Main Page | Alphabetical List | Data Structures | File List | Data Fields | Globals

aesopt.h

Go to the documentation of this file.
00001 /*
00002  ---------------------------------------------------------------------------
00003  Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
00004  All rights reserved.
00005 
00006  LICENSE TERMS
00007 
00008  The free distribution and use of this software in both source and binary
00009  form is allowed (with or without changes) provided that:
00010 
00011    1. distributions of this source code include the above copyright
00012       notice, this list of conditions and the following disclaimer;
00013 
00014    2. distributions in binary form include the above copyright
00015       notice, this list of conditions and the following disclaimer
00016       in the documentation and/or other associated materials;
00017 
00018    3. the copyright holder's name is not used to endorse products
00019       built using this software without specific written permission.
00020 
00021  ALTERNATIVELY, provided that this notice is retained in full, this product
00022  may be distributed under the terms of the GNU General Public License (GPL),
00023  in which case the provisions of the GPL apply INSTEAD OF those given above.
00024 
00025  DISCLAIMER
00026 
00027  This software is provided 'as is' with no explicit or implied warranties
00028  in respect of its properties, including, but not limited to, correctness
00029  and/or fitness for purpose.
00030  ---------------------------------------------------------------------------
00031  Issue Date: 26/08/2003
00032 
00033  My thanks go to Dag Arne Osvik for devising the schemes used here for key
00034  length derivation from the form of the key schedule
00035 
00036  This file contains the compilation options for AES (Rijndael) and code
00037  that is common across encryption, key scheduling and table generation.
00038 
00039     OPERATION
00040 
00041     These source code files implement the AES algorithm Rijndael designed by
00042     Joan Daemen and Vincent Rijmen. This version is designed for the standard
00043     block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
00044     and 32 bytes).
00045 
00046     This version is designed for flexibility and speed using operations on
00047     32-bit words rather than operations on bytes.  It can be compiled with
00048     either big or little endian internal byte order but is faster when the
00049     native byte order for the processor is used.
00050 
00051     THE CIPHER INTERFACE
00052 
00053     The cipher interface is implemented as an array of bytes in which lower
00054     AES bit sequence indexes map to higher numeric significance within bytes.
00055 
00056     aes_08t                 (an unsigned  8-bit type)
00057     aes_32t                 (an unsigned 32-bit type)
00058     struct aes_encrypt_ctx  (structure for the cipher encryption context)
00059     struct aes_decrypt_ctx  (structure for the cipher decryption context)
00060     aes_rval                the function return type
00061 
00062     C subroutine calls:
00063 
00064       aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
00065       aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
00066       aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
00067       aes_rval aes_encrypt(const void *in_blk,
00068                                  void *out_blk, const aes_encrypt_ctx cx[1]);
00069 
00070       aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
00071       aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
00072       aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
00073       aes_rval aes_decrypt(const void *in_blk,
00074                                  void *out_blk, const aes_decrypt_ctx cx[1]);
00075 
00076     IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
00077     you call genTabs() before AES is used so that the tables are initialised.
00078 
00079     C++ aes class subroutines:
00080 
00081         Class AESencrypt  for encryption
00082 
00083         Construtors:
00084             AESencrypt(void)
00085             AESencrypt(const void *in_key) - 128 bit key
00086         Members:
00087             void key128(const void *in_key)
00088             void key192(const void *in_key)
00089             void key256(const void *in_key)
00090             void encrypt(const void *in_blk, void *out_blk) const
00091 
00092         Class AESdecrypt  for encryption
00093         Construtors:
00094             AESdecrypt(void)
00095             AESdecrypt(const void *in_key) - 128 bit key
00096         Members:
00097             void key128(const void *in_key)
00098             void key192(const void *in_key)
00099             void key256(const void *in_key)
00100             void decrypt(const void *in_blk, void *out_blk) const
00101 
00102     COMPILATION
00103 
00104     The files used to provide AES (Rijndael) are
00105 
00106     a. aes.h for the definitions needed for use in C.
00107     b. aescpp.h for the definitions needed for use in C++.
00108     c. aesopt.h for setting compilation options (also includes common code).
00109     d. aescrypt.c for encryption and decrytpion, or
00110     e. aeskey.c for key scheduling.
00111     f. aestab.c for table loading or generation.
