aes-internal-dec.c

Go to the documentation of this file.
00001 
00025 #include "includes.h"
00026 
00027 #include "common.h"
00028 #include "crypto.h"
00029 #include "aes_i.h"
00030 
00036 void rijndaelKeySetupDec(u32 rk[/*44*/], const u8 cipherKey[])
00037 {
00038         int Nr = 10, i, j;
00039         u32 temp;
00040 
00041         /* expand the cipher key: */
00042         rijndaelKeySetupEnc(rk, cipherKey);
00043         /* invert the order of the round keys: */
00044         for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {
00045                 temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
00046                 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
00047                 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
00048                 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
00049         }
00050         /* apply the inverse MixColumn transform to all round keys but the
00051          * first and the last: */
00052         for (i = 1; i < Nr; i++) {
00053                 rk += 4;
00054                 for (j = 0; j < 4; j++) {
00055                         rk[j] = TD0_(TE4((rk[j] >> 24)       )) ^
00056                                 TD1_(TE4((rk[j] >> 16) & 0xff)) ^
00057                                 TD2_(TE4((rk[j] >>  8) & 0xff)) ^
00058                                 TD3_(TE4((rk[j]      ) & 0xff));
00059                 }
00060         }
00061 }
00062 
00063 void * aes_decrypt_init(const u8 *key, size_t len)
00064 {
00065         u32 *rk;
00066         if (len != 16)
00067                 return NULL;
00068         rk = os_malloc(AES_PRIV_SIZE);
00069         if (rk == NULL)
00070                 return NULL;
00071         rijndaelKeySetupDec(rk, key);
00072         return rk;
00073 }
00074 
00075 static void rijndaelDecrypt(const u32 rk[/*44*/], const u8 ct[16], u8 pt[16])
00076 {
00077         u32 s0, s1, s2, s3, t0, t1, t2, t3;
00078         const int Nr = 10;
00079 #ifndef FULL_UNROLL
00080         int r;
00081 #endif /* ?FULL_UNROLL */
00082 
00083         /*
00084          * map byte array block to cipher state
00085          * and add initial round key:
00086          */
00087         s0 = GETU32(ct     ) ^ rk[0];
00088         s1 = GETU32(ct +  4) ^ rk[1];
00089         s2 = GETU32(ct +  8) ^ rk[2];
00090         s3 = GETU32(ct + 12) ^ rk[3];
00091 
00092 #define ROUND(i,d,s) \
00093 d##0 = TD0(s##0) ^ TD1(s##3) ^ TD2(s##2) ^ TD3(s##1) ^ rk[4 * i]; \
00094 d##1 = TD0(s##1) ^ TD1(s##0) ^ TD2(s##3) ^ TD3(s##2) ^ rk[4 * i + 1]; \
00095 d##2 = TD0(s##2) ^ TD1(s##1) ^ TD2(s##0) ^ TD3(s##3) ^ rk[4 * i + 2]; \
00096 d##3 = TD0(s##3) ^ TD1(s##2) ^ TD2(s##1) ^ TD3(s##0) ^ rk[4 * i + 3]
00097 
00098 #ifdef FULL_UNROLL
00099 
00100         ROUND(1,t,s);
00101         ROUND(2,s,t);
00102         ROUND(3,t,s);
00103         ROUND(4,s,t);
00104         ROUND(5,t,s);
00105         ROUND(6,s,t);
00106         ROUND(7,t,s);
00107         ROUND(8,s,t);
00108         ROUND(9,t,s);
00109 
00110         rk += Nr << 2;
00111 
00112 #else  /* !FULL_UNROLL */
00113 
00114         /* Nr - 1 full rounds: */
00115         r = Nr >> 1;
00116         for (;;) {
00117                 ROUND(1,t,s);
00118                 rk += 8;
00119                 if (--r == 0)
00120                         break;
00121                 ROUND(0,s,t);
00122         }
00123 
00124 #endif /* ?FULL_UNROLL */
00125 
00126 #undef ROUND
00127 
00128         /*
00129          * apply last round and
00130          * map cipher state to byte array block:
00131          */
00132         s0 = TD41(t0) ^ TD42(t3) ^ TD43(t2) ^ TD44(t1) ^ rk[0];
00133         PUTU32(pt     , s0);
00134         s1 = TD41(t1) ^ TD42(t0) ^ TD43(t3) ^ TD44(t2) ^ rk[1];
00135         PUTU32(pt +  4, s1);
00136         s2 = TD41(t2) ^ TD42(t1) ^ TD43(t0) ^ TD44(t3) ^ rk[2];
00137         PUTU32(pt +  8, s2);
00138         s3 = TD41(t3) ^ TD42(t2) ^ TD43(t1) ^ TD44(t0) ^ rk[3];
00139         PUTU32(pt + 12, s3);
00140 }
00141 
00142 void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
00143 {
00144         rijndaelDecrypt(ctx, crypt, plain);
00145 }
00146 
00147 
00148 void aes_decrypt_deinit(void *ctx)
00149 {
00150         os_memset(ctx, 0, AES_PRIV_SIZE);
00151         os_free(ctx);
00152 }
00153
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on Sat Nov 21 23:16:49 2009 for hostapd by  doxygen 1.6.1