rijndael-3.psm

UART transmitter and receiver mocros

; 
; Rijndael (AES-128) block cipher
; this code assumes 128b data and a 128b key so: Nk = Nn = Nc = 4 ;
; (c) 2003 Henk van Kampen, www.mediatronix.com
; 
; based on documents by Dr. Brian Gladman,
; .   http://fp.gladman.plus.com/cryptography_technology/rijndael/spec.v311.pdf
; 
; both S-Boxes and key schedule are computed on the fly, so this is very slow code.
; a 10 round encryption needs about 1.5 M cycles or about 50 ms at 60MHz, 30MIPS (!)
; 
; to be done:
; . replace S-Box by ROM look-up, a mayor speed up;
; .   10 rounds take 10 x 16 x 2 SubByte calls
; .   if SBox is a ROM look-up only 5600 cycles are needed to complete -> 23us/byte
; 
; . decrypt
; 

                    VHDL      "ROM_blank_JTAG.vhd", "MPU_ROM.vhd", "mpu_rom"

; key value
inkey               DSROM     $00, $2B, $7E, $15, $16, $28, $AE, $D2, $A6, $AB, $F7, $15, $88, $09, $CF, $4F, $3C

; input and output value
input               DSROM     $10, $32, $43, $F6, $A8, $88, $5A, $30, $8D, $31, $31, $98, $A2, $E0, $37, $07, $34
output              DSRAM     $20

; key and state in scratchpad
key                 EQU       $20
state               EQU       $30

pKey                EQU       s1                  ; key pointer
pState              EQU       s2                  ; state pointer
X                   EQU       $01
G                   EQU       $1B                 ; 0x11B
b128                EQU       128 / 8             ; 128 bytes of 8 bits

; Rijndael encrypt entry
; input is assumed to be in {input}, the key in {inkey}
; both will be copied, final state will be the output
Encrypt: 
                    CALL      InkeyToKey
                    CALL      InToState           ; state = in

                    CALL      XorRoundKey         ; XorRoundKey( state, k[0], Nc )
                    LOAD      sF, X               ; x^(i-1) (i=1)
                    LOAD      s3, 9               ; for round = 1 step 1 to Nn - 1
Round:                                            ; 
                    CALL      SubBytes            ; ..SubBytes( state, Nc )
                    CALL      ShiftRows           ; ..ShiftRows( state, Nc )
                    CALL      MixColumns          ; ..MixColumns( state, Nc )
                    CALL      NextRoundKey        ; ..XorRoundKey( state, k[ round ], Nc )
                    CALL      XorRoundKey
                    SUB       s3, 1               ; ..step 1
                    JUMP      NZ, Round           ; end for
                    CALL      SubBytes            ; SubBytes( state, Nc )
                    CALL      ShiftRows           ; ShiftRows( state, Nc )
                    CALL      NextRoundKey        ; XorRoundKey( state, k[ round ], Nc )
                    CALL      XorRoundKey
                    CALL      StateToOut
                    RET                           ; output is last {state}

; result should be: (Gladman)
; R[10].k_sch d014f9a8c9ee2589e13f0cc8b6630ca6
; R[10].output 3925841d02dc09fbdc118597196a0b32


; XorRoundKey( state, k, Nc )

XorRoundKey: 
                    LOAD      pKey, key           ; get pointer to key
                    LOAD      pState, state       ; get pointer to state

xor128:             LOAD      s0, b128            ; set up loop count
xornext:            FETCH     s4, pKey            ; get key byte
                    FETCH     s5, pState          ; get state byte
                    XOR       s4, s5              ; do the xor
                    STORE     s4, pState          ; save new state byte
                    ADD       pKey, 1             ; increment key pointer
                    ADD       pState, 1           ; increment state pointer
                    SUB       s0, 1               ; decrement loop counter
                    JUMP      NZ, xornext         ; loop back if not done 16 times (128/8)
                    RET       

InToState: 
                    LOAD      pKey, input         ; get pointer to input
                    LOAD      pState, state       ; get pointer to state
                    JUMP      ToScratch128

InkeyToKey: 
                    LOAD      pKey, inkey         ; get pointer to input
                    LOAD      pState, key         ; get pointer to state

ToScratch128:       LOAD      s0, b128            ; set up loop count
putnext:            IN        s4, pKey            ; get input byte
                    STORE     s4, pState          ; save new state byte
                    ADD       pKey, 1             ; increment key pointer
                    ADD       pState, 1           ; increment state pointer
                    SUB       s0, 1               ; decrement loop counter
                    JUMP      NZ, putnext         ; loop back if not done 16 times (128/8)
                    RET       

StateToOut: 
                    LOAD      pKey, state         ; get pointer to state
                    LOAD      pState, output      ; get pointer to output

                    LOAD      s0, b128            ; set up loop count
getnext:            FETCH     s4, pKey            ; get input byte
                    OUT       s4, pState          ; save new state byte
                    ADD       pKey, 1             ; increment key pointer
                    ADD       pState, 1           ; increment state pointer
                    SUB       s0, 1               ; decrement loop counter
                    JUMP      NZ, getnext         ; loop back if not done 16 times (128/8)
                    RET       

NextRoundKey: 
; temp = k[i - 1]
                    FETCH     s4, key + 12        ; get last word of previous key
                    FETCH     s5, key + 13
                    FETCH     s6, key + 14
                    FETCH     s7, key + 15

                    LOAD      s8, s4              ; RotWord
                    LOAD      s4, s5
                    LOAD      s5, s6
                    LOAD      s6, s7
                    LOAD      s7, s8

                    LOAD      s8, s4              ; temp=SubWord( RotWord( temp ) )
                    CALL      SBox
                    LOAD      s4, s8

                    XOR       s4, sF              ; xor Rcon( i / Nk )
                    SL0       sF                  ; x^(i-1) (i+=1)
                    JUMP      NC, nowrap
                    XOR       sF, G
nowrap: 
                    LOAD      s8, s5              ; SubWord( RotWord( temp ) )
                    CALL      SBox
                    LOAD      s5, s8

                    LOAD      s8, s6              ; SubWord( RotWord( temp ) )
                    CALL      SBox
                    LOAD      s6, s8

                    LOAD      s8, s7              ; SubWord( RotWord( temp ) )
                    CALL      SBox
                    LOAD      s7, s8

                    LOAD      pKey, key

                    LOAD      s0, b128
key96:              FETCH     s8, pKey            ; k[i]=k[i - Nk] ^ temp
                    XOR       s4, s8
                    STORE     s4, pKey
                    ADD       pKey, 1

                    FETCH     s8, pKey            ; k[i]=k[i - Nk] ^ temp
                    XOR       s5, s8
                    STORE     s5, pKey
                    ADD       pKey, 1

                    FETCH     s8, pKey            ; k[i]=k[i - Nk] ^ temp
                    XOR       s6, s8
                    STORE     s6, pKey
                    ADD       pKey, 1

                    FETCH     s8, pKey            ; k[i]=k[i - Nk] ^ temp
                    XOR       s7, s8
                    STORE     s7, pKey
                    ADD       pKey, 1

                    SUB       s0, 4
                    JUMP      NZ, key96
                    RET       

; Sub bytes of one 32b word pointed at by pKey
SubWord: 
                    LOAD      s0, 4
SubWord1:           FETCH     s8, pKey
                    CALL      SBox
                    STORE     s8, pKey