Merge pull request #10406 from jcarrano/aes-t-table

sys/crypto: optimize AES footprint (resurrected)

Merge pull request #10406 from jcarrano/aes-t-table
879e0cb1 · Koen Zandberg · GitHub · 836fe3db · 3393dafe · 879e0cb1
Unverified Commit 879e0cb1 authored 6 years ago by Koen Zandberg Committed by GitHub 6 years ago
--- a/makefiles/pseudomodules.inc.mk
+++ b/makefiles/pseudomodules.inc.mk
@@ -127,4 +127,9 @@ PSEUDOMODULES += skald_eddystone
 # define optimized read function of DS18 driver as a pseudo module
 PSEUDOMODULES += ds18_optimized
+# By using this pseudomodule, T tables will be precalculated.
+PSEUDOMODULES += crypto_aes_precalculated
+# This pseudomodule causes a loop in AES to be unrolled (more flash, less CPU)
+PSEUDOMODULES += crypto_aes_unroll
 # Packages may also add modules to PSEUDOMODULES in their `Makefile.include`.
--- a/sys/crypto/aes.c
+++ b/sys/crypto/aes.c
--- a/sys/crypto/doc.txt
+++ b/sys/crypto/doc.txt
@@ -47,6 +47,13 @@
 *
 * @endcode
 *
+ * Some aspects of the AES implementation can be fine tuned by pseudo-modules:
+ *  * crypto_aes_precalculated: Use pre-calculated T-tables. This improved
+ *       speed at the expense of increased program size. The default is to
+ *       calculate most tables on the fly.
+ *  * crypto_aes_unroll: enable manually-unrolled loops. The default is to not
+ *       have them unrolled.
+ *
 * If you need to encrypt data of arbitrary size take a look at the different
 * operation modes like: CBC, CTR or CCM.
 *

--- a/sys/include/crypto/aes.h
+++ b/sys/include/crypto/aes.h
@@ -37,9 +37,6 @@ typedef uint32_t u32;
 typedef uint16_t u16;
 typedef uint8_t u8;
-/* This controls loop-unrolling in aes_core.c */
-#undef FULL_UNROLL
 # define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ \
                     ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
 # define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); \