summaryrefslogtreecommitdiff
path: root/rijndael.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2015-08-19 14:23:50 +0100
committerColin Watson <cjwatson@debian.org>2015-08-19 14:23:50 +0100
commitbaccdb349b31c47cd76fb63211f754ed33a9707e (patch)
treed03653f975fd4eb8bf71bb0c9d168614401202fa /rijndael.c
parent487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (diff)
parent9f82e5a9042f2d872e98f48a876fcab3e25dd9bb (diff)
Import openssh_6.8p1.orig.tar.gz
Diffstat (limited to 'rijndael.c')
-rw-r--r--rijndael.c339
1 files changed, 107 insertions, 232 deletions
diff --git a/rijndael.c b/rijndael.c
index cde90789e..b352a11e5 100644
--- a/rijndael.c
+++ b/rijndael.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rijndael.c,v 1.18 2014/04/29 15:42:07 markus Exp $ */ 1/* $OpenBSD: rijndael.c,v 1.19 2014/11/18 22:38:48 mikeb Exp $ */
2 2
3/** 3/**
4 * rijndael-alg-fst.c 4 * rijndael-alg-fst.c
@@ -40,13 +40,12 @@ Te0[x] = S [x].[02, 01, 01, 03];
40Te1[x] = S [x].[03, 02, 01, 01]; 40Te1[x] = S [x].[03, 02, 01, 01];
41Te2[x] = S [x].[01, 03, 02, 01]; 41Te2[x] = S [x].[01, 03, 02, 01];
42Te3[x] = S [x].[01, 01, 03, 02]; 42Te3[x] = S [x].[01, 01, 03, 02];
43Te4[x] = S [x].[01, 01, 01, 01];
44 43
45Td0[x] = Si[x].[0e, 09, 0d, 0b]; 44Td0[x] = Si[x].[0e, 09, 0d, 0b];
46Td1[x] = Si[x].[0b, 0e, 09, 0d]; 45Td1[x] = Si[x].[0b, 0e, 09, 0d];
47Td2[x] = Si[x].[0d, 0b, 0e, 09]; 46Td2[x] = Si[x].[0d, 0b, 0e, 09];
48Td3[x] = Si[x].[09, 0d, 0b, 0e]; 47Td3[x] = Si[x].[09, 0d, 0b, 0e];
49Td4[x] = Si[x].[01, 01, 01, 01]; 48Td4[x] = Si[x].[01];
50*/ 49*/
51 50
52static const u32 Te0[256] = { 51static const u32 Te0[256] = {
@@ -313,72 +312,7 @@ static const u32 Te3[256] = {
313 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, 312 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
314 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, 313 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
315}; 314};
316static const u32 Te4[256] = { 315#if 0
317 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
318 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
319 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
320 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
321 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
322 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
323 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
324 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
325 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
326 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
327 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
328 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
329 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
330 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
331 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
332 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
333 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
334 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
335 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
336 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
337 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
338 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
339 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
340 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
341 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
342 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
343 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
344 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
345 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
346 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
347 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
348 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
349 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
350 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
351 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
352 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
353 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
354 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
355 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
356 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
357 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
358 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
359 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
360 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
361 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
362 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
363 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
364 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
365 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
366 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
367 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
368 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
369 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
370 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
371 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
372 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
373 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
374 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
375 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
376 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
377 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
378 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
379 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
380 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
381};
382static const u32 Td0[256] = { 316static const u32 Td0[256] = {
383 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 317 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
384 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, 318 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
@@ -643,72 +577,41 @@ static const u32 Td3[256] = {
643 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, 577 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
644 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, 578 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
645}; 579};
646static const u32 Td4[256] = { 580static const u8 Td4[256] = {
647 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, 581 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
648 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, 582 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
649 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, 583 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
650 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, 584 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
651 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, 585 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
652 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, 586 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
653 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, 587 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
654 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, 588 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
655 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, 589 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
656 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, 590 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
657 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, 591 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
658 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, 592 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
659 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, 593 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
660 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, 594 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
661 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, 595 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
662 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, 596 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
663 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, 597 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
664 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, 598 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
665 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, 599 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
666 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, 600 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
667 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, 601 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
668 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, 602 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
669 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, 603 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
670 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, 604 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
671 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, 605 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
672 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, 606 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
673 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, 607 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
674 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, 608 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
675 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, 609 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
676 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, 610 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
677 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, 611 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
678 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, 612 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
679 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
680 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
681 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
682 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
683 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
684 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
685 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
686 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
687 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
688 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
689 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
690 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
691 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
692 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
693 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
694 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
695 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
696 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
697 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
698 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
699 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
700 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
701 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
702 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
703 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
704 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
705 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
706 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
707 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
708 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
709 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
710 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
711}; 613};
614#endif
712static const u32 rcon[] = { 615static const u32 rcon[] = {
713 0x01000000, 0x02000000, 0x04000000, 0x08000000, 616 0x01000000, 0x02000000, 0x04000000, 0x08000000,
714 0x10000000, 0x20000000, 0x40000000, 0x80000000, 617 0x10000000, 0x20000000, 0x40000000, 0x80000000,
@@ -737,10 +640,10 @@ rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
737 for (;;) { 640 for (;;) {
738 temp = rk[3]; 641 temp = rk[3];
739 rk[4] = rk[0] ^ 642 rk[4] = rk[0] ^
740 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ 643 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
741 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ 644 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
742 (Te4[(temp ) & 0xff] & 0x0000ff00) ^ 645 (Te0[(temp ) & 0xff] & 0x0000ff00) ^
743 (Te4[(temp >> 24) ] & 0x000000ff) ^ 646 (Te1[(temp >> 24) ] & 0x000000ff) ^
744 rcon[i]; 647 rcon[i];
745 rk[5] = rk[1] ^ rk[4]; 648 rk[5] = rk[1] ^ rk[4];
746 rk[6] = rk[2] ^ rk[5]; 649 rk[6] = rk[2] ^ rk[5];
@@ -757,10 +660,10 @@ rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
757 for (;;) { 660 for (;;) {
758 temp = rk[ 5]; 661 temp = rk[ 5];
759 rk[ 6] = rk[ 0] ^ 662 rk[ 6] = rk[ 0] ^
760 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ 663 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
761 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ 664 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
762 (Te4[(temp ) & 0xff] & 0x0000ff00) ^ 665 (Te0[(temp ) & 0xff] & 0x0000ff00) ^
763 (Te4[(temp >> 24) ] & 0x000000ff) ^ 666 (Te1[(temp >> 24) ] & 0x000000ff) ^
764 rcon[i]; 667 rcon[i];
765 rk[ 7] = rk[ 1] ^ rk[ 6]; 668 rk[ 7] = rk[ 1] ^ rk[ 6];
766 rk[ 8] = rk[ 2] ^ rk[ 7]; 669 rk[ 8] = rk[ 2] ^ rk[ 7];
@@ -779,10 +682,10 @@ rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
779 for (;;) { 682 for (;;) {
780 temp = rk[ 7]; 683 temp = rk[ 7];
781 rk[ 8] = rk[ 0] ^ 684 rk[ 8] = rk[ 0] ^
782 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ 685 (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
783 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ 686 (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
784 (Te4[(temp ) & 0xff] & 0x0000ff00) ^ 687 (Te0[(temp ) & 0xff] & 0x0000ff00) ^
785 (Te4[(temp >> 24) ] & 0x000000ff) ^ 688 (Te1[(temp >> 24) ] & 0x000000ff) ^
786 rcon[i]; 689 rcon[i];
787 rk[ 9] = rk[ 1] ^ rk[ 8]; 690 rk[ 9] = rk[ 1] ^ rk[ 8];
788 rk[10] = rk[ 2] ^ rk[ 9]; 691 rk[10] = rk[ 2] ^ rk[ 9];
@@ -792,10 +695,10 @@ rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
792 } 695 }
793 temp = rk[11]; 696 temp = rk[11];
794 rk[12] = rk[ 4] ^ 697 rk[12] = rk[ 4] ^
795 (Te4[(temp >> 24) ] & 0xff000000) ^ 698 (Te2[(temp >> 24) ] & 0xff000000) ^
796 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ 699 (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
797 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ 700 (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
798 (Te4[(temp ) & 0xff] & 0x000000ff); 701 (Te1[(temp ) & 0xff] & 0x000000ff);
799 rk[13] = rk[ 5] ^ rk[12]; 702 rk[13] = rk[ 5] ^ rk[12];
800 rk[14] = rk[ 6] ^ rk[13]; 703 rk[14] = rk[ 6] ^ rk[13];
801 rk[15] = rk[ 7] ^ rk[14]; 704 rk[15] = rk[ 7] ^ rk[14];
@@ -805,25 +708,20 @@ rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
805 return 0; 708 return 0;
806} 709}
807 710
711#if 0
808/** 712/**
809 * Expand the cipher key into the decryption key schedule. 713 * Expand the cipher key into the decryption key schedule.
810 * 714 *
811 * @return the number of rounds for the given cipher key size. 715 * @return the number of rounds for the given cipher key size.
812 */ 716 */
813int 717int
814rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits, 718rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
815 int have_encrypt)
816{ 719{
817 int Nr, i, j; 720 int Nr, i, j;
818 u32 temp; 721 u32 temp;
819 722
820 /* expand the cipher key: */ 723 /* expand the cipher key: */
821 if (have_encrypt > 0) { 724 Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
822 /* Already done */
823 Nr = have_encrypt;
824 } else {
825 Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
826 }
827 725
828 /* invert the order of the round keys: */ 726 /* invert the order of the round keys: */
829 for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) { 727 for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {
@@ -836,28 +734,29 @@ rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits,
836 for (i = 1; i < Nr; i++) { 734 for (i = 1; i < Nr; i++) {
837 rk += 4; 735 rk += 4;
838 rk[0] = 736 rk[0] =
839 Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ 737 Td0[Te1[(rk[0] >> 24) ] & 0xff] ^
840 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ 738 Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
841 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ 739 Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
842 Td3[Te4[(rk[0] ) & 0xff] & 0xff]; 740 Td3[Te1[(rk[0] ) & 0xff] & 0xff];
843 rk[1] = 741 rk[1] =
844 Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ 742 Td0[Te1[(rk[1] >> 24) ] & 0xff] ^
845 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ 743 Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
846 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ 744 Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
847 Td3[Te4[(rk[1] ) & 0xff] & 0xff]; 745 Td3[Te1[(rk[1] ) & 0xff] & 0xff];
848 rk[2] = 746 rk[2] =
849 Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ 747 Td0[Te1[(rk[2] >> 24) ] & 0xff] ^
850 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ 748 Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
851 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ 749 Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
852 Td3[Te4[(rk[2] ) & 0xff] & 0xff]; 750 Td3[Te1[(rk[2] ) & 0xff] & 0xff];
853 rk[3] = 751 rk[3] =
854 Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ 752 Td0[Te1[(rk[3] >> 24) ] & 0xff] ^
855 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ 753 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
856 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ 754 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
857 Td3[Te4[(rk[3] ) & 0xff] & 0xff]; 755 Td3[Te1[(rk[3] ) & 0xff] & 0xff];
858 } 756 }
859 return Nr; 757 return Nr;
860} 758}
759#endif
861 760
862void 761void
863rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], 762rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16],
@@ -1014,35 +913,36 @@ rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16],
1014 * map cipher state to byte array block: 913 * map cipher state to byte array block:
1015 */ 914 */
1016 s0 = 915 s0 =
1017 (Te4[(t0 >> 24) ] & 0xff000000) ^ 916 (Te2[(t0 >> 24) ] & 0xff000000) ^
1018 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 917 (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1019 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 918 (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1020 (Te4[(t3 ) & 0xff] & 0x000000ff) ^ 919 (Te1[(t3 ) & 0xff] & 0x000000ff) ^
1021 rk[0]; 920 rk[0];
1022 PUTU32(ct , s0); 921 PUTU32(ct , s0);
1023 s1 = 922 s1 =
1024 (Te4[(t1 >> 24) ] & 0xff000000) ^ 923 (Te2[(t1 >> 24) ] & 0xff000000) ^
1025 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 924 (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1026 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 925 (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1027 (Te4[(t0 ) & 0xff] & 0x000000ff) ^ 926 (Te1[(t0 ) & 0xff] & 0x000000ff) ^
