[u/mdw/catacomb] / rijndael-base.c

/* -*-c-*-
 *
 * $Id: rijndael-base.c,v 1.1 2001/05/07 17:31:37 mdw Exp $
 *
 * Low-level stuff for all Rijndael block sizes
 *
 * (c) 2001 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of Catacomb.
 *
 * Catacomb is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Library General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 * 
 * Catacomb is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Library General Public License for more details.
 * 
 * You should have received a copy of the GNU Library General Public
 * License along with Catacomb; if not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: rijndael-base.c,v $
 * Revision 1.1  2001/05/07 17:31:37  mdw
 * Centralize Rijndael tables and key scheduling.
 *
 */

/*----- Header files ------------------------------------------------------*/

#include <assert.h>
#include <stdio.h>

#include <mLib/bits.h>

#include "blkc.h"
#include "gcipher.h"
#include "rijndael.h"
#include "rijndael-base.h"
#include "rijndael-tab.h"

/*----- Global variables --------------------------------------------------*/

const octet rijndael_keysz[] = { KSZ_RANGE, RIJNDAEL_KEYSZ, 4, 32, 4 };

/*----- Constant tables ---------------------------------------------------*/

const octet rijndael_s[256] = RIJNDAEL_S;
const octet rijndael_si[256] = RIJNDAEL_SI;
const uint32 rijndael_t[4][256] = RIJNDAEL_T;
const uint32 rijndael_ti[4][256] = RIJNDAEL_TI;
const uint32 rijndael_u[4][256] = RIJNDAEL_U;
const octet rijndael_rcon[] = RIJNDAEL_RCON;

/*----- Main code ---------------------------------------------------------*/

/* --- @rijndael_setup@ --- *
 *
 * Arguments:	@rijndael_ctx *k@ = pointer to context to initialize
 *		@unsigned nb@ = number of words in the block
 *		@const void *buf@ = pointer to buffer of key material
 *		@size_t sz@ = size of the key material
 *
 * Returns:	---
 *
 * Use:		Low-level key-scheduling.
 */

void rijndael_setup(rijndael_ctx *k, unsigned nb, const void *buf, size_t sz)
{
  unsigned nk, nr, nw;
  unsigned i, j, jj;
  const octet *p;
  uint32 ww;

  /* --- Sort out the key size --- */

  KSZ_ASSERT(rijndael, sz);
  nk = sz / 4;

  /* --- Select the number of rounds --- */

  nr = (nk > nb ? nk : nb) + 6;
  if (nr < 10)
    nr = 10;
  k->nr = nr;

  /* --- Fetch the first key words out --- */

  p = buf;
  for (i = 0; i < nk; i++) {
    k->w[i] = LOAD32_L(p);
    p += 4;
  }

  /* --- Expand this material to fill the rest of the table --- */

  nw = (nr + 1) * nb;
  ww = k->w[i - 1];
  p = RCON;
  for (; i < nw; i++) {
    uint32 w = k->w[i - nk];
    if (i % nk == 0) {
      ww = ROR32(ww, 8);
      w ^= SUB(S, ww, ww, ww, ww) ^ *p++;
    } else if (nk > 6 && i % nk == 4)
      w ^= SUB(S, ww, ww, ww, ww);
    else
      w ^= ww;
    k->w[i] = ww = w;
  }

  /* --- Make the decryption keys --- */

  j = nw; i = 0;

  j -= nb; jj = 0;
  for (; i < nb; i++)
    k->wi[i] = k->w[j + jj++];

  for (; i < nw - nb; i += nb) {
    j -= nb;
    for (jj = 0; jj < nb; jj++) {
      uint32 w = k->w[j + jj];
      k->wi[i + jj] = MIX(U, w, w, w, w);
    }
  }

  j -= nb; jj = 0;
  for (; i < nw; i++)
    k->wi[i] = k->w[j + jj++];
}

/*----- That's all, folks -------------------------------------------------*/
Commit	Line	Data
8b3d7f30	1	/* --c--
	2	*
	3	* $Id: rijndael-base.c,v 1.1 2001/05/07 17:31:37 mdw Exp $
	4	*
	5	* Low-level stuff for all Rijndael block sizes
	6	*
	7	* (c) 2001 Straylight/Edgeware
	8	*/
	9
	10	/----- Licensing notice --------------------------------------------------
	11	*
	12	* This file is part of Catacomb.
	13	*
	14	* Catacomb is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU Library General Public License as
	16	* published by the Free Software Foundation; either version 2 of the
	17	* License, or (at your option) any later version.
	18	*
	19	* Catacomb is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU Library General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU Library General Public
	25	* License along with Catacomb; if not, write to the Free
	26	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
	27	* MA 02111-1307, USA.
	28	*/
	29
	30	/----- Revision history --------------------------------------------------
	31	*
	32	* $Log: rijndael-base.c,v $
	33	* Revision 1.1 2001/05/07 17:31:37 mdw
	34	* Centralize Rijndael tables and key scheduling.
	35	*
	36	*/
	37
	38	/----- Header files ------------------------------------------------------/
	39
	40	#include <assert.h>
	41	#include <stdio.h>
	42
	43	#include <mLib/bits.h>
	44
	45	#include "blkc.h"
	46	#include "gcipher.h"
	47	#include "rijndael.h"
	48	#include "rijndael-base.h"
	49	#include "rijndael-tab.h"
	50
	51	/----- Global variables --------------------------------------------------/
	52
	53	const octet rijndael_keysz[] = { KSZ_RANGE, RIJNDAEL_KEYSZ, 4, 32, 4 };
	54
	55	/----- Constant tables ---------------------------------------------------/
	56
	57	const octet rijndael_s[256] = RIJNDAEL_S;
	58	const octet rijndael_si[256] = RIJNDAEL_SI;
	59	const uint32 rijndael_t[4][256] = RIJNDAEL_T;
	60	const uint32 rijndael_ti[4][256] = RIJNDAEL_TI;
	61	const uint32 rijndael_u[4][256] = RIJNDAEL_U;
	62	const octet rijndael_rcon[] = RIJNDAEL_RCON;
	63
	64	/----- Main code ---------------------------------------------------------/
65
66	/* --- @rijndael_setup@ --- *
67	*
68	* Arguments: @rijndael_ctx *k@ = pointer to context to initialize
69	* @unsigned nb@ = number of words in the block
70	* @const void *buf@ = pointer to buffer of key material
71	* @size_t sz@ = size of the key material
72	*
73	* Returns: ---
74	*
75	* Use: Low-level key-scheduling.
76	*/
77
78	void rijndael_setup(rijndael_ctx k, unsigned nb, const void buf, size_t sz)
79	{
80	unsigned nk, nr, nw;
81	unsigned i, j, jj;
82	const octet *p;
83	uint32 ww;
84
85	/* --- Sort out the key size --- */
86
87	KSZ_ASSERT(rijndael, sz);
88	nk = sz / 4;
89
90	/* --- Select the number of rounds --- */
91
92	nr = (nk > nb ? nk : nb) + 6;
93	if (nr < 10)
94	nr = 10;
95	k->nr = nr;
96
97	/* --- Fetch the first key words out --- */
98
99	p = buf;
100	for (i = 0; i < nk; i++) {
101	k->w[i] = LOAD32_L(p);
102	p += 4;
103	}
104
105	/* --- Expand this material to fill the rest of the table --- */
106
107	nw = (nr + 1) * nb;
108	ww = k->w[i - 1];
109	p = RCON;
110	for (; i < nw; i++) {
111	uint32 w = k->w[i - nk];
112	if (i % nk == 0) {
113	ww = ROR32(ww, 8);
114	w ^= SUB(S, ww, ww, ww, ww) ^ *p++;
115	} else if (nk > 6 && i % nk == 4)
116	w ^= SUB(S, ww, ww, ww, ww);
117	else
118	w ^= ww;
119	k->w[i] = ww = w;
120	}
121
122	/* --- Make the decryption keys --- */
123
124	j = nw; i = 0;
125
126	j -= nb; jj = 0;
127	for (; i < nb; i++)
128	k->wi[i] = k->w[j + jj++];
129
130	for (; i < nw - nb; i += nb) {
131	j -= nb;
132	for (jj = 0; jj < nb; jj++) {
133	uint32 w = k->w[j + jj];
134	k->wi[i + jj] = MIX(U, w, w, w, w);
135	}
136	}
137
138	j -= nb; jj = 0;
139	for (; i < nw; i++)
140	k->wi[i] = k->w[j + jj++];
141	}
142
143	/----- That's all, folks -------------------------------------------------/