1 1.1 christos #include <machine/asm.h> 2 1.1 christos .text 3 1.1 christos .p2align 3 4 1.1 christos .globl rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt 5 1.1 christos .type rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt,@function 6 1.1 christos rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt: 7 1.1 christos # Load number of rounds 8 1.1 christos lwu t0, 240(a4) 9 1.1 christos .word 3439489111 10 1.1 christos .word 34074119 11 1.1 christos .word 34041479 12 1.1 christos .word 2815667831 13 1.1 christos addi t0, t0, -1 14 1.1 christos addi a4, a4, 16 15 1.1 christos 1: 16 1.1 christos .word 34041479 17 1.1 christos .word 2815503991 18 1.1 christos addi t0, t0, -1 19 1.1 christos addi a4, a4, 16 20 1.1 christos bnez t0, 1b 21 1.1 christos .word 34041479 22 1.1 christos .word 2815536759 23 1.1 christos 24 1.1 christos 25 1.1 christos # aes block size is 16 26 1.1 christos andi a6, a2, 15 27 1.1 christos mv t3, a2 28 1.1 christos beqz a6, 1f 29 1.1 christos sub a2, a2, a6 30 1.1 christos addi t3, a2, -16 31 1.1 christos 1: 32 1.1 christos # We make the `LENGTH` become e32 length here. 33 1.1 christos srli t4, a2, 2 34 1.1 christos srli t3, t3, 2 35 1.1 christos 36 1.1 christos # Load number of rounds 37 1.1 christos lwu t0, 240(a3) 38 1.1 christos li t1, 14 39 1.1 christos li t2, 10 40 1.1 christos beq t0, t1, aes_xts_enc_256 41 1.1 christos beq t0, t2, aes_xts_enc_128 42 1.1 christos .size rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt,.-rv64i_zvbb_zvkg_zvkned_aes_xts_encrypt 43 1.1 christos .p2align 3 44 1.1 christos aes_xts_enc_128: 45 1.1 christos # load input 46 1.1 christos .word 221182167 47 1.1 christos .word 33909767 48 1.1 christos 49 1.1 christos li t0, 5 50 1.1 christos # We could simplify the initialization steps if we have `block<=1`. 51 1.1 christos blt t4, t0, 1f 52 1.1 christos 53 1.1 christos # Note: We use `vgmul` for GF(2^128) multiplication. The `vgmul` uses 54 1.1 christos # different order of coefficients. We should use`vbrev8` to reverse the 55 1.1 christos # data when we use `vgmul`. 56 1.1 christos .word 3439489111 57 1.1 christos .word 1271144535 58 1.1 christos .word 221179991 59 1.1 christos .word 1577072727 60 1.1 christos # v16: [r-IV0, r-IV0, ...] 61 1.1 christos .word 2785257591 62 1.1 christos 63 1.1 christos # Prepare GF(2^128) multiplier [1, x, x^2, x^3, ...] in v8. 64 1.1 christos slli t0, t4, 2 65 1.1 christos .word 218296407 66 1.1 christos # v2: [`1`, `1`, `1`, `1`, ...] 67 1.1 christos .word 1577103703 68 1.1 christos # v3: [`0`, `1`, `2`, `3`, ...] 69 1.1 christos .word 1376297431 70 1.1 christos .word 227733591 71 1.1 christos # v4: [`1`, 0, `1`, 0, `1`, 0, `1`, 0, ...] 72 1.1 christos .word 1243816535 73 1.1 christos # v6: [`0`, 0, `1`, 0, `2`, 0, `3`, 0, ...] 74 1.1 christos .word 1244865367 75 1.1 christos slli t0, t4, 1 76 1.1 christos .word 219344983 77 1.1 christos # v8: [1<<0=1, 0, 0, 0, 1<<1=x, 0, 0, 0, 1<<2=x^2, 0, 0, 0, ...] 78 1.1 christos .word 3594716247 79 1.1 christos 80 1.1 christos # Compute [r-IV0*1, r-IV0*x, r-IV0*x^2, r-IV0*x^3, ...] in v16 81 1.1 christos .word 221179991 82 1.1 christos .word 1250174039 83 1.1 christos .word 2726865015 84 1.1 christos 85 1.1 christos # Compute [IV0*1, IV0*x, IV0*x^2, IV0*x^3, ...] in v28. 86 1.1 christos # Reverse the bits order back. 87 1.1 christos .word 1258565207 88 1.1 christos 89 1.1 christos # Prepare the x^n multiplier in v20. The `n` is the aes-xts block number 90 1.1 christos # in a LMUL=4 register group. 91 1.1 christos # n = ((VLEN*LMUL)/(32*4)) = ((VLEN*4)/(32*4)) 92 1.1 christos # = (VLEN/32) 93 1.1 christos # We could use vsetvli with `e32, m1` to compute the `n` number. 94 1.1 christos .word 218133207 95 1.1 christos li t1, 1 96 1.1 christos sll t0, t1, t0 97 1.1 christos .word 3447812183 98 1.1 christos .word 1577070679 99 1.1 christos .word 3380670551 100 1.1 christos .word 1577238615 101 1.1 christos .word 3447812183 102 1.1 christos .word 1241784407 103 1.1 christos .word 221179991 104 1.1 christos .word 1577073239 105 1.1 christos .word 2785258103 106 1.1 christos 107 1.1 christos j 2f 108 1.1 christos 1: 109 1.1 christos .word 3439489111 110 1.1 christos .word 1271146583 111 1.1 christos 2: 112 1.1 christos 113 1.1 christos .word 3439489111 114 1.1 christos .word 34005127 115 1.1 christos addi a3, a3, 16 116 1.1 christos .word 34005255 117 1.1 christos addi a3, a3, 16 118 1.1 christos .word 34005383 119 1.1 christos addi a3, a3, 16 120 1.1 christos .word 34005511 121 1.1 christos addi a3, a3, 16 122 1.1 christos .word 34005639 123 1.1 christos addi a3, a3, 16 124 1.1 christos .word 34005767 125 1.1 christos addi a3, a3, 16 126 1.1 christos .word 34005895 127 1.1 christos addi a3, a3, 16 128 1.1 christos .word 34006023 129 1.1 christos addi a3, a3, 16 130 1.1 christos .word 34006151 131 1.1 christos addi a3, a3, 16 132 1.1 christos .word 34006279 133 1.1 christos addi a3, a3, 16 134 1.1 christos .word 34006407 135 1.1 christos 136 1.1 christos 137 1.1 christos .word 221182167 138 1.1 christos j 1f 139 1.1 christos 140 1.1 christos .Lenc_blocks_128: 141 1.1 christos .word 221182167 142 1.1 christos # load plaintext into v24 143 1.1 christos .word 33909767 144 1.1 christos # update iv 145 1.1 christos .word 2739447927 146 1.1 christos # reverse the iv's bits order back 147 1.1 christos .word 1258565207 148 1.1 christos 1: 149 1.1 christos .word 797838423 150 1.1 christos slli t0, a7, 2 151 1.1 christos sub t4, t4, a7 152 1.1 christos add a0, a0, t0 153 1.1 christos .word 2786307191 154 1.1 christos .word 2787191927 155 1.1 christos .word 2788240503 156 1.1 christos .word 2789289079 157 1.1 christos .word 2790337655 158 1.1 christos .word 2791386231 159 1.1 christos .word 2792434807 160 1.1 christos .word 2793483383 161 1.1 christos .word 2794531959 162 1.1 christos .word 2795580535 163 1.1 christos .word 2796661879 164 1.1 christos 165 1.1 christos .word 797838423 166 1.1 christos 167 1.1 christos # store ciphertext 168 1.1 christos .word 221147223 169 1.1 christos .word 33942567 170 1.1 christos add a1, a1, t0 171 1.1 christos sub t3, t3, a7 172 1.1 christos 173 1.1 christos bnez t4, .Lenc_blocks_128 174 1.1 christos 175 1.1 christos bnez a6, 1f 176 1.1 christos ret 177 1.1 christos 1: 178 1.1 christos # slidedown second to last block 179 1.1 christos addi a7, a7, -4 180 1.1 christos .word 3441586263 181 1.1 christos # ciphertext 182 1.1 christos .word 1065929815 183 1.1 christos # multiplier 184 1.1 christos .word 1057540183 185 1.1 christos 186 1.1 christos .word 3439489111 187 1.1 christos .word 1577848023 188 1.1 christos 189 1.1 christos # load last block into v24 190 1.1 christos # note: We should load the last block before store the second to last block 191 1.1 christos # for in-place operation. 192 1.1 christos .word 134770775 193 1.1 christos .word 33885191 194 1.1 christos 195 1.1 christos # setup `x` multiplier with byte-reversed order 196 1.1 christos # 0b00000010 => 0b01000000 (0x40) 197 1.1 christos li t0, 0x40 198 1.1 christos .word 3439489111 199 1.1 christos .word 1577074263 200 1.1 christos .word 3355504727 201 1.1 christos .word 1577242199 202 1.1 christos 203 1.1 christos # compute IV for last block 204 1.1 christos .word 3439489111 205 1.1 christos .word 2747836535 206 1.1 christos .word 1258565207 207 1.1 christos 208 1.1 christos # store second to last block 209 1.1 christos .word 201879639 210 1.1 christos .word 33918119 211 1.1 christos 212 1.1 christos 213 1.1 christos # xts last block 214 1.1 christos .word 3439489111 215 1.1 christos .word 797838423 216 1.1 christos .word 2786307191 217 1.1 christos .word 2787191927 218 1.1 christos .word 2788240503 219 1.1 christos .word 2789289079 220 1.1 christos .word 2790337655 221 1.1 christos .word 2791386231 222 1.1 christos .word 2792434807 223 1.1 christos .word 2793483383 224 1.1 christos .word 2794531959 225 1.1 christos .word 2795580535 226 1.1 christos .word 2796661879 227 1.1 christos 228 1.1 christos .word 797838423 229 1.1 christos 230 1.1 christos # store last block ciphertext 231 1.1 christos addi a1, a1, -16 232 1.1 christos .word 33942567 233 1.1 christos 234 1.1 christos ret 235 1.1 christos .size aes_xts_enc_128,.