📄 aes.cpp
字号:
for( i = 0; i < 8; i++, RK += 6 )
{
RK[6] = RK[0] ^ RCON[i] ^
( FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^
( FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^
( FSb[ ( RK[5] >> 24 ) ] << 16 ) ^
( FSb[ ( RK[5] ) & 0xFF ] << 24 );
RK[7] = RK[1] ^ RK[6];
RK[8] = RK[2] ^ RK[7];
RK[9] = RK[3] ^ RK[8];
RK[10] = RK[4] ^ RK[9];
RK[11] = RK[5] ^ RK[10];
}
break;
case 256:
for( i = 0; i < 7; i++, RK += 8 )
{
RK[8] = RK[0] ^ RCON[i] ^
( FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^
( FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^
( FSb[ ( RK[7] >> 24 ) ] << 16 ) ^
( FSb[ ( RK[7] ) & 0xFF ] << 24 );
RK[9] = RK[1] ^ RK[8];
RK[10] = RK[2] ^ RK[9];
RK[11] = RK[3] ^ RK[10];
RK[12] = RK[4] ^
( FSb[ ( RK[11] ) & 0xFF ] ) ^
( FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^
( FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^
( FSb[ ( RK[11] >> 24 ) ] << 24 );
RK[13] = RK[5] ^ RK[12];
RK[14] = RK[6] ^ RK[13];
RK[15] = RK[7] ^ RK[14];
}
break;
}
for( i = 0; i <= ctx->nr; i++ )
{
ctx->drk[i * 4 ] = ctx->erk[( ctx->nr - i ) * 4 ];
ctx->drk[i * 4 + 1] = ctx->erk[( ctx->nr - i ) * 4 + 1];
ctx->drk[i * 4 + 2] = ctx->erk[( ctx->nr - i ) * 4 + 2];
ctx->drk[i * 4 + 3] = ctx->erk[( ctx->nr - i ) * 4 + 3];
}
for( i = 1, RK = ctx->drk + 4; i < ctx->nr; i++, RK += 4 )
{
RK[0] = RT0[ FSb[ ( RK[0] ) & 0xFF ] ] ^
RT1[ FSb[ ( RK[0] >> 8 ) & 0xFF ] ] ^
RT2[ FSb[ ( RK[0] >> 16 ) & 0xFF ] ] ^
RT3[ FSb[ ( RK[0] >> 24 ) ] ];
RK[1] = RT0[ FSb[ ( RK[1] ) & 0xFF ] ] ^
RT1[ FSb[ ( RK[1] >> 8 ) & 0xFF ] ] ^
RT2[ FSb[ ( RK[1] >> 16 ) & 0xFF ] ] ^
RT3[ FSb[ ( RK[1] >> 24 ) ] ];
RK[2] = RT0[ FSb[ ( RK[2] ) & 0xFF ] ] ^
RT1[ FSb[ ( RK[2] >> 8 ) & 0xFF ] ] ^
RT2[ FSb[ ( RK[2] >> 16 ) & 0xFF ] ] ^
RT3[ FSb[ ( RK[2] >> 24 ) ] ];
RK[3] = RT0[ FSb[ ( RK[3] ) & 0xFF ] ] ^
RT1[ FSb[ ( RK[3] >> 8 ) & 0xFF ] ] ^
RT2[ FSb[ ( RK[3] >> 16 ) & 0xFF ] ] ^
RT3[ FSb[ ( RK[3] >> 24 ) ] ];
}
return( 0 );
}
/* 128-bit block encryption routine */
void aes_encrypt( struct aes_context *ctx, uint8 data[16] )
{
uint32 *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
RK = ctx->erk;
GET_UINT32( X0, data, 0 ); X0 ^= RK[0];
GET_UINT32( X1, data, 4 ); X1 ^= RK[1];
GET_UINT32( X2, data, 8 ); X2 ^= RK[2];
GET_UINT32( X3, data, 12 ); X3 ^= RK[3];
#define FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
{ \
RK += 4; \
\
X0 = RK[0] ^ FT0[ ( Y0 ) & 0xFF ] ^ \
FT1[ ( Y1 >> 8 ) & 0xFF ] ^ \
FT2[ ( Y2 >> 16 ) & 0xFF ] ^ \
FT3[ ( Y3 >> 24 ) ]; \
\
X1 = RK[1] ^ FT0[ ( Y1 ) & 0xFF ] ^ \
FT1[ ( Y2 >> 8 ) & 0xFF ] ^ \
FT2[ ( Y3 >> 16 ) & 0xFF ] ^ \
FT3[ ( Y0 >> 24 ) ]; \
\
X2 = RK[2] ^ FT0[ ( Y2 ) & 0xFF ] ^ \
FT1[ ( Y3 >> 8 ) & 0xFF ] ^ \
FT2[ ( Y0 >> 16 ) & 0xFF ] ^ \
FT3[ ( Y1 >> 24 ) ]; \
\
X3 = RK[3] ^ FT0[ ( Y3 ) & 0xFF ] ^ \
FT1[ ( Y0 >> 8 ) & 0xFF ] ^ \
FT2[ ( Y1 >> 16 ) & 0xFF ] ^ \
FT3[ ( Y2 >> 24 ) ]; \
}
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 1 */
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 2 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 3 */
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 4 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 5 */
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 6 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 7 */
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 8 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 9 */
if( ctx->nr > 10 )
{
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 10 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 11 */
}
if( ctx->nr > 12 )
{
FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 12 */
FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 13 */
}
/* last round */
RK += 4;
X0 = RK[0] ^ ( FSb[ ( Y0 ) & 0xFF ] ) ^
( FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^
( FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
( FSb[ ( Y3 >> 24 ) ] << 24 );
X1 = RK[1] ^ ( FSb[ ( Y1 ) & 0xFF ] ) ^
( FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^
( FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
( FSb[ ( Y0 >> 24 ) ] << 24 );
X2 = RK[2] ^ ( FSb[ ( Y2 ) & 0xFF ] ) ^
( FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^
( FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
( FSb[ ( Y1 >> 24 ) ] << 24 );
X3 = RK[3] ^ ( FSb[ ( Y3 ) & 0xFF ] ) ^
( FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^
( FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
( FSb[ ( Y2 >> 24 ) ] << 24 );
PUT_UINT32( X0, data, 0 );
PUT_UINT32( X1, data, 4 );
PUT_UINT32( X2, data, 8 );
PUT_UINT32( X3, data, 12 );
}
/* 128-bit block decryption routine */
void aes_decrypt( struct aes_context *ctx, uint8 data[16] )
{
uint32 *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
RK = ctx->drk;
GET_UINT32( X0, data, 0 ); X0 ^= RK[0];
GET_UINT32( X1, data, 4 ); X1 ^= RK[1];
GET_UINT32( X2, data, 8 ); X2 ^= RK[2];
GET_UINT32( X3, data, 12 ); X3 ^= RK[3];
#define RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
{ \
RK += 4; \
\
X0 = RK[0] ^ RT0[ ( Y0 ) & 0xFF ] ^ \
RT1[ ( Y3 >> 8 ) & 0xFF ] ^ \
RT2[ ( Y2 >> 16 ) & 0xFF ] ^ \
RT3[ ( Y1 >> 24 ) ]; \
\
X1 = RK[1] ^ RT0[ ( Y1 ) & 0xFF ] ^ \
RT1[ ( Y0 >> 8 ) & 0xFF ] ^ \
RT2[ ( Y3 >> 16 ) & 0xFF ] ^ \
RT3[ ( Y2 >> 24 ) ]; \
\
X2 = RK[2] ^ RT0[ ( Y2 ) & 0xFF ] ^ \
RT1[ ( Y1 >> 8 ) & 0xFF ] ^ \
RT2[ ( Y0 >> 16 ) & 0xFF ] ^ \
RT3[ ( Y3 >> 24 ) ]; \
\
X3 = RK[3] ^ RT0[ ( Y3 ) & 0xFF ] ^ \
RT1[ ( Y2 >> 8 ) & 0xFF ] ^ \
RT2[ ( Y1 >> 16 ) & 0xFF ] ^ \
RT3[ ( Y0 >> 24 ) ]; \
}
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 1 */
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 2 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 3 */
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 4 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 5 */
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 6 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 7 */
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 8 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 9 */
if( ctx->nr > 10 )
{
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 10 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 11 */
}
if( ctx->nr > 12 )
{
RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); /* round 12 */
RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); /* round 13 */
}
/* last round */
RK += 4;
X0 = RK[0] ^ ( RSb[ ( Y0 ) & 0xFF ] ) ^
( RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^
( RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
( RSb[ ( Y1 >> 24 ) ] << 24 );
X1 = RK[1] ^ ( RSb[ ( Y1 ) & 0xFF ] ) ^
( RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^
( RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
( RSb[ ( Y2 >> 24 ) ] << 24 );
X2 = RK[2] ^ ( RSb[ ( Y2 ) & 0xFF ] ) ^
( RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^
( RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
( RSb[ ( Y3 >> 24 ) ] << 24 );
X3 = RK[3] ^ ( RSb[ ( Y3 ) & 0xFF ] ) ^
( RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^
( RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
( RSb[ ( Y0 >> 24 ) ] << 24 );
PUT_UINT32( X0, data, 0 );
PUT_UINT32( X1, data, 4 );
PUT_UINT32( X2, data, 8 );
PUT_UINT32( X3, data, 12 );
}
#ifdef TEST
#include <string.h>
#include <stdio.h>
/*
* those are the standard FIPS 197 test vectors
*/
static unsigned char KEYs[3][32] =
{
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" \
"\x10\x11\x12\x13\x14\x15\x16\x17",
"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" \
"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F"
};
static unsigned char PT[16] =
"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF";
static unsigned char CTs[3][16] =
{
"\x69\xC4\xE0\xD8\x6A\x7B\x04\x30\xD8\xCD\xB7\x80\x70\xB4\xC5\x5A",
"\xDD\xA9\x7C\xA4\x86\x4C\xDF\xE0\x6E\xAF\x70\xA0\xEC\x0D\x71\x91",
"\x8E\xA2\xB7\xCA\x51\x67\x45\xBF\xEA\xFC\x49\x90\x4B\x49\x60\x89"
};
int main( void )
{
int i;
struct aes_context ctx;
unsigned char data[16];
for( i = 0; i < 3; i++ )
{
memcpy( data, PT, 16 );
aes_set_key( &ctx, KEYs[i], 128 + i * 64 );
aes_encrypt( &ctx, data );
printf( "encryption test %d ", i + 1 );
if( ! memcmp( data, CTs[i], 16 ) )
{
printf( "passed\n" );
}
else
{
printf( "failed\n" );
return( 1 );
}
}
for( i = 0; i < 3; i++ )
{
memcpy( data, CTs[i], 16 );
aes_set_key( &ctx, KEYs[i], 128 + i * 64 );
aes_decrypt( &ctx, data );
printf( "decryption test %d ", i + 1 );
if( ! memcmp( data, PT, 16 ) )
{
printf( "passed\n" );
}
else
{
printf( "failed\n" );
return( 1 );
}
}
return( 0 );
}
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -