diff options
Diffstat (limited to 'rijndael.c')
-rw-r--r-- | rijndael.c | 134 |
1 files changed, 67 insertions, 67 deletions
diff --git a/rijndael.c b/rijndael.c index 6965ca3b0..1cd24de14 100644 --- a/rijndael.c +++ b/rijndael.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: rijndael.c,v 1.14 2002/07/10 17:53:54 deraadt Exp $ */ | 1 | /* $OpenBSD: rijndael.c,v 1.15 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /** | 3 | /** |
4 | * rijndael-alg-fst.c | 4 | * rijndael-alg-fst.c |
@@ -725,7 +725,7 @@ static const u32 rcon[] = { | |||
725 | * @return the number of rounds for the given cipher key size. | 725 | * @return the number of rounds for the given cipher key size. |
726 | */ | 726 | */ |
727 | static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { | 727 | static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { |
728 | int i = 0; | 728 | int i = 0; |
729 | u32 temp; | 729 | u32 temp; |
730 | 730 | ||
731 | rk[0] = GETU32(cipherKey ); | 731 | rk[0] = GETU32(cipherKey ); |
@@ -797,7 +797,7 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int | |||
797 | (Te4[(temp ) & 0xff] & 0x000000ff); | 797 | (Te4[(temp ) & 0xff] & 0x000000ff); |
798 | rk[13] = rk[ 5] ^ rk[12]; | 798 | rk[13] = rk[ 5] ^ rk[12]; |
799 | rk[14] = rk[ 6] ^ rk[13]; | 799 | rk[14] = rk[ 6] ^ rk[13]; |
800 | rk[15] = rk[ 7] ^ rk[14]; | 800 | rk[15] = rk[ 7] ^ rk[14]; |
801 | rk += 8; | 801 | rk += 8; |
802 | } | 802 | } |
803 | } | 803 | } |
@@ -871,50 +871,50 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
871 | s3 = GETU32(pt + 12) ^ rk[3]; | 871 | s3 = GETU32(pt + 12) ^ rk[3]; |
872 | #ifdef FULL_UNROLL | 872 | #ifdef FULL_UNROLL |
873 | /* round 1: */ | 873 | /* round 1: */ |
874 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; | 874 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; |
875 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; | 875 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; |
876 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; | 876 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; |
877 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; | 877 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; |
878 | /* round 2: */ | 878 | /* round 2: */ |
879 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; | 879 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; |
880 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; | 880 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; |
881 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; | 881 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; |
882 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; | 882 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; |
883 | /* round 3: */ | 883 | /* round 3: */ |
884 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; | 884 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; |
885 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; | 885 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; |
886 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; | 886 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; |
887 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; | 887 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; |
888 | /* round 4: */ | 888 | /* round 4: */ |
889 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; | 889 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; |
890 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; | 890 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; |
891 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; | 891 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; |
892 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; | 892 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; |
893 | /* round 5: */ | 893 | /* round 5: */ |
894 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; | 894 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; |
895 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; | 895 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; |
896 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; | 896 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; |
897 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; | 897 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; |
898 | /* round 6: */ | 898 | /* round 6: */ |
899 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; | 899 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; |
900 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; | 900 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; |
901 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; | 901 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; |
902 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; | 902 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; |
903 | /* round 7: */ | 903 | /* round 7: */ |
904 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; | 904 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; |
905 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; | 905 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; |
906 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; | 906 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; |
907 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; | 907 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; |
908 | /* round 8: */ | 908 | /* round 8: */ |
909 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; | 909 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; |
910 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; | 910 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; |
911 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; | 911 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; |
912 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; | 912 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; |
913 | /* round 9: */ | 913 | /* round 9: */ |
914 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; | 914 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; |
915 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; | 915 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; |
916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; | 916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; |
917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; | 917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; |
918 | if (Nr > 10) { | 918 | if (Nr > 10) { |
919 | /* round 10: */ | 919 | /* round 10: */ |
920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; | 920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; |
@@ -1187,33 +1187,33 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1187 | * apply last round and | 1187 | * apply last round and |
1188 | * map cipher state to byte array block: | 1188 | * map cipher state to byte array block: |
1189 | */ | 1189 | */ |
1190 | s0 = | 1190 | s0 = |
1191 | (Td4[(t0 >> 24) ] & 0xff000000) ^ | 1191 | (Td4[(t0 >> 24) ] & 0xff000000) ^ |
1192 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | 1192 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ |
1193 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | 1193 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ |
1194 | (Td4[(t1 ) & 0xff] & 0x000000ff) ^ | 1194 | (Td4[(t1 ) & 0xff] & 0x000000ff) ^ |
1195 | rk[0]; | 1195 | rk[0]; |
1196 | PUTU32(pt , s0); | 1196 | PUTU32(pt , s0); |
1197 | s1 = | 1197 | s1 = |
1198 | (Td4[(t1 >> 24) ] & 0xff000000) ^ | 1198 | (Td4[(t1 >> 24) ] & 0xff000000) ^ |
1199 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | 1199 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ |
1200 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | 1200 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ |
1201 | (Td4[(t2 ) & 0xff] & 0x000000ff) ^ | 1201 | (Td4[(t2 ) & 0xff] & 0x000000ff) ^ |
1202 | rk[1]; | 1202 | rk[1]; |
1203 | PUTU32(pt + 4, s1); | 1203 | PUTU32(pt + 4, s1); |
1204 | s2 = | 1204 | s2 = |
1205 | (Td4[(t2 >> 24) ] & 0xff000000) ^ | 1205 | (Td4[(t2 >> 24) ] & 0xff000000) ^ |
1206 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | 1206 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ |
1207 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | 1207 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ |
1208 | (Td4[(t3 ) & 0xff] & 0x000000ff) ^ | 1208 | (Td4[(t3 ) & 0xff] & 0x000000ff) ^ |
1209 | rk[2]; | 1209 | rk[2]; |
1210 | PUTU32(pt + 8, s2); | 1210 | PUTU32(pt + 8, s2); |
1211 | s3 = | 1211 | s3 = |
1212 | (Td4[(t3 >> 24) ] & 0xff000000) ^ | 1212 | (Td4[(t3 >> 24) ] & 0xff000000) ^ |
1213 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | 1213 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ |
1214 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | 1214 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ |
1215 | (Td4[(t0 ) & 0xff] & 0x000000ff) ^ | 1215 | (Td4[(t0 ) & 0xff] & 0x000000ff) ^ |
1216 | rk[3]; | 1216 | rk[3]; |
1217 | PUTU32(pt + 12, s3); | 1217 | PUTU32(pt + 12, s3); |
1218 | } | 1218 | } |
1219 | 1219 | ||