<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.14"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>Crypto++: rijndael.cpp Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">Crypto++
 <span id="projectnumber">7.0</span>
</div>
<div id="projectbrief">Free C++ class library of cryptographic schemes</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.14 -->
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',false,false,'search.php','Search');
});
/* @license-end */</script>
<div id="main-nav"></div>
</div><!-- top -->
<div class="header">
<div class="headertitle">
<div class="title">rijndael.cpp</div> </div>
</div><!--header-->
<div class="contents">
<div class="fragment"><div class="line"><a name="l00001"></a><span class="lineno"> 1</span> <span class="comment">// rijndael.cpp - modified by Chris Morgan <cmorgan@wpi.edu></span></div><div class="line"><a name="l00002"></a><span class="lineno"> 2</span> <span class="comment">// and Wei Dai from Paulo Baretto's Rijndael implementation</span></div><div class="line"><a name="l00003"></a><span class="lineno"> 3</span> <span class="comment">// The original code and all modifications are in the public domain.</span></div><div class="line"><a name="l00004"></a><span class="lineno"> 4</span> </div><div class="line"><a name="l00005"></a><span class="lineno"> 5</span> <span class="comment">// use "cl /EP /P /DCRYPTOPP_GENERATE_X64_MASM rijndael.cpp" to generate MASM code</span></div><div class="line"><a name="l00006"></a><span class="lineno"> 6</span> </div><div class="line"><a name="l00007"></a><span class="lineno"> 7</span> <span class="comment">/*</span></div><div class="line"><a name="l00008"></a><span class="lineno"> 8</span> <span class="comment">July 2017: Added support for ARM AES instructions via compiler intrinsics.</span></div><div class="line"><a name="l00009"></a><span class="lineno"> 9</span> <span class="comment">*/</span></div><div class="line"><a name="l00010"></a><span class="lineno"> 10</span> </div><div class="line"><a name="l00011"></a><span class="lineno"> 11</span> <span class="comment">/*</span></div><div class="line"><a name="l00012"></a><span class="lineno"> 12</span> <span class="comment">July 2010: Added support for AES-NI instructions via compiler intrinsics.</span></div><div class="line"><a name="l00013"></a><span class="lineno"> 13</span> <span class="comment">*/</span></div><div class="line"><a name="l00014"></a><span class="lineno"> 14</span> </div><div class="line"><a name="l00015"></a><span class="lineno"> 15</span> <span class="comment">/*</span></div><div class="line"><a name="l00016"></a><span class="lineno"> 16</span> <span class="comment">Feb 2009: The x86/x64 assembly code was rewritten in by Wei Dai to do counter mode</span></div><div class="line"><a name="l00017"></a><span class="lineno"> 17</span> <span class="comment">caching, which was invented by Hongjun Wu and popularized by Daniel J. Bernstein</span></div><div class="line"><a name="l00018"></a><span class="lineno"> 18</span> <span class="comment">and Peter Schwabe in their paper "New AES software speed records". The round</span></div><div class="line"><a name="l00019"></a><span class="lineno"> 19</span> <span class="comment">function was also modified to include a trick similar to one in Brian Gladman's</span></div><div class="line"><a name="l00020"></a><span class="lineno"> 20</span> <span class="comment">x86 assembly code, doing an 8-bit register move to minimize the number of</span></div><div class="line"><a name="l00021"></a><span class="lineno"> 21</span> <span class="comment">register spills. Also switched to compressed tables and copying round keys to</span></div><div class="line"><a name="l00022"></a><span class="lineno"> 22</span> <span class="comment">the stack.</span></div><div class="line"><a name="l00023"></a><span class="lineno"> 23</span> <span class="comment"></span></div><div class="line"><a name="l00024"></a><span class="lineno"> 24</span> <span class="comment">The C++ implementation now uses compressed tables if</span></div><div class="line"><a name="l00025"></a><span class="lineno"> 25</span> <span class="comment">CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS is defined.</span></div><div class="line"><a name="l00026"></a><span class="lineno"> 26</span> <span class="comment">*/</span></div><div class="line"><a name="l00027"></a><span class="lineno"> 27</span> </div><div class="line"><a name="l00028"></a><span class="lineno"> 28</span> <span class="comment">/*</span></div><div class="line"><a name="l00029"></a><span class="lineno"> 29</span> <span class="comment">July 2006: Defense against timing attacks was added in by Wei Dai.</span></div><div class="line"><a name="l00030"></a><span class="lineno"> 30</span> <span class="comment"></span></div><div class="line"><a name="l00031"></a><span class="lineno"> 31</span> <span class="comment">The code now uses smaller tables in the first and last rounds,</span></div><div class="line"><a name="l00032"></a><span class="lineno"> 32</span> <span class="comment">and preloads them into L1 cache before usage (by loading at least</span></div><div class="line"><a name="l00033"></a><span class="lineno"> 33</span> <span class="comment">one element in each cache line).</span></div><div class="line"><a name="l00034"></a><span class="lineno"> 34</span> <span class="comment"></span></div><div class="line"><a name="l00035"></a><span class="lineno"> 35</span> <span class="comment">We try to delay subsequent accesses to each table (used in the first</span></div><div class="line"><a name="l00036"></a><span class="lineno"> 36</span> <span class="comment">and last rounds) until all of the table has been preloaded. Hopefully</span></div><div class="line"><a name="l00037"></a><span class="lineno"> 37</span> <span class="comment">the compiler isn't smart enough to optimize that code away.</span></div><div class="line"><a name="l00038"></a><span class="lineno"> 38</span> <span class="comment"></span></div><div class="line"><a name="l00039"></a><span class="lineno"> 39</span> <span class="comment">After preloading the table, we also try not to access any memory location</span></div><div class="line"><a name="l00040"></a><span class="lineno"> 40</span> <span class="comment">other than the table and the stack, in order to prevent table entries from</span></div><div class="line"><a name="l00041"></a><span class="lineno"> 41</span> <span class="comment">being unloaded from L1 cache, until that round is finished.</span></div><div class="line"><a name="l00042"></a><span class="lineno"> 42</span> <span class="comment">(Some popular CPUs have 2-way associative caches.)</span></div><div class="line"><a name="l00043"></a><span class="lineno"> 43</span> <span class="comment">*/</span></div><div class="line"><a name="l00044"></a><span class="lineno"> 44</span> </div><div class="line"><a name="l00045"></a><span class="lineno"> 45</span> <span class="comment">// This is the original introductory comment:</span></div><div class="line"><a name="l00046"></a><span class="lineno"> 46</span> <span class="comment"></span></div><div class="line"><a name="l00047"></a><span class="lineno"> 47</span> <span class="comment">/**</span></div><div class="line"><a name="l00048"></a><span class="lineno"> 48</span> <span class="comment"> * version 3.0 (December 2000)</span></div><div class="line"><a name="l00049"></a><span class="lineno"> 49</span> <span class="comment"> *</span></div><div class="line"><a name="l00050"></a><span class="lineno"> 50</span> <span class="comment"> * Optimised ANSI C code for the Rijndael cipher (now AES)</span></div><div class="line"><a name="l00051"></a><span class="lineno"> 51</span> <span class="comment"> *</span></div><div class="line"><a name="l00052"></a><span class="lineno"> 52</span> <span class="comment"> * author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be></span></div><div class="line"><a name="l00053"></a><span class="lineno"> 53</span> <span class="comment"> * author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be></span></div><div class="line"><a name="l00054"></a><span class="lineno"> 54</span> <span class="comment"> * author Paulo Barreto <paulo.barreto@terra.com.br></span></div><div class="line"><a name="l00055"></a><span class="lineno"> 55</span> <span class="comment"> *</span></div><div class="line"><a name="l00056"></a><span class="lineno"> 56</span> <span class="comment"> * This code is hereby placed in the public domain.</span></div><div class="line"><a name="l00057"></a><span class="lineno"> 57</span> <span class="comment"> *</span></div><div class="line"><a name="l00058"></a><span class="lineno"> 58</span> <span class="comment"> * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS</span></div><div class="line"><a name="l00059"></a><span class="lineno"> 59</span> <span class="comment"> * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED</span></div><div class="line"><a name="l00060"></a><span class="lineno"> 60</span> <span class="comment"> * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE</span></div><div class="line"><a name="l00061"></a><span class="lineno"> 61</span> <span class="comment"> * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE</span></div><div class="line"><a name="l00062"></a><span class="lineno"> 62</span> <span class="comment"> * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR</span></div><div class="line"><a name="l00063"></a><span class="lineno"> 63</span> <span class="comment"> * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF</span></div><div class="line"><a name="l00064"></a><span class="lineno"> 64</span> <span class="comment"> * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR</span></div><div class="line"><a name="l00065"></a><span class="lineno"> 65</span> <span class="comment"> * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,</span></div><div class="line"><a name="l00066"></a><span class="lineno"> 66</span> <span class="comment"> * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE</span></div><div class="line"><a name="l00067"></a><span class="lineno"> 67</span> <span class="comment"> * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,</span></div><div class="line"><a name="l00068"></a><span class="lineno"> 68</span> <span class="comment"> * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span></div><div class="line"><a name="l00069"></a><span class="lineno"> 69</span> <span class="comment"> */</span></div><div class="line"><a name="l00070"></a><span class="lineno"> 70</span> </div><div class="line"><a name="l00071"></a><span class="lineno"> 71</span> <span class="preprocessor">#include "<a class="code" href="pch_8h.html">pch.h</a>"</span></div><div class="line"><a name="l00072"></a><span class="lineno"> 72</span> <span class="preprocessor">#include "<a class="code" href="config_8h.html">config.h</a>"</span></div><div class="line"><a name="l00073"></a><span class="lineno"> 73</span> </div><div class="line"><a name="l00074"></a><span class="lineno"> 74</span> <span class="preprocessor">#ifndef CRYPTOPP_IMPORTS</span></div><div class="line"><a name="l00075"></a><span class="lineno"> 75</span> <span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span></div><div class="line"><a name="l00076"></a><span class="lineno"> 76</span> </div><div class="line"><a name="l00077"></a><span class="lineno"> 77</span> <span class="preprocessor">#include "<a class="code" href="rijndael_8h.html">rijndael.h</a>"</span></div><div class="line"><a name="l00078"></a><span class="lineno"> 78</span> <span class="preprocessor">#include "<a class="code" href="misc_8h.html">misc.h</a>"</span></div><div class="line"><a name="l00079"></a><span class="lineno"> 79</span> <span class="preprocessor">#include "<a class="code" href="cpu_8h.html">cpu.h</a>"</span></div><div class="line"><a name="l00080"></a><span class="lineno"> 80</span> </div><div class="line"><a name="l00081"></a><span class="lineno"> 81</span> NAMESPACE_BEGIN(<a class="code" href="namespace_crypto_p_p.html">CryptoPP</a>)</div><div class="line"><a name="l00082"></a><span class="lineno"> 82</span> </div><div class="line"><a name="l00083"></a><span class="lineno"> 83</span> <span class="comment">// Clang 3.3 integrated assembler crash on Linux</span></div><div class="line"><a name="l00084"></a><span class="lineno"> 84</span> <span class="preprocessor">#if CRYPTOPP_BOOL_X32 || (defined(CRYPTOPP_LLVM_CLANG_VERSION) && (CRYPTOPP_LLVM_CLANG_VERSION < 30400))</span></div><div class="line"><a name="l00085"></a><span class="lineno"> 85</span> <span class="preprocessor"># define CRYPTOPP_DISABLE_RIJNDAEL_ASM</span></div><div class="line"><a name="l00086"></a><span class="lineno"> 86</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00087"></a><span class="lineno"> 87</span> </div><div class="line"><a name="l00088"></a><span class="lineno"> 88</span> <span class="comment">// Hack for http://github.com/weidai11/cryptopp/issues/42 and http://github.com/weidai11/cryptopp/issues/132</span></div><div class="line"><a name="l00089"></a><span class="lineno"> 89</span> <span class="preprocessor">#if (CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00090"></a><span class="lineno"> 90</span> <span class="preprocessor"># define CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS 1</span></div><div class="line"><a name="l00091"></a><span class="lineno"> 91</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00092"></a><span class="lineno"> 92</span> </div><div class="line"><a name="l00093"></a><span class="lineno"> 93</span> <span class="comment">// Clang __m128i casts</span></div><div class="line"><a name="l00094"></a><span class="lineno"> 94</span> <span class="preprocessor">#define M128I_CAST(x) ((__m128i *)(void *)(x))</span></div><div class="line"><a name="l00095"></a><span class="lineno"> 95</span> <span class="preprocessor">#define CONST_M128I_CAST(x) ((const __m128i *)(const void *)(x))</span></div><div class="line"><a name="l00096"></a><span class="lineno"> 96</span> </div><div class="line"><a name="l00097"></a><span class="lineno"> 97</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00098"></a><span class="lineno"> 98</span> <span class="preprocessor"># if (CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)</span></div><div class="line"><a name="l00099"></a><span class="lineno"> 99</span> <span class="keyword">namespace </span>rdtable {CRYPTOPP_ALIGN_DATA(16) word64 Te[256+2];}</div><div class="line"><a name="l00100"></a><span class="lineno"> 100</span> using namespace rdtable;</div><div class="line"><a name="l00101"></a><span class="lineno"> 101</span> <span class="preprocessor"># else</span></div><div class="line"><a name="l00102"></a><span class="lineno"> 102</span> <span class="keyword">static</span> word64 Te[256];</div><div class="line"><a name="l00103"></a><span class="lineno"> 103</span> <span class="preprocessor"># endif</span></div><div class="line"><a name="l00104"></a><span class="lineno"> 104</span> <span class="keyword">static</span> word64 Td[256];</div><div class="line"><a name="l00105"></a><span class="lineno"> 105</span> <span class="preprocessor">#else // Not CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS</span></div><div class="line"><a name="l00106"></a><span class="lineno"> 106</span> <span class="preprocessor"># if defined(CRYPTOPP_X64_MASM_AVAILABLE)</span></div><div class="line"><a name="l00107"></a><span class="lineno"> 107</span> <span class="comment">// Unused; avoids linker error on Microsoft X64 non-AESNI platforms</span></div><div class="line"><a name="l00108"></a><span class="lineno"> 108</span> <span class="keyword">namespace </span>rdtable {CRYPTOPP_ALIGN_DATA(16) word64 Te[256+2];}</div><div class="line"><a name="l00109"></a><span class="lineno"> 109</span> <span class="preprocessor"># endif</span></div><div class="line"><a name="l00110"></a><span class="lineno"> 110</span> CRYPTOPP_ALIGN_DATA(16) static word32 Te[256*4];</div><div class="line"><a name="l00111"></a><span class="lineno"> 111</span> CRYPTOPP_ALIGN_DATA(16) static word32 Td[256*4];</div><div class="line"><a name="l00112"></a><span class="lineno"> 112</span> <span class="preprocessor">#endif // CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS</span></div><div class="line"><a name="l00113"></a><span class="lineno"> 113</span> </div><div class="line"><a name="l00114"></a><span class="lineno"> 114</span> <span class="keyword">static</span> <span class="keyword">volatile</span> <span class="keywordtype">bool</span> s_TeFilled = <span class="keyword">false</span>, s_TdFilled = <span class="keyword">false</span>;</div><div class="line"><a name="l00115"></a><span class="lineno"> 115</span> </div><div class="line"><a name="l00116"></a><span class="lineno"> 116</span> ANONYMOUS_NAMESPACE_BEGIN</div><div class="line"><a name="l00117"></a><span class="lineno"> 117</span> </div><div class="line"><a name="l00118"></a><span class="lineno"> 118</span> CRYPTOPP_ALIGN_DATA(16)</div><div class="line"><a name="l00119"></a><span class="lineno"> 119</span> const word32 s_one[] = {0, 0, 0, 1<<24};</div><div class="line"><a name="l00120"></a><span class="lineno"> 120</span> </div><div class="line"><a name="l00121"></a><span class="lineno"> 121</span> <span class="comment">/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */</span></div><div class="line"><a name="l00122"></a><span class="lineno"> 122</span> CRYPTOPP_ALIGN_DATA(16)</div><div class="line"><a name="l00123"></a><span class="lineno"> 123</span> const word32 s_rconLE[] = {</div><div class="line"><a name="l00124"></a><span class="lineno"> 124</span>  0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36</div><div class="line"><a name="l00125"></a><span class="lineno"> 125</span> };</div><div class="line"><a name="l00126"></a><span class="lineno"> 126</span> </div><div class="line"><a name="l00127"></a><span class="lineno"> 127</span> <span class="preprocessor">#if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86</span></div><div class="line"><a name="l00128"></a><span class="lineno"> 128</span> </div><div class="line"><a name="l00129"></a><span class="lineno"> 129</span> <span class="comment">// Determine whether the range between begin and end overlaps</span></div><div class="line"><a name="l00130"></a><span class="lineno"> 130</span> <span class="comment">// with the same 4k block offsets as the Te table. Logically,</span></div><div class="line"><a name="l00131"></a><span class="lineno"> 131</span> <span class="comment">// the code is trying to create the condition:</span></div><div class="line"><a name="l00132"></a><span class="lineno"> 132</span> <span class="comment">//</span></div><div class="line"><a name="l00133"></a><span class="lineno"> 133</span> <span class="comment">// Two sepearate memory pages:</span></div><div class="line"><a name="l00134"></a><span class="lineno"> 134</span> <span class="comment">//</span></div><div class="line"><a name="l00135"></a><span class="lineno"> 135</span> <span class="comment">// +-----+ +-----+</span></div><div class="line"><a name="l00136"></a><span class="lineno"> 136</span> <span class="comment">// |XXXXX| |YYYYY|</span></div><div class="line"><a name="l00137"></a><span class="lineno"> 137</span> <span class="comment">// |XXXXX| |YYYYY|</span></div><div class="line"><a name="l00138"></a><span class="lineno"> 138</span> <span class="comment">// | | | |</span></div><div class="line"><a name="l00139"></a><span class="lineno"> 139</span> <span class="comment">// | | | |</span></div><div class="line"><a name="l00140"></a><span class="lineno"> 140</span> <span class="comment">// +-----+ +-----+</span></div><div class="line"><a name="l00141"></a><span class="lineno"> 141</span> <span class="comment">// Te Table Locals</span></div><div class="line"><a name="l00142"></a><span class="lineno"> 142</span> <span class="comment">//</span></div><div class="line"><a name="l00143"></a><span class="lineno"> 143</span> <span class="comment">// Have a logical cache view of (X and Y may be inverted):</span></div><div class="line"><a name="l00144"></a><span class="lineno"> 144</span> <span class="comment">//</span></div><div class="line"><a name="l00145"></a><span class="lineno"> 145</span> <span class="comment">// +-----+</span></div><div class="line"><a name="l00146"></a><span class="lineno"> 146</span> <span class="comment">// |XXXXX|</span></div><div class="line"><a name="l00147"></a><span class="lineno"> 147</span> <span class="comment">// |XXXXX|</span></div><div class="line"><a name="l00148"></a><span class="lineno"> 148</span> <span class="comment">// |YYYYY|</span></div><div class="line"><a name="l00149"></a><span class="lineno"> 149</span> <span class="comment">// |YYYYY|</span></div><div class="line"><a name="l00150"></a><span class="lineno"> 150</span> <span class="comment">// +-----+</span></div><div class="line"><a name="l00151"></a><span class="lineno"> 151</span> <span class="comment">//</span></div><div class="line"><a name="l00152"></a><span class="lineno"> 152</span> <span class="keyword">static</span> <span class="keyword">inline</span> <span class="keywordtype">bool</span> AliasedWithTable(<span class="keyword">const</span> byte *begin, <span class="keyword">const</span> byte *end)</div><div class="line"><a name="l00153"></a><span class="lineno"> 153</span> {</div><div class="line"><a name="l00154"></a><span class="lineno"> 154</span>  ptrdiff_t s0 = uintptr_t(begin)%4096, s1 = uintptr_t(end)%4096;</div><div class="line"><a name="l00155"></a><span class="lineno"> 155</span>  ptrdiff_t t0 = uintptr_t(Te)%4096, t1 = (uintptr_t(Te)+<span class="keyword">sizeof</span>(Te))%4096;</div><div class="line"><a name="l00156"></a><span class="lineno"> 156</span>  <span class="keywordflow">if</span> (t1 > t0)</div><div class="line"><a name="l00157"></a><span class="lineno"> 157</span>  <span class="keywordflow">return</span> (s0 >= t0 && s0 < t1) || (s1 > t0 && s1 <= t1);</div><div class="line"><a name="l00158"></a><span class="lineno"> 158</span>  <span class="keywordflow">else</span></div><div class="line"><a name="l00159"></a><span class="lineno"> 159</span>  <span class="keywordflow">return</span> (s0 < t1 || s1 <= t1) || (s0 >= t0 || s1 > t0);</div><div class="line"><a name="l00160"></a><span class="lineno"> 160</span> }</div><div class="line"><a name="l00161"></a><span class="lineno"> 161</span> </div><div class="line"><a name="l00162"></a><span class="lineno"> 162</span> <span class="keyword">struct </span>Locals</div><div class="line"><a name="l00163"></a><span class="lineno"> 163</span> {</div><div class="line"><a name="l00164"></a><span class="lineno"> 164</span>  word32 subkeys[4*12], workspace[8];</div><div class="line"><a name="l00165"></a><span class="lineno"> 165</span>  <span class="keyword">const</span> byte *inBlocks, *inXorBlocks, *outXorBlocks;</div><div class="line"><a name="l00166"></a><span class="lineno"> 166</span>  byte *outBlocks;</div><div class="line"><a name="l00167"></a><span class="lineno"> 167</span>  <span class="keywordtype">size_t</span> inIncrement, inXorIncrement, outXorIncrement, outIncrement;</div><div class="line"><a name="l00168"></a><span class="lineno"> 168</span>  <span class="keywordtype">size_t</span> regSpill, lengthAndCounterFlag, keysBegin;</div><div class="line"><a name="l00169"></a><span class="lineno"> 169</span> };</div><div class="line"><a name="l00170"></a><span class="lineno"> 170</span> </div><div class="line"><a name="l00171"></a><span class="lineno"> 171</span> <span class="keyword">const</span> <span class="keywordtype">size_t</span> s_aliasPageSize = 4096;</div><div class="line"><a name="l00172"></a><span class="lineno"> 172</span> <span class="keyword">const</span> <span class="keywordtype">size_t</span> s_aliasBlockSize = 256;</div><div class="line"><a name="l00173"></a><span class="lineno"> 173</span> <span class="keyword">const</span> <span class="keywordtype">size_t</span> s_sizeToAllocate = s_aliasPageSize + s_aliasBlockSize + <span class="keyword">sizeof</span>(Locals);</div><div class="line"><a name="l00174"></a><span class="lineno"> 174</span> </div><div class="line"><a name="l00175"></a><span class="lineno"> 175</span> <span class="preprocessor">#endif // CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86</span></div><div class="line"><a name="l00176"></a><span class="lineno"> 176</span> </div><div class="line"><a name="l00177"></a><span class="lineno"> 177</span> ANONYMOUS_NAMESPACE_END</div><div class="line"><a name="l00178"></a><span class="lineno"> 178</span> </div><div class="line"><a name="l00179"></a><span class="lineno"> 179</span> <span class="comment">// ************************* Portable Code ************************************</span></div><div class="line"><a name="l00180"></a><span class="lineno"> 180</span> </div><div class="line"><a name="l00181"></a><span class="lineno"> 181</span> <span class="preprocessor">#define QUARTER_ROUND(L, T, t, a, b, c, d) \</span></div><div class="line"><a name="l00182"></a><span class="lineno"> 182</span> <span class="preprocessor"> a ^= L(T, 3, byte(t)); t >>= 8;\</span></div><div class="line"><a name="l00183"></a><span class="lineno"> 183</span> <span class="preprocessor"> b ^= L(T, 2, byte(t)); t >>= 8;\</span></div><div class="line"><a name="l00184"></a><span class="lineno"> 184</span> <span class="preprocessor"> c ^= L(T, 1, byte(t)); t >>= 8;\</span></div><div class="line"><a name="l00185"></a><span class="lineno"> 185</span> <span class="preprocessor"> d ^= L(T, 0, t);</span></div><div class="line"><a name="l00186"></a><span class="lineno"> 186</span> </div><div class="line"><a name="l00187"></a><span class="lineno"> 187</span> <span class="preprocessor">#define QUARTER_ROUND_LE(t, a, b, c, d) \</span></div><div class="line"><a name="l00188"></a><span class="lineno"> 188</span> <span class="preprocessor"> tempBlock[a] = ((byte *)(Te+byte(t)))[1]; t >>= 8;\</span></div><div class="line"><a name="l00189"></a><span class="lineno"> 189</span> <span class="preprocessor"> tempBlock[b] = ((byte *)(Te+byte(t)))[1]; t >>= 8;\</span></div><div class="line"><a name="l00190"></a><span class="lineno"> 190</span> <span class="preprocessor"> tempBlock[c] = ((byte *)(Te+byte(t)))[1]; t >>= 8;\</span></div><div class="line"><a name="l00191"></a><span class="lineno"> 191</span> <span class="preprocessor"> tempBlock[d] = ((byte *)(Te+t))[1];</span></div><div class="line"><a name="l00192"></a><span class="lineno"> 192</span> </div><div class="line"><a name="l00193"></a><span class="lineno"> 193</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00194"></a><span class="lineno"> 194</span> <span class="preprocessor"> #define QUARTER_ROUND_LD(t, a, b, c, d) \</span></div><div class="line"><a name="l00195"></a><span class="lineno"> 195</span> <span class="preprocessor"> tempBlock[a] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\</span></div><div class="line"><a name="l00196"></a><span class="lineno"> 196</span> <span class="preprocessor"> tempBlock[b] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\</span></div><div class="line"><a name="l00197"></a><span class="lineno"> 197</span> <span class="preprocessor"> tempBlock[c] = ((byte *)(Td+byte(t)))[GetNativeByteOrder()*7]; t >>= 8;\</span></div><div class="line"><a name="l00198"></a><span class="lineno"> 198</span> <span class="preprocessor"> tempBlock[d] = ((byte *)(Td+t))[GetNativeByteOrder()*7];</span></div><div class="line"><a name="l00199"></a><span class="lineno"> 199</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00200"></a><span class="lineno"> 200</span> <span class="preprocessor"> #define QUARTER_ROUND_LD(t, a, b, c, d) \</span></div><div class="line"><a name="l00201"></a><span class="lineno"> 201</span> <span class="preprocessor"> tempBlock[a] = Sd[byte(t)]; t >>= 8;\</span></div><div class="line"><a name="l00202"></a><span class="lineno"> 202</span> <span class="preprocessor"> tempBlock[b] = Sd[byte(t)]; t >>= 8;\</span></div><div class="line"><a name="l00203"></a><span class="lineno"> 203</span> <span class="preprocessor"> tempBlock[c] = Sd[byte(t)]; t >>= 8;\</span></div><div class="line"><a name="l00204"></a><span class="lineno"> 204</span> <span class="preprocessor"> tempBlock[d] = Sd[t];</span></div><div class="line"><a name="l00205"></a><span class="lineno"> 205</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00206"></a><span class="lineno"> 206</span> </div><div class="line"><a name="l00207"></a><span class="lineno"> 207</span> <span class="preprocessor">#define QUARTER_ROUND_E(t, a, b, c, d) QUARTER_ROUND(TL_M, Te, t, a, b, c, d)</span></div><div class="line"><a name="l00208"></a><span class="lineno"> 208</span> <span class="preprocessor">#define QUARTER_ROUND_D(t, a, b, c, d) QUARTER_ROUND(TL_M, Td, t, a, b, c, d)</span></div><div class="line"><a name="l00209"></a><span class="lineno"> 209</span> </div><div class="line"><a name="l00210"></a><span class="lineno"> 210</span> <span class="preprocessor">#ifdef CRYPTOPP_LITTLE_ENDIAN</span></div><div class="line"><a name="l00211"></a><span class="lineno"> 211</span> <span class="preprocessor"> #define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, d, c, b, a)</span></div><div class="line"><a name="l00212"></a><span class="lineno"> 212</span> <span class="preprocessor"> #define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, d, c, b, a)</span></div><div class="line"><a name="l00213"></a><span class="lineno"> 213</span> <span class="preprocessor"> #if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00214"></a><span class="lineno"> 214</span> <span class="preprocessor"> #define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (6-i)%4+1))</span></div><div class="line"><a name="l00215"></a><span class="lineno"> 215</span> <span class="preprocessor"> #define TL_M(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (i+3)%4+1))</span></div><div class="line"><a name="l00216"></a><span class="lineno"> 216</span> <span class="preprocessor"> #else</span></div><div class="line"><a name="l00217"></a><span class="lineno"> 217</span> <span class="preprocessor"> #define TL_F(T, i, x) rotrFixed(T[x], (3-i)*8)</span></div><div class="line"><a name="l00218"></a><span class="lineno"> 218</span> <span class="preprocessor"> #define TL_M(T, i, x) T[i*256 + x]</span></div><div class="line"><a name="l00219"></a><span class="lineno"> 219</span> <span class="preprocessor"> #endif</span></div><div class="line"><a name="l00220"></a><span class="lineno"> 220</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00221"></a><span class="lineno"> 221</span> <span class="preprocessor"> #define QUARTER_ROUND_FE(t, a, b, c, d) QUARTER_ROUND(TL_F, Te, t, a, b, c, d)</span></div><div class="line"><a name="l00222"></a><span class="lineno"> 222</span> <span class="preprocessor"> #define QUARTER_ROUND_FD(t, a, b, c, d) QUARTER_ROUND(TL_F, Td, t, a, b, c, d)</span></div><div class="line"><a name="l00223"></a><span class="lineno"> 223</span> <span class="preprocessor"> #if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00224"></a><span class="lineno"> 224</span> <span class="preprocessor"> #define TL_F(T, i, x) (*(word32 *)(void *)((byte *)T + x*8 + (4-i)%4))</span></div><div class="line"><a name="l00225"></a><span class="lineno"> 225</span> <span class="preprocessor"> #define TL_M TL_F</span></div><div class="line"><a name="l00226"></a><span class="lineno"> 226</span> <span class="preprocessor"> #else</span></div><div class="line"><a name="l00227"></a><span class="lineno"> 227</span> <span class="preprocessor"> #define TL_F(T, i, x) rotrFixed(T[x], i*8)</span></div><div class="line"><a name="l00228"></a><span class="lineno"> 228</span> <span class="preprocessor"> #define TL_M(T, i, x) T[i*256 + x]</span></div><div class="line"><a name="l00229"></a><span class="lineno"> 229</span> <span class="preprocessor"> #endif</span></div><div class="line"><a name="l00230"></a><span class="lineno"> 230</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00231"></a><span class="lineno"> 231</span> </div><div class="line"><a name="l00232"></a><span class="lineno"> 232</span> </div><div class="line"><a name="l00233"></a><span class="lineno"> 233</span> <span class="preprocessor">#define f2(x) ((x<<1)^(((x>>7)&1)*0x11b))</span></div><div class="line"><a name="l00234"></a><span class="lineno"> 234</span> <span class="preprocessor">#define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b))</span></div><div class="line"><a name="l00235"></a><span class="lineno"> 235</span> <span class="preprocessor">#define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b))</span></div><div class="line"><a name="l00236"></a><span class="lineno"> 236</span> </div><div class="line"><a name="l00237"></a><span class="lineno"> 237</span> <span class="preprocessor">#define f3(x) (f2(x) ^ x)</span></div><div class="line"><a name="l00238"></a><span class="lineno"> 238</span> <span class="preprocessor">#define f9(x) (f8(x) ^ x)</span></div><div class="line"><a name="l00239"></a><span class="lineno"> 239</span> <span class="preprocessor">#define fb(x) (f8(x) ^ f2(x) ^ x)</span></div><div class="line"><a name="l00240"></a><span class="lineno"> 240</span> <span class="preprocessor">#define fd(x) (f8(x) ^ f4(x) ^ x)</span></div><div class="line"><a name="l00241"></a><span class="lineno"> 241</span> <span class="preprocessor">#define fe(x) (f8(x) ^ f4(x) ^ f2(x))</span></div><div class="line"><a name="l00242"></a><span class="lineno"> 242</span> </div><div class="line"><a name="l00243"></a><span class="lineno"> 243</span> <span class="keywordtype">void</span> Rijndael::Base::FillEncTable()</div><div class="line"><a name="l00244"></a><span class="lineno"> 244</span> {</div><div class="line"><a name="l00245"></a><span class="lineno"> 245</span>  <span class="keywordflow">for</span> (<span class="keywordtype">int</span> i=0; i<256; i++)</div><div class="line"><a name="l00246"></a><span class="lineno"> 246</span>  {</div><div class="line"><a name="l00247"></a><span class="lineno"> 247</span>  byte x = Se[i];</div><div class="line"><a name="l00248"></a><span class="lineno"> 248</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00249"></a><span class="lineno"> 249</span>  word32 y = word32(x)<<8 | word32(x)<<16 | word32(f2(x))<<24;</div><div class="line"><a name="l00250"></a><span class="lineno"> 250</span>  Te[i] = word64(y | f3(x))<<32 | y;</div><div class="line"><a name="l00251"></a><span class="lineno"> 251</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00252"></a><span class="lineno"> 252</span>  word32 y = f3(x) | word32(x)<<8 | word32(x)<<16 | word32(f2(x))<<24;</div><div class="line"><a name="l00253"></a><span class="lineno"> 253</span>  <span class="keywordflow">for</span> (<span class="keywordtype">int</span> j=0; j<4; j++)</div><div class="line"><a name="l00254"></a><span class="lineno"> 254</span>  {</div><div class="line"><a name="l00255"></a><span class="lineno"> 255</span>  Te[i+j*256] = y;</div><div class="line"><a name="l00256"></a><span class="lineno"> 256</span>  y = rotrConstant<8>(y);</div><div class="line"><a name="l00257"></a><span class="lineno"> 257</span>  }</div><div class="line"><a name="l00258"></a><span class="lineno"> 258</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00259"></a><span class="lineno"> 259</span>  }</div><div class="line"><a name="l00260"></a><span class="lineno"> 260</span> <span class="preprocessor">#if (CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)</span></div><div class="line"><a name="l00261"></a><span class="lineno"> 261</span>  Te[256] = Te[257] = 0;</div><div class="line"><a name="l00262"></a><span class="lineno"> 262</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00263"></a><span class="lineno"> 263</span>  s_TeFilled = <span class="keyword">true</span>;</div><div class="line"><a name="l00264"></a><span class="lineno"> 264</span> }</div><div class="line"><a name="l00265"></a><span class="lineno"> 265</span> </div><div class="line"><a name="l00266"></a><span class="lineno"> 266</span> <span class="keywordtype">void</span> Rijndael::Base::FillDecTable()</div><div class="line"><a name="l00267"></a><span class="lineno"> 267</span> {</div><div class="line"><a name="l00268"></a><span class="lineno"> 268</span>  <span class="keywordflow">for</span> (<span class="keywordtype">int</span> i=0; i<256; i++)</div><div class="line"><a name="l00269"></a><span class="lineno"> 269</span>  {</div><div class="line"><a name="l00270"></a><span class="lineno"> 270</span>  byte x = Sd[i];</div><div class="line"><a name="l00271"></a><span class="lineno"> 271</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00272"></a><span class="lineno"> 272</span>  word32 y = word32(fd(x))<<8 | word32(f9(x))<<16 | word32(fe(x))<<24;</div><div class="line"><a name="l00273"></a><span class="lineno"> 273</span>  Td[i] = word64(y | fb(x))<<32 | y | x;</div><div class="line"><a name="l00274"></a><span class="lineno"> 274</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00275"></a><span class="lineno"> 275</span>  word32 y = fb(x) | word32(fd(x))<<8 | word32(f9(x))<<16 | word32(fe(x))<<24;;</div><div class="line"><a name="l00276"></a><span class="lineno"> 276</span>  <span class="keywordflow">for</span> (<span class="keywordtype">int</span> j=0; j<4; j++)</div><div class="line"><a name="l00277"></a><span class="lineno"> 277</span>  {</div><div class="line"><a name="l00278"></a><span class="lineno"> 278</span>  Td[i+j*256] = y;</div><div class="line"><a name="l00279"></a><span class="lineno"> 279</span>  y = rotrConstant<8>(y);</div><div class="line"><a name="l00280"></a><span class="lineno"> 280</span>  }</div><div class="line"><a name="l00281"></a><span class="lineno"> 281</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00282"></a><span class="lineno"> 282</span>  }</div><div class="line"><a name="l00283"></a><span class="lineno"> 283</span>  s_TdFilled = <span class="keyword">true</span>;</div><div class="line"><a name="l00284"></a><span class="lineno"> 284</span> }</div><div class="line"><a name="l00285"></a><span class="lineno"> 285</span> </div><div class="line"><a name="l00286"></a><span class="lineno"> 286</span> <span class="preprocessor">#if (CRYPTOPP_AESNI_AVAILABLE)</span></div><div class="line"><a name="l00287"></a><span class="lineno"> 287</span> <span class="keyword">extern</span> <span class="keywordtype">void</span> Rijndael_UncheckedSetKey_SSE4_AESNI(<span class="keyword">const</span> byte *userKey, <span