diff options
Diffstat (limited to 'baseline/source/rijndael_dec/aes.h')
-rw-r--r-- | baseline/source/rijndael_dec/aes.h | 165 |
1 files changed, 165 insertions, 0 deletions
diff --git a/baseline/source/rijndael_dec/aes.h b/baseline/source/rijndael_dec/aes.h new file mode 100644 index 0000000..69bf3d3 --- /dev/null +++ b/baseline/source/rijndael_dec/aes.h | |||
@@ -0,0 +1,165 @@ | |||
1 | /* | ||
2 | ----------------------------------------------------------------------- | ||
3 | Copyright (c) 2001 Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK | ||
4 | |||
5 | TERMS | ||
6 | |||
7 | Redistribution and use in source and binary forms, with or without | ||
8 | modification, are permitted provided that the following conditions | ||
9 | are met: | ||
10 | 1. Redistributions of source code must retain the above copyright | ||
11 | notice, this list of conditions and the following disclaimer. | ||
12 | 2. Redistributions in binary form must reproduce the above copyright | ||
13 | notice, this list of conditions and the following disclaimer in the | ||
14 | documentation and/or other materials provided with the distribution. | ||
15 | |||
16 | This software is provided 'as is' with no guarantees of correctness or | ||
17 | fitness for purpose. | ||
18 | ----------------------------------------------------------------------- | ||
19 | |||
20 | 1. FUNCTION | ||
21 | |||
22 | The AES algorithm Rijndael implemented for block and key sizes of | ||
23 | 128 bits (16 bytes) by Brian Gladman. | ||
24 | |||
25 | This is an implementation of the AES encryption algorithm (Rijndael) | ||
26 | designed by Joan Daemen and Vincent Rijmen. | ||
27 | |||
28 | 2. THE CIPHER INTERFACE | ||
29 | |||
30 | byte (an unsigned 8-bit type) | ||
31 | word (an unsigned 32-bit type) | ||
32 | aes_ret: (a signed 16 bit type for function return values) | ||
33 | aes_good (value != 0, a good return) | ||
34 | aes_bad (value == 0, an error return) | ||
35 | enum aes_key: (encryption direction) | ||
36 | enc (set key for encryption) | ||
37 | dec (set key for decryption) | ||
38 | both (set key for both) | ||
39 | class or struct aes (structure for context) | ||
40 | |||
41 | C subroutine calls: | ||
42 | |||
43 | aes_ret set_blk(const word block_length, aes *cx) (variable block size) | ||
44 | aes_ret set_key(const byte key[], const word key_length, | ||
45 | const enum aes_key direction, aes *cx) | ||
46 | aes_ret encrypt(const byte input_blk[], byte output_blk[], const aes *cx) | ||
47 | aes_ret decrypt(const byte input_blk[], byte output_blk[], const aes *cx) | ||
48 | |||
49 | IMPORTANT NOTE: If you are using this C interface and your compiler does | ||
50 | not set the memory used for objects to zero before use, you will need to | ||
51 | ensure that cx.mode is set to zero before using the C subroutine calls. | ||
52 | |||
53 | The block length inputs to set_block and set_key are in numbers of | ||
54 | BYTES, not bits. The calls to subroutines must be made in the above | ||
55 | order but multiple calls can be made without repeating earlier calls | ||
56 | if their parameters have not changed. If the cipher block length is | ||
57 | variable but set_blk has not been called before cipher operations a | ||
58 | value of 16 is assumed (that is, the AES block size). In contrast to | ||
59 | earlier versions the block and key length parameters are now checked | ||
60 | for correctness and the encryption and decryption routines check to | ||
61 | ensure that an appropriate key has been set before they are called. | ||
62 | |||
63 | */ | ||
64 | |||
65 | #ifndef _AES_H | ||
66 | #define _AES_H | ||
67 | |||
68 | /* The only supported block size for the benchmark is 16 */ | ||
69 | #define BLOCK_SIZE 16 | ||
70 | |||
71 | /* | ||
72 | The number of key schedule words for different block and key lengths | ||
