Use LoRaWAN on mDot with IKS01A1 sensor board plugged into UDK board.

Dependencies:   X_NUCLEO_IKS01A1 mbed LoRaWAN-lib SX1272Lib

Fork of LoRaWAN-demo-72 by Semtech

This project uses IKS01A1 driver library with pin definitions for mDot UDK arduino headers.
The mDot platform doesnt define arduino header pins, so they must be defined in the IKS01A1 driver library header.

Committer:
dudmuck
Date:
Wed Aug 17 23:56:43 2016 +0000
Revision:
6:72ea69843556
Parent:
3:3152aa75c58d
use LoRaWAN on mDot with IKS01A1 sensor board

Who changed what in which revision?

UserRevisionLine numberNew contents of line
mluis 0:45496a70a8a5 1 /*
mluis 0:45496a70a8a5 2 ---------------------------------------------------------------------------
mluis 0:45496a70a8a5 3 Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved.
mluis 0:45496a70a8a5 4
mluis 0:45496a70a8a5 5 LICENSE TERMS
mluis 0:45496a70a8a5 6
mluis 0:45496a70a8a5 7 The redistribution and use of this software (with or without changes)
mluis 0:45496a70a8a5 8 is allowed without the payment of fees or royalties provided that:
mluis 0:45496a70a8a5 9
mluis 0:45496a70a8a5 10 1. source code distributions include the above copyright notice, this
mluis 0:45496a70a8a5 11 list of conditions and the following disclaimer;
mluis 0:45496a70a8a5 12
mluis 0:45496a70a8a5 13 2. binary distributions include the above copyright notice, this list
mluis 0:45496a70a8a5 14 of conditions and the following disclaimer in their documentation;
mluis 0:45496a70a8a5 15
mluis 0:45496a70a8a5 16 3. the name of the copyright holder is not used to endorse products
mluis 0:45496a70a8a5 17 built using this software without specific written permission.
mluis 0:45496a70a8a5 18
mluis 0:45496a70a8a5 19 DISCLAIMER
mluis 0:45496a70a8a5 20
mluis 0:45496a70a8a5 21 This software is provided 'as is' with no explicit or implied warranties
mluis 0:45496a70a8a5 22 in respect of its properties, including, but not limited to, correctness
mluis 0:45496a70a8a5 23 and/or fitness for purpose.
mluis 0:45496a70a8a5 24 ---------------------------------------------------------------------------
mluis 0:45496a70a8a5 25 Issue 09/09/2006
mluis 0:45496a70a8a5 26
mluis 0:45496a70a8a5 27 This is an AES implementation that uses only 8-bit byte operations on the
mluis 0:45496a70a8a5 28 cipher state (there are options to use 32-bit types if available).
mluis 0:45496a70a8a5 29
mluis 0:45496a70a8a5 30 The combination of mix columns and byte substitution used here is based on
mluis 0:45496a70a8a5 31 that developed by Karl Malbrain. His contribution is acknowledged.
mluis 0:45496a70a8a5 32 */
mluis 0:45496a70a8a5 33
mluis 0:45496a70a8a5 34 /* define if you have a fast memcpy function on your system */
mluis 0:45496a70a8a5 35 #if 0
mluis 0:45496a70a8a5 36 # define HAVE_MEMCPY
mluis 0:45496a70a8a5 37 # include <string.h>
mluis 0:45496a70a8a5 38 # if defined( _MSC_VER )
mluis 0:45496a70a8a5 39 # include <intrin.h>
mluis 0:45496a70a8a5 40 # pragma intrinsic( memcpy )
mluis 0:45496a70a8a5 41 # endif
mluis 0:45496a70a8a5 42 #endif
mluis 0:45496a70a8a5 43
mluis 0:45496a70a8a5 44
mluis 0:45496a70a8a5 45 #include <stdlib.h>
mluis 0:45496a70a8a5 46 #include <stdint.h>
mluis 0:45496a70a8a5 47
mluis 0:45496a70a8a5 48 /* define if you have fast 32-bit types on your system */
mluis 3:3152aa75c58d 49 #if ( __CORTEX_M != 0 ) // if Cortex is different from M0/M0+
mluis 0:45496a70a8a5 50 # define HAVE_UINT_32T
mluis 0:45496a70a8a5 51 #endif
mluis 0:45496a70a8a5 52
mluis 0:45496a70a8a5 53 /* define if you don't want any tables */
mluis 0:45496a70a8a5 54 #if 1
mluis 0:45496a70a8a5 55 # define USE_TABLES
mluis 0:45496a70a8a5 56 #endif
mluis 0:45496a70a8a5 57
mluis 0:45496a70a8a5 58 /* On Intel Core 2 duo VERSION_1 is faster */
mluis 0:45496a70a8a5 59
mluis 0:45496a70a8a5 60 /* alternative versions (test for performance on your system) */
mluis 0:45496a70a8a5 61 #if 1
mluis 0:45496a70a8a5 62 # define VERSION_1
mluis 0:45496a70a8a5 63 #endif
mluis 0:45496a70a8a5 64
mluis 0:45496a70a8a5 65 #include "aes.h"
mluis 0:45496a70a8a5 66
mluis 0:45496a70a8a5 67 //#if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 68 // typedef unsigned long uint32_t;
mluis 0:45496a70a8a5 69 //#endif
mluis 0:45496a70a8a5 70
mluis 0:45496a70a8a5 71 /* functions for finite field multiplication in the AES Galois field */
mluis 0:45496a70a8a5 72
mluis 0:45496a70a8a5 73 #define WPOLY 0x011b
mluis 0:45496a70a8a5 74 #define BPOLY 0x1b
mluis 0:45496a70a8a5 75 #define DPOLY 0x008d
mluis 0:45496a70a8a5 76
mluis 0:45496a70a8a5 77 #define f1(x) (x)
mluis 0:45496a70a8a5 78 #define f2(x) ((x << 1) ^ (((x >> 7) & 1) * WPOLY))
mluis 0:45496a70a8a5 79 #define f4(x) ((x << 2) ^ (((x >> 6) & 1) * WPOLY) ^ (((x >> 6) & 2) * WPOLY))
mluis 0:45496a70a8a5 80 #define f8(x) ((x << 3) ^ (((x >> 5) & 1) * WPOLY) ^ (((x >> 5) & 2) * WPOLY) \
mluis 0:45496a70a8a5 81 ^ (((x >> 5) & 4) * WPOLY))
mluis 0:45496a70a8a5 82 #define d2(x) (((x) >> 1) ^ ((x) & 1 ? DPOLY : 0))
mluis 0:45496a70a8a5 83
mluis 0:45496a70a8a5 84 #define f3(x) (f2(x) ^ x)
mluis 0:45496a70a8a5 85 #define f9(x) (f8(x) ^ x)
mluis 0:45496a70a8a5 86 #define fb(x) (f8(x) ^ f2(x) ^ x)
mluis 0:45496a70a8a5 87 #define fd(x) (f8(x) ^ f4(x) ^ x)
mluis 0:45496a70a8a5 88 #define fe(x) (f8(x) ^ f4(x) ^ f2(x))
mluis 0:45496a70a8a5 89
mluis 0:45496a70a8a5 90 #if defined( USE_TABLES )
mluis 0:45496a70a8a5 91
mluis 0:45496a70a8a5 92 #define sb_data(w) { /* S Box data values */ \
mluis 0:45496a70a8a5 93 w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
mluis 0:45496a70a8a5 94 w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
mluis 0:45496a70a8a5 95 w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
mluis 0:45496a70a8a5 96 w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
mluis 0:45496a70a8a5 97 w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
mluis 0:45496a70a8a5 98 w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
mluis 0:45496a70a8a5 99 w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
mluis 0:45496a70a8a5 100 w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
mluis 0:45496a70a8a5 101 w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
mluis 0:45496a70a8a5 102 w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
mluis 0:45496a70a8a5 103 w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
mluis 0:45496a70a8a5 104 w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
mluis 0:45496a70a8a5 105 w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
mluis 0:45496a70a8a5 106 w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
mluis 0:45496a70a8a5 107 w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
mluis 0:45496a70a8a5 108 w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
mluis 0:45496a70a8a5 109 w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
mluis 0:45496a70a8a5 110 w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
mluis 0:45496a70a8a5 111 w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
mluis 0:45496a70a8a5 112 w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
mluis 0:45496a70a8a5 113 w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
mluis 0:45496a70a8a5 114 w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
mluis 0:45496a70a8a5 115 w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
mluis 0:45496a70a8a5 116 w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
mluis 0:45496a70a8a5 117 w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
mluis 0:45496a70a8a5 118 w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
mluis 0:45496a70a8a5 119 w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
mluis 0:45496a70a8a5 120 w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
mluis 0:45496a70a8a5 121 w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
mluis 0:45496a70a8a5 122 w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
mluis 0:45496a70a8a5 123 w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
mluis 0:45496a70a8a5 124 w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) }
mluis 0:45496a70a8a5 125
mluis 0:45496a70a8a5 126 #define isb_data(w) { /* inverse S Box data values */ \
mluis 0:45496a70a8a5 127 w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
mluis 0:45496a70a8a5 128 w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
mluis 0:45496a70a8a5 129 w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
mluis 0:45496a70a8a5 130 w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
mluis 0:45496a70a8a5 131 w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
mluis 0:45496a70a8a5 132 w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
mluis 0:45496a70a8a5 133 w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
mluis 0:45496a70a8a5 134 w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
mluis 0:45496a70a8a5 135 w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
mluis 0:45496a70a8a5 136 w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
mluis 0:45496a70a8a5 137 w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
mluis 0:45496a70a8a5 138 w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
mluis 0:45496a70a8a5 139 w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
mluis 0:45496a70a8a5 140 w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
mluis 0:45496a70a8a5 141 w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
mluis 0:45496a70a8a5 142 w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
mluis 0:45496a70a8a5 143 w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
mluis 0:45496a70a8a5 144 w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
mluis 0:45496a70a8a5 145 w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
mluis 0:45496a70a8a5 146 w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
mluis 0:45496a70a8a5 147 w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
mluis 0:45496a70a8a5 148 w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
mluis 0:45496a70a8a5 149 w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
mluis 0:45496a70a8a5 150 w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
mluis 0:45496a70a8a5 151 w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
mluis 0:45496a70a8a5 152 w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
mluis 0:45496a70a8a5 153 w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
mluis 0:45496a70a8a5 154 w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
mluis 0:45496a70a8a5 155 w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
mluis 0:45496a70a8a5 156 w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
mluis 0:45496a70a8a5 157 w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
mluis 0:45496a70a8a5 158 w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) }
mluis 0:45496a70a8a5 159
mluis 0:45496a70a8a5 160 #define mm_data(w) { /* basic data for forming finite field tables */ \
mluis 0:45496a70a8a5 161 w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
mluis 0:45496a70a8a5 162 w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
mluis 0:45496a70a8a5 163 w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
mluis 0:45496a70a8a5 164 w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
mluis 0:45496a70a8a5 165 w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
mluis 0:45496a70a8a5 166 w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
mluis 0:45496a70a8a5 167 w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
mluis 0:45496a70a8a5 168 w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
mluis 0:45496a70a8a5 169 w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
mluis 0:45496a70a8a5 170 w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
mluis 0:45496a70a8a5 171 w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
mluis 0:45496a70a8a5 172 w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
mluis 0:45496a70a8a5 173 w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
mluis 0:45496a70a8a5 174 w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
mluis 0:45496a70a8a5 175 w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
mluis 0:45496a70a8a5 176 w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
mluis 0:45496a70a8a5 177 w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
mluis 0:45496a70a8a5 178 w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
mluis 0:45496a70a8a5 179 w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
mluis 0:45496a70a8a5 180 w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
mluis 0:45496a70a8a5 181 w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
mluis 0:45496a70a8a5 182 w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
mluis 0:45496a70a8a5 183 w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
mluis 0:45496a70a8a5 184 w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
mluis 0:45496a70a8a5 185 w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
mluis 0:45496a70a8a5 186 w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
mluis 0:45496a70a8a5 187 w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
mluis 0:45496a70a8a5 188 w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
mluis 0:45496a70a8a5 189 w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
mluis 0:45496a70a8a5 190 w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
mluis 0:45496a70a8a5 191 w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
mluis 0:45496a70a8a5 192 w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) }
mluis 0:45496a70a8a5 193
mluis 0:45496a70a8a5 194 static const uint8_t sbox[256] = sb_data(f1);
mluis 0:45496a70a8a5 195
mluis 0:45496a70a8a5 196 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 197 static const uint8_t isbox[256] = isb_data(f1);
mluis 0:45496a70a8a5 198 #endif
mluis 0:45496a70a8a5 199
mluis 0:45496a70a8a5 200 static const uint8_t gfm2_sbox[256] = sb_data(f2);
mluis 0:45496a70a8a5 201 static const uint8_t gfm3_sbox[256] = sb_data(f3);
mluis 0:45496a70a8a5 202
mluis 0:45496a70a8a5 203 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 204 static const uint8_t gfmul_9[256] = mm_data(f9);
mluis 0:45496a70a8a5 205 static const uint8_t gfmul_b[256] = mm_data(fb);
mluis 0:45496a70a8a5 206 static const uint8_t gfmul_d[256] = mm_data(fd);
mluis 0:45496a70a8a5 207 static const uint8_t gfmul_e[256] = mm_data(fe);
mluis 0:45496a70a8a5 208 #endif
mluis 0:45496a70a8a5 209
mluis 0:45496a70a8a5 210 #define s_box(x) sbox[(x)]
mluis 0:45496a70a8a5 211 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 212 #define is_box(x) isbox[(x)]
mluis 0:45496a70a8a5 213 #endif
mluis 0:45496a70a8a5 214 #define gfm2_sb(x) gfm2_sbox[(x)]
mluis 0:45496a70a8a5 215 #define gfm3_sb(x) gfm3_sbox[(x)]
mluis 0:45496a70a8a5 216 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 217 #define gfm_9(x) gfmul_9[(x)]
mluis 0:45496a70a8a5 218 #define gfm_b(x) gfmul_b[(x)]
mluis 0:45496a70a8a5 219 #define gfm_d(x) gfmul_d[(x)]
mluis 0:45496a70a8a5 220 #define gfm_e(x) gfmul_e[(x)]
mluis 0:45496a70a8a5 221 #endif
mluis 0:45496a70a8a5 222 #else
mluis 0:45496a70a8a5 223
mluis 0:45496a70a8a5 224 /* this is the high bit of x right shifted by 1 */
mluis 0:45496a70a8a5 225 /* position. Since the starting polynomial has */
mluis 0:45496a70a8a5 226 /* 9 bits (0x11b), this right shift keeps the */
mluis 0:45496a70a8a5 227 /* values of all top bits within a byte */
mluis 0:45496a70a8a5 228
mluis 0:45496a70a8a5 229 static uint8_t hibit(const uint8_t x)
mluis 0:45496a70a8a5 230 { uint8_t r = (uint8_t)((x >> 1) | (x >> 2));
mluis 0:45496a70a8a5 231
mluis 0:45496a70a8a5 232 r |= (r >> 2);
mluis 0:45496a70a8a5 233 r |= (r >> 4);
mluis 0:45496a70a8a5 234 return (r + 1) >> 1;
mluis 0:45496a70a8a5 235 }
mluis 0:45496a70a8a5 236
mluis 0:45496a70a8a5 237 /* return the inverse of the finite field element x */
mluis 0:45496a70a8a5 238
mluis 0:45496a70a8a5 239 static uint8_t gf_inv(const uint8_t x)
mluis 0:45496a70a8a5 240 { uint8_t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
mluis 0:45496a70a8a5 241
mluis 3:3152aa75c58d 242 if(x < 2)
mluis 0:45496a70a8a5 243 return x;
mluis 0:45496a70a8a5 244
mluis 0:45496a70a8a5 245 for( ; ; )
mluis 0:45496a70a8a5 246 {
mluis 0:45496a70a8a5 247 if(n1)
mluis 0:45496a70a8a5 248 while(n2 >= n1) /* divide polynomial p2 by p1 */
mluis 0:45496a70a8a5 249 {
mluis 3:3152aa75c58d 250 n2 /= n1; /* shift smaller polynomial left */
mluis 0:45496a70a8a5 251 p2 ^= (p1 * n2) & 0xff; /* and remove from larger one */
mluis 3:3152aa75c58d 252 v2 ^= (v1 * n2); /* shift accumulated value and */
mluis 0:45496a70a8a5 253 n2 = hibit(p2); /* add into result */
mluis 0:45496a70a8a5 254 }
mluis 0:45496a70a8a5 255 else
mluis 0:45496a70a8a5 256 return v1;
mluis 0:45496a70a8a5 257
mluis 3:3152aa75c58d 258 if(n2) /* repeat with values swapped */
mluis 0:45496a70a8a5 259 while(n1 >= n2)
mluis 0:45496a70a8a5 260 {
mluis 3:3152aa75c58d 261 n1 /= n2;
mluis 3:3152aa75c58d 262 p1 ^= p2 * n1;
mluis 3:3152aa75c58d 263 v1 ^= v2 * n1;
mluis 0:45496a70a8a5 264 n1 = hibit(p1);
mluis 0:45496a70a8a5 265 }
mluis 0:45496a70a8a5 266 else
mluis 0:45496a70a8a5 267 return v2;
mluis 0:45496a70a8a5 268 }
mluis 0:45496a70a8a5 269 }
mluis 0:45496a70a8a5 270
mluis 0:45496a70a8a5 271 /* The forward and inverse affine transformations used in the S-box */
mluis 0:45496a70a8a5 272 uint8_t fwd_affine(const uint8_t x)
mluis 3:3152aa75c58d 273 {
mluis 0:45496a70a8a5 274 #if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 275 uint32_t w = x;
mluis 0:45496a70a8a5 276 w ^= (w << 1) ^ (w << 2) ^ (w << 3) ^ (w << 4);
mluis 0:45496a70a8a5 277 return 0x63 ^ ((w ^ (w >> 8)) & 0xff);
mluis 0:45496a70a8a5 278 #else
mluis 3:3152aa75c58d 279 return 0x63 ^ x ^ (x << 1) ^ (x << 2) ^ (x << 3) ^ (x << 4)
mluis 0:45496a70a8a5 280 ^ (x >> 7) ^ (x >> 6) ^ (x >> 5) ^ (x >> 4);
mluis 0:45496a70a8a5 281 #endif
mluis 0:45496a70a8a5 282 }
mluis 0:45496a70a8a5 283
mluis 0:45496a70a8a5 284 uint8_t inv_affine(const uint8_t x)
mluis 0:45496a70a8a5 285 {
mluis 0:45496a70a8a5 286 #if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 287 uint32_t w = x;
mluis 0:45496a70a8a5 288 w = (w << 1) ^ (w << 3) ^ (w << 6);
mluis 0:45496a70a8a5 289 return 0x05 ^ ((w ^ (w >> 8)) & 0xff);
mluis 0:45496a70a8a5 290 #else
mluis 3:3152aa75c58d 291 return 0x05 ^ (x << 1) ^ (x << 3) ^ (x << 6)
mluis 0:45496a70a8a5 292 ^ (x >> 7) ^ (x >> 5) ^ (x >> 2);
mluis 0:45496a70a8a5 293 #endif
mluis 0:45496a70a8a5 294 }
mluis 0:45496a70a8a5 295
mluis 0:45496a70a8a5 296 #define s_box(x) fwd_affine(gf_inv(x))
mluis 0:45496a70a8a5 297 #define is_box(x) gf_inv(inv_affine(x))
mluis 0:45496a70a8a5 298 #define gfm2_sb(x) f2(s_box(x))
mluis 0:45496a70a8a5 299 #define gfm3_sb(x) f3(s_box(x))
mluis 0:45496a70a8a5 300 #define gfm_9(x) f9(x)
mluis 0:45496a70a8a5 301 #define gfm_b(x) fb(x)
mluis 0:45496a70a8a5 302 #define gfm_d(x) fd(x)
mluis 0:45496a70a8a5 303 #define gfm_e(x) fe(x)
mluis 0:45496a70a8a5 304
mluis 0:45496a70a8a5 305 #endif
mluis 0:45496a70a8a5 306
mluis 0:45496a70a8a5 307 #if defined( HAVE_MEMCPY )
mluis 0:45496a70a8a5 308 # define block_copy_nn(d, s, l) memcpy(d, s, l)
mluis 0:45496a70a8a5 309 # define block_copy(d, s) memcpy(d, s, N_BLOCK)
mluis 0:45496a70a8a5 310 #else
mluis 0:45496a70a8a5 311 # define block_copy_nn(d, s, l) copy_block_nn(d, s, l)
mluis 0:45496a70a8a5 312 # define block_copy(d, s) copy_block(d, s)
mluis 0:45496a70a8a5 313 #endif
mluis 0:45496a70a8a5 314
mluis 0:45496a70a8a5 315 static void copy_block( void *d, const void *s )
mluis 0:45496a70a8a5 316 {
mluis 0:45496a70a8a5 317 #if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 318 ((uint32_t*)d)[ 0] = ((uint32_t*)s)[ 0];
mluis 0:45496a70a8a5 319 ((uint32_t*)d)[ 1] = ((uint32_t*)s)[ 1];
mluis 0:45496a70a8a5 320 ((uint32_t*)d)[ 2] = ((uint32_t*)s)[ 2];
mluis 0:45496a70a8a5 321 ((uint32_t*)d)[ 3] = ((uint32_t*)s)[ 3];
mluis 0:45496a70a8a5 322 #else
mluis 0:45496a70a8a5 323 ((uint8_t*)d)[ 0] = ((uint8_t*)s)[ 0];
mluis 0:45496a70a8a5 324 ((uint8_t*)d)[ 1] = ((uint8_t*)s)[ 1];
mluis 0:45496a70a8a5 325 ((uint8_t*)d)[ 2] = ((uint8_t*)s)[ 2];
mluis 0:45496a70a8a5 326 ((uint8_t*)d)[ 3] = ((uint8_t*)s)[ 3];
mluis 0:45496a70a8a5 327 ((uint8_t*)d)[ 4] = ((uint8_t*)s)[ 4];
mluis 0:45496a70a8a5 328 ((uint8_t*)d)[ 5] = ((uint8_t*)s)[ 5];
mluis 0:45496a70a8a5 329 ((uint8_t*)d)[ 6] = ((uint8_t*)s)[ 6];
mluis 0:45496a70a8a5 330 ((uint8_t*)d)[ 7] = ((uint8_t*)s)[ 7];
mluis 0:45496a70a8a5 331 ((uint8_t*)d)[ 8] = ((uint8_t*)s)[ 8];
mluis 0:45496a70a8a5 332 ((uint8_t*)d)[ 9] = ((uint8_t*)s)[ 9];
mluis 0:45496a70a8a5 333 ((uint8_t*)d)[10] = ((uint8_t*)s)[10];
mluis 0:45496a70a8a5 334 ((uint8_t*)d)[11] = ((uint8_t*)s)[11];
mluis 0:45496a70a8a5 335 ((uint8_t*)d)[12] = ((uint8_t*)s)[12];
mluis 0:45496a70a8a5 336 ((uint8_t*)d)[13] = ((uint8_t*)s)[13];
mluis 0:45496a70a8a5 337 ((uint8_t*)d)[14] = ((uint8_t*)s)[14];
mluis 0:45496a70a8a5 338 ((uint8_t*)d)[15] = ((uint8_t*)s)[15];
mluis 0:45496a70a8a5 339 #endif
mluis 0:45496a70a8a5 340 }
mluis 0:45496a70a8a5 341
mluis 0:45496a70a8a5 342 static void copy_block_nn( uint8_t * d, const uint8_t *s, uint8_t nn )
mluis 0:45496a70a8a5 343 {
mluis 0:45496a70a8a5 344 while( nn-- )
mluis 0:45496a70a8a5 345 //*((uint8_t*)d)++ = *((uint8_t*)s)++;
mluis 0:45496a70a8a5 346 *d++ = *s++;
mluis 0:45496a70a8a5 347 }
mluis 0:45496a70a8a5 348
mluis 0:45496a70a8a5 349 static void xor_block( void *d, const void *s )
mluis 0:45496a70a8a5 350 {
mluis 0:45496a70a8a5 351 #if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 352 ((uint32_t*)d)[ 0] ^= ((uint32_t*)s)[ 0];
mluis 0:45496a70a8a5 353 ((uint32_t*)d)[ 1] ^= ((uint32_t*)s)[ 1];
mluis 0:45496a70a8a5 354 ((uint32_t*)d)[ 2] ^= ((uint32_t*)s)[ 2];
mluis 0:45496a70a8a5 355 ((uint32_t*)d)[ 3] ^= ((uint32_t*)s)[ 3];
mluis 0:45496a70a8a5 356 #else
mluis 0:45496a70a8a5 357 ((uint8_t*)d)[ 0] ^= ((uint8_t*)s)[ 0];
mluis 0:45496a70a8a5 358 ((uint8_t*)d)[ 1] ^= ((uint8_t*)s)[ 1];
mluis 0:45496a70a8a5 359 ((uint8_t*)d)[ 2] ^= ((uint8_t*)s)[ 2];
mluis 0:45496a70a8a5 360 ((uint8_t*)d)[ 3] ^= ((uint8_t*)s)[ 3];
mluis 0:45496a70a8a5 361 ((uint8_t*)d)[ 4] ^= ((uint8_t*)s)[ 4];
mluis 0:45496a70a8a5 362 ((uint8_t*)d)[ 5] ^= ((uint8_t*)s)[ 5];
mluis 0:45496a70a8a5 363 ((uint8_t*)d)[ 6] ^= ((uint8_t*)s)[ 6];
mluis 0:45496a70a8a5 364 ((uint8_t*)d)[ 7] ^= ((uint8_t*)s)[ 7];
mluis 0:45496a70a8a5 365 ((uint8_t*)d)[ 8] ^= ((uint8_t*)s)[ 8];
mluis 0:45496a70a8a5 366 ((uint8_t*)d)[ 9] ^= ((uint8_t*)s)[ 9];
mluis 0:45496a70a8a5 367 ((uint8_t*)d)[10] ^= ((uint8_t*)s)[10];
mluis 0:45496a70a8a5 368 ((uint8_t*)d)[11] ^= ((uint8_t*)s)[11];
mluis 0:45496a70a8a5 369 ((uint8_t*)d)[12] ^= ((uint8_t*)s)[12];
mluis 0:45496a70a8a5 370 ((uint8_t*)d)[13] ^= ((uint8_t*)s)[13];
mluis 0:45496a70a8a5 371 ((uint8_t*)d)[14] ^= ((uint8_t*)s)[14];
mluis 0:45496a70a8a5 372 ((uint8_t*)d)[15] ^= ((uint8_t*)s)[15];
mluis 0:45496a70a8a5 373 #endif
mluis 0:45496a70a8a5 374 }
mluis 0:45496a70a8a5 375
mluis 0:45496a70a8a5 376 static void copy_and_key( void *d, const void *s, const void *k )
mluis 0:45496a70a8a5 377 {
mluis 0:45496a70a8a5 378 #if defined( HAVE_UINT_32T )
mluis 0:45496a70a8a5 379 ((uint32_t*)d)[ 0] = ((uint32_t*)s)[ 0] ^ ((uint32_t*)k)[ 0];
mluis 0:45496a70a8a5 380 ((uint32_t*)d)[ 1] = ((uint32_t*)s)[ 1] ^ ((uint32_t*)k)[ 1];
mluis 0:45496a70a8a5 381 ((uint32_t*)d)[ 2] = ((uint32_t*)s)[ 2] ^ ((uint32_t*)k)[ 2];
mluis 0:45496a70a8a5 382 ((uint32_t*)d)[ 3] = ((uint32_t*)s)[ 3] ^ ((uint32_t*)k)[ 3];
mluis 0:45496a70a8a5 383 #elif 1
mluis 0:45496a70a8a5 384 ((uint8_t*)d)[ 0] = ((uint8_t*)s)[ 0] ^ ((uint8_t*)k)[ 0];
mluis 0:45496a70a8a5 385 ((uint8_t*)d)[ 1] = ((uint8_t*)s)[ 1] ^ ((uint8_t*)k)[ 1];
mluis 0:45496a70a8a5 386 ((uint8_t*)d)[ 2] = ((uint8_t*)s)[ 2] ^ ((uint8_t*)k)[ 2];
mluis 0:45496a70a8a5 387 ((uint8_t*)d)[ 3] = ((uint8_t*)s)[ 3] ^ ((uint8_t*)k)[ 3];
mluis 0:45496a70a8a5 388 ((uint8_t*)d)[ 4] = ((uint8_t*)s)[ 4] ^ ((uint8_t*)k)[ 4];
mluis 0:45496a70a8a5 389 ((uint8_t*)d)[ 5] = ((uint8_t*)s)[ 5] ^ ((uint8_t*)k)[ 5];
mluis 0:45496a70a8a5 390 ((uint8_t*)d)[ 6] = ((uint8_t*)s)[ 6] ^ ((uint8_t*)k)[ 6];
mluis 0:45496a70a8a5 391 ((uint8_t*)d)[ 7] = ((uint8_t*)s)[ 7] ^ ((uint8_t*)k)[ 7];
mluis 0:45496a70a8a5 392 ((uint8_t*)d)[ 8] = ((uint8_t*)s)[ 8] ^ ((uint8_t*)k)[ 8];
mluis 0:45496a70a8a5 393 ((uint8_t*)d)[ 9] = ((uint8_t*)s)[ 9] ^ ((uint8_t*)k)[ 9];
mluis 0:45496a70a8a5 394 ((uint8_t*)d)[10] = ((uint8_t*)s)[10] ^ ((uint8_t*)k)[10];
mluis 0:45496a70a8a5 395 ((uint8_t*)d)[11] = ((uint8_t*)s)[11] ^ ((uint8_t*)k)[11];
mluis 0:45496a70a8a5 396 ((uint8_t*)d)[12] = ((uint8_t*)s)[12] ^ ((uint8_t*)k)[12];
mluis 0:45496a70a8a5 397 ((uint8_t*)d)[13] = ((uint8_t*)s)[13] ^ ((uint8_t*)k)[13];
mluis 0:45496a70a8a5 398 ((uint8_t*)d)[14] = ((uint8_t*)s)[14] ^ ((uint8_t*)k)[14];
mluis 0:45496a70a8a5 399 ((uint8_t*)d)[15] = ((uint8_t*)s)[15] ^ ((uint8_t*)k)[15];
mluis 0:45496a70a8a5 400 #else
mluis 0:45496a70a8a5 401 block_copy(d, s);
mluis 0:45496a70a8a5 402 xor_block(d, k);
mluis 0:45496a70a8a5 403 #endif
mluis 0:45496a70a8a5 404 }
mluis 0:45496a70a8a5 405
mluis 0:45496a70a8a5 406 static void add_round_key( uint8_t d[N_BLOCK], const uint8_t k[N_BLOCK] )
mluis 0:45496a70a8a5 407 {
mluis 0:45496a70a8a5 408 xor_block(d, k);
mluis 0:45496a70a8a5 409 }
mluis 0:45496a70a8a5 410
mluis 0:45496a70a8a5 411 static void shift_sub_rows( uint8_t st[N_BLOCK] )
mluis 0:45496a70a8a5 412 { uint8_t tt;
mluis 0:45496a70a8a5 413
mluis 0:45496a70a8a5 414 st[ 0] = s_box(st[ 0]); st[ 4] = s_box(st[ 4]);
mluis 0:45496a70a8a5 415 st[ 8] = s_box(st[ 8]); st[12] = s_box(st[12]);
mluis 0:45496a70a8a5 416
mluis 0:45496a70a8a5 417 tt = st[1]; st[ 1] = s_box(st[ 5]); st[ 5] = s_box(st[ 9]);
mluis 0:45496a70a8a5 418 st[ 9] = s_box(st[13]); st[13] = s_box( tt );
mluis 0:45496a70a8a5 419
mluis 0:45496a70a8a5 420 tt = st[2]; st[ 2] = s_box(st[10]); st[10] = s_box( tt );
mluis 0:45496a70a8a5 421 tt = st[6]; st[ 6] = s_box(st[14]); st[14] = s_box( tt );
mluis 0:45496a70a8a5 422
mluis 0:45496a70a8a5 423 tt = st[15]; st[15] = s_box(st[11]); st[11] = s_box(st[ 7]);
mluis 0:45496a70a8a5 424 st[ 7] = s_box(st[ 3]); st[ 3] = s_box( tt );
mluis 0:45496a70a8a5 425 }
mluis 0:45496a70a8a5 426
mluis 0:45496a70a8a5 427 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 428
mluis 0:45496a70a8a5 429 static void inv_shift_sub_rows( uint8_t st[N_BLOCK] )
mluis 0:45496a70a8a5 430 { uint8_t tt;
mluis 0:45496a70a8a5 431
mluis 0:45496a70a8a5 432 st[ 0] = is_box(st[ 0]); st[ 4] = is_box(st[ 4]);
mluis 0:45496a70a8a5 433 st[ 8] = is_box(st[ 8]); st[12] = is_box(st[12]);
mluis 0:45496a70a8a5 434
mluis 0:45496a70a8a5 435 tt = st[13]; st[13] = is_box(st[9]); st[ 9] = is_box(st[5]);
mluis 0:45496a70a8a5 436 st[ 5] = is_box(st[1]); st[ 1] = is_box( tt );
mluis 0:45496a70a8a5 437
mluis 0:45496a70a8a5 438 tt = st[2]; st[ 2] = is_box(st[10]); st[10] = is_box( tt );
mluis 0:45496a70a8a5 439 tt = st[6]; st[ 6] = is_box(st[14]); st[14] = is_box( tt );
mluis 0:45496a70a8a5 440
mluis 0:45496a70a8a5 441 tt = st[3]; st[ 3] = is_box(st[ 7]); st[ 7] = is_box(st[11]);
mluis 0:45496a70a8a5 442 st[11] = is_box(st[15]); st[15] = is_box( tt );
mluis 0:45496a70a8a5 443 }
mluis 0:45496a70a8a5 444
mluis 0:45496a70a8a5 445 #endif
mluis 0:45496a70a8a5 446
mluis 0:45496a70a8a5 447 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 448 static void mix_sub_columns( uint8_t dt[N_BLOCK] )
mluis 0:45496a70a8a5 449 { uint8_t st[N_BLOCK];
mluis 0:45496a70a8a5 450 block_copy(st, dt);
mluis 0:45496a70a8a5 451 #else
mluis 0:45496a70a8a5 452 static void mix_sub_columns( uint8_t dt[N_BLOCK], uint8_t st[N_BLOCK] )
mluis 0:45496a70a8a5 453 {
mluis 0:45496a70a8a5 454 #endif
mluis 0:45496a70a8a5 455 dt[ 0] = gfm2_sb(st[0]) ^ gfm3_sb(st[5]) ^ s_box(st[10]) ^ s_box(st[15]);
mluis 0:45496a70a8a5 456 dt[ 1] = s_box(st[0]) ^ gfm2_sb(st[5]) ^ gfm3_sb(st[10]) ^ s_box(st[15]);
mluis 0:45496a70a8a5 457 dt[ 2] = s_box(st[0]) ^ s_box(st[5]) ^ gfm2_sb(st[10]) ^ gfm3_sb(st[15]);
mluis 0:45496a70a8a5 458 dt[ 3] = gfm3_sb(st[0]) ^ s_box(st[5]) ^ s_box(st[10]) ^ gfm2_sb(st[15]);
mluis 0:45496a70a8a5 459
mluis 0:45496a70a8a5 460 dt[ 4] = gfm2_sb(st[4]) ^ gfm3_sb(st[9]) ^ s_box(st[14]) ^ s_box(st[3]);
mluis 0:45496a70a8a5 461 dt[ 5] = s_box(st[4]) ^ gfm2_sb(st[9]) ^ gfm3_sb(st[14]) ^ s_box(st[3]);
mluis 0:45496a70a8a5 462 dt[ 6] = s_box(st[4]) ^ s_box(st[9]) ^ gfm2_sb(st[14]) ^ gfm3_sb(st[3]);
mluis 0:45496a70a8a5 463 dt[ 7] = gfm3_sb(st[4]) ^ s_box(st[9]) ^ s_box(st[14]) ^ gfm2_sb(st[3]);
mluis 0:45496a70a8a5 464
mluis 0:45496a70a8a5 465 dt[ 8] = gfm2_sb(st[8]) ^ gfm3_sb(st[13]) ^ s_box(st[2]) ^ s_box(st[7]);
mluis 0:45496a70a8a5 466 dt[ 9] = s_box(st[8]) ^ gfm2_sb(st[13]) ^ gfm3_sb(st[2]) ^ s_box(st[7]);
mluis 0:45496a70a8a5 467 dt[10] = s_box(st[8]) ^ s_box(st[13]) ^ gfm2_sb(st[2]) ^ gfm3_sb(st[7]);
mluis 0:45496a70a8a5 468 dt[11] = gfm3_sb(st[8]) ^ s_box(st[13]) ^ s_box(st[2]) ^ gfm2_sb(st[7]);
mluis 0:45496a70a8a5 469
mluis 0:45496a70a8a5 470 dt[12] = gfm2_sb(st[12]) ^ gfm3_sb(st[1]) ^ s_box(st[6]) ^ s_box(st[11]);
mluis 0:45496a70a8a5 471 dt[13] = s_box(st[12]) ^ gfm2_sb(st[1]) ^ gfm3_sb(st[6]) ^ s_box(st[11]);
mluis 0:45496a70a8a5 472 dt[14] = s_box(st[12]) ^ s_box(st[1]) ^ gfm2_sb(st[6]) ^ gfm3_sb(st[11]);
mluis 0:45496a70a8a5 473 dt[15] = gfm3_sb(st[12]) ^ s_box(st[1]) ^ s_box(st[6]) ^ gfm2_sb(st[11]);
mluis 0:45496a70a8a5 474 }
mluis 0:45496a70a8a5 475
mluis 0:45496a70a8a5 476 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 477
mluis 0:45496a70a8a5 478 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 479 static void inv_mix_sub_columns( uint8_t dt[N_BLOCK] )
mluis 0:45496a70a8a5 480 { uint8_t st[N_BLOCK];
mluis 0:45496a70a8a5 481 block_copy(st, dt);
mluis 0:45496a70a8a5 482 #else
mluis 0:45496a70a8a5 483 static void inv_mix_sub_columns( uint8_t dt[N_BLOCK], uint8_t st[N_BLOCK] )
mluis 0:45496a70a8a5 484 {
mluis 0:45496a70a8a5 485 #endif
mluis 0:45496a70a8a5 486 dt[ 0] = is_box(gfm_e(st[ 0]) ^ gfm_b(st[ 1]) ^ gfm_d(st[ 2]) ^ gfm_9(st[ 3]));
mluis 0:45496a70a8a5 487 dt[ 5] = is_box(gfm_9(st[ 0]) ^ gfm_e(st[ 1]) ^ gfm_b(st[ 2]) ^ gfm_d(st[ 3]));
mluis 0:45496a70a8a5 488 dt[10] = is_box(gfm_d(st[ 0]) ^ gfm_9(st[ 1]) ^ gfm_e(st[ 2]) ^ gfm_b(st[ 3]));
mluis 0:45496a70a8a5 489 dt[15] = is_box(gfm_b(st[ 0]) ^ gfm_d(st[ 1]) ^ gfm_9(st[ 2]) ^ gfm_e(st[ 3]));
mluis 0:45496a70a8a5 490
mluis 0:45496a70a8a5 491 dt[ 4] = is_box(gfm_e(st[ 4]) ^ gfm_b(st[ 5]) ^ gfm_d(st[ 6]) ^ gfm_9(st[ 7]));
mluis 0:45496a70a8a5 492 dt[ 9] = is_box(gfm_9(st[ 4]) ^ gfm_e(st[ 5]) ^ gfm_b(st[ 6]) ^ gfm_d(st[ 7]));
mluis 0:45496a70a8a5 493 dt[14] = is_box(gfm_d(st[ 4]) ^ gfm_9(st[ 5]) ^ gfm_e(st[ 6]) ^ gfm_b(st[ 7]));
mluis 0:45496a70a8a5 494 dt[ 3] = is_box(gfm_b(st[ 4]) ^ gfm_d(st[ 5]) ^ gfm_9(st[ 6]) ^ gfm_e(st[ 7]));
mluis 0:45496a70a8a5 495
mluis 0:45496a70a8a5 496 dt[ 8] = is_box(gfm_e(st[ 8]) ^ gfm_b(st[ 9]) ^ gfm_d(st[10]) ^ gfm_9(st[11]));
mluis 0:45496a70a8a5 497 dt[13] = is_box(gfm_9(st[ 8]) ^ gfm_e(st[ 9]) ^ gfm_b(st[10]) ^ gfm_d(st[11]));
mluis 0:45496a70a8a5 498 dt[ 2] = is_box(gfm_d(st[ 8]) ^ gfm_9(st[ 9]) ^ gfm_e(st[10]) ^ gfm_b(st[11]));
mluis 0:45496a70a8a5 499 dt[ 7] = is_box(gfm_b(st[ 8]) ^ gfm_d(st[ 9]) ^ gfm_9(st[10]) ^ gfm_e(st[11]));
mluis 0:45496a70a8a5 500
mluis 0:45496a70a8a5 501 dt[12] = is_box(gfm_e(st[12]) ^ gfm_b(st[13]) ^ gfm_d(st[14]) ^ gfm_9(st[15]));
mluis 0:45496a70a8a5 502 dt[ 1] = is_box(gfm_9(st[12]) ^ gfm_e(st[13]) ^ gfm_b(st[14]) ^ gfm_d(st[15]));
mluis 0:45496a70a8a5 503 dt[ 6] = is_box(gfm_d(st[12]) ^ gfm_9(st[13]) ^ gfm_e(st[14]) ^ gfm_b(st[15]));
mluis 0:45496a70a8a5 504 dt[11] = is_box(gfm_b(st[12]) ^ gfm_d(st[13]) ^ gfm_9(st[14]) ^ gfm_e(st[15]));
mluis 0:45496a70a8a5 505 }
mluis 0:45496a70a8a5 506
mluis 0:45496a70a8a5 507 #endif
mluis 0:45496a70a8a5 508
mluis 0:45496a70a8a5 509 #if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 510
mluis 0:45496a70a8a5 511 /* Set the cipher key for the pre-keyed version */
mluis 0:45496a70a8a5 512
mluis 0:45496a70a8a5 513 return_type aes_set_key( const uint8_t key[], length_type keylen, aes_context ctx[1] )
mluis 0:45496a70a8a5 514 {
mluis 0:45496a70a8a5 515 uint8_t cc, rc, hi;
mluis 0:45496a70a8a5 516
mluis 0:45496a70a8a5 517 switch( keylen )
mluis 0:45496a70a8a5 518 {
mluis 0:45496a70a8a5 519 case 16:
mluis 0:45496a70a8a5 520 case 24:
mluis 0:45496a70a8a5 521 case 32:
mluis 0:45496a70a8a5 522 break;
mluis 3:3152aa75c58d 523 default:
mluis 3:3152aa75c58d 524 ctx->rnd = 0;
mluis 0:45496a70a8a5 525 return ( uint8_t )-1;
mluis 0:45496a70a8a5 526 }
mluis 0:45496a70a8a5 527 block_copy_nn(ctx->ksch, key, keylen);
mluis 0:45496a70a8a5 528 hi = (keylen + 28) << 2;
mluis 0:45496a70a8a5 529 ctx->rnd = (hi >> 4) - 1;
mluis 0:45496a70a8a5 530 for( cc = keylen, rc = 1; cc < hi; cc += 4 )
mluis 0:45496a70a8a5 531 { uint8_t tt, t0, t1, t2, t3;
mluis 0:45496a70a8a5 532
mluis 0:45496a70a8a5 533 t0 = ctx->ksch[cc - 4];
mluis 0:45496a70a8a5 534 t1 = ctx->ksch[cc - 3];
mluis 0:45496a70a8a5 535 t2 = ctx->ksch[cc - 2];
mluis 0:45496a70a8a5 536 t3 = ctx->ksch[cc - 1];
mluis 0:45496a70a8a5 537 if( cc % keylen == 0 )
mluis 0:45496a70a8a5 538 {
mluis 0:45496a70a8a5 539 tt = t0;
mluis 0:45496a70a8a5 540 t0 = s_box(t1) ^ rc;
mluis 0:45496a70a8a5 541 t1 = s_box(t2);
mluis 0:45496a70a8a5 542 t2 = s_box(t3);
mluis 0:45496a70a8a5 543 t3 = s_box(tt);
mluis 0:45496a70a8a5 544 rc = f2(rc);
mluis 0:45496a70a8a5 545 }
mluis 0:45496a70a8a5 546 else if( keylen > 24 && cc % keylen == 16 )
mluis 0:45496a70a8a5 547 {
mluis 0:45496a70a8a5 548 t0 = s_box(t0);
mluis 0:45496a70a8a5 549 t1 = s_box(t1);
mluis 0:45496a70a8a5 550 t2 = s_box(t2);
mluis 0:45496a70a8a5 551 t3 = s_box(t3);
mluis 0:45496a70a8a5 552 }
mluis 0:45496a70a8a5 553 tt = cc - keylen;
mluis 0:45496a70a8a5 554 ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0;
mluis 0:45496a70a8a5 555 ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1;
mluis 0:45496a70a8a5 556 ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2;
mluis 0:45496a70a8a5 557 ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3;
mluis 0:45496a70a8a5 558 }
mluis 0:45496a70a8a5 559 return 0;
mluis 0:45496a70a8a5 560 }
mluis 0:45496a70a8a5 561
mluis 0:45496a70a8a5 562 #endif
mluis 0:45496a70a8a5 563
mluis 0:45496a70a8a5 564 #if defined( AES_ENC_PREKEYED )
mluis 0:45496a70a8a5 565
mluis 0:45496a70a8a5 566 /* Encrypt a single block of 16 bytes */
mluis 0:45496a70a8a5 567
mluis 0:45496a70a8a5 568 return_type aes_encrypt( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK], const aes_context ctx[1] )
mluis 0:45496a70a8a5 569 {
mluis 0:45496a70a8a5 570 if( ctx->rnd )
mluis 0:45496a70a8a5 571 {
mluis 0:45496a70a8a5 572 uint8_t s1[N_BLOCK], r;
mluis 0:45496a70a8a5 573 copy_and_key( s1, in, ctx->ksch );
mluis 0:45496a70a8a5 574
mluis 0:45496a70a8a5 575 for( r = 1 ; r < ctx->rnd ; ++r )
mluis 0:45496a70a8a5 576 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 577 {
mluis 0:45496a70a8a5 578 mix_sub_columns( s1 );
mluis 0:45496a70a8a5 579 add_round_key( s1, ctx->ksch + r * N_BLOCK);
mluis 0:45496a70a8a5 580 }
mluis 0:45496a70a8a5 581 #else
mluis 0:45496a70a8a5 582 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 583 mix_sub_columns( s2, s1 );
mluis 0:45496a70a8a5 584 copy_and_key( s1, s2, ctx->ksch + r * N_BLOCK);
mluis 0:45496a70a8a5 585 }
mluis 0:45496a70a8a5 586 #endif
mluis 0:45496a70a8a5 587 shift_sub_rows( s1 );
mluis 0:45496a70a8a5 588 copy_and_key( out, s1, ctx->ksch + r * N_BLOCK );
mluis 0:45496a70a8a5 589 }
mluis 0:45496a70a8a5 590 else
mluis 0:45496a70a8a5 591 return ( uint8_t )-1;
mluis 0:45496a70a8a5 592 return 0;
mluis 0:45496a70a8a5 593 }
mluis 0:45496a70a8a5 594
mluis 0:45496a70a8a5 595 /* CBC encrypt a number of blocks (input and return an IV) */
mluis 0:45496a70a8a5 596
mluis 0:45496a70a8a5 597 return_type aes_cbc_encrypt( const uint8_t *in, uint8_t *out,
mluis 0:45496a70a8a5 598 int32_t n_block, uint8_t iv[N_BLOCK], const aes_context ctx[1] )
mluis 0:45496a70a8a5 599 {
mluis 0:45496a70a8a5 600
mluis 0:45496a70a8a5 601 while(n_block--)
mluis 0:45496a70a8a5 602 {
mluis 0:45496a70a8a5 603 xor_block(iv, in);
mluis 0:45496a70a8a5 604 if(aes_encrypt(iv, iv, ctx) != EXIT_SUCCESS)
mluis 0:45496a70a8a5 605 return EXIT_FAILURE;
mluis 0:45496a70a8a5 606 //memcpy(out, iv, N_BLOCK);
mluis 0:45496a70a8a5 607 block_copy(out, iv);
mluis 0:45496a70a8a5 608 in += N_BLOCK;
mluis 0:45496a70a8a5 609 out += N_BLOCK;
mluis 0:45496a70a8a5 610 }
mluis 0:45496a70a8a5 611 return EXIT_SUCCESS;
mluis 0:45496a70a8a5 612 }
mluis 0:45496a70a8a5 613
mluis 0:45496a70a8a5 614 #endif
mluis 0:45496a70a8a5 615
mluis 0:45496a70a8a5 616 #if defined( AES_DEC_PREKEYED )
mluis 0:45496a70a8a5 617
mluis 0:45496a70a8a5 618 /* Decrypt a single block of 16 bytes */
mluis 0:45496a70a8a5 619
mluis 0:45496a70a8a5 620 return_type aes_decrypt( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK], const aes_context ctx[1] )
mluis 0:45496a70a8a5 621 {
mluis 0:45496a70a8a5 622 if( ctx->rnd )
mluis 0:45496a70a8a5 623 {
mluis 0:45496a70a8a5 624 uint8_t s1[N_BLOCK], r;
mluis 0:45496a70a8a5 625 copy_and_key( s1, in, ctx->ksch + ctx->rnd * N_BLOCK );
mluis 0:45496a70a8a5 626 inv_shift_sub_rows( s1 );
mluis 0:45496a70a8a5 627
mluis 0:45496a70a8a5 628 for( r = ctx->rnd ; --r ; )
mluis 0:45496a70a8a5 629 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 630 {
mluis 0:45496a70a8a5 631 add_round_key( s1, ctx->ksch + r * N_BLOCK );
mluis 0:45496a70a8a5 632 inv_mix_sub_columns( s1 );
mluis 0:45496a70a8a5 633 }
mluis 0:45496a70a8a5 634 #else
mluis 0:45496a70a8a5 635 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 636 copy_and_key( s2, s1, ctx->ksch + r * N_BLOCK );
mluis 0:45496a70a8a5 637 inv_mix_sub_columns( s1, s2 );
mluis 0:45496a70a8a5 638 }
mluis 0:45496a70a8a5 639 #endif
mluis 0:45496a70a8a5 640 copy_and_key( out, s1, ctx->ksch );
mluis 0:45496a70a8a5 641 }
mluis 0:45496a70a8a5 642 else
mluis 0:45496a70a8a5 643 return -1;
mluis 0:45496a70a8a5 644 return 0;
mluis 0:45496a70a8a5 645 }
mluis 0:45496a70a8a5 646
mluis 0:45496a70a8a5 647 /* CBC decrypt a number of blocks (input and return an IV) */
mluis 0:45496a70a8a5 648
mluis 0:45496a70a8a5 649 return_type aes_cbc_decrypt( const uint8_t *in, uint8_t *out,
mluis 0:45496a70a8a5 650 int32_t n_block, uint8_t iv[N_BLOCK], const aes_context ctx[1] )
mluis 3:3152aa75c58d 651 {
mluis 0:45496a70a8a5 652 while(n_block--)
mluis 0:45496a70a8a5 653 { uint8_t tmp[N_BLOCK];
mluis 3:3152aa75c58d 654
mluis 0:45496a70a8a5 655 //memcpy(tmp, in, N_BLOCK);
mluis 0:45496a70a8a5 656 block_copy(tmp, in);
mluis 0:45496a70a8a5 657 if(aes_decrypt(in, out, ctx) != EXIT_SUCCESS)
mluis 0:45496a70a8a5 658 return EXIT_FAILURE;
mluis 0:45496a70a8a5 659 xor_block(out, iv);
mluis 0:45496a70a8a5 660 //memcpy(iv, tmp, N_BLOCK);
mluis 0:45496a70a8a5 661 block_copy(iv, tmp);
mluis 0:45496a70a8a5 662 in += N_BLOCK;
mluis 0:45496a70a8a5 663 out += N_BLOCK;
mluis 0:45496a70a8a5 664 }
mluis 0:45496a70a8a5 665 return EXIT_SUCCESS;
mluis 0:45496a70a8a5 666 }
mluis 0:45496a70a8a5 667
mluis 0:45496a70a8a5 668 #endif
mluis 0:45496a70a8a5 669
mluis 0:45496a70a8a5 670 #if defined( AES_ENC_128_OTFK )
mluis 0:45496a70a8a5 671
mluis 0:45496a70a8a5 672 /* The 'on the fly' encryption key update for for 128 bit keys */
mluis 0:45496a70a8a5 673
mluis 0:45496a70a8a5 674 static void update_encrypt_key_128( uint8_t k[N_BLOCK], uint8_t *rc )
mluis 0:45496a70a8a5 675 { uint8_t cc;
mluis 0:45496a70a8a5 676
mluis 0:45496a70a8a5 677 k[0] ^= s_box(k[13]) ^ *rc;
mluis 0:45496a70a8a5 678 k[1] ^= s_box(k[14]);
mluis 0:45496a70a8a5 679 k[2] ^= s_box(k[15]);
mluis 0:45496a70a8a5 680 k[3] ^= s_box(k[12]);
mluis 0:45496a70a8a5 681 *rc = f2( *rc );
mluis 0:45496a70a8a5 682
mluis 0:45496a70a8a5 683 for(cc = 4; cc < 16; cc += 4 )
mluis 0:45496a70a8a5 684 {
mluis 0:45496a70a8a5 685 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 686 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 687 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 688 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 689 }
mluis 0:45496a70a8a5 690 }
mluis 0:45496a70a8a5 691
mluis 0:45496a70a8a5 692 /* Encrypt a single block of 16 bytes with 'on the fly' 128 bit keying */
mluis 0:45496a70a8a5 693
mluis 0:45496a70a8a5 694 void aes_encrypt_128( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK],
mluis 0:45496a70a8a5 695 const uint8_t key[N_BLOCK], uint8_t o_key[N_BLOCK] )
mluis 0:45496a70a8a5 696 { uint8_t s1[N_BLOCK], r, rc = 1;
mluis 0:45496a70a8a5 697
mluis 0:45496a70a8a5 698 if(o_key != key)
mluis 0:45496a70a8a5 699 block_copy( o_key, key );
mluis 0:45496a70a8a5 700 copy_and_key( s1, in, o_key );
mluis 0:45496a70a8a5 701
mluis 0:45496a70a8a5 702 for( r = 1 ; r < 10 ; ++r )
mluis 0:45496a70a8a5 703 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 704 {
mluis 0:45496a70a8a5 705 mix_sub_columns( s1 );
mluis 0:45496a70a8a5 706 update_encrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 707 add_round_key( s1, o_key );
mluis 0:45496a70a8a5 708 }
mluis 0:45496a70a8a5 709 #else
mluis 0:45496a70a8a5 710 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 711 mix_sub_columns( s2, s1 );
mluis 0:45496a70a8a5 712 update_encrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 713 copy_and_key( s1, s2, o_key );
mluis 0:45496a70a8a5 714 }
mluis 0:45496a70a8a5 715 #endif
mluis 0:45496a70a8a5 716
mluis 0:45496a70a8a5 717 shift_sub_rows( s1 );
mluis 0:45496a70a8a5 718 update_encrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 719 copy_and_key( out, s1, o_key );
mluis 0:45496a70a8a5 720 }
mluis 0:45496a70a8a5 721
mluis 0:45496a70a8a5 722 #endif
mluis 0:45496a70a8a5 723
mluis 0:45496a70a8a5 724 #if defined( AES_DEC_128_OTFK )
mluis 0:45496a70a8a5 725
mluis 0:45496a70a8a5 726 /* The 'on the fly' decryption key update for for 128 bit keys */
mluis 0:45496a70a8a5 727
mluis 0:45496a70a8a5 728 static void update_decrypt_key_128( uint8_t k[N_BLOCK], uint8_t *rc )
mluis 0:45496a70a8a5 729 { uint8_t cc;
mluis 0:45496a70a8a5 730
mluis 0:45496a70a8a5 731 for( cc = 12; cc > 0; cc -= 4 )
mluis 0:45496a70a8a5 732 {
mluis 0:45496a70a8a5 733 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 734 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 735 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 736 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 737 }
mluis 0:45496a70a8a5 738 *rc = d2(*rc);
mluis 0:45496a70a8a5 739 k[0] ^= s_box(k[13]) ^ *rc;
mluis 0:45496a70a8a5 740 k[1] ^= s_box(k[14]);
mluis 0:45496a70a8a5 741 k[2] ^= s_box(k[15]);
mluis 0:45496a70a8a5 742 k[3] ^= s_box(k[12]);
mluis 0:45496a70a8a5 743 }
mluis 0:45496a70a8a5 744
mluis 0:45496a70a8a5 745 /* Decrypt a single block of 16 bytes with 'on the fly' 128 bit keying */
mluis 0:45496a70a8a5 746
mluis 0:45496a70a8a5 747 void aes_decrypt_128( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK],
mluis 0:45496a70a8a5 748 const uint8_t key[N_BLOCK], uint8_t o_key[N_BLOCK] )
mluis 0:45496a70a8a5 749 {
mluis 0:45496a70a8a5 750 uint8_t s1[N_BLOCK], r, rc = 0x6c;
mluis 0:45496a70a8a5 751 if(o_key != key)
mluis 0:45496a70a8a5 752 block_copy( o_key, key );
mluis 0:45496a70a8a5 753
mluis 0:45496a70a8a5 754 copy_and_key( s1, in, o_key );
mluis 0:45496a70a8a5 755 inv_shift_sub_rows( s1 );
mluis 0:45496a70a8a5 756
mluis 0:45496a70a8a5 757 for( r = 10 ; --r ; )
mluis 0:45496a70a8a5 758 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 759 {
mluis 0:45496a70a8a5 760 update_decrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 761 add_round_key( s1, o_key );
mluis 0:45496a70a8a5 762 inv_mix_sub_columns( s1 );
mluis 0:45496a70a8a5 763 }
mluis 0:45496a70a8a5 764 #else
mluis 0:45496a70a8a5 765 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 766 update_decrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 767 copy_and_key( s2, s1, o_key );
mluis 0:45496a70a8a5 768 inv_mix_sub_columns( s1, s2 );
mluis 0:45496a70a8a5 769 }
mluis 0:45496a70a8a5 770 #endif
mluis 0:45496a70a8a5 771 update_decrypt_key_128( o_key, &rc );
mluis 0:45496a70a8a5 772 copy_and_key( out, s1, o_key );
mluis 0:45496a70a8a5 773 }
mluis 0:45496a70a8a5 774
mluis 0:45496a70a8a5 775 #endif
mluis 0:45496a70a8a5 776
mluis 0:45496a70a8a5 777 #if defined( AES_ENC_256_OTFK )
mluis 0:45496a70a8a5 778
mluis 0:45496a70a8a5 779 /* The 'on the fly' encryption key update for for 256 bit keys */
mluis 0:45496a70a8a5 780
mluis 0:45496a70a8a5 781 static void update_encrypt_key_256( uint8_t k[2 * N_BLOCK], uint8_t *rc )
mluis 0:45496a70a8a5 782 { uint8_t cc;
mluis 0:45496a70a8a5 783
mluis 0:45496a70a8a5 784 k[0] ^= s_box(k[29]) ^ *rc;
mluis 0:45496a70a8a5 785 k[1] ^= s_box(k[30]);
mluis 0:45496a70a8a5 786 k[2] ^= s_box(k[31]);
mluis 0:45496a70a8a5 787 k[3] ^= s_box(k[28]);
mluis 0:45496a70a8a5 788 *rc = f2( *rc );
mluis 0:45496a70a8a5 789
mluis 0:45496a70a8a5 790 for(cc = 4; cc < 16; cc += 4)
mluis 0:45496a70a8a5 791 {
mluis 0:45496a70a8a5 792 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 793 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 794 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 795 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 796 }
mluis 0:45496a70a8a5 797
mluis 0:45496a70a8a5 798 k[16] ^= s_box(k[12]);
mluis 0:45496a70a8a5 799 k[17] ^= s_box(k[13]);
mluis 0:45496a70a8a5 800 k[18] ^= s_box(k[14]);
mluis 0:45496a70a8a5 801 k[19] ^= s_box(k[15]);
mluis 0:45496a70a8a5 802
mluis 0:45496a70a8a5 803 for( cc = 20; cc < 32; cc += 4 )
mluis 0:45496a70a8a5 804 {
mluis 0:45496a70a8a5 805 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 806 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 807 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 808 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 809 }
mluis 0:45496a70a8a5 810 }
mluis 0:45496a70a8a5 811
mluis 0:45496a70a8a5 812 /* Encrypt a single block of 16 bytes with 'on the fly' 256 bit keying */
mluis 0:45496a70a8a5 813
mluis 0:45496a70a8a5 814 void aes_encrypt_256( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK],
mluis 0:45496a70a8a5 815 const uint8_t key[2 * N_BLOCK], uint8_t o_key[2 * N_BLOCK] )
mluis 0:45496a70a8a5 816 {
mluis 0:45496a70a8a5 817 uint8_t s1[N_BLOCK], r, rc = 1;
mluis 0:45496a70a8a5 818 if(o_key != key)
mluis 0:45496a70a8a5 819 {
mluis 0:45496a70a8a5 820 block_copy( o_key, key );
mluis 0:45496a70a8a5 821 block_copy( o_key + 16, key + 16 );
mluis 0:45496a70a8a5 822 }
mluis 0:45496a70a8a5 823 copy_and_key( s1, in, o_key );
mluis 0:45496a70a8a5 824
mluis 0:45496a70a8a5 825 for( r = 1 ; r < 14 ; ++r )
mluis 0:45496a70a8a5 826 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 827 {
mluis 0:45496a70a8a5 828 mix_sub_columns(s1);
mluis 0:45496a70a8a5 829 if( r & 1 )
mluis 0:45496a70a8a5 830 add_round_key( s1, o_key + 16 );
mluis 0:45496a70a8a5 831 else
mluis 0:45496a70a8a5 832 {
mluis 0:45496a70a8a5 833 update_encrypt_key_256( o_key, &rc );
mluis 0:45496a70a8a5 834 add_round_key( s1, o_key );
mluis 0:45496a70a8a5 835 }
mluis 0:45496a70a8a5 836 }
mluis 0:45496a70a8a5 837 #else
mluis 0:45496a70a8a5 838 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 839 mix_sub_columns( s2, s1 );
mluis 0:45496a70a8a5 840 if( r & 1 )
mluis 0:45496a70a8a5 841 copy_and_key( s1, s2, o_key + 16 );
mluis 0:45496a70a8a5 842 else
mluis 0:45496a70a8a5 843 {
mluis 0:45496a70a8a5 844 update_encrypt_key_256( o_key, &rc );
mluis 0:45496a70a8a5 845 copy_and_key( s1, s2, o_key );
mluis 0:45496a70a8a5 846 }
mluis 0:45496a70a8a5 847 }
mluis 0:45496a70a8a5 848 #endif
mluis 0:45496a70a8a5 849
mluis 0:45496a70a8a5 850 shift_sub_rows( s1 );
mluis 0:45496a70a8a5 851 update_encrypt_key_256( o_key, &rc );
mluis 0:45496a70a8a5 852 copy_and_key( out, s1, o_key );
mluis 0:45496a70a8a5 853 }
mluis 0:45496a70a8a5 854
mluis 0:45496a70a8a5 855 #endif
mluis 0:45496a70a8a5 856
mluis 0:45496a70a8a5 857 #if defined( AES_DEC_256_OTFK )
mluis 0:45496a70a8a5 858
mluis 0:45496a70a8a5 859 /* The 'on the fly' encryption key update for for 256 bit keys */
mluis 0:45496a70a8a5 860
mluis 0:45496a70a8a5 861 static void update_decrypt_key_256( uint8_t k[2 * N_BLOCK], uint8_t *rc )
mluis 0:45496a70a8a5 862 { uint8_t cc;
mluis 0:45496a70a8a5 863
mluis 0:45496a70a8a5 864 for(cc = 28; cc > 16; cc -= 4)
mluis 0:45496a70a8a5 865 {
mluis 0:45496a70a8a5 866 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 867 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 868 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 869 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 870 }
mluis 0:45496a70a8a5 871
mluis 0:45496a70a8a5 872 k[16] ^= s_box(k[12]);
mluis 0:45496a70a8a5 873 k[17] ^= s_box(k[13]);
mluis 0:45496a70a8a5 874 k[18] ^= s_box(k[14]);
mluis 0:45496a70a8a5 875 k[19] ^= s_box(k[15]);
mluis 0:45496a70a8a5 876
mluis 0:45496a70a8a5 877 for(cc = 12; cc > 0; cc -= 4)
mluis 0:45496a70a8a5 878 {
mluis 0:45496a70a8a5 879 k[cc + 0] ^= k[cc - 4];
mluis 0:45496a70a8a5 880 k[cc + 1] ^= k[cc - 3];
mluis 0:45496a70a8a5 881 k[cc + 2] ^= k[cc - 2];
mluis 0:45496a70a8a5 882 k[cc + 3] ^= k[cc - 1];
mluis 0:45496a70a8a5 883 }
mluis 0:45496a70a8a5 884
mluis 0:45496a70a8a5 885 *rc = d2(*rc);
mluis 0:45496a70a8a5 886 k[0] ^= s_box(k[29]) ^ *rc;
mluis 0:45496a70a8a5 887 k[1] ^= s_box(k[30]);
mluis 0:45496a70a8a5 888 k[2] ^= s_box(k[31]);
mluis 0:45496a70a8a5 889 k[3] ^= s_box(k[28]);
mluis 0:45496a70a8a5 890 }
mluis 0:45496a70a8a5 891
mluis 0:45496a70a8a5 892 /* Decrypt a single block of 16 bytes with 'on the fly'
mluis 0:45496a70a8a5 893 256 bit keying
mluis 0:45496a70a8a5 894 */
mluis 0:45496a70a8a5 895 void aes_decrypt_256( const uint8_t in[N_BLOCK], uint8_t out[N_BLOCK],
mluis 0:45496a70a8a5 896 const uint8_t key[2 * N_BLOCK], uint8_t o_key[2 * N_BLOCK] )
mluis 0:45496a70a8a5 897 {
mluis 0:45496a70a8a5 898 uint8_t s1[N_BLOCK], r, rc = 0x80;
mluis 0:45496a70a8a5 899
mluis 0:45496a70a8a5 900 if(o_key != key)
mluis 0:45496a70a8a5 901 {
mluis 0:45496a70a8a5 902 block_copy( o_key, key );
mluis 0:45496a70a8a5 903 block_copy( o_key + 16, key + 16 );
mluis 0:45496a70a8a5 904 }
mluis 0:45496a70a8a5 905
mluis 0:45496a70a8a5 906 copy_and_key( s1, in, o_key );
mluis 0:45496a70a8a5 907 inv_shift_sub_rows( s1 );
mluis 0:45496a70a8a5 908
mluis 0:45496a70a8a5 909 for( r = 14 ; --r ; )
mluis 0:45496a70a8a5 910 #if defined( VERSION_1 )
mluis 0:45496a70a8a5 911 {
mluis 0:45496a70a8a5 912 if( ( r & 1 ) )
mluis 0:45496a70a8a5 913 {
mluis 0:45496a70a8a5 914 update_decrypt_key_256( o_key, &rc );
mluis 0:45496a70a8a5 915 add_round_key( s1, o_key + 16 );
mluis 0:45496a70a8a5 916 }
mluis 0:45496a70a8a5 917 else
mluis 0:45496a70a8a5 918 add_round_key( s1, o_key );
mluis 0:45496a70a8a5 919 inv_mix_sub_columns( s1 );
mluis 0:45496a70a8a5 920 }
mluis 0:45496a70a8a5 921 #else
mluis 0:45496a70a8a5 922 { uint8_t s2[N_BLOCK];
mluis 0:45496a70a8a5 923 if( ( r & 1 ) )
mluis 0:45496a70a8a5 924 {
mluis 0:45496a70a8a5 925 update_decrypt_key_256( o_key, &rc );
mluis 0:45496a70a8a5 926 copy_and_key( s2, s1, o_key + 16 );
mluis 0:45496a70a8a5 927 }
mluis 0:45496a70a8a5 928 else
mluis 0:45496a70a8a5 929 copy_and_key( s2, s1, o_key );
mluis 0:45496a70a8a5 930 inv_mix_sub_columns( s1, s2 );
mluis 0:45496a70a8a5 931 }
mluis 0:45496a70a8a5 932 #endif
mluis 0:45496a70a8a5 933 copy_and_key( out, s1, o_key );
mluis 0:45496a70a8a5 934 }
mluis 0:45496a70a8a5 935
mluis 0:45496a70a8a5 936 #endif