diff options
Diffstat (limited to 'libraries/irrlicht-1.8/source/Irrlicht/aesGladman')
18 files changed, 4130 insertions, 4130 deletions
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/Readme.txt b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/Readme.txt index 86842c2..418d6db 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/Readme.txt +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/Readme.txt | |||
@@ -1,25 +1,25 @@ | |||
1 | A File Encryption Utility - VC++ 7.1 project Instructions | 1 | A File Encryption Utility - VC++ 7.1 project Instructions |
2 | 2 | ||
3 | 1. Unzip the enclosed files into a suitable VC++ project directory. | 3 | 1. Unzip the enclosed files into a suitable VC++ project directory. |
4 | 2. Obtain the bzip2 source code from http://sources.redhat.com/bzip2/ | 4 | 2. Obtain the bzip2 source code from http://sources.redhat.com/bzip2/ |
5 | and unzip the files into the bzip2 sub-directory. | 5 | and unzip the files into the bzip2 sub-directory. |
6 | 3. Compile the bzip2 project to give a static library | 6 | 3. Compile the bzip2 project to give a static library |
7 | 4. Compile the encfile project. | 7 | 4. Compile the encfile project. |
8 | 5. The executable encfile.exe is now ready for use: | 8 | 5. The executable encfile.exe is now ready for use: |
9 | 9 | ||
10 | enfile password filename | 10 | enfile password filename |
11 | 11 | ||
12 | If the filename does not have the extension 'enc', it is assumed to | 12 | If the filename does not have the extension 'enc', it is assumed to |
13 | be a normal file that will then be encrypted to a file with the same | 13 | be a normal file that will then be encrypted to a file with the same |
14 | name but with an added extension 'enc'. | 14 | name but with an added extension 'enc'. |
15 | 15 | ||
16 | If the filename has the extension 'enc' its is assumed to be an | 16 | If the filename has the extension 'enc' its is assumed to be an |
17 | encrypted file that will be decrypted to a file with the same name | 17 | encrypted file that will be decrypted to a file with the same name |
18 | but without the 'enc' extension. | 18 | but without the 'enc' extension. |
19 | 19 | ||
20 | The default HASH function is SHA1, which is set up by defining USE_SHA1 in | 20 | The default HASH function is SHA1, which is set up by defining USE_SHA1 in |
21 | compiling the project. If USE_SHA256 is defined instead then SHA256 is used. | 21 | compiling the project. If USE_SHA256 is defined instead then SHA256 is used. |
22 | 22 | ||
23 | Brian Gladman | 23 | Brian Gladman |
24 | 24 | ||
25 | 25 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aes.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aes.h index 127c886..5e4c596 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aes.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aes.h | |||
@@ -1,137 +1,137 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This file contains the definitions required to use AES in C. See aesopt.h | 33 | This file contains the definitions required to use AES in C. See aesopt.h |
34 | for optimisation details. | 34 | for optimisation details. |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #ifndef _AES_H | 37 | #ifndef _AES_H |
38 | #define _AES_H | 38 | #define _AES_H |
39 | 39 | ||
40 | #include "irrMath.h" | 40 | #include "irrMath.h" |
41 | 41 | ||
42 | #define AES_128 /* define if AES with 128 bit keys is needed */ | 42 | #define AES_128 /* define if AES with 128 bit keys is needed */ |
43 | #define AES_192 /* define if AES with 192 bit keys is needed */ | 43 | #define AES_192 /* define if AES with 192 bit keys is needed */ |
44 | #define AES_256 /* define if AES with 256 bit keys is needed */ | 44 | #define AES_256 /* define if AES with 256 bit keys is needed */ |
45 | #define AES_VAR /* define if a variable key size is needed */ | 45 | #define AES_VAR /* define if a variable key size is needed */ |
46 | 46 | ||
47 | /* The following must also be set in assembler files if being used */ | 47 | /* The following must also be set in assembler files if being used */ |
48 | 48 | ||
49 | #define AES_ENCRYPT /* if support for encryption is needed */ | 49 | #define AES_ENCRYPT /* if support for encryption is needed */ |
50 | #define AES_DECRYPT /* if support for decryption is needed */ | 50 | #define AES_DECRYPT /* if support for decryption is needed */ |
51 | #define AES_ERR_CHK /* for parameter checks & error return codes */ | 51 | #define AES_ERR_CHK /* for parameter checks & error return codes */ |
52 | 52 | ||
53 | typedef irr::u8 aes_08t; | 53 | typedef irr::u8 aes_08t; |
54 | typedef irr::u32 aes_32t; | 54 | typedef irr::u32 aes_32t; |
55 | 55 | ||
56 | #define AES_BLOCK_SIZE 16 /* the AES block size in bytes */ | 56 | #define AES_BLOCK_SIZE 16 /* the AES block size in bytes */ |
57 | #define N_COLS 4 /* the number of columns in the state */ | 57 | #define N_COLS 4 /* the number of columns in the state */ |
58 | 58 | ||
59 | /* a maximum of 60 32-bit words are needed for the key schedule */ | 59 | /* a maximum of 60 32-bit words are needed for the key schedule */ |
60 | #define KS_LENGTH 64 | 60 | #define KS_LENGTH 64 |
61 | 61 | ||
62 | #ifdef AES_ERR_CHK | 62 | #ifdef AES_ERR_CHK |
63 | #define aes_ret int | 63 | #define aes_ret int |
64 | #define aes_good 0 | 64 | #define aes_good 0 |
65 | #define aes_error -1 | 65 | #define aes_error -1 |
66 | #else | 66 | #else |
67 | #define aes_ret void | 67 | #define aes_ret void |
68 | #endif | 68 | #endif |
69 | 69 | ||
70 | #ifndef AES_DLL /* implement normal/DLL functions */ | 70 | #ifndef AES_DLL /* implement normal/DLL functions */ |
71 | #define aes_rval aes_ret | 71 | #define aes_rval aes_ret |
72 | #else | 72 | #else |
73 | #define aes_rval aes_ret __declspec(dllexport) _stdcall | 73 | #define aes_rval aes_ret __declspec(dllexport) _stdcall |
74 | #endif | 74 | #endif |
75 | 75 | ||
76 | /* This routine must be called before first use if non-static */ | 76 | /* This routine must be called before first use if non-static */ |
77 | /* tables are being used */ | 77 | /* tables are being used */ |
78 | 78 | ||
79 | void gen_tabs(void); | 79 | void gen_tabs(void); |
80 | 80 | ||
81 | /* The key length (klen) is input in bytes when it is in the range */ | 81 | /* The key length (klen) is input in bytes when it is in the range */ |
82 | /* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */ | 82 | /* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */ |
83 | 83 | ||
84 | #ifdef AES_ENCRYPT | 84 | #ifdef AES_ENCRYPT |
85 | 85 | ||
86 | typedef struct | 86 | typedef struct |
87 | { | 87 | { |
88 | aes_32t ks[KS_LENGTH]; | 88 | aes_32t ks[KS_LENGTH]; |
89 | } aes_encrypt_ctx; | 89 | } aes_encrypt_ctx; |
90 | 90 | ||
91 | #if defined(AES_128) || defined(AES_VAR) | 91 | #if defined(AES_128) || defined(AES_VAR) |
92 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]); | 92 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]); |
93 | #endif | 93 | #endif |
94 | 94 | ||
95 | #if defined(AES_192) || defined(AES_VAR) | 95 | #if defined(AES_192) || defined(AES_VAR) |
96 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]); | 96 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]); |
97 | #endif | 97 | #endif |
98 | 98 | ||
99 | #if defined(AES_256) || defined(AES_VAR) | 99 | #if defined(AES_256) || defined(AES_VAR) |
100 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]); | 100 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]); |
101 | #endif | 101 | #endif |
102 | 102 | ||
103 | #if defined(AES_VAR) | 103 | #if defined(AES_VAR) |
104 | aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]); | 104 | aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]); |
105 | #endif | 105 | #endif |
106 | 106 | ||
107 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]); | 107 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]); |
108 | #endif | 108 | #endif |
109 | 109 | ||
110 | #ifdef AES_DECRYPT | 110 | #ifdef AES_DECRYPT |
111 | 111 | ||
112 | typedef struct | 112 | typedef struct |
113 | { | 113 | { |
114 | aes_32t ks[KS_LENGTH]; | 114 | aes_32t ks[KS_LENGTH]; |
115 | } aes_decrypt_ctx; | 115 | } aes_decrypt_ctx; |
116 | 116 | ||
117 | #if defined(AES_128) || defined(AES_VAR) | 117 | #if defined(AES_128) || defined(AES_VAR) |
118 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]); | 118 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]); |
119 | #endif | 119 | #endif |
120 | 120 | ||
121 | #if defined(AES_192) || defined(AES_VAR) | 121 | #if defined(AES_192) || defined(AES_VAR) |
122 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]); | 122 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]); |
123 | #endif | 123 | #endif |
124 | 124 | ||
125 | #if defined(AES_256) || defined(AES_VAR) | 125 | #if defined(AES_256) || defined(AES_VAR) |
126 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]); | 126 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]); |
127 | #endif | 127 | #endif |
128 | 128 | ||
129 | #if defined(AES_VAR) | 129 | #if defined(AES_VAR) |
130 | aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]); | 130 | aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]); |
131 | #endif | 131 | #endif |
132 | 132 | ||
133 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]); | 133 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]); |
134 | #endif | 134 | #endif |
135 | 135 | ||
136 | #endif | 136 | #endif |
137 | 137 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp index 8d1feee..54ddc21 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aescrypt.cpp | |||
@@ -1,303 +1,303 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This file contains the code for implementing encryption and decryption | 33 | This file contains the code for implementing encryption and decryption |
34 | for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It | 34 | for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It |
35 | can optionally be replaced by code written in assembler using NASM. For | 35 | can optionally be replaced by code written in assembler using NASM. For |
36 | further details see the file aesopt.h | 36 | further details see the file aesopt.h |
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "aesopt.h" | 39 | #include "aesopt.h" |
40 | 40 | ||
41 | #define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) | 41 | #define si(y,x,k,c) (s(y,c) = word_in(x, c) ^ (k)[c]) |
42 | #define so(y,x,c) word_out(y, c, s(x,c)) | 42 | #define so(y,x,c) word_out(y, c, s(x,c)) |
43 | 43 | ||
44 | #if defined(ARRAYS) | 44 | #if defined(ARRAYS) |
45 | #define locals(y,x) x[4],y[4] | 45 | #define locals(y,x) x[4],y[4] |
46 | #else | 46 | #else |
47 | #define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 | 47 | #define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 |
48 | #endif | 48 | #endif |
49 | 49 | ||
50 | #define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ | 50 | #define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ |
51 | s(y,2) = s(x,2); s(y,3) = s(x,3); | 51 | s(y,2) = s(x,2); s(y,3) = s(x,3); |
52 | #define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) | 52 | #define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) |
53 | #define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) | 53 | #define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) |
54 | #define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) | 54 | #define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) |
55 | 55 | ||
56 | #if defined(ENCRYPTION) && !defined(AES_ASM) | 56 | #if defined(ENCRYPTION) && !defined(AES_ASM) |
57 | 57 | ||
58 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using | 58 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using |
59 | Pentium optimization with small code but this is poor for decryption | 59 | Pentium optimization with small code but this is poor for decryption |
60 | so we need to control this with the following VC++ pragmas | 60 | so we need to control this with the following VC++ pragmas |
61 | */ | 61 | */ |
62 | 62 | ||
63 | #if defined(_MSC_VER) | 63 | #if defined(_MSC_VER) |
64 | #pragma optimize( "s", on ) | 64 | #pragma optimize( "s", on ) |
65 | #endif | 65 | #endif |
66 | 66 | ||
67 | /* Given the column (c) of the output state variable, the following | 67 | /* Given the column (c) of the output state variable, the following |
68 | macros give the input state variables which are needed in its | 68 | macros give the input state variables which are needed in its |
69 | computation for each row (r) of the state. All the alternative | 69 | computation for each row (r) of the state. All the alternative |
70 | macros give the same end values but expand into different ways | 70 | macros give the same end values but expand into different ways |
71 | of calculating these values. In particular the complex macro | 71 | of calculating these values. In particular the complex macro |
72 | used for dynamically variable block sizes is designed to expand | 72 | used for dynamically variable block sizes is designed to expand |
73 | to a compile time constant whenever possible but will expand to | 73 | to a compile time constant whenever possible but will expand to |
74 | conditional clauses on some branches (I am grateful to Frank | 74 | conditional clauses on some branches (I am grateful to Frank |
75 | Yellin for this construction) | 75 | Yellin for this construction) |
76 | */ | 76 | */ |
77 | 77 | ||
78 | #define fwd_var(x,r,c)\ | 78 | #define fwd_var(x,r,c)\ |
79 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ | 79 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ |
80 | : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ | 80 | : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\ |
81 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ | 81 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ |
82 | : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) | 82 | : ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))) |
83 | 83 | ||
84 | #if defined(FT4_SET) | 84 | #if defined(FT4_SET) |
85 | #undef dec_fmvars | 85 | #undef dec_fmvars |
86 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) | 86 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,n),fwd_var,rf1,c)) |
87 | #elif defined(FT1_SET) | 87 | #elif defined(FT1_SET) |
88 | #undef dec_fmvars | 88 | #undef dec_fmvars |
89 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) | 89 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(f,n),fwd_var,rf1,c)) |
90 | #else | 90 | #else |
91 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) | 91 | #define fwd_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_use(s,box),fwd_var,rf1,c))) |
92 | #endif | 92 | #endif |
93 | 93 | ||
94 | #if defined(FL4_SET) | 94 | #if defined(FL4_SET) |
95 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) | 95 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(f,l),fwd_var,rf1,c)) |
96 | #elif defined(FL1_SET) | 96 | #elif defined(FL1_SET) |
97 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) | 97 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(f,l),fwd_var,rf1,c)) |
98 | #else | 98 | #else |
99 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) | 99 | #define fwd_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(s,box),fwd_var,rf1,c)) |
100 | #endif | 100 | #endif |
101 | 101 | ||
102 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]) | 102 | aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]) |
103 | { aes_32t locals(b0, b1); | 103 | { aes_32t locals(b0, b1); |
104 | const aes_32t *kp = cx->ks; | 104 | const aes_32t *kp = cx->ks; |
105 | #ifdef dec_fmvars | 105 | #ifdef dec_fmvars |
106 | dec_fmvars; /* declare variables for fwd_mcol() if needed */ | 106 | dec_fmvars; /* declare variables for fwd_mcol() if needed */ |
107 | #endif | 107 | #endif |
108 | 108 | ||
109 | aes_32t nr = (kp[45] ^ kp[52] ^ kp[53] ? kp[52] : 14); | 109 | aes_32t nr = (kp[45] ^ kp[52] ^ kp[53] ? kp[52] : 14); |
110 | 110 | ||
111 | #ifdef AES_ERR_CHK | 111 | #ifdef AES_ERR_CHK |
112 | if( (nr != 10 || !(kp[0] | kp[3] | kp[4])) | 112 | if( (nr != 10 || !(kp[0] | kp[3] | kp[4])) |
113 | && (nr != 12 || !(kp[0] | kp[5] | kp[6])) | 113 | && (nr != 12 || !(kp[0] | kp[5] | kp[6])) |
114 | && (nr != 14 || !(kp[0] | kp[7] | kp[8])) ) | 114 | && (nr != 14 || !(kp[0] | kp[7] | kp[8])) ) |
115 | return aes_error; | 115 | return aes_error; |
116 | #endif | 116 | #endif |
117 | 117 | ||
118 | state_in(b0, in_blk, kp); | 118 | state_in(b0, in_blk, kp); |
119 | 119 | ||
120 | #if (ENC_UNROLL == FULL) | 120 | #if (ENC_UNROLL == FULL) |
121 | 121 | ||
122 | switch(nr) | 122 | switch(nr) |
123 | { | 123 | { |
124 | case 14: | 124 | case 14: |
125 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 125 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
126 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 126 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
127 | kp += 2 * N_COLS; | 127 | kp += 2 * N_COLS; |
128 | case 12: | 128 | case 12: |
129 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 129 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
130 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 130 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
131 | kp += 2 * N_COLS; | 131 | kp += 2 * N_COLS; |
132 | case 10: | 132 | case 10: |
133 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); | 133 | round(fwd_rnd, b1, b0, kp + 1 * N_COLS); |
134 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); | 134 | round(fwd_rnd, b0, b1, kp + 2 * N_COLS); |
135 | round(fwd_rnd, b1, b0, kp + 3 * N_COLS); | 135 | round(fwd_rnd, b1, b0, kp + 3 * N_COLS); |
136 | round(fwd_rnd, b0, b1, kp + 4 * N_COLS); | 136 | round(fwd_rnd, b0, b1, kp + 4 * N_COLS); |
137 | round(fwd_rnd, b1, b0, kp + 5 * N_COLS); | 137 | round(fwd_rnd, b1, b0, kp + 5 * N_COLS); |
138 | round(fwd_rnd, b0, b1, kp + 6 * N_COLS); | 138 | round(fwd_rnd, b0, b1, kp + 6 * N_COLS); |
139 | round(fwd_rnd, b1, b0, kp + 7 * N_COLS); | 139 | round(fwd_rnd, b1, b0, kp + 7 * N_COLS); |
140 | round(fwd_rnd, b0, b1, kp + 8 * N_COLS); | 140 | round(fwd_rnd, b0, b1, kp + 8 * N_COLS); |
141 | round(fwd_rnd, b1, b0, kp + 9 * N_COLS); | 141 | round(fwd_rnd, b1, b0, kp + 9 * N_COLS); |
142 | round(fwd_lrnd, b0, b1, kp +10 * N_COLS); | 142 | round(fwd_lrnd, b0, b1, kp +10 * N_COLS); |
143 | } | 143 | } |
144 | 144 | ||
145 | #else | 145 | #else |
146 | 146 | ||
147 | #if (ENC_UNROLL == PARTIAL) | 147 | #if (ENC_UNROLL == PARTIAL) |
148 | { aes_32t rnd; | 148 | { aes_32t rnd; |
149 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) | 149 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) |
150 | { | 150 | { |
151 | kp += N_COLS; | 151 | kp += N_COLS; |
152 | round(fwd_rnd, b1, b0, kp); | 152 | round(fwd_rnd, b1, b0, kp); |
153 | kp += N_COLS; | 153 | kp += N_COLS; |
154 | round(fwd_rnd, b0, b1, kp); | 154 | round(fwd_rnd, b0, b1, kp); |
155 | } | 155 | } |
156 | kp += N_COLS; | 156 | kp += N_COLS; |
157 | round(fwd_rnd, b1, b0, kp); | 157 | round(fwd_rnd, b1, b0, kp); |
158 | #else | 158 | #else |
159 | { aes_32t rnd; | 159 | { aes_32t rnd; |
160 | for(rnd = 0; rnd < nr - 1; ++rnd) | 160 | for(rnd = 0; rnd < nr - 1; ++rnd) |
161 | { | 161 | { |
162 | kp += N_COLS; | 162 | kp += N_COLS; |
163 | round(fwd_rnd, b1, b0, kp); | 163 | round(fwd_rnd, b1, b0, kp); |
164 | l_copy(b0, b1); | 164 | l_copy(b0, b1); |
165 | } | 165 | } |
166 | #endif | 166 | #endif |
167 | kp += N_COLS; | 167 | kp += N_COLS; |
168 | round(fwd_lrnd, b0, b1, kp); | 168 | round(fwd_lrnd, b0, b1, kp); |
169 | } | 169 | } |
170 | #endif | 170 | #endif |
171 | 171 | ||
172 | state_out(out_blk, b0); | 172 | state_out(out_blk, b0); |
173 | #ifdef AES_ERR_CHK | 173 | #ifdef AES_ERR_CHK |
174 | return aes_good; | 174 | return aes_good; |
175 | #endif | 175 | #endif |
176 | } | 176 | } |
177 | 177 | ||
178 | #endif | 178 | #endif |
179 | 179 | ||
180 | #if defined(DECRYPTION) && !defined(AES_ASM) | 180 | #if defined(DECRYPTION) && !defined(AES_ASM) |
181 | 181 | ||
182 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using | 182 | /* Visual C++ .Net v7.1 provides the fastest encryption code when using |
183 | Pentium optimization with small code but this is poor for decryption | 183 | Pentium optimization with small code but this is poor for decryption |
184 | so we need to control this with the following VC++ pragmas | 184 | so we need to control this with the following VC++ pragmas |
185 | */ | 185 | */ |
186 | 186 | ||
187 | #if defined(_MSC_VER) | 187 | #if defined(_MSC_VER) |
188 | #pragma optimize( "t", on ) | 188 | #pragma optimize( "t", on ) |
189 | #endif | 189 | #endif |
190 | 190 | ||
191 | /* Given the column (c) of the output state variable, the following | 191 | /* Given the column (c) of the output state variable, the following |
192 | macros give the input state variables which are needed in its | 192 | macros give the input state variables which are needed in its |
193 | computation for each row (r) of the state. All the alternative | 193 | computation for each row (r) of the state. All the alternative |
194 | macros give the same end values but expand into different ways | 194 | macros give the same end values but expand into different ways |
195 | of calculating these values. In particular the complex macro | 195 | of calculating these values. In particular the complex macro |
196 | used for dynamically variable block sizes is designed to expand | 196 | used for dynamically variable block sizes is designed to expand |
197 | to a compile time constant whenever possible but will expand to | 197 | to a compile time constant whenever possible but will expand to |
198 | conditional clauses on some branches (I am grateful to Frank | 198 | conditional clauses on some branches (I am grateful to Frank |
199 | Yellin for this construction) | 199 | Yellin for this construction) |
200 | */ | 200 | */ |
201 | 201 | ||
202 | #define inv_var(x,r,c)\ | 202 | #define inv_var(x,r,c)\ |
203 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ | 203 | ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\ |
204 | : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ | 204 | : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\ |
205 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ | 205 | : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\ |
206 | : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) | 206 | : ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))) |
207 | 207 | ||
208 | #if defined(IT4_SET) | 208 | #if defined(IT4_SET) |
209 | #undef dec_imvars | 209 | #undef dec_imvars |
210 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) | 210 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,n),inv_var,rf1,c)) |
211 | #elif defined(IT1_SET) | 211 | #elif defined(IT1_SET) |
212 | #undef dec_imvars | 212 | #undef dec_imvars |
213 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) | 213 | #define inv_rnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,upr,t_use(i,n),inv_var,rf1,c)) |
214 | #else | 214 | #else |
215 | #define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) | 215 | #define inv_rnd(y,x,k,c) (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c))) |
216 | #endif | 216 | #endif |
217 | 217 | ||
218 | #if defined(IL4_SET) | 218 | #if defined(IL4_SET) |
219 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) | 219 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ four_tables(x,t_use(i,l),inv_var,rf1,c)) |
220 | #elif defined(IL1_SET) | 220 | #elif defined(IL1_SET) |
221 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) | 221 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ one_table(x,ups,t_use(i,l),inv_var,rf1,c)) |
222 | #else | 222 | #else |
223 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) | 223 | #define inv_lrnd(y,x,k,c) (s(y,c) = (k)[c] ^ no_table(x,t_use(i,box),inv_var,rf1,c)) |
224 | #endif | 224 | #endif |
225 | 225 | ||
226 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]) | 226 | aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]) |
227 | { aes_32t locals(b0, b1); | 227 | { aes_32t locals(b0, b1); |
228 | #ifdef dec_imvars | 228 | #ifdef dec_imvars |
229 | dec_imvars; /* declare variables for inv_mcol() if needed */ | 229 | dec_imvars; /* declare variables for inv_mcol() if needed */ |
230 | #endif | 230 | #endif |
231 | 231 | ||
232 | aes_32t nr = (cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] ? cx->ks[52] : 14); | 232 | aes_32t nr = (cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] ? cx->ks[52] : 14); |
233 | const aes_32t *kp = cx->ks + nr * N_COLS; | 233 | const aes_32t *kp = cx->ks + nr * N_COLS; |
234 | 234 | ||
235 | #ifdef AES_ERR_CHK | 235 | #ifdef AES_ERR_CHK |
236 | if( (nr != 10 || !(cx->ks[0] | cx->ks[3] | cx->ks[4])) | 236 | if( (nr != 10 || !(cx->ks[0] | cx->ks[3] | cx->ks[4])) |
237 | && (nr != 12 || !(cx->ks[0] | cx->ks[5] | cx->ks[6])) | 237 | && (nr != 12 || !(cx->ks[0] | cx->ks[5] | cx->ks[6])) |
238 | && (nr != 14 || !(cx->ks[0] | cx->ks[7] | cx->ks[8])) ) | 238 | && (nr != 14 || !(cx->ks[0] | cx->ks[7] | cx->ks[8])) ) |
239 | return aes_error; | 239 | return aes_error; |
240 | #endif | 240 | #endif |
241 | 241 | ||
242 | state_in(b0, in_blk, kp); | 242 | state_in(b0, in_blk, kp); |
243 | 243 | ||
244 | #if (DEC_UNROLL == FULL) | 244 | #if (DEC_UNROLL == FULL) |
245 | 245 | ||
246 | switch(nr) | 246 | switch(nr) |
247 | { | 247 | { |
248 | case 14: | 248 | case 14: |
249 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 249 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
250 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 250 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
251 | kp -= 2 * N_COLS; | 251 | kp -= 2 * N_COLS; |
252 | case 12: | 252 | case 12: |
253 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 253 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
254 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 254 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
255 | kp -= 2 * N_COLS; | 255 | kp -= 2 * N_COLS; |
256 | case 10: | 256 | case 10: |
257 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); | 257 | round(inv_rnd, b1, b0, kp - 1 * N_COLS); |
258 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); | 258 | round(inv_rnd, b0, b1, kp - 2 * N_COLS); |
259 | round(inv_rnd, b1, b0, kp - 3 * N_COLS); | 259 | round(inv_rnd, b1, b0, kp - 3 * N_COLS); |
260 | round(inv_rnd, b0, b1, kp - 4 * N_COLS); | 260 | round(inv_rnd, b0, b1, kp - 4 * N_COLS); |
261 | round(inv_rnd, b1, b0, kp - 5 * N_COLS); | 261 | round(inv_rnd, b1, b0, kp - 5 * N_COLS); |
262 | round(inv_rnd, b0, b1, kp - 6 * N_COLS); | 262 | round(inv_rnd, b0, b1, kp - 6 * N_COLS); |
263 | round(inv_rnd, b1, b0, kp - 7 * N_COLS); | 263 | round(inv_rnd, b1, b0, kp - 7 * N_COLS); |
264 | round(inv_rnd, b0, b1, kp - 8 * N_COLS); | 264 | round(inv_rnd, b0, b1, kp - 8 * N_COLS); |
265 | round(inv_rnd, b1, b0, kp - 9 * N_COLS); | 265 | round(inv_rnd, b1, b0, kp - 9 * N_COLS); |
266 | round(inv_lrnd, b0, b1, kp - 10 * N_COLS); | 266 | round(inv_lrnd, b0, b1, kp - 10 * N_COLS); |
267 | } | 267 | } |
268 | 268 | ||
269 | #else | 269 | #else |
270 | 270 | ||
271 | #if (DEC_UNROLL == PARTIAL) | 271 | #if (DEC_UNROLL == PARTIAL) |
272 | { aes_32t rnd; | 272 | { aes_32t rnd; |
273 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) | 273 | for(rnd = 0; rnd < (nr >> 1) - 1; ++rnd) |
274 | { | 274 | { |
275 | kp -= N_COLS; | 275 | kp -= N_COLS; |
276 | round(inv_rnd, b1, b0, kp); | 276 | round(inv_rnd, b1, b0, kp); |
277 | kp -= N_COLS; | 277 | kp -= N_COLS; |
278 | round(inv_rnd, b0, b1, kp); | 278 | round(inv_rnd, b0, b1, kp); |
279 | } | 279 | } |
280 | kp -= N_COLS; | 280 | kp -= N_COLS; |
281 | round(inv_rnd, b1, b0, kp); | 281 | round(inv_rnd, b1, b0, kp); |
282 | #else | 282 | #else |
283 | { aes_32t rnd; | 283 | { aes_32t rnd; |
284 | for(rnd = 0; rnd < nr - 1; ++rnd) | 284 | for(rnd = 0; rnd < nr - 1; ++rnd) |
285 | { | 285 | { |
286 | kp -= N_COLS; | 286 | kp -= N_COLS; |
287 | round(inv_rnd, b1, b0, kp); | 287 | round(inv_rnd, b1, b0, kp); |
288 | l_copy(b0, b1); | 288 | l_copy(b0, b1); |
289 | } | 289 | } |
290 | #endif | 290 | #endif |
291 | kp -= N_COLS; | 291 | kp -= N_COLS; |
292 | round(inv_lrnd, b0, b1, kp); | 292 | round(inv_lrnd, b0, b1, kp); |
293 | } | 293 | } |
294 | #endif | 294 | #endif |
295 | 295 | ||
296 | state_out(out_blk, b0); | 296 | state_out(out_blk, b0); |
297 | #ifdef AES_ERR_CHK | 297 | #ifdef AES_ERR_CHK |
298 | return aes_good; | 298 | return aes_good; |
299 | #endif | 299 | #endif |
300 | } | 300 | } |
301 | 301 | ||
302 | #endif | 302 | #endif |
303 | 303 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aeskey.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aeskey.cpp index 12d4cbb..272c951 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aeskey.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aeskey.cpp | |||
@@ -1,455 +1,455 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This file contains the code for implementing the key schedule for AES | 33 | This file contains the code for implementing the key schedule for AES |
34 | (Rijndael) for block and key sizes of 16, 24, and 32 bytes. See aesopt.h | 34 | (Rijndael) for block and key sizes of 16, 24, and 32 bytes. See aesopt.h |
35 | for further details including optimisation. | 35 | for further details including optimisation. |
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "aesopt.h" | 38 | #include "aesopt.h" |
39 | 39 | ||
40 | /* Initialise the key schedule from the user supplied key. The key | 40 | /* Initialise the key schedule from the user supplied key. The key |
41 | length can be specified in bytes, with legal values of 16, 24 | 41 | length can be specified in bytes, with legal values of 16, 24 |
42 | and 32, or in bits, with legal values of 128, 192 and 256. These | 42 | and 32, or in bits, with legal values of 128, 192 and 256. These |
43 | values correspond with Nk values of 4, 6 and 8 respectively. | 43 | values correspond with Nk values of 4, 6 and 8 respectively. |
44 | 44 | ||
45 | The following macros implement a single cycle in the key | 45 | The following macros implement a single cycle in the key |
46 | schedule generation process. The number of cycles needed | 46 | schedule generation process. The number of cycles needed |
47 | for each cx->n_col and nk value is: | 47 | for each cx->n_col and nk value is: |
48 | 48 | ||
49 | nk = 4 5 6 7 8 | 49 | nk = 4 5 6 7 8 |
50 | ------------------------------ | 50 | ------------------------------ |
51 | cx->n_col = 4 10 9 8 7 7 | 51 | cx->n_col = 4 10 9 8 7 7 |
52 | cx->n_col = 5 14 11 10 9 9 | 52 | cx->n_col = 5 14 11 10 9 9 |
53 | cx->n_col = 6 19 15 12 11 11 | 53 | cx->n_col = 6 19 15 12 11 11 |
54 | cx->n_col = 7 21 19 16 13 14 | 54 | cx->n_col = 7 21 19 16 13 14 |
55 | cx->n_col = 8 29 23 19 17 14 | 55 | cx->n_col = 8 29 23 19 17 14 |
56 | */ | 56 | */ |
57 | 57 | ||
58 | #define ke4(k,i) \ | 58 | #define ke4(k,i) \ |
59 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ | 59 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ |
60 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ | 60 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ |
61 | } | 61 | } |
62 | #define kel4(k,i) \ | 62 | #define kel4(k,i) \ |
63 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ | 63 | { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \ |
64 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ | 64 | k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \ |
65 | } | 65 | } |
66 | 66 | ||
67 | #define ke6(k,i) \ | 67 | #define ke6(k,i) \ |
68 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ | 68 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ |
69 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ | 69 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ |
70 | k[6*(i)+10] = ss[4] ^= ss[3]; k[6*(i)+11] = ss[5] ^= ss[4]; \ | 70 | k[6*(i)+10] = ss[4] ^= ss[3]; k[6*(i)+11] = ss[5] ^= ss[4]; \ |
71 | } | 71 | } |
72 | #define kel6(k,i) \ | 72 | #define kel6(k,i) \ |
73 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ | 73 | { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \ |
74 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ | 74 | k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \ |
75 | } | 75 | } |
76 | 76 | ||
77 | #define ke8(k,i) \ | 77 | #define ke8(k,i) \ |
78 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ | 78 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ |
79 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ | 79 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ |
80 | k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); k[8*(i)+13] = ss[5] ^= ss[4]; \ | 80 | k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); k[8*(i)+13] = ss[5] ^= ss[4]; \ |
81 | k[8*(i)+14] = ss[6] ^= ss[5]; k[8*(i)+15] = ss[7] ^= ss[6]; \ | 81 | k[8*(i)+14] = ss[6] ^= ss[5]; k[8*(i)+15] = ss[7] ^= ss[6]; \ |
82 | } | 82 | } |
83 | #define kel8(k,i) \ | 83 | #define kel8(k,i) \ |
84 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ | 84 | { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \ |
85 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ | 85 | k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \ |
86 | } | 86 | } |
87 | 87 | ||
88 | #if defined(ENCRYPTION_KEY_SCHEDULE) | 88 | #if defined(ENCRYPTION_KEY_SCHEDULE) |
89 | 89 | ||
90 | #if defined(AES_128) || defined(AES_VAR) | 90 | #if defined(AES_128) || defined(AES_VAR) |
91 | 91 | ||
92 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]) | 92 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]) |
93 | { aes_32t ss[4]; | 93 | { aes_32t ss[4]; |
94 | 94 | ||
95 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 95 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
96 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 96 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
97 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 97 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
