LoRaWAN-lib - LoRaWAN MAC layer implementation

Semtech » Code » LoRaWAN-lib

LoRaWAN MAC layer implementation

Dependents: LoRaWAN-demo-72_tjm LoRaWAN-demo-72_jlc LoRaWAN-demo-elmo frdm_LoRa_Connect_Woodstream_Demo_tjm ... more

LoRAWAN-lib is a port of the GitHub LoRaMac-node LoRaWAN MAC layer implementation.

This library depends on the SX1276Lib or SX1272Lib radio drivers depending on the used mbed component shield.

This library depends also on some cryptographic helper functions as well as helper functions for the timers management. These can be found on the example projects under the system directory.

The example projects are:

The LoRaWAN specification specifies different ISM bands operating parameters. These are all implemented under the LoRaMac-board.h file.

In order to select which band to use, please change line 24 of board.h file provided on the examples projects as follows:

EU868

board.h

#define USE_BAND_868

US915

board.h

#define USE_BAND_915

US915 - Hybrid

board.h

#define USE_BAND_915_HYBRID

CN780

board.h

#define USE_BAND_780

EU433

board.h

#define USE_BAND_433

crypto/aes.cpp@0:91d1a7783bb9, 2015-10-20 (annotated)

Committer:: mluis
Date:: Tue Oct 20 13:21:26 2015 +0000
Revision:: 0:91d1a7783bb9

Library creation synchronized with GitHub LoRaMac-node v3.4 (https://github.com/Lora-net/LoRaMac-node)

Who changed what in which revision?

