Lines Matching +full:0 +full:- +full:8
1 /* SPDX-License-Identifier: GPL-2.0-only */
11 * 'Faster and Timing-Attack Resistant AES-GCM' by Emilia Kaesper and
15 * for 32-bit ARM written by Andy Polyakov <appro@openssl.org>
67 vtbl.8 \out\()l, {\tbl}, \in\()l
69 vtbl.8 \out\()h, {\tmp}, \in\()h
71 vtbl.8 \out\()h, {\tbl}, \in\()h
77 vldr \out\()h, \sym + 8
262 vld1.8 {\t0-\t1}, [bskey, :256]!
264 vld1.8 {\t2-\t3}, [bskey, :256]!
269 vld1.8 {\t0-\t1}, [bskey, :256]!
273 vld1.8 {\t2-\t3}, [bskey, :256]!
298 vext.8 \t0, \x0, \x0, #12
299 vext.8 \t1, \x1, \x1, #12
301 vext.8 \t2, \x2, \x2, #12
303 vext.8 \t3, \x3, \x3, #12
305 vext.8 \t4, \x4, \x4, #12
307 vext.8 \t5, \x5, \x5, #12
309 vext.8 \t6, \x6, \x6, #12
311 vext.8 \t7, \x7, \x7, #12
314 veor.8 \x7, \x7, \t7
315 vext.8 \x0, \x0, \x0, #8
319 vext.8 \x1, \x1, \x1, #8
324 vext.8 \t0, \x4, \x4, #8
326 vext.8 \t1, \x5, \x5, #8
328 vext.8 \x4, \x3, \x3, #8
330 vext.8 \x5, \x7, \x7, #8
332 vext.8 \x3, \x6, \x6, #8
334 vext.8 \x6, \x2, \x2, #8
354 vld1.8 {\t0-\t1}, [bskey, :256]!
356 vld1.8 {\t2-\t3}, [bskey, :256]!
358 vld1.8 {\t4-\t5}, [bskey, :256]!
360 vld1.8 {\t6-\t7}, [bskey, :256]
367 vext.8 \t0, \x0, \x0, #8
368 vext.8 \t6, \x6, \x6, #8
369 vext.8 \t7, \x7, \x7, #8
371 vext.8 \t1, \x1, \x1, #8
373 vext.8 \t2, \x2, \x2, #8
375 vext.8 \t3, \x3, \x3, #8
377 vext.8 \t4, \x4, \x4, #8
379 vext.8 \t5, \x5, \x5, #8
417 vmov.i8 \t0, #0x55
418 vmov.i8 \t1, #0x33
421 vmov.i8 \t0, #0x0f
429 M0: .quad 0x02060a0e03070b0f, 0x0004080c0105090d
435 vld1.32 {q7}, [r1]! // load round 0 key
438 vmov.i8 q8, #0x01 // bit masks
439 vmov.i8 q9, #0x02
440 vmov.i8 q10, #0x04
441 vmov.i8 q11, #0x08
442 vmov.i8 q12, #0x10
443 vmov.i8 q13, #0x20
447 vst1.8 {q7}, [r0, :128]! // save round 0 key
451 vmov.i8 q6, #0x40
452 vmov.i8 q15, #0x80
454 vtst.8 q0, q7, q8
455 vtst.8 q1, q7, q9
456 vtst.8 q2, q7, q10
457 vtst.8 q3, q7, q11
458 vtst.8 q4, q7, q12
459 vtst.8 q5, q7, q13
460 vtst.8 q6, q7, q6
461 vtst.8 q7, q7, q15
469 vst1.8 {q0-q1}, [r0, :256]!
470 vst1.8 {q2-q3}, [r0, :256]!
471 vst1.8 {q4-q5}, [r0, :256]!
472 vst1.8 {q6-q7}, [r0, :256]!
