aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
{ aes_32t ss[5];
#if defined( d_vars )
d_vars;
#endif
cx->ks[0] = ss[0] = word_in(key, 0);
cx->ks[1] = ss[1] = word_in(key, 1);
cx->ks[2] = ss[2] = word_in(key, 2);
cx->ks[3] = ss[3] = word_in(key, 3);
#if DEC_UNROLL == NONE
{ aes_32t i;
for(i = 0; i < (11 * N_COLS - 5) / 4; ++i)
ke4(cx->ks, i);
kel4(cx->ks, 9);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 10 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
kdf4(cx->ks, 0); kd4(cx->ks, 1);
kd4(cx->ks, 2); kd4(cx->ks, 3);
kd4(cx->ks, 4); kd4(cx->ks, 5);
kd4(cx->ks, 6); kd4(cx->ks, 7);
kd4(cx->ks, 8); kdl4(cx->ks, 9);
#endif
cx->rn = 10;
#if defined( AES_ERR_CHK )
return aes_good;
#endif
}
AES_RETURN aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
{ uint_32t ss[5];
#if defined( d_vars )
d_vars;
#endif
cx->ks[v(40,(0))] = ss[0] = word_in(key, 0);
cx->ks[v(40,(1))] = ss[1] = word_in(key, 1);
cx->ks[v(40,(2))] = ss[2] = word_in(key, 2);
cx->ks[v(40,(3))] = ss[3] = word_in(key, 3);
#ifdef DEC_KS_UNROLL
kdf4(cx->ks, 0); kd4(cx->ks, 1);
kd4(cx->ks, 2); kd4(cx->ks, 3);
kd4(cx->ks, 4); kd4(cx->ks, 5);
kd4(cx->ks, 6); kd4(cx->ks, 7);
kd4(cx->ks, 8); kdl4(cx->ks, 9);
#else
{ uint_32t i;
for(i = 0; i < 10; ++i)
k4e(cx->ks, i);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 10 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#endif
cx->inf.l = 0;
cx->inf.b[0] = 10 * 16;
#ifdef USE_VIA_ACE_IF_PRESENT
if(VIA_ACE_AVAILABLE)
cx->inf.b[1] = 0xff;
#endif
return EXIT_SUCCESS;
}
aes_rval ccaes_gladman_decrypt_key192(const unsigned char *key, ccaes_gladman_decrypt_ctx cx[1])
{ aes_32t ss[7];
#if defined( d_vars )
d_vars;
#endif
cx->ks[0] = ss[0] = word_in(key, 0);
cx->ks[1] = ss[1] = word_in(key, 1);
cx->ks[2] = ss[2] = word_in(key, 2);
cx->ks[3] = ss[3] = word_in(key, 3);
#if DEC_UNROLL == NONE
cx->ks[4] = ss[4] = word_in(key, 4);
cx->ks[5] = ss[5] = word_in(key, 5);
{ aes_32t i;
for(i = 0; i < (13 * N_COLS - 7) / 6; ++i)
ke6(cx->ks, i);
kel6(cx->ks, 7);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 12 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
cx->ks[4] = ff(ss[4] = word_in(key, 4));
cx->ks[5] = ff(ss[5] = word_in(key, 5));
kdf6(cx->ks, 0); kd6(cx->ks, 1);
kd6(cx->ks, 2); kd6(cx->ks, 3);
kd6(cx->ks, 4); kd6(cx->ks, 5);
kd6(cx->ks, 6); kdl6(cx->ks, 7);
#endif
cx->rn = 12;
}
static void
aes_decrypt_key128(const unsigned char *key, uint32_t rk[])
{
uint32_t ss[5];
#if defined(d_vars)
d_vars;
#endif
rk[v(40, (0))] = ss[0] = word_in(key, 0);
rk[v(40, (1))] = ss[1] = word_in(key, 1);
rk[v(40, (2))] = ss[2] = word_in(key, 2);
rk[v(40, (3))] = ss[3] = word_in(key, 3);
#ifdef DEC_KS_UNROLL
kdf4(rk, 0); kd4(rk, 1);
kd4(rk, 2); kd4(rk, 3);
kd4(rk, 4); kd4(rk, 5);
kd4(rk, 6); kd4(rk, 7);
kd4(rk, 8); kdl4(rk, 9);
#else
{
uint32_t i;
for (i = 0; i < 10; ++i)
k4e(rk, i);
#if !(DEC_ROUND == NO_TABLES)
for (i = MAX_AES_NB; i < 10 * MAX_AES_NB; ++i)
rk[i] = inv_mcol(rk[i]);
#endif
}
#endif /* DEC_KS_UNROLL */
}
AES_RETURN aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
{ uint_32t ss[9];
#if defined( d_vars )
d_vars;
#endif
cx->ks[v(56,(0))] = ss[0] = word_in(key, 0);
cx->ks[v(56,(1))] = ss[1] = word_in(key, 1);
cx->ks[v(56,(2))] = ss[2] = word_in(key, 2);
cx->ks[v(56,(3))] = ss[3] = word_in(key, 3);
#ifdef DEC_KS_UNROLL
ss[4] = word_in(key, 4);
cx->ks[v(56,(4))] = ff(ss[4]);
ss[4] = word_in(key, 5);
cx->ks[v(56,(5))] = ff(ss[5]);
ss[4] = word_in(key, 6);
cx->ks[v(56,(6))] = ff(ss[6]);
ss[4] = word_in(key, 7);
cx->ks[v(56,(7))] = ff(ss[7]);
kdf8(cx->ks, 0); kd8(cx->ks, 1);
kd8(cx->ks, 2); kd8(cx->ks, 3);
kd8(cx->ks, 4); kd8(cx->ks, 5);
kdl8(cx->ks, 6);
#else
cx->ks[v(56,(4))] = ss[4] = word_in(key, 4);
cx->ks[v(56,(5))] = ss[5] = word_in(key, 5);
cx->ks[v(56,(6))] = ss[6] = word_in(key, 6);
cx->ks[v(56,(7))] = ss[7] = word_in(key, 7);
{ uint_32t i;
for(i = 0; i < 6; ++i)
k8e(cx->ks, i);
k8ef(cx->ks, 6);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 14 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#endif
cx->inf.l = 0;
cx->inf.b[0] = 14 * 16;
#ifdef USE_VIA_ACE_IF_PRESENT
if(VIA_ACE_AVAILABLE)
cx->inf.b[1] = 0xff;
#endif
return EXIT_SUCCESS;
}
aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
{ aes_32t ss[8];
#if defined( d_vars )
d_vars;
#endif
cx->ks[0] = ss[0] = word_in(key, 0);
cx->ks[1] = ss[1] = word_in(key, 1);
cx->ks[2] = ss[2] = word_in(key, 2);
cx->ks[3] = ss[3] = word_in(key, 3);
#if DEC_UNROLL == NONE
cx->ks[4] = ss[4] = word_in(key, 4);
cx->ks[5] = ss[5] = word_in(key, 5);
cx->ks[6] = ss[6] = word_in(key, 6);
cx->ks[7] = ss[7] = word_in(key, 7);
{ aes_32t i;
for(i = 0; i < (15 * N_COLS - 9) / 8; ++i)
ke8(cx->ks, i);
kel8(cx->ks, i);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 14 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
cx->ks[4] = ff(ss[4] = word_in(key, 4));
cx->ks[5] = ff(ss[5] = word_in(key, 5));
cx->ks[6] = ff(ss[6] = word_in(key, 6));
cx->ks[7] = ff(ss[7] = word_in(key, 7));
kdf8(cx->ks, 0); kd8(cx->ks, 1);
kd8(cx->ks, 2); kd8(cx->ks, 3);
kd8(cx->ks, 4); kd8(cx->ks, 5);
kdl8(cx->ks, 6);
#endif
cx->rn = 14;
#if CC_AES_USE_HARDWARE
bcopy(key, cx->keyBytes, 32);
cx->keyLength = 32;
#endif
#if defined( AES_ERR_CHK )
return aes_good;
#endif
}
AES_RETURN aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1])
{ uint_32t ss[7];
#if defined( d_vars )
d_vars;
#endif
cx->ks[v(48,(0))] = ss[0] = word_in(key, 0);
cx->ks[v(48,(1))] = ss[1] = word_in(key, 1);
cx->ks[v(48,(2))] = ss[2] = word_in(key, 2);
cx->ks[v(48,(3))] = ss[3] = word_in(key, 3);
#if DEC_UNROLL == NONE
cx->ks[v(48,(4))] = ss[4] = word_in(key, 4);
cx->ks[v(48,(5))] = ss[5] = word_in(key, 5);
{ uint_32t i;
for(i = 0; i < 7; ++i)
k6e(cx->ks, i);
k6ef(cx->ks, 7);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 12 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
cx->ks[v(48,(4))] = ff(ss[4] = word_in(key, 4));
cx->ks[v(48,(5))] = ff(ss[5] = word_in(key, 5));
kdf6(cx->ks, 0); kd6(cx->ks, 1);
kd6(cx->ks, 2); kd6(cx->ks, 3);
kd6(cx->ks, 4); kd6(cx->ks, 5);
kd6(cx->ks, 6); kdl6(cx->ks, 7);
#endif
cx->inf.l = 0;
cx->inf.b[0] = 12 * 16;
#ifdef USE_VIA_ACE_IF_PRESENT
if(VIA_ACE_AVAILABLE)
cx->inf.b[1] = 0xff;
#endif
#if defined( AES_ERR_CHK )
return EXIT_SUCCESS;
#endif
}
static void
aes_decrypt_key256(const unsigned char *key, uint32_t rk[])
{
uint32_t ss[9];
#if defined(d_vars)
d_vars;
#endif
rk[v(56, (0))] = ss[0] = word_in(key, 0);
rk[v(56, (1))] = ss[1] = word_in(key, 1);
rk[v(56, (2))] = ss[2] = word_in(key, 2);
rk[v(56, (3))] = ss[3] = word_in(key, 3);
#ifdef DEC_KS_UNROLL
ss[4] = word_in(key, 4);
rk[v(56, (4))] = ff(ss[4]);
ss[5] = word_in(key, 5);
rk[v(56, (5))] = ff(ss[5]);
ss[6] = word_in(key, 6);
rk[v(56, (6))] = ff(ss[6]);
ss[7] = word_in(key, 7);
rk[v(56, (7))] = ff(ss[7]);
kdf8(rk, 0); kd8(rk, 1);
kd8(rk, 2); kd8(rk, 3);
kd8(rk, 4); kd8(rk, 5);
kdl8(rk, 6);
#else
rk[v(56, (4))] = ss[4] = word_in(key, 4);
rk[v(56, (5))] = ss[5] = word_in(key, 5);
rk[v(56, (6))] = ss[6] = word_in(key, 6);
rk[v(56, (7))] = ss[7] = word_in(key, 7);
{
uint32_t i;
for (i = 0; i < 6; ++i)
k8e(rk, i);
k8ef(rk, 6);
#if !(DEC_ROUND == NO_TABLES)
for (i = MAX_AES_NB; i < 14 * MAX_AES_NB; ++i)
rk[i] = inv_mcol(rk[i]);
#endif
}
#endif /* DEC_KS_UNROLL */
}
aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1])
{ aes_32t ss[7];
#ifdef d_vars
d_vars;
#endif
cx->ks[0] = ss[0] = word_in(in_key, 0);
cx->ks[1] = ss[1] = word_in(in_key, 1);
cx->ks[2] = ss[2] = word_in(in_key, 2);
cx->ks[3] = ss[3] = word_in(in_key, 3);
#if DEC_UNROLL == NONE
cx->ks[4] = ss[4] = word_in(in_key, 4);
cx->ks[5] = ss[5] = word_in(in_key, 5);
{ aes_32t i;
for(i = 0; i < (13 * N_COLS - 1) / 6; ++i)
ke6(cx->ks, i);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 12 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
cx->ks[4] = ff(ss[4] = word_in(in_key, 4));
cx->ks[5] = ff(ss[5] = word_in(in_key, 5));
kdf6(cx->ks, 0); kd6(cx->ks, 1);
kd6(cx->ks, 2); kd6(cx->ks, 3);
kd6(cx->ks, 4); kd6(cx->ks, 5);
kd6(cx->ks, 6); kdl6(cx->ks, 7);
#endif
/* cx->ks[45] ^ cx->ks[52] ^ cx->ks[53] is zero for a 256 bit */
/* key and must be non-zero for 128 and 192 bits keys */
cx->ks[53] = cx->ks[45];
cx->ks[52] = 12;
#ifdef AES_ERR_CHK
return aes_good;
#endif
}
aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1])
{ aes_32t ss[8];
#ifdef d_vars
d_vars;
#endif
cx->ks[0] = ss[0] = word_in(in_key, 0);
cx->ks[1] = ss[1] = word_in(in_key, 1);
cx->ks[2] = ss[2] = word_in(in_key, 2);
cx->ks[3] = ss[3] = word_in(in_key, 3);
#if DEC_UNROLL == NONE
cx->ks[4] = ss[4] = word_in(in_key, 4);
cx->ks[5] = ss[5] = word_in(in_key, 5);
cx->ks[6] = ss[6] = word_in(in_key, 6);
cx->ks[7] = ss[7] = word_in(in_key, 7);
{ aes_32t i;
for(i = 0; i < (15 * N_COLS - 1) / 8; ++i)
ke8(cx->ks, i);
#if !(DEC_ROUND == NO_TABLES)
for(i = N_COLS; i < 14 * N_COLS; ++i)
cx->ks[i] = inv_mcol(cx->ks[i]);
#endif
}
#else
cx->ks[4] = ff(ss[4] = word_in(in_key, 4));
cx->ks[5] = ff(ss[5] = word_in(in_key, 5));
cx->ks[6] = ff(ss[6] = word_in(in_key, 6));
cx->ks[7] = ff(ss[7] = word_in(in_key, 7));
kdf8(cx->ks, 0); kd8(cx->ks, 1);
kd8(cx->ks, 2); kd8(cx->ks, 3);
kd8(cx->ks, 4); kd8(cx->ks, 5);
kdl8(cx->ks, 6);
#endif
#ifdef AES_ERR_CHK
return aes_good;
#endif
}
static void
aes_decrypt_key192(const unsigned char *key, uint32_t rk[])
{
uint32_t ss[7];
#if defined(d_vars)
d_vars;
#endif
rk[v(48, (0))] = ss[0] = word_in(key, 0);
rk[v(48, (1))] = ss[1] = word_in(key, 1);
rk[v(48, (2))] = ss[2] = word_in(key, 2);
rk[v(48, (3))] = ss[3] = word_in(key, 3);
#ifdef DEC_KS_UNROLL
ss[4] = word_in(key, 4);
rk[v(48, (4))] = ff(ss[4]);
ss[5] = word_in(key, 5);
rk[v(48, (5))] = ff(ss[5]);
kdf6(rk, 0); kd6(rk, 1);
kd6(rk, 2); kd6(rk, 3);
kd6(rk, 4); kd6(rk, 5);
kd6(rk, 6); kdl6(rk, 7);
#else
rk[v(48, (4))] = ss[4] = word_in(key, 4);
rk[v(48, (5))] = ss[5] = word_in(key, 5);
{
uint32_t i;
for (i = 0; i < 7; ++i)
k6e(rk, i);
k6ef(rk, 7);
#if !(DEC_ROUND == NO_TABLES)
for (i = MAX_AES_NB; i < 12 * MAX_AES_NB; ++i)
rk[i] = inv_mcol(rk[i]);
#endif
}
#endif
}
aes_rval aes_set_decrypt_key(const unsigned char in_key[], unsigned int klen, aes_ctx cx[1])
{ aes_32t ss[8];
d_vars
#if !defined(FIXED_TABLES)
#ifdef GLOBALS
if(!t_use(in,it)) gen_tabs();
#else
if(!cx->t_ptr || !t_use(in,it)) gen_tabs(cx);
#endif
#endif
#if !defined(BLOCK_SIZE)
if(!cx->n_blk) cx->n_blk = 16;
#else
cx->n_blk = BLOCK_SIZE;
#endif
if(((klen & 7) || klen < 16 || klen > 32) && ((klen & 63) || klen < 128 || klen > 256))
{
cx->n_rnd = 0; return aes_bad;
}
klen >>= (klen < 128 ? 2 : 5);
cx->n_blk = (cx->n_blk & ~3) | 2;
cx->k_sch[0] = ss[0] = word_in(in_key );
cx->k_sch[1] = ss[1] = word_in(in_key + 4);
cx->k_sch[2] = ss[2] = word_in(in_key + 8);
cx->k_sch[3] = ss[3] = word_in(in_key + 12);
#if (BLOCK_SIZE == 16) && (DEC_UNROLL != NONE)
switch(klen)
{
case 4:
kdf4(cx->k_sch, 0); kd4(cx->k_sch, 1);
kd4(cx->k_sch, 2); kd4(cx->k_sch, 3);
kd4(cx->k_sch, 4); kd4(cx->k_sch, 5);
kd4(cx->k_sch, 6); kd4(cx->k_sch, 7);
kd4(cx->k_sch, 8); kdl4(cx->k_sch, 9);
cx->n_rnd = 10; break;
case 6:
cx->k_sch[4] = ff(ss[4] = word_in(in_key + 16));
cx->k_sch[5] = ff(ss[5] = word_in(in_key + 20));
kdf6(cx->k_sch, 0); kd6(cx->k_sch, 1);
kd6(cx->k_sch, 2); kd6(cx->k_sch, 3);
kd6(cx->k_sch, 4); kd6(cx->k_sch, 5);
kd6(cx->k_sch, 6); kdl6(cx->k_sch, 7);
cx->n_rnd = 12; break;
case 8:
cx->k_sch[4] = ff(ss[4] = word_in(in_key + 16));
cx->k_sch[5] = ff(ss[5] = word_in(in_key + 20));
cx->k_sch[6] = ff(ss[6] = word_in(in_key + 24));
cx->k_sch[7] = ff(ss[7] = word_in(in_key + 28));
kdf8(cx->k_sch, 0); kd8(cx->k_sch, 1);
kd8(cx->k_sch, 2); kd8(cx->k_sch, 3);
kd8(cx->k_sch, 4); kd8(cx->k_sch, 5);
kdl8(cx->k_sch, 6);
cx->n_rnd = 14; break;
default:
;
}
#else
cx->n_rnd = (klen > nc ? klen : nc) + 6;
{ aes_32t i, l;
l = (nc * cx->n_rnd + nc - 1) / klen;
switch(klen)
{
case 4:
for(i = 0; i < l; ++i)
ke4(cx->k_sch, i);
break;
case 6:
cx->k_sch[4] = ss[4] = word_in(in_key + 16);
cx->k_sch[5] = ss[5] = word_in(in_key + 20);
for(i = 0; i < l; ++i)
ke6(cx->k_sch, i);
break;
case 8:
cx->k_sch[4] = ss[4] = word_in(in_key + 16);
cx->k_sch[5] = ss[5] = word_in(in_key + 20);
cx->k_sch[6] = ss[6] = word_in(in_key + 24);
cx->k_sch[7] = ss[7] = word_in(in_key + 28);
for(i = 0; i < l; ++i)
ke8(cx->k_sch, i);
break;
default:
;
}
#if (DEC_ROUND != NO_TABLES)
for(i = nc; i < nc * cx->n_rnd; ++i)
cx->k_sch[i] = inv_mcol(cx->k_sch[i]);
#endif
}
#endif
return aes_good;
}
/*******************************************************************************
* Function Name : AES_decrypt
* Description : Decrypts one block of 16 bytes
* Input : - input_pointer: input block address
* - expkey: decryption key
* Output : output_pointer: output block address
* Return : None
*******************************************************************************/
void AES_decrypt(u32* input_pointer, u32* output_pointer, u32* expkey)
{
/* Register: ask to the compiler to maintain this variable in the
processor's registers and don't store it in RAM */
register u32 t0;
register u32 t1;
register u32 t2;
register u32 t3;
register u32 s0;
register u32 s1;
register u32 s2;
register u32 s3;
register int r = 10; /* Count the round */
register u32* local_pointer = expkey;
u32 f2,f4,f8;
s0 = input_pointer[0] ^ local_pointer[0];
s1 = input_pointer[1] ^ local_pointer[1];
s2 = input_pointer[2] ^ local_pointer[2];
s3 = input_pointer[3] ^ local_pointer[3];
/* First add key: before start the rounds */
local_pointer += 4;
for (;;) /* Start round */
{
t0 = WORD8_TO_WORD32( InvSbox[byte0(s0)],
InvSbox[byte1(s3)],
InvSbox[byte2(s2)],
InvSbox[byte3(s1)]) ^ local_pointer[4];
t1 = WORD8_TO_WORD32( InvSbox[byte0(s1)],
InvSbox[byte1(s0)],
InvSbox[byte2(s3)],
InvSbox[byte3(s2)]) ^ local_pointer[5];
t2 = WORD8_TO_WORD32( InvSbox[byte0(s2)],
InvSbox[byte1(s1)],
InvSbox[byte2(s0)],
InvSbox[byte3(s3)]) ^ local_pointer[6];
t3 = WORD8_TO_WORD32( InvSbox[byte0(s3)],
InvSbox[byte1(s2)],
InvSbox[byte2(s1)],
InvSbox[byte3(s0)]) ^ local_pointer[7];
/*End of InvSbox, INVshiftRow, add key*/
s0=inv_mcol(t0);
s1=inv_mcol(t1);
s2=inv_mcol(t2);
s3=inv_mcol(t3);
/*End of INVMix column */
local_pointer += 4; /*Follow the key sheduler to choose the right round key*/
if (--r == 1)
{
break;
}
}/*End of round*/
/*Start last round :is the only one different from the other*/
t0 = WORD8_TO_WORD32( InvSbox[byte0(s0)],
InvSbox[byte1(s3)],
InvSbox[byte2(s2)],
InvSbox[byte3(s1)]) ^ local_pointer[4];
t1 = WORD8_TO_WORD32( InvSbox[byte0(s1)],
InvSbox[byte1(s0)],
InvSbox[byte2(s3)],
InvSbox[byte3(s2)]) ^ local_pointer[5];
t2 = WORD8_TO_WORD32( InvSbox[byte0(s2)],
InvSbox[byte1(s1)],
InvSbox[byte2(s0)],
InvSbox[byte3(s3)]) ^ local_pointer[6];
t3 = WORD8_TO_WORD32( InvSbox[byte0(s3)],
InvSbox[byte1(s2)],
InvSbox[byte2(s1)],
InvSbox[byte3(s0)]) ^ local_pointer[7];
output_pointer[0] = t0;
output_pointer[1] = t1;
output_pointer[2] = t2;
output_pointer[3] = t3;
}
/*******************************************************************************
* Function Name : AES_decrypt
* Description : Decrypts one block of 16 bytes
* Input : - input_pointer: input block address
* - expkey: decryption key
* Output : output_pointer: output block address
* Return : None
*******************************************************************************/
void AES_decrypt(ot_u32* input_pointer, ot_u32* output_pointer, ot_u32* expkey) {
#if (AES_USEHW == ENABLED)
#elif (AES_USEFAST == ENABLED)
register ot_u32 s0;
register ot_u32 s1;
register ot_u32 s2;
register ot_u32 s3;
register ot_u32 t0;
register ot_u32 t1;
register ot_u32 t2;
register ot_u32 t3;
register int r = 10 >> 1;
register ot_u32* local_pointer = expkey + (40);
s0 = input_pointer[0] ^ local_pointer[0];
s1 = input_pointer[1] ^ local_pointer[1];
s2 = input_pointer[2] ^ local_pointer[2];
s3 = input_pointer[3] ^ local_pointer[3];
for (;;)
{
local_pointer -= 8;
t0 = dec_table[byte0(s0)] ^
rot1(dec_table[byte1(s3)]) ^
rot2(dec_table[byte2(s2)]) ^
rot3(dec_table[byte3(s1)]) ^
local_pointer[4];
t1 = dec_table[byte0(s1)] ^
rot1(dec_table[byte1(s0)]) ^
rot2(dec_table[byte2(s3)]) ^
rot3(dec_table[byte3(s2)]) ^
local_pointer[5];
t2 = dec_table[byte0(s2)] ^
rot1(dec_table[byte1(s1)]) ^
rot2(dec_table[byte2(s0)]) ^
rot3(dec_table[byte3(s3)]) ^
local_pointer[6];
t3 = dec_table[byte0(s3)] ^
rot1(dec_table[byte1(s2)]) ^
rot2(dec_table[byte2(s1)]) ^
rot3(dec_table[byte3(s0)]) ^
local_pointer[7];
if (--r == 0)
{
break;
}
s0 = dec_table[byte0(t0)] ^
rot1(dec_table[byte1(t3)]) ^
rot2(dec_table[byte2(t2)]) ^
rot3(dec_table[byte3(t1)]) ^
local_pointer[0];
s1 = dec_table[byte0(t1)] ^
rot1(dec_table[byte1(t0)]) ^
rot2(dec_table[byte2(t3)]) ^
rot3(dec_table[byte3(t2)]) ^
local_pointer[1];
s2 = dec_table[byte0(t2)] ^
rot1(dec_table[byte1(t1)]) ^
rot2(dec_table[byte2(t0)]) ^
rot3(dec_table[byte3(t3)]) ^
local_pointer[2];
s3 = dec_table[byte0(t3)] ^
rot1(dec_table[byte1(t2)]) ^
rot2(dec_table[byte2(t1)]) ^
rot3(dec_table[byte3(t0)]) ^
local_pointer[3];
}
output_pointer[0] = WORD8_TO_WORD32( InvSbox[byte0(t0)],
InvSbox[byte1(t3)],
InvSbox[byte2(t2)],
InvSbox[byte3(t1)]) ^ local_pointer[0];
output_pointer[1] = WORD8_TO_WORD32( InvSbox[byte0(t1)],
InvSbox[byte1(t0)],
InvSbox[byte2(t3)],
InvSbox[byte3(t2)]) ^ local_pointer[1];
output_pointer[2] = WORD8_TO_WORD32( InvSbox[byte0(t2)],
InvSbox[byte1(t1)],
InvSbox[byte2(t0)],
InvSbox[byte3(t3)]) ^ local_pointer[2];
output_pointer[3] = WORD8_TO_WORD32( InvSbox[byte0(t3)],
InvSbox[byte1(t2)],
InvSbox[byte2(t1)],
InvSbox[byte3(t0)]) ^ local_pointer[3];
#elif (AES_USELITE == ENABLED)
/* Register: ask to the compiler to maintain this variable in the
processor's registers and don't store it in RAM */
register ot_u32 t0;
register ot_u32 t1;
register ot_u32 t2;
register ot_u32 t3;
register ot_u32 s0;
register ot_u32 s1;
register ot_u32 s2;
register ot_u32 s3;
register int r = 10; /* Count the round */
register ot_u32* local_pointer = expkey + 40;
ot_u32 f2,f4,f8;
s0 = input_pointer[0] ^ local_pointer[0];
s1 = input_pointer[1] ^ local_pointer[1];
s2 = input_pointer[2] ^ local_pointer[2];
s3 = input_pointer[3] ^ local_pointer[3];
/* First add key: before start the rounds */
local_pointer -= 8;
for (;;) /* Start round */
{
t0 = WORD8_TO_WORD32( InvSbox[byte0(s0)],
InvSbox[byte1(s3)],
InvSbox[byte2(s2)],
InvSbox[byte3(s1)]) ^ local_pointer[4];
t1 = WORD8_TO_WORD32( InvSbox[byte0(s1)],
InvSbox[byte1(s0)],
InvSbox[byte2(s3)],
InvSbox[byte3(s2)]) ^ local_pointer[5];
t2 = WORD8_TO_WORD32( InvSbox[byte0(s2)],
InvSbox[byte1(s1)],
InvSbox[byte2(s0)],
InvSbox[byte3(s3)]) ^ local_pointer[6];
t3 = WORD8_TO_WORD32( InvSbox[byte0(s3)],
InvSbox[byte1(s2)],
InvSbox[byte2(s1)],
InvSbox[byte3(s0)]) ^ local_pointer[7];
/*End of InvSbox, INVshiftRow, add key*/
s0=inv_mcol(t0);
s1=inv_mcol(t1);
s2=inv_mcol(t2);
s3=inv_mcol(t3);
/*End of INVMix column */
local_pointer -= 4; /*Follow the key sheduler to choose the right round key*/
if (--r == 1)
{
break;
}
}/*End of round*/
/*Start last round :is the only one different from the other*/
t0 = WORD8_TO_WORD32( InvSbox[byte0(s0)],
InvSbox[byte1(s3)],
InvSbox[byte2(s2)],
InvSbox[byte3(s1)]) ^ local_pointer[4];
t1 = WORD8_TO_WORD32( InvSbox[byte0(s1)],
InvSbox[byte1(s0)],
InvSbox[byte2(s3)],
InvSbox[byte3(s2)]) ^ local_pointer[5];
t2 = WORD8_TO_WORD32( InvSbox[byte0(s2)],
InvSbox[byte1(s1)],
InvSbox[byte2(s0)],
InvSbox[byte3(s3)]) ^ local_pointer[6];
t3 = WORD8_TO_WORD32( InvSbox[byte0(s3)],
InvSbox[byte1(s2)],
InvSbox[byte2(s1)],
InvSbox[byte3(s0)]) ^ local_pointer[7];
output_pointer[0] = t0;
output_pointer[1] = t1;
output_pointer[2] = t2;
output_pointer[3] = t3;
#endif
}
