65816-crypto/aes.asm

381 lines
11 KiB
NASM
Raw Normal View History

case on
mcopy aes.macros
align 256
tables privdata
Sbox anop ; forward s-box
dc h'63 7c 77 7b f2 6b 6f c5 30 01 67 2b fe d7 ab 76'
dc h'ca 82 c9 7d fa 59 47 f0 ad d4 a2 af 9c a4 72 c0'
dc h'b7 fd 93 26 36 3f f7 cc 34 a5 e5 f1 71 d8 31 15'
dc h'04 c7 23 c3 18 96 05 9a 07 12 80 e2 eb 27 b2 75'
dc h'09 83 2c 1a 1b 6e 5a a0 52 3b d6 b3 29 e3 2f 84'
dc h'53 d1 00 ed 20 fc b1 5b 6a cb be 39 4a 4c 58 cf'
dc h'd0 ef aa fb 43 4d 33 85 45 f9 02 7f 50 3c 9f a8'
dc h'51 a3 40 8f 92 9d 38 f5 bc b6 da 21 10 ff f3 d2'
dc h'cd 0c 13 ec 5f 97 44 17 c4 a7 7e 3d 64 5d 19 73'
dc h'60 81 4f dc 22 2a 90 88 46 ee b8 14 de 5e 0b db'
dc h'e0 32 3a 0a 49 06 24 5c c2 d3 ac 62 91 95 e4 79'
dc h'e7 c8 37 6d 8d d5 4e a9 6c 56 f4 ea 65 7a ae 08'
dc h'ba 78 25 2e 1c a6 b4 c6 e8 dd 74 1f 4b bd 8b 8a'
dc h'70 3e b5 66 48 03 f6 0e 61 35 57 b9 86 c1 1d 9e'
dc h'e1 f8 98 11 69 d9 8e 94 9b 1e 87 e9 ce 55 28 df'
dc h'8c a1 89 0d bf e6 42 68 41 99 2d 0f b0 54 bb 16'
InvSbox anop ; inverse s-box
dc h'52 09 6a d5 30 36 a5 38 bf 40 a3 9e 81 f3 d7 fb'
dc h'7c e3 39 82 9b 2f ff 87 34 8e 43 44 c4 de e9 cb'
dc h'54 7b 94 32 a6 c2 23 3d ee 4c 95 0b 42 fa c3 4e'
dc h'08 2e a1 66 28 d9 24 b2 76 5b a2 49 6d 8b d1 25'
dc h'72 f8 f6 64 86 68 98 16 d4 a4 5c cc 5d 65 b6 92'
dc h'6c 70 48 50 fd ed b9 da 5e 15 46 57 a7 8d 9d 84'
dc h'90 d8 ab 00 8c bc d3 0a f7 e4 58 05 b8 b3 45 06'
dc h'd0 2c 1e 8f ca 3f 0f 02 c1 af bd 03 01 13 8a 6b'
dc h'3a 91 11 41 4f 67 dc ea 97 f2 cf ce f0 b4 e6 73'
dc h'96 ac 74 22 e7 ad 35 85 e2 f9 37 e8 1c 75 df 6e'
dc h'47 f1 1a 71 1d 29 c5 89 6f b7 62 0e aa 18 be 1b'
dc h'fc 56 3e 4b c6 d2 79 20 9a db c0 fe 78 cd 5a f4'
dc h'1f dd a8 33 88 07 c7 31 b1 12 10 59 27 80 ec 5f'
dc h'60 51 7f a9 19 b5 4a 0d 2d e5 7a 9f 93 c9 9c ef'
dc h'a0 e0 3b 4d ae 2a f5 b0 c8 eb bb 3c 83 53 99 61'
dc h'17 2b 04 7e ba 77 d6 26 e1 69 14 63 55 21 0c 7d'
Xtime2Sbox anop ; combined Xtimes2[Sbox[]]
dc h'c6 f8 ee f6 ff d6 de 91 60 02 ce 56 e7 b5 4d ec'
dc h'8f 1f 89 fa ef b2 8e fb 41 b3 5f 45 23 53 e4 9b'
dc h'75 e1 3d 4c 6c 7e f5 83 68 51 d1 f9 e2 ab 62 2a'
dc h'08 95 46 9d 30 37 0a 2f 0e 24 1b df cd 4e 7f ea'
dc h'12 1d 58 34 36 dc b4 5b a4 76 b7 7d 52 dd 5e 13'
dc h'a6 b9 00 c1 40 e3 79 b6 d4 8d 67 72 94 98 b0 85'
dc h'bb c5 4f ed 86 9a 66 11 8a e9 04 fe a0 78 25 4b'
dc h'a2 5d 80 05 3f 21 70 f1 63 77 af 42 20 e5 fd bf'
dc h'81 18 26 c3 be 35 88 2e 93 55 fc 7a c8 ba 32 e6'
dc h'c0 19 9e a3 44 54 3b 0b 8c c7 6b 28 a7 bc 16 ad'
dc h'db 64 74 14 92 0c 48 b8 9f bd 43 c4 39 31 d3 f2'
dc h'd5 8b 6e da 01 b1 9c 49 d8 ac f3 cf ca f4 47 10'
dc h'6f f0 4a 5c 38 57 73 97 cb a1 e8 3e 96 61 0d 0f'
dc h'e0 7c 71 cc 90 06 f7 1c c2 6a ae 69 17 99 3a 27'
dc h'd9 eb 2b 22 d2 a9 07 33 2d 3c 15 c9 87 aa 50 a5'
dc h'03 59 09 1a 65 d7 84 d0 82 29 5a 1e 7b a8 6d 2c'
Xtime3Sbox anop ; combined Xtimes3[Sbox[]]
dc h'a5 84 99 8d 0d bd b1 54 50 03 a9 7d 19 62 e6 9a'
dc h'45 9d 40 87 15 eb c9 0b ec 67 fd ea bf f7 96 5b'
dc h'c2 1c ae 6a 5a 41 02 4f 5c f4 34 08 93 73 53 3f'
dc h'0c 52 65 5e 28 a1 0f b5 09 36 9b 3d 26 69 cd 9f'
dc h'1b 9e 74 2e 2d b2 ee fb f6 4d 61 ce 7b 3e 71 97'
dc h'f5 68 00 2c 60 1f c8 ed be 46 d9 4b de d4 e8 4a'
dc h'6b 2a e5 16 c5 d7 55 94 cf 10 06 81 f0 44 ba e3'
dc h'f3 fe c0 8a ad bc 48 04 df c1 75 63 30 1a 0e 6d'
dc h'4c 14 35 2f e1 a2 cc 39 57 f2 82 47 ac e7 2b 95'
dc h'a0 98 d1 7f 66 7e ab 83 ca 29 d3 3c 79 e2 1d 76'
dc h'3b 56 4e 1e db 0a 6c e4 5d 6e ef a6 a8 a4 37 8b'
dc h'32 43 59 b7 8c 64 d2 e0 b4 fa 07 25 af 8e e9 18'
dc h'd5 88 6f 72 24 f1 c7 51 23 7c 9c 21 dd dc 86 85'
dc h'90 42 c4 aa d8 05 01 12 a3 5f f9 d0 91 58 27 b9'
dc h'38 13 b3 33 bb 70 89 a7 b6 22 92 20 49 ff 78 7a'
dc h'8f f8 80 17 da 31 c6 b8 c3 b0 77 11 cb fc d6 3a'
;Xtime2 anop
; dc h'00 02 04 06 08 0a 0c 0e 10 12 14 16 18 1a 1c 1e'
; dc h'20 22 24 26 28 2a 2c 2e 30 32 34 36 38 3a 3c 3e'
; dc h'40 42 44 46 48 4a 4c 4e 50 52 54 56 58 5a 5c 5e'
; dc h'60 62 64 66 68 6a 6c 6e 70 72 74 76 78 7a 7c 7e'
; dc h'80 82 84 86 88 8a 8c 8e 90 92 94 96 98 9a 9c 9e'
; dc h'a0 a2 a4 a6 a8 aa ac ae b0 b2 b4 b6 b8 ba bc be'
; dc h'c0 c2 c4 c6 c8 ca cc ce d0 d2 d4 d6 d8 da dc de'
; dc h'e0 e2 e4 e6 e8 ea ec ee f0 f2 f4 f6 f8 fa fc fe'
; dc h'1b 19 1f 1d 13 11 17 15 0b 09 0f 0d 03 01 07 05'
; dc h'3b 39 3f 3d 33 31 37 35 2b 29 2f 2d 23 21 27 25'
; dc h'5b 59 5f 5d 53 51 57 55 4b 49 4f 4d 43 41 47 45'
; dc h'7b 79 7f 7d 73 71 77 75 6b 69 6f 6d 63 61 67 65'
; dc h'9b 99 9f 9d 93 91 97 95 8b 89 8f 8d 83 81 87 85'
; dc h'bb b9 bf bd b3 b1 b7 b5 ab a9 af ad a3 a1 a7 a5'
; dc h'db d9 df dd d3 d1 d7 d5 cb c9 cf cd c3 c1 c7 c5'
; dc h'fb f9 ff fd f3 f1 f7 f5 eb e9 ef ed e3 e1 e7 e5'
Xtime9 anop
dc h'00 09 12 1b 24 2d 36 3f 48 41 5a 53 6c 65 7e 77'
dc h'90 99 82 8b b4 bd a6 af d8 d1 ca c3 fc f5 ee e7'
dc h'3b 32 29 20 1f 16 0d 04 73 7a 61 68 57 5e 45 4c'
dc h'ab a2 b9 b0 8f 86 9d 94 e3 ea f1 f8 c7 ce d5 dc'
dc h'76 7f 64 6d 52 5b 40 49 3e 37 2c 25 1a 13 08 01'
dc h'e6 ef f4 fd c2 cb d0 d9 ae a7 bc b5 8a 83 98 91'
dc h'4d 44 5f 56 69 60 7b 72 05 0c 17 1e 21 28 33 3a'
dc h'dd d4 cf c6 f9 f0 eb e2 95 9c 87 8e b1 b8 a3 aa'
dc h'ec e5 fe f7 c8 c1 da d3 a4 ad b6 bf 80 89 92 9b'
dc h'7c 75 6e 67 58 51 4a 43 34 3d 26 2f 10 19 02 0b'
dc h'd7 de c5 cc f3 fa e1 e8 9f 96 8d 84 bb b2 a9 a0'
dc h'47 4e 55 5c 63 6a 71 78 0f 06 1d 14 2b 22 39 30'
dc h'9a 93 88 81 be b7 ac a5 d2 db c0 c9 f6 ff e4 ed'
dc h'0a 03 18 11 2e 27 3c 35 42 4b 50 59 66 6f 74 7d'
dc h'a1 a8 b3 ba 85 8c 97 9e e9 e0 fb f2 cd c4 df d6'
dc h'31 38 23 2a 15 1c 07 0e 79 70 6b 62 5d 54 4f 46'
XtimeB anop
dc h'00 0b 16 1d 2c 27 3a 31 58 53 4e 45 74 7f 62 69'
dc h'b0 bb a6 ad 9c 97 8a 81 e8 e3 fe f5 c4 cf d2 d9'
dc h'7b 70 6d 66 57 5c 41 4a 23 28 35 3e 0f 04 19 12'
dc h'cb c0 dd d6 e7 ec f1 fa 93 98 85 8e bf b4 a9 a2'
dc h'f6 fd e0 eb da d1 cc c7 ae a5 b8 b3 82 89 94 9f'
dc h'46 4d 50 5b 6a 61 7c 77 1e 15 08 03 32 39 24 2f'
dc h'8d 86 9b 90 a1 aa b7 bc d5 de c3 c8 f9 f2 ef e4'
dc h'3d 36 2b 20 11 1a 07 0c 65 6e 73 78 49 42 5f 54'
dc h'f7 fc e1 ea db d0 cd c6 af a4 b9 b2 83 88 95 9e'
dc h'47 4c 51 5a 6b 60 7d 76 1f 14 09 02 33 38 25 2e'
dc h'8c 87 9a 91 a0 ab b6 bd d4 df c2 c9 f8 f3 ee e5'
dc h'3c 37 2a 21 10 1b 06 0d 64 6f 72 79 48 43 5e 55'
dc h'01 0a 17 1c 2d 26 3b 30 59 52 4f 44 75 7e 63 68'
dc h'b1 ba a7 ac 9d 96 8b 80 e9 e2 ff f4 c5 ce d3 d8'
dc h'7a 71 6c 67 56 5d 40 4b 22 29 34 3f 0e 05 18 13'
dc h'ca c1 dc d7 e6 ed f0 fb 92 99 84 8f be b5 a8 a3'
XtimeD anop
dc h'00 0d 1a 17 34 39 2e 23 68 65 72 7f 5c 51 46 4b'
dc h'd0 dd ca c7 e4 e9 fe f3 b8 b5 a2 af 8c 81 96 9b'
dc h'bb b6 a1 ac 8f 82 95 98 d3 de c9 c4 e7 ea fd f0'
dc h'6b 66 71 7c 5f 52 45 48 03 0e 19 14 37 3a 2d 20'
dc h'6d 60 77 7a 59 54 43 4e 05 08 1f 12 31 3c 2b 26'
dc h'bd b0 a7 aa 89 84 93 9e d5 d8 cf c2 e1 ec fb f6'
dc h'd6 db cc c1 e2 ef f8 f5 be b3 a4 a9 8a 87 90 9d'
dc h'06 0b 1c 11 32 3f 28 25 6e 63 74 79 5a 57 40 4d'
dc h'da d7 c0 cd ee e3 f4 f9 b2 bf a8 a5 86 8b 9c 91'
dc h'0a 07 10 1d 3e 33 24 29 62 6f 78 75 56 5b 4c 41'
dc h'61 6c 7b 76 55 58 4f 42 09 04 13 1e 3d 30 27 2a'
dc h'b1 bc ab a6 85 88 9f 92 d9 d4 c3 ce ed e0 f7 fa'
dc h'b7 ba ad a0 83 8e 99 94 df d2 c5 c8 eb e6 f1 fc'
dc h'67 6a 7d 70 53 5e 49 44 0f 02 15 18 3b 36 21 2c'
dc h'0c 01 16 1b 38 35 22 2f 64 69 7e 73 50 5d 4a 47'
dc h'dc d1 c6 cb e8 e5 f2 ff b4 b9 ae a3 80 8d 9a 97'
XtimeE anop
dc h'00 0e 1c 12 38 36 24 2a 70 7e 6c 62 48 46 54 5a'
dc h'e0 ee fc f2 d8 d6 c4 ca 90 9e 8c 82 a8 a6 b4 ba'
dc h'db d5 c7 c9 e3 ed ff f1 ab a5 b7 b9 93 9d 8f 81'
dc h'3b 35 27 29 03 0d 1f 11 4b 45 57 59 73 7d 6f 61'
dc h'ad a3 b1 bf 95 9b 89 87 dd d3 c1 cf e5 eb f9 f7'
dc h'4d 43 51 5f 75 7b 69 67 3d 33 21 2f 05 0b 19 17'
dc h'76 78 6a 64 4e 40 52 5c 06 08 1a 14 3e 30 22 2c'
dc h'96 98 8a 84 ae a0 b2 bc e6 e8 fa f4 de d0 c2 cc'
dc h'41 4f 5d 53 79 77 65 6b 31 3f 2d 23 09 07 15 1b'
dc h'a1 af bd b3 99 97 85 8b d1 df cd c3 e9 e7 f5 fb'
dc h'9a 94 86 88 a2 ac be b0 ea e4 f6 f8 d2 dc ce c0'
dc h'7a 74 66 68 42 4c 5e 50 0a 04 16 18 32 3c 2e 20'
dc h'ec e2 f0 fe d4 da c8 c6 9c 92 80 8e a4 aa b8 b6'
dc h'0c 02 10 1e 34 3a 28 26 7c 72 60 6e 44 4a 58 56'
dc h'37 39 2b 25 0f 01 13 1d 47 49 5b 55 7f 71 63 6d'
dc h'd7 d9 cb c5 ef e1 f3 fd a7 a9 bb b5 9f 91 83 8d'
Rcon anop
dc h'01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'02 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00'
dc h'04 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'08 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'10 00 04 00 00 00 00 00 00 08 00 00 00 00 00 00'
dc h'20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'40 10 08 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'80 00 00 00 00 00 00 00 00 20 00 00 00 00 00 00'
dc h'1b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'36 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'6c 00 20 00 00 00 00 00 00 80 00 00 00 00 00 00'
dc h'd8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00'
dc h'ab 1b 40'
end
state1 gequ 0
state2 gequ 16
keysize gequ 32
rk gequ 33
* Constants used for keysize
keysize_128 gequ 0
keysize_192 gequ 64
keysize_256 gequ 128
* Callable from C, with state structure pointer on stack.
aes_expandkey128 start
CFunction ExpandKey128
end
aes_expandkey192 start
CFunction ExpandKey192
end
aes_expandkey256 start
CFunction ExpandKey256
end
* Call with DP = AES state structure (with key expanded),
* DB = bank containing AES tables.
ExpandKey128 start
using tables
stz keysize-1 ;keysize_128
ldx #16
clc
top anop
ExpandKeyCore 16,0
ExpandKeyIter 16,3
txa
adc #16
tax
cmp #16*11
blt top
rtl
end
ExpandKey192 start
using tables
lda #keysize_192|8
sta keysize-1
ldx #24
clc
top anop
ExpandKeyCore 24,1
ExpandKeyIter 24,5
txa
adc #24
tax
cmp #16*13
blt top
rtl
end
ExpandKey256 start
using tables
lda #keysize_256|8
sta keysize-1
ldx #32
clc
top anop
ExpandKeyCore 32,2
ExpandKeyIter 32,3
txa
adc #16
tax
cmp #16*15
bge done
ExpandKeySubst 32,2
ExpandKeyIter 32,3
txa
adc #16
tax
brl top
done rtl
end
* Callable from C, with state structure pointer on stack.
aes_encrypt start
CFunction AES_ENCRYPT
end
* Call with DP = AES state structure (with key expanded),
* DP = bank containing AES tables.
AES_ENCRYPT start
using tables
AddInitialRoundKey
ShortRegs
NormalRound 1
NormalRound 2
NormalRound 3
NormalRound 4
NormalRound 5
NormalRound 6
NormalRound 7
NormalRound 8
NormalRound 9
lda keysize
bne cont1
jmp finish_aes128
cont1 NormalRound 10
NormalRound 11
lda keysize
bmi cont2
jmp finish_aes192
cont2 NormalRound 12
NormalRound 13
finish_aes256 anop
FinalRound 14
LongRegs
rtl
finish_aes192 anop
FinalRound 12
LongRegs
rtl
finish_aes128 anop
FinalRound 10
LongRegs
rtl
end
aes128_decrypt start
CFunction AES128_DECRYPT
end
aes192_decrypt start
CFunction AES192_DECRYPT
end
2017-06-27 23:35:04 +00:00
aes256_decrypt start
CFunction AES256_DECRYPT
end
AES256_DECRYPT start
using tables
2017-06-27 23:35:04 +00:00
InvFinalRound 14
InvNormalRound 13
InvNormalRound 12
jmp cont1
AES192_DECRYPT entry
InvFinalRound 12
2017-06-27 23:35:04 +00:00
cont1 anop
InvNormalRound 11
InvNormalRound 10
2017-06-27 23:35:04 +00:00
jmp cont2
AES128_DECRYPT entry
InvFinalRound 10
2017-06-27 23:35:04 +00:00
cont2 anop
InvNormalRound 9
InvNormalRound 8
InvNormalRound 7
InvNormalRound 6
InvNormalRound 5
InvNormalRound 4
InvNormalRound 3
InvNormalRound 2
InvNormalRound 1
InvNormalRound 0
rtl
end