475 vmov.i8 q7, #0x63 // compose .L63
477 vst1.8 {q15}, [r0, :128]
482 M0SR: .quad 0x0a0e02060f03070b, 0x0004080c05090d01
485 vld1.8 {q9}, [bskey, :128]! // round 0 key
511 SR: .quad 0x0504070600030201, 0x0f0e0d0c0a09080b
512 SRM0: .quad 0x0304090e00050a0f, 0x01060b0c0207080d
532 vld1.8 {q12}, [bskey, :128] // last round key
548 M0ISR: .quad 0x0a0e0206070b0f03, 0x0004080c0d010509
553 vld1.8 {q9}, [bskey, :128] // round 0 key
580 ISR: .quad 0x0504070602010003, 0x0f0e0d0c080b0a09
581 ISRM0: .quad 0x01040b0e0205080f, 0x0306090c00070a0d
602 vld1.8 {q12}, [bskey, :128] // last round key
624 push {r4-r6, lr}
627 99: adr ip, 0f
629 cmp r5, #8
631 movlt pc, ip // computed goto if blocks < 8
633 vld1.8 {q0}, [r1]!
634 vld1.8 {q1}, [r1]!
635 vld1.8 {q2}, [r1]!
636 vld1.8 {q3}, [r1]!
637 vld1.8 {q4}, [r1]!
638 vld1.8 {q5}, [r1]!
639 vld1.8 {q6}, [r1]!
640 vld1.8 {q7}, [r1]!
642 0: mov bskey, r2
648 cmp r5, #8
650 movlt pc, ip // computed goto if blocks < 8
652 vst1.8 {\o0}, [r0]!
653 vst1.8 {\o1}, [r0]!
654 vst1.8 {\o2}, [r0]!
655 vst1.8 {\o3}, [r0]!
656 vst1.8 {\o4}, [r0]!
657 vst1.8 {\o5}, [r0]!
658 vst1.8 {\o6}, [r0]!
659 vst1.8 {\o7}, [r0]!
661 1: subs r5, r5, #8
664 pop {r4-r6, pc}
684 push {r4-r6, lr}
685 ldm ip, {r5-r6} // load args 4-5
687 99: adr ip, 0f
689 cmp r5, #8
692 movlt pc, ip // computed goto if blocks < 8
694 vld1.8 {q0}, [lr]!
695 vld1.8 {q1}, [lr]!
696 vld1.8 {q2}, [lr]!
697 vld1.8 {q3}, [lr]!
698 vld1.8 {q4}, [lr]!
699 vld1.8 {q5}, [lr]!
700 vld1.8 {q6}, [lr]!
701 vld1.8 {q7}, [lr]
703 0: mov bskey, r2
707 vld1.8 {q8}, [r6]
718 cmp r5, #8
720 movlt pc, ip // computed goto if blocks < 8
722 vld1.8 {q9}, [r1]!
723 vld1.8 {q10}, [r1]!
724 vld1.8 {q11}, [r1]!
725 vld1.8 {q12}, [r1]!
726 vld1.8 {q13}, [r1]!
727 vld1.8 {q14}, [r1]!
728 vld1.8 {q15}, [r1]!
733 movlt pc, ip // computed goto if blocks < 8
736 vst1.8 {q0}, [r0]!
738 vst1.8 {q1}, [r0]!
740 vst1.8 {q6}, [r0]!
742 vst1.8 {q4}, [r0]!
744 vst1.8 {q2}, [r0]!
746 vst1.8 {q7}, [r0]!
748 vst1.8 {q3}, [r0]!
750 vld1.8 {q8}, [r1]! // load next round's iv
751 2: vst1.8 {q5}, [r0]!
753 subs r5, r5, #8
754 vst1.8 {q8}, [r6] // store next round's iv
757 pop {r4-r6, pc}
763 adcs r9, r9, #0
765 adcs r8, r8, #0
766 adc r7, r7, #0
767 vrev32.8 \q, \q
776 push {r4-r10, lr}
778 ldm ip, {r5, r6} // load args 4-5
779 vld1.8 {q0}, [r6] // load counter
780 vrev32.8 q1, q0
785 adcs r9, r9, #0
786 adcs r8, r8, #0
787 adc r7, r7, #0
792 adr ip, 0f
812 0: mov bskey, r2
826 vld1.8 {q8}, [r1]!
