mirror of
https://github.com/rvtr/TwlIPL.git
synced 2025-10-31 06:01:12 -04:00
60f18e5554
git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/trunk@1 b08762b0-b915-fc4b-9d8c-17b2551a87ff
144 lines
3.3 KiB
C
144 lines
3.3 KiB
C
/* $Id$ */
|
|
/*
|
|
* Copyright (C) 1998-2003 RSA Security Inc. All rights reserved.
|
|
*
|
|
* This work contains proprietary information of RSA Security.
|
|
* Distribution is limited to authorized licensees of RSA
|
|
* Security. Any unauthorized reproduction, distribution or
|
|
* modification of this work is strictly prohibited.
|
|
*/
|
|
|
|
#ifndef NO_AES
|
|
|
|
#include "aes.h"
|
|
#include "aes_sbox.h"
|
|
|
|
static const unsigned char Rcon[30]={
|
|
0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80,
|
|
0x1b,0x36,0x6c,0xd8,0xab,0x4d,0x9a,0x2f,
|
|
0x5e,0xbc,0x63,0xc6,0x97,0x35,0x6a,0xd4,
|
|
0xb3,0x7d,0xfa,0xef,0xc5,0x91,
|
|
};
|
|
|
|
int AES_set_key(AES_KEY *ctx, const unsigned char *key, int len)
|
|
{
|
|
int i,ii;
|
|
AES_INT4 *W,tmp,tmp2;
|
|
const unsigned char *ip;
|
|
int words;
|
|
|
|
if (len == 16)
|
|
{
|
|
i=10;
|
|
words=4;
|
|
}
|
|
else if (len == 24)
|
|
{
|
|
i=12;
|
|
words=6;
|
|
}
|
|
else if (len == 32)
|
|
{
|
|
i=14;
|
|
words=8;
|
|
}
|
|
else
|
|
return(1);
|
|
|
|
ctx->rounds=i;
|
|
ctx->key_size=words;
|
|
W=(unsigned int *)ctx->ks;
|
|
for (i=0; i<words; i+=2)
|
|
{
|
|
W[i+0]= ((AES_INT4)key[ 0]<<24)|
|
|
((AES_INT4)key[ 1]<<16)|
|
|
((AES_INT4)key[ 2]<< 8)|
|
|
((AES_INT4)key[ 3] );
|
|
W[i+1]= ((AES_INT4)key[ 4]<<24)|
|
|
((AES_INT4)key[ 5]<<16)|
|
|
((AES_INT4)key[ 6]<< 8)|
|
|
((AES_INT4)key[ 7] );
|
|
key+=8;
|
|
}
|
|
|
|
ip=Rcon;
|
|
ii=4*(ctx->rounds+1);
|
|
for (i=words; i<ii; i++)
|
|
{
|
|
tmp=W[i-1];
|
|
if ((i % words) == 0)
|
|
{
|
|
tmp2 =(AES_INT4)aes_sbox[(tmp )&0xff]<< 8;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>> 8)&0xff]<<16;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>>16)&0xff]<<24;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>>24) ];
|
|
tmp=tmp2^(((unsigned int)*ip)<<24);
|
|
ip++;
|
|
}
|
|
if ((words == 8) && ((i % words) == 4))
|
|
{
|
|
tmp2 =(AES_INT4)aes_sbox[(tmp )&0xff] ;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>> 8)&0xff]<< 8;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>>16)&0xff]<<16;
|
|
tmp2|=(AES_INT4)aes_sbox[(tmp>>24) ]<<24;
|
|
tmp=tmp2;
|
|
}
|
|
W[i]=W[i-words]^tmp;
|
|
}
|
|
return(0);
|
|
}
|
|
|
|
#define rot1(x) (((x) << 24) | ((x) >> 8))
|
|
#define rot2(x) (((x) << 16) | ((x) >> 16))
|
|
#define rot3(x) (((x) << 8) | ((x) >> 24))
|
|
|
|
/* This cute trick does 4 'mul by two' at once. Stolen from
|
|
* Dr B. R. Gladman <brg@gladman.uk.net> but I'm sure the u-(u>>7) is
|
|
* a standard graphics trick
|
|
* The key to this is that we need to xor with 0x1b if the top bit is set.
|
|
* a 1xxx xxxx 0xxx 0xxx First we mask the 7bit,
|
|
* b 1000 0000 0000 0000 then we shift right by 7 puting the 7bit in 0bit,
|
|
* c 0000 0001 0000 0000 we then subtract (c) from (b)
|
|
* d 0111 1111 0000 0000 and now we and with our mask
|
|
* e 0001 1011 0000 0000
|
|
*/
|
|
#define mt 0x80808080
|
|
#define ml 0x7f7f7f7f
|
|
#define mh 0xfefefefe
|
|
#define mm 0x1b1b1b1b
|
|
#define mul2(x,t) ((t)=((x)&mt), \
|
|
((((x)+(x))&mh)^(((t)-((t)>>7))&mm)))
|
|
|
|
#define mix_col(x,f2,f3) (\
|
|
(f2)=mul2(x,f3), \
|
|
(f3)=(x)^(f2), \
|
|
(rot3(f3) ^ rot2(x) ^ rot1(x)^(f2)))
|
|
|
|
#define inv_mix_col(x,f2,f4,f8,f9) (\
|
|
(f2)=mul2(x,f2), \
|
|
(f4)=mul2(f2,f4), \
|
|
(f8)=mul2(f4,f8), \
|
|
(f9)=(x)^(f8), \
|
|
(f8)=((f2)^(f4)^(f8)), \
|
|
(f2)^=(f9), \
|
|
(f4)^=(f9), \
|
|
(f8)^=rot3(f2), \
|
|
(f8)^=rot2(f4), \
|
|
(f8)^rot1(f9))
|
|
|
|
void AES_convert_key(AES_KEY *ctx)
|
|
{
|
|
int i;
|
|
AES_INT4 *k,w,t1,t2,t3,t4;
|
|
|
|
k= ctx->ks;
|
|
k+=4;
|
|
for (i=ctx->rounds*4; i>4; i--)
|
|
{
|
|
w= *k;
|
|
w = inv_mix_col(w,t1,t2,t3,t4);
|
|
*k++ =w;
|
|
}
|
|
}
|
|
#endif /* NO_AES */
|