73 | (allowing for the method of computation which requires the length to | ||
74 | be a multiple of the key length): | ||
75 | |||
76 | Key Schedule key length (bytes) | ||
77 | Length 16 20 24 28 32 | ||
78 | --------------------- | ||
79 | block 16 | 44 60 54 56 64 | ||
80 | length 20 | 60 60 66 70 80 | ||
81 | (bytes) 24 | 80 80 78 84 96 | ||
82 | 28 | 100 100 102 98 112 | ||
83 | 32 | 120 120 120 126 120 | ||
84 | |||
85 | Rcon Table key length (bytes) | ||
86 | Length 16 20 24 28 32 | ||
87 | --------------------- | ||
88 | block 16 | 10 9 8 7 7 | ||
89 | length 20 | 14 11 10 9 9 | ||
90 | (bytes) 24 | 19 15 12 11 11 | ||
91 | 28 | 24 19 16 13 13 | ||
92 | 32 | 29 23 19 17 14 | ||
93 | |||
94 | The following values assume that the key length will be variable and may | ||
95 | be of maximum length (32 bytes). | ||
96 | |||
97 | Nk = number_of_key_bytes / 4 | ||
98 | Nc = number_of_columns_in_state / 4 | ||
99 | Nr = number of encryption/decryption rounds | ||
100 | Rc = number of elements in rcon table | ||
101 | Ks = number of 32-bit words in key schedule | ||
102 | */ | ||
103 | |||
104 | #define Nr(Nk,Nc) ((Nk > Nc ? Nk : Nc) + 6) | ||
105 | #define Rc(Nk,Nc) ((Nb * (Nr(Nk,Nc) + 1) - 1) / Nk) | ||
106 | #define Ks(Nk,Nc) (Nk * (Rc(Nk,Nc) + 1)) | ||
107 | |||
108 | #define RC_LENGTH 5 * BLOCK_SIZE / 4 - (BLOCK_SIZE == 16 ? 10 : 11) | ||
109 | #define KS_LENGTH 4 * BLOCK_SIZE | ||
110 | |||
111 | /* End of configuration options, but see also aes.c */ | ||
112 | |||
113 | typedef unsigned char byte; /* must be an 8-bit storage unit */ | ||
114 | typedef unsigned long word; /* must be a 32-bit storage unit */ | ||
115 | typedef short aes_ret; /* function return value */ | ||
116 | |||
117 | #define aes_bad 0 | ||
118 | #define aes_good 1 | ||
119 | |||
120 | /* | ||
121 | upr(x,n): rotates bytes within words by n positions, moving bytes | ||
122 | to higher index positions with wrap around into low positions | ||
123 | ups(x,n): moves bytes by n positions to higher index positions in | ||
124 | words but without wrap around | ||
125 | bval(x,n): extracts a byte from a word | ||
126 | */ | ||
127 | |||
128 | #define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n)))) | ||
129 | #define ups(x,n) ((x) << 8 * (n)) | ||
130 | #define bval(x,n) ((byte)((x) >> 8 * (n))) | ||
131 | #define byte_swap(x) (upr(x,1) & 0x00ff00ff | upr(x,3) & 0xff00ff00) | ||
132 | #define bytes2word(b0, b1, b2, b3) ((word)(b3) << 24 | (word)(b2) << 16 | \ | ||
133 | (word)(b1) << 8 | (b0)) | ||
134 | |||
135 | #define word_in(x) *(word*)(x) | ||
136 | #define word_out(x,v) *(word*)(x) = (v) | ||
137 | |||
138 | enum aes_const { Nrow = 4, /* the number of rows in the cipher state */ | ||
139 | Mcol = 8, /* maximum number of columns in the state */ | ||
140 | Ncol = BLOCK_SIZE / 4, | ||
141 | Shr0 = 0, /* the cyclic shift values for rows 0, 1, 2 & 3 */ | ||
142 | Shr1 = 1, | ||
143 | Shr2 = BLOCK_SIZE == 32 ? 3 : 2, | ||
144 | Shr3 = BLOCK_SIZE == 32 ? 4 : 3 | ||
145 | }; | ||
146 | |||
147 | enum aes_key { enc = 1, /* set if encryption is needed */ | ||
148 | dec = 2, /* set if decryption is needed */ | ||
149 | both = 3 /* set if both are needed */ | ||
150 | }; | ||
151 | |||
152 | struct aes { | ||
153 | word Nkey; /* the number of words in the key input block */ | ||
154 | word Nrnd; /* the number of cipher rounds */ | ||
155 | word e_key[KS_LENGTH]; /* the encryption key schedule */ | ||
156 | word d_key[KS_LENGTH]; /* the decryption key schedule */ | ||
157 | byte mode; /* encrypt, decrypt or both */ | ||
158 | }; | ||
159 | |||
160 | aes_ret rijndael_dec_set_key( byte key[], const word n_bytes, | ||
161 | const enum aes_key f, struct aes *cx ); | ||
162 | aes_ret rijndael_dec_decrypt( const byte in_blk[], byte out_blk[], | ||
163 | const struct aes *cx ); | ||
164 | |||
165 | #endif | ||