User	Revision	Line number	New contents of line
mluis	0:91d1a7783bb9	1	/*
mluis	0:91d1a7783bb9	2	---------------------------------------------------------------------------
mluis	0:91d1a7783bb9	3	Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved.
mluis	0:91d1a7783bb9	4
mluis	0:91d1a7783bb9	5	LICENSE TERMS
mluis	0:91d1a7783bb9	6
mluis	0:91d1a7783bb9	7	The redistribution and use of this software (with or without changes)
mluis	0:91d1a7783bb9	8	is allowed without the payment of fees or royalties provided that:
mluis	0:91d1a7783bb9	9
mluis	0:91d1a7783bb9	10	1. source code distributions include the above copyright notice, this
mluis	0:91d1a7783bb9	11	list of conditions and the following disclaimer;
mluis	0:91d1a7783bb9	12
mluis	0:91d1a7783bb9	13	2. binary distributions include the above copyright notice, this list
mluis	0:91d1a7783bb9	14	of conditions and the following disclaimer in their documentation;
mluis	0:91d1a7783bb9	15
mluis	0:91d1a7783bb9	16	3. the name of the copyright holder is not used to endorse products
mluis	0:91d1a7783bb9	17	built using this software without specific written permission.
mluis	0:91d1a7783bb9	18
mluis	0:91d1a7783bb9	19	DISCLAIMER
mluis	0:91d1a7783bb9	20
mluis	0:91d1a7783bb9	21	This software is provided 'as is' with no explicit or implied warranties
mluis	0:91d1a7783bb9	22	in respect of its properties, including, but not limited to, correctness
mluis	0:91d1a7783bb9	23	and/or fitness for purpose.
mluis	0:91d1a7783bb9	24	---------------------------------------------------------------------------
mluis	0:91d1a7783bb9	25	Issue 09/09/2006
mluis	0:91d1a7783bb9	26
mluis	0:91d1a7783bb9	27	This is an AES implementation that uses only 8-bit byte operations on the
mluis	0:91d1a7783bb9	28	cipher state (there are options to use 32-bit types if available).
mluis	0:91d1a7783bb9	29
mluis	0:91d1a7783bb9	30	The combination of mix columns and byte substitution used here is based on
mluis	0:91d1a7783bb9	31	that developed by Karl Malbrain. His contribution is acknowledged.
mluis	0:91d1a7783bb9	32	*/
mluis	0:91d1a7783bb9	33
mluis	0:91d1a7783bb9	34	/* define if you have a fast memcpy function on your system */
mluis	0:91d1a7783bb9	35	#if 0
mluis	0:91d1a7783bb9	36	# define HAVE_MEMCPY
mluis	0:91d1a7783bb9	37	# include <string.h>
mluis	0:91d1a7783bb9	38	# if defined( _MSC_VER )
mluis	0:91d1a7783bb9	39	# include <intrin.h>
mluis	0:91d1a7783bb9	40	# pragma intrinsic( memcpy )
mluis	0:91d1a7783bb9	41	# endif
mluis	0:91d1a7783bb9	42	#endif
mluis	0:91d1a7783bb9	43
mluis	0:91d1a7783bb9	44
mluis	0:91d1a7783bb9	45	#include "mbed.h"
mluis	0:91d1a7783bb9	46
mluis	0:91d1a7783bb9	47	/* define if you have fast 32-bit types on your system */
mluis	0:91d1a7783bb9	48	#if 1
mluis	0:91d1a7783bb9	49	# define HAVE_UINT_32T
mluis	0:91d1a7783bb9	50	#endif
mluis	0:91d1a7783bb9	51
mluis	0:91d1a7783bb9	52	/* define if you don't want any tables */
mluis	0:91d1a7783bb9	53	#if 1
mluis	0:91d1a7783bb9	54	# define USE_TABLES
mluis	0:91d1a7783bb9	55	#endif
mluis	0:91d1a7783bb9	56
mluis	0:91d1a7783bb9	57	/* On Intel Core 2 duo VERSION_1 is faster */
mluis	0:91d1a7783bb9	58
mluis	0:91d1a7783bb9	59	/* alternative versions (test for performance on your system) */
mluis	0:91d1a7783bb9	60	#if 1
mluis	0:91d1a7783bb9	61	# define VERSION_1
mluis	0:91d1a7783bb9	62	#endif
mluis	0:91d1a7783bb9	63
mluis	0:91d1a7783bb9	64	#include "aes.h"
mluis	0:91d1a7783bb9	65
mluis	0:91d1a7783bb9	66	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	67	typedef unsigned long uint_32t;
mluis	0:91d1a7783bb9	68	#endif
mluis	0:91d1a7783bb9	69
mluis	0:91d1a7783bb9	70	/* functions for finite field multiplication in the AES Galois field */
mluis	0:91d1a7783bb9	71
mluis	0:91d1a7783bb9	72	#define WPOLY 0x011b
mluis	0:91d1a7783bb9	73	#define BPOLY 0x1b
mluis	0:91d1a7783bb9	74	#define DPOLY 0x008d
mluis	0:91d1a7783bb9	75
mluis	0:91d1a7783bb9	76	#define f1(x) (x)
mluis	0:91d1a7783bb9	77	#define f2(x) ((x << 1) ^ (((x >> 7) & 1) * WPOLY))
mluis	0:91d1a7783bb9	78	#define f4(x) ((x << 2) ^ (((x >> 6) & 1) * WPOLY) ^ (((x >> 6) & 2) * WPOLY))
mluis	0:91d1a7783bb9	79	#define f8(x) ((x << 3) ^ (((x >> 5) & 1) * WPOLY) ^ (((x >> 5) & 2) * WPOLY) \
mluis	0:91d1a7783bb9	80	^ (((x >> 5) & 4) * WPOLY))
mluis	0:91d1a7783bb9	81	#define d2(x) (((x) >> 1) ^ ((x) & 1 ? DPOLY : 0))
mluis	0:91d1a7783bb9	82
mluis	0:91d1a7783bb9	83	#define f3(x) (f2(x) ^ x)
mluis	0:91d1a7783bb9	84	#define f9(x) (f8(x) ^ x)
mluis	0:91d1a7783bb9	85	#define fb(x) (f8(x) ^ f2(x) ^ x)
mluis	0:91d1a7783bb9	86	#define fd(x) (f8(x) ^ f4(x) ^ x)
mluis	0:91d1a7783bb9	87	#define fe(x) (f8(x) ^ f4(x) ^ f2(x))
mluis	0:91d1a7783bb9	88
mluis	0:91d1a7783bb9	89	#if defined( USE_TABLES )
mluis	0:91d1a7783bb9	90
mluis	0:91d1a7783bb9	91	#define sb_data(w) { /* S Box data values */ \
mluis	0:91d1a7783bb9	92	w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
mluis	0:91d1a7783bb9	93	w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
mluis	0:91d1a7783bb9	94	w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
mluis	0:91d1a7783bb9	95	w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
mluis	0:91d1a7783bb9	96	w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
mluis	0:91d1a7783bb9	97	w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
mluis	0:91d1a7783bb9	98	w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
mluis	0:91d1a7783bb9	99	w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
mluis	0:91d1a7783bb9	100	w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
mluis	0:91d1a7783bb9	101	w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
mluis	0:91d1a7783bb9	102	w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
mluis	0:91d1a7783bb9	103	w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
mluis	0:91d1a7783bb9	104	w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
mluis	0:91d1a7783bb9	105	w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
mluis	0:91d1a7783bb9	106	w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
mluis	0:91d1a7783bb9	107	w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
mluis	0:91d1a7783bb9	108	w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
mluis	0:91d1a7783bb9	109	w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
mluis	0:91d1a7783bb9	110	w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
mluis	0:91d1a7783bb9	111	w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
mluis	0:91d1a7783bb9	112	w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
mluis	0:91d1a7783bb9	113	w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
mluis	0:91d1a7783bb9	114	w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
mluis	0:91d1a7783bb9	115	w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
mluis	0:91d1a7783bb9	116	w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
mluis	0:91d1a7783bb9	117	w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
mluis	0:91d1a7783bb9	118	w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
mluis	0:91d1a7783bb9	119	w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
mluis	0:91d1a7783bb9	120	w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
mluis	0:91d1a7783bb9	121	w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
mluis	0:91d1a7783bb9	122	w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
mluis	0:91d1a7783bb9	123	w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) }
mluis	0:91d1a7783bb9	124
mluis	0:91d1a7783bb9	125	#define isb_data(w) { /* inverse S Box data values */ \
mluis	0:91d1a7783bb9	126	w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
mluis	0:91d1a7783bb9	127	w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
mluis	0:91d1a7783bb9	128	w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
mluis	0:91d1a7783bb9	129	w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
mluis	0:91d1a7783bb9	130	w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
mluis	0:91d1a7783bb9	131	w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
mluis	0:91d1a7783bb9	132	w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
mluis	0:91d1a7783bb9	133	w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
mluis	0:91d1a7783bb9	134	w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
mluis	0:91d1a7783bb9	135	w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
mluis	0:91d1a7783bb9	136	w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
mluis	0:91d1a7783bb9	137	w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
mluis	0:91d1a7783bb9	138	w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
mluis	0:91d1a7783bb9	139	w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
mluis	0:91d1a7783bb9	140	w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
mluis	0:91d1a7783bb9	141	w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
mluis	0:91d1a7783bb9	142	w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
mluis	0:91d1a7783bb9	143	w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
mluis	0:91d1a7783bb9	144	w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
mluis	0:91d1a7783bb9	145	w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
mluis	0:91d1a7783bb9	146	w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
mluis	0:91d1a7783bb9	147	w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
mluis	0:91d1a7783bb9	148	w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
mluis	0:91d1a7783bb9	149	w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
mluis	0:91d1a7783bb9	150	w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
mluis	0:91d1a7783bb9	151	w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
mluis	0:91d1a7783bb9	152	w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
mluis	0:91d1a7783bb9	153	w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
mluis	0:91d1a7783bb9	154	w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
mluis	0:91d1a7783bb9	155	w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
mluis	0:91d1a7783bb9	156	w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
mluis	0:91d1a7783bb9	157	w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) }
mluis	0:91d1a7783bb9	158
mluis	0:91d1a7783bb9	159	#define mm_data(w) { /* basic data for forming finite field tables */ \
mluis	0:91d1a7783bb9	160	w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
mluis	0:91d1a7783bb9	161	w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
mluis	0:91d1a7783bb9	162	w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
mluis	0:91d1a7783bb9	163	w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
mluis	0:91d1a7783bb9	164	w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
mluis	0:91d1a7783bb9	165	w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
mluis	0:91d1a7783bb9	166	w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
mluis	0:91d1a7783bb9	167	w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
mluis	0:91d1a7783bb9	168	w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
mluis	0:91d1a7783bb9	169	w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
mluis	0:91d1a7783bb9	170	w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
mluis	0:91d1a7783bb9	171	w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
mluis	0:91d1a7783bb9	172	w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
mluis	0:91d1a7783bb9	173	w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
mluis	0:91d1a7783bb9	174	w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
mluis	0:91d1a7783bb9	175	w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
mluis	0:91d1a7783bb9	176	w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
mluis	0:91d1a7783bb9	177	w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
mluis	0:91d1a7783bb9	178	w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
mluis	0:91d1a7783bb9	179	w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
mluis	0:91d1a7783bb9	180	w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
mluis	0:91d1a7783bb9	181	w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
mluis	0:91d1a7783bb9	182	w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
mluis	0:91d1a7783bb9	183	w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
mluis	0:91d1a7783bb9	184	w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
mluis	0:91d1a7783bb9	185	w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
mluis	0:91d1a7783bb9	186	w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
mluis	0:91d1a7783bb9	187	w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
mluis	0:91d1a7783bb9	188	w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
mluis	0:91d1a7783bb9	189	w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
mluis	0:91d1a7783bb9	190	w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
mluis	0:91d1a7783bb9	191	w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) }
mluis	0:91d1a7783bb9	192
mluis	0:91d1a7783bb9	193	static const uint_8t sbox[256] = sb_data(f1);
mluis	0:91d1a7783bb9	194
mluis	0:91d1a7783bb9	195	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	196	static const uint_8t isbox[256] = isb_data(f1);
mluis	0:91d1a7783bb9	197	#endif
mluis	0:91d1a7783bb9	198
mluis	0:91d1a7783bb9	199	static const uint_8t gfm2_sbox[256] = sb_data(f2);
mluis	0:91d1a7783bb9	200	static const uint_8t gfm3_sbox[256] = sb_data(f3);
mluis	0:91d1a7783bb9	201
mluis	0:91d1a7783bb9	202	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	203	static const uint_8t gfmul_9[256] = mm_data(f9);
mluis	0:91d1a7783bb9	204	static const uint_8t gfmul_b[256] = mm_data(fb);
mluis	0:91d1a7783bb9	205	static const uint_8t gfmul_d[256] = mm_data(fd);
mluis	0:91d1a7783bb9	206	static const uint_8t gfmul_e[256] = mm_data(fe);
mluis	0:91d1a7783bb9	207	#endif
mluis	0:91d1a7783bb9	208
mluis	0:91d1a7783bb9	209	#define s_box(x) sbox[(x)]
mluis	0:91d1a7783bb9	210	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	211	#define is_box(x) isbox[(x)]
mluis	0:91d1a7783bb9	212	#endif
mluis	0:91d1a7783bb9	213	#define gfm2_sb(x) gfm2_sbox[(x)]
mluis	0:91d1a7783bb9	214	#define gfm3_sb(x) gfm3_sbox[(x)]
mluis	0:91d1a7783bb9	215	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	216	#define gfm_9(x) gfmul_9[(x)]
mluis	0:91d1a7783bb9	217	#define gfm_b(x) gfmul_b[(x)]
mluis	0:91d1a7783bb9	218	#define gfm_d(x) gfmul_d[(x)]
mluis	0:91d1a7783bb9	219	#define gfm_e(x) gfmul_e[(x)]
mluis	0:91d1a7783bb9	220	#endif
mluis	0:91d1a7783bb9	221	#else
mluis	0:91d1a7783bb9	222
mluis	0:91d1a7783bb9	223	/* this is the high bit of x right shifted by 1 */
mluis	0:91d1a7783bb9	224	/* position. Since the starting polynomial has */
mluis	0:91d1a7783bb9	225	/* 9 bits (0x11b), this right shift keeps the */
mluis	0:91d1a7783bb9	226	/* values of all top bits within a byte */
mluis	0:91d1a7783bb9	227
mluis	0:91d1a7783bb9	228	static uint_8t hibit(const uint_8t x)
mluis	0:91d1a7783bb9	229	{ uint_8t r = (uint_8t)((x >> 1) \| (x >> 2));
mluis	0:91d1a7783bb9	230
mluis	0:91d1a7783bb9	231	r \|= (r >> 2);
mluis	0:91d1a7783bb9	232	r \|= (r >> 4);
mluis	0:91d1a7783bb9	233	return (r + 1) >> 1;
mluis	0:91d1a7783bb9	234	}
mluis	0:91d1a7783bb9	235
mluis	0:91d1a7783bb9	236	/* return the inverse of the finite field element x */
mluis	0:91d1a7783bb9	237
mluis	0:91d1a7783bb9	238	static uint_8t gf_inv(const uint_8t x)
mluis	0:91d1a7783bb9	239	{ uint_8t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
mluis	0:91d1a7783bb9	240
mluis	0:91d1a7783bb9	241	if(x < 2)
mluis	0:91d1a7783bb9	242	return x;
mluis	0:91d1a7783bb9	243
mluis	0:91d1a7783bb9	244	for( ; ; )
mluis	0:91d1a7783bb9	245	{
mluis	0:91d1a7783bb9	246	if(n1)
mluis	0:91d1a7783bb9	247	while(n2 >= n1) /* divide polynomial p2 by p1 */
mluis	0:91d1a7783bb9	248	{
mluis	0:91d1a7783bb9	249	n2 /= n1; /* shift smaller polynomial left */
mluis	0:91d1a7783bb9	250	p2 ^= (p1 * n2) & 0xff; /* and remove from larger one */
mluis	0:91d1a7783bb9	251	v2 ^= (v1 * n2); /* shift accumulated value and */
mluis	0:91d1a7783bb9	252	n2 = hibit(p2); /* add into result */
mluis	0:91d1a7783bb9	253	}
mluis	0:91d1a7783bb9	254	else
mluis	0:91d1a7783bb9	255	return v1;
mluis	0:91d1a7783bb9	256
mluis	0:91d1a7783bb9	257	if(n2) /* repeat with values swapped */
mluis	0:91d1a7783bb9	258	while(n1 >= n2)
mluis	0:91d1a7783bb9	259	{
mluis	0:91d1a7783bb9	260	n1 /= n2;
mluis	0:91d1a7783bb9	261	p1 ^= p2 * n1;
mluis	0:91d1a7783bb9	262	v1 ^= v2 * n1;
mluis	0:91d1a7783bb9	263	n1 = hibit(p1);
mluis	0:91d1a7783bb9	264	}
mluis	0:91d1a7783bb9	265	else
mluis	0:91d1a7783bb9	266	return v2;
mluis	0:91d1a7783bb9	267	}
mluis	0:91d1a7783bb9	268	}
mluis	0:91d1a7783bb9	269
mluis	0:91d1a7783bb9	270	/* The forward and inverse affine transformations used in the S-box */
mluis	0:91d1a7783bb9	271	uint_8t fwd_affine(const uint_8t x)
mluis	0:91d1a7783bb9	272	{
mluis	0:91d1a7783bb9	273	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	274	uint_32t w = x;
mluis	0:91d1a7783bb9	275	w ^= (w << 1) ^ (w << 2) ^ (w << 3) ^ (w << 4);
mluis	0:91d1a7783bb9	276	return 0x63 ^ ((w ^ (w >> 8)) & 0xff);
mluis	0:91d1a7783bb9	277	#else
mluis	0:91d1a7783bb9	278	return 0x63 ^ x ^ (x << 1) ^ (x << 2) ^ (x << 3) ^ (x << 4)
mluis	0:91d1a7783bb9	279	^ (x >> 7) ^ (x >> 6) ^ (x >> 5) ^ (x >> 4);
mluis	0:91d1a7783bb9	280	#endif
mluis	0:91d1a7783bb9	281	}
mluis	0:91d1a7783bb9	282
mluis	0:91d1a7783bb9	283	uint_8t inv_affine(const uint_8t x)
mluis	0:91d1a7783bb9	284	{
mluis	0:91d1a7783bb9	285	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	286	uint_32t w = x;
mluis	0:91d1a7783bb9	287	w = (w << 1) ^ (w << 3) ^ (w << 6);
mluis	0:91d1a7783bb9	288	return 0x05 ^ ((w ^ (w >> 8)) & 0xff);
mluis	0:91d1a7783bb9	289	#else
mluis	0:91d1a7783bb9	290	return 0x05 ^ (x << 1) ^ (x << 3) ^ (x << 6)
mluis	0:91d1a7783bb9	291	^ (x >> 7) ^ (x >> 5) ^ (x >> 2);
mluis	0:91d1a7783bb9	292	#endif
mluis	0:91d1a7783bb9	293	}
mluis	0:91d1a7783bb9	294
mluis	0:91d1a7783bb9	295	#define s_box(x) fwd_affine(gf_inv(x))
mluis	0:91d1a7783bb9	296	#define is_box(x) gf_inv(inv_affine(x))
mluis	0:91d1a7783bb9	297	#define gfm2_sb(x) f2(s_box(x))
mluis	0:91d1a7783bb9	298	#define gfm3_sb(x) f3(s_box(x))
mluis	0:91d1a7783bb9	299	#define gfm_9(x) f9(x)
mluis	0:91d1a7783bb9	300	#define gfm_b(x) fb(x)
mluis	0:91d1a7783bb9	301	#define gfm_d(x) fd(x)
mluis	0:91d1a7783bb9	302	#define gfm_e(x) fe(x)
mluis	0:91d1a7783bb9	303
mluis	0:91d1a7783bb9	304	#endif
mluis	0:91d1a7783bb9	305
mluis	0:91d1a7783bb9	306	#if defined( HAVE_MEMCPY )
mluis	0:91d1a7783bb9	307	# define block_copy_nn(d, s, l) memcpy(d, s, l)
mluis	0:91d1a7783bb9	308	# define block_copy(d, s) memcpy(d, s, N_BLOCK)
mluis	0:91d1a7783bb9	309	#else
mluis	0:91d1a7783bb9	310	# define block_copy_nn(d, s, l) copy_block_nn(d, s, l)
mluis	0:91d1a7783bb9	311	# define block_copy(d, s) copy_block(d, s)
mluis	0:91d1a7783bb9	312	#endif
mluis	0:91d1a7783bb9	313
mluis	0:91d1a7783bb9	314	static void copy_block( void d, const void s )
mluis	0:91d1a7783bb9	315	{
mluis	0:91d1a7783bb9	316	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	317	((uint_32t)d)[ 0] = ((uint_32t)s)[ 0];
mluis	0:91d1a7783bb9	318	((uint_32t)d)[ 1] = ((uint_32t)s)[ 1];
mluis	0:91d1a7783bb9	319	((uint_32t)d)[ 2] = ((uint_32t)s)[ 2];
mluis	0:91d1a7783bb9	320	((uint_32t)d)[ 3] = ((uint_32t)s)[ 3];
mluis	0:91d1a7783bb9	321	#else
mluis	0:91d1a7783bb9	322	((uint_8t)d)[ 0] = ((uint_8t)s)[ 0];
mluis	0:91d1a7783bb9	323	((uint_8t)d)[ 1] = ((uint_8t)s)[ 1];
mluis	0:91d1a7783bb9	324	((uint_8t)d)[ 2] = ((uint_8t)s)[ 2];
mluis	0:91d1a7783bb9	325	((uint_8t)d)[ 3] = ((uint_8t)s)[ 3];
mluis	0:91d1a7783bb9	326	((uint_8t)d)[ 4] = ((uint_8t)s)[ 4];
mluis	0:91d1a7783bb9	327	((uint_8t)d)[ 5] = ((uint_8t)s)[ 5];
mluis	0:91d1a7783bb9	328	((uint_8t)d)[ 6] = ((uint_8t)s)[ 6];
mluis	0:91d1a7783bb9	329	((uint_8t)d)[ 7] = ((uint_8t)s)[ 7];
mluis	0:91d1a7783bb9	330	((uint_8t)d)[ 8] = ((uint_8t)s)[ 8];
mluis	0:91d1a7783bb9	331	((uint_8t)d)[ 9] = ((uint_8t)s)[ 9];
mluis	0:91d1a7783bb9	332	((uint_8t)d)[10] = ((uint_8t)s)[10];
mluis	0:91d1a7783bb9	333	((uint_8t)d)[11] = ((uint_8t)s)[11];
mluis	0:91d1a7783bb9	334	((uint_8t)d)[12] = ((uint_8t)s)[12];
mluis	0:91d1a7783bb9	335	((uint_8t)d)[13] = ((uint_8t)s)[13];
mluis	0:91d1a7783bb9	336	((uint_8t)d)[14] = ((uint_8t)s)[14];
mluis	0:91d1a7783bb9	337	((uint_8t)d)[15] = ((uint_8t)s)[15];
mluis	0:91d1a7783bb9	338	#endif
mluis	0:91d1a7783bb9	339	}
mluis	0:91d1a7783bb9	340
mluis	0:91d1a7783bb9	341	static void copy_block_nn( uint_8t * d, const uint_8t *s, uint_8t nn )
mluis	0:91d1a7783bb9	342	{
mluis	0:91d1a7783bb9	343	while( nn-- )
mluis	0:91d1a7783bb9	344	//((uint_8t)d)++ = ((uint_8t)s)++;
mluis	0:91d1a7783bb9	345	d++ = s++;
mluis	0:91d1a7783bb9	346	}
mluis	0:91d1a7783bb9	347
mluis	0:91d1a7783bb9	348	static void xor_block( void d, const void s )
mluis	0:91d1a7783bb9	349	{
mluis	0:91d1a7783bb9	350	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	351	((uint_32t)d)[ 0] ^= ((uint_32t)s)[ 0];
mluis	0:91d1a7783bb9	352	((uint_32t)d)[ 1] ^= ((uint_32t)s)[ 1];
mluis	0:91d1a7783bb9	353	((uint_32t)d)[ 2] ^= ((uint_32t)s)[ 2];
mluis	0:91d1a7783bb9	354	((uint_32t)d)[ 3] ^= ((uint_32t)s)[ 3];
mluis	0:91d1a7783bb9	355	#else
mluis	0:91d1a7783bb9	356	((uint_8t)d)[ 0] ^= ((uint_8t)s)[ 0];
mluis	0:91d1a7783bb9	357	((uint_8t)d)[ 1] ^= ((uint_8t)s)[ 1];
mluis	0:91d1a7783bb9	358	((uint_8t)d)[ 2] ^= ((uint_8t)s)[ 2];
mluis	0:91d1a7783bb9	359	((uint_8t)d)[ 3] ^= ((uint_8t)s)[ 3];
mluis	0:91d1a7783bb9	360	((uint_8t)d)[ 4] ^= ((uint_8t)s)[ 4];
mluis	0:91d1a7783bb9	361	((uint_8t)d)[ 5] ^= ((uint_8t)s)[ 5];
mluis	0:91d1a7783bb9	362	((uint_8t)d)[ 6] ^= ((uint_8t)s)[ 6];
mluis	0:91d1a7783bb9	363	((uint_8t)d)[ 7] ^= ((uint_8t)s)[ 7];
mluis	0:91d1a7783bb9	364	((uint_8t)d)[ 8] ^= ((uint_8t)s)[ 8];
mluis	0:91d1a7783bb9	365	((uint_8t)d)[ 9] ^= ((uint_8t)s)[ 9];
mluis	0:91d1a7783bb9	366	((uint_8t)d)[10] ^= ((uint_8t)s)[10];
mluis	0:91d1a7783bb9	367	((uint_8t)d)[11] ^= ((uint_8t)s)[11];
mluis	0:91d1a7783bb9	368	((uint_8t)d)[12] ^= ((uint_8t)s)[12];
mluis	0:91d1a7783bb9	369	((uint_8t)d)[13] ^= ((uint_8t)s)[13];
mluis	0:91d1a7783bb9	370	((uint_8t)d)[14] ^= ((uint_8t)s)[14];
mluis	0:91d1a7783bb9	371	((uint_8t)d)[15] ^= ((uint_8t)s)[15];
mluis	0:91d1a7783bb9	372	#endif
mluis	0:91d1a7783bb9	373	}
mluis	0:91d1a7783bb9	374
mluis	0:91d1a7783bb9	375	static void copy_and_key( void d, const void s, const void *k )
mluis	0:91d1a7783bb9	376	{
mluis	0:91d1a7783bb9	377	#if defined( HAVE_UINT_32T )
mluis	0:91d1a7783bb9	378	((uint_32t)d)[ 0] = ((uint_32t)s)[ 0] ^ ((uint_32t*)k)[ 0];
mluis	0:91d1a7783bb9	379	((uint_32t)d)[ 1] = ((uint_32t)s)[ 1] ^ ((uint_32t*)k)[ 1];
mluis	0:91d1a7783bb9	380	((uint_32t)d)[ 2] = ((uint_32t)s)[ 2] ^ ((uint_32t*)k)[ 2];
mluis	0:91d1a7783bb9	381	((uint_32t)d)[ 3] = ((uint_32t)s)[ 3] ^ ((uint_32t*)k)[ 3];
mluis	0:91d1a7783bb9	382	#elif 1
mluis	0:91d1a7783bb9	383	((uint_8t)d)[ 0] = ((uint_8t)s)[ 0] ^ ((uint_8t*)k)[ 0];
mluis	0:91d1a7783bb9	384	((uint_8t)d)[ 1] = ((uint_8t)s)[ 1] ^ ((uint_8t*)k)[ 1];
mluis	0:91d1a7783bb9	385	((uint_8t)d)[ 2] = ((uint_8t)s)[ 2] ^ ((uint_8t*)k)[ 2];
mluis	0:91d1a7783bb9	386	((uint_8t)d)[ 3] = ((uint_8t)s)[ 3] ^ ((uint_8t*)k)[ 3];
mluis	0:91d1a7783bb9	387	((uint_8t)d)[ 4] = ((uint_8t)s)[ 4] ^ ((uint_8t*)k)[ 4];
mluis	0:91d1a7783bb9	388	((uint_8t)d)[ 5] = ((uint_8t)s)[ 5] ^ ((uint_8t*)k)[ 5];
mluis	0:91d1a7783bb9	389	((uint_8t)d)[ 6] = ((uint_8t)s)[ 6] ^ ((uint_8t*)k)[ 6];
mluis	0:91d1a7783bb9	390	((uint_8t)d)[ 7] = ((uint_8t)s)[ 7] ^ ((uint_8t*)k)[ 7];
mluis	0:91d1a7783bb9	391	((uint_8t)d)[ 8] = ((uint_8t)s)[ 8] ^ ((uint_8t*)k)[ 8];
mluis	0:91d1a7783bb9	392	((uint_8t)d)[ 9] = ((uint_8t)s)[ 9] ^ ((uint_8t*)k)[ 9];
mluis	0:91d1a7783bb9	393	((uint_8t)d)[10] = ((uint_8t)s)[10] ^ ((uint_8t*)k)[10];
mluis	0:91d1a7783bb9	394	((uint_8t)d)[11] = ((uint_8t)s)[11] ^ ((uint_8t*)k)[11];
mluis	0:91d1a7783bb9	395	((uint_8t)d)[12] = ((uint_8t)s)[12] ^ ((uint_8t*)k)[12];
mluis	0:91d1a7783bb9	396	((uint_8t)d)[13] = ((uint_8t)s)[13] ^ ((uint_8t*)k)[13];
mluis	0:91d1a7783bb9	397	((uint_8t)d)[14] = ((uint_8t)s)[14] ^ ((uint_8t*)k)[14];
mluis	0:91d1a7783bb9	398	((uint_8t)d)[15] = ((uint_8t)s)[15] ^ ((uint_8t*)k)[15];
mluis	0:91d1a7783bb9	399	#else
mluis	0:91d1a7783bb9	400	block_copy(d, s);
mluis	0:91d1a7783bb9	401	xor_block(d, k);
mluis	0:91d1a7783bb9	402	#endif
mluis	0:91d1a7783bb9	403	}
mluis	0:91d1a7783bb9	404
mluis	0:91d1a7783bb9	405	static void add_round_key( uint_8t d[N_BLOCK], const uint_8t k[N_BLOCK] )
mluis	0:91d1a7783bb9	406	{
mluis	0:91d1a7783bb9	407	xor_block(d, k);
mluis	0:91d1a7783bb9	408	}
mluis	0:91d1a7783bb9	409
mluis	0:91d1a7783bb9	410	static void shift_sub_rows( uint_8t st[N_BLOCK] )
mluis	0:91d1a7783bb9	411	{ uint_8t tt;
mluis	0:91d1a7783bb9	412
mluis	0:91d1a7783bb9	413	st[ 0] = s_box(st[ 0]); st[ 4] = s_box(st[ 4]);
mluis	0:91d1a7783bb9	414	st[ 8] = s_box(st[ 8]); st[12] = s_box(st[12]);
mluis	0:91d1a7783bb9	415
mluis	0:91d1a7783bb9	416	tt = st[1]; st[ 1] = s_box(st[ 5]); st[ 5] = s_box(st[ 9]);
mluis	0:91d1a7783bb9	417	st[ 9] = s_box(st[13]); st[13] = s_box( tt );
mluis	0:91d1a7783bb9	418
mluis	0:91d1a7783bb9	419	tt = st[2]; st[ 2] = s_box(st[10]); st[10] = s_box( tt );
mluis	0:91d1a7783bb9	420	tt = st[6]; st[ 6] = s_box(st[14]); st[14] = s_box( tt );
mluis	0:91d1a7783bb9	421
mluis	0:91d1a7783bb9	422	tt = st[15]; st[15] = s_box(st[11]); st[11] = s_box(st[ 7]);
mluis	0:91d1a7783bb9	423	st[ 7] = s_box(st[ 3]); st[ 3] = s_box( tt );
mluis	0:91d1a7783bb9	424	}
mluis	0:91d1a7783bb9	425
mluis	0:91d1a7783bb9	426	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	427
mluis	0:91d1a7783bb9	428	static void inv_shift_sub_rows( uint_8t st[N_BLOCK] )
mluis	0:91d1a7783bb9	429	{ uint_8t tt;
mluis	0:91d1a7783bb9	430
mluis	0:91d1a7783bb9	431	st[ 0] = is_box(st[ 0]); st[ 4] = is_box(st[ 4]);
mluis	0:91d1a7783bb9	432	st[ 8] = is_box(st[ 8]); st[12] = is_box(st[12]);
mluis	0:91d1a7783bb9	433
mluis	0:91d1a7783bb9	434	tt = st[13]; st[13] = is_box(st[9]); st[ 9] = is_box(st[5]);
mluis	0:91d1a7783bb9	435	st[ 5] = is_box(st[1]); st[ 1] = is_box( tt );
mluis	0:91d1a7783bb9	436
mluis	0:91d1a7783bb9	437	tt = st[2]; st[ 2] = is_box(st[10]); st[10] = is_box( tt );
mluis	0:91d1a7783bb9	438	tt = st[6]; st[ 6] = is_box(st[14]); st[14] = is_box( tt );
mluis	0:91d1a7783bb9	439
mluis	0:91d1a7783bb9	440	tt = st[3]; st[ 3] = is_box(st[ 7]); st[ 7] = is_box(st[11]);
mluis	0:91d1a7783bb9	441	st[11] = is_box(st[15]); st[15] = is_box( tt );
mluis	0:91d1a7783bb9	442	}
mluis	0:91d1a7783bb9	443
mluis	0:91d1a7783bb9	444	#endif
mluis	0:91d1a7783bb9	445
mluis	0:91d1a7783bb9	446	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	447	static void mix_sub_columns( uint_8t dt[N_BLOCK] )
mluis	0:91d1a7783bb9	448	{ uint_8t st[N_BLOCK];
mluis	0:91d1a7783bb9	449	block_copy(st, dt);
mluis	0:91d1a7783bb9	450	#else
mluis	0:91d1a7783bb9	451	static void mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] )
mluis	0:91d1a7783bb9	452	{
mluis	0:91d1a7783bb9	453	#endif
mluis	0:91d1a7783bb9	454	dt[ 0] = gfm2_sb(st[0]) ^ gfm3_sb(st[5]) ^ s_box(st[10]) ^ s_box(st[15]);
mluis	0:91d1a7783bb9	455	dt[ 1] = s_box(st[0]) ^ gfm2_sb(st[5]) ^ gfm3_sb(st[10]) ^ s_box(st[15]);
mluis	0:91d1a7783bb9	456	dt[ 2] = s_box(st[0]) ^ s_box(st[5]) ^ gfm2_sb(st[10]) ^ gfm3_sb(st[15]);
mluis	0:91d1a7783bb9	457	dt[ 3] = gfm3_sb(st[0]) ^ s_box(st[5]) ^ s_box(st[10]) ^ gfm2_sb(st[15]);
mluis	0:91d1a7783bb9	458
mluis	0:91d1a7783bb9	459	dt[ 4] = gfm2_sb(st[4]) ^ gfm3_sb(st[9]) ^ s_box(st[14]) ^ s_box(st[3]);
mluis	0:91d1a7783bb9	460	dt[ 5] = s_box(st[4]) ^ gfm2_sb(st[9]) ^ gfm3_sb(st[14]) ^ s_box(st[3]);
mluis	0:91d1a7783bb9	461	dt[ 6] = s_box(st[4]) ^ s_box(st[9]) ^ gfm2_sb(st[14]) ^ gfm3_sb(st[3]);
mluis	0:91d1a7783bb9	462	dt[ 7] = gfm3_sb(st[4]) ^ s_box(st[9]) ^ s_box(st[14]) ^ gfm2_sb(st[3]);
mluis	0:91d1a7783bb9	463
mluis	0:91d1a7783bb9	464	dt[ 8] = gfm2_sb(st[8]) ^ gfm3_sb(st[13]) ^ s_box(st[2]) ^ s_box(st[7]);
mluis	0:91d1a7783bb9	465	dt[ 9] = s_box(st[8]) ^ gfm2_sb(st[13]) ^ gfm3_sb(st[2]) ^ s_box(st[7]);
mluis	0:91d1a7783bb9	466	dt[10] = s_box(st[8]) ^ s_box(st[13]) ^ gfm2_sb(st[2]) ^ gfm3_sb(st[7]);
mluis	0:91d1a7783bb9	467	dt[11] = gfm3_sb(st[8]) ^ s_box(st[13]) ^ s_box(st[2]) ^ gfm2_sb(st[7]);
mluis	0:91d1a7783bb9	468
mluis	0:91d1a7783bb9	469	dt[12] = gfm2_sb(st[12]) ^ gfm3_sb(st[1]) ^ s_box(st[6]) ^ s_box(st[11]);
mluis	0:91d1a7783bb9	470	dt[13] = s_box(st[12]) ^ gfm2_sb(st[1]) ^ gfm3_sb(st[6]) ^ s_box(st[11]);
mluis	0:91d1a7783bb9	471	dt[14] = s_box(st[12]) ^ s_box(st[1]) ^ gfm2_sb(st[6]) ^ gfm3_sb(st[11]);
mluis	0:91d1a7783bb9	472	dt[15] = gfm3_sb(st[12]) ^ s_box(st[1]) ^ s_box(st[6]) ^ gfm2_sb(st[11]);
mluis	0:91d1a7783bb9	473	}
mluis	0:91d1a7783bb9	474
mluis	0:91d1a7783bb9	475	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	476
mluis	0:91d1a7783bb9	477	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	478	static void inv_mix_sub_columns( uint_8t dt[N_BLOCK] )
mluis	0:91d1a7783bb9	479	{ uint_8t st[N_BLOCK];
mluis	0:91d1a7783bb9	480	block_copy(st, dt);
mluis	0:91d1a7783bb9	481	#else
mluis	0:91d1a7783bb9	482	static void inv_mix_sub_columns( uint_8t dt[N_BLOCK], uint_8t st[N_BLOCK] )
mluis	0:91d1a7783bb9	483	{
mluis	0:91d1a7783bb9	484	#endif
mluis	0:91d1a7783bb9	485	dt[ 0] = is_box(gfm_e(st[ 0]) ^ gfm_b(st[ 1]) ^ gfm_d(st[ 2]) ^ gfm_9(st[ 3]));
