Main Page | Alphabetical List | Data Structures | Directories | File List | Data Fields | Globals

aesopt.h

Go to the documentation of this file.
00001 /*
00002  ---------------------------------------------------------------------------
00003  Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
00004  All rights reserved.
00005 
00006  LICENSE TERMS
00007 
00008  The free distribution and use of this software in both source and binary
00009  form is allowed (with or without changes) provided that:
00010 
00011    1. distributions of this source code include the above copyright
00012       notice, this list of conditions and the following disclaimer;
00013 
00014    2. distributions in binary form include the above copyright
00015       notice, this list of conditions and the following disclaimer
00016       in the documentation and/or other associated materials;
00017 
00018    3. the copyright holder's name is not used to endorse products
00019       built using this software without specific written permission.
00020 
00021  ALTERNATIVELY, provided that this notice is retained in full, this product
00022  may be distributed under the terms of the GNU General Public License (GPL),
00023  in which case the provisions of the GPL apply INSTEAD OF those given above.
00024 
00025  DISCLAIMER
00026 
00027  This software is provided 'as is' with no explicit or implied warranties
00028  in respect of its properties, including, but not limited to, correctness
00029  and/or fitness for purpose.
00030  ---------------------------------------------------------------------------
00031  Issue Date: 26/08/2003
00032 
00033  My thanks go to Dag Arne Osvik for devising the schemes used here for key
00034  length derivation from the form of the key schedule
00035 
00036  This file contains the compilation options for AES (Rijndael) and code
00037  that is common across encryption, key scheduling and table generation.
00038 
00039     OPERATION
00040 
00041     These source code files implement the AES algorithm Rijndael designed by
00042     Joan Daemen and Vincent Rijmen. This version is designed for the standard
00043     block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
00044     and 32 bytes).
00045 
00046     This version is designed for flexibility and speed using operations on
00047     32-bit words rather than operations on bytes.  It can be compiled with
00048     either big or little endian internal byte order but is faster when the
00049     native byte order for the processor is used.
00050 
00051     THE CIPHER INTERFACE
00052 
00053     The cipher interface is implemented as an array of bytes in which lower
00054     AES bit sequence indexes map to higher numeric significance within bytes.
00055 
00056     aes_08t                 (an unsigned  8-bit type)
00057     aes_32t                 (an unsigned 32-bit type)
00058     struct aes_encrypt_ctx  (structure for the cipher encryption context)
00059     struct aes_decrypt_ctx  (structure for the cipher decryption context)
00060     aes_rval                the function return type
00061 
00062     C subroutine calls:
00063 
00064       aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
00065       aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
00066       aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
00067       aes_rval aes_encrypt(const void *in_blk,
00068                                  void *out_blk, const aes_encrypt_ctx cx[1]);
00069 
00070       aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
00071       aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
00072       aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
00073       aes_rval aes_decrypt(const void *in_blk,
00074                                  void *out_blk, const aes_decrypt_ctx cx[1]);
00075 
00076     IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
00077     you call genTabs() before AES is used so that the tables are initialised.
00078 
00079     C++ aes class subroutines:
00080 
00081         Class AESencrypt  for encryption
00082 
00083         Construtors:
00084             AESencrypt(void)
00085             AESencrypt(const void *in_key) - 128 bit key
00086         Members:
00087             void key128(const void *in_key)
00088             void key192(const void *in_key)
00089             void key256(const void *in_key)
00090             void encrypt(const void *in_blk, void *out_blk) const
00091 
00092         Class AESdecrypt  for encryption
00093         Construtors:
00094             AESdecrypt(void)
00095             AESdecrypt(const void *in_key) - 128 bit key
00096         Members:
00097             void key128(const void *in_key)
00098             void key192(const void *in_key)
00099             void key256(const void *in_key)
00100             void decrypt(const void *in_blk, void *out_blk) const
00101 
00102     COMPILATION
00103 
00104     The files used to provide AES (Rijndael) are
00105 
00106     a. aes.h for the definitions needed for use in C.
00107     b. aescpp.h for the definitions needed for use in C++.
00108     c. aesopt.h for setting compilation options (also includes common code).
00109     d. aescrypt.c for encryption and decrytpion, or
00110     e. aeskey.c for key scheduling.
00111     f. aestab.c for table loading or generation.
