libbtc
bitcoinclibrary
Macros | Typedefs | Functions | Variables
aes.c File Reference
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include "aes.h"

Go to the source code of this file.

Macros

#define HAVE_MEMCPY
 
#define HAVE_UINT_32T
 
#define USE_TABLES
 
#define VERSION_1
 
#define WPOLY   0x011b
 
#define BPOLY   0x1b
 
#define DPOLY   0x008d
 
#define f1(x)   (x)
 
#define f2(x)   ((x << 1) ^ (((x >> 7) & 1) * WPOLY))
 
#define f4(x)   ((x << 2) ^ (((x >> 6) & 1) * WPOLY) ^ (((x >> 6) & 2) * WPOLY))
 
#define f8(x)   ((x << 3) ^ (((x >> 5) & 1) * WPOLY) ^ (((x >> 5) & 2) * WPOLY) ^ (((x >> 5) & 4) * WPOLY))
 
#define d2(x)   (((x) >> 1) ^ ((x)&1 ? DPOLY : 0))
 
#define f3(x)   (f2(x) ^ x)
 
#define f9(x)   (f8(x) ^ x)
 
#define fb(x)   (f8(x) ^ f2(x) ^ x)
 
#define fd(x)   (f8(x) ^ f4(x) ^ x)
 
#define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
 
#define sb_data(w)
 
#define isb_data(w)
 
#define mm_data(w)
 
#define s_box(x)   sbox[(x)]
 
#define is_box(x)   isbox[(x)]
 
#define gfm2_sb(x)   gfm2_sbox[(x)]
 
#define gfm3_sb(x)   gfm3_sbox[(x)]
 
#define gfm_9(x)   gfmul_9[(x)]
 
#define gfm_b(x)   gfmul_b[(x)]
 
#define gfm_d(x)   gfmul_d[(x)]
 
#define gfm_e(x)   gfmul_e[(x)]
 
#define block_copy_nn(d, s, l)   memcpy(d, s, l)
 
#define block_copy(d, s)   memcpy(d, s, N_BLOCK)
 

Typedefs

typedef uint32_t uint_32t
 

Functions

static void xor_block (void *d, const void *s)
 
static void copy_and_key (void *d, const void *s, const void *k)
 
static void add_round_key (uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK])
 
static void shift_sub_rows (uint_8t st[N_BLOCK])
 
static void inv_shift_sub_rows (uint_8t st[N_BLOCK])
 
static void mix_sub_columns (uint_8t dt[N_BLOCK])
 
static void inv_mix_sub_columns (uint_8t dt[N_BLOCK])
 
return_type aes_set_key (const unsigned char key[], length_type keylen, aes_context ctx[1])
 
return_type aes_encrypt (const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1])
 
return_type aes_cbc_encrypt (const unsigned char *in, unsigned char *out, int n_block, unsigned char iv[N_BLOCK], const aes_context ctx[1])
 
return_type aes_decrypt (const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1])
 
return_type aes_cbc_decrypt (const unsigned char *in, unsigned char *out, int n_block, unsigned char iv[N_BLOCK], const aes_context ctx[1])
 

Variables

static const uint_8t sbox [256] = sb_data(f1)
 
static const uint_8t isbox [256] = isb_data(f1)
 
static const uint_8t gfm2_sbox [256] = sb_data(f2)
 
static const uint_8t gfm3_sbox [256] = sb_data(f3)
 
static const uint_8t gfmul_9 [256] = mm_data(f9)
 
static const uint_8t gfmul_b [256] = mm_data(fb)
 
static const uint_8t gfmul_d [256] = mm_data(fd)
 
static const uint_8t gfmul_e [256] = mm_data(fe)
 

Macro Definition Documentation

#define block_copy (   d,
 
)    memcpy(d, s, N_BLOCK)

Definition at line 220 of file aes.c.

Referenced by copy_and_key(), inv_mix_sub_columns(), and mix_sub_columns().

#define block_copy_nn (   d,
  s,
 
)    memcpy(d, s, l)

Definition at line 219 of file aes.c.

Referenced by aes_set_key().

#define BPOLY   0x1b

Definition at line 81 of file aes.c.

#define d2 (   x)    (((x) >> 1) ^ ((x)&1 ? DPOLY : 0))

Definition at line 88 of file aes.c.

#define DPOLY   0x008d

Definition at line 82 of file aes.c.

#define f1 (   x)    (x)

Definition at line 84 of file aes.c.

#define f2 (   x)    ((x << 1) ^ (((x >> 7) & 1) * WPOLY))

Definition at line 85 of file aes.c.

Referenced by aes_set_key().

#define f3 (   x)    (f2(x) ^ x)

Definition at line 90 of file aes.c.

#define f4 (   x)    ((x << 2) ^ (((x >> 6) & 1) * WPOLY) ^ (((x >> 6) & 2) * WPOLY))

Definition at line 86 of file aes.c.

#define f8 (   x)    ((x << 3) ^ (((x >> 5) & 1) * WPOLY) ^ (((x >> 5) & 2) * WPOLY) ^ (((x >> 5) & 4) * WPOLY))

Definition at line 87 of file aes.c.

#define f9 (   x)    (f8(x) ^ x)

Definition at line 91 of file aes.c.

#define fb (   x)    (f8(x) ^ f2(x) ^ x)

Definition at line 92 of file aes.c.

#define fd (   x)    (f8(x) ^ f4(x) ^ x)

Definition at line 93 of file aes.c.

#define fe (   x)    (f8(x) ^ f4(x) ^ f2(x))

Definition at line 94 of file aes.c.

#define gfm2_sb (   x)    gfm2_sbox[(x)]

Definition at line 126 of file aes.c.

Referenced by mix_sub_columns().

#define gfm3_sb (   x)    gfm3_sbox[(x)]

Definition at line 127 of file aes.c.

Referenced by mix_sub_columns().

#define gfm_9 (   x)    gfmul_9[(x)]

Definition at line 128 of file aes.c.

Referenced by inv_mix_sub_columns().

#define gfm_b (   x)    gfmul_b[(x)]

Definition at line 129 of file aes.c.

Referenced by inv_mix_sub_columns().

#define gfm_d (   x)    gfmul_d[(x)]

Definition at line 130 of file aes.c.

Referenced by inv_mix_sub_columns().

#define gfm_e (   x)    gfmul_e[(x)]

Definition at line 131 of file aes.c.

Referenced by inv_mix_sub_columns().

#define HAVE_MEMCPY

Definition at line 42 of file aes.c.

#define HAVE_UINT_32T

Definition at line 56 of file aes.c.

#define is_box (   x)    isbox[(x)]

Definition at line 125 of file aes.c.

Referenced by inv_mix_sub_columns(), and inv_shift_sub_rows().

#define isb_data (   w)
Value:
{/* inverse S Box data values */ \
w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38), w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb), w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87), w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb), w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d), w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e), w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2), w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25), w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16), w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92), w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda), w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84), w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a), w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06), w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02), w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b), w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea), w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73), w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85), w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e), w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89), w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b), w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20), w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4), w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31), w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f), w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d), w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef), w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0), w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61), w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26), w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) \
}

Definition at line 103 of file aes.c.

#define mm_data (   w)
Value:
{/* basic data for forming finite field tables */ \
w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07), w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f), w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17), w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f), w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27), w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f), w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37), w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f), w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47), w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f), w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57), w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f), w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67), w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f), w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77), w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f), w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87), w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f), w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97), w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f), w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7), w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf), w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7), w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf), w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7), w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf), w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7), w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf), w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7), w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef), w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7), w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) \
}

Definition at line 108 of file aes.c.

#define s_box (   x)    sbox[(x)]

Definition at line 124 of file aes.c.

Referenced by aes_set_key(), mix_sub_columns(), and shift_sub_rows().

#define sb_data (   w)
Value:
{/* S Box data values */ \
w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5), w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76), w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0), w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0), w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc), w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15), w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a), w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75), w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0), w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84), w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b), w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf), w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85), w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8), w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5), w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2), w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17), w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73), w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88), w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb), w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c), w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79), w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9), w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08), w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6), w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a), w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e), w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e), w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94), w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf), w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68), w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) \
}

Definition at line 98 of file aes.c.

#define USE_TABLES

Definition at line 61 of file aes.c.

#define VERSION_1

Definition at line 68 of file aes.c.

Referenced by aes_encrypt().

#define WPOLY   0x011b

Definition at line 80 of file aes.c.

Typedef Documentation

typedef uint32_t uint_32t

Definition at line 75 of file aes.c.

Function Documentation

static void add_round_key ( uint_8t  d[N_BLOCK],
const uint_8t  k[N_BLOCK] 
)
static

Definition at line 322 of file aes.c.

References xor_block().

Referenced by aes_decrypt(), and aes_encrypt().

323 {
324  xor_block(d, k);
325 }
xor_block
static void xor_block(void *d, const void *s)
Definition: aes.c:265
return_type aes_cbc_decrypt ( const unsigned char *  in,
unsigned char *  out,
int  n_block,
unsigned char  iv[N_BLOCK],
const aes_context  ctx[1] 
)

Definition at line 586 of file aes.c.

References aes_decrypt(), N_BLOCK, and xor_block().

587 {
588  while (n_block--) {
589  uint_8t tmp[N_BLOCK];
590 
591  memcpy(tmp, in, N_BLOCK);
592  if (aes_decrypt(in, out, ctx) != EXIT_SUCCESS) {
593  return EXIT_FAILURE;
594  }
595  xor_block(out, iv);
596  memcpy(iv, tmp, N_BLOCK);
597  in += N_BLOCK;
598  out += N_BLOCK;
599  }
600  return EXIT_SUCCESS;
601 }
aes_decrypt
return_type aes_decrypt(const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1])
Definition: aes.c:557
uint_8t
unsigned char uint_8t
Definition: aes.h:63
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
xor_block
static void xor_block(void *d, const void *s)
Definition: aes.c:265
return_type aes_cbc_encrypt ( const unsigned char *  in,
unsigned char *  out,
int  n_block,
unsigned char  iv[N_BLOCK],
const aes_context  ctx[1] 
)

Definition at line 537 of file aes.c.

References aes_encrypt(), N_BLOCK, and xor_block().

538 {
539  while (n_block--) {
540  xor_block(iv, in);
541  if (aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS) {
542  return EXIT_FAILURE;
543  }
544  memcpy(out, iv, N_BLOCK);
545  in += N_BLOCK;
546  out += N_BLOCK;
547  }
548  return EXIT_SUCCESS;
549 }
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
xor_block
static void xor_block(void *d, const void *s)
Definition: aes.c:265
aes_encrypt
return_type aes_encrypt(const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1])
Definition: aes.c:508
return_type aes_decrypt ( const unsigned char  in[N_BLOCK],
unsigned char  out[N_BLOCK],
const aes_context  ctx[1] 
)

Definition at line 557 of file aes.c.

References add_round_key(), copy_and_key(), inv_mix_sub_columns(), inv_shift_sub_rows(), aes_context::ksch, N_BLOCK, and aes_context::rnd.

Referenced by aes_cbc_decrypt().

558 {
559  if (ctx->rnd) {
560  uint_8t s1[N_BLOCK], r;
561  copy_and_key(s1, in, ctx->ksch + ctx->rnd * N_BLOCK);
562  inv_shift_sub_rows(s1);
563 
564  for (r = ctx->rnd; --r;)
565 #if defined(VERSION_1)
566  {
567  add_round_key(s1, ctx->ksch + r * N_BLOCK);
568  inv_mix_sub_columns(s1);
569  }
570 #else
571  {
572  uint_8t s2[N_BLOCK];
573  copy_and_key(s2, s1, ctx->ksch + r * N_BLOCK);
574  inv_mix_sub_columns(s1, s2);
575  }
576 #endif
577  copy_and_key(out, s1, ctx->ksch);
578  } else {
579  return -1;
580  }
581  return 0;
582 }
aes_context::rnd
uint_8t rnd
Definition: aes.h:76
uint_8t
unsigned char uint_8t
Definition: aes.h:63
inv_shift_sub_rows
static void inv_shift_sub_rows(uint_8t st[N_BLOCK])
Definition: aes.c:356
copy_and_key
static void copy_and_key(void *d, const void *s, const void *k)
Definition: aes.c:292
inv_mix_sub_columns
static void inv_mix_sub_columns(uint_8t dt[N_BLOCK])
Definition: aes.c:416
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
aes_context::ksch
uint_8t ksch[(N_MAX_ROUNDS+1)*N_BLOCK]
Definition: aes.h:75
add_round_key
static void add_round_key(uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK])
Definition: aes.c:322
return_type aes_encrypt ( const unsigned char  in[N_BLOCK],
unsigned char  out[N_BLOCK],
const aes_context  ctx[1] 
)

Definition at line 508 of file aes.c.

References add_round_key(), copy_and_key(), aes_context::ksch, mix_sub_columns(), N_BLOCK, aes_context::rnd, shift_sub_rows(), and VERSION_1.

Referenced by aes_cbc_encrypt().

509 {
510  if (ctx->rnd) {
511  uint_8t s1[N_BLOCK], r;
512  copy_and_key(s1, in, ctx->ksch);
513 
514  for (r = 1; r < ctx->rnd; ++r)
515 #if defined(VERSION_1)
516  {
517  mix_sub_columns(s1);
518  add_round_key(s1, ctx->ksch + r * N_BLOCK);
519  }
520 #else
521  {
522  uint_8t s2[N_BLOCK];
523  mix_sub_columns(s2, s1);
524  copy_and_key(s1, s2, ctx->ksch + r * N_BLOCK);
525  }
526 #endif
527  shift_sub_rows(s1);
528  copy_and_key(out, s1, ctx->ksch + r * N_BLOCK);
529  } else {
530  return -1;
531  }
532  return 0;
533 }
shift_sub_rows
static void shift_sub_rows(uint_8t st[N_BLOCK])
Definition: aes.c:327
aes_context::rnd
uint_8t rnd
Definition: aes.h:76
mix_sub_columns
static void mix_sub_columns(uint_8t dt[N_BLOCK])
Definition: aes.c:386
VERSION_1
#define VERSION_1
Definition: aes.c:68
uint_8t
unsigned char uint_8t
Definition: aes.h:63
copy_and_key
static void copy_and_key(void *d, const void *s, const void *k)
Definition: aes.c:292
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
aes_context::ksch
uint_8t ksch[(N_MAX_ROUNDS+1)*N_BLOCK]
Definition: aes.h:75
add_round_key
static void add_round_key(uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK])
Definition: aes.c:322
return_type aes_set_key ( const unsigned char  key[],
length_type  keylen,
aes_context  ctx[1] 
)

Definition at line 449 of file aes.c.

References block_copy_nn, f2, aes_context::ksch, aes_context::rnd, and s_box.

450 {
451  uint_8t cc, rc, hi;
452 
453  switch (keylen) {
454  case 16:
455  case 128:
456  keylen = 16;
457  break;
458  case 24:
459  case 192:
460  keylen = 24;
461  break;
462  case 32:
463  //case 256:
464  keylen = 32;
465  break;
466  default:
467  ctx->rnd = 0;
468  return -1;
469  }
470  block_copy_nn(ctx->ksch, key, keylen);
471  hi = (keylen + 28) << 2;
472  ctx->rnd = (hi >> 4) - 1;
473  for (cc = keylen, rc = 1; cc < hi; cc += 4) {
474  uint_8t tt, t0, t1, t2, t3;
475 
476  t0 = ctx->ksch[cc - 4];
477  t1 = ctx->ksch[cc - 3];
478  t2 = ctx->ksch[cc - 2];
479  t3 = ctx->ksch[cc - 1];
480  if (cc % keylen == 0) {
481  tt = t0;
482  t0 = s_box(t1) ^ rc;
483  t1 = s_box(t2);
484  t2 = s_box(t3);
485  t3 = s_box(tt);
486  rc = f2(rc);
487  } else if (keylen > 24 && cc % keylen == 16) {
488  t0 = s_box(t0);
489  t1 = s_box(t1);
490  t2 = s_box(t2);
491  t3 = s_box(t3);
492  }
493  tt = cc - keylen;
494  ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0;
495  ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1;
496  ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2;
497  ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3;
498  }
499  return 0;
500 }
s_box
#define s_box(x)
Definition: aes.c:124
aes_context::rnd
uint_8t rnd
Definition: aes.h:76
block_copy_nn
#define block_copy_nn(d, s, l)
Definition: aes.c:219
f2
#define f2(x)
Definition: aes.c:85
uint_8t
unsigned char uint_8t
Definition: aes.h:63
aes_context::ksch
uint_8t ksch[(N_MAX_ROUNDS+1)*N_BLOCK]
Definition: aes.h:75
static void copy_and_key ( void *  d,
const void *  s,
const void *  k 
)
static

Definition at line 292 of file aes.c.

References block_copy, and xor_block().

Referenced by aes_decrypt(), and aes_encrypt().

293 {
294 #if defined(HAVE_UINT_32T)
295  ((uint_32t*)d)[0] = ((const uint_32t*)s)[0] ^ ((const uint_32t*)k)[0];
296  ((uint_32t*)d)[1] = ((const uint_32t*)s)[1] ^ ((const uint_32t*)k)[1];
297  ((uint_32t*)d)[2] = ((const uint_32t*)s)[2] ^ ((const uint_32t*)k)[2];
298  ((uint_32t*)d)[3] = ((const uint_32t*)s)[3] ^ ((const uint_32t*)k)[3];
299 #elif 1
300  ((uint_8t*)d)[0] = ((uint_8t*)s)[0] ^ ((uint_8t*)k)[0];
301  ((uint_8t*)d)[1] = ((uint_8t*)s)[1] ^ ((uint_8t*)k)[1];
302  ((uint_8t*)d)[2] = ((uint_8t*)s)[2] ^ ((uint_8t*)k)[2];
303  ((uint_8t*)d)[3] = ((uint_8t*)s)[3] ^ ((uint_8t*)k)[3];
304  ((uint_8t*)d)[4] = ((uint_8t*)s)[4] ^ ((uint_8t*)k)[4];
305  ((uint_8t*)d)[5] = ((uint_8t*)s)[5] ^ ((uint_8t*)k)[5];
306  ((uint_8t*)d)[6] = ((uint_8t*)s)[6] ^ ((uint_8t*)k)[6];
307  ((uint_8t*)d)[7] = ((uint_8t*)s)[7] ^ ((uint_8t*)k)[7];
308  ((uint_8t*)d)[8] = ((uint_8t*)s)[8] ^ ((uint_8t*)k)[8];
309  ((uint_8t*)d)[9] = ((uint_8t*)s)[9] ^ ((uint_8t*)k)[9];
310  ((uint_8t*)d)[10] = ((uint_8t*)s)[10] ^ ((uint_8t*)k)[10];
311  ((uint_8t*)d)[11] = ((uint_8t*)s)[11] ^ ((uint_8t*)k)[11];
312  ((uint_8t*)d)[12] = ((uint_8t*)s)[12] ^ ((uint_8t*)k)[12];
313  ((uint_8t*)d)[13] = ((uint_8t*)s)[13] ^ ((uint_8t*)k)[13];
314  ((uint_8t*)d)[14] = ((uint_8t*)s)[14] ^ ((uint_8t*)k)[14];
315  ((uint_8t*)d)[15] = ((uint_8t*)s)[15] ^ ((uint_8t*)k)[15];
316 #else
317  block_copy(d, s);
318  xor_block(d, k);
319 #endif
320 }
block_copy
#define block_copy(d, s)
Definition: aes.c:220
uint_32t
uint32_t uint_32t
Definition: aes.c:75
uint_8t
unsigned char uint_8t
Definition: aes.h:63
xor_block
static void xor_block(void *d, const void *s)
Definition: aes.c:265
static void inv_mix_sub_columns ( uint_8t  dt[N_BLOCK])
static

Definition at line 416 of file aes.c.

References block_copy, gfm_9, gfm_b, gfm_d, gfm_e, is_box, and N_BLOCK.

Referenced by aes_decrypt().

417 {
418  uint_8t st[N_BLOCK];
419  block_copy(st, dt);
420 #else
421 static void inv_mix_sub_columns(uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK])
422 {
423 #endif
424  dt[0] = is_box(gfm_e(st[0]) ^ gfm_b(st[1]) ^ gfm_d(st[2]) ^ gfm_9(st[3]));
425  dt[5] = is_box(gfm_9(st[0]) ^ gfm_e(st[1]) ^ gfm_b(st[2]) ^ gfm_d(st[3]));
426  dt[10] = is_box(gfm_d(st[0]) ^ gfm_9(st[1]) ^ gfm_e(st[2]) ^ gfm_b(st[3]));
427  dt[15] = is_box(gfm_b(st[0]) ^ gfm_d(st[1]) ^ gfm_9(st[2]) ^ gfm_e(st[3]));
428 
429  dt[4] = is_box(gfm_e(st[4]) ^ gfm_b(st[5]) ^ gfm_d(st[6]) ^ gfm_9(st[7]));
430  dt[9] = is_box(gfm_9(st[4]) ^ gfm_e(st[5]) ^ gfm_b(st[6]) ^ gfm_d(st[7]));
431  dt[14] = is_box(gfm_d(st[4]) ^ gfm_9(st[5]) ^ gfm_e(st[6]) ^ gfm_b(st[7]));
432  dt[3] = is_box(gfm_b(st[4]) ^ gfm_d(st[5]) ^ gfm_9(st[6]) ^ gfm_e(st[7]));
433 
434  dt[8] = is_box(gfm_e(st[8]) ^ gfm_b(st[9]) ^ gfm_d(st[10]) ^ gfm_9(st[11]));
435  dt[13] = is_box(gfm_9(st[8]) ^ gfm_e(st[9]) ^ gfm_b(st[10]) ^ gfm_d(st[11]));
436  dt[2] = is_box(gfm_d(st[8]) ^ gfm_9(st[9]) ^ gfm_e(st[10]) ^ gfm_b(st[11]));
437  dt[7] = is_box(gfm_b(st[8]) ^ gfm_d(st[9]) ^ gfm_9(st[10]) ^ gfm_e(st[11]));
438 
439  dt[12] = is_box(gfm_e(st[12]) ^ gfm_b(st[13]) ^ gfm_d(st[14]) ^ gfm_9(st[15]));
440  dt[1] = is_box(gfm_9(st[12]) ^ gfm_e(st[13]) ^ gfm_b(st[14]) ^ gfm_d(st[15]));
441  dt[6] = is_box(gfm_d(st[12]) ^ gfm_9(st[13]) ^ gfm_e(st[14]) ^ gfm_b(st[15]));
442  dt[11] = is_box(gfm_b(st[12]) ^ gfm_d(st[13]) ^ gfm_9(st[14]) ^ gfm_e(st[15]));
443 }
block_copy
#define block_copy(d, s)
Definition: aes.c:220
gfm_9
#define gfm_9(x)
Definition: aes.c:128
gfm_d
#define gfm_d(x)
Definition: aes.c:130
is_box
#define is_box(x)
Definition: aes.c:125
gfm_e
#define gfm_e(x)
Definition: aes.c:131
uint_8t
unsigned char uint_8t
Definition: aes.h:63
inv_mix_sub_columns
static void inv_mix_sub_columns(uint_8t dt[N_BLOCK])
Definition: aes.c:416
gfm_b
#define gfm_b(x)
Definition: aes.c:129
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
static void inv_shift_sub_rows ( uint_8t  st[N_BLOCK])
static

Definition at line 356 of file aes.c.

References is_box.

Referenced by aes_decrypt().

357 {
358  uint_8t tt;
359 
360  st[0] = is_box(st[0]);
361  st[4] = is_box(st[4]);
362  st[8] = is_box(st[8]);
363  st[12] = is_box(st[12]);
364 
365  tt = st[13];
366  st[13] = is_box(st[9]);
367  st[9] = is_box(st[5]);
368  st[5] = is_box(st[1]);
369  st[1] = is_box(tt);
370 
371  tt = st[2];
372  st[2] = is_box(st[10]);
373  st[10] = is_box(tt);
374  tt = st[6];
375  st[6] = is_box(st[14]);
376  st[14] = is_box(tt);
377 
378  tt = st[3];
379  st[3] = is_box(st[7]);
380  st[7] = is_box(st[11]);
381  st[11] = is_box(st[15]);
382  st[15] = is_box(tt);
383 }
is_box
#define is_box(x)
Definition: aes.c:125
uint_8t
unsigned char uint_8t
Definition: aes.h:63
static void mix_sub_columns ( uint_8t  dt[N_BLOCK])
static

Definition at line 386 of file aes.c.

References block_copy, gfm2_sb, gfm3_sb, N_BLOCK, and s_box.

Referenced by aes_encrypt().

387 {
388  uint_8t st[N_BLOCK];
389  block_copy(st, dt);
390 #else
391 static void mix_sub_columns(uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK])
392 {
393 #endif
394  dt[0] = gfm2_sb(st[0]) ^ gfm3_sb(st[5]) ^ s_box(st[10]) ^ s_box(st[15]);
395  dt[1] = s_box(st[0]) ^ gfm2_sb(st[5]) ^ gfm3_sb(st[10]) ^ s_box(st[15]);
396  dt[2] = s_box(st[0]) ^ s_box(st[5]) ^ gfm2_sb(st[10]) ^ gfm3_sb(st[15]);
397  dt[3] = gfm3_sb(st[0]) ^ s_box(st[5]) ^ s_box(st[10]) ^ gfm2_sb(st[15]);
398 
399  dt[4] = gfm2_sb(st[4]) ^ gfm3_sb(st[9]) ^ s_box(st[14]) ^ s_box(st[3]);
400  dt[5] = s_box(st[4]) ^ gfm2_sb(st[9]) ^ gfm3_sb(st[14]) ^ s_box(st[3]);
401  dt[6] = s_box(st[4]) ^ s_box(st[9]) ^ gfm2_sb(st[14]) ^ gfm3_sb(st[3]);
402  dt[7] = gfm3_sb(st[4]) ^ s_box(st[9]) ^ s_box(st[14]) ^ gfm2_sb(st[3]);
403 
404  dt[8] = gfm2_sb(st[8]) ^ gfm3_sb(st[13]) ^ s_box(st[2]) ^ s_box(st[7]);
405  dt[9] = s_box(st[8]) ^ gfm2_sb(st[13]) ^ gfm3_sb(st[2]) ^ s_box(st[7]);
406  dt[10] = s_box(st[8]) ^ s_box(st[13]) ^ gfm2_sb(st[2]) ^ gfm3_sb(st[7]);
407  dt[11] = gfm3_sb(st[8]) ^ s_box(st[13]) ^ s_box(st[2]) ^ gfm2_sb(st[7]);
408 
409  dt[12] = gfm2_sb(st[12]) ^ gfm3_sb(st[1]) ^ s_box(st[6]) ^ s_box(st[11]);
410  dt[13] = s_box(st[12]) ^ gfm2_sb(st[1]) ^ gfm3_sb(st[6]) ^ s_box(st[11]);
411  dt[14] = s_box(st[12]) ^ s_box(st[1]) ^ gfm2_sb(st[6]) ^ gfm3_sb(st[11]);
412  dt[15] = gfm3_sb(st[12]) ^ s_box(st[1]) ^ s_box(st[6]) ^ gfm2_sb(st[11]);
413 }
block_copy
#define block_copy(d, s)
Definition: aes.c:220
s_box
#define s_box(x)
Definition: aes.c:124
mix_sub_columns
static void mix_sub_columns(uint_8t dt[N_BLOCK])
Definition: aes.c:386
uint_8t
unsigned char uint_8t
Definition: aes.h:63
N_BLOCK
#define N_BLOCK
Definition: aes.h:60
gfm2_sb
#define gfm2_sb(x)
Definition: aes.c:126
gfm3_sb
#define gfm3_sb(x)
Definition: aes.c:127
static void shift_sub_rows ( uint_8t  st[N_BLOCK])
static

Definition at line 327 of file aes.c.

References s_box.

Referenced by aes_encrypt().

328 {
329  uint_8t tt;
330 
331  st[0] = s_box(st[0]);
332  st[4] = s_box(st[4]);
333  st[8] = s_box(st[8]);
334  st[12] = s_box(st[12]);
335 
336  tt = st[1];
337  st[1] = s_box(st[5]);
338  st[5] = s_box(st[9]);
339  st[9] = s_box(st[13]);
340  st[13] = s_box(tt);
341 
342  tt = st[2];
343  st[2] = s_box(st[10]);
344  st[10] = s_box(tt);
345  tt = st[6];
346  st[6] = s_box(st[14]);
347  st[14] = s_box(tt);
348 
349  tt = st[15];
350  st[15] = s_box(st[11]);
351  st[11] = s_box(st[7]);
352  st[7] = s_box(st[3]);
353  st[3] = s_box(tt);
354 }
s_box
#define s_box(x)
Definition: aes.c:124
uint_8t
unsigned char uint_8t
Definition: aes.h:63
static void xor_block ( void *  d,
const void *  s 
)
static

Definition at line 265 of file aes.c.

Referenced by add_round_key(), aes_cbc_decrypt(), aes_cbc_encrypt(), and copy_and_key().

266 {
267 #if defined(HAVE_UINT_32T)
268  ((uint_32t*)d)[0] ^= ((const uint_32t*)s)[0];
269  ((uint_32t*)d)[1] ^= ((const uint_32t*)s)[1];
270  ((uint_32t*)d)[2] ^= ((const uint_32t*)s)[2];
271  ((uint_32t*)d)[3] ^= ((const uint_32t*)s)[3];
272 #else
273  ((uint_8t*)d)[0] ^= ((uint_8t*)s)[0];
274  ((uint_8t*)d)[1] ^= ((uint_8t*)s)[1];
275  ((uint_8t*)d)[2] ^= ((uint_8t*)s)[2];
276  ((uint_8t*)d)[3] ^= ((uint_8t*)s)[3];
277  ((uint_8t*)d)[4] ^= ((uint_8t*)s)[4];
278  ((uint_8t*)d)[5] ^= ((uint_8t*)s)[5];
279  ((uint_8t*)d)[6] ^= ((uint_8t*)s)[6];
280  ((uint_8t*)d)[7] ^= ((uint_8t*)s)[7];
281  ((uint_8t*)d)[8] ^= ((uint_8t*)s)[8];
282  ((uint_8t*)d)[9] ^= ((uint_8t*)s)[9];
283  ((uint_8t*)d)[10] ^= ((uint_8t*)s)[10];
284  ((uint_8t*)d)[11] ^= ((uint_8t*)s)[11];
285  ((uint_8t*)d)[12] ^= ((uint_8t*)s)[12];
286  ((uint_8t*)d)[13] ^= ((uint_8t*)s)[13];
287  ((uint_8t*)d)[14] ^= ((uint_8t*)s)[14];
288  ((uint_8t*)d)[15] ^= ((uint_8t*)s)[15];
289 #endif
290 }
uint_32t
uint32_t uint_32t
Definition: aes.c:75
uint_8t
unsigned char uint_8t
Definition: aes.h:63

Variable Documentation

const uint_8t gfm2_sbox[256] = sb_data(f2)
static

Definition at line 116 of file aes.c.

const uint_8t gfm3_sbox[256] = sb_data(f3)
static

Definition at line 117 of file aes.c.

const uint_8t gfmul_9[256] = mm_data(f9)
static

Definition at line 119 of file aes.c.

const uint_8t gfmul_b[256] = mm_data(fb)
static

Definition at line 120 of file aes.c.

const uint_8t gfmul_d[256] = mm_data(fd)
static

Definition at line 121 of file aes.c.

const uint_8t gfmul_e[256] = mm_data(fe)
static

Definition at line 122 of file aes.c.

const uint_8t isbox[256] = isb_data(f1)
static

Definition at line 114 of file aes.c.

const uint_8t sbox[256] = sb_data(f1)
static

Definition at line 113 of file aes.c.

Generated on Tue Oct 27 2015 18:34:53 for libbtc by   doxygen 1.8.10