mluis	0:91d1a7783bb9	486	dt[ 5] = is_box(gfm_9(st[ 0]) ^ gfm_e(st[ 1]) ^ gfm_b(st[ 2]) ^ gfm_d(st[ 3]));
mluis	0:91d1a7783bb9	487	dt[10] = is_box(gfm_d(st[ 0]) ^ gfm_9(st[ 1]) ^ gfm_e(st[ 2]) ^ gfm_b(st[ 3]));
mluis	0:91d1a7783bb9	488	dt[15] = is_box(gfm_b(st[ 0]) ^ gfm_d(st[ 1]) ^ gfm_9(st[ 2]) ^ gfm_e(st[ 3]));
mluis	0:91d1a7783bb9	489
mluis	0:91d1a7783bb9	490	dt[ 4] = is_box(gfm_e(st[ 4]) ^ gfm_b(st[ 5]) ^ gfm_d(st[ 6]) ^ gfm_9(st[ 7]));
mluis	0:91d1a7783bb9	491	dt[ 9] = is_box(gfm_9(st[ 4]) ^ gfm_e(st[ 5]) ^ gfm_b(st[ 6]) ^ gfm_d(st[ 7]));
mluis	0:91d1a7783bb9	492	dt[14] = is_box(gfm_d(st[ 4]) ^ gfm_9(st[ 5]) ^ gfm_e(st[ 6]) ^ gfm_b(st[ 7]));
mluis	0:91d1a7783bb9	493	dt[ 3] = is_box(gfm_b(st[ 4]) ^ gfm_d(st[ 5]) ^ gfm_9(st[ 6]) ^ gfm_e(st[ 7]));
mluis	0:91d1a7783bb9	494
mluis	0:91d1a7783bb9	495	dt[ 8] = is_box(gfm_e(st[ 8]) ^ gfm_b(st[ 9]) ^ gfm_d(st[10]) ^ gfm_9(st[11]));
mluis	0:91d1a7783bb9	496	dt[13] = is_box(gfm_9(st[ 8]) ^ gfm_e(st[ 9]) ^ gfm_b(st[10]) ^ gfm_d(st[11]));
mluis	0:91d1a7783bb9	497	dt[ 2] = is_box(gfm_d(st[ 8]) ^ gfm_9(st[ 9]) ^ gfm_e(st[10]) ^ gfm_b(st[11]));
mluis	0:91d1a7783bb9	498	dt[ 7] = is_box(gfm_b(st[ 8]) ^ gfm_d(st[ 9]) ^ gfm_9(st[10]) ^ gfm_e(st[11]));
mluis	0:91d1a7783bb9	499
mluis	0:91d1a7783bb9	500	dt[12] = is_box(gfm_e(st[12]) ^ gfm_b(st[13]) ^ gfm_d(st[14]) ^ gfm_9(st[15]));
mluis	0:91d1a7783bb9	501	dt[ 1] = is_box(gfm_9(st[12]) ^ gfm_e(st[13]) ^ gfm_b(st[14]) ^ gfm_d(st[15]));
mluis	0:91d1a7783bb9	502	dt[ 6] = is_box(gfm_d(st[12]) ^ gfm_9(st[13]) ^ gfm_e(st[14]) ^ gfm_b(st[15]));
mluis	0:91d1a7783bb9	503	dt[11] = is_box(gfm_b(st[12]) ^ gfm_d(st[13]) ^ gfm_9(st[14]) ^ gfm_e(st[15]));
mluis	0:91d1a7783bb9	504	}
mluis	0:91d1a7783bb9	505
mluis	0:91d1a7783bb9	506	#endif
mluis	0:91d1a7783bb9	507
mluis	0:91d1a7783bb9	508	#if defined( AES_ENC_PREKEYED ) \|\| defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	509
mluis	0:91d1a7783bb9	510	/* Set the cipher key for the pre-keyed version */
mluis	0:91d1a7783bb9	511
mluis	0:91d1a7783bb9	512	return_type aes_set_key( const unsigned char key[], length_type keylen, aes_context ctx[1] )
mluis	0:91d1a7783bb9	513	{
mluis	0:91d1a7783bb9	514	uint_8t cc, rc, hi;
mluis	0:91d1a7783bb9	515
mluis	0:91d1a7783bb9	516	switch( keylen )
mluis	0:91d1a7783bb9	517	{
mluis	0:91d1a7783bb9	518	case 16:
mluis	0:91d1a7783bb9	519	case 24:
mluis	0:91d1a7783bb9	520	case 32:
mluis	0:91d1a7783bb9	521	break;
mluis	0:91d1a7783bb9	522	default:
mluis	0:91d1a7783bb9	523	ctx->rnd = 0;
mluis	0:91d1a7783bb9	524	return ( uint_8t )-1;
mluis	0:91d1a7783bb9	525	}
mluis	0:91d1a7783bb9	526	block_copy_nn(ctx->ksch, key, keylen);
mluis	0:91d1a7783bb9	527	hi = (keylen + 28) << 2;
mluis	0:91d1a7783bb9	528	ctx->rnd = (hi >> 4) - 1;
mluis	0:91d1a7783bb9	529	for( cc = keylen, rc = 1; cc < hi; cc += 4 )
mluis	0:91d1a7783bb9	530	{ uint_8t tt, t0, t1, t2, t3;
mluis	0:91d1a7783bb9	531
mluis	0:91d1a7783bb9	532	t0 = ctx->ksch[cc - 4];
mluis	0:91d1a7783bb9	533	t1 = ctx->ksch[cc - 3];
mluis	0:91d1a7783bb9	534	t2 = ctx->ksch[cc - 2];
mluis	0:91d1a7783bb9	535	t3 = ctx->ksch[cc - 1];
mluis	0:91d1a7783bb9	536	if( cc % keylen == 0 )
mluis	0:91d1a7783bb9	537	{
mluis	0:91d1a7783bb9	538	tt = t0;
mluis	0:91d1a7783bb9	539	t0 = s_box(t1) ^ rc;
mluis	0:91d1a7783bb9	540	t1 = s_box(t2);
mluis	0:91d1a7783bb9	541	t2 = s_box(t3);
mluis	0:91d1a7783bb9	542	t3 = s_box(tt);
mluis	0:91d1a7783bb9	543	rc = f2(rc);
mluis	0:91d1a7783bb9	544	}
mluis	0:91d1a7783bb9	545	else if( keylen > 24 && cc % keylen == 16 )
mluis	0:91d1a7783bb9	546	{
mluis	0:91d1a7783bb9	547	t0 = s_box(t0);
mluis	0:91d1a7783bb9	548	t1 = s_box(t1);
mluis	0:91d1a7783bb9	549	t2 = s_box(t2);
mluis	0:91d1a7783bb9	550	t3 = s_box(t3);
mluis	0:91d1a7783bb9	551	}
mluis	0:91d1a7783bb9	552	tt = cc - keylen;
mluis	0:91d1a7783bb9	553	ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0;
mluis	0:91d1a7783bb9	554	ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1;
mluis	0:91d1a7783bb9	555	ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2;
mluis	0:91d1a7783bb9	556	ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3;
mluis	0:91d1a7783bb9	557	}
mluis	0:91d1a7783bb9	558	return 0;
mluis	0:91d1a7783bb9	559	}
mluis	0:91d1a7783bb9	560
mluis	0:91d1a7783bb9	561	#endif
mluis	0:91d1a7783bb9	562
mluis	0:91d1a7783bb9	563	#if defined( AES_ENC_PREKEYED )
mluis	0:91d1a7783bb9	564
mluis	0:91d1a7783bb9	565	/* Encrypt a single block of 16 bytes */
mluis	0:91d1a7783bb9	566
mluis	0:91d1a7783bb9	567	return_type aes_encrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] )
mluis	0:91d1a7783bb9	568	{
mluis	0:91d1a7783bb9	569	if( ctx->rnd )
mluis	0:91d1a7783bb9	570	{
mluis	0:91d1a7783bb9	571	uint_8t s1[N_BLOCK], r;
mluis	0:91d1a7783bb9	572	copy_and_key( s1, in, ctx->ksch );
mluis	0:91d1a7783bb9	573
mluis	0:91d1a7783bb9	574	for( r = 1 ; r < ctx->rnd ; ++r )
mluis	0:91d1a7783bb9	575	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	576	{
mluis	0:91d1a7783bb9	577	mix_sub_columns( s1 );
mluis	0:91d1a7783bb9	578	add_round_key( s1, ctx->ksch + r * N_BLOCK);
mluis	0:91d1a7783bb9	579	}
mluis	0:91d1a7783bb9	580	#else
mluis	0:91d1a7783bb9	581	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	582	mix_sub_columns( s2, s1 );
mluis	0:91d1a7783bb9	583	copy_and_key( s1, s2, ctx->ksch + r * N_BLOCK);
mluis	0:91d1a7783bb9	584	}
mluis	0:91d1a7783bb9	585	#endif
mluis	0:91d1a7783bb9	586	shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	587	copy_and_key( out, s1, ctx->ksch + r * N_BLOCK );
mluis	0:91d1a7783bb9	588	}
mluis	0:91d1a7783bb9	589	else
mluis	0:91d1a7783bb9	590	return ( uint_8t )-1;
mluis	0:91d1a7783bb9	591	return 0;
mluis	0:91d1a7783bb9	592	}
mluis	0:91d1a7783bb9	593
mluis	0:91d1a7783bb9	594	/* CBC encrypt a number of blocks (input and return an IV) */
mluis	0:91d1a7783bb9	595
mluis	0:91d1a7783bb9	596	return_type aes_cbc_encrypt( const unsigned char in, unsigned char out,
mluis	0:91d1a7783bb9	597	int n_block, unsigned char iv[N_BLOCK], const aes_context ctx[1] )
mluis	0:91d1a7783bb9	598	{
mluis	0:91d1a7783bb9	599
mluis	0:91d1a7783bb9	600	while(n_block--)
mluis	0:91d1a7783bb9	601	{
mluis	0:91d1a7783bb9	602	xor_block(iv, in);
mluis	0:91d1a7783bb9	603	if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS)
mluis	0:91d1a7783bb9	604	return EXIT_FAILURE;
mluis	0:91d1a7783bb9	605	//memcpy(out, iv, N_BLOCK);
mluis	0:91d1a7783bb9	606	block_copy(out, iv);
mluis	0:91d1a7783bb9	607	in += N_BLOCK;
mluis	0:91d1a7783bb9	608	out += N_BLOCK;
mluis	0:91d1a7783bb9	609	}
mluis	0:91d1a7783bb9	610	return EXIT_SUCCESS;
mluis	0:91d1a7783bb9	611	}
mluis	0:91d1a7783bb9	612
mluis	0:91d1a7783bb9	613	#endif
mluis	0:91d1a7783bb9	614
mluis	0:91d1a7783bb9	615	#if defined( AES_DEC_PREKEYED )
mluis	0:91d1a7783bb9	616
mluis	0:91d1a7783bb9	617	/* Decrypt a single block of 16 bytes */
mluis	0:91d1a7783bb9	618
mluis	0:91d1a7783bb9	619	return_type aes_decrypt( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK], const aes_context ctx[1] )
mluis	0:91d1a7783bb9	620	{
mluis	0:91d1a7783bb9	621	if( ctx->rnd )
mluis	0:91d1a7783bb9	622	{
mluis	0:91d1a7783bb9	623	uint_8t s1[N_BLOCK], r;
mluis	0:91d1a7783bb9	624	copy_and_key( s1, in, ctx->ksch + ctx->rnd * N_BLOCK );
mluis	0:91d1a7783bb9	625	inv_shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	626
mluis	0:91d1a7783bb9	627	for( r = ctx->rnd ; --r ; )
