1 /* serpent-sboxes-bitslice.c */
3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 * a bitsliced implementation of the serpent sboxes
22 * email: daniel.otte@rub.de
26 #include "avr-asm-macros.S"
55 /* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */
57 /* depth = 5,7,4,2, Total gates=18 */
98 /* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */
100 /* depth = 8,4,3,6, Total gates=19 */
143 /* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */
145 /* depth = 10,7,3,5, Total gates=18 */
186 /* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */
188 /* depth = 7,4,5,3, Total gates=18 */
228 /* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */
230 /* depth = 3,8,11,7, Total gates=16 */
266 /* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */
268 /* depth = 3,6,8,3, Total gates=18 */
308 /* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */
310 /* depth = 8,3,5,5, Total gates=18 */
350 /* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */
352 /* depth = 3,6,4,4, Total gates=17 */
390 /* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */
392 /* depth = 6,7,5,3, Total gates=19 */
434 /* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */
436 /* depth = 6,4,7,3, Total gates=17 */
474 /* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */
476 /* depth = 4,6,8,6, Total gates=17 */
514 /* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */
516 /* depth = 4,6,9,7, Total gates=17 */
554 /* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */
556 /* depth = 8,3,6,3, Total gates=19 */
598 /* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */
600 /* depth = 5,3,8,6, Total gates=19 */
642 /* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */
644 /* depth = 10,7,10,4, Total gates=19 */
686 /* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */
688 /* depth = 9,7,3,3, Total gates=18 */
729 .word sb0, sb1, sb2, sb3
730 .word sb4, sb5, sb6, sb7
733 .word sb0_inv, sb1_inv, sb2_inv, sb3_inv
734 .word sb4_inv, sb5_inv, sb6_inv, sb7_inv
737 .byte pm_lo8(sb0), pm_hi8(sb0)
738 .byte pm_lo8(sb1), pm_hi8(sb1)
739 .byte pm_lo8(sb2), pm_hi8(sb2)
740 .byte pm_lo8(sb3), pm_hi8(sb3)
741 .byte pm_lo8(sb4), pm_hi8(sb4)
742 .byte pm_lo8(sb5), pm_hi8(sb5)
743 .byte pm_lo8(sb6), pm_hi8(sb6)
744 .byte pm_lo8(sb7), pm_hi8(sb7)
748 .byte pm_lo8(sb0_inv), pm_hi8(sb0_inv)
749 .byte pm_lo8(sb1_inv), pm_hi8(sb1_inv)
750 .byte pm_lo8(sb2_inv), pm_hi8(sb2_inv)
751 .byte pm_lo8(sb3_inv), pm_hi8(sb3_inv)
752 .byte pm_lo8(sb4_inv), pm_hi8(sb4_inv)
753 .byte pm_lo8(sb5_inv), pm_hi8(sb5_inv)
754 .byte pm_lo8(sb6_inv), pm_hi8(sb6_inv)
755 .byte pm_lo8(sb7_inv), pm_hi8(sb7_inv)
758 void sbox128(void * w, uint8_t box){
759 uint8_t i, buffer[16];
763 fp = (sb_fpt)pgm_read_word(&(sf_tab[box]));
765 fp(buffer+i, (uint8_t*)w+i);
767 memcpy(w, buffer, 16);
832 ldi r30, lo8(sinvf_tab)
833 ldi r31, hi8(sinvf_tab)
836 void inv_sbox128(void * w, uint8_t box){
837 uint8_t i, buffer[16];
841 fp = (sb_fpt)pgm_read_word(&(sinvf_tab[box]));
843 fp(buffer+i, (uint8_t*)w+i);
845 memcpy(w, buffer, 16);