From ff29d0a9c9b7d17e0bc15bbba88993244903222b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 17 May 2013 17:31:08 +0200
Subject: [PATCH] Separate rounds and key arguments to _aes_encrypt and
_aes_decrypt.
---
ChangeLog | 6 ++++++
aes-decrypt-internal.c | 34 +++++++++++++++++-----------------
aes-decrypt.c | 4 ++--
aes-encrypt-internal.c | 34 +++++++++++++++++-----------------
aes-encrypt.c | 4 ++--
aes-internal.h | 4 ++--
6 files changed, 46 insertions(+), 40 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 958a85e3..5086e171 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2013-05-17 Niels Möller <nisse@lysator.liu.se>
+ * aes-encrypt-internal.c (_nettle_aes_encrypt): Take rounds and
+ subkeys as separate arguments, not a struct aes_ctx *. Updated
+ callers.
+ * aes-decrypt-internal.c (_nettle_aes_decrypt): Likewise.
+ * aes-internal.h: Updated prototypes.
+
* macros.h (ROTL32, ROTL64): Avoid undefined behaviour for zero
rotation count. Unfortunately makes CAST128 a bit slower with
gcc-4.6.3.
diff --git a/aes-decrypt-internal.c b/aes-decrypt-internal.c
index af2891e9..be73e680 100644
--- a/aes-decrypt-internal.c
+++ b/aes-decrypt-internal.c
@@ -5,7 +5,7 @@
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2013 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@@ -33,7 +33,7 @@
#include "macros.h"
void
-_nettle_aes_decrypt(const struct aes_ctx *ctx,
+_nettle_aes_decrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src)
@@ -42,22 +42,22 @@ _nettle_aes_decrypt(const struct aes_ctx *ctx,
{
uint32_t w0, w1, w2, w3; /* working ciphertext */
uint32_t t0, t1, t2, t3;
- unsigned round;
+ unsigned i;
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
- w0 = LE_READ_UINT32(src) ^ ctx->keys[0];
- w1 = LE_READ_UINT32(src + 4) ^ ctx->keys[1];
- w2 = LE_READ_UINT32(src + 8) ^ ctx->keys[2];
- w3 = LE_READ_UINT32(src + 12) ^ ctx->keys[3];
+ w0 = LE_READ_UINT32(src) ^ keys[0];
+ w1 = LE_READ_UINT32(src + 4) ^ keys[1];
+ w2 = LE_READ_UINT32(src + 8) ^ keys[2];
+ w3 = LE_READ_UINT32(src + 12) ^ keys[3];
- for (round = 1; round < ctx->nrounds; round++)
+ for (i = 1; i < rounds; i++)
{
- t0 = AES_ROUND(T, w0, w3, w2, w1, ctx->keys[4*round]);
- t1 = AES_ROUND(T, w1, w0, w3, w2, ctx->keys[4*round + 1]);
- t2 = AES_ROUND(T, w2, w1, w0, w3, ctx->keys[4*round + 2]);
- t3 = AES_ROUND(T, w3, w2, w1, w0, ctx->keys[4*round + 3]);
+ t0 = AES_ROUND(T, w0, w3, w2, w1, keys[4*i]);
+ t1 = AES_ROUND(T, w1, w0, w3, w2, keys[4*i + 1]);
+ t2 = AES_ROUND(T, w2, w1, w0, w3, keys[4*i + 2]);
+ t3 = AES_ROUND(T, w3, w2, w1, w0, keys[4*i + 3]);
/* We could unroll the loop twice, to avoid these
assignments. If all eight variables fit in registers,
@@ -70,14 +70,14 @@ _nettle_aes_decrypt(const struct aes_ctx *ctx,
/* Final round */
- t0 = AES_FINAL_ROUND(T, w0, w3, w2, w1, ctx->keys[4*round]);
- t1 = AES_FINAL_ROUND(T, w1, w0, w3, w2, ctx->keys[4*round + 1]);
- t2 = AES_FINAL_ROUND(T, w2, w1, w0, w3, ctx->keys[4*round + 2]);
- t3 = AES_FINAL_ROUND(T, w3, w2, w1, w0, ctx->keys[4*round + 3]);
+ t0 = AES_FINAL_ROUND(T, w0, w3, w2, w1, keys[4*i]);
+ t1 = AES_FINAL_ROUND(T, w1, w0, w3, w2, keys[4*i + 1]);
+ t2 = AES_FINAL_ROUND(T, w2, w1, w0, w3, keys[4*i + 2]);
+ t3 = AES_FINAL_ROUND(T, w3, w2, w1, w0, keys[4*i + 3]);
LE_WRITE_UINT32(dst, t0);
- LE_WRITE_UINT32(dst + 8, t2);
LE_WRITE_UINT32(dst + 4, t1);
+ LE_WRITE_UINT32(dst + 8, t2);
LE_WRITE_UINT32(dst + 12, t3);
}
}
diff --git a/aes-decrypt.c b/aes-decrypt.c
index 96862e47..d83a6952 100644
--- a/aes-decrypt.c
+++ b/aes-decrypt.c
@@ -5,7 +5,7 @@
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2013 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@@ -342,6 +342,6 @@ aes_decrypt(const struct aes_ctx *ctx,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
- _aes_decrypt(ctx, &_aes_decrypt_table,
+ _aes_decrypt(ctx->nrounds, ctx->keys, &_aes_decrypt_table,
length, dst, src);
}
diff --git a/aes-encrypt-internal.c b/aes-encrypt-internal.c
index cf9d8247..2f34f21e 100644
--- a/aes-encrypt-internal.c
+++ b/aes-encrypt-internal.c
@@ -5,7 +5,7 @@
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2013 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@@ -33,7 +33,7 @@
#include "macros.h"
void
-_nettle_aes_encrypt(const struct aes_ctx *ctx,
+_nettle_aes_encrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src)
@@ -42,22 +42,22 @@ _nettle_aes_encrypt(const struct aes_ctx *ctx,
{
uint32_t w0, w1, w2, w3; /* working ciphertext */
uint32_t t0, t1, t2, t3;
- unsigned round;
+ unsigned i;
/* Get clear text, using little-endian byte order.
* Also XOR with the first subkey. */
- w0 = LE_READ_UINT32(src) ^ ctx->keys[0];
- w1 = LE_READ_UINT32(src + 4) ^ ctx->keys[1];
- w2 = LE_READ_UINT32(src + 8) ^ ctx->keys[2];
- w3 = LE_READ_UINT32(src + 12) ^ ctx->keys[3];
+ w0 = LE_READ_UINT32(src) ^ keys[0];
+ w1 = LE_READ_UINT32(src + 4) ^ keys[1];
+ w2 = LE_READ_UINT32(src + 8) ^ keys[2];
+ w3 = LE_READ_UINT32(src + 12) ^ keys[3];
- for (round = 1; round < ctx->nrounds; round++)
+ for (i = 1; i < rounds; i++)
{
- t0 = AES_ROUND(T, w0, w1, w2, w3, ctx->keys[4*round]);
- t1 = AES_ROUND(T, w1, w2, w3, w0, ctx->keys[4*round + 1]);
- t2 = AES_ROUND(T, w2, w3, w0, w1, ctx->keys[4*round + 2]);
- t3 = AES_ROUND(T, w3, w0, w1, w2, ctx->keys[4*round + 3]);
+ t0 = AES_ROUND(T, w0, w1, w2, w3, keys[4*i]);
+ t1 = AES_ROUND(T, w1, w2, w3, w0, keys[4*i + 1]);
+ t2 = AES_ROUND(T, w2, w3, w0, w1, keys[4*i + 2]);
+ t3 = AES_ROUND(T, w3, w0, w1, w2, keys[4*i + 3]);
/* We could unroll the loop twice, to avoid these
assignments. If all eight variables fit in registers,
@@ -70,14 +70,14 @@ _nettle_aes_encrypt(const struct aes_ctx *ctx,
/* Final round */
- t0 = AES_FINAL_ROUND(T, w0, w1, w2, w3, ctx->keys[4*round]);
- t1 = AES_FINAL_ROUND(T, w1, w2, w3, w0, ctx->keys[4*round + 1]);
- t2 = AES_FINAL_ROUND(T, w2, w3, w0, w1, ctx->keys[4*round + 2]);
- t3 = AES_FINAL_ROUND(T, w3, w0, w1, w2, ctx->keys[4*round + 3]);
+ t0 = AES_FINAL_ROUND(T, w0, w1, w2, w3, keys[4*i]);
+ t1 = AES_FINAL_ROUND(T, w1, w2, w3, w0, keys[4*i + 1]);
+ t2 = AES_FINAL_ROUND(T, w2, w3, w0, w1, keys[4*i + 2]);
+ t3 = AES_FINAL_ROUND(T, w3, w0, w1, w2, keys[4*i + 3]);
LE_WRITE_UINT32(dst, t0);
- LE_WRITE_UINT32(dst + 8, t2);
LE_WRITE_UINT32(dst + 4, t1);
+ LE_WRITE_UINT32(dst + 8, t2);
LE_WRITE_UINT32(dst + 12, t3);
}
}
diff --git a/aes-encrypt.c b/aes-encrypt.c
index f28ac319..5ee1a49b 100644
--- a/aes-encrypt.c
+++ b/aes-encrypt.c
@@ -5,7 +5,7 @@
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2013 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
@@ -40,6 +40,6 @@ aes_encrypt(const struct aes_ctx *ctx,
const uint8_t *src)
{
assert(!(length % AES_BLOCK_SIZE) );
- _aes_encrypt(ctx, &_aes_encrypt_table,
+ _aes_encrypt(ctx->nrounds, ctx->keys, &_aes_encrypt_table,
length, dst, src);
}
diff --git a/aes-internal.h b/aes-internal.h
index e361bde9..51fa9eb2 100644
--- a/aes-internal.h
+++ b/aes-internal.h
@@ -51,13 +51,13 @@ struct aes_table
};
void
-_aes_encrypt(const struct aes_ctx *ctx,
+_aes_encrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src);
void
-_aes_decrypt(const struct aes_ctx *ctx,
+_aes_decrypt(unsigned rounds, const uint32_t *keys,
const struct aes_table *T,
size_t length, uint8_t *dst,
const uint8_t *src);
--
GitLab