"Fossies" - the Fresh Open Source Software Archive 
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style:
standard) with prefixed line numbers and
code folding option.
Alternatively you can here
view or
download the uninterpreted source code file.
For more information about "Aeskey.c" see the
Fossies "Dox" file reference documentation.
1 /*
2 ---------------------------------------------------------------------------
3 Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved.
4
5 LICENSE TERMS
6
7 The free distribution and use of this software is allowed (with or without
8 changes) provided that:
9
10 1. source code distributions include the above copyright notice, this
11 list of conditions and the following disclaimer;
12
13 2. binary distributions include the above copyright notice, this list
14 of conditions and the following disclaimer in their documentation;
15
16 3. the name of the copyright holder is not used to endorse products
17 built using this software without specific written permission.
18
19 DISCLAIMER
20
21 This software is provided 'as is' with no explicit or implied warranties
22 in respect of its properties, including, but not limited to, correctness
23 and/or fitness for purpose.
24 ---------------------------------------------------------------------------
25 Issue Date: 20/12/2007
26 */
27
28 #include "Aesopt.h"
29 #include "Aestab.h"
30
31 #ifdef USE_VIA_ACE_IF_PRESENT
32 # include "aes_via_ace.h"
33 #endif
34
35 #if defined(__cplusplus)
36 extern "C"
37 {
38 #endif
39
40 /* Initialise the key schedule from the user supplied key. The key
41 length can be specified in bytes, with legal values of 16, 24
42 and 32, or in bits, with legal values of 128, 192 and 256. These
43 values correspond with Nk values of 4, 6 and 8 respectively.
44
45 The following macros implement a single cycle in the key
46 schedule generation process. The number of cycles needed
47 for each cx->n_col and nk value is:
48
49 nk = 4 5 6 7 8
50 ------------------------------
51 cx->n_col = 4 10 9 8 7 7
52 cx->n_col = 5 14 11 10 9 9
53 cx->n_col = 6 19 15 12 11 11
54 cx->n_col = 7 21 19 16 13 14
55 cx->n_col = 8 29 23 19 17 14
56 */
57
58 #if (FUNCS_IN_C & ENC_KEYING_IN_C)
59
60 #if defined(AES_128) || defined(AES_VAR)
61
62 #define ke4(k,i) \
63 { k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \
64 k[4*(i)+5] = ss[1] ^= ss[0]; \
65 k[4*(i)+6] = ss[2] ^= ss[1]; \
66 k[4*(i)+7] = ss[3] ^= ss[2]; \
67 }
68
69 AES_RETURN aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
70 { uint_32t ss[4];
71
72 cx->ks[0] = ss[0] = word_in(key, 0);
73 cx->ks[1] = ss[1] = word_in(key, 1);
74 cx->ks[2] = ss[2] = word_in(key, 2);
75 cx->ks[3] = ss[3] = word_in(key, 3);
76
77 #if ENC_UNROLL == NONE
78 { uint_32t i;
79 for(i = 0; i < 9; ++i)
80 ke4(cx->ks, i);
81 }
82 #else
83 ke4(cx->ks, 0); ke4(cx->ks, 1);
84 ke4(cx->ks, 2); ke4(cx->ks, 3);
85 ke4(cx->ks, 4); ke4(cx->ks, 5);
86 ke4(cx->ks, 6); ke4(cx->ks, 7);
87 ke4(cx->ks, 8);
88 #endif
89 ke4(cx->ks, 9);
90 cx->inf.l = 0;
91 cx->inf.b[0] = 10 * 16;
92
93 #ifdef USE_VIA_ACE_IF_PRESENT
94 if(VIA_ACE_AVAILABLE)
95 cx->inf.b[1] = 0xff;
96 #endif
97
98 #if defined( AES_ERR_CHK )
99 return EXIT_SUCCESS;
100 #endif
101 }
102
103 #endif
104
105 #if defined(AES_192) || defined(AES_VAR)
106
107 #define kef6(k,i) \
108 { k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \
109 k[6*(i)+ 7] = ss[1] ^= ss[0]; \
110 k[6*(i)+ 8] = ss[2] ^= ss[1]; \
111 k[6*(i)+ 9] = ss[3] ^= ss[2]; \
112 }
113
114 #define ke6(k,i) \
115 { kef6(k,i); \
116 k[6*(i)+10] = ss[4] ^= ss[3]; \
117 k[6*(i)+11] = ss[5] ^= ss[4]; \
118 }
119
120 AES_RETURN aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
121 { uint_32t ss[6];
122
123 cx->ks[0] = ss[0] = word_in(key, 0);
124 cx->ks[1] = ss[1] = word_in(key, 1);
125 cx->ks[2] = ss[2] = word_in(key, 2);
126 cx->ks[3] = ss[3] = word_in(key, 3);
127 cx->ks[4] = ss[4] = word_in(key, 4);
128 cx->ks[5] = ss[5] = word_in(key, 5);
129
130 #if ENC_UNROLL == NONE
131 { uint_32t i;
132 for(i = 0; i < 7; ++i)
133 ke6(cx->ks, i);
134 }
135 #else
136 ke6(cx->ks, 0); ke6(cx->ks, 1);
137 ke6(cx->ks, 2); ke6(cx->ks, 3);
138 ke6(cx->ks, 4); ke6(cx->ks, 5);
139 ke6(cx->ks, 6);
140 #endif
141 kef6(cx->ks, 7);
142 cx->inf.l = 0;
143 cx->inf.b[0] = 12 * 16;
144
145 #ifdef USE_VIA_ACE_IF_PRESENT
146 if(VIA_ACE_AVAILABLE)
147 cx->inf.b[1] = 0xff;
148 #endif
149
150 #if defined( AES_ERR_CHK )
151 return EXIT_SUCCESS;
152 #endif
153 }
154
155 #endif
156
157 #if defined(AES_256) || defined(AES_VAR)
158
159 #define kef8(k,i) \
160 { k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \
161 k[8*(i)+ 9] = ss[1] ^= ss[0]; \
162 k[8*(i)+10] = ss[2] ^= ss[1]; \
163 k[8*(i)+11] = ss[3] ^= ss[2]; \
164 }
165
166 #define ke8(k,i) \
167 { kef8(k,i); \
168 k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); \
169 k[8*(i)+13] = ss[5] ^= ss[4]; \
170 k[8*(i)+14] = ss[6] ^= ss[5]; \
171 k[8*(i)+15] = ss[7] ^= ss[6]; \
172 }
173
174 AES_RETURN aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
175 { uint_32t ss[8];
176
177 cx->ks[0] = ss[0] = word_in(key, 0);
178 cx->ks[1] = ss[1] = word_in(key, 1);
179 cx->ks[2] = ss[2] = word_in(key, 2);
180 cx->ks[3] = ss[3] = word_in(key, 3);
181 cx->ks[4] = ss[4] = word_in(key, 4);
182 cx->ks[5] = ss[5] = word_in(key, 5);
183 cx->ks[6] = ss[6] = word_in(key, 6);
184 cx->ks[7] = ss[7] = word_in(key, 7);
185
186 #if ENC_UNROLL == NONE
187 { uint_32t i;
188 for(i = 0; i < 6; ++i)
189 ke8(cx->ks, i);
190 }
191 #else
192 ke8(cx->ks, 0); ke8(cx->ks, 1);
193 ke8(cx->ks, 2); ke8(cx->ks, 3);
194 ke8(cx->ks, 4); ke8(cx->ks, 5);
195 #endif
196 kef8(cx->ks, 6);
197 cx->inf.l = 0;
198 cx->inf.b[0] = 14 * 16;
199
200 #ifdef USE_VIA_ACE_IF_PRESENT
201 if(VIA_ACE_AVAILABLE)
202 cx->inf.b[1] = 0xff;
203 #endif
204
205 #if defined( AES_ERR_CHK )
206 return EXIT_SUCCESS;
207 #endif
208 }
209
210 #endif
211
212 #if defined(AES_VAR)
213
214 AES_RETURN aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
215 {
216 switch(key_len)
217 {
218 #if defined( AES_ERR_CHK )
219 case 16: case 128: return aes_encrypt_key128(key, cx);
220 case 24: case 192: return aes_encrypt_key192(key, cx);
221 case 32: case 256: return aes_encrypt_key256(key, cx);
222 default: return EXIT_FAILURE;
223 #else
224 case 16: case 128: aes_encrypt_key128(key, cx); return;
225 case 24: case 192: aes_encrypt_key192(key, cx); return;
226 case 32: case 256: aes_encrypt_key256(key, cx); return;
227 #endif
228 }
229 }
230
231 #endif
232
233 #endif
234
235 #if (FUNCS_IN_C & DEC_KEYING_IN_C)
236
237 /* this is used to store the decryption round keys */
238 /* in forward or reverse order */
239
240 #ifdef AES_REV_DKS
241 #define v(n,i) ((n) - (i) + 2 * ((i) & 3))
242 #else
243 #define v(n,i) (i)
244 #endif
245
246 #if DEC_ROUND == NO_TABLES
247 #define ff(x) (x)
248 #else
249 #define ff(x) inv_mcol(x)
250 #if defined( dec_imvars )
251 #define d_vars dec_imvars
252 #endif
253 #endif
254
255 #if defined(AES_128) || defined(AES_VAR)
256
257 #define k4e(k,i) \
258 { k[v(40,(4*(i))+4)] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; \
259 k[v(40,(4*(i))+5)] = ss[1] ^= ss[0]; \
260 k[v(40,(4*(i))+6)] = ss[2] ^= ss[1]; \
261 k[v(40,(4*(i))+7)] = ss[3] ^= ss[2]; \
262 }
263
264 #if 1
265
266 #define kdf4(k,i) \
267 { ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; \
268 ss[1] = ss[1] ^ ss[3]; \
269 ss[2] = ss[2] ^ ss[3]; \
270 ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \
271 ss[i % 4] ^= ss[4]; \
272 ss[4] ^= k[v(40,(4*(i)))]; k[v(40,(4*(i))+4)] = ff(ss[4]); \
273 ss[4] ^= k[v(40,(4*(i))+1)]; k[v(40,(4*(i))+5)] = ff(ss[4]); \
274 ss[4] ^= k[v(40,(4*(i))+2)]; k[v(40,(4*(i))+6)] = ff(ss[4]); \
275 ss[4] ^= k[v(40,(4*(i))+3)]; k[v(40,(4*(i))+7)] = ff(ss[4]); \
276 }
277
278 #define kd4(k,i) \
279 { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; \
280 ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \
281 k[v(40,(4*(i))+4)] = ss[4] ^= k[v(40,(4*(i)))]; \
282 k[v(40,(4*(i))+5)] = ss[4] ^= k[v(40,(4*(i))+1)]; \
283 k[v(40,(4*(i))+6)] = ss[4] ^= k[v(40,(4*(i))+2)]; \
284 k[v(40,(4*(i))+7)] = ss[4] ^= k[v(40,(4*(i))+3)]; \
285 }
286
287 #define kdl4(k,i) \
288 { ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \
289 k[v(40,(4*(i))+4)] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; \
290 k[v(40,(4*(i))+5)] = ss[1] ^ ss[3]; \
291 k[v(40,(4*(i))+6)] = ss[0]; \
292 k[v(40,(4*(i))+7)] = ss[1]; \
293 }
294
295 #else
296
297 #define kdf4(k,i) \
298 { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ff(ss[0]); \
299 ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ff(ss[1]); \
300 ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ff(ss[2]); \
301 ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ff(ss[3]); \
302 }
303
304 #define kd4(k,i) \
305 { ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \
306 ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[v(40,(4*(i))+ 4)] = ss[4] ^= k[v(40,(4*(i)))]; \
