diff options
author | David Walter Seikel | 2016-03-28 22:28:34 +1000 |
---|---|---|
committer | David Walter Seikel | 2016-03-28 22:28:34 +1000 |
commit | 7028cbe09c688437910a25623098762bf0fa592d (patch) | |
tree | 10b5af58277d9880380c2251f109325542c4e6eb /src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp | |
parent | Move lemon to the src/others directory. (diff) | |
download | SledjHamr-7028cbe09c688437910a25623098762bf0fa592d.zip SledjHamr-7028cbe09c688437910a25623098762bf0fa592d.tar.gz SledjHamr-7028cbe09c688437910a25623098762bf0fa592d.tar.bz2 SledjHamr-7028cbe09c688437910a25623098762bf0fa592d.tar.xz |
Move Irrlicht to src/others.
Diffstat (limited to 'src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp')
-rw-r--r-- | src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp | 455 |
1 files changed, 455 insertions, 0 deletions
diff --git a/src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp b/src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp new file mode 100644 index 0000000..12d4cbb --- /dev/null +++ b/src/others/irrlicht-1.8.1/source/Irrlicht/aesGladman/aeskey.cpp | |||
@@ -0,0 +1,455 @@ | |||
1 | /* | ||
2 | --------------------------------------------------------------------------- | ||
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | ||
4 | All rights reserved. | ||
5 | |||
6 | LICENSE TERMS | ||
7 | |||
8 | The free distribution and use of this software in both source and binary | ||
9 | form is allowed (with or without changes) provided that: | ||
10 | |||
11 | 1. distributions of this source code include the above copyright | ||
12 | notice, this list of conditions and the following disclaimer; | ||
13 | |||
14 | 2. distributions in binary form include the above copyright | ||
15 | notice, this list of conditions and the following disclaimer | ||
16 | in the documentation and/or other associated materials; | ||
17 | |||
18 | 3. the copyright holder's name is not used to endorse products | ||
19 | built using this software without specific written permission. | ||
20 | |||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | ||
22 | may be distributed under the terms of the GNU General Public License (GPL), | ||
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | ||
24 | |||
25 | DISCLAIMER | ||
26 | |||
27 | This software is provided 'as is' with no explicit or implied warranties | ||
28 | in respect of its properties, including, but not limited to, correctness | ||
29 | and/or fitness for purpose. | ||
30 | --------------------------------------------------------------------------- | ||
31 | Issue Date: 26/08/2003 | ||
32 | |||
33 | This file contains the code for implementing the key schedule for AES | ||
34 | (Rijndael) for block and key sizes of 16, 24, and 32 bytes. See aesopt.h | ||
35 | for further details including optimisation. | ||
36 | */ | ||
37 | |||
38 | #include "aesopt.h" | ||
39 | |||
40 | /* Initialise the key schedule from the user supplied key. The key | ||
41 | length can be specified in bytes, with legal values of 16, 24 | ||
42 | and 32, or in bits, with legal values of 128, 192 and 256. These | ||
43 | values correspond with Nk values of 4, 6 and 8 respectively. | ||
44 | |||
45 | The following macros implement a single cycle in the key | ||
46 | schedule generation process. The number of cycles needed | ||
47 | for each cx->n_col and nk value is: | ||
48 | |||
49 | nk = 4 5 6 7 8 | ||
50 | ------------------------------ | ||
51 | cx->n_col = 4 10 9 8 7 7 | ||
52 | cx->n_col = 5 14 11 10 9 9 | ||
53 | cx->n_col = 6 19 15 12 11 11 | ||
54 | cx->n_col = 7 21 19 16 13 14 | ||
55 | cx->n_col = 8 29 23 19 17 14 | ||
56 | */ | ||
57 | |||
58 | #define ke4(k,i) \ | ||
59 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ | ||
60 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ | ||
61 | } | ||
62 | #define kel4(k,i) \ | ||
63 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ | ||
64 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ | ||
65 | } | ||
66 | |||
67 | #define ke6(k,i) \ | ||
68 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ | ||
69 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ | ||
70 | k[6*(i)+10] = ss[4] ^= ss[3]; k[6*(i)+11] = ss[5] ^= ss[4]; \ | ||
71 | } | ||
72 | #define kel6(k,i) \ | ||
73 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ | ||
74 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ | ||
75 | } | ||
76 | |||
77 | #define ke8(k,i) \ | ||
78 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ | ||
79 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ | ||
80 | k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); k[8*(i)+13] = ss[5] ^= ss[4]; \ | ||
81 | k[8*(i)+14] = ss[6] ^= ss[5]; k[8*(i)+15] = ss[7] ^= ss[6]; \ | ||
82 | } | ||
83 | #define kel8(k,i) \ | ||
84 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ | ||
85 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ | ||
86 | } | ||
87 | |||
88 | #if defined(ENCRYPTION_KEY_SCHEDULE) | ||
89 | |||
90 | #if defined(AES_128) || defined(AES_VAR) | ||
91 | |||
92 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]) | ||
93 | { aes_32t ss[4]; | ||
94 | |||
95 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
96 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
97 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
98 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
99 | |||
100 | #if ENC_UNROLL == NONE | ||
101 | { aes_32t i; | ||
102 | |||
103 | for(i = 0; i < ((11 * N_COLS - 1) / 4); ++i) | ||
104 | ke4(cx->ks, i); | ||
105 | } | ||
106 | #else | ||
107 | ke4(cx->ks, 0); ke4(cx->ks, 1); | ||
108 | ke4(cx->ks, 2); ke4(cx->ks, 3); | ||
109 | ke4(cx->ks, 4); ke4(cx->ks, 5); | ||
110 | ke4(cx->ks, 6); ke4(cx->ks, 7); | ||
111 | ke4(cx->ks, 8); kel4(cx->ks, 9); | ||
112 | #endif | ||
113 | |||
114 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | ||
115 | /* key and must be non-zero for 128 and 192 bits keys */ | ||
116 | cx->ks[53] = cx->ks[45] = 0; | ||
117 | cx->ks[52] = 10; | ||
118 | #ifdef AES_ERR_CHK | ||
119 | return aes_good; | ||
120 | #endif | ||
121 | } | ||
122 | |||
123 | #endif | ||
124 | |||
125 | #if defined(AES_192) || defined(AES_VAR) | ||
126 | |||
127 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]) | ||
128 | { aes_32t ss[6]; | ||
129 | |||
130 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
131 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
132 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