98 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 98 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
99 | 99 | ||
100 | #if ENC_UNROLL == NONE | 100 | #if ENC_UNROLL == NONE |
101 | { aes_32t i; | 101 | { aes_32t i; |
102 | 102 | ||
103 | for(i = 0; i < ((11 * N_COLS - 1) / 4); ++i) | 103 | for(i = 0; i < ((11 * N_COLS - 1) / 4); ++i) |
104 | ke4(cx->ks, i); | 104 | ke4(cx->ks, i); |
105 | } | 105 | } |
106 | #else | 106 | #else |
107 | ke4(cx->ks, 0); ke4(cx->ks, 1); | 107 | ke4(cx->ks, 0); ke4(cx->ks, 1); |
108 | ke4(cx->ks, 2); ke4(cx->ks, 3); | 108 | ke4(cx->ks, 2); ke4(cx->ks, 3); |
109 | ke4(cx->ks, 4); ke4(cx->ks, 5); | 109 | ke4(cx->ks, 4); ke4(cx->ks, 5); |
110 | ke4(cx->ks, 6); ke4(cx->ks, 7); | 110 | ke4(cx->ks, 6); ke4(cx->ks, 7); |
111 | ke4(cx->ks, 8); kel4(cx->ks, 9); | 111 | ke4(cx->ks, 8); kel4(cx->ks, 9); |
112 | #endif | 112 | #endif |
113 | 113 | ||
114 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | 114 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ |
115 | /* key and must be non-zero for 128 and 192 bits keys */ | 115 | /* key and must be non-zero for 128 and 192 bits keys */ |
116 | cx->ks[53] = cx->ks[45] = 0; | 116 | cx->ks[53] = cx->ks[45] = 0; |
117 | cx->ks[52] = 10; | 117 | cx->ks[52] = 10; |
118 | #ifdef AES_ERR_CHK | 118 | #ifdef AES_ERR_CHK |
119 | return aes_good; | 119 | return aes_good; |
120 | #endif | 120 | #endif |
121 | } | 121 | } |
122 | 122 | ||
123 | #endif | 123 | #endif |
124 | 124 | ||
125 | #if defined(AES_192) || defined(AES_VAR) | 125 | #if defined(AES_192) || defined(AES_VAR) |
126 | 126 | ||
127 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]) | 127 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]) |
128 | { aes_32t ss[6]; | 128 | { aes_32t ss[6]; |
129 | 129 | ||
130 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 130 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
131 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 131 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
132 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 132 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
133 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 133 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
134 | cx->ks[4] = ss[4] = word_in(in_key, 4); | 134 | cx->ks[4] = ss[4] = word_in(in_key, 4); |
135 | cx->ks[5] = ss[5] = word_in(in_key, 5); | 135 | cx->ks[5] = ss[5] = word_in(in_key, 5); |
136 | 136 | ||
137 | #if ENC_UNROLL == NONE | 137 | #if ENC_UNROLL == NONE |
138 | { aes_32t i; | 138 | { aes_32t i; |
139 | 139 | ||
140 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) | 140 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) |
141 | ke6(cx->ks, i); | 141 | ke6(cx->ks, i); |
142 | } | 142 | } |
143 | #else | 143 | #else |
144 | ke6(cx->ks, 0); ke6(cx->ks, 1); | 144 | ke6(cx->ks, 0); ke6(cx->ks, 1); |
145 | ke6(cx->ks, 2); ke6(cx->ks, 3); | 145 | ke6(cx->ks, 2); ke6(cx->ks, 3); |
146 | ke6(cx->ks, 4); ke6(cx->ks, 5); | 146 | ke6(cx->ks, 4); ke6(cx->ks, 5); |
147 | ke6(cx->ks, 6); kel6(cx->ks, 7); | 147 | ke6(cx->ks, 6); kel6(cx->ks, 7); |
148 | #endif | 148 | #endif |
149 | 149 | ||
150 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | 150 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ |
151 | /* key and must be non-zero for 128 and 192 bits keys */ | 151 | /* key and must be non-zero for 128 and 192 bits keys */ |
152 | cx->ks[53] = cx->ks[45]; | 152 | cx->ks[53] = cx->ks[45]; |
153 | cx->ks[52] = 12; | 153 | cx->ks[52] = 12; |
154 | #ifdef AES_ERR_CHK | 154 | #ifdef AES_ERR_CHK |
155 | return aes_good; | 155 | return aes_good; |
156 | #endif | 156 | #endif |
157 | } | 157 | } |
158 | 158 | ||
159 | #endif | 159 | #endif |
160 | 160 | ||
161 | #if defined(AES_256) || defined(AES_VAR) | 161 | #if defined(AES_256) || defined(AES_VAR) |
162 | 162 | ||
163 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]) | 163 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]) |
164 | { aes_32t ss[8]; | 164 | { aes_32t ss[8]; |
165 | 165 | ||
166 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 166 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
167 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 167 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
168 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 168 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
169 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 169 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
170 | cx->ks[4] = ss[4] = word_in(in_key, 4); | 170 | cx->ks[4] = ss[4] = word_in(in_key, 4); |
171 | cx->ks[5] = ss[5] = word_in(in_key, 5); | 171 | cx->ks[5] = ss[5] = word_in(in_key, 5); |
172 | cx->ks[6] = ss[6] = word_in(in_key, 6); | 172 | cx->ks[6] = ss[6] = word_in(in_key, 6); |
173 | cx->ks[7] = ss[7] = word_in(in_key, 7); | 173 | cx->ks[7] = ss[7] = word_in(in_key, 7); |
174 | 174 | ||
175 | #if ENC_UNROLL == NONE | 175 | #if ENC_UNROLL == NONE |
176 | { aes_32t i; | 176 | { aes_32t i; |
177 | 177 | ||
178 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) | 178 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) |
179 | ke8(cx->ks, i); | 179 | ke8(cx->ks, i); |
180 | } | 180 | } |
181 | #else | 181 | #else |
182 | ke8(cx->ks, 0); ke8(cx->ks, 1); | 182 | ke8(cx->ks, 0); ke8(cx->ks, 1); |
183 | ke8(cx->ks, 2); ke8(cx->ks, 3); | 183 | ke8(cx->ks, 2); ke8(cx->ks, 3); |
184 | ke8(cx->ks, 4); ke8(cx->ks, 5); | 184 | ke8(cx->ks, 4); ke8(cx->ks, 5); |
185 | kel8(cx->ks, 6); | 185 | kel8(cx->ks, 6); |
186 | #endif | 186 | #endif |
187 | #ifdef AES_ERR_CHK | 187 | #ifdef AES_ERR_CHK |
188 | return aes_good; | 188 | return aes_good; |
189 | #endif | 189 | #endif |
190 | } | 190 | } |
191 | 191 | ||
192 | #endif | 192 | #endif |
193 | 193 | ||
194 | #if defined(AES_VAR) | 194 | #if defined(AES_VAR) |
195 | 195 | ||
196 | aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]) | 196 | aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]) |
197 | { | 197 | { |
198 | switch(key_len) | 198 | switch(key_len) |
199 | { | 199 | { |
200 | #ifdef AES_ERR_CHK | 200 | #ifdef AES_ERR_CHK |
201 | case 16: case 128: return aes_encrypt_key128(in_key, cx); | 201 | case 16: case 128: return aes_encrypt_key128(in_key, cx); |
202 | case 24: case 192: return aes_encrypt_key192(in_key, cx); | 202 | case 24: case 192: return aes_encrypt_key192(in_key, cx); |
203 | case 32: case 256: return aes_encrypt_key256(in_key, cx); | 203 | case 32: case 256: return aes_encrypt_key256(in_key, cx); |
204 | default: return aes_error; | 204 | default: return aes_error; |
205 | #else | 205 | #else |
206 | case 16: case 128: aes_encrypt_key128(in_key, cx); return; | 206 | case 16: case 128: aes_encrypt_key128(in_key, cx); return; |
207 | case 24: case 192: aes_encrypt_key192(in_key, cx); return; | 207 | case 24: case 192: aes_encrypt_key192(in_key, cx); return; |
208 | case 32: case 256: aes_encrypt_key256(in_key, cx); return; | 208 | case 32: case 256: aes_encrypt_key256(in_key, cx); return; |
209 | #endif | 209 | #endif |
210 | } | 210 | } |
211 | } | 211 | } |
212 | 212 | ||
213 | #endif | 213 | #endif |
214 | 214 | ||
215 | #endif | 215 | #endif |
216 | 216 | ||
217 | #if defined(DECRYPTION_KEY_SCHEDULE) | 217 | #if defined(DECRYPTION_KEY_SCHEDULE) |
218 | 218 | ||
219 | #if DEC_ROUND == NO_TABLES | 219 | #if DEC_ROUND == NO_TABLES |
220 | #define ff(x) (x) | 220 | #define ff(x) (x) |
221 | #else | 221 | #else |
222 | #define ff(x) inv_mcol(x) | 222 | #define ff(x) inv_mcol(x) |
223 | #ifdef dec_imvars | 223 | #ifdef dec_imvars |
224 | #define d_vars dec_imvars | 224 | #define d_vars dec_imvars |
225 | #endif | 225 | #endif |
226 | #endif | 226 | #endif |
227 | 227 | ||
228 | #if 1 | 228 | #if 1 |
229 | #define kdf4(k,i) \ | 229 | #define kdf4(k,i) \ |
230 | { ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; ss[1] = ss[1] ^ ss[3]; ss[2] = ss[2] ^ ss[3]; ss[3] = ss[3]; \ | 230 | { ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; ss[1] = ss[1] ^ ss[3]; ss[2] = ss[2] ^ ss[3]; ss[3] = ss[3]; \ |
231 | ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ | 231 | ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ |
232 | ss[4] ^= k[4*(i)]; k[4*(i)+4] = ff(ss[4]); ss[4] ^= k[4*(i)+1]; k[4*(i)+5] = ff(ss[4]); \ | 232 | ss[4] ^= k[4*(i)]; k[4*(i)+4] = ff(ss[4]); ss[4] ^= k[4*(i)+1]; k[4*(i)+5] = ff(ss[4]); \ |
233 | ss[4] ^= k[4*(i)+2]; k[4*(i)+6] = ff(ss[4]); ss[4] ^= k[4*(i)+3]; k[4*(i)+7] = ff(ss[4]); \ | 233 | ss[4] ^= k[4*(i)+2]; k[4*(i)+6] = ff(ss[4]); ss[4] ^= k[4*(i)+3]; k[4*(i)+7] = ff(ss[4]); \ |
234 | } | 234 | } |
235 | #define kd4(k,i) \ | 235 | #define kd4(k,i) \ |
236 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ | 236 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \ |
237 | k[4*(i)+4] = ss[4] ^= k[4*(i)]; k[4*(i)+5] = ss[4] ^= k[4*(i)+1]; \ | 237 | k[4*(i)+4] = ss[4] ^= k[4*(i)]; k[4*(i)+5] = ss[4] ^= k[4*(i)+1]; \ |
238 | k[4*(i)+6] = ss[4] ^= k[4*(i)+2]; k[4*(i)+7] = ss[4] ^= k[4*(i)+3]; \ | 238 | k[4*(i)+6] = ss[4] ^= k[4*(i)+2]; k[4*(i)+7] = ss[4] ^= k[4*(i)+3]; \ |
239 | } | 239 | } |
240 | #define kdl4(k,i) \ | 240 | #define kdl4(k,i) \ |
241 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ | 241 | { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \ |
242 | k[4*(i)+4] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; k[4*(i)+5] = ss[1] ^ ss[3]; \ | 242 | k[4*(i)+4] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; k[4*(i)+5] = ss[1] ^ ss[3]; \ |
243 | k[4*(i)+6] = ss[0]; k[4*(i)+7] = ss[1]; \ | 243 | k[4*(i)+6] = ss[0]; k[4*(i)+7] = ss[1]; \ |
244 | } | 244 | } |
245 | #else | 245 | #else |
246 | #define kdf4(k,i) \ | 246 | #define kdf4(k,i) \ |
247 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ff(ss[0]); ss[1] ^= ss[0]; k[4*(i)+ 5] = ff(ss[1]); \ | 247 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ff(ss[0]); ss[1] ^= ss[0]; k[4*(i)+ 5] = ff(ss[1]); \ |
248 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ff(ss[2]); ss[3] ^= ss[2]; k[4*(i)+ 7] = ff(ss[3]); \ | 248 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ff(ss[2]); ss[3] ^= ss[2]; k[4*(i)+ 7] = ff(ss[3]); \ |
249 | } | 249 | } |
250 | #define kd4(k,i) \ | 250 | #define kd4(k,i) \ |
251 | { ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ | 251 | { ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \ |
252 | ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[4*(i)+ 4] = ss[4] ^= k[4*(i)]; \ | 252 | ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[4*(i)+ 4] = ss[4] ^= k[4*(i)]; \ |
253 | ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[4] ^= k[4*(i)+ 1]; \ | 253 | ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[4] ^= k[4*(i)+ 1]; \ |
254 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[4] ^= k[4*(i)+ 2]; \ | 254 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[4] ^= k[4*(i)+ 2]; \ |
255 | ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[4] ^= k[4*(i)+ 3]; \ | 255 | ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[4] ^= k[4*(i)+ 3]; \ |
256 | } | 256 | } |
257 | #define kdl4(k,i) \ | 257 | #define kdl4(k,i) \ |
258 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ss[0]; ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[1]; \ | 258 | { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ss[0]; ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[1]; \ |
259 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[2]; ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[3]; \ | 259 | ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[2]; ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[3]; \ |
260 | } | 260 | } |
261 | #endif | 261 | #endif |
262 | 262 | ||
263 | #define kdf6(k,i) \ | 263 | #define kdf6(k,i) \ |
264 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ff(ss[0]); ss[1] ^= ss[0]; k[6*(i)+ 7] = ff(ss[1]); \ | 264 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ff(ss[0]); ss[1] ^= ss[0]; k[6*(i)+ 7] = ff(ss[1]); \ |
265 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ff(ss[2]); ss[3] ^= ss[2]; k[6*(i)+ 9] = ff(ss[3]); \ | 265 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ff(ss[2]); ss[3] ^= ss[2]; k[6*(i)+ 9] = ff(ss[3]); \ |
266 | ss[4] ^= ss[3]; k[6*(i)+10] = ff(ss[4]); ss[5] ^= ss[4]; k[6*(i)+11] = ff(ss[5]); \ | 266 | ss[4] ^= ss[3]; k[6*(i)+10] = ff(ss[4]); ss[5] ^= ss[4]; k[6*(i)+11] = ff(ss[5]); \ |
267 | } | 267 | } |
268 | #define kd6(k,i) \ | 268 | #define kd6(k,i) \ |
269 | { ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ | 269 | { ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \ |
270 | ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[6*(i)+ 6] = ss[6] ^= k[6*(i)]; \ | 270 | ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[6*(i)+ 6] = ss[6] ^= k[6*(i)]; \ |
271 | ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[6] ^= k[6*(i)+ 1]; \ | 271 | ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[6] ^= k[6*(i)+ 1]; \ |
272 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[6] ^= k[6*(i)+ 2]; \ | 272 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[6] ^= k[6*(i)+ 2]; \ |
273 | ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[6] ^= k[6*(i)+ 3]; \ | 273 | ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[6] ^= k[6*(i)+ 3]; \ |
274 | ss[4] ^= ss[3]; k[6*(i)+10] = ss[6] ^= k[6*(i)+ 4]; \ | 274 | ss[4] ^= ss[3]; k[6*(i)+10] = ss[6] ^= k[6*(i)+ 4]; \ |
275 | ss[5] ^= ss[4]; k[6*(i)+11] = ss[6] ^= k[6*(i)+ 5]; \ | 275 | ss[5] ^= ss[4]; k[6*(i)+11] = ss[6] ^= k[6*(i)+ 5]; \ |
276 | } | 276 | } |
277 | #define kdl6(k,i) \ | 277 | #define kdl6(k,i) \ |
278 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ss[0]; ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[1]; \ | 278 | { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ss[0]; ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[1]; \ |
279 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[2]; ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[3]; \ | 279 | ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[2]; ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[3]; \ |
280 | } | 280 | } |
281 | 281 | ||
282 | #define kdf8(k,i) \ | 282 | #define kdf8(k,i) \ |
283 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ff(ss[0]); ss[1] ^= ss[0]; k[8*(i)+ 9] = ff(ss[1]); \ | 283 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ff(ss[0]); ss[1] ^= ss[0]; k[8*(i)+ 9] = ff(ss[1]); \ |
284 | ss[2] ^= ss[1]; k[8*(i)+10] = ff(ss[2]); ss[3] ^= ss[2]; k[8*(i)+11] = ff(ss[3]); \ | 284 | ss[2] ^= ss[1]; k[8*(i)+10] = ff(ss[2]); ss[3] ^= ss[2]; k[8*(i)+11] = ff(ss[3]); \ |
285 | ss[4] ^= ls_box(ss[3],0); k[8*(i)+12] = ff(ss[4]); ss[5] ^= ss[4]; k[8*(i)+13] = ff(ss[5]); \ | 285 | ss[4] ^= ls_box(ss[3],0); k[8*(i)+12] = ff(ss[4]); ss[5] ^= ss[4]; k[8*(i)+13] = ff(ss[5]); \ |
286 | ss[6] ^= ss[5]; k[8*(i)+14] = ff(ss[6]); ss[7] ^= ss[6]; k[8*(i)+15] = ff(ss[7]); \ | 286 | ss[6] ^= ss[5]; k[8*(i)+14] = ff(ss[6]); ss[7] ^= ss[6]; k[8*(i)+15] = ff(ss[7]); \ |
287 | } | 287 | } |
288 | #define kd8(k,i) \ | 288 | #define kd8(k,i) \ |
289 | { aes_32t g = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ | 289 | { aes_32t g = ls_box(ss[7],3) ^ t_use(r,c)[i]; \ |
290 | ss[0] ^= g; g = ff(g); k[8*(i)+ 8] = g ^= k[8*(i)]; \ | 290 | ss[0] ^= g; g = ff(g); k[8*(i)+ 8] = g ^= k[8*(i)]; \ |
291 | ss[1] ^= ss[0]; k[8*(i)+ 9] = g ^= k[8*(i)+ 1]; \ | 291 | ss[1] ^= ss[0]; k[8*(i)+ 9] = g ^= k[8*(i)+ 1]; \ |
292 | ss[2] ^= ss[1]; k[8*(i)+10] = g ^= k[8*(i)+ 2]; \ | 292 | ss[2] ^= ss[1]; k[8*(i)+10] = g ^= k[8*(i)+ 2]; \ |
293 | ss[3] ^= ss[2]; k[8*(i)+11] = g ^= k[8*(i)+ 3]; \ | 293 | ss[3] ^= ss[2]; k[8*(i)+11] = g ^= k[8*(i)+ 3]; \ |
294 | g = ls_box(ss[3],0); \ | 294 | g = ls_box(ss[3],0); \ |
295 | ss[4] ^= g; g = ff(g); k[8*(i)+12] = g ^= k[8*(i)+ 4]; \ | 295 | ss[4] ^= g; g = ff(g); k[8*(i)+12] = g ^= k[8*(i)+ 4]; \ |
296 | ss[5] ^= ss[4]; k[8*(i)+13] = g ^= k[8*(i)+ 5]; \ | 296 | ss[5] ^= ss[4]; k[8*(i)+13] = g ^= k[8*(i)+ 5]; \ |
297 | ss[6] ^= ss[5]; k[8*(i)+14] = g ^= k[8*(i)+ 6]; \ | 297 | ss[6] ^= ss[5]; k[8*(i)+14] = g ^= k[8*(i)+ 6]; \ |
298 | ss[7] ^= ss[6]; k[8*(i)+15] = g ^= k[8*(i)+ 7]; \ | 298 | ss[7] ^= ss[6]; k[8*(i)+15] = g ^= k[8*(i)+ 7]; \ |
299 | } | 299 | } |
300 | #define kdl8(k,i) \ | 300 | #define kdl8(k,i) \ |
301 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ss[0]; ss[1] ^= ss[0]; k[8*(i)+ 9] = ss[1]; \ | 301 | { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ss[0]; ss[1] ^= ss[0]; k[8*(i)+ 9] = ss[1]; \ |
302 | ss[2] ^= ss[1]; k[8*(i)+10] = ss[2]; ss[3] ^= ss[2]; k[8*(i)+11] = ss[3]; \ | 302 | ss[2] ^= ss[1]; k[8*(i)+10] = ss[2]; ss[3] ^= ss[2]; k[8*(i)+11] = ss[3]; \ |
303 | } | 303 | } |
304 | 304 | ||
305 | #if defined(AES_128) || defined(AES_VAR) | 305 | #if defined(AES_128) || defined(AES_VAR) |
306 | 306 | ||
307 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]) | 307 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]) |
308 | { aes_32t ss[5]; | 308 | { aes_32t ss[5]; |
309 | #ifdef d_vars | 309 | #ifdef d_vars |
310 | d_vars; | 310 | d_vars; |
311 | #endif | 311 | #endif |
312 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 312 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
313 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 313 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
314 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 314 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
315 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 315 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
316 | 316 | ||
317 | #if DEC_UNROLL == NONE | 317 | #if DEC_UNROLL == NONE |
318 | { aes_32t i; | 318 | { aes_32t i; |
319 | 319 | ||
320 | for(i = 0; i < (11 * N_COLS - 1) / 4; ++i) | 320 | for(i = 0; i < (11 * N_COLS - 1) / 4; ++i) |
321 | ke4(cx->ks, i); | 321 | ke4(cx->ks, i); |
322 | #if !(DEC_ROUND == NO_TABLES) | 322 | #if !(DEC_ROUND == NO_TABLES) |
323 | for(i = N_COLS; i < 10 * N_COLS; ++i) | 323 | for(i = N_COLS; i < 10 * N_COLS; ++i) |
324 | cx->ks[i] = inv_mcol(cx->ks[i]); | 324 | cx->ks[i] = inv_mcol(cx->ks[i]); |
325 | #endif | 325 | #endif |
326 | } | 326 | } |
327 | #else | 327 | #else |
328 | kdf4(cx->ks, 0); kd4(cx->ks, 1); | 328 | kdf4(cx->ks, 0); kd4(cx->ks, 1); |
329 | kd4(cx->ks, 2); kd4(cx->ks, 3); | 329 | kd4(cx->ks, 2); kd4(cx->ks, 3); |
330 | kd4(cx->ks, 4); kd4(cx->ks, 5); | 330 | kd4(cx->ks, 4); kd4(cx->ks, 5); |
331 | kd4(cx->ks, 6); kd4(cx->ks, 7); | 331 | kd4(cx->ks, 6); kd4(cx->ks, 7); |
332 | kd4(cx->ks, 8); kdl4(cx->ks, 9); | 332 | kd4(cx->ks, 8); kdl4(cx->ks, 9); |
333 | #endif | 333 | #endif |
334 | 334 | ||
335 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | 335 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ |
336 | /* key and must be non-zero for 128 and 192 bits keys */ | 336 | /* key and must be non-zero for 128 and 192 bits keys */ |
337 | cx->ks[53] = cx->ks[45] = 0; | 337 | cx->ks[53] = cx->ks[45] = 0; |
338 | cx->ks[52] = 10; | 338 | cx->ks[52] = 10; |
339 | #ifdef AES_ERR_CHK | 339 | #ifdef AES_ERR_CHK |
340 | return aes_good; | 340 | return aes_good; |
341 | #endif | 341 | #endif |
342 | } | 342 | } |
343 | 343 | ||
344 | #endif | 344 | #endif |
345 | 345 | ||
346 | #if defined(AES_192) || defined(AES_VAR) | 346 | #if defined(AES_192) || defined(AES_VAR) |
347 | 347 | ||
348 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]) | 348 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]) |
349 | { aes_32t ss[7]; | 349 | { aes_32t ss[7]; |
350 | #ifdef d_vars | 350 | #ifdef d_vars |
351 | d_vars; | 351 | d_vars; |
352 | #endif | 352 | #endif |
353 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 353 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
354 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 354 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
355 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 355 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
356 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 356 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
357 | 357 | ||
358 | #if DEC_UNROLL == NONE | 358 | #if DEC_UNROLL == NONE |
359 | cx->ks[4] = ss[4] = word_in(in_key, 4); | 359 | cx->ks[4] = ss[4] = word_in(in_key, 4); |
360 | cx->ks[5] = ss[5] = word_in(in_key, 5); | 360 | cx->ks[5] = ss[5] = word_in(in_key, 5); |
361 | { aes_32t i; | 361 | { aes_32t i; |
362 | 362 | ||
363 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) | 363 | for(i = 0; i < (13 * N_COLS - 1) / 6; ++i) |
364 | ke6(cx->ks, i); | 364 | ke6(cx->ks, i); |
365 | #if !(DEC_ROUND == NO_TABLES) | 365 | #if !(DEC_ROUND == NO_TABLES) |
366 | for(i = N_COLS; i < 12 * N_COLS; ++i) | 366 | for(i = N_COLS; i < 12 * N_COLS; ++i) |
367 | cx->ks[i] = inv_mcol(cx->ks[i]); | 367 | cx->ks[i] = inv_mcol(cx->ks[i]); |
368 | #endif | 368 | #endif |
369 | } | 369 | } |
370 | #else | 370 | #else |
371 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); | 371 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); |
372 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); | 372 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); |
373 | kdf6(cx->ks, 0); kd6(cx->ks, 1); | 373 | kdf6(cx->ks, 0); kd6(cx->ks, 1); |
374 | kd6(cx->ks, 2); kd6(cx->ks, 3); | 374 | kd6(cx->ks, 2); kd6(cx->ks, 3); |
375 | kd6(cx->ks, 4); kd6(cx->ks, 5); | 375 | kd6(cx->ks, 4); kd6(cx->ks, 5); |
376 | kd6(cx->ks, 6); kdl6(cx->ks, 7); | 376 | kd6(cx->ks, 6); kdl6(cx->ks, 7); |
377 | #endif | 377 | #endif |
378 | 378 | ||
379 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ | 379 | /* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */ |
380 | /* key and must be non-zero for 128 and 192 bits keys */ | 380 | /* key and must be non-zero for 128 and 192 bits keys */ |
381 | cx->ks[53] = cx->ks[45]; | 381 | cx->ks[53] = cx->ks[45]; |
382 | cx->ks[52] = 12; | 382 | cx->ks[52] = 12; |
383 | #ifdef AES_ERR_CHK | 383 | #ifdef AES_ERR_CHK |
384 | return aes_good; | 384 | return aes_good; |
385 | #endif | 385 | #endif |
386 | } | 386 | } |
387 | 387 | ||
388 | #endif | 388 | #endif |
389 | 389 | ||
390 | #if defined(AES_256) || defined(AES_VAR) | 390 | #if defined(AES_256) || defined(AES_VAR) |
391 | 391 | ||
392 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]) | 392 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]) |
393 | { aes_32t ss[8]; | 393 | { aes_32t ss[8]; |
394 | #ifdef d_vars | 394 | #ifdef d_vars |
395 | d_vars; | 395 | d_vars; |
396 | #endif | 396 | #endif |
397 | cx->ks[0] = ss[0] = word_in(in_key, 0); | 397 | cx->ks[0] = ss[0] = word_in(in_key, 0); |
398 | cx->ks[1] = ss[1] = word_in(in_key, 1); | 398 | cx->ks[1] = ss[1] = word_in(in_key, 1); |
399 | cx->ks[2] = ss[2] = word_in(in_key, 2); | 399 | cx->ks[2] = ss[2] = word_in(in_key, 2); |
400 | cx->ks[3] = ss[3] = word_in(in_key, 3); | 400 | cx->ks[3] = ss[3] = word_in(in_key, 3); |
401 | 401 | ||
402 | #if DEC_UNROLL == NONE | 402 | #if DEC_UNROLL == NONE |
403 | cx->ks[4] = ss[4] = word_in(in_key, 4); | 403 | cx->ks[4] = ss[4] = word_in(in_key, 4); |
404 | cx->ks[5] = ss[5] = word_in(in_key, 5); | 404 | cx->ks[5] = ss[5] = word_in(in_key, 5); |
405 | cx->ks[6] = ss[6] = word_in(in_key, 6); | 405 | cx->ks[6] = ss[6] = word_in(in_key, 6); |
406 | cx->ks[7] = ss[7] = word_in(in_key, 7); | 406 | cx->ks[7] = ss[7] = word_in(in_key, 7); |
407 | { aes_32t i; | 407 | { aes_32t i; |
408 | 408 | ||
409 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) | 409 | for(i = 0; i < (15 * N_COLS - 1) / 8; ++i) |
410 | ke8(cx->ks, i); | 410 | ke8(cx->ks, i); |
411 | #if !(DEC_ROUND == NO_TABLES) | 411 | #if !(DEC_ROUND == NO_TABLES) |
412 | for(i = N_COLS; i < 14 * N_COLS; ++i) | 412 | for(i = N_COLS; i < 14 * N_COLS; ++i) |
413 | cx->ks[i] = inv_mcol(cx->ks[i]); | 413 | cx->ks[i] = inv_mcol(cx->ks[i]); |
414 | #endif | 414 | #endif |
415 | } | 415 | } |
416 | #else | 416 | #else |
417 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); | 417 | cx->ks[4] = ff(ss[4] = word_in(in_key, 4)); |
418 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); | 418 | cx->ks[5] = ff(ss[5] = word_in(in_key, 5)); |
419 | cx->ks[6] = ff(ss[6] = word_in(in_key, 6)); | 419 | cx->ks[6] = ff(ss[6] = word_in(in_key, 6)); |
420 | cx->ks[7] = ff(ss[7] = word_in(in_key, 7)); | 420 | cx->ks[7] = ff(ss[7] = word_in(in_key, 7)); |
421 | kdf8(cx->ks, 0); kd8(cx->ks, 1); | 421 | kdf8(cx->ks, 0); kd8(cx->ks, 1); |
422 | kd8(cx->ks, 2); kd8(cx->ks, 3); | 422 | kd8(cx->ks, 2); kd8(cx->ks, 3); |
423 | kd8(cx->ks, 4); kd8(cx->ks, 5); | 423 | kd8(cx->ks, 4); kd8(cx->ks, 5); |
424 | kdl8(cx->ks, 6); | 424 | kdl8(cx->ks, 6); |
425 | #endif | 425 | #endif |
426 | #ifdef AES_ERR_CHK | 426 | #ifdef AES_ERR_CHK |
427 | return aes_good; | 427 | return aes_good; |
428 | #endif | 428 | #endif |
429 | } | 429 | } |
430 | 430 | ||
431 | #endif | 431 | #endif |
432 | 432 | ||
433 | #if defined(AES_VAR) | 433 | #if defined(AES_VAR) |
434 | 434 | ||
435 | aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]) | 435 | aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]) |
436 | { | 436 | { |
437 | switch(key_len) | 437 | switch(key_len) |
438 | { | 438 | { |
439 | #ifdef AES_ERR_CHK | 439 | #ifdef AES_ERR_CHK |
440 | case 16: case 128: return aes_decrypt_key128(in_key, cx); | 440 | case 16: case 128: return aes_decrypt_key128(in_key, cx); |
441 | case 24: case 192: return aes_decrypt_key192(in_key, cx); | 441 | case 24: case 192: return aes_decrypt_key192(in_key, cx); |
442 | case 32: case 256: return aes_decrypt_key256(in_key, cx); | 442 | case 32: case 256: return aes_decrypt_key256(in_key, cx); |
443 | default: return aes_error; | 443 | default: return aes_error; |
444 | #else | 444 | #else |
445 | case 16: case 128: aes_decrypt_key128(in_key, cx); return; | 445 | case 16: case 128: aes_decrypt_key128(in_key, cx); return; |
446 | case 24: case 192: aes_decrypt_key192(in_key, cx); return; | 446 | case 24: case 192: aes_decrypt_key192(in_key, cx); return; |
447 | case 32: case 256: aes_decrypt_key256(in_key, cx); return; | 447 | case 32: case 256: aes_decrypt_key256(in_key, cx); return; |
448 | #endif | 448 | #endif |
449 | } | 449 | } |
450 | } | 450 | } |
451 | 451 | ||
452 | #endif | 452 | #endif |
453 | 453 | ||
454 | #endif | 454 | #endif |
455 | 455 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aesopt.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aesopt.h index 45daa38..2dc58be 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aesopt.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aesopt.h | |||
@@ -1,949 +1,949 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | My thanks go to Dag Arne Osvik for devising the schemes used here for key | 33 | My thanks go to Dag Arne Osvik for devising the schemes used here for key |
34 | length derivation from the form of the key schedule | 34 | length derivation from the form of the key schedule |
35 | 35 | ||
36 | This file contains the compilation options for AES (Rijndael) and code | 36 | This file contains the compilation options for AES (Rijndael) and code |
37 | that is common across encryption, key scheduling and table generation. | 37 | that is common across encryption, key scheduling and table generation. |
38 | 38 | ||
39 | OPERATION | 39 | OPERATION |
40 | 40 | ||
41 | These source code files implement the AES algorithm Rijndael designed by | 41 | These source code files implement the AES algorithm Rijndael designed by |
42 | Joan Daemen and Vincent Rijmen. This version is designed for the standard | 42 | Joan Daemen and Vincent Rijmen. This version is designed for the standard |
43 | block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24 | 43 | block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24 |
44 | and 32 bytes). | 44 | and 32 bytes). |
45 | 45 | ||
46 | This version is designed for flexibility and speed using operations on | 46 | This version is designed for flexibility and speed using operations on |
47 | 32-bit words rather than operations on bytes. It can be compiled with | 47 | 32-bit words rather than operations on bytes. It can be compiled with |
48 | either big or little endian internal byte order but is faster when the | 48 | either big or little endian internal byte order but is faster when the |
49 | native byte order for the processor is used. | 49 | native byte order for the processor is used. |
50 | 50 | ||
51 | THE CIPHER INTERFACE | 51 | THE CIPHER INTERFACE |
52 | 52 | ||
53 | The cipher interface is implemented as an array of bytes in which lower | 53 | The cipher interface is implemented as an array of bytes in which lower |
54 | AES bit sequence indexes map to higher numeric significance within bytes. | 54 | AES bit sequence indexes map to higher numeric significance within bytes. |
55 | 55 | ||
56 | aes_08t (an unsigned 8-bit type) | 56 | aes_08t (an unsigned 8-bit type) |
57 | aes_32t (an unsigned 32-bit type) | 57 | aes_32t (an unsigned 32-bit type) |
58 | struct aes_encrypt_ctx (structure for the cipher encryption context) | 58 | struct aes_encrypt_ctx (structure for the cipher encryption context) |
59 | struct aes_decrypt_ctx (structure for the cipher decryption context) | 59 | struct aes_decrypt_ctx (structure for the cipher decryption context) |
60 | aes_rval the function return type | 60 | aes_rval the function return type |
61 | 61 | ||
62 | C subroutine calls: | 62 | C subroutine calls: |
63 | 63 | ||
64 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]); | 64 | aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]); |
65 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]); | 65 | aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]); |
66 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]); | 66 | aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]); |
67 | aes_rval aes_encrypt(const void *in_blk, | 67 | aes_rval aes_encrypt(const void *in_blk, |
68 | void *out_blk, const aes_encrypt_ctx cx[1]); | 68 | void *out_blk, const aes_encrypt_ctx cx[1]); |
69 | 69 | ||
70 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]); | 70 | aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]); |
71 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]); | 71 | aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]); |
72 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]); | 72 | aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]); |
73 | aes_rval aes_decrypt(const void *in_blk, | 73 | aes_rval aes_decrypt(const void *in_blk, |
74 | void *out_blk, const aes_decrypt_ctx cx[1]); | 74 | void *out_blk, const aes_decrypt_ctx cx[1]); |
75 | 75 | ||
76 | IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that | 76 | IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that |
77 | you call genTabs() before AES is used so that the tables are initialised. | 77 | you call genTabs() before AES is used so that the tables are initialised. |
78 | 78 | ||
79 | C++ aes class subroutines: | 79 | C++ aes class subroutines: |
80 | 80 | ||
81 | Class AESencrypt for encryption | 81 | Class AESencrypt for encryption |
82 | 82 | ||
83 | Construtors: | 83 | Construtors: |
84 | AESencrypt(void) | 84 | AESencrypt(void) |
85 | AESencrypt(const void *in_key) - 128 bit key | 85 | AESencrypt(const void *in_key) - 128 bit key |
86 | Members: | 86 | Members: |
87 | void key128(const void *in_key) | 87 | void key128(const void *in_key) |
88 | void key192(const void *in_key) | 88 | void key192(const void *in_key) |
89 | void key256(const void *in_key) | 89 | void key256(const void *in_key) |
90 | void encrypt(const void *in_blk, void *out_blk) const | 90 | void encrypt(const void *in_blk, void *out_blk) const |
91 | 91 | ||
92 | Class AESdecrypt for encryption | 92 | Class AESdecrypt for encryption |
93 | Construtors: | 93 | Construtors: |
94 | AESdecrypt(void) | 94 | AESdecrypt(void) |
95 | AESdecrypt(const void *in_key) - 128 bit key | 95 | AESdecrypt(const void *in_key) - 128 bit key |
96 | Members: | 96 | Members: |
97 | void key128(const void *in_key) | 97 | void key128(const void *in_key) |
98 | void key192(const void *in_key) | 98 | void key192(const void *in_key) |
99 | void key256(const void *in_key) | 99 | void key256(const void *in_key) |
100 | void decrypt(const void *in_blk, void *out_blk) const | 100 | void decrypt(const void *in_blk, void *out_blk) const |
101 | 101 | ||
102 | COMPILATION | 102 | COMPILATION |
103 | 103 | ||
104 | The files used to provide AES (Rijndael) are | 104 | The files used to provide AES (Rijndael) are |
105 | 105 | ||
106 | a. aes.h for the definitions needed for use in C. | 106 | a. aes.h for the definitions needed for use in C. |
107 | b. aescpp.h for the definitions needed for use in C++. | 107 | b. aescpp.h for the definitions needed for use in C++. |
108 | c. aesopt.h for setting compilation options (also includes common code). | 108 | c. aesopt.h for setting compilation options (also includes common code). |
109 | d. aescrypt.c for encryption and decrytpion, or | 109 | d. aescrypt.c for encryption and decrytpion, or |
110 | e. aeskey.c for key scheduling. | 110 | e. aeskey.c for key scheduling. |
111 | f. aestab.c for table loading or generation. | 111 | f. aestab.c for table loading or generation. |
112 | g. aescrypt.asm for encryption and decryption using assembler code. | 112 | g. aescrypt.asm for encryption and decryption using assembler code. |
113 | h. aescrypt.mmx.asm for encryption and decryption using MMX assembler. | 113 | h. aescrypt.mmx.asm for encryption and decryption using MMX assembler. |
114 | 114 | ||
115 | To compile AES (Rijndael) for use in C code use aes.h and set the | 115 | To compile AES (Rijndael) for use in C code use aes.h and set the |
116 | defines here for the facilities you need (key lengths, encryption | 116 | defines here for the facilities you need (key lengths, encryption |
117 | and/or decryption). Do not define AES_DLL or AES_CPP. Set the options | 117 | and/or decryption). Do not define AES_DLL or AES_CPP. Set the options |
118 | for optimisations and table sizes here. | 118 | for optimisations and table sizes here. |
119 | 119 | ||
120 | To compile AES (Rijndael) for use in in C++ code use aescpp.h but do | 120 | To compile AES (Rijndael) for use in in C++ code use aescpp.h but do |
121 | not define AES_DLL | 121 | not define AES_DLL |
122 | 122 | ||
123 | To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use | 123 | To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use |
124 | aes.h and include the AES_DLL define. | 124 | aes.h and include the AES_DLL define. |
125 | 125 | ||
126 | CONFIGURATION OPTIONS (here and in aes.h) | 126 | CONFIGURATION OPTIONS (here and in aes.h) |
127 | 127 | ||
128 | a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL | 128 | a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL |
129 | b. You may need to set PLATFORM_BYTE_ORDER to define the byte order. | 129 | b. You may need to set PLATFORM_BYTE_ORDER to define the byte order. |
130 | c. If you want the code to run in a specific internal byte order, then | 130 | c. If you want the code to run in a specific internal byte order, then |
131 | ALGORITHM_BYTE_ORDER must be set accordingly. | 131 | ALGORITHM_BYTE_ORDER must be set accordingly. |
132 | d. set other configuration options decribed below. | 132 | d. set other configuration options decribed below. |
133 | */ | 133 | */ |
134 | 134 | ||
135 | #ifndef _AESOPT_H | 135 | #ifndef _AESOPT_H |
136 | #define _AESOPT_H | 136 | #define _AESOPT_H |
137 | 137 | ||
138 | #include "aes.h" | 138 | #include "aes.h" |
139 | 139 | ||
140 | /* CONFIGURATION - USE OF DEFINES | 140 | /* CONFIGURATION - USE OF DEFINES |
141 | 141 | ||
142 | Later in this section there are a number of defines that control the | 142 | Later in this section there are a number of defines that control the |
143 | operation of the code. In each section, the purpose of each define is | 143 | operation of the code. In each section, the purpose of each define is |
144 | explained so that the relevant form can be included or excluded by | 144 | explained so that the relevant form can be included or excluded by |
145 | setting either 1's or 0's respectively on the branches of the related | 145 | setting either 1's or 0's respectively on the branches of the related |
146 | #if clauses. | 146 | #if clauses. |
147 | */ | 147 | */ |
148 | 148 | ||
149 | /* BYTE ORDER IN 32-BIT WORDS | 149 | /* BYTE ORDER IN 32-BIT WORDS |
150 | 150 | ||
151 | To obtain the highest speed on processors with 32-bit words, this code | 151 | To obtain the highest speed on processors with 32-bit words, this code |
152 | needs to determine the byte order of the target machine. The following | 152 | needs to determine the byte order of the target machine. The following |
153 | block of code is an attempt to capture the most obvious ways in which | 153 | block of code is an attempt to capture the most obvious ways in which |
154 | various environemnts define byte order. It may well fail, in which case | 154 | various environemnts define byte order. It may well fail, in which case |
155 | the definitions will need to be set by editing at the points marked | 155 | the definitions will need to be set by editing at the points marked |
156 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for | 156 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for |
157 | some of these defines (from cryptlib). | 157 | some of these defines (from cryptlib). |
158 | */ | 158 | */ |
159 | 159 | ||
160 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ | 160 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ |
161 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ | 161 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ |
162 | 162 | ||
163 | #ifdef __BIG_ENDIAN__ | 163 | #ifdef __BIG_ENDIAN__ |
164 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN | 164 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN |
165 | #else | 165 | #else |
166 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN | 166 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN |
167 | #endif | 167 | #endif |
168 | 168 | ||
169 | /* SOME LOCAL DEFINITIONS */ | 169 | /* SOME LOCAL DEFINITIONS */ |
170 | 170 | ||
171 | #define NO_TABLES 0 | 171 | #define NO_TABLES 0 |
172 | #define ONE_TABLE 1 | 172 | #define ONE_TABLE 1 |
173 | #define FOUR_TABLES 4 | 173 | #define FOUR_TABLES 4 |
174 | #define NONE 0 | 174 | #define NONE 0 |
175 | #define PARTIAL 1 | 175 | #define PARTIAL 1 |
176 | #define FULL 2 | 176 | #define FULL 2 |
177 | 177 | ||
178 | #define aes_sw32 Byteswap::byteswap | 178 | #define aes_sw32 Byteswap::byteswap |
179 | 179 | ||
180 | /* 1. FUNCTIONS REQUIRED | 180 | /* 1. FUNCTIONS REQUIRED |
181 | 181 | ||
182 | This implementation provides subroutines for encryption, decryption | 182 | This implementation provides subroutines for encryption, decryption |
183 | and for setting the three key lengths (separately) for encryption | 183 | and for setting the three key lengths (separately) for encryption |
184 | and decryption. When the assembler code is not being used the following | 184 | and decryption. When the assembler code is not being used the following |
185 | definition blocks allow the selection of the routines that are to be | 185 | definition blocks allow the selection of the routines that are to be |
186 | included in the compilation. | 186 | included in the compilation. |
187 | */ | 187 | */ |
188 | #ifdef AES_ENCRYPT | 188 | #ifdef AES_ENCRYPT |
189 | #define ENCRYPTION | 189 | #define ENCRYPTION |
190 | #define ENCRYPTION_KEY_SCHEDULE | 190 | #define ENCRYPTION_KEY_SCHEDULE |
191 | #endif | 191 | #endif |
192 | 192 | ||
193 | #ifdef AES_DECRYPT | 193 | #ifdef AES_DECRYPT |
194 | #define DECRYPTION | 194 | #define DECRYPTION |
195 | #define DECRYPTION_KEY_SCHEDULE | 195 | #define DECRYPTION_KEY_SCHEDULE |
196 | #endif | 196 | #endif |
197 | 197 | ||
198 | /* 2. ASSEMBLER SUPPORT | 198 | /* 2. ASSEMBLER SUPPORT |
199 | 199 | ||
200 | This define (which can be on the command line) enables the use of the | 200 | This define (which can be on the command line) enables the use of the |
201 | assembler code routines for encryption and decryption with the C code | 201 | assembler code routines for encryption and decryption with the C code |
202 | only providing key scheduling | 202 | only providing key scheduling |
203 | */ | 203 | */ |
204 | #if 0 | 204 | #if 0 |
205 | #define AES_ASM | 205 | #define AES_ASM |
206 | #endif | 206 | #endif |
207 | 207 | ||
208 | /* 3. BYTE ORDER WITHIN 32 BIT WORDS | 208 | /* 3. BYTE ORDER WITHIN 32 BIT WORDS |
209 | 209 | ||
210 | The fundamental data processing units in Rijndael are 8-bit bytes. The | 210 | The fundamental data processing units in Rijndael are 8-bit bytes. The |
211 | input, output and key input are all enumerated arrays of bytes in which | 211 | input, output and key input are all enumerated arrays of bytes in which |
212 | bytes are numbered starting at zero and increasing to one less than the | 212 | bytes are numbered starting at zero and increasing to one less than the |
213 | number of bytes in the array in question. This enumeration is only used | 213 | number of bytes in the array in question. This enumeration is only used |
214 | for naming bytes and does not imply any adjacency or order relationship | 214 | for naming bytes and does not imply any adjacency or order relationship |
215 | from one byte to another. When these inputs and outputs are considered | 215 | from one byte to another. When these inputs and outputs are considered |
216 | as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to | 216 | as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to |
217 | byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte. | 217 | byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte. |
218 | In this implementation bits are numbered from 0 to 7 starting at the | 218 | In this implementation bits are numbered from 0 to 7 starting at the |
219 | numerically least significant end of each byte (bit n represents 2^n). | 219 | numerically least significant end of each byte (bit n represents 2^n). |
220 | 220 | ||
221 | However, Rijndael can be implemented more efficiently using 32-bit | 221 | However, Rijndael can be implemented more efficiently using 32-bit |
222 | words by packing bytes into words so that bytes 4*n to 4*n+3 are placed | 222 | words by packing bytes into words so that bytes 4*n to 4*n+3 are placed |
223 | into word[n]. While in principle these bytes can be assembled into words | 223 | into word[n]. While in principle these bytes can be assembled into words |
224 | in any positions, this implementation only supports the two formats in | 224 | in any positions, this implementation only supports the two formats in |
225 | which bytes in adjacent positions within words also have adjacent byte | 225 | which bytes in adjacent positions within words also have adjacent byte |
226 | numbers. This order is called big-endian if the lowest numbered bytes | 226 | numbers. This order is called big-endian if the lowest numbered bytes |
227 | in words have the highest numeric significance and little-endian if the | 227 | in words have the highest numeric significance and little-endian if the |
228 | opposite applies. | 228 | opposite applies. |
229 | 229 | ||
230 | This code can work in either order irrespective of the order used by the | 230 | This code can work in either order irrespective of the order used by the |
231 | machine on which it runs. Normally the internal byte order will be set | 231 | machine on which it runs. Normally the internal byte order will be set |
232 | to the order of the processor on which the code is to be run but this | 232 | to the order of the processor on which the code is to be run but this |
233 | define can be used to reverse this in special situations | 233 | define can be used to reverse this in special situations |
234 | 234 | ||
235 | NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set | 235 | NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set |
236 | */ | 236 | */ |
237 | #if 1 || defined(AES_ASM) | 237 | #if 1 || defined(AES_ASM) |
238 | #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER | 238 | #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER |
239 | #elif 0 | 239 | #elif 0 |
240 | #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN | 240 | #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN |
241 | #elif 0 | 241 | #elif 0 |
242 | #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN | 242 | #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN |
243 | #else | 243 | #else |
244 | #error The algorithm byte order is not defined | 244 | #error The algorithm byte order is not defined |
245 | #endif | 245 | #endif |
246 | 246 | ||
247 | /* 4. FAST INPUT/OUTPUT OPERATIONS. | 247 | /* 4. FAST INPUT/OUTPUT OPERATIONS. |
248 | 248 | ||
249 | On some machines it is possible to improve speed by transferring the | 249 | On some machines it is possible to improve speed by transferring the |
250 | bytes in the input and output arrays to and from the internal 32-bit | 250 | bytes in the input and output arrays to and from the internal 32-bit |
251 | variables by addressing these arrays as if they are arrays of 32-bit | 251 | variables by addressing these arrays as if they are arrays of 32-bit |
252 | words. On some machines this will always be possible but there may | 252 | words. On some machines this will always be possible but there may |
253 | be a large performance penalty if the byte arrays are not aligned on | 253 | be a large performance penalty if the byte arrays are not aligned on |
254 | the normal word boundaries. On other machines this technique will | 254 | the normal word boundaries. On other machines this technique will |
255 | lead to memory access errors when such 32-bit word accesses are not | 255 | lead to memory access errors when such 32-bit word accesses are not |
256 | properly aligned. The option SAFE_IO avoids such problems but will | 256 | properly aligned. The option SAFE_IO avoids such problems but will |
257 | often be slower on those machines that support misaligned access | 257 | often be slower on those machines that support misaligned access |
258 | (especially so if care is taken to align the input and output byte | 258 | (especially so if care is taken to align the input and output byte |
259 | arrays on 32-bit word boundaries). If SAFE_IO is not defined it is | 259 | arrays on 32-bit word boundaries). If SAFE_IO is not defined it is |
260 | assumed that access to byte arrays as if they are arrays of 32-bit | 260 | assumed that access to byte arrays as if they are arrays of 32-bit |
261 | words will not cause problems when such accesses are misaligned. | 261 | words will not cause problems when such accesses are misaligned. |
262 | */ | 262 | */ |
263 | #if 1 && !defined(_MSC_VER) | 263 | #if 1 && !defined(_MSC_VER) |
264 | #define SAFE_IO | 264 | #define SAFE_IO |
265 | #endif | 265 | #endif |
266 | 266 | ||
267 | /* 5. LOOP UNROLLING | 267 | /* 5. LOOP UNROLLING |
268 | 268 | ||
269 | The code for encryption and decrytpion cycles through a number of rounds | 269 | The code for encryption and decrytpion cycles through a number of rounds |
270 | that can be implemented either in a loop or by expanding the code into a | 270 | that can be implemented either in a loop or by expanding the code into a |
271 | long sequence of instructions, the latter producing a larger program but | 271 | long sequence of instructions, the latter producing a larger program but |
272 | one that will often be much faster. The latter is called loop unrolling. | 272 | one that will often be much faster. The latter is called loop unrolling. |
273 | There are also potential speed advantages in expanding two iterations in | 273 | There are also potential speed advantages in expanding two iterations in |
274 | a loop with half the number of iterations, which is called partial loop | 274 | a loop with half the number of iterations, which is called partial loop |
275 | unrolling. The following options allow partial or full loop unrolling | 275 | unrolling. The following options allow partial or full loop unrolling |
276 | to be set independently for encryption and decryption | 276 | to be set independently for encryption and decryption |
277 | */ | 277 | */ |
278 | #if 1 | 278 | #if 1 |
279 | #define ENC_UNROLL FULL | 279 | #define ENC_UNROLL FULL |
280 | #elif 0 | 280 | #elif 0 |
281 | #define ENC_UNROLL PARTIAL | 281 | #define ENC_UNROLL PARTIAL |
282 | #else | 282 | #else |
283 | #define ENC_UNROLL NONE | 283 | #define ENC_UNROLL NONE |
284 | #endif | 284 | #endif |
285 | 285 | ||
286 | #if 1 | 286 | #if 1 |
287 | #define DEC_UNROLL FULL | 287 | #define DEC_UNROLL FULL |
288 | #elif 0 | 288 | #elif 0 |
289 | #define DEC_UNROLL PARTIAL | 289 | #define DEC_UNROLL PARTIAL |
290 | #else | 290 | #else |
291 | #define DEC_UNROLL NONE | 291 | #define DEC_UNROLL NONE |
292 | #endif | 292 | #endif |
293 | 293 | ||
294 | /* 6. FAST FINITE FIELD OPERATIONS | 294 | /* 6. FAST FINITE FIELD OPERATIONS |
295 | 295 | ||
296 | If this section is included, tables are used to provide faster finite | 296 | If this section is included, tables are used to provide faster finite |
297 | field arithmetic (this has no effect if FIXED_TABLES is defined). | 297 | field arithmetic (this has no effect if FIXED_TABLES is defined). |
298 | */ | 298 | */ |
299 | #if 0 | 299 | #if 0 |
300 | #define FF_TABLES | 300 | #define FF_TABLES |
301 | #endif | 301 | #endif |
302 | 302 | ||
303 | /* 7. INTERNAL STATE VARIABLE FORMAT | 303 | /* 7. INTERNAL STATE VARIABLE FORMAT |
304 | 304 | ||
305 | The internal state of Rijndael is stored in a number of local 32-bit | 305 | The internal state of Rijndael is stored in a number of local 32-bit |
306 | word varaibles which can be defined either as an array or as individual | 306 | word varaibles which can be defined either as an array or as individual |
307 | names variables. Include this section if you want to store these local | 307 | names variables. Include this section if you want to store these local |
308 | varaibles in arrays. Otherwise individual local variables will be used. | 308 | varaibles in arrays. Otherwise individual local variables will be used. |
309 | */ | 309 | */ |
310 | #if 1 | 310 | #if 1 |
311 | #define ARRAYS | 311 | #define ARRAYS |
312 | #endif | 312 | #endif |
313 | 313 | ||
314 | /* In this implementation the columns of the state array are each held in | 314 | /* In this implementation the columns of the state array are each held in |
315 | 32-bit words. The state array can be held in various ways: in an array | 315 | 32-bit words. The state array can be held in various ways: in an array |
316 | of words, in a number of individual word variables or in a number of | 316 | of words, in a number of individual word variables or in a number of |
317 | processor registers. The following define maps a variable name x and | 317 | processor registers. The following define maps a variable name x and |
318 | a column number c to the way the state array variable is to be held. | 318 | a column number c to the way the state array variable is to be held. |
319 | The first define below maps the state into an array x[c] whereas the | 319 | The first define below maps the state into an array x[c] whereas the |
320 | second form maps the state into a number of individual variables x0, | 320 | second form maps the state into a number of individual variables x0, |
321 | x1, etc. Another form could map individual state colums to machine | 321 | x1, etc. Another form could map individual state colums to machine |
322 | register names. | 322 | register names. |
323 | */ | 323 | */ |
324 | 324 | ||
325 | #if defined(ARRAYS) | 325 | #if defined(ARRAYS) |
326 | #define s(x,c) x[c] | 326 | #define s(x,c) x[c] |
327 | #else | 327 | #else |
328 | #define s(x,c) x##c | 328 | #define s(x,c) x##c |
329 | #endif | 329 | #endif |
330 | 330 | ||
331 | /* 8. FIXED OR DYNAMIC TABLES | 331 | /* 8. FIXED OR DYNAMIC TABLES |
332 | 332 | ||
333 | When this section is included the tables used by the code are compiled | 333 | When this section is included the tables used by the code are compiled |
334 | statically into the binary file. Otherwise the subroutine gen_tabs() | 334 | statically into the binary file. Otherwise the subroutine gen_tabs() |
335 | must be called to compute them before the code is first used. | 335 | must be called to compute them before the code is first used. |
336 | */ | 336 | */ |
337 | #if 1 | 337 | #if 1 |
338 | #define FIXED_TABLES | 338 | #define FIXED_TABLES |
339 | #define DO_TABLES | 339 | #define DO_TABLES |
340 | #endif | 340 | #endif |
341 | 341 | ||
342 | /* 9. TABLE ALIGNMENT | 342 | /* 9. TABLE ALIGNMENT |
343 | 343 | ||
344 | On some systems speed will be improved by aligning the AES large lookup | 344 | On some systems speed will be improved by aligning the AES large lookup |
345 | tables on particular boundaries. This define should be set to a power of | 345 | tables on particular boundaries. This define should be set to a power of |
346 | two giving the desired alignment. It can be left undefined if alignment | 346 | two giving the desired alignment. It can be left undefined if alignment |
347 | is not needed. This option is specific to the Microsft VC++ compiler - | 347 | is not needed. This option is specific to the Microsft VC++ compiler - |
348 | it seems to sometimes cause trouble for the VC++ version 6 compiler. | 348 | it seems to sometimes cause trouble for the VC++ version 6 compiler. |
349 | */ | 349 | */ |
350 | 350 | ||
351 | #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300) | 351 | #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300) |
352 | #define TABLE_ALIGN 64 | 352 | #define TABLE_ALIGN 64 |
353 | #endif | 353 | #endif |
354 | 354 | ||
355 | /* 10. INTERNAL TABLE CONFIGURATION | 355 | /* 10. INTERNAL TABLE CONFIGURATION |
356 | 356 | ||
357 | This cipher proceeds by repeating in a number of cycles known as 'rounds' | 357 | This cipher proceeds by repeating in a number of cycles known as 'rounds' |
358 | which are implemented by a round function which can optionally be speeded | 358 | which are implemented by a round function which can optionally be speeded |
359 | up using tables. The basic tables are each 256 32-bit words, with either | 359 | up using tables. The basic tables are each 256 32-bit words, with either |
360 | one or four tables being required for each round function depending on | 360 | one or four tables being required for each round function depending on |
361 | how much speed is required. The encryption and decryption round functions | 361 | how much speed is required. The encryption and decryption round functions |
362 | are different and the last encryption and decrytpion round functions are | 362 | are different and the last encryption and decrytpion round functions are |
363 | different again making four different round functions in all. | 363 | different again making four different round functions in all. |
364 | 364 | ||
365 | This means that: | 365 | This means that: |
366 | 1. Normal encryption and decryption rounds can each use either 0, 1 | 366 | 1. Normal encryption and decryption rounds can each use either 0, 1 |
367 | or 4 tables and table spaces of 0, 1024 or 4096 bytes each. | 367 | or 4 tables and table spaces of 0, 1024 or 4096 bytes each. |
368 | 2. The last encryption and decryption rounds can also use either 0, 1 | 368 | 2. The last encryption and decryption rounds can also use either 0, 1 |
369 | or 4 tables and table spaces of 0, 1024 or 4096 bytes each. | 369 | or 4 tables and table spaces of 0, 1024 or 4096 bytes each. |
370 | 370 | ||
371 | Include or exclude the appropriate definitions below to set the number | 371 | Include or exclude the appropriate definitions below to set the number |
372 | of tables used by this implementation. | 372 | of tables used by this implementation. |
373 | */ | 373 | */ |
374 | 374 | ||
375 | #if 1 /* set tables for the normal encryption round */ | 375 | #if 1 /* set tables for the normal encryption round */ |
376 | #define ENC_ROUND FOUR_TABLES | 376 | #define ENC_ROUND FOUR_TABLES |
377 | #elif 0 | 377 | #elif 0 |
378 | #define ENC_ROUND ONE_TABLE | 378 | #define ENC_ROUND ONE_TABLE |
379 | #else | 379 | #else |
380 | #define ENC_ROUND NO_TABLES | 380 | #define ENC_ROUND NO_TABLES |
381 | #endif | 381 | #endif |
382 | 382 | ||
383 | #if 1 /* set tables for the last encryption round */ | 383 | #if 1 /* set tables for the last encryption round */ |
384 | #define LAST_ENC_ROUND FOUR_TABLES | 384 | #define LAST_ENC_ROUND FOUR_TABLES |
385 | #elif 0 | 385 | #elif 0 |
386 | #define LAST_ENC_ROUND ONE_TABLE | 386 | #define LAST_ENC_ROUND ONE_TABLE |
387 | #else | 387 | #else |
388 | #define LAST_ENC_ROUND NO_TABLES | 388 | #define LAST_ENC_ROUND NO_TABLES |
389 | #endif | 389 | #endif |
390 | 390 | ||
391 | #if 1 /* set tables for the normal decryption round */ | 391 | #if 1 /* set tables for the normal decryption round */ |
392 | #define DEC_ROUND FOUR_TABLES | 392 | #define DEC_ROUND FOUR_TABLES |
393 | #elif 0 | 393 | #elif 0 |
394 | #define DEC_ROUND ONE_TABLE | 394 | #define DEC_ROUND ONE_TABLE |
395 | #else | 395 | #else |
396 | #define DEC_ROUND NO_TABLES | 396 | #define DEC_ROUND NO_TABLES |
397 | #endif | 397 | #endif |
398 | 398 | ||
399 | #if 1 /* set tables for the last decryption round */ | 399 | #if 1 /* set tables for the last decryption round */ |
400 | #define LAST_DEC_ROUND FOUR_TABLES | 400 | #define LAST_DEC_ROUND FOUR_TABLES |
401 | #elif 0 | 401 | #elif 0 |
402 | #define LAST_DEC_ROUND ONE_TABLE | 402 | #define LAST_DEC_ROUND ONE_TABLE |
403 | #else | 403 | #else |
404 | #define LAST_DEC_ROUND NO_TABLES | 404 | #define LAST_DEC_ROUND NO_TABLES |
405 | #endif | 405 | #endif |
406 | 406 | ||
407 | /* The decryption key schedule can be speeded up with tables in the same | 407 | /* The decryption key schedule can be speeded up with tables in the same |
408 | way that the round functions can. Include or exclude the following | 408 | way that the round functions can. Include or exclude the following |
409 | defines to set this requirement. | 409 | defines to set this requirement. |
410 | */ | 410 | */ |
411 | #if 1 | 411 | #if 1 |
412 | #define KEY_SCHED FOUR_TABLES | 412 | #define KEY_SCHED FOUR_TABLES |
413 | #elif 0 | 413 | #elif 0 |
414 | #define KEY_SCHED ONE_TABLE | 414 | #define KEY_SCHED ONE_TABLE |
415 | #else | 415 | #else |
416 | #define KEY_SCHED NO_TABLES | 416 | #define KEY_SCHED NO_TABLES |
417 | #endif | 417 | #endif |
418 | 418 | ||
419 | /* END OF CONFIGURATION OPTIONS */ | 419 | /* END OF CONFIGURATION OPTIONS */ |
420 | 420 | ||
421 | #define RC_LENGTH (5 * (AES_BLOCK_SIZE / 4 - 2)) | 421 | #define RC_LENGTH (5 * (AES_BLOCK_SIZE / 4 - 2)) |
422 | 422 | ||
423 | /* Disable or report errors on some combinations of options */ | 423 | /* Disable or report errors on some combinations of options */ |
424 | 424 | ||
425 | #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES | 425 | #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES |
426 | #undef LAST_ENC_ROUND | 426 | #undef LAST_ENC_ROUND |
427 | #define LAST_ENC_ROUND NO_TABLES | 427 | #define LAST_ENC_ROUND NO_TABLES |
428 | #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES | 428 | #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES |
429 | #undef LAST_ENC_ROUND | 429 | #undef LAST_ENC_ROUND |
430 | #define LAST_ENC_ROUND ONE_TABLE | 430 | #define LAST_ENC_ROUND ONE_TABLE |
431 | #endif | 431 | #endif |
432 | 432 | ||
433 | #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE | 433 | #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE |
434 | #undef ENC_UNROLL | 434 | #undef ENC_UNROLL |
435 | #define ENC_UNROLL NONE | 435 | #define ENC_UNROLL NONE |
436 | #endif | 436 | #endif |
437 | 437 | ||
438 | #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES | 438 | #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES |
439 | #undef LAST_DEC_ROUND | 439 | #undef LAST_DEC_ROUND |
440 | #define LAST_DEC_ROUND NO_TABLES | 440 | #define LAST_DEC_ROUND NO_TABLES |
441 | #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES | 441 | #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES |
442 | #undef LAST_DEC_ROUND | 442 | #undef LAST_DEC_ROUND |
443 | #define LAST_DEC_ROUND ONE_TABLE | 443 | #define LAST_DEC_ROUND ONE_TABLE |
444 | #endif | 444 | #endif |
445 | 445 | ||
446 | #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE | 446 | #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE |
447 | #undef DEC_UNROLL | 447 | #undef DEC_UNROLL |
448 | #define DEC_UNROLL NONE | 448 | #define DEC_UNROLL NONE |
449 | #endif | 449 | #endif |
450 | 450 | ||
451 | /* upr(x,n): rotates bytes within words by n positions, moving bytes to | 451 | /* upr(x,n): rotates bytes within words by n positions, moving bytes to |
452 | higher index positions with wrap around into low positions | 452 | higher index positions with wrap around into low positions |
453 | ups(x,n): moves bytes by n positions to higher index positions in | 453 | ups(x,n): moves bytes by n positions to higher index positions in |
454 | words but without wrap around | 454 | words but without wrap around |
455 | bval(x,n): extracts a byte from a word | 455 | bval(x,n): extracts a byte from a word |
456 | 456 | ||
457 | NOTE: The definitions given here are intended only for use with | 457 | NOTE: The definitions given here are intended only for use with |
458 | unsigned variables and with shift counts that are compile | 458 | unsigned variables and with shift counts that are compile |
459 | time constants | 459 | time constants |
460 | */ | 460 | */ |
461 | 461 | ||
462 | #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN) | 462 | #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN) |
463 | #define upr(x,n) (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n)))) | 463 | #define upr(x,n) (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n)))) |
464 | #define ups(x,n) ((aes_32t) (x) << (8 * (n))) | 464 | #define ups(x,n) ((aes_32t) (x) << (8 * (n))) |
465 | #define bval(x,n) ((aes_08t)((x) >> (8 * (n)))) | 465 | #define bval(x,n) ((aes_08t)((x) >> (8 * (n)))) |
466 | #define bytes2word(b0, b1, b2, b3) \ | 466 | #define bytes2word(b0, b1, b2, b3) \ |
467 | (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0)) | 467 | (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0)) |
468 | #endif | 468 | #endif |
469 | 469 | ||
470 | #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN) | 470 | #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN) |
471 | #define upr(x,n) (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n)))) | 471 | #define upr(x,n) (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n)))) |
472 | #define ups(x,n) ((aes_32t) (x) >> (8 * (n)))) | 472 | #define ups(x,n) ((aes_32t) (x) >> (8 * (n)))) |
473 | #define bval(x,n) ((aes_08t)((x) >> (24 - 8 * (n)))) | 473 | #define bval(x,n) ((aes_08t)((x) >> (24 - 8 * (n)))) |
474 | #define bytes2word(b0, b1, b2, b3) \ | 474 | #define bytes2word(b0, b1, b2, b3) \ |
475 | (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3)) | 475 | (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3)) |
476 | #endif | 476 | #endif |
477 | 477 | ||
478 | #if defined(SAFE_IO) | 478 | #if defined(SAFE_IO) |
479 | 479 | ||
480 | #define word_in(x,c) bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \ | 480 | #define word_in(x,c) bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \ |
481 | ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3]) | 481 | ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3]) |
482 | #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \ | 482 | #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \ |
483 | ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); } | 483 | ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); } |
484 | 484 | ||
485 | #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER) | 485 | #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER) |
486 | 486 | ||
487 | #define word_in(x,c) (*((aes_32t*)(x)+(c))) | 487 | #define word_in(x,c) (*((aes_32t*)(x)+(c))) |
488 | #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v)) | 488 | #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v)) |
489 | 489 | ||
490 | #else | 490 | #else |
491 | 491 | ||
492 | #define word_in(x,c) aes_sw32(*((aes_32t*)(x)+(c))) | 492 | #define word_in(x,c) aes_sw32(*((aes_32t*)(x)+(c))) |
493 | #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v)) | 493 | #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v)) |
494 | 494 | ||
495 | #endif | 495 | #endif |
496 | 496 | ||
497 | /* the finite field modular polynomial and elements */ | 497 | /* the finite field modular polynomial and elements */ |
498 | 498 | ||
499 | #define WPOLY 0x011b | 499 | #define WPOLY 0x011b |
500 | #define BPOLY 0x1b | 500 | #define BPOLY 0x1b |
501 | 501 | ||
502 | /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ | 502 | /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ |
503 | 503 | ||
504 | #define m1 0x80808080 | 504 | #define m1 0x80808080 |
505 | #define m2 0x7f7f7f7f | 505 | #define m2 0x7f7f7f7f |
506 | #define gf_mulx(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY)) | 506 | #define gf_mulx(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY)) |
507 | 507 | ||
508 | /* The following defines provide alternative definitions of gf_mulx that might | 508 | /* The following defines provide alternative definitions of gf_mulx that might |
509 | give improved performance if a fast 32-bit multiply is not available. Note | 509 | give improved performance if a fast 32-bit multiply is not available. Note |
510 | that a temporary variable u needs to be defined where gf_mulx is used. | 510 | that a temporary variable u needs to be defined where gf_mulx is used. |
511 | 511 | ||
512 | #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) | 512 | #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) |
513 | #define m4 (0x01010101 * BPOLY) | 513 | #define m4 (0x01010101 * BPOLY) |
514 | #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) | 514 | #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) |
515 | */ | 515 | */ |
516 | 516 | ||
517 | /* Work out which tables are needed for the different options */ | 517 | /* Work out which tables are needed for the different options */ |
518 | 518 | ||
519 | #ifdef AES_ASM | 519 | #ifdef AES_ASM |
520 | #ifdef ENC_ROUND | 520 | #ifdef ENC_ROUND |
521 | #undef ENC_ROUND | 521 | #undef ENC_ROUND |
522 | #endif | 522 | #endif |
523 | #define ENC_ROUND FOUR_TABLES | 523 | #define ENC_ROUND FOUR_TABLES |
524 | #ifdef LAST_ENC_ROUND | 524 | #ifdef LAST_ENC_ROUND |
525 | #undef LAST_ENC_ROUND | 525 | #undef LAST_ENC_ROUND |
526 | #endif | 526 | #endif |
527 | #define LAST_ENC_ROUND FOUR_TABLES | 527 | #define LAST_ENC_ROUND FOUR_TABLES |
528 | #ifdef DEC_ROUND | 528 | #ifdef DEC_ROUND |
529 | #undef DEC_ROUND | 529 | #undef DEC_ROUND |
530 | #endif | 530 | #endif |
531 | #define DEC_ROUND FOUR_TABLES | 531 | #define DEC_ROUND FOUR_TABLES |
532 | #ifdef LAST_DEC_ROUND | 532 | #ifdef LAST_DEC_ROUND |
533 | #undef LAST_DEC_ROUND | 533 | #undef LAST_DEC_ROUND |
534 | #endif | 534 | #endif |
535 | #define LAST_DEC_ROUND FOUR_TABLES | 535 | #define LAST_DEC_ROUND FOUR_TABLES |
536 | #ifdef KEY_SCHED | 536 | #ifdef KEY_SCHED |
537 | #undef KEY_SCHED | 537 | #undef KEY_SCHED |
538 | #define KEY_SCHED FOUR_TABLES | 538 | #define KEY_SCHED FOUR_TABLES |
539 | #endif | 539 | #endif |
540 | #endif | 540 | #endif |
541 | 541 | ||
542 | #if defined(ENCRYPTION) || defined(AES_ASM) | 542 | #if defined(ENCRYPTION) || defined(AES_ASM) |
543 | #if ENC_ROUND == ONE_TABLE | 543 | #if ENC_ROUND == ONE_TABLE |
544 | #define FT1_SET | 544 | #define FT1_SET |
545 | #elif ENC_ROUND == FOUR_TABLES | 545 | #elif ENC_ROUND == FOUR_TABLES |
546 | #define FT4_SET | 546 | #define FT4_SET |
547 | #else | 547 | #else |
548 | #define SBX_SET | 548 | #define SBX_SET |
549 | #endif | 549 | #endif |
550 | #if LAST_ENC_ROUND == ONE_TABLE | 550 | #if LAST_ENC_ROUND == ONE_TABLE |
551 | #define FL1_SET | 551 | #define FL1_SET |
552 | #elif LAST_ENC_ROUND == FOUR_TABLES | 552 | #elif LAST_ENC_ROUND == FOUR_TABLES |
553 | #define FL4_SET | 553 | #define FL4_SET |
554 | #elif !defined(SBX_SET) | 554 | #elif !defined(SBX_SET) |
555 | #define SBX_SET | 555 | #define SBX_SET |
556 | #endif | 556 | #endif |
557 | #endif | 557 | #endif |
558 | 558 | ||
559 | #if defined(DECRYPTION) || defined(AES_ASM) | 559 | #if defined(DECRYPTION) || defined(AES_ASM) |
560 | #if DEC_ROUND == ONE_TABLE | 560 | #if DEC_ROUND == ONE_TABLE |
561 | #define IT1_SET | 561 | #define IT1_SET |
562 | #elif DEC_ROUND == FOUR_TABLES | 562 | #elif DEC_ROUND == FOUR_TABLES |
563 | #define IT4_SET | 563 | #define IT4_SET |
564 | #else | 564 | #else |
565 | #define ISB_SET | 565 | #define ISB_SET |
566 | #endif | 566 | #endif |
567 | #if LAST_DEC_ROUND == ONE_TABLE | 567 | #if LAST_DEC_ROUND == ONE_TABLE |
568 | #define IL1_SET | 568 | #define IL1_SET |
569 | #elif LAST_DEC_ROUND == FOUR_TABLES | 569 | #elif LAST_DEC_ROUND == FOUR_TABLES |
570 | #define IL4_SET | 570 | #define IL4_SET |
571 | #elif !defined(ISB_SET) | 571 | #elif !defined(ISB_SET) |
572 | #define ISB_SET | 572 | #define ISB_SET |
573 | #endif | 573 | #endif |
574 | #endif | 574 | #endif |
575 | 575 | ||
576 | #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE) | 576 | #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE) |
577 | #if KEY_SCHED == ONE_TABLE | 577 | #if KEY_SCHED == ONE_TABLE |
578 | #define LS1_SET | 578 | #define LS1_SET |
579 | #define IM1_SET | 579 | #define IM1_SET |
580 | #elif KEY_SCHED == FOUR_TABLES | 580 | #elif KEY_SCHED == FOUR_TABLES |
581 | #define LS4_SET | 581 | #define LS4_SET |
582 | #define IM4_SET | 582 | #define IM4_SET |
583 | #elif !defined(SBX_SET) | 583 | #elif !defined(SBX_SET) |
584 | #define SBX_SET | 584 | #define SBX_SET |
585 | #endif | 585 | #endif |
586 | #endif | 586 | #endif |
587 | 587 | ||
588 | /* generic definitions of Rijndael macros that use tables */ | 588 | /* generic definitions of Rijndael macros that use tables */ |
589 | 589 | ||
590 | #define no_table(x,box,vf,rf,c) bytes2word( \ | 590 | #define no_table(x,box,vf,rf,c) bytes2word( \ |
591 | box[bval(vf(x,0,c),rf(0,c))], \ | 591 | box[bval(vf(x,0,c),rf(0,c))], \ |
592 | box[bval(vf(x,1,c),rf(1,c))], \ | 592 | box[bval(vf(x,1,c),rf(1,c))], \ |
593 | box[bval(vf(x,2,c),rf(2,c))], \ | 593 | box[bval(vf(x,2,c),rf(2,c))], \ |
594 | box[bval(vf(x,3,c),rf(3,c))]) | 594 | box[bval(vf(x,3,c),rf(3,c))]) |
595 | 595 | ||
596 | #define one_table(x,op,tab,vf,rf,c) \ | 596 | #define one_table(x,op,tab,vf,rf,c) \ |
597 | ( tab[bval(vf(x,0,c),rf(0,c))] \ | 597 | ( tab[bval(vf(x,0,c),rf(0,c))] \ |
598 | ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ | 598 | ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ |
599 | ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ | 599 | ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ |
600 | ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) | 600 | ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) |
601 | 601 | ||
602 | #define four_tables(x,tab,vf,rf,c) \ | 602 | #define four_tables(x,tab,vf,rf,c) \ |
603 | ( tab[0][bval(vf(x,0,c),rf(0,c))] \ | 603 | ( tab[0][bval(vf(x,0,c),rf(0,c))] \ |
604 | ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ | 604 | ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ |
605 | ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ | 605 | ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ |
606 | ^ tab[3][bval(vf(x,3,c),rf(3,c))]) | 606 | ^ tab[3][bval(vf(x,3,c),rf(3,c))]) |
607 | 607 | ||
608 | #define vf1(x,r,c) (x) | 608 | #define vf1(x,r,c) (x) |
609 | #define rf1(r,c) (r) | 609 | #define rf1(r,c) (r) |
610 | #define rf2(r,c) ((8+r-c)&3) | 610 | #define rf2(r,c) ((8+r-c)&3) |
611 | 611 | ||
612 | /* perform forward and inverse column mix operation on four bytes in long word x in */ | 612 | /* perform forward and inverse column mix operation on four bytes in long word x in */ |
613 | /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */ | 613 | /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros. */ |
614 | 614 | ||
615 | #if defined(FM4_SET) /* not currently used */ | 615 | #if defined(FM4_SET) /* not currently used */ |
616 | #define fwd_mcol(x) four_tables(x,t_use(f,m),vf1,rf1,0) | 616 | #define fwd_mcol(x) four_tables(x,t_use(f,m),vf1,rf1,0) |
617 | #elif defined(FM1_SET) /* not currently used */ | 617 | #elif defined(FM1_SET) /* not currently used */ |
618 | #define fwd_mcol(x) one_table(x,upr,t_use(f,m),vf1,rf1,0) | 618 | #define fwd_mcol(x) one_table(x,upr,t_use(f,m),vf1,rf1,0) |
619 | #else | 619 | #else |
620 | #define dec_fmvars aes_32t g2 | 620 | #define dec_fmvars aes_32t g2 |
621 | #define fwd_mcol(x) (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1)) | 621 | #define fwd_mcol(x) (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1)) |
622 | #endif | 622 | #endif |
623 | 623 | ||
624 | #if defined(IM4_SET) | 624 | #if defined(IM4_SET) |
625 | #define inv_mcol(x) four_tables(x,t_use(i,m),vf1,rf1,0) | 625 | #define inv_mcol(x) four_tables(x,t_use(i,m),vf1,rf1,0) |
626 | #elif defined(IM1_SET) | 626 | #elif defined(IM1_SET) |
627 | #define inv_mcol(x) one_table(x,upr,t_use(i,m),vf1,rf1,0) | 627 | #define inv_mcol(x) one_table(x,upr,t_use(i,m),vf1,rf1,0) |
628 | #else | 628 | #else |
629 | #define dec_imvars aes_32t g2, g4, g9 | 629 | #define dec_imvars aes_32t g2, g4, g9 |
630 | #define inv_mcol(x) (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \ | 630 | #define inv_mcol(x) (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \ |
631 | (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1)) | 631 | (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1)) |
632 | #endif | 632 | #endif |
633 | 633 | ||
634 | #if defined(FL4_SET) | 634 | #if defined(FL4_SET) |
635 | #define ls_box(x,c) four_tables(x,t_use(f,l),vf1,rf2,c) | 635 | #define ls_box(x,c) four_tables(x,t_use(f,l),vf1,rf2,c) |
636 | #elif defined(LS4_SET) | 636 | #elif defined(LS4_SET) |
637 | #define ls_box(x,c) four_tables(x,t_use(l,s),vf1,rf2,c) | 637 | #define ls_box(x,c) four_tables(x,t_use(l,s),vf1,rf2,c) |
638 | #elif defined(FL1_SET) | 638 | #elif defined(FL1_SET) |
639 | #define ls_box(x,c) one_table(x,upr,t_use(f,l),vf1,rf2,c) | 639 | #define ls_box(x,c) one_table(x,upr,t_use(f,l),vf1,rf2,c) |
640 | #elif defined(LS1_SET) | 640 | #elif defined(LS1_SET) |
641 | #define ls_box(x,c) one_table(x,upr,t_use(l,s),vf1,rf2,c) | 641 | #define ls_box(x,c) one_table(x,upr,t_use(l,s),vf1,rf2,c) |
642 | #else | 642 | #else |
643 | #define ls_box(x,c) no_table(x,t_use(s,box),vf1,rf2,c) | 643 | #define ls_box(x,c) no_table(x,t_use(s,box),vf1,rf2,c) |
644 | #endif | 644 | #endif |
645 | 645 | ||
646 | /* If there are no global variables, the definitions here can be | 646 | /* If there are no global variables, the definitions here can be |
647 | used to put the AES tables in a structure so that a pointer | 647 | used to put the AES tables in a structure so that a pointer |
648 | can then be added to the AES context to pass them to the AES | 648 | can then be added to the AES context to pass them to the AES |
649 | routines that need them. If this facility is used, the calling | 649 | routines that need them. If this facility is used, the calling |
650 | program has to ensure that this pointer is managed appropriately. | 650 | program has to ensure that this pointer is managed appropriately. |
651 | In particular, the value of the t_dec(in,it) item in the table | 651 | In particular, the value of the t_dec(in,it) item in the table |
652 | structure must be set to zero in order to ensure that the tables | 652 | structure must be set to zero in order to ensure that the tables |
653 | are initialised. In practice the three code sequences in aeskey.c | 653 | are initialised. In practice the three code sequences in aeskey.c |
654 | that control the calls to gen_tabs() and the gen_tabs() routine | 654 | that control the calls to gen_tabs() and the gen_tabs() routine |
655 | itself will have to be changed for a specific implementation. If | 655 | itself will have to be changed for a specific implementation. If |
656 | global variables are available it will generally be preferable to | 656 | global variables are available it will generally be preferable to |
657 | use them with the precomputed FIXED_TABLES option that uses static | 657 | use them with the precomputed FIXED_TABLES option that uses static |
658 | global tables. | 658 | global tables. |
659 | 659 | ||
660 | The following defines can be used to control the way the tables | 660 | The following defines can be used to control the way the tables |
661 | are defined, initialised and used in embedded environments that | 661 | are defined, initialised and used in embedded environments that |
662 | require special features for these purposes | 662 | require special features for these purposes |
663 | 663 | ||
664 | the 't_dec' construction is used to declare fixed table arrays | 664 | the 't_dec' construction is used to declare fixed table arrays |
665 | the 't_set' construction is used to set fixed table values | 665 | the 't_set' construction is used to set fixed table values |
666 | the 't_use' construction is used to access fixed table values | 666 | the 't_use' construction is used to access fixed table values |
667 | 667 | ||
668 | 256 byte tables: | 668 | 256 byte tables: |
669 | 669 | ||
670 | t_xxx(s,box) => forward S box | 670 | t_xxx(s,box) => forward S box |
671 | t_xxx(i,box) => inverse S box | 671 | t_xxx(i,box) => inverse S box |
672 | 672 | ||
673 | 256 32-bit word OR 4 x 256 32-bit word tables: | 673 | 256 32-bit word OR 4 x 256 32-bit word tables: |
674 | 674 | ||
675 | t_xxx(f,n) => forward normal round | 675 | t_xxx(f,n) => forward normal round |
676 | t_xxx(f,l) => forward last round | 676 | t_xxx(f,l) => forward last round |
677 | t_xxx(i,n) => inverse normal round | 677 | t_xxx(i,n) => inverse normal round |
678 | t_xxx(i,l) => inverse last round | 678 | t_xxx(i,l) => inverse last round |
679 | t_xxx(l,s) => key schedule table | 679 | t_xxx(l,s) => key schedule table |
680 | t_xxx(i,m) => key schedule table | 680 | t_xxx(i,m) => key schedule table |
681 | 681 | ||
682 | Other variables and tables: | 682 | Other variables and tables: |
683 | 683 | ||
684 | t_xxx(r,c) => the rcon table | 684 | t_xxx(r,c) => the rcon table |
685 | */ | 685 | */ |
686 | 686 | ||
687 | #define t_dec(m,n) t_##m##n | 687 | #define t_dec(m,n) t_##m##n |
688 | #define t_set(m,n) t_##m##n | 688 | #define t_set(m,n) t_##m##n |
689 | #define t_use(m,n) t_##m##n | 689 | #define t_use(m,n) t_##m##n |
690 | 690 | ||
691 | #if defined(DO_TABLES) /* declare and instantiate tables */ | 691 | #if defined(DO_TABLES) /* declare and instantiate tables */ |
692 | 692 | ||
693 | /* finite field arithmetic operations for table generation */ | 693 | /* finite field arithmetic operations for table generation */ |
694 | 694 | ||
695 | #if defined(FIXED_TABLES) || !defined(FF_TABLES) | 695 | #if defined(FIXED_TABLES) || !defined(FF_TABLES) |
696 | 696 | ||
697 | #define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) | 697 | #define f2(x) ((x<<1) ^ (((x>>7) & 1) * WPOLY)) |
698 | #define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) | 698 | #define f4(x) ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY)) |
699 | #define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ | 699 | #define f8(x) ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \ |
700 | ^ (((x>>5) & 4) * WPOLY)) | 700 | ^ (((x>>5) & 4) * WPOLY)) |
701 | #define f3(x) (f2(x) ^ x) | 701 | #define f3(x) (f2(x) ^ x) |
702 | #define f9(x) (f8(x) ^ x) | 702 | #define f9(x) (f8(x) ^ x) |
703 | #define fb(x) (f8(x) ^ f2(x) ^ x) | 703 | #define fb(x) (f8(x) ^ f2(x) ^ x) |
704 | #define fd(x) (f8(x) ^ f4(x) ^ x) | 704 | #define fd(x) (f8(x) ^ f4(x) ^ x) |
705 | #define fe(x) (f8(x) ^ f4(x) ^ f2(x)) | 705 | #define fe(x) (f8(x) ^ f4(x) ^ f2(x)) |
706 | 706 | ||
707 | #else | 707 | #else |
708 | 708 | ||
709 | #define f2(x) ((x) ? pow[log[x] + 0x19] : 0) | 709 | #define f2(x) ((x) ? pow[log[x] + 0x19] : 0) |
710 | #define f3(x) ((x) ? pow[log[x] + 0x01] : 0) | 710 | #define f3(x) ((x) ? pow[log[x] + 0x01] : 0) |
711 | #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0) | 711 | #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0) |
712 | #define fb(x) ((x) ? pow[log[x] + 0x68] : 0) | 712 | #define fb(x) ((x) ? pow[log[x] + 0x68] : 0) |
713 | #define fd(x) ((x) ? pow[log[x] + 0xee] : 0) | 713 | #define fd(x) ((x) ? pow[log[x] + 0xee] : 0) |
714 | #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0) | 714 | #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0) |
715 | #define fi(x) ((x) ? pow[ 255 - log[x]] : 0) | 715 | #define fi(x) ((x) ? pow[ 255 - log[x]] : 0) |
716 | 716 | ||
717 | #endif | 717 | #endif |
718 | 718 | ||
719 | #if defined(FIXED_TABLES) /* declare and set values for static tables */ | 719 | #if defined(FIXED_TABLES) /* declare and set values for static tables */ |
720 | 720 | ||
721 | #define sb_data(w) \ | 721 | #define sb_data(w) \ |
722 | w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\ | 722 | w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\ |
723 | w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\ | 723 | w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\ |
724 | w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\ | 724 | w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\ |
725 | w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\ | 725 | w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\ |
726 | w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\ | 726 | w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\ |
727 | w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\ | 727 | w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\ |
728 | w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\ | 728 | w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\ |
729 | w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\ | 729 | w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\ |
730 | w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\ | 730 | w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\ |
731 | w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\ | 731 | w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\ |
732 | w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\ | 732 | w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\ |
733 | w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\ | 733 | w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\ |
734 | w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\ | 734 | w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\ |
735 | w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\ | 735 | w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\ |
736 | w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\ | 736 | w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\ |
737 | w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\ | 737 | w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\ |
738 | w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\ | 738 | w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\ |
739 | w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\ | 739 | w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\ |
740 | w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\ | 740 | w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\ |
741 | w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\ | 741 | w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\ |
742 | w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\ | 742 | w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\ |
743 | w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\ | 743 | w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\ |
744 | w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\ | 744 | w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\ |
745 | w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\ | 745 | w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\ |
746 | w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\ | 746 | w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\ |
747 | w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\ | 747 | w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\ |
748 | w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\ | 748 | w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\ |
749 | w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\ | 749 | w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\ |
750 | w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\ | 750 | w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\ |
751 | w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\ | 751 | w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\ |
752 | w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\ | 752 | w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\ |
753 | w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) | 753 | w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) |
754 | 754 | ||
755 | #define isb_data(w) \ | 755 | #define isb_data(w) \ |
756 | w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\ | 756 | w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\ |
757 | w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\ | 757 | w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\ |
758 | w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\ | 758 | w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\ |
759 | w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\ | 759 | w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\ |
760 | w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\ | 760 | w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\ |
761 | w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\ | 761 | w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\ |
762 | w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\ | 762 | w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\ |
763 | w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\ | 763 | w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\ |
764 | w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\ | 764 | w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\ |
765 | w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\ | 765 | w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\ |
766 | w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\ | 766 | w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\ |
767 | w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\ | 767 | w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\ |
768 | w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\ | 768 | w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\ |
769 | w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\ | 769 | w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\ |
770 | w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\ | 770 | w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\ |
771 | w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\ | 771 | w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\ |
772 | w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\ | 772 | w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\ |
773 | w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\ | 773 | w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\ |
774 | w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\ | 774 | w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\ |
775 | w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\ | 775 | w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\ |
776 | w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\ | 776 | w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\ |
777 | w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\ | 777 | w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\ |
778 | w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\ | 778 | w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\ |
779 | w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\ | 779 | w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\ |
780 | w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\ | 780 | w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\ |
781 | w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\ | 781 | w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\ |
782 | w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\ | 782 | w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\ |
783 | w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\ | 783 | w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\ |
784 | w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\ | 784 | w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\ |
785 | w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\ | 785 | w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\ |
786 | w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\ | 786 | w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\ |
787 | w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d), | 787 | w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d), |
788 | 788 | ||
789 | #define mm_data(w) \ | 789 | #define mm_data(w) \ |
790 | w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\ | 790 | w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\ |
791 | w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\ | 791 | w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\ |
792 | w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\ | 792 | w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\ |
793 | w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\ | 793 | w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\ |
794 | w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\ | 794 | w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\ |
795 | w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\ | 795 | w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\ |
796 | w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\ | 796 | w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\ |
797 | w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\ | 797 | w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\ |
798 | w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\ | 798 | w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\ |
799 | w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\ | 799 | w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\ |
800 | w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\ | 800 | w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\ |
801 | w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\ | 801 | w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\ |
802 | w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\ | 802 | w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\ |
803 | w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\ | 803 | w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\ |
804 | w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\ | 804 | w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\ |
805 | w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\ | 805 | w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\ |
806 | w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\ | 806 | w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\ |
807 | w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\ | 807 | w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\ |
808 | w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\ | 808 | w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\ |
809 | w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\ | 809 | w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\ |
810 | w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\ | 810 | w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\ |
811 | w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\ | 811 | w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\ |
812 | w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\ | 812 | w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\ |
813 | w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\ | 813 | w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\ |
814 | w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\ | 814 | w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\ |
815 | w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\ | 815 | w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\ |
816 | w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\ | 816 | w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\ |
817 | w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\ | 817 | w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\ |
818 | w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\ | 818 | w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\ |
819 | w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\ | 819 | w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\ |
820 | w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\ | 820 | w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\ |
821 | w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) | 821 | w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) |
822 | 822 | ||
823 | #define h0(x) (x) | 823 | #define h0(x) (x) |
824 | 824 | ||
825 | /* These defines are used to ensure tables are generated in the | 825 | /* These defines are used to ensure tables are generated in the |
826 | right format depending on the internal byte order required | 826 | right format depending on the internal byte order required |
827 | */ | 827 | */ |
828 | 828 | ||
829 | #define w0(p) bytes2word(p, 0, 0, 0) | 829 | #define w0(p) bytes2word(p, 0, 0, 0) |
830 | #define w1(p) bytes2word(0, p, 0, 0) | 830 | #define w1(p) bytes2word(0, p, 0, 0) |
831 | #define w2(p) bytes2word(0, 0, p, 0) | 831 | #define w2(p) bytes2word(0, 0, p, 0) |
832 | #define w3(p) bytes2word(0, 0, 0, p) | 832 | #define w3(p) bytes2word(0, 0, 0, p) |
833 | 833 | ||
834 | #define u0(p) bytes2word(f2(p), p, p, f3(p)) | 834 | #define u0(p) bytes2word(f2(p), p, p, f3(p)) |
835 | #define u1(p) bytes2word(f3(p), f2(p), p, p) | 835 | #define u1(p) bytes2word(f3(p), f2(p), p, p) |
836 | #define u2(p) bytes2word(p, f3(p), f2(p), p) | 836 | #define u2(p) bytes2word(p, f3(p), f2(p), p) |
837 | #define u3(p) bytes2word(p, p, f3(p), f2(p)) | 837 | #define u3(p) bytes2word(p, p, f3(p), f2(p)) |
838 | 838 | ||
839 | #define v0(p) bytes2word(fe(p), f9(p), fd(p), fb(p)) | 839 | #define v0(p) bytes2word(fe(p), f9(p), fd(p), fb(p)) |
840 | #define v1(p) bytes2word(fb(p), fe(p), f9(p), fd(p)) | 840 | #define v1(p) bytes2word(fb(p), fe(p), f9(p), fd(p)) |
841 | #define v2(p) bytes2word(fd(p), fb(p), fe(p), f9(p)) | 841 | #define v2(p) bytes2word(fd(p), fb(p), fe(p), f9(p)) |
842 | #define v3(p) bytes2word(f9(p), fd(p), fb(p), fe(p)) | 842 | #define v3(p) bytes2word(f9(p), fd(p), fb(p), fe(p)) |
843 | 843 | ||
844 | const aes_32t t_dec(r,c)[RC_LENGTH] = | 844 | const aes_32t t_dec(r,c)[RC_LENGTH] = |
845 | { | 845 | { |
846 | w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10), | 846 | w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10), |
847 | w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36) | 847 | w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36) |
848 | }; | 848 | }; |
849 | 849 | ||
850 | #define d_1(t,n,b,v) const t n[256] = { b(v##0) } | 850 | #define d_1(t,n,b,v) const t n[256] = { b(v##0) } |
851 | #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } } | 851 | #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } } |
852 | 852 | ||
853 | #else /* declare and instantiate tables for dynamic value generation in in tab.c */ | 853 | #else /* declare and instantiate tables for dynamic value generation in in tab.c */ |
854 | 854 | ||
855 | aes_32t t_dec(r,c)[RC_LENGTH]; | 855 | aes_32t t_dec(r,c)[RC_LENGTH]; |
856 | 856 | ||
857 | #define d_1(t,n,b,v) t n[256] | 857 | #define d_1(t,n,b,v) t n[256] |
858 | #define d_4(t,n,b,v) t n[4][256] | 858 | #define d_4(t,n,b,v) t n[4][256] |
859 | 859 | ||
860 | #endif | 860 | #endif |
861 | 861 | ||
862 | #else /* declare tables without instantiation */ | 862 | #else /* declare tables without instantiation */ |
863 | 863 | ||
864 | #if defined(FIXED_TABLES) | 864 | #if defined(FIXED_TABLES) |
865 | 865 | ||
866 | extern const aes_32t t_dec(r,c)[RC_LENGTH]; | 866 | extern const aes_32t t_dec(r,c)[RC_LENGTH]; |
867 | 867 | ||
868 | #if defined(_MSC_VER) && defined(TABLE_ALIGN) | 868 | #if defined(_MSC_VER) && defined(TABLE_ALIGN) |
869 | #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t n[256] | 869 | #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t n[256] |
870 | #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t n[4][256] | 870 | #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t n[4][256] |
871 | #else | 871 | #else |
872 | #define d_1(t,n,b,v) extern const t n[256] | 872 | #define d_1(t,n,b,v) extern const t n[256] |
873 | #define d_4(t,n,b,v) extern const t n[4][256] | 873 | #define d_4(t,n,b,v) extern const t n[4][256] |
874 | #endif | 874 | #endif |
875 | #else | 875 | #else |
876 | 876 | ||
877 | extern aes_32t t_dec(r,c)[RC_LENGTH]; | 877 | extern aes_32t t_dec(r,c)[RC_LENGTH]; |
878 | 878 | ||
879 | #if defined(_MSC_VER) && defined(TABLE_ALIGN) | 879 | #if defined(_MSC_VER) && defined(TABLE_ALIGN) |
880 | #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t n[256] | 880 | #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t n[256] |
881 | #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t n[4][256] | 881 | #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t n[4][256] |
882 | #else | 882 | #else |
883 | #define d_1(t,n,b,v) extern t n[256] | 883 | #define d_1(t,n,b,v) extern t n[256] |
884 | #define d_4(t,n,b,v) extern t n[4][256] | 884 | #define d_4(t,n,b,v) extern t n[4][256] |
885 | #endif | 885 | #endif |
886 | #endif | 886 | #endif |
887 | 887 | ||
888 | #endif | 888 | #endif |
889 | 889 | ||
890 | #ifdef SBX_SET | 890 | #ifdef SBX_SET |
891 | d_1(aes_08t, t_dec(s,box), sb_data, h); | 891 | d_1(aes_08t, t_dec(s,box), sb_data, h); |
892 | #endif | 892 | #endif |
893 | #ifdef ISB_SET | 893 | #ifdef ISB_SET |
894 | d_1(aes_08t, t_dec(i,box), isb_data, h); | 894 | d_1(aes_08t, t_dec(i,box), isb_data, h); |
895 | #endif | 895 | #endif |
896 | 896 | ||
897 | #ifdef FT1_SET | 897 | #ifdef FT1_SET |
898 | d_1(aes_32t, t_dec(f,n), sb_data, u); | 898 | d_1(aes_32t, t_dec(f,n), sb_data, u); |
899 | #endif | 899 | #endif |
900 | #ifdef FT4_SET | 900 | #ifdef FT4_SET |
901 | d_4(aes_32t, t_dec(f,n), sb_data, u); | 901 | d_4(aes_32t, t_dec(f,n), sb_data, u); |
902 | #endif | 902 | #endif |
903 | 903 | ||
904 | #ifdef FL1_SET | 904 | #ifdef FL1_SET |
905 | d_1(aes_32t, t_dec(f,l), sb_data, w); | 905 | d_1(aes_32t, t_dec(f,l), sb_data, w); |
906 | #endif | 906 | #endif |
907 | #ifdef FL4_SET | 907 | #ifdef FL4_SET |
908 | d_4(aes_32t, t_dec(f,l), sb_data, w); | 908 | d_4(aes_32t, t_dec(f,l), sb_data, w); |
909 | #endif | 909 | #endif |
910 | 910 | ||
911 | #ifdef IT1_SET | 911 | #ifdef IT1_SET |
912 | d_1(aes_32t, t_dec(i,n), isb_data, v); | 912 | d_1(aes_32t, t_dec(i,n), isb_data, v); |
913 | #endif | 913 | #endif |
914 | #ifdef IT4_SET | 914 | #ifdef IT4_SET |
915 | d_4(aes_32t, t_dec(i,n), isb_data, v); | 915 | d_4(aes_32t, t_dec(i,n), isb_data, v); |
916 | #endif | 916 | #endif |
917 | 917 | ||
918 | #ifdef IL1_SET | 918 | #ifdef IL1_SET |
919 | d_1(aes_32t, t_dec(i,l), isb_data, w); | 919 | d_1(aes_32t, t_dec(i,l), isb_data, w); |
920 | #endif | 920 | #endif |
921 | #ifdef IL4_SET | 921 | #ifdef IL4_SET |
922 | d_4(aes_32t, t_dec(i,l), isb_data, w); | 922 | d_4(aes_32t, t_dec(i,l), isb_data, w); |
923 | #endif | 923 | #endif |
924 | 924 | ||
925 | #ifdef LS1_SET | 925 | #ifdef LS1_SET |
926 | #ifdef FL1_SET | 926 | #ifdef FL1_SET |
927 | #undef LS1_SET | 927 | #undef LS1_SET |
928 | #else | 928 | #else |
929 | d_1(aes_32t, t_dec(l,s), sb_data, w); | 929 | d_1(aes_32t, t_dec(l,s), sb_data, w); |
930 | #endif | 930 | #endif |
931 | #endif | 931 | #endif |
932 | 932 | ||
933 | #ifdef LS4_SET | 933 | #ifdef LS4_SET |
934 | #ifdef FL4_SET | 934 | #ifdef FL4_SET |
935 | #undef LS4_SET | 935 | #undef LS4_SET |
936 | #else | 936 | #else |
937 | d_4(aes_32t, t_dec(l,s), sb_data, w); | 937 | d_4(aes_32t, t_dec(l,s), sb_data, w); |
938 | #endif | 938 | #endif |
939 | #endif | 939 | #endif |
940 | 940 | ||
941 | #ifdef IM1_SET | 941 | #ifdef IM1_SET |
942 | d_1(aes_32t, t_dec(i,m), mm_data, v); | 942 | d_1(aes_32t, t_dec(i,m), mm_data, v); |
943 | #endif | 943 | #endif |
944 | #ifdef IM4_SET | 944 | #ifdef IM4_SET |
945 | d_4(aes_32t, t_dec(i,m), mm_data, v); | 945 | d_4(aes_32t, t_dec(i,m), mm_data, v); |
946 | #endif | 946 | #endif |
947 | 947 | ||
948 | #endif | 948 | #endif |
949 | 949 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aestab.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aestab.cpp index e94aa76..9653f91 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aestab.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/aestab.cpp | |||
@@ -1,223 +1,223 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2003, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #define DO_TABLES | 35 | #define DO_TABLES |
36 | 36 | ||
37 | #include "aesopt.h" | 37 | #include "aesopt.h" |
38 | 38 | ||
39 | #if defined(FIXED_TABLES) | 39 | #if defined(FIXED_TABLES) |
40 | 40 | ||
41 | /* implemented in case of wrong call for fixed tables */ | 41 | /* implemented in case of wrong call for fixed tables */ |
42 | 42 | ||
43 | void gen_tabs(void) | 43 | void gen_tabs(void) |
44 | { | 44 | { |
45 | } | 45 | } |
46 | 46 | ||
47 | #else /* dynamic table generation */ | 47 | #else /* dynamic table generation */ |
48 | 48 | ||
49 | #if !defined(FF_TABLES) | 49 | #if !defined(FF_TABLES) |
50 | 50 | ||
51 | /* Generate the tables for the dynamic table option | 51 | /* Generate the tables for the dynamic table option |
52 | 52 | ||
53 | It will generally be sensible to use tables to compute finite | 53 | It will generally be sensible to use tables to compute finite |
54 | field multiplies and inverses but where memory is scarse this | 54 | field multiplies and inverses but where memory is scarse this |
55 | code might sometimes be better. But it only has effect during | 55 | code might sometimes be better. But it only has effect during |
56 | initialisation so its pretty unimportant in overall terms. | 56 | initialisation so its pretty unimportant in overall terms. |
57 | */ | 57 | */ |
58 | 58 | ||
59 | /* return 2 ^ (n - 1) where n is the bit number of the highest bit | 59 | /* return 2 ^ (n - 1) where n is the bit number of the highest bit |
60 | set in x with x in the range 1 < x < 0x00000200. This form is | 60 | set in x with x in the range 1 < x < 0x00000200. This form is |
61 | used so that locals within fi can be bytes rather than words | 61 | used so that locals within fi can be bytes rather than words |
62 | */ | 62 | */ |
63 | 63 | ||
64 | static aes_08t hibit(const aes_32t x) | 64 | static aes_08t hibit(const aes_32t x) |
65 | { aes_08t r = (aes_08t)((x >> 1) | (x >> 2)); | 65 | { aes_08t r = (aes_08t)((x >> 1) | (x >> 2)); |
66 | 66 | ||
67 | r |= (r >> 2); | 67 | r |= (r >> 2); |
68 | r |= (r >> 4); | 68 | r |= (r >> 4); |
69 | return (r + 1) >> 1; | 69 | return (r + 1) >> 1; |
70 | } | 70 | } |
71 | 71 | ||
72 | /* return the inverse of the finite field element x */ | 72 | /* return the inverse of the finite field element x */ |
73 | 73 | ||
74 | static aes_08t fi(const aes_08t x) | 74 | static aes_08t fi(const aes_08t x) |
75 | { aes_08t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; | 75 | { aes_08t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; |
76 | 76 | ||
77 | if(x < 2) return x; | 77 | if(x < 2) return x; |
78 | 78 | ||
79 | for(;;) | 79 | for(;;) |
80 | { | 80 | { |
81 | if(!n1) return v1; | 81 | if(!n1) return v1; |
82 | 82 | ||
83 | while(n2 >= n1) | 83 | while(n2 >= n1) |
84 | { | 84 | { |
85 | n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); | 85 | n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); |
86 | } | 86 | } |
87 | 87 | ||
88 | if(!n2) return v2; | 88 | if(!n2) return v2; |
89 | 89 | ||
90 | while(n1 >= n2) | 90 | while(n1 >= n2) |
91 | { | 91 | { |
92 | n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); | 92 | n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); |
93 | } | 93 | } |
94 | } | 94 | } |
95 | } | 95 | } |
96 | 96 | ||
97 | #endif | 97 | #endif |
98 | 98 | ||
99 | /* The forward and inverse affine transformations used in the S-box */ | 99 | /* The forward and inverse affine transformations used in the S-box */ |
100 | 100 | ||
101 | #define fwd_affine(x) \ | 101 | #define fwd_affine(x) \ |
102 | (w = (aes_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(aes_08t)(w^(w>>8))) | 102 | (w = (aes_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(aes_08t)(w^(w>>8))) |
103 | 103 | ||
104 | #define inv_affine(x) \ | 104 | #define inv_affine(x) \ |
105 | (w = (aes_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(aes_08t)(w^(w>>8))) | 105 | (w = (aes_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(aes_08t)(w^(w>>8))) |
106 | 106 | ||
107 | static int init = 0; | 107 | static int init = 0; |
108 | 108 | ||
109 | void gen_tabs(void) | 109 | void gen_tabs(void) |
110 | { aes_32t i, w; | 110 | { aes_32t i, w; |
111 | 111 | ||
112 | #if defined(FF_TABLES) | 112 | #if defined(FF_TABLES) |
113 | 113 | ||
114 | aes_08t pow[512], log[256]; | 114 | aes_08t pow[512], log[256]; |
115 | 115 | ||
116 | if(init) return; | 116 | if(init) return; |
117 | /* log and power tables for GF(2^8) finite field with | 117 | /* log and power tables for GF(2^8) finite field with |
118 | WPOLY as modular polynomial - the simplest primitive | 118 | WPOLY as modular polynomial - the simplest primitive |
119 | root is 0x03, used here to generate the tables | 119 | root is 0x03, used here to generate the tables |
120 | */ | 120 | */ |
121 | 121 | ||
122 | i = 0; w = 1; | 122 | i = 0; w = 1; |
123 | do | 123 | do |
124 | { | 124 | { |
125 | pow[i] = (aes_08t)w; | 125 | pow[i] = (aes_08t)w; |
126 | pow[i + 255] = (aes_08t)w; | 126 | pow[i + 255] = (aes_08t)w; |
127 | log[w] = (aes_08t)i++; | 127 | log[w] = (aes_08t)i++; |
128 | w ^= (w << 1) ^ (w & 0x80 ? WPOLY : 0); | 128 | w ^= (w << 1) ^ (w & 0x80 ? WPOLY : 0); |
129 | } | 129 | } |
130 | while (w != 1); | 130 | while (w != 1); |
131 | 131 | ||
132 | #else | 132 | #else |
133 | if(init) return; | 133 | if(init) return; |
134 | #endif | 134 | #endif |
135 | 135 | ||
136 | for(i = 0, w = 1; i < RC_LENGTH; ++i) | 136 | for(i = 0, w = 1; i < RC_LENGTH; ++i) |
137 | { | 137 | { |
138 | t_set(r,c)[i] = bytes2word(w, 0, 0, 0); | 138 | t_set(r,c)[i] = bytes2word(w, 0, 0, 0); |
139 | w = f2(w); | 139 | w = f2(w); |
140 | } | 140 | } |
141 | 141 | ||
142 | for(i = 0; i < 256; ++i) | 142 | for(i = 0; i < 256; ++i) |
143 | { aes_08t b; | 143 | { aes_08t b; |
144 | 144 | ||
145 | b = fwd_affine(fi((aes_08t)i)); | 145 | b = fwd_affine(fi((aes_08t)i)); |
146 | w = bytes2word(f2(b), b, b, f3(b)); | 146 | w = bytes2word(f2(b), b, b, f3(b)); |
147 | 147 | ||
148 | #ifdef SBX_SET | 148 | #ifdef SBX_SET |
149 | t_set(s,box)[i] = b; | 149 | t_set(s,box)[i] = b; |
150 | #endif | 150 | #endif |
151 | 151 | ||
152 | #ifdef FT1_SET /* tables for a normal encryption round */ | 152 | #ifdef FT1_SET /* tables for a normal encryption round */ |
153 | t_set(f,n)[i] = w; | 153 | t_set(f,n)[i] = w; |
154 | #endif | 154 | #endif |
155 | #ifdef FT4_SET | 155 | #ifdef FT4_SET |
156 | t_set(f,n)[0][i] = w; | 156 | t_set(f,n)[0][i] = w; |
157 | t_set(f,n)[1][i] = upr(w,1); | 157 | t_set(f,n)[1][i] = upr(w,1); |
158 | t_set(f,n)[2][i] = upr(w,2); | 158 | t_set(f,n)[2][i] = upr(w,2); |
159 | t_set(f,n)[3][i] = upr(w,3); | 159 | t_set(f,n)[3][i] = upr(w,3); |
160 | #endif | 160 | #endif |
161 | w = bytes2word(b, 0, 0, 0); | 161 | w = bytes2word(b, 0, 0, 0); |
162 | 162 | ||
163 | #ifdef FL1_SET /* tables for last encryption round (may also */ | 163 | #ifdef FL1_SET /* tables for last encryption round (may also */ |
164 | t_set(f,l)[i] = w; /* be used in the key schedule) */ | 164 | t_set(f,l)[i] = w; /* be used in the key schedule) */ |
165 | #endif | 165 | #endif |
166 | #ifdef FL4_SET | 166 | #ifdef FL4_SET |
167 | t_set(f,l)[0][i] = w; | 167 | t_set(f,l)[0][i] = w; |
168 | t_set(f,l)[1][i] = upr(w,1); | 168 | t_set(f,l)[1][i] = upr(w,1); |
169 | t_set(f,l)[2][i] = upr(w,2); | 169 | t_set(f,l)[2][i] = upr(w,2); |
170 | t_set(f,l)[3][i] = upr(w,3); | 170 | t_set(f,l)[3][i] = upr(w,3); |
171 | #endif | 171 | #endif |
172 | 172 | ||
173 | #ifdef LS1_SET /* table for key schedule if t_set(f,l) above is */ | 173 | #ifdef LS1_SET /* table for key schedule if t_set(f,l) above is */ |
174 | t_set(l,s)[i] = w; /* not of the required form */ | 174 | t_set(l,s)[i] = w; /* not of the required form */ |
175 | #endif | 175 | #endif |
176 | #ifdef LS4_SET | 176 | #ifdef LS4_SET |
177 | t_set(l,s)[0][i] = w; | 177 | t_set(l,s)[0][i] = w; |
178 | t_set(l,s)[1][i] = upr(w,1); | 178 | t_set(l,s)[1][i] = upr(w,1); |
179 | t_set(l,s)[2][i] = upr(w,2); | 179 | t_set(l,s)[2][i] = upr(w,2); |
180 | t_set(l,s)[3][i] = upr(w,3); | 180 | t_set(l,s)[3][i] = upr(w,3); |
181 | #endif | 181 | #endif |
182 | 182 | ||
183 | b = fi(inv_affine((aes_08t)i)); | 183 | b = fi(inv_affine((aes_08t)i)); |
184 | w = bytes2word(fe(b), f9(b), fd(b), fb(b)); | 184 | w = bytes2word(fe(b), f9(b), fd(b), fb(b)); |
185 | 185 | ||
186 | #ifdef IM1_SET /* tables for the inverse mix column operation */ | 186 | #ifdef IM1_SET /* tables for the inverse mix column operation */ |
187 | t_set(i,m)[b] = w; | 187 | t_set(i,m)[b] = w; |
188 | #endif | 188 | #endif |
189 | #ifdef IM4_SET | 189 | #ifdef IM4_SET |
190 | t_set(i,m)[0][b] = w; | 190 | t_set(i,m)[0][b] = w; |
191 | t_set(i,m)[1][b] = upr(w,1); | 191 | t_set(i,m)[1][b] = upr(w,1); |
192 | t_set(i,m)[2][b] = upr(w,2); | 192 | t_set(i,m)[2][b] = upr(w,2); |
193 | t_set(i,m)[3][b] = upr(w,3); | 193 | t_set(i,m)[3][b] = upr(w,3); |
194 | #endif | 194 | #endif |
195 | 195 | ||
196 | #ifdef ISB_SET | 196 | #ifdef ISB_SET |
197 | t_set(i,box)[i] = b; | 197 | t_set(i,box)[i] = b; |
198 | #endif | 198 | #endif |
199 | #ifdef IT1_SET /* tables for a normal decryption round */ | 199 | #ifdef IT1_SET /* tables for a normal decryption round */ |
200 | t_set(i,n)[i] = w; | 200 | t_set(i,n)[i] = w; |
201 | #endif | 201 | #endif |
202 | #ifdef IT4_SET | 202 | #ifdef IT4_SET |
203 | t_set(i,n)[0][i] = w; | 203 | t_set(i,n)[0][i] = w; |
204 | t_set(i,n)[1][i] = upr(w,1); | 204 | t_set(i,n)[1][i] = upr(w,1); |
205 | t_set(i,n)[2][i] = upr(w,2); | 205 | t_set(i,n)[2][i] = upr(w,2); |
206 | t_set(i,n)[3][i] = upr(w,3); | 206 | t_set(i,n)[3][i] = upr(w,3); |
207 | #endif | 207 | #endif |
208 | w = bytes2word(b, 0, 0, 0); | 208 | w = bytes2word(b, 0, 0, 0); |
209 | #ifdef IL1_SET /* tables for last decryption round */ | 209 | #ifdef IL1_SET /* tables for last decryption round */ |
210 | t_set(i,l)[i] = w; | 210 | t_set(i,l)[i] = w; |
211 | #endif | 211 | #endif |
212 | #ifdef IL4_SET | 212 | #ifdef IL4_SET |
213 | t_set(i,l)[0][i] = w; | 213 | t_set(i,l)[0][i] = w; |
214 | t_set(i,l)[1][i] = upr(w,1); | 214 | t_set(i,l)[1][i] = upr(w,1); |
215 | t_set(i,l)[2][i] = upr(w,2); | 215 | t_set(i,l)[2][i] = upr(w,2); |
216 | t_set(i,l)[3][i] = upr(w,3); | 216 | t_set(i,l)[3][i] = upr(w,3); |
217 | #endif | 217 | #endif |
218 | } | 218 | } |
219 | init = 1; | 219 | init = 1; |
220 | } | 220 | } |
221 | 221 | ||
222 | #endif | 222 | #endif |
223 | 223 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.cpp index 4e76c77..4f3fc3e 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.cpp | |||
@@ -1,140 +1,140 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | ------------------------------------------------------------------------- | 30 | ------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This file implements password based file encryption and authentication | 33 | This file implements password based file encryption and authentication |
34 | using AES in CTR mode, HMAC-SHA1 authentication and RFC2898 password | 34 | using AES in CTR mode, HMAC-SHA1 authentication and RFC2898 password |
35 | based key derivation. | 35 | based key derivation. |
36 | 36 | ||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include <memory.h> | 39 | #include <memory.h> |
40 | 40 | ||
41 | #include "fileenc.h" | 41 | #include "fileenc.h" |
42 | 42 | ||
43 | /* subroutine for data encryption/decryption */ | 43 | /* subroutine for data encryption/decryption */ |
44 | /* this could be speeded up a lot by aligning */ | 44 | /* this could be speeded up a lot by aligning */ |
45 | /* buffers and using 32 bit operations */ | 45 | /* buffers and using 32 bit operations */ |
46 | 46 | ||
47 | static void encr_data(unsigned char data[], unsigned long d_len, fcrypt_ctx cx[1]) | 47 | static void encr_data(unsigned char data[], unsigned long d_len, fcrypt_ctx cx[1]) |
48 | { | 48 | { |
49 | unsigned long i = 0, pos = cx->encr_pos; | 49 | unsigned long i = 0, pos = cx->encr_pos; |
50 | 50 | ||
51 | while(i < d_len) | 51 | while(i < d_len) |
52 | { | 52 | { |
53 | if(pos == BLOCK_SIZE) | 53 | if(pos == BLOCK_SIZE) |
54 | { unsigned int j = 0; | 54 | { unsigned int j = 0; |
55 | /* increment encryption nonce */ | 55 | /* increment encryption nonce */ |
56 | while(j < 8 && !++cx->nonce[j]) | 56 | while(j < 8 && !++cx->nonce[j]) |
57 | ++j; | 57 | ++j; |
58 | /* encrypt the nonce to form next xor buffer */ | 58 | /* encrypt the nonce to form next xor buffer */ |
59 | aes_encrypt(cx->nonce, cx->encr_bfr, cx->encr_ctx); | 59 | aes_encrypt(cx->nonce, cx->encr_bfr, cx->encr_ctx); |
60 | pos = 0; | 60 | pos = 0; |
61 | } | 61 | } |
62 | 62 | ||
63 | data[i++] ^= cx->encr_bfr[pos++]; | 63 | data[i++] ^= cx->encr_bfr[pos++]; |
64 | } | 64 | } |
65 | 65 | ||
66 | cx->encr_pos = pos; | 66 | cx->encr_pos = pos; |
67 | } | 67 | } |
68 | 68 | ||
69 | int fcrypt_init( | 69 | int fcrypt_init( |
70 | int mode, /* the mode to be used (input) */ | 70 | int mode, /* the mode to be used (input) */ |
71 | const unsigned char pwd[], /* the user specified password (input) */ | 71 | const unsigned char pwd[], /* the user specified password (input) */ |
72 | unsigned int pwd_len, /* the length of the password (input) */ | 72 | unsigned int pwd_len, /* the length of the password (input) */ |
73 | const unsigned char salt[], /* the salt (input) */ | 73 | const unsigned char salt[], /* the salt (input) */ |
74 | #ifdef PASSWORD_VERIFIER | 74 | #ifdef PASSWORD_VERIFIER |
75 | unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ | 75 | unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ |
76 | #endif | 76 | #endif |
77 | fcrypt_ctx cx[1]) /* the file encryption context (output) */ | 77 | fcrypt_ctx cx[1]) /* the file encryption context (output) */ |
78 | { | 78 | { |
79 | unsigned char kbuf[2 * MAX_KEY_LENGTH + PWD_VER_LENGTH]; | 79 | unsigned char kbuf[2 * MAX_KEY_LENGTH + PWD_VER_LENGTH]; |
80 | 80 | ||
81 | if(pwd_len > MAX_PWD_LENGTH) | 81 | if(pwd_len > MAX_PWD_LENGTH) |
82 | return PASSWORD_TOO_LONG; | 82 | return PASSWORD_TOO_LONG; |
83 | 83 | ||
84 | if(mode < 1 || mode > 3) | 84 | if(mode < 1 || mode > 3) |
85 | return BAD_MODE; | 85 | return BAD_MODE; |
86 | 86 | ||
87 | cx->mode = mode; | 87 | cx->mode = mode; |
88 | cx->pwd_len = pwd_len; | 88 | cx->pwd_len = pwd_len; |
89 | /* initialise the encryption nonce and buffer pos */ | 89 | /* initialise the encryption nonce and buffer pos */ |
90 | cx->encr_pos = BLOCK_SIZE; | 90 | cx->encr_pos = BLOCK_SIZE; |
91 | 91 | ||
92 | /* if we need a random component in the encryption */ | 92 | /* if we need a random component in the encryption */ |
93 | /* nonce, this is where it would have to be set */ | 93 | /* nonce, this is where it would have to be set */ |
94 | memset(cx->nonce, 0, BLOCK_SIZE * sizeof(unsigned char)); | 94 | memset(cx->nonce, 0, BLOCK_SIZE * sizeof(unsigned char)); |
95 | /* initialise for authentication */ | 95 | /* initialise for authentication */ |
96 | hmac_sha_begin(cx->auth_ctx); | 96 | hmac_sha_begin(cx->auth_ctx); |
97 | 97 | ||
98 | /* derive the encryption and authetication keys and the password verifier */ | 98 | /* derive the encryption and authetication keys and the password verifier */ |
99 | derive_key(pwd, pwd_len, salt, SALT_LENGTH(mode), KEYING_ITERATIONS, | 99 | derive_key(pwd, pwd_len, salt, SALT_LENGTH(mode), KEYING_ITERATIONS, |
100 | kbuf, 2 * KEY_LENGTH(mode) + PWD_VER_LENGTH); | 100 | kbuf, 2 * KEY_LENGTH(mode) + PWD_VER_LENGTH); |
101 | /* set the encryption key */ | 101 | /* set the encryption key */ |
102 | aes_encrypt_key(kbuf, KEY_LENGTH(mode), cx->encr_ctx); | 102 | aes_encrypt_key(kbuf, KEY_LENGTH(mode), cx->encr_ctx); |
103 | /* set the authentication key */ | 103 | /* set the authentication key */ |
104 | hmac_sha_key(kbuf + KEY_LENGTH(mode), KEY_LENGTH(mode), cx->auth_ctx); | 104 | hmac_sha_key(kbuf + KEY_LENGTH(mode), KEY_LENGTH(mode), cx->auth_ctx); |
105 | #ifdef PASSWORD_VERIFIER | 105 | #ifdef PASSWORD_VERIFIER |
106 | memcpy(pwd_ver, kbuf + 2 * KEY_LENGTH(mode), PWD_VER_LENGTH); | 106 | memcpy(pwd_ver, kbuf + 2 * KEY_LENGTH(mode), PWD_VER_LENGTH); |
107 | #endif | 107 | #endif |
108 | /* clear the buffer holding the derived key values */ | 108 | /* clear the buffer holding the derived key values */ |
109 | memset(kbuf, 0, 2 * KEY_LENGTH(mode) + PWD_VER_LENGTH); | 109 | memset(kbuf, 0, 2 * KEY_LENGTH(mode) + PWD_VER_LENGTH); |
110 | 110 | ||
111 | return GOOD_RETURN; | 111 | return GOOD_RETURN; |
112 | } | 112 | } |
113 | 113 | ||
114 | /* perform 'in place' encryption and authentication */ | 114 | /* perform 'in place' encryption and authentication */ |
115 | 115 | ||
116 | void fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) | 116 | void fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) |
117 | { | 117 | { |
118 | encr_data(data, data_len, cx); | 118 | encr_data(data, data_len, cx); |
119 | hmac_sha_data(data, data_len, cx->auth_ctx); | 119 | hmac_sha_data(data, data_len, cx->auth_ctx); |
120 | } | 120 | } |
121 | 121 | ||
122 | /* perform 'in place' authentication and decryption */ | 122 | /* perform 'in place' authentication and decryption */ |
123 | 123 | ||
124 | void fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) | 124 | void fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]) |
125 | { | 125 | { |
126 | hmac_sha_data(data, data_len, cx->auth_ctx); | 126 | hmac_sha_data(data, data_len, cx->auth_ctx); |
127 | encr_data(data, data_len, cx); | 127 | encr_data(data, data_len, cx); |
128 | } | 128 | } |
129 | 129 | ||
130 | /* close encryption/decryption and return the MAC value */ | 130 | /* close encryption/decryption and return the MAC value */ |
131 | 131 | ||
132 | int fcrypt_end(unsigned char mac[], fcrypt_ctx cx[1]) | 132 | int fcrypt_end(unsigned char mac[], fcrypt_ctx cx[1]) |
133 | { | 133 | { |
134 | unsigned int res = cx->mode; | 134 | unsigned int res = cx->mode; |
135 | 135 | ||
136 | hmac_sha_end(mac, MAC_LENGTH(cx->mode), cx->auth_ctx); | 136 | hmac_sha_end(mac, MAC_LENGTH(cx->mode), cx->auth_ctx); |
137 | memset(cx, 0, sizeof(fcrypt_ctx)); /* clear the encryption context */ | 137 | memset(cx, 0, sizeof(fcrypt_ctx)); /* clear the encryption context */ |
138 | return MAC_LENGTH(res); /* return MAC length in bytes */ | 138 | return MAC_LENGTH(res); /* return MAC length in bytes */ |
139 | } | 139 | } |
140 | 140 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.h index ba5cabc..f1b7619 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/fileenc.h | |||
@@ -1,114 +1,114 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 24/01/2003 | 31 | Issue Date: 24/01/2003 |
32 | 32 | ||
33 | This file contains the header file for fileenc.c, which implements password | 33 | This file contains the header file for fileenc.c, which implements password |
34 | based file encryption and authentication using AES in CTR mode, HMAC-SHA1 | 34 | based file encryption and authentication using AES in CTR mode, HMAC-SHA1 |
35 | authentication and RFC2898 password based key derivation. | 35 | authentication and RFC2898 password based key derivation. |
36 | */ | 36 | */ |
37 | 37 | ||
38 | #ifndef _FENC_H | 38 | #ifndef _FENC_H |
39 | #define _FENC_H | 39 | #define _FENC_H |
40 | 40 | ||
41 | #include "aes.h" | 41 | #include "aes.h" |
42 | #include "hmac.h" | 42 | #include "hmac.h" |
43 | #include "pwd2key.h" | 43 | #include "pwd2key.h" |
44 | 44 | ||
45 | #define BLOCK_SIZE AES_BLOCK_SIZE | 45 | #define BLOCK_SIZE AES_BLOCK_SIZE |
46 | #define PASSWORD_VERIFIER | 46 | #define PASSWORD_VERIFIER |
47 | 47 | ||
48 | #define MAX_KEY_LENGTH 32 | 48 | #define MAX_KEY_LENGTH 32 |
49 | #define MAX_PWD_LENGTH 128 | 49 | #define MAX_PWD_LENGTH 128 |
50 | #define MAX_SALT_LENGTH 16 | 50 | #define MAX_SALT_LENGTH 16 |
51 | #define KEYING_ITERATIONS 1000 | 51 | #define KEYING_ITERATIONS 1000 |
52 | 52 | ||
53 | #ifdef PASSWORD_VERIFIER | 53 | #ifdef PASSWORD_VERIFIER |
54 | #define PWD_VER_LENGTH 2 | 54 | #define PWD_VER_LENGTH 2 |
55 | #else | 55 | #else |
56 | #define PWD_VER_LENGTH 0 | 56 | #define PWD_VER_LENGTH 0 |
57 | #endif | 57 | #endif |
58 | 58 | ||
59 | #define GOOD_RETURN 0 | 59 | #define GOOD_RETURN 0 |
60 | #define PASSWORD_TOO_LONG -100 | 60 | #define PASSWORD_TOO_LONG -100 |
61 | #define BAD_MODE -101 | 61 | #define BAD_MODE -101 |
62 | 62 | ||
63 | /* | 63 | /* |
64 | Field lengths (in bytes) versus File Encryption Mode (0 < mode < 4) | 64 | Field lengths (in bytes) versus File Encryption Mode (0 < mode < 4) |
65 | 65 | ||
66 | Mode Key Salt MAC Overhead | 66 | Mode Key Salt MAC Overhead |
67 | 1 16 8 10 18 | 67 | 1 16 8 10 18 |
68 | 2 24 12 10 22 | 68 | 2 24 12 10 22 |
69 | 3 32 16 10 26 | 69 | 3 32 16 10 26 |
70 | 70 | ||
71 | The following macros assume that the mode value is correct. | 71 | The following macros assume that the mode value is correct. |
72 | */ | 72 | */ |
73 | 73 | ||
74 | #define KEY_LENGTH(mode) (8 * (mode & 3) + 8) | 74 | #define KEY_LENGTH(mode) (8 * (mode & 3) + 8) |
75 | #define SALT_LENGTH(mode) (4 * (mode & 3) + 4) | 75 | #define SALT_LENGTH(mode) (4 * (mode & 3) + 4) |
76 | #define MAC_LENGTH(mode) (10) | 76 | #define MAC_LENGTH(mode) (10) |
77 | 77 | ||
78 | /* the context for file encryption */ | 78 | /* the context for file encryption */ |
79 | 79 | ||
80 | typedef struct | 80 | typedef struct |
81 | { unsigned char nonce[BLOCK_SIZE]; /* the CTR nonce */ | 81 | { unsigned char nonce[BLOCK_SIZE]; /* the CTR nonce */ |
82 | unsigned char encr_bfr[BLOCK_SIZE]; /* encrypt buffer */ | 82 | unsigned char encr_bfr[BLOCK_SIZE]; /* encrypt buffer */ |
83 | aes_encrypt_ctx encr_ctx[1]; /* encryption context */ | 83 | aes_encrypt_ctx encr_ctx[1]; /* encryption context */ |
84 | hmac_ctx auth_ctx[1]; /* authentication context */ | 84 | hmac_ctx auth_ctx[1]; /* authentication context */ |
85 | unsigned int encr_pos; /* block position (enc) */ | 85 | unsigned int encr_pos; /* block position (enc) */ |
86 | unsigned int pwd_len; /* password length */ | 86 | unsigned int pwd_len; /* password length */ |
87 | unsigned int mode; /* File encryption mode */ | 87 | unsigned int mode; /* File encryption mode */ |
88 | } fcrypt_ctx; | 88 | } fcrypt_ctx; |
89 | 89 | ||
90 | /* initialise file encryption or decryption */ | 90 | /* initialise file encryption or decryption */ |
91 | 91 | ||
92 | int fcrypt_init( | 92 | int fcrypt_init( |
93 | int mode, /* the mode to be used (input) */ | 93 | int mode, /* the mode to be used (input) */ |
94 | const unsigned char pwd[], /* the user specified password (input) */ | 94 | const unsigned char pwd[], /* the user specified password (input) */ |
95 | unsigned int pwd_len, /* the length of the password (input) */ | 95 | unsigned int pwd_len, /* the length of the password (input) */ |
96 | const unsigned char salt[], /* the salt (input) */ | 96 | const unsigned char salt[], /* the salt (input) */ |
97 | #ifdef PASSWORD_VERIFIER | 97 | #ifdef PASSWORD_VERIFIER |
98 | unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ | 98 | unsigned char pwd_ver[PWD_VER_LENGTH], /* 2 byte password verifier (output) */ |
99 | #endif | 99 | #endif |
100 | fcrypt_ctx cx[1]); /* the file encryption context (output) */ | 100 | fcrypt_ctx cx[1]); /* the file encryption context (output) */ |
101 | 101 | ||
102 | /* perform 'in place' encryption or decryption and authentication */ | 102 | /* perform 'in place' encryption or decryption and authentication */ |
103 | 103 | ||
104 | void fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); | 104 | void fcrypt_encrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); |
105 | void fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); | 105 | void fcrypt_decrypt(unsigned char data[], unsigned int data_len, fcrypt_ctx cx[1]); |
106 | 106 | ||
107 | /* close encryption/decryption and return the MAC value */ | 107 | /* close encryption/decryption and return the MAC value */ |
108 | /* the return value is the length of the MAC */ | 108 | /* the return value is the length of the MAC */ |
109 | 109 | ||
110 | int fcrypt_end(unsigned char mac[], /* the MAC value (output) */ | 110 | int fcrypt_end(unsigned char mac[], /* the MAC value (output) */ |
111 | fcrypt_ctx cx[1]); /* the context (input) */ | 111 | fcrypt_ctx cx[1]); /* the context (input) */ |
112 | 112 | ||
113 | #endif | 113 | #endif |
114 | 114 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.cpp index b24294d..147afa2 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.cpp | |||
@@ -1,142 +1,142 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | Includes a bugfix from Dr Brian Gladman made on 16/04/2012 for compiling on 64-bit | 32 | Includes a bugfix from Dr Brian Gladman made on 16/04/2012 for compiling on 64-bit |
33 | 33 | ||
34 | This is an implementation of HMAC, the FIPS standard keyed hash function | 34 | This is an implementation of HMAC, the FIPS standard keyed hash function |
35 | */ | 35 | */ |
36 | 36 | ||
37 | 37 | ||
38 | #include "hmac.h" | 38 | #include "hmac.h" |
39 | 39 | ||
40 | #define HMAC_IPAD (0x36 * (((unsigned long)-1) / 0xff)) | 40 | #define HMAC_IPAD (0x36 * (((unsigned long)-1) / 0xff)) |
41 | #define HMAC_OPAD (0x5c * (((unsigned long)-1) / 0xff)) | 41 | #define HMAC_OPAD (0x5c * (((unsigned long)-1) / 0xff)) |
42 | 42 | ||
43 | /* initialise the HMAC context to zero */ | 43 | /* initialise the HMAC context to zero */ |
44 | void hmac_sha_begin(hmac_ctx cx[1]) | 44 | void hmac_sha_begin(hmac_ctx cx[1]) |
45 | { | 45 | { |
46 | memset(cx, 0, sizeof(hmac_ctx)); | 46 | memset(cx, 0, sizeof(hmac_ctx)); |
47 | } | 47 | } |
48 | 48 | ||
49 | /* input the HMAC key (can be called multiple times) */ | 49 | /* input the HMAC key (can be called multiple times) */ |
50 | int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1]) | 50 | int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1]) |
51 | { | 51 | { |
52 | if(cx->klen == HMAC_IN_DATA) /* error if further key input */ | 52 | if(cx->klen == HMAC_IN_DATA) /* error if further key input */ |
53 | return HMAC_BAD_MODE; /* is attempted in data mode */ | 53 | return HMAC_BAD_MODE; /* is attempted in data mode */ |
54 | 54 | ||
55 | if(cx->klen + key_len > HMAC_HASH_INPUT_SIZE) /* if the key has to be hashed */ | 55 | if(cx->klen + key_len > HMAC_HASH_INPUT_SIZE) /* if the key has to be hashed */ |
56 | { | 56 | { |
57 | if(cx->klen <= HMAC_HASH_INPUT_SIZE) /* if the hash has not yet been */ | 57 | if(cx->klen <= HMAC_HASH_INPUT_SIZE) /* if the hash has not yet been */ |
58 | { /* started, initialise it and */ | 58 | { /* started, initialise it and */ |
59 | sha_begin(cx->ctx); /* hash stored key characters */ | 59 | sha_begin(cx->ctx); /* hash stored key characters */ |
60 | sha_hash(cx->key, cx->klen, cx->ctx); | 60 | sha_hash(cx->key, cx->klen, cx->ctx); |
61 | } | 61 | } |
62 | 62 | ||
63 | sha_hash(key, key_len, cx->ctx); /* hash long key data into hash */ | 63 | sha_hash(key, key_len, cx->ctx); /* hash long key data into hash */ |
64 | } | 64 | } |
65 | else /* otherwise store key data */ | 65 | else /* otherwise store key data */ |
66 | memcpy(cx->key + cx->klen, key, key_len); | 66 | memcpy(cx->key + cx->klen, key, key_len); |
67 | 67 | ||
68 | cx->klen += key_len; /* update the key length count */ | 68 | cx->klen += key_len; /* update the key length count */ |
69 | return HMAC_OK; | 69 | return HMAC_OK; |
70 | } | 70 | } |
71 | 71 | ||
72 | /* input the HMAC data (can be called multiple times) - */ | 72 | /* input the HMAC data (can be called multiple times) - */ |
73 | /* note that this call terminates the key input phase */ | 73 | /* note that this call terminates the key input phase */ |
74 | void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1]) | 74 | void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1]) |
75 | { unsigned int i; | 75 | { unsigned int i; |
76 | 76 | ||
77 | if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */ | 77 | if(cx->klen != HMAC_IN_DATA) /* if not yet in data phase */ |
78 | { | 78 | { |
79 | if(cx->klen > HMAC_HASH_INPUT_SIZE) /* if key is being hashed */ | 79 | if(cx->klen > HMAC_HASH_INPUT_SIZE) /* if key is being hashed */ |
80 | { /* complete the hash and */ | 80 | { /* complete the hash and */ |
81 | sha_end(cx->key, cx->ctx); /* store the result as the */ | 81 | sha_end(cx->key, cx->ctx); /* store the result as the */ |
82 | cx->klen = HMAC_HASH_OUTPUT_SIZE; /* key and set new length */ | 82 | cx->klen = HMAC_HASH_OUTPUT_SIZE; /* key and set new length */ |
83 | } | 83 | } |
84 | 84 | ||
85 | /* pad the key if necessary */ | 85 | /* pad the key if necessary */ |
86 | memset(cx->key + cx->klen, 0, HMAC_HASH_INPUT_SIZE - cx->klen); | 86 | memset(cx->key + cx->klen, 0, HMAC_HASH_INPUT_SIZE - cx->klen); |
87 | 87 | ||
88 | /* xor ipad into key value */ | 88 | /* xor ipad into key value */ |
89 | for(i = 0; i < HMAC_HASH_INPUT_SIZE / sizeof(unsigned long); ++i) | 89 | for(i = 0; i < HMAC_HASH_INPUT_SIZE / sizeof(unsigned long); ++i) |
90 | ((unsigned long*)cx->key)[i] ^= HMAC_IPAD; | 90 | ((unsigned long*)cx->key)[i] ^= HMAC_IPAD; |
91 | 91 | ||
92 | /* and start hash operation */ | 92 | /* and start hash operation */ |
93 | sha_begin(cx->ctx); | 93 | sha_begin(cx->ctx); |
94 | sha_hash(cx->key, HMAC_HASH_INPUT_SIZE, cx->ctx); | 94 | sha_hash(cx->key, HMAC_HASH_INPUT_SIZE, cx->ctx); |
95 | 95 | ||
96 | /* mark as now in data mode */ | 96 | /* mark as now in data mode */ |
97 | cx->klen = HMAC_IN_DATA; | 97 | cx->klen = HMAC_IN_DATA; |
98 | } | 98 | } |
99 | 99 | ||
100 | /* hash the data (if any) */ | 100 | /* hash the data (if any) */ |
101 | if(data_len) | 101 | if(data_len) |
102 | sha_hash(data, data_len, cx->ctx); | 102 | sha_hash(data, data_len, cx->ctx); |
103 | } | 103 | } |
104 | 104 | ||
105 | /* compute and output the MAC value */ | 105 | /* compute and output the MAC value */ |
106 | void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]) | 106 | void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]) |
107 | { unsigned char dig[HMAC_HASH_OUTPUT_SIZE]; | 107 | { unsigned char dig[HMAC_HASH_OUTPUT_SIZE]; |
108 | unsigned int i; | 108 | unsigned int i; |
109 | 109 | ||
110 | /* if no data has been entered perform a null data phase */ | 110 | /* if no data has been entered perform a null data phase */ |
111 | if(cx->klen != HMAC_IN_DATA) | 111 | if(cx->klen != HMAC_IN_DATA) |
112 | hmac_sha_data((const unsigned char*)0, 0, cx); | 112 | hmac_sha_data((const unsigned char*)0, 0, cx); |
113 | 113 | ||
114 | sha_end(dig, cx->ctx); /* complete the inner hash */ | 114 | sha_end(dig, cx->ctx); /* complete the inner hash */ |
115 | 115 | ||
116 | /* set outer key value using opad and removing ipad */ | 116 | /* set outer key value using opad and removing ipad */ |
117 | for(i = 0; i < HMAC_HASH_INPUT_SIZE / sizeof(unsigned long); ++i) | 117 | for(i = 0; i < HMAC_HASH_INPUT_SIZE / sizeof(unsigned long); ++i) |
118 | ((unsigned long*)cx->key)[i] ^= HMAC_OPAD ^ HMAC_IPAD; | 118 | ((unsigned long*)cx->key)[i] ^= HMAC_OPAD ^ HMAC_IPAD; |
119 | 119 | ||
120 | /* perform the outer hash operation */ | 120 | /* perform the outer hash operation */ |
121 | sha_begin(cx->ctx); | 121 | sha_begin(cx->ctx); |
122 | sha_hash(cx->key, HMAC_HASH_INPUT_SIZE, cx->ctx); | 122 | sha_hash(cx->key, HMAC_HASH_INPUT_SIZE, cx->ctx); |
123 | sha_hash(dig, HMAC_HASH_OUTPUT_SIZE, cx->ctx); | 123 | sha_hash(dig, HMAC_HASH_OUTPUT_SIZE, cx->ctx); |
124 | sha_end(dig, cx->ctx); | 124 | sha_end(dig, cx->ctx); |
125 | 125 | ||
126 | /* output the hash value */ | 126 | /* output the hash value */ |
127 | for(i = 0; i < mac_len; ++i) | 127 | for(i = 0; i < mac_len; ++i) |
128 | mac[i] = dig[i]; | 128 | mac[i] = dig[i]; |
129 | } | 129 | } |
130 | 130 | ||
131 | /* 'do it all in one go' subroutine */ | 131 | /* 'do it all in one go' subroutine */ |
132 | void hmac_sha(const unsigned char key[], unsigned long key_len, | 132 | void hmac_sha(const unsigned char key[], unsigned long key_len, |
133 | const unsigned char data[], unsigned long data_len, | 133 | const unsigned char data[], unsigned long data_len, |
134 | unsigned char mac[], unsigned long mac_len) | 134 | unsigned char mac[], unsigned long mac_len) |
135 | { hmac_ctx cx[1]; | 135 | { hmac_ctx cx[1]; |
136 | 136 | ||
137 | hmac_sha_begin(cx); | 137 | hmac_sha_begin(cx); |
138 | hmac_sha_key(key, key_len, cx); | 138 | hmac_sha_key(key, key_len, cx); |
139 | hmac_sha_data(data, data_len, cx); | 139 | hmac_sha_data(data, data_len, cx); |
140 | hmac_sha_end(mac, mac_len, cx); | 140 | hmac_sha_end(mac, mac_len, cx); |
141 | } | 141 | } |
142 | 142 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.h index 284c50f..b916151 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/hmac.h | |||
@@ -1,95 +1,95 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | Includes a bugfix from Dr Brian Gladman made on 16/04/2012 for compiling on 64-bit | 32 | Includes a bugfix from Dr Brian Gladman made on 16/04/2012 for compiling on 64-bit |
33 | 33 | ||
34 | This is an implementation of HMAC, the FIPS standard keyed hash function | 34 | This is an implementation of HMAC, the FIPS standard keyed hash function |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #ifndef _HMAC_H | 37 | #ifndef _HMAC_H |
38 | #define _HMAC_H | 38 | #define _HMAC_H |
39 | 39 | ||
40 | #include <memory.h> | 40 | #include <memory.h> |
41 | 41 | ||
42 | #define USE_SHA1 // Irrlicht only cares about SHA1 for now | 42 | #define USE_SHA1 // Irrlicht only cares about SHA1 for now |
43 | #if !defined(USE_SHA1) && !defined(USE_SHA256) | 43 | #if !defined(USE_SHA1) && !defined(USE_SHA256) |
44 | #error define USE_SHA1 or USE_SHA256 to set the HMAC hash algorithm | 44 | #error define USE_SHA1 or USE_SHA256 to set the HMAC hash algorithm |
45 | #endif | 45 | #endif |
46 | 46 | ||
47 | #ifdef USE_SHA1 | 47 | #ifdef USE_SHA1 |
48 | 48 | ||
49 | #include "sha1.h" | 49 | #include "sha1.h" |
50 | 50 | ||
51 | #define HMAC_HASH_INPUT_SIZE SHA1_BLOCK_SIZE | 51 | #define HMAC_HASH_INPUT_SIZE SHA1_BLOCK_SIZE |
52 | #define HMAC_HASH_OUTPUT_SIZE SHA1_DIGEST_SIZE | 52 | #define HMAC_HASH_OUTPUT_SIZE SHA1_DIGEST_SIZE |
53 | #define sha_ctx sha1_ctx | 53 | #define sha_ctx sha1_ctx |
54 | #define sha_begin sha1_begin | 54 | #define sha_begin sha1_begin |
55 | #define sha_hash sha1_hash | 55 | #define sha_hash sha1_hash |
56 | #define sha_end sha1_end | 56 | #define sha_end sha1_end |
57 | 57 | ||
58 | #endif | 58 | #endif |
59 | 59 | ||
60 | #ifdef USE_SHA256 | 60 | #ifdef USE_SHA256 |
61 | 61 | ||
62 | #include "sha2.h" | 62 | #include "sha2.h" |
63 | 63 | ||
64 | #define HMAC_HASH_INPUT_SIZE SHA256_BLOCK_SIZE | 64 | #define HMAC_HASH_INPUT_SIZE SHA256_BLOCK_SIZE |
65 | #define HMAC_HASH_OUTPUT_SIZE SHA256_DIGEST_SIZE | 65 | #define HMAC_HASH_OUTPUT_SIZE SHA256_DIGEST_SIZE |
66 | #define sha_ctx sha256_ctx | 66 | #define sha_ctx sha256_ctx |
67 | #define sha_begin sha256_begin | 67 | #define sha_begin sha256_begin |
68 | #define sha_hash sha256_hash | 68 | #define sha_hash sha256_hash |
69 | #define sha_end sha256_end | 69 | #define sha_end sha256_end |
70 | 70 | ||
71 | #endif | 71 | #endif |
72 | 72 | ||
73 | #define HMAC_OK 0 | 73 | #define HMAC_OK 0 |
74 | #define HMAC_BAD_MODE -1 | 74 | #define HMAC_BAD_MODE -1 |
75 | #define HMAC_IN_DATA 0xffffffff | 75 | #define HMAC_IN_DATA 0xffffffff |
76 | 76 | ||
77 | typedef struct | 77 | typedef struct |
78 | { unsigned char key[HMAC_HASH_INPUT_SIZE]; | 78 | { unsigned char key[HMAC_HASH_INPUT_SIZE]; |
79 | sha_ctx ctx[1]; | 79 | sha_ctx ctx[1]; |
80 | unsigned long klen; | 80 | unsigned long klen; |
81 | } hmac_ctx; | 81 | } hmac_ctx; |
82 | 82 | ||
83 | void hmac_sha_begin(hmac_ctx cx[1]); | 83 | void hmac_sha_begin(hmac_ctx cx[1]); |
84 | 84 | ||
85 | int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1]); | 85 | int hmac_sha_key(const unsigned char key[], unsigned long key_len, hmac_ctx cx[1]); |
86 | 86 | ||
87 | void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1]); | 87 | void hmac_sha_data(const unsigned char data[], unsigned long data_len, hmac_ctx cx[1]); |
88 | 88 | ||
89 | void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]); | 89 | void hmac_sha_end(unsigned char mac[], unsigned long mac_len, hmac_ctx cx[1]); |
90 | 90 | ||
91 | void hmac_sha(const unsigned char key[], unsigned long key_len, | 91 | void hmac_sha(const unsigned char key[], unsigned long key_len, |
92 | const unsigned char data[], unsigned long data_len, | 92 | const unsigned char data[], unsigned long data_len, |
93 | unsigned char mac[], unsigned long mac_len); | 93 | unsigned char mac[], unsigned long mac_len); |
94 | 94 | ||
95 | #endif | 95 | #endif |
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.cpp index d5800b3..708cb08 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.cpp | |||
@@ -1,146 +1,146 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 24/01/2003 | 31 | Issue Date: 24/01/2003 |
32 | 32 | ||
33 | This file implements a random data pool based on the use of an external | 33 | This file implements a random data pool based on the use of an external |
34 | entropy function. It is based on the ideas advocated by Peter Gutmann in | 34 | entropy function. It is based on the ideas advocated by Peter Gutmann in |
35 | his work on pseudo random sequence generators. It is not a 'paranoid' | 35 | his work on pseudo random sequence generators. It is not a 'paranoid' |
36 | random sequence generator and no attempt is made to protect the pool | 36 | random sequence generator and no attempt is made to protect the pool |
37 | from prying eyes either by memory locking or by techniques to obscure | 37 | from prying eyes either by memory locking or by techniques to obscure |
38 | its location in memory. | 38 | its location in memory. |
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include <memory.h> | 41 | #include <memory.h> |
42 | #include "prng.h" | 42 | #include "prng.h" |
43 | 43 | ||
44 | /* mix a random data pool using the SHA1 compression function (as */ | 44 | /* mix a random data pool using the SHA1 compression function (as */ |
45 | /* suggested by Peter Gutmann in his paper on random pools) */ | 45 | /* suggested by Peter Gutmann in his paper on random pools) */ |
46 | 46 | ||
47 | static void prng_mix(unsigned char buf[]) | 47 | static void prng_mix(unsigned char buf[]) |
48 | { unsigned int i, len; | 48 | { unsigned int i, len; |
49 | sha1_ctx ctx[1]; | 49 | sha1_ctx ctx[1]; |
50 | 50 | ||
51 | /*lint -e{663} unusual array to pointer conversion */ | 51 | /*lint -e{663} unusual array to pointer conversion */ |
52 | for(i = 0; i < PRNG_POOL_SIZE; i += SHA1_DIGEST_SIZE) | 52 | for(i = 0; i < PRNG_POOL_SIZE; i += SHA1_DIGEST_SIZE) |
53 | { | 53 | { |
54 | /* copy digest size pool block into SHA1 hash block */ | 54 | /* copy digest size pool block into SHA1 hash block */ |
55 | memcpy(ctx->hash, buf + (i ? i : PRNG_POOL_SIZE) | 55 | memcpy(ctx->hash, buf + (i ? i : PRNG_POOL_SIZE) |
56 | - SHA1_DIGEST_SIZE, SHA1_DIGEST_SIZE); | 56 | - SHA1_DIGEST_SIZE, SHA1_DIGEST_SIZE); |
57 | 57 | ||
58 | /* copy data from pool into the SHA1 data buffer */ | 58 | /* copy data from pool into the SHA1 data buffer */ |
59 | len = PRNG_POOL_SIZE - i; | 59 | len = PRNG_POOL_SIZE - i; |
60 | memcpy(ctx->wbuf, buf + i, (len > SHA1_BLOCK_SIZE ? SHA1_BLOCK_SIZE : len)); | 60 | memcpy(ctx->wbuf, buf + i, (len > SHA1_BLOCK_SIZE ? SHA1_BLOCK_SIZE : len)); |
61 | 61 | ||
62 | if(len < SHA1_BLOCK_SIZE) | 62 | if(len < SHA1_BLOCK_SIZE) |
63 | memcpy(((char*)ctx->wbuf) + len, buf, SHA1_BLOCK_SIZE - len); | 63 | memcpy(((char*)ctx->wbuf) + len, buf, SHA1_BLOCK_SIZE - len); |
64 | 64 | ||
65 | /* compress using the SHA1 compression function */ | 65 | /* compress using the SHA1 compression function */ |
66 | sha1_compile(ctx); | 66 | sha1_compile(ctx); |
67 | 67 | ||
68 | /* put digest size block back into the random pool */ | 68 | /* put digest size block back into the random pool */ |
69 | memcpy(buf + i, ctx->hash, SHA1_DIGEST_SIZE); | 69 | memcpy(buf + i, ctx->hash, SHA1_DIGEST_SIZE); |
70 | } | 70 | } |
71 | } | 71 | } |
72 | 72 | ||
73 | /* refresh the output buffer and update the random pool by adding */ | 73 | /* refresh the output buffer and update the random pool by adding */ |
74 | /* entropy and remixing */ | 74 | /* entropy and remixing */ |
75 | 75 | ||
76 | static void update_pool(prng_ctx ctx[1]) | 76 | static void update_pool(prng_ctx ctx[1]) |
77 | { unsigned int i = 0; | 77 | { unsigned int i = 0; |
78 | 78 | ||
79 | /* transfer random pool data to the output buffer */ | 79 | /* transfer random pool data to the output buffer */ |
80 | memcpy(ctx->obuf, ctx->rbuf, PRNG_POOL_SIZE); | 80 | memcpy(ctx->obuf, ctx->rbuf, PRNG_POOL_SIZE); |
81 | 81 | ||
82 | /* enter entropy data into the pool */ | 82 | /* enter entropy data into the pool */ |
83 | while(i < PRNG_POOL_SIZE) | 83 | while(i < PRNG_POOL_SIZE) |
84 | i += ctx->entropy(ctx->rbuf + i, PRNG_POOL_SIZE - i); | 84 | i += ctx->entropy(ctx->rbuf + i, PRNG_POOL_SIZE - i); |
85 | 85 | ||
86 | /* invert and xor the original pool data into the pool */ | 86 | /* invert and xor the original pool data into the pool */ |
87 | for(i = 0; i < PRNG_POOL_SIZE; ++i) | 87 | for(i = 0; i < PRNG_POOL_SIZE; ++i) |
88 | ctx->rbuf[i] ^= ~ctx->obuf[i]; | 88 | ctx->rbuf[i] ^= ~ctx->obuf[i]; |
89 | 89 | ||
90 | /* mix the pool and the output buffer */ | 90 | /* mix the pool and the output buffer */ |
91 | prng_mix(ctx->rbuf); | 91 | prng_mix(ctx->rbuf); |
92 | prng_mix(ctx->obuf); | 92 | prng_mix(ctx->obuf); |
93 | } | 93 | } |
94 | 94 | ||
95 | void prng_init(prng_entropy_fn fun, prng_ctx ctx[1]) | 95 | void prng_init(prng_entropy_fn fun, prng_ctx ctx[1]) |
96 | { int i; | 96 | { int i; |
97 | 97 | ||
98 | /* clear the buffers and the counter in the context */ | 98 | /* clear the buffers and the counter in the context */ |
99 | memset(ctx, 0, sizeof(prng_ctx)); | 99 | memset(ctx, 0, sizeof(prng_ctx)); |
100 | 100 | ||
101 | /* set the pointer to the entropy collection function */ | 101 | /* set the pointer to the entropy collection function */ |
102 | ctx->entropy = fun; | 102 | ctx->entropy = fun; |
103 | 103 | ||
104 | /* initialise the random data pool */ | 104 | /* initialise the random data pool */ |
105 | update_pool(ctx); | 105 | update_pool(ctx); |
106 | 106 | ||
107 | /* mix the pool a minimum number of times */ | 107 | /* mix the pool a minimum number of times */ |
108 | for(i = 0; i < PRNG_MIN_MIX; ++i) | 108 | for(i = 0; i < PRNG_MIN_MIX; ++i) |
109 | prng_mix(ctx->rbuf); | 109 | prng_mix(ctx->rbuf); |
110 | 110 | ||
111 | /* update the pool to prime the pool output buffer */ | 111 | /* update the pool to prime the pool output buffer */ |
112 | update_pool(ctx); | 112 | update_pool(ctx); |
113 | } | 113 | } |
114 | 114 | ||
115 | /* provide random bytes from the random data pool */ | 115 | /* provide random bytes from the random data pool */ |
116 | 116 | ||
117 | void prng_rand(unsigned char data[], unsigned int data_len, prng_ctx ctx[1]) | 117 | void prng_rand(unsigned char data[], unsigned int data_len, prng_ctx ctx[1]) |
118 | { unsigned char *rp = data; | 118 | { unsigned char *rp = data; |
119 | unsigned int len, pos = ctx->pos; | 119 | unsigned int len, pos = ctx->pos; |
120 | 120 | ||
121 | while(data_len) | 121 | while(data_len) |
122 | { | 122 | { |
123 | /* transfer 'data_len' bytes (or the number of bytes remaining */ | 123 | /* transfer 'data_len' bytes (or the number of bytes remaining */ |
124 | /* the pool output buffer if less) into the output */ | 124 | /* the pool output buffer if less) into the output */ |
125 | len = (data_len < PRNG_POOL_SIZE - pos ? data_len : PRNG_POOL_SIZE - pos); | 125 | len = (data_len < PRNG_POOL_SIZE - pos ? data_len : PRNG_POOL_SIZE - pos); |
126 | memcpy(rp, ctx->obuf + pos, len); | 126 | memcpy(rp, ctx->obuf + pos, len); |
127 | rp += len; /* update ouput buffer position pointer */ | 127 | rp += len; /* update ouput buffer position pointer */ |
128 | pos += len; /* update pool output buffer pointer */ | 128 | pos += len; /* update pool output buffer pointer */ |
129 | data_len -= len; /* update the remaining data count */ | 129 | data_len -= len; /* update the remaining data count */ |
130 | 130 | ||
131 | /* refresh the random pool if necessary */ | 131 | /* refresh the random pool if necessary */ |
132 | if(pos == PRNG_POOL_SIZE) | 132 | if(pos == PRNG_POOL_SIZE) |
133 | { | 133 | { |
134 | update_pool(ctx); pos = 0; | 134 | update_pool(ctx); pos = 0; |
135 | } | 135 | } |
136 | } | 136 | } |
137 | 137 | ||
138 | ctx->pos = pos; | 138 | ctx->pos = pos; |
139 | } | 139 | } |
140 | 140 | ||
141 | void prng_end(prng_ctx ctx[1]) | 141 | void prng_end(prng_ctx ctx[1]) |
142 | { | 142 | { |
143 | /* ensure the data in the context is destroyed */ | 143 | /* ensure the data in the context is destroyed */ |
144 | memset(ctx, 0, sizeof(prng_ctx)); | 144 | memset(ctx, 0, sizeof(prng_ctx)); |
145 | } | 145 | } |
146 | 146 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.h index a81ed8e..b92c899 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/prng.h | |||
@@ -1,74 +1,74 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 24/01/2003 | 31 | Issue Date: 24/01/2003 |
32 | 32 | ||
33 | This is the header file for an implementation of a random data pool based on | 33 | This is the header file for an implementation of a random data pool based on |
34 | the use of an external entropy function (inspired by Peter Gutmann's work). | 34 | the use of an external entropy function (inspired by Peter Gutmann's work). |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #ifndef _PRNG_H | 37 | #ifndef _PRNG_H |
38 | #define _PRNG_H | 38 | #define _PRNG_H |
39 | 39 | ||
40 | #include "sha1.h" | 40 | #include "sha1.h" |
41 | 41 | ||
42 | #define PRNG_POOL_LEN 256 /* minimum random pool size */ | 42 | #define PRNG_POOL_LEN 256 /* minimum random pool size */ |
43 | #define PRNG_MIN_MIX 20 /* min initial pool mixing iterations */ | 43 | #define PRNG_MIN_MIX 20 /* min initial pool mixing iterations */ |
44 | 44 | ||
45 | /* ensure that pool length is a multiple of the SHA1 digest size */ | 45 | /* ensure that pool length is a multiple of the SHA1 digest size */ |
46 | 46 | ||
47 | #define PRNG_POOL_SIZE (SHA1_DIGEST_SIZE * (1 + (PRNG_POOL_LEN - 1) / SHA1_DIGEST_SIZE)) | 47 | #define PRNG_POOL_SIZE (SHA1_DIGEST_SIZE * (1 + (PRNG_POOL_LEN - 1) / SHA1_DIGEST_SIZE)) |
48 | 48 | ||
49 | /* A function for providing entropy is a parameter in the prng_init() */ | 49 | /* A function for providing entropy is a parameter in the prng_init() */ |
50 | /* call. This function has the following form and returns a maximum */ | 50 | /* call. This function has the following form and returns a maximum */ |
51 | /* of 'len' bytes of pseudo random data in the buffer 'buf'. It can */ | 51 | /* of 'len' bytes of pseudo random data in the buffer 'buf'. It can */ |
52 | /* return less than 'len' bytes but will be repeatedly called for more */ | 52 | /* return less than 'len' bytes but will be repeatedly called for more */ |
53 | /* data in this case. */ | 53 | /* data in this case. */ |
54 | 54 | ||
55 | typedef int (*prng_entropy_fn)(unsigned char buf[], unsigned int len); | 55 | typedef int (*prng_entropy_fn)(unsigned char buf[], unsigned int len); |
56 | 56 | ||
57 | typedef struct | 57 | typedef struct |
58 | { unsigned char rbuf[PRNG_POOL_SIZE]; /* the random pool */ | 58 | { unsigned char rbuf[PRNG_POOL_SIZE]; /* the random pool */ |
59 | unsigned char obuf[PRNG_POOL_SIZE]; /* pool output buffer */ | 59 | unsigned char obuf[PRNG_POOL_SIZE]; /* pool output buffer */ |
60 | unsigned int pos; /* output buffer position */ | 60 | unsigned int pos; /* output buffer position */ |
61 | prng_entropy_fn entropy; /* entropy function pointer */ | 61 | prng_entropy_fn entropy; /* entropy function pointer */ |
62 | } prng_ctx; | 62 | } prng_ctx; |
63 | 63 | ||
64 | /* initialise the random stream generator */ | 64 | /* initialise the random stream generator */ |
65 | void prng_init(prng_entropy_fn fun, prng_ctx ctx[1]); | 65 | void prng_init(prng_entropy_fn fun, prng_ctx ctx[1]); |
66 | 66 | ||
67 | /* obtain random bytes from the generator */ | 67 | /* obtain random bytes from the generator */ |
68 | void prng_rand(unsigned char data[], unsigned int data_len, prng_ctx ctx[1]); | 68 | void prng_rand(unsigned char data[], unsigned int data_len, prng_ctx ctx[1]); |
69 | 69 | ||
70 | /* close the random stream generator */ | 70 | /* close the random stream generator */ |
71 | void prng_end(prng_ctx ctx[1]); | 71 | void prng_end(prng_ctx ctx[1]); |
72 | 72 | ||
73 | #endif | 73 | #endif |
74 | 74 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.cpp index 051e45b..c40ae56 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.cpp | |||
@@ -1,186 +1,186 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This is an implementation of RFC2898, which specifies key derivation from | 33 | This is an implementation of RFC2898, which specifies key derivation from |
34 | a password and a salt value. | 34 | a password and a salt value. |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include <memory.h> | 37 | #include <memory.h> |
38 | #include "hmac.h" | 38 | #include "hmac.h" |
39 | 39 | ||
40 | void derive_key(const unsigned char pwd[], /* the PASSWORD */ | 40 | void derive_key(const unsigned char pwd[], /* the PASSWORD */ |
41 | unsigned int pwd_len, /* and its length */ | 41 | unsigned int pwd_len, /* and its length */ |
42 | const unsigned char salt[], /* the SALT and its */ | 42 | const unsigned char salt[], /* the SALT and its */ |
43 | unsigned int salt_len, /* length */ | 43 | unsigned int salt_len, /* length */ |
44 | unsigned int iter, /* the number of iterations */ | 44 | unsigned int iter, /* the number of iterations */ |
45 | unsigned char key[], /* space for the output key */ | 45 | unsigned char key[], /* space for the output key */ |
46 | unsigned int key_len)/* and its required length */ | 46 | unsigned int key_len)/* and its required length */ |
47 | { | 47 | { |
48 | unsigned int i, j, k, n_blk; | 48 | unsigned int i, j, k, n_blk; |
49 | unsigned char uu[HMAC_HASH_OUTPUT_SIZE], ux[HMAC_HASH_OUTPUT_SIZE]; | 49 | unsigned char uu[HMAC_HASH_OUTPUT_SIZE], ux[HMAC_HASH_OUTPUT_SIZE]; |
50 | hmac_ctx c1[1], c2[1], c3[1]; | 50 | hmac_ctx c1[1], c2[1], c3[1]; |
51 | 51 | ||
52 | /* set HMAC context (c1) for password */ | 52 | /* set HMAC context (c1) for password */ |
53 | hmac_sha_begin(c1); | 53 | hmac_sha_begin(c1); |
54 | hmac_sha_key(pwd, pwd_len, c1); | 54 | hmac_sha_key(pwd, pwd_len, c1); |
55 | 55 | ||
56 | /* set HMAC context (c2) for password and salt */ | 56 | /* set HMAC context (c2) for password and salt */ |
57 | memcpy(c2, c1, sizeof(hmac_ctx)); | 57 | memcpy(c2, c1, sizeof(hmac_ctx)); |
58 | hmac_sha_data(salt, salt_len, c2); | 58 | hmac_sha_data(salt, salt_len, c2); |
59 | 59 | ||
60 | /* find the number of SHA blocks in the key */ | 60 | /* find the number of SHA blocks in the key */ |
61 | n_blk = 1 + (key_len - 1) / HMAC_HASH_OUTPUT_SIZE; | 61 | n_blk = 1 + (key_len - 1) / HMAC_HASH_OUTPUT_SIZE; |
62 | 62 | ||
63 | for(i = 0; i < n_blk; ++i) /* for each block in key */ | 63 | for(i = 0; i < n_blk; ++i) /* for each block in key */ |
64 | { | 64 | { |
65 | /* ux[] holds the running xor value */ | 65 | /* ux[] holds the running xor value */ |
66 | memset(ux, 0, HMAC_HASH_OUTPUT_SIZE); | 66 | memset(ux, 0, HMAC_HASH_OUTPUT_SIZE); |
67 | 67 | ||
68 | /* set HMAC context (c3) for password and salt */ | 68 | /* set HMAC context (c3) for password and salt */ |
69 | memcpy(c3, c2, sizeof(hmac_ctx)); | 69 | memcpy(c3, c2, sizeof(hmac_ctx)); |
70 | 70 | ||
71 | /* enter additional data for 1st block into uu */ | 71 | /* enter additional data for 1st block into uu */ |
72 | uu[0] = (unsigned char)((i + 1) >> 24); | 72 | uu[0] = (unsigned char)((i + 1) >> 24); |
73 | uu[1] = (unsigned char)((i + 1) >> 16); | 73 | uu[1] = (unsigned char)((i + 1) >> 16); |
74 | uu[2] = (unsigned char)((i + 1) >> 8); | 74 | uu[2] = (unsigned char)((i + 1) >> 8); |
75 | uu[3] = (unsigned char)(i + 1); | 75 | uu[3] = (unsigned char)(i + 1); |
76 | 76 | ||
77 | /* this is the key mixing iteration */ | 77 | /* this is the key mixing iteration */ |
78 | for(j = 0, k = 4; j < iter; ++j) | 78 | for(j = 0, k = 4; j < iter; ++j) |
79 | { | 79 | { |
80 | /* add previous round data to HMAC */ | 80 | /* add previous round data to HMAC */ |
81 | hmac_sha_data(uu, k, c3); | 81 | hmac_sha_data(uu, k, c3); |
82 | 82 | ||
83 | /* obtain HMAC for uu[] */ | 83 | /* obtain HMAC for uu[] */ |
84 | hmac_sha_end(uu, HMAC_HASH_OUTPUT_SIZE, c3); | 84 | hmac_sha_end(uu, HMAC_HASH_OUTPUT_SIZE, c3); |
85 | 85 | ||
86 | /* xor into the running xor block */ | 86 | /* xor into the running xor block */ |
87 | for(k = 0; k < HMAC_HASH_OUTPUT_SIZE; ++k) | 87 | for(k = 0; k < HMAC_HASH_OUTPUT_SIZE; ++k) |
88 | ux[k] ^= uu[k]; | 88 | ux[k] ^= uu[k]; |
89 | 89 | ||
90 | /* set HMAC context (c3) for password */ | 90 | /* set HMAC context (c3) for password */ |
91 | memcpy(c3, c1, sizeof(hmac_ctx)); | 91 | memcpy(c3, c1, sizeof(hmac_ctx)); |
92 | } | 92 | } |
93 | 93 | ||
94 | /* compile key blocks into the key output */ | 94 | /* compile key blocks into the key output */ |
95 | j = 0; k = i * HMAC_HASH_OUTPUT_SIZE; | 95 | j = 0; k = i * HMAC_HASH_OUTPUT_SIZE; |
96 | while(j < HMAC_HASH_OUTPUT_SIZE && k < key_len) | 96 | while(j < HMAC_HASH_OUTPUT_SIZE && k < key_len) |
97 | key[k++] = ux[j++]; | 97 | key[k++] = ux[j++]; |
98 | } | 98 | } |
99 | } | 99 | } |
100 | 100 | ||
101 | #ifdef TEST | 101 | #ifdef TEST |
102 | 102 | ||
103 | #include <stdio.h> | 103 | #include <stdio.h> |
104 | 104 | ||
105 | struct | 105 | struct |
106 | { unsigned int pwd_len; | 106 | { unsigned int pwd_len; |
107 | unsigned int salt_len; | 107 | unsigned int salt_len; |
108 | unsigned int it_count; | 108 | unsigned int it_count; |
109 | unsigned char *pwd; | 109 | unsigned char *pwd; |
110 | unsigned char salt[32]; | 110 | unsigned char salt[32]; |
111 | unsigned char key[32]; | 111 | unsigned char key[32]; |
112 | } tests[] = | 112 | } tests[] = |
113 | { | 113 | { |
114 | { 8, 4, 5, (unsigned char*)"password", | 114 | { 8, 4, 5, (unsigned char*)"password", |
115 | { | 115 | { |
116 | 0x12, 0x34, 0x56, 0x78 | 116 | 0x12, 0x34, 0x56, 0x78 |
117 | }, | 117 | }, |
118 | { | 118 | { |
119 | 0x5c, 0x75, 0xce, 0xf0, 0x1a, 0x96, 0x0d, 0xf7, | 119 | 0x5c, 0x75, 0xce, 0xf0, 0x1a, 0x96, 0x0d, 0xf7, |
120 | 0x4c, 0xb6, 0xb4, 0x9b, 0x9e, 0x38, 0xe6, 0xb5 | 120 | 0x4c, 0xb6, 0xb4, 0x9b, 0x9e, 0x38, 0xe6, 0xb5 |
121 | } | 121 | } |
122 | }, | 122 | }, |
123 | { 8, 8, 5, (unsigned char*)"password", | 123 | { 8, 8, 5, (unsigned char*)"password", |
124 | { | 124 | { |
125 | 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 | 125 | 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 |
126 | }, | 126 | }, |
127 | { | 127 | { |
128 | 0xd1, 0xda, 0xa7, 0x86, 0x15, 0xf2, 0x87, 0xe6, | 128 | 0xd1, 0xda, 0xa7, 0x86, 0x15, 0xf2, 0x87, 0xe6, |
129 | 0xa1, 0xc8, 0xb1, 0x20, 0xd7, 0x06, 0x2a, 0x49 | 129 | 0xa1, 0xc8, 0xb1, 0x20, 0xd7, 0x06, 0x2a, 0x49 |
130 | } | 130 | } |
131 | }, | 131 | }, |
132 | { 8, 21, 1, (unsigned char*)"password", | 132 | { 8, 21, 1, (unsigned char*)"password", |
133 | { | 133 | { |
134 | "ATHENA.MIT.EDUraeburn" | 134 | "ATHENA.MIT.EDUraeburn" |
135 | }, | 135 | }, |
136 | { | 136 | { |
137 | 0xcd, 0xed, 0xb5, 0x28, 0x1b, 0xb2, 0xf8, 0x01, | 137 | 0xcd, 0xed, 0xb5, 0x28, 0x1b, 0xb2, 0xf8, 0x01, |
138 | 0x56, 0x5a, 0x11, 0x22, 0xb2, 0x56, 0x35, 0x15 | 138 | 0x56, 0x5a, 0x11, 0x22, 0xb2, 0x56, 0x35, 0x15 |
139 | } | 139 | } |
140 | }, | 140 | }, |
141 | { 8, 21, 2, (unsigned char*)"password", | 141 | { 8, 21, 2, (unsigned char*)"password", |
142 | { | 142 | { |
143 | "ATHENA.MIT.EDUraeburn" | 143 | "ATHENA.MIT.EDUraeburn" |
144 | }, | 144 | }, |
145 | { | 145 | { |
146 | 0x01, 0xdb, 0xee, 0x7f, 0x4a, 0x9e, 0x24, 0x3e, | 146 | 0x01, 0xdb, 0xee, 0x7f, 0x4a, 0x9e, 0x24, 0x3e, |
147 | 0x98, 0x8b, 0x62, 0xc7, 0x3c, 0xda, 0x93, 0x5d | 147 | 0x98, 0x8b, 0x62, 0xc7, 0x3c, 0xda, 0x93, 0x5d |
148 | } | 148 | } |
149 | }, | 149 | }, |
150 | { 8, 21, 1200, (unsigned char*)"password", | 150 | { 8, 21, 1200, (unsigned char*)"password", |
151 | { | 151 | { |
152 | "ATHENA.MIT.EDUraeburn" | 152 | "ATHENA.MIT.EDUraeburn" |
153 | }, | 153 | }, |
154 | { | 154 | { |
155 | 0x5c, 0x08, 0xeb, 0x61, 0xfd, 0xf7, 0x1e, 0x4e, | 155 | 0x5c, 0x08, 0xeb, 0x61, 0xfd, 0xf7, 0x1e, 0x4e, |
156 | 0x4e, 0xc3, 0xcf, 0x6b, 0xa1, 0xf5, 0x51, 0x2b | 156 | 0x4e, 0xc3, 0xcf, 0x6b, 0xa1, 0xf5, 0x51, 0x2b |
157 | } | 157 | } |
158 | } | 158 | } |
159 | }; | 159 | }; |
160 | 160 | ||
161 | int main() | 161 | int main() |
162 | { unsigned int i, j, key_len = 256; | 162 | { unsigned int i, j, key_len = 256; |
163 | unsigned char key[256]; | 163 | unsigned char key[256]; |
164 | 164 | ||
165 | printf("\nTest of RFC2898 Password Based Key Derivation"); | 165 | printf("\nTest of RFC2898 Password Based Key Derivation"); |
166 | for(i = 0; i < 5; ++i) | 166 | for(i = 0; i < 5; ++i) |
167 | { | 167 | { |
168 | derive_key(tests[i].pwd, tests[i].pwd_len, tests[i].salt, | 168 | derive_key(tests[i].pwd, tests[i].pwd_len, tests[i].salt, |
169 | tests[i].salt_len, tests[i].it_count, key, key_len); | 169 | tests[i].salt_len, tests[i].it_count, key, key_len); |
170 | 170 | ||
171 | printf("\ntest %i: ", i + 1); | 171 | printf("\ntest %i: ", i + 1); |
172 | printf("key %s", memcmp(tests[i].key, key, 16) ? "is bad" : "is good"); | 172 | printf("key %s", memcmp(tests[i].key, key, 16) ? "is bad" : "is good"); |
173 | for(j = 0; j < key_len && j < 64; j += 4) | 173 | for(j = 0; j < key_len && j < 64; j += 4) |
174 | { | 174 | { |
175 | if(j % 16 == 0) | 175 | if(j % 16 == 0) |
176 | printf("\n"); | 176 | printf("\n"); |
177 | printf("0x%02x%02x%02x%02x ", key[j], key[j + 1], key[j + 2], key[j + 3]); | 177 | printf("0x%02x%02x%02x%02x ", key[j], key[j + 1], key[j + 2], key[j + 3]); |
178 | } | 178 | } |
179 | printf(j < key_len ? " ... \n" : "\n"); | 179 | printf(j < key_len ? " ... \n" : "\n"); |
180 | } | 180 | } |
181 | printf("\n"); | 181 | printf("\n"); |
182 | return 0; | 182 | return 0; |
183 | } | 183 | } |
184 | 184 | ||
185 | #endif | 185 | #endif |
186 | 186 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.h index f5248ad..3c27c08 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/pwd2key.h | |||
@@ -1,50 +1,50 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This is an implementation of RFC2898, which specifies key derivation from | 33 | This is an implementation of RFC2898, which specifies key derivation from |
34 | a password and a salt value. | 34 | a password and a salt value. |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #ifndef PWD2KEY_H | 37 | #ifndef PWD2KEY_H |
38 | #define PWD2KEY_H | 38 | #define PWD2KEY_H |
39 | 39 | ||
40 | void derive_key( | 40 | void derive_key( |
41 | const unsigned char pwd[], /* the PASSWORD, and */ | 41 | const unsigned char pwd[], /* the PASSWORD, and */ |
42 | unsigned int pwd_len, /* its length */ | 42 | unsigned int pwd_len, /* its length */ |
43 | const unsigned char salt[], /* the SALT and its */ | 43 | const unsigned char salt[], /* the SALT and its */ |
44 | unsigned int salt_len, /* length */ | 44 | unsigned int salt_len, /* length */ |
45 | unsigned int iter, /* the number of iterations */ | 45 | unsigned int iter, /* the number of iterations */ |
46 | unsigned char key[], /* space for the output key */ | 46 | unsigned char key[], /* space for the output key */ |
47 | unsigned int key_len); /* and its required length */ | 47 | unsigned int key_len); /* and its required length */ |
48 | 48 | ||
49 | #endif | 49 | #endif |
50 | 50 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.cpp index 8a91768..3ebb509 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.cpp | |||
@@ -1,237 +1,237 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This is a byte oriented version of SHA1 that operates on arrays of bytes | 33 | This is a byte oriented version of SHA1 that operates on arrays of bytes |
34 | stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor | 34 | stored in memory. It runs at 22 cycles per byte on a Pentium P4 processor |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include <string.h> /* for memcpy() etc. */ | 37 | #include <string.h> /* for memcpy() etc. */ |
38 | #include <stdlib.h> /* for _lrotl with VC++ */ | 38 | #include <stdlib.h> /* for _lrotl with VC++ */ |
39 | 39 | ||
40 | #include "sha1.h" | 40 | #include "sha1.h" |
41 | #include "../os.h" | 41 | #include "../os.h" |
42 | 42 | ||
43 | /* | 43 | /* |
44 | To obtain the highest speed on processors with 32-bit words, this code | 44 | To obtain the highest speed on processors with 32-bit words, this code |
45 | needs to determine the order in which bytes are packed into such words. | 45 | needs to determine the order in which bytes are packed into such words. |
46 | The following block of code is an attempt to capture the most obvious | 46 | The following block of code is an attempt to capture the most obvious |
47 | ways in which various environemnts specify their endian definitions. | 47 | ways in which various environemnts specify their endian definitions. |
48 | It may well fail, in which case the definitions will need to be set by | 48 | It may well fail, in which case the definitions will need to be set by |
49 | editing at the points marked **** EDIT HERE IF NECESSARY **** below. | 49 | editing at the points marked **** EDIT HERE IF NECESSARY **** below. |
50 | */ | 50 | */ |
51 | 51 | ||
52 | /* BYTE ORDER IN 32-BIT WORDS | 52 | /* BYTE ORDER IN 32-BIT WORDS |
53 | 53 | ||
54 | To obtain the highest speed on processors with 32-bit words, this code | 54 | To obtain the highest speed on processors with 32-bit words, this code |
55 | needs to determine the byte order of the target machine. The following | 55 | needs to determine the byte order of the target machine. The following |
56 | block of code is an attempt to capture the most obvious ways in which | 56 | block of code is an attempt to capture the most obvious ways in which |
57 | various environemnts define byte order. It may well fail, in which case | 57 | various environemnts define byte order. It may well fail, in which case |
58 | the definitions will need to be set by editing at the points marked | 58 | the definitions will need to be set by editing at the points marked |
59 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for | 59 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for |
60 | some of these defines (from cryptlib). | 60 | some of these defines (from cryptlib). |
61 | */ | 61 | */ |
62 | 62 | ||
63 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ | 63 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ |
64 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ | 64 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ |
65 | 65 | ||
66 | #ifdef __BIG_ENDIAN__ | 66 | #ifdef __BIG_ENDIAN__ |
67 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN | 67 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN |
68 | #else | 68 | #else |
69 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN | 69 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN |
70 | #endif | 70 | #endif |
71 | 71 | ||
72 | #define rotl32(x,n) (((x) << n) | ((x) >> (32 - n))) | 72 | #define rotl32(x,n) (((x) << n) | ((x) >> (32 - n))) |
73 | 73 | ||
74 | #if (PLATFORM_BYTE_ORDER == BRG_BIG_ENDIAN) | 74 | #if (PLATFORM_BYTE_ORDER == BRG_BIG_ENDIAN) |
75 | #define swap_b32(x) (x) | 75 | #define swap_b32(x) (x) |
76 | #else | 76 | #else |
77 | #define swap_b32(x) irr::os::Byteswap::byteswap(x) | 77 | #define swap_b32(x) irr::os::Byteswap::byteswap(x) |
78 | #endif | 78 | #endif |
79 | 79 | ||
80 | #define SHA1_MASK (SHA1_BLOCK_SIZE - 1) | 80 | #define SHA1_MASK (SHA1_BLOCK_SIZE - 1) |
81 | 81 | ||
82 | #if 1 | 82 | #if 1 |
83 | 83 | ||
84 | #define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) | 84 | #define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) |
85 | #define parity(x,y,z) ((x) ^ (y) ^ (z)) | 85 | #define parity(x,y,z) ((x) ^ (y) ^ (z)) |
86 | #define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) | 86 | #define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) |
87 | 87 | ||
88 | #else /* Discovered Rich Schroeppel and Colin Plumb */ | 88 | #else /* Discovered Rich Schroeppel and Colin Plumb */ |
89 | 89 | ||
90 | #define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) | 90 | #define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) |
91 | #define parity(x,y,z) ((x) ^ (y) ^ (z)) | 91 | #define parity(x,y,z) ((x) ^ (y) ^ (z)) |
92 | #define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) | 92 | #define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) |
93 | 93 | ||
94 | #endif | 94 | #endif |
95 | 95 | ||
96 | /* A normal version as set out in the FIPS */ | 96 | /* A normal version as set out in the FIPS */ |
97 | 97 | ||
98 | #define rnd(f,k) \ | 98 | #define rnd(f,k) \ |
99 | t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \ | 99 | t = a; a = rotl32(a,5) + f(b,c,d) + e + k + w[i]; \ |
100 | e = d; d = c; c = rotl32(b, 30); b = t | 100 | e = d; d = c; c = rotl32(b, 30); b = t |
101 | 101 | ||
102 | void sha1_compile(sha1_ctx ctx[1]) | 102 | void sha1_compile(sha1_ctx ctx[1]) |
103 | { sha1_32t w[80], i, a, b, c, d, e, t; | 103 | { sha1_32t w[80], i, a, b, c, d, e, t; |
104 | 104 | ||
105 | /* note that words are compiled from the buffer into 32-bit */ | 105 | /* note that words are compiled from the buffer into 32-bit */ |
106 | /* words in big-endian order so an order reversal is needed */ | 106 | /* words in big-endian order so an order reversal is needed */ |
107 | /* here on little endian machines */ | 107 | /* here on little endian machines */ |
108 | for(i = 0; i < SHA1_BLOCK_SIZE / 4; ++i) | 108 | for(i = 0; i < SHA1_BLOCK_SIZE / 4; ++i) |
109 | w[i] = swap_b32(ctx->wbuf[i]); | 109 | w[i] = swap_b32(ctx->wbuf[i]); |
110 | 110 | ||
111 | for(i = SHA1_BLOCK_SIZE / 4; i < 80; ++i) | 111 | for(i = SHA1_BLOCK_SIZE / 4; i < 80; ++i) |
112 | w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1); | 112 | w[i] = rotl32(w[i - 3] ^ w[i - 8] ^ w[i - 14] ^ w[i - 16], 1); |
113 | 113 | ||
114 | a = ctx->hash[0]; | 114 | a = ctx->hash[0]; |
115 | b = ctx->hash[1]; | 115 | b = ctx->hash[1]; |
116 | c = ctx->hash[2]; | 116 | c = ctx->hash[2]; |
117 | d = ctx->hash[3]; | 117 | d = ctx->hash[3]; |
118 | e = ctx->hash[4]; | 118 | e = ctx->hash[4]; |
119 | 119 | ||
120 | for(i = 0; i < 20; ++i) | 120 | for(i = 0; i < 20; ++i) |
121 | { | 121 | { |
122 | rnd(ch, 0x5a827999); | 122 | rnd(ch, 0x5a827999); |
123 | } | 123 | } |
124 | 124 | ||
125 | for(i = 20; i < 40; ++i) | 125 | for(i = 20; i < 40; ++i) |
126 | { | 126 | { |
127 | rnd(parity, 0x6ed9eba1); | 127 | rnd(parity, 0x6ed9eba1); |
128 | } | 128 | } |
129 | 129 | ||
130 | for(i = 40; i < 60; ++i) | 130 | for(i = 40; i < 60; ++i) |
131 | { | 131 | { |
132 | rnd(maj, 0x8f1bbcdc); | 132 | rnd(maj, 0x8f1bbcdc); |
133 | } | 133 | } |
134 | 134 | ||
135 | for(i = 60; i < 80; ++i) | 135 | for(i = 60; i < 80; ++i) |
136 | { | 136 | { |
137 | rnd(parity, 0xca62c1d6); | 137 | rnd(parity, 0xca62c1d6); |
138 | } | 138 | } |
139 | 139 | ||
140 | ctx->hash[0] += a; | 140 | ctx->hash[0] += a; |
141 | ctx->hash[1] += b; | 141 | ctx->hash[1] += b; |
142 | ctx->hash[2] += c; | 142 | ctx->hash[2] += c; |
143 | ctx->hash[3] += d; | 143 | ctx->hash[3] += d; |
144 | ctx->hash[4] += e; | 144 | ctx->hash[4] += e; |
145 | } | 145 | } |
146 | 146 | ||
147 | void sha1_begin(sha1_ctx ctx[1]) | 147 | void sha1_begin(sha1_ctx ctx[1]) |
148 | { | 148 | { |
149 | ctx->count[0] = ctx->count[1] = 0; | 149 | ctx->count[0] = ctx->count[1] = 0; |
150 | ctx->hash[0] = 0x67452301; | 150 | ctx->hash[0] = 0x67452301; |
151 | ctx->hash[1] = 0xefcdab89; | 151 | ctx->hash[1] = 0xefcdab89; |
152 | ctx->hash[2] = 0x98badcfe; | 152 | ctx->hash[2] = 0x98badcfe; |
153 | ctx->hash[3] = 0x10325476; | 153 | ctx->hash[3] = 0x10325476; |
154 | ctx->hash[4] = 0xc3d2e1f0; | 154 | ctx->hash[4] = 0xc3d2e1f0; |
155 | } | 155 | } |
156 | 156 | ||
157 | /* SHA1 hash data in an array of bytes into hash buffer and */ | 157 | /* SHA1 hash data in an array of bytes into hash buffer and */ |
158 | /* call the hash_compile function as required. */ | 158 | /* call the hash_compile function as required. */ |
159 | 159 | ||
160 | void sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1]) | 160 | void sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1]) |
161 | { sha1_32t pos = (sha1_32t)(ctx->count[0] & SHA1_MASK), | 161 | { sha1_32t pos = (sha1_32t)(ctx->count[0] & SHA1_MASK), |
162 | space = SHA1_BLOCK_SIZE - pos; | 162 | space = SHA1_BLOCK_SIZE - pos; |
163 | const unsigned char *sp = data; | 163 | const unsigned char *sp = data; |
164 | 164 | ||
165 | if((ctx->count[0] += len) < len) | 165 | if((ctx->count[0] += len) < len) |
166 | ++(ctx->count[1]); | 166 | ++(ctx->count[1]); |
167 | 167 | ||
168 | while(len >= space) /* tranfer whole blocks if possible */ | 168 | while(len >= space) /* tranfer whole blocks if possible */ |
169 | { | 169 | { |
170 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); | 170 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); |
171 | sp += space; len -= space; space = SHA1_BLOCK_SIZE; pos = 0; | 171 | sp += space; len -= space; space = SHA1_BLOCK_SIZE; pos = 0; |
172 | sha1_compile(ctx); | 172 | sha1_compile(ctx); |
173 | } | 173 | } |
174 | 174 | ||
175 | /*lint -e{803} conceivable data overrun */ | 175 | /*lint -e{803} conceivable data overrun */ |
176 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); | 176 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); |
177 | } | 177 | } |
178 | 178 | ||
179 | /* SHA1 final padding and digest calculation */ | 179 | /* SHA1 final padding and digest calculation */ |
180 | 180 | ||
181 | #if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) | 181 | #if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) |
182 | static sha1_32t mask[4] = | 182 | static sha1_32t mask[4] = |
183 | { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff }; | 183 | { 0x00000000, 0x000000ff, 0x0000ffff, 0x00ffffff }; |
184 | static sha1_32t bits[4] = | 184 | static sha1_32t bits[4] = |
185 | { 0x00000080, 0x00008000, 0x00800000, 0x80000000 }; | 185 | { 0x00000080, 0x00008000, 0x00800000, 0x80000000 }; |
186 | #else | 186 | #else |
187 | static sha1_32t mask[4] = | 187 | static sha1_32t mask[4] = |
188 | { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 }; | 188 | { 0x00000000, 0xff000000, 0xffff0000, 0xffffff00 }; |
189 | static sha1_32t bits[4] = | 189 | static sha1_32t bits[4] = |
190 | { 0x80000000, 0x00800000, 0x00008000, 0x00000080 }; | 190 | { 0x80000000, 0x00800000, 0x00008000, 0x00000080 }; |
191 | #endif | 191 | #endif |
192 | 192 | ||
193 | void sha1_end(unsigned char hval[], sha1_ctx ctx[1]) | 193 | void sha1_end(unsigned char hval[], sha1_ctx ctx[1]) |
194 | { sha1_32t i = (sha1_32t)(ctx->count[0] & SHA1_MASK); | 194 | { sha1_32t i = (sha1_32t)(ctx->count[0] & SHA1_MASK); |
195 | 195 | ||
196 | /* mask out the rest of any partial 32-bit word and then set */ | 196 | /* mask out the rest of any partial 32-bit word and then set */ |
197 | /* the next byte to 0x80. On big-endian machines any bytes in */ | 197 | /* the next byte to 0x80. On big-endian machines any bytes in */ |
198 | /* the buffer will be at the top end of 32 bit words, on little */ | 198 | /* the buffer will be at the top end of 32 bit words, on little */ |
199 | /* endian machines they will be at the bottom. Hence the AND */ | 199 | /* endian machines they will be at the bottom. Hence the AND */ |
200 | /* and OR masks above are reversed for little endian systems */ | 200 | /* and OR masks above are reversed for little endian systems */ |
201 | /* Note that we can always add the first padding byte at this */ | 201 | /* Note that we can always add the first padding byte at this */ |
202 | /* point because the buffer always has at least one empty slot */ | 202 | /* point because the buffer always has at least one empty slot */ |
203 | ctx->wbuf[i >> 2] = (ctx->wbuf[i >> 2] & mask[i & 3]) | bits[i & 3]; | 203 | ctx->wbuf[i >> 2] = (ctx->wbuf[i >> 2] & mask[i & 3]) | bits[i & 3]; |
204 | 204 | ||
205 | /* we need 9 or more empty positions, one for the padding byte */ | 205 | /* we need 9 or more empty positions, one for the padding byte */ |
206 | /* (above) and eight for the length count. If there is not */ | 206 | /* (above) and eight for the length count. If there is not */ |
207 | /* enough space pad and empty the buffer */ | 207 | /* enough space pad and empty the buffer */ |
208 | if(i > SHA1_BLOCK_SIZE - 9) | 208 | if(i > SHA1_BLOCK_SIZE - 9) |
209 | { | 209 | { |
210 | if(i < 60) ctx->wbuf[15] = 0; | 210 | if(i < 60) ctx->wbuf[15] = 0; |
211 | sha1_compile(ctx); | 211 | sha1_compile(ctx); |
212 | i = 0; | 212 | i = 0; |
213 | } | 213 | } |
214 | else /* compute a word index for the empty buffer positions */ | 214 | else /* compute a word index for the empty buffer positions */ |
215 | i = (i >> 2) + 1; | 215 | i = (i >> 2) + 1; |
216 | 216 | ||
217 | while(i < 14) /* and zero pad all but last two positions */ | 217 | while(i < 14) /* and zero pad all but last two positions */ |
218 | ctx->wbuf[i++] = 0; | 218 | ctx->wbuf[i++] = 0; |
219 | 219 | ||
220 | /* assemble the eight byte counter in in big-endian format */ | 220 | /* assemble the eight byte counter in in big-endian format */ |
221 | ctx->wbuf[14] = swap_b32((ctx->count[1] << 3) | (ctx->count[0] >> 29)); | 221 | ctx->wbuf[14] = swap_b32((ctx->count[1] << 3) | (ctx->count[0] >> 29)); |
222 | ctx->wbuf[15] = swap_b32(ctx->count[0] << 3); | 222 | ctx->wbuf[15] = swap_b32(ctx->count[0] << 3); |
223 | 223 | ||
224 | sha1_compile(ctx); | 224 | sha1_compile(ctx); |
225 | 225 | ||
226 | /* extract the hash value as bytes in case the hash buffer is */ | 226 | /* extract the hash value as bytes in case the hash buffer is */ |
227 | /* misaligned for 32-bit words */ | 227 | /* misaligned for 32-bit words */ |
228 | for(i = 0; i < SHA1_DIGEST_SIZE; ++i) | 228 | for(i = 0; i < SHA1_DIGEST_SIZE; ++i) |
229 | hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); | 229 | hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); |
230 | } | 230 | } |
231 | 231 | ||
232 | void sha1(unsigned char hval[], const unsigned char data[], unsigned long len) | 232 | void sha1(unsigned char hval[], const unsigned char data[], unsigned long len) |
233 | { sha1_ctx cx[1]; | 233 | { sha1_ctx cx[1]; |
234 | 234 | ||
235 | sha1_begin(cx); sha1_hash(data, len, cx); sha1_end(hval, cx); | 235 | sha1_begin(cx); sha1_hash(data, len, cx); sha1_end(hval, cx); |
236 | } | 236 | } |
237 | 237 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.h index 0b39f5c..53ea19a 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha1.h | |||
@@ -1,68 +1,68 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | */ | 32 | */ |
33 | 33 | ||
34 | #ifndef _SHA1_H | 34 | #ifndef _SHA1_H |
35 | #define _SHA1_H | 35 | #define _SHA1_H |
36 | 36 | ||
37 | #include <limits.h> | 37 | #include <limits.h> |
38 | 38 | ||
39 | #define SHA1_BLOCK_SIZE 64 | 39 | #define SHA1_BLOCK_SIZE 64 |
40 | #define SHA1_DIGEST_SIZE 20 | 40 | #define SHA1_DIGEST_SIZE 20 |
41 | 41 | ||
42 | /* define an unsigned 32-bit type */ | 42 | /* define an unsigned 32-bit type */ |
43 | 43 | ||
44 | #if UINT_MAX == 0xffffffff | 44 | #if UINT_MAX == 0xffffffff |
45 | typedef unsigned int sha1_32t; | 45 | typedef unsigned int sha1_32t; |
46 | #elif ULONG_MAX == 0xffffffff | 46 | #elif ULONG_MAX == 0xffffffff |
47 | typedef unsigned long sha1_32t; | 47 | typedef unsigned long sha1_32t; |
48 | #else | 48 | #else |
49 | #error Please define sha1_32t as an unsigned 32 bit type in sha2.h | 49 | #error Please define sha1_32t as an unsigned 32 bit type in sha2.h |
50 | #endif | 50 | #endif |
51 | 51 | ||
52 | /* type to hold the SHA256 context */ | 52 | /* type to hold the SHA256 context */ |
53 | 53 | ||
54 | typedef struct | 54 | typedef struct |
55 | { sha1_32t count[2]; | 55 | { sha1_32t count[2]; |
56 | sha1_32t hash[5]; | 56 | sha1_32t hash[5]; |
57 | sha1_32t wbuf[16]; | 57 | sha1_32t wbuf[16]; |
58 | } sha1_ctx; | 58 | } sha1_ctx; |
59 | 59 | ||
60 | void sha1_compile(sha1_ctx ctx[1]); | 60 | void sha1_compile(sha1_ctx ctx[1]); |
61 | 61 | ||
62 | void sha1_begin(sha1_ctx ctx[1]); | 62 | void sha1_begin(sha1_ctx ctx[1]); |
63 | void sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1]); | 63 | void sha1_hash(const unsigned char data[], unsigned long len, sha1_ctx ctx[1]); |
64 | void sha1_end(unsigned char hval[], sha1_ctx ctx[1]); | 64 | void sha1_end(unsigned char hval[], sha1_ctx ctx[1]); |
65 | void sha1(unsigned char hval[], const unsigned char data[], unsigned long len); | 65 | void sha1(unsigned char hval[], const unsigned char data[], unsigned long len); |
66 | 66 | ||
67 | #endif | 67 | #endif |
68 | 68 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.cpp b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.cpp index 5be1bbf..a7f1c53 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.cpp +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.cpp | |||
@@ -1,626 +1,626 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | 32 | ||
33 | This is a byte oriented version of SHA2 that operates on arrays of bytes | 33 | This is a byte oriented version of SHA2 that operates on arrays of bytes |
34 | stored in memory. This code implements sha256, sha384 and sha512 but the | 34 | stored in memory. This code implements sha256, sha384 and sha512 but the |
35 | latter two functions rely on efficient 64-bit integer operations that | 35 | latter two functions rely on efficient 64-bit integer operations that |
36 | may not be very efficient on 32-bit machines | 36 | may not be very efficient on 32-bit machines |
37 | 37 | ||
38 | The sha256 functions use a type 'sha256_ctx' to hold details of the | 38 | The sha256 functions use a type 'sha256_ctx' to hold details of the |
39 | current hash state and uses the following three calls: | 39 | current hash state and uses the following three calls: |
40 | 40 | ||
41 | void sha256_begin(sha256_ctx ctx[1]) | 41 | void sha256_begin(sha256_ctx ctx[1]) |
42 | void sha256_hash(const unsigned char data[], | 42 | void sha256_hash(const unsigned char data[], |
43 | unsigned long len, sha256_ctx ctx[1]) | 43 | unsigned long len, sha256_ctx ctx[1]) |
44 | void sha256_end(unsigned char hval[], sha256_ctx ctx[1]) | 44 | void sha256_end(unsigned char hval[], sha256_ctx ctx[1]) |
45 | 45 | ||
46 | The first subroutine initialises a hash computation by setting up the | 46 | The first subroutine initialises a hash computation by setting up the |
47 | context in the sha256_ctx context. The second subroutine hashes 8-bit | 47 | context in the sha256_ctx context. The second subroutine hashes 8-bit |
48 | bytes from array data[] into the hash state withinh sha256_ctx context, | 48 | bytes from array data[] into the hash state withinh sha256_ctx context, |
49 | the number of bytes to be hashed being given by the the unsigned long | 49 | the number of bytes to be hashed being given by the the unsigned long |
50 | integer len. The third subroutine completes the hash calculation and | 50 | integer len. The third subroutine completes the hash calculation and |
51 | places the resulting digest value in the array of 8-bit bytes hval[]. | 51 | places the resulting digest value in the array of 8-bit bytes hval[]. |
52 | 52 | ||
53 | The sha384 and sha512 functions are similar and use the interfaces: | 53 | The sha384 and sha512 functions are similar and use the interfaces: |
54 | 54 | ||
55 | void sha384_begin(sha384_ctx ctx[1]); | 55 | void sha384_begin(sha384_ctx ctx[1]); |
56 | void sha384_hash(const unsigned char data[], | 56 | void sha384_hash(const unsigned char data[], |
57 | unsigned long len, sha384_ctx ctx[1]); | 57 | unsigned long len, sha384_ctx ctx[1]); |
58 | void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); | 58 | void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); |
59 | 59 | ||
60 | void sha512_begin(sha512_ctx ctx[1]); | 60 | void sha512_begin(sha512_ctx ctx[1]); |
61 | void sha512_hash(const unsigned char data[], | 61 | void sha512_hash(const unsigned char data[], |
62 | unsigned long len, sha512_ctx ctx[1]); | 62 | unsigned long len, sha512_ctx ctx[1]); |
63 | void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); | 63 | void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); |
64 | 64 | ||
65 | In addition there is a function sha2 that can be used to call all these | 65 | In addition there is a function sha2 that can be used to call all these |
66 | functions using a call with a hash length parameter as follows: | 66 | functions using a call with a hash length parameter as follows: |
67 | 67 | ||
68 | int sha2_begin(unsigned long len, sha2_ctx ctx[1]); | 68 | int sha2_begin(unsigned long len, sha2_ctx ctx[1]); |
69 | void sha2_hash(const unsigned char data[], | 69 | void sha2_hash(const unsigned char data[], |
70 | unsigned long len, sha2_ctx ctx[1]); | 70 | unsigned long len, sha2_ctx ctx[1]); |
71 | void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); | 71 | void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); |
72 | 72 | ||
73 | My thanks to Erik Andersen <andersen@codepoet.org> for testing this code | 73 | My thanks to Erik Andersen <andersen@codepoet.org> for testing this code |
74 | on big-endian systems and for his assistance with corrections | 74 | on big-endian systems and for his assistance with corrections |
75 | */ | 75 | */ |
76 | 76 | ||
77 | /* define the hash functions that you need */ | 77 | /* define the hash functions that you need */ |
78 | 78 | ||
79 | #define SHA_2 /* for dynamic hash length */ | 79 | #define SHA_2 /* for dynamic hash length */ |
80 | #define SHA_256 | 80 | #define SHA_256 |
81 | #define SHA_384 | 81 | #define SHA_384 |
82 | #define SHA_512 | 82 | #define SHA_512 |
83 | 83 | ||
84 | #include <string.h> /* for memcpy() etc. */ | 84 | #include <string.h> /* for memcpy() etc. */ |
85 | #include <stdlib.h> /* for _lrotr with VC++ */ | 85 | #include <stdlib.h> /* for _lrotr with VC++ */ |
86 | 86 | ||
87 | #include "sha2.h" | 87 | #include "sha2.h" |
88 | #include "../os.h" | 88 | #include "../os.h" |
89 | 89 | ||
90 | /* BYTE ORDER IN 32-BIT WORDS | 90 | /* BYTE ORDER IN 32-BIT WORDS |
91 | 91 | ||
92 | To obtain the highest speed on processors with 32-bit words, this code | 92 | To obtain the highest speed on processors with 32-bit words, this code |
93 | needs to determine the byte order of the target machine. The following | 93 | needs to determine the byte order of the target machine. The following |
94 | block of code is an attempt to capture the most obvious ways in which | 94 | block of code is an attempt to capture the most obvious ways in which |
95 | various environemnts define byte order. It may well fail, in which case | 95 | various environemnts define byte order. It may well fail, in which case |
96 | the definitions will need to be set by editing at the points marked | 96 | the definitions will need to be set by editing at the points marked |
97 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for | 97 | **** EDIT HERE IF NECESSARY **** below. My thanks to Peter Gutmann for |
98 | some of these defines (from cryptlib). | 98 | some of these defines (from cryptlib). |
99 | */ | 99 | */ |
100 | 100 | ||
101 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ | 101 | #define BRG_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ |
102 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ | 102 | #define BRG_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ |
103 | 103 | ||
104 | #ifdef __BIG_ENDIAN__ | 104 | #ifdef __BIG_ENDIAN__ |
105 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN | 105 | #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN |
106 | #else | 106 | #else |
107 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN | 107 | #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN |
108 | #endif | 108 | #endif |
109 | 109 | ||
110 | #ifdef _MSC_VER | 110 | #ifdef _MSC_VER |
111 | #pragma intrinsic(memcpy) | 111 | #pragma intrinsic(memcpy) |
112 | #endif | 112 | #endif |
113 | 113 | ||
114 | #define rotr32(x,n) (((x) >> n) | ((x) << (32 - n))) | 114 | #define rotr32(x,n) (((x) >> n) | ((x) << (32 - n))) |
115 | 115 | ||
116 | #if !defined(bswap_32) | 116 | #if !defined(bswap_32) |
117 | #define bswap_32(x) irr::os::Byteswap::byteswap(x) | 117 | #define bswap_32(x) irr::os::Byteswap::byteswap(x) |
118 | #endif | 118 | #endif |
119 | 119 | ||
120 | #if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) | 120 | #if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN) |
121 | #define SWAP_BYTES | 121 | #define SWAP_BYTES |
122 | #else | 122 | #else |
123 | #undef SWAP_BYTES | 123 | #undef SWAP_BYTES |
124 | #endif | 124 | #endif |
125 | 125 | ||
126 | #if defined(SHA_2) || defined(SHA_256) | 126 | #if defined(SHA_2) || defined(SHA_256) |
127 | 127 | ||
128 | #define SHA256_MASK (SHA256_BLOCK_SIZE - 1) | 128 | #define SHA256_MASK (SHA256_BLOCK_SIZE - 1) |
129 | 129 | ||
130 | #if defined(SWAP_BYTES) | 130 | #if defined(SWAP_BYTES) |
131 | #define bsw_32(p,n) { int _i = (n); while(_i--) p[_i] = bswap_32(p[_i]); } | 131 | #define bsw_32(p,n) { int _i = (n); while(_i--) p[_i] = bswap_32(p[_i]); } |
132 | #else | 132 | #else |
133 | #define bsw_32(p,n) | 133 | #define bsw_32(p,n) |
134 | #endif | 134 | #endif |
135 | 135 | ||
136 | /* SHA256 mixing function definitions */ | 136 | /* SHA256 mixing function definitions */ |
137 | 137 | ||
138 | #if 0 | 138 | #if 0 |
139 | 139 | ||
140 | #define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) | 140 | #define ch(x,y,z) (((x) & (y)) ^ (~(x) & (z))) |
141 | #define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) | 141 | #define maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) |
142 | 142 | ||
143 | #else /* Thanks to Rich Schroeppel and Colin Plumb for the following */ | 143 | #else /* Thanks to Rich Schroeppel and Colin Plumb for the following */ |
144 | 144 | ||
145 | #define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) | 145 | #define ch(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) |
146 | #define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) | 146 | #define maj(x,y,z) (((x) & (y)) | ((z) & ((x) ^ (y)))) |
147 | 147 | ||
148 | #endif | 148 | #endif |
149 | 149 | ||
150 | #define s256_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22)) | 150 | #define s256_0(x) (rotr32((x), 2) ^ rotr32((x), 13) ^ rotr32((x), 22)) |
151 | #define s256_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25)) | 151 | #define s256_1(x) (rotr32((x), 6) ^ rotr32((x), 11) ^ rotr32((x), 25)) |
152 | #define g256_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3)) | 152 | #define g256_0(x) (rotr32((x), 7) ^ rotr32((x), 18) ^ ((x) >> 3)) |
153 | #define g256_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10)) | 153 | #define g256_1(x) (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10)) |
154 | 154 | ||
155 | /* rotated SHA256 round definition. Rather than swapping variables as in */ | 155 | /* rotated SHA256 round definition. Rather than swapping variables as in */ |
156 | /* FIPS-180, different variables are 'rotated' on each round, returning */ | 156 | /* FIPS-180, different variables are 'rotated' on each round, returning */ |
157 | /* to their starting positions every eight rounds */ | 157 | /* to their starting positions every eight rounds */ |
158 | 158 | ||
159 | #define h2(i) p[i & 15] += \ | 159 | #define h2(i) p[i & 15] += \ |
160 | g256_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g256_0(p[(i + 1) & 15]) | 160 | g256_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g256_0(p[(i + 1) & 15]) |
161 | 161 | ||
162 | #define h2_cycle(i,j) \ | 162 | #define h2_cycle(i,j) \ |
163 | v[(7 - i) & 7] += (j ? h2(i) : p[i & 15]) + k256[i + j] \ | 163 | v[(7 - i) & 7] += (j ? h2(i) : p[i & 15]) + k256[i + j] \ |
164 | + s256_1(v[(4 - i) & 7]) + ch(v[(4 - i) & 7], v[(5 - i) & 7], v[(6 - i) & 7]); \ | 164 | + s256_1(v[(4 - i) & 7]) + ch(v[(4 - i) & 7], v[(5 - i) & 7], v[(6 - i) & 7]); \ |
165 | v[(3 - i) & 7] += v[(7 - i) & 7]; \ | 165 | v[(3 - i) & 7] += v[(7 - i) & 7]; \ |
166 | v[(7 - i) & 7] += s256_0(v[(0 - i) & 7]) + maj(v[(0 - i) & 7], v[(1 - i) & 7], v[(2 - i) & 7]) | 166 | v[(7 - i) & 7] += s256_0(v[(0 - i) & 7]) + maj(v[(0 - i) & 7], v[(1 - i) & 7], v[(2 - i) & 7]) |
167 | 167 | ||
168 | /* SHA256 mixing data */ | 168 | /* SHA256 mixing data */ |
169 | 169 | ||
170 | const sha2_32t k256[64] = | 170 | const sha2_32t k256[64] = |
171 | { n_u32(428a2f98), n_u32(71374491), n_u32(b5c0fbcf), n_u32(e9b5dba5), | 171 | { n_u32(428a2f98), n_u32(71374491), n_u32(b5c0fbcf), n_u32(e9b5dba5), |
172 | n_u32(3956c25b), n_u32(59f111f1), n_u32(923f82a4), n_u32(ab1c5ed5), | 172 | n_u32(3956c25b), n_u32(59f111f1), n_u32(923f82a4), n_u32(ab1c5ed5), |
173 | n_u32(d807aa98), n_u32(12835b01), n_u32(243185be), n_u32(550c7dc3), | 173 | n_u32(d807aa98), n_u32(12835b01), n_u32(243185be), n_u32(550c7dc3), |
174 | n_u32(72be5d74), n_u32(80deb1fe), n_u32(9bdc06a7), n_u32(c19bf174), | 174 | n_u32(72be5d74), n_u32(80deb1fe), n_u32(9bdc06a7), n_u32(c19bf174), |
175 | n_u32(e49b69c1), n_u32(efbe4786), n_u32(0fc19dc6), n_u32(240ca1cc), | 175 | n_u32(e49b69c1), n_u32(efbe4786), n_u32(0fc19dc6), n_u32(240ca1cc), |
176 | n_u32(2de92c6f), n_u32(4a7484aa), n_u32(5cb0a9dc), n_u32(76f988da), | 176 | n_u32(2de92c6f), n_u32(4a7484aa), n_u32(5cb0a9dc), n_u32(76f988da), |
177 | n_u32(983e5152), n_u32(a831c66d), n_u32(b00327c8), n_u32(bf597fc7), | 177 | n_u32(983e5152), n_u32(a831c66d), n_u32(b00327c8), n_u32(bf597fc7), |
178 | n_u32(c6e00bf3), n_u32(d5a79147), n_u32(06ca6351), n_u32(14292967), | 178 | n_u32(c6e00bf3), n_u32(d5a79147), n_u32(06ca6351), n_u32(14292967), |
179 | n_u32(27b70a85), n_u32(2e1b2138), n_u32(4d2c6dfc), n_u32(53380d13), | 179 | n_u32(27b70a85), n_u32(2e1b2138), n_u32(4d2c6dfc), n_u32(53380d13), |
180 | n_u32(650a7354), n_u32(766a0abb), n_u32(81c2c92e), n_u32(92722c85), | 180 | n_u32(650a7354), n_u32(766a0abb), n_u32(81c2c92e), n_u32(92722c85), |
181 | n_u32(a2bfe8a1), n_u32(a81a664b), n_u32(c24b8b70), n_u32(c76c51a3), | 181 | n_u32(a2bfe8a1), n_u32(a81a664b), n_u32(c24b8b70), n_u32(c76c51a3), |
182 | n_u32(d192e819), n_u32(d6990624), n_u32(f40e3585), n_u32(106aa070), | 182 | n_u32(d192e819), n_u32(d6990624), n_u32(f40e3585), n_u32(106aa070), |
183 | n_u32(19a4c116), n_u32(1e376c08), n_u32(2748774c), n_u32(34b0bcb5), | 183 | n_u32(19a4c116), n_u32(1e376c08), n_u32(2748774c), n_u32(34b0bcb5), |
184 | n_u32(391c0cb3), n_u32(4ed8aa4a), n_u32(5b9cca4f), n_u32(682e6ff3), | 184 | n_u32(391c0cb3), n_u32(4ed8aa4a), n_u32(5b9cca4f), n_u32(682e6ff3), |
185 | n_u32(748f82ee), n_u32(78a5636f), n_u32(84c87814), n_u32(8cc70208), | 185 | n_u32(748f82ee), n_u32(78a5636f), n_u32(84c87814), n_u32(8cc70208), |
186 | n_u32(90befffa), n_u32(a4506ceb), n_u32(bef9a3f7), n_u32(c67178f2), | 186 | n_u32(90befffa), n_u32(a4506ceb), n_u32(bef9a3f7), n_u32(c67178f2), |
187 | }; | 187 | }; |
188 | 188 | ||
189 | /* SHA256 initialisation data */ | 189 | /* SHA256 initialisation data */ |
190 | 190 | ||
191 | const sha2_32t i256[8] = | 191 | const sha2_32t i256[8] = |
192 | { | 192 | { |
193 | n_u32(6a09e667), n_u32(bb67ae85), n_u32(3c6ef372), n_u32(a54ff53a), | 193 | n_u32(6a09e667), n_u32(bb67ae85), n_u32(3c6ef372), n_u32(a54ff53a), |
194 | n_u32(510e527f), n_u32(9b05688c), n_u32(1f83d9ab), n_u32(5be0cd19) | 194 | n_u32(510e527f), n_u32(9b05688c), n_u32(1f83d9ab), n_u32(5be0cd19) |
195 | }; | 195 | }; |
196 | 196 | ||
197 | sha2_void sha256_begin(sha256_ctx ctx[1]) | 197 | sha2_void sha256_begin(sha256_ctx ctx[1]) |
198 | { | 198 | { |
199 | ctx->count[0] = ctx->count[1] = 0; | 199 | ctx->count[0] = ctx->count[1] = 0; |
200 | memcpy(ctx->hash, i256, 8 * sizeof(sha2_32t)); | 200 | memcpy(ctx->hash, i256, 8 * sizeof(sha2_32t)); |
201 | } | 201 | } |
202 | 202 | ||
203 | /* Compile 64 bytes of hash data into SHA256 digest value */ | 203 | /* Compile 64 bytes of hash data into SHA256 digest value */ |
204 | /* NOTE: this routine assumes that the byte order in the */ | 204 | /* NOTE: this routine assumes that the byte order in the */ |
205 | /* ctx->wbuf[] at this point is in such an order that low */ | 205 | /* ctx->wbuf[] at this point is in such an order that low */ |
206 | /* address bytes in the ORIGINAL byte stream placed in this */ | 206 | /* address bytes in the ORIGINAL byte stream placed in this */ |
207 | /* buffer will now go to the high end of words on BOTH big */ | 207 | /* buffer will now go to the high end of words on BOTH big */ |
208 | /* and little endian systems */ | 208 | /* and little endian systems */ |
209 | 209 | ||
210 | sha2_void sha256_compile(sha256_ctx ctx[1]) | 210 | sha2_void sha256_compile(sha256_ctx ctx[1]) |
211 | { sha2_32t v[8], j, *p = ctx->wbuf; | 211 | { sha2_32t v[8], j, *p = ctx->wbuf; |
212 | 212 | ||
213 | memcpy(v, ctx->hash, 8 * sizeof(sha2_32t)); | 213 | memcpy(v, ctx->hash, 8 * sizeof(sha2_32t)); |
214 | 214 | ||
215 | for(j = 0; j < 64; j += 16) | 215 | for(j = 0; j < 64; j += 16) |
216 | { | 216 | { |
217 | h2_cycle( 0, j); h2_cycle( 1, j); h2_cycle( 2, j); h2_cycle( 3, j); | 217 | h2_cycle( 0, j); h2_cycle( 1, j); h2_cycle( 2, j); h2_cycle( 3, j); |
218 | h2_cycle( 4, j); h2_cycle( 5, j); h2_cycle( 6, j); h2_cycle( 7, j); | 218 | h2_cycle( 4, j); h2_cycle( 5, j); h2_cycle( 6, j); h2_cycle( 7, j); |
219 | h2_cycle( 8, j); h2_cycle( 9, j); h2_cycle(10, j); h2_cycle(11, j); | 219 | h2_cycle( 8, j); h2_cycle( 9, j); h2_cycle(10, j); h2_cycle(11, j); |
220 | h2_cycle(12, j); h2_cycle(13, j); h2_cycle(14, j); h2_cycle(15, j); | 220 | h2_cycle(12, j); h2_cycle(13, j); h2_cycle(14, j); h2_cycle(15, j); |
221 | } | 221 | } |
222 | 222 | ||
223 | ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; | 223 | ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; |
224 | ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; | 224 | ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; |
225 | } | 225 | } |
226 | 226 | ||
227 | /* SHA256 hash data in an array of bytes into hash buffer */ | 227 | /* SHA256 hash data in an array of bytes into hash buffer */ |
228 | /* and call the hash_compile function as required. */ | 228 | /* and call the hash_compile function as required. */ |
229 | 229 | ||
230 | sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]) | 230 | sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]) |
231 | { sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA256_MASK), | 231 | { sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA256_MASK), |
232 | space = SHA256_BLOCK_SIZE - pos; | 232 | space = SHA256_BLOCK_SIZE - pos; |
233 | const unsigned char *sp = data; | 233 | const unsigned char *sp = data; |
234 | 234 | ||
235 | if((ctx->count[0] += len) < len) | 235 | if((ctx->count[0] += len) < len) |
236 | ++(ctx->count[1]); | 236 | ++(ctx->count[1]); |
237 | 237 | ||
238 | while(len >= space) /* tranfer whole blocks while possible */ | 238 | while(len >= space) /* tranfer whole blocks while possible */ |
239 | { | 239 | { |
240 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); | 240 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); |
241 | sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0; | 241 | sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0; |
242 | bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2) | 242 | bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2) |
243 | sha256_compile(ctx); | 243 | sha256_compile(ctx); |
244 | } | 244 | } |
245 | 245 | ||
246 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); | 246 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); |
247 | } | 247 | } |
248 | 248 | ||
249 | /* SHA256 Final padding and digest calculation */ | 249 | /* SHA256 Final padding and digest calculation */ |
250 | 250 | ||
251 | static sha2_32t m1[4] = | 251 | static sha2_32t m1[4] = |
252 | { | 252 | { |
253 | n_u32(00000000), n_u32(ff000000), n_u32(ffff0000), n_u32(ffffff00) | 253 | n_u32(00000000), n_u32(ff000000), n_u32(ffff0000), n_u32(ffffff00) |
254 | }; | 254 | }; |
255 | 255 | ||
256 | static sha2_32t b1[4] = | 256 | static sha2_32t b1[4] = |
257 | { | 257 | { |
258 | n_u32(80000000), n_u32(00800000), n_u32(00008000), n_u32(00000080) | 258 | n_u32(80000000), n_u32(00800000), n_u32(00008000), n_u32(00000080) |
259 | }; | 259 | }; |
260 | 260 | ||
261 | sha2_void sha256_end(unsigned char hval[], sha256_ctx ctx[1]) | 261 | sha2_void sha256_end(unsigned char hval[], sha256_ctx ctx[1]) |
262 | { sha2_32t i = (sha2_32t)(ctx->count[0] & SHA256_MASK); | 262 | { sha2_32t i = (sha2_32t)(ctx->count[0] & SHA256_MASK); |
263 | 263 | ||
264 | bsw_32(ctx->wbuf, (i + 3) >> 2) | 264 | bsw_32(ctx->wbuf, (i + 3) >> 2) |
265 | /* bytes in the buffer are now in an order in which references */ | 265 | /* bytes in the buffer are now in an order in which references */ |
266 | /* to 32-bit words will put bytes with lower addresses into the */ | 266 | /* to 32-bit words will put bytes with lower addresses into the */ |
267 | /* top of 32 bit words on BOTH big and little endian machines */ | 267 | /* top of 32 bit words on BOTH big and little endian machines */ |
268 | 268 | ||
269 | /* we now need to mask valid bytes and add the padding which is */ | 269 | /* we now need to mask valid bytes and add the padding which is */ |
270 | /* a single 1 bit and as many zero bits as necessary. */ | 270 | /* a single 1 bit and as many zero bits as necessary. */ |
271 | ctx->wbuf[i >> 2] = (ctx->wbuf[i >> 2] & m1[i & 3]) | b1[i & 3]; | 271 | ctx->wbuf[i >> 2] = (ctx->wbuf[i >> 2] & m1[i & 3]) | b1[i & 3]; |
272 | 272 | ||
273 | /* we need 9 or more empty positions, one for the padding byte */ | 273 | /* we need 9 or more empty positions, one for the padding byte */ |
274 | /* (above) and eight for the length count. If there is not */ | 274 | /* (above) and eight for the length count. If there is not */ |
275 | /* enough space pad and empty the buffer */ | 275 | /* enough space pad and empty the buffer */ |
276 | if(i > SHA256_BLOCK_SIZE - 9) | 276 | if(i > SHA256_BLOCK_SIZE - 9) |
277 | { | 277 | { |
278 | if(i < 60) ctx->wbuf[15] = 0; | 278 | if(i < 60) ctx->wbuf[15] = 0; |
279 | sha256_compile(ctx); | 279 | sha256_compile(ctx); |
280 | i = 0; | 280 | i = 0; |
281 | } | 281 | } |
282 | else /* compute a word index for the empty buffer positions */ | 282 | else /* compute a word index for the empty buffer positions */ |
283 | i = (i >> 2) + 1; | 283 | i = (i >> 2) + 1; |
284 | 284 | ||
285 | while(i < 14) /* and zero pad all but last two positions */ | 285 | while(i < 14) /* and zero pad all but last two positions */ |
286 | ctx->wbuf[i++] = 0; | 286 | ctx->wbuf[i++] = 0; |
287 | 287 | ||
288 | /* the following 32-bit length fields are assembled in the */ | 288 | /* the following 32-bit length fields are assembled in the */ |
289 | /* wrong byte order on little endian machines but this is */ | 289 | /* wrong byte order on little endian machines but this is */ |
290 | /* corrected later since they are only ever used as 32-bit */ | 290 | /* corrected later since they are only ever used as 32-bit */ |
291 | /* word values. */ | 291 | /* word values. */ |
292 | 292 | ||
293 | ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29); | 293 | ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29); |
294 | ctx->wbuf[15] = ctx->count[0] << 3; | 294 | ctx->wbuf[15] = ctx->count[0] << 3; |
295 | 295 | ||
296 | sha256_compile(ctx); | 296 | sha256_compile(ctx); |
297 | 297 | ||
298 | /* extract the hash value as bytes in case the hash buffer is */ | 298 | /* extract the hash value as bytes in case the hash buffer is */ |
299 | /* mislaigned for 32-bit words */ | 299 | /* mislaigned for 32-bit words */ |
300 | for(i = 0; i < SHA256_DIGEST_SIZE; ++i) | 300 | for(i = 0; i < SHA256_DIGEST_SIZE; ++i) |
301 | hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); | 301 | hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3))); |
302 | } | 302 | } |
303 | 303 | ||
304 | sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len) | 304 | sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len) |
305 | { sha256_ctx cx[1]; | 305 | { sha256_ctx cx[1]; |
306 | 306 | ||
307 | sha256_begin(cx); sha256_hash(data, len, cx); sha256_end(hval, cx); | 307 | sha256_begin(cx); sha256_hash(data, len, cx); sha256_end(hval, cx); |
308 | } | 308 | } |
309 | 309 | ||
310 | #endif | 310 | #endif |
311 | 311 | ||
312 | #if defined(SHA_2) || defined(SHA_384) || defined(SHA_512) | 312 | #if defined(SHA_2) || defined(SHA_384) || defined(SHA_512) |
313 | 313 | ||
314 | #define SHA512_MASK (SHA512_BLOCK_SIZE - 1) | 314 | #define SHA512_MASK (SHA512_BLOCK_SIZE - 1) |
315 | 315 | ||
316 | #define rotr64(x,n) (((x) >> n) | ((x) << (64 - n))) | 316 | #define rotr64(x,n) (((x) >> n) | ((x) << (64 - n))) |
317 | 317 | ||
318 | #if !defined(bswap_64) | 318 | #if !defined(bswap_64) |
319 | #define bswap_64(x) ((((sha2_64t)(bswap_32((sha2_32t)(x)))) << 32) | (bswap_32((sha2_32t)((x) >> 32)))) | 319 | #define bswap_64(x) ((((sha2_64t)(bswap_32((sha2_32t)(x)))) << 32) | (bswap_32((sha2_32t)((x) >> 32)))) |
320 | #endif | 320 | #endif |
321 | 321 | ||
322 | #if defined(SWAP_BYTES) | 322 | #if defined(SWAP_BYTES) |
323 | #define bsw_64(p,n) { int _i = (n); while(_i--) p[_i] = bswap_64(p[_i]); } | 323 | #define bsw_64(p,n) { int _i = (n); while(_i--) p[_i] = bswap_64(p[_i]); } |
324 | #else | 324 | #else |
325 | #define bsw_64(p,n) | 325 | #define bsw_64(p,n) |
326 | #endif | 326 | #endif |
327 | 327 | ||
328 | /* SHA512 mixing function definitions */ | 328 | /* SHA512 mixing function definitions */ |
329 | 329 | ||
330 | #define s512_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39)) | 330 | #define s512_0(x) (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39)) |
331 | #define s512_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41)) | 331 | #define s512_1(x) (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41)) |
332 | #define g512_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7)) | 332 | #define g512_0(x) (rotr64((x), 1) ^ rotr64((x), 8) ^ ((x) >> 7)) |
333 | #define g512_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6)) | 333 | #define g512_1(x) (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >> 6)) |
334 | 334 | ||
335 | /* rotated SHA512 round definition. Rather than swapping variables as in */ | 335 | /* rotated SHA512 round definition. Rather than swapping variables as in */ |
336 | /* FIPS-180, different variables are 'rotated' on each round, returning */ | 336 | /* FIPS-180, different variables are 'rotated' on each round, returning */ |
337 | /* to their starting positions every eight rounds */ | 337 | /* to their starting positions every eight rounds */ |
338 | 338 | ||
339 | #define h5(i) ctx->wbuf[i & 15] += \ | 339 | #define h5(i) ctx->wbuf[i & 15] += \ |
340 | g512_1(ctx->wbuf[(i + 14) & 15]) + ctx->wbuf[(i + 9) & 15] + g512_0(ctx->wbuf[(i + 1) & 15]) | 340 | g512_1(ctx->wbuf[(i + 14) & 15]) + ctx->wbuf[(i + 9) & 15] + g512_0(ctx->wbuf[(i + 1) & 15]) |
341 | 341 | ||
342 | #define h5_cycle(i,j) \ | 342 | #define h5_cycle(i,j) \ |
343 | v[(7 - i) & 7] += (j ? h5(i) : ctx->wbuf[i & 15]) + k512[i + j] \ | 343 | v[(7 - i) & 7] += (j ? h5(i) : ctx->wbuf[i & 15]) + k512[i + j] \ |
344 | + s512_1(v[(4 - i) & 7]) + ch(v[(4 - i) & 7], v[(5 - i) & 7], v[(6 - i) & 7]); \ | 344 | + s512_1(v[(4 - i) & 7]) + ch(v[(4 - i) & 7], v[(5 - i) & 7], v[(6 - i) & 7]); \ |
345 | v[(3 - i) & 7] += v[(7 - i) & 7]; \ | 345 | v[(3 - i) & 7] += v[(7 - i) & 7]; \ |
346 | v[(7 - i) & 7] += s512_0(v[(0 - i) & 7]) + maj(v[(0 - i) & 7], v[(1 - i) & 7], v[(2 - i) & 7]) | 346 | v[(7 - i) & 7] += s512_0(v[(0 - i) & 7]) + maj(v[(0 - i) & 7], v[(1 - i) & 7], v[(2 - i) & 7]) |
347 | 347 | ||
348 | /* SHA384/SHA512 mixing data */ | 348 | /* SHA384/SHA512 mixing data */ |
349 | 349 | ||
350 | const sha2_64t k512[80] = | 350 | const sha2_64t k512[80] = |
351 | { | 351 | { |
352 | n_u64(428a2f98d728ae22), n_u64(7137449123ef65cd), | 352 | n_u64(428a2f98d728ae22), n_u64(7137449123ef65cd), |
353 | n_u64(b5c0fbcfec4d3b2f), n_u64(e9b5dba58189dbbc), | 353 | n_u64(b5c0fbcfec4d3b2f), n_u64(e9b5dba58189dbbc), |
354 | n_u64(3956c25bf348b538), n_u64(59f111f1b605d019), | 354 | n_u64(3956c25bf348b538), n_u64(59f111f1b605d019), |
355 | n_u64(923f82a4af194f9b), n_u64(ab1c5ed5da6d8118), | 355 | n_u64(923f82a4af194f9b), n_u64(ab1c5ed5da6d8118), |
356 | n_u64(d807aa98a3030242), n_u64(12835b0145706fbe), | 356 | n_u64(d807aa98a3030242), n_u64(12835b0145706fbe), |
357 | n_u64(243185be4ee4b28c), n_u64(550c7dc3d5ffb4e2), | 357 | n_u64(243185be4ee4b28c), n_u64(550c7dc3d5ffb4e2), |
358 | n_u64(72be5d74f27b896f), n_u64(80deb1fe3b1696b1), | 358 | n_u64(72be5d74f27b896f), n_u64(80deb1fe3b1696b1), |
359 | n_u64(9bdc06a725c71235), n_u64(c19bf174cf692694), | 359 | n_u64(9bdc06a725c71235), n_u64(c19bf174cf692694), |
360 | n_u64(e49b69c19ef14ad2), n_u64(efbe4786384f25e3), | 360 | n_u64(e49b69c19ef14ad2), n_u64(efbe4786384f25e3), |
361 | n_u64(0fc19dc68b8cd5b5), n_u64(240ca1cc77ac9c65), | 361 | n_u64(0fc19dc68b8cd5b5), n_u64(240ca1cc77ac9c65), |
362 | n_u64(2de92c6f592b0275), n_u64(4a7484aa6ea6e483), | 362 | n_u64(2de92c6f592b0275), n_u64(4a7484aa6ea6e483), |
363 | n_u64(5cb0a9dcbd41fbd4), n_u64(76f988da831153b5), | 363 | n_u64(5cb0a9dcbd41fbd4), n_u64(76f988da831153b5), |
364 | n_u64(983e5152ee66dfab), n_u64(a831c66d2db43210), | 364 | n_u64(983e5152ee66dfab), n_u64(a831c66d2db43210), |
365 | n_u64(b00327c898fb213f), n_u64(bf597fc7beef0ee4), | 365 | n_u64(b00327c898fb213f), n_u64(bf597fc7beef0ee4), |
366 | n_u64(c6e00bf33da88fc2), n_u64(d5a79147930aa725), | 366 | n_u64(c6e00bf33da88fc2), n_u64(d5a79147930aa725), |
367 | n_u64(06ca6351e003826f), n_u64(142929670a0e6e70), | 367 | n_u64(06ca6351e003826f), n_u64(142929670a0e6e70), |
368 | n_u64(27b70a8546d22ffc), n_u64(2e1b21385c26c926), | 368 | n_u64(27b70a8546d22ffc), n_u64(2e1b21385c26c926), |
369 | n_u64(4d2c6dfc5ac42aed), n_u64(53380d139d95b3df), | 369 | n_u64(4d2c6dfc5ac42aed), n_u64(53380d139d95b3df), |
370 | n_u64(650a73548baf63de), n_u64(766a0abb3c77b2a8), | 370 | n_u64(650a73548baf63de), n_u64(766a0abb3c77b2a8), |
371 | n_u64(81c2c92e47edaee6), n_u64(92722c851482353b), | 371 | n_u64(81c2c92e47edaee6), n_u64(92722c851482353b), |
372 | n_u64(a2bfe8a14cf10364), n_u64(a81a664bbc423001), | 372 | n_u64(a2bfe8a14cf10364), n_u64(a81a664bbc423001), |
373 | n_u64(c24b8b70d0f89791), n_u64(c76c51a30654be30), | 373 | n_u64(c24b8b70d0f89791), n_u64(c76c51a30654be30), |
374 | n_u64(d192e819d6ef5218), n_u64(d69906245565a910), | 374 | n_u64(d192e819d6ef5218), n_u64(d69906245565a910), |
375 | n_u64(f40e35855771202a), n_u64(106aa07032bbd1b8), | 375 | n_u64(f40e35855771202a), n_u64(106aa07032bbd1b8), |
376 | n_u64(19a4c116b8d2d0c8), n_u64(1e376c085141ab53), | 376 | n_u64(19a4c116b8d2d0c8), n_u64(1e376c085141ab53), |
377 | n_u64(2748774cdf8eeb99), n_u64(34b0bcb5e19b48a8), | 377 | n_u64(2748774cdf8eeb99), n_u64(34b0bcb5e19b48a8), |
378 | n_u64(391c0cb3c5c95a63), n_u64(4ed8aa4ae3418acb), | 378 | n_u64(391c0cb3c5c95a63), n_u64(4ed8aa4ae3418acb), |
379 | n_u64(5b9cca4f7763e373), n_u64(682e6ff3d6b2b8a3), | 379 | n_u64(5b9cca4f7763e373), n_u64(682e6ff3d6b2b8a3), |
380 | n_u64(748f82ee5defb2fc), n_u64(78a5636f43172f60), | 380 | n_u64(748f82ee5defb2fc), n_u64(78a5636f43172f60), |
381 | n_u64(84c87814a1f0ab72), n_u64(8cc702081a6439ec), | 381 | n_u64(84c87814a1f0ab72), n_u64(8cc702081a6439ec), |
382 | n_u64(90befffa23631e28), n_u64(a4506cebde82bde9), | 382 | n_u64(90befffa23631e28), n_u64(a4506cebde82bde9), |
383 | n_u64(bef9a3f7b2c67915), n_u64(c67178f2e372532b), | 383 | n_u64(bef9a3f7b2c67915), n_u64(c67178f2e372532b), |
384 | n_u64(ca273eceea26619c), n_u64(d186b8c721c0c207), | 384 | n_u64(ca273eceea26619c), n_u64(d186b8c721c0c207), |
385 | n_u64(eada7dd6cde0eb1e), n_u64(f57d4f7fee6ed178), | 385 | n_u64(eada7dd6cde0eb1e), n_u64(f57d4f7fee6ed178), |
386 | n_u64(06f067aa72176fba), n_u64(0a637dc5a2c898a6), | 386 | n_u64(06f067aa72176fba), n_u64(0a637dc5a2c898a6), |
387 | n_u64(113f9804bef90dae), n_u64(1b710b35131c471b), | 387 | n_u64(113f9804bef90dae), n_u64(1b710b35131c471b), |
388 | n_u64(28db77f523047d84), n_u64(32caab7b40c72493), | 388 | n_u64(28db77f523047d84), n_u64(32caab7b40c72493), |
389 | n_u64(3c9ebe0a15c9bebc), n_u64(431d67c49c100d4c), | 389 | n_u64(3c9ebe0a15c9bebc), n_u64(431d67c49c100d4c), |
390 | n_u64(4cc5d4becb3e42b6), n_u64(597f299cfc657e2a), | 390 | n_u64(4cc5d4becb3e42b6), n_u64(597f299cfc657e2a), |
391 | n_u64(5fcb6fab3ad6faec), n_u64(6c44198c4a475817) | 391 | n_u64(5fcb6fab3ad6faec), n_u64(6c44198c4a475817) |
392 | }; | 392 | }; |
393 | 393 | ||
394 | /* Compile 64 bytes of hash data into SHA384/SHA512 digest value */ | 394 | /* Compile 64 bytes of hash data into SHA384/SHA512 digest value */ |
395 | 395 | ||
396 | sha2_void sha512_compile(sha512_ctx ctx[1]) | 396 | sha2_void sha512_compile(sha512_ctx ctx[1]) |
397 | { sha2_64t v[8]; | 397 | { sha2_64t v[8]; |
398 | sha2_32t j; | 398 | sha2_32t j; |
399 | 399 | ||
400 | memcpy(v, ctx->hash, 8 * sizeof(sha2_64t)); | 400 | memcpy(v, ctx->hash, 8 * sizeof(sha2_64t)); |
401 | 401 | ||
402 | for(j = 0; j < 80; j += 16) | 402 | for(j = 0; j < 80; j += 16) |
403 | { | 403 | { |
404 | h5_cycle( 0, j); h5_cycle( 1, j); h5_cycle( 2, j); h5_cycle( 3, j); | 404 | h5_cycle( 0, j); h5_cycle( 1, j); h5_cycle( 2, j); h5_cycle( 3, j); |
405 | h5_cycle( 4, j); h5_cycle( 5, j); h5_cycle( 6, j); h5_cycle( 7, j); | 405 | h5_cycle( 4, j); h5_cycle( 5, j); h5_cycle( 6, j); h5_cycle( 7, j); |
406 | h5_cycle( 8, j); h5_cycle( 9, j); h5_cycle(10, j); h5_cycle(11, j); | 406 | h5_cycle( 8, j); h5_cycle( 9, j); h5_cycle(10, j); h5_cycle(11, j); |
407 | h5_cycle(12, j); h5_cycle(13, j); h5_cycle(14, j); h5_cycle(15, j); | 407 | h5_cycle(12, j); h5_cycle(13, j); h5_cycle(14, j); h5_cycle(15, j); |
408 | } | 408 | } |
409 | 409 | ||
410 | ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; | 410 | ctx->hash[0] += v[0]; ctx->hash[1] += v[1]; ctx->hash[2] += v[2]; ctx->hash[3] += v[3]; |
411 | ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; | 411 | ctx->hash[4] += v[4]; ctx->hash[5] += v[5]; ctx->hash[6] += v[6]; ctx->hash[7] += v[7]; |
412 | } | 412 | } |
413 | 413 | ||
414 | /* Compile 128 bytes of hash data into SHA256 digest value */ | 414 | /* Compile 128 bytes of hash data into SHA256 digest value */ |
415 | /* NOTE: this routine assumes that the byte order in the */ | 415 | /* NOTE: this routine assumes that the byte order in the */ |
416 | /* ctx->wbuf[] at this point is in such an order that low */ | 416 | /* ctx->wbuf[] at this point is in such an order that low */ |
417 | /* address bytes in the ORIGINAL byte stream placed in this */ | 417 | /* address bytes in the ORIGINAL byte stream placed in this */ |
418 | /* buffer will now go to the high end of words on BOTH big */ | 418 | /* buffer will now go to the high end of words on BOTH big */ |
419 | /* and little endian systems */ | 419 | /* and little endian systems */ |
420 | 420 | ||
421 | sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]) | 421 | sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]) |
422 | { sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA512_MASK), | 422 | { sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA512_MASK), |
423 | space = SHA512_BLOCK_SIZE - pos; | 423 | space = SHA512_BLOCK_SIZE - pos; |
424 | const unsigned char *sp = data; | 424 | const unsigned char *sp = data; |
425 | 425 | ||
426 | if((ctx->count[0] += len) < len) | 426 | if((ctx->count[0] += len) < len) |
427 | ++(ctx->count[1]); | 427 | ++(ctx->count[1]); |
428 | 428 | ||
429 | while(len >= space) /* tranfer whole blocks while possible */ | 429 | while(len >= space) /* tranfer whole blocks while possible */ |
430 | { | 430 | { |
431 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); | 431 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space); |
432 | sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0; | 432 | sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0; |
433 | bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3); | 433 | bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3); |
434 | sha512_compile(ctx); | 434 | sha512_compile(ctx); |
435 | } | 435 | } |
436 | 436 | ||
437 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); | 437 | memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len); |
438 | } | 438 | } |
439 | 439 | ||
440 | /* SHA384/512 Final padding and digest calculation */ | 440 | /* SHA384/512 Final padding and digest calculation */ |
441 | 441 | ||
442 | static sha2_64t m2[8] = | 442 | static sha2_64t m2[8] = |
443 | { | 443 | { |
444 | n_u64(0000000000000000), n_u64(ff00000000000000), | 444 | n_u64(0000000000000000), n_u64(ff00000000000000), |
445 | n_u64(ffff000000000000), n_u64(ffffff0000000000), | 445 | n_u64(ffff000000000000), n_u64(ffffff0000000000), |
446 | n_u64(ffffffff00000000), n_u64(ffffffffff000000), | 446 | n_u64(ffffffff00000000), n_u64(ffffffffff000000), |
447 | n_u64(ffffffffffff0000), n_u64(ffffffffffffff00) | 447 | n_u64(ffffffffffff0000), n_u64(ffffffffffffff00) |
448 | }; | 448 | }; |
449 | 449 | ||
450 | static sha2_64t b2[8] = | 450 | static sha2_64t b2[8] = |
451 | { | 451 | { |
452 | n_u64(8000000000000000), n_u64(0080000000000000), | 452 | n_u64(8000000000000000), n_u64(0080000000000000), |
453 | n_u64(0000800000000000), n_u64(0000008000000000), | 453 | n_u64(0000800000000000), n_u64(0000008000000000), |
454 | n_u64(0000000080000000), n_u64(0000000000800000), | 454 | n_u64(0000000080000000), n_u64(0000000000800000), |
455 | n_u64(0000000000008000), n_u64(0000000000000080) | 455 | n_u64(0000000000008000), n_u64(0000000000000080) |
456 | }; | 456 | }; |
457 | 457 | ||
458 | static void sha_end(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen) | 458 | static void sha_end(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen) |
459 | { sha2_32t i = (sha2_32t)(ctx->count[0] & SHA512_MASK); | 459 | { sha2_32t i = (sha2_32t)(ctx->count[0] & SHA512_MASK); |
460 | 460 | ||
461 | bsw_64(ctx->wbuf, (i + 7) >> 3); | 461 | bsw_64(ctx->wbuf, (i + 7) >> 3); |
462 | 462 | ||
463 | /* bytes in the buffer are now in an order in which references */ | 463 | /* bytes in the buffer are now in an order in which references */ |
464 | /* to 64-bit words will put bytes with lower addresses into the */ | 464 | /* to 64-bit words will put bytes with lower addresses into the */ |
465 | /* top of 64 bit words on BOTH big and little endian machines */ | 465 | /* top of 64 bit words on BOTH big and little endian machines */ |
466 | 466 | ||
467 | /* we now need to mask valid bytes and add the padding which is */ | 467 | /* we now need to mask valid bytes and add the padding which is */ |
468 | /* a single 1 bit and as many zero bits as necessary. */ | 468 | /* a single 1 bit and as many zero bits as necessary. */ |
469 | ctx->wbuf[i >> 3] = (ctx->wbuf[i >> 3] & m2[i & 7]) | b2[i & 7]; | 469 | ctx->wbuf[i >> 3] = (ctx->wbuf[i >> 3] & m2[i & 7]) | b2[i & 7]; |
470 | 470 | ||
471 | /* we need 17 or more empty byte positions, one for the padding */ | 471 | /* we need 17 or more empty byte positions, one for the padding */ |
472 | /* byte (above) and sixteen for the length count. If there is */ | 472 | /* byte (above) and sixteen for the length count. If there is */ |
473 | /* not enough space pad and empty the buffer */ | 473 | /* not enough space pad and empty the buffer */ |
474 | if(i > SHA512_BLOCK_SIZE - 17) | 474 | if(i > SHA512_BLOCK_SIZE - 17) |
475 | { | 475 | { |
476 | if(i < 120) ctx->wbuf[15] = 0; | 476 | if(i < 120) ctx->wbuf[15] = 0; |
477 | sha512_compile(ctx); | 477 | sha512_compile(ctx); |
478 | i = 0; | 478 | i = 0; |
479 | } | 479 | } |
480 | else | 480 | else |
481 | i = (i >> 3) + 1; | 481 | i = (i >> 3) + 1; |
482 | 482 | ||
483 | while(i < 14) | 483 | while(i < 14) |
484 | ctx->wbuf[i++] = 0; | 484 | ctx->wbuf[i++] = 0; |
485 | 485 | ||
486 | /* the following 64-bit length fields are assembled in the */ | 486 | /* the following 64-bit length fields are assembled in the */ |
487 | /* wrong byte order on little endian machines but this is */ | 487 | /* wrong byte order on little endian machines but this is */ |
488 | /* corrected later since they are only ever used as 64-bit */ | 488 | /* corrected later since they are only ever used as 64-bit */ |
489 | /* word values. */ | 489 | /* word values. */ |
490 | 490 | ||
491 | ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61); | 491 | ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61); |
492 | ctx->wbuf[15] = ctx->count[0] << 3; | 492 | ctx->wbuf[15] = ctx->count[0] << 3; |
493 | 493 | ||
494 | sha512_compile(ctx); | 494 | sha512_compile(ctx); |
495 | 495 | ||
496 | /* extract the hash value as bytes in case the hash buffer is */ | 496 | /* extract the hash value as bytes in case the hash buffer is */ |
497 | /* misaligned for 32-bit words */ | 497 | /* misaligned for 32-bit words */ |
498 | for(i = 0; i < hlen; ++i) | 498 | for(i = 0; i < hlen; ++i) |
499 | hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7))); | 499 | hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7))); |
500 | } | 500 | } |
501 | 501 | ||
502 | #endif | 502 | #endif |
503 | 503 | ||
504 | #if defined(SHA_2) || defined(SHA_384) | 504 | #if defined(SHA_2) || defined(SHA_384) |
505 | 505 | ||
506 | /* SHA384 initialisation data */ | 506 | /* SHA384 initialisation data */ |
507 | 507 | ||
508 | const sha2_64t i384[80] = | 508 | const sha2_64t i384[80] = |
509 | { | 509 | { |
510 | n_u64(cbbb9d5dc1059ed8), n_u64(629a292a367cd507), | 510 | n_u64(cbbb9d5dc1059ed8), n_u64(629a292a367cd507), |
511 | n_u64(9159015a3070dd17), n_u64(152fecd8f70e5939), | 511 | n_u64(9159015a3070dd17), n_u64(152fecd8f70e5939), |
512 | n_u64(67332667ffc00b31), n_u64(8eb44a8768581511), | 512 | n_u64(67332667ffc00b31), n_u64(8eb44a8768581511), |
513 | n_u64(db0c2e0d64f98fa7), n_u64(47b5481dbefa4fa4) | 513 | n_u64(db0c2e0d64f98fa7), n_u64(47b5481dbefa4fa4) |
514 | }; | 514 | }; |
515 | 515 | ||
516 | sha2_void sha384_begin(sha384_ctx ctx[1]) | 516 | sha2_void sha384_begin(sha384_ctx ctx[1]) |
517 | { | 517 | { |
518 | ctx->count[0] = ctx->count[1] = 0; | 518 | ctx->count[0] = ctx->count[1] = 0; |
519 | memcpy(ctx->hash, i384, 8 * sizeof(sha2_64t)); | 519 | memcpy(ctx->hash, i384, 8 * sizeof(sha2_64t)); |
520 | } | 520 | } |
521 | 521 | ||
522 | sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1]) | 522 | sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1]) |
523 | { | 523 | { |
524 | sha_end(hval, ctx, SHA384_DIGEST_SIZE); | 524 | sha_end(hval, ctx, SHA384_DIGEST_SIZE); |
525 | } | 525 | } |
526 | 526 | ||
527 | sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len) | 527 | sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len) |
528 | { sha384_ctx cx[1]; | 528 | { sha384_ctx cx[1]; |
529 | 529 | ||
530 | sha384_begin(cx); sha384_hash(data, len, cx); sha384_end(hval, cx); | 530 | sha384_begin(cx); sha384_hash(data, len, cx); sha384_end(hval, cx); |
531 | } | 531 | } |
532 | 532 | ||
533 | #endif | 533 | #endif |
534 | 534 | ||
535 | #if defined(SHA_2) || defined(SHA_512) | 535 | #if defined(SHA_2) || defined(SHA_512) |
536 | 536 | ||
537 | /* SHA512 initialisation data */ | 537 | /* SHA512 initialisation data */ |
538 | 538 | ||
539 | const sha2_64t i512[80] = | 539 | const sha2_64t i512[80] = |
540 | { | 540 | { |
541 | n_u64(6a09e667f3bcc908), n_u64(bb67ae8584caa73b), | 541 | n_u64(6a09e667f3bcc908), n_u64(bb67ae8584caa73b), |
542 | n_u64(3c6ef372fe94f82b), n_u64(a54ff53a5f1d36f1), | 542 | n_u64(3c6ef372fe94f82b), n_u64(a54ff53a5f1d36f1), |
543 | n_u64(510e527fade682d1), n_u64(9b05688c2b3e6c1f), | 543 | n_u64(510e527fade682d1), n_u64(9b05688c2b3e6c1f), |
544 | n_u64(1f83d9abfb41bd6b), n_u64(5be0cd19137e2179) | 544 | n_u64(1f83d9abfb41bd6b), n_u64(5be0cd19137e2179) |
545 | }; | 545 | }; |
546 | 546 | ||
547 | sha2_void sha512_begin(sha512_ctx ctx[1]) | 547 | sha2_void sha512_begin(sha512_ctx ctx[1]) |
548 | { | 548 | { |
549 | ctx->count[0] = ctx->count[1] = 0; | 549 | ctx->count[0] = ctx->count[1] = 0; |
550 | memcpy(ctx->hash, i512, 8 * sizeof(sha2_64t)); | 550 | memcpy(ctx->hash, i512, 8 * sizeof(sha2_64t)); |
551 | } | 551 | } |
552 | 552 | ||
553 | sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1]) | 553 | sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1]) |
554 | { | 554 | { |
555 | sha_end(hval, ctx, SHA512_DIGEST_SIZE); | 555 | sha_end(hval, ctx, SHA512_DIGEST_SIZE); |
556 | } | 556 | } |
557 | 557 | ||
558 | sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len) | 558 | sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len) |
559 | { sha512_ctx cx[1]; | 559 | { sha512_ctx cx[1]; |
560 | 560 | ||
561 | sha512_begin(cx); sha512_hash(data, len, cx); sha512_end(hval, cx); | 561 | sha512_begin(cx); sha512_hash(data, len, cx); sha512_end(hval, cx); |
562 | } | 562 | } |
563 | 563 | ||
564 | #endif | 564 | #endif |
565 | 565 | ||
566 | #if defined(SHA_2) | 566 | #if defined(SHA_2) |
567 | 567 | ||
568 | #define CTX_256(x) ((x)->uu->ctx256) | 568 | #define CTX_256(x) ((x)->uu->ctx256) |
569 | #define CTX_384(x) ((x)->uu->ctx512) | 569 | #define CTX_384(x) ((x)->uu->ctx512) |
570 | #define CTX_512(x) ((x)->uu->ctx512) | 570 | #define CTX_512(x) ((x)->uu->ctx512) |
571 | 571 | ||
572 | /* SHA2 initialisation */ | 572 | /* SHA2 initialisation */ |
573 | 573 | ||
574 | sha2_int sha2_begin(unsigned long len, sha2_ctx ctx[1]) | 574 | sha2_int sha2_begin(unsigned long len, sha2_ctx ctx[1]) |
575 | { unsigned long l = len; | 575 | { unsigned long l = len; |
576 | switch(len) | 576 | switch(len) |
577 | { | 577 | { |
578 | case 256: l = len >> 3; | 578 | case 256: l = len >> 3; |
579 | case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; | 579 | case 32: CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0; |
580 | memcpy(CTX_256(ctx)->hash, i256, 32); break; | 580 | memcpy(CTX_256(ctx)->hash, i256, 32); break; |
581 | case 384: l = len >> 3; | 581 | case 384: l = len >> 3; |
582 | case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0; | 582 | case 48: CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0; |
583 | memcpy(CTX_384(ctx)->hash, i384, 64); break; | 583 | memcpy(CTX_384(ctx)->hash, i384, 64); break; |
584 | case 512: l = len >> 3; | 584 | case 512: l = len >> 3; |
585 | case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0; | 585 | case 64: CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0; |
586 | memcpy(CTX_512(ctx)->hash, i512, 64); break; | 586 | memcpy(CTX_512(ctx)->hash, i512, 64); break; |
587 | default: return SHA2_BAD; | 587 | default: return SHA2_BAD; |
588 | } | 588 | } |
589 | 589 | ||
590 | ctx->sha2_len = l; return SHA2_GOOD; | 590 | ctx->sha2_len = l; return SHA2_GOOD; |
591 | } | 591 | } |
592 | 592 | ||
593 | sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]) | 593 | sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]) |
594 | { | 594 | { |
595 | switch(ctx->sha2_len) | 595 | switch(ctx->sha2_len) |
596 | { | 596 | { |
597 | case 32: sha256_hash(data, len, CTX_256(ctx)); return; | 597 | case 32: sha256_hash(data, len, CTX_256(ctx)); return; |
598 | case 48: sha384_hash(data, len, CTX_384(ctx)); return; | 598 | case 48: sha384_hash(data, len, CTX_384(ctx)); return; |
599 | case 64: sha512_hash(data, len, CTX_512(ctx)); return; | 599 | case 64: sha512_hash(data, len, CTX_512(ctx)); return; |
600 | } | 600 | } |
601 | } | 601 | } |
602 | 602 | ||
603 | sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1]) | 603 | sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1]) |
604 | { | 604 | { |
605 | switch(ctx->sha2_len) | 605 | switch(ctx->sha2_len) |
606 | { | 606 | { |
607 | case 32: sha256_end(hval, CTX_256(ctx)); return; | 607 | case 32: sha256_end(hval, CTX_256(ctx)); return; |
608 | case 48: sha_end(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return; | 608 | case 48: sha_end(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return; |
609 | case 64: sha_end(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return; | 609 | case 64: sha_end(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return; |
610 | } | 610 | } |
611 | } | 611 | } |
612 | 612 | ||
613 | sha2_int sha2(unsigned char hval[], unsigned long size, | 613 | sha2_int sha2(unsigned char hval[], unsigned long size, |
614 | const unsigned char data[], unsigned long len) | 614 | const unsigned char data[], unsigned long len) |
615 | { sha2_ctx cx[1]; | 615 | { sha2_ctx cx[1]; |
616 | 616 | ||
617 | if(sha2_begin(size, cx) == SHA2_GOOD) | 617 | if(sha2_begin(size, cx) == SHA2_GOOD) |
618 | { | 618 | { |
619 | sha2_hash(data, len, cx); sha2_end(hval, cx); return SHA2_GOOD; | 619 | sha2_hash(data, len, cx); sha2_end(hval, cx); return SHA2_GOOD; |
620 | } | 620 | } |
621 | else | 621 | else |
622 | return SHA2_BAD; | 622 | return SHA2_BAD; |
623 | } | 623 | } |
624 | 624 | ||
625 | #endif | 625 | #endif |
626 | 626 | ||
diff --git a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.h b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.h index 34e84aa..006dd62 100644 --- a/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.h +++ b/libraries/irrlicht-1.8/source/Irrlicht/aesGladman/sha2.h | |||
@@ -1,160 +1,160 @@ | |||
1 | /* | 1 | /* |
2 | --------------------------------------------------------------------------- | 2 | --------------------------------------------------------------------------- |
3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. | 3 | Copyright (c) 2002, Dr Brian Gladman < >, Worcester, UK. |
4 | All rights reserved. | 4 | All rights reserved. |
5 | 5 | ||
6 | LICENSE TERMS | 6 | LICENSE TERMS |
7 | 7 | ||
8 | The free distribution and use of this software in both source and binary | 8 | The free distribution and use of this software in both source and binary |
9 | form is allowed (with or without changes) provided that: | 9 | form is allowed (with or without changes) provided that: |
10 | 10 | ||
11 | 1. distributions of this source code include the above copyright | 11 | 1. distributions of this source code include the above copyright |
12 | notice, this list of conditions and the following disclaimer; | 12 | notice, this list of conditions and the following disclaimer; |
13 | 13 | ||
14 | 2. distributions in binary form include the above copyright | 14 | 2. distributions in binary form include the above copyright |
15 | notice, this list of conditions and the following disclaimer | 15 | notice, this list of conditions and the following disclaimer |
16 | in the documentation and/or other associated materials; | 16 | in the documentation and/or other associated materials; |
17 | 17 | ||
18 | 3. the copyright holder's name is not used to endorse products | 18 | 3. the copyright holder's name is not used to endorse products |
19 | built using this software without specific written permission. | 19 | built using this software without specific written permission. |
20 | 20 | ||
21 | ALTERNATIVELY, provided that this notice is retained in full, this product | 21 | ALTERNATIVELY, provided that this notice is retained in full, this product |
22 | may be distributed under the terms of the GNU General Public License (GPL), | 22 | may be distributed under the terms of the GNU General Public License (GPL), |
23 | in which case the provisions of the GPL apply INSTEAD OF those given above. | 23 | in which case the provisions of the GPL apply INSTEAD OF those given above. |
24 | 24 | ||
25 | DISCLAIMER | 25 | DISCLAIMER |
26 | 26 | ||
27 | This software is provided 'as is' with no explicit or implied warranties | 27 | This software is provided 'as is' with no explicit or implied warranties |
28 | in respect of its properties, including, but not limited to, correctness | 28 | in respect of its properties, including, but not limited to, correctness |
29 | and/or fitness for purpose. | 29 | and/or fitness for purpose. |
30 | --------------------------------------------------------------------------- | 30 | --------------------------------------------------------------------------- |
31 | Issue Date: 26/08/2003 | 31 | Issue Date: 26/08/2003 |
32 | */ | 32 | */ |
33 | 33 | ||
34 | #ifndef _SHA2_H | 34 | #ifndef _SHA2_H |
35 | #define _SHA2_H | 35 | #define _SHA2_H |
36 | 36 | ||
37 | #include "irrMath.h" | 37 | #include "irrMath.h" |
38 | 38 | ||
39 | /* Defines for suffixes to 32 and 64 bit unsigned numeric values */ | 39 | /* Defines for suffixes to 32 and 64 bit unsigned numeric values */ |
40 | 40 | ||
41 | #define sfx_lo(x,y) x##y | 41 | #define sfx_lo(x,y) x##y |
42 | #define sfx_hi(x,y) sfx_lo(x,y) | 42 | #define sfx_hi(x,y) sfx_lo(x,y) |
43 | #define n_u32(p) sfx_hi(0x##p,s_u32) | 43 | #define n_u32(p) sfx_hi(0x##p,s_u32) |
44 | #define n_u64(p) sfx_hi(0x##p,s_u64) | 44 | #define n_u64(p) sfx_hi(0x##p,s_u64) |
45 | 45 | ||
46 | /* define an unsigned 32-bit type */ | 46 | /* define an unsigned 32-bit type */ |
47 | 47 | ||
48 | #if UINT_MAX == 0xffffffff | 48 | #if UINT_MAX == 0xffffffff |
49 | typedef unsigned int sha2_32t; | 49 | typedef unsigned int sha2_32t; |
50 | #define s_u32 u | 50 | #define s_u32 u |
51 | #elif ULONG_MAX == 0xffffffff | 51 | #elif ULONG_MAX == 0xffffffff |
52 | typedef unsigned long sha2_32t; | 52 | typedef unsigned long sha2_32t; |
53 | #define s_u32 ul | 53 | #define s_u32 ul |
54 | #else | 54 | #else |
55 | #error Please define sha2_32t as an unsigned 32 bit type in sha2.h | 55 | #error Please define sha2_32t as an unsigned 32 bit type in sha2.h |
56 | #endif | 56 | #endif |
57 | 57 | ||
58 | /* define an unsigned 64-bit type */ | 58 | /* define an unsigned 64-bit type */ |
59 | 59 | ||
60 | #ifdef _MSC_VER | 60 | #ifdef _MSC_VER |
61 | #if _MSC_VER < 1300 | 61 | #if _MSC_VER < 1300 |
62 | typedef unsigned __int64 sha2_64t; | 62 | typedef unsigned __int64 sha2_64t; |
63 | #define s_u64 ui64 | 63 | #define s_u64 ui64 |
64 | #elif ULONG_MAX == 0xffffffffffffffff | 64 | #elif ULONG_MAX == 0xffffffffffffffff |
65 | typedef unsigned long sha2_64t; | 65 | typedef unsigned long sha2_64t; |
66 | #define s_u64 ul | 66 | #define s_u64 ul |
67 | #elif ULONG_MAX == 0xffffffff | 67 | #elif ULONG_MAX == 0xffffffff |
68 | typedef unsigned long long sha2_64t; /* a somewhat dangerous guess */ | 68 | typedef unsigned long long sha2_64t; /* a somewhat dangerous guess */ |
69 | #define s_u64 ull | 69 | #define s_u64 ull |
70 | #else | 70 | #else |
71 | #error Please define sha2_64t as an unsigned 64 bit type in sha2.h | 71 | #error Please define sha2_64t as an unsigned 64 bit type in sha2.h |
72 | #endif | 72 | #endif |
73 | #else | 73 | #else |
74 | #ifdef _IRR_SOLARIS_PLATFORM_ | 74 | #ifdef _IRR_SOLARIS_PLATFORM_ |
75 | #include <sys/int_types.h> | 75 | #include <sys/int_types.h> |
76 | #else | 76 | #else |
77 | #include <stdint.h> | 77 | #include <stdint.h> |
78 | #endif | 78 | #endif |
79 | typedef int64_t sha2_64t; | 79 | typedef int64_t sha2_64t; |
80 | #if __WORDSIZE==64 | 80 | #if __WORDSIZE==64 |
81 | #define s_u64 ul | 81 | #define s_u64 ul |
82 | #else | 82 | #else |
83 | #define s_u64 ull | 83 | #define s_u64 ull |
84 | #endif | 84 | #endif |
85 | #endif | 85 | #endif |
86 | 86 | ||
87 | #define SHA256_DIGEST_SIZE 32 | 87 | #define SHA256_DIGEST_SIZE 32 |
88 | #define SHA384_DIGEST_SIZE 48 | 88 | #define SHA384_DIGEST_SIZE 48 |
89 | #define SHA512_DIGEST_SIZE 64 | 89 | #define SHA512_DIGEST_SIZE 64 |
90 | 90 | ||
91 | #define SHA256_BLOCK_SIZE 64 | 91 | #define SHA256_BLOCK_SIZE 64 |
92 | #define SHA384_BLOCK_SIZE 128 | 92 | #define SHA384_BLOCK_SIZE 128 |
93 | #define SHA512_BLOCK_SIZE 128 | 93 | #define SHA512_BLOCK_SIZE 128 |
94 | 94 | ||
95 | #define SHA2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE | 95 | #define SHA2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE |
96 | 96 | ||
97 | #define SHA2_GOOD 0 | 97 | #define SHA2_GOOD 0 |
98 | #define SHA2_BAD 1 | 98 | #define SHA2_BAD 1 |
99 | 99 | ||
100 | /* type to hold the SHA256 context */ | 100 | /* type to hold the SHA256 context */ |
101 | 101 | ||
102 | typedef struct | 102 | typedef struct |
103 | { sha2_32t count[2]; | 103 | { sha2_32t count[2]; |
104 | sha2_32t hash[8]; | 104 | sha2_32t hash[8]; |
105 | sha2_32t wbuf[16]; | 105 | sha2_32t wbuf[16]; |
106 | } sha256_ctx; | 106 | } sha256_ctx; |
107 | 107 | ||
108 | /* type to hold the SHA384/512 context */ | 108 | /* type to hold the SHA384/512 context */ |
109 | 109 | ||
110 | typedef struct | 110 | typedef struct |
111 | { sha2_64t count[2]; | 111 | { sha2_64t count[2]; |
112 | sha2_64t hash[8]; | 112 | sha2_64t hash[8]; |
113 | sha2_64t wbuf[16]; | 113 | sha2_64t wbuf[16]; |
114 | } sha512_ctx; | 114 | } sha512_ctx; |
115 | 115 | ||
116 | typedef sha512_ctx sha384_ctx; | 116 | typedef sha512_ctx sha384_ctx; |
117 | 117 | ||
118 | /* type to hold a SHA2 context (256/384/512) */ | 118 | /* type to hold a SHA2 context (256/384/512) */ |
119 | 119 | ||
120 | typedef struct | 120 | typedef struct |
121 | { union | 121 | { union |
122 | { sha256_ctx ctx256[1]; | 122 | { sha256_ctx ctx256[1]; |
123 | sha512_ctx ctx512[1]; | 123 | sha512_ctx ctx512[1]; |
124 | } uu[1]; | 124 | } uu[1]; |
125 | sha2_32t sha2_len; | 125 | sha2_32t sha2_len; |
126 | } sha2_ctx; | 126 | } sha2_ctx; |
127 | 127 | ||
128 | #ifndef SHA2_DLL /* implement normal or DLL functions */ | 128 | #ifndef SHA2_DLL /* implement normal or DLL functions */ |
129 | #define sha2_void void | 129 | #define sha2_void void |
130 | #define sha2_int int | 130 | #define sha2_int int |
131 | #else | 131 | #else |
132 | #define sha2_void void __declspec(dllexport) _stdcall | 132 | #define sha2_void void __declspec(dllexport) _stdcall |
133 | #define sha2_int int __declspec(dllexport) _stdcall | 133 | #define sha2_int int __declspec(dllexport) _stdcall |
134 | #endif | 134 | #endif |
135 | 135 | ||
136 | sha2_void sha256_compile(sha256_ctx ctx[1]); | 136 | sha2_void sha256_compile(sha256_ctx ctx[1]); |
137 | sha2_void sha512_compile(sha512_ctx ctx[1]); | 137 | sha2_void sha512_compile(sha512_ctx ctx[1]); |
138 | 138 | ||
139 | sha2_void sha256_begin(sha256_ctx ctx[1]); | 139 | sha2_void sha256_begin(sha256_ctx ctx[1]); |
140 | sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]); | 140 | sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1]); |
141 | sha2_void sha256_end(unsigned char hval[], sha256_ctx ctx[1]); | 141 | sha2_void sha256_end(unsigned char hval[], sha256_ctx ctx[1]); |
142 | sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len); | 142 | sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len); |
143 | 143 | ||
144 | sha2_void sha384_begin(sha384_ctx ctx[1]); | 144 | sha2_void sha384_begin(sha384_ctx ctx[1]); |
145 | #define sha384_hash sha512_hash | 145 | #define sha384_hash sha512_hash |
146 | sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); | 146 | sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1]); |
147 | sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len); | 147 | sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len); |
148 | 148 | ||
149 | sha2_void sha512_begin(sha512_ctx ctx[1]); | 149 | sha2_void sha512_begin(sha512_ctx ctx[1]); |
150 | sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]); | 150 | sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1]); |
151 | sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); | 151 | sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1]); |
152 | sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len); | 152 | sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len); |
153 | 153 | ||
154 | sha2_int sha2_begin(unsigned long size, sha2_ctx ctx[1]); | 154 | sha2_int sha2_begin(unsigned long size, sha2_ctx ctx[1]); |
155 | sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]); | 155 | sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1]); |
156 | sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); | 156 | sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1]); |
157 | sha2_int sha2(unsigned char hval[], unsigned long size, const unsigned char data[], unsigned long len); | 157 | sha2_int sha2(unsigned char hval[], unsigned long size, const unsigned char data[], unsigned long len); |
158 | 158 | ||
159 | #endif | 159 | #endif |
160 | 160 | ||