00112     g. aescrypt.asm for encryption and decryption using assembler code.
00113     h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.
00114 
00115     To compile AES (Rijndael) for use in C code use aes.h and set the
00116     defines here for the facilities you need (key lengths, encryption
00117     and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
00118     for optimisations and table sizes here.
00119 
00120     To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
00121     not define AES_DLL
00122 
00123     To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
00124     aes.h and include the AES_DLL define.
00125 
00126     CONFIGURATION OPTIONS (here and in aes.h)
00127 
00128     a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
00129     b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
00130     c. If you want the code to run in a specific internal byte order, then
00131        ALGORITHM_BYTE_ORDER must be set accordingly.
00132     d. set other configuration options decribed below.
00133 */
00134 
00135 #ifndef _AESOPT_H
00136 #define _AESOPT_H
00137 
00138 #include <asterisk/aes.h>
00139 
00140 /*  CONFIGURATION - USE OF DEFINES
00141 
00142     Later in this section there are a number of defines that control the
00143     operation of the code.  In each section, the purpose of each define is
00144     explained so that the relevant form can be included or excluded by
00145     setting either 1's or 0's respectively on the branches of the related
00146     #if clauses.
00147 */
00148 
00149 /*  PLATFORM SPECIFIC INCLUDES */
00150 
00151 #if defined( __OpenBSD__ )
00152 #  include <machine/types.h>
00153 #  include <sys/endian.h>
00154 #elif defined( __FreeBSD__ ) || defined( __NetBSD__ )
00155 #  include <sys/types.h>
00156 #  include <sys/endian.h>
00157 #elif defined( BSD ) && ( BSD >= 199103 ) || defined(__APPLE__)
00158 #  include <machine/endian.h>
00159 #elif defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
00160 #  include <endian.h>
00161 #if !defined(__APPLE__)
00162 #  include <byteswap.h>
00163 #endif
00164 #elif defined( linux )
00165 #  include <endian.h>
00166 #endif
00167 
00168 /*  BYTE ORDER IN 32-BIT WORDS
00169 
00170     To obtain the highest speed on processors with 32-bit words, this code
00171     needs to determine the byte order of the target machine. The following 
00172     block of code is an attempt to capture the most obvious ways in which 
00173     various environemnts define byte order. It may well fail, in which case 
00174     the definitions will need to be set by editing at the points marked 
00175     **** EDIT HERE IF NECESSARY **** below.  My thanks to Peter Gutmann for 
00176     some of these defines (from cryptlib).
00177 */
00178 
00179 #define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
00180 #define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
00181 
00182 #if defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       ||   \
00183     defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    ||   \
00184     defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) ||   \
00185     defined( vax )       || defined( vms )     || defined( VMS )        ||   \
00186     defined( __VMS ) 
00187 
00188 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00189 
00190 #endif
00191 
00192 #if defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  ||   \
00193     defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   ||   \
00194     defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       ||   \
00195     defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) ||   \
00196     defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) ||   \
00197     defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
00198     
00199 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00200 
00201 #endif
00202 
00203 /*  if the platform is still not known, try to find its byte order  */
00204 /*  from commonly used definitions in the headers included earlier  */
00205 
00206 #if !defined(PLATFORM_BYTE_ORDER)
00207 
00208 #if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
00209 #  if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
00210 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00211 #  elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
00212 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00213 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
00214 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00215 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
00216 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00217 #  endif
00218 
00219 #elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
00220 #  if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
00221 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00222 #  elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
00223 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00224 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
00225 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00226 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
00227 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00228 #  endif
00229 
00230 #elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
00231 #  if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
00232 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00233 #  elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
00234 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00235 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
00236 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00237 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
00238 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00239 #  endif
00240 
00241 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00242 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00243 
00244 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00245 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00246 
00247 #else
00248 #error Please edit aesopt.h (line 235 or 238) to set the platform byte order
00249 #endif
00250 
00251 #endif
00252 
00253 /*  SOME LOCAL DEFINITIONS  */
00254 
00255 #define NO_TABLES              0
00256 #define ONE_TABLE              1
00257 #define FOUR_TABLES            4
00258 #define NONE                   0
00259 #define PARTIAL                1
00260 #define FULL                   2
00261 
00262 #if defined(bswap32)
00263 #define aes_sw32    bswap32
00264 #elif defined(bswap_32)
00265 #define aes_sw32    bswap_32
00266 #else 
00267 #define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
00268 #define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
00269 #endif
00270 
00271 /*  1. FUNCTIONS REQUIRED
00272 
00273     This implementation provides subroutines for encryption, decryption
00274     and for setting the three key lengths (separately) for encryption
00275     and decryption. When the assembler code is not being used the following
00276     definition blocks allow the selection of the routines that are to be
00277     included in the compilation.