133 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
134 | cx->ks[4] = ss[4] = word_in(in_key, 4); | ||
135 | cx->ks[5] = ss[5] = word_in(in_key, 5); | ||
136 | |||
137 | #if ENC_UNROLL == NONE | ||
138 | { aes_32t i; | ||
139 | |||
140 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) | ||
141 | ke6(cx->ks, i); | ||
142 | } | ||
143 | #else | ||
144 | ke6(cx->ks, 0); ke6(cx->ks, 1); | ||
145 | ke6(cx->ks, 2); ke6(cx->ks, 3); | ||
146 | ke6(cx->ks, 4); ke6(cx->ks, 5); | ||
147 | ke6(cx->ks, 6); kel6(cx->ks, 7); | ||
148 | #endif | ||
149 | |||
150 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | ||
151 | /* key and must be non-zero for 128 and 192 bits keys */ | ||
152 | cx->ks[53] = cx->ks[45]; | ||
153 | cx->ks[52] = 12; | ||
154 | #ifdef AES_ERR_CHK | ||
155 | return aes_good; | ||
156 | #endif | ||
157 | } | ||
158 | |||
159 | #endif | ||
160 | |||
161 | #if defined(AES_256) || defined(AES_VAR) | ||
162 | |||
163 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]) | ||
164 | { aes_32t ss[8]; | ||
165 | |||
166 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
167 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
168 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
169 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
170 | cx->ks[4] = ss[4] = word_in(in_key, 4); | ||
171 | cx->ks[5] = ss[5] = word_in(in_key, 5); | ||
172 | cx->ks[6] = ss[6] = word_in(in_key, 6); | ||
173 | cx->ks[7] = ss[7] = word_in(in_key, 7); | ||
174 | |||
175 | #if ENC_UNROLL == NONE | ||
176 | { aes_32t i; | ||
177 | |||
178 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) | ||
179 | ke8(cx->ks, i); | ||
180 | } | ||
181 | #else | ||
182 | ke8(cx->ks, 0); ke8(cx->ks, 1); | ||
183 | ke8(cx->ks, 2); ke8(cx->ks, 3); | ||
184 | ke8(cx->ks, 4); ke8(cx->ks, 5); | ||
185 | kel8(cx->ks, 6); | ||
186 | #endif | ||
187 | #ifdef AES_ERR_CHK | ||
188 | return aes_good; | ||
189 | #endif | ||
190 | } | ||
191 | |||
192 | #endif | ||
193 | |||
194 | #if defined(AES_VAR) | ||
195 | |||
196 | aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]) | ||
197 | { | ||
198 | switch(key_len) | ||
199 | { | ||
200 | #ifdef AES_ERR_CHK | ||
201 | case 16: case 128: return aes_encrypt_key128(in_key, cx); | ||
202 | case 24: case 192: return aes_encrypt_key192(in_key, cx); | ||
203 | case 32: case 256: return aes_encrypt_key256(in_key, cx); | ||
204 | default: return aes_error; | ||
205 | #else | ||
206 | case 16: case 128: aes_encrypt_key128(in_key, cx); return; | ||
207 | case 24: case 192: aes_encrypt_key192(in_key, cx); return; | ||
208 | case 32: case 256: aes_encrypt_key256(in_key, cx); return; | ||
209 | #endif | ||
210 | } | ||
211 | } | ||
212 | |||
213 | #endif | ||
214 | |||
215 | #endif | ||
216 | |||
217 | #if defined(DECRYPTION_KEY_SCHEDULE) | ||
218 | |||
219 | #if DEC_ROUND == NO_TABLES | ||
220 | #define ff(x) (x) | ||
221 | #else | ||
222 | #define ff(x) inv_mcol(x) | ||
223 | #ifdef dec_imvars | ||
224 | #define d_vars dec_imvars | ||
225 | #endif | ||
226 | #endif | ||
227 | |||
228 | #if 1 | ||
229 | #define kdf4(k,i) \ | ||
230 | { ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; ss[1] = ss[1] ^ ss[3]; ss[2] = ss[2] ^ ss[3]; ss[3] = ss[3]; \ | ||
231 | ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ | ||
232 | ss[4] ^= k[4*(i)]; k[4*(i)+4] = ff(ss[4]); ss[4] ^= k[4*(i)+1]; k[4*(i)+5] = ff(ss[4]); \ | ||
233 | ss[4] ^= k[4*(i)+2]; k[4*(i)+6] = ff(ss[4]); ss[4] ^= k[4*(i)+3]; k[4*(i)+7] = ff(ss[4]); \ | ||
234 | } | ||
235 | #define kd4(k,i) \ | ||
236 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ | ||
237 | k[4*(i)+4] = ss[4] ^= k[4*(i)]; k[4*(i)+5] = ss[4] ^= k[4*(i)+1]; \ | ||
238 | k[4*(i)+6] = ss[4] ^= k[4*(i)+2]; k[4*(i)+7] = ss[4] ^= k[4*(i)+3]; \ | ||
239 | } | ||
240 | #define kdl4(k,i) \ | ||
241 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ | ||
242 | k[4*(i)+4] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; k[4*(i)+5] = ss[1] ^ ss[3]; \ | ||
243 | k[4*(i)+6] = ss[0]; k[4*(i)+7] = ss[1]; \ | ||
244 | } | ||
245 | #else | ||
246 | #define kdf4(k,i) \ | ||
247 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ff(ss[0]); ss[1] ^= ss[0]; k[4*(i)+ 5] = ff(ss[1]); \ | ||
248 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ff(ss[2]); ss[3] ^= ss[2]; k[4*(i)+ 7] = ff(ss[3]); \ | ||
249 | } | ||
250 | #define kd4(k,i) \ | ||
251 | { ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ | ||
252 | ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[4*(i)+ 4] = ss[4] ^= k[4*(i)]; \ | ||
253 | ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[4] ^= k[4*(i)+ 1]; \ | ||
254 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[4] ^= k[4*(i)+ 2]; \ | ||
255 | ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[4] ^= k[4*(i)+ 3]; \ | ||
256 | } | ||
257 | #define kdl4(k,i) \ | ||
258 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ss[0]; ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[1]; \ | ||
259 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[2]; ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[3]; \ | ||
260 | } | ||
261 | #endif | ||
262 | |||
263 | #define kdf6(k,i) \ | ||
264 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ff(ss[0]); ss[1] ^= ss[0]; k[6*(i)+ 7] = ff(ss[1]); \ | ||
265 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ff(ss[2]); ss[3] ^= ss[2]; k[6*(i)+ 9] = ff(ss[3]); \ | ||
266 | ss[4] ^= ss[3]; k[6*(i)+10] = ff(ss[4]); ss[5] ^= ss[4]; k[6*(i)+11] = ff(ss[5]); \ | ||
267 | } | ||
268 | #define kd6(k,i) \ | ||
269 | { ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ | ||
270 | ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[6*(i)+ 6] = ss[6] ^= k[6*(i)]; \ | ||
271 | ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[6] ^= k[6*(i)+ 1]; \ | ||
272 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[6] ^= k[6*(i)+ 2]; \ | ||
273 | ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[6] ^= k[6*(i)+ 3]; \ | ||
274 | ss[4] ^= ss[3]; k[6*(i)+10] = ss[6] ^= k[6*(i)+ 4]; \ | ||
275 | ss[5] ^= ss[4]; k[6*(i)+11] = ss[6] ^= k[6*(i)+ 5]; \ | ||
276 | } | ||
277 | #define kdl6(k,i) \ | ||
278 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ss[0]; ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[1]; \ | ||
279 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[2]; ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[3]; \ | ||
280 | } | ||
281 | |||
282 | #define kdf8(k,i) \ | ||
283 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ff(ss[0]); ss[1] ^= ss[0]; k[8*(i)+ 9] = ff(ss[1]); \ | ||
284 | ss[2] ^= ss[1]; k[8*(i)+10] = ff(ss[2]); ss[3] ^= ss[2]; k[8*(i)+11] = ff(ss[3]); \ | ||
285 | ss[4] ^= ls_box(ss[3],0); k[8*(i)+12] = ff(ss[4]); ss[5] ^= ss[4]; k[8*(i)+13] = ff(ss[5]); \ | ||
286 | ss[6] ^= ss[5]; k[8*(i)+14] = ff(ss[6]); ss[7] ^= ss[6]; k[8*(i)+15] = ff(ss[7]); \ | ||
287 | } | ||
288 | #define kd8(k,i) \ | ||
289 | { aes_32t g = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ | ||
290 | ss[0] ^= g; g = ff(g); k[8*(i)+ 8] = g ^= k[8*(i)]; \ | ||
291 | ss[1] ^= ss[0]; k[8*(i)+ 9] = g ^= k[8*(i)+ 1]; \ | ||
292 | ss[2] ^= ss[1]; k[8*(i)+10] = g ^= k[8*(i)+ 2]; \ | ||
293 | ss[3] ^= ss[2]; k[8*(i)+11] = g ^= k[8*(i)+ 3]; \ | ||
294 | g = ls_box(ss[3],0); \ | ||
295 | ss[4] ^= g; g = ff(g); k[8*(i)+12] = g ^= k[8*(i)+ 4]; \ | ||
296 | ss[5] ^= ss[4]; k[8*(i)+13] = g ^= k[8*(i)+ 5]; \ | ||
297 | ss[6] ^= ss[5]; k[8*(i)+14] = g ^= k[8*(i)+ 6]; \ | ||
298 | ss[7] ^= ss[6]; k[8*(i)+15] = g ^= k[8*(i)+ 7]; \ | ||
299 | } | ||
300 | #define kdl8(k,i) \ | ||
301 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ss[0]; ss[1] ^= ss[0]; k[8*(i)+ 9] = ss[1]; \ | ||
302 | ss[2] ^= ss[1]; k[8*(i)+10] = ss[2]; ss[3] ^= ss[2]; k[8*(i)+11] = ss[3]; \ | ||
303 | } | ||
304 | |||
305 | #if defined(AES_128) || defined(AES_VAR) | ||
306 | |||
307 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]) | ||
308 | { aes_32t ss[5]; | ||
309 | #ifdef d_vars | ||
310 | d_vars; | ||
311 | #endif | ||
312 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
313 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
314 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
315 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
316 | |||
317 | #if DEC_UNROLL == NONE | ||
318 | { aes_32t i; | ||
319 | |||
320 | for(i = 0; i < (11 * N_COLS - 1) / 4; ++i) | ||
321 | ke4(cx->ks, i); | ||
322 | #if !(DEC_ROUND == NO_TABLES) | ||
323 | for(i = N_COLS; i < 10 * N_COLS; ++i) | ||
324 | cx->ks[i] = inv_mcol(cx->ks[i]); | ||
325 | #endif | ||
326 | } | ||
327 | #else | ||
328 | kdf4(cx->ks, 0); kd4(cx->ks, 1); | ||
329 | kd4(cx->ks, 2); kd4(cx->ks, 3); | ||
330 | kd4(cx->ks, 4); kd4(cx->ks, 5); | ||
331 | kd4(cx->ks, 6); kd4(cx->ks, 7); | ||
332 | kd4(cx->ks, 8); kdl4(cx->ks, 9); | ||
333 | #endif | ||
334 | |||
335 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | ||
336 | /* key and must be non-zero for 128 and 192 bits keys */ | ||
337 | cx->ks[53] = cx->ks[45] = 0; | ||
338 | cx->ks[52] = 10; | ||
339 | #ifdef AES_ERR_CHK | ||
340 | return aes_good; | ||
341 | #endif | ||
342 | } | ||
343 | |||
344 | #endif | ||
345 | |||
346 | #if defined(AES_192) || defined(AES_VAR) | ||
347 | |||
348 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]) | ||
349 | { aes_32t ss[7]; | ||
350 | #ifdef d_vars | ||
351 | d_vars; | ||
352 | #endif | ||
353 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
354 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
355 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
356 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
357 | |||
358 | #if DEC_UNROLL == NONE | ||
359 | cx->ks[4] = ss[4] = word_in(in_key, 4); | ||
360 | cx->ks[5] = ss[5] = word_in(in_key, 5); | ||
361 | { aes_32t i; | ||
362 | |||
363 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) | ||
364 | ke6(cx->ks, i); | ||
365 | #if !(DEC_ROUND == NO_TABLES) | ||
366 | for(i = N_COLS; i < 12 * N_COLS; ++i) | ||
367 | cx->ks[i] = inv_mcol(cx->ks[i]); | ||
368 | #endif | ||
369 | } | ||
370 | #else | ||
371 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); | ||
372 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); | ||
373 | kdf6(cx->ks, 0); kd6(cx->ks, 1); | ||
374 | kd6(cx->ks, 2); kd6(cx->ks, 3); | ||
375 | kd6(cx->ks, 4); kd6(cx->ks, 5); | ||
376 | kd6(cx->ks, 6); kdl6(cx->ks, 7); | ||
377 | #endif | ||
378 | |||
379 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | ||
380 | /* key and must be non-zero for 128 and 192 bits keys */ | ||
381 | cx->ks[53] = cx->ks[45]; | ||
382 | cx->ks[52] = 12; | ||
383 | #ifdef AES_ERR_CHK | ||
384 | return aes_good; | ||
385 | #endif | ||
386 | } | ||
387 | |||
388 | #endif | ||
389 | |||
390 | #if defined(AES_256) || defined(AES_VAR) | ||
391 | |||
392 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]) | ||
393 | { aes_32t ss[8]; | ||
394 | #ifdef d_vars | ||
395 | d_vars; | ||
396 | #endif | ||
397 | cx->ks[0] = ss[0] = word_in(in_key, 0); | ||
398 | cx->ks[1] = ss[1] = word_in(in_key, 1); | ||
399 | cx->ks[2] = ss[2] = word_in(in_key, 2); | ||
400 | cx->ks[3] = ss[3] = word_in(in_key, 3); | ||
401 | |||
402 | #if DEC_UNROLL == NONE | ||
403 | cx->ks[4] = ss[4] = word_in(in_key, 4); | ||
404 | cx->ks[5] = ss[5] = word_in(in_key, 5); | ||
405 | cx->ks[6] = ss[6] = word_in(in_key, 6); | ||
406 | cx->ks[7] = ss[7] = word_in(in_key, 7); | ||
407 | { aes_32t i; | ||
408 | |||
409 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) | ||
410 | ke8(cx->ks, i); | ||
411 | #if !(DEC_ROUND == NO_TABLES) | ||
412 | for(i = N_COLS; i < 14 * N_COLS; ++i) | ||
413 | cx->ks[i] = inv_mcol(cx->ks[i]); | ||
414 | #endif | ||
415 | } | ||
416 | #else | ||
417 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); | ||
418 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); | ||
419 | cx->ks[6] = ff(ss[6] = word_in(in_key, 6)); | ||
420 | cx->ks[7] = ff(ss[7] = word_in(in_key, 7)); | ||
421 | kdf8(cx->ks, 0); kd8(cx->ks, 1); | ||
422 | kd8(cx->ks, 2); kd8(cx->ks, 3); | ||
423 | kd8(cx->ks, 4); kd8(cx->ks, 5); | ||
424 | kdl8(cx->ks, 6); | ||
425 | #endif | ||
426 | #ifdef AES_ERR_CHK | ||
427 | return aes_good; | ||
428 | #endif | ||
429 | } | ||
430 | |||
431 | #endif | ||
432 | |||
433 | #if defined(AES_VAR) | ||
434 | |||
435 | aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]) | ||
436 | { | ||
437 | switch(key_len) | ||
438 | { | ||
439 | #ifdef AES_ERR_CHK | ||
440 | case 16: case 128: return aes_decrypt_key128(in_key, cx); | ||
441 | case 24: case 192: return aes_decrypt_key192(in_key, cx); | ||
442 | case 32: case 256: return aes_decrypt_key256(in_key, cx); | ||
443 | default: return aes_error; | ||
444 | #else | ||
445 | case 16: case 128: aes_decrypt_key128(in_key, cx); return; | ||
446 | case 24: case 192: aes_decrypt_key192(in_key, cx); return; | ||
447 | case 32: case 256: aes_decrypt_key256(in_key, cx); return; | ||
448 | #endif | ||
449 | } | ||
450 | } | ||
451 | |||
452 | #endif | ||
453 | |||
454 | #endif | ||
455 | |||