Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Brian Smith
nettle
Commits
1c91b6a7
Commit
1c91b6a7
authored
Feb 12, 2002
by
Niels Möller
Browse files
* aes.c (aes_encrypt): Interleave computation and output in the
final round. Rev: src/nettle/aes.c:1.7
parent
97a2a0f1
Changes
1
Hide whitespace changes
Inline
Side-by-side
aes.c
View file @
1c91b6a7
...
...
@@ -58,9 +58,7 @@ aes_encrypt(struct aes_ctx *ctx,
unsigned
length
,
uint8_t
*
dst
,
const
uint8_t
*
src
)
{
assert
(
!
(
length
%
AES_BLOCK_SIZE
));
for
(;
length
;
length
-=
AES_BLOCK_SIZE
)
FOR_BLOCKS
(
length
,
dst
,
src
,
AES_BLOCK_SIZE
)
{
uint32_t
wtxt
[
4
];
/* working ciphertext */
unsigned
i
;
...
...
@@ -68,8 +66,8 @@ aes_encrypt(struct aes_ctx *ctx,
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
for
(
i
=
0
;
i
<
4
;
i
++
,
src
+=
4
)
wtxt
[
i
]
=
LE_READ_UINT32
(
src
)
^
ctx
->
keys
[
i
];
for
(
i
=
0
;
i
<
4
;
i
++
)
wtxt
[
i
]
=
LE_READ_UINT32
(
src
+
4
*
i
)
^
ctx
->
keys
[
i
];
for
(
round
=
1
;
round
<
ctx
->
nrounds
;
round
++
)
{
...
...
@@ -109,10 +107,10 @@ aes_encrypt(struct aes_ctx *ctx,
#if AES_SMALL
for
(
j
=
0
;
j
<
4
;
j
++
)
t
[
j
]
=
dtbl
[
0
][
wtxt
[
j
]
&
0xff
]
^
ROTRBYTE
(
dtbl
[
0
][(
wtxt
[
idx
[
1
][
j
]]
>>
8
)
&
0xff
]
^
ROTRBYTE
(
dtbl
[
0
][(
wtxt
[
idx
[
2
][
j
]]
>>
16
)
&
0xff
]
^
ROTRBYTE
(
dtbl
[
0
][(
wtxt
[
idx
[
3
][
j
]]
>>
24
)
&
0xff
])));
t
[
j
]
=
dtbl
[
0
][
B0
(
wtxt
[
j
]
)
]
^
ROTRBYTE
(
dtbl
[
0
][
B1
(
wtxt
[
idx
[
1
][
j
]]
)
]
^
ROTRBYTE
(
dtbl
[
0
][
B2
(
wtxt
[
idx
[
2
][
j
]]
)
]
^
ROTRBYTE
(
dtbl
[
0
][
B3
(
wtxt
[
idx
[
3
][
j
]]
)
])));
#else
/* !AES_SMALL */
/* FIXME: Figure out how the indexing should really be done.
...
...
@@ -147,46 +145,43 @@ aes_encrypt(struct aes_ctx *ctx,
}
/* Final round */
{
uint32_t
t
[
4
];
unsigned
j
;
uint32_t
cipher
;
#if DEBUG
fprintf
(
stderr
,
"round: %d
\n
wtxt: "
,
round
);
for
(
j
=
0
;
j
<
4
;
j
++
)
fprintf
(
stderr
,
"%08x, "
,
wtxt
[
j
]);
fprintf
(
stderr
,
"
\n
key: "
);
for
(
j
=
0
;
j
<
4
;
j
++
)
fprintf
(
stderr
,
"%08x, "
,
ctx
->
keys
[
4
*
round
+
j
]);
fprintf
(
stderr
,
"
\n\n
"
);
#endif
/* FIXME: Figure out how the indexing should really be done.
* It looks like this code shifts the rows in the wrong
* direction, but it passes the testsuite. */
t
[
0
]
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
0
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
1
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
2
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
3
])
]
<<
24
));
t
[
3
]
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
3
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
0
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
1
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
2
])
]
<<
24
));
t
[
2
]
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
2
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
3
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
0
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
1
])
]
<<
24
));
t
[
1
]
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
1
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
2
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
3
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
0
])
]
<<
24
));
for
(
j
=
0
;
j
<
4
;
j
++
)
{
uint32_t
cipher
=
t
[
j
]
^
ctx
->
keys
[
4
*
round
+
j
];
#if DEBUG
fprintf
(
stderr
,
"cipher[%d]: %08x
\n
"
,
j
,
cipher
);
#endif
LE_WRITE_UINT32
(
dst
,
cipher
);
dst
+=
4
;
}
cipher
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
0
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
1
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
2
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
3
])
]
<<
24
))
^
ctx
->
keys
[
4
*
round
];
LE_WRITE_UINT32
(
dst
,
cipher
);
cipher
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
1
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
2
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
3
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
0
])
]
<<
24
))
^
ctx
->
keys
[
4
*
round
+
1
];
LE_WRITE_UINT32
(
dst
+
4
,
cipher
);
cipher
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
2
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
3
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
0
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
1
])
]
<<
24
))
^
ctx
->
keys
[
4
*
round
+
2
];
LE_WRITE_UINT32
(
dst
+
8
,
cipher
);
cipher
=
(
(
uint32_t
)
sbox
[
B0
(
wtxt
[
3
])
]
|
((
uint32_t
)
sbox
[
B1
(
wtxt
[
0
])
]
<<
8
)
|
((
uint32_t
)
sbox
[
B2
(
wtxt
[
1
])
]
<<
16
)
|
((
uint32_t
)
sbox
[
B3
(
wtxt
[
2
])
]
<<
24
))
^
ctx
->
keys
[
4
*
round
+
3
];
LE_WRITE_UINT32
(
dst
+
12
,
cipher
);
}
}
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment