I was promised that this does not need to have endness fix up by Markus.

So I will blindly trust him. =)

   - markus@cvs.openbsd.org 2001/08/23 11:31:59
     [cipher.c cipher.h]
     switch to the optimised AES reference code from
     http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
This commit is contained in:
Ben Lindstrom 2001-09-14 02:47:33 +00:00
parent 4213c559ef
commit 319fc7353c
5 changed files with 1296 additions and 488 deletions

View File

@ -1,3 +1,10 @@
20010913
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/08/23 11:31:59
[cipher.c cipher.h]
switch to the optimised AES reference code from
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
20010912
- (bal) OpenBSD CVS Sync
- jakob@cvs.openbsd.org 2001/08/16 19:18:34
@ -6409,4 +6416,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1510 2001/09/12 18:45:09 mouring Exp $
$Id: ChangeLog,v 1.1511 2001/09/14 02:47:33 mouring Exp $

View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: cipher.c,v 1.46 2001/06/25 08:25:36 markus Exp $");
RCSID("$OpenBSD: cipher.c,v 1.47 2001/08/23 11:31:59 markus Exp $");
#include "xmalloc.h"
#include "log.h"
@ -283,66 +283,65 @@ cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len)
static void
rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen)
{
rijndael_set_key(&cc->u.rijndael.enc, (u4byte *)key, 8*keylen, 1);
rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0);
rijndael_set_key(&cc->u.rijndael.enc, (char *)key, 8*keylen, 1);
rijndael_set_key(&cc->u.rijndael.dec, (char *)key, 8*keylen, 0);
}
static void
rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
{
if (iv == NULL)
fatal("no IV for %s.", cc->cipher->name);
memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE)
fatal("bad/no IV for %s.", cc->cipher->name);
memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
}
static void
rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
u_int len)
{
rijndael_ctx *ctx = &cc->u.rijndael.enc;
u4byte *iv = cc->u.rijndael.iv;
u4byte in[4];
u4byte *cprev, *cnow, *plain;
int i, blocks = len / RIJNDAEL_BLOCKSIZE;
u_char *iv = cc->u.rijndael.iv;
u_char in[RIJNDAEL_BLOCKSIZE];
u_char *cprev, *cnow, *plain;
int i, j, blocks = len / RIJNDAEL_BLOCKSIZE;
if (len == 0)
return;
if (len % RIJNDAEL_BLOCKSIZE)
fatal("rijndael_cbc_encrypt: bad len %d", len);
cnow = (u4byte*) dest;
plain = (u4byte*) src;
cnow = dest;
plain = (u_char *) src;
cprev = iv;
for(i = 0; i < blocks; i++, plain+=4, cnow+=4) {
in[0] = plain[0] ^ cprev[0];
in[1] = plain[1] ^ cprev[1];
in[2] = plain[2] ^ cprev[2];
in[3] = plain[3] ^ cprev[3];
for (i = 0; i < blocks; i++, plain+=RIJNDAEL_BLOCKSIZE,
cnow+=RIJNDAEL_BLOCKSIZE) {
for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
in[j] = plain[j] ^ cprev[j];
rijndael_encrypt(ctx, in, cnow);
cprev = cnow;
}
memcpy(iv, cprev, RIJNDAEL_BLOCKSIZE);
}
static void
rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
u_int len)
{
rijndael_ctx *ctx = &cc->u.rijndael.dec;
u4byte *iv = cc->u.rijndael.iv;
u4byte ivsaved[4];
u4byte *cnow = (u4byte*) (src+len-RIJNDAEL_BLOCKSIZE);
u4byte *plain = (u4byte*) (dest+len-RIJNDAEL_BLOCKSIZE);
u4byte *ivp;
int i, blocks = len / RIJNDAEL_BLOCKSIZE;
u_char *iv = cc->u.rijndael.iv;
u_char ivsaved[RIJNDAEL_BLOCKSIZE];
u_char *cnow = (u_char *) (src+len-RIJNDAEL_BLOCKSIZE);
u_char *plain = dest+len-RIJNDAEL_BLOCKSIZE;
u_char *ivp;
int i, j, blocks = len / RIJNDAEL_BLOCKSIZE;
if (len == 0)
return;
if (len % RIJNDAEL_BLOCKSIZE)
fatal("rijndael_cbc_decrypt: bad len %d", len);
memcpy(ivsaved, cnow, RIJNDAEL_BLOCKSIZE);
for(i = blocks; i > 0; i--, cnow-=4, plain-=4) {
for (i = blocks; i > 0; i--, cnow-=RIJNDAEL_BLOCKSIZE,
plain-=RIJNDAEL_BLOCKSIZE) {
rijndael_decrypt(ctx, cnow, plain);
ivp = (i == 1) ? iv : cnow-4;
plain[0] ^= ivp[0];
plain[1] ^= ivp[1];
plain[2] ^= ivp[2];
plain[3] ^= ivp[3];
ivp = (i == 1) ? iv : cnow-RIJNDAEL_BLOCKSIZE;
for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++)
plain[j] ^= ivp[j];
}
memcpy(iv, ivsaved, RIJNDAEL_BLOCKSIZE);
}

View File

@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* RCSID("$OpenBSD: cipher.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */
/* RCSID("$OpenBSD: cipher.h,v 1.29 2001/08/23 11:31:59 markus Exp $"); */
#ifndef CIPHER_H
#define CIPHER_H
@ -85,7 +85,7 @@ struct CipherContext {
u_char iv[8];
} cast;
struct {
u4byte iv[4];
u_char iv[16];
rijndael_ctx enc;
rijndael_ctx dec;
} rijndael;

1586
rijndael.c

File diff suppressed because it is too large Load Diff

View File

@ -1,63 +1,49 @@
/* $OpenBSD: rijndael.h,v 1.9 2001/07/30 16:23:30 stevesk Exp $ */
/**
* rijndael-alg-fst.h
*
* @version 3.0 (December 2000)
*
* Optimised ANSI C code for the Rijndael cipher (now AES)
*
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
* @author Paulo Barreto <paulo.barreto@terra.com.br>
*
* This code is hereby placed in the public domain.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __RIJNDAEL_H
#define __RIJNDAEL_H
/* This is an independent implementation of the encryption algorithm: */
/* */
/* RIJNDAEL by Joan Daemen and Vincent Rijmen */
/* */
/* which is a candidate algorithm in the Advanced Encryption Standard */
/* programme of the US National Institute of Standards and Technology. */
#define MAXKC (256/32)
#define MAXKB (256/8)
#define MAXNR 14
/*
-----------------------------------------------------------------------
Copyright (c) 2001 Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK
typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;
TERMS
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
This software is provided 'as is' with no guarantees of correctness or
fitness for purpose.
-----------------------------------------------------------------------
*/
#ifndef _RIJNDAEL_H_
#define _RIJNDAEL_H_
#include "config.h"
/* 1. Standard types for AES cryptography source code */
typedef u_int8_t u1byte; /* an 8 bit unsigned character type */
typedef u_int16_t u2byte; /* a 16 bit unsigned integer type */
typedef u_int32_t u4byte; /* a 32 bit unsigned integer type */
typedef int8_t s1byte; /* an 8 bit signed character type */
typedef int16_t s2byte; /* a 16 bit signed integer type */
typedef int32_t s4byte; /* a 32 bit signed integer type */
typedef struct _rijndael_ctx {
u4byte k_len;
/* The structure for key information */
typedef struct {
int decrypt;
u4byte e_key[64];
u4byte d_key[64];
int Nr; /* key-length-dependent number of rounds */
u32 ek[4*(MAXNR + 1)]; /* encrypt key schedule */
u32 dk[4*(MAXNR + 1)]; /* decrypt key schedule */
} rijndael_ctx;
void rijndael_set_key(rijndael_ctx *, u_char *, int, int);
void rijndael_decrypt(rijndael_ctx *, u_char *, u_char *);
void rijndael_encrypt(rijndael_ctx *, u_char *, u_char *);
/* 2. Standard interface for AES cryptographic routines */
/* These are all based on 32 bit unsigned values and will therefore */
/* require endian conversions for big-endian architectures */
rijndael_ctx *
rijndael_set_key __P((rijndael_ctx *, const u4byte *, const u4byte, int));
void rijndael_encrypt __P((rijndael_ctx *, const u4byte *, u4byte *));
void rijndael_decrypt __P((rijndael_ctx *, const u4byte *, u4byte *));
#endif /* _RIJNDAEL_H_ */
#endif /* __RIJNDAEL_H */