Main Page | Alphabetical List | Data Structures | File List | Data Fields | Globals

aesopt.h

Go to the documentation of this file.
00001 /*
00002  ---------------------------------------------------------------------------
00003  Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
00004  All rights reserved.
00005 
00006  LICENSE TERMS
00007 
00008  The free distribution and use of this software in both source and binary
00009  form is allowed (with or without changes) provided that:
00010 
00011    1. distributions of this source code include the above copyright
00012       notice, this list of conditions and the following disclaimer;
00013 
00014    2. distributions in binary form include the above copyright
00015       notice, this list of conditions and the following disclaimer
00016       in the documentation and/or other associated materials;
00017 
00018    3. the copyright holder's name is not used to endorse products
00019       built using this software without specific written permission.
00020 
00021  ALTERNATIVELY, provided that this notice is retained in full, this product
00022  may be distributed under the terms of the GNU General Public License (GPL),
00023  in which case the provisions of the GPL apply INSTEAD OF those given above.
00024 
00025  DISCLAIMER
00026 
00027  This software is provided 'as is' with no explicit or implied warranties
00028  in respect of its properties, including, but not limited to, correctness
00029  and/or fitness for purpose.
00030  ---------------------------------------------------------------------------
00031  Issue Date: 26/08/2003
00032 
00033  My thanks go to Dag Arne Osvik for devising the schemes used here for key
00034  length derivation from the form of the key schedule
00035 
00036  This file contains the compilation options for AES (Rijndael) and code
00037  that is common across encryption, key scheduling and table generation.
00038 
00039     OPERATION
00040 
00041     These source code files implement the AES algorithm Rijndael designed by
00042     Joan Daemen and Vincent Rijmen. This version is designed for the standard
00043     block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
00044     and 32 bytes).
00045 
00046     This version is designed for flexibility and speed using operations on
00047     32-bit words rather than operations on bytes.  It can be compiled with
00048     either big or little endian internal byte order but is faster when the
00049     native byte order for the processor is used.
00050 
00051     THE CIPHER INTERFACE
00052 
00053     The cipher interface is implemented as an array of bytes in which lower
00054     AES bit sequence indexes map to higher numeric significance within bytes.
00055 
00056     aes_08t                 (an unsigned  8-bit type)
00057     aes_32t                 (an unsigned 32-bit type)
00058     struct aes_encrypt_ctx  (structure for the cipher encryption context)
00059     struct aes_decrypt_ctx  (structure for the cipher decryption context)
00060     aes_rval                the function return type
00061 
00062     C subroutine calls:
00063 
00064       aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
00065       aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
00066       aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
00067       aes_rval aes_encrypt(const void *in_blk,
00068                                  void *out_blk, const aes_encrypt_ctx cx[1]);
00069 
00070       aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
00071       aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
00072       aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
00073       aes_rval aes_decrypt(const void *in_blk,
00074                                  void *out_blk, const aes_decrypt_ctx cx[1]);
00075 
00076     IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
00077     you call genTabs() before AES is used so that the tables are initialised.
00078 
00079     C++ aes class subroutines:
00080 
00081         Class AESencrypt  for encryption
00082 
00083         Construtors:
00084             AESencrypt(void)
00085             AESencrypt(const void *in_key) - 128 bit key
00086         Members:
00087             void key128(const void *in_key)
00088             void key192(const void *in_key)
00089             void key256(const void *in_key)
00090             void encrypt(const void *in_blk, void *out_blk) const
00091 
00092         Class AESdecrypt  for encryption
00093         Construtors:
00094             AESdecrypt(void)
00095             AESdecrypt(const void *in_key) - 128 bit key
00096         Members:
00097             void key128(const void *in_key)
00098             void key192(const void *in_key)
00099             void key256(const void *in_key)
00100             void decrypt(const void *in_blk, void *out_blk) const
00101 
00102     COMPILATION
00103 
00104     The files used to provide AES (Rijndael) are
00105 
00106     a. aes.h for the definitions needed for use in C.
00107     b. aescpp.h for the definitions needed for use in C++.
00108     c. aesopt.h for setting compilation options (also includes common code).
00109     d. aescrypt.c for encryption and decrytpion, or
00110     e. aeskey.c for key scheduling.
00111     f. aestab.c for table loading or generation.
00112     g. aescrypt.asm for encryption and decryption using assembler code.
00113     h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.
00114 
00115     To compile AES (Rijndael) for use in C code use aes.h and set the
00116     defines here for the facilities you need (key lengths, encryption
00117     and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
00118     for optimisations and table sizes here.
00119 
00120     To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
00121     not define AES_DLL
00122 
00123     To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
00124     aes.h and include the AES_DLL define.
00125 
00126     CONFIGURATION OPTIONS (here and in aes.h)
00127 
00128     a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
00129     b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
00130     c. If you want the code to run in a specific internal byte order, then
00131        ALGORITHM_BYTE_ORDER must be set accordingly.
00132     d. set other configuration options decribed below.
00133 */
00134 
00135 #ifndef _AESOPT_H
00136 #define _AESOPT_H
00137 
00138 #include <asterisk/aes.h>
00139 
00140 /*  CONFIGURATION - USE OF DEFINES
00141 
00142     Later in this section there are a number of defines that control the
00143     operation of the code.  In each section, the purpose of each define is
00144     explained so that the relevant form can be included or excluded by
00145     setting either 1's or 0's respectively on the branches of the related
00146     #if clauses.
00147 */
00148 
00149 /*  PLATFORM SPECIFIC INCLUDES */
00150 
00151 #if defined( __FreeBSD__ ) || defined( __OpenBSD__ )
00152 #  include <sys/types.h>
00153 #  include <sys/endian.h>
00154 #elif defined( BSD ) && ( BSD >= 199103 )
00155 #  include <machine/endian.h>
00156 #elif defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
00157 #  include <endian.h>
00158 #  include <byteswap.h>
00159 #elif defined( linux )
00160 #  include <endian.h>
00161 #endif
00162 
00163 /*  BYTE ORDER IN 32-BIT WORDS
00164 
00165     To obtain the highest speed on processors with 32-bit words, this code
00166     needs to determine the byte order of the target machine. The following 
00167     block of code is an attempt to capture the most obvious ways in which 
00168     various environemnts define byte order. It may well fail, in which case 
00169     the definitions will need to be set by editing at the points marked 
00170     **** EDIT HERE IF NECESSARY **** below.  My thanks to Peter Gutmann for 
00171     some of these defines (from cryptlib).
00172 */
00173 
00174 #define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
00175 #define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
00176 
00177 #if defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       ||   \
00178     defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    ||   \
00179     defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) ||   \
00180     defined( vax )       || defined( vms )     || defined( VMS )        ||   \
00181     defined( __VMS ) 
00182 
00183 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00184 
00185 #endif
00186 
00187 #if defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  ||   \
00188     defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   ||   \
00189     defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       ||   \
00190     defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) ||   \
00191     defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) ||   \
00192     defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
00193     
00194 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00195 
00196 #endif
00197 
00198 /*  if the platform is still not known, try to find its byte order  */
00199 /*  from commonly used definitions in the headers included earlier  */
00200 
00201 #if !defined(PLATFORM_BYTE_ORDER)
00202 
00203 #if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
00204 #  if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
00205 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00206 #  elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
00207 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00208 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
00209 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00210 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
00211 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00212 #  endif
00213 
00214 #elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
00215 #  if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
00216 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00217 #  elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
00218 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00219 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
00220 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00221 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
00222 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00223 #  endif
00224 
00225 #elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
00226 #  if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
00227 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00228 #  elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
00229 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00230 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
00231 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00232 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
00233 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00234 #  endif
00235 
00236 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00237 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00238 
00239 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00240 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00241 
00242 #else
00243 #error Please edit aesopt.h (line 235 or 238) to set the platform byte order
00244 #endif
00245 
00246 #endif
00247 
00248 /*  SOME LOCAL DEFINITIONS  */
00249 
00250 #define NO_TABLES              0
00251 #define ONE_TABLE              1
00252 #define FOUR_TABLES            4
00253 #define NONE                   0
00254 #define PARTIAL                1
00255 #define FULL                   2
00256 
00257 #if defined(bswap32)
00258 #define aes_sw32    bswap32
00259 #elif defined(bswap_32)
00260 #define aes_sw32    bswap_32
00261 #else 
00262 #define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
00263 #define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
00264 #endif
00265 
00266 /*  1. FUNCTIONS REQUIRED
00267 
00268     This implementation provides subroutines for encryption, decryption
00269     and for setting the three key lengths (separately) for encryption
00270     and decryption. When the assembler code is not being used the following
00271     definition blocks allow the selection of the routines that are to be
00272     included in the compilation.
00273 */
00274 #ifdef AES_ENCRYPT
00275 #define ENCRYPTION
00276 #define ENCRYPTION_KEY_SCHEDULE
00277 #endif
00278 
00279 #ifdef AES_DECRYPT
00280 #define DECRYPTION
00281 #define DECRYPTION_KEY_SCHEDULE
00282 #endif
00283 
00284 /*  2. ASSEMBLER SUPPORT
00285 
00286     This define (which can be on the command line) enables the use of the
00287     assembler code routines for encryption and decryption with the C code
00288     only providing key scheduling
00289 */
00290 #if 0
00291 #define AES_ASM
00292 #endif
00293 
00294 /*  3. BYTE ORDER WITHIN 32 BIT WORDS
00295 
00296     The fundamental data processing units in Rijndael are 8-bit bytes. The
00297     input, output and key input are all enumerated arrays of bytes in which
00298     bytes are numbered starting at zero and increasing to one less than the
00299     number of bytes in the array in question. This enumeration is only used
00300     for naming bytes and does not imply any adjacency or order relationship
00301     from one byte to another. When these inputs and outputs are considered
00302     as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
00303     byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
00304     In this implementation bits are numbered from 0 to 7 starting at the
00305     numerically least significant end of each byte (bit n represents 2^n).
00306 
00307     However, Rijndael can be implemented more efficiently using 32-bit
00308     words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
00309     into word[n]. While in principle these bytes can be assembled into words
00310     in any positions, this implementation only supports the two formats in
00311     which bytes in adjacent positions within words also have adjacent byte
00312     numbers. This order is called big-endian if the lowest numbered bytes
00313     in words have the highest numeric significance and little-endian if the
00314     opposite applies.
00315 
00316     This code can work in either order irrespective of the order used by the
00317     machine on which it runs. Normally the internal byte order will be set
00318     to the order of the processor on which the code is to be run but this
00319     define can be used to reverse this in special situations
00320 
00321     NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
00322 */
00323 #if 1 || defined(AES_ASM)
00324 #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
00325 #elif 0
00326 #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
00327 #elif 0
00328 #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
00329 #else
00330 #error The algorithm byte order is not defined
00331 #endif
00332 
00333 /*  4. FAST INPUT/OUTPUT OPERATIONS.
00334 
00335     On some machines it is possible to improve speed by transferring the
00336     bytes in the input and output arrays to and from the internal 32-bit
00337     variables by addressing these arrays as if they are arrays of 32-bit
00338     words.  On some machines this will always be possible but there may
00339     be a large performance penalty if the byte arrays are not aligned on
00340     the normal word boundaries. On other machines this technique will
00341     lead to memory access errors when such 32-bit word accesses are not
00342     properly aligned. The option SAFE_IO avoids such problems but will
00343     often be slower on those machines that support misaligned access
00344     (especially so if care is taken to align the input  and output byte
00345     arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
00346     assumed that access to byte arrays as if they are arrays of 32-bit
00347     words will not cause problems when such accesses are misaligned.
00348 */
00349 #if 1 && !defined(_MSC_VER)
00350 #define SAFE_IO
00351 #endif
00352 
00353 /*  5. LOOP UNROLLING
00354 
00355     The code for encryption and decrytpion cycles through a number of rounds
00356     that can be implemented either in a loop or by expanding the code into a
00357     long sequence of instructions, the latter producing a larger program but
00358     one that will often be much faster. The latter is called loop unrolling.
00359     There are also potential speed advantages in expanding two iterations in
00360     a loop with half the number of iterations, which is called partial loop
00361     unrolling.  The following options allow partial or full loop unrolling
00362     to be set independently for encryption and decryption
00363 */
00364 #if 1
00365 #define ENC_UNROLL  FULL
00366 #elif 0
00367 #define ENC_UNROLL  PARTIAL
00368 #else
00369 #define ENC_UNROLL  NONE
00370 #endif
00371 
00372 #if 1
00373 #define DEC_UNROLL  FULL
00374 #elif 0
00375 #define DEC_UNROLL  PARTIAL
00376 #else
00377 #define DEC_UNROLL  NONE
00378 #endif
00379 
00380 /*  6. FAST FINITE FIELD OPERATIONS
00381 
00382     If this section is included, tables are used to provide faster finite
00383     field arithmetic (this has no effect if FIXED_TABLES is defined).
00384 */
00385 #if 1
00386 #define FF_TABLES
00387 #endif
00388 
00389 /*  7. INTERNAL STATE VARIABLE FORMAT
00390 
00391     The internal state of Rijndael is stored in a number of local 32-bit
00392     word varaibles which can be defined either as an array or as individual
00393     names variables. Include this section if you want to store these local
00394     varaibles in arrays. Otherwise individual local variables will be used.
00395 */
00396 #if 1
00397 #define ARRAYS
00398 #endif
00399 
00400 /* In this implementation the columns of the state array are each held in
00401    32-bit words. The state array can be held in various ways: in an array
00402    of words, in a number of individual word variables or in a number of
00403    processor registers. The following define maps a variable name x and
00404    a column number c to the way the state array variable is to be held.
00405    The first define below maps the state into an array x[c] whereas the
00406    second form maps the state into a number of individual variables x0,
00407    x1, etc.  Another form could map individual state colums to machine
00408    register names.
00409 */
00410 
00411 #if defined(ARRAYS)
00412 #define s(x,c) x[c]
00413 #else
00414 #define s(x,c) x##c
00415 #endif
00416 
00417 /*  8. FIXED OR DYNAMIC TABLES
00418 
00419     When this section is included the tables used by the code are compiled
00420     statically into the binary file.  Otherwise the subroutine gen_tabs()
00421     must be called to compute them before the code is first used.
00422 */
00423 #if 1
00424 #define FIXED_TABLES
00425 #endif
00426 
00427 /*  9. TABLE ALIGNMENT
00428 
00429     On some sytsems speed will be improved by aligning the AES large lookup
00430     tables on particular boundaries. This define should be set to a power of
00431     two giving the desired alignment. It can be left undefined if alignment 
00432     is not needed.  This option is specific to the Microsft VC++ compiler -
00433     it seems to sometimes cause trouble for the VC++ version 6 compiler.
00434 */
00435 
00436 #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
00437 #define TABLE_ALIGN 64
00438 #endif
00439 
00440 /*  10. INTERNAL TABLE CONFIGURATION
00441 
00442     This cipher proceeds by repeating in a number of cycles known as 'rounds'
00443     which are implemented by a round function which can optionally be speeded
00444     up using tables.  The basic tables are each 256 32-bit words, with either
00445     one or four tables being required for each round function depending on
00446     how much speed is required. The encryption and decryption round functions
00447     are different and the last encryption and decrytpion round functions are
00448     different again making four different round functions in all.
00449 
00450     This means that:
00451       1. Normal encryption and decryption rounds can each use either 0, 1
00452          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00453       2. The last encryption and decryption rounds can also use either 0, 1
00454          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00455 
00456     Include or exclude the appropriate definitions below to set the number
00457     of tables used by this implementation.
00458 */
00459 
00460 #if 1   /* set tables for the normal encryption round */
00461 #define ENC_ROUND   FOUR_TABLES
00462 #elif 0
00463 #define ENC_ROUND   ONE_TABLE
00464 #else
00465 #define ENC_ROUND   NO_TABLES
00466 #endif
00467 
00468 #if 1   /* set tables for the last encryption round */
00469 #define LAST_ENC_ROUND  FOUR_TABLES
00470 #elif 0
00471 #define LAST_ENC_ROUND  ONE_TABLE
00472 #else
00473 #define LAST_ENC_ROUND  NO_TABLES
00474 #endif
00475 
00476 #if 1   /* set tables for the normal decryption round */
00477 #define DEC_ROUND   FOUR_TABLES
00478 #elif 0
00479 #define DEC_ROUND   ONE_TABLE
00480 #else
00481 #define DEC_ROUND   NO_TABLES
00482 #endif
00483 
00484 #if 1   /* set tables for the last decryption round */
00485 #define LAST_DEC_ROUND  FOUR_TABLES
00486 #elif 0
00487 #define LAST_DEC_ROUND  ONE_TABLE
00488 #else
00489 #define LAST_DEC_ROUND  NO_TABLES
00490 #endif
00491 
00492 /*  The decryption key schedule can be speeded up with tables in the same
00493     way that the round functions can.  Include or exclude the following
00494     defines to set this requirement.
00495 */
00496 #if 1
00497 #define KEY_SCHED   FOUR_TABLES
00498 #elif 0
00499 #define KEY_SCHED   ONE_TABLE
00500 #else
00501 #define KEY_SCHED   NO_TABLES
00502 #endif
00503 
00504 /* END OF CONFIGURATION OPTIONS */
00505 
00506 #define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))
00507 
00508 /* Disable or report errors on some combinations of options */
00509 
00510 #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
00511 #undef  LAST_ENC_ROUND
00512 #define LAST_ENC_ROUND  NO_TABLES
00513 #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
00514 #undef  LAST_ENC_ROUND
00515 #define LAST_ENC_ROUND  ONE_TABLE
00516 #endif
00517 
00518 #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
00519 #undef  ENC_UNROLL
00520 #define ENC_UNROLL  NONE
00521 #endif
00522 
00523 #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
00524 #undef  LAST_DEC_ROUND
00525 #define LAST_DEC_ROUND  NO_TABLES
00526 #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
00527 #undef  LAST_DEC_ROUND
00528 #define LAST_DEC_ROUND  ONE_TABLE
00529 #endif
00530 
00531 #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
00532 #undef  DEC_UNROLL
00533 #define DEC_UNROLL  NONE
00534 #endif
00535 
00536 /*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
00537                higher index positions with wrap around into low positions
00538     ups(x,n):  moves bytes by n positions to higher index positions in
00539                words but without wrap around
00540     bval(x,n): extracts a byte from a word
00541 
00542     NOTE:      The definitions given here are intended only for use with
00543                unsigned variables and with shift counts that are compile
00544                time constants
00545 */
00546 
00547 #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
00548 #define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
00549 #define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
00550 #define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
00551 #define bytes2word(b0, b1, b2, b3)  \
00552         (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
00553 #endif
00554 
00555 #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
00556 #define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
00557 #define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
00558 #define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
00559 #define bytes2word(b0, b1, b2, b3)  \
00560         (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
00561 #endif
00562 
00563 #if defined(SAFE_IO)
00564 
00565 #define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
00566                                    ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
00567 #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
00568                           ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }
00569 
00570 #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)
00571 
00572 #define word_in(x,c)    (*((aes_32t*)(x)+(c)))
00573 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))
00574 
00575 #else
00576 
00577 #define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
00578 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))
00579 
00580 #endif
00581 
00582 /* the finite field modular polynomial and elements */
00583 
00584 #define WPOLY   0x011b
00585 #define BPOLY     0x1b
00586 
00587 /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
00588 
00589 #define m1  0x80808080
00590 #define m2  0x7f7f7f7f
00591 #define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
00592 
00593 /* The following defines provide alternative definitions of gf_mulx that might
00594    give improved performance if a fast 32-bit multiply is not available. Note
00595    that a temporary variable u needs to be defined where gf_mulx is used.
00596 
00597 #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
00598 #define m4  (0x01010101 * BPOLY)
00599 #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
00600 */
00601 
00602 /* Work out which tables are needed for the different options   */
00603 
00604 #ifdef  AES_ASM
00605 #ifdef  ENC_ROUND
00606 #undef  ENC_ROUND
00607 #endif
00608 #define ENC_ROUND   FOUR_TABLES
00609 #ifdef  LAST_ENC_ROUND
00610 #undef  LAST_ENC_ROUND
00611 #endif
00612 #define LAST_ENC_ROUND  FOUR_TABLES
00613 #ifdef  DEC_ROUND
00614 #undef  DEC_ROUND
00615 #endif
00616 #define DEC_ROUND   FOUR_TABLES
00617 #ifdef  LAST_DEC_ROUND
00618 #undef  LAST_DEC_ROUND
00619 #endif
00620 #define LAST_DEC_ROUND  FOUR_TABLES
00621 #ifdef  KEY_SCHED
00622 #undef  KEY_SCHED
00623 #define KEY_SCHED   FOUR_TABLES
00624 #endif
00625 #endif
00626 
00627 #if defined(ENCRYPTION) || defined(AES_ASM)
00628 #if ENC_ROUND == ONE_TABLE
00629 #define FT1_SET
00630 #elif ENC_ROUND == FOUR_TABLES
00631 #define FT4_SET
00632 #else
00633 #define SBX_SET
00634 #endif
00635 #if LAST_ENC_ROUND == ONE_TABLE
00636 #define FL1_SET
00637 #elif LAST_ENC_ROUND == FOUR_TABLES
00638 #define FL4_SET
00639 #elif !defined(SBX_SET)
00640 #define SBX_SET
00641 #endif
00642 #endif
00643 
00644 #if defined(DECRYPTION) || defined(AES_ASM)
00645 #if DEC_ROUND == ONE_TABLE
00646 #define IT1_SET
00647 #elif DEC_ROUND == FOUR_TABLES
00648 #define IT4_SET
00649 #else
00650 #define ISB_SET
00651 #endif
00652 #if LAST_DEC_ROUND == ONE_TABLE
00653 #define IL1_SET
00654 #elif LAST_DEC_ROUND == FOUR_TABLES
00655 #define IL4_SET
00656 #elif !defined(ISB_SET)
00657 #define ISB_SET
00658 #endif
00659 #endif
00660 
00661 #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
00662 #if KEY_SCHED == ONE_TABLE
00663 #define LS1_SET
00664 #define IM1_SET
00665 #elif KEY_SCHED == FOUR_TABLES
00666 #define LS4_SET
00667 #define IM4_SET
00668 #elif !defined(SBX_SET)
00669 #define SBX_SET
00670 #endif
00671 #endif
00672 
00673 /* generic definitions of Rijndael macros that use tables    */
00674 
00675 #define no_table(x,box,vf,rf,c) bytes2word( \
00676     box[bval(vf(x,0,c),rf(0,c))], \
00677     box[bval(vf(x,1,c),rf(1,c))], \
00678     box[bval(vf(x,2,c),rf(2,c))], \
00679     box[bval(vf(x,3,c),rf(3,c))])
00680 
00681 #define one_table(x,op,tab,vf,rf,c) \
00682  (     tab[bval(vf(x,0,c),rf(0,c))] \
00683   ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
00684   ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
00685   ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
00686 
00687 #define four_tables(x,tab,vf,rf,c) \
00688  (  tab[0][bval(vf(x,0,c),rf(0,c))] \
00689   ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
00690   ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
00691   ^ tab[3][bval(vf(x,3,c),rf(3,c))])
00692 
00693 #define vf1(x,r,c)  (x)
00694 #define rf1(r,c)    (r)
00695 #define rf2(r,c)    ((8+r-c)&3)
00696 
00697 /* perform forward and inverse column mix operation on four bytes in long word x in */
00698 /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */
00699 
00700 #if defined(FM4_SET)    /* not currently used */
00701 #define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
00702 #elif defined(FM1_SET)  /* not currently used */
00703 #define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
00704 #else
00705 #define dec_fmvars      aes_32t g2
00706 #define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
00707 #endif
00708 
00709 #if defined(IM4_SET)
00710 #define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
00711 #elif defined(IM1_SET)
00712 #define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
00713 #else
00714 #define dec_imvars      aes_32t g2, g4, g9
00715 #define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
00716                         (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
00717 #endif
00718 
00719 #if defined(FL4_SET)
00720 #define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
00721 #elif   defined(LS4_SET)
00722 #define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
00723 #elif defined(FL1_SET)
00724 #define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
00725 #elif defined(LS1_SET)
00726 #define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
00727 #else
00728 #define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
00729 #endif
00730 
00731 #if defined(__cplusplus)
00732 extern "C"
00733 {
00734 #endif
00735 
00736 /*  If there are no global variables, the definitions here can be
00737     used to put the AES tables in a structure so that a pointer 
00738     can then be added to the AES context to pass them to the AES
00739     routines that need them.  If this facility is used, the calling 
00740     program has to ensure that this pointer is managed appropriately. 
00741     In particular, the value of the t_dec(in,it) item in the table 
00742     structure must be set to zero in order to ensure that the tables 
00743     are initialised. In practice the three code sequences in aeskey.c 
00744     that control the calls to gen_tabs() and the gen_tabs() routine 
00745     itself will have to be changed for a specific implementation. If 
00746     global variables are available it will generally be preferable to 
00747     use them with the precomputed FIXED_TABLES option that uses static 
00748     global tables.
00749 
00750     The following defines can be used to control the way the tables
00751     are defined, initialised and used in embedded environments that
00752     require special features for these purposes
00753 
00754     the 't_dec' construction is used to declare fixed table arrays
00755     the 't_set' construction is used to set fixed table values
00756     the 't_use' construction is used to access fixed table values
00757 
00758     256 byte tables:
00759 
00760         t_xxx(s,box)    => forward S box
00761         t_xxx(i,box)    => inverse S box
00762 
00763     256 32-bit word OR 4 x 256 32-bit word tables:
00764 
00765         t_xxx(f,n)      => forward normal round
00766         t_xxx(f,l)      => forward last round
00767         t_xxx(i,n)      => inverse normal round
00768         t_xxx(i,l)      => inverse last round
00769         t_xxx(l,s)      => key schedule table
00770         t_xxx(i,m)      => key schedule table
00771 
00772     Other variables and tables:
00773 
00774         t_xxx(r,c)      => the rcon table
00775 */
00776 
00777 #define t_dec(m,n) t_##m##n
00778 #define t_set(m,n) t_##m##n
00779 #define t_use(m,n) t_##m##n
00780 
00781 #if defined(DO_TABLES)  /* declare and instantiate tables   */
00782 
00783 /*  finite field arithmetic operations for table generation */
00784 
00785 #if defined(FIXED_TABLES) || !defined(FF_TABLES)
00786 
00787 #define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
00788 #define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
00789 #define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
00790                         ^ (((x>>5) & 4) * WPOLY))
00791 #define f3(x)   (f2(x) ^ x)
00792 #define f9(x)   (f8(x) ^ x)
00793 #define fb(x)   (f8(x) ^ f2(x) ^ x)
00794 #define fd(x)   (f8(x) ^ f4(x) ^ x)
00795 #define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
00796 
00797 #else
00798 
00799 #define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
00800 #define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
00801 #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
00802 #define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
00803 #define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
00804 #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
00805 #define fi(x) ((x) ? pow[ 255 - log[x]] : 0)
00806 
00807 #endif
00808 
00809 #if defined(FIXED_TABLES)   /* declare and set values for static tables */
00810 
00811 #define sb_data(w) \
00812     w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
00813     w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
00814     w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
00815     w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
00816     w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
00817     w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
00818     w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
00819     w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
00820     w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
00821     w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
00822     w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
00823     w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
00824     w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
00825     w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
00826     w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
00827     w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
00828     w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
00829     w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
00830     w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
00831     w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
00832     w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
00833     w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
00834     w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
00835     w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
00836     w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
00837     w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
00838     w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
00839     w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
00840     w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
00841     w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
00842     w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
00843     w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16)
00844 
00845 #define isb_data(w) \
00846     w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
00847     w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
00848     w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
00849     w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
00850     w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
00851     w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
00852     w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
00853     w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
00854     w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
00855     w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
00856     w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
00857     w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
00858     w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
00859     w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
00860     w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
00861     w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
00862     w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
00863     w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
00864     w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
00865     w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
00866     w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
00867     w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
00868     w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
00869     w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
00870     w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
00871     w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
00872     w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
00873     w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
00874     w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
00875     w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
00876     w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
00877     w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d),
00878 
00879 #define mm_data(w) \
00880     w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
00881     w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
00882     w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
00883     w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
00884     w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
00885     w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
00886     w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
00887     w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
00888     w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
00889     w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
00890     w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
00891     w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
00892     w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
00893     w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
00894     w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
00895     w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
00896     w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
00897     w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
00898     w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
00899     w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
00900     w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
00901     w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
00902     w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
00903     w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
00904     w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
00905     w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
00906     w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
00907     w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
00908     w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
00909     w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
00910     w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
00911     w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff)
00912 
00913 #define h0(x)   (x)
00914 
00915 /*  These defines are used to ensure tables are generated in the
00916     right format depending on the internal byte order required
00917 */
00918 
00919 #define w0(p)   bytes2word(p, 0, 0, 0)
00920 #define w1(p)   bytes2word(0, p, 0, 0)
00921 #define w2(p)   bytes2word(0, 0, p, 0)
00922 #define w3(p)   bytes2word(0, 0, 0, p)
00923 
00924 #define u0(p)   bytes2word(f2(p), p, p, f3(p))
00925 #define u1(p)   bytes2word(f3(p), f2(p), p, p)
00926 #define u2(p)   bytes2word(p, f3(p), f2(p), p)
00927 #define u3(p)   bytes2word(p, p, f3(p), f2(p))
00928 
00929 #define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
00930 #define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
00931 #define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
00932 #define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))
00933 
00934 const aes_32t t_dec(r,c)[RC_LENGTH] =
00935 {
00936     w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10),
00937     w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36)
00938 };
00939 
00940 #define d_1(t,n,b,v) const t n[256]    =   { b(v##0) }
00941 #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } }
00942 
00943 #else   /* declare and instantiate tables for dynamic value generation in in tab.c  */
00944 
00945 aes_32t t_dec(r,c)[RC_LENGTH];
00946 
00947 #define d_1(t,n,b,v) t  n[256]
00948 #define d_4(t,n,b,v) t  n[4][256]
00949 
00950 #endif
00951 
00952 #else   /* declare tables without instantiation */
00953 
00954 #if defined(FIXED_TABLES)
00955 
00956 extern const aes_32t t_dec(r,c)[RC_LENGTH];
00957 
00958 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00959 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[256]
00960 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[4][256]
00961 #else
00962 #define d_1(t,n,b,v) extern const t  n[256]
00963 #define d_4(t,n,b,v) extern const t  n[4][256]
00964 #endif
00965 #else
00966 
00967 extern aes_32t t_dec(r,c)[RC_LENGTH];
00968 
00969 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00970 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[256]
00971 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[4][256]
00972 #else
00973 #define d_1(t,n,b,v) extern t  n[256]
00974 #define d_4(t,n,b,v) extern t  n[4][256]
00975 #endif
00976 #endif
00977 
00978 #endif
00979 
00980 #ifdef  SBX_SET
00981     d_1(aes_08t, t_dec(s,box), sb_data, h);
00982 #endif
00983 #ifdef  ISB_SET
00984     d_1(aes_08t, t_dec(i,box), isb_data, h);
00985 #endif
00986 
00987 #ifdef  FT1_SET
00988     d_1(aes_32t, t_dec(f,n), sb_data, u);
00989 #endif
00990 #ifdef  FT4_SET
00991     d_4(aes_32t, t_dec(f,n), sb_data, u);
00992 #endif
00993 
00994 #ifdef  FL1_SET
00995     d_1(aes_32t, t_dec(f,l), sb_data, w);
00996 #endif
00997 #ifdef  FL4_SET
00998     d_4(aes_32t, t_dec(f,l), sb_data, w);
00999 #endif
01000 
01001 #ifdef  IT1_SET
01002     d_1(aes_32t, t_dec(i,n), isb_data, v);
01003 #endif
01004 #ifdef  IT4_SET
01005     d_4(aes_32t, t_dec(i,n), isb_data, v);
01006 #endif
01007 
01008 #ifdef  IL1_SET
01009     d_1(aes_32t, t_dec(i,l), isb_data, w);
01010 #endif
01011 #ifdef  IL4_SET
01012     d_4(aes_32t, t_dec(i,l), isb_data, w);
01013 #endif
01014 
01015 #ifdef  LS1_SET
01016 #ifdef  FL1_SET
01017 #undef  LS1_SET
01018 #else
01019     d_1(aes_32t, t_dec(l,s), sb_data, w);
01020 #endif
01021 #endif
01022 
01023 #ifdef  LS4_SET
01024 #ifdef  FL4_SET
01025 #undef  LS4_SET
01026 #else
01027     d_4(aes_32t, t_dec(l,s), sb_data, w);
01028 #endif
01029 #endif
01030 
01031 #ifdef  IM1_SET
01032     d_1(aes_32t, t_dec(i,m), mm_data, v);
01033 #endif
01034 #ifdef  IM4_SET
01035     d_4(aes_32t, t_dec(i,m), mm_data, v);
01036 #endif
01037 
01038 #if defined(__cplusplus)
01039 }
01040 #endif
01041 
01042 #endif

Generated on Sun Apr 18 23:33:47 2004 for Asterisk by doxygen 1.3.6-20040222