/* rijndael-api-fst.c --- Rijndael cipher implementation.
- * Copyright (C) 2005 Free Software Foundation, Inc.
+ * Copyright (C) 2005-2006, 2009-2013 Free Software Foundation, Inc.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this file; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301, USA.
+ * along with this file; if not, see <http://www.gnu.org/licenses/>.
*
*/
* http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/rijndael-fst-3.0.zip
*/
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
+#include <config.h>
/**
* rijndael-api-fst.c
rijndael_rc
rijndaelMakeKey (rijndaelKeyInstance *key, rijndael_direction direction,
- size_t keyLen, const char *keyMaterial)
+ size_t keyLen, const char *keyMaterial)
{
size_t i;
char *keyMat;
t = *keyMat++;
if ((t >= '0') && (t <= '9'))
- v = (t - '0') << 4;
+ v = (t - '0') << 4;
else if ((t >= 'a') && (t <= 'f'))
- v = (t - 'a' + 10) << 4;
+ v = (t - 'a' + 10) << 4;
else if ((t >= 'A') && (t <= 'F'))
- v = (t - 'A' + 10) << 4;
+ v = (t - 'A' + 10) << 4;
else
- return RIJNDAEL_BAD_KEY_MAT;
+ return RIJNDAEL_BAD_KEY_MAT;
t = *keyMat++;
if ((t >= '0') && (t <= '9'))
- v ^= (t - '0');
+ v ^= (t - '0');
else if ((t >= 'a') && (t <= 'f'))
- v ^= (t - 'a' + 10);
+ v ^= (t - 'a' + 10);
else if ((t >= 'A') && (t <= 'F'))
- v ^= (t - 'A' + 10);
+ v ^= (t - 'A' + 10);
else
- return RIJNDAEL_BAD_KEY_MAT;
+ return RIJNDAEL_BAD_KEY_MAT;
cipherKey[i] = v;
}
rijndael_rc
rijndaelCipherInit (rijndaelCipherInstance *cipher, rijndael_mode mode,
- const char *IV)
+ const char *IV)
{
if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC)
|| (mode == RIJNDAEL_MODE_CFB1))
{
int i;
for (i = 0; i < RIJNDAEL_MAX_IV_SIZE; i++)
- {
- int t, j;
-
- t = IV[2 * i];
- if ((t >= '0') && (t <= '9'))
- j = (t - '0') << 4;
- else if ((t >= 'a') && (t <= 'f'))
- j = (t - 'a' + 10) << 4;
- else if ((t >= 'A') && (t <= 'F'))
- j = (t - 'A' + 10) << 4;
- else
- return RIJNDAEL_BAD_CIPHER_INSTANCE;
-
- t = IV[2 * i + 1];
- if ((t >= '0') && (t <= '9'))
- j ^= (t - '0');
- else if ((t >= 'a') && (t <= 'f'))
- j ^= (t - 'a' + 10);
- else if ((t >= 'A') && (t <= 'F'))
- j ^= (t - 'A' + 10);
- else
- return RIJNDAEL_BAD_CIPHER_INSTANCE;
-
- cipher->IV[i] = (uint8_t) j;
- }
+ {
+ int t, j;
+
+ t = IV[2 * i];
+ if ((t >= '0') && (t <= '9'))
+ j = (t - '0') << 4;
+ else if ((t >= 'a') && (t <= 'f'))
+ j = (t - 'a' + 10) << 4;
+ else if ((t >= 'A') && (t <= 'F'))
+ j = (t - 'A' + 10) << 4;
+ else
+ return RIJNDAEL_BAD_CIPHER_INSTANCE;
+
+ t = IV[2 * i + 1];
+ if ((t >= '0') && (t <= '9'))
+ j ^= (t - '0');
+ else if ((t >= 'a') && (t <= 'f'))
+ j ^= (t - 'a' + 10);
+ else if ((t >= 'A') && (t <= 'F'))
+ j ^= (t - 'A' + 10);
+ else
+ return RIJNDAEL_BAD_CIPHER_INSTANCE;
+
+ cipher->IV[i] = (uint8_t) j;
+ }
}
else
{
int
rijndaelBlockEncrypt (rijndaelCipherInstance *cipher,
- const rijndaelKeyInstance *key,
- const char *input,
- size_t inputLen, char *outBuffer)
+ const rijndaelKeyInstance *key,
+ const char *input,
+ size_t inputLen, char *outBuffer)
{
size_t i, k, t, numBlocks;
char block[16], *iv;
}
if (input == NULL || inputLen <= 0)
{
- return 0; /* nothing to do */
+ return 0; /* nothing to do */
}
numBlocks = inputLen / 128;
{
case RIJNDAEL_MODE_ECB:
for (i = numBlocks; i > 0; i--)
- {
- rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
+ input += 16;
+ outBuffer += 16;
+ }
break;
case RIJNDAEL_MODE_CBC:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--)
- {
- ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
- ((uint32_t *) iv)[0];
- ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
- ((uint32_t *) iv)[1];
- ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
- ((uint32_t *) iv)[2];
- ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
- ((uint32_t *) iv)[3];
- rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
- memcpy (cipher->IV, outBuffer, 16);
- input += 16;
- outBuffer += 16;
- }
+ {
+ ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
+ ((uint32_t *) iv)[0];
+ ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
+ ((uint32_t *) iv)[1];
+ ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
+ ((uint32_t *) iv)[2];
+ ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
+ ((uint32_t *) iv)[3];
+ rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
+ memcpy (cipher->IV, outBuffer, 16);
+ input += 16;
+ outBuffer += 16;
+ }
break;
case RIJNDAEL_MODE_CFB1:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--)
- {
- memcpy (outBuffer, input, 16);
- for (k = 0; k < 128; k++)
- {
- rijndaelEncrypt (key->ek, key->Nr, iv, block);
- outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
- for (t = 0; t < 15; t++)
- {
- iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
- }
- iv[15] = (iv[15] << 1) |
- ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1);
- }
- outBuffer += 16;
- input += 16;
- }
+ {
+ memcpy (outBuffer, input, 16);
+ for (k = 0; k < 128; k++)
+ {
+ rijndaelEncrypt (key->ek, key->Nr, iv, block);
+ outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
+ for (t = 0; t < 15; t++)
+ {
+ iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
+ }
+ iv[15] = (iv[15] << 1) |
+ ((outBuffer[k >> 3] >> (7 - (k & 7))) & 1);
+ }
+ outBuffer += 16;
+ input += 16;
+ }
break;
default:
int
rijndaelPadEncrypt (rijndaelCipherInstance *cipher,
- const rijndaelKeyInstance *key,
- const char *input,
- size_t inputOctets, char *outBuffer)
+ const rijndaelKeyInstance *key,
+ const char *input,
+ size_t inputOctets, char *outBuffer)
{
size_t i, numBlocks, padLen;
char block[16], *iv;
}
if (input == NULL || inputOctets <= 0)
{
- return 0; /* nothing to do */
+ return 0; /* nothing to do */
}
numBlocks = inputOctets / 16;
{
case RIJNDAEL_MODE_ECB:
for (i = numBlocks; i > 0; i--)
- {
- rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelEncrypt (key->rk, key->Nr, input, outBuffer);
+ input += 16;
+ outBuffer += 16;
+ }
padLen = 16 - (inputOctets - 16 * numBlocks);
assert (padLen > 0 && padLen <= 16);
memcpy (block, input, 16 - padLen);
case RIJNDAEL_MODE_CBC:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--)
- {
- ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
- ((uint32_t *) iv)[0];
- ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
- ((uint32_t *) iv)[1];
- ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
- ((uint32_t *) iv)[2];
- ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
- ((uint32_t *) iv)[3];
- rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
- memcpy (cipher->IV, outBuffer, 16);
- input += 16;
- outBuffer += 16;
- }
+ {
+ ((uint32_t *) block)[0] = ((uint32_t *) input)[0] ^
+ ((uint32_t *) iv)[0];
+ ((uint32_t *) block)[1] = ((uint32_t *) input)[1] ^
+ ((uint32_t *) iv)[1];
+ ((uint32_t *) block)[2] = ((uint32_t *) input)[2] ^
+ ((uint32_t *) iv)[2];
+ ((uint32_t *) block)[3] = ((uint32_t *) input)[3] ^
+ ((uint32_t *) iv)[3];
+ rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
+ memcpy (cipher->IV, outBuffer, 16);
+ input += 16;
+ outBuffer += 16;
+ }
padLen = 16 - (inputOctets - 16 * numBlocks);
assert (padLen > 0 && padLen <= 16);
for (i = 0; i < 16 - padLen; i++)
- {
- block[i] = input[i] ^ iv[i];
- }
+ {
+ block[i] = input[i] ^ iv[i];
+ }
for (i = 16 - padLen; i < 16; i++)
- {
- block[i] = (char) padLen ^ iv[i];
- }
+ {
+ block[i] = (char) padLen ^ iv[i];
+ }
rijndaelEncrypt (key->rk, key->Nr, block, outBuffer);
memcpy (cipher->IV, outBuffer, 16);
break;
int
rijndaelBlockDecrypt (rijndaelCipherInstance *cipher,
- const rijndaelKeyInstance *key,
- const char *input,
- size_t inputLen, char *outBuffer)
+ const rijndaelKeyInstance *key,
+ const char *input,
+ size_t inputLen, char *outBuffer)
{
size_t i, k, t, numBlocks;
char block[16], *iv;
- if (cipher == NULL ||
- key == NULL ||
- cipher->mode != RIJNDAEL_MODE_CFB1
- && key->direction == RIJNDAEL_DIR_ENCRYPT)
+ if (cipher == NULL
+ || key == NULL
+ || (cipher->mode != RIJNDAEL_MODE_CFB1
+ && key->direction == RIJNDAEL_DIR_ENCRYPT))
{
return RIJNDAEL_BAD_CIPHER_STATE;
}
if (input == NULL || inputLen <= 0)
{
- return 0; /* nothing to do */
+ return 0; /* nothing to do */
}
numBlocks = inputLen / 128;
{
case RIJNDAEL_MODE_ECB:
for (i = numBlocks; i > 0; i--)
- {
- rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
+ input += 16;
+ outBuffer += 16;
+ }
break;
case RIJNDAEL_MODE_CBC:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--)
- {
- rijndaelDecrypt (key->rk, key->Nr, input, block);
- ((uint32_t *) block)[0] ^= ((uint32_t *) iv)[0];
- ((uint32_t *) block)[1] ^= ((uint32_t *) iv)[1];
- ((uint32_t *) block)[2] ^= ((uint32_t *) iv)[2];
- ((uint32_t *) block)[3] ^= ((uint32_t *) iv)[3];
- memcpy (cipher->IV, input, 16);
- memcpy (outBuffer, block, 16);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelDecrypt (key->rk, key->Nr, input, block);
+ ((uint32_t *) block)[0] ^= ((uint32_t *) iv)[0];
+ ((uint32_t *) block)[1] ^= ((uint32_t *) iv)[1];
+ ((uint32_t *) block)[2] ^= ((uint32_t *) iv)[2];
+ ((uint32_t *) block)[3] ^= ((uint32_t *) iv)[3];
+ memcpy (cipher->IV, input, 16);
+ memcpy (outBuffer, block, 16);
+ input += 16;
+ outBuffer += 16;
+ }
break;
case RIJNDAEL_MODE_CFB1:
iv = cipher->IV;
for (i = numBlocks; i > 0; i--)
- {
- memcpy (outBuffer, input, 16);
- for (k = 0; k < 128; k++)
- {
- rijndaelEncrypt (key->ek, key->Nr, iv, block);
- for (t = 0; t < 15; t++)
- {
- iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
- }
- iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1);
- outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
- }
- outBuffer += 16;
- input += 16;
- }
+ {
+ memcpy (outBuffer, input, 16);
+ for (k = 0; k < 128; k++)
+ {
+ rijndaelEncrypt (key->ek, key->Nr, iv, block);
+ for (t = 0; t < 15; t++)
+ {
+ iv[t] = (iv[t] << 1) | (iv[t + 1] >> 7);
+ }
+ iv[15] = (iv[15] << 1) | ((input[k >> 3] >> (7 - (k & 7))) & 1);
+ outBuffer[k >> 3] ^= (block[0] & 0x80U) >> (k & 7);
+ }
+ outBuffer += 16;
+ input += 16;
+ }
break;
default:
int
rijndaelPadDecrypt (rijndaelCipherInstance *cipher,
- const rijndaelKeyInstance *key,
- const char *input,
- size_t inputOctets, char *outBuffer)
+ const rijndaelKeyInstance *key,
+ const char *input,
+ size_t inputOctets, char *outBuffer)
{
size_t i, numBlocks, padLen;
char block[16];
}
if (input == NULL || inputOctets <= 0)
{
- return 0; /* nothing to do */
+ return 0; /* nothing to do */
}
if (inputOctets % 16 != 0)
{
case RIJNDAEL_MODE_ECB:
/* all blocks but last */
for (i = numBlocks - 1; i > 0; i--)
- {
- rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelDecrypt (key->rk, key->Nr, input, outBuffer);
+ input += 16;
+ outBuffer += 16;
+ }
/* last block */
rijndaelDecrypt (key->rk, key->Nr, input, block);
padLen = block[15];
if (padLen >= 16)
- {
- return RIJNDAEL_BAD_DATA;
- }
+ {
+ return RIJNDAEL_BAD_DATA;
+ }
for (i = 16 - padLen; i < 16; i++)
- {
- if (block[i] != padLen)
- {
- return RIJNDAEL_BAD_DATA;
- }
- }
+ {
+ if (block[i] != padLen)
+ {
+ return RIJNDAEL_BAD_DATA;
+ }
+ }
memcpy (outBuffer, block, 16 - padLen);
break;
case RIJNDAEL_MODE_CBC:
/* all blocks but last */
for (i = numBlocks - 1; i > 0; i--)
- {
- rijndaelDecrypt (key->rk, key->Nr, input, block);
- ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0];
- ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1];
- ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2];
- ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3];
- memcpy (cipher->IV, input, 16);
- memcpy (outBuffer, block, 16);
- input += 16;
- outBuffer += 16;
- }
+ {
+ rijndaelDecrypt (key->rk, key->Nr, input, block);
+ ((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0];
+ ((uint32_t *) block)[1] ^= ((uint32_t *) cipher->IV)[1];
+ ((uint32_t *) block)[2] ^= ((uint32_t *) cipher->IV)[2];
+ ((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3];
+ memcpy (cipher->IV, input, 16);
+ memcpy (outBuffer, block, 16);
+ input += 16;
+ outBuffer += 16;
+ }
/* last block */
rijndaelDecrypt (key->rk, key->Nr, input, block);
((uint32_t *) block)[0] ^= ((uint32_t *) cipher->IV)[0];
((uint32_t *) block)[3] ^= ((uint32_t *) cipher->IV)[3];
padLen = block[15];
if (padLen <= 0 || padLen > 16)
- {
- return RIJNDAEL_BAD_DATA;
- }
+ {
+ return RIJNDAEL_BAD_DATA;
+ }
for (i = 16 - padLen; i < 16; i++)
- {
- if (block[i] != padLen)
- {
- return RIJNDAEL_BAD_DATA;
- }
- }
+ {
+ if (block[i] != padLen)
+ {
+ return RIJNDAEL_BAD_DATA;
+ }
+ }
memcpy (outBuffer, block, 16 - padLen);
break;