1
/**************************************************************************
3
* Copyright (C) 2007 by Tarek Saidi <tarek.saidi@arcor.de> *
4
* Copyright (c) 2003 Dr Brian Gladman, Worcester, UK *
6
* This program is free software; you can redistribute it and/or modify *
7
* it under the terms of the GNU General Public License as published by *
8
* the Free Software Foundation; version 2 of the License. *
10
* This program is distributed in the hope that it will be useful, *
11
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
12
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13
* GNU General Public License for more details. *
15
* You should have received a copy of the GNU General Public License *
16
* along with this program; if not, write to the *
17
* Free Software Foundation, Inc., *
18
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19
***************************************************************************/
2
---------------------------------------------------------------------------
3
Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved.
7
The redistribution and use of this software (with or without changes)
8
is allowed without the payment of fees or royalties provided that:
10
1. source code distributions include the above copyright notice, this
11
list of conditions and the following disclaimer;
13
2. binary distributions include the above copyright notice, this list
14
of conditions and the following disclaimer in their documentation;
16
3. the name of the copyright holder is not used to endorse products
17
built using this software without specific written permission.
21
This software is provided 'as is' with no explicit or implied warranties
22
in respect of its properties, including, but not limited to, correctness
23
and/or fitness for purpose.
24
---------------------------------------------------------------------------
25
Issue Date: 20/12/2007
21
28
#include "aesopt.h"
22
29
#include "aestab.h"
24
31
#ifdef USE_VIA_ACE_IF_PRESENT
32
# include "aes_via_ace.h"
28
35
#if defined(__cplusplus)
48
55
cx->n_col = 8 29 23 19 17 14
58
#if defined( REDUCE_CODE_SIZE )
59
# define ls_box ls_sub
60
uint_32t ls_sub(const uint_32t t, const uint_32t n);
61
# define inv_mcol im_sub
62
uint_32t im_sub(const uint_32t x);
51
71
#if (FUNCS_IN_C & ENC_KEYING_IN_C)
53
#if defined(AES_128) || defined(AES_VAR)
73
#if defined(AES_128) || defined( AES_VAR )
56
76
{ k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \
59
79
k[4*(i)+7] = ss[3] ^= ss[2]; \
62
aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
82
AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
65
85
cx->ks[0] = ss[0] = word_in(key, 0);
67
87
cx->ks[2] = ss[2] = word_in(key, 2);
68
88
cx->ks[3] = ss[3] = word_in(key, 3);
70
#if ENC_UNROLL == NONE
72
for(i = 0; i < 9; ++i)
76
91
ke4(cx->ks, 0); ke4(cx->ks, 1);
77
92
ke4(cx->ks, 2); ke4(cx->ks, 3);
78
93
ke4(cx->ks, 4); ke4(cx->ks, 5);
79
94
ke4(cx->ks, 6); ke4(cx->ks, 7);
98
for(i = 0; i < 9; ++i)
87
107
if(VIA_ACE_AVAILABLE)
88
108
cx->inf.b[1] = 0xff;
91
#if defined( AES_ERR_CHK )
92
110
return EXIT_SUCCESS;
98
#if defined(AES_192) || defined(AES_VAR)
115
#if defined(AES_192) || defined( AES_VAR )
100
117
#define kef6(k,i) \
101
118
{ k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \
110
127
k[6*(i)+11] = ss[5] ^= ss[4]; \
113
aes_rval aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
130
AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
114
131
{ uint_32t ss[6];
116
133
cx->ks[0] = ss[0] = word_in(key, 0);
120
137
cx->ks[4] = ss[4] = word_in(key, 4);
121
138
cx->ks[5] = ss[5] = word_in(key, 5);
123
#if ENC_UNROLL == NONE
125
for(i = 0; i < 7; ++i)
129
141
ke6(cx->ks, 0); ke6(cx->ks, 1);
130
142
ke6(cx->ks, 2); ke6(cx->ks, 3);
131
143
ke6(cx->ks, 4); ke6(cx->ks, 5);
147
for(i = 0; i < 7; ++i)
139
156
if(VIA_ACE_AVAILABLE)
140
157
cx->inf.b[1] = 0xff;
143
#if defined( AES_ERR_CHK )
144
159
return EXIT_SUCCESS;
150
#if defined(AES_256) || defined(AES_VAR)
164
#if defined(AES_256) || defined( AES_VAR )
152
166
#define kef8(k,i) \
153
167
{ k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \
164
178
k[8*(i)+15] = ss[7] ^= ss[6]; \
167
aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
181
AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
168
182
{ uint_32t ss[8];
170
184
cx->ks[0] = ss[0] = word_in(key, 0);
176
190
cx->ks[6] = ss[6] = word_in(key, 6);
177
191
cx->ks[7] = ss[7] = word_in(key, 7);
179
#if ENC_UNROLL == NONE
181
for(i = 0; i < 6; ++i)
185
194
ke8(cx->ks, 0); ke8(cx->ks, 1);
186
195
ke8(cx->ks, 2); ke8(cx->ks, 3);
187
196
ke8(cx->ks, 4); ke8(cx->ks, 5);
199
for(i = 0; i < 6; ++i)
194
208
if(VIA_ACE_AVAILABLE)
195
209
cx->inf.b[1] = 0xff;
198
#if defined( AES_ERR_CHK )
199
211
return EXIT_SUCCESS;
216
#if defined( AES_VAR )
207
aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
218
AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
211
#if defined( AES_ERR_CHK )
212
222
case 16: case 128: return aes_encrypt_key128(key, cx);
213
223
case 24: case 192: return aes_encrypt_key192(key, cx);
214
224
case 32: case 256: return aes_encrypt_key256(key, cx);
215
225
default: return EXIT_FAILURE;
217
case 16: case 128: aes_encrypt_key128(key, cx); return;
218
case 24: case 192: aes_encrypt_key192(key, cx); return;
219
case 32: case 256: aes_encrypt_key256(key, cx); return;
321
326
cx->ks[v(40,(2))] = ss[2] = word_in(key, 2);
322
327
cx->ks[v(40,(3))] = ss[3] = word_in(key, 3);
324
#if DEC_UNROLL == NONE
330
kdf4(cx->ks, 0); kd4(cx->ks, 1);
331
kd4(cx->ks, 2); kd4(cx->ks, 3);
332
kd4(cx->ks, 4); kd4(cx->ks, 5);
333
kd4(cx->ks, 6); kd4(cx->ks, 7);
334
kd4(cx->ks, 8); kdl4(cx->ks, 9);
326
337
for(i = 0; i < 10; ++i)
330
341
cx->ks[i] = inv_mcol(cx->ks[i]);
334
kdf4(cx->ks, 0); kd4(cx->ks, 1);
335
kd4(cx->ks, 2); kd4(cx->ks, 3);
336
kd4(cx->ks, 4); kd4(cx->ks, 5);
337
kd4(cx->ks, 6); kd4(cx->ks, 7);
338
kd4(cx->ks, 8); kdl4(cx->ks, 9);
341
346
cx->inf.b[0] = 10 * 16;
344
349
if(VIA_ACE_AVAILABLE)
345
350
cx->inf.b[1] = 0xff;
348
#if defined( AES_ERR_CHK )
349
352
return EXIT_SUCCESS;
355
#if defined(AES_192) || defined(AES_VAR)
357
#if defined(AES_192) || defined( AES_VAR )
357
359
#define k6ef(k,i) \
358
360
{ k[v(48,(6*(i))+ 6)] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \
403
405
cx->ks[v(48,(2))] = ss[2] = word_in(key, 2);
404
406
cx->ks[v(48,(3))] = ss[3] = word_in(key, 3);
406
#if DEC_UNROLL == NONE
409
cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4));
410
cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5));
411
kdf6(cx->ks, 0); kd6(cx->ks, 1);
412
kd6(cx->ks, 2); kd6(cx->ks, 3);
413
kd6(cx->ks, 4); kd6(cx->ks, 5);
414
kd6(cx->ks, 6); kdl6(cx->ks, 7);
407
416
cx->ks[v(48,(4))] = ss[4] = word_in(key, 4);
408
417
cx->ks[v(48,(5))] = ss[5] = word_in(key, 5);
416
425
cx->ks[i] = inv_mcol(cx->ks[i]);
420
cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4));
421
cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5));
422
kdf6(cx->ks, 0); kd6(cx->ks, 1);
423
kd6(cx->ks, 2); kd6(cx->ks, 3);
424
kd6(cx->ks, 4); kd6(cx->ks, 5);
425
kd6(cx->ks, 6); kdl6(cx->ks, 7);
428
430
cx->inf.b[0] = 12 * 16;
431
433
if(VIA_ACE_AVAILABLE)
432
434
cx->inf.b[1] = 0xff;
435
#if defined( AES_ERR_CHK )
436
436
return EXIT_SUCCESS;
442
#if defined(AES_256) || defined(AES_VAR)
441
#if defined(AES_256) || defined( AES_VAR )
444
443
#define k8ef(k,i) \
445
444
{ k[v(56,(8*(i))+ 8)] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \
497
496
cx->ks[v(56,(2))] = ss[2] = word_in(key, 2);
498
497
cx->ks[v(56,(3))] = ss[3] = word_in(key, 3);
500
#if DEC_UNROLL == NONE
501
cx->ks[v(56,(4))] = ss[4] = word_in(key, 4);
502
cx->ks[v(56,(5))] = ss[5] = word_in(key, 5);
503
cx->ks[v(56,(6))] = ss[6] = word_in(key, 6);
504
cx->ks[v(56,(7))] = ss[7] = word_in(key, 7);
507
for(i = 0; i < 6; ++i)
510
#if !(DEC_ROUND == NO_TABLES)
511
for(i = N_COLS; i < 14 * N_COLS; ++i)
512
cx->ks[i] = inv_mcol(cx->ks[i]);
517
500
cx->ks[v(56,(4))] = ff(ss[4] = word_in(key, 4));
518
501
cx->ks[v(56,(5))] = ff(ss[5] = word_in(key, 5));
519
502
cx->ks[v(56,(6))] = ff(ss[6] = word_in(key, 6));
522
505
kd8(cx->ks, 2); kd8(cx->ks, 3);
523
506
kd8(cx->ks, 4); kd8(cx->ks, 5);
509
cx->ks[v(56,(4))] = ss[4] = word_in(key, 4);
510
cx->ks[v(56,(5))] = ss[5] = word_in(key, 5);
511
cx->ks[v(56,(6))] = ss[6] = word_in(key, 6);
512
cx->ks[v(56,(7))] = ss[7] = word_in(key, 7);
515
for(i = 0; i < 6; ++i)
518
#if !(DEC_ROUND == NO_TABLES)
519
for(i = N_COLS; i < 14 * N_COLS; ++i)
520
cx->ks[i] = inv_mcol(cx->ks[i]);
527
525
cx->inf.b[0] = 14 * 16;
530
528
if(VIA_ACE_AVAILABLE)
531
529
cx->inf.b[1] = 0xff;
534
#if defined( AES_ERR_CHK )
535
531
return EXIT_SUCCESS;
536
#if defined( AES_VAR )
543
aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
538
AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
547
#if defined( AES_ERR_CHK )
548
542
case 16: case 128: return aes_decrypt_key128(key, cx);
549
543
case 24: case 192: return aes_decrypt_key192(key, cx);
550
544
case 32: case 256: return aes_decrypt_key256(key, cx);
551
545
default: return EXIT_FAILURE;
553
case 16: case 128: aes_decrypt_key128(key, cx); return;
554
case 24: case 192: aes_decrypt_key192(key, cx); return;
555
case 32: case 256: aes_decrypt_key256(key, cx); return;