📄 rijndael-alg-fst.c
字号:
PUTU32(ct , s0);
s1 =
(Te4[(UINT8)(t1 >> 24) ] & 0xff000000UL) ^
(Te4[(UINT8)(t2 >> 16) & 0xff] & 0x00ff0000UL) ^
(Te4[(UINT8)(t3 >> 8) & 0xff] & 0x0000ff00UL) ^
(Te4[(UINT8)(t0 ) & 0xff] & 0x000000ffUL) ^
rk[1];
PUTU32(ct + 4, s1);
s2 =
(Te4[(UINT8)(t2 >> 24) ] & 0xff000000UL) ^
(Te4[(UINT8)(t3 >> 16) & 0xff] & 0x00ff0000UL) ^
(Te4[(UINT8)(t0 >> 8) & 0xff] & 0x0000ff00UL) ^
(Te4[(UINT8)(t1 ) & 0xff] & 0x000000ffUL) ^
rk[2];
PUTU32(ct + 8, s2);
s3 =
(Te4[(UINT8)(t3 >> 24) ] & 0xff000000UL) ^
(Te4[(UINT8)(t0 >> 16) & 0xff] & 0x00ff0000UL) ^
(Te4[(UINT8)(t1 >> 8) & 0xff] & 0x0000ff00UL) ^
(Te4[(UINT8)(t2 ) & 0xff] & 0x000000ffUL) ^
rk[3];
PUTU32(ct + 12, s3);
}
#endif
// >>> Robin_0915_2004
void rijndaelDecrypt(u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]) {
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef FULL_UNROLL
int r;
#endif /* ?FULL_UNROLL */
/*
* map byte array block to cipher state
* and add initial round key:
*/
s0 = GETU32(ct ) ^ rk[0];
s1 = GETU32(ct + 4) ^ rk[1];
s2 = GETU32(ct + 8) ^ rk[2];
s3 = GETU32(ct + 12) ^ rk[3];
#ifdef FULL_UNROLL
/* round 1: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
/* round 2: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
/* round 3: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
/* round 4: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
/* round 5: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
/* round 6: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
/* round 7: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
/* round 8: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
/* round 9: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
if (Nr > 10) {
/* round 10: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
/* round 11: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
if (Nr > 12) {
/* round 12: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
/* round 13: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
}
}
rk += Nr << 2;
#else /* !FULL_UNROLL */
/*
* Nr - 1 full rounds:
*/
r = Nr >> 1;
for (;;) {
t0 =
Td0[(UINT8)(s0 >> 24) ] ^
Td1[(UINT8)(s3 >> 16) & 0xff] ^
Td2[(UINT8)(s2 >> 8) & 0xff] ^
Td3[(UINT8)(s1 ) & 0xff] ^
rk[4];
t1 =
Td0[(UINT8)(s1 >> 24) ] ^
Td1[(UINT8)(s0 >> 16) & 0xff] ^
Td2[(UINT8)(s3 >> 8) & 0xff] ^
Td3[(UINT8)(s2 ) & 0xff] ^
rk[5];
t2 =
Td0[(UINT8)(s2 >> 24) ] ^
Td1[(UINT8)(s1 >> 16) & 0xff] ^
Td2[(UINT8)(s0 >> 8) & 0xff] ^
Td3[(UINT8)(s3 ) & 0xff] ^
rk[6];
t3 =
Td0[(UINT8)(s3 >> 24) ] ^
Td1[(UINT8)(s2 >> 16) & 0xff] ^
Td2[(UINT8)(s1 >> 8) & 0xff] ^
Td3[(UINT8)(s0 ) & 0xff] ^
rk[7];
rk += 8;
if (--r == 0) {
break;
}
s0 =
Td0[(UINT8)(t0 >> 24) ] ^
Td1[(UINT8)(t3 >> 16) & 0xff] ^
Td2[(UINT8)(t2 >> 8) & 0xff] ^
Td3[(UINT8)(t1 ) & 0xff] ^
rk[0];
s1 =
Td0[(UINT8)(t1 >> 24) ] ^
Td1[(UINT8)(t0 >> 16) & 0xff] ^
Td2[(UINT8)(t3 >> 8) & 0xff] ^
Td3[(UINT8)(t2 ) & 0xff] ^
rk[1];
s2 =
Td0[(UINT8)(t2 >> 24) ] ^
Td1[(UINT8)(t1 >> 16) & 0xff] ^
Td2[(UINT8)(t0 >> 8) & 0xff] ^
Td3[(UINT8)(t3 ) & 0xff] ^
rk[2];
s3 =
Td0[(UINT8)(t3 >> 24) ] ^
Td1[(UINT8)(t2 >> 16) & 0xff] ^
Td2[(UINT8)(t1 >> 8) & 0xff] ^
Td3[(UINT8)(t0 ) & 0xff] ^
rk[3];
}
#endif /* ?FULL_UNROLL */
/*
* apply last round and
* map cipher state to byte array block:
*/
s0 =
(Td4[(UINT8)(t0 >> 24) ] & 0xff000000UL) ^
(Td4[(UINT8)(t3 >> 16) & 0xff] & 0x00ff0000UL) ^
(Td4[(UINT8)(t2 >> 8) & 0xff] & 0x0000ff00UL) ^
(Td4[(UINT8)(t1 ) & 0xff] & 0x000000ffUL) ^
rk[0];
PUTU32(pt , s0);
s1 =
(Td4[(UINT8)(t1 >> 24) ] & 0xff000000UL) ^
(Td4[(UINT8)(t0 >> 16) & 0xff] & 0x00ff0000UL) ^
(Td4[(UINT8)(t3 >> 8) & 0xff] & 0x0000ff00UL) ^
(Td4[(UINT8)(t2 ) & 0xff] & 0x000000ffUL) ^
rk[1];
PUTU32(pt + 4, s1);
s2 =
(Td4[(UINT8)(t2 >> 24) ] & 0xff000000UL) ^
(Td4[(UINT8)(t1 >> 16) & 0xff] & 0x00ff0000UL) ^
(Td4[(UINT8)(t0 >> 8) & 0xff] & 0x0000ff00UL) ^
(Td4[(UINT8)(t3 ) & 0xff] & 0x000000ffUL) ^
rk[2];
PUTU32(pt + 8, s2);
s3 =
(Td4[(UINT8)(t3 >> 24) ] & 0xff000000UL) ^
(Td4[(UINT8)(t2 >> 16) & 0xff] & 0x00ff0000UL) ^
(Td4[(UINT8)(t1 >> 8) & 0xff] & 0x0000ff00UL) ^
(Td4[(UINT8)(t0 ) & 0xff] & 0x000000ffUL) ^
rk[3];
PUTU32(pt + 12, s3);
}
#ifdef INTERMEDIATE_VALUE_KAT
void rijndaelEncryptRound(u32 rk[/*4*(Nr + 1)*/], int Nr, u8 block[16], int rounds) {
int r;
u32 s0, s1, s2, s3, t0, t1, t2, t3;
/*
* map byte array block to cipher state
* and add initial round key:
*/
s0 = GETU32(block ) ^ rk[0];
s1 = GETU32(block + 4) ^ rk[1];
s2 = GETU32(block + 8) ^ rk[2];
s3 = GETU32(block + 12) ^ rk[3];
rk += 4;
/*
* Nr - 1 full rounds:
*/
for (r = (rounds < Nr ? rounds : Nr - 1); r > 0; r--) {
t0 =
Te0[(s0 >> 24) ] ^
Te1[(s1 >> 16) & 0xff] ^
Te2[(s2 >> 8) & 0xff] ^
Te3[(s3 ) & 0xff] ^
rk[0];
t1 =
Te0[(s1 >> 24) ] ^
Te1[(s2 >> 16) & 0xff] ^
Te2[(s3 >> 8) & 0xff] ^
Te3[(s0 ) & 0xff] ^
rk[1];
t2 =
Te0[(s2 >> 24) ] ^
Te1[(s3 >> 16) & 0xff] ^
Te2[(s0 >> 8) & 0xff] ^
Te3[(s1 ) & 0xff] ^
rk[2];
t3 =
Te0[(s3 >> 24) ] ^
Te1[(s0 >> 16) & 0xff] ^
Te2[(s1 >> 8) & 0xff] ^
Te3[(s2 ) & 0xff] ^
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -