phelix86.s

phelix加密算法源代码,是一个开源的加密算法

        shrl    $2,%edi
        addl    %edi,blkNum(%ebp)
        addl    %esi,msgLen(%ebp)           #track low 2 bits of msgLen

        leal    old_Z(%ebp),%edi
        leal    oldZ+_SO_(%esp),%esi
        movl    $4,%ecx                 #copy back the updated oldZ values
        rep     movsl

        addl    $_Phelix_LocalSize,%esp
        popal
        ret
        #
        ## handle decryption here
C_global PhelixDecryptBytes,ECRYPT_AE_decrypt_bytes
        pushal
        leal    Decrypt_jmpTab,%ebp
        jmp     PhelixBytes
##
##----------------------------------------------------------------
## "Incremental" function: Finalize (MAC)
##----------------------------------------------------------------
##  use same locals stack as EncryptPacket
##
_pOfs_  =       _cpOfs_
        _newParm    1,ctxt_Ptr
        _newParm    1,mac_Ptr
##
C_global PhelixFinalize,ECRYPT_AE_finalize
        pushal
        leal    callerParms-_Phelix_LocalSize(%esp),%esi
        subl    $_Phelix_LocalSize,%esp
    .set _SO_,0
        leal    Encrypt_jmpTab,%ebp
        movl    %ebp,jmpTabPtr+_SO_(%esp)

        ## copy context to local on stack
        movl    ctxt_Ptr_LCL(%esi),%ebp
        _push   esi
        leal    X_0(%ebp),%esi
        leal    X_i_0+_SO_(%esp),%edi
        movl    $8+8+4,%ecx                 #X_0, X_1, and oldZ
        cld 
        rep     movsl                       #copy the context
        xorl    %eax,%eax
        movl    $UNROLL_CNT,%ecx            #zero out exitTab
        rep     stosl
        _pop    esi

        movl    ctxt_Ptr_LCL(%esi),%ebp
        movl    blkNum(%ebp),%edi           #convert blkNum from pCtxt to locals
        andl    $~(UNROLL_CNT-1),%edi   
        movl    %edi,_i_+_SO_(%esp)

        movl    msgLen(%ebp),%eax
        subl    $4,%eax
        negl    %eax
        andl    $3,%eax                     #track the low 2 bits of msgLen
                
        movl    blkNum(%ebp),%edi
        shll    $2,%edi                     #convert blkNum to a word count
        subl    %eax,%edi
        movl    %edi,loopByteCnt+_SO_(%esp) #and save it as the "phase"

        movl    _Z_+4*0(%ebp),%eax          #load the Z values
        movl    _Z_+4*1(%ebp),%ebx
        movl    _Z_+4*2(%ebp),%ecx
        movl    _Z_+4*3(%ebp),%edx
        movl    _Z_+4*4(%ebp),%esi

        xorl    aadXor  (%ebp),%ebx
        xorl    aadLen  (%ebp),%esi
        xorl    aadLen+4(%ebp),%ecx
        movl    mac_Ptr+_SO_(%esp),%ebp
        jmp     processMAC
##
##
##----------------------------------------------------------------
## "Incremental" function: ProcessAAD
##----------------------------------------------------------------
 .set _Phelix_LocalSize,0
        _newLocal   1,aad_I                 #different local stack from from above!
        _newLocal   1,aad_bb
        _newLocal   1,aad_tmp
##
_cpOfs_ =       4+8*4+_Phelix_LocalSize     #caller parms offset from esp
_pOfs_  =       _cpOfs_
        _newParm    1,ctxt_Ptr
        _newParm    1,aad_Ptr
        _newParm    1,aad_Len
##
C_global PhelixProcessAAD,ECRYPT_AE_authenticate_bytes
        pushal
        subl    $_Phelix_LocalSize,%esp
    .set _SO_,0
        movl    ctxt_Ptr+_SO_(%esp),%ebp    #point to context
        movl     aad_Len+_SO_(%esp),%edi
        addl    %edi,aadLen  (%ebp)         #update accumulated length
        adcl    $0  ,aadLen+4(%ebp)
        movl    blkNum(%ebp),%edi
        movl    %edi,aad_I+_SO_(%esp)

        movl    _Z_+4*0(%ebp),%eax          #load the Z values
        movl    _Z_+4*1(%ebp),%ebx
        movl    _Z_+4*2(%ebp),%ecx
        movl    _Z_+4*3(%ebp),%edx
        movl    _Z_+4*4(%ebp),%esi

        subl    $4,aad_Len+_SO_(%esp)       #are we done yet?
        _rept ae
aad_Again:movl  aad_I+_SO_(%esp),%edi
          andl  $7,%edi
          movl  ctxt_Ptr+_SO_(%esp),%ebp
          _o_   "addl %edx,%eax","roll $ROT_3b,%edx","movl X_0(%ebp,%edi,4),%ebp"
          _o_   "addl %esi,%ebx","roll $ROT_4b,%esi","movl %edi,aad_bb+_SO_(%esp)"
          _o_   "xorl %eax,%ecx","roll $ROT_0a,%eax","movl aad_Ptr+_SO_(%esp),%edi"
          _o_   "xorl %ebx,%edx","roll $ROT_1a,%ebx","addl %edx,%ebp"       
          _o_   "addl %ecx,%esi","roll $ROT_2a,%ecx"

          _o_   "xorl %ebp,%eax","roll $ROT_3a,%edx","movl (%edi),%ebp"     #ebp = AAD plaintext
          _o_   "xorl %esi,%ebx","roll $ROT_4a,%esi","addl $4,%edi"
          _o_   "addl %eax,%ecx","roll $ROT_0b,%eax","movl %edi,aad_Ptr+_SO_(%esp)"
          _o_   "addl %ebx,%edx","roll $ROT_1b,%ebx","xorl %edx,%ebp"
          _o_   "xorl %ecx,%esi","roll $ROT_2b,%ecx","movl aad_bb+_SO_(%esp),%edi"

          _o_   "addl %ebp,%eax","roll $ROT_3b,%edx","movl ctxt_Ptr+_SO_(%esp),%ebp"
          _o_   "addl %esi,%ebx","roll $ROT_4b,%esi","movl X_1(%ebp,%edi,4),%ebp"
          _o_   "xorl %eax,%ecx","roll $ROT_0a,%eax"
          _o_   "xorl %ebx,%edx","roll $ROT_1a,%ebx","addl aad_I+_SO_(%esp),%ebp"
          _o_   "addl %ecx,%esi","roll $ROT_2a,%ecx","addl %edx,%ebp"

          _o_   "xorl %ebp,%eax","roll $ROT_3a,%edx","movl ctxt_Ptr+_SO_(%esp),%ebp"
          _o_   "xorl %esi,%ebx","roll $ROT_4a,%esi","andl $3,%edi"
          _o_   "addl %eax,%ecx","roll $ROT_0b,%eax","incl aad_I+_SO_(%esp)"
          _o_   "addl %ebx,%edx","roll $ROT_1b,%ebx"
          _o_   "xorl %ecx,%esi","roll $ROT_2b,%ecx","movl %esi,old_Z(%ebp,%edi,4)"
          subl  $4,aad_Len+_SO_(%esp)       #are we done yet?
        _until  b

        ## note ebp == ctxt_Ptr here
        movl    aad_Len+_SO_(%esp),%edi     #at this point, -4 <= aad_Len < 0
        andl    $3,%edi                     #any odd bytes left?
        _if z                               #if not, we are done
          movl  aad_I+_SO_(%esp),%edi       #copy back the updated blkNum 
          movl  %edi,blkNum(%ebp)

          movl  %eax,_Z_+4*0(%ebp)              #save the Z values
          movl  %ebx,_Z_+4*1(%ebp)    
          movl  %ecx,_Z_+4*2(%ebp)    
          movl  %edx,_Z_+4*3(%ebp)    
          movl  %esi,_Z_+4*4(%ebp)    

          ## clean up the stack and return
          addl  $_Phelix_LocalSize,%esp
          popal
          ret
        _endif
        ## here to handle odd AAD bytes
        movl    aad_Ptr+_SO_(%esp),%ebp     #get the final partial word
        movl    (%ebp),%ebp
        andl    MASK_TAB(,%edi,4),%ebp      #mask off unused bits
        leal    aad_tmp+_SO_(%esp),%edi
        movl    %edi,aad_Ptr+_SO_(%esp)     #point aad_Ptr to aad_Tmp
        movl    %ebp,(%edi)                 #store zero-padded word there
        xorl    %ebp,%ebp                   #fix up the count to not come here again
        movl    %ebp,aad_Len+_SO_(%esp)
        jmp     aad_Again
##
##----------------------------------------------------------------
## "Incremental" function: SetupKey
##----------------------------------------------------------------
##
    .set _Phelix_LocalSize,0
        _newLocal   1,sk_esi
        _newLocal   1,sk_Cnt
##
_cpOfs_ =       4+8*4+_Phelix_LocalSize #caller parms offset from esp
_pOfs_  =       _cpOfs_
        _newParm    1,ctxt_Ptr
        _newParm    1,key_Ptr
        _newParm    1,key_Size
        _newParm    1,iv_Size
        _newParm    1,mac_Size
##
C_global PhelixSetupKey,ECRYPT_AE_keysetup
        pushal
        subl    $_Phelix_LocalSize,%esp
    .set _SO_,0
        movl    ctxt_Ptr+_SO_(%esp),%ebp    #point to the context to be built
        movl    key_Size+_SO_(%esp),%eax    #copy keySize
        movl    %eax,keySize(%ebp)
        movl    mac_Size+_SO_(%esp),%ebx    #and macSize
        movl    %ebx,macSize(%ebp)
        andl    $127,%ebx                   #and compute X1_Bump
        shll    $8  ,%ebx
        shrl    $1  ,%eax                   #eax = keySize/2 (in bits)
        addl    %eax,%ebx
        movl    %ebx,X_1_Bump(%ebp)         #then store it
        shrl    $2  ,%eax                   #eax = keySize/8 (# bytes of key)

        ## now copy in the key bits
        movl    key_Ptr+_SO_(%esp),%edi
        xorl    %ebx,%ebx                   #ebx = counter
        _rept
          cmpl  %eax,%ebx                   #is this full word part of the key?
          _brk  ae                          #if not, go handle partial word (if any)
          movl  (%edi,%ebx),%ecx            #else get next full word of key
          movl  %ecx,X_0(%ebp,%ebx)         #and copy it to context
          addl  $4,%ebx                     #bump counter
        _endr                               #go back for more
        testl   $3,%eax                     #if any partial words, handle that here
        _if nz
          movl  %eax,%esi
          andl  $3,%esi                     #esi = (keySize/8) mod 4
          movl  MASK_TAB(,%esi,4),%ecx      #mask off "unused" bits
          andl  %ecx,X_0-4(%ebp,%ebx)
        _endif
        xorl    %ecx,%ecx                   #zero out the rest of the context key
        _rept
          cmpl  $8*4,%ebx                   #are we done yet?
          _brk  ae
          movl  %ecx,X_0(%ebp,%ebx)         #zero context key
          addl  $4,%ebx
        _endr
        ## now run the Feistel network for initial key mixing
        addl    $64,%eax
        movl    %eax,sk_esi+_SO_(%esp)      #precompute L(U)+64 "constant" for mixing
        movl    $128,sk_Cnt+_SO_(%esp)      #use this as a counter
        _rept
          movl  sk_Cnt+_SO_(%esp),%edi
          andl  $16,%edi                    #isolate one bit
          movl  X_0+4*0(%ebp,%edi),%eax 
          movl  X_0+4*1(%ebp,%edi),%ebx    
          movl  X_0+4*2(%ebp,%edi),%ecx    
          movl  X_0+4*3(%ebp,%edi),%edx    
          movl  sk_esi+ _SO_(%esp),%esi
          .rept 2                           #unroll just a bit
            _o_ "addl %edx,%eax","roll $ROT_3b,%edx"
            _o_ "addl %esi,%ebx","roll $ROT_4b,%esi"
            _o_ "xorl %eax,%ecx","roll $ROT_0a,%eax"
            _o_ "xorl %ebx,%edx","roll $ROT_1a,%ebx"
            _o_ "addl %ecx,%esi","roll $ROT_2a,%ecx"
      
            _o_ "xorl %edx,%eax","roll $ROT_3a,%edx"
            _o_ "xorl %esi,%ebx","roll $ROT_4a,%esi"
            _o_ "addl %eax,%ecx","roll $ROT_0b,%eax"
            _o_ "addl %ebx,%edx","roll $ROT_1b,%ebx"
            _o_ "xorl %ecx,%esi","roll $ROT_2b,%ecx"
          .endr
          xorl  $16,%edi                    #go to other half
          xorl  %eax,X_0+4*0(%ebp,%edi)     #perform the Feistel xor
          xorl  %ebx,X_0+4*1(%ebp,%edi)
          xorl  %ecx,X_0+4*2(%ebp,%edi)
          xorl  %edx,X_0+4*3(%ebp,%edi)
          subl  $16,sk_Cnt+_SO_(%esp)
        _until be
        ## clean up the stack and return
        addl    $_Phelix_LocalSize,%esp
        popal
        ret
##
##----------------------------------------------------------------
##
C_global PhelixIncremental_CodeSize
        mov     $(.- _PhelixCodeStart_),%eax
        ret
##
##
##----------------------------------------------------------------
## use this NOP routine to calibrate/check our timing tests
##----------------------------------------------------------------
##
C_global PhelixNop
        pushal
        popal
        ret
##
##----------------------------------------------------------------
## size statistics at compile time
##----------------------------------------------------------------
##
C_global PhelixProcessPacket_CodeSize,ECRYPT_AE_process_packet_CodeSize
        movl    $(_PhelixCodeEnd_-_PhelixCodeStart_),%eax
        ret
##
    .end