class="keywordtype">size_t</span> keyLen, word32* rk);</div><div class="line"><a name="l00288"></a><span class="lineno"> 288</span> <span class="keyword">extern</span> <span class="keywordtype">void</span> Rijndael_UncheckedSetKeyRev_AESNI(word32 *key, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> rounds);</div><div class="line"><a name="l00289"></a><span class="lineno"> 289</span> </div><div class="line"><a name="l00290"></a><span class="lineno"> 290</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Enc_AdvancedProcessBlocks_AESNI(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00291"></a><span class="lineno"> 291</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00292"></a><span class="lineno"> 292</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Dec_AdvancedProcessBlocks_AESNI(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00293"></a><span class="lineno"> 293</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00294"></a><span class="lineno"> 294</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00295"></a><span class="lineno"> 295</span> </div><div class="line"><a name="l00296"></a><span class="lineno"> 296</span> <span class="preprocessor">#if (CRYPTOPP_ARM_AES_AVAILABLE)</span></div><div class="line"><a name="l00297"></a><span class="lineno"> 297</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Enc_AdvancedProcessBlocks_ARMV8(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00298"></a><span class="lineno"> 298</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00299"></a><span class="lineno"> 299</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Dec_AdvancedProcessBlocks_ARMV8(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00300"></a><span class="lineno"> 300</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00301"></a><span class="lineno"> 301</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00302"></a><span class="lineno"> 302</span> </div><div class="line"><a name="l00303"></a><span class="lineno"> 303</span> <span class="preprocessor">#if (CRYPTOPP_POWER8_AES_AVAILABLE)</span></div><div class="line"><a name="l00304"></a><span class="lineno"> 304</span> <span class="keyword">extern</span> <span class="keywordtype">void</span> Rijndael_UncheckedSetKey_POWER8(<span class="keyword">const</span> byte* userKey, <span class="keywordtype">size_t</span> keyLen,</div><div class="line"><a name="l00305"></a><span class="lineno"> 305</span>  word32* rk, <span class="keyword">const</span> byte* Se);</div><div class="line"><a name="l00306"></a><span class="lineno"> 306</span> </div><div class="line"><a name="l00307"></a><span class="lineno"> 307</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Enc_AdvancedProcessBlocks128_6x1_ALTIVEC(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00308"></a><span class="lineno"> 308</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00309"></a><span class="lineno"> 309</span> <span class="keyword">extern</span> <span class="keywordtype">size_t</span> Rijndael_Dec_AdvancedProcessBlocks128_6x1_ALTIVEC(<span class="keyword">const</span> word32 *subkeys, <span class="keywordtype">size_t</span> rounds,</div><div class="line"><a name="l00310"></a><span class="lineno"> 310</span>  <span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags);</div><div class="line"><a name="l00311"></a><span class="lineno"> 311</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00312"></a><span class="lineno"> 312</span> </div><div class="line"><a name="l00313"></a><span class="lineno"> 313</span> <span class="keywordtype">void</span> Rijndael::Base::UncheckedSetKey(<span class="keyword">const</span> byte *userKey, <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> keyLen, <span class="keyword">const</span> <a class="code" href="class_name_value_pairs.html">NameValuePairs</a> &)</div><div class="line"><a name="l00314"></a><span class="lineno"> 314</span> {</div><div class="line"><a name="l00315"></a><span class="lineno"> 315</span>  AssertValidKeyLength(keyLen);</div><div class="line"><a name="l00316"></a><span class="lineno"> 316</span> </div><div class="line"><a name="l00317"></a><span class="lineno"> 317</span> <span class="preprocessor">#if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86</span></div><div class="line"><a name="l00318"></a><span class="lineno"> 318</span>  m_aliasBlock.New(s_sizeToAllocate);</div><div class="line"><a name="l00319"></a><span class="lineno"> 319</span>  <span class="comment">// The alias block is only used on IA-32 when unaligned data access is in effect.</span></div><div class="line"><a name="l00320"></a><span class="lineno"> 320</span>  <span class="comment">// Setting the low water mark to 0 avoids zeroization when m_aliasBlock is unused.</span></div><div class="line"><a name="l00321"></a><span class="lineno"> 321</span>  m_aliasBlock.SetMark(0);</div><div class="line"><a name="l00322"></a><span class="lineno"> 322</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00323"></a><span class="lineno"> 323</span> </div><div class="line"><a name="l00324"></a><span class="lineno"> 324</span>  m_rounds = keyLen/4 + 6;</div><div class="line"><a name="l00325"></a><span class="lineno"> 325</span>  m_key.New(4*(m_rounds+1));</div><div class="line"><a name="l00326"></a><span class="lineno"> 326</span>  word32 *rk = m_key;</div><div class="line"><a name="l00327"></a><span class="lineno"> 327</span> </div><div class="line"><a name="l00328"></a><span class="lineno"> 328</span> <span class="preprocessor">#if (CRYPTOPP_AESNI_AVAILABLE && CRYPTOPP_SSE41_AVAILABLE && (!defined(_MSC_VER) || _MSC_VER >= 1600 || CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32))</span></div><div class="line"><a name="l00329"></a><span class="lineno"> 329</span>  <span class="comment">// MSVC 2008 SP1 generates bad code for _mm_extract_epi32() when compiling for X64</span></div><div class="line"><a name="l00330"></a><span class="lineno"> 330</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>() && <a class="code" href="cpu_8h.html#afeba098225030e7a23454cc7abbdec7a">HasSSE41</a>())</div><div class="line"><a name="l00331"></a><span class="lineno"> 331</span>  {</div><div class="line"><a name="l00332"></a><span class="lineno"> 332</span>  <span class="comment">// TODO: Add non-SSE4.1 variant for low-end Atoms. The low-end</span></div><div class="line"><a name="l00333"></a><span class="lineno"> 333</span>  <span class="comment">// Atoms have SSE2-SSSE3 and AES-NI, but not SSE4.1 or SSE4.2.</span></div><div class="line"><a name="l00334"></a><span class="lineno"> 334</span>  Rijndael_UncheckedSetKey_SSE4_AESNI(userKey, keyLen, rk);</div><div class="line"><a name="l00335"></a><span class="lineno"> 335</span>  <span class="keywordflow">if</span> (!IsForwardTransformation())</div><div class="line"><a name="l00336"></a><span class="lineno"> 336</span>  Rijndael_UncheckedSetKeyRev_AESNI(m_key, m_rounds);</div><div class="line"><a name="l00337"></a><span class="lineno"> 337</span> </div><div class="line"><a name="l00338"></a><span class="lineno"> 338</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00339"></a><span class="lineno"> 339</span>  }</div><div class="line"><a name="l00340"></a><span class="lineno"> 340</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00341"></a><span class="lineno"> 341</span> </div><div class="line"><a name="l00342"></a><span class="lineno"> 342</span> <span class="preprocessor">#if CRYPTOPP_POWER8_AES_AVAILABLE</span></div><div class="line"><a name="l00343"></a><span class="lineno"> 343</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00344"></a><span class="lineno"> 344</span>  {</div><div class="line"><a name="l00345"></a><span class="lineno"> 345</span>  <span class="comment">// We still need rcon and Se to fallback to C/C++ for AES-192 and AES-256.</span></div><div class="line"><a name="l00346"></a><span class="lineno"> 346</span>  <span class="comment">// The IBM docs on AES sucks. Intel's docs on AESNI puts IBM to shame.</span></div><div class="line"><a name="l00347"></a><span class="lineno"> 347</span>  Rijndael_UncheckedSetKey_POWER8(userKey, keyLen, rk, Se);</div><div class="line"><a name="l00348"></a><span class="lineno"> 348</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00349"></a><span class="lineno"> 349</span>  }</div><div class="line"><a name="l00350"></a><span class="lineno"> 350</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00351"></a><span class="lineno"> 351</span> </div><div class="line"><a name="l00352"></a><span class="lineno"> 352</span>  GetUserKey(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk, keyLen/4, userKey, keyLen);</div><div class="line"><a name="l00353"></a><span class="lineno"> 353</span>  <span class="keyword">const</span> word32 *rc = rcon;</div><div class="line"><a name="l00354"></a><span class="lineno"> 354</span>  word32 temp;</div><div class="line"><a name="l00355"></a><span class="lineno"> 355</span> </div><div class="line"><a name="l00356"></a><span class="lineno"> 356</span>  <span class="keywordflow">while</span> (<span class="keyword">true</span>)</div><div class="line"><a name="l00357"></a><span class="lineno"> 357</span>  {</div><div class="line"><a name="l00358"></a><span class="lineno"> 358</span>  temp = rk[keyLen/4-1];</div><div class="line"><a name="l00359"></a><span class="lineno"> 359</span>  word32 x = (word32(Se[GETBYTE(temp, 2)]) << 24) ^ (word32(Se[GETBYTE(temp, 1)]) << 16) ^</div><div class="line"><a name="l00360"></a><span class="lineno"> 360</span>  (word32(Se[GETBYTE(temp, 0)]) << 8) ^ Se[GETBYTE(temp, 3)];</div><div class="line"><a name="l00361"></a><span class="lineno"> 361</span>  rk[keyLen/4] = rk[0] ^ x ^ *(rc++);</div><div class="line"><a name="l00362"></a><span class="lineno"> 362</span>  rk[keyLen/4+1] = rk[1] ^ rk[keyLen/4];</div><div class="line"><a name="l00363"></a><span class="lineno"> 363</span>  rk[keyLen/4+2] = rk[2] ^ rk[keyLen/4+1];</div><div class="line"><a name="l00364"></a><span class="lineno"> 364</span>  rk[keyLen/4+3] = rk[3] ^ rk[keyLen/4+2];</div><div class="line"><a name="l00365"></a><span class="lineno"> 365</span> </div><div class="line"><a name="l00366"></a><span class="lineno"> 366</span>  <span class="keywordflow">if</span> (rk + keyLen/4 + 4 == m_key.end())</div><div class="line"><a name="l00367"></a><span class="lineno"> 367</span>  <span class="keywordflow">break</span>;</div><div class="line"><a name="l00368"></a><span class="lineno"> 368</span> </div><div class="line"><a name="l00369"></a><span class="lineno"> 369</span>  <span class="keywordflow">if</span> (keyLen == 24)</div><div class="line"><a name="l00370"></a><span class="lineno"> 370</span>  {</div><div class="line"><a name="l00371"></a><span class="lineno"> 371</span>  rk[10] = rk[ 4] ^ rk[ 9];</div><div class="line"><a name="l00372"></a><span class="lineno"> 372</span>  rk[11] = rk[ 5] ^ rk[10];</div><div class="line"><a name="l00373"></a><span class="lineno"> 373</span>  }</div><div class="line"><a name="l00374"></a><span class="lineno"> 374</span>  <span class="keywordflow">else</span> <span class="keywordflow">if</span> (keyLen == 32)</div><div class="line"><a name="l00375"></a><span class="lineno"> 375</span>  {</div><div class="line"><a name="l00376"></a><span class="lineno"> 376</span>  temp = rk[11];</div><div class="line"><a name="l00377"></a><span class="lineno"> 377</span>  rk[12] = rk[ 4] ^ (word32(Se[GETBYTE(temp, 3)]) << 24) ^ (word32(Se[GETBYTE(temp, 2)]) << 16) ^ (word32(Se[GETBYTE(temp, 1)]) << 8) ^ Se[GETBYTE(temp, 0)];</div><div class="line"><a name="l00378"></a><span class="lineno"> 378</span>  rk[13] = rk[ 5] ^ rk[12];</div><div class="line"><a name="l00379"></a><span class="lineno"> 379</span>  rk[14] = rk[ 6] ^ rk[13];</div><div class="line"><a name="l00380"></a><span class="lineno"> 380</span>  rk[15] = rk[ 7] ^ rk[14];</div><div class="line"><a name="l00381"></a><span class="lineno"> 381</span>  }</div><div class="line"><a name="l00382"></a><span class="lineno"> 382</span>  rk += keyLen/4;</div><div class="line"><a name="l00383"></a><span class="lineno"> 383</span>  }</div><div class="line"><a name="l00384"></a><span class="lineno"> 384</span> </div><div class="line"><a name="l00385"></a><span class="lineno"> 385</span>  rk = m_key;</div><div class="line"><a name="l00386"></a><span class="lineno"> 386</span> </div><div class="line"><a name="l00387"></a><span class="lineno"> 387</span>  <span class="keywordflow">if</span> (IsForwardTransformation())</div><div class="line"><a name="l00388"></a><span class="lineno"> 388</span>  {</div><div class="line"><a name="l00389"></a><span class="lineno"> 389</span>  <span class="keywordflow">if</span> (!s_TeFilled)</div><div class="line"><a name="l00390"></a><span class="lineno"> 390</span>  FillEncTable();</div><div class="line"><a name="l00391"></a><span class="lineno"> 391</span> </div><div class="line"><a name="l00392"></a><span class="lineno"> 392</span>  <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk, rk, 16);</div><div class="line"><a name="l00393"></a><span class="lineno"> 393</span>  <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk + m_rounds*4, rk + m_rounds*4, 16);</div><div class="line"><a name="l00394"></a><span class="lineno"> 394</span>  }</div><div class="line"><a name="l00395"></a><span class="lineno"> 395</span>  <span class="keywordflow">else</span></div><div class="line"><a name="l00396"></a><span class="lineno"> 396</span>  {</div><div class="line"><a name="l00397"></a><span class="lineno"> 397</span>  <span class="keywordflow">if</span> (!s_TdFilled)</div><div class="line"><a name="l00398"></a><span class="lineno"> 398</span>  FillDecTable();</div><div class="line"><a name="l00399"></a><span class="lineno"> 399</span> </div><div class="line"><a name="l00400"></a><span class="lineno"> 400</span> <span class="preprocessor"> #define InverseMixColumn(x) \</span></div><div class="line"><a name="l00401"></a><span class="lineno"> 401</span> <span class="preprocessor"> TL_M(Td, 0, Se[GETBYTE(x, 3)]) ^ TL_M(Td, 1, Se[GETBYTE(x, 2)]) ^ \</span></div><div class="line"><a name="l00402"></a><span class="lineno"> 402</span> <span class="preprocessor"> TL_M(Td, 2, Se[GETBYTE(x, 1)]) ^ TL_M(Td, 3, Se[GETBYTE(x, 0)])</span></div><div class="line"><a name="l00403"></a><span class="lineno"> 403</span> </div><div class="line"><a name="l00404"></a><span class="lineno"> 404</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i, j;</div><div class="line"><a name="l00405"></a><span class="lineno"> 405</span>  <span class="keywordflow">for</span> (i = 4, j = 4*m_rounds-4; i < j; i += 4, j -= 4)</div><div class="line"><a name="l00406"></a><span class="lineno"> 406</span>  {</div><div class="line"><a name="l00407"></a><span class="lineno"> 407</span>  temp = InverseMixColumn(rk[i ]); rk[i ] = InverseMixColumn(rk[j ]); rk[j ] = temp;</div><div class="line"><a name="l00408"></a><span class="lineno"> 408</span>  temp = InverseMixColumn(rk[i + 1]); rk[i + 1] = InverseMixColumn(rk[j + 1]); rk[j + 1] = temp;</div><div class="line"><a name="l00409"></a><span class="lineno"> 409</span>  temp = InverseMixColumn(rk[i + 2]); rk[i + 2] = InverseMixColumn(rk[j + 2]); rk[j + 2] = temp;</div><div class="line"><a name="l00410"></a><span class="lineno"> 410</span>  temp = InverseMixColumn(rk[i + 3]); rk[i + 3] = InverseMixColumn(rk[j + 3]); rk[j + 3] = temp;</div><div class="line"><a name="l00411"></a><span class="lineno"> 411</span>  }</div><div class="line"><a name="l00412"></a><span class="lineno"> 412</span> </div><div class="line"><a name="l00413"></a><span class="lineno"> 413</span>  rk[i+0] = InverseMixColumn(rk[i+0]);</div><div class="line"><a name="l00414"></a><span class="lineno"> 414</span>  rk[i+1] = InverseMixColumn(rk[i+1]);</div><div class="line"><a name="l00415"></a><span class="lineno"> 415</span>  rk[i+2] = InverseMixColumn(rk[i+2]);</div><div class="line"><a name="l00416"></a><span class="lineno"> 416</span>  rk[i+3] = InverseMixColumn(rk[i+3]);</div><div class="line"><a name="l00417"></a><span class="lineno"> 417</span> </div><div class="line"><a name="l00418"></a><span class="lineno"> 418</span>  temp = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[0]); rk[0] = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[4*m_rounds+0]); rk[4*m_rounds+0] = temp;</div><div class="line"><a name="l00419"></a><span class="lineno"> 419</span>  temp = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[1]); rk[1] = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[4*m_rounds+1]); rk[4*m_rounds+1] = temp;</div><div class="line"><a name="l00420"></a><span class="lineno"> 420</span>  temp = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[2]); rk[2] = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[4*m_rounds+2]); rk[4*m_rounds+2] = temp;</div><div class="line"><a name="l00421"></a><span class="lineno"> 421</span>  temp = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[3]); rk[3] = <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk[4*m_rounds+3]); rk[4*m_rounds+3] = temp;</div><div class="line"><a name="l00422"></a><span class="lineno"> 422</span>  }</div><div class="line"><a name="l00423"></a><span class="lineno"> 423</span> </div><div class="line"><a name="l00424"></a><span class="lineno"> 424</span> <span class="preprocessor">#if CRYPTOPP_AESNI_AVAILABLE</span></div><div class="line"><a name="l00425"></a><span class="lineno"> 425</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>())</div><div class="line"><a name="l00426"></a><span class="lineno"> 426</span>  <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk+4, rk+4, (m_rounds-1)*16);</div><div class="line"><a name="l00427"></a><span class="lineno"> 427</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00428"></a><span class="lineno"> 428</span> <span class="preprocessor">#if CRYPTOPP_ARM_AES_AVAILABLE</span></div><div class="line"><a name="l00429"></a><span class="lineno"> 429</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00430"></a><span class="lineno"> 430</span>  <a class="code" href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a>(<a class="code" href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a>, rk+4, rk+4, (m_rounds-1)*16);</div><div class="line"><a name="l00431"></a><span class="lineno"> 431</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00432"></a><span class="lineno"> 432</span> }</div><div class="line"><a name="l00433"></a><span class="lineno"> 433</span> </div><div class="line"><a name="l00434"></a><span class="lineno"> 434</span> <span class="keywordtype">void</span> Rijndael::Enc::ProcessAndXorBlock(<span class="keyword">const</span> byte *inBlock, <span class="keyword">const</span> byte *xorBlock, byte *outBlock)<span class="keyword"> const</span></div><div class="line"><a name="l00435"></a><span class="lineno"> 435</span> <span class="keyword"></span>{</div><div class="line"><a name="l00436"></a><span class="lineno"> 436</span> <span class="preprocessor">#if CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE) || CRYPTOPP_AESNI_AVAILABLE</span></div><div class="line"><a name="l00437"></a><span class="lineno"> 437</span> <span class="preprocessor"># if (CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)</span></div><div class="line"><a name="l00438"></a><span class="lineno"> 438</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a962fa16f6d3a8a518912b39c3ea84062">HasSSE2</a>())</div><div class="line"><a name="l00439"></a><span class="lineno"> 439</span> <span class="preprocessor"># else</span></div><div class="line"><a name="l00440"></a><span class="lineno"> 440</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>())</div><div class="line"><a name="l00441"></a><span class="lineno"> 441</span> <span class="preprocessor"># endif</span></div><div class="line"><a name="l00442"></a><span class="lineno"> 442</span>  {</div><div class="line"><a name="l00443"></a><span class="lineno"> 443</span>  (void)Rijndael::Enc::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00444"></a><span class="lineno"> 444</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00445"></a><span class="lineno"> 445</span>  }</div><div class="line"><a name="l00446"></a><span class="lineno"> 446</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00447"></a><span class="lineno"> 447</span> </div><div class="line"><a name="l00448"></a><span class="lineno"> 448</span> <span class="preprocessor">#if (CRYPTOPP_ARM_AES_AVAILABLE)</span></div><div class="line"><a name="l00449"></a><span class="lineno"> 449</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00450"></a><span class="lineno"> 450</span>  {</div><div class="line"><a name="l00451"></a><span class="lineno"> 451</span>  (void)Rijndael::Enc::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00452"></a><span class="lineno"> 452</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00453"></a><span class="lineno"> 453</span>  }</div><div class="line"><a name="l00454"></a><span class="lineno"> 454</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00455"></a><span class="lineno"> 455</span> </div><div class="line"><a name="l00456"></a><span class="lineno"> 456</span> <span class="preprocessor">#if (CRYPTOPP_POWER8_AES_AVAILABLE)</span></div><div class="line"><a name="l00457"></a><span class="lineno"> 457</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00458"></a><span class="lineno"> 458</span>  {</div><div class="line"><a name="l00459"></a><span class="lineno"> 459</span>  (void)Rijndael::Enc::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00460"></a><span class="lineno"> 460</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00461"></a><span class="lineno"> 461</span>  }</div><div class="line"><a name="l00462"></a><span class="lineno"> 462</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00463"></a><span class="lineno"> 463</span> </div><div class="line"><a name="l00464"></a><span class="lineno"> 464</span>  <span class="keyword">typedef</span> <a class="code" href="struct_block_get_and_put.html">BlockGetAndPut<word32, NativeByteOrder></a> <a class="code" href="struct_block_get_and_put.html">Block</a>;</div><div class="line"><a name="l00465"></a><span class="lineno"> 465</span> </div><div class="line"><a name="l00466"></a><span class="lineno"> 466</span>  word32 s0, s1, s2, s3, t0, t1, t2, t3;</div><div class="line"><a name="l00467"></a><span class="lineno"> 467</span>  Block::Get(inBlock)(s0)(s1)(s2)(s3);</div><div class="line"><a name="l00468"></a><span class="lineno"> 468</span> </div><div class="line"><a name="l00469"></a><span class="lineno"> 469</span>  <span class="keyword">const</span> word32 *rk = m_key;</div><div class="line"><a name="l00470"></a><span class="lineno"> 470</span>  s0 ^= rk[0];</div><div class="line"><a name="l00471"></a><span class="lineno"> 471</span>  s1 ^= rk[1];</div><div class="line"><a name="l00472"></a><span class="lineno"> 472</span>  s2 ^= rk[2];</div><div class="line"><a name="l00473"></a><span class="lineno"> 473</span>  s3 ^= rk[3];</div><div class="line"><a name="l00474"></a><span class="lineno"> 474</span>  t0 = rk[4];</div><div class="line"><a name="l00475"></a><span class="lineno"> 475</span>  t1 = rk[5];</div><div class="line"><a name="l00476"></a><span class="lineno"> 476</span>  t2 = rk[6];</div><div class="line"><a name="l00477"></a><span class="lineno"> 477</span>  t3 = rk[7];</div><div class="line"><a name="l00478"></a><span class="lineno"> 478</span>  rk += 8;</div><div class="line"><a name="l00479"></a><span class="lineno"> 479</span> </div><div class="line"><a name="l00480"></a><span class="lineno"> 480</span>  <span class="comment">// timing attack countermeasure. see comments at top for more details.</span></div><div class="line"><a name="l00481"></a><span class="lineno"> 481</span>  <span class="comment">// also see http://github.com/weidai11/cryptopp/issues/146</span></div><div class="line"><a name="l00482"></a><span class="lineno"> 482</span>  <span class="keyword">const</span> <span class="keywordtype">int</span> cacheLineSize = <a class="code" href="cpu_8h.html#a7c008779986afa9c0463b2bc8fe17042">GetCacheLineSize</a>();</div><div class="line"><a name="l00483"></a><span class="lineno"> 483</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i;</div><div class="line"><a name="l00484"></a><span class="lineno"> 484</span>  <span class="keyword">volatile</span> word32 _u = 0;</div><div class="line"><a name="l00485"></a><span class="lineno"> 485</span>  word32 u = _u;</div><div class="line"><a name="l00486"></a><span class="lineno"> 486</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00487"></a><span class="lineno"> 487</span>  <span class="keywordflow">for</span> (i=0; i<2048; i+=cacheLineSize)</div><div class="line"><a name="l00488"></a><span class="lineno"> 488</span> #<span class="keywordflow">else</span></div><div class="line"><a name="l00489"></a><span class="lineno"> 489</span>  <span class="keywordflow">for</span> (i=0; i<1024; i+=cacheLineSize)</div><div class="line"><a name="l00490"></a><span class="lineno"> 490</span> #endif</div><div class="line"><a name="l00491"></a><span class="lineno"> 491</span>  u &= *(<span class="keyword">const</span> word32 *)(<span class="keyword">const</span> <span class="keywordtype">void</span> *)(((<span class="keyword">const</span> byte *)Te)+i);</div><div class="line"><a name="l00492"></a><span class="lineno"> 492</span>  u &= Te[255];</div><div class="line"><a name="l00493"></a><span class="lineno"> 493</span>  s0 |= u; s1 |= u; s2 |= u; s3 |= u;</div><div class="line"><a name="l00494"></a><span class="lineno"> 494</span> </div><div class="line"><a name="l00495"></a><span class="lineno"> 495</span>  QUARTER_ROUND_FE(s3, t0, t1, t2, t3)</div><div class="line"><a name="l00496"></a><span class="lineno"> 496</span>  QUARTER_ROUND_FE(s2, t3, t0, t1, t2)</div><div class="line"><a name="l00497"></a><span class="lineno"> 497</span>  QUARTER_ROUND_FE(s1, t2, t3, t0, t1)</div><div class="line"><a name="l00498"></a><span class="lineno"> 498</span>  QUARTER_ROUND_FE(s0, t1, t2, t3, t0)</div><div class="line"><a name="l00499"></a><span class="lineno"> 499</span> </div><div class="line"><a name="l00500"></a><span class="lineno"> 500</span>  <span class="comment">// Nr - 2 full rounds:</span></div><div class="line"><a name="l00501"></a><span class="lineno"> 501</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> r = m_rounds/2 - 1;</div><div class="line"><a name="l00502"></a><span class="lineno"> 502</span>  <span class="keywordflow">do</span></div><div class="line"><a name="l00503"></a><span class="lineno"> 503</span>  {</div><div class="line"><a name="l00504"></a><span class="lineno"> 504</span>  s0 = rk[0]; s1 = rk[1]; s2 = rk[2]; s3 = rk[3];</div><div class="line"><a name="l00505"></a><span class="lineno"> 505</span> </div><div class="line"><a name="l00506"></a><span class="lineno"> 506</span>  QUARTER_ROUND_E(t3, s0, s1, s2, s3)</div><div class="line"><a name="l00507"></a><span class="lineno"> 507</span>  QUARTER_ROUND_E(t2, s3, s0, s1, s2)</div><div class="line"><a name="l00508"></a><span class="lineno"> 508</span>  QUARTER_ROUND_E(t1, s2, s3, s0, s1)</div><div class="line"><a name="l00509"></a><span class="lineno"> 509</span>  QUARTER_ROUND_E(t0, s1, s2, s3, s0)</div><div class="line"><a name="l00510"></a><span class="lineno"> 510</span> </div><div class="line"><a name="l00511"></a><span class="lineno"> 511</span>  t0 = rk[4]; t1 = rk[5]; t2 = rk[6]; t3 = rk[7];</div><div class="line"><a name="l00512"></a><span class="lineno"> 512</span> </div><div class="line"><a name="l00513"></a><span class="lineno"> 513</span>  QUARTER_ROUND_E(s3, t0, t1, t2, t3)</div><div class="line"><a name="l00514"></a><span class="lineno"> 514</span>  QUARTER_ROUND_E(s2, t3, t0, t1, t2)</div><div class="line"><a name="l00515"></a><span class="lineno"> 515</span>  QUARTER_ROUND_E(s1, t2, t3, t0, t1)</div><div class="line"><a name="l00516"></a><span class="lineno"> 516</span>  QUARTER_ROUND_E(s0, t1, t2, t3, t0)</div><div class="line"><a name="l00517"></a><span class="lineno"> 517</span> </div><div class="line"><a name="l00518"></a><span class="lineno"> 518</span>  rk += 8;</div><div class="line"><a name="l00519"></a><span class="lineno"> 519</span>  } <span class="keywordflow">while</span> (--r);</div><div class="line"><a name="l00520"></a><span class="lineno"> 520</span> </div><div class="line"><a name="l00521"></a><span class="lineno"> 521</span>  word32 tbw[4];</div><div class="line"><a name="l00522"></a><span class="lineno"> 522</span>  byte *<span class="keyword">const</span> tempBlock = (byte *)tbw;</div><div class="line"><a name="l00523"></a><span class="lineno"> 523</span> </div><div class="line"><a name="l00524"></a><span class="lineno"> 524</span>  QUARTER_ROUND_LE(t2, 15, 2, 5, 8)</div><div class="line"><a name="l00525"></a><span class="lineno"> 525</span>  QUARTER_ROUND_LE(t1, 11, 14, 1, 4)</div><div class="line"><a name="l00526"></a><span class="lineno"> 526</span>  QUARTER_ROUND_LE(t0, 7, 10, 13, 0)</div><div class="line"><a name="l00527"></a><span class="lineno"> 527</span>  QUARTER_ROUND_LE(t3, 3, 6, 9, 12)</div><div class="line"><a name="l00528"></a><span class="lineno"> 528</span> </div><div class="line"><a name="l00529"></a><span class="lineno"> 529</span>  <a class="code" href="struct_block_get_and_put.html">Block</a>::Put(xorBlock, outBlock)(tbw[0]^rk[0])(tbw[1]^rk[1])(tbw[2]^rk[2])(tbw[3]^rk[3]);</div><div class="line"><a name="l00530"></a><span class="lineno"> 530</span> }</div><div class="line"><a name="l00531"></a><span class="lineno"> 531</span> </div><div class="line"><a name="l00532"></a><span class="lineno"> 532</span> <span class="keywordtype">void</span> <a class="code" href="class_rijndael.html">Rijndael</a>::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock)<span class="keyword"> const</span></div><div class="line"><a name="l00533"></a><span class="lineno"> 533</span> <span class="keyword"></span>{</div><div class="line"><a name="l00534"></a><span class="lineno"> 534</span> <span class="preprocessor">#if CRYPTOPP_AESNI_AVAILABLE</span></div><div class="line"><a name="l00535"></a><span class="lineno"> 535</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>())</div><div class="line"><a name="l00536"></a><span class="lineno"> 536</span>  {</div><div class="line"><a name="l00537"></a><span class="lineno"> 537</span>  (void)Rijndael::Dec::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00538"></a><span class="lineno"> 538</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00539"></a><span class="lineno"> 539</span>  }</div><div class="line"><a name="l00540"></a><span class="lineno"> 540</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00541"></a><span class="lineno"> 541</span> </div><div class="line"><a name="l00542"></a><span class="lineno"> 542</span> <span class="preprocessor">#if (CRYPTOPP_ARM_AES_AVAILABLE)</span></div><div class="line"><a name="l00543"></a><span class="lineno"> 543</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00544"></a><span class="lineno"> 544</span>  {</div><div class="line"><a name="l00545"></a><span class="lineno"> 545</span>  (void)Rijndael::Dec::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00546"></a><span class="lineno"> 546</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00547"></a><span class="lineno"> 547</span>  }</div><div class="line"><a name="l00548"></a><span class="lineno"> 548</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00549"></a><span class="lineno"> 549</span> </div><div class="line"><a name="l00550"></a><span class="lineno"> 550</span> <span class="preprocessor">#if (CRYPTOPP_POWER8_AES_AVAILABLE)</span></div><div class="line"><a name="l00551"></a><span class="lineno"> 551</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l00552"></a><span class="lineno"> 552</span>  {</div><div class="line"><a name="l00553"></a><span class="lineno"> 553</span>  (void)Rijndael::Dec::AdvancedProcessBlocks(inBlock, xorBlock, outBlock, 16, 0);</div><div class="line"><a name="l00554"></a><span class="lineno"> 554</span>  <span class="keywordflow">return</span>;</div><div class="line"><a name="l00555"></a><span class="lineno"> 555</span>  }</div><div class="line"><a name="l00556"></a><span class="lineno"> 556</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00557"></a><span class="lineno"> 557</span> </div><div class="line"><a name="l00558"></a><span class="lineno"> 558</span>  <span class="keyword">typedef</span> <a class="code" href="struct_block_get_and_put.html">BlockGetAndPut<word32, NativeByteOrder></a> <a class="code" href="struct_block_get_and_put.html">Block</a>;</div><div class="line"><a name="l00559"></a><span class="lineno"> 559</span> </div><div class="line"><a name="l00560"></a><span class="lineno"> 560</span>  word32 s0, s1, s2, s3, t0, t1, t2, t3;</div><div class="line"><a name="l00561"></a><span class="lineno"> 561</span>  Block::Get(inBlock)(s0)(s1)(s2)(s3);</div><div class="line"><a name="l00562"></a><span class="lineno"> 562</span> </div><div class="line"><a name="l00563"></a><span class="lineno"> 563</span>  <span class="keyword">const</span> word32 *rk = m_key;</div><div class="line"><a name="l00564"></a><span class="lineno"> 564</span>  s0 ^= rk[0];</div><div class="line"><a name="l00565"></a><span class="lineno"> 565</span>  s1 ^= rk[1];</div><div class="line"><a name="l00566"></a><span class="lineno"> 566</span>  s2 ^= rk[2];</div><div class="line"><a name="l00567"></a><span class="lineno"> 567</span>  s3 ^= rk[3];</div><div class="line"><a name="l00568"></a><span class="lineno"> 568</span>  t0 = rk[4];</div><div class="line"><a name="l00569"></a><span class="lineno"> 569</span>  t1 = rk[5];</div><div class="line"><a name="l00570"></a><span class="lineno"> 570</span>  t2 = rk[6];</div><div class="line"><a name="l00571"></a><span class="lineno"> 571</span>  t3 = rk[7];</div><div class="line"><a name="l00572"></a><span class="lineno"> 572</span>  rk += 8;</div><div class="line"><a name="l00573"></a><span class="lineno"> 573</span> </div><div class="line"><a name="l00574"></a><span class="lineno"> 574</span>  <span class="comment">// timing attack countermeasure. see comments at top for more details.</span></div><div class="line"><a name="l00575"></a><span class="lineno"> 575</span>  <span class="comment">// also see http://github.com/weidai11/cryptopp/issues/146</span></div><div class="line"><a name="l00576"></a><span class="lineno"> 576</span>  <span class="keyword">const</span> <span class="keywordtype">int</span> cacheLineSize = <a class="code" href="cpu_8h.html#a7c008779986afa9c0463b2bc8fe17042">GetCacheLineSize</a>();</div><div class="line"><a name="l00577"></a><span class="lineno"> 577</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> i;</div><div class="line"><a name="l00578"></a><span class="lineno"> 578</span>  <span class="keyword">volatile</span> word32 _u = 0;</div><div class="line"><a name="l00579"></a><span class="lineno"> 579</span>  word32 u = _u;</div><div class="line"><a name="l00580"></a><span class="lineno"> 580</span> <span class="preprocessor">#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)</span></div><div class="line"><a name="l00581"></a><span class="lineno"> 581</span>  <span class="keywordflow">for</span> (i=0; i<2048; i+=cacheLineSize)</div><div class="line"><a name="l00582"></a><span class="lineno"> 582</span> #<span class="keywordflow">else</span></div><div class="line"><a name="l00583"></a><span class="lineno"> 583</span>  <span class="keywordflow">for</span> (i=0; i<1024; i+=cacheLineSize)</div><div class="line"><a name="l00584"></a><span class="lineno"> 584</span> #endif</div><div class="line"><a name="l00585"></a><span class="lineno"> 585</span>  u &= *(<span class="keyword">const</span> word32 *)(<span class="keyword">const</span> <span class="keywordtype">void</span> *)(((<span class="keyword">const</span> byte *)Td)+i);</div><div class="line"><a name="l00586"></a><span class="lineno"> 586</span>  u &= Td[255];</div><div class="line"><a name="l00587"></a><span class="lineno"> 587</span>  s0 |= u; s1 |= u; s2 |= u; s3 |= u;</div><div class="line"><a name="l00588"></a><span class="lineno"> 588</span> </div><div class="line"><a name="l00589"></a><span class="lineno"> 589</span>  QUARTER_ROUND_FD(s3, t2, t1, t0, t3)</div><div class="line"><a name="l00590"></a><span class="lineno"> 590</span>  QUARTER_ROUND_FD(s2, t1, t0, t3, t2)</div><div class="line"><a name="l00591"></a><span class="lineno"> 591</span>  QUARTER_ROUND_FD(s1, t0, t3, t2, t1)</div><div class="line"><a name="l00592"></a><span class="lineno"> 592</span>  QUARTER_ROUND_FD(s0, t3, t2, t1, t0)</div><div class="line"><a name="l00593"></a><span class="lineno"> 593</span> </div><div class="line"><a name="l00594"></a><span class="lineno"> 594</span>  <span class="comment">// Nr - 2 full rounds:</span></div><div class="line"><a name="l00595"></a><span class="lineno"> 595</span>  <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> r = m_rounds/2 - 1;</div><div class="line"><a name="l00596"></a><span class="lineno"> 596</span>  <span class="keywordflow">do</span></div><div class="line"><a name="l00597"></a><span class="lineno"> 597</span>  {</div><div class="line"><a name="l00598"></a><span class="lineno"> 598</span>  s0 = rk[0]; s1 = rk[1]; s2 = rk[2]; s3 = rk[3];</div><div class="line"><a name="l00599"></a><span class="lineno"> 599</span> </div><div class="line"><a name="l00600"></a><span class="lineno"> 600</span>  QUARTER_ROUND_D(t3, s2, s1, s0, s3)</div><div class="line"><a name="l00601"></a><span class="lineno"> 601</span>  QUARTER_ROUND_D(t2, s1, s0, s3, s2)</div><div class="line"><a name="l00602"></a><span class="lineno"> 602</span>  QUARTER_ROUND_D(t1, s0, s3, s2, s1)</div><div class="line"><a name="l00603"></a><span class="lineno"> 603</span>  QUARTER_ROUND_D(t0, s3, s2, s1, s0)</div><div class="line"><a name="l00604"></a><span class="lineno"> 604</span> </div><div class="line"><a name="l00605"></a><span class="lineno"> 605</span>  t0 = rk[4]; t1 = rk[5]; t2 = rk[6]; t3 = rk[7];</div><div class="line"><a name="l00606"></a><span class="lineno"> 606</span> </div><div class="line"><a name="l00607"></a><span class="lineno"> 607</span>  QUARTER_ROUND_D(s3, t2, t1, t0, t3)</div><div class="line"><a name="l00608"></a><span class="lineno"> 608</span>  QUARTER_ROUND_D(s2, t1, t0, t3, t2)</div><div class="line"><a name="l00609"></a><span class="lineno"> 609</span>  QUARTER_ROUND_D(s1, t0, t3, t2, t1)</div><div class="line"><a name="l00610"></a><span class="lineno"> 610</span>  QUARTER_ROUND_D(s0, t3, t2, t1, t0)</div><div class="line"><a name="l00611"></a><span class="lineno"> 611</span> </div><div class="line"><a name="l00612"></a><span class="lineno"> 612</span>  rk += 8;</div><div class="line"><a name="l00613"></a><span class="lineno"> 613</span>  } <span class="keywordflow">while</span> (--r);</div><div class="line"><a name="l00614"></a><span class="lineno"> 614</span> </div><div class="line"><a name="l00615"></a><span class="lineno"> 615</span> <span class="preprocessor">#if !(defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS))</span></div><div class="line"><a name="l00616"></a><span class="lineno"> 616</span>  <span class="comment">// timing attack countermeasure. see comments at top for more details</span></div><div class="line"><a name="l00617"></a><span class="lineno"> 617</span>  <span class="comment">// If CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS is defined,</span></div><div class="line"><a name="l00618"></a><span class="lineno"> 618</span>  <span class="comment">// QUARTER_ROUND_LD will use Td, which is already preloaded.</span></div><div class="line"><a name="l00619"></a><span class="lineno"> 619</span>  u = _u;</div><div class="line"><a name="l00620"></a><span class="lineno"> 620</span>  <span class="keywordflow">for</span> (i=0; i<256; i+=cacheLineSize)</div><div class="line"><a name="l00621"></a><span class="lineno"> 621</span>  u &= *(<span class="keyword">const</span> word32 *)(<span class="keyword">const</span> <span class="keywordtype">void</span> *)(Sd+i);</div><div class="line"><a name="l00622"></a><span class="lineno"> 622</span>  u &= *(<span class="keyword">const</span> word32 *)(<span class="keyword">const</span> <span class="keywordtype">void</span> *)(Sd+252);</div><div class="line"><a name="l00623"></a><span class="lineno"> 623</span>  t0 |= u; t1 |= u; t2 |= u; t3 |= u;</div><div class="line"><a name="l00624"></a><span class="lineno"> 624</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00625"></a><span class="lineno"> 625</span> </div><div class="line"><a name="l00626"></a><span class="lineno"> 626</span>  word32 tbw[4];</div><div class="line"><a name="l00627"></a><span class="lineno"> 627</span>  byte *<span class="keyword">const</span> tempBlock = (byte *)tbw;</div><div class="line"><a name="l00628"></a><span class="lineno"> 628</span> </div><div class="line"><a name="l00629"></a><span class="lineno"> 629</span>  QUARTER_ROUND_LD(t2, 7, 2, 13, 8)</div><div class="line"><a name="l00630"></a><span class="lineno"> 630</span>  QUARTER_ROUND_LD(t1, 3, 14, 9, 4)</div><div class="line"><a name="l00631"></a><span class="lineno"> 631</span>  QUARTER_ROUND_LD(t0, 15, 10, 5, 0)</div><div class="line"><a name="l00632"></a><span class="lineno"> 632</span>  QUARTER_ROUND_LD(t3, 11, 6, 1, 12)</div><div class="line"><a name="l00633"></a><span class="lineno"> 633</span> </div><div class="line"><a name="l00634"></a><span class="lineno"> 634</span>  <a class="code" href="struct_block_get_and_put.html">Block</a>::Put(xorBlock, outBlock)(tbw[0]^rk[0])(tbw[1]^rk[1])(tbw[2]^rk[2])(tbw[3]^rk[3]);</div><div class="line"><a name="l00635"></a><span class="lineno"> 635</span> }</div><div class="line"><a name="l00636"></a><span class="lineno"> 636</span> </div><div class="line"><a name="l00637"></a><span class="lineno"> 637</span> <span class="comment">// ************************* Assembly Code ************************************</span></div><div class="line"><a name="l00638"></a><span class="lineno"> 638</span> </div><div class="line"><a name="l00639"></a><span class="lineno"> 639</span> <span class="preprocessor">#if CRYPTOPP_MSC_VERSION</span></div><div class="line"><a name="l00640"></a><span class="lineno"> 640</span> <span class="preprocessor"># pragma warning(disable: 4731) // frame pointer register 'ebp' modified by inline assembly code</span></div><div class="line"><a name="l00641"></a><span class="lineno"> 641</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00642"></a><span class="lineno"> 642</span> </div><div class="line"><a name="l00643"></a><span class="lineno"> 643</span> <span class="preprocessor">#endif // #ifndef CRYPTOPP_GENERATE_X64_MASM</span></div><div class="line"><a name="l00644"></a><span class="lineno"> 644</span> </div><div class="line"><a name="l00645"></a><span class="lineno"> 645</span> <span class="preprocessor">#if CRYPTOPP_SSE2_ASM_AVAILABLE && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)</span></div><div class="line"><a name="l00646"></a><span class="lineno"> 646</span> </div><div class="line"><a name="l00647"></a><span class="lineno"> 647</span> CRYPTOPP_NAKED <span class="keywordtype">void</span> CRYPTOPP_FASTCALL Rijndael_Enc_AdvancedProcessBlocks(<span class="keywordtype">void</span> *locals, <span class="keyword">const</span> word32 *k)</div><div class="line"><a name="l00648"></a><span class="lineno"> 648</span> {</div><div class="line"><a name="l00649"></a><span class="lineno"> 649</span>  CRYPTOPP_UNUSED(locals); CRYPTOPP_UNUSED(k);</div><div class="line"><a name="l00650"></a><span class="lineno"> 650</span> </div><div class="line"><a name="l00651"></a><span class="lineno"> 651</span> <span class="preprocessor">#if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</span></div><div class="line"><a name="l00652"></a><span class="lineno"> 652</span> </div><div class="line"><a name="l00653"></a><span class="lineno"> 653</span> <span class="preprocessor">#define L_REG esp</span></div><div class="line"><a name="l00654"></a><span class="lineno"> 654</span> <span class="preprocessor">#define L_INDEX(i) (L_REG+768+i)</span></div><div class="line"><a name="l00655"></a><span class="lineno"> 655</span> <span class="preprocessor">#define L_INXORBLOCKS L_INBLOCKS+4</span></div><div class="line"><a name="l00656"></a><span class="lineno"> 656</span> <span class="preprocessor">#define L_OUTXORBLOCKS L_INBLOCKS+8</span></div><div class="line"><a name="l00657"></a><span class="lineno"> 657</span> <span class="preprocessor">#define L_OUTBLOCKS L_INBLOCKS+12</span></div><div class="line"><a name="l00658"></a><span class="lineno"> 658</span> <span class="preprocessor">#define L_INCREMENTS L_INDEX(16*15)</span></div><div class="line"><a name="l00659"></a><span class="lineno"> 659</span> <span class="preprocessor">#define L_SP L_INDEX(16*16)</span></div><div class="line"><a name="l00660"></a><span class="lineno"> 660</span> <span class="preprocessor">#define L_LENGTH L_INDEX(16*16+4)</span></div><div class="line"><a name="l00661"></a><span class="lineno"> 661</span> <span class="preprocessor">#define L_KEYS_BEGIN L_INDEX(16*16+8)</span></div><div class="line"><a name="l00662"></a><span class="lineno"> 662</span> </div><div class="line"><a name="l00663"></a><span class="lineno"> 663</span> <span class="preprocessor">#define MOVD movd</span></div><div class="line"><a name="l00664"></a><span class="lineno"> 664</span> <span class="preprocessor">#define MM(i) mm##i</span></div><div class="line"><a name="l00665"></a><span class="lineno"> 665</span> </div><div class="line"><a name="l00666"></a><span class="lineno"> 666</span> <span class="preprocessor">#define MXOR(a,b,c) \</span></div><div class="line"><a name="l00667"></a><span class="lineno"> 667</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00668"></a><span class="lineno"> 668</span> <span class="preprocessor"> AS2( movd mm7, DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00669"></a><span class="lineno"> 669</span> <span class="preprocessor"> AS2( pxor MM(a), mm7)\</span></div><div class="line"><a name="l00670"></a><span class="lineno"> 670</span> <span class="preprocessor"></span></div><div class="line"><a name="l00671"></a><span class="lineno"> 671</span> <span class="preprocessor">#define MMOV(a,b,c) \</span></div><div class="line"><a name="l00672"></a><span class="lineno"> 672</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00673"></a><span class="lineno"> 673</span> <span class="preprocessor"> AS2( movd MM(a), DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00674"></a><span class="lineno"> 674</span> <span class="preprocessor"></span></div><div class="line"><a name="l00675"></a><span class="lineno"> 675</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00676"></a><span class="lineno"> 676</span> </div><div class="line"><a name="l00677"></a><span class="lineno"> 677</span> <span class="preprocessor">#define L_REG r8</span></div><div class="line"><a name="l00678"></a><span class="lineno"> 678</span> <span class="preprocessor">#define L_INDEX(i) (L_REG+i)</span></div><div class="line"><a name="l00679"></a><span class="lineno"> 679</span> <span class="preprocessor">#define L_INXORBLOCKS L_INBLOCKS+8</span></div><div class="line"><a name="l00680"></a><span class="lineno"> 680</span> <span class="preprocessor">#define L_OUTXORBLOCKS L_INBLOCKS+16</span></div><div class="line"><a name="l00681"></a><span class="lineno"> 681</span> <span class="preprocessor">#define L_OUTBLOCKS L_INBLOCKS+24</span></div><div class="line"><a name="l00682"></a><span class="lineno"> 682</span> <span class="preprocessor">#define L_INCREMENTS L_INDEX(16*16)</span></div><div class="line"><a name="l00683"></a><span class="lineno"> 683</span> <span class="preprocessor">#define L_LENGTH L_INDEX(16*18+8)</span></div><div class="line"><a name="l00684"></a><span class="lineno"> 684</span> <span class="preprocessor">#define L_KEYS_BEGIN L_INDEX(16*19)</span></div><div class="line"><a name="l00685"></a><span class="lineno"> 685</span> </div><div class="line"><a name="l00686"></a><span class="lineno"> 686</span> <span class="preprocessor">#define MOVD mov</span></div><div class="line"><a name="l00687"></a><span class="lineno"> 687</span> <span class="preprocessor">#define MM_0 r9d</span></div><div class="line"><a name="l00688"></a><span class="lineno"> 688</span> <span class="preprocessor">#define MM_1 r12d</span></div><div class="line"><a name="l00689"></a><span class="lineno"> 689</span> <span class="preprocessor">#ifdef __GNUC__</span></div><div class="line"><a name="l00690"></a><span class="lineno"> 690</span> <span class="preprocessor">#define MM_2 r11d</span></div><div class="line"><a name="l00691"></a><span class="lineno"> 691</span> <span class="preprocessor">#else</span></div><div class="line"><a name="l00692"></a><span class="lineno"> 692</span> <span class="preprocessor">#define MM_2 r10d</span></div><div class="line"><a name="l00693"></a><span class="lineno"> 693</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00694"></a><span class="lineno"> 694</span> <span class="preprocessor">#define MM(i) MM_##i</span></div><div class="line"><a name="l00695"></a><span class="lineno"> 695</span> </div><div class="line"><a name="l00696"></a><span class="lineno"> 696</span> <span class="preprocessor">#define MXOR(a,b,c) \</span></div><div class="line"><a name="l00697"></a><span class="lineno"> 697</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00698"></a><span class="lineno"> 698</span> <span class="preprocessor"> AS2( xor MM(a), DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00699"></a><span class="lineno"> 699</span> <span class="preprocessor"></span></div><div class="line"><a name="l00700"></a><span class="lineno"> 700</span> <span class="preprocessor">#define MMOV(a,b,c) \</span></div><div class="line"><a name="l00701"></a><span class="lineno"> 701</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00702"></a><span class="lineno"> 702</span> <span class="preprocessor"> AS2( mov MM(a), DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00703"></a><span class="lineno"> 703</span> <span class="preprocessor"></span></div><div class="line"><a name="l00704"></a><span class="lineno"> 704</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l00705"></a><span class="lineno"> 705</span> </div><div class="line"><a name="l00706"></a><span class="lineno"> 706</span> <span class="preprocessor">#define L_SUBKEYS L_INDEX(0)</span></div><div class="line"><a name="l00707"></a><span class="lineno"> 707</span> <span class="preprocessor">#define L_SAVED_X L_SUBKEYS</span></div><div class="line"><a name="l00708"></a><span class="lineno"> 708</span> <span class="preprocessor">#define L_KEY12 L_INDEX(16*12)</span></div><div class="line"><a name="l00709"></a><span class="lineno"> 709</span> <span class="preprocessor">#define L_LASTROUND L_INDEX(16*13)</span></div><div class="line"><a name="l00710"></a><span class="lineno"> 710</span> <span class="preprocessor">#define L_INBLOCKS L_INDEX(16*14)</span></div><div class="line"><a name="l00711"></a><span class="lineno"> 711</span> <span class="preprocessor">#define MAP0TO4(i) (ASM_MOD(i+3,4)+1)</span></div><div class="line"><a name="l00712"></a><span class="lineno"> 712</span> </div><div class="line"><a name="l00713"></a><span class="lineno"> 713</span> <span class="preprocessor">#define XOR(a,b,c) \</span></div><div class="line"><a name="l00714"></a><span class="lineno"> 714</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00715"></a><span class="lineno"> 715</span> <span class="preprocessor"> AS2( xor a, DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00716"></a><span class="lineno"> 716</span> <span class="preprocessor"></span></div><div class="line"><a name="l00717"></a><span class="lineno"> 717</span> <span class="preprocessor">#define MOV(a,b,c) \</span></div><div class="line"><a name="l00718"></a><span class="lineno"> 718</span> <span class="preprocessor"> AS2( movzx esi, b)\</span></div><div class="line"><a name="l00719"></a><span class="lineno"> 719</span> <span class="preprocessor"> AS2( mov a, DWORD PTR [AS_REG_7+8*WORD_REG(si)+MAP0TO4(c)])\</span></div><div class="line"><a name="l00720"></a><span class="lineno"> 720</span> <span class="preprocessor"></span></div><div class="line"><a name="l00721"></a><span class="lineno"> 721</span> <span class="preprocessor">#ifdef CRYPTOPP_GENERATE_X64_MASM</span></div><div class="line"><a name="l00722"></a><span class="lineno"> 722</span>  ALIGN 8</div><div class="line"><a name="l00723"></a><span class="lineno"> 723</span>  Rijndael_Enc_AdvancedProcessBlocks PROC FRAME</div><div class="line"><a name="l00724"></a><span class="lineno"> 724</span>  rex_push_reg rsi</div><div class="line"><a name="l00725"></a><span class="lineno"> 725</span>  push_reg rdi</div><div class="line"><a name="l00726"></a><span class="lineno"> 726</span>  push_reg rbx</div><div class="line"><a name="l00727"></a><span class="lineno"> 727</span>  push_reg r12</div><div class="line"><a name="l00728"></a><span class="lineno"> 728</span>  .endprolog</div><div class="line"><a name="l00729"></a><span class="lineno"> 729</span>  mov L_REG, rcx</div><div class="line"><a name="l00730"></a><span class="lineno"> 730</span>  mov AS_REG_7, ?Te@rdtable@<a class="code" href="namespace_crypto_p_p.html">CryptoPP</a>@@3PA_KA</div><div class="line"><a name="l00731"></a><span class="lineno"> 731</span>  mov edi, DWORD PTR [?g_cacheLineSize@<a class="code" href="namespace_crypto_p_p.html">CryptoPP</a>@@3IA]</div><div class="line"><a name="l00732"></a><span class="lineno"> 732</span> <span class="preprocessor">#elif defined(__GNUC__)</span></div><div class="line"><a name="l00733"></a><span class="lineno"> 733</span>  __asm__ __volatile__</div><div class="line"><a name="l00734"></a><span class="lineno"> 734</span>  (</div><div class="line"><a name="l00735"></a><span class="lineno"> 735</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00736"></a><span class="lineno"> 736</span>  #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64</div><div class="line"><a name="l00737"></a><span class="lineno"> 737</span>  AS2( mov L_REG, rcx)</div><div class="line"><a name="l00738"></a><span class="lineno"> 738</span>  #endif</div><div class="line"><a name="l00739"></a><span class="lineno"> 739</span>  AS_PUSH_IF86(bx)</div><div class="line"><a name="l00740"></a><span class="lineno"> 740</span>  AS_PUSH_IF86(bp)</div><div class="line"><a name="l00741"></a><span class="lineno"> 741</span>  AS2( mov AS_REG_7, WORD_REG(si))</div><div class="line"><a name="l00742"></a><span class="lineno"> 742</span> #<span class="keywordflow">else</span></div><div class="line"><a name="l00743"></a><span class="lineno"> 743</span>  AS_PUSH_IF86(si)</div><div class="line"><a name="l00744"></a><span class="lineno"> 744</span>  AS_PUSH_IF86(di)</div><div class="line"><a name="l00745"></a><span class="lineno"> 745</span>  AS_PUSH_IF86(bx)</div><div class="line"><a name="l00746"></a><span class="lineno"> 746</span>  AS_PUSH_IF86(bp)</div><div class="line"><a name="l00747"></a><span class="lineno"> 747</span>  AS2( lea AS_REG_7, [Te])</div><div class="line"><a name="l00748"></a><span class="lineno"> 748</span>  AS2( mov edi, [g_cacheLineSize])</div><div class="line"><a name="l00749"></a><span class="lineno"> 749</span> #endif</div><div class="line"><a name="l00750"></a><span class="lineno"> 750</span> </div><div class="line"><a name="l00751"></a><span class="lineno"> 751</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</div><div class="line"><a name="l00752"></a><span class="lineno"> 752</span>  AS2( mov [ecx+16*12+16*4], esp) <span class="comment">// save esp to L_SP</span></div><div class="line"><a name="l00753"></a><span class="lineno"> 753</span>  AS2( lea esp, [ecx-768])</div><div class="line"><a name="l00754"></a><span class="lineno"> 754</span> #endif</div><div class="line"><a name="l00755"></a><span class="lineno"> 755</span> </div><div class="line"><a name="l00756"></a><span class="lineno"> 756</span>  <span class="comment">// copy subkeys to stack</span></div><div class="line"><a name="l00757"></a><span class="lineno"> 757</span>  AS2( mov WORD_REG(si), [L_KEYS_BEGIN])</div><div class="line"><a name="l00758"></a><span class="lineno"> 758</span>  AS2( mov WORD_REG(ax), 16)</div><div class="line"><a name="l00759"></a><span class="lineno"> 759</span>  AS2( and WORD_REG(ax), WORD_REG(si))</div><div class="line"><a name="l00760"></a><span class="lineno"> 760</span>  AS2( movdqa xmm3, XMMWORD_PTR [WORD_REG(dx)+16+WORD_REG(ax)]) <span class="comment">// subkey 1 (non-counter) or 2 (counter)</span></div><div class="line"><a name="l00761"></a><span class="lineno"> 761</span>  AS2( movdqa [L_KEY12], xmm3)</div><div class="line"><a name="l00762"></a><span class="lineno"> 762</span>  AS2( lea WORD_REG(ax), [WORD_REG(dx)+WORD_REG(ax)+2*16])</div><div class="line"><a name="l00763"></a><span class="lineno"> 763</span>  AS2( sub WORD_REG(ax), WORD_REG(si))</div><div class="line"><a name="l00764"></a><span class="lineno"> 764</span>  ASL(0)</div><div class="line"><a name="l00765"></a><span class="lineno"> 765</span>  AS2( movdqa xmm0, [WORD_REG(ax)+WORD_REG(si)])</div><div class="line"><a name="l00766"></a><span class="lineno"> 766</span>  AS2( movdqa XMMWORD_PTR [L_SUBKEYS+WORD_REG(si)], xmm0)</div><div class="line"><a name="l00767"></a><span class="lineno"> 767</span>  AS2( add WORD_REG(si), 16)</div><div class="line"><a name="l00768"></a><span class="lineno"> 768</span>  AS2( cmp WORD_REG(si), 16*12)</div><div class="line"><a name="l00769"></a><span class="lineno"> 769</span>  ATT_NOPREFIX</div><div class="line"><a name="l00770"></a><span class="lineno"> 770</span>  ASJ( jl, 0, b)</div><div class="line"><a name="l00771"></a><span class="lineno"> 771</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00772"></a><span class="lineno"> 772</span> </div><div class="line"><a name="l00773"></a><span class="lineno"> 773</span>  <span class="comment">// read subkeys 0, 1 and last</span></div><div class="line"><a name="l00774"></a><span class="lineno"> 774</span>  AS2( movdqa xmm4, [WORD_REG(ax)+WORD_REG(si)]) <span class="comment">// last subkey</span></div><div class="line"><a name="l00775"></a><span class="lineno"> 775</span>  AS2( movdqa xmm1, [WORD_REG(dx)]) <span class="comment">// subkey 0</span></div><div class="line"><a name="l00776"></a><span class="lineno"> 776</span>  AS2( MOVD MM(1), [WORD_REG(dx)+4*4]) <span class="comment">// 0,1,2,3</span></div><div class="line"><a name="l00777"></a><span class="lineno"> 777</span>  AS2( mov ebx, [WORD_REG(dx)+5*4]) <span class="comment">// 4,5,6,7</span></div><div class="line"><a name="l00778"></a><span class="lineno"> 778</span>  AS2( mov ecx, [WORD_REG(dx)+6*4]) <span class="comment">// 8,9,10,11</span></div><div class="line"><a name="l00779"></a><span class="lineno"> 779</span>  AS2( mov edx, [WORD_REG(dx)+7*4]) <span class="comment">// 12,13,14,15</span></div><div class="line"><a name="l00780"></a><span class="lineno"> 780</span> </div><div class="line"><a name="l00781"></a><span class="lineno"> 781</span>  <span class="comment">// load table into cache</span></div><div class="line"><a name="l00782"></a><span class="lineno"> 782</span>  AS2( xor WORD_REG(ax), WORD_REG(ax))</div><div class="line"><a name="l00783"></a><span class="lineno"> 783</span>  ASL(9)</div><div class="line"><a name="l00784"></a><span class="lineno"> 784</span>  AS2( mov esi, [AS_REG_7+WORD_REG(ax)])</div><div class="line"><a name="l00785"></a><span class="lineno"> 785</span>  AS2( add WORD_REG(ax), WORD_REG(di))</div><div class="line"><a name="l00786"></a><span class="lineno"> 786</span>  AS2( mov esi, [AS_REG_7+WORD_REG(ax)])</div><div class="line"><a name="l00787"></a><span class="lineno"> 787</span>  AS2( add WORD_REG(ax), WORD_REG(di))</div><div class="line"><a name="l00788"></a><span class="lineno"> 788</span>  AS2( mov esi, [AS_REG_7+WORD_REG(ax)])</div><div class="line"><a name="l00789"></a><span class="lineno"> 789</span>  AS2( add WORD_REG(ax), WORD_REG(di))</div><div class="line"><a name="l00790"></a><span class="lineno"> 790</span>  AS2( mov esi, [AS_REG_7+WORD_REG(ax)])</div><div class="line"><a name="l00791"></a><span class="lineno"> 791</span>  AS2( add WORD_REG(ax), WORD_REG(di))</div><div class="line"><a name="l00792"></a><span class="lineno"> 792</span>  AS2( cmp WORD_REG(ax), 2048)</div><div class="line"><a name="l00793"></a><span class="lineno"> 793</span>  ATT_NOPREFIX</div><div class="line"><a name="l00794"></a><span class="lineno"> 794</span>  ASJ( jl, 9, b)</div><div class="line"><a name="l00795"></a><span class="lineno"> 795</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00796"></a><span class="lineno"> 796</span>  AS1( lfence)</div><div class="line"><a name="l00797"></a><span class="lineno"> 797</span> </div><div class="line"><a name="l00798"></a><span class="lineno"> 798</span>  AS2( test DWORD PTR [L_LENGTH], 1)</div><div class="line"><a name="l00799"></a><span class="lineno"> 799</span>  ATT_NOPREFIX</div><div class="line"><a name="l00800"></a><span class="lineno"> 800</span>  ASJ( jz, 8, f)</div><div class="line"><a name="l00801"></a><span class="lineno"> 801</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00802"></a><span class="lineno"> 802</span> </div><div class="line"><a name="l00803"></a><span class="lineno"> 803</span>  <span class="comment">// counter mode one-time setup</span></div><div class="line"><a name="l00804"></a><span class="lineno"> 804</span>  AS2( mov WORD_REG(si), [L_INBLOCKS])</div><div class="line"><a name="l00805"></a><span class="lineno"> 805</span>  AS2( movdqu xmm2, [WORD_REG(si)]) <span class="comment">// counter</span></div><div class="line"><a name="l00806"></a><span class="lineno"> 806</span>  AS2( pxor xmm2, xmm1)</div><div class="line"><a name="l00807"></a><span class="lineno"> 807</span>  AS2( psrldq xmm1, 14)</div><div class="line"><a name="l00808"></a><span class="lineno"> 808</span>  AS2( movd eax, xmm1)</div><div class="line"><a name="l00809"></a><span class="lineno"> 809</span>  AS2( mov al, BYTE PTR [WORD_REG(si)+15])</div><div class="line"><a name="l00810"></a><span class="lineno"> 810</span>  AS2( MOVD MM(2), eax)</div><div class="line"><a name="l00811"></a><span class="lineno"> 811</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</div><div class="line"><a name="l00812"></a><span class="lineno"> 812</span>  AS2( mov eax, 1)</div><div class="line"><a name="l00813"></a><span class="lineno"> 813</span>  AS2( movd mm3, eax)</div><div class="line"><a name="l00814"></a><span class="lineno"> 814</span> #endif</div><div class="line"><a name="l00815"></a><span class="lineno"> 815</span> </div><div class="line"><a name="l00816"></a><span class="lineno"> 816</span>  <span class="comment">// partial first round, in: xmm2(15,14,13,12;11,10,9,8;7,6,5,4;3,2,1,0), out: mm1, ebx, ecx, edx</span></div><div class="line"><a name="l00817"></a><span class="lineno"> 817</span>  AS2( movd eax, xmm2)</div><div class="line"><a name="l00818"></a><span class="lineno"> 818</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00819"></a><span class="lineno"> 819</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00820"></a><span class="lineno"> 820</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00821"></a><span class="lineno"> 821</span>  MXOR( 1, al, 0) <span class="comment">// 0</span></div><div class="line"><a name="l00822"></a><span class="lineno"> 822</span>  XOR( edx, ah, 1) <span class="comment">// 1</span></div><div class="line"><a name="l00823"></a><span class="lineno"> 823</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00824"></a><span class="lineno"> 824</span>  XOR( ecx, al, 2) <span class="comment">// 2</span></div><div class="line"><a name="l00825"></a><span class="lineno"> 825</span>  XOR( ebx, ah, 3) <span class="comment">// 3</span></div><div class="line"><a name="l00826"></a><span class="lineno"> 826</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00827"></a><span class="lineno"> 827</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00828"></a><span class="lineno"> 828</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00829"></a><span class="lineno"> 829</span>  XOR( ebx, al, 0) <span class="comment">// 4</span></div><div class="line"><a name="l00830"></a><span class="lineno"> 830</span>  MXOR( 1, ah, 1) <span class="comment">// 5</span></div><div class="line"><a name="l00831"></a><span class="lineno"> 831</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00832"></a><span class="lineno"> 832</span>  XOR( edx, al, 2) <span class="comment">// 6</span></div><div class="line"><a name="l00833"></a><span class="lineno"> 833</span>  XOR( ecx, ah, 3) <span class="comment">// 7</span></div><div class="line"><a name="l00834"></a><span class="lineno"> 834</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00835"></a><span class="lineno"> 835</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00836"></a><span class="lineno"> 836</span>  XOR( ecx, al, 0) <span class="comment">// 8</span></div><div class="line"><a name="l00837"></a><span class="lineno"> 837</span>  XOR( ebx, ah, 1) <span class="comment">// 9</span></div><div class="line"><a name="l00838"></a><span class="lineno"> 838</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00839"></a><span class="lineno"> 839</span>  MXOR( 1, al, 2) <span class="comment">// 10</span></div><div class="line"><a name="l00840"></a><span class="lineno"> 840</span>  XOR( edx, ah, 3) <span class="comment">// 11</span></div><div class="line"><a name="l00841"></a><span class="lineno"> 841</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00842"></a><span class="lineno"> 842</span>  XOR( edx, al, 0) <span class="comment">// 12</span></div><div class="line"><a name="l00843"></a><span class="lineno"> 843</span>  XOR( ecx, ah, 1) <span class="comment">// 13</span></div><div class="line"><a name="l00844"></a><span class="lineno"> 844</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00845"></a><span class="lineno"> 845</span>  XOR( ebx, al, 2) <span class="comment">// 14</span></div><div class="line"><a name="l00846"></a><span class="lineno"> 846</span>  AS2( psrldq xmm2, 3)</div><div class="line"><a name="l00847"></a><span class="lineno"> 847</span> </div><div class="line"><a name="l00848"></a><span class="lineno"> 848</span>  <span class="comment">// partial second round, in: ebx(4,5,6,7), ecx(8,9,10,11), edx(12,13,14,15), out: eax, ebx, edi, mm0</span></div><div class="line"><a name="l00849"></a><span class="lineno"> 849</span>  AS2( mov eax, [L_KEY12+0*4])</div><div class="line"><a name="l00850"></a><span class="lineno"> 850</span>  AS2( mov edi, [L_KEY12+2*4])</div><div class="line"><a name="l00851"></a><span class="lineno"> 851</span>  AS2( MOVD MM(0), [L_KEY12+3*4])</div><div class="line"><a name="l00852"></a><span class="lineno"> 852</span>  MXOR( 0, cl, 3) <span class="comment">/* 11 */</span></div><div class="line"><a name="l00853"></a><span class="lineno"> 853</span>  XOR( edi, bl, 3) <span class="comment">/* 7 */</span></div><div class="line"><a name="l00854"></a><span class="lineno"> 854</span>  MXOR( 0, bh, 2) <span class="comment">/* 6 */</span></div><div class="line"><a name="l00855"></a><span class="lineno"> 855</span>  AS2( shr ebx, 16) <span class="comment">/* 4,5 */</span></div><div class="line"><a name="l00856"></a><span class="lineno"> 856</span>  XOR( eax, bl, 1) <span class="comment">/* 5 */</span></div><div class="line"><a name="l00857"></a><span class="lineno"> 857</span>  MOV( ebx, bh, 0) <span class="comment">/* 4 */</span></div><div class="line"><a name="l00858"></a><span class="lineno"> 858</span>  AS2( xor ebx, [L_KEY12+1*4])</div><div class="line"><a name="l00859"></a><span class="lineno"> 859</span>  XOR( eax, ch, 2) <span class="comment">/* 10 */</span></div><div class="line"><a name="l00860"></a><span class="lineno"> 860</span>  AS2( shr ecx, 16) <span class="comment">/* 8,9 */</span></div><div class="line"><a name="l00861"></a><span class="lineno"> 861</span>  XOR( eax, dl, 3) <span class="comment">/* 15 */</span></div><div class="line"><a name="l00862"></a><span class="lineno"> 862</span>  XOR( ebx, dh, 2) <span class="comment">/* 14 */</span></div><div class="line"><a name="l00863"></a><span class="lineno"> 863</span>  AS2( shr edx, 16) <span class="comment">/* 12,13 */</span></div><div class="line"><a name="l00864"></a><span class="lineno"> 864</span>  XOR( edi, ch, 0) <span class="comment">/* 8 */</span></div><div class="line"><a name="l00865"></a><span class="lineno"> 865</span>  XOR( ebx, cl, 1) <span class="comment">/* 9 */</span></div><div class="line"><a name="l00866"></a><span class="lineno"> 866</span>  XOR( edi, dl, 1) <span class="comment">/* 13 */</span></div><div class="line"><a name="l00867"></a><span class="lineno"> 867</span>  MXOR( 0, dh, 0) <span class="comment">/* 12 */</span></div><div class="line"><a name="l00868"></a><span class="lineno"> 868</span> </div><div class="line"><a name="l00869"></a><span class="lineno"> 869</span>  AS2( movd ecx, xmm2)</div><div class="line"><a name="l00870"></a><span class="lineno"> 870</span>  AS2( MOVD edx, MM(1))</div><div class="line"><a name="l00871"></a><span class="lineno"> 871</span>  AS2( MOVD [L_SAVED_X+3*4], MM(0))</div><div class="line"><a name="l00872"></a><span class="lineno"> 872</span>  AS2( mov [L_SAVED_X+0*4], eax)</div><div class="line"><a name="l00873"></a><span class="lineno"> 873</span>  AS2( mov [L_SAVED_X+1*4], ebx)</div><div class="line"><a name="l00874"></a><span class="lineno"> 874</span>  AS2( mov [L_SAVED_X+2*4], edi)</div><div class="line"><a name="l00875"></a><span class="lineno"> 875</span>  ATT_NOPREFIX</div><div class="line"><a name="l00876"></a><span class="lineno"> 876</span>  ASJ( jmp, 5, f)</div><div class="line"><a name="l00877"></a><span class="lineno"> 877</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00878"></a><span class="lineno"> 878</span>  ASL(3)</div><div class="line"><a name="l00879"></a><span class="lineno"> 879</span>  <span class="comment">// non-counter mode per-block setup</span></div><div class="line"><a name="l00880"></a><span class="lineno"> 880</span>  AS2( MOVD MM(1), [L_KEY12+0*4]) <span class="comment">// 0,1,2,3</span></div><div class="line"><a name="l00881"></a><span class="lineno"> 881</span>  AS2( mov ebx, [L_KEY12+1*4]) <span class="comment">// 4,5,6,7</span></div><div class="line"><a name="l00882"></a><span class="lineno"> 882</span>  AS2( mov ecx, [L_KEY12+2*4]) <span class="comment">// 8,9,10,11</span></div><div class="line"><a name="l00883"></a><span class="lineno"> 883</span>  AS2( mov edx, [L_KEY12+3*4]) <span class="comment">// 12,13,14,15</span></div><div class="line"><a name="l00884"></a><span class="lineno"> 884</span>  ASL(8)</div><div class="line"><a name="l00885"></a><span class="lineno"> 885</span>  AS2( mov WORD_REG(ax), [L_INBLOCKS])</div><div class="line"><a name="l00886"></a><span class="lineno"> 886</span>  AS2( movdqu xmm2, [WORD_REG(ax)])</div><div class="line"><a name="l00887"></a><span class="lineno"> 887</span>  AS2( mov WORD_REG(si), [L_INXORBLOCKS])</div><div class="line"><a name="l00888"></a><span class="lineno"> 888</span>  AS2( movdqu xmm5, [WORD_REG(si)])</div><div class="line"><a name="l00889"></a><span class="lineno"> 889</span>  AS2( pxor xmm2, xmm1)</div><div class="line"><a name="l00890"></a><span class="lineno"> 890</span>  AS2( pxor xmm2, xmm5)</div><div class="line"><a name="l00891"></a><span class="lineno"> 891</span> </div><div class="line"><a name="l00892"></a><span class="lineno"> 892</span>  <span class="comment">// first round, in: xmm2(15,14,13,12;11,10,9,8;7,6,5,4;3,2,1,0), out: eax, ebx, ecx, edx</span></div><div class="line"><a name="l00893"></a><span class="lineno"> 893</span>  AS2( movd eax, xmm2)</div><div class="line"><a name="l00894"></a><span class="lineno"> 894</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00895"></a><span class="lineno"> 895</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00896"></a><span class="lineno"> 896</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00897"></a><span class="lineno"> 897</span>  MXOR( 1, al, 0) <span class="comment">// 0</span></div><div class="line"><a name="l00898"></a><span class="lineno"> 898</span>  XOR( edx, ah, 1) <span class="comment">// 1</span></div><div class="line"><a name="l00899"></a><span class="lineno"> 899</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00900"></a><span class="lineno"> 900</span>  XOR( ecx, al, 2) <span class="comment">// 2</span></div><div class="line"><a name="l00901"></a><span class="lineno"> 901</span>  XOR( ebx, ah, 3) <span class="comment">// 3</span></div><div class="line"><a name="l00902"></a><span class="lineno"> 902</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00903"></a><span class="lineno"> 903</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00904"></a><span class="lineno"> 904</span>  AS2( psrldq xmm2, 4)</div><div class="line"><a name="l00905"></a><span class="lineno"> 905</span>  XOR( ebx, al, 0) <span class="comment">// 4</span></div><div class="line"><a name="l00906"></a><span class="lineno"> 906</span>  MXOR( 1, ah, 1) <span class="comment">// 5</span></div><div class="line"><a name="l00907"></a><span class="lineno"> 907</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00908"></a><span class="lineno"> 908</span>  XOR( edx, al, 2) <span class="comment">// 6</span></div><div class="line"><a name="l00909"></a><span class="lineno"> 909</span>  XOR( ecx, ah, 3) <span class="comment">// 7</span></div><div class="line"><a name="l00910"></a><span class="lineno"> 910</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00911"></a><span class="lineno"> 911</span>  AS2( movd edi, xmm2)</div><div class="line"><a name="l00912"></a><span class="lineno"> 912</span>  XOR( ecx, al, 0) <span class="comment">// 8</span></div><div class="line"><a name="l00913"></a><span class="lineno"> 913</span>  XOR( ebx, ah, 1) <span class="comment">// 9</span></div><div class="line"><a name="l00914"></a><span class="lineno"> 914</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00915"></a><span class="lineno"> 915</span>  MXOR( 1, al, 2) <span class="comment">// 10</span></div><div class="line"><a name="l00916"></a><span class="lineno"> 916</span>  XOR( edx, ah, 3) <span class="comment">// 11</span></div><div class="line"><a name="l00917"></a><span class="lineno"> 917</span>  AS2( mov eax, edi)</div><div class="line"><a name="l00918"></a><span class="lineno"> 918</span>  XOR( edx, al, 0) <span class="comment">// 12</span></div><div class="line"><a name="l00919"></a><span class="lineno"> 919</span>  XOR( ecx, ah, 1) <span class="comment">// 13</span></div><div class="line"><a name="l00920"></a><span class="lineno"> 920</span>  AS2( shr eax, 16)</div><div class="line"><a name="l00921"></a><span class="lineno"> 921</span>  XOR( ebx, al, 2) <span class="comment">// 14</span></div><div class="line"><a name="l00922"></a><span class="lineno"> 922</span>  MXOR( 1, ah, 3) <span class="comment">// 15</span></div><div class="line"><a name="l00923"></a><span class="lineno"> 923</span>  AS2( MOVD eax, MM(1))</div><div class="line"><a name="l00924"></a><span class="lineno"> 924</span> </div><div class="line"><a name="l00925"></a><span class="lineno"> 925</span>  AS2( add L_REG, [L_KEYS_BEGIN])</div><div class="line"><a name="l00926"></a><span class="lineno"> 926</span>  AS2( add L_REG, 4*16)</div><div class="line"><a name="l00927"></a><span class="lineno"> 927</span>  ATT_NOPREFIX</div><div class="line"><a name="l00928"></a><span class="lineno"> 928</span>  ASJ( jmp, 2, f)</div><div class="line"><a name="l00929"></a><span class="lineno"> 929</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00930"></a><span class="lineno"> 930</span>  ASL(1)</div><div class="line"><a name="l00931"></a><span class="lineno"> 931</span>  <span class="comment">// counter-mode per-block setup</span></div><div class="line"><a name="l00932"></a><span class="lineno"> 932</span>  AS2( MOVD ecx, MM(2))</div><div class="line"><a name="l00933"></a><span class="lineno"> 933</span>  AS2( MOVD edx, MM(1))</div><div class="line"><a name="l00934"></a><span class="lineno"> 934</span>  AS2( mov eax, [L_SAVED_X+0*4])</div><div class="line"><a name="l00935"></a><span class="lineno"> 935</span>  AS2( mov ebx, [L_SAVED_X+1*4])</div><div class="line"><a name="l00936"></a><span class="lineno"> 936</span>  AS2( xor cl, ch)</div><div class="line"><a name="l00937"></a><span class="lineno"> 937</span>  AS2( and WORD_REG(cx), 255)</div><div class="line"><a name="l00938"></a><span class="lineno"> 938</span>  ASL(5)</div><div class="line"><a name="l00939"></a><span class="lineno"> 939</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</div><div class="line"><a name="l00940"></a><span class="lineno"> 940</span>  AS2( paddb MM(2), mm3)</div><div class="line"><a name="l00941"></a><span class="lineno"> 941</span> #<span class="keywordflow">else</span></div><div class="line"><a name="l00942"></a><span class="lineno"> 942</span>  AS2( add MM(2), 1)</div><div class="line"><a name="l00943"></a><span class="lineno"> 943</span> #endif</div><div class="line"><a name="l00944"></a><span class="lineno"> 944</span>  <span class="comment">// remaining part of second round, in: edx(previous round),esi(keyed counter byte) eax,ebx,[L_SAVED_X+2*4],[L_SAVED_X+3*4], out: eax,ebx,ecx,edx</span></div><div class="line"><a name="l00945"></a><span class="lineno"> 945</span>  AS2( xor edx, DWORD PTR [AS_REG_7+WORD_REG(cx)*8+3])</div><div class="line"><a name="l00946"></a><span class="lineno"> 946</span>  XOR( ebx, dl, 3)</div><div class="line"><a name="l00947"></a><span class="lineno"> 947</span>  MOV( ecx, dh, 2)</div><div class="line"><a name="l00948"></a><span class="lineno"> 948</span>  AS2( shr edx, 16)</div><div class="line"><a name="l00949"></a><span class="lineno"> 949</span>  AS2( xor ecx, [L_SAVED_X+2*4])</div><div class="line"><a name="l00950"></a><span class="lineno"> 950</span>  XOR( eax, dh, 0)</div><div class="line"><a name="l00951"></a><span class="lineno"> 951</span>  MOV( edx, dl, 1)</div><div class="line"><a name="l00952"></a><span class="lineno"> 952</span>  AS2( xor edx, [L_SAVED_X+3*4])</div><div class="line"><a name="l00953"></a><span class="lineno"> 953</span> </div><div class="line"><a name="l00954"></a><span class="lineno"> 954</span>  AS2( add L_REG, [L_KEYS_BEGIN])</div><div class="line"><a name="l00955"></a><span class="lineno"> 955</span>  AS2( add L_REG, 3*16)</div><div class="line"><a name="l00956"></a><span class="lineno"> 956</span>  ATT_NOPREFIX</div><div class="line"><a name="l00957"></a><span class="lineno"> 957</span>  ASJ( jmp, 4, f)</div><div class="line"><a name="l00958"></a><span class="lineno"> 958</span>  INTEL_NOPREFIX</div><div class="line"><a name="l00959"></a><span class="lineno"> 959</span> </div><div class="line"><a name="l00960"></a><span class="lineno"> 960</span> <span class="comment">// in: eax(0,1,2,3), ebx(4,5,6,7), ecx(8,9,10,11), edx(12,13,14,15)</span></div><div class="line"><a name="l00961"></a><span class="lineno"> 961</span> <span class="comment">// out: eax, ebx, edi, mm0</span></div><div class="line"><a name="l00962"></a><span class="lineno"> 962</span> #define ROUND() \</div><div class="line"><a name="l00963"></a><span class="lineno"> 963</span>  MXOR( 0, cl, 3) <span class="comment">/* 11 */</span>\</div><div class="line"><a name="l00964"></a><span class="lineno"> 964</span>  AS2( mov cl, al) <span class="comment">/* 8,9,10,3 */</span>\</div><div class="line"><a name="l00965"></a><span class="lineno"> 965</span>  XOR( edi, ah, 2) <span class="comment">/* 2 */</span>\</div><div class="line"><a name="l00966"></a><span class="lineno"> 966</span>  AS2( shr eax, 16) <span class="comment">/* 0,1 */</span>\</div><div class="line"><a name="l00967"></a><span class="lineno"> 967</span>  XOR( edi, bl, 3) <span class="comment">/* 7 */</span>\</div><div class="line"><a name="l00968"></a><span class="lineno"> 968</span>  MXOR( 0, bh, 2) <span class="comment">/* 6 */</span>\</div><div class="line"><a name="l00969"></a><span class="lineno"> 969</span>  AS2( shr ebx, 16) <span class="comment">/* 4,5 */</span>\</div><div class="line"><a name="l00970"></a><span class="lineno"> 970</span>  MXOR( 0, al, 1) <span class="comment">/* 1 */</span>\</div><div class="line"><a name="l00971"></a><span class="lineno"> 971</span>  MOV( eax, ah, 0) <span class="comment">/* 0 */</span>\</div><div class="line"><a name="l00972"></a><span class="lineno"> 972</span>  XOR( eax, bl, 1) <span class="comment">/* 5 */</span>\</div><div class="line"><a name="l00973"></a><span class="lineno"> 973</span>  MOV( ebx, bh, 0) <span class="comment">/* 4 */</span>\</div><div class="line"><a name="l00974"></a><span class="lineno"> 974</span>  XOR( eax, ch, 2) <span class="comment">/* 10 */</span>\</div><div class="line"><a name="l00975"></a><span class="lineno"> 975</span>  XOR( ebx, cl, 3) <span class="comment">/* 3 */</span>\</div><div class="line"><a name="l00976"></a><span class="lineno"> 976</span>  AS2( shr ecx, 16) <span class="comment">/* 8,9 */</span>\</div><div class="line"><a name="l00977"></a><span class="lineno"> 977</span>  XOR( eax, dl, 3) <span class="comment">/* 15 */</span>\</div><div class="line"><a name="l00978"></a><span class="lineno"> 978</span>  XOR( ebx, dh, 2) <span class="comment">/* 14 */</span>\</div><div class="line"><a name="l00979"></a><span class="lineno"> 979</span>  AS2( shr edx, 16) <span class="comment">/* 12,13 */</span>\</div><div class="line"><a name="l00980"></a><span class="lineno"> 980</span>  XOR( edi, ch, 0) <span class="comment">/* 8 */</span>\</div><div class="line"><a name="l00981"></a><span class="lineno"> 981</span>  XOR( ebx, cl, 1) <span class="comment">/* 9 */</span>\</div><div class="line"><a name="l00982"></a><span class="lineno"> 982</span>  XOR( edi, dl, 1) <span class="comment">/* 13 */</span>\</div><div class="line"><a name="l00983"></a><span class="lineno"> 983</span>  MXOR( 0, dh, 0) <span class="comment">/* 12 */</span>\</div><div class="line"><a name="l00984"></a><span class="lineno"> 984</span> </div><div class="line"><a name="l00985"></a><span class="lineno"> 985</span>  ASL(2) <span class="comment">// 2-round loop</span></div><div class="line"><a name="l00986"></a><span class="lineno"> 986</span>  AS2( MOVD MM(0), [L_SUBKEYS-4*16+3*4])</div><div class="line"><a name="l00987"></a><span class="lineno"> 987</span>  AS2( mov edi, [L_SUBKEYS-4*16+2*4])</div><div class="line"><a name="l00988"></a><span class="lineno"> 988</span>  ROUND()</div><div class="line"><a name="l00989"></a><span class="lineno"> 989</span>  AS2( mov ecx, edi)</div><div class="line"><a name="l00990"></a><span class="lineno"> 990</span>  AS2( xor eax, [L_SUBKEYS-4*16+0*4])</div><div class="line"><a name="l00991"></a><span class="lineno"> 991</span>  AS2( xor ebx, [L_SUBKEYS-4*16+1*4])</div><div class="line"><a name="l00992"></a><span class="lineno"> 992</span>  AS2( MOVD edx, MM(0))</div><div class="line"><a name="l00993"></a><span class="lineno"> 993</span> </div><div class="line"><a name="l00994"></a><span class="lineno"> 994</span>  ASL(4)</div><div class="line"><a name="l00995"></a><span class="lineno"> 995</span>  AS2( MOVD MM(0), [L_SUBKEYS-4*16+7*4])</div><div class="line"><a name="l00996"></a><span class="lineno"> 996</span>  AS2( mov edi, [L_SUBKEYS-4*16+6*4])</div><div class="line"><a name="l00997"></a><span class="lineno"> 997</span>  ROUND()</div><div class="line"><a name="l00998"></a><span class="lineno"> 998</span>  AS2( mov ecx, edi)</div><div class="line"><a name="l00999"></a><span class="lineno"> 999</span>  AS2( xor eax, [L_SUBKEYS-4*16+4*4])</div><div class="line"><a name="l01000"></a><span class="lineno"> 1000</span>  AS2( xor ebx, [L_SUBKEYS-4*16+5*4])</div><div class="line"><a name="l01001"></a><span class="lineno"> 1001</span>  AS2( MOVD edx, MM(0))</div><div class="line"><a name="l01002"></a><span class="lineno"> 1002</span> </div><div class="line"><a name="l01003"></a><span class="lineno"> 1003</span>  AS2( add L_REG, 32)</div><div class="line"><a name="l01004"></a><span class="lineno"> 1004</span>  AS2( test L_REG, 255)</div><div class="line"><a name="l01005"></a><span class="lineno"> 1005</span>  ATT_NOPREFIX</div><div class="line"><a name="l01006"></a><span class="lineno"> 1006</span>  ASJ( jnz, 2, b)</div><div class="line"><a name="l01007"></a><span class="lineno"> 1007</span>  INTEL_NOPREFIX</div><div class="line"><a name="l01008"></a><span class="lineno"> 1008</span>  AS2( sub L_REG, 16*16)</div><div class="line"><a name="l01009"></a><span class="lineno"> 1009</span> </div><div class="line"><a name="l01010"></a><span class="lineno"> 1010</span> #define LAST(a, b, c) \</div><div class="line"><a name="l01011"></a><span class="lineno"> 1011</span>  AS2( movzx esi, a )\</div><div class="line"><a name="l01012"></a><span class="lineno"> 1012</span>  AS2( movzx edi, BYTE PTR [AS_REG_7+WORD_REG(si)*8+1] )\</div><div class="line"><a name="l01013"></a><span class="lineno"> 1013</span>  AS2( movzx esi, b )\</div><div class="line"><a name="l01014"></a><span class="lineno"> 1014</span>  AS2( xor edi, DWORD PTR [AS_REG_7+WORD_REG(si)*8+0] )\</div><div class="line"><a name="l01015"></a><span class="lineno"> 1015</span>  AS2( mov WORD PTR [L_LASTROUND+c], di )\</div><div class="line"><a name="l01016"></a><span class="lineno"> 1016</span> </div><div class="line"><a name="l01017"></a><span class="lineno"> 1017</span>  <span class="comment">// last round</span></div><div class="line"><a name="l01018"></a><span class="lineno"> 1018</span>  LAST(ch, dl, 2)</div><div class="line"><a name="l01019"></a><span class="lineno"> 1019</span>  LAST(dh, al, 6)</div><div class="line"><a name="l01020"></a><span class="lineno"> 1020</span>  AS2( shr edx, 16)</div><div class="line"><a name="l01021"></a><span class="lineno"> 1021</span>  LAST(ah, bl, 10)</div><div class="line"><a name="l01022"></a><span class="lineno"> 1022</span>  AS2( shr eax, 16)</div><div class="line"><a name="l01023"></a><span class="lineno"> 1023</span>  LAST(bh, cl, 14)</div><div class="line"><a name="l01024"></a><span class="lineno"> 1024</span>  AS2( shr ebx, 16)</div><div class="line"><a name="l01025"></a><span class="lineno"> 1025</span>  LAST(dh, al, 12)</div><div class="line"><a name="l01026"></a><span class="lineno"> 1026</span>  AS2( shr ecx, 16)</div><div class="line"><a name="l01027"></a><span class="lineno"> 1027</span>  LAST(ah, bl, 0)</div><div class="line"><a name="l01028"></a><span class="lineno"> 1028</span>  LAST(bh, cl, 4)</div><div class="line"><a name="l01029"></a><span class="lineno"> 1029</span>  LAST(ch, dl, 8)</div><div class="line"><a name="l01030"></a><span class="lineno"> 1030</span> </div><div class="line"><a name="l01031"></a><span class="lineno"> 1031</span>  AS2( mov WORD_REG(ax), [L_OUTXORBLOCKS])</div><div class="line"><a name="l01032"></a><span class="lineno"> 1032</span>  AS2( mov WORD_REG(bx), [L_OUTBLOCKS])</div><div class="line"><a name="l01033"></a><span class="lineno"> 1033</span> </div><div class="line"><a name="l01034"></a><span class="lineno"> 1034</span>  AS2( mov WORD_REG(cx), [L_LENGTH])</div><div class="line"><a name="l01035"></a><span class="lineno"> 1035</span>  AS2( sub WORD_REG(cx), 16)</div><div class="line"><a name="l01036"></a><span class="lineno"> 1036</span> </div><div class="line"><a name="l01037"></a><span class="lineno"> 1037</span>  AS2( movdqu xmm2, [WORD_REG(ax)])</div><div class="line"><a name="l01038"></a><span class="lineno"> 1038</span>  AS2( pxor xmm2, xmm4)</div><div class="line"><a name="l01039"></a><span class="lineno"> 1039</span> </div><div class="line"><a name="l01040"></a><span class="lineno"> 1040</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</div><div class="line"><a name="l01041"></a><span class="lineno"> 1041</span>  AS2( movdqa xmm0, [L_INCREMENTS])</div><div class="line"><a name="l01042"></a><span class="lineno"> 1042</span>  AS2( paddd xmm0, [L_INBLOCKS])</div><div class="line"><a name="l01043"></a><span class="lineno"> 1043</span>  AS2( movdqa [L_INBLOCKS], xmm0)</div><div class="line"><a name="l01044"></a><span class="lineno"> 1044</span> #<span class="keywordflow">else</span></div><div class="line"><a name="l01045"></a><span class="lineno"> 1045</span>  AS2( movdqa xmm0, [L_INCREMENTS+16])</div><div class="line"><a name="l01046"></a><span class="lineno"> 1046</span>  AS2( paddq xmm0, [L_INBLOCKS+16])</div><div class="line"><a name="l01047"></a><span class="lineno"> 1047</span>  AS2( movdqa [L_INBLOCKS+16], xmm0)</div><div class="line"><a name="l01048"></a><span class="lineno"> 1048</span> #endif</div><div class="line"><a name="l01049"></a><span class="lineno"> 1049</span> </div><div class="line"><a name="l01050"></a><span class="lineno"> 1050</span>  AS2( pxor xmm2, [L_LASTROUND])</div><div class="line"><a name="l01051"></a><span class="lineno"> 1051</span>  AS2( movdqu [WORD_REG(bx)], xmm2)</div><div class="line"><a name="l01052"></a><span class="lineno"> 1052</span> </div><div class="line"><a name="l01053"></a><span class="lineno"> 1053</span>  ATT_NOPREFIX</div><div class="line"><a name="l01054"></a><span class="lineno"> 1054</span>  ASJ( jle, 7, f)</div><div class="line"><a name="l01055"></a><span class="lineno"> 1055</span>  INTEL_NOPREFIX</div><div class="line"><a name="l01056"></a><span class="lineno"> 1056</span>  AS2( mov [L_LENGTH], WORD_REG(cx))</div><div class="line"><a name="l01057"></a><span class="lineno"> 1057</span>  AS2( test WORD_REG(cx), 1)</div><div class="line"><a name="l01058"></a><span class="lineno"> 1058</span>  ATT_NOPREFIX</div><div class="line"><a name="l01059"></a><span class="lineno"> 1059</span>  ASJ( jnz, 1, b)</div><div class="line"><a name="l01060"></a><span class="lineno"> 1060</span>  INTEL_NOPREFIX</div><div class="line"><a name="l01061"></a><span class="lineno"> 1061</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64</div><div class="line"><a name="l01062"></a><span class="lineno"> 1062</span>  AS2( movdqa xmm0, [L_INCREMENTS])</div><div class="line"><a name="l01063"></a><span class="lineno"> 1063</span>  AS2( paddq xmm0, [L_INBLOCKS])</div><div class="line"><a name="l01064"></a><span class="lineno"> 1064</span>  AS2( movdqa [L_INBLOCKS], xmm0)</div><div class="line"><a name="l01065"></a><span class="lineno"> 1065</span> #endif</div><div class="line"><a name="l01066"></a><span class="lineno"> 1066</span>  ATT_NOPREFIX</div><div class="line"><a name="l01067"></a><span class="lineno"> 1067</span>  ASJ( jmp, 3, b)</div><div class="line"><a name="l01068"></a><span class="lineno"> 1068</span>  INTEL_NOPREFIX</div><div class="line"><a name="l01069"></a><span class="lineno"> 1069</span> </div><div class="line"><a name="l01070"></a><span class="lineno"> 1070</span>  ASL(7)</div><div class="line"><a name="l01071"></a><span class="lineno"> 1071</span>  <span class="comment">// erase keys on stack</span></div><div class="line"><a name="l01072"></a><span class="lineno"> 1072</span>  AS2( xorps xmm0, xmm0)</div><div class="line"><a name="l01073"></a><span class="lineno"> 1073</span>  AS2( lea WORD_REG(ax), [L_SUBKEYS+7*16])</div><div class="line"><a name="l01074"></a><span class="lineno"> 1074</span>  AS2( movaps [WORD_REG(ax)-7*16], xmm0)</div><div class="line"><a name="l01075"></a><span class="lineno"> 1075</span>  AS2( movaps [WORD_REG(ax)-6*16], xmm0)</div><div class="line"><a name="l01076"></a><span class="lineno"> 1076</span>  AS2( movaps [WORD_REG(ax)-5*16], xmm0)</div><div class="line"><a name="l01077"></a><span class="lineno"> 1077</span>  AS2( movaps [WORD_REG(ax)-4*16], xmm0)</div><div class="line"><a name="l01078"></a><span class="lineno"> 1078</span>  AS2( movaps [WORD_REG(ax)-3*16], xmm0)</div><div class="line"><a name="l01079"></a><span class="lineno"> 1079</span>  AS2( movaps [WORD_REG(ax)-2*16], xmm0)</div><div class="line"><a name="l01080"></a><span class="lineno"> 1080</span>  AS2( movaps [WORD_REG(ax)-1*16], xmm0)</div><div class="line"><a name="l01081"></a><span class="lineno"> 1081</span>  AS2( movaps [WORD_REG(ax)+0*16], xmm0)</div><div class="line"><a name="l01082"></a><span class="lineno"> 1082</span>  AS2( movaps [WORD_REG(ax)+1*16], xmm0)</div><div class="line"><a name="l01083"></a><span class="lineno"> 1083</span>  AS2( movaps [WORD_REG(ax)+2*16], xmm0)</div><div class="line"><a name="l01084"></a><span class="lineno"> 1084</span>  AS2( movaps [WORD_REG(ax)+3*16], xmm0)</div><div class="line"><a name="l01085"></a><span class="lineno"> 1085</span>  AS2( movaps [WORD_REG(ax)+4*16], xmm0)</div><div class="line"><a name="l01086"></a><span class="lineno"> 1086</span>  AS2( movaps [WORD_REG(ax)+5*16], xmm0)</div><div class="line"><a name="l01087"></a><span class="lineno"> 1087</span>  AS2( movaps [WORD_REG(ax)+6*16], xmm0)</div><div class="line"><a name="l01088"></a><span class="lineno"> 1088</span> #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32</div><div class="line"><a name="l01089"></a><span class="lineno"> 1089</span>  AS2( mov esp, [L_SP])</div><div class="line"><a name="l01090"></a><span class="lineno"> 1090</span>  AS1( emms)</div><div class="line"><a name="l01091"></a><span class="lineno"> 1091</span> #endif</div><div class="line"><a name="l01092"></a><span class="lineno"> 1092</span>  AS_POP_IF86(bp)</div><div class="line"><a name="l01093"></a><span class="lineno"> 1093</span>  AS_POP_IF86(bx)</div><div class="line"><a name="l01094"></a><span class="lineno"> 1094</span> #<span class="keywordflow">if</span> defined(_MSC_VER) && CRYPTOPP_BOOL_X86</div><div class="line"><a name="l01095"></a><span class="lineno"> 1095</span>  AS_POP_IF86(di)</div><div class="line"><a name="l01096"></a><span class="lineno"> 1096</span>  AS_POP_IF86(si)</div><div class="line"><a name="l01097"></a><span class="lineno"> 1097</span>  AS1(ret)</div><div class="line"><a name="l01098"></a><span class="lineno"> 1098</span> #endif</div><div class="line"><a name="l01099"></a><span class="lineno"> 1099</span> #ifdef CRYPTOPP_GENERATE_X64_MASM</div><div class="line"><a name="l01100"></a><span class="lineno"> 1100</span>  pop r12</div><div class="line"><a name="l01101"></a><span class="lineno"> 1101</span>  pop rbx</div><div class="line"><a name="l01102"></a><span class="lineno"> 1102</span>  pop rdi</div><div class="line"><a name="l01103"></a><span class="lineno"> 1103</span>  pop rsi</div><div class="line"><a name="l01104"></a><span class="lineno"> 1104</span>  ret</div><div class="line"><a name="l01105"></a><span class="lineno"> 1105</span>  Rijndael_Enc_AdvancedProcessBlocks ENDP</div><div class="line"><a name="l01106"></a><span class="lineno"> 1106</span> #endif</div><div class="line"><a name="l01107"></a><span class="lineno"> 1107</span> #ifdef __GNUC__</div><div class="line"><a name="l01108"></a><span class="lineno"> 1108</span>  ATT_PREFIX</div><div class="line"><a name="l01109"></a><span class="lineno"> 1109</span>  :</div><div class="line"><a name="l01110"></a><span class="lineno"> 1110</span>  : <span class="stringliteral">"c"</span> (locals), <span class="stringliteral">"d"</span> (k), <span class="stringliteral">"S"</span> (Te), <span class="stringliteral">"D"</span> (g_cacheLineSize)</div><div class="line"><a name="l01111"></a><span class="lineno"> 1111</span>  : <span class="stringliteral">"memory"</span>, <span class="stringliteral">"cc"</span>, <span class="stringliteral">"%eax"</span></div><div class="line"><a name="l01112"></a><span class="lineno"> 1112</span>  #<span class="keywordflow">if</span> CRYPTOPP_BOOL_X64</div><div class="line"><a name="l01113"></a><span class="lineno"> 1113</span>  , <span class="stringliteral">"%rbx"</span>, <span class="stringliteral">"%r8"</span>, <span class="stringliteral">"%r9"</span>, <span class="stringliteral">"%r10"</span>, <span class="stringliteral">"%r11"</span>, <span class="stringliteral">"%r12"</span></div><div class="line"><a name="l01114"></a><span class="lineno"> 1114</span>  #endif</div><div class="line"><a name="l01115"></a><span class="lineno"> 1115</span>  );</div><div class="line"><a name="l01116"></a><span class="lineno"> 1116</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01117"></a><span class="lineno"> 1117</span> }</div><div class="line"><a name="l01118"></a><span class="lineno"> 1118</span> </div><div class="line"><a name="l01119"></a><span class="lineno"> 1119</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01120"></a><span class="lineno"> 1120</span> </div><div class="line"><a name="l01121"></a><span class="lineno"> 1121</span> <span class="preprocessor">#ifndef CRYPTOPP_GENERATE_X64_MASM</span></div><div class="line"><a name="l01122"></a><span class="lineno"> 1122</span> </div><div class="line"><a name="l01123"></a><span class="lineno"> 1123</span> <span class="preprocessor">#ifdef CRYPTOPP_X64_MASM_AVAILABLE</span></div><div class="line"><a name="l01124"></a><span class="lineno"> 1124</span> <span class="keyword">extern</span> <span class="stringliteral">"C"</span> {</div><div class="line"><a name="l01125"></a><span class="lineno"> 1125</span> <span class="keywordtype">void</span> Rijndael_Enc_AdvancedProcessBlocks(<span class="keywordtype">void</span> *locals, <span class="keyword">const</span> word32 *k);</div><div class="line"><a name="l01126"></a><span class="lineno"> 1126</span> }</div><div class="line"><a name="l01127"></a><span class="lineno"> 1127</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01128"></a><span class="lineno"> 1128</span> </div><div class="line"><a name="l01129"></a><span class="lineno"> 1129</span> <span class="preprocessor">#if CRYPTOPP_RIJNDAEL_ADVANCED_PROCESS_BLOCKS</span></div><div class="line"><a name="l01130"></a><span class="lineno"> 1130</span> <span class="keywordtype">size_t</span> Rijndael::Enc::AdvancedProcessBlocks(<span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags)<span class="keyword"> const</span></div><div class="line"><a name="l01131"></a><span class="lineno"> 1131</span> <span class="keyword"></span>{</div><div class="line"><a name="l01132"></a><span class="lineno"> 1132</span> <span class="preprocessor">#if CRYPTOPP_AESNI_AVAILABLE</span></div><div class="line"><a name="l01133"></a><span class="lineno"> 1133</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>())</div><div class="line"><a name="l01134"></a><span class="lineno"> 1134</span>  <span class="keywordflow">return</span> Rijndael_Enc_AdvancedProcessBlocks_AESNI(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01135"></a><span class="lineno"> 1135</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01136"></a><span class="lineno"> 1136</span> <span class="preprocessor">#if CRYPTOPP_ARM_AES_AVAILABLE</span></div><div class="line"><a name="l01137"></a><span class="lineno"> 1137</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l01138"></a><span class="lineno"> 1138</span>  <span class="keywordflow">return</span> Rijndael_Enc_AdvancedProcessBlocks_ARMV8(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01139"></a><span class="lineno"> 1139</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01140"></a><span class="lineno"> 1140</span> <span class="preprocessor">#if CRYPTOPP_POWER8_AES_AVAILABLE</span></div><div class="line"><a name="l01141"></a><span class="lineno"> 1141</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l01142"></a><span class="lineno"> 1142</span>  <span class="keywordflow">return</span> Rijndael_Enc_AdvancedProcessBlocks128_6x1_ALTIVEC(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01143"></a><span class="lineno"> 1143</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01144"></a><span class="lineno"> 1144</span> </div><div class="line"><a name="l01145"></a><span class="lineno"> 1145</span> <span class="preprocessor">#if (CRYPTOPP_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)</span></div><div class="line"><a name="l01146"></a><span class="lineno"> 1146</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a962fa16f6d3a8a518912b39c3ea84062">HasSSE2</a>())</div><div class="line"><a name="l01147"></a><span class="lineno"> 1147</span>  {</div><div class="line"><a name="l01148"></a><span class="lineno"> 1148</span>  <span class="keywordflow">if</span> (length < BLOCKSIZE)</div><div class="line"><a name="l01149"></a><span class="lineno"> 1149</span>  <span class="keywordflow">return</span> length;</div><div class="line"><a name="l01150"></a><span class="lineno"> 1150</span> </div><div class="line"><a name="l01151"></a><span class="lineno"> 1151</span>  <span class="keyword">static</span> <span class="keyword">const</span> byte *zeros = (<span class="keyword">const</span> byte*)(Te+256);</div><div class="line"><a name="l01152"></a><span class="lineno"> 1152</span>  m_aliasBlock.SetMark(m_aliasBlock.size());</div><div class="line"><a name="l01153"></a><span class="lineno"> 1153</span>  byte *space = NULLPTR, *originalSpace = <span class="keyword">const_cast<</span>byte*<span class="keyword">></span>(m_aliasBlock.data());</div><div class="line"><a name="l01154"></a><span class="lineno"> 1154</span> </div><div class="line"><a name="l01155"></a><span class="lineno"> 1155</span>  <span class="comment">// round up to nearest 256 byte boundary</span></div><div class="line"><a name="l01156"></a><span class="lineno"> 1156</span>  space = originalSpace + (s_aliasBlockSize - (uintptr_t)originalSpace % s_aliasBlockSize) % s_aliasBlockSize;</div><div class="line"><a name="l01157"></a><span class="lineno"> 1157</span>  <span class="keywordflow">while</span> (AliasedWithTable(space, space + <span class="keyword">sizeof</span>(Locals)))</div><div class="line"><a name="l01158"></a><span class="lineno"> 1158</span>  {</div><div class="line"><a name="l01159"></a><span class="lineno"> 1159</span>  space += 256;</div><div class="line"><a name="l01160"></a><span class="lineno"> 1160</span>  <a class="code" href="trap_8h.html#adf3b392588bc94cbeae9f415a78c7b95">CRYPTOPP_ASSERT</a>(space < (originalSpace + s_aliasPageSize));</div><div class="line"><a name="l01161"></a><span class="lineno"> 1161</span>  }</div><div class="line"><a name="l01162"></a><span class="lineno"> 1162</span> </div><div class="line"><a name="l01163"></a><span class="lineno"> 1163</span>  <span class="keywordtype">size_t</span> increment = BLOCKSIZE;</div><div class="line"><a name="l01164"></a><span class="lineno"> 1164</span>  <span class="keywordflow">if</span> (flags & BT_ReverseDirection)</div><div class="line"><a name="l01165"></a><span class="lineno"> 1165</span>  {</div><div class="line"><a name="l01166"></a><span class="lineno"> 1166</span>  <a class="code" href="trap_8h.html#adf3b392588bc94cbeae9f415a78c7b95">CRYPTOPP_ASSERT</a>(length % BLOCKSIZE == 0);</div><div class="line"><a name="l01167"></a><span class="lineno"> 1167</span>  inBlocks += length - BLOCKSIZE;</div><div class="line"><a name="l01168"></a><span class="lineno"> 1168</span>  xorBlocks += length - BLOCKSIZE;</div><div class="line"><a name="l01169"></a><span class="lineno"> 1169</span>  outBlocks += length - BLOCKSIZE;</div><div class="line"><a name="l01170"></a><span class="lineno"> 1170</span>  increment = 0-increment;</div><div class="line"><a name="l01171"></a><span class="lineno"> 1171</span>  }</div><div class="line"><a name="l01172"></a><span class="lineno"> 1172</span> </div><div class="line"><a name="l01173"></a><span class="lineno"> 1173</span>  Locals &locals = *(Locals *)(<span class="keywordtype">void</span> *)space;</div><div class="line"><a name="l01174"></a><span class="lineno"> 1174</span> </div><div class="line"><a name="l01175"></a><span class="lineno"> 1175</span>  locals.inBlocks = inBlocks;</div><div class="line"><a name="l01176"></a><span class="lineno"> 1176</span>  locals.inXorBlocks = (flags & BT_XorInput) && xorBlocks ? xorBlocks : zeros;</div><div class="line"><a name="l01177"></a><span class="lineno"> 1177</span>  locals.outXorBlocks = (flags & BT_XorInput) || !xorBlocks ? zeros : xorBlocks;</div><div class="line"><a name="l01178"></a><span class="lineno"> 1178</span>  locals.outBlocks = outBlocks;</div><div class="line"><a name="l01179"></a><span class="lineno"> 1179</span> </div><div class="line"><a name="l01180"></a><span class="lineno"> 1180</span>  locals.inIncrement = (flags & BT_DontIncrementInOutPointers) ? 0 : increment;</div><div class="line"><a name="l01181"></a><span class="lineno"> 1181</span>  locals.inXorIncrement = (flags & BT_XorInput) && xorBlocks ? increment : 0;</div><div class="line"><a name="l01182"></a><span class="lineno"> 1182</span>  locals.outXorIncrement = (flags & BT_XorInput) || !xorBlocks ? 0 : increment;</div><div class="line"><a name="l01183"></a><span class="lineno"> 1183</span>  locals.outIncrement = (flags & BT_DontIncrementInOutPointers) ? 0 : increment;</div><div class="line"><a name="l01184"></a><span class="lineno"> 1184</span> </div><div class="line"><a name="l01185"></a><span class="lineno"> 1185</span>  locals.lengthAndCounterFlag = length - (length%16) - <span class="keywordtype">bool</span>(flags & BT_InBlockIsCounter);</div><div class="line"><a name="l01186"></a><span class="lineno"> 1186</span>  <span class="keywordtype">int</span> keysToCopy = m_rounds - (flags & BT_InBlockIsCounter ? 3 : 2);</div><div class="line"><a name="l01187"></a><span class="lineno"> 1187</span>  locals.keysBegin = (12-keysToCopy)*16;</div><div class="line"><a name="l01188"></a><span class="lineno"> 1188</span> </div><div class="line"><a name="l01189"></a><span class="lineno"> 1189</span>  Rijndael_Enc_AdvancedProcessBlocks(&locals, m_key);</div><div class="line"><a name="l01190"></a><span class="lineno"> 1190</span> </div><div class="line"><a name="l01191"></a><span class="lineno"> 1191</span>  <span class="keywordflow">return</span> length % BLOCKSIZE;</div><div class="line"><a name="l01192"></a><span class="lineno"> 1192</span>  }</div><div class="line"><a name="l01193"></a><span class="lineno"> 1193</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01194"></a><span class="lineno"> 1194</span> </div><div class="line"><a name="l01195"></a><span class="lineno"> 1195</span>  <span class="keywordflow">return</span> <a class="code" href="class_block_transformation.html#a73ad0afb596da5f7e1f26ddf47394afb">BlockTransformation::AdvancedProcessBlocks</a>(inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01196"></a><span class="lineno"> 1196</span> }</div><div class="line"><a name="l01197"></a><span class="lineno"> 1197</span> </div><div class="line"><a name="l01198"></a><span class="lineno"> 1198</span> <span class="keywordtype">size_t</span> Rijndael::Dec::AdvancedProcessBlocks(<span class="keyword">const</span> byte *inBlocks, <span class="keyword">const</span> byte *xorBlocks, byte *outBlocks, <span class="keywordtype">size_t</span> length, word32 flags)<span class="keyword"> const</span></div><div class="line"><a name="l01199"></a><span class="lineno"> 1199</span> <span class="keyword"></span>{</div><div class="line"><a name="l01200"></a><span class="lineno"> 1200</span> <span class="preprocessor">#if CRYPTOPP_AESNI_AVAILABLE</span></div><div class="line"><a name="l01201"></a><span class="lineno"> 1201</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a>())</div><div class="line"><a name="l01202"></a><span class="lineno"> 1202</span>  <span class="keywordflow">return</span> Rijndael_Dec_AdvancedProcessBlocks_AESNI(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01203"></a><span class="lineno"> 1203</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01204"></a><span class="lineno"> 1204</span> <span class="preprocessor">#if CRYPTOPP_ARM_AES_AVAILABLE</span></div><div class="line"><a name="l01205"></a><span class="lineno"> 1205</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l01206"></a><span class="lineno"> 1206</span>  <span class="keywordflow">return</span> Rijndael_Dec_AdvancedProcessBlocks_ARMV8(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01207"></a><span class="lineno"> 1207</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01208"></a><span class="lineno"> 1208</span> <span class="preprocessor">#if CRYPTOPP_POWER8_AES_AVAILABLE</span></div><div class="line"><a name="l01209"></a><span class="lineno"> 1209</span>  <span class="keywordflow">if</span> (<a class="code" href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a>())</div><div class="line"><a name="l01210"></a><span class="lineno"> 1210</span>  <span class="keywordflow">return</span> Rijndael_Dec_AdvancedProcessBlocks128_6x1_ALTIVEC(m_key, m_rounds, inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01211"></a><span class="lineno"> 1211</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01212"></a><span class="lineno"> 1212</span> </div><div class="line"><a name="l01213"></a><span class="lineno"> 1213</span>  <span class="keywordflow">return</span> <a class="code" href="class_block_transformation.html#a73ad0afb596da5f7e1f26ddf47394afb">BlockTransformation::AdvancedProcessBlocks</a>(inBlocks, xorBlocks, outBlocks, length, flags);</div><div class="line"><a name="l01214"></a><span class="lineno"> 1214</span> }</div><div class="line"><a name="l01215"></a><span class="lineno"> 1215</span> <span class="preprocessor">#endif // CRYPTOPP_RIJNDAEL_ADVANCED_PROCESS_BLOCKS</span></div><div class="line"><a name="l01216"></a><span class="lineno"> 1216</span> </div><div class="line"><a name="l01217"></a><span class="lineno"> 1217</span> NAMESPACE_END</div><div class="line"><a name="l01218"></a><span class="lineno"> 1218</span> </div><div class="line"><a name="l01219"></a><span class="lineno"> 1219</span> <span class="preprocessor">#endif</span></div><div class="line"><a name="l01220"></a><span class="lineno"> 1220</span> <span class="preprocessor">#endif</span></div><div class="ttc" id="misc_8h_html"><div class="ttname"><a href="misc_8h.html">misc.h</a></div><div class="ttdoc">Utility functions for the Crypto++ library. </div></div>
<div class="ttc" id="cpu_8h_html_a01958720925de0cb8515345758825326"><div class="ttname"><a href="cpu_8h.html#a01958720925de0cb8515345758825326">HasAES</a></div><div class="ttdeci">bool HasAES()</div><div class="ttdoc">Determine if an ARM processor has AES available. </div><div class="ttdef"><b>Definition:</b> <a href="cpu_8h_source.html#l00386">cpu.h:386</a></div></div>
<div class="ttc" id="config_8h_html"><div class="ttname"><a href="config_8h.html">config.h</a></div><div class="ttdoc">Library configuration file. </div></div>
<div class="ttc" id="cpu_8h_html_a7c008779986afa9c0463b2bc8fe17042"><div class="ttname"><a href="cpu_8h.html#a7c008779986afa9c0463b2bc8fe17042">GetCacheLineSize</a></div><div class="ttdeci">int GetCacheLineSize()</div><div class="ttdoc">Provides the cache line size. </div><div class="ttdef"><b>Definition:</b> <a href="cpu_8h_source.html#l00298">cpu.h:298</a></div></div>
<div class="ttc" id="struct_block_get_and_put_html"><div class="ttname"><a href="struct_block_get_and_put.html">BlockGetAndPut</a></div><div class="ttdoc">Access a block of memory. </div><div class="ttdef"><b>Definition:</b> <a href="misc_8h_source.html#l02402">misc.h:2402</a></div></div>
<div class="ttc" id="class_rijndael_html"><div class="ttname"><a href="class_rijndael.html">Rijndael</a></div><div class="ttdoc">Rijndael block cipher. </div><div class="ttdef"><b>Definition:</b> <a href="rijndael_8h_source.html#l00039">rijndael.h:39</a></div></div>
<div class="ttc" id="misc_8h_html_a8e499ded4f2e7e7705c3cfd39cdf137f"><div class="ttname"><a href="misc_8h.html#a8e499ded4f2e7e7705c3cfd39cdf137f">ConditionalByteReverse</a></div><div class="ttdeci">T ConditionalByteReverse(ByteOrder order, T value)</div><div class="ttdoc">Reverses bytes in a value depending upon endianness. </div><div class="ttdef"><b>Definition:</b> <a href="misc_8h_source.html#l01979">misc.h:1979</a></div></div>
<div class="ttc" id="class_block_transformation_html_a73ad0afb596da5f7e1f26ddf47394afb"><div class="ttname"><a href="class_block_transformation.html#a73ad0afb596da5f7e1f26ddf47394afb">BlockTransformation::AdvancedProcessBlocks</a></div><div class="ttdeci">virtual size_t AdvancedProcessBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t length, word32 flags) const</div><div class="ttdoc">Encrypt and xor multiple blocks using additional flags. </div><div class="ttdef"><b>Definition:</b> <a href="cryptlib_8cpp_source.html#l00147">cryptlib.cpp:147</a></div></div>
<div class="ttc" id="pch_8h_html"><div class="ttname"><a href="pch_8h.html">pch.h</a></div><div class="ttdoc">Precompiled header file. </div></div>
<div class="ttc" id="cryptlib_8h_html_aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57"><div class="ttname"><a href="cryptlib_8h.html#aaeb92d42f5a6e27b8ba19f18d69d142baf0c3bb6c718cc7ff0bffef4e8f178c57">BIG_ENDIAN_ORDER</a></div><div class="ttdoc">byte order is big-endian </div><div class="ttdef"><b>Definition:</b> <a href="cryptlib_8h_source.html#l00144">cryptlib.h:144</a></div></div>
<div class="ttc" id="trap_8h_html_adf3b392588bc94cbeae9f415a78c7b95"><div class="ttname"><a href="trap_8h.html#adf3b392588bc94cbeae9f415a78c7b95">CRYPTOPP_ASSERT</a></div><div class="ttdeci">#define CRYPTOPP_ASSERT(exp)</div><div class="ttdoc">Debugging and diagnostic assertion. </div><div class="ttdef"><b>Definition:</b> <a href="trap_8h_source.html#l00060">trap.h:60</a></div></div>
<div class="ttc" id="rijndael_8h_html"><div class="ttname"><a href="rijndael_8h.html">rijndael.h</a></div><div class="ttdoc">Classes for Rijndael encryption algorithm. </div></div>
<div class="ttc" id="cpu_8h_html"><div class="ttname"><a href="cpu_8h.html">cpu.h</a></div><div class="ttdoc">Functions for CPU features and intrinsics. </div></div>
<div class="ttc" id="cpu_8h_html_a798d0d1732f761b34e4b127335a111c1"><div class="ttname"><a href="cpu_8h.html#a798d0d1732f761b34e4b127335a111c1">HasAESNI</a></div><div class="ttdeci">bool HasAESNI()</div><div class="ttdoc">Determines AES-NI availability. </div><div class="ttdef"><b>Definition:</b> <a href="cpu_8h_source.html#l00162">cpu.h:162</a></div></div>
<div class="ttc" id="cpu_8h_html_a962fa16f6d3a8a518912b39c3ea84062"><div class="ttname"><a href="cpu_8h.html#a962fa16f6d3a8a518912b39c3ea84062">HasSSE2</a></div><div class="ttdeci">bool HasSSE2()</div><div class="ttdoc">Determines SSE2 availability. </div><div class="ttdef"><b>Definition:</b> <a href="cpu_8h_source.html#l00114">cpu.h:114</a></div></div>
<div class="ttc" id="cpu_8h_html_afeba098225030e7a23454cc7abbdec7a"><div class="ttname"><a href="cpu_8h.html#afeba098225030e7a23454cc7abbdec7a">HasSSE41</a></div><div class="ttdeci">bool HasSSE41()</div><div class="ttdoc">Determines SSE4.1 availability. </div><div class="ttdef"><b>Definition:</b> <a href="cpu_8h_source.html#l00140">cpu.h:140</a></div></div>
<div class="ttc" id="namespace_crypto_p_p_html"><div class="ttname"><a href="namespace_crypto_p_p.html">CryptoPP</a></div><div class="ttdoc">Crypto++ library namespace. </div></div>
<div class="ttc" id="class_name_value_pairs_html"><div class="ttname"><a href="class_name_value_pairs.html">NameValuePairs</a></div><div class="ttdoc">Interface for retrieving values given their names. </div><div class="ttdef"><b>Definition:</b> <a href="cryptlib_8h_source.html#l00290">cryptlib.h:290</a></div></div>
</div><!-- fragment --></div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated on Sun Sep 16 2018 07:58:01 for Crypto++ by  <a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/>
</a> 1.8.14
</small></address>
</body>
</html>
distrib
>
Mageia
>
7
>
armv7hl
>
media
>
core-release
>
by-pkgid
>
0a67b807a02637f2cae68649d519a89d
>
files
>
2538
