\op \p\()\d, \q\()\z
.endm
-.global bigendian_rotl32
; === bigendian_rotl32 ===
; this function rotates a 32bit bigendian word n bits to the left
; param1: the 32-bit value
; given in r25,r24,r23,r22
bigendian_rotl32:
- in r0, _SFR_IO_ADDR(SREG)
/* copy high bit of r22 to carry */
mov r1, r22
2:
brne 2b
bigendian_rotl32_exit:
clr r1
- out _SFR_IO_ADDR(SREG), r0
ret
/******************************************************************************/
-.global bigendian_rotr32
; === bigendian_rotl32 ===
; this function rotates a 32bit bigendian word n bits to the right
; param1: the 32-bit value
; given in r25,r24,r23,r22
bigendian_rotr32:
- in r0, _SFR_IO_ADDR(SREG)
/* copy high bit of r25 to carry */
mov r1, r25
brne 2b
bigendian_rotr32_exit:
clr r1
- out _SFR_IO_ADDR(SREG), r0
ret
/******************************************************************************/
push r25
push r24
pi_gamma_pi:
- clc
+ ldi r30, lo8(bigendian_rotl32)
+ ldi r31, hi8(bigendian_rotl32)
call pi
/* pi1 done; now gamma */
call gamma_1
eor state2_3, state3_3
*/
call gamma_1
- sec
+ ldi r30, lo8(bigendian_rotr32)
+ ldi r31, hi8(bigendian_rotr32)
call pi
ret
eor state0_3, r1
ret
-pi:
- brcs 1f
- ldi r30, lo8(bigendian_rotl32)
- ldi r31, hi8(bigendian_rotl32)
- rjmp 2f
-1:
- ldi r30, lo8(bigendian_rotr32)
- ldi r31, hi8(bigendian_rotr32)
-2:
+pi:
lsr r31
ror r30
/* a[1] <<<= 1*/
mov state3_2, r24
mov state3_3, r25
ret
-
-;------- trash follows --------
-
+/******************************************************************************/
+
+/*
+void noekeon_init(void* key, noekeon_ctx_t* ctx){
+ uint8_t nullv[16];
+
+ memset(nullv, 0, 16);
+ memcpy(ctx, key, 16);
+ noekeon_enc(ctx, nullv);
+}
+*/
+.global noekeon_init
+noekeon_init:
+; === noekeon_init ===
+;
+; param1: pointer to key (r24,r25)
+; param2: pointer to context (r22,r23)
+;
+ in r30, _SFR_IO_ADDR(SPL)
+ in r31, _SFR_IO_ADDR(SPH)
+ sbiw r30, 16
+ out _SFR_IO_ADDR(SPH), r31
+ out _SFR_IO_ADDR(SPL), r30
- /* load state */
movw r26, r22
- ldi r28, 2
- clr r29 /* Y points at r2 aka state0_0 */
- ldi r22, 16
-1: /* copy key to state */
- ld r0, X+
- st Y+, r0
- dec r22
- brne 1b
-
- movw r26, r30
-
- clr r1
- ldi r22, 16
-1: /* set key to zero */
- st Z+, r1
- dec r22
+ adiw r30, 1
+ movw r22, r30
+ /* set nullv(stack) to zero */
+ ldi r20, 16
+1: st Z+, r1
+ dec r20
brne 1b
-
- call theta
- ldi r22, 16
-1: /* write key back */
- ld r0, -Y
- st -Z, r0
- dec r22
+ /* copy key data to ctx */
+ movw r30, r24
+ ldi r20, 16
+1: ld r1, Z+
+ st X+, r1
+ dec r20
brne 1b
-
-; movw r26, r30 /* move keypointer to X */
-; adiw r26, 1
- movw r30, r24 /* Z points at state */
- push r30 /* push state pointer */
- push r31
+ clr r1
+
+ sbiw r26, 16
+ movw r24, r26
+ call noekeon_enc
+
+ in r30, _SFR_IO_ADDR(SPL)
+ in r31, _SFR_IO_ADDR(SPH)
+ adiw r30, 16
+ out _SFR_IO_ADDR(SPH), r31
+ out _SFR_IO_ADDR(SPL), r30
+ ret
- ;--
- clr r29
- ldi r28, 2
- ;--
- ldi r22, 16
- push r22 /* 16 is also the number of rounds and gets pushed here */
- ldi r22, 16
-1: /* load state */
- ld r0, Z+
- st Y+, r0
- dec r22
- brne 1b
- /* state loaded */
-
-;------- ------------- --------
projects / avr-crypto-lib.git / blobdiff