-aes_xts_enc_128 236 1.1 christos .p2align 3 237 1.1 christos aes_xts_enc_256: 238 1.1 christos # load input 239 1.1 christos .word 221182167 240 1.1 christos .word 33909767 241 1.1 christos 242 1.1 christos li t0, 5 243 1.1 christos # We could simplify the initialization steps if we have `block<=1`. 244 1.1 christos blt t4, t0, 1f 245 1.1 christos 246 1.1 christos # Note: We use `vgmul` for GF(2^128) multiplication. The `vgmul` uses 247 1.1 christos # different order of coefficients. We should use`vbrev8` to reverse the 248 1.1 christos # data when we use `vgmul`. 249 1.1 christos .word 3439489111 250 1.1 christos .word 1271144535 251 1.1 christos .word 221179991 252 1.1 christos .word 1577072727 253 1.1 christos # v16: [r-IV0, r-IV0, ...] 254 1.1 christos .word 2785257591 255 1.1 christos 256 1.1 christos # Prepare GF(2^128) multiplier [1, x, x^2, x^3, ...] in v8. 257 1.1 christos slli t0, t4, 2 258 1.1 christos .word 218296407 259 1.1 christos # v2: [`1`, `1`, `1`, `1`, ...] 260 1.1 christos .word 1577103703 261 1.1 christos # v3: [`0`, `1`, `2`, `3`, ...] 262 1.1 christos .word 1376297431 263 1.1 christos .word 227733591 264 1.1 christos # v4: [`1`, 0, `1`, 0, `1`, 0, `1`, 0, ...] 265 1.1 christos .word 1243816535 266 1.1 christos # v6: [`0`, 0, `1`, 0, `2`, 0, `3`, 0, ...] 267 1.1 christos .word 1244865367 268 1.1 christos slli t0, t4, 1 269 1.1 christos .word 219344983 270 1.1 christos # v8: [1<<0=1, 0, 0, 0, 1<<1=x, 0, 0, 0, 1<<2=x^2, 0, 0, 0, ...] 271 1.1 christos .word 3594716247 272 1.1 christos 273 1.1 christos # Compute [r-IV0*1, r-IV0*x, r-IV0*x^2, r-IV0*x^3, ...] in v16 274 1.1 christos .word 221179991 275 1.1 christos .word 1250174039 276 1.1 christos .word 2726865015 277 1.1 christos 278 1.1 christos # Compute [IV0*1, IV0*x, IV0*x^2, IV0*x^3, ...] in v28. 279 1.1 christos # Reverse the bits order back. 280 1.1 christos .word 1258565207 281 1.1 christos 282 1.1 christos # Prepare the x^n multiplier in v20. The `n` is the aes-xts block number 283 1.1 christos # in a LMUL=4 register group. 284 1.1 christos # n = ((VLEN*LMUL)/(32*4)) = ((VLEN*4)/(32*4)) 285 1.1 christos # = (VLEN/32) 286 1.1 christos # We could use vsetvli with `e32, m1` to compute the `n` number. 287 1.1 christos .word 218133207 288 1.1 christos li t1, 1 289 1.1 christos sll t0, t1, t0 290 1.1 christos .word 3447812183 291 1.1 christos .word 1577070679 292 1.1 christos .word 3380670551 293 1.1 christos .word 1577238615 294 1.1 christos .word 3447812183 295 1.1 christos .word 1241784407 296 1.1 christos .word 221179991 297 1.1 christos .word 1577073239 298 1.1 christos .word 2785258103 299 1.1 christos 300 1.1 christos j 2f 301 1.1 christos 1: 302 1.1 christos .word 3439489111 303 1.1 christos .word 1271146583 304 1.1 christos 2: 305 1.1 christos 306 1.1 christos .word 3439489111 307 1.1 christos .word 34005127 308 1.1 christos addi a3, a3, 16 309 1.1 christos .word 34005255 310 1.1 christos addi a3, a3, 16 311 1.1 christos .word 34005383 312 1.1 christos addi a3, a3, 16 313 1.1 christos .word 34005511 314 1.1 christos addi a3, a3, 16 315 1.1 christos .word 34005639 316 1.1 christos addi a3, a3, 16 317 1.1 christos .word 34005767 318 1.1 christos addi a3, a3, 16 319 1.1 christos .word 34005895 320 1.1 christos addi a3, a3, 16 321 1.1 christos .word 34006023 322 1.1 christos addi a3, a3, 16 323 1.1 christos .word 34006151 324 1.1 christos addi a3, a3, 16 325 1.1 christos .word 34006279 326 1.1 christos addi a3, a3, 16 327 1.1 christos .word 34006407 328 1.1 christos addi a3, a3, 16 329 1.1 christos .word 34006535 330 1.1 christos addi a3, a3, 16 331 1.1 christos .word 34006663 332 1.1 christos addi a3, a3, 16 333 1.1 christos .word 34006791 334 1.1 christos addi a3, a3, 16 335 1.1 christos .word 34006919 336 1.1 christos 337 1.1 christos 338 1.1 christos .word 221182167 339 1.1 christos j 1f 340 1.1 christos 341 1.1 christos .Lenc_blocks_256: 342 1.1 christos .word 221182167 343 1.1 christos # load plaintext into v24 344 1.1 christos .word 33909767 345 1.1 christos # update iv 346 1.1 christos .word 2739447927 347 1.1 christos # reverse the iv's bits order back 348 