1 /* serpent-sboxes-fast.S */
3 This file is part of the Crypto-avr-lib/microcrypt-lib.
4 Copyright (C) 2008 Daniel Otte (daniel.otte@rub.de)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * File: serpent-sboxes-fast.S
24 * License: GPLv3 or later
25 * Description: Implementation of the serpent sbox function.
31 /*******************************************************************************
33 *******************************************************************************/
35 .macro push_ p1:req, p2:vararg
42 .macro pop_ p1:req, p2:vararg
49 .macro push_range from:req, to:req
52 push_range "(\from+1)",\to
56 .macro pop_range from:req, to:req
59 pop_range \from,"(\to-1)"
63 .macro stack_alloc size:req, reg1=r30, reg2=r31
64 in r0, _SFR_IO_ADDR(SREG)
66 in \reg1, _SFR_IO_ADDR(SPL)
67 in \reg2, _SFR_IO_ADDR(SPH)
69 out _SFR_IO_ADDR(SPH), \reg2
70 out _SFR_IO_ADDR(SPL), \reg1
71 out _SFR_IO_ADDR(SREG), r0
74 .macro stack_free size:req, reg1=r30, reg2=r31
75 in r0, _SFR_IO_ADDR(SREG)
77 in \reg1, _SFR_IO_ADDR(SPL)
78 in \reg2, _SFR_IO_ADDR(SPH)
80 out _SFR_IO_ADDR(SPH), \reg2
81 out _SFR_IO_ADDR(SPL), \reg1
82 out _SFR_IO_ADDR(SREG), r0
85 /*******************************************************************************
86 * END of MACRO SECTION *
87 *******************************************************************************/
90 .byte 0x33, 0x88, 0xFF, 0x11, 0xAA, 0x66, 0x55, 0xBB
91 .byte 0xEE, 0xDD, 0x44, 0x22, 0x77, 0x00, 0x99, 0xCC
92 .byte 0xFF, 0xCC, 0x22, 0x77, 0x99, 0x00, 0x55, 0xAA
93 .byte 0x11, 0xBB, 0xEE, 0x88, 0x66, 0xDD, 0x33, 0x44
94 .byte 0x88, 0x66, 0x77, 0x99, 0x33, 0xCC, 0xAA, 0xFF
95 .byte 0xDD, 0x11, 0xEE, 0x44, 0x00, 0xBB, 0x55, 0x22
96 .byte 0x00, 0xFF, 0xBB, 0x88, 0xCC, 0x99, 0x66, 0x33
97 .byte 0xDD, 0x11, 0x22, 0x44, 0xAA, 0x77, 0x55, 0xEE
98 .byte 0x11, 0xFF, 0x88, 0x33, 0xCC, 0x00, 0xBB, 0x66
99 .byte 0x22, 0x55, 0x44, 0xAA, 0x99, 0xEE, 0x77, 0xDD
100 .byte 0xFF, 0x55, 0x22, 0xBB, 0x44, 0xAA, 0x99, 0xCC
101 .byte 0x00, 0x33, 0xEE, 0x88, 0xDD, 0x66, 0x77, 0x11
102 .byte 0x77, 0x22, 0xCC, 0x55, 0x88, 0x44, 0x66, 0xBB
103 .byte 0xEE, 0x99, 0x11, 0xFF, 0xDD, 0x33, 0xAA, 0x00
104 .byte 0x11, 0xDD, 0xFF, 0x00, 0xEE, 0x88, 0x22, 0xBB
105 .byte 0x77, 0x44, 0xCC, 0xAA, 0x99, 0x33, 0x55, 0x66
107 serpent_sbox_inv_fast:
108 .byte 0xDD, 0x33, 0xBB, 0x00, 0xAA, 0x66, 0x55, 0xCC
109 .byte 0x11, 0xEE, 0x44, 0x77, 0xFF, 0x99, 0x88, 0x22
110 .byte 0x55, 0x88, 0x22, 0xEE, 0xFF, 0x66, 0xCC, 0x33
111 .byte 0xBB, 0x44, 0x77, 0x99, 0x11, 0xDD, 0xAA, 0x00
112 .byte 0xCC, 0x99, 0xFF, 0x44, 0xBB, 0xEE, 0x11, 0x22
113 .byte 0x00, 0x33, 0x66, 0xDD, 0x55, 0x88, 0xAA, 0x77
114 .byte 0x00, 0x99, 0xAA, 0x77, 0xBB, 0xEE, 0x66, 0xDD
115 .byte 0x33, 0x55, 0xCC, 0x22, 0x44, 0x88, 0xFF, 0x11
116 .byte 0x55, 0x00, 0x88, 0x33, 0xAA, 0x99, 0x77, 0xEE
117 .byte 0x22, 0xCC, 0xBB, 0x66, 0x44, 0xFF, 0xDD, 0x11
118 .byte 0x88, 0xFF, 0x22, 0x99, 0x44, 0x11, 0xDD, 0xEE
119 .byte 0xBB, 0x66, 0x55, 0x33, 0x77, 0xCC, 0xAA, 0x00
120 .byte 0xFF, 0xAA, 0x11, 0xDD, 0x55, 0x33, 0x66, 0x00
121 .byte 0x44, 0x99, 0xEE, 0x77, 0x22, 0xCC, 0x88, 0xBB
122 .byte 0x33, 0x00, 0x66, 0xDD, 0x99, 0xEE, 0xFF, 0x88
123 .byte 0x55, 0xCC, 0xBB, 0x77, 0xAA, 0x11, 0x44, 0x22
127 * void ip(uint32_t *i, uint8_t *o){
130 * param i is given in r24:r25
131 * parma o is given in r22:r23
145 /* now the whole input is loaded in r2-r18 */
178 * void serpent_fp(uint32_t *i, uint8_t *o){
181 * param i is given in r24:r25
182 * parma o is given in r22:r23
217 * void inv_sbox128(void * w, uint8_t box)
226 * void sbox128(void * w, uint8_t box);
229 * param w is passed in r24:r25
230 * param box is passed in r22
239 push_ r24, r25, r22, r30, r31
240 movw r22, r30 /* Z points to the stack buffer */
243 ldi r25, hi8(serpent_sbox_fast)
244 ldi r24, lo8(serpent_sbox_fast)
245 swap r22 /* r22 *= 16 */
248 /* now we have X pointing to the buffer and (r24:r25) pointing to the SBox */