diff --git a/aes.asm b/aes.asm index 655fd18..cd62c0e 100644 --- a/aes.asm +++ b/aes.asm @@ -1,6 +1,33 @@ +* Copyright (c) 2017 Stephen Heumann +* +* Permission to use, copy, modify, and distribute this software for any +* purpose with or without fee is hereby granted, provided that the above +* copyright notice and this permission notice appear in all copies. +* +* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + +* AES encryption and decryption functions for the 65816 +* +* The general approach is largely based on the public domain +* 'aestable.c' implementation by Karl Malbrain, available at: +* https://code.google.com/archive/p/byte-oriented-aes/downloads +* Portions are also based on the public domain 'rijndael-alg-fst.c' +* reference implementation by Vincent Rijmen, Antoon Bosselaers, +* and Paulo Barreto. + + case on mcopy aes.macros +* Data tables used for AES encryption and decryption. +* For best performance, these should be page-aligned. align 256 tables privdata Sbox anop ; forward s-box @@ -181,6 +208,7 @@ Rcon anop dc h'ab 1b 40' end +* Direct page locations state1 gequ 0 state2 gequ 16 keysize gequ 32 @@ -192,7 +220,11 @@ keysize_192 gequ 64 keysize_256 gequ 128 -* Callable from C, with state structure pointer on stack. +* AES key expansion functions +* The appropriate one of these must be called before encrypting or decrypting. +* The key should be in the first 16/24/32 bytes of rk before calling this. + +* Callable from C, with context structure pointer on stack. aes128_expandkey start CFunction AES128_EXPANDKEY end @@ -205,7 +237,7 @@ aes256_expandkey start CFunction AES256_EXPANDKEY end -* Call with DP = AES state structure (with key expanded), +* Call with DP = AES context structure (with key present but not expanded), * DB = bank containing AES tables. AES128_EXPANDKEY start using tables @@ -281,13 +313,17 @@ done rtl end -* Callable from C, with state structure pointer on stack. +* AES encryption function +* This performs AES-128, AES-192, or AES-256 encryption, depending on the key. +* The unencrypted input and encrypted output are in state1. + +* Callable from C, with context structure pointer on stack. aes_encrypt start CFunction AES_ENCRYPT end -* Call with DP = AES state structure (with key expanded), +* Call with DP = AES context structure (with key expanded), * DP = bank containing AES tables. AES_ENCRYPT start using tables @@ -337,6 +373,10 @@ finish_aes128 anop end +* AES decryption functions +* The encrypted input and unencrypted output are in state1. + +* Callable from C, with context structure pointer on stack. aes128_decrypt start CFunction AES128_DECRYPT end @@ -349,6 +389,8 @@ aes256_decrypt start CFunction AES256_DECRYPT end +* Call with DP = AES context structure (with key expanded), +* DP = bank containing AES tables. AES256_DECRYPT start using tables ShortRegs diff --git a/aes.h b/aes.h index 5c31a38..9085e38 100644 --- a/aes.h +++ b/aes.h @@ -1,3 +1,19 @@ +/* + * Copyright (c) 2017 Stephen Heumann + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + struct aes_context { unsigned char data[16]; unsigned char reserved1[17]; @@ -5,13 +21,28 @@ struct aes_context { unsigned char reserved2[16*13]; }; -/* context must be in bank 0, preferably page-aligned. */ -void aes128_expandkey(struct aes_context *); -void aes128_expandkey(struct aes_context *); -void aes128_expandkey(struct aes_context *); +/* The context structure must be in bank 0, preferably page-aligned. */ -void aes_encrypt(struct aes_context *); +/* + * AES key expansion functions + * The appropriate one of these must be called before encrypting or decrypting. + * The key must be in the first 16/24/32 bytes of context->key before the call. + */ +void aes128_expandkey(struct aes_context *context); +void aes192_expandkey(struct aes_context *context); +void aes256_expandkey(struct aes_context *context); -void aes128_decrypt(struct aes_context *); -void aes192_decrypt(struct aes_context *); -void aes256_decrypt(struct aes_context *); +/* + * AES encryption function + * This performs AES-128, AES-192, or AES-256 encryption, depending on the key. + * The unencrypted input and encrypted output are in context->data. + */ +void aes_encrypt(struct aes_context *context); + +/* + * AES decryption functions + * The encrypted input and unencrypted output are in context->data. + */ +void aes128_decrypt(struct aes_context *context); +void aes192_decrypt(struct aes_context *context); +void aes256_decrypt(struct aes_context *context); diff --git a/aes.macros b/aes.macros index 127dd7b..ba12be4 100644 --- a/aes.macros +++ b/aes.macros @@ -1,3 +1,17 @@ +* Copyright (c) 2017 Stephen Heumann +* +* Permission to use, copy, modify, and distribute this software for any +* purpose with or without fee is hereby granted, provided that the above +* copyright notice and this permission notice appear in all copies. +* +* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * This makes a function wrapper that is callable from C, * taking a pointer to the state structure as its argument. macro @@ -18,7 +32,7 @@ rtl mend - +*The 'core' function applied to some words when computing the AES key schedule macro ExpandKeyCore &xorback,&rconoffset @@ -79,7 +93,7 @@ mend - +* Generate consecutive words of key schedule that don't use above functions macro ExpandKeyIter &xorback,&nwords lcla &i @@ -99,7 +113,7 @@ aif &i/4<&nwords,.loop2 mend - +* Do an initial AddRoundKey step on the starting state (for encryption) macro AddInitialRoundKey lcla &i @@ -111,7 +125,7 @@ aif &i<16,.top mend - +* Do a full normal round, including (in effect) SubBytes through AddRoundKey macro &lbl NormalRound &round &lbl anop @@ -129,7 +143,7 @@ .done mend - +* Do the operations on one column for a normal round. macro MixColumn &i,&A,&B,&C,&D,&state,&out @@ -183,7 +197,7 @@ .skip2 mend - +* Do final round, including (in effect) SubBytes, ShiftRows, and AddRoundKey. macro FinalRound &round @@ -209,7 +223,7 @@ mend - +* Do the final round operations for one byte. macro FinalRoundStep &to,&from,&skipldy @@ -228,7 +242,7 @@ mend - +* Perform an inverse normal round (for decryption) macro InvNormalRound &round,&state lcla &i @@ -250,7 +264,7 @@ InvMixColumn 4,9,14,3,4,dotax=1 mend - +* Perform the operations for one column in an inverse normal round macro InvMixColumn &A,&B,&C,&D,&i,&skipldx,&dotax @@ -311,7 +325,7 @@ .done mend - +* Do the inverse final round steps for one byte. macro InvFinalRoundStep &to,&from,&dotax @@ -341,7 +355,7 @@ .done mend - +* Do the inverse of the final round (which comes first for decryption). macro InvFinalRound &round @@ -367,7 +381,7 @@ mend - +* Set registers to 8 bits macro ShortRegs sep #$30 @@ -375,11 +389,10 @@ longi off mend - +* Set registers to 16 bits macro LongRegs rep #$30 longa on longi on mend - diff --git a/aestest.c b/aestest.c index 680a810..ada581d 100644 --- a/aestest.c +++ b/aestest.c @@ -1,3 +1,19 @@ +/* + * Copyright (c) 2017 Stephen Heumann + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + #include #include #include