1028 rk[1]; 927 rk[1];
1029 PUTU32(ct + 4, s1); 928 PUTU32(ct + 4, s1);
1030 s2 = 929 s2 =
1031 (Te4[(t2 >> 24) ] & 0xff000000) ^ 930 (Te2[(t2 >> 24) ] & 0xff000000) ^
1032 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 931 (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1033 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 932 (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1034 (Te4[(t1 ) & 0xff] & 0x000000ff) ^ 933 (Te1[(t1 ) & 0xff] & 0x000000ff) ^
1035 rk[2]; 934 rk[2];
1036 PUTU32(ct + 8, s2); 935 PUTU32(ct + 8, s2);
1037 s3 = 936 s3 =
1038 (Te4[(t3 >> 24) ] & 0xff000000) ^ 937 (Te2[(t3 >> 24) ] & 0xff000000) ^
1039 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 938 (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1040 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 939 (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1041 (Te4[(t2 ) & 0xff] & 0x000000ff) ^ 940 (Te1[(t2 ) & 0xff] & 0x000000ff) ^
1042 rk[3]; 941 rk[3];
1043 PUTU32(ct + 12, s3); 942 PUTU32(ct + 12, s3);
1044} 943}
1045 944
945#if 0
1046static void 946static void
1047rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], 947rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16],
1048 u8 pt[16]) 948 u8 pt[16])
@@ -1198,57 +1098,32 @@ rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16],
1198 * map cipher state to byte array block: 1098 * map cipher state to byte array block:
1199 */ 1099 */
1200 s0 = 1100 s0 =
1201 (Td4[(t0 >> 24) ] & 0xff000000) ^ 1101 (Td4[(t0 >> 24) ] << 24) ^
1202 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 1102 (Td4[(t3 >> 16) & 0xff] << 16) ^
1203 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 1103 (Td4[(t2 >> 8) & 0xff] << 8) ^
1204 (Td4[(t1 ) & 0xff] & 0x000000ff) ^ 1104 (Td4[(t1 ) & 0xff]) ^
1205 rk[0]; 1105 rk[0];
1206 PUTU32(pt , s0); 1106 PUTU32(pt , s0);
1207 s1 = 1107 s1 =
1208 (Td4[(t1 >> 24) ] & 0xff000000) ^ 1108 (Td4[(t1 >> 24) ] << 24) ^
1209 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 1109 (Td4[(t0 >> 16) & 0xff] << 16) ^
1210 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 1110 (Td4[(t3 >> 8) & 0xff] << 8) ^
1211 (Td4[(t2 ) & 0xff] & 0x000000ff) ^ 1111 (Td4[(t2 ) & 0xff]) ^
1212 rk[1]; 1112 rk[1];
1213 PUTU32(pt + 4, s1); 1113 PUTU32(pt + 4, s1);
1214 s2 = 1114 s2 =
1215 (Td4[(t2 >> 24) ] & 0xff000000) ^ 1115 (Td4[(t2 >> 24) ] << 24) ^
1216 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 1116 (Td4[(t1 >> 16) & 0xff] << 16) ^
1217 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 1117 (Td4[(t0 >> 8) & 0xff] << 8) ^
1218 (Td4[(t3 ) & 0xff] & 0x000000ff) ^ 1118 (Td4[(t3 ) & 0xff]) ^
1219 rk[2]; 1119 rk[2];
1220 PUTU32(pt + 8, s2); 1120 PUTU32(pt + 8, s2);
1221 s3 = 1121 s3 =
1222 (Td4[(t3 >> 24) ] & 0xff000000) ^ 1122 (Td4[(t3 >> 24) ] << 24) ^
1223 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 1123 (Td4[(t2 >> 16) & 0xff] << 16) ^
1224 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 1124 (Td4[(t1 >> 8) & 0xff] << 8) ^
1225 (Td4[(t0 ) & 0xff] & 0x000000ff) ^ 1125 (Td4[(t0 ) & 0xff]) ^
1226 rk[3]; 1126 rk[3];
1227 PUTU32(pt + 12, s3); 1127 PUTU32(pt + 12, s3);
1228} 1128}
1229 1129#endif
1230void
1231rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int do_encrypt)
1232{
1233 ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);
1234 if (do_encrypt) {
1235 ctx->decrypt = 0;
1236 memset(ctx->dk, 0, sizeof(ctx->dk));
1237 } else {
1238 ctx->decrypt = 1;
1239 memcpy(ctx->dk, ctx->ek, sizeof(ctx->dk));
1240 rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);
1241 }
1242}
1243
1244void
1245rijndael_decrypt(rijndael_ctx *ctx, u_char *src, u_char *dst)
1246{
1247 rijndaelDecrypt(ctx->dk, ctx->Nr, src, dst);
1248}
1249
1250void
1251rijndael_encrypt(rijndael_ctx *ctx, u_char *src, u_char *dst)
1252{
1253 rijndaelEncrypt(ctx->ek, ctx->Nr, src, dst);
1254}