- Timestamp:
- May 1, 2009, 12:30:57 AM (16 years ago)
- Location:
- trunk/src
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/rijndael-alg-fst.c
r1 r230 125 125 int rijndaelEncrypt(word8 a[16], word8 b[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { 126 126 int r; 127 word8 temp[4][4]; 128 129 *((word32*)temp[0]) = *((word32*)(a )) ^ *((word32*)rk[0][0]); 130 *((word32*)temp[1]) = *((word32*)(a+ 4)) ^ *((word32*)rk[0][1]); 131 *((word32*)temp[2]) = *((word32*)(a+ 8)) ^ *((word32*)rk[0][2]); 132 *((word32*)temp[3]) = *((word32*)(a+12)) ^ *((word32*)rk[0][3]); 133 *((word32*)(b )) = *((word32*)T1[temp[0][0]]) 134 ^ *((word32*)T2[temp[1][1]]) 135 ^ *((word32*)T3[temp[2][2]]) 136 ^ *((word32*)T4[temp[3][3]]); 137 *((word32*)(b + 4)) = *((word32*)T1[temp[1][0]]) 138 ^ *((word32*)T2[temp[2][1]]) 139 ^ *((word32*)T3[temp[3][2]]) 140 ^ *((word32*)T4[temp[0][3]]); 141 *((word32*)(b + 8)) = *((word32*)T1[temp[2][0]]) 142 ^ *((word32*)T2[temp[3][1]]) 143 ^ *((word32*)T3[temp[0][2]]) 144 ^ *((word32*)T4[temp[1][3]]); 145 *((word32*)(b +12)) = *((word32*)T1[temp[3][0]]) 146 ^ *((word32*)T2[temp[0][1]]) 147 ^ *((word32*)T3[temp[1][2]]) 148 ^ *((word32*)T4[temp[2][3]]); 127 union { 128 word32 tem4[4]; 129 word8 temp[4][4]; 130 } tmpU; 131 tmpU.tem4[0] = tmpU.tem4[1] = tmpU.tem4[2] = tmpU.tem4[3] = 0; 132 133 tmpU.tem4[0] = *((word32*)(a )) ^ *((word32*)rk[0][0]); 134 tmpU.tem4[1] = *((word32*)(a+ 4)) ^ *((word32*)rk[0][1]); 135 tmpU.tem4[2] = *((word32*)(a+ 8)) ^ *((word32*)rk[0][2]); 136 tmpU.tem4[3] = *((word32*)(a+12)) ^ *((word32*)rk[0][3]); 137 *((word32*)(b )) = *((word32*)T1[tmpU.temp[0][0]]) 138 ^ *((word32*)T2[tmpU.temp[1][1]]) 139 ^ *((word32*)T3[tmpU.temp[2][2]]) 140 ^ *((word32*)T4[tmpU.temp[3][3]]); 141 *((word32*)(b + 4)) = *((word32*)T1[tmpU.temp[1][0]]) 142 ^ *((word32*)T2[tmpU.temp[2][1]]) 143 ^ *((word32*)T3[tmpU.temp[3][2]]) 144 ^ *((word32*)T4[tmpU.temp[0][3]]); 145 *((word32*)(b + 8)) = *((word32*)T1[tmpU.temp[2][0]]) 146 ^ *((word32*)T2[tmpU.temp[3][1]]) 147 ^ *((word32*)T3[tmpU.temp[0][2]]) 148 ^ *((word32*)T4[tmpU.temp[1][3]]); 149 *((word32*)(b +12)) = *((word32*)T1[tmpU.temp[3][0]]) 150 ^ *((word32*)T2[tmpU.temp[0][1]]) 151 ^ *((word32*)T3[tmpU.temp[1][2]]) 152 ^ *((word32*)T4[tmpU.temp[2][3]]); 149 153 for (r = 1; r < ROUNDS-1; r++) { 150 *((word32*)temp[0])= *((word32*)(b )) ^ *((word32*)rk[r][0]);151 *((word32*)temp[1])= *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]);152 *((word32*)temp[2])= *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]);153 *((word32*)temp[3])= *((word32*)(b+12)) ^ *((word32*)rk[r][3]);154 155 *((word32*)(b )) = *((word32*)T1[t emp[0][0]])156 ^ *((word32*)T2[t emp[1][1]])157 ^ *((word32*)T3[t emp[2][2]])158 ^ *((word32*)T4[t emp[3][3]]);159 *((word32*)(b + 4)) = *((word32*)T1[t emp[1][0]])160 ^ *((word32*)T2[t emp[2][1]])161 ^ *((word32*)T3[t emp[3][2]])162 ^ *((word32*)T4[t emp[0][3]]);163 *((word32*)(b + 8)) = *((word32*)T1[t emp[2][0]])164 ^ *((word32*)T2[t emp[3][1]])165 ^ *((word32*)T3[t emp[0][2]])166 ^ *((word32*)T4[t emp[1][3]]);167 *((word32*)(b +12)) = *((word32*)T1[t emp[3][0]])168 ^ *((word32*)T2[t emp[0][1]])169 ^ *((word32*)T3[t emp[1][2]])170 ^ *((word32*)T4[t emp[2][3]]);154 tmpU.tem4[0] = *((word32*)(b )) ^ *((word32*)rk[r][0]); 155 tmpU.tem4[1] = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); 156 tmpU.tem4[2] = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); 157 tmpU.tem4[3] = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); 158 159 *((word32*)(b )) = *((word32*)T1[tmpU.temp[0][0]]) 160 ^ *((word32*)T2[tmpU.temp[1][1]]) 161 ^ *((word32*)T3[tmpU.temp[2][2]]) 162 ^ *((word32*)T4[tmpU.temp[3][3]]); 163 *((word32*)(b + 4)) = *((word32*)T1[tmpU.temp[1][0]]) 164 ^ *((word32*)T2[tmpU.temp[2][1]]) 165 ^ *((word32*)T3[tmpU.temp[3][2]]) 166 ^ *((word32*)T4[tmpU.temp[0][3]]); 167 *((word32*)(b + 8)) = *((word32*)T1[tmpU.temp[2][0]]) 168 ^ *((word32*)T2[tmpU.temp[3][1]]) 169 ^ *((word32*)T3[tmpU.temp[0][2]]) 170 ^ *((word32*)T4[tmpU.temp[1][3]]); 171 *((word32*)(b +12)) = *((word32*)T1[tmpU.temp[3][0]]) 172 ^ *((word32*)T2[tmpU.temp[0][1]]) 173 ^ *((word32*)T3[tmpU.temp[1][2]]) 174 ^ *((word32*)T4[tmpU.temp[2][3]]); 171 175 } 172 176 /* last round is special */ 173 *((word32*)temp[0])= *((word32*)(b )) ^ *((word32*)rk[ROUNDS-1][0]);174 *((word32*)temp[1])= *((word32*)(b+ 4)) ^ *((word32*)rk[ROUNDS-1][1]);175 *((word32*)temp[2])= *((word32*)(b+ 8)) ^ *((word32*)rk[ROUNDS-1][2]);176 *((word32*)temp[3])= *((word32*)(b+12)) ^ *((word32*)rk[ROUNDS-1][3]);177 b[ 0] = T1[t emp[0][0]][1];178 b[ 1] = T1[t emp[1][1]][1];179 b[ 2] = T1[t emp[2][2]][1];180 b[ 3] = T1[t emp[3][3]][1];181 b[ 4] = T1[t emp[1][0]][1];182 b[ 5] = T1[t emp[2][1]][1];183 b[ 6] = T1[t emp[3][2]][1];184 b[ 7] = T1[t emp[0][3]][1];185 b[ 8] = T1[t emp[2][0]][1];186 b[ 9] = T1[t emp[3][1]][1];187 b[10] = T1[t emp[0][2]][1];188 b[11] = T1[t emp[1][3]][1];189 b[12] = T1[t emp[3][0]][1];190 b[13] = T1[t emp[0][1]][1];191 b[14] = T1[t emp[1][2]][1];192 b[15] = T1[t emp[2][3]][1];177 tmpU.tem4[0] = *((word32*)(b )) ^ *((word32*)rk[ROUNDS-1][0]); 178 tmpU.tem4[1] = *((word32*)(b+ 4)) ^ *((word32*)rk[ROUNDS-1][1]); 179 tmpU.tem4[2] = *((word32*)(b+ 8)) ^ *((word32*)rk[ROUNDS-1][2]); 180 tmpU.tem4[3] = *((word32*)(b+12)) ^ *((word32*)rk[ROUNDS-1][3]); 181 b[ 0] = T1[tmpU.temp[0][0]][1]; 182 b[ 1] = T1[tmpU.temp[1][1]][1]; 183 b[ 2] = T1[tmpU.temp[2][2]][1]; 184 b[ 3] = T1[tmpU.temp[3][3]][1]; 185 b[ 4] = T1[tmpU.temp[1][0]][1]; 186 b[ 5] = T1[tmpU.temp[2][1]][1]; 187 b[ 6] = T1[tmpU.temp[3][2]][1]; 188 b[ 7] = T1[tmpU.temp[0][3]][1]; 189 b[ 8] = T1[tmpU.temp[2][0]][1]; 190 b[ 9] = T1[tmpU.temp[3][1]][1]; 191 b[10] = T1[tmpU.temp[0][2]][1]; 192 b[11] = T1[tmpU.temp[1][3]][1]; 193 b[12] = T1[tmpU.temp[3][0]][1]; 194 b[13] = T1[tmpU.temp[0][1]][1]; 195 b[14] = T1[tmpU.temp[1][2]][1]; 196 b[15] = T1[tmpU.temp[2][3]][1]; 193 197 *((word32*)(b )) ^= *((word32*)rk[ROUNDS][0]); 194 198 *((word32*)(b+ 4)) ^= *((word32*)rk[ROUNDS][1]); … … 204 208 int rijndaelDecrypt(word8 a[16], word8 b[16], word8 rk[MAXROUNDS+1][4][4], int ROUNDS) { 205 209 int r; 206 word8 temp[4][4]; 210 union { 211 word32 tem4[4]; 212 word8 temp[4][4]; 213 } tmpU; 214 tmpU.tem4[0] = tmpU.tem4[1] = tmpU.tem4[2] = tmpU.tem4[3] = 0; 207 215 208 *((word32*)temp[0])= *((word32*)(a )) ^ *((word32*)rk[ROUNDS][0]);209 *((word32*)temp[1])= *((word32*)(a+ 4)) ^ *((word32*)rk[ROUNDS][1]);210 *((word32*)temp[2])= *((word32*)(a+ 8)) ^ *((word32*)rk[ROUNDS][2]);211 *((word32*)temp[3])= *((word32*)(a+12)) ^ *((word32*)rk[ROUNDS][3]);212 213 *((word32*)(b )) = *((word32*)T5[t emp[0][0]])214 ^ *((word32*)T6[t emp[3][1]])215 ^ *((word32*)T7[t emp[2][2]])216 ^ *((word32*)T8[t emp[1][3]]);217 *((word32*)(b+ 4)) = *((word32*)T5[t emp[1][0]])218 ^ *((word32*)T6[t emp[0][1]])219 ^ *((word32*)T7[t emp[3][2]])220 ^ *((word32*)T8[t emp[2][3]]);221 *((word32*)(b+ 8)) = *((word32*)T5[t emp[2][0]])222 ^ *((word32*)T6[t emp[1][1]])223 ^ *((word32*)T7[t emp[0][2]])224 ^ *((word32*)T8[t emp[3][3]]);225 *((word32*)(b+12)) = *((word32*)T5[t emp[3][0]])226 ^ *((word32*)T6[t emp[2][1]])227 ^ *((word32*)T7[t emp[1][2]])228 ^ *((word32*)T8[t emp[0][3]]);216 tmpU.tem4[0] = *((word32*)(a )) ^ *((word32*)rk[ROUNDS][0]); 217 tmpU.tem4[1] = *((word32*)(a+ 4)) ^ *((word32*)rk[ROUNDS][1]); 218 tmpU.tem4[2] = *((word32*)(a+ 8)) ^ *((word32*)rk[ROUNDS][2]); 219 tmpU.tem4[3] = *((word32*)(a+12)) ^ *((word32*)rk[ROUNDS][3]); 220 221 *((word32*)(b )) = *((word32*)T5[tmpU.temp[0][0]]) 222 ^ *((word32*)T6[tmpU.temp[3][1]]) 223 ^ *((word32*)T7[tmpU.temp[2][2]]) 224 ^ *((word32*)T8[tmpU.temp[1][3]]); 225 *((word32*)(b+ 4)) = *((word32*)T5[tmpU.temp[1][0]]) 226 ^ *((word32*)T6[tmpU.temp[0][1]]) 227 ^ *((word32*)T7[tmpU.temp[3][2]]) 228 ^ *((word32*)T8[tmpU.temp[2][3]]); 229 *((word32*)(b+ 8)) = *((word32*)T5[tmpU.temp[2][0]]) 230 ^ *((word32*)T6[tmpU.temp[1][1]]) 231 ^ *((word32*)T7[tmpU.temp[0][2]]) 232 ^ *((word32*)T8[tmpU.temp[3][3]]); 233 *((word32*)(b+12)) = *((word32*)T5[tmpU.temp[3][0]]) 234 ^ *((word32*)T6[tmpU.temp[2][1]]) 235 ^ *((word32*)T7[tmpU.temp[1][2]]) 236 ^ *((word32*)T8[tmpU.temp[0][3]]); 229 237 for (r = ROUNDS-1; r > 1; r--) { 230 *((word32*)temp[0])= *((word32*)(b )) ^ *((word32*)rk[r][0]);231 *((word32*)temp[1])= *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]);232 *((word32*)temp[2])= *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]);233 *((word32*)temp[3])= *((word32*)(b+12)) ^ *((word32*)rk[r][3]);234 *((word32*)(b )) = *((word32*)T5[t emp[0][0]])235 ^ *((word32*)T6[t emp[3][1]])236 ^ *((word32*)T7[t emp[2][2]])237 ^ *((word32*)T8[t emp[1][3]]);238 *((word32*)(b+ 4)) = *((word32*)T5[t emp[1][0]])239 ^ *((word32*)T6[t emp[0][1]])240 ^ *((word32*)T7[t emp[3][2]])241 ^ *((word32*)T8[t emp[2][3]]);242 *((word32*)(b+ 8)) = *((word32*)T5[t emp[2][0]])243 ^ *((word32*)T6[t emp[1][1]])244 ^ *((word32*)T7[t emp[0][2]])245 ^ *((word32*)T8[t emp[3][3]]);246 *((word32*)(b+12)) = *((word32*)T5[t emp[3][0]])247 ^ *((word32*)T6[t emp[2][1]])248 ^ *((word32*)T7[t emp[1][2]])249 ^ *((word32*)T8[t emp[0][3]]);238 tmpU.tem4[0] = *((word32*)(b )) ^ *((word32*)rk[r][0]); 239 tmpU.tem4[1] = *((word32*)(b+ 4)) ^ *((word32*)rk[r][1]); 240 tmpU.tem4[2] = *((word32*)(b+ 8)) ^ *((word32*)rk[r][2]); 241 tmpU.tem4[3] = *((word32*)(b+12)) ^ *((word32*)rk[r][3]); 242 *((word32*)(b )) = *((word32*)T5[tmpU.temp[0][0]]) 243 ^ *((word32*)T6[tmpU.temp[3][1]]) 244 ^ *((word32*)T7[tmpU.temp[2][2]]) 245 ^ *((word32*)T8[tmpU.temp[1][3]]); 246 *((word32*)(b+ 4)) = *((word32*)T5[tmpU.temp[1][0]]) 247 ^ *((word32*)T6[tmpU.temp[0][1]]) 248 ^ *((word32*)T7[tmpU.temp[3][2]]) 249 ^ *((word32*)T8[tmpU.temp[2][3]]); 250 *((word32*)(b+ 8)) = *((word32*)T5[tmpU.temp[2][0]]) 251 ^ *((word32*)T6[tmpU.temp[1][1]]) 252 ^ *((word32*)T7[tmpU.temp[0][2]]) 253 ^ *((word32*)T8[tmpU.temp[3][3]]); 254 *((word32*)(b+12)) = *((word32*)T5[tmpU.temp[3][0]]) 255 ^ *((word32*)T6[tmpU.temp[2][1]]) 256 ^ *((word32*)T7[tmpU.temp[1][2]]) 257 ^ *((word32*)T8[tmpU.temp[0][3]]); 250 258 } 251 259 /* last round is special */ 252 *((word32*)temp[0])= *((word32*)(b )) ^ *((word32*)rk[1][0]);253 *((word32*)temp[1])= *((word32*)(b+ 4)) ^ *((word32*)rk[1][1]);254 *((word32*)temp[2])= *((word32*)(b+ 8)) ^ *((word32*)rk[1][2]);255 *((word32*)temp[3])= *((word32*)(b+12)) ^ *((word32*)rk[1][3]);256 b[ 0] = S5[t emp[0][0]];257 b[ 1] = S5[t emp[3][1]];258 b[ 2] = S5[t emp[2][2]];259 b[ 3] = S5[t emp[1][3]];260 b[ 4] = S5[t emp[1][0]];261 b[ 5] = S5[t emp[0][1]];262 b[ 6] = S5[t emp[3][2]];263 b[ 7] = S5[t emp[2][3]];264 b[ 8] = S5[t emp[2][0]];265 b[ 9] = S5[t emp[1][1]];266 b[10] = S5[t emp[0][2]];267 b[11] = S5[t emp[3][3]];268 b[12] = S5[t emp[3][0]];269 b[13] = S5[t emp[2][1]];270 b[14] = S5[t emp[1][2]];271 b[15] = S5[t emp[0][3]];260 tmpU.tem4[0] = *((word32*)(b )) ^ *((word32*)rk[1][0]); 261 tmpU.tem4[1] = *((word32*)(b+ 4)) ^ *((word32*)rk[1][1]); 262 tmpU.tem4[2] = *((word32*)(b+ 8)) ^ *((word32*)rk[1][2]); 263 tmpU.tem4[3] = *((word32*)(b+12)) ^ *((word32*)rk[1][3]); 264 b[ 0] = S5[tmpU.temp[0][0]]; 265 b[ 1] = S5[tmpU.temp[3][1]]; 266 b[ 2] = S5[tmpU.temp[2][2]]; 267 b[ 3] = S5[tmpU.temp[1][3]]; 268 b[ 4] = S5[tmpU.temp[1][0]]; 269 b[ 5] = S5[tmpU.temp[0][1]]; 270 b[ 6] = S5[tmpU.temp[3][2]]; 271 b[ 7] = S5[tmpU.temp[2][3]]; 272 b[ 8] = S5[tmpU.temp[2][0]]; 273 b[ 9] = S5[tmpU.temp[1][1]]; 274 b[10] = S5[tmpU.temp[0][2]]; 275 b[11] = S5[tmpU.temp[3][3]]; 276 b[12] = S5[tmpU.temp[3][0]]; 277 b[13] = S5[tmpU.temp[2][1]]; 278 b[14] = S5[tmpU.temp[1][2]]; 279 b[15] = S5[tmpU.temp[0][3]]; 272 280 *((word32*)(b )) ^= *((word32*)rk[0][0]); 273 281 *((word32*)(b+ 4)) ^= *((word32*)rk[0][1]); … … 278 286 } 279 287 288 #ifdef INTERMEDIATE_VALUE_KAT 289 /** 290 * Encrypt only a certain number of rounds. 291 * Only used in the Intermediate Value Known Answer Test. 292 */ 293 int rijndaelEncryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { 294 int r; 295 word8 temp[4][4]; 296 297 /* make number of rounds sane */ 298 if (rounds > ROUNDS) { 299 rounds = ROUNDS; 300 } 301 302 *((word32*)a[0]) = *((word32*)a[0]) ^ *((word32*)rk[0][0]); 303 *((word32*)a[1]) = *((word32*)a[1]) ^ *((word32*)rk[0][1]); 304 *((word32*)a[2]) = *((word32*)a[2]) ^ *((word32*)rk[0][2]); 305 *((word32*)a[3]) = *((word32*)a[3]) ^ *((word32*)rk[0][3]); 306 307 for (r = 1; (r <= rounds) && (r < ROUNDS); r++) { 308 *((word32*)temp[0]) = *((word32*)T1[a[0][0]]) 309 ^ *((word32*)T2[a[1][1]]) 310 ^ *((word32*)T3[a[2][2]]) 311 ^ *((word32*)T4[a[3][3]]); 312 *((word32*)temp[1]) = *((word32*)T1[a[1][0]]) 313 ^ *((word32*)T2[a[2][1]]) 314 ^ *((word32*)T3[a[3][2]]) 315 ^ *((word32*)T4[a[0][3]]); 316 *((word32*)temp[2]) = *((word32*)T1[a[2][0]]) 317 ^ *((word32*)T2[a[3][1]]) 318 ^ *((word32*)T3[a[0][2]]) 319 ^ *((word32*)T4[a[1][3]]); 320 *((word32*)temp[3]) = *((word32*)T1[a[3][0]]) 321 ^ *((word32*)T2[a[0][1]]) 322 ^ *((word32*)T3[a[1][2]]) 323 ^ *((word32*)T4[a[2][3]]); 324 *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[r][0]); 325 *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[r][1]); 326 *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[r][2]); 327 *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[r][3]); 328 } 329 if (rounds == ROUNDS) { 330 /* last round is special */ 331 temp[0][0] = T1[a[0][0]][1]; 332 temp[0][1] = T1[a[1][1]][1]; 333 temp[0][2] = T1[a[2][2]][1]; 334 temp[0][3] = T1[a[3][3]][1]; 335 temp[1][0] = T1[a[1][0]][1]; 336 temp[1][1] = T1[a[2][1]][1]; 337 temp[1][2] = T1[a[3][2]][1]; 338 temp[1][3] = T1[a[0][3]][1]; 339 temp[2][0] = T1[a[2][0]][1]; 340 temp[2][1] = T1[a[3][1]][1]; 341 temp[2][2] = T1[a[0][2]][1]; 342 temp[2][3] = T1[a[1][3]][1]; 343 temp[3][0] = T1[a[3][0]][1]; 344 temp[3][1] = T1[a[0][1]][1]; 345 temp[3][2] = T1[a[1][2]][1]; 346 temp[3][3] = T1[a[2][3]][1]; 347 *((word32*)a[0]) = *((word32*)temp[0]) ^ *((word32*)rk[ROUNDS][0]); 348 *((word32*)a[1]) = *((word32*)temp[1]) ^ *((word32*)rk[ROUNDS][1]); 349 *((word32*)a[2]) = *((word32*)temp[2]) ^ *((word32*)rk[ROUNDS][2]); 350 *((word32*)a[3]) = *((word32*)temp[3]) ^ *((word32*)rk[ROUNDS][3]); 351 } 352 353 return 0; 354 } 355 #endif /* INTERMEDIATE_VALUE_KAT */ 356 357 #ifdef INTERMEDIATE_VALUE_KAT 358 /** 359 * Decrypt only a certain number of rounds. 360 * Only used in the Intermediate Value Known Answer Test. 361 * Operations rearranged such that the intermediate values 362 * of decryption correspond with the intermediate values 363 * of encryption. 364 */ 365 int rijndaelDecryptRound(word8 a[4][4], word8 rk[MAXROUNDS+1][4][4], int ROUNDS, int rounds) { 366 int r, i; 367 word8 temp[4], shift; 368 369 /* make number of rounds sane */ 370 if (rounds > ROUNDS) { 371 rounds = ROUNDS; 372 } 373 /* first round is special: */ 374 *(word32 *)a[0] ^= *(word32 *)rk[ROUNDS][0]; 375 *(word32 *)a[1] ^= *(word32 *)rk[ROUNDS][1]; 376 *(word32 *)a[2] ^= *(word32 *)rk[ROUNDS][2]; 377 *(word32 *)a[3] ^= *(word32 *)rk[ROUNDS][3]; 378 for (i = 0; i < 4; i++) { 379 a[i][0] = Si[a[i][0]]; 380 a[i][1] = Si[a[i][1]]; 381 a[i][2] = Si[a[i][2]]; 382 a[i][3] = Si[a[i][3]]; 383 } 384 for (i = 1; i < 4; i++) { 385 shift = (4 - i) & 3; 386 temp[0] = a[(0 + shift) & 3][i]; 387 temp[1] = a[(1 + shift) & 3][i]; 388 temp[2] = a[(2 + shift) & 3][i]; 389 temp[3] = a[(3 + shift) & 3][i]; 390 a[0][i] = temp[0]; 391 a[1][i] = temp[1]; 392 a[2][i] = temp[2]; 393 a[3][i] = temp[3]; 394 } 395 /* ROUNDS-1 ordinary rounds */ 396 for (r = ROUNDS-1; r > rounds; r--) { 397 *(word32 *)a[0] ^= *(word32 *)rk[r][0]; 398 *(word32 *)a[1] ^= *(word32 *)rk[r][1]; 399 *(word32 *)a[2] ^= *(word32 *)rk[r][2]; 400 *(word32 *)a[3] ^= *(word32 *)rk[r][3]; 401 402 *((word32*)a[0]) = 403 *((word32*)U1[a[0][0]]) 404 ^ *((word32*)U2[a[0][1]]) 405 ^ *((word32*)U3[a[0][2]]) 406 ^ *((word32*)U4[a[0][3]]); 407 408 *((word32*)a[1]) = 409 *((word32*)U1[a[1][0]]) 410 ^ *((word32*)U2[a[1][1]]) 411 ^ *((word32*)U3[a[1][2]]) 412 ^ *((word32*)U4[a[1][3]]); 413 414 *((word32*)a[2]) = 415 *((word32*)U1[a[2][0]]) 416 ^ *((word32*)U2[a[2][1]]) 417 ^ *((word32*)U3[a[2][2]]) 418 ^ *((word32*)U4[a[2][3]]); 419 420 *((word32*)a[3]) = 421 *((word32*)U1[a[3][0]]) 422 ^ *((word32*)U2[a[3][1]]) 423 ^ *((word32*)U3[a[3][2]]) 424 ^ *((word32*)U4[a[3][3]]); 425 for (i = 0; i < 4; i++) { 426 a[i][0] = Si[a[i][0]]; 427 a[i][1] = Si[a[i][1]]; 428 a[i][2] = Si[a[i][2]]; 429 a[i][3] = Si[a[i][3]]; 430 } 431 for (i = 1; i < 4; i++) { 432 shift = (4 - i) & 3; 433 temp[0] = a[(0 + shift) & 3][i]; 434 temp[1] = a[(1 + shift) & 3][i]; 435 temp[2] = a[(2 + shift) & 3][i]; 436 temp[3] = a[(3 + shift) & 3][i]; 437 a[0][i] = temp[0]; 438 a[1][i] = temp[1]; 439 a[2][i] = temp[2]; 440 a[3][i] = temp[3]; 441 } 442 } 443 if (rounds == 0) { 444 /* End with the extra key addition */ 445 *(word32 *)a[0] ^= *(word32 *)rk[0][0]; 446 *(word32 *)a[1] ^= *(word32 *)rk[0][1]; 447 *(word32 *)a[2] ^= *(word32 *)rk[0][2]; 448 *(word32 *)a[3] ^= *(word32 *)rk[0][3]; 449 } 450 return 0; 451 } 452 #endif /* INTERMEDIATE_VALUE_KAT */ 280 453 #endif -
trunk/src/rijndael-api-fst.c
r1 r230 23 23 #ifdef SH_ENCRYPT 24 24 25 #include "rijndael-alg-fst.h"26 25 #include "rijndael-api-fst.h" 27 26 … … 124 123 RIJ_BYTE *input, int inputLen, RIJ_BYTE *outBuffer) { 125 124 int i, k, numBlocks; 126 word8 block[16], iv[4][4]; 125 union { 126 word32 bloc4[4]; 127 word8 block[16]; 128 } bb; 129 union { 130 word32 i4[4]; 131 word8 iv[4][4]; 132 } iu; 127 133 128 134 if (cipher == NULL || … … 151 157 */ 152 158 #if STRICT_ALIGN 153 memcpy(i v, cipher->IV, 16);154 ((word32*)block)[0] = ((word32*)iv)[0] ^ ((word32*)input)[0];155 ((word32*)block)[1] = ((word32*)iv)[1] ^ ((word32*)input)[1];156 ((word32*)block)[2] = ((word32*)iv)[2] ^ ((word32*)input)[2];157 ((word32*)block)[3] = ((word32*)iv)[3] ^ ((word32*)input)[3];159 memcpy(iu.iv, cipher->IV, 16); 160 bb.bloc4[0] = iu.i4[0] ^ ((word32*)input)[0]; 161 bb.bloc4[1] = iu.i4[1] ^ ((word32*)input)[1]; 162 bb.bloc4[2] = iu.i4[2] ^ ((word32*)input)[2]; 163 bb.bloc4[3] = iu.i4[3] ^ ((word32*)input)[3]; 158 164 #else /* !STRICT_ALIGN */ 159 165 ((word32*)block)[0] = ((word32*)cipher->IV)[0] ^ ((word32*)input)[0]; … … 162 168 ((word32*)block)[3] = ((word32*)cipher->IV)[3] ^ ((word32*)input)[3]; 163 169 #endif /* ?STRICT_ALIGN */ 164 rijndaelEncrypt(b lock, outBuffer, key->keySched, key->ROUNDS);170 rijndaelEncrypt(bb.block, outBuffer, key->keySched, key->ROUNDS); 165 171 input += 16; 166 172 for (i = numBlocks - 1; i > 0; i--) { 167 ((word32*)block)[0] = ((word32*)outBuffer)[0] ^ ((word32*)input)[0];168 ((word32*)block)[1] = ((word32*)outBuffer)[1] ^ ((word32*)input)[1];169 ((word32*)block)[2] = ((word32*)outBuffer)[2] ^ ((word32*)input)[2];170 ((word32*)block)[3] = ((word32*)outBuffer)[3] ^ ((word32*)input)[3];173 bb.bloc4[0] = ((word32*)outBuffer)[0] ^ ((word32*)input)[0]; 174 bb.bloc4[1] = ((word32*)outBuffer)[1] ^ ((word32*)input)[1]; 175 bb.bloc4[2] = ((word32*)outBuffer)[2] ^ ((word32*)input)[2]; 176 bb.bloc4[3] = ((word32*)outBuffer)[3] ^ ((word32*)input)[3]; 171 177 outBuffer += 16; 172 rijndaelEncrypt(b lock, outBuffer, key->keySched, key->ROUNDS);178 rijndaelEncrypt(bb.block, outBuffer, key->keySched, key->ROUNDS); 173 179 input += 16; 174 180 } … … 177 183 case MODE_CFB1: 178 184 #if STRICT_ALIGN 179 memcpy(i v, cipher->IV, 16);185 memcpy(iu.iv, cipher->IV, 16); 180 186 #else /* !STRICT_ALIGN */ 181 187 *((word32*)iv[0]) = *((word32*)(cipher->IV )); … … 186 192 for (i = numBlocks; i > 0; i--) { 187 193 for (k = 0; k < 128; k++) { 188 *((word32*) block ) = *((word32*)iv[0]);189 *((word32*)(block+ 4)) = *((word32*)iv[1]);190 *((word32*)(block+ 8)) = *((word32*)iv[2]);191 *((word32*)(block+12)) = *((word32*)iv[3]);192 rijndaelEncrypt(b lock,block, key->keySched, key->ROUNDS);193 outBuffer[k/8] ^= (b lock[0] & 0x80) >> (k & 7);194 i v[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7);195 i v[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7);196 i v[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7);197 i v[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7);198 i v[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7);199 i v[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7);200 i v[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7);201 i v[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7);202 i v[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7);203 i v[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7);204 i v[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7);205 i v[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7);206 i v[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7);207 i v[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7);208 i v[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7);209 i v[3][3] = (iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1);194 bb.bloc4[0] = iu.i4[0]; 195 bb.bloc4[1] = iu.i4[1]; 196 bb.bloc4[2] = iu.i4[2]; 197 bb.bloc4[3] = iu.i4[3]; 198 rijndaelEncrypt(bb.block, bb.block, key->keySched, key->ROUNDS); 199 outBuffer[k/8] ^= (bb.block[0] & 0x80) >> (k & 7); 200 iu.iv[0][0] = (iu.iv[0][0] << 1) | (iu.iv[0][1] >> 7); 201 iu.iv[0][1] = (iu.iv[0][1] << 1) | (iu.iv[0][2] >> 7); 202 iu.iv[0][2] = (iu.iv[0][2] << 1) | (iu.iv[0][3] >> 7); 203 iu.iv[0][3] = (iu.iv[0][3] << 1) | (iu.iv[1][0] >> 7); 204 iu.iv[1][0] = (iu.iv[1][0] << 1) | (iu.iv[1][1] >> 7); 205 iu.iv[1][1] = (iu.iv[1][1] << 1) | (iu.iv[1][2] >> 7); 206 iu.iv[1][2] = (iu.iv[1][2] << 1) | (iu.iv[1][3] >> 7); 207 iu.iv[1][3] = (iu.iv[1][3] << 1) | (iu.iv[2][0] >> 7); 208 iu.iv[2][0] = (iu.iv[2][0] << 1) | (iu.iv[2][1] >> 7); 209 iu.iv[2][1] = (iu.iv[2][1] << 1) | (iu.iv[2][2] >> 