00278 */
00279 #ifdef AES_ENCRYPT
00280 #define ENCRYPTION
00281 #define ENCRYPTION_KEY_SCHEDULE
00282 #endif
00283 
00284 #ifdef AES_DECRYPT
00285 #define DECRYPTION
00286 #define DECRYPTION_KEY_SCHEDULE
00287 #endif
00288 
00289 /*  2. ASSEMBLER SUPPORT
00290 
00291     This define (which can be on the command line) enables the use of the
00292     assembler code routines for encryption and decryption with the C code
00293     only providing key scheduling
00294 */
00295 #if 0
00296 #define AES_ASM
00297 #endif
00298 
00299 /*  3. BYTE ORDER WITHIN 32 BIT WORDS
00300 
00301     The fundamental data processing units in Rijndael are 8-bit bytes. The
00302     input, output and key input are all enumerated arrays of bytes in which
00303     bytes are numbered starting at zero and increasing to one less than the
00304     number of bytes in the array in question. This enumeration is only used
00305     for naming bytes and does not imply any adjacency or order relationship
00306     from one byte to another. When these inputs and outputs are considered
00307     as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
00308     byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
00309     In this implementation bits are numbered from 0 to 7 starting at the
00310     numerically least significant end of each byte (bit n represents 2^n).
00311 
00312     However, Rijndael can be implemented more efficiently using 32-bit
00313     words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
00314     into word[n]. While in principle these bytes can be assembled into words
00315     in any positions, this implementation only supports the two formats in
00316     which bytes in adjacent positions within words also have adjacent byte
00317     numbers. This order is called big-endian if the lowest numbered bytes
00318     in words have the highest numeric significance and little-endian if the
00319     opposite applies.
00320 
00321     This code can work in either order irrespective of the order used by the
00322     machine on which it runs. Normally the internal byte order will be set
00323     to the order of the processor on which the code is to be run but this
00324     define can be used to reverse this in special situations
00325 
00326     NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
00327 */
00328 #if 1 || defined(AES_ASM)
00329 #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
00330 #elif 0
00331 #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
00332 #elif 0
00333 #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
00334 #else
00335 #error The algorithm byte order is not defined
00336 #endif
00337 
00338 /*  4. FAST INPUT/OUTPUT OPERATIONS.
00339 
00340     On some machines it is possible to improve speed by transferring the
00341     bytes in the input and output arrays to and from the internal 32-bit
00342     variables by addressing these arrays as if they are arrays of 32-bit
00343     words.  On some machines this will always be possible but there may
00344     be a large performance penalty if the byte arrays are not aligned on
00345     the normal word boundaries. On other machines this technique will
00346     lead to memory access errors when such 32-bit word accesses are not
00347     properly aligned. The option SAFE_IO avoids such problems but will
00348     often be slower on those machines that support misaligned access
00349     (especially so if care is taken to align the input  and output byte
00350     arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
00351     assumed that access to byte arrays as if they are arrays of 32-bit
00352     words will not cause problems when such accesses are misaligned.
00353 */
00354 #if 1 && !defined(_MSC_VER)
00355 #define SAFE_IO
00356 #endif
00357 
00358 /*  5. LOOP UNROLLING
00359 
00360     The code for encryption and decrytpion cycles through a number of rounds
00361     that can be implemented either in a loop or by expanding the code into a
00362     long sequence of instructions, the latter producing a larger program but
00363     one that will often be much faster. The latter is called loop unrolling.
00364     There are also potential speed advantages in expanding two iterations in
00365     a loop with half the number of iterations, which is called partial loop
00366     unrolling.  The following options allow partial or full loop unrolling
00367     to be set independently for encryption and decryption
00368 */
00369 #if 1
00370 #define ENC_UNROLL  FULL
00371 #elif 0
00372 #define ENC_UNROLL  PARTIAL
00373 #else
00374 #define ENC_UNROLL  NONE
00375 #endif
00376 
00377 #if 1
00378 #define DEC_UNROLL  FULL
00379 #elif 0
00380 #define DEC_UNROLL  PARTIAL
00381 #else
00382 #define DEC_UNROLL  NONE
00383 #endif
00384 
00385 /*  6. FAST FINITE FIELD OPERATIONS
00386 
00387     If this section is included, tables are used to provide faster finite
00388     field arithmetic (this has no effect if FIXED_TABLES is defined).
00389 */
00390 #if 1
00391 #define FF_TABLES
00392 #endif
00393 
00394 /*  7. INTERNAL STATE VARIABLE FORMAT
00395 
00396     The internal state of Rijndael is stored in a number of local 32-bit
00397     word varaibles which can be defined either as an array or as individual
00398     names variables. Include this section if you want to store these local
00399     varaibles in arrays. Otherwise individual local variables will be used.
00400 */
00401 #if 1
00402 #define ARRAYS
00403 #endif
00404 
00405 /* In this implementation the columns of the state array are each held in
00406    32-bit words. The state array can be held in various ways: in an array
00407    of words, in a number of individual word variables or in a number of
00408    processor registers. The following define maps a variable name x and
00409    a column number c to the way the state array variable is to be held.
00410    The first define below maps the state into an array x[c] whereas the
00411    second form maps the state into a number of individual variables x0,
00412    x1, etc.  Another form could map individual state colums to machine
00413    register names.
00414 */
00415 
00416 #if defined(ARRAYS)
00417 #define s(x,c) x[c]
00418 #else
00419 #define s(x,c) x##c
00420 #endif
00421 
00422 /*  8. FIXED OR DYNAMIC TABLES
00423 
00424     When this section is included the tables used by the code are compiled
00425     statically into the binary file.  Otherwise the subroutine gen_tabs()
00426     must be called to compute them before the code is first used.
00427 */
00428 #if 1
00429 #define FIXED_TABLES
00430 #endif
00431 
00432 /*  9. TABLE ALIGNMENT
00433 
00434     On some sytsems speed will be improved by aligning the AES large lookup
00435     tables on particular boundaries. This define should be set to a power of
00436     two giving the desired alignment. It can be left undefined if alignment 
00437     is not needed.  This option is specific to the Microsft VC++ compiler -
00438     it seems to sometimes cause trouble for the VC++ version 6 compiler.
00439 */
00440 
00441 #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
00442 #define TABLE_ALIGN 64
00443 #endif
00444 
00445 /*  10. INTERNAL TABLE CONFIGURATION
00446 
00447     This cipher proceeds by repeating in a number of cycles known as 'rounds'
00448     which are implemented by a round function which can optionally be speeded
00449     up using tables.  The basic tables are each 256 32-bit words, with either
00450     one or four tables being required for each round function depending on
00451     how much speed is required. The encryption and decryption round functions
00452     are different and the last encryption and decrytpion round functions are
00453     different again making four different round functions in all.
00454 
00455     This means that:
00456       1. Normal encryption and decryption rounds can each use either 0, 1
00457          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00458       2. The last encryption and decryption rounds can also use either 0, 1
00459          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00460 
00461     Include or exclude the appropriate definitions below to set the number
00462     of tables used by this implementation.
00463 */
00464 
00465 #if 1   /* set tables for the normal encryption round */
00466 #define ENC_ROUND   FOUR_TABLES
00467 #elif 0
00468 #define ENC_ROUND   ONE_TABLE
00469 #else
00470 #define ENC_ROUND   NO_TABLES
00471 #endif
00472 
00473 #if 1   /* set tables for the last encryption round */
00474 #define LAST_ENC_ROUND  FOUR_TABLES
00475 #elif 0
00476 #define LAST_ENC_ROUND  ONE_TABLE
00477 #else
00478 #define LAST_ENC_ROUND  NO_TABLES
00479 #endif
00480 
00481 #if 1   /* set tables for the normal decryption round */
00482 #define DEC_ROUND   FOUR_TABLES
00483 #elif 0
00484 #define DEC_ROUND   ONE_TABLE
00485 #else
00486 #define DEC_ROUND   NO_TABLES
00487 #endif
00488 
00489 #if 1   /* set tables for the last decryption round */
00490 #define LAST_DEC_ROUND  FOUR_TABLES
00491 #elif 0
00492 #define LAST_DEC_ROUND  ONE_TABLE
00493 #else
00494 #define LAST_DEC_ROUND  NO_TABLES
00495 #endif
00496 
00497 /*  The decryption key schedule can be speeded up with tables in the same
00498     way that the round functions can.  Include or exclude the following
00499     defines to set this requirement.
00500 */
00501 #if 1
00502 #define KEY_SCHED   FOUR_TABLES
00503 #elif 0
00504 #define KEY_SCHED   ONE_TABLE
00505 #else
00506 #define KEY_SCHED   NO_TABLES
00507 #endif
00508 
00509 /* END OF CONFIGURATION OPTIONS */
00510 
00511 #define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))
00512 
00513 /* Disable or report errors on some combinations of options */
00514 
00515 #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
00516 #undef  LAST_ENC_ROUND
00517 #define LAST_ENC_ROUND  NO_TABLES
00518 #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
00519 #undef  LAST_ENC_ROUND
00520 #define LAST_ENC_ROUND  ONE_TABLE
00521 #endif
00522 
00523 #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
00524 #undef  ENC_UNROLL
00525 #define ENC_UNROLL  NONE
00526 #endif
00527 
00528 #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
00529 #undef  LAST_DEC_ROUND
00530 #define LAST_DEC_ROUND  NO_TABLES
00531 #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
00532 #undef  LAST_DEC_ROUND
00533 #define LAST_DEC_ROUND  ONE_TABLE
00534 #endif
00535 
00536 #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
00537 #undef  DEC_UNROLL
00538 #define DEC_UNROLL  NONE
00539 #endif
00540 
00541 /*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
00542                higher index positions with wrap around into low positions
00543     ups(x,n):  moves bytes by n positions to higher index positions in
00544                words but without wrap around
00545     bval(x,n): extracts a byte from a word
00546 
00547     NOTE:      The definitions given here are intended only for use with
00548                unsigned variables and with shift counts that are compile
00549                time constants
00550 */
00551 
00552 #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
00553 #define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
00554 #define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
00555 #define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
00556 #define bytes2word(b0, b1, b2, b3)  \
00557         (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
00558 #endif
00559 
00560 #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
00561 #define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
00562 #define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
00563 #define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
00564 #define bytes2word(b0, b1, b2, b3)  \
00565         (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
00566 #endif
00567 
00568 #if defined(SAFE_IO)
00569 
00570 #define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
00571                                    ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
00572 #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
00573                           ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }
00574 
00575 #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)
00576 
00577 #define word_in(x,c)    (*((aes_32t*)(x)+(c)))
00578 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))
00579 
00580 #else
00581 
00582 #define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
00583 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))
00584 
00585 #endif
00586 
00587 /* the finite field modular polynomial and elements */
00588 
00589 #define WPOLY   0x011b
00590 #define BPOLY     0x1b
00591 
00592 /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
00593 
00594 #define m1  0x80808080
00595 #define m2  0x7f7f7f7f
00596 #define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
00597 
00598 /* The following defines provide alternative definitions of gf_mulx that might
00599    give improved performance if a fast 32-bit multiply is not available. Note
00600    that a temporary variable u needs to be defined where gf_mulx is used.
00601 
00602 #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
00603 #define m4  (0x01010101 * BPOLY)
00604 #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
00605 */
00606 
00607 /* Work out which tables are needed for the different options   */
00608 
00609 #ifdef  AES_ASM
00610 #ifdef  ENC_ROUND
00611 #undef  ENC_ROUND
00612 #endif
00613 #define ENC_ROUND   FOUR_TABLES
00614 #ifdef  LAST_ENC_ROUND
00615 #undef  LAST_ENC_ROUND
00616 #endif
00617 #define LAST_ENC_ROUND  FOUR_TABLES
00618 #ifdef  DEC_ROUND
00619 #undef  DEC_ROUND
00620 #endif
00621 #define DEC_ROUND   FOUR_TABLES
00622 #ifdef  LAST_DEC_ROUND
00623 #undef  LAST_DEC_ROUND
00624 #endif
00625 #define LAST_DEC_ROUND  FOUR_TABLES
00626 #ifdef  KEY_SCHED
00627 #undef  KEY_SCHED
00628 #define KEY_SCHED   FOUR_TABLES
00629 #endif
00630 #endif
00631 
00632 #if defined(ENCRYPTION) || defined(AES_ASM)
00633 #if ENC_ROUND == ONE_TABLE
00634 #define FT1_SET
00635 #elif ENC_ROUND == FOUR_TABLES
00636 #define FT4_SET
00637 #else
00638 #define SBX_SET
00639 #endif
00640 #if LAST_ENC_ROUND == ONE_TABLE
00641 #define FL1_SET
00642 #elif LAST_ENC_ROUND == FOUR_TABLES
00643 #define FL4_SET
00644 #elif !defined(SBX_SET)
00645 #define SBX_SET
00646 #endif
00647 #endif
00648 
00649 #if defined(DECRYPTION) || defined(AES_ASM)
00650 #if DEC_ROUND == ONE_TABLE
00651 #define IT1_SET
00652 #elif DEC_ROUND == FOUR_TABLES
00653 #define IT4_SET
00654 #else
00655 #define ISB_SET
00656 #endif
00657 #if LAST_DEC_ROUND == ONE_TABLE
00658 #define IL1_SET
00659 #elif LAST_DEC_ROUND == FOUR_TABLES
00660 #define IL4_SET
00661 #elif !defined(ISB_SET)
00662 #define ISB_SET
00663 #endif
00664 #endif
00665 
00666 #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
00667 #if KEY_SCHED == ONE_TABLE
00668 #define LS1_SET
00669 #define IM1_SET
00670 #elif KEY_SCHED == FOUR_TABLES
00671 #define LS4_SET
00672 #define IM4_SET
00673 #elif !defined(SBX_SET)
00674 #define SBX_SET
00675 #endif
00676 #endif
00677 
00678 /* generic definitions of Rijndael macros that use tables    */
00679 
00680 #define no_table(x,box,vf,rf,c) bytes2word( \
00681     box[bval(vf(x,0,c),rf(0,c))], \
00682     box[bval(vf(x,1,c),rf(1,c))], \
00683     box[bval(vf(x,2,c),rf(2,c))], \
00684     box[bval(vf(x,3,c),rf(3,c))])
00685 
00686 #define one_table(x,op,tab,vf,rf,c) \
00687  (     tab[bval(vf(x,0,c),rf(0,c))] \
00688   ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
00689   ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
00690   ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
00691 
00692 #define four_tables(x,tab,vf,rf,c) \
00693  (  tab[0][bval(vf(x,0,c),rf(0,c))] \
00694   ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
00695   ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
00696   ^ tab[3][bval(vf(x,3,c),rf(3,c))])
00697 
00698 #define vf1(x,r,c)  (x)
00699 #define rf1(r,c)    (r)
00700 #define rf2(r,c)    ((8+r-c)&3)
00701 
00702 /* perform forward and inverse column mix operation on four bytes in long word x in */
00703 /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */
00704 
00705 #if defined(FM4_SET)    /* not currently used */
00706 #define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
00707 #elif defined(FM1_SET)  /* not currently used */
00708 #define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
00709 #else
00710 #define dec_fmvars      aes_32t g2
00711 #define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
00712 #endif
00713 
00714 #if defined(IM4_SET)
00715 #define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
00716 #elif defined(IM1_SET)
00717 #define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
00718 #else
00719 #define dec_imvars      aes_32t g2, g4, g9
00720 #define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
00721                         (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
00722 #endif
00723 
00724 #if defined(FL4_SET)
00725 #define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
00726 #elif   defined(LS4_SET)
00727 #define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
00728 #elif defined(FL1_SET)
00729 #define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
00730 #elif defined(LS1_SET)
00731 #define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
00732 #else
00733 #define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
00734 #endif
00735 
00736 #if defined(__cplusplus)
00737 extern "C"
00738 {
00739 #endif
00740 
00741 /*  If there are no global variables, the definitions here can be
00742     used to put the AES tables in a structure so that a pointer 
00743     can then be added to the AES context to pass them to the AES
00744     routines that need them.  If this facility is used, the calling 
00745     program has to ensure that this pointer is managed appropriately. 
00746     In particular, the value of the t_dec(in,it) item in the table 
00747     structure must be set to zero in order to ensure that the tables 
00748     are initialised. In practice the three code sequences in aeskey.c 
00749     that control the calls to gen_tabs() and the gen_tabs() routine 
00750     itself will have to be changed for a specific implementation. If 
00751     global variables are available it will generally be preferable to 
00752     use them with the precomputed FIXED_TABLES option that uses static 
00753     global tables.
00754 
00755     The following defines can be used to control the way the tables
00756     are defined, initialised and used in embedded environments that
00757     require special features for these purposes
00758 
00759     the 't_dec' construction is used to declare fixed table arrays
00760     the 't_set' construction is used to set fixed table values
00761     the 't_use' construction is used to access fixed table values
00762 
00763     256 byte tables:
00764 
00765         t_xxx(s,box)    => forward S box
00766         t_xxx(i,box)    => inverse S box
00767 
00768     256 32-bit word OR 4 x 256 32-bit word tables:
00769 
00770         t_xxx(f,n)      => forward normal round
00771         t_xxx(f,l)      => forward last round
00772         t_xxx(i,n)      => inverse normal round
00773         t_xxx(i,l)      => inverse last round
00774         t_xxx(l,s)      => key schedule table
00775         t_xxx(i,m)      => key schedule table
00776 
00777     Other variables and tables:
00778 
00779         t_xxx(r,c)      => the rcon table
00780 */
00781 
00782 #define t_dec(m,n) t_##m##n
00783 #define t_set(m,n) t_##m##n
00784 #define t_use(m,n) t_##m##n
00785 
00786 #if defined(DO_TABLES)  /* declare and instantiate tables   */
00787 
00788 /*  finite field arithmetic operations for table generation */
00789 
00790 #if defined(FIXED_TABLES) || !defined(FF_TABLES)
00791 
00792 #define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
00793 #define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
00794 #define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
00795                         ^ (((x>>5) & 4) * WPOLY))
00796 #define f3(x)   (f2(x) ^ x)
00797 #define f9(x)   (f8(x) ^ x)
00798 #define fb(x)   (f8(x) ^ f2(x) ^ x)
00799 #define fd(x)   (f8(x) ^ f4(x) ^ x)
00800 #define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
00801 
00802 #else
00803 
00804 #define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
00805 #define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
00806 #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
00807 #define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
00808 #define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
00809 #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
00810 #define fi(x) ((x) ? pow[ 255 - log[x]] : 0)
00811 
00812 #endif
00813 
00814 #if defined(FIXED_TABLES)   /* declare and set values for static tables */
00815 
00816 #define sb_data(w) \
00817     w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
00818     w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
00819     w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
00820     w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
00821     w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
00822     w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
00823     w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
00824     w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
00825     w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
00826     w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
00827     w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
00828     w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
00829     w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
00830     w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
00831     w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
00832     w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
00833     w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
00834     w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
00835     w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
00836     w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
00837     w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
00838     w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
00839     w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
00840     w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
00841     w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
00842     w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
00843     w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
00844     w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
00845     w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
00846     w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
00847     w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
00848     w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16)
00849 
00850 #define isb_data(w) \
00851     w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
00852     w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
00853     w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
00854     w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
00855     w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
00856     w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
00857     w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
00858     w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
00859     w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
00860     w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
00861     w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
00862     w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
00863     w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
00864     w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
00865     w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
00866     w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
00867     w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
00868     w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
00869     w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
00870     w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
00871     w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
00872     w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
00873     w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
00874     w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
00875     w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
00876     w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
00877     w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
00878     w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
00879     w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
00880     w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
00881     w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
00882     w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d),
00883 
00884 #define mm_data(w) \
00885     w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
00886     w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
00887     w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
00888     w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
00889     w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
00890     w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
00891     w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
00892     w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
00893     w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
00894     w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
00895     w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
00896     w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
00897     w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
00898     w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
00899     w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
00900     w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
00901     w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
00902     w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
00903     w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
00904     w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
00905     w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
00906     w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
00907     w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
00908     w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
00909     w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
00910     w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
00911     w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
00912     w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
00913     w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
00914     w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
00915     w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
00916     w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff)
00917 
00918 #define h0(x)   (x)
00919 
00920 /*  These defines are used to ensure tables are generated in the
00921     right format depending on the internal byte order required
00922 */
00923 
00924 #define w0(p)   bytes2word(p, 0, 0, 0)
00925 #define w1(p)   bytes2word(0, p, 0, 0)
00926 #define w2(p)   bytes2word(0, 0, p, 0)
00927 #define w3(p)   bytes2word(0, 0, 0, p)
00928 
00929 #define u0(p)   bytes2word(f2(p), p, p, f3(p))
00930 #define u1(p)   bytes2word(f3(p), f2(p), p, p)
00931 #define u2(p)   bytes2word(p, f3(p), f2(p), p)
00932 #define u3(p)   bytes2word(p, p, f3(p), f2(p))
00933 
00934 #define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
00935 #define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
00936 #define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
00937 #define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))
00938 
00939 const aes_32t t_dec(r,c)[RC_LENGTH] =
00940 {
00941     w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10),
00942     w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36)
00943 };
00944 
00945 #define d_1(t,n,b,v) const t n[256]    =   { b(v##0) }
00946 #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } }
00947 
00948 #else   /* declare and instantiate tables for dynamic value generation in in tab.c  */
00949 
00950 aes_32t t_dec(r,c)[RC_LENGTH];
00951 
00952 #define d_1(t,n,b,v) t  n[256]
00953 #define d_4(t,n,b,v) t  n[4][256]
00954 
00955 #endif
00956 
00957 #else   /* declare tables without instantiation */
00958 
00959 #if defined(FIXED_TABLES)
00960 
00961 extern const aes_32t t_dec(r,c)[RC_LENGTH];
00962 
00963 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00964 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[256]
00965 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[4][256]
00966 #else
00967 #define d_1(t,n,b,v) extern const t  n[256]
00968 #define d_4(t,n,b,v) extern const t  n[4][256]
00969 #endif
00970 #else
00971 
00972 extern aes_32t t_dec(r,c)[RC_LENGTH];
00973 
00974 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00975 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[256]
00976 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[4][256]
00977 #else
00978 #define d_1(t,n,b,v) extern t  n[256]
00979 #define d_4(t,n,b,v) extern t  n[4][256]
00980 #endif
00981 #endif
00982 
00983 #endif
00984 
00985 #ifdef  SBX_SET
00986     d_1(aes_08t, t_dec(s,box), sb_data, h);
00987 #endif
00988 #ifdef  ISB_SET
00989     d_1(aes_08t, t_dec(i,box), isb_data, h);
00990 #endif
00991 
00992 #ifdef  FT1_SET
00993     d_1(aes_32t, t_dec(f,n), sb_data, u);
00994 #endif
00995 #ifdef  FT4_SET
00996     d_4(aes_32t, t_dec(f,n), sb_data, u);
00997 #endif
00998 
00999 #ifdef  FL1_SET
01000     d_1(aes_32t, t_dec(f,l), sb_data, w);
01001 #endif
01002 #ifdef  FL4_SET
01003     d_4(aes_32t, t_dec(f,l), sb_data, w);
01004 #endif
01005 
01006 #ifdef  IT1_SET
01007     d_1(aes_32t, t_dec(i,n), isb_data, v);
01008 #endif
01009 #ifdef  IT4_SET
01010     d_4(aes_32t, t_dec(i,n), isb_data, v);
01011 #endif
01012 
01013 #ifdef  IL1_SET
01014     d_1(aes_32t, t_dec(i,l), isb_data, w);
01015 #endif
01016 #ifdef  IL4_SET
01017     d_4(aes_32t, t_dec(i,l), isb_data, w);
01018 #endif
01019 
01020 #ifdef  LS1_SET
01021 #ifdef  FL1_SET
01022 #undef  LS1_SET
01023 #else
01024     d_1(aes_32t, t_dec(l,s), sb_data, w);
01025 #endif
01026 #endif
01027 
01028 #ifdef  LS4_SET
01029 #ifdef  FL4_SET
01030 #undef  LS4_SET
01031 #else
01032     d_4(aes_32t, t_dec(l,s), sb_data, w);
01033 #endif
01034 #endif
01035 
01036 #ifdef  IM1_SET
01037     d_1(aes_32t, t_dec(i,m), mm_data, v);
01038 #endif
01039 #ifