Etusivu Tutki Apua
Kirjaudu sisään
GfA
/
linux_kernel
5
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Haara: master
Haarat Tagit
linux_kernel
/
arch
/
arm64
/
crypto
/
aes-neon.S

aes-neon.S 12 KB
Pysyvä linkki Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358 
  1. /*
    2. 

  2.  * linux/arch/arm64/crypto/aes-neon.S - AES cipher for ARMv8 NEON
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2013 - 2017 Linaro Ltd. <ard.biesheuvel@linaro.org>
    5. 

  5.  *
    6. 

  6.  * This program is free software; you can redistribute it and/or modify
    7. 

  7.  * it under the terms of the GNU General Public License version 2 as
    8. 

  8.  * published by the Free Software Foundation.
    9. 

  9.  */
    10. 

  10. 

  11. #include <linux/linkage.h>
    12. 

  12. #include <asm/assembler.h>
    13. 

  13. 

  14. #define AES_ENTRY(func)		ENTRY(neon_ ## func)
    15. 

  15. #define AES_ENDPROC(func)	ENDPROC(neon_ ## func)
    16. 

  16. 

  17. 	xtsmask		.req	v7
    18. 

  18. 

  19. 	.macro		xts_reload_mask, tmp
    20. 

  20. 	xts_load_mask	\tmp
    21. 

  21. 	.endm
    22. 

  22. 

  23. 	/* multiply by polynomial 'x' in GF(2^8) */
    24. 

  24. 	.macro		mul_by_x, out, in, temp, const
    25. 

  25. 	sshr		\temp, \in, #7
    26. 

  26. 	shl		\out, \in, #1
    27. 

  27. 	and		\temp, \temp, \const
    28. 

  28. 	eor		\out, \out, \temp
    29. 

  29. 	.endm
    30. 

  30. 

  31. 	/* multiply by polynomial 'x^2' in GF(2^8) */
    32. 

  32. 	.macro		mul_by_x2, out, in, temp, const
    33. 

  33. 	ushr		\temp, \in, #6
    34. 

  34. 	shl		\out, \in, #2
    35. 

  35. 	pmul		\temp, \temp, \const
    36. 

  36. 	eor		\out, \out, \temp
    37. 

  37. 	.endm
    38. 

  38. 

  39. 	/* preload the entire Sbox */
    40. 

  40. 	.macro		prepare, sbox, shiftrows, temp
    41. 

  41. 	movi		v12.16b, #0x1b
    42. 

  42. 	ldr_l		q13, \shiftrows, \temp
    43. 

  43. 	ldr_l		q14, .Lror32by8, \temp
    44. 

  44. 	adr_l		\temp, \sbox
    45. 

  45. 	ld1		{v16.16b-v19.16b}, [\temp], #64
    46. 

  46. 	ld1		{v20.16b-v23.16b}, [\temp], #64
    47. 

  47. 	ld1		{v24.16b-v27.16b}, [\temp], #64
    48. 

  48. 	ld1		{v28.16b-v31.16b}, [\temp]
    49. 

  49. 	.endm
    50. 

  50. 

  51. 	/* do preload for encryption */
    52. 

  52. 	.macro		enc_prepare, ignore0, ignore1, temp
    53. 

  53. 	prepare		.LForward_Sbox, .LForward_ShiftRows, \temp
    54. 

  54. 	.endm
    55. 

  55. 

  56. 	.macro		enc_switch_key, ignore0, ignore1, temp
    57. 

  57. 	/* do nothing */
    58. 

  58. 	.endm
    59. 

  59. 

  60. 	/* do preload for decryption */
    61. 

  61. 	.macro		dec_prepare, ignore0, ignore1, temp
    62. 

  62. 	prepare		.LReverse_Sbox, .LReverse_ShiftRows, \temp
    63. 

  63. 	.endm
    64. 

  64. 

  65. 	/* apply SubBytes transformation using the the preloaded Sbox */
    66. 

  66. 	.macro		sub_bytes, in
    67. 

  67. 	sub		v9.16b, \in\().16b, v15.16b
    68. 

  68. 	tbl		\in\().16b, {v16.16b-v19.16b}, \in\().16b
    69. 

  69. 	sub		v10.16b, v9.16b, v15.16b
    70. 

  70. 	tbx		\in\().16b, {v20.16b-v23.16b}, v9.16b
    71. 

  71. 	sub		v11.16b, v10.16b, v15.16b
    72. 

  72. 	tbx		\in\().16b, {v24.16b-v27.16b}, v10.16b
    73. 

  73. 	tbx		\in\().16b, {v28.16b-v31.16b}, v11.16b
    74. 

  74. 	.endm
    75. 

  75. 

  76. 	/* apply MixColumns transformation */
    77. 

  77. 	.macro		mix_columns, in, enc
    78. 

  78. 	.if		\enc == 0
    79. 

  79. 	/* Inverse MixColumns: pre-multiply by { 5, 0, 4, 0 } */
    80. 

  80. 	mul_by_x2	v8.16b, \in\().16b, v9.16b, v12.16b
    81. 

  81. 	eor		\in\().16b, \in\().16b, v8.16b
    82. 

  82. 	rev32		v8.8h, v8.8h
    83. 

  83. 	eor		\in\().16b, \in\().16b, v8.16b
    84. 

  84. 	.endif
    85. 

  85. 

  86. 	mul_by_x	v9.16b, \in\().16b, v8.16b, v12.16b
    87. 

  87. 	rev32		v8.8h, \in\().8h
    88. 

  88. 	eor		v8.16b, v8.16b, v9.16b
    89. 

  89. 	eor		\in\().16b, \in\().16b, v8.16b
    90. 

  90. 	tbl		\in\().16b, {\in\().16b}, v14.16b
    91. 

  91. 	eor		\in\().16b, \in\().16b, v8.16b
    92. 

  92. 	.endm
    93. 

  93. 

  94. 	.macro		do_block, enc, in, rounds, rk, rkp, i
    95. 

  95. 	ld1		{v15.4s}, [\rk]
    96. 

  96. 	add		\rkp, \rk, #16
    97. 

  97. 	mov		\i, \rounds
    98. 

  98. 1111:	eor		\in\().16b, \in\().16b, v15.16b		/* ^round key */
    99. 

  99. 	movi		v15.16b, #0x40
    100. 

  100. 	tbl		\in\().16b, {\in\().16b}, v13.16b	/* ShiftRows */
    101. 

  101. 	sub_bytes	\in
    102. 

  102. 	subs		\i, \i, #1
    103. 

  103. 	ld1		{v15.4s}, [\rkp], #16
    104. 

  104. 	beq		2222f
    105. 

  105. 	mix_columns	\in, \enc
    106. 

  106. 	b		1111b
    107. 

  107. 2222:	eor		\in\().16b, \in\().16b, v15.16b		/* ^round key */
    108. 

  108. 	.endm
    109. 

  109. 

  110. 	.macro		encrypt_block, in, rounds, rk, rkp, i
    111. 

  111. 	do_block	1, \in, \rounds, \rk, \rkp, \i
    112. 

  112. 	.endm
    113. 

  113. 

  114. 	.macro		decrypt_block, in, rounds, rk, rkp, i
    115. 

  115. 	do_block	0, \in, \rounds, \rk, \rkp, \i
    116. 

  116. 	.endm
    117. 

  117. 

  118. 	/*
    119. 

  119. 	 * Interleaved versions: functionally equivalent to the
    120. 

  120. 	 * ones above, but applied to 2 or 4 AES states in parallel.
    121. 

  121. 	 */
    122. 

  122. 

  123. 	.macro		sub_bytes_2x, in0, in1
    124. 

  124. 	sub		v8.16b, \in0\().16b, v15.16b
    125. 

  125. 	tbl		\in0\().16b, {v16.16b-v19.16b}, \in0\().16b
    126. 

  126. 	sub		v9.16b, \in1\().16b, v15.16b
    127. 

  127. 	tbl		\in1\().16b, {v16.16b-v19.16b}, \in1\().16b
    128. 

  128. 	sub		v10.16b, v8.16b, v15.16b
    129. 

  129. 	tbx		\in0\().16b, {v20.16b-v23.16b}, v8.16b
    130. 

  130. 	sub		v11.16b, v9.16b, v15.16b
    131. 

  131. 	tbx		\in1\().16b, {v20.16b-v23.16b}, v9.16b
    132. 

  132. 	sub		v8.16b, v10.16b, v15.16b
    133. 

  133. 	tbx		\in0\().16b, {v24.16b-v27.16b}, v10.16b
    134. 

  134. 	sub		v9.16b, v11.16b, v15.16b
    135. 

  135. 	tbx		\in1\().16b, {v24.16b-v27.16b}, v11.16b
    136. 

  136. 	tbx		\in0\().16b, {v28.16b-v31.16b}, v8.16b
    137. 

  137. 	tbx		\in1\().16b, {v28.16b-v31.16b}, v9.16b
    138. 

  138. 	.endm
    139. 

  139. 

  140. 	.macro		sub_bytes_4x, in0, in1, in2, in3
    141. 

  141. 	sub		v8.16b, \in0\().16b, v15.16b
    142. 

  142. 	tbl		\in0\().16b, {v16.16b-v19.16b}, \in0\().16b
    143. 

  143. 	sub		v9.16b, \in1\().16b, v15.16b
    144. 

  144. 	tbl		\in1\().16b, {v16.16b-v19.16b}, \in1\().16b
    145. 

  145. 	sub		v10.16b, \in2\().16b, v15.16b
    146. 

  146. 	tbl		\in2\().16b, {v16.16b-v19.16b}, \in2\().16b
    147. 

  147. 	sub		v11.16b, \in3\().16b, v15.16b
    148. 

  148. 	tbl		\in3\().16b, {v16.16b-v19.16b}, \in3\().16b
    149. 

  149. 	tbx		\in0\().16b, {v20.16b-v23.16b}, v8.16b
    150. 

  150. 	tbx		\in1\().16b, {v20.16b-v23.16b}, v9.16b
    151. 

  151. 	sub		v8.16b, v8.16b, v15.16b
    152. 

  152. 	tbx		\in2\().16b, {v20.16b-v23.16b}, v10.16b
    153. 

  153. 	sub		v9.16b, v9.16b, v15.16b
    154. 

  154. 	tbx		\in3\().16b, {v20.16b-v23.16b}, v11.16b
    155. 

  155. 	sub		v10.16b, v10.16b, v15.16b
    156. 

  156. 	tbx		\in0\().16b, {v24.16b-v27.16b}, v8.16b
    157. 

  157. 	sub		v11.16b, v11.16b, v15.16b
    158. 

  158. 	tbx		\in1\().16b, {v24.16b-v27.16b}, v9.16b
    159. 

  159. 	sub		v8.16b, v8.16b, v15.16b
    160. 

  160. 	tbx		\in2\().16b, {v24.16b-v27.16b}, v10.16b
    161. 

  161. 	sub		v9.16b, v9.16b, v15.16b
    162. 

  162. 	tbx		\in3\().16b, {v24.16b-v27.16b}, v11.16b
    163. 

  163. 	sub		v10.16b, v10.16b, v15.16b
    164. 

  164. 	tbx		\in0\().16b, {v28.16b-v31.16b}, v8.16b
    165. 

  165. 	sub		v11.16b, v11.16b, v15.16b
    166. 

  166. 	tbx		\in1\().16b, {v28.16b-v31.16b}, v9.16b
    167. 

  167. 	tbx		\in2\().16b, {v28.16b-v31.16b}, v10.16b
    168. 

  168. 	tbx		\in3\().16b, {v28.16b-v31.16b}, v11.16b
    169. 

  169. 	.endm
    170. 

  170. 

  171. 	.macro		mul_by_x_2x, out0, out1, in0, in1, tmp0, tmp1, const
    172. 

  172. 	sshr		\tmp0\().16b, \in0\().16b, #7
    173. 

  173. 	shl		\out0\().16b, \in0\().16b, #1
    174. 

  174. 	sshr		\tmp1\().16b, \in1\().16b, #7
    175. 

  175. 	and		\tmp0\().16b, \tmp0\().16b, \const\().16b
    176. 

  176. 	shl		\out1\().16b, \in1\().16b, #1
    177. 

  177. 	and		\tmp1\().16b, \tmp1\().16b, \const\().16b
    178. 

  178. 	eor		\out0\().16b, \out0\().16b, \tmp0\().16b
    179. 

  179. 	eor		\out1\().16b, \out1\().16b, \tmp1\().16b
    180. 

  180. 	.endm
    181. 

  181. 

  182. 	.macro		mul_by_x2_2x, out0, out1, in0, in1, tmp0, tmp1, const
    183. 

  183. 	ushr		\tmp0\().16b, \in0\().16b, #6
    184. 

  184. 	shl		\out0\().16b, \in0\().16b, #2
    185. 

  185. 	ushr		\tmp1\().16b, \in1\().16b, #6
    186. 

  186. 	pmul		\tmp0\().16b, \tmp0\().16b, \const\().16b
    187. 

  187. 	shl		\out1\().16b, \in1\().16b, #2
    188. 

  188. 	pmul		\tmp1\().16b, \tmp1\().16b, \const\().16b
    189. 

  189. 	eor		\out0\().16b, \out0\().16b, \tmp0\().16b
    190. 

  190. 	eor		\out1\().16b, \out1\().16b, \tmp1\().16b
    191. 

  191. 	.endm
    192. 

  192. 

  193. 	.macro		mix_columns_2x, in0, in1, enc
    194. 

  194. 	.if		\enc == 0
    195. 

  195. 	/* Inverse MixColumns: pre-multiply by { 5, 0, 4, 0 } */
    196. 

  196. 	mul_by_x2_2x	v8, v9, \in0, \in1, v10, v11, v12
    197. 

  197. 	eor		\in0\().16b, \in0\().16b, v8.16b
    198. 

  198. 	rev32		v8.8h, v8.8h
    199. 

  199. 	eor		\in1\().16b, \in1\().16b, v9.16b
    200. 

  200. 	rev32		v9.8h, v9.8h
    201. 

  201. 	eor		\in0\().16b, \in0\().16b, v8.16b
    202. 

  202. 	eor		\in1\().16b, \in1\().16b, v9.16b
    203. 

  203. 	.endif
    204. 

  204. 

  205. 	mul_by_x_2x	v8, v9, \in0, \in1, v10, v11, v12
    206. 

  206. 	rev32		v10.8h, \in0\().8h
    207. 

  207. 	rev32		v11.8h, \in1\().8h
    208. 

  208. 	eor		v10.16b, v10.16b, v8.16b
    209. 

  209. 	eor		v11.16b, v11.16b, v9.16b
    210. 

  210. 	eor		\in0\().16b, \in0\().16b, v10.16b
    211. 

  211. 	eor		\in1\().16b, \in1\().16b, v11.16b
    212. 

  212. 	tbl		\in0\().16b, {\in0\().16b}, v14.16b
    213. 

  213. 	tbl		\in1\().16b, {\in1\().16b}, v14.16b
    214. 

  214. 	eor		\in0\().16b, \in0\().16b, v10.16b
    215. 

  215. 	eor		\in1\().16b, \in1\().16b, v11.16b
    216. 

  216. 	.endm
    217. 

  217. 

  218. 	.macro		do_block_2x, enc, in0, in1, rounds, rk, rkp, i
    219. 

  219. 	ld1		{v15.4s}, [\rk]
    220. 

  220. 	add		\rkp, \rk, #16
    221. 

  221. 	mov		\i, \rounds
    222. 

  222. 1111:	eor		\in0\().16b, \in0\().16b, v15.16b	/* ^round key */
    223. 

  223. 	eor		\in1\().16b, \in1\().16b, v15.16b	/* ^round key */
    224. 

  224. 	movi		v15.16b, #0x40
    225. 

  225. 	tbl		\in0\().16b, {\in0\().16b}, v13.16b	/* ShiftRows */
    226. 

  226. 	tbl		\in1\().16b, {\in1\().16b}, v13.16b	/* ShiftRows */
    227. 

  227. 	sub_bytes_2x	\in0, \in1
    228. 

  228. 	subs		\i, \i, #1
    229. 

  229. 	ld1		{v15.4s}, [\rkp], #16
    230. 

  230. 	beq		2222f
    231. 

  231. 	mix_columns_2x	\in0, \in1, \enc
    232. 

  232. 	b		1111b
    233. 

  233. 2222:	eor		\in0\().16b, \in0\().16b, v15.16b	/* ^round key */
    234. 

  234. 	eor		\in1\().16b, \in1\().16b, v15.16b	/* ^round key */
    235. 

  235. 	.endm
    236. 

  236. 

  237. 	.macro		do_block_4x, enc, in0, in1, in2, in3, rounds, rk, rkp, i
    238. 

  238. 	ld1		{v15.4s}, [\rk]
    239. 

  239. 	add		\rkp, \rk, #16
    240. 

  240. 	mov		\i, \rounds
    241. 

  241. 1111:	eor		\in0\().16b, \in0\().16b, v15.16b	/* ^round key */
    242. 

  242. 	eor		\in1\().16b, \in1\().16b, v15.16b	/* ^round key */
    243. 

  243. 	eor		\in2\().16b, \in2\().16b, v15.16b	/* ^round key */
    244. 

  244. 	eor		\in3\().16b, \in3\().16b, v15.16b	/* ^round key */
    245. 

  245. 	movi		v15.16b, #0x40
    246. 

  246. 	tbl		\in0\().16b, {\in0\().16b}, v13.16b	/* ShiftRows */
    247. 

  247. 	tbl		\in1\().16b, {\in1\().16b}, v13.16b	/* ShiftRows */
    248. 

  248. 	tbl		\in2\().16b, {\in2\().16b}, v13.16b	/* ShiftRows */
    249. 

  249. 	tbl		\in3\().16b, {\in3\().16b}, v13.16b	/* ShiftRows */
    250. 

  250. 	sub_bytes_4x	\in0, \in1, \in2, \in3
    251. 

  251. 	subs		\i, \i, #1
    252. 

  252. 	ld1		{v15.4s}, [\rkp], #16
    253. 

  253. 	beq		2222f
    254. 

  254. 	mix_columns_2x	\in0, \in1, \enc
    255. 

  255. 	mix_columns_2x	\in2, \in3, \enc
    256. 

  256. 	b		1111b
    257. 

  257. 2222:	eor		\in0\().16b, \in0\().16b, v15.16b	/* ^round key */
    258. 

  258. 	eor		\in1\().16b, \in1\().16b, v15.16b	/* ^round key */
    259. 

  259. 	eor		\in2\().16b, \in2\().16b, v15.16b	/* ^round key */
    260. 

  260. 	eor		\in3\().16b, \in3\().16b, v15.16b	/* ^round key */
    261. 

  261. 	.endm
    262. 

  262. 

  263. 	.macro		encrypt_block2x, in0, in1, rounds, rk, rkp, i
    264. 

  264. 	do_block_2x	1, \in0, \in1, \rounds, \rk, \rkp, \i
    265. 

  265. 	.endm
    266. 

  266. 

  267. 	.macro		decrypt_block2x, in0, in1, rounds, rk, rkp, i
    268. 

  268. 	do_block_2x	0, \in0, \in1, \rounds, \rk, \rkp, \i
    269. 

  269. 	.endm
    270. 

  270. 

  271. 	.macro		encrypt_block4x, in0, in1, in2, in3, rounds, rk, rkp, i
    272. 

  272. 	do_block_4x	1, \in0, \in1, \in2, \in3, \rounds, \rk, \rkp, \i
    273. 

  273. 	.endm
    274. 

  274. 

  275. 	.macro		decrypt_block4x, in0, in1, in2, in3, rounds, rk, rkp, i
    276. 

  276. 	do_block_4x	0, \in0, \in1, \in2, \in3, \rounds, \rk, \rkp, \i
    277. 

  277. 	.endm
    278. 

  278. 

  279. #include "aes-modes.S"
    280. 

  280. 

  281. 	.section	".rodata", "a"
    282. 

  282. 	.align		6
    283. 

  283. .LForward_Sbox:
    284. 

  284. 	.byte		0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
    285. 

  285. 	.byte		0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
    286. 

  286. 	.byte		0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
    287. 

  287. 	.byte		0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
    288. 

  288. 	.byte		0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
    289. 

  289. 	.byte		0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
    290. 

  290. 	.byte		0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
    291. 

  291. 	.byte		0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
    292. 

  292. 	.byte		0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
    293. 

  293. 	.byte		0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
    294. 

  294. 	.byte		0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
    295. 

  295. 	.byte		0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
    296. 

  296. 	.byte		0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
    297. 

  297. 	.byte		0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
    298. 

  298. 	.byte		0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
    299. 

  299. 	.byte		0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
    300. 

  300. 	.byte		0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
    301. 

  301. 	.byte		0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
    302. 

  302. 	.byte		0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
    303. 

  303. 	.byte		0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
    304. 

  304. 	.byte		0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
    305. 

  305. 	.byte		0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
    306. 

  306. 	.byte		0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
    307. 

  307. 	.byte		0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
    308. 

  308. 	.byte		0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
    309. 

  309. 	.byte		0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
    310. 

  310. 	.byte		0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
    311. 

  311. 	.byte		0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
    312. 

  312. 	.byte		0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
    313. 

  313. 	.byte		0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
    314. 

  314. 	.byte		0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
    315. 

  315. 	.byte		0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
    316. 

  316. 

  317. .LReverse_Sbox:
    318. 

  318. 	.byte		0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
    319. 

  319. 	.byte		0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
    320. 

  320. 	.byte		0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
    321. 

  321. 	.byte		0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
    322. 

  322. 	.byte		0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
    323. 

  323. 	.byte		0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
    324. 

  324. 	.byte		0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
    325. 

  325. 	.byte		0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
    326. 

  326. 	.byte		0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
    327. 

  327. 	.byte		0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
    328. 

  328. 	.byte		0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
    329. 

  329. 	.byte		0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
    330. 

  330. 	.byte		0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
    331. 

  331. 	.byte		0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
    332. 

  332. 	.byte		0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
    333. 

  333. 	.byte		0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
    334. 

  334. 	.byte		0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
    335. 

  335. 	.byte		0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
    336. 

  336. 	.byte		0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
    337. 

  337. 	.byte		0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
    338. 

  338. 	.byte		0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
    339. 

  339. 	.byte		0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
    340. 

  340. 	.byte		0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
    341. 

  341. 	.byte		0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
    342. 

  342. 	.byte		0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
    343. 

  343. 	.byte		0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
    344. 

  344. 	.byte		0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
    345. 

  345. 	.byte		0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
    346. 

  346. 	.byte		0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
    347. 

  347. 	.byte		0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
    348. 

  348. 	.byte		0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
    349. 

  349. 	.byte		0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
    350. 

  350. 

  351. .LForward_ShiftRows:
    352. 

  352. 	.octa		0x0b06010c07020d08030e09040f0a0500
    353. 

  353. 

  354. .LReverse_ShiftRows:
    355. 

  355. 	.octa		0x0306090c0f0205080b0e0104070a0d00
    356. 

  356. 

  357. .Lror32by8:
    358. 

  358. 	.octa		0x0c0f0e0d080b0a090407060500030201
    359.