00112     g. aescrypt.asm for encryption and decryption using assembler code.
00113     h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.
00114 
00115     To compile AES (Rijndael) for use in C code use aes.h and set the
00116     defines here for the facilities you need (key lengths, encryption
00117     and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
00118     for optimisations and table sizes here.
00119 
00120     To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
00121     not define AES_DLL
00122 
00123     To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
00124     aes.h and include the AES_DLL define.
00125 
00126     CONFIGURATION OPTIONS (here and in aes.h)
00127 
00128     a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
00129     b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
00130     c. If you want the code to run in a specific internal byte order, then
00131        ALGORITHM_BYTE_ORDER must be set accordingly.
00132     d. set other configuration options decribed below.
00133 */
00134 
00135 #ifndef _AESOPT_H
00136 #define _AESOPT_H
00137 
00138 #include <asterisk/aes.h>
00139 
00140 /*  CONFIGURATION - USE OF DEFINES
00141 
00142     Later in this section there are a number of defines that control the
00143     operation of the code.  In each section, the purpose of each define is
00144     explained so that the relevant form can be included or excluded by
00145     setting either 1's or 0's respectively on the branches of the related
00146     #if clauses.
00147 */
00148 
00149 /*  PLATFORM SPECIFIC INCLUDES */
00150 
00151 #if defined( __FreeBSD__ ) || defined( __OpenBSD__ )
00152 #  include <sys/endian.h>
00153 #elif defined( BSD ) && ( BSD >= 199103 )
00154 #  include <machine/endian.h>
00155 #elif defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
00156 #  include <endian.h>
00157 #  include <byteswap.h>
00158 #elif defined( linux )
00159 #  include <endian.h>
00160 #endif
00161 
00162 /*  BYTE ORDER IN 32-BIT WORDS
00163 
00164     To obtain the highest speed on processors with 32-bit words, this code
00165     needs to determine the byte order of the target machine. The following 
00166     block of code is an attempt to capture the most obvious ways in which 
00167     various environemnts define byte order. It may well fail, in which case 
00168     the definitions will need to be set by editing at the points marked 
00169     **** EDIT HERE IF NECESSARY **** below.  My thanks to Peter Gutmann for 
00170     some of these defines (from cryptlib).
00171 */
00172 
00173 #define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
00174 #define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
00175 
00176 #if defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       ||   \
00177     defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    ||   \
00178     defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) ||   \
00179     defined( vax )       || defined( vms )     || defined( VMS )        ||   \
00180     defined( __VMS ) 
00181 
00182 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00183 
00184 #endif
00185 
00186 #if defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  ||   \
00187     defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   ||   \
00188     defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       ||   \
00189     defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) ||   \
00190     defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) ||   \
00191     defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
00192     
00193 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00194 
00195 #endif
00196 
00197 /*  if the platform is still not known, try to find its byte order  */
00198 /*  from commonly used definitions in the headers included earlier  */
00199 
00200 #if !defined(PLATFORM_BYTE_ORDER)
00201 
00202 #if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
00203 #  if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
00204 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00205 #  elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
00206 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00207 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
00208 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00209 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
00210 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00211 #  endif
00212 
00213 #elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
00214 #  if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
00215 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00216 #  elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
00217 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00218 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
00219 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00220 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
00221 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00222 #  endif
00223 
00224 #elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
00225 #  if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
00226 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00227 #  elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
00228 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00229 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
00230 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00231 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
00232 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00233 #  endif
00234 
00235 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00236 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00237 
00238 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00239 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00240 
00241 #else
00242 #error Please edit aesopt.h (line 235 or 238) to set the platform byte order
00243 #endif
00244 
00245 #endif
00246 
00247 /*  SOME LOCAL DEFINITIONS  */
00248 
00249 #define NO_TABLES              0
00250 #define ONE_TABLE              1
00251 #define FOUR_TABLES            4
00252 #define NONE                   0
00253 #define PARTIAL                1
00254 #define FULL                   2
00255 
00256 #if defined(bswap32)
00257 #define aes_sw32    bswap32
00258 #elif defined(bswap_32)
00259 #define aes_sw32    bswap_32
00260 #else 
00261 #define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
00262 #define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
00263 #endif
00264 
00265 /*  1. FUNCTIONS REQUIRED
00266 
00267     This implementation provides subroutines for encryption, decryption
00268     and for setting the three key lengths (separately) for encryption
00269     and decryption. When the assembler code is not being used the following
00270     definition blocks allow the selection of the routines that are to be
00271     included in the compilation.
00272 */
00273 #ifdef AES_ENCRYPT
00274 #define ENCRYPTION
00275 #define ENCRYPTION_KEY_SCHEDULE
00276 #endif
00277 
00278 #ifdef AES_DECRYPT
00279 #define DECRYPTION
00280 #define DECRYPTION_KEY_SCHEDULE
00281 #endif
00282 
00283 /*  2. ASSEMBLER SUPPORT
00284 
00285     This define (which can be on the command line) enables the use of the
00286     assembler code routines for encryption and decryption with the C code
00287     only providing key scheduling
00288 */
00289 #if 0
00290 #define AES_ASM
00291 #endif
00292 
00293 /*  3. BYTE ORDER WITHIN 32 BIT WORDS
00294 
00295     The fundamental data processing units in Rijndael are 8-bit bytes. The
00296     input, output and key input are all enumerated arrays of bytes in which
00297     bytes are numbered starting at zero and increasing to one less than the
00298     number of bytes in the array in question. This enumeration is only used
00299     for naming bytes and does not imply any adjacency or order relationship
00300     from one byte to another. When these inputs and outputs are considered
00301     as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
00302     byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
00303     In this implementation bits are numbered from 0 to 7 starting at the
00304     numerically least significant end of each byte (bit n represents 2^n).
00305 
00306     However, Rijndael can be implemented more efficiently using 32-bit
00307     words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
00308     into word[n]. While in principle these bytes can be assembled into words
00309     in any positions, this implementation only supports the two formats in
00310     which bytes in adjacent positions within words also have adjacent byte
00311     numbers. This order is called big-endian if the lowest numbered bytes
00312     in words have the highest numeric significance and little-endian if the
00313     opposite applies.
00314 
00315     This code can work in either order irrespective of the order used by the
00316     machine on which it runs. Normally the internal byte order will be set
00317     to the order of the processor on which the code is to be run but this
00318     define can be used to reverse this in special situations
00319 
00320     NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
00321 */
00322 #if 1 || defined(AES_ASM)
00323 #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
00324 #elif 0
00325 #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
00326 #elif 0
00327 #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
00328 #else
00329 #error The algorithm byte order is not defined
00330 #endif
00331 
00332 /*  4. FAST INPUT/OUTPUT OPERATIONS.
00333 
00334     On some machines it is possible to improve speed by transferring the
00335     bytes in the input and output arrays to and from the internal 32-bit
00336     variables by addressing these arrays as if they are arrays of 32-bit
00337     words.  On some machines this will always be possible but there may
00338     be a large performance penalty if the byte arrays are not aligned on
00339     the normal word boundaries. On other machines this technique will
00340     lead to memory access errors when such 32-bit word accesses are not
00341     properly aligned. The option SAFE_IO avoids such problems but will
00342     often be slower on those machines that support misaligned access
00343     (especially so if care is taken to align the input  and output byte
00344     arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
00345     assumed that access to byte arrays as if they are arrays of 32-bit
00346     words will not cause problems when such accesses are misaligned.
00347 */
00348 #if 1 && !defined(_MSC_VER)
00349 #define SAFE_IO
00350 #endif
00351 
00352 /*  5. LOOP UNROLLING
00353 
00354     The code for encryption and decrytpion cycles through a number of rounds
00355     that can be implemented either in a loop or by expanding the code into a
00356     long sequence of instructions, the latter producing a larger program but
00357     one that will often be much faster. The latter is called loop unrolling.
00358     There are also potential speed advantages in expanding two iterations in
00359     a loop with half the number of iterations, which is called partial loop
00360     unrolling.  The following options allow partial or full loop unrolling
00361     to be set independently for encryption and decryption
00362 */
00363 #if 1
00364 #define ENC_UNROLL  FULL
00365 #elif 0
00366 #define ENC_UNROLL  PARTIAL
00367 #else
00368 #define ENC_UNROLL  NONE
00369 #endif
00370 
00371 #if 1
00372 #define DEC_UNROLL  FULL
00373 #elif 0
00374 #define DEC_UNROLL  PARTIAL
00375 #else
00376 #define DEC_UNROLL  NONE
00377 #endif
00378 
00379 /*  6. FAST FINITE FIELD OPERATIONS
00380 
00381     If this section is included, tables are used to provide faster finite
00382     field arithmetic (this has no effect if FIXED_TABLES is defined).
