byte AES::set_key (byte key [], int keylen)
{
byte hi ;
switch (keylen)
{
case 16:
case 128:
keylen = 16; // 10 rounds
round = 10 ;
break;
case 24:
case 192:
keylen = 24; // 12 rounds
round = 12 ;
break;
case 32:
case 256:
keylen = 32; // 14 rounds
round = 14 ;
break;
default:
round = 0;
return FAILURE;
}
hi = (round + 1) << 4 ;
copy_n_bytes (key_sched, key, keylen) ;
byte t[4] ;
byte next = keylen ;
for (byte cc = keylen, rc = 1 ; cc < hi ; cc += N_COL)
{
for (byte i = 0 ; i < N_COL ; i++)
t[i] = key_sched [cc-4+i] ;
if (cc == next)
{
next += keylen ;
byte ttt = t[0] ;
t[0] = s_box (t[1]) ^ rc ;
t[1] = s_box (t[2]) ;
t[2] = s_box (t[3]) ;
t[3] = s_box (ttt) ;
rc = f2 (rc) ;
}
else if (keylen == 32 && (cc & 31) == 16)
{
for (byte i = 0 ; i < 4 ; i++)
t[i] = s_box (t[i]) ;
}
byte tt = cc - keylen ;
for (byte i = 0 ; i < N_COL ; i++)
key_sched [cc + i] = key_sched [tt + i] ^ t[i] ;
}
return SUCCESS ;
}
/**
* Sets the cipher key for the pre-keyed version
* @param key Cipher key
* @param keylen Length of the cipher key
* @param ctx AES context
* @return Result of AES
*/
aes_result AES::aes_set_key( const unsigned char key[], int keylen, aes_context ctx[1] )
{
uint_8t cc, rc, hi;
switch( keylen )
{
case 128:
keylen = 16;
break;
case 192:
keylen = 24;
break;
case 256:
keylen = 32;
break;
default:
ctx->rnd = 0;
return -1;
}
block_copy_nn(ctx->ksch, key, keylen);
hi = (keylen + 28) << 2;
ctx->rnd = (hi >> 4) - 1;
for( cc = keylen, rc = 1; cc < hi; cc += 4 )
{ uint_8t tt, t0, t1, t2, t3;
t0 = ctx->ksch[cc - 4];
t1 = ctx->ksch[cc - 3];
t2 = ctx->ksch[cc - 2];
t3 = ctx->ksch[cc - 1];
if( cc % keylen == 0 )
{
tt = t0;
t0 = s_box(t1) ^ rc;
t1 = s_box(t2);
t2 = s_box(t3);
t3 = s_box(tt);
rc = f2(rc);
}
else if( keylen > 24 && cc % keylen == 16 )
{
t0 = s_box(t0);
t1 = s_box(t1);
t2 = s_box(t2);
t3 = s_box(t3);
}
tt = cc - keylen;
ctx->ksch[cc + 0] = ctx->ksch[tt + 0] ^ t0;
ctx->ksch[cc + 1] = ctx->ksch[tt + 1] ^ t1;
ctx->ksch[cc + 2] = ctx->ksch[tt + 2] ^ t2;
ctx->ksch[cc + 3] = ctx->ksch[tt + 3] ^ t3;
}
return 0;
}
static void mix_sub_columns (byte dt[N_BLOCK], byte st[N_BLOCK])
{
byte j = 5 ;
byte k = 10 ;
byte l = 15 ;
for (byte i = 0 ; i < N_BLOCK ; i += N_COL)
{
byte a = st [i] ;
byte b = st [j] ; j = (j+N_COL) & 15 ;
byte c = st [k] ; k = (k+N_COL) & 15 ;
byte d = st [l] ; l = (l+N_COL) & 15 ;
byte a1 = s_box (a), b1 = s_box (b), c1 = s_box (c), d1 = s_box (d) ;
byte a2 = f2(a1), b2 = f2(b1), c2 = f2(c1), d2 = f2(d1) ;
dt[i] = a2 ^ b2^b1 ^ c1 ^ d1 ;
dt[i+1] = a1 ^ b2 ^ c2^c1 ^ d1 ;
dt[i+2] = a1 ^ b1 ^ c2 ^ d2^d1 ;
dt[i+3] = a2^a1 ^ b1 ^ c1 ^ d2 ;
}
}
unsigned char f_function( unsigned char text, unsigned char key )
{
unsigned char buffer1 ;
unsigned char buffer2 ;
unsigned char result = 0 ;
int i ;
int row = 0;
int row1 = 0;
int col = 0;
int col1 = 0 ;
//Permute P8
buffer1 = permutations( text, 2 ) ;
//Add to key
buffer2 = buffer1 ^ key ;
//SO
if (GetBit( buffer2, 7 ))
SetBit( row, 1 ) ;
if (GetBit( buffer2, 4 ))
SetBit( row, 0 ) ;
if (GetBit( buffer2, 6 ))
SetBit( col, 1 ) ;
if (GetBit( buffer2, 5 ))
SetBit( col, 0 ) ;
//S!
if (GetBit( buffer2, 3 ))
SetBit( row1, 1 ) ;
if (GetBit( buffer2, 0 ))
SetBit( row1, 0 ) ;
if (GetBit( buffer2, 2 ))
SetBit( col1, 1 ) ;
if (GetBit( buffer2, 1 ))
SetBit( col1, 0 ) ;
//Input to boxes
buffer1 = s_box( row, col, row1, col1 ) ;
//Permute P4
buffer2 = permutations( buffer1, 3 ) ;
//Add to L and append right
result = text ^ buffer2 ;
return result ;
}
void F(int n,char *ll, char *rr, char *LL, char *RR) {
int i, j;
char buffer[64], tmp[64];
for (i = 0; i < 48; i++)
buffer[i] = rr[e_r[i] - 1];
for (i = 0; i < 48; i++)
buffer[i] = (buffer[i] + K[n][i]) & 1;
s_box(buffer, tmp);
for (i = 0; i < 32; i++)
buffer[i] = tmp[P[i] - 1];
for (i = 0; i < 32; i++)
RR[i] = (buffer[i] + ll[i]) & 1;
for (i = 0; i < 32; i++)
LL[i] = rr[i];
}
/**
* Mixes columns
* @param dt Data
*/
void AES::mix_sub_columns( uint_8t dt[N_BLOCK] )
{
uint_8t st[N_BLOCK];
block_copy(st, dt);
dt[ 0] = gfm2_sb(st[0]) ^ gfm3_sb(st[5]) ^ s_box(st[10]) ^ s_box(st[15]);
dt[ 1] = s_box(st[0]) ^ gfm2_sb(st[5]) ^ gfm3_sb(st[10]) ^ s_box(st[15]);
dt[ 2] = s_box(st[0]) ^ s_box(st[5]) ^ gfm2_sb(st[10]) ^ gfm3_sb(st[15]);
dt[ 3] = gfm3_sb(st[0]) ^ s_box(st[5]) ^ s_box(st[10]) ^ gfm2_sb(st[15]);
dt[ 4] = gfm2_sb(st[4]) ^ gfm3_sb(st[9]) ^ s_box(st[14]) ^ s_box(st[3]);
dt[ 5] = s_box(st[4]) ^ gfm2_sb(st[9]) ^ gfm3_sb(st[14]) ^ s_box(st[3]);
dt[ 6] = s_box(st[4]) ^ s_box(st[9]) ^ gfm2_sb(st[14]) ^ gfm3_sb(st[3]);
dt[ 7] = gfm3_sb(st[4]) ^ s_box(st[9]) ^ s_box(st[14]) ^ gfm2_sb(st[3]);
dt[ 8] = gfm2_sb(st[8]) ^ gfm3_sb(st[13]) ^ s_box(st[2]) ^ s_box(st[7]);
dt[ 9] = s_box(st[8]) ^ gfm2_sb(st[13]) ^ gfm3_sb(st[2]) ^ s_box(st[7]);
dt[10] = s_box(st[8]) ^ s_box(st[13]) ^ gfm2_sb(st[2]) ^ gfm3_sb(st[7]);
dt[11] = gfm3_sb(st[8]) ^ s_box(st[13]) ^ s_box(st[2]) ^ gfm2_sb(st[7]);
dt[12] = gfm2_sb(st[12]) ^ gfm3_sb(st[1]) ^ s_box(st[6]) ^ s_box(st[11]);
dt[13] = s_box(st[12]) ^ gfm2_sb(st[1]) ^ gfm3_sb(st[6]) ^ s_box(st[11]);
dt[14] = s_box(st[12]) ^ s_box(st[1]) ^ gfm2_sb(st[6]) ^ gfm3_sb(st[11]);
dt[15] = gfm3_sb(st[12]) ^ s_box(st[1]) ^ s_box(st[6]) ^ gfm2_sb(st[11]);
}
/**
* Shifts rows
* @param st Data
*/
void AES::shift_sub_rows( uint_8t st[N_BLOCK] )
{
uint_8t tt;
st[ 0] = s_box(st[ 0]); st[ 4] = s_box(st[ 4]);
st[ 8] = s_box(st[ 8]); st[12] = s_box(st[12]);
tt = st[1]; st[ 1] = s_box(st[ 5]); st[ 5] = s_box(st[ 9]);
st[ 9] = s_box(st[13]); st[13] = s_box( tt );
tt = st[2]; st[ 2] = s_box(st[10]); st[10] = s_box( tt );
tt = st[6]; st[ 6] = s_box(st[14]); st[14] = s_box( tt );
tt = st[15]; st[15] = s_box(st[11]); st[11] = s_box(st[ 7]);
st[ 7] = s_box(st[ 3]); st[ 3] = s_box( tt );
}
static void shift_sub_rows (byte st [N_BLOCK])
{
st [0] = s_box (st [0]) ;
st [4] = s_box (st [4]) ;
st [8] = s_box (st [8]) ;
st [12] = s_box (st [12]) ;
byte tt = st [1] ;
st [1] = s_box (st [5]) ;
st [5] = s_box (st [9]) ;
st [9] = s_box (st [13]) ;
st [13] = s_box (tt) ;
tt = st[2] ;
st [2] = s_box (st [10]) ;
st [10] = s_box (tt) ;
tt = st[6] ;
st [6] = s_box (st [14]) ;
st [14] = s_box (tt) ;
tt = st[15] ;
st [15] = s_box (st [11]) ;
st [11] = s_box (st [7]) ;
st [7] = s_box (st [3]) ;
st [3] = s_box (tt) ;
}