aes.c

C语言环境下的AES加密算法

/***************************************************************************
* Copyright (c) 2000-2004, Future Systems, Inc. / Seoul, Republic of Korea *
* All Rights Reserved.                                                     *
*                                                                          *
* This document contains proprietary and confidential information.  No     *
* parts of this document or the computer program it embodies may be in     *
* any way copied, duplicated, reproduced, translated into a different      *
* programming language, or distributed to any person, company, or          *
* corporation without the prior written consent of Future Systems, Inc.    *
*                              Hyo Sun Hwang                               *
*                372-2 YangJae B/D 6th Floor, Seoul, Korea                 *
*                           +82-2-578-0581 (552)                           *
***************************************************************************/

/*--------------------- [ Version/Command in detais] ---------------------*\
Description : aes.c
			(C-source file) Block Cipher AES - core function

C0000 : Created by Hyo Sun Hwang (hyosun@future.co.kr) 2000/12/31

C0001 : Modified by Hyo Sun Hwang (hyosun@future.co.kr) 2000/00/00

\*------------------------------------------------------------------------*/

/*************** Header files *********************************************/
#include "aes.h"

/*************** Assertions ***********************************************/

/*************** New Data Types *******************************************/
typedef struct {
	DWORD	k_len;
	DWORD	RK[64];
} RIJNDAEL_CIPHER_KEY;

/*************** Definitions / Macros  ************************************/
#define u1byte	BYTE
#define u4byte	DWORD
#define rotl	ROTL_DWORD
#define rotr	ROTR_DWORD
#define byte(x,n)	((u1byte)((x) >> (8 * n)))

#define LARGE_TABLES

#define ff_mult(a,b)	(a && b ? pow_tab[(log_tab[a] + log_tab[b]) % 255] : 0)

#ifdef LARGE_TABLES
	#define ls_box(x)				 \
		( fl_tab[0][byte(x, 0)] ^	 \
		  fl_tab[1][byte(x, 1)] ^	 \
		  fl_tab[2][byte(x, 2)] ^	 \
		  fl_tab[3][byte(x, 3)] )
#else
	#define ls_box(x)							 \
		((u4byte)sbx_tab[byte(x, 0)] <<  0) ^	 \
		((u4byte)sbx_tab[byte(x, 1)] <<  8) ^	 \
		((u4byte)sbx_tab[byte(x, 2)] << 16) ^	 \
		((u4byte)sbx_tab[byte(x, 3)] << 24)
#endif

/*************** Global Variables *****************************************/
static u1byte	log_tab[256];
static u1byte	pow_tab[256];
static u1byte	sbx_tab[256];
static u1byte	isb_tab[256];
static u4byte	rco_tab[ 10];
static u4byte	ft_tab[4][256];
static u4byte	it_tab[4][256];

#ifdef	LARGE_TABLES
  static u4byte  fl_tab[4][256];
  static u4byte  il_tab[4][256];
#endif

static u4byte	tab_gen = 0;


/*************** Prototypes ***********************************************/
static void gen_tabs(void)
{
	u4byte	i, t;
	u1byte	p, q;

	/* log and power tables for GF(2**8) finite field with	*/
	/* 0x11b as modular polynomial - the simplest prmitive	*/
	/* root is 0x11, used here to generate the tables		*/

	log_tab[7] = 0;
	for(i = 0,p = 1; i < 256; ++i)
	{
		pow_tab[i] = (BYTE)p;
		log_tab[p] = (BYTE)i;

		p = (BYTE)(p ^ (p << 1) ^ (p & 0x80 ? 0x01b : 0));
	}

	log_tab[1] = 0;
	p = 1;

	for(i = 0; i < 10; ++i)
	{
		rco_tab[i] = p; 

		p = (BYTE)((p << 1) ^ (p & 0x80 ? 0x1b : 0));
	}

	/* note that the affine byte transformation matrix in	*/
	/* rijndael specification is in big endian format with	*/
	/* bit 0 as the most significant bit. In the remainder	*/
	/* of the specification the bits are numbered from the	*/
	/* least significant end of a byte. 					*/

	for(i = 0; i < 256; ++i)
	{	
		p = (BYTE)(i ? pow_tab[255 - log_tab[i]] : 0);
		q = p;
		q = (BYTE)((q >> 7) | (q << 1));
		p ^= q;
		q = (BYTE)((q >> 7) | (q << 1));
		p ^= q;
		q = (BYTE)((q >> 7) | (q << 1));
		p ^= q;
		q = (BYTE)((q >> 7) | (q << 1));
		p ^= q ^ 0x63;
		sbx_tab[i] = (u1byte)p;
		isb_tab[p] = (u1byte)i;
	}

	for(i = 0; i < 256; ++i)
	{
		p = sbx_tab[i]; 

#ifdef	LARGE_TABLES
		t = p;
		fl_tab[0][i] = t;
		fl_tab[1][i] = rotl(t,  8);
		fl_tab[2][i] = rotl(t, 16);
		fl_tab[3][i] = rotl(t, 24);
#endif
		t = ((u4byte)ff_mult(2, p)) |
			((u4byte)p <<  8) |
			((u4byte)p << 16) |
			((u4byte)ff_mult(3, p) << 24);
		
		ft_tab[0][i] = t;
		ft_tab[1][i] = rotl(t,	8);
		ft_tab[2][i] = rotl(t, 16);
		ft_tab[3][i] = rotl(t, 24);

		p = isb_tab[i]; 

#ifdef	LARGE_TABLES
		t = p; il_tab[0][i] = t; 
		il_tab[1][i] = rotl(t,	8); 
		il_tab[2][i] = rotl(t, 16); 
		il_tab[3][i] = rotl(t, 24);
#endif 
		t = ((u4byte)ff_mult(14, p)) |
			((u4byte)ff_mult( 9, p) <<	8) |
			((u4byte)ff_mult(13, p) << 16) |
			((u4byte)ff_mult(11, p) << 24);
		
		it_tab[0][i] = t; 
		it_tab[1][i] = rotl(t,	8); 
		it_tab[2][i] = rotl(t, 16); 
		it_tab[3][i] = rotl(t, 24); 
	}

	tab_gen = 1;
};

#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b)

#define imix_col(y,x)		\
	 u	= star_x(x);		\
	 v	= star_x(u);		\
	 w	= star_x(v);		\
	 t	= w ^ (x);			\
	(y) = u ^ v ^ w;		\
	(y) ^= rotr(u ^ t,  8) ^ \
		  rotr(v ^ t, 16) ^ \
		  rotr(t,24)

/**************************************************************************
*
*	Function Description ...
*	
*	Return values:
*		- CTR_SUCCESS						窃荐啊 己傍利栏肺 荐青凳.
*		...
*/
static void RIJNDAEL_KeySchedule(
		BYTE		*UserKey,		//	荤侩磊 厚剐虐 涝仿
		DWORD		k_len,			//	荤侩磊 厚剐虐狼 DWORD 荐
		DWORD		*e_key)			//	鞠龋侩 Round Key 积己/免仿
{
	u4byte	i, t;

	////
	if(!tab_gen)
		gen_tabs();

	LITTLE_B2D(&(UserKey[ 0]), e_key[0]);
	LITTLE_B2D(&(UserKey[ 4]), e_key[1]);
	LITTLE_B2D(&(UserKey[ 8]), e_key[2]);
	LITTLE_B2D(&(UserKey[12]), e_key[3]);

	switch(k_len)
	{
		case 4:
				t = e_key[3];
				for(i = 0; i < 10; ++i) {
					t = ls_box(rotr(t,  8)) ^ rco_tab[i];
					t ^= e_key[4 * i];     e_key[4 * i + 4] = t;
					t ^= e_key[4 * i + 1]; e_key[4 * i + 5] = t;
					t ^= e_key[4 * i + 2]; e_key[4 * i + 6] = t;
					t ^= e_key[4 * i + 3]; e_key[4 * i + 7] = t;
				}
				break;

		case 6:
				LITTLE_B2D(&(UserKey[16]), e_key[4]);
				LITTLE_B2D(&(UserKey[20]), e_key[5]);
				t = e_key[5];
				for(i = 0; i < 8; ++i) {
					t = ls_box(rotr(t,	8)) ^ rco_tab[i];
					t ^= e_key[6 * i];	   e_key[6 * i + 6] = t;
					t ^= e_key[6 * i + 1]; e_key[6 * i + 7] = t;
					t ^= e_key[6 * i + 2]; e_key[6 * i + 8] = t;
					t ^= e_key[6 * i + 3]; e_key[6 * i + 9] = t;
					t ^= e_key[6 * i + 4]; e_key[6 * i + 10] = t;
					t ^= e_key[6 * i + 5]; e_key[6 * i + 11] = t;
				}
//					loop6(i);
				break;

		case 8:
				LITTLE_B2D(&(UserKey[16]), e_key[4]);
				LITTLE_B2D(&(UserKey[20]), e_key[5]);
				LITTLE_B2D(&(UserKey[24]), e_key[6]);
				LITTLE_B2D(&(UserKey[28]), e_key[7]);
				t = e_key[7];
				for(i = 0; i < 7; ++i) {
					t = ls_box(rotr(t,	8)) ^ rco_tab[i];
					t ^= e_key[8 * i];	   e_key[8 * i + 8] = t;
					t ^= e_key[8 * i + 1]; e_key[8 * i + 9] = t;
					t ^= e_key[8 * i + 2]; e_key[8 * i + 10] = t;
					t ^= e_key[8 * i + 3]; e_key[8 * i + 11] = t;
					t  = e_key[8 * i + 4] ^ ls_box(t);
					e_key[8 * i + 12] = t;
					t ^= e_key[8 * i + 5]; e_key[8 * i + 13] = t;
					t ^= e_key[8 * i + 6]; e_key[8 * i + 14] = t;
					t ^= e_key[8 * i + 7]; e_key[8 * i + 15] = t;
				}
//					loop8(i);
				break;
	}
}

/*************** Function *************************************************
* 
*/
RET_VAL AES_EncKeySchedule(
		BYTE		*UserKey,		//	荤侩磊 厚剐虐 涝仿
		DWORD		UserKeyLen,		//	荤侩磊 厚剐虐狼 官捞飘 荐
		AES_ALG_INFO	*AlgInfo)	//	鞠龋侩/汗龋侩 Round Key 积己/历厘
{
	RIJNDAEL_CIPHER_KEY	*RK_Struct=(RIJNDAEL_CIPHER_KEY *) AlgInfo->RoundKey;
	DWORD	*e_key=RK_Struct->RK;	//	64 DWORDs
	DWORD	k_len;

	//	UserKey狼 辨捞啊 何利例茄 版快 error 贸府
	if( (UserKeyLen!=16) && (UserKeyLen!=24) && (UserKeyLen!=32) )
		return CTR_INVALID_USERKEYLEN;

	////
	k_len = (UserKeyLen + 3) / 4;
	RK_Struct->k_len = k_len;

	RIJNDAEL_KeySchedule(UserKey, k_len, e_key);

	return CTR_SUCCESS;
}