mluis	0:91d1a7783bb9	628	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	629	{
mluis	0:91d1a7783bb9	630	add_round_key( s1, ctx->ksch + r * N_BLOCK );
mluis	0:91d1a7783bb9	631	inv_mix_sub_columns( s1 );
mluis	0:91d1a7783bb9	632	}
mluis	0:91d1a7783bb9	633	#else
mluis	0:91d1a7783bb9	634	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	635	copy_and_key( s2, s1, ctx->ksch + r * N_BLOCK );
mluis	0:91d1a7783bb9	636	inv_mix_sub_columns( s1, s2 );
mluis	0:91d1a7783bb9	637	}
mluis	0:91d1a7783bb9	638	#endif
mluis	0:91d1a7783bb9	639	copy_and_key( out, s1, ctx->ksch );
mluis	0:91d1a7783bb9	640	}
mluis	0:91d1a7783bb9	641	else
mluis	0:91d1a7783bb9	642	return -1;
mluis	0:91d1a7783bb9	643	return 0;
mluis	0:91d1a7783bb9	644	}
mluis	0:91d1a7783bb9	645
mluis	0:91d1a7783bb9	646	/* CBC decrypt a number of blocks (input and return an IV) */
mluis	0:91d1a7783bb9	647
mluis	0:91d1a7783bb9	648	return_type aes_cbc_decrypt( const unsigned char in, unsigned char out,
mluis	0:91d1a7783bb9	649	int n_block, unsigned char iv[N_BLOCK], const aes_context ctx[1] )
mluis	0:91d1a7783bb9	650	{
mluis	0:91d1a7783bb9	651	while(n_block--)
mluis	0:91d1a7783bb9	652	{ uint_8t tmp[N_BLOCK];
mluis	0:91d1a7783bb9	653
mluis	0:91d1a7783bb9	654	//memcpy(tmp, in, N_BLOCK);
mluis	0:91d1a7783bb9	655	block_copy(tmp, in);
mluis	0:91d1a7783bb9	656	if(aes_decrypt(in, out, ctx) != EXIT_SUCCESS)
mluis	0:91d1a7783bb9	657	return EXIT_FAILURE;
mluis	0:91d1a7783bb9	658	xor_block(out, iv);
mluis	0:91d1a7783bb9	659	//memcpy(iv, tmp, N_BLOCK);
mluis	0:91d1a7783bb9	660	block_copy(iv, tmp);
mluis	0:91d1a7783bb9	661	in += N_BLOCK;
mluis	0:91d1a7783bb9	662	out += N_BLOCK;
mluis	0:91d1a7783bb9	663	}
mluis	0:91d1a7783bb9	664	return EXIT_SUCCESS;
mluis	0:91d1a7783bb9	665	}
mluis	0:91d1a7783bb9	666
mluis	0:91d1a7783bb9	667	#endif
mluis	0:91d1a7783bb9	668
mluis	0:91d1a7783bb9	669	#if defined( AES_ENC_128_OTFK )
mluis	0:91d1a7783bb9	670
mluis	0:91d1a7783bb9	671	/* The 'on the fly' encryption key update for for 128 bit keys */
mluis	0:91d1a7783bb9	672
mluis	0:91d1a7783bb9	673	static void update_encrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc )
mluis	0:91d1a7783bb9	674	{ uint_8t cc;
mluis	0:91d1a7783bb9	675
mluis	0:91d1a7783bb9	676	k[0] ^= s_box(k[13]) ^ *rc;
mluis	0:91d1a7783bb9	677	k[1] ^= s_box(k[14]);
mluis	0:91d1a7783bb9	678	k[2] ^= s_box(k[15]);
mluis	0:91d1a7783bb9	679	k[3] ^= s_box(k[12]);
mluis	0:91d1a7783bb9	680	rc = f2( rc );
mluis	0:91d1a7783bb9	681
mluis	0:91d1a7783bb9	682	for(cc = 4; cc < 16; cc += 4 )
mluis	0:91d1a7783bb9	683	{
mluis	0:91d1a7783bb9	684	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	685	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	686	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	687	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	688	}
mluis	0:91d1a7783bb9	689	}
mluis	0:91d1a7783bb9	690
mluis	0:91d1a7783bb9	691	/* Encrypt a single block of 16 bytes with 'on the fly' 128 bit keying */
mluis	0:91d1a7783bb9	692
mluis	0:91d1a7783bb9	693	void aes_encrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK],
mluis	0:91d1a7783bb9	694	const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] )
mluis	0:91d1a7783bb9	695	{ uint_8t s1[N_BLOCK], r, rc = 1;
mluis	0:91d1a7783bb9	696
mluis	0:91d1a7783bb9	697	if(o_key != key)
mluis	0:91d1a7783bb9	698	block_copy( o_key, key );
mluis	0:91d1a7783bb9	699	copy_and_key( s1, in, o_key );
mluis	0:91d1a7783bb9	700
mluis	0:91d1a7783bb9	701	for( r = 1 ; r < 10 ; ++r )
mluis	0:91d1a7783bb9	702	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	703	{
mluis	0:91d1a7783bb9	704	mix_sub_columns( s1 );
mluis	0:91d1a7783bb9	705	update_encrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	706	add_round_key( s1, o_key );
mluis	0:91d1a7783bb9	707	}
mluis	0:91d1a7783bb9	708	#else
mluis	0:91d1a7783bb9	709	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	710	mix_sub_columns( s2, s1 );
mluis	0:91d1a7783bb9	711	update_encrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	712	copy_and_key( s1, s2, o_key );
mluis	0:91d1a7783bb9	713	}
mluis	0:91d1a7783bb9	714	#endif
mluis	0:91d1a7783bb9	715
mluis	0:91d1a7783bb9	716	shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	717	update_encrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	718	copy_and_key( out, s1, o_key );
mluis	0:91d1a7783bb9	719	}
mluis	0:91d1a7783bb9	720
mluis	0:91d1a7783bb9	721	#endif
mluis	0:91d1a7783bb9	722
mluis	0:91d1a7783bb9	723	#if defined( AES_DEC_128_OTFK )
mluis	0:91d1a7783bb9	724
mluis	0:91d1a7783bb9	725	/* The 'on the fly' decryption key update for for 128 bit keys */
mluis	0:91d1a7783bb9	726
mluis	0:91d1a7783bb9	727	static void update_decrypt_key_128( uint_8t k[N_BLOCK], uint_8t *rc )
mluis	0:91d1a7783bb9	728	{ uint_8t cc;
mluis	0:91d1a7783bb9	729
mluis	0:91d1a7783bb9	730	for( cc = 12; cc > 0; cc -= 4 )
mluis	0:91d1a7783bb9	731	{
mluis	0:91d1a7783bb9	732	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	733	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	734	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	735	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	736	}
mluis	0:91d1a7783bb9	737	rc = d2(rc);
mluis	0:91d1a7783bb9	738	k[0] ^= s_box(k[13]) ^ *rc;
mluis	0:91d1a7783bb9	739	k[1] ^= s_box(k[14]);
mluis	0:91d1a7783bb9	740	k[2] ^= s_box(k[15]);
mluis	0:91d1a7783bb9	741	k[3] ^= s_box(k[12]);
mluis	0:91d1a7783bb9	742	}
mluis	0:91d1a7783bb9	743
mluis	0:91d1a7783bb9	744	/* Decrypt a single block of 16 bytes with 'on the fly' 128 bit keying */
mluis	0:91d1a7783bb9	745
mluis	0:91d1a7783bb9	746	void aes_decrypt_128( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK],
mluis	0:91d1a7783bb9	747	const unsigned char key[N_BLOCK], unsigned char o_key[N_BLOCK] )
mluis	0:91d1a7783bb9	748	{
mluis	0:91d1a7783bb9	749	uint_8t s1[N_BLOCK], r, rc = 0x6c;
mluis	0:91d1a7783bb9	750	if(o_key != key)
mluis	0:91d1a7783bb9	751	block_copy( o_key, key );
mluis	0:91d1a7783bb9	752
mluis	0:91d1a7783bb9	753	copy_and_key( s1, in, o_key );
mluis	0:91d1a7783bb9	754	inv_shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	755
mluis	0:91d1a7783bb9	756	for( r = 10 ; --r ; )
mluis	0:91d1a7783bb9	757	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	758	{
mluis	0:91d1a7783bb9	759	update_decrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	760	add_round_key( s1, o_key );
mluis	0:91d1a7783bb9	761	inv_mix_sub_columns( s1 );
mluis	0:91d1a7783bb9	762	}
mluis	0:91d1a7783bb9	763	#else
mluis	0:91d1a7783bb9	764	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	765	update_decrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	766	copy_and_key( s2, s1, o_key );
mluis	0:91d1a7783bb9	767	inv_mix_sub_columns( s1, s2 );
mluis	0:91d1a7783bb9	768	}
mluis	0:91d1a7783bb9	769	#endif
mluis	0:91d1a7783bb9	770	update_decrypt_key_128( o_key, &rc );
mluis	0:91d1a7783bb9	771	copy_and_key( out, s1, o_key );
mluis	0:91d1a7783bb9	772	}
mluis	0:91d1a7783bb9	773
mluis	0:91d1a7783bb9	774	#endif
mluis	0:91d1a7783bb9	775
mluis	0:91d1a7783bb9	776	#if defined( AES_ENC_256_OTFK )
mluis	0:91d1a7783bb9	777
mluis	0:91d1a7783bb9	778	/* The 'on the fly' encryption key update for for 256 bit keys */
mluis	0:91d1a7783bb9	779
mluis	0:91d1a7783bb9	780	static void update_encrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc )
mluis	0:91d1a7783bb9	781	{ uint_8t cc;
mluis	0:91d1a7783bb9	782
mluis	0:91d1a7783bb9	783	k[0] ^= s_box(k[29]) ^ *rc;
mluis	0:91d1a7783bb9	784	k[1] ^= s_box(k[30]);
mluis	0:91d1a7783bb9	785	k[2] ^= s_box(k[31]);
mluis	0:91d1a7783bb9	786	k[3] ^= s_box(k[28]);
mluis	0:91d1a7783bb9	787	rc = f2( rc );
mluis	0:91d1a7783bb9	788
mluis	0:91d1a7783bb9	789	for(cc = 4; cc < 16; cc += 4)
mluis	0:91d1a7783bb9	790	{
mluis	0:91d1a7783bb9	791	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	792	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	793	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	794	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	795	}
mluis	0:91d1a7783bb9	796
mluis	0:91d1a7783bb9	797	k[16] ^= s_box(k[12]);
mluis	0:91d1a7783bb9	798	k[17] ^= s_box(k[13]);
mluis	0:91d1a7783bb9	799	k[18] ^= s_box(k[14]);
mluis	0:91d1a7783bb9	800	k[19] ^= s_box(k[15]);
mluis	0:91d1a7783bb9	801
mluis	0:91d1a7783bb9	802	for( cc = 20; cc < 32; cc += 4 )
mluis	0:91d1a7783bb9	803	{
mluis	0:91d1a7783bb9	804	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	805	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	806	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	807	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	808	}
mluis	0:91d1a7783bb9	809	}
mluis	0:91d1a7783bb9	810
mluis	0:91d1a7783bb9	811	/* Encrypt a single block of 16 bytes with 'on the fly' 256 bit keying */
mluis	0:91d1a7783bb9	812
mluis	0:91d1a7783bb9	813	void aes_encrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK],
mluis	0:91d1a7783bb9	814	const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] )
mluis	0:91d1a7783bb9	815	{
mluis	0:91d1a7783bb9	816	uint_8t s1[N_BLOCK], r, rc = 1;
mluis	0:91d1a7783bb9	817	if(o_key != key)
mluis	0:91d1a7783bb9	818	{
mluis	0:91d1a7783bb9	819	block_copy( o_key, key );
mluis	0:91d1a7783bb9	820	block_copy( o_key + 16, key + 16 );
mluis	0:91d1a7783bb9	821	}
mluis	0:91d1a7783bb9	822	copy_and_key( s1, in, o_key );
mluis	0:91d1a7783bb9	823
mluis	0:91d1a7783bb9	824	for( r = 1 ; r < 14 ; ++r )
mluis	0:91d1a7783bb9	825	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	826	{
mluis	0:91d1a7783bb9	827	mix_sub_columns(s1);
mluis	0:91d1a7783bb9	828	if( r & 1 )
mluis	0:91d1a7783bb9	829	add_round_key( s1, o_key + 16 );
mluis	0:91d1a7783bb9	830	else
mluis	0:91d1a7783bb9	831	{
mluis	0:91d1a7783bb9	832	update_encrypt_key_256( o_key, &rc );
mluis	0:91d1a7783bb9	833	add_round_key( s1, o_key );
mluis	0:91d1a7783bb9	834	}
mluis	0:91d1a7783bb9	835	}
mluis	0:91d1a7783bb9	836	#else
mluis	0:91d1a7783bb9	837	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	838	mix_sub_columns( s2, s1 );
mluis	0:91d1a7783bb9	839	if( r & 1 )
mluis	0:91d1a7783bb9	840	copy_and_key( s1, s2, o_key + 16 );
mluis	0:91d1a7783bb9	841	else
mluis	0:91d1a7783bb9	842	{
mluis	0:91d1a7783bb9	843	update_encrypt_key_256( o_key, &rc );
mluis	0:91d1a7783bb9	844	copy_and_key( s1, s2, o_key );
mluis	0:91d1a7783bb9	845	}
mluis	0:91d1a7783bb9	846	}
mluis	0:91d1a7783bb9	847	#endif
mluis	0:91d1a7783bb9	848
mluis	0:91d1a7783bb9	849	shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	850	update_encrypt_key_256( o_key, &rc );
mluis	0:91d1a7783bb9	851	copy_and_key( out, s1, o_key );
mluis	0:91d1a7783bb9	852	}
mluis	0:91d1a7783bb9	853
mluis	0:91d1a7783bb9	854	#endif
mluis	0:91d1a7783bb9	855
mluis	0:91d1a7783bb9	856	#if defined( AES_DEC_256_OTFK )
mluis	0:91d1a7783bb9	857
mluis	0:91d1a7783bb9	858	/* The 'on the fly' encryption key update for for 256 bit keys */
mluis	0:91d1a7783bb9	859
mluis	0:91d1a7783bb9	860	static void update_decrypt_key_256( uint_8t k[2 * N_BLOCK], uint_8t *rc )
mluis	0:91d1a7783bb9	861	{ uint_8t cc;
mluis	0:91d1a7783bb9	862
mluis	0:91d1a7783bb9	863	for(cc = 28; cc > 16; cc -= 4)
mluis	0:91d1a7783bb9	864	{
mluis	0:91d1a7783bb9	865	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	866	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	867	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	868	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	869	}
mluis	0:91d1a7783bb9	870
mluis	0:91d1a7783bb9	871	k[16] ^= s_box(k[12]);
mluis	0:91d1a7783bb9	872	k[17] ^= s_box(k[13]);
mluis	0:91d1a7783bb9	873	k[18] ^= s_box(k[14]);
mluis	0:91d1a7783bb9	874	k[19] ^= s_box(k[15]);
mluis	0:91d1a7783bb9	875
mluis	0:91d1a7783bb9	876	for(cc = 12; cc > 0; cc -= 4)
mluis	0:91d1a7783bb9	877	{
mluis	0:91d1a7783bb9	878	k[cc + 0] ^= k[cc - 4];
mluis	0:91d1a7783bb9	879	k[cc + 1] ^= k[cc - 3];
mluis	0:91d1a7783bb9	880	k[cc + 2] ^= k[cc - 2];
mluis	0:91d1a7783bb9	881	k[cc + 3] ^= k[cc - 1];
mluis	0:91d1a7783bb9	882	}
mluis	0:91d1a7783bb9	883
mluis	0:91d1a7783bb9	884	rc = d2(rc);
mluis	0:91d1a7783bb9	885	k[0] ^= s_box(k[29]) ^ *rc;
mluis	0:91d1a7783bb9	886	k[1] ^= s_box(k[30]);
mluis	0:91d1a7783bb9	887	k[2] ^= s_box(k[31]);
mluis	0:91d1a7783bb9	888	k[3] ^= s_box(k[28]);
mluis	0:91d1a7783bb9	889	}
mluis	0:91d1a7783bb9	890
mluis	0:91d1a7783bb9	891	/* Decrypt a single block of 16 bytes with 'on the fly'
mluis	0:91d1a7783bb9	892	256 bit keying
mluis	0:91d1a7783bb9	893	*/
mluis	0:91d1a7783bb9	894	void aes_decrypt_256( const unsigned char in[N_BLOCK], unsigned char out[N_BLOCK],
mluis	0:91d1a7783bb9	895	const unsigned char key[2 * N_BLOCK], unsigned char o_key[2 * N_BLOCK] )
mluis	0:91d1a7783bb9	896	{
mluis	0:91d1a7783bb9	897	uint_8t s1[N_BLOCK], r, rc = 0x80;
mluis	0:91d1a7783bb9	898
mluis	0:91d1a7783bb9	899	if(o_key != key)
mluis	0:91d1a7783bb9	900	{
mluis	0:91d1a7783bb9	901	block_copy( o_key, key );
mluis	0:91d1a7783bb9	902	block_copy( o_key + 16, key + 16 );
mluis	0:91d1a7783bb9	903	}
mluis	0:91d1a7783bb9	904
mluis	0:91d1a7783bb9	905	copy_and_key( s1, in, o_key );
mluis	0:91d1a7783bb9	906	inv_shift_sub_rows( s1 );
mluis	0:91d1a7783bb9	907
mluis	0:91d1a7783bb9	908	for( r = 14 ; --r ; )
mluis	0:91d1a7783bb9	909	#if defined( VERSION_1 )
mluis	0:91d1a7783bb9	910	{
mluis	0:91d1a7783bb9	911	if( ( r & 1 ) )
mluis	0:91d1a7783bb9	912	{
mluis	0:91d1a7783bb9	913	update_decrypt_key_256( o_key, &rc );
mluis	0:91d1a7783bb9	914	add_round_key( s1, o_key + 16 );
mluis	0:91d1a7783bb9	915	}
mluis	0:91d1a7783bb9	916	else
mluis	0:91d1a7783bb9	917	add_round_key( s1, o_key );
mluis	0:91d1a7783bb9	918	inv_mix_sub_columns( s1 );
mluis	0:91d1a7783bb9	919	}
mluis	0:91d1a7783bb9	920	#else
mluis	0:91d1a7783bb9	921	{ uint_8t s2[N_BLOCK];
mluis	0:91d1a7783bb9	922	if( ( r & 1 ) )
mluis	0:91d1a7783bb9	923	{
mluis	0:91d1a7783bb9	924	update_decrypt_key_256( o_key, &rc );
mluis	0:91d1a7783bb9	925	copy_and_key( s2, s1, o_key + 16 );
mluis	0:91d1a7783bb9	926	}
mluis	0:91d1a7783bb9	927	else
mluis	0:91d1a7783bb9	928	copy_and_key( s2, s1, o_key );
mluis	0:91d1a7783bb9	929	inv_mix_sub_columns( s1, s2 );
mluis	0:91d1a7783bb9	930	}
mluis	0:91d1a7783bb9	931	#endif
mluis	0:91d1a7783bb9	932	copy_and_key( out, s1, o_key );
mluis	0:91d1a7783bb9	933	}
mluis	0:91d1a7783bb9	934
mluis	0:91d1a7783bb9	935	#endif

Repository toolbox

Import into Keil Studio

Export to desktop IDE

Repository details

Type:	Library
Created:	28 Sep 2015
Imports:	829
Forks:	8
Commits:	12
Dependents:	56
Dependencies:	0
Followers:	182

board.h

board.h

board.h

board.h

board.h

crypto/aes.cpp@0:91d1a7783bb9, 2015-10-20 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning