diff options
Diffstat (limited to 'rijndael.c')
-rw-r--r-- | rijndael.c | 351 |
1 files changed, 175 insertions, 176 deletions
diff --git a/rijndael.c b/rijndael.c index f28a9c669..c8ba55e78 100644 --- a/rijndael.c +++ b/rijndael.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: rijndael.c,v 1.12 2001/09/13 09:48:39 markus Exp $ */ | 1 | /* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /** | 3 | /** |
4 | * rijndael-alg-fst.c | 4 | * rijndael-alg-fst.c |
@@ -775,32 +775,31 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int | |||
775 | rk[6] = GETU32(cipherKey + 24); | 775 | rk[6] = GETU32(cipherKey + 24); |
776 | rk[7] = GETU32(cipherKey + 28); | 776 | rk[7] = GETU32(cipherKey + 28); |
777 | if (keyBits == 256) { | 777 | if (keyBits == 256) { |
778 | for (;;) { | 778 | for (;;) { |
779 | temp = rk[ 7]; | 779 | temp = rk[ 7]; |
780 | rk[ 8] = rk[ 0] ^ | 780 | rk[ 8] = rk[ 0] ^ |
781 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 781 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
782 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | 782 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ |
783 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ | 783 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ |
784 | (Te4[(temp >> 24) ] & 0x000000ff) ^ | 784 | (Te4[(temp >> 24) ] & 0x000000ff) ^ |
785 | rcon[i]; | 785 | rcon[i]; |
786 | rk[ 9] = rk[ 1] ^ rk[ 8]; | 786 | rk[ 9] = rk[ 1] ^ rk[ 8]; |
787 | rk[10] = rk[ 2] ^ rk[ 9]; | 787 | rk[10] = rk[ 2] ^ rk[ 9]; |
788 | rk[11] = rk[ 3] ^ rk[10]; | 788 | rk[11] = rk[ 3] ^ rk[10]; |
789 | if (++i == 7) { | 789 | if (++i == 7) { |
790 | return 14; | 790 | return 14; |
791 | } | 791 | } |
792 | temp = rk[11]; | 792 | temp = rk[11]; |
793 | rk[12] = rk[ 4] ^ | 793 | rk[12] = rk[ 4] ^ |
794 | (Te4[(temp >> 24) ] & 0xff000000) ^ | 794 | (Te4[(temp >> 24) ] & 0xff000000) ^ |
795 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ | 795 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ |
796 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ | 796 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ |
797 | (Te4[(temp ) & 0xff] & 0x000000ff); | 797 | (Te4[(temp ) & 0xff] & 0x000000ff); |
798 | rk[13] = rk[ 5] ^ rk[12]; | 798 | rk[13] = rk[ 5] ^ rk[12]; |
799 | rk[14] = rk[ 6] ^ rk[13]; | 799 | rk[14] = rk[ 6] ^ rk[13]; |
800 | rk[15] = rk[ 7] ^ rk[14]; | 800 | rk[15] = rk[ 7] ^ rk[14]; |
801 | |||
802 | rk += 8; | 801 | rk += 8; |
803 | } | 802 | } |
804 | } | 803 | } |
805 | return 0; | 804 | return 0; |
806 | } | 805 | } |
@@ -917,28 +916,28 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
917 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; | 916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; |
918 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; | 917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; |
919 | if (Nr > 10) { | 918 | if (Nr > 10) { |
920 | /* round 10: */ | 919 | /* round 10: */ |
921 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; | 920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; |
922 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; | 921 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; |
923 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; | 922 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; |
924 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; | 923 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; |
925 | /* round 11: */ | 924 | /* round 11: */ |
926 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; | 925 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; |
927 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; | 926 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; |
928 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; | 927 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; |
929 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; | 928 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; |
930 | if (Nr > 12) { | 929 | if (Nr > 12) { |
931 | /* round 12: */ | 930 | /* round 12: */ |
932 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; | 931 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; |
933 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; | 932 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; |
934 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; | 933 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; |
935 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; | 934 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; |
936 | /* round 13: */ | 935 | /* round 13: */ |
937 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; | 936 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; |
938 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; | 937 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; |
939 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; | 938 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; |
940 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; | 939 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; |
941 | } | 940 | } |
942 | } | 941 | } |
943 | rk += Nr << 2; | 942 | rk += Nr << 2; |
944 | #else /* !FULL_UNROLL */ | 943 | #else /* !FULL_UNROLL */ |
@@ -947,60 +946,60 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
947 | */ | 946 | */ |
948 | r = Nr >> 1; | 947 | r = Nr >> 1; |
949 | for (;;) { | 948 | for (;;) { |
950 | t0 = | 949 | t0 = |
951 | Te0[(s0 >> 24) ] ^ | 950 | Te0[(s0 >> 24) ] ^ |
952 | Te1[(s1 >> 16) & 0xff] ^ | 951 | Te1[(s1 >> 16) & 0xff] ^ |
953 | Te2[(s2 >> 8) & 0xff] ^ | 952 | Te2[(s2 >> 8) & 0xff] ^ |
954 | Te3[(s3 ) & 0xff] ^ | 953 | Te3[(s3 ) & 0xff] ^ |
955 | rk[4]; | 954 | rk[4]; |
956 | t1 = | 955 | t1 = |
957 | Te0[(s1 >> 24) ] ^ | 956 | Te0[(s1 >> 24) ] ^ |
958 | Te1[(s2 >> 16) & 0xff] ^ | 957 | Te1[(s2 >> 16) & 0xff] ^ |
959 | Te2[(s3 >> 8) & 0xff] ^ | 958 | Te2[(s3 >> 8) & 0xff] ^ |
960 | Te3[(s0 ) & 0xff] ^ | 959 | Te3[(s0 ) & 0xff] ^ |
961 | rk[5]; | 960 | rk[5]; |
962 | t2 = | 961 | t2 = |
963 | Te0[(s2 >> 24) ] ^ | 962 | Te0[(s2 >> 24) ] ^ |
964 | Te1[(s3 >> 16) & 0xff] ^ | 963 | Te1[(s3 >> 16) & 0xff] ^ |
965 | Te2[(s0 >> 8) & 0xff] ^ | 964 | Te2[(s0 >> 8) & 0xff] ^ |
966 | Te3[(s1 ) & 0xff] ^ | 965 | Te3[(s1 ) & 0xff] ^ |
967 | rk[6]; | 966 | rk[6]; |
968 | t3 = | 967 | t3 = |
969 | Te0[(s3 >> 24) ] ^ | 968 | Te0[(s3 >> 24) ] ^ |
970 | Te1[(s0 >> 16) & 0xff] ^ | 969 | Te1[(s0 >> 16) & 0xff] ^ |
971 | Te2[(s1 >> 8) & 0xff] ^ | 970 | Te2[(s1 >> 8) & 0xff] ^ |
972 | Te3[(s2 ) & 0xff] ^ | 971 | Te3[(s2 ) & 0xff] ^ |
973 | rk[7]; | 972 | rk[7]; |
974 | 973 | ||
975 | rk += 8; | 974 | rk += 8; |
976 | if (--r == 0) { | 975 | if (--r == 0) { |
977 | break; | 976 | break; |
978 | } | 977 | } |
979 | 978 | ||
980 | s0 = | 979 | s0 = |
981 | Te0[(t0 >> 24) ] ^ | 980 | Te0[(t0 >> 24) ] ^ |
982 | Te1[(t1 >> 16) & 0xff] ^ | 981 | Te1[(t1 >> 16) & 0xff] ^ |
983 | Te2[(t2 >> 8) & 0xff] ^ | 982 | Te2[(t2 >> 8) & 0xff] ^ |
984 | Te3[(t3 ) & 0xff] ^ | 983 | Te3[(t3 ) & 0xff] ^ |
985 | rk[0]; | 984 | rk[0]; |
986 | s1 = | 985 | s1 = |
987 | Te0[(t1 >> 24) ] ^ | 986 | Te0[(t1 >> 24) ] ^ |
988 | Te1[(t2 >> 16) & 0xff] ^ | 987 | Te1[(t2 >> 16) & 0xff] ^ |
989 | Te2[(t3 >> 8) & 0xff] ^ | 988 | Te2[(t3 >> 8) & 0xff] ^ |
990 | Te3[(t0 ) & 0xff] ^ | 989 | Te3[(t0 ) & 0xff] ^ |
991 | rk[1]; | 990 | rk[1]; |
992 | s2 = | 991 | s2 = |
993 | Te0[(t2 >> 24) ] ^ | 992 | Te0[(t2 >> 24) ] ^ |
994 | Te1[(t3 >> 16) & 0xff] ^ | 993 | Te1[(t3 >> 16) & 0xff] ^ |
995 | Te2[(t0 >> 8) & 0xff] ^ | 994 | Te2[(t0 >> 8) & 0xff] ^ |
996 | Te3[(t1 ) & 0xff] ^ | 995 | Te3[(t1 ) & 0xff] ^ |
997 | rk[2]; | 996 | rk[2]; |
998 | s3 = | 997 | s3 = |
999 | Te0[(t3 >> 24) ] ^ | 998 | Te0[(t3 >> 24) ] ^ |
1000 | Te1[(t0 >> 16) & 0xff] ^ | 999 | Te1[(t0 >> 16) & 0xff] ^ |
1001 | Te2[(t1 >> 8) & 0xff] ^ | 1000 | Te2[(t1 >> 8) & 0xff] ^ |
1002 | Te3[(t2 ) & 0xff] ^ | 1001 | Te3[(t2 ) & 0xff] ^ |
1003 | rk[3]; | 1002 | rk[3]; |
1004 | } | 1003 | } |
1005 | #endif /* ?FULL_UNROLL */ | 1004 | #endif /* ?FULL_UNROLL */ |
1006 | /* | 1005 | /* |
@@ -1098,28 +1097,28 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1098 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; | 1097 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; |
1099 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; | 1098 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; |
1100 | if (Nr > 10) { | 1099 | if (Nr > 10) { |
1101 | /* round 10: */ | 1100 | /* round 10: */ |
1102 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; | 1101 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; |
1103 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; | 1102 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; |
1104 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; | 1103 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; |
1105 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; | 1104 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; |
1106 | /* round 11: */ | 1105 | /* round 11: */ |
1107 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; | 1106 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; |
1108 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; | 1107 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; |
1109 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; | 1108 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; |
1110 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; | 1109 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; |
1111 | if (Nr > 12) { | 1110 | if (Nr > 12) { |
1112 | /* round 12: */ | 1111 | /* round 12: */ |
1113 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; | 1112 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; |
1114 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; | 1113 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; |
1115 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; | 1114 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; |
1116 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; | 1115 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; |
1117 | /* round 13: */ | 1116 | /* round 13: */ |
1118 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; | 1117 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; |
1119 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; | 1118 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; |
1120 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; | 1119 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; |
1121 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; | 1120 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; |
1122 | } | 1121 | } |
1123 | } | 1122 | } |
1124 | rk += Nr << 2; | 1123 | rk += Nr << 2; |
1125 | #else /* !FULL_UNROLL */ | 1124 | #else /* !FULL_UNROLL */ |
@@ -1128,60 +1127,60 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1128 | */ | 1127 | */ |
1129 | r = Nr >> 1; | 1128 | r = Nr >> 1; |
1130 | for (;;) { | 1129 | for (;;) { |
1131 | t0 = | 1130 | t0 = |
1132 | Td0[(s0 >> 24) ] ^ | 1131 | Td0[(s0 >> 24) ] ^ |
1133 | Td1[(s3 >> 16) & 0xff] ^ | 1132 | Td1[(s3 >> 16) & 0xff] ^ |
1134 | Td2[(s2 >> 8) & 0xff] ^ | 1133 | Td2[(s2 >> 8) & 0xff] ^ |
1135 | Td3[(s1 ) & 0xff] ^ | 1134 | Td3[(s1 ) & 0xff] ^ |
1136 | rk[4]; | 1135 | rk[4]; |
1137 | t1 = | 1136 | t1 = |
1138 | Td0[(s1 >> 24) ] ^ | 1137 | Td0[(s1 >> 24) ] ^ |
1139 | Td1[(s0 >> 16) & 0xff] ^ | 1138 | Td1[(s0 >> 16) & 0xff] ^ |
1140 | Td2[(s3 >> 8) & 0xff] ^ | 1139 | Td2[(s3 >> 8) & 0xff] ^ |
1141 | Td3[(s2 ) & 0xff] ^ | 1140 | Td3[(s2 ) & 0xff] ^ |
1142 | rk[5]; | 1141 | rk[5]; |
1143 | t2 = | 1142 | t2 = |
1144 | Td0[(s2 >> 24) ] ^ | 1143 | Td0[(s2 >> 24) ] ^ |
1145 | Td1[(s1 >> 16) & 0xff] ^ | 1144 | Td1[(s1 >> 16) & 0xff] ^ |
1146 | Td2[(s0 >> 8) & 0xff] ^ | 1145 | Td2[(s0 >> 8) & 0xff] ^ |
1147 | Td3[(s3 ) & 0xff] ^ | 1146 | Td3[(s3 ) & 0xff] ^ |
1148 | rk[6]; | 1147 | rk[6]; |
1149 | t3 = | 1148 | t3 = |
1150 | Td0[(s3 >> 24) ] ^ | 1149 | Td0[(s3 >> 24) ] ^ |
1151 | Td1[(s2 >> 16) & 0xff] ^ | 1150 | Td1[(s2 >> 16) & 0xff] ^ |
1152 | Td2[(s1 >> 8) & 0xff] ^ | 1151 | Td2[(s1 >> 8) & 0xff] ^ |
1153 | Td3[(s0 ) & 0xff] ^ | 1152 | Td3[(s0 ) & 0xff] ^ |
1154 | rk[7]; | 1153 | rk[7]; |
1155 | 1154 | ||
1156 | rk += 8; | 1155 | rk += 8; |
1157 | if (--r == 0) { | 1156 | if (--r == 0) { |
1158 | break; | 1157 | break; |
1159 | } | 1158 | } |
1160 | 1159 | ||
1161 | s0 = | 1160 | s0 = |
1162 | Td0[(t0 >> 24) ] ^ | 1161 | Td0[(t0 >> 24) ] ^ |
1163 | Td1[(t3 >> 16) & 0xff] ^ | 1162 | Td1[(t3 >> 16) & 0xff] ^ |
1164 | Td2[(t2 >> 8) & 0xff] ^ | 1163 | Td2[(t2 >> 8) & 0xff] ^ |
1165 | Td3[(t1 ) & 0xff] ^ | 1164 | Td3[(t1 ) & 0xff] ^ |
1166 | rk[0]; | 1165 | rk[0]; |
1167 | s1 = | 1166 | s1 = |
1168 | Td0[(t1 >> 24) ] ^ | 1167 | Td0[(t1 >> 24) ] ^ |
1169 | Td1[(t0 >> 16) & 0xff] ^ | 1168 | Td1[(t0 >> 16) & 0xff] ^ |
1170 | Td2[(t3 >> 8) & 0xff] ^ | 1169 | Td2[(t3 >> 8) & 0xff] ^ |
1171 | Td3[(t2 ) & 0xff] ^ | 1170 | Td3[(t2 ) & 0xff] ^ |
1172 | rk[1]; | 1171 | rk[1]; |
1173 | s2 = | 1172 | s2 = |
1174 | Td0[(t2 >> 24) ] ^ | 1173 | Td0[(t2 >> 24) ] ^ |
1175 | Td1[(t1 >> 16) & 0xff] ^ | 1174 | Td1[(t1 >> 16) & 0xff] ^ |
1176 | Td2[(t0 >> 8) & 0xff] ^ | 1175 | Td2[(t0 >> 8) & 0xff] ^ |
1177 | Td3[(t3 ) & 0xff] ^ | 1176 | Td3[(t3 ) & 0xff] ^ |
1178 | rk[2]; | 1177 | rk[2]; |
1179 | s3 = | 1178 | s3 = |
1180 | Td0[(t3 >> 24) ] ^ | 1179 | Td0[(t3 >> 24) ] ^ |
1181 | Td1[(t2 >> 16) & 0xff] ^ | 1180 | Td1[(t2 >> 16) & 0xff] ^ |
1182 | Td2[(t1 >> 8) & 0xff] ^ | 1181 | Td2[(t1 >> 8) & 0xff] ^ |
1183 | Td3[(t0 ) & 0xff] ^ | 1182 | Td3[(t0 ) & 0xff] ^ |
1184 | rk[3]; | 1183 | rk[3]; |
1185 | } | 1184 | } |
1186 | #endif /* ?FULL_UNROLL */ | 1185 | #endif /* ?FULL_UNROLL */ |
1187 | /* | 1186 | /* |
@@ -1222,13 +1221,13 @@ void | |||
1222 | rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt) | 1221 | rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt) |
1223 | { | 1222 | { |
1224 | ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits); | 1223 | ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits); |
1225 | if (encrypt) { | 1224 | if (encrypt) { |
1226 | ctx->decrypt = 0; | 1225 | ctx->decrypt = 0; |
1227 | memset(ctx->dk, 0, sizeof(ctx->dk)); | 1226 | memset(ctx->dk, 0, sizeof(ctx->dk)); |
1228 | } else { | 1227 | } else { |
1229 | ctx->decrypt = 1; | 1228 | ctx->decrypt = 1; |
1230 | memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek)); | 1229 | memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek)); |
1231 | rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr); | 1230 | rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr); |
1232 | } | 1231 | } |
1233 | } | 1232 | } |
1234 | 1233 | ||