// encryption: SB -> SR -> MC -> RK
// decryption: other way around
static
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k)
{
uint8_t i;
/* keyAdd */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i]; //Bitwise Exclusive-Or (XOR)
}
// Inverse mixed columns
/* 14 11 13 09
* E B D 9
* 9 E B D
* D 9 E B
* B D 9 E
*/
aes_invmixed_columns( state->s, 16);
aes128_invremask(state->s);
/* shiftRows */
// WHY is shiftcol used here????
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = *(aes_invsbox+state->s[i]);
}
}
static
void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k)
{
uint8_t i;
/// *** STEP 1: keyAdd ***
for(i=0; i<16; ++i)
{
state->s[i] ^= k->ks[i];
}
#ifdef ENCRYPTION_DEBUG
beginSerial(115200, 0);
digitalWrite(23,0x01);
digitalWrite(11,0x00);
printString("\n\n*** STEP 1: keyAdd --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
#endif
/// *** STEP 2: invert shiftRows ***
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
#ifdef ENCRYPTION_DEBUG
printString("\n*** STEP 2: shiftRows --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
#endif
/// *** STEP 3: subBytes ***
for(i=0; i<16; ++i)
{
state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]);
}
#ifdef ENCRYPTION_DEBUG
printString("\n*** STEP 3: subBytes --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
#endif
}
static
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t tmp[16];
uint8_t i;
uint8_t t,u,v,w;
/* keyAdd */
for(i=0; i<16; ++i){
tmp[i] = state->s[i] ^ k->ks[i];
}
/* mixColums */
for(i=0; i<4; ++i){
t = tmp[4*i+3] ^ tmp[4*i+2];
u = tmp[4*i+1] ^ tmp[4*i+0];
v = t ^ u;
v = gf256mul(0x09, v, 0x1b);
w = v ^ gf256mul(0x04, tmp[4*i+2] ^ tmp[4*i+0], 0x1b);
v = v ^ gf256mul(0x04, tmp[4*i+3] ^ tmp[4*i+1], 0x1b);
state->s[4*i+3] = tmp[4*i+3] ^ v ^ gf256mul(0x02, tmp[4*i+0] ^ tmp[4*i+3], 0x1b);
state->s[4*i+2] = tmp[4*i+2] ^ w ^ gf256mul(0x02, t, 0x1b);
state->s[4*i+1] = tmp[4*i+1] ^ v ^ gf256mul(0x02, tmp[4*i+2] ^ tmp[4*i+1], 0x1b);
state->s[4*i+0] = tmp[4*i+0] ^ w ^ gf256mul(0x02, u, 0x1b);
/*
state->s[4*i+0] =
gf256mul(0xe, tmp[4*i+0], 0x1b)
^ gf256mul(0xb, tmp[4*i+1], 0x1b)
^ gf256mul(0xd, tmp[4*i+2], 0x1b)
^ gf256mul(0x9, tmp[4*i+3], 0x1b);
state->s[4*i+1] =
gf256mul(0x9, tmp[4*i+0], 0x1b)
^ gf256mul(0xe, tmp[4*i+1], 0x1b)
^ gf256mul(0xb, tmp[4*i+2], 0x1b)
^ gf256mul(0xd, tmp[4*i+3], 0x1b);
state->s[4*i+2] =
gf256mul(0xd, tmp[4*i+0], 0x1b)
^ gf256mul(0x9, tmp[4*i+1], 0x1b)
^ gf256mul(0xe, tmp[4*i+2], 0x1b)
^ gf256mul(0xb, tmp[4*i+3], 0x1b);
state->s[4*i+3] =
gf256mul(0xb, tmp[4*i+0], 0x1b)
^ gf256mul(0xd, tmp[4*i+1], 0x1b)
^ gf256mul(0x9, tmp[4*i+2], 0x1b)
^ gf256mul(0xe, tmp[4*i+3], 0x1b);
*/
}
/* shiftRows */
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]);
}
}
static
void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t i;
/* keyAdd */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
/* shiftRows */
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]);
}
}
// encryption: SB -> SR -> RK
// decryption: other way around
static
void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t i;
// do the array permutation
aes128_update_shuffling_array();
/* keyAdd */
for(i=0; i<16; ++i){
state->s[permutation_array[i]] ^= k->ks[permutation_array[i]];
}
/* shiftRows */
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
/* subBytes */
for(i=0; i<16; ++i){
state->s[permutation_array[i]] = pgm_read_byte(aes_invsbox+state->s[permutation_array[i]]);
}
}
// encryption: SB -> SR -> MC -> RK
// decryption: other way around
static
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k, uint8_t rounds)
{
uint8_t i;
/* keyAdd */
for(i=0; i<16; ++i){
state->s[permutation_array[i]] ^= k->ks[permutation_array[i]]; //Bitwise Exclusive-Or (XOR)
}
// Inverse mixed columns
/* 14 11 13 09
* E B D 9
* 9 E B D
* D 9 E B
* B D 9 E
*/
aes_invmixed_columns( state->s, 16);
/* shiftRows */
// WHY is shiftcol used here????
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
// do the array permutation
if(rounds == 2) {
aes128_update_shuffling_array();
}
/* subBytes */
for(i=0; i<16; ++i){
state->s[permutation_array[i]] = pgm_read_byte(aes_invsbox+state->s[permutation_array[i]]);
}
}
static
void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k)
{
uint8_t tmp[16];
uint8_t i;
uint8_t t,u,v,w;
/// *** STEP 1: keyAdd ***
for(i=0; i<16; ++i)
{
tmp[i] = state->s[i] ^ k->ks[i];
}
#ifdef ENCRYPTION_DEBUG
beginSerial(115200, 0);
digitalWrite(23,0x01);
digitalWrite(11,0x00);
printString("\n\n*** STEP 1: keyAdd --> ", 0);
for(i=0; i<16; ++i)
{
puthex((char)tmp[i],0);
_delay_ms(3);
}
#endif
/// *** STEP 2: mixColums ***
inv_mix_column(&tmp[0]);
inv_mix_column(&tmp[4]);
inv_mix_column(&tmp[8]);
inv_mix_column(&tmp[12]);
// copy result
for(i=0; i<16; ++i)
{
state->s[i] = tmp[i];
}
#ifdef ENCRYPTION_DEBUG
printString("\n*** STEP 2: mixColums --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
#endif
/// *** STEP 3: shiftRows ***
aes_invshiftcol(state->s+1, 1);
aes_invshiftcol(state->s+2, 2);
aes_invshiftcol(state->s+3, 3);
#ifdef ENCRYPTION_DEBUG
printString("\n*** STEP 3: shiftRows --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
#endif
/// *** STEP 4: subBytes ***
for(i=0; i<16; ++i)
{
state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]);
}
#ifdef ENCRYPTION_DEBUG
printString("\n*** STEP 4: subBytes --> ", 0);
_delay_ms(3);
for(i=0; i<16; ++i)
{
puthex((char)state->s[i],0);
_delay_ms(3);
}
printString("\n", 0);
#endif
}
