diff options
Diffstat (limited to 'src/lib/crypto/builtin/aes/aeskeypp.c')
-rw-r--r-- | src/lib/crypto/builtin/aes/aeskeypp.c | 400 |
1 files changed, 0 insertions, 400 deletions
diff --git a/src/lib/crypto/builtin/aes/aeskeypp.c b/src/lib/crypto/builtin/aes/aeskeypp.c deleted file mode 100644 index cd9c5a7..0000000 --- a/src/lib/crypto/builtin/aes/aeskeypp.c +++ /dev/null @@ -1,400 +0,0 @@ -/* - * Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK. - * All rights reserved. - * - * LICENSE TERMS - * - * The free distribution and use of this software in both source and binary - * form is allowed (with or without changes) provided that: - * - * 1. distributions of this source code include the above copyright - * notice, this list of conditions and the following disclaimer; - * - * 2. distributions in binary form include the above copyright - * notice, this list of conditions and the following disclaimer - * in the documentation and/or other associated materials; - * - * 3. the copyright holder's name is not used to endorse products - * built using this software without specific written permission. - * - * DISCLAIMER - * - * This software is provided 'as is' with no explcit or implied warranties - * in respect of any properties, including, but not limited to, correctness - * and fitness for purpose. - */ - -/* - * Issue Date: 21/01/2002 - * - * This file contains the code for implementing the key schedule for AES - * (Rijndael) for block and key sizes of 16, 20, 24, 28 and 32 bytes. - */ - -#include "aesopt.h" - -/* Subroutine to set the block size (if variable) in bytes, legal - values being 16, 24 and 32. -*/ - -#if !defined(BLOCK_SIZE) && defined(SET_BLOCK_LENGTH) - -/* Subroutine to set the block size (if variable) in bytes, legal - values being 16, 24 and 32. -*/ - -aes_rval aes_blk_len(unsigned int blen, aes_ctx cx[1]) -{ -#if !defined(FIXED_TABLES) - if(!tab_init) gen_tabs(); -#endif - - if((blen & 3) || blen < 16 || blen > 32) - { - cx->n_blk = 0; return aes_bad; - } - - cx->n_blk = blen; - return aes_good; -} - -#endif - -/* Initialise the key schedule from the user supplied key. The key - length is now specified in bytes - 16, 24 or 32 as appropriate. - This corresponds to bit lengths of 128, 192 and 256 bits, and - to Nk values of 4, 6 and 8 respectively. - - The following macros implement a single cycle in the key - schedule generation process. The number of cycles needed - for each cx->n_blk and nk value is: - - nk = 4 5 6 7 8 - ------------------------------ - cx->n_blk = 4 10 9 8 7 7 - cx->n_blk = 5 14 11 10 9 9 - cx->n_blk = 6 19 15 12 11 11 - cx->n_blk = 7 21 19 16 13 14 - cx->n_blk = 8 29 23 19 17 14 -*/ - -/* Initialise the key schedule from the user supplied key. The key - length is now specified in bytes - 16, 20, 24, 28 or 32 as - appropriate. This corresponds to bit lengths of 128, 160, 192, - 224 and 256 bits, and to Nk values of 4, 5, 6, 7 & 8 respectively. - */ - -#define mx(t,f) (*t++ = inv_mcol(*f),f++) -#define cp(t,f) *t++ = *f++ - -#if BLOCK_SIZE == 16 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s) -#elif BLOCK_SIZE == 20 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s) -#elif BLOCK_SIZE == 24 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s) -#elif BLOCK_SIZE == 28 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s); mx(d,s) -#elif BLOCK_SIZE == 32 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s); cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s); mx(d,s); mx(d,s) -#else - -#define cpy(d,s) \ -switch(nc) \ -{ case 8: cp(d,s); \ - case 7: cp(d,s); \ - case 6: cp(d,s); \ - case 5: cp(d,s); \ - case 4: cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s); \ -} - -#define mix(d,s) \ -switch(nc) \ -{ case 8: mx(d,s); \ - case 7: mx(d,s); \ - case 6: mx(d,s); \ - case 5: mx(d,s); \ - case 4: mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s); \ -} - -#endif - -/* The following macros implement a single cycle in the key - schedule generation process. The number of cycles needed - for each cx->n_blk and nk value is: - - nk = 4 5 6 7 8 - ----------------------- - cx->n_blk = 4 10 9 8 7 7 - cx->n_blk = 5 14 11 10 9 9 - cx->n_blk = 6 19 15 12 11 11 - cx->n_blk = 7 21 19 16 13 14 - cx->n_blk = 8 29 23 19 17 14 -*/ - -#define ks4(i) \ -{ p ^= ls_box(s,3) ^ rcon_tab[i]; q ^= p; r ^= q; s ^= r; \ - cx->k_sch[4*(i)+4] = p; \ - cx->k_sch[4*(i)+5] = q; \ - cx->k_sch[4*(i)+6] = r; \ - cx->k_sch[4*(i)+7] = s; \ -} - -#define ks5(i) \ -{ p ^= ls_box(t,3) ^ rcon_tab[i]; q ^= p; \ - r ^= q; s ^= r; t ^= s; \ - cx->k_sch[5*(i)+ 5] = p; \ - cx->k_sch[5*(i)+ 6] = q; \ - cx->k_sch[5*(i)+ 7] = r; \ - cx->k_sch[5*(i)+ 8] = s; \ - cx->k_sch[5*(i)+ 9] = t; \ -} - -#define ks6(i) \ -{ p ^= ls_box(u,3) ^ rcon_tab[i]; q ^= p; \ - r ^= q; s ^= r; t ^= s; u ^= t; \ - cx->k_sch[6*(i)+ 6] = p; \ - cx->k_sch[6*(i)+ 7] = q; \ - cx->k_sch[6*(i)+ 8] = r; \ - cx->k_sch[6*(i)+ 9] = s; \ - cx->k_sch[6*(i)+10] = t; \ - cx->k_sch[6*(i)+11] = u; \ -} - -#define ks7(i) \ -{ p ^= ls_box(v,3) ^ rcon_tab[i]; q ^= p; r ^= q; s ^= r; \ - t ^= ls_box(s,0); u ^= t; v ^= u; \ - cx->k_sch[7*(i)+ 7] = p; \ - cx->k_sch[7*(i)+ 8] = q; \ - cx->k_sch[7*(i)+ 9] = r; \ - cx->k_sch[7*(i)+10] = s; \ - cx->k_sch[7*(i)+11] = t; \ - cx->k_sch[7*(i)+12] = u; \ - cx->k_sch[7*(i)+13] = v; \ -} - -#define ks8(i) \ -{ p ^= ls_box(w,3) ^ rcon_tab[i]; q ^= p; r ^= q; s ^= r; \ - t ^= ls_box(s,0); u ^= t; v ^= u; w ^= v; \ - cx->k_sch[8*(i)+ 8] = p; \ - cx->k_sch[8*(i)+ 9] = q; \ - cx->k_sch[8*(i)+10] = r; \ - cx->k_sch[8*(i)+11] = s; \ - cx->k_sch[8*(i)+12] = t; \ - cx->k_sch[8*(i)+13] = u; \ - cx->k_sch[8*(i)+14] = v; \ - cx->k_sch[8*(i)+15] = w; \ -} - -#if defined(ENCRYPTION_KEY_SCHEDULE) - -aes_rval aes_enc_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]) -{ uint32_t i,p,q,r,s,t,u,v,w; - -#if !defined(FIXED_TABLES) - if(!tab_init) gen_tabs(); -#endif - -#if !defined(BLOCK_SIZE) - if(!cx->n_blk) cx->n_blk = 16; -#else - cx->n_blk = BLOCK_SIZE; -#endif - - cx->n_blk = (cx->n_blk & ~3) | 1; - cx->n_rnd = ((klen >> 2) > nc ? (klen >> 2) : nc) + 6; - - cx->k_sch[0] = p = word_in(in_key ); - cx->k_sch[1] = q = word_in(in_key + 4); - cx->k_sch[2] = r = word_in(in_key + 8); - cx->k_sch[3] = s = word_in(in_key + 12); - -#if BLOCK_SIZE == 16 && defined(UNROLL) - - switch(klen >> 2) - { - case 4: ks4(0); ks4(1); ks4(2); ks4(3); - ks4(4); ks4(5); ks4(6); ks4(7); - ks4(8); ks4(9); - cx->n_rnd = 10; break; - case 5: cx->k_sch[4] = t = word_in(in_key + 16); - ks5(0); ks5(1); ks5(2); ks5(3); - ks5(4); ks5(5); ks5(6); ks5(7); - ks5(8); - cx->n_rnd = 11; break; - case 6: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - ks6(0); ks6(1); ks6(2); ks6(3); - ks6(4); ks6(5); ks6(6); ks6(7); - cx->n_rnd = 12; break; - case 7: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - ks7(0); ks7(1); ks7(2); ks7(3); - ks7(4); ks7(5); ks7(6); - cx->n_rnd = 13; break; - case 8: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - cx->k_sch[7] = w = word_in(in_key + 28); - ks8(0); ks8(1); ks8(2); ks8(3); - ks8(4); ks8(5); ks8(6); - cx->n_rnd = 14; break; - default:cx->n_rnd = 0; return aes_bad; - } -#else - cx->n_rnd = ((klen >> 2) > nc ? (klen >> 2) : nc) + 6; - { - uint32_t l = (nc * (cx->n_rnd + 1) - 1) / (klen >> 2); - switch(klen >> 2) - { - case 4: for(i = 0; i < l; ++i) - ks4(i); - break; - case 5: cx->k_sch[4] = t = word_in(in_key + 16); - for(i = 0; i < l; ++i) - ks5(i); - break; - case 6: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - for(i = 0; i < l; ++i) - ks6(i); - break; - case 7: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - for(i = 0; i < l; ++i) - ks7(i); - break; - case 8: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - cx->k_sch[7] = w = word_in(in_key + 28); - for(i = 0; i < l; ++i) - ks8(i); - break; - } - } -#endif - - return aes_good; -} - -#endif - -#if defined(DECRYPTION_KEY_SCHEDULE) - -aes_rval aes_dec_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1]) -{ uint32_t i,p,q,r,s,t,u,v,w; - dec_imvars - -#if !defined(FIXED_TABLES) - if(!tab_init) gen_tabs(); -#endif - -#if !defined(BLOCK_SIZE) - if(!cx->n_blk) cx->n_blk = 16; -#else - cx->n_blk = BLOCK_SIZE; -#endif - - cx->n_blk = (cx->n_blk & ~3) | 2; - cx->n_rnd = ((klen >> 2) > nc ? (klen >> 2) : nc) + 6; - - cx->k_sch[0] = p = word_in(in_key ); - cx->k_sch[1] = q = word_in(in_key + 4); - cx->k_sch[2] = r = word_in(in_key + 8); - cx->k_sch[3] = s = word_in(in_key + 12); - -#if BLOCK_SIZE == 16 && defined(UNROLL) - - switch(klen >> 2) - { - case 4: ks4(0); ks4(1); ks4(2); ks4(3); - ks4(4); ks4(5); ks4(6); ks4(7); - ks4(8); ks4(9); - cx->n_rnd = 10; break; - case 5: cx->k_sch[4] = t = word_in(in_key + 16); - ks5(0); ks5(1); ks5(2); ks5(3); - ks5(4); ks5(5); ks5(6); ks5(7); - ks5(8); - cx->n_rnd = 11; break; - case 6: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - ks6(0); ks6(1); ks6(2); ks6(3); - ks6(4); ks6(5); ks6(6); ks6(7); - cx->n_rnd = 12; break; - case 7: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - ks7(0); ks7(1); ks7(2); ks7(3); - ks7(4); ks7(5); ks7(6); - cx->n_rnd = 13; break; - case 8: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - cx->k_sch[7] = w = word_in(in_key + 28); - ks8(0); ks8(1); ks8(2); ks8(3); - ks8(4); ks8(5); ks8(6); - cx->n_rnd = 14; break; - default:cx->n_rnd = 0; return aes_bad; - } -#else - cx->n_rnd = ((klen >> 2) > nc ? (klen >> 2) : nc) + 6; - { - uint32_t l = (nc * (cx->n_rnd + 1) - 1) / (klen >> 2); - switch(klen >> 2) - { - case 4: for(i = 0; i < l; ++i) - ks4(i); - break; - case 5: cx->k_sch[4] = t = word_in(in_key + 16); - for(i = 0; i < l; ++i) - ks5(i); - break; - case 6: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - for(i = 0; i < l; ++i) - ks6(i); - break; - case 7: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - for(i = 0; i < l; ++i) - ks7(i); - break; - case 8: cx->k_sch[4] = t = word_in(in_key + 16); - cx->k_sch[5] = u = word_in(in_key + 20); - cx->k_sch[6] = v = word_in(in_key + 24); - cx->k_sch[7] = w = word_in(in_key + 28); - for(i = 0; i < l; ++i) - ks8(i); - break; - } - } -#endif - -#if (DEC_ROUND != NO_TABLES) - for(i = nc; i < nc * cx->n_rnd; ++i) - cx->k_sch[i] = inv_mcol(cx->k_sch[i]); -#endif - - return aes_good; -} - -#endif |