diff options
| author | David Walter Seikel | 2013-01-13 18:54:10 +1000 |
|---|---|---|
| committer | David Walter Seikel | 2013-01-13 18:54:10 +1000 |
| commit | 959831f4ef5a3e797f576c3de08cd65032c997ad (patch) | |
| tree | e7351908be5995f0b325b2ebeaa02d5a34b82583 /libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp | |
| parent | Add info about changes to Irrlicht. (diff) | |
| download | SledjHamr-959831f4ef5a3e797f576c3de08cd65032c997ad.zip SledjHamr-959831f4ef5a3e797f576c3de08cd65032c997ad.tar.gz SledjHamr-959831f4ef5a3e797f576c3de08cd65032c997ad.tar.bz2 SledjHamr-959831f4ef5a3e797f576c3de08cd65032c997ad.tar.xz | |
Remove damned ancient DOS line endings from Irrlicht. Hopefully I did not go overboard.
Diffstat (limited to '')
| -rw-r--r-- | libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp | 606 |
1 files changed, 303 insertions, 303 deletions
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp index 8d1feee..54ddc21 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp | |||
| @@ -1,303 +1,303 @@ | |||
| 1 | /* | 1 | /* |
| 2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
| 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
| 4 | All rights reserved. | 4 | All rights reserved. |
| 5 | 5 | ||
| 6 | LICENSE TERMS | 6 | LICENSE TERMS |
| 7 | 7 | ||
| 8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
| 9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
| 10 | 10 | ||
| 11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
| 12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
| 13 | 13 | ||
| 14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
| 15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
| 16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
| 17 | 17 | ||
| 18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
| 19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
| 20 | 20 | ||
| 21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
| 22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
| 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
| 24 | 24 | ||
| 25 | DISCLAIMER | 25 | DISCLAIMER |
| 26 | 26 | ||
| 27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
| 28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
| 29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
| 30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
| 31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
| 32 | 32 | ||
| 33 | This file contains the code for implementing encryption and decryption | 33 | This file contains the code for implementing encryption and decryption |
| 34 | for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It | 34 | for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It |
| 35 | can optionally be replaced by code written in assembler using NASM. For | 35 | can optionally be replaced by code written in assembler using NASM. For |
| 36 | further details see the file aesopt.h | 36 | further details see the file aesopt.h |
| 37 | */ | 37 | */ |
| 38 | 38 | ||
| 39 | #include "aesopt.h" | 39 | #include "aesopt.h" |
| 40 | 40 | ||
| 41 | #define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) | 41 | #define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) |
| 42 | #define so(y,x,c) word_out(y, c, s(x,c)) | 42 | #define so(y,x,c) word_out(y, c, s(x,c)) |
| 43 | 43 | ||
| 44 | #if defined(ARRAYS) | 44 | #if defined(ARRAYS) |
| 45 | #define locals(y,x) x[4],y[4] | 45 | #define locals(y,x) x[4],y[4] |
| 46 | #else | 46 | #else |
| 47 | #define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 | 47 | #define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 |
| 48 | #endif | 48 | #endif |
| 49 | 49 | ||
| 50 | #define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ | 50 | #define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ |
| 51 | s(y,2) = s(x,2); s(y,3) = s(x,3); | 51 | s(y,2) = s(x,2); s(y,3) = s(x,3); |
| 52 | #define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) | 52 | #define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) |
| 53 | #define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) | 53 | #define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) |
| 54 | #define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) | 54 | #define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) |
| 55 | 55 | ||
| 56 | #if defined(ENCRYPTION) && !defined(AES_ASM) | 56 | #if defined(ENCRYPTION) && !defined(AES_ASM) |
| 57 | 57 | ||
| 58 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using | 58 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using |
| 59 | Pentium optimization with small code but this is poor for decryption | 59 | Pentium optimization with small code but this is poor for decryption |
| 60 | so we need to control this with the following VC++ pragmas | 60 | so we need to control this with the following VC++ pragmas |
| 61 | */ | 61 | */ |
| 62 | 62 | ||
| 63 | #if defined(_MSC_VER) | 63 | #if defined(_MSC_VER) |
| 64 | #pragma optimize( "s", on ) | 64 | #pragma optimize( "s", on ) |
| 65 | #endif | 65 | #endif |
| 66 | 66 | ||
| 67 | /* Given the column (c) of the output state variable, the following | 67 | /* Given the column (c) of the output state variable, the following |
| 68 | macros give the input state variables which are needed in its | 68 | macros give the input state variables which are needed in its |
| 69 | computation for each row (r) of the state. All the alternative | 69 | computation for each row (r) of the state. All the alternative |
| 70 | macros give the same end values but expand into different ways | 70 | macros give the same end values but expand into different ways |
| 71 | of calculating these values. In particular the complex macro | 71 | of calculating these values. In particular the complex macro |
| 72 | used for dynamically variable block sizes is designed to expand | 72 | used for dynamically variable block sizes is designed to expand |
| 73 | to a compile time constant whenever possible but will expand to | 73 | to a compile time constant whenever possible but will expand to |
| 74 | conditional clauses on some branches (I am grateful to Frank | 74 | conditional clauses on some branches (I am grateful to Frank |
| 75 | Yellin for this construction) | 75 | Yellin for this construction) |
| 76 | */ | 76 | */ |
| 77 | 77 | ||
| 78 | #define fwd_var(x,r,c)\ | 78 | #define fwd_var(x,r,c)\ |
| 79 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ | 79 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ |
| 80 | : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ | 80 | : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ |
| 81 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ | 81 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ |
| 82 | : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) | 82 | : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) |
| 83 | 83 | ||
| 84 | #if defined(FT4_SET) | 84 | #if defined(FT4_SET) |
| 85 | #undef dec_fmvars | 85 | #undef dec_fmvars |
| 86 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) | 86 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) |
| 87 | #elif defined(FT1_SET) | 87 | #elif defined(FT1_SET) |
| 88 | #undef dec_fmvars | 88 | #undef dec_fmvars |
| 89 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) | 89 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) |
| 90 | #else | 90 | #else |
| 91 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) | 91 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) |
| 92 | #endif | 92 | #endif |
| 93 | 93 | ||
| 94 | #if defined(FL4_SET) | 94 | #if defined(FL4_SET) |
| 95 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) | 95 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) |
| 96 | #elif defined(FL1_SET) | 96 | #elif defined(FL1_SET) |
| 97 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) | 97 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) |
| 98 | #else | 98 | #else |
| 99 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) | 99 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) |
| 100 | #endif | 100 | #endif |
| 101 | 101 | ||
| 102 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]) | 102 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]) |
| 103 | { aes_32t locals(b0, b1); | 103 | { aes_32t locals(b0, b1); |
| 104 | const aes_32t *kp = cx->ks; | 104 | const aes_32t *kp = cx->ks; |
| 105 | #ifdef dec_fmvars | 105 | #ifdef dec_fmvars |
| 106 | dec_fmvars; /* declare variables for fwd_mcol() if needed */ | 106 | dec_fmvars; /* declare variables for fwd_mcol() if needed */ |
| 107 | #endif | 107 | #endif |
| 108 | 108 | ||