7); 210 iu.iv[2][2] = (iu.iv[2][2] << 1) | (iu.iv[2][3] >> 7); 211 iu.iv[2][3] = (iu.iv[2][3] << 1) | (iu.iv[3][0] >> 7); 212 iu.iv[3][0] = (iu.iv[3][0] << 1) | (iu.iv[3][1] >> 7); 213 iu.iv[3][1] = (iu.iv[3][1] << 1) | (iu.iv[3][2] >> 7); 214 iu.iv[3][2] = (iu.iv[3][2] << 1) | (iu.iv[3][3] >> 7); 215 iu.iv[3][3] = (iu.iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1); 210 216 } 211 217 } … … 222 228 RIJ_BYTE *input, int inputLen, RIJ_BYTE *outBuffer) { 223 229 int i, k, numBlocks; 224 word8 block[16], iv[4][4]; 230 union { 231 word32 bloc4[4]; 232 word8 block[16]; 233 } bb; 234 union { 235 word32 i4[4]; 236 word8 iv[4][4]; 237 } iu; 225 238 226 239 if (cipher == NULL || … … 246 259 case MODE_CBC: 247 260 #if STRICT_ALIGN 248 memcpy(i v, cipher->IV, 16);249 #else 250 *((word32*)i v[0]) = *((word32*)(cipher->IV ));251 *((word32*)i v[1]) = *((word32*)(cipher->IV+ 4));252 *((word32*)i v[2]) = *((word32*)(cipher->IV+ 8));253 *((word32*)i v[3]) = *((word32*)(cipher->IV+12));261 memcpy(iu.iv, cipher->IV, 16); 262 #else 263 *((word32*)iu.i4[0]) = *((word32*)(cipher->IV )); 264 *((word32*)iu.i4[1]) = *((word32*)(cipher->IV+ 4)); 265 *((word32*)iu.i4[2]) = *((word32*)(cipher->IV+ 8)); 266 *((word32*)iu.i4[3]) = *((word32*)(cipher->IV+12)); 254 267 #endif 255 268 for (i = numBlocks; i > 0; i--) { 256 rijndaelDecrypt(input, b lock, key->keySched, key->ROUNDS);257 ((word32*)block)[0] ^= *((word32*)iv[0]);258 ((word32*)block)[1] ^= *((word32*)iv[1]);259 ((word32*)block)[2] ^= *((word32*)iv[2]);260 ((word32*)block)[3] ^= *((word32*)iv[3]);269 rijndaelDecrypt(input, bb.block, key->keySched, key->ROUNDS); 270 bb.bloc4[0] ^= iu.i4[0]; 271 bb.bloc4[1] ^= iu.i4[1]; 272 bb.bloc4[2] ^= iu.i4[2]; 273 bb.bloc4[3] ^= iu.i4[3]; 261 274 #if STRICT_ALIGN 262 memcpy(i v, input, 16);263 memcpy(outBuffer, b lock, 16);275 memcpy(iu.iv, input, 16); 276 memcpy(outBuffer, bb.block, 16); 264 277 #else 265 278 *((word32*)iv[0]) = ((word32*)input)[0]; ((word32*)outBuffer)[0] = ((word32*)block)[0]; … … 275 288 case MODE_CFB1: 276 289 #if STRICT_ALIGN 277 memcpy(i v, cipher->IV, 16);290 memcpy(iu.iv, cipher->IV, 16); 278 291 #else 279 292 *((word32*)iv[0]) = *((word32*)(cipher->IV)); … … 284 297 for (i = numBlocks; i > 0; i--) { 285 298 for (k = 0; k < 128; k++) { 286 *((word32*) block ) = *((word32*)iv[0]);287 *((word32*)(block+ 4)) = *((word32*)iv[1]);288 *((word32*)(block+ 8)) = *((word32*)iv[2]);289 *((word32*)(block+12)) = *((word32*)iv[3]);290 rijndaelEncrypt(b lock,block, key->keySched, key->ROUNDS);291 i v[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7);292 i v[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7);293 i v[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7);294 i v[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7);295 i v[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7);296 i v[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7);297 i v[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7);298 i v[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7);299 i v[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7);300 i v[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7);301 i v[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7);302 i v[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7);303 i v[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7);304 i v[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7);305 i v[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7);306 i v[3][3] = (iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1);307 outBuffer[k/8] ^= (b lock[0] & 0x80) >> (k & 7);299 bb.bloc4[0] = iu.i4[0]; 300 bb.bloc4[1] = iu.i4[1]; 301 bb.bloc4[2] = iu.i4[2]; 302 bb.bloc4[3] = iu.i4[3]; 303 rijndaelEncrypt(bb.block, bb.block, key->keySched, key->ROUNDS); 304 iu.iv[0][0] = (iu.iv[0][0] << 1) | (iu.iv[0][1] >> 7); 305 iu.iv[0][1] = (iu.iv[0][1] << 1) | (iu.iv[0][2] >> 7); 306 iu.iv[0][2] = (iu.iv[0][2] << 1) | (iu.iv[0][3] >> 7); 307 iu.iv[0][3] = (iu.iv[0][3] << 1) | (iu.iv[1][0] >> 7); 308 iu.iv[1][0] = (iu.iv[1][0] << 1) | (iu.iv[1][1] >> 7); 309 iu.iv[1][1] = (iu.iv[1][1] << 1) | (iu.iv[1][2] >> 7); 310 iu.iv[1][2] = (iu.iv[1][2] << 1) | (iu.iv[1][3] >> 7); 311 iu.iv[1][3] = (iu.iv[1][3] << 1) | (iu.iv[2][0] >> 7); 312 iu.iv[2][0] = (iu.iv[2][0] << 1) | (iu.iv[2][1] >> 7); 313 iu.iv[2][1] = (iu.iv[2][1] << 1) | (iu.iv[2][2] >> 7); 314 iu.iv[2][2] = (iu.iv[2][2] << 1) | (iu.iv[2][3] >> 7); 315 iu.iv[2][3] = (iu.iv[2][3] << 1) | (iu.iv[3][0] >> 7); 316 iu.iv[3][0] = (iu.iv[3][0] << 1) | (iu.iv[3][1] >> 7); 317 iu.iv[3][1] = (iu.iv[3][1] << 1) | (iu.iv[3][2] >> 7); 318 iu.iv[3][2] = (iu.iv[3][2] << 1) | (iu.iv[3][3] >> 7); 319 iu.iv[3][3] = (iu.iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1); 320 outBuffer[k/8] ^= (bb.block[0] & 0x80) >> (k & 7); 308 321 } 309 322 } … … 316 329 return 128*numBlocks; 317 330 } 318 331 #ifdef INTERMEDIATE_VALUE_KAT 332 /** 333 * cipherUpdateRounds: 334 * 335 * Encrypts/Decrypts exactly one full block a specified number of rounds. 336 * Only used in the Intermediate Value Known Answer Test. 337 * 338 * Returns: 339 * TRUE - on success 340 * BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized) 341 */ 342 int cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, 343 RIJ_BYTE *input, int inputLen, RIJ_BYTE *outBuffer, int rounds) { 344 int j; 345 word8 block[4][4]; 346 347 if (cipher == NULL || key == NULL) { 348 return BAD_CIPHER_STATE; 349 } 350 351 for (j = 3; j >= 0; j--) { 352 /* parse input stream into rectangular array */ 353 *((word32*)block[j]) = *((word32*)(input+4*j)); 354 } 355 356 switch (key->direction) { 357 case DIR_ENCRYPT: 358 rijndaelEncryptRound(block, key->keySched, key->ROUNDS, rounds); 359 break; 360 361 case DIR_DECRYPT: 362 rijndaelDecryptRound(block, key->keySched, key->ROUNDS, rounds); 363 break; 364 365 default: 366 return BAD_KEY_DIR; 367 } 368 369 for (j = 3; j >= 0; j--) { 370 /* parse rectangular array into output ciphertext bytes */ 371 *((word32*)(outBuffer+4*j)) = *((word32*)block[j]); 372 } 373 374 return TRUE; 375 } 376 #endif /* INTERMEDIATE_VALUE_KAT */ 319 377 #endif -
trunk/src/sh_processcheck.c
r210 r230 430 430 MSG_PCK_MISS, 431 431 tmp); 432 SH_FREE(tmp); 432 433 SH_MUTEX_UNLOCK(mutex_thread_nolog); 433 434 } … … 451 452 MSG_PCK_MISS, 452 453 tmp); 454 SH_FREE(tmp); 453 455 SH_MUTEX_UNLOCK(mutex_thread_nolog); 454 SH_FREE(tmp);455 456 } 456 457 } -
trunk/src/sh_unix.c
r227 r230 2318 2318 if (fail == 0) 2319 2319 { 2320 time_now = ntohl(* (long *) net_time) - UNIXEPOCH; 2320 unsigned long ltmp; 2321 UINT32 ttmp; 2322 memcpy(&ttmp, net_time, sizeof(UINT32)); ltmp = ttmp; 2323 time_now = ntohl(ltmp) - UNIXEPOCH; 2321 2324 /* fprintf(stderr, "TIME IS %ld\n", time_now); */ 2322 2325 if (failerr == 1) { -
trunk/src/trustfile.c
r227 r230 135 135 #define SL_EINTERNAL -1028 /* Internal error. */ 136 136 #define SL_EBADFILE -1030 /* File access error. Check errno. */ 137 #define SL_EMEM -1032 /* Out of memory. */ 137 138 #define SL_EBADNAME -1040 /* Invalid name. */ 138 139 #define SL_ESTAT -1041 /* stat of file failed. Check errno. */
Note:
See TracChangeset
for help on using the changeset viewer.