307 ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[4] ^= k[v(40,(4*(i))+ 1)]; \
308 ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[4] ^= k[v(40,(4*(i))+ 2)]; \
309 ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[4] ^= k[v(40,(4*(i))+ 3)]; \
310 }
311
312 #define kdl4(k,i) \
313 { ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[v(40,(4*(i))+ 4)] = ss[0]; \
314 ss[1] ^= ss[0]; k[v(40,(4*(i))+ 5)] = ss[1]; \
315 ss[2] ^= ss[1]; k[v(40,(4*(i))+ 6)] = ss[2]; \
316 ss[3] ^= ss[2]; k[v(40,(4*(i))+ 7)] = ss[3]; \
317 }
318
319 #endif
320
321 AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
322 { uint_32t ss[5];
323 #if defined( d_vars )
324 d_vars;
325 #endif
326 cx->ks[v(40,(0))] = ss[0] = word_in(key, 0);
327 cx->ks[v(40,(1))] = ss[1] = word_in(key, 1);
328 cx->ks[v(40,(2))] = ss[2] = word_in(key, 2);
329 cx->ks[v(40,(3))] = ss[3] = word_in(key, 3);
330
331 #if DEC_UNROLL == NONE
332 { uint_32t i;
333 for(i = 0; i < 10; ++i)
334 k4e(cx->ks, i);
335 #if !(DEC_ROUND == NO_TABLES)
336 for(i = N_COLS; i < 10 * N_COLS; ++i)
337 cx->ks[i] = inv_mcol(cx->ks[i]);
338 #endif
339 }
340 #else
341 kdf4(cx->ks, 0); kd4(cx->ks, 1);
342 kd4(cx->ks, 2); kd4(cx->ks, 3);
343 kd4(cx->ks, 4); kd4(cx->ks, 5);
344 kd4(cx->ks, 6); kd4(cx->ks, 7);
345 kd4(cx->ks, 8); kdl4(cx->ks, 9);
346 #endif
347 cx->inf.l = 0;
348 cx->inf.b[0] = 10 * 16;
349
350 #ifdef USE_VIA_ACE_IF_PRESENT
351 if(VIA_ACE_AVAILABLE)
352 cx->inf.b[1] = 0xff;
353 #endif
354
355 #if defined( AES_ERR_CHK )
356 return EXIT_SUCCESS;
357 #endif
358 }
359
360 #endif
361
362 #if defined(AES_192) || defined(AES_VAR)
363
364 #define k6ef(k,i) \
365 { k[v(48,(6*(i))+ 6)] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; \
366 k[v(48,(6*(i))+ 7)] = ss[1] ^= ss[0]; \
367 k[v(48,(6*(i))+ 8)] = ss[2] ^= ss[1]; \
368 k[v(48,(6*(i))+ 9)] = ss[3] ^= ss[2]; \
369 }
370
371 #define k6e(k,i) \
372 { k6ef(k,i); \
373 k[v(48,(6*(i))+10)] = ss[4] ^= ss[3]; \
374 k[v(48,(6*(i))+11)] = ss[5] ^= ss[4]; \
375 }
376
377 #define kdf6(k,i) \
378 { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ff(ss[0]); \
379 ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ff(ss[1]); \
380 ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ff(ss[2]); \
381 ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ff(ss[3]); \
382 ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ff(ss[4]); \
383 ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ff(ss[5]); \
384 }
385
386 #define kd6(k,i) \
387 { ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \
388 ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[v(48,(6*(i))+ 6)] = ss[6] ^= k[v(48,(6*(i)))]; \
389 ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[6] ^= k[v(48,(6*(i))+ 1)]; \
390 ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[6] ^= k[v(48,(6*(i))+ 2)]; \
391 ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[6] ^= k[v(48,(6*(i))+ 3)]; \
392 ss[4] ^= ss[3]; k[v(48,(6*(i))+10)] = ss[6] ^= k[v(48,(6*(i))+ 4)]; \
393 ss[5] ^= ss[4]; k[v(48,(6*(i))+11)] = ss[6] ^= k[v(48,(6*(i))+ 5)]; \
394 }
395
396 #define kdl6(k,i) \
397 { ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[v(48,(6*(i))+ 6)] = ss[0]; \
398 ss[1] ^= ss[0]; k[v(48,(6*(i))+ 7)] = ss[1]; \
399 ss[2] ^= ss[1]; k[v(48,(6*(i))+ 8)] = ss[2]; \
400 ss[3] ^= ss[2]; k[v(48,(6*(i))+ 9)] = ss[3]; \
401 }
402
403 AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1])
404 { uint_32t ss[7];
405 #if defined( d_vars )
406 d_vars;
407 #endif
408 cx->ks[v(48,(0))] = ss[0] = word_in(key, 0);
409 cx->ks[v(48,(1))] = ss[1] = word_in(key, 1);
410 cx->ks[v(48,(2))] = ss[2] = word_in(key, 2);
411 cx->ks[v(48,(3))] = ss[3] = word_in(key, 3);
412
413 #if DEC_UNROLL == NONE
414 cx->ks[v(48,(4))] = ss[4] = word_in(key, 4);
415 cx->ks[v(48,(5))] = ss[5] = word_in(key, 5);
416 { uint_32t i;
417
418 for(i = 0; i < 7; ++i)
419 k6e(cx->ks, i);
420 k6ef(cx->ks, 7);
421 #if !(DEC_ROUND == NO_TABLES)
422 for(i = N_COLS; i < 12 * N_COLS; ++i)
423 cx->ks[i] = inv_mcol(cx->ks[i]);
424 #endif
425 }
426 #else
427 cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4));
428 cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5));
429 kdf6(cx->ks, 0); kd6(cx->ks, 1);
430 kd6(cx->ks, 2); kd6(cx->ks, 3);
431 kd6(cx->ks, 4); kd6(cx->ks, 5);
432 kd6(cx->ks, 6); kdl6(cx->ks, 7);
433 #endif
434 cx->inf.l = 0;
435 cx->inf.b[0] = 12 * 16;
436
437 #ifdef USE_VIA_ACE_IF_PRESENT
438 if(VIA_ACE_AVAILABLE)
439 cx->inf.b[1] = 0xff;
440 #endif
441
442 #if defined( AES_ERR_CHK )
443 return EXIT_SUCCESS;
444 #endif
445 }
446
447 #endif
448
449 #if defined(AES_256) || defined(AES_VAR)
450
451 #define k8ef(k,i) \
452 { k[v(56,(8*(i))+ 8)] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; \
453 k[v(56,(8*(i))+ 9)] = ss[1] ^= ss[0]; \
454 k[v(56,(8*(i))+10)] = ss[2] ^= ss[1]; \
455 k[v(56,(8*(i))+11)] = ss[3] ^= ss[2]; \
456 }
457
458 #define k8e(k,i) \
459 { k8ef(k,i); \
460 k[v(56,(8*(i))+12)] = ss[4] ^= ls_box(ss[3],0); \
461 k[v(56,(8*(i))+13)] = ss[5] ^= ss[4]; \
462 k[v(56,(8*(i))+14)] = ss[6] ^= ss[5]; \
463 k[v(56,(8*(i))+15)] = ss[7] ^= ss[6]; \
464 }
465
466 #define kdf8(k,i) \
467 { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ff(ss[0]); \
468 ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ff(ss[1]); \
469 ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ff(ss[2]); \
470 ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ff(ss[3]); \
471 ss[4] ^= ls_box(ss[3],0); k[v(56,(8*(i))+12)] = ff(ss[4]); \
472 ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ff(ss[5]); \
473 ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ff(ss[6]); \
474 ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ff(ss[7]); \
475 }
476
477 #define kd8(k,i) \
478 { ss[8] = ls_box(ss[7],3) ^ t_use(r,c)[i]; \
479 ss[0] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+ 8)] = ss[8] ^= k[v(56,(8*(i)))]; \
480 ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[8] ^= k[v(56,(8*(i))+ 1)]; \
481 ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[8] ^= k[v(56,(8*(i))+ 2)]; \
482 ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[8] ^= k[v(56,(8*(i))+ 3)]; \
483 ss[8] = ls_box(ss[3],0); \
484 ss[4] ^= ss[8]; ss[8] = ff(ss[8]); k[v(56,(8*(i))+12)] = ss[8] ^= k[v(56,(8*(i))+ 4)]; \
485 ss[5] ^= ss[4]; k[v(56,(8*(i))+13)] = ss[8] ^= k[v(56,(8*(i))+ 5)]; \
486 ss[6] ^= ss[5]; k[v(56,(8*(i))+14)] = ss[8] ^= k[v(56,(8*(i))+ 6)]; \
487 ss[7] ^= ss[6]; k[v(56,(8*(i))+15)] = ss[8] ^= k[v(56,(8*(i))+ 7)]; \
488 }
489
490 #define kdl8(k,i) \
491 { ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[v(56,(8*(i))+ 8)] = ss[0]; \
492 ss[1] ^= ss[0]; k[v(56,(8*(i))+ 9)] = ss[1]; \
493 ss[2] ^= ss[1]; k[v(56,(8*(i))+10)] = ss[2]; \
494 ss[3] ^= ss[2]; k[v(56,(8*(i))+11)] = ss[3]; \
495 }
496
497 AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
498 { uint_32t ss[9];
499 #if defined( d_vars )
500 d_vars;
501 #endif
502 cx->ks[v(56,(0))] = ss[0] = word_in(key, 0);
503 cx->ks[v(56,(1))] = ss[1] = word_in(key, 1);
504 cx->ks[v(56,(2))] = ss[2] = word_in(key, 2);
505 cx->ks[v(56,(3))] = ss[3] = word_in(key, 3);
506
507 #if DEC_UNROLL == NONE
508 cx->ks[v(56,(4))] = ss[4] = word_in(key, 4);
509 cx->ks[v(56,(5))] = ss[5] = word_in(key, 5);
510 cx->ks[v(56,(6))] = ss[6] = word_in(key, 6);
511 cx->ks[v(56,(7))] = ss[7] = word_in(key, 7);
512 { uint_32t i;
513
514 for(i = 0; i < 6; ++i)
515 k8e(cx->ks, i);
516 k8ef(cx->ks, 6);
517 #if !(DEC_ROUND == NO_TABLES)
518 for(i = N_COLS; i < 14 * N_COLS; ++i)
519 cx->ks[i] = inv_mcol(cx->ks[i]);
520
521 #endif
522 }
523 #else
524 ss[4] = word_in(key, 4); cx->ks[v(56,(4))] = ff(ss[4]);
525 ss[5] = word_in(key, 5); cx->ks[v(56,(5))] = ff(ss[5]);
526 ss[6] = word_in(key, 6); cx->ks[v(56,(6))] = ff(ss[6]);
527 ss[7] = word_in(key, 7); cx->ks[v(56,(7))] = ff(ss[7]);
528 kdf8(cx->ks, 0); kd8(cx->ks, 1);
529 kd8(cx->ks, 2); kd8(cx->ks, 3);
530 kd8(cx->ks, 4); kd8(cx->ks, 5);
531 kdl8(cx->ks, 6);
532 #endif
533 cx->inf.l = 0;
534 cx->inf.b[0] = 14 * 16;
535
536 #ifdef USE_VIA_ACE_IF_PRESENT
537 if(VIA_ACE_AVAILABLE)
538 cx->inf.b[1] = 0xff;
539 #endif
540
541 #if defined( AES_ERR_CHK )
542 return EXIT_SUCCESS;
543 #endif
544 }
545
546 #endif
547
548 #if defined(AES_VAR)
549
550 AES_RETURN aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
551 {
552 switch(key_len)
553 {
554 #if defined( AES_ERR_CHK )
555 case 16: case 128: return aes_decrypt_key128(key, cx);
556 case 24: case 192: return aes_decrypt_key192(key, cx);
557 case 32: case 256: return aes_decrypt_key256(key, cx);
558 default: return EXIT_FAILURE;
559 #else
560 case 16: case 128: aes_decrypt_key128(key, cx); return;
561 case 24: case 192: aes_decrypt_key192(key, cx); return;
562 case 32: case 256: aes_decrypt_key256(key, cx); return;
563 #endif
564 }
565 }
566
567 #endif
568
569 #endif
570
571 #if defined(__cplusplus)
572 }
573 #endif