1.1 christos .word 1258565207 349 1.1 christos 1: 350 1.1 christos .word 797838423 351 1.1 christos slli t0, a7, 2 352 1.1 christos sub t4, t4, a7 353 1.1 christos add a0, a0, t0 354 1.1 christos .word 2786307191 355 1.1 christos .word 2787191927 356 1.1 christos .word 2788240503 357 1.1 christos .word 2789289079 358 1.1 christos .word 2790337655 359 1.1 christos .word 2791386231 360 1.1 christos .word 2792434807 361 1.1 christos .word 2793483383 362 1.1 christos .word 2794531959 363 1.1 christos .word 2795580535 364 1.1 christos .word 2796629111 365 1.1 christos .word 2797677687 366 1.1 christos .word 2798726263 367 1.1 christos .word 2799774839 368 1.1 christos .word 2800856183 369 1.1 christos 370 1.1 christos .word 797838423 371 1.1 christos 372 1.1 christos # store ciphertext 373 1.1 christos .word 221147223 374 1.1 christos .word 33942567 375 1.1 christos add a1, a1, t0 376 1.1 christos sub t3, t3, a7 377 1.1 christos 378 1.1 christos bnez t4, .Lenc_blocks_256 379 1.1 christos 380 1.1 christos bnez a6, 1f 381 1.1 christos ret 382 1.1 christos 1: 383 1.1 christos # slidedown second to last block 384 1.1 christos addi a7, a7, -4 385 1.1 christos .word 3441586263 386 1.1 christos # ciphertext 387 1.1 christos .word 1065929815 388 1.1 christos # multiplier 389 1.1 christos .word 1057540183 390 1.1 christos 391 1.1 christos .word 3439489111 392 1.1 christos .word 1577848023 393 1.1 christos 394 1.1 christos # load last block into v24 395 1.1 christos # note: We should load the last block before store the second to last block 396 1.1 christos # for in-place operation. 397 1.1 christos .word 134770775 398 1.1 christos .word 33885191 399 1.1 christos 400 1.1 christos # setup `x` multiplier with byte-reversed order 401 1.1 christos # 0b00000010 => 0b01000000 (0x40) 402 1.1 christos li t0, 0x40 403 1.1 christos .word 3439489111 404 1.1 christos .word 1577074263 405 1.1 christos .word 3355504727 406 1.1 christos .word 1577242199 407 1.1 christos 408 1.1 christos # compute IV for last block 409 1.1 christos .word 3439489111 410 1.1 christos .word 2747836535 411 1.1 christos .word 1258565207 412 1.1 christos 413 1.1 christos # store second to last block 414 1.1 christos .word 201879639 415 1.1 christos .word 33918119 416 1.1 christos 417 1.1 christos 418 1.1 christos # xts last block 419 1.1 christos .word 3439489111 420 1.1 christos .word 797838423 421 1.1 christos .word 2786307191 422 1.1 christos .word 2787191927 423 1.1 christos .word 2788240503 424 1.1 christos .word 2789289079 425 1.1 christos .word 2790337655 426 1.1 christos .word 2791386231 427 1.1 christos .word 2792434807 428 1.1 christos .word 2793483383 429 1.1 christos .word 2794531959 430 1.1 christos .word 2795580535 431 1.1 christos .word 2796629111 432 1.1 christos .word 2797677687 433 1.1 christos .word 2798726263 434 1.1 christos .word 2799774839 435 1.1 christos .word 2800856183 436 1.1 christos 437 1.1 christos .word 797838423 438 1.1 christos 439 1.1 christos # store last block ciphertext 440 1.1 christos addi a1, a1, -16 441 1.1 christos .word 33942567 442 1.1 christos 443 1.1 christos ret 444 1.1 christos .size aes_xts_enc_256,.-aes_xts_enc_256 445 1.1 christos .p2align 3 446 1.1 christos .globl rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt 447 1.1 christos .type rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt,@function 448 1.1 christos rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt: 449 1.1 christos # Load number of rounds 450 1.1 christos lwu t0, 240(a4) 451 1.1 christos .word 3439489111 452 1.1 christos .word 34074119 453 1.1 christos .word 34041479 454 1.1 christos .word 2815667831 455 1.1 christos addi t0, t0, -1 456 1.1 christos addi a4, a4, 16 457 1.1 christos 1: 458 1.1 christos .word 34041479 459 1.1 christos .word 2815503991 460 1.1 christos addi t0, t0, -1 461 1.1 christos addi a4, a4, 16 462 1.1 christos bnez t0, 1b 463 1.1 christos .word 34041479 464 1.1 christos .word 2815536759 465 1.1 christos 466 1.1 christos 467 1.1 christos # aes block size is 16 468 1.1 christos andi a6, a2, 15 469 1.1 christos beqz a6, 1f 470 1.1 christos sub a2, a2, a6 471 1.1 christos addi a2, a2, -16 472 1.1 christos 1: 473 1.1 christos # We make the `LENGTH` become e32 length here. 474 1.1 christos srli t4, a2, 2 475 1.1 christos 476 1.1 christos # Load number of rounds 477 1.1 christos lwu t0, 240(a3) 478 1.1 christos li t1, 14 479 1.1 christos li t2, 10 480 1.1 christos beq t0, t1, aes_xts_dec_256 481 1.1 christos beq t0, t2, aes_xts_dec_128 482 1.1 christos .size rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt,.-rv64i_zvbb_zvkg_zvkned_aes_xts_decrypt 483 1.1 christos .p2align 3 484 1.1 christos aes_xts_dec_128: 485 1.1 christos # load input 486 1.1 christos .word 221182167 487 1.1 christos .word 33909767 488 1.1 christos 489 1.1 christos li t0, 5 490 1.1 christos # We could simplify the initialization steps if we have `block<=1`. 491 1.1 christos blt t4, t0, 1f 492 1.1 christos 493 1.1 christos # Note: We use `vgmul` for GF(2^128) multiplication. The `vgmul` uses 494 1.1 christos # different order of coefficients. We should use`vbrev8` to reverse the 495 1.1 christos # data when we use `vgmul`. 496 1.1 christos .word 3439489111 497 1.1 christos .word 1271144535 498 1.1 christos .word 221179991 499 1.1 christos .word 1577072727 500 1.1 christos # v16: [r-IV0, r-IV0, ...] 501 1.1 christos .word 2785257591 502 1.1 christos 503 1.1 christos # Prepare GF(2^128) multiplier [1, x, x^2, x^3, ...] in v8. 504 1.1 christos slli t0, t4, 2 505 1.1 christos .word 218296407 506 1.1 christos # v2: [`1`, `1`, `1`, `1`, ...] 507 1.1 christos .word 1577103703 508 1.1 christos # v3: [`0`, `1`, `2`, `3`, ...] 509 1.1 christos .word 1376297431 510 1.1 christos .word 227733591 511 1.1 christos # v4: [`1`, 0, `1`, 0, `1`, 0, `1`, 0, ...] 512 1.1 christos .word 1243816535 513 1.1 christos # v6: [`0`, 0, `1`, 0, `2`, 0, `3`, 0, ...] 514 1.1 christos .word 1244865367 515 1.1 christos slli t0, t4, 1 516 1.1 christos .word 219344983 517 1.1 christos # v8: [1<<0=1, 0, 0, 0, 1<<1=x, 0, 0, 0, 1<<2=x^2, 0, 0, 0, ...] 518 1.1 christos .word 3594716247 519 1.1 christos 520 1.1 christos # Compute [r-IV0*1, r-IV0*x, r-IV0*x^2, r-IV0*x^3, ...] in v16 521 1.1 christos .word 221179991 522 1.1 christos .word 1250174039 523 1.1 christos .word 2726865015 524 1.1 christos 525 1.1 christos # Compute [IV0*1, IV0*x, IV0*x^2, IV0*x^3, ...] in v28. 526 1.1 christos # Reverse the bits order back. 527 1.1 christos .word 1258565207 528 1.1 christos 529 1.1 christos # Prepare the x^n multiplier in v20. The `n` is the aes-xts block number 530 1.1 christos # in a LMUL=4 register group. 531 1.1 christos # n = ((VLEN*LMUL)/(32*4)) = ((VLEN*4)/(32*4)) 532 1.1 christos # = (VLEN/32) 533 1.1 christos # We could use vsetvli with `e32, m1` to compute the `n` number. 534 1.1 christos .word 218133207 535 1.1 christos li t1, 1 536 1.1 christos sll t0, t1, t0 537 1.1 christos .word 3447812183 538 1.1 christos .word 1577070679 539 1.1 christos .word 3380670551 540 1.1 christos .word 1577238615 541 1.1 christos .word 3447812183 542 1.1 christos .word 1241784407 543 1.1 christos .word 221179991 544 1.1 christos .word 1577073239 545 1.1 christos .word 2785258103 546 1.1 christos 547 1.1 christos j 2f 548 1.1 christos 1: 549 1.1 christos .word 3439489111 550 1.1 christos .word 1271146583 551 1.1 christos 2: 552 1.1 christos 553 1.1 christos .word 3439489111 554 1.1 christos .word 34005127 555 1.1 christos addi a3, a3, 16 556 1.1 christos .word 34005255 557 1.1 christos addi a3, a3, 16 558 1.1 christos .word 34005383 559 1.1 christos addi a3, a3, 16 560 1.1 christos .word 34005511 561 1.1 christos addi a3, a3, 16 562 1.1 christos .word 34005639 563 1.1 christos addi a3, a3, 16 564 1.1 christos .word 34005767 565 1.1 christos addi a3, a3, 16 566 1.1 christos .word 34005895 567 1.1 christos addi a3, a3, 16 568 1.1 christos .word 34006023 569 1.1 christos addi a3, a3, 16 570 1.1 christos .word 34006151 571 1.1 christos addi a3, a3, 16 572 1.1 christos .word 34006279 573 1.1 christos addi a3, a3, 16 574 1.1 christos .word 34006407 575 1.1 christos 576 1.1 christos 577 1.1 christos beqz t4, 2f 578 1.1 christos 579 1.1 christos .word 221182167 580 1.1 christos j 1f 581 1.1 christos 582 1.1 christos .Ldec_blocks_128: 583 1.1 christos .word 221182167 584 1.1 christos # load ciphertext into v24 585 1.1 christos .word 33909767 586 1.1 christos # update iv 587 1.1 christos .word 2739447927 588 1.1 christos # reverse the iv's bits order back 589 1.1 christos .word 1258565207 590 1.1 christos 1: 591 1.1 christos .word 797838423 592 1.1 christos slli t0, a7, 2 593 1.1 christos sub t4, t4, a7 594 1.1 christos add a0, a0, t0 595 1.1 christos .word 2796792951 596 1.1 christos .word 2795514999 597 1.1 christos .word 2794466423 598 1.1 christos .word 2793417847 599 1.1 christos .word 2792369271 600 1.1 christos .word 2791320695 601 1.1 christos .word 2790272119 602 1.1 christos .word 2789223543 603 1.1 christos .word 2788174967 604 1.1 christos .word 2787126391 605 1.1 christos .word 2786110583 606 1.1 christos 607 1.1 christos .word 797838423 608 1.1 christos 609 1.1 christos # store plaintext 610 1.1 christos .word 33942567 611 1.1 christos add a1, a1, t0 612 1.1 christos 613 1.1 christos bnez t4, .Ldec_blocks_128 614 1.1 christos 615 1.1 christos 2: 616 1.1 christos bnez a6, 1f 617 1.1 christos ret 618 1.1 christos 1: 619 1.1 christos # load second to last block's ciphertext 620 1.1 christos .word 3439489111 621 1.1 christos .word 33909767 622 1.1 christos addi a0, a0, 16 623 1.1 christos 624 1.1 christos # setup `x` multiplier with byte-reversed order 625 1.1 christos # 0b00000010 => 0b01000000 (0x40) 626 1.1 christos li t0, 0x40 627 1.1 christos .word 3439489111 628 1.1 christos .word 1577073239 629 1.1 christos .word 3355504727 630 1.1 christos .word 1577241175 631 1.1 christos 632 1.1 christos beqz a2, 1f 633 1.1 christos # slidedown third to last block 634 1.1 christos addi a7, a7, -4 635 1.1 christos .word 3441586263 636 1.1 christos # multiplier 637 1.1 christos .word 1057540183 638 1.1 christos 639 1.1 christos # compute IV for last block 640 1.1 christos .word 3439489111 641 1.1 christos .word 2739447927 642 1.1 christos .word 1258565207 643 1.1 christos 644 1.1 christos # compute IV for second to last block 645 1.1 christos .word 2739447927 646 1.1 christos .word 1258565335 647 1.1 christos j 2f 648 1.1 christos 1: 649 1.1 christos # compute IV for second to last block 650 1.1 christos .word 3439489111 651 1.1 christos .word 2739447927 652 1.1 christos .word 1258565335 653 1.1 christos 2: 654 1.1 christos 655 1.1 christos 656 1.1 christos ## xts second to last block 657 1.1 christos .word 3439489111 658 1.1 christos .word 797871191 659 1.1 christos .word 2796792951 660 1.1 christos .word 2795514999 661 1.1 christos .word 2794466423 662 1.1 christos .word 2793417847 663 1.1 christos .word 2792369271 664 1.1 christos .word 2791320695 665 1.1 christos .word 2790272119 666 1.1 christos .word 2789223543 667 1.1 christos .word 2788174967 668 1.1 christos .word 2787126391 669 1.1 christos .word 2786110583 670 1.1 christos 671 1.1 christos .word 797871191 672 1.1 christos .word 1577848023 673 1.1 christos 674 1.1 christos # load last block ciphertext 675 1.1 christos .word 134770775 676 1.1 christos .word 33885191 677 1.1 christos 678 1.1 christos # store second to last block plaintext 679 1.1 christos addi t0, a1, 16 680 1.1 christos .word 33721511 681 1.1 christos 682 1.1 christos ## xts last block 683 1.1 christos .word 3439489111 684 1.1 christos .word 797838423 685 1.1 christos .word 2796792951 686 1.1 christos .word 2795514999 687 1.1 christos .word 2794466423 688 1.1 christos .word 2793417847 689 1.1 christos .word 2792369271 690 1.1 christos .word 2791320695 691 1.1 christos .word 2790272119 692 1.1 christos .word 2789223543 693 1.1 christos .word 2788174967 694 1.1 christos .word 2787126391 695 1.1 christos .word 2786110583 696 1.1 christos 697 1.1 christos .word 797838423 698 1.1 christos 699 1.1 christos # store second to last block plaintext 700 1.1 christos .word 33942567 701 1.1 christos 702 1.1 christos ret 703 1.1 christos .size aes_xts_dec_128,.-aes_xts_dec_128 704 1.1 christos .p2align 3 705 1.1 christos aes_xts_dec_256: 706 1.1 christos # load input 707 1.1 christos .word 221182167 708 1.1 christos .word 33909767 709 1.1 christos 710 1.1 christos li t0, 5 711 1.1 christos # We could simplify the initialization steps if we have `block<=1`. 712 1.1 christos blt t4, t0, 1f 713 1.1 christos 714 1.1 christos # Note: We use `vgmul` for GF(2^128) multiplication. The `vgmul` uses 715 1.1 christos # different order of coefficients. We should use`vbrev8` to reverse the 716 1.1 christos # data when we use `vgmul`. 717 1.1 christos .word 3439489111 718 1.1 christos .word 1271144535 719 1.1 christos .word 221179991 720 1.1 christos .word 1577072727 721 1.1 christos # v16: [r-IV0, r-IV0, ...] 722 1.1 christos .word 2785257591 723 1.1 christos 724 1.1 christos # Prepare GF(2^128) multiplier [1, x, x^2, x^3, ...] in v8. 725 1.1 christos slli t0, t4, 2 726 1.1 christos .word 218296407 727 1.1 christos # v2: [`1`, `1`, `1`, `1`, ...] 728 1.1 christos .word 1577103703 729 1.1 christos # v3: [`0`, `1`, `2`, `3`, ...] 730 1.1 christos .word 1376297431 731 1.1 christos .word 227733591 732 1.1 christos # v4: [`1`, 0, `1`, 0, `1`, 0, `1`, 0, ...] 733 1.1 christos .word 1243816535 734 1.1 christos # v6: [`0`, 0, `1`, 0, `2`, 0, `3`, 0, ...] 735 1.1 christos .word 1244865367 736 1.1 christos slli t0, t4, 1 737 1.1 christos .word 219344983 738 1.1 christos # v8: [1<<0=1, 0, 0, 0, 1<<1=x, 0, 0, 0, 1<<2=x^2, 0, 0, 0, ...] 739 1.1 christos .word 3594716247 740 1.1 christos 741 1.1 christos # Compute [r-IV0*1, r-IV0*x, r-IV0*x^2, r-IV0*x^3, ...] in v16 742 1.1 christos .word 221179991 743 1.1 christos .word 1250174039 744 1.1 christos .word 2726865015 745 1.1 christos 746 1.1 christos # Compute [IV0*1, IV0*x, IV0*x^2, IV0*x^3, ...] in v28. 747 1.1 christos # Reverse the bits order back. 748 1.1 christos .word 1258565207 749 1.1 christos 750 1.1 christos # Prepare the x^n multiplier in v20. The `n` is the aes-xts block number 751 1.1 christos # in a LMUL=4 register group. 752 1.1 christos # n = ((VLEN*LMUL)/(32*4)) = ((VLEN*4)/(32*4)) 753 1.1 christos # = (VLEN/32) 754 1.1 christos # We could use vsetvli with `e32, m1` to compute the `n` number. 755 1.1 christos .word 218133207 756 1.1 christos li t1, 1 757 1.1 christos sll t0, t1, t0 758 1.1 christos .word 3447812183 759 1.1 christos .word 1577070679 760 1.1 christos .word 3380670551 761 1.1 christos .word 1577238615 762 1.1 christos .word 3447812183 763 1.1 christos .word 1241784407 764 1.1 christos .word 221179991 765 1.1 christos .word 1577073239 766 1.1 christos .word 2785258103 767 1.1 christos 768 1.1 christos j 2f 769 1.1 christos 1: 770 1.1 christos .word 3439489111 771 1.1 christos .word 1271146583 772 1.1 christos 2: 773 1.1 christos 774 1.1 christos .word 3439489111 775 1.1 christos .word 34005127 776 1.1 christos addi a3, a3, 16 777 1.1 christos .word 34005255 778 1.1 christos addi a3, a3, 16 779 1.1 christos .word 34005383 780 1.1 christos addi a3, a3, 16 781 1.1 christos .word 34005511 782 1.1 christos addi a3, a3, 16 783 1.1 christos .word 34005639 784 1.1 christos addi a3, a3, 16 785 1.1 christos .word 34005767 786 1.1 christos addi a3, a3, 16 787 1.1 christos .word 34005895 788 1.1 christos addi a3, a3, 16 789 1.1 christos .word 34006023 790 1.1 christos addi a3, a3, 16 791 1.1 christos .word 34006151 792 1.1 christos addi a3, a3, 16 793 1.1 christos .word 34006279 794 1.1 christos addi a3, a3, 16 795 1.1 christos .word 34006407 796 1.1 christos addi a3, a3, 16 797 1.1 christos .word 34006535 798 1.1 christos addi a3, a3, 16 799 1.1 christos .word 34006663 800 1.1 christos addi a3, a3, 16 801 1.1 christos .word 34006791 802 1.1 christos addi a3, a3, 16 803 1.1 christos .word 34006919 804 1.1 christos 805 1.1 christos 806 1.1 christos beqz t4, 2f 807 1.1 christos 808 1.1 christos .word 221182167 809 1.1 christos j 1f 810 1.1 christos 811 1.1 christos .Ldec_blocks_256: 812 1.1 christos .word 221182167 813 1.1 christos # load ciphertext into v24 814 1.1 christos .word 33909767 815 1.1 christos # update iv 816 1.1 christos .word 2739447927 817 1.1 christos # reverse the iv's bits order back 818 1.1 christos .word 1258565207 819 1.1 christos 1: 820 1.1 christos .word 797838423 821 1.1 christos slli t0, a7, 2 822 1.1 christos sub t4, t4, a7 823 1.1 christos add a0, a0, t0 824 1.1 christos .word 2800987255 825 1.1 christos .word 2799709303 826 1.1 christos .word 2798660727 827 1.1 christos .word 2797612151 828 1.1 christos .word 2796563575 829 1.1 christos .word 2795514999 830 1.1 christos .word 2794466423 831 1.1 christos .word 2793417847 832 1.1 christos .word 2792369271 833 1.1 christos .word 2791320695 834 1.1 christos .word 2790272119 835 1.1 christos .word 2789223543 836 1.1 christos .word 2788174967 837 1.1 christos .word 2787126391 838 1.1 christos .word 2786110583 839 1.1 christos 840 1.1 christos .word 797838423 841 1.1 christos 842 1.1 christos # store plaintext 843 1.1 christos .word 33942567 844 1.1 christos add a1, a1, t0 845 1.1 christos 846 1.1 christos bnez t4, .Ldec_blocks_256 847 1.1 christos 848 1.1 christos 2: 849 1.1 christos bnez a6, 1f 850 1.1 christos ret 851 1.1 christos 1: 852 1.1 christos # load second to last block's ciphertext 853 1.1 christos .word 3439489111 854 1.1 christos .word 33909767 855 1.1 christos addi a0, a0, 16 856 1.1 christos 857 1.1 christos # setup `x` multiplier with byte-reversed order 858 1.1 christos # 0b00000010 => 0b01000000 (0x40) 859 1.1 christos li t0, 0x40 860 1.1 christos .word 3439489111 861 1.1 christos .word 1577073239 862 1.1 christos .word 3355504727 863 1.1 christos .word 1577241175 864 1.1 christos 865 1.1 christos beqz a2, 1f 866 1.1 christos # slidedown third to last block 867 1.1 christos addi a7, a7, -4 868 1.1 christos .word 3441586263 869 1.1 christos # multiplier 870 1.1 christos .word 1057540183 871 1.1 christos 872 1.1 christos # compute IV for last block 873 1.1 christos .word 3439489111 874 1.1 christos .word 2739447927 875 1.1 christos .word 1258565207 876 1.1 christos 877 1.1 christos # compute IV for second to last block 878 1.1 christos .word 2739447927 879 1.1 christos .word 1258565335 880 1.1 christos j 2f 881 1.1 christos 1: 882 1.1 christos # compute IV for second to last block 883 1.1 christos .word 3439489111 884 1.1 christos .word 2739447927 885 1.1 christos .word 1258565335 886 1.1 christos 2: 887 1.1 christos 888 1.1 christos 889 1.1 christos ## xts second to last block 890 1.1 christos .word 3439489111 891 1.1 christos .word 797871191 892 1.1 christos .word 2800987255 893 1.1 christos .word 2799709303 894 1.1 christos .word 2798660727 895 1.1 christos .word 2797612151 896 1.1 christos .word 2796563575 897 1.1 christos .word 2795514999 898 1.1 christos .word 2794466423 899 1.1 christos .word 2793417847 900 1.1 christos .word 2792369271 901 1.1 christos .word 2791320695 902 1.1 christos .word 2790272119 903 1.1 christos .word 2789223543 904 1.1 christos .word 2788174967 905 1.1 christos .word 2787126391 906 1.1 christos .word 2786110583 907 1.1 christos 908 1.1 christos .word 797871191 909 1.1 christos .word 1577848023 910 1.1 christos 911 1.1 christos # load last block ciphertext 912 1.1 christos .word 134770775 913 1.1 christos .word 33885191 914 1.1 christos 915 1.1 christos # store second to last block plaintext 916 1.1 christos addi t0, a1, 16 917 1.1 christos .word 33721511 918 1.1 christos 919 1.1 christos ## xts last block 920 1.1 christos .word 3439489111 921 1.1 christos .word 797838423 922 1.1 christos .word 2800987255 923 1.1 christos .word 2799709303 924 1.1 christos .word 2798660727 925 1.1 christos .word 2797612151 926 1.1 christos .word 2796563575 927 1.1 christos .word 2795514999 928 1.1 christos .word 2794466423 929 1.1 christos .word 2793417847 930 1.1 christos .word 2792369271 931 1.1 christos .word 2791320695 932 1.1 christos .word 2790272119 933 1.1 christos .word 2789223543 934 1.1 christos .word 2788174967 935 1.1 christos .word 2787126391 936 1.1 christos .word 2786110583 937 1.1 christos 938 1.1 christos .word 797838423 939 1.1 christos 940 1.1 christos # store second to last block plaintext 941 1.1 christos .word 33942567 942 1.1 christos 943 1.1 christos ret 944 1.1 christos .size aes_xts_dec_256,.-aes_xts_dec_256 945
Indexes created Sat Feb 28 05:31:39 UTC 2026