827 vld1.8 {q9}, [r1]!
828 vld1.8 {q10}, [r1]!
829 vld1.8 {q11}, [r1]!
830 vld1.8 {q12}, [r1]!
831 vld1.8 {q13}, [r1]!
832 vld1.8 {q14}, [r1]!
834 vld1.8 {q15}, [r1]!
836 add ip, ip, #2f - 1b
850 vst1.8 {q0}, [r0]!
851 vst1.8 {q1}, [r0]!
852 vst1.8 {q4}, [r0]!
853 vst1.8 {q6}, [r0]!
854 vst1.8 {q3}, [r0]!
855 vst1.8 {q7}, [r0]!
856 vst1.8 {q2}, [r0]!
858 vst1.8 {q5}, [r0]!
865 vst1.8 {q0}, [r6]
866 pop {r4-r10, pc}
871 vld1.8 {q8-q9}, [lr]
872 vtbl.8 d16, {q5}, d16
873 vtbl.8 d17, {q5}, d17
876 vtbx.8 d10, {q2}, d18
877 vtbx.8 d11, {q2}, d19
882 vld1.8 {q8}, [r0] // reload
884 vst1.8 {q5}, [r0]
885 pop {r4-r10, pc}
890 .byte 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
891 .byte 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
892 .byte 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
893 .byte 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
894 .byte 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
895 .byte 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
901 vext.8 \tmp, \tmp, \tmp, #8
913 vld1.8 {q14}, [r7] // load iv
914 vmov.i32 d30, #0x87 // compose tweak mask vector
919 adr ip, 0f
921 cmp r6, #8
924 movlt pc, ip // computed goto if blocks < 8
926 vld1.8 {q0}, [r1]!
929 vst1.8 {q14}, [r4, :128]!
931 vld1.8 {q1}, [r1]!
934 vst1.8 {q12}, [r4, :128]!
936 vld1.8 {q2}, [r1]!
939 vst1.8 {q14}, [r4, :128]!
941 vld1.8 {q3}, [r1]!
944 vst1.8 {q12}, [r4, :128]!
946 vld1.8 {q4}, [r1]!
949 vst1.8 {q14}, [r4, :128]!
951 vld1.8 {q5}, [r1]!
954 vst1.8 {q12}, [r4, :128]!
956 vld1.8 {q6}, [r1]!
959 vst1.8 {q14}, [r4, :128]!
961 vld1.8 {q7}, [r1]!
964 W(cmple) r8, #0
966 0: veor q7, q7, q12
967 vst1.8 {q12}, [r4, :128]
969 vst1.8 {q14}, [r7] // store next iv
973 b 0b
977 push {r4-r8, lr}
981 sub ip, sp, #128 // make room for 8x tweak
982 bic ip, ip, #0xf // align sp to 16 bytes
991 adr ip, 0f
993 cmp r6, #8
996 movlt pc, ip // computed goto if blocks < 8
998 vld1.8 {q8}, [r4, :128]!
999 vld1.8 {q9}, [r4, :128]!
1000 vld1.8 {q10}, [r4, :128]!
1001 vld1.8 {q11}, [r4, :128]!
1002 vld1.8 {q12}, [r4, :128]!
1003 vld1.8 {q13}, [r4, :128]!
1004 vld1.8 {q14}, [r4, :128]!
1005 vld1.8 {q15}, [r4, :128]
1007 0: adr ip, 1f
1009 movlt pc, ip // computed goto if blocks < 8
1012 vst1.8 {\o0}, [r0]!
1014 vst1.8 {\o1}, [r0]!
1016 vst1.8 {\o2}, [r0]!
1018 vst1.8 {\o3}, [r0]!
1020 vst1.8 {\o4}, [r0]!
1022 vst1.8 {\o5}, [r0]!
1024 vst1.8 {\o6}, [r0]!
1026 vst1.8 {\o7}, [r0]!
1028 1: subs r6, r6, #8
1032 pop {r4-r8, pc}
1036 mov ip, #0 // never reorder final tweak
1041 ldr ip, [sp, #8] // reorder final tweak?