| 109 | aes_32t nr = (kp[45] ^ kp[52] ^ kp[53] ? kp[52] : 14); | 109 | aes_32t nr = (kp[45] ^ kp[52] ^ kp[53] ? kp[52] : 14); |
| 110 | 110 | ||
| 111 | #ifdef AES_ERR_CHK | 111 | #ifdef AES_ERR_CHK |
| 112 | if( (nr != 10 || !(kp[0] | kp[3] | kp[4])) | 112 | if( (nr != 10 || !(kp[0] | kp[3] | kp[4])) |
| 113 | && (nr != 12 || !(kp[0] | kp[5] | kp[6])) | 113 | && (nr != 12 || !(kp[0] | kp[5] | kp[6])) |
| 114 | && (nr != 14 || !(kp[0] | kp[7] | kp[8])) ) | 114 | && (nr != 14 || !(kp[0] | kp[7] | kp[8])) ) |
| 115 | return aes_error; | 115 | return aes_error; |
| 116 | #endif | 116 | #endif |
| 117 | 117 | ||
| 118 | state_in(b0, in_blk, kp); | 118 | state_in(b0, in_blk, kp); |
| 119 | 119 | ||
| 120 | #if (ENC_UNROLL == FULL) | 120 | #if (ENC_UNROLL == FULL) |
| 121 | 121 | ||
| 122 | switch(nr) | 122 | switch(nr) |
| 123 | { | 123 | { |
| 124 | case 14: | 124 | case 14: |
| 125 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 125 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
| 126 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 126 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
| 127 | kp += 2 * N_COLS; | 127 | kp += 2 * N_COLS; |
| 128 | case 12: | 128 | case 12: |
| 129 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 129 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
| 130 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 130 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
| 131 | kp += 2 * N_COLS; | 131 | kp += 2 * N_COLS; |
| 132 | case 10: | 132 | case 10: |
| 133 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 133 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
| 134 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 134 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
| 135 | round(fwd_rnd, b1, b0, kp + 3 * N_COLS); | 135 | round(fwd_rnd, b1, b0, kp + 3 * N_COLS); |
| 136 | round(fwd_rnd, b0, b1, kp + 4 * N_COLS); | 136 | round(fwd_rnd, b0, b1, kp + 4 * N_COLS); |
| 137 | round(fwd_rnd, b1, b0, kp + 5 * N_COLS); | 137 | round(fwd_rnd, b1, b0, kp + 5 * N_COLS); |
| 138 | round(fwd_rnd, b0, b1, kp + 6 * N_COLS); | 138 | round(fwd_rnd, b0, b1, kp + 6 * N_COLS); |
| 139 | round(fwd_rnd, b1, b0, kp + 7 * N_COLS); | 139 | round(fwd_rnd, b1, b0, kp + 7 * N_COLS); |
| 140 | round(fwd_rnd, b0, b1, kp + 8 * N_COLS); | 140 | round(fwd_rnd, b0, b1, kp + 8 * N_COLS); |
| 141 | round(fwd_rnd, b1, b0, kp + 9 * N_COLS); | 141 | round(fwd_rnd, b1, b0, kp + 9 * N_COLS); |
| 142 | round(fwd_lrnd, b0, b1, kp +10 * N_COLS); | 142 | round(fwd_lrnd, b0, b1, kp +10 * N_COLS); |
| 143 | } | 143 | } |
| 144 | 144 | ||
| 145 | #else | 145 | #else |
| 146 | 146 | ||
| 147 | #if (ENC_UNROLL == PARTIAL) | 147 | #if (ENC_UNROLL == PARTIAL) |
| 148 | { aes_32t rnd; | 148 | { aes_32t rnd; |
| 149 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) | 149 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) |
| 150 | { | 150 | { |
| 151 | kp += N_COLS; | 151 | kp += N_COLS; |
| 152 | round(fwd_rnd, b1, b0, kp); | 152 | round(fwd_rnd, b1, b0, kp); |
| 153 | kp += N_COLS; | 153 | kp += N_COLS; |
| 154 | round(fwd_rnd, b0, b1, kp); | 154 | round(fwd_rnd, b0, b1, kp); |
| 155 | } | 155 | } |
| 156 | kp += N_COLS; | 156 | kp += N_COLS; |
| 157 | round(fwd_rnd, b1, b0, kp); | 157 | round(fwd_rnd, b1, b0, kp); |
| 158 | #else | 158 | #else |
| 159 | { aes_32t rnd; | 159 | { aes_32t rnd; |
| 160 | for(rnd = 0; rnd < nr - 1; ++rnd) | 160 | for(rnd = 0; rnd < nr - 1; ++rnd) |
| 161 | { | 161 | { |
| 162 | kp += N_COLS; | 162 | kp += N_COLS; |
| 163 | round(fwd_rnd, b1, b0, kp); | 163 | round(fwd_rnd, b1, b0, kp); |
| 164 | l_copy(b0, b1); | 164 | l_copy(b0, b1); |
| 165 | } | 165 | } |
| 166 | #endif | 166 | #endif |
| 167 | kp += N_COLS; | 167 | kp += N_COLS; |
| 168 | round(fwd_lrnd, b0, b1, kp); | 168 | round(fwd_lrnd, b0, b1, kp); |
| 169 | } | 169 | } |
| 170 | #endif | 170 | #endif |
| 171 | 171 | ||
| 172 | state_out(out_blk, b0); | 172 | state_out(out_blk, b0); |
| 173 | #ifdef AES_ERR_CHK | 173 | #ifdef AES_ERR_CHK |
| 174 | return aes_good; | 174 | return aes_good; |
| 175 | #endif | 175 | #endif |
| 176 | } | 176 | } |
| 177 | 177 | ||
| 178 | #endif | 178 | #endif |
| 179 | 179 | ||
| 180 | #if defined(DECRYPTION) && !defined(AES_ASM) | 180 | #if defined(DECRYPTION) && !defined(AES_ASM) |
| 181 | 181 | ||
| 182 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using | 182 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using |
| 183 | Pentium optimization with small code but this is poor for decryption | 183 | Pentium optimization with small code but this is poor for decryption |
| 184 | so we need to control this with the following VC++ pragmas | 184 | so we need to control this with the following VC++ pragmas |
| 185 | */ | 185 | */ |
| 186 | 186 | ||
| 187 | #if defined(_MSC_VER) | 187 | #if defined(_MSC_VER) |
| 188 | #pragma optimize( "t", on ) | 188 | #pragma optimize( "t", on ) |
| 189 | #endif | 189 | #endif |
| 190 | 190 | ||
| 191 | /* Given the column (c) of the output state variable, the following | 191 | /* Given the column (c) of the output state variable, the following |
| 192 | macros give the input state variables which are needed in its | 192 | macros give the input state variables which are needed in its |
| 193 | computation for each row (r) of the state. All the alternative | 193 | computation for each row (r) of the state. All the alternative |
| 194 | macros give the same end values but expand into different ways | 194 | macros give the same end values but expand into different ways |
| 195 | of calculating these values. In particular the complex macro | 195 | of calculating these values. In particular the complex macro |
| 196 | used for dynamically variable block sizes is designed to expand | 196 | used for dynamically variable block sizes is designed to expand |
| 197 | to a compile time constant whenever possible but will expand to | 197 | to a compile time constant whenever possible but will expand to |
| 198 | conditional clauses on some branches (I am grateful to Frank | 198 | conditional clauses on some branches (I am grateful to Frank |
| 199 | Yellin for this construction) | 199 | Yellin for this construction) |
| 200 | */ | 200 | */ |
| 201 | 201 | ||
| 202 | #define inv_var(x,r,c)\ | 202 | #define inv_var(x,r,c)\ |
| 203 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ | 203 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ |
| 204 | : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ | 204 | : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ |
| 205 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ | 205 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ |
| 206 | : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) | 206 | : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) |
| 207 | 207 | ||
| 208 | #if defined(IT4_SET) | 208 | #if defined(IT4_SET) |
| 209 | #undef dec_imvars | 209 | #undef dec_imvars |
| 210 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) | 210 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) |
| 211 | #elif defined(IT1_SET) | 211 | #elif defined(IT1_SET) |
| 212 | #undef dec_imvars | 212 | #undef dec_imvars |
| 213 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) | 213 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) |
| 214 | #else | 214 | #else |
| 215 | #define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) | 215 | #define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) |
| 216 | #endif | 216 | #endif |
| 217 | 217 | ||
| 218 | #if defined(IL4_SET) | 218 | #if defined(IL4_SET) |
| 219 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) | 219 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) |
| 220 | #elif defined(IL1_SET) | 220 | #elif defined(IL1_SET) |
| 221 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) | 221 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) |
| 222 | #else | 222 | #else |
| 223 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) | 223 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) |
| 224 | #endif | 224 | #endif |
| 225 | 225 | ||
| 226 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]) | 226 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]) |
| 227 | { aes_32t locals(b0, b1); | 227 | { aes_32t locals(b0, b1); |
| 228 | #ifdef dec_imvars | 228 | #ifdef dec_imvars |
| 229 | dec_imvars; /* declare variables for inv_mcol() if needed */ | 229 | dec_imvars; /* declare variables for inv_mcol() if needed */ |
| 230 | #endif | 230 | #endif |
| 231 | 231 | ||
| 232 | aes_32t nr = (cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] ? cx->ks[52] : 14); | 232 | aes_32t nr = (cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] ? cx->ks[52] : 14); |
| 233 | const aes_32t *kp = cx->ks + nr * N_COLS; | 233 | const aes_32t *kp = cx->ks + nr * N_COLS; |
| 234 | 234 | ||
| 235 | #ifdef AES_ERR_CHK | 235 | #ifdef AES_ERR_CHK |
| 236 | if( (nr != 10 || !(cx->ks[0] | cx->ks[3] | cx->ks[4])) | 236 | if( (nr != 10 || !(cx->ks[0] | cx->ks[3] | cx->ks[4])) |
| 237 | && (nr != 12 || !(cx->ks[0] | cx->ks[5] | cx->ks[6])) | 237 | && (nr != 12 || !(cx->ks[0] | cx->ks[5] | cx->ks[6])) |
| 238 | && (nr != 14 || !(cx->ks[0] | cx->ks[7] | cx->ks[8])) ) | 238 | && (nr != 14 || !(cx->ks[0] | cx->ks[7] | cx->ks[8])) ) |
| 239 | return aes_error; | 239 | return aes_error; |
| 240 | #endif | 240 | #endif |
| 241 | 241 | ||
| 242 | state_in(b0, in_blk, kp); | 242 | state_in(b0, in_blk, kp); |
| 243 | 243 | ||
| 244 | #if (DEC_UNROLL == FULL) | 244 | #if (DEC_UNROLL == FULL) |
| 245 | 245 | ||
| 246 | switch(nr) | 246 | switch(nr) |
| 247 | { | 247 | { |
| 248 | case 14: | 248 | case 14: |
| 249 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 249 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
| 250 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 250 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
| 251 | kp -= 2 * N_COLS; | 251 | kp -= 2 * N_COLS; |
| 252 | case 12: | 252 | case 12: |
| 253 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 253 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
| 254 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 254 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
| 255 | kp -= 2 * N_COLS; | 255 | kp -= 2 * N_COLS; |
| 256 | case 10: | 256 | case 10: |
| 257 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 257 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
| 258 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 258 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
| 259 | round(inv_rnd, b1, b0, kp - 3 * N_COLS); | 259 | round(inv_rnd, b1, b0, kp - 3 * N_COLS); |
| 260 | round(inv_rnd, b0, b1, kp - 4 * N_COLS); | 260 | round(inv_rnd, b0, b1, kp - 4 * N_COLS); |
| 261 | round(inv_rnd, b1, b0, kp - 5 * N_COLS); | 261 | round(inv_rnd, b1, b0, kp - 5 * N_COLS); |
| 262 | round(inv_rnd, b0, b1, kp - 6 * N_COLS); | 262 | round(inv_rnd, b0, b1, kp - 6 * N_COLS); |
| 263 | round(inv_rnd, b1, b0, kp - 7 * N_COLS); | 263 | round(inv_rnd, b1, b0, kp - 7 * N_COLS); |
| 264 | round(inv_rnd, b0, b1, kp - 8 * N_COLS); | 264 | round(inv_rnd, b0, b1, kp - 8 * N_COLS); |
| 265 | round(inv_rnd, b1, b0, kp - 9 * N_COLS); | 265 | round(inv_rnd, b1, b0, kp - 9 * N_COLS); |
| 266 | round(inv_lrnd, b0, b1, kp - 10 * N_COLS); | 266 | round(inv_lrnd, b0, b1, kp - 10 * N_COLS); |
| 267 | } | 267 | } |
| 268 | 268 | ||
| 269 | #else | 269 | #else |
| 270 | 270 | ||
| 271 | #if (DEC_UNROLL == PARTIAL) | 271 | #if (DEC_UNROLL == PARTIAL) |
| 272 | { aes_32t rnd; | 272 | { aes_32t rnd; |
| 273 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) | 273 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) |
| 274 | { | 274 | { |
| 275 | kp -= N_COLS; | 275 | kp -= N_COLS; |
| 276 | round(inv_rnd, b1, b0, kp); | 276 | round(inv_rnd, b1, b0, kp); |
| 277 | kp -= N_COLS; | 277 | kp -= N_COLS; |
| 278 | round(inv_rnd, b0, b1, kp); | 278 | round(inv_rnd, b0, b1, kp); |
| 279 | } | 279 | } |
| 280 | kp -= N_COLS; | 280 | kp -= N_COLS; |
| 281 | round(inv_rnd, b1, b0, kp); | 281 | round(inv_rnd, b1, b0, kp); |
| 282 | #else | 282 | #else |
| 283 | { aes_32t rnd; | 283 | { aes_32t rnd; |
| 284 | for(rnd = 0; rnd < nr - 1; ++rnd) | 284 | for(rnd = 0; rnd < nr - 1; ++rnd) |
| 285 | { | 285 | { |
| 286 | kp -= N_COLS; | 286 | kp -= N_COLS; |
| 287 | round(inv_rnd, b1, b0, kp); | 287 | round(inv_rnd, b1, b0, kp); |
| 288 | l_copy(b0, b1); | 288 | l_copy(b0, b1); |
| 289 | } | 289 | } |
| 290 | #endif | 290 | #endif |
| 291 | kp -= N_COLS; | 291 | kp -= N_COLS; |
| 292 | round(inv_lrnd, b0, b1, kp); | 292 | round(inv_lrnd, b0, b1, kp); |
| 293 | } | 293 | } |
| 294 | #endif | 294 | #endif |
| 295 | 295 | ||
| 296 | state_out(out_blk, b0); | 296 | state_out(out_blk, b0); |
| 297 | #ifdef AES_ERR_CHK | 297 | #ifdef AES_ERR_CHK |
| 298 | return aes_good; | 298 | return aes_good; |
| 299 | #endif | 299 | #endif |
| 300 | } | 300 | } |
| 301 | 301 | ||
| 302 | #endif | 302 | #endif |
| 303 | 303 | ||