00383 */
00384 #if 1
00385 #define FF_TABLES
00386 #endif
00387 
00388 /*  7. INTERNAL STATE VARIABLE FORMAT
00389 
00390     The internal state of Rijndael is stored in a number of local 32-bit
00391     word varaibles which can be defined either as an array or as individual
00392     names variables. Include this section if you want to store these local
00393     varaibles in arrays. Otherwise individual local variables will be used.
00394 */
00395 #if 1
00396 #define ARRAYS
00397 #endif
00398 
00399 /* In this implementation the columns of the state array are each held in
00400    32-bit words. The state array can be held in various ways: in an array
00401    of words, in a number of individual word variables or in a number of
00402    processor registers. The following define maps a variable name x and
00403    a column number c to the way the state array variable is to be held.
00404    The first define below maps the state into an array x[c] whereas the
00405    second form maps the state into a number of individual variables x0,
00406    x1, etc.  Another form could map individual state colums to machine
00407    register names.
00408 */
00409 
00410 #if defined(ARRAYS)
00411 #define s(x,c) x[c]
00412 #else
00413 #define s(x,c) x##c
00414 #endif
00415 
00416 /*  8. FIXED OR DYNAMIC TABLES
00417 
00418     When this section is included the tables used by the code are compiled
00419     statically into the binary file.  Otherwise the subroutine gen_tabs()
00420     must be called to compute them before the code is first used.
00421 */
00422 #if 1
00423 #define FIXED_TABLES
00424 #endif
00425 
00426 /*  9. TABLE ALIGNMENT
00427 
00428     On some sytsems speed will be improved by aligning the AES large lookup
00429     tables on particular boundaries. This define should be set to a power of
00430     two giving the desired alignment. It can be left undefined if alignment 
00431     is not needed.  This option is specific to the Microsft VC++ compiler -
00432     it seems to sometimes cause trouble for the VC++ version 6 compiler.
00433 */
00434 
00435 #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
00436 #define TABLE_ALIGN 64
00437 #endif
00438 
00439 /*  10. INTERNAL TABLE CONFIGURATION
00440 
00441     This cipher proceeds by repeating in a number of cycles known as 'rounds'
00442     which are implemented by a round function which can optionally be speeded
00443     up using tables.  The basic tables are each 256 32-bit words, with either
00444     one or four tables being required for each round function depending on
00445     how much speed is required. The encryption and decryption round functions
00446     are different and the last encryption and decrytpion round functions are
00447     different again making four different round functions in all.
00448 
00449     This means that:
00450       1. Normal encryption and decryption rounds can each use either 0, 1
00451          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00452       2. The last encryption and decryption rounds can also use either 0, 1
00453          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00454 
00455     Include or exclude the appropriate definitions below to set the number
00456     of tables used by this implementation.
00457 */
00458 
00459 #if 1   /* set tables for the normal encryption round */
00460 #define ENC_ROUND   FOUR_TABLES
00461 #elif 0
00462 #define ENC_ROUND   ONE_TABLE
00463 #else
00464 #define ENC_ROUND   NO_TABLES
00465 #endif
00466 
00467 #if 1   /* set tables for the last encryption round */
00468 #define LAST_ENC_ROUND  FOUR_TABLES
00469 #elif 0
00470 #define LAST_ENC_ROUND  ONE_TABLE
00471 #else
00472 #define LAST_ENC_ROUND  NO_TABLES
00473 #endif
00474 
00475 #if 1   /* set tables for the normal decryption round */
00476 #define DEC_ROUND   FOUR_TABLES
00477 #elif 0
00478 #define DEC_ROUND   ONE_TABLE
00479 #else
00480 #define DEC_ROUND   NO_TABLES
00481 #endif
00482 
00483 #if 1   /* set tables for the last decryption round */
00484 #define LAST_DEC_ROUND  FOUR_TABLES
00485 #elif 0
00486 #define LAST_DEC_ROUND  ONE_TABLE
00487 #else
00488 #define LAST_DEC_ROUND  NO_TABLES
00489 #endif
00490 
00491 /*  The decryption key schedule can be speeded up with tables in the same
00492     way that the round functions can.  Include or exclude the following
00493     defines to set this requirement.
00494 */
00495 #if 1
00496 #define KEY_SCHED   FOUR_TABLES
00497 #elif 0
00498 #define KEY_SCHED   ONE_TABLE
00499 #else
00500 #define KEY_SCHED   NO_TABLES
00501 #endif
00502 
00503 /* END OF CONFIGURATION OPTIONS */
00504 
00505 #define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))
00506 
00507 /* Disable or report errors on some combinations of options */
00508 
00509 #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
00510 #undef  LAST_ENC_ROUND
00511 #define LAST_ENC_ROUND  NO_TABLES
00512 #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
00513 #undef  LAST_ENC_ROUND
00514 #define LAST_ENC_ROUND  ONE_TABLE
00515 #endif
00516 
00517 #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
00518 #undef  ENC_UNROLL
00519 #define ENC_UNROLL  NONE
00520 #endif
00521 
00522 #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
00523 #undef  LAST_DEC_ROUND
00524 #define LAST_DEC_ROUND  NO_TABLES
00525 #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
00526 #undef  LAST_DEC_ROUND
00527 #define LAST_DEC_ROUND  ONE_TABLE
00528 #endif
00529 
00530 #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
00531 #undef  DEC_UNROLL
00532 #define DEC_UNROLL  NONE
00533 #endif
00534 
00535 /*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
00536                higher index positions with wrap around into low positions
00537     ups(x,n):  moves bytes by n positions to higher index positions in
00538                words but without wrap around
00539     bval(x,n): extracts a byte from a word
00540 
00541     NOTE:      The definitions given here are intended only for use with
00542                unsigned variables and with shift counts that are compile
00543                time constants
00544 */
00545 
00546 #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
00547 #define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
00548 #define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
00549 #define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
00550 #define bytes2word(b0, b1, b2, b3)  \
00551         (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
00552 #endif
00553 
00554 #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
00555 #define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
00556 #define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
00557 #define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
00558 #define bytes2word(b0, b1, b2, b3)  \
00559         (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
00560 #endif
00561 
00562 #if defined(SAFE_IO)
00563 
00564 #define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
00565                                    ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
00566 #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
00567                           ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }
00568 
00569 #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)
00570 
00571 #define word_in(x,c)    (*((aes_32t*)(x)+(c)))
00572 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))
00573 
00574 #else
00575 
00576 #define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
00577 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))
00578 
00579 #endif
00580 
00581 /* the finite field modular polynomial and elements */
00582 
00583 #define WPOLY   0x011b
00584 #define BPOLY     0x1b
00585 
00586 /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
00587 
00588 #define m1  0x80808080
00589 #define m2  0x7f7f7f7f
00590 #define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
00591 
00592 /* The following defines provide alternative definitions of gf_mulx that might
00593    give improved performance if a fast 32-bit multiply is not available. Note
00594    that a temporary variable u needs to be defined where gf_mulx is used.
00595 
00596 #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
00597 #define m4  (0x01010101 * BPOLY)
00598 #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
00599 */
00600 
00601 /* Work out which tables are needed for the different options   */
00602 
00603 #ifdef  AES_ASM
00604 #ifdef  ENC_ROUND
00605 #undef  ENC_ROUND
00606 #endif
00607 #define ENC_ROUND   FOUR_TABLES
00608 #ifdef  LAST_ENC_ROUND
00609 #undef  LAST_ENC_ROUND
00610 #endif
00611 #define LAST_ENC_ROUND  FOUR_TABLES
00612 #ifdef  DEC_ROUND
00613 #undef  DEC_ROUND
00614 #endif
00615 #define DEC_ROUND   FOUR_TABLES
00616 #ifdef  LAST_DEC_ROUND
00617 #undef  LAST_DEC_ROUND
00618 #endif
00619 #define LAST_DEC_ROUND  FOUR_TABLES
00620 #ifdef  KEY_SCHED
00621 #undef  KEY_SCHED
00622 #define KEY_SCHED   FOUR_TABLES
00623 #endif
00624 #endif
00625 
00626 #if defined(ENCRYPTION) || defined(AES_ASM)
00627 #if ENC_ROUND == ONE_TABLE
00628 #define FT1_SET
00629 #elif ENC_ROUND == FOUR_TABLES
00630 #define FT4_SET
00631 #else
00632 #define SBX_SET
00633 #endif
00634 #if LAST_ENC_ROUND == ONE_TABLE
00635 #define FL1_SET
00636 #elif LAST_ENC_ROUND == FOUR_TABLES
00637 #define FL4_SET
00638 #elif !defined(SBX_SET)
00639 #define SBX_SET
00640 #endif
00641 #endif
00642 
00643 #if defined(DECRYPTION) || defined(AES_ASM)
00644 #if DEC_ROUND == ONE_TABLE
00645 #define IT1_SET
00646 #elif DEC_ROUND == FOUR_TABLES
00647 #define IT4_SET
00648 #else
00649 #define ISB_SET
00650 #endif
00651 #if LAST_DEC_ROUND == ONE_TABLE
00652 #define IL1_SET
00653 #elif LAST_DEC_ROUND == FOUR_TABLES
00654 #define IL4_SET
00655 #elif !defined(ISB_SET)
00656 #define ISB_SET
00657 #endif
00658 #endif
00659 
00660 #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
00661 #if KEY_SCHED == ONE_TABLE
00662 #define LS1_SET
00663 #define IM1_SET
00664 #elif KEY_SCHED == FOUR_TABLES
00665 #define LS4_SET
00666 #define IM4_SET
00667 #elif !defined(SBX_SET)
00668 #define SBX_SET
00669 #endif
00670 #endif
00671 
00672 /* generic definitions of Rijndael macros that use tables    */
00673 
00674 #define no_table(x,box,vf,rf,c) bytes2word( \
00675     box[bval(vf(x,0,c),rf(0,c))], \
00676     box[bval(vf(x,1,c),rf(1,c))], \
00677     box[bval(vf(x,2,c),rf(2,c))], \
00678     box[bval(vf(x,3,c),rf(3,c))])
00679 
00680 #define one_table(x,op,tab,vf,rf,c) \
00681  (     tab[bval(vf(x,0,c),rf(0,c))] \
00682   ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
00683   ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
00684   ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
00685 
00686 #define four_tables(x,tab,vf,rf,c) \
00687  (  tab[0][bval(vf(x,0,c),rf(0,c))] \
00688   ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
00689   ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
00690   ^ tab[3][bval(vf(x,3,c),rf(3,c))])
00691 
00692 #define vf1(x,r,c)  (x)
00693 #define rf1(r,c)    (r)
00694 #define rf2(r,c)    ((8+r-c)&3)
00695 
00696 /* perform forward and inverse column mix operation on four bytes in long word x in */
00697 /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */
00698 
00699 #if defined(FM4_SET)    /* not currently used */
00700 #define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
00701 #elif defined(FM1_SET)  /* not currently used */
00702 #define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
00703 #else
00704 #define dec_fmvars      aes_32t g2
00705 #define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
00706 #endif
00707 
00708 #if defined(IM4_SET)
00709 #define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
00710 #elif defined(IM1_SET)
00711 #define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
00712 #else
00713 #define dec_imvars      aes_32t g2, g4, g9
00714 #define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
00715                         (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
00716 #endif
00717 
00718 #if defined(FL4_SET)
00719 #define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
00720 #elif   defined(LS4_SET)
00721 #define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
00722 #elif defined(FL1_SET)
00723 #define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
00724 #elif defined(LS1_SET)
00725 #define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
00726 #else
00727 #define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
00728 #endif
00729 
00730 #if defined(__cplusplus)
00731 extern "C"
00732 {
00733 #endif
00734 
00735 /*  If there are no global variables, the definitions here can be
00736     used to put the AES tables in a structure so that a pointer 
00737     can then be added to the AES context to pass them to the AES
00738     routines that need them.  If this facility is used, the calling 
00739     program has to ensure that this pointer is managed appropriately. 
00740     In particular, the value of the t_dec(in,it) item in the table 
00741     structure must be set to zero in order to ensure that the tables 
00742     are initialised. In practice the three code sequences in aeskey.c 
00743     that control the calls to gen_tabs() and the gen_tabs() routine 
00744     itself will have to be changed for a specific implementation. If 
00745     global variables are available it will generally be preferable to 
00746     use them with the precomputed FIXED_TABLES option that uses static 
00747     global tables.
00748 
00749     The following defines can be used to control the way the tables
00750     are defined, initialised and used in embedded environments that
00751     require special features for these purposes
00752 
00753     the 't_dec' construction is used to declare fixed table arrays
00754     the 't_set' construction is used to set fixed table values
00755     the 't_use' construction is used to access fixed table values
00756 
00757     256 byte tables:
00758 
00759         t_xxx(s,box)    => forward S box
00760         t_xxx(i,box)    => inverse S box
00761 
00762     256 32-bit word OR 4 x 256 32-bit word tables:
00763 
00764         t_xxx(f,n)      => forward normal round
00765         t_xxx(f,l)      => forward last round
00766         t_xxx(i,n)      => inverse normal round
00767         t_xxx(i,l)      => inverse last round
00768         t_xxx(l,s)      => key schedule table
00769         t_xxx(i,m)      => key schedule table
00770 
00771     Other variables and tables:
00772 
00773         t_xxx(r,c)      => the rcon table
00774 */
00775 
00776 #define t_dec(m,n) t_##m##n
00777 #define t_set(m,n) t_##m##n
00778 #define t_use(m,n) t_##m##n
00779 
00780 #if defined(DO_TABLES)  /* declare and instantiate tables   */
00781 
00782 /*  finite field arithmetic operations for table generation */
00783 
00784 #if defined(FIXED_TABLES) || !defined(FF_TABLES)
00785 
00786 #define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
00787 #define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
00788 #define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
00789                         ^ (((x>>5) & 4) * WPOLY))
00790 #define f3(x)   (f2(x) ^ x)
00791 #define f9(x)   (f8(x) ^ x)
00792 #define fb(x)   (f8(x) ^ f2(x) ^ x)
00793 #define fd(x)   (f8(x) ^ f4(x) ^ x)
00794 #define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
00795 
00796 #else
00797 
00798 #define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
00799 #define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
00800 #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
00801 #define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
00802 #define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
00803 #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
00804 #define fi(x) ((x) ? pow[ 255 - log[x]] : 0)
00805 
00806 #endif
00807 
00808 #if defined(FIXED_TABLES)   /* declare and set values for static tables */
00809 
00810 #define sb_data(w) \
00811     w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
00812     w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
00813     w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
00814     w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
00815     w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
00816     w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
00817     w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
00818     w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
00819     w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
00820     w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
00821     w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
00822     w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
00823     w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
00824     w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
00825     w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
00826     w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
00827     w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
00828     w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
00829     w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
00830     w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
00831     w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
00832     w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
00833     w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
00834     w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
00835     w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
00836     w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
00837     w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
00838     w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
00839     w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
00840     w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
00841     w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
00842     w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16)
00843 
00844 #define isb_data(w) \
00845     w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
00846     w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
00847     w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
00848     w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
00849     w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
00850     w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
00851     w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
00852     w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
00853     w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
00854     w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
00855     w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
00856     w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
00857     w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
00858     w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
00859     w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
00860     w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
00861     w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
00862     w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
00863     w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
00864     w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
00865     w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
00866     w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
00867     w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
00868     w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
00869     w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
00870     w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
00871     w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
00872     w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
00873     w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
00874     w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
00875     w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
00876     w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d),
00877 
00878 #define mm_data(w) \
00879     w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
00880     w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
00881     w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
00882     w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
00883     w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
00884     w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
00885     w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
00886     w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
00887     w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
00888     w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
00889     w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
00890     w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
00891     w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
00892     w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
00893     w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
00894     w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
00895     w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
00896     w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
00897     w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
00898     w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
00899     w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
00900     w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
00901     w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
00902     w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
00903     w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
00904     w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
00905     w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
00906     w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
00907     w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
00908     w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
00909     w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
00910     w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff)
00911 
00912 #define h0(x)   (x)
00913 
00914 /*  These defines are used to ensure tables are generated in the
00915     right format depending on the internal byte order required
00916 */
00917 
00918 #define w0(p)   bytes2word(p, 0, 0, 0)
00919 #define w1(p)   bytes2word(0, p, 0, 0)
00920 #define w2(p)   bytes2word(0, 0, p, 0)
00921 #define w3(p)   bytes2word(0, 0, 0, p)
00922 
00923 #define u0(p)   bytes2word(f2(p), p, p, f3(p))
00924 #define u1(p)   bytes2word(f3(p), f2(p), p, p)
00925 #define u2(p)   bytes2word(p, f3(p), f2(p), p)
00926 #define u3(p)   bytes2word(p, p, f3(p), f2(p))
00927 
00928 #define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
00929 #define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
00930 #define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
00931 #define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))
00932 
00933 const aes_32t t_dec(r,c)[RC_LENGTH] =
00934 {
00935     w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10),
00936     w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36)
00937 };
00938 
00939 #define d_1(t,n,b,v) const t n[256]    =   { b(v##0) }
00940 #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } }
00941 
00942 #else   /* declare and instantiate tables for dynamic value generation in in tab.c  */
00943 
00944 aes_32t t_dec(r,c)[RC_LENGTH];
00945 
00946 #define d_1(t,n,b,v) t  n[256]
00947 #define d_4(t,n,b,v) t  n[4][256]
00948 
00949 #endif
00950 
00951 #else   /* declare tables without instantiation */
00952 
00953 #if defined(FIXED_TABLES)
00954 
00955 extern const aes_32t t_dec(r,c)[RC_LENGTH];
00956 
00957 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00958 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[256]
00959 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[4][256]
00960 #else
00961 #define d_1(t,n,b,v) extern const t  n[256]
00962 #define d_4(t,n,b,v) extern const t  n[4][256]
00963 #endif
00964 #else
00965 
00966 extern aes_32t t_dec(r,c)[RC_LENGTH];
00967 
00968 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00969 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[256]
00970 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[4][256]
00971 #else
00972 #define d_1(t,n,b,v) extern t  n[256]
00973 #define d_4(t,n,b,v) extern t  n[4][256]
00974 #endif
00975 #endif
00976 
00977 #endif
00978 
00979 #ifdef  SBX_SET
00980     d_1(aes_08t, t_dec(s,box), sb_data, h);
00981 #endif
00982 #ifdef  ISB_SET
00983     d_1(aes_08t, t_dec(i,box), isb_data, h);
00984 #endif
00985 
00986 #ifdef  FT1_SET
00987     d_1(aes_32t, t_dec(f,n), sb_data, u);
00988 #endif
00989 #ifdef  FT4_SET
00990     d_4(aes_32t, t_dec(f,n), sb_data, u);
00991 #endif
00992 
00993 #ifdef  FL1_SET
00994     d_1(aes_32t, t_dec(f,l), sb_data, w);
00995 #endif
00996 #ifdef  FL4_SET
00997     d_4(aes_32t, t_dec(f,l), sb_data, w);
00998 #endif
00999 
01000 #ifdef  IT1_SET
01001     d_1(aes_32t, t_dec(i,n), isb_data, v);
01002 #endif
01003 #ifdef  IT4_SET
01004     d_4(aes_32t, t_dec(i,n), isb_data, v);
01005 #endif
01006 
01007 #ifdef  IL1_SET
01008     d_1(aes_32t, t_dec(i,l), isb_data, w);
01009 #endif
01010 #ifdef  IL4_SET
01011     d_4(aes_32t, t_dec(i,l), isb_data, w);
01012 #endif
01013 
01014 #ifdef  LS1_SET
01015 #ifdef  FL1_SET
01016 #undef  LS1_SET
01017 #else
01018     d_1(aes_32t, t_dec(l,s), sb_data, w);
01019 #endif
01020 #endif
01021 
01022 #ifdef  LS4_SET
01023 #ifdef  FL4_SET
01024 #undef  LS4_SET
01025 #else
01026     d_4(aes_32t, t_dec(l,s), sb_data, w);
01027 #endif
01028 #endif
01029 
01030 #ifdef  IM1_SET
01031     d_1(aes_32t, t_dec(i,m), mm_data, v);
01032 #endif
01033 #ifdef  IM4_SET
01034     d_4(aes_32t, t_dec(i,m), mm_data, v);
01035 #endif
01036 
01037 #if defined(__cplusplus)
01038 }
01039 #endif
01040 
01041 #endif

Generated on Fri Feb 27 12:19:40 2004 for Asterisk by doxygen 1.3.5