I was promised that this does not need to have endness fix up by Markus.

So I will blindly trust him. =) - markus@cvs.openbsd.org 2001/08/23 11:31:59 [cipher.c cipher.h] switch to the optimised AES reference code from http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
2001-09-14 02:47:33 +00:00 · 2001-09-14 02:47:33 +00:00 · 319fc7353c
parent 4213c559ef
commit 319fc7353c
5 changed files with 1296 additions and 488 deletions
--- a/9
+++ b/9
@ -1,3 +1,10 @@
+20010913
+ - (bal) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2001/08/23 11:31:59
+     [cipher.c cipher.h]
+     switch to the optimised AES reference code from
+     http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
+
 20010912
 - (bal) OpenBSD CVS Sync
   - jakob@cvs.openbsd.org 2001/08/16 19:18:34
@ -6409,4 +6416,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.1510 2001/09/12 18:45:09 mouring Exp $
+$Id: ChangeLog,v 1.1511 2001/09/14 02:47:33 mouring Exp $
--- a/cipher.c
+++ b/cipher.c
@ -35,7 +35,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.46 2001/06/25 08:25:36 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.47 2001/08/23 11:31:59 markus Exp $");

 #include "xmalloc.h"
 #include "log.h"
@ -283,66 +283,65 @@ cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
 static void
 rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen)
 {
-	rijndael_set_key(&cc->u.rijndael.enc, (u4byte *)key, 8*keylen, 1);
-	rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0);
+	rijndael_set_key(&cc->u.rijndael.enc, (char *)key, 8*keylen, 1);
+	rijndael_set_key(&cc->u.rijndael.dec, (char *)key, 8*keylen, 0);
 }
 static void
 rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
 {
-	if (iv == NULL)
-		fatal("no IV for %s.", cc->cipher->name);
-	memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
+	if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE) 
+		fatal("bad/no IV for %s.", cc->cipher->name);
+	memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
 }
 static void
 rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
 	rijndael_ctx *ctx = &cc->u.rijndael.enc;
-	u4byte *iv = cc->u.rijndael.iv;
-	u4byte in[4];
-	u4byte *cprev, *cnow, *plain;
-	int i, blocks = len / RIJNDAEL_BLOCKSIZE;
+	u_char *iv = cc->u.rijndael.iv;
+	u_char in[RIJNDAEL_BLOCKSIZE];
+	u_char *cprev, *cnow, *plain;
+	int i, j, blocks = len / RIJNDAEL_BLOCKSIZE;
+
 	if (len == 0)
 		return;
 	if (len % RIJNDAEL_BLOCKSIZE)
 		fatal("rijndael_cbc_encrypt: bad len %d", len);
-	cnow  = (u4byte*) dest;
-	plain = (u4byte*) src;
+	cnow  = dest;
+	plain = (u_char *) src;
 	cprev = iv;
-	for(i = 0; i < blocks; i++, plain+=4, cnow+=4) {
-		in[0] = plain[0] ^ cprev[0];
-		in[1] = plain[1] ^ cprev[1];
-		in[2] = plain[2] ^ cprev[2];
-		in[3] = plain[3] ^ cprev[3];
+	for (i = 0; i < blocks; i++, plain+=RIJNDAEL_BLOCKSIZE,
+	    cnow+=RIJNDAEL_BLOCKSIZE) {
+		for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
+			in[j] = plain[j] ^ cprev[j];
 		rijndael_encrypt(ctx, in, cnow);
 		cprev = cnow;
 	}
 	memcpy(iv, cprev, RIJNDAEL_BLOCKSIZE);
 }
-
 static void
 rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
    u_int len)
 {
 	rijndael_ctx *ctx = &cc->u.rijndael.dec;
-	u4byte *iv = cc->u.rijndael.iv;
-	u4byte ivsaved[4];
-	u4byte *cnow =  (u4byte*) (src+len-RIJNDAEL_BLOCKSIZE);
-	u4byte *plain = (u4byte*) (dest+len-RIJNDAEL_BLOCKSIZE);
-	u4byte *ivp;
-	int i, blocks = len / RIJNDAEL_BLOCKSIZE;
+	u_char *iv = cc->u.rijndael.iv;
+	u_char ivsaved[RIJNDAEL_BLOCKSIZE];
+	u_char *cnow  = (u_char *) (src+len-RIJNDAEL_BLOCKSIZE);
+	u_char *plain = dest+len-RIJNDAEL_BLOCKSIZE;
+	u_char *ivp;
+	int i, j, blocks = len / RIJNDAEL_BLOCKSIZE;
+
 	if (len == 0)
 		return;
 	if (len % RIJNDAEL_BLOCKSIZE)
 		fatal("rijndael_cbc_decrypt: bad len %d", len);
 	memcpy(ivsaved, cnow, RIJNDAEL_BLOCKSIZE);
-	for(i = blocks; i > 0; i--, cnow-=4, plain-=4) {
+	for (i = blocks; i > 0; i--, cnow-=RIJNDAEL_BLOCKSIZE,
+	    plain-=RIJNDAEL_BLOCKSIZE) {
 		rijndael_decrypt(ctx, cnow, plain);
-		ivp =  (i == 1) ? iv : cnow-4;
-		plain[0] ^= ivp[0];
-		plain[1] ^= ivp[1];
-		plain[2] ^= ivp[2];
-		plain[3] ^= ivp[3];
+		ivp = (i == 1) ? iv : cnow-RIJNDAEL_BLOCKSIZE;
+		for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
+			plain[j] ^= ivp[j];
 	}
 	memcpy(iv, ivsaved, RIJNDAEL_BLOCKSIZE);
 }
--- a/cipher.h
+++ b/cipher.h
@ -32,7 +32,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

-/* RCSID("$OpenBSD: cipher.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */
+/* RCSID("$OpenBSD: cipher.h,v 1.29 2001/08/23 11:31:59 markus Exp $"); */

 #ifndef CIPHER_H
 #define CIPHER_H
@ -85,7 +85,7 @@ struct CipherContext {
 			u_char iv[8];
 		} cast;
 		struct {
-			u4byte iv[4];
+			u_char iv[16];
 			rijndael_ctx enc;
 			rijndael_ctx dec;
 		} rijndael;
--- a/rijndael.c
+++ b/rijndael.c
--- a/rijndael.h
+++ b/rijndael.h
@ -1,63 +1,49 @@
-/*	$OpenBSD: rijndael.h,v 1.9 2001/07/30 16:23:30 stevesk Exp $	*/
+/**
+ * rijndael-alg-fst.h
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto@terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef __RIJNDAEL_H
+#define __RIJNDAEL_H

-/* This is an independent implementation of the encryption algorithm:   */
-/*                                                                      */
-/*         RIJNDAEL by Joan Daemen and Vincent Rijmen                   */
-/*                                                                      */
-/* which is a candidate algorithm in the Advanced Encryption Standard   */
-/* programme of the US National Institute of Standards and Technology.  */
+#define MAXKC	(256/32)
+#define MAXKB	(256/8)
+#define MAXNR	14

-/*
-   -----------------------------------------------------------------------
-   Copyright (c) 2001 Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK
-   
-   TERMS
+typedef unsigned char	u8;	
+typedef unsigned short	u16;	
+typedef unsigned int	u32;

-   Redistribution and use in source and binary forms, with or without
-   modification, are permitted provided that the following conditions
-   are met:
-   1. Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-   2. Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-
-   This software is provided 'as is' with no guarantees of correctness or
-   fitness for purpose.
-   -----------------------------------------------------------------------
-*/
-
-#ifndef _RIJNDAEL_H_
-#define _RIJNDAEL_H_
-
-#include "config.h"
-
-/* 1. Standard types for AES cryptography source code               */
-
-typedef u_int8_t   u1byte; /* an 8 bit unsigned character type */
-typedef u_int16_t  u2byte; /* a 16 bit unsigned integer type   */
-typedef u_int32_t  u4byte; /* a 32 bit unsigned integer type   */
-
-typedef int8_t     s1byte; /* an 8 bit signed character type   */
-typedef int16_t    s2byte; /* a 16 bit signed integer type     */
-typedef int32_t    s4byte; /* a 32 bit signed integer type     */
-
-typedef struct _rijndael_ctx {
-	u4byte  k_len;
-	int decrypt;
-	u4byte  e_key[64];
-	u4byte  d_key[64];
+/*  The structure for key information */
+typedef struct {
+	int	decrypt;
+	int	Nr;			/* key-length-dependent number of rounds */
+	u32	ek[4*(MAXNR + 1)];	/* encrypt key schedule */
+	u32	dk[4*(MAXNR + 1)];	/* decrypt key schedule */
 } rijndael_ctx;

+void	 rijndael_set_key(rijndael_ctx *, u_char *, int, int);
+void	 rijndael_decrypt(rijndael_ctx *, u_char *, u_char *);
+void	 rijndael_encrypt(rijndael_ctx *, u_char *, u_char *);

-/* 2. Standard interface for AES cryptographic routines             */
-
-/* These are all based on 32 bit unsigned values and will therefore */
-/* require endian conversions for big-endian architectures          */
-
-rijndael_ctx *
-rijndael_set_key __P((rijndael_ctx *, const u4byte *, const u4byte, int));
-void rijndael_encrypt __P((rijndael_ctx *, const u4byte *, u4byte *));
-void rijndael_decrypt __P((rijndael_ctx *, const u4byte *, u4byte *));
-
-#endif /* _RIJNDAEL_H_ */
+#endif /* __RIJNDAEL_H */