)

314


315
	pop	%edi

316
	pop	%esi

317
	pop	%ebx

318
	pop	%ebp

319
	mov	$1,	%eax

320
	RET

321
SYM_FUNC_END(twofish_dec_blk)

322


323