3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * File: serpent_sboxes.S
24 * License: GPLv3 or later
25 * Description: Implementation of the serpent sbox function.
30 #include "avr-asm-macros.S"
33 static void serpent_lt(uint8_t *b){
119 /* X3 ^= X2 ^ (X0 << 3); */
140 /* X1 = rotl32(X1, 1); */
147 /* X3 = rotl32(X3, 7); */
167 /* X2 ^= X3 ^ (X1 << 7); */
185 /* X0 = rotl32(X0, 5); */
196 /* X2 = rotr32(X2, 10); */
230 /* rotate the data word (4 byte) pointed to by X by r20 bits to the right */
251 /* rotate the data word (4 byte) pointed to by X by r20 bits to the left */
272 /* xor the dataword (4 byte) pointed by Z into X */
285 /* X0 := X0 <<< 13 */
353 /* T := T>>>1; T&=0xfffffff8 */
368 /* X3 := X3 >>> 10 */
381 /* X2 := X2 <<< 10 */
458 /* X0 := X0 >>> 13 */
467 #define GOLDEN_RATIO 0x9e3779b9l
469 static uint32_t serpent_gen_w(uint32_t * b, uint8_t i){
471 ret = b[0] ^ b[3] ^ b[5] ^ b[7] ^ GOLDEN_RATIO ^ (uint32_t)i;
472 ret = rotl32(ret, 11);
477 * param b is passed in r24:r25
478 * param i is passed in r22
479 * return value is returned in r22.r23.r24.r25
492 /* ^b[3]^b[5]^[b7] */
535 * void serpent_init(const void *key, uint16_t keysize_b, serpent_ctx_t *ctx)
538 * param key is passed in r24:r25
539 * param keysize is passed in r22:r23
540 * param ctx is passed in r20:r21
559 bst r22, 5 /* store in T if we have to do the "append 1 thing"*/
561 3: /* set buffer to zero */
566 movw r26, r24 /* X points to the key */
569 breq 5f /* if keylength_b==0 */
570 4: /* copy keybytes to buffer */
576 brts 7f /* if keylength_b == 256 */
582 6: /* shift the one to the right position */
588 7: /* post "appending 1 thing" buffer is ready for subkey generation */
589 movw r26, r20 /* X points to the context */
591 pop_ r19, r18 /* r18:r19 points to the buffer */
605 /* store new word in buffer and context */
637 * void serpent_enc(void *buffer, const serpent_ctx_t *ctx){
640 * param buffer is passed in r24:r25
641 * param ctx is passed in r22:r23
646 push_ r12, r13, r14, r15, r16
684 pop_ r16, r15, r14, r13, r12
688 * void serpent_dec(void *buffer, const serpent_ctx_t *ctx){
691 * param buffer is passed in r24:r25
692 * param ctx is passed in r22:r23
696 push_ r12, r13, r14, r15, r16
698 // ldi r16, lo8(32*16)
736 pop_ r16, r15, r14, r13, r12