* x86/aes.m4 (AES_FINAL_ROUND): Do the substitution on the least

significant byte here. Rev: nettle/x86/aes.m4:1.5
author: Niels Möller <nisse@lysator.liu.se> 2008-09-13 21:41:04 +0200
committer: Niels Möller <nisse@lysator.liu.se> 2008-09-13 21:41:04 +0200
commit: 075afd79e451ec55b7d4db99356a7e36871ce56d (patch)
tree: 53708b26a91bde557ce864fb5b39fec984560ca5 /x86
parent: b60efb20fb823e7c4ce6ee550a3c4765674f3852 (diff)
download: nettle-075afd79e451ec55b7d4db99356a7e36871ce56d.tar.gz
1 files changed, 14 insertions, 14 deletions
diff --git a/x86/aes.m4 b/x86/aes.m4
index 5059a3ef..ad311a7d 100644
--- a/x86/aes.m4
+++ b/x86/aes.m4
@@ -59,22 +59,22 @@ define(<AES_ROUND>, <
 	shrl	<$>24,$7
 	xorl	AES_TABLE3 ($1, $7, 4),$6>)dnl
 
-dnl AES_FINAL_ROUND(a, b, c, d, out, tmp)
-dnl Computes one word of the final round. Leaves result in %edi.
+dnl AES_FINAL_ROUND(a, b, c, d, table, out, tmp)
+dnl Computes one word of the final round.
 dnl Note that we have to quote $ in constants.
 define(<AES_FINAL_ROUND>, <
-	C FIXME: Perform substitution on least significant byte here,
-	C to save work later.
-	movzbl	LREG($1),$5
-	movl	$2,$6
-	andl	<$>0x0000ff00,$6
-	orl	$6, $5
-	movl	$3,$6
-	andl	<$>0x00ff0000,$6
-	orl	$6, $5
-	movl	$4,$6
-	andl	<$>0xff000000,$6
-	orl	$6, $5>)dnl
+	movzbl	LREG($1),$6
+	movzbl	($5, $6), $6
+	movl	$2,$7
+	andl	<$>0x0000ff00,$7
+	orl	$7, $6
+	movl	$3,$7
+	andl	<$>0x00ff0000,$7
+	orl	$7, $6
+	movl	$4,$7
+	andl	<$>0xff000000,$7
+	orl	$7, $6
+	roll	<$>8, $6>)dnl
 
 dnl AES_SUBST_BYTE(A, B, C, D, table, ptr)
 dnl Substitutes the least significant byte of
author	Niels Möller <nisse@lysator.liu.se>	2008-09-13 21:41:04 +0200
committer	Niels Möller <nisse@lysator.liu.se>	2008-09-13 21:41:04 +0200
commit	075afd79e451ec55b7d4db99356a7e36871ce56d (patch)
tree	53708b26a91bde557ce864fb5b39fec984560ca5 /x86
parent	b60efb20fb823e7c4ce6ee550a3c4765674f3852 (diff)
download	nettle-075afd79e451ec55b7d4db99356a7e36871ce56d.tar.gz