Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • nettle/nettle
  • briansmith/nettle
  • ajlawrence/nettle
  • mhoffmann/nettle
  • devnexen/nettle
  • wiml/nettle
  • lumag/nettle
  • michaelweiser/nettle
  • aberaud/nettle
  • mamonet/nettle
  • npocs/nettle
  • babelouest/nettle
  • ueno/nettle
  • rth/nettle
14 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 951 additions and 968 deletions
aes-decrypt-table.c
View file @ 89bbf8c0
/* aes-decrypt-table.c
*
* Encryption table for the aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
Decryption function for aes/rijndael block cipher.
Copyright (C) 2002, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <stdlib.h>
#include "aes-internal.h"
const struct aes_table
_aes_decrypt_table =
_nettle_aes_decrypt_table =
{ /* isbox */
{
0x52,0x09,0x6a,0xd5,0x30,0x36,0xa5,0x38,
......@@ -66,15 +76,8 @@ _aes_decrypt_table =
0x17,0x2b,0x04,0x7e,0xba,0x77,0xd6,0x26,
0xe1,0x69,0x14,0x63,0x55,0x21,0x0c,0x7d,
},
{ /* idx */
{ 3, 0, 1, 2 },
{ 2, 3, 0, 1 },
{ 1, 2, 3, 0 } },
{ /* sparc_idx, explained in aes-internal.h */
{ 14, 2, 6, 10 },
{ 4, 8, 12, 0 } },
{ /* itable */
{
{
0x50a7f451,0x5365417e,0xc3a4171a,0x965e273a,
0xcb6bab3b,0xf1459d1f,0xab58faac,0x9303e34b,
0x55fa3020,0xf66d76ad,0x9176cc88,0x254c02f5,
......@@ -337,6 +340,6 @@ _aes_decrypt_table =
0x397101a8,0x08deb30c,0xd89ce4b4,0x6490c156,
0x7b6184cb,0xd570b632,0x48745c6c,0xd04257b8,
},
#endif /* !AES_SMALL */
#endif /* !AES_SMALL */
}
};
aes-decrypt.c deleted 100644 → 0
View file @ a62d9f3d
/* aes-decrypt.c
*
* Decryption function for aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
void
aes_decrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
_aes_crypt(ctx, &_aes_decrypt_table,
length, dst, src);
}
aes-encrypt-internal.c 0 → 100644
View file @ 89bbf8c0
/* aes-encrypt-internal.c
Encryption function for the aes/rijndael block cipher.
Copyright (C) 2002, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
#include "macros.h"
/* For fat builds */
#if HAVE_NATIVE_aes_encrypt
void
_nettle_aes_encrypt_c(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src);
#define _nettle_aes_encrypt _nettle_aes_encrypt_c
#endif
void
_nettle_aes_encrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src)
{
FOR_BLOCKS(length, dst, src, AES_BLOCK_SIZE)
{
uint32_t w0, w1, w2, w3; /* working ciphertext */
uint32_t t0, t1, t2, t3;
unsigned i;
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
w0 = LE_READ_UINT32(src) ^ keys[0];
w1 = LE_READ_UINT32(src + 4) ^ keys[1];
w2 = LE_READ_UINT32(src + 8) ^ keys[2];
w3 = LE_READ_UINT32(src + 12) ^ keys[3];
for (i = 1; i < rounds; i++)
{
t0 = AES_ROUND(T, w0, w1, w2, w3, keys[4*i]);
t1 = AES_ROUND(T, w1, w2, w3, w0, keys[4*i + 1]);
t2 = AES_ROUND(T, w2, w3, w0, w1, keys[4*i + 2]);
t3 = AES_ROUND(T, w3, w0, w1, w2, keys[4*i + 3]);
/* We could unroll the loop twice, to avoid these
assignments. If all eight variables fit in registers,
that should give a slight speedup. */
w0 = t0;
w1 = t1;
w2 = t2;
w3 = t3;
}
/* Final round */
t0 = AES_FINAL_ROUND(T, w0, w1, w2, w3, keys[4*i]);
t1 = AES_FINAL_ROUND(T, w1, w2, w3, w0, keys[4*i + 1]);
t2 = AES_FINAL_ROUND(T, w2, w3, w0, w1, keys[4*i + 2]);
t3 = AES_FINAL_ROUND(T, w3, w0, w1, w2, keys[4*i + 3]);
LE_WRITE_UINT32(dst, t0);
LE_WRITE_UINT32(dst + 4, t1);
LE_WRITE_UINT32(dst + 8, t2);
LE_WRITE_UINT32(dst + 12, t3);
}
}
/* Some stats, all for AES 128:
A. Table-driven indexing (the approach of the old unified
_aes_crypt function).
B. Unrolling the j-loop.
C. Eliminated the use of IDXk(j) in the main loop.
D. Put wtxt in four scalar variables.
E. Also put t in four scalar variables.
P4 2.2 GHz AMD Duron 1.4GHz
MB/s code size
A 35.9 0x202 17 MB/s
B 37.3 0x334
C 33.0 0x2a7
D 40.7 0x3f9
E 42.9 0x44a 26 MB/s
*/
aes-encrypt-table.c
View file @ 89bbf8c0
/* aes-encrypt-table.c
*
* Encryption table for the aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
Encryption table for the aes/rijndael block cipher.
Copyright (C) 2002 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
......@@ -41,7 +49,7 @@
* consistent with the row numbering. */
const struct aes_table
_aes_encrypt_table =
_nettle_aes_encrypt_table =
{ /* sbox */
{
0x63,0x7c,0x77,0x7b,0xf2,0x6b,0x6f,0xc5,
......@@ -77,13 +85,6 @@ _aes_encrypt_table =
0x8c,0xa1,0x89,0x0d,0xbf,0xe6,0x42,0x68,
0x41,0x99,0x2d,0x0f,0xb0,0x54,0xbb,0x16,
},
{ /* idx */
{ 1, 2, 3, 0 },
{ 2, 3, 0, 1 },
{ 3, 0, 1, 2 } },
{ /* sparc_idx, explained in aes-internal.h */
{ 6, 10, 14, 2 },
{ 12, 0, 4, 8 } },
{ /* dtable */
{
0xa56363c6,0x847c7cf8,0x997777ee,0x8d7b7bf6,
......
aes-encrypt.c deleted 100644 → 0
View file @ a62d9f3d
/* aes-encrypt.c
*
* Encryption function for the aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* On my sparc, encryption is significantly slower than decryption,
* even though the *only* difference is which table is passed to _aes_crypt.
*
* Really strange.
*/
void
aes_encrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
_aes_crypt(ctx, &_aes_encrypt_table,
length, dst, src);
}
aes-internal.h
View file @ 89bbf8c0
/* aes-internal.h
*
* The aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
The aes/rijndael block cipher.
Copyright (C) 2001, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#ifndef NETTLE_AES_INTERNAL_H_INCLUDED
#define NETTLE_AES_INTERNAL_H_INCLUDED
......@@ -39,54 +47,59 @@
# define AES_TABLE_SIZE 4
#endif
/* Name mangling */
#define _aes_crypt _nettle_aes_crypt
/* Assembler code using the table should get link errors if linked
* against a small table. */
#if AES_SMALL
# define _aes_encrypt_table _nettle_aes_encrypt_table_small
# define _aes_decrypt_table _nettle_aes_decrypt_table_small
#else
# define _aes_encrypt_table _nettle_aes_encrypt_table
# define _aes_decrypt_table _nettle_aes_decrypt_table
#endif
struct aes_table
{
uint8_t sbox[0x100];
unsigned idx[3][4];
/* Variant of the idx array suitable for the sparc
* assembler code.
*
* sparc_idx[0][i] = idx[0][i] * 4 + 2
* sparc_idx[1][i] = idx[2][i] * 4
*/
unsigned sparc_idx [2][4];
uint32_t table[AES_TABLE_SIZE][0x100];
};
void
_aes_crypt(const struct aes_ctx *ctx,
const struct aes_table *T,
unsigned length, uint8_t *dst,
const uint8_t *src);
_nettle_aes_set_key(unsigned nr, unsigned nk,
uint32_t *subkeys, const uint8_t *key);
void
_nettle_aes_invert(unsigned rounds, uint32_t *dst, const uint32_t *src);
void
_nettle_aes_encrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src);
/* The keys pointer points at the subkeys for the first decrypt round,
located at the end of the array. */
void
_nettle_aes_decrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src);
/* Macros */
#define ROTBYTE(x) (((x) >> 8) | (((x) & 0xff) << 24))
#define ROTRBYTE(x) (((x) << 8) | (((x) >> 24) & 0xff))
#define SUBBYTE(x, box) (((box)[((x) & 0xff)]) | \
((box)[(((x) >> 8) & 0xff)] << 8) | \
((box)[(((x) >> 16) & 0xff)] << 16) | \
((box)[(((x) >> 24) & 0xff)] << 24))
/* Internal tables */
extern const struct aes_table _aes_encrypt_table;
extern const struct aes_table _aes_decrypt_table;
#define aes_sbox (_aes_encrypt_table.sbox)
/* Get the byte with index 0, 1, 2 and 3 */
#define B0(x) ((x) & 0xff)
#define B1(x) (((x) >> 8) & 0xff)
#define B2(x) (((x) >> 16) & 0xff)
#define B3(x) (((x) >> 24) & 0xff)
#define SUBBYTE(x, box) ((uint32_t)(box)[B0(x)] \
| ((uint32_t)(box)[B1(x)] << 8) \
| ((uint32_t)(box)[B2(x)] << 16) \
| ((uint32_t)(box)[B3(x)] << 24))
#define AES_ROUND(T, w0, w1, w2, w3, k) \
(( T->table[0][ B0(w0) ] \
^ T->table[1][ B1(w1) ] \
^ T->table[2][ B2(w2) ] \
^ T->table[3][ B3(w3) ]) ^ (k))
#define AES_FINAL_ROUND(T, w0, w1, w2, w3, k) \
(( (uint32_t) T->sbox[ B0(w0) ] \
| ((uint32_t) T->sbox[ B1(w1) ] << 8) \
| ((uint32_t) T->sbox[ B2(w2) ] << 16) \
| ((uint32_t) T->sbox[ B3(w3) ] << 24)) ^ (k))
extern const struct aes_table _nettle_aes_encrypt_table;
#define aes_sbox (_nettle_aes_encrypt_table.sbox)
extern const struct aes_table _nettle_aes_decrypt_table;
#endif /* NETTLE_AES_INTERNAL_H_INCLUDED */
aes-invert-internal.c 0 → 100644
View file @ 89bbf8c0
/* aes-invert-internal.c
Inverse key setup for the aes/rijndael block cipher.
Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Möller
Copyright (C) 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "aes-internal.h"
#include "macros.h"
/* For fat builds */
#if HAVE_NATIVE_aes_invert
void
_nettle_aes_invert_c(unsigned rounds, uint32_t *dst, const uint32_t *src);
#define _nettle_aes_invert _nettle_aes_invert_c
#endif
/* NOTE: We don't include rotated versions of the table. */
static const uint32_t mtable[0x100] =
{
0x00000000,0x0b0d090e,0x161a121c,0x1d171b12,
0x2c342438,0x27392d36,0x3a2e3624,0x31233f2a,
0x58684870,0x5365417e,0x4e725a6c,0x457f5362,
0x745c6c48,0x7f516546,0x62467e54,0x694b775a,
0xb0d090e0,0xbbdd99ee,0xa6ca82fc,0xadc78bf2,
0x9ce4b4d8,0x97e9bdd6,0x8afea6c4,0x81f3afca,
0xe8b8d890,0xe3b5d19e,0xfea2ca8c,0xf5afc382,
0xc48cfca8,0xcf81f5a6,0xd296eeb4,0xd99be7ba,
0x7bbb3bdb,0x70b632d5,0x6da129c7,0x66ac20c9,
0x578f1fe3,0x5c8216ed,0x41950dff,0x4a9804f1,
0x23d373ab,0x28de7aa5,0x35c961b7,0x3ec468b9,
0x0fe75793,0x04ea5e9d,0x19fd458f,0x12f04c81,
0xcb6bab3b,0xc066a235,0xdd71b927,0xd67cb029,
0xe75f8f03,0xec52860d,0xf1459d1f,0xfa489411,
0x9303e34b,0x980eea45,0x8519f157,0x8e14f859,
0xbf37c773,0xb43ace7d,0xa92dd56f,0xa220dc61,
0xf66d76ad,0xfd607fa3,0xe07764b1,0xeb7a6dbf,
0xda595295,0xd1545b9b,0xcc434089,0xc74e4987,
0xae053edd,0xa50837d3,0xb81f2cc1,0xb31225cf,
0x82311ae5,0x893c13eb,0x942b08f9,0x9f2601f7,
0x46bde64d,0x4db0ef43,0x50a7f451,0x5baafd5f,
0x6a89c275,0x6184cb7b,0x7c93d069,0x779ed967,
0x1ed5ae3d,0x15d8a733,0x08cfbc21,0x03c2b52f,
0x32e18a05,0x39ec830b,0x24fb9819,0x2ff69117,
0x8dd64d76,0x86db4478,0x9bcc5f6a,0x90c15664,
0xa1e2694e,0xaaef6040,0xb7f87b52,0xbcf5725c,
0xd5be0506,0xdeb30c08,0xc3a4171a,0xc8a91e14,
0xf98a213e,0xf2872830,0xef903322,0xe49d3a2c,
0x3d06dd96,0x360bd498,0x2b1ccf8a,0x2011c684,
0x1132f9ae,0x1a3ff0a0,0x0728ebb2,0x0c25e2bc,
0x656e95e6,0x6e639ce8,0x737487fa,0x78798ef4,
0x495ab1de,0x4257b8d0,0x5f40a3c2,0x544daacc,
0xf7daec41,0xfcd7e54f,0xe1c0fe5d,0xeacdf753,
0xdbeec879,0xd0e3c177,0xcdf4da65,0xc6f9d36b,
0xafb2a431,0xa4bfad3f,0xb9a8b62d,0xb2a5bf23,
0x83868009,0x888b8907,0x959c9215,0x9e919b1b,
0x470a7ca1,0x4c0775af,0x51106ebd,0x5a1d67b3,
0x6b3e5899,0x60335197,0x7d244a85,0x7629438b,
0x1f6234d1,0x146f3ddf,0x097826cd,0x02752fc3,
0x335610e9,0x385b19e7,0x254c02f5,0x2e410bfb,
0x8c61d79a,0x876cde94,0x9a7bc586,0x9176cc88,
0xa055f3a2,0xab58faac,0xb64fe1be,0xbd42e8b0,
0xd4099fea,0xdf0496e4,0xc2138df6,0xc91e84f8,
0xf83dbbd2,0xf330b2dc,0xee27a9ce,0xe52aa0c0,
0x3cb1477a,0x37bc4e74,0x2aab5566,0x21a65c68,
0x10856342,0x1b886a4c,0x069f715e,0x0d927850,
0x64d90f0a,0x6fd40604,0x72c31d16,0x79ce1418,
0x48ed2b32,0x43e0223c,0x5ef7392e,0x55fa3020,
0x01b79aec,0x0aba93e2,0x17ad88f0,0x1ca081fe,
0x2d83bed4,0x268eb7da,0x3b99acc8,0x3094a5c6,
0x59dfd29c,0x52d2db92,0x4fc5c080,0x44c8c98e,
0x75ebf6a4,0x7ee6ffaa,0x63f1e4b8,0x68fcedb6,
0xb1670a0c,0xba6a0302,0xa77d1810,0xac70111e,
0x9d532e34,0x965e273a,0x8b493c28,0x80443526,
0xe90f427c,0xe2024b72,0xff155060,0xf418596e,
0xc53b6644,0xce366f4a,0xd3217458,0xd82c7d56,
0x7a0ca137,0x7101a839,0x6c16b32b,0x671bba25,
0x5638850f,0x5d358c01,0x40229713,0x4b2f9e1d,
0x2264e947,0x2969e049,0x347efb5b,0x3f73f255,
0x0e50cd7f,0x055dc471,0x184adf63,0x1347d66d,
0xcadc31d7,0xc1d138d9,0xdcc623cb,0xd7cb2ac5,
0xe6e815ef,0xede51ce1,0xf0f207f3,0xfbff0efd,
0x92b479a7,0x99b970a9,0x84ae6bbb,0x8fa362b5,
0xbe805d9f,0xb58d5491,0xa89a4f83,0xa397468d,
};
#define MIX_COLUMN(T, out, in) do { \
uint32_t _k, _nk, _t; \
_k = (in); \
_nk = T[_k & 0xff]; \
_k >>= 8; \
_t = T[_k & 0xff]; \
_nk ^= ROTL32(8, _t); \
_k >>= 8; \
_t = T[_k & 0xff]; \
_nk ^= ROTL32(16, _t); \
_k >>= 8; \
_t = T[_k & 0xff]; \
_nk ^= ROTL32(24, _t); \
(out) = _nk; \
} while(0)
#define SWAP(a, b) \
do { uint32_t t_swap = (a); (a) = (b); (b) = t_swap; } while(0)
void
_nettle_aes_invert(unsigned rounds, uint32_t *dst, const uint32_t *src)
{
unsigned i;
/* Transform all subkeys but the first and last. */
for (i = 4; i < 4 * rounds; i++)
MIX_COLUMN (mtable, dst[i], src[i]);
if (src != dst)
{
dst[0] = src[0]; dst[1] = src[1]; dst[2] = src[2]; dst[3] = src[3];
dst[i] = src[i]; dst[i+1] = src[i+1]; dst[i+2] = src[i+2]; dst[i+3] = src[i+3];
}
}
aes-meta.c deleted 100644 → 0
View file @ a62d9f3d
/* aes-meta.c */
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "nettle-meta.h"
#include "aes.h"
const struct nettle_cipher nettle_aes128
= _NETTLE_CIPHER_SEP(aes, AES, 128);
const struct nettle_cipher nettle_aes192
= _NETTLE_CIPHER_SEP(aes, AES, 192);
const struct nettle_cipher nettle_aes256
= _NETTLE_CIPHER_SEP(aes, AES, 256);
aes-set-decrypt-key.c deleted 100644 → 0
View file @ a62d9f3d
/* aes-set-decrypt-key.c
*
* Inverse key setup for the aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "aes-internal.h"
/* Tables for computations in the AES GF2 field. */
static const uint8_t log[0x100] =
{
0x00,0x00,0x19,0x01,0x32,0x02,0x1a,0xc6,
0x4b,0xc7,0x1b,0x68,0x33,0xee,0xdf,0x03,
0x64,0x04,0xe0,0x0e,0x34,0x8d,0x81,0xef,
0x4c,0x71,0x08,0xc8,0xf8,0x69,0x1c,0xc1,
0x7d,0xc2,0x1d,0xb5,0xf9,0xb9,0x27,0x6a,
0x4d,0xe4,0xa6,0x72,0x9a,0xc9,0x09,0x78,
0x65,0x2f,0x8a,0x05,0x21,0x0f,0xe1,0x24,
0x12,0xf0,0x82,0x45,0x35,0x93,0xda,0x8e,
0x96,0x8f,0xdb,0xbd,0x36,0xd0,0xce,0x94,
0x13,0x5c,0xd2,0xf1,0x40,0x46,0x83,0x38,
0x66,0xdd,0xfd,0x30,0xbf,0x06,0x8b,0x62,
0xb3,0x25,0xe2,0x98,0x22,0x88,0x91,0x10,
0x7e,0x6e,0x48,0xc3,0xa3,0xb6,0x1e,0x42,
0x3a,0x6b,0x28,0x54,0xfa,0x85,0x3d,0xba,
0x2b,0x79,0x0a,0x15,0x9b,0x9f,0x5e,0xca,
0x4e,0xd4,0xac,0xe5,0xf3,0x73,0xa7,0x57,
0xaf,0x58,0xa8,0x50,0xf4,0xea,0xd6,0x74,
0x4f,0xae,0xe9,0xd5,0xe7,0xe6,0xad,0xe8,
0x2c,0xd7,0x75,0x7a,0xeb,0x16,0x0b,0xf5,
0x59,0xcb,0x5f,0xb0,0x9c,0xa9,0x51,0xa0,
0x7f,0x0c,0xf6,0x6f,0x17,0xc4,0x49,0xec,
0xd8,0x43,0x1f,0x2d,0xa4,0x76,0x7b,0xb7,
0xcc,0xbb,0x3e,0x5a,0xfb,0x60,0xb1,0x86,
0x3b,0x52,0xa1,0x6c,0xaa,0x55,0x29,0x9d,
0x97,0xb2,0x87,0x90,0x61,0xbe,0xdc,0xfc,
0xbc,0x95,0xcf,0xcd,0x37,0x3f,0x5b,0xd1,
0x53,0x39,0x84,0x3c,0x41,0xa2,0x6d,0x47,
0x14,0x2a,0x9e,0x5d,0x56,0xf2,0xd3,0xab,
0x44,0x11,0x92,0xd9,0x23,0x20,0x2e,0x89,
0xb4,0x7c,0xb8,0x26,0x77,0x99,0xe3,0xa5,
0x67,0x4a,0xed,0xde,0xc5,0x31,0xfe,0x18,
0x0d,0x63,0x8c,0x80,0xc0,0xf7,0x70,0x07,
};
static const uint8_t ilog[0x100] =
{
0x01,0x03,0x05,0x0f,0x11,0x33,0x55,0xff,
0x1a,0x2e,0x72,0x96,0xa1,0xf8,0x13,0x35,
0x5f,0xe1,0x38,0x48,0xd8,0x73,0x95,0xa4,
0xf7,0x02,0x06,0x0a,0x1e,0x22,0x66,0xaa,
0xe5,0x34,0x5c,0xe4,0x37,0x59,0xeb,0x26,
0x6a,0xbe,0xd9,0x70,0x90,0xab,0xe6,0x31,
0x53,0xf5,0x04,0x0c,0x14,0x3c,0x44,0xcc,
0x4f,0xd1,0x68,0xb8,0xd3,0x6e,0xb2,0xcd,
0x4c,0xd4,0x67,0xa9,0xe0,0x3b,0x4d,0xd7,
0x62,0xa6,0xf1,0x08,0x18,0x28,0x78,0x88,
0x83,0x9e,0xb9,0xd0,0x6b,0xbd,0xdc,0x7f,
0x81,0x98,0xb3,0xce,0x49,0xdb,0x76,0x9a,
0xb5,0xc4,0x57,0xf9,0x10,0x30,0x50,0xf0,
0x0b,0x1d,0x27,0x69,0xbb,0xd6,0x61,0xa3,
0xfe,0x19,0x2b,0x7d,0x87,0x92,0xad,0xec,
0x2f,0x71,0x93,0xae,0xe9,0x20,0x60,0xa0,
0xfb,0x16,0x3a,0x4e,0xd2,0x6d,0xb7,0xc2,
0x5d,0xe7,0x32,0x56,0xfa,0x15,0x3f,0x41,
0xc3,0x5e,0xe2,0x3d,0x47,0xc9,0x40,0xc0,
0x5b,0xed,0x2c,0x74,0x9c,0xbf,0xda,0x75,
0x9f,0xba,0xd5,0x64,0xac,0xef,0x2a,0x7e,
0x82,0x9d,0xbc,0xdf,0x7a,0x8e,0x89,0x80,
0x9b,0xb6,0xc1,0x58,0xe8,0x23,0x65,0xaf,
0xea,0x25,0x6f,0xb1,0xc8,0x43,0xc5,0x54,
0xfc,0x1f,0x21,0x63,0xa5,0xf4,0x07,0x09,
0x1b,0x2d,0x77,0x99,0xb0,0xcb,0x46,0xca,
0x45,0xcf,0x4a,0xde,0x79,0x8b,0x86,0x91,
0xa8,0xe3,0x3e,0x42,0xc6,0x51,0xf3,0x0e,
0x12,0x36,0x5a,0xee,0x29,0x7b,0x8d,0x8c,
0x8f,0x8a,0x85,0x94,0xa7,0xf2,0x0d,0x17,
0x39,0x4b,0xdd,0x7c,0x84,0x97,0xa2,0xfd,
0x1c,0x24,0x6c,0xb4,0xc7,0x52,0xf6,0x01,
};
static unsigned
mult(unsigned a, unsigned b)
{
return (a && b) ? ilog[ (log[a] + log[b]) % 255] : 0;
}
static void
inv_mix_column(uint32_t *a)
{
uint8_t c[4][4];
unsigned i, j;
for (j = 0; j < 4; j++)
{
for(i = 0; i < 4; i++)
{
c[j][i] = mult(0xe, (a[j] >> i*8) & 0xff)
^ mult(0xb, (a[j] >> ((i+1)%4)*8) & 0xff)
^ mult(0xd, (a[j] >> ((i+2)%4)*8) & 0xff)
^ mult(0x9, (a[j] >> ((i+3)%4)*8) & 0xff);
}
}
for (i = 0; i < 4; i++)
{
a[i] = 0;
for(j = 0; j < 4; j++)
a[i] |= c[i][j] << (j*8);
}
}
#define SWAP(a, b) \
do { uint32_t t_swap = (a); (a) = (b); (b) = t_swap; } while(0)
void
aes_set_decrypt_key(struct aes_ctx *ctx,
unsigned keysize, const uint8_t *key)
{
unsigned nkeys;
unsigned i, j, k;
/* We first create subkeys for encryption,
* then modify the subkeys for decryption. */
aes_set_encrypt_key(ctx, keysize, key);
nkeys = (AES_BLOCK_SIZE/4) * (ctx->nrounds + 1);
/* Reverse the order of subkeys */
for (i = 0, j = ctx->nrounds * 4;
i < j;
i += 4, j -= 4)
for (k = 0; k<4; k++)
SWAP(ctx->keys[i+k], ctx->keys[j+k]);
/* Transform all subkeys but the first and last. */
for (i = 4; i < 4 * ctx->nrounds; i += 4)
inv_mix_column(ctx->keys + i);
}
aes-set-encrypt-key.c deleted 100644 → 0
View file @ a62d9f3d
/* aes-set-encrypt-key.c
*
* Key setup for the aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* Tables for comoutations in the AES GF2 field. */
static const uint8_t log[0x100] =
{
0x00,0x00,0x19,0x01,0x32,0x02,0x1a,0xc6,
0x4b,0xc7,0x1b,0x68,0x33,0xee,0xdf,0x03,
0x64,0x04,0xe0,0x0e,0x34,0x8d,0x81,0xef,
0x4c,0x71,0x08,0xc8,0xf8,0x69,0x1c,0xc1,
0x7d,0xc2,0x1d,0xb5,0xf9,0xb9,0x27,0x6a,
0x4d,0xe4,0xa6,0x72,0x9a,0xc9,0x09,0x78,
0x65,0x2f,0x8a,0x05,0x21,0x0f,0xe1,0x24,
0x12,0xf0,0x82,0x45,0x35,0x93,0xda,0x8e,
0x96,0x8f,0xdb,0xbd,0x36,0xd0,0xce,0x94,
0x13,0x5c,0xd2,0xf1,0x40,0x46,0x83,0x38,
0x66,0xdd,0xfd,0x30,0xbf,0x06,0x8b,0x62,
0xb3,0x25,0xe2,0x98,0x22,0x88,0x91,0x10,
0x7e,0x6e,0x48,0xc3,0xa3,0xb6,0x1e,0x42,
0x3a,0x6b,0x28,0x54,0xfa,0x85,0x3d,0xba,
0x2b,0x79,0x0a,0x15,0x9b,0x9f,0x5e,0xca,
0x4e,0xd4,0xac,0xe5,0xf3,0x73,0xa7,0x57,
0xaf,0x58,0xa8,0x50,0xf4,0xea,0xd6,0x74,
0x4f,0xae,0xe9,0xd5,0xe7,0xe6,0xad,0xe8,
0x2c,0xd7,0x75,0x7a,0xeb,0x16,0x0b,0xf5,
0x59,0xcb,0x5f,0xb0,0x9c,0xa9,0x51,0xa0,
0x7f,0x0c,0xf6,0x6f,0x17,0xc4,0x49,0xec,
0xd8,0x43,0x1f,0x2d,0xa4,0x76,0x7b,0xb7,
0xcc,0xbb,0x3e,0x5a,0xfb,0x60,0xb1,0x86,
0x3b,0x52,0xa1,0x6c,0xaa,0x55,0x29,0x9d,
0x97,0xb2,0x87,0x90,0x61,0xbe,0xdc,0xfc,
0xbc,0x95,0xcf,0xcd,0x37,0x3f,0x5b,0xd1,
0x53,0x39,0x84,0x3c,0x41,0xa2,0x6d,0x47,
0x14,0x2a,0x9e,0x5d,0x56,0xf2,0xd3,0xab,
0x44,0x11,0x92,0xd9,0x23,0x20,0x2e,0x89,
0xb4,0x7c,0xb8,0x26,0x77,0x99,0xe3,0xa5,
0x67,0x4a,0xed,0xde,0xc5,0x31,0xfe,0x18,
0x0d,0x63,0x8c,0x80,0xc0,0xf7,0x70,0x07,
};
static const uint8_t ilog[0x100] =
{
0x01,0x03,0x05,0x0f,0x11,0x33,0x55,0xff,
0x1a,0x2e,0x72,0x96,0xa1,0xf8,0x13,0x35,
0x5f,0xe1,0x38,0x48,0xd8,0x73,0x95,0xa4,
0xf7,0x02,0x06,0x0a,0x1e,0x22,0x66,0xaa,
0xe5,0x34,0x5c,0xe4,0x37,0x59,0xeb,0x26,
0x6a,0xbe,0xd9,0x70,0x90,0xab,0xe6,0x31,
0x53,0xf5,0x04,0x0c,0x14,0x3c,0x44,0xcc,
0x4f,0xd1,0x68,0xb8,0xd3,0x6e,0xb2,0xcd,
0x4c,0xd4,0x67,0xa9,0xe0,0x3b,0x4d,0xd7,
0x62,0xa6,0xf1,0x08,0x18,0x28,0x78,0x88,
0x83,0x9e,0xb9,0xd0,0x6b,0xbd,0xdc,0x7f,
0x81,0x98,0xb3,0xce,0x49,0xdb,0x76,0x9a,
0xb5,0xc4,0x57,0xf9,0x10,0x30,0x50,0xf0,
0x0b,0x1d,0x27,0x69,0xbb,0xd6,0x61,0xa3,
0xfe,0x19,0x2b,0x7d,0x87,0x92,0xad,0xec,
0x2f,0x71,0x93,0xae,0xe9,0x20,0x60,0xa0,
0xfb,0x16,0x3a,0x4e,0xd2,0x6d,0xb7,0xc2,
0x5d,0xe7,0x32,0x56,0xfa,0x15,0x3f,0x41,
0xc3,0x5e,0xe2,0x3d,0x47,0xc9,0x40,0xc0,
0x5b,0xed,0x2c,0x74,0x9c,0xbf,0xda,0x75,
0x9f,0xba,0xd5,0x64,0xac,0xef,0x2a,0x7e,
0x82,0x9d,0xbc,0xdf,0x7a,0x8e,0x89,0x80,
0x9b,0xb6,0xc1,0x58,0xe8,0x23,0x65,0xaf,
0xea,0x25,0x6f,0xb1,0xc8,0x43,0xc5,0x54,
0xfc,0x1f,0x21,0x63,0xa5,0xf4,0x07,0x09,
0x1b,0x2d,0x77,0x99,0xb0,0xcb,0x46,0xca,
0x45,0xcf,0x4a,0xde,0x79,0x8b,0x86,0x91,
0xa8,0xe3,0x3e,0x42,0xc6,0x51,0xf3,0x0e,
0x12,0x36,0x5a,0xee,0x29,0x7b,0x8d,0x8c,
0x8f,0x8a,0x85,0x94,0xa7,0xf2,0x0d,0x17,
0x39,0x4b,0xdd,0x7c,0x84,0x97,0xa2,0xfd,
0x1c,0x24,0x6c,0xb4,0xc7,0x52,0xf6,0x01,
};
static unsigned
xtime(unsigned x)
{
assert (x < 0x100);
x <<= 1;
if (x & 0x100)
x ^= 0x11b;
assert (x < 0x100);
return x;
}
void
aes_set_encrypt_key(struct aes_ctx *ctx,
unsigned keysize, const uint8_t *key)
{
unsigned nk, nr, i, lastkey;
uint32_t temp, rcon;
assert(keysize >= AES_MIN_KEY_SIZE);
assert(keysize <= AES_MAX_KEY_SIZE);
/* Truncate keysizes to the valid key sizes provided by Rijndael */
if (keysize == 32) {
nk = 8;
nr = 14;
} else if (keysize >= 24) {
nk = 6;
nr = 12;
} else { /* must be 16 or more */
nk = 4;
nr = 10;
}
lastkey = (AES_BLOCK_SIZE/4) * (nr + 1);
ctx->nrounds = nr;
rcon = 1;
for (i=0; i<nk; i++)
{
ctx->keys[i] = key[i*4] + (key[i*4+1]<<8) + (key[i*4+2]<<16) +
(key[i*4+3]<<24);
}
for (i=nk; i<lastkey; i++)
{
temp = ctx->keys[i-1];
if (i % nk == 0)
{
temp = SUBBYTE(ROTBYTE(temp), aes_sbox) ^ rcon;
rcon = (uint32_t)xtime((uint8_t)rcon&0xff);
}
else if (nk > 6 && (i%nk) == 4)
{
temp = SUBBYTE(temp, aes_sbox);
}
ctx->keys[i] = ctx->keys[i-nk] ^ temp;
}
}
aes-set-key-internal.c 0 → 100644
View file @ 89bbf8c0
/* aes-set-key-internal.c
Key setup for the aes/rijndael block cipher.
Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Möller
Copyright (C) 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include "aes-internal.h"
#include <assert.h>
#include "macros.h"
void
_nettle_aes_set_key(unsigned nr, unsigned nk,
uint32_t *subkeys, const uint8_t *key)
{
static const uint8_t rcon[10] = {
0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80,0x1b,0x36,
};
const uint8_t *rp;
unsigned lastkey, i;
uint32_t t;
assert(nk != 0);
lastkey = (AES_BLOCK_SIZE/4) * (nr + 1);
for (i=0, rp = rcon; i<nk; i++)
subkeys[i] = LE_READ_UINT32(key + i*4);
for (i=nk; i<lastkey; i++)
{
t = subkeys[i-1];
if (i % nk == 0)
t = SUBBYTE(ROTL32(24, t), aes_sbox) ^ *rp++;
else if (nk > 6 && (i%nk) == 4)
t = SUBBYTE(t, aes_sbox);
subkeys[i] = subkeys[i-nk] ^ t;
}
}
aes.c deleted 100644 → 0
View file @ a62d9f3d
/* aes.c
*
* The aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2000, 2001 Rafael R. Sevilla, Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
#include "macros.h"
#ifndef AES_DEBUG
# define AES_DEBUG 0
#endif
#if AES_DEBUG
# include <stdio.h>
static void
d4(const char *name, unsigned r, const uint32_t *data)
{
unsigned j;
fprintf(stderr, "aes, %d, %s: ", r, name);
for (j = 0; j<4; j++)
fprintf(stderr, "%08x, ", data[j]);
fprintf(stderr, "\n");
}
static void
d2(const char *aname, uint32_t a, const char *bname, uint32_t b)
{
fprintf(stderr, "aes, %s: %08x, %s, %08x\n",
aname, a, bname, b);
}
# define D4(x) d4 x
# define D2(x) d2 x
#else
# define D4(x)
# define D2(x)
#endif
/* Get the byte with index 0, 1, 2 and 3 */
#define B0(x) ((x) & 0xff)
#define B1(x) (((x) >> 8) & 0xff)
#define B2(x) (((x) >> 16) & 0xff)
#define B3(x) (((x) >> 24) & 0xff)
#define IDX0(j) (j)
#define IDX1(j) (T->idx[0][j])
#define IDX2(j) (T->idx[1][j])
#define IDX3(j) (T->idx[2][j])
void
_aes_crypt(const struct aes_ctx *ctx,
const struct aes_table *T,
unsigned length, uint8_t *dst,
const uint8_t *src)
{
FOR_BLOCKS(length, dst, src, AES_BLOCK_SIZE)
{
uint32_t wtxt[4]; /* working ciphertext */
unsigned i;
unsigned round;
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
for (i = 0; i<4; i++)
wtxt[i] = LE_READ_UINT32(src + 4*i) ^ ctx->keys[i];
for (round = 1; round < ctx->nrounds; round++)
{
uint32_t t[4];
unsigned j;
D4(("wtxt", round, wtxt));
D4(("key", round, &ctx->keys[4*round]));
/* What's the best way to order this loop? Ideally,
* we'd want to keep both t and wtxt in registers. */
for (j=0; j<4; j++)
{
/* FIXME: Figure out how the indexing should really be
* done. With the current idx arrays, it looks like the
* code shifts the rows in the wrong direction. But it
* passes the testsuite. Perhaps the tables are rotated
* in the wrong direction, but I don't think so. */
#if AES_SMALL
t[j] = T->table[0][ B0(wtxt[IDX0(j)]) ] ^
ROTRBYTE( T->table[0][ B1(wtxt[IDX1(j)]) ]^
ROTRBYTE( T->table[0][ B2(wtxt[IDX2(j)]) ] ^
ROTRBYTE(T->table[0][ B3(wtxt[IDX3(j)]) ])));
#else /* !AES_SMALL */
t[j] = ( T->table[0][ B0(wtxt[IDX0(j)]) ]
^ T->table[1][ B1(wtxt[IDX1(j)]) ]
^ T->table[2][ B2(wtxt[IDX2(j)]) ]
^ T->table[3][ B3(wtxt[IDX3(j)]) ]);
#endif /* !AES_SMALL */
}
D4(("t", round, t));
for (j = 0; j<4; j++)
wtxt[j] = t[j] ^ ctx->keys[4*round + j];
}
/* Final round */
{
uint32_t out;
unsigned j;
for (j = 0; j<4; j++)
{
/* FIXME: Figure out how the indexing should really be done.
