kris/pqc
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Formatted AES code properly

Browse Source
This commit is contained in:
Peter Schwabe 2019-04-09 14:48:46 +02:00
parent 070db10cc1
commit 93c24e34c6
2 changed files with 474 additions and 506 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
common/aes.c
View File

@ -31,8 +31,7 @@
#include "ctaes.h"
static inline uint32_t br_dec32le(const unsigned char *src)
{
static inline uint32_t br_dec32le(const unsigned char *src) {
return (uint32_t)src[0]
| ((uint32_t)src[1] << 8)
| ((uint32_t)src[2] << 16)
@ -40,8 +39,7 @@ static inline uint32_t br_dec32le(const unsigned char *src)
}
static void br_range_dec32le(uint32_t *v, size_t num, const unsigned char *src)
{
static void br_range_dec32le(uint32_t *v, size_t num, const unsigned char *src) {
while (num-- > 0) {
*v ++ = br_dec32le(src);
src += 4;
@ -49,16 +47,14 @@ static void br_range_dec32le(uint32_t *v, size_t num, const unsigned char *src)
}
static inline uint32_t br_swap32(uint32_t x)
{
static inline uint32_t br_swap32(uint32_t x) {
x = ((x & (uint32_t)0x00FF00FF) << 8)
| ((x >> 8) & (uint32_t)0x00FF00FF);
return (x << 16) | (x >> 16);
}
static inline void br_enc32le(unsigned char *dst, uint32_t x)
{
static inline void br_enc32le(unsigned char *dst, uint32_t x) {
dst[0] = (unsigned char)x;
dst[1] = (unsigned char)(x >> 8);
dst[2] = (unsigned char)(x >> 16);
@ -66,8 +62,7 @@ static inline void br_enc32le(unsigned char *dst, uint32_t x)
}
void br_range_enc32le(unsigned char *dst, const uint32_t *v, size_t num)
{
void br_range_enc32le(unsigned char *dst, const uint32_t *v, size_t num) {
while (num-- > 0) {
br_enc32le(dst, *v ++);
dst += 4;
@ -75,8 +70,7 @@ void br_range_enc32le(unsigned char *dst, const uint32_t *v, size_t num)
}
static void br_aes_ct64_bitslice_Sbox(uint64_t *q)
{
static void br_aes_ct64_bitslice_Sbox(uint64_t *q) {
/*
* This S-box implementation is a straightforward translation of
* the circuit described by Boyar and Peralta in "A new
@ -250,8 +244,7 @@ static void br_aes_ct64_bitslice_Sbox(uint64_t *q)
q[0] = s7;
}
static void br_aes_ct64_ortho(uint64_t *q)
{
static void br_aes_ct64_ortho(uint64_t *q) {
#define SWAPN(cl, ch, s, x, y) do { \
uint64_t a, b; \
a = (x); \
@ -281,8 +274,7 @@ static void br_aes_ct64_ortho(uint64_t *q)
}
static void br_aes_ct64_interleave_in(uint64_t *q0, uint64_t *q1, const uint32_t *w)
{
static void br_aes_ct64_interleave_in(uint64_t *q0, uint64_t *q1, const uint32_t *w) {
uint64_t x0, x1, x2, x3;
x0 = w[0];
@ -310,8 +302,7 @@ static void br_aes_ct64_interleave_in(uint64_t *q0, uint64_t *q1, const uint32_t
}
static void br_aes_ct64_interleave_out(uint32_t *w, uint64_t q0, uint64_t q1)
{
static void br_aes_ct64_interleave_out(uint32_t *w, uint64_t q0, uint64_t q1) {
uint64_t x0, x1, x2, x3;
x0 = q0 & (uint64_t)0x00FF00FF00FF00FF;
@ -336,8 +327,7 @@ static const unsigned char Rcon[] = {
0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36
};
static uint32_t sub_word(uint32_t x)
{
static uint32_t sub_word(uint32_t x) {
uint64_t q[8];
memset(q, 0, sizeof q);
@ -348,12 +338,11 @@ static uint32_t sub_word(uint32_t x)
return (uint32_t)q[0];
}
static void br_aes_ct64_keysched(uint64_t *comp_skey, const unsigned char *key, int key_len)
{
static void br_aes_ct64_keysched(uint64_t *comp_skey, const unsigned char *key, int key_len) {
int i, j, k, nk, nkf;
uint32_t tmp;
uint32_t skey[60];
unsigned nrounds = 10+((key_len-16)>>2);
unsigned nrounds = 10 + ((key_len - 16) >> 2);
nk = (int)(key_len >> 2);
nkf = (int)((nrounds + 1) << 2);
@ -398,8 +387,7 @@ static void br_aes_ct64_keysched(uint64_t *comp_skey, const unsigned char *key,
}
}
void br_aes_ct64_skey_expand(uint64_t *skey, const uint64_t *comp_skey, unsigned int nrounds)
{
void br_aes_ct64_skey_expand(uint64_t *skey, const uint64_t *comp_skey, unsigned int nrounds) {
unsigned u, v, n;
n = (nrounds + 1) << 1;
@ -422,8 +410,7 @@ void br_aes_ct64_skey_expand(uint64_t *skey, const uint64_t *comp_skey, unsigned
}
static inline void add_round_key(uint64_t *q, const uint64_t *sk)
{
static inline void add_round_key(uint64_t *q, const uint64_t *sk) {
q[0] ^= sk[0];
q[1] ^= sk[1];
q[2] ^= sk[2];
@ -434,8 +421,7 @@ static inline void add_round_key(uint64_t *q, const uint64_t *sk)
q[7] ^= sk[7];
}
static inline void shift_rows(uint64_t *q)
{
static inline void shift_rows(uint64_t *q) {
int i;
for (i = 0; i < 8; i ++) {
@ -452,13 +438,11 @@ static inline void shift_rows(uint64_t *q)
}
}
static inline uint64_t rotr32(uint64_t x)
{
static inline uint64_t rotr32(uint64_t x) {
return (x << 32) | (x >> 32);
}
static inline void mix_columns(uint64_t *q)
{
static inline void mix_columns(uint64_t *q) {
uint64_t q0, q1, q2, q3, q4, q5, q6, q7;
uint64_t r0, r1, r2, r3, r4, r5, r6, r7;
@ -490,15 +474,13 @@ static inline void mix_columns(uint64_t *q)
}
static void inc4_be(uint32_t *x)
{
uint32_t t = br_swap32(*x)+4;
static void inc4_be(uint32_t *x) {
uint32_t t = br_swap32(*x) + 4;
*x = br_swap32(t);
}
static void aes_ecb4x(unsigned char out[64], const uint32_t ivw[16], const uint64_t *sk_exp, unsigned int nrounds)
{
static void aes_ecb4x(unsigned char out[64], const uint32_t ivw[16], const uint64_t *sk_exp, unsigned int nrounds) {
uint32_t w[16];
uint64_t q[8];
unsigned int i;
@ -519,7 +501,7 @@ static void aes_ecb4x(unsigned char out[64], const uint32_t ivw[16], const uint6
}
br_aes_ct64_bitslice_Sbox(q);
shift_rows(q);
add_round_key(q, sk_exp + 8*nrounds);
add_round_key(q, sk_exp + 8 * nrounds);
br_aes_ct64_ortho(q);
for (i = 0; i < 4; i ++) {
@ -529,25 +511,22 @@ static void aes_ecb4x(unsigned char out[64], const uint32_t ivw[16], const uint6
}
static void aes_ctr4x(unsigned char out[64], uint32_t ivw[16], const uint64_t *sk_exp, unsigned int nrounds)
{
static void aes_ctr4x(unsigned char out[64], uint32_t ivw[16], const uint64_t *sk_exp, unsigned int nrounds) {
aes_ecb4x(out, ivw, sk_exp, nrounds);
/* Increase counter for next 4 blocks */
inc4_be(ivw+3);
inc4_be(ivw+7);
inc4_be(ivw+11);
inc4_be(ivw+15);
inc4_be(ivw + 3);
inc4_be(ivw + 7);
inc4_be(ivw + 11);
inc4_be(ivw + 15);
}
static void aes_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const uint64_t *rkeys, unsigned int nrounds)
{
static void aes_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const uint64_t *rkeys, unsigned int nrounds) {
uint32_t blocks[16];
unsigned char t[64];
while(nblocks >= 4)
{
while (nblocks >= 4) {
br_range_dec32le(blocks, 16, in);
aes_ecb4x(out, blocks, rkeys, nrounds);
nblocks -= 4;
@ -555,17 +534,15 @@ static void aes_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const
out += 64;
}
if(nblocks)
{
br_range_dec32le(blocks, nblocks*4, in);
if (nblocks) {
br_range_dec32le(blocks, nblocks * 4, in);
aes_ecb4x(t, blocks, rkeys, nrounds);
memcpy(out, t, nblocks*16);
memcpy(out, t, nblocks * 16);
}
}
static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const uint64_t *rkeys, unsigned int nrounds)
{
static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const uint64_t *rkeys, unsigned int nrounds) {
uint32_t ivw[16];
size_t i;
uint32_t cc = 0;
@ -584,21 +561,20 @@ static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv,
out += 64;
outlen -= 64;
}
if(outlen > 0)
{
if (outlen > 0) {
unsigned char tmp[64];
aes_ctr4x(tmp, ivw, rkeys, nrounds);
for(i=0;i<outlen;i++)
for (i = 0; i < outlen; i++) {
out[i] = tmp[i];
}
}
}
void aes128_keyexp(aes128ctx *r, const unsigned char *key)
{
void aes128_keyexp(aes128ctx *r, const unsigned char *key) {
uint64_t skey[22];
br_aes_ct64_keysched(skey, key, 16);
@ -606,8 +582,7 @@ void aes128_keyexp(aes128ctx *r, const unsigned char *key)
}
void aes192_keyexp(aes192ctx *r, const unsigned char *key)
{
void aes192_keyexp(aes192ctx *r, const unsigned char *key) {
uint64_t skey[26];
br_aes_ct64_keysched(skey, key, 24);
@ -615,8 +590,7 @@ void aes192_keyexp(aes192ctx *r, const unsigned char *key)
}
void aes256_keyexp(aes256ctx *r, const unsigned char *key)
{
void aes256_keyexp(aes256ctx *r, const unsigned char *key) {
uint64_t skey[30];
br_aes_ct64_keysched(skey, key, 32);
@ -624,33 +598,27 @@ void aes256_keyexp(aes256ctx *r, const unsigned char *key)
}
void aes128_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes128ctx *ctx)
{
void aes128_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes128ctx *ctx) {
aes_ecb(out, in, nblocks, ctx->sk_exp, 10);
}
void aes128_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes128ctx *ctx)
{
void aes128_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes128ctx *ctx) {
aes_ctr(out, outlen, iv, ctx->sk_exp, 10);
}
void aes192_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes192ctx *ctx)
{
void aes192_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes192ctx *ctx) {
aes_ecb(out, in, nblocks, ctx->sk_exp, 12);
}
void aes192_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes192ctx *ctx)
{
void aes192_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes192ctx *ctx) {
aes_ctr(out, outlen, iv, ctx->sk_exp, 12);
}
void aes256_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes256ctx *ctx)
{
void aes256_ecb(unsigned char *out, unsigned char *in, size_t nblocks, const aes256ctx *ctx) {
aes_ecb(out, in, nblocks, ctx->sk_exp, 14);
}
void aes256_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes256ctx *ctx)
{
void aes256_ctr(unsigned char *out, size_t outlen, const unsigned char *iv, const aes256ctx *ctx) {
aes_ctr(out, outlen, iv, ctx->sk_exp, 14);
}