* It looks like this code shifts the rows in the wrong
* direction, but it passes the testsuite. */
out = ( (uint32_t) T->sbox[ B0(wtxt[IDX0(j)]) ]
| ((uint32_t) T->sbox[ B1(wtxt[IDX1(j)]) ] << 8)
| ((uint32_t) T->sbox[ B2(wtxt[IDX2(j)]) ] << 16)
| ((uint32_t) T->sbox[ B3(wtxt[IDX3(j)]) ] << 24));
D2(("t", out, "key", ctx->keys[4*round + j]));
out ^= ctx->keys[4*round + j];
LE_WRITE_UINT32(dst + 4*j, out);
}
}
}
}
aes.c-hacked deleted 100644 → 0
View file @ a62d9f3d
/* aes.c
*
* The aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2000, 2001 Rafael R. Sevilla, Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
/* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
#include "macros.h"
#ifndef AES_DEBUG
# define AES_DEBUG 0
#endif
#if AES_DEBUG
# include <stdio.h>
static void
d4(const char *name, unsigned r, const uint32_t *data)
{
unsigned j;
fprintf(stderr, "aes, %d, %s: ", r, name);
for (j = 0; j<4; j++)
fprintf(stderr, "%08x, ", data[j]);
fprintf(stderr, "\n");
}
static void
d2(const char *aname, uint32_t a, const char *bname, uint32_t b)
{
fprintf(stderr, "aes, %s: %08x, %s, %08x\n",
aname, a, bname, b);
}
static void
d1(const char *name, uint32_t a)
{
fprintf(stderr, "aes, %s: %08x\n",
name, a);
}
# define D4(x) d4 x
# define D2(x) d2 x
# define D1(x) d2 x
#else
# define D4(x)
# define D2(x)
# define D1(x)
#endif
/* Get the byte with index 0, 1, 2 and 3 */
#define B0(x) ((x) & 0xff)
#define B1(x) (((x) >> 8) & 0xff)
#define B2(x) (((x) >> 16) & 0xff)
#define B3(x) (((x) >> 24) & 0xff)
#define IDX0(j) (j)
#define IDX1(j) (T->idx[0][j])
#define IDX2(j) (T->idx[1][j])
#define IDX3(j) (T->idx[2][j])
/* NOTE: IDX2 can be done as j ^ 2, but that doesn't seem to make much
* of a difference. */
#define SWAP(a, b) \
do { uint32_t *t_swap = (a); (a) = (b); (b) = t_swap; } while(0)
void
_aes_crypt(const struct aes_ctx *ctx,
const struct aes_table *T,
unsigned length, uint8_t *dst,
const uint8_t *src)
{
FOR_BLOCKS(length, dst, src, AES_BLOCK_SIZE)
{
/* Use double buffering, reading one half of the buffer writing
* to the other, and then swapping the role of the two
* halves. */
uint32_t buffer[8];
uint32_t *wtxt; /* working ciphertext */
uint32_t *tmp;
unsigned i;
unsigned round;
wtxt = buffer; tmp = buffer + 4;
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
for (i = 0; i<4; i++)
wtxt[i] = LE_READ_UINT32(src + 4*i) ^ ctx->keys[i];
for (round = 1; round < ctx->nrounds; round++)
{
unsigned j;
D4(("wtxt", round, wtxt));
D4(("key", round, &ctx->keys[4*round]));
/* What's the best way to order this loop? Ideally,
* we'd want to keep both t and wtxt in registers. */
for (j=0; j<4; j++)
{
/* FIXME: Figure out how the indexing should really be
* done. With the current idx arrays, it looks like the
* code shifts the rows in the wrong direction. But it
* passes the testsuite. Perhaps the tables are rotated
* in the wrong direction, but I don't think so. */
uint32_t t;
#if AES_SMALL
t = T->table[0][ B0(wtxt[IDX0(j)]) ] ^
ROTRBYTE( T->table[0][ B1(wtxt[IDX1(j)]) ]^
ROTRBYTE( T->table[0][ B2(wtxt[IDX2(j)]) ] ^
ROTRBYTE(T->table[0][ B3(wtxt[IDX3(j)]) ])));
#else /* !AES_SMALL */
t = ( T->table[0][ B0(wtxt[IDX0(j)]) ]
^ T->table[1][ B1(wtxt[IDX1(j)]) ]
^ T->table[2][ B2(wtxt[IDX2(j)]) ]
^ T->table[3][ B3(wtxt[IDX3(j)]) ]);
#endif /* !AES_SMALL */
D1(("t", t));
tmp[j] = t ^ ctx->keys[4*round + j];
}
SWAP(tmp, wtxt);
#if 0
D4(("t", round, t));
for (j = 0; j<4; j++)
wtxt[j] = t[j] ^ ctx->keys[4*round + j];
#endif
}
/* Final round */
{
uint32_t out;
unsigned j;
for (j = 0; j<4; j++)
{
/* FIXME: Figure out how the indexing should really be done.
* It looks like this code shifts the rows in the wrong
* direction, but it passes the testsuite. */
out = ( (uint32_t) T->sbox[ B0(wtxt[IDX0(j)]) ]
| ((uint32_t) T->sbox[ B1(wtxt[IDX1(j)]) ] << 8)
| ((uint32_t) T->sbox[ B2(wtxt[IDX2(j)]) ] << 16)
| ((uint32_t) T->sbox[ B3(wtxt[IDX3(j)]) ] << 24));
D2(("t", out, "key", ctx->keys[4*round + j]));
out ^= ctx->keys[4*round + j];
LE_WRITE_UINT32(dst + 4*j, out);
}
}
}
}
aes.h
View file @ 89bbf8c0
/* aes.h
*
* The aes/rijndael block cipher.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
The aes/rijndael block cipher.
Copyright (C) 2001, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#ifndef NETTLE_AES_H_INCLUDED
#define NETTLE_AES_H_INCLUDED
#include "nettle-types.h"
#ifdef __cplusplus
extern "C" {
#endif
/* Name mangling */
#define aes_set_encrypt_key nettle_aes_set_encrypt_key
#define aes_set_decrypt_key nettle_aes_set_decrypt_key
#define aes_encrypt nettle_aes_encrypt
#define aes_decrypt nettle_aes_decrypt
#define aes128_set_encrypt_key nettle_aes128_set_encrypt_key
#define aes128_set_decrypt_key nettle_aes128_set_decrypt_key
#define aes128_invert_key nettle_aes128_invert_key
#define aes128_encrypt nettle_aes128_encrypt
#define aes128_decrypt nettle_aes128_decrypt
#define aes192_set_encrypt_key nettle_aes192_set_encrypt_key
#define aes192_set_decrypt_key nettle_aes192_set_decrypt_key
#define aes192_invert_key nettle_aes192_invert_key
#define aes192_encrypt nettle_aes192_encrypt
#define aes192_decrypt nettle_aes192_decrypt
#define aes256_set_encrypt_key nettle_aes256_set_encrypt_key
#define aes256_set_decrypt_key nettle_aes256_set_decrypt_key
#define aes256_invert_key nettle_aes256_invert_key
#define aes256_encrypt nettle_aes256_encrypt
#define aes256_decrypt nettle_aes256_decrypt
#define AES_BLOCK_SIZE 16
/* Variable key size between 128 and 256 bits. But the only valid
* values are 16 (128 bits), 24 (192 bits) and 32 (256 bits). */
#define AES_MIN_KEY_SIZE 16
#define AES_MAX_KEY_SIZE 32
#define AES128_KEY_SIZE 16
#define AES192_KEY_SIZE 24
#define AES256_KEY_SIZE 32
#define _AES128_ROUNDS 10
#define _AES192_ROUNDS 12
#define _AES256_ROUNDS 14
#define AES_KEY_SIZE 32
struct aes128_ctx
{
uint32_t keys[4 * (_AES128_ROUNDS + 1)];
};
struct aes_ctx
void
aes128_set_encrypt_key(struct aes128_ctx *ctx, const uint8_t *key);
void
aes128_set_decrypt_key(struct aes128_ctx *ctx, const uint8_t *key);
void
aes128_invert_key(struct aes128_ctx *dst,
const struct aes128_ctx *src);
void
aes128_encrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
void
aes128_decrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
struct aes192_ctx
{
uint32_t keys[60]; /* maximum size of key schedule */
unsigned nrounds; /* number of rounds to use for our key size */
uint32_t keys[4 * (_AES192_ROUNDS + 1)];
};
void
aes_set_encrypt_key(struct aes_ctx *ctx,
unsigned length, const uint8_t *key);
aes192_set_encrypt_key(struct aes192_ctx *ctx, const uint8_t *key);
void
aes192_set_decrypt_key(struct aes192_ctx *ctx, const uint8_t *key);
void
aes192_invert_key(struct aes192_ctx *dst,
const struct aes192_ctx *src);
void
aes192_encrypt(const struct aes192_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
void
aes_set_decrypt_key(struct aes_ctx *ctx,
unsigned length, const uint8_t *key);
aes192_decrypt(const struct aes192_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
struct aes256_ctx
{
uint32_t keys[4 * (_AES256_ROUNDS + 1)];
};
void
aes256_set_encrypt_key(struct aes256_ctx *ctx, const uint8_t *key);
void
aes_encrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src);
aes256_set_decrypt_key(struct aes256_ctx *ctx, const uint8_t *key);
void
aes_decrypt(struct aes_ctx *ctx,
unsigned length, uint8_t *dst,
const uint8_t *src);
aes256_invert_key(struct aes256_ctx *dst,
const struct aes256_ctx *src);
void
aes256_encrypt(const struct aes256_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
void
aes256_decrypt(const struct aes256_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
#ifdef __cplusplus
}
#endif
#endif /* NETTLE_AES_H_INCLUDED */
aes128-decrypt.c 0 → 100644
View file @ 89bbf8c0
/* aes128-decrypt.c
Decryption function for aes/rijndael block cipher.
Copyright (C) 2002, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* For fat builds */
#if HAVE_NATIVE_aes128_decrypt
void
_nettle_aes128_decrypt_c(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
# define nettle_aes128_decrypt _nettle_aes128_decrypt_c
#endif
void
nettle_aes128_decrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
_nettle_aes_decrypt(_AES128_ROUNDS, ctx->keys + 4*_AES128_ROUNDS,
&_nettle_aes_decrypt_table, length, dst, src);
}
aes128-encrypt.c 0 → 100644
View file @ 89bbf8c0
/* aes128-encrypt.c
Encryption function for the aes/rijndael block cipher.
Copyright (C) 2002, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* For fat builds */
#if HAVE_NATIVE_aes128_encrypt
void
_nettle_aes128_encrypt_c(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
# define nettle_aes128_encrypt _nettle_aes128_encrypt_c
#endif
void
nettle_aes128_encrypt(const struct aes128_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
_nettle_aes_encrypt(_AES128_ROUNDS, ctx->keys, &_nettle_aes_encrypt_table,
length, dst, src);
}
aes128-meta.c 0 → 100644
View file @ 89bbf8c0
/* aes128-meta.c
Copyright (C) 2013, 2014 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "nettle-meta.h"
#include "aes.h"
const struct nettle_cipher nettle_aes128 =
{ "aes128", sizeof(struct aes128_ctx),
AES_BLOCK_SIZE, AES128_KEY_SIZE,
(nettle_set_key_func *) aes128_set_encrypt_key,
(nettle_set_key_func *) aes128_set_decrypt_key,
(nettle_cipher_func *) aes128_encrypt,
(nettle_cipher_func *) aes128_decrypt
};
aes128-set-decrypt-key.c 0 → 100644
View file @ 89bbf8c0
/* aes128-set-decrypt-key.c
Key setup for the aes/rijndael block cipher.
Copyright (C) 2013, Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
#include "macros.h"
/* For fat builds */
#if HAVE_NATIVE_aes128_invert_key
void
_nettle_aes128_invert_key_c(struct aes128_ctx *dst,
const struct aes128_ctx *src);
# define nettle_aes128_invert_key _nettle_aes128_invert_key_c
#endif
#if HAVE_NATIVE_aes128_set_decrypt_key
void
_nettle_aes128_set_decrypt_key_c(struct aes128_ctx *ctx, const uint8_t *key);
# define nettle_aes128_set_decrypt_key _nettle_aes128_set_decrypt_key_c
#endif
void
nettle_aes128_invert_key (struct aes128_ctx *dst, const struct aes128_ctx *src)
{
_nettle_aes_invert (_AES128_ROUNDS, dst->keys, src->keys);
}
void
nettle_aes128_set_decrypt_key(struct aes128_ctx *ctx, const uint8_t *key)
{
aes128_set_encrypt_key (ctx, key);
aes128_invert_key (ctx, ctx);
}
aes128-set-encrypt-key.c 0 → 100644
View file @ 89bbf8c0
/* aes128-set-encrypt-key.c
Copyright (C) 2013, Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* For fat builds */
#if HAVE_NATIVE_aes128_set_encrypt_key
void
_nettle_aes128_set_encrypt_key_c(struct aes128_ctx *ctx, const uint8_t *key);
# define nettle_aes128_set_encrypt_key _nettle_aes128_set_encrypt_key_c
#endif
void
nettle_aes128_set_encrypt_key(struct aes128_ctx *ctx, const uint8_t *key)
{
_nettle_aes_set_key (_AES128_ROUNDS, AES128_KEY_SIZE / 4, ctx->keys, key);
}
aes192-decrypt.c 0 → 100644
View file @ 89bbf8c0
/* aes192-decrypt.c
Decryption function for aes/rijndael block cipher.
Copyright (C) 2002, 2013 Niels Möller
This file is part of GNU Nettle.
GNU Nettle is free software: you can redistribute it and/or
modify it under the terms of either:
* the GNU Lesser General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
or
* the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your
option) any later version.
or both in parallel, as here.
GNU Nettle is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received copies of the GNU General Public License and
the GNU Lesser General Public License along with this program. If
not, see http://www.gnu.org/licenses/.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include "aes-internal.h"
/* For fat builds */
#if HAVE_NATIVE_aes192_decrypt
void
_nettle_aes192_decrypt_c(const struct aes192_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src);
# define nettle_aes192_decrypt _nettle_aes192_decrypt_c
#endif
void
nettle_aes192_decrypt(const struct aes192_ctx *ctx,
size_t length, uint8_t *dst,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
_nettle_aes_decrypt(_AES192_ROUNDS, ctx->keys + 4 * _AES192_ROUNDS,
&_nettle_aes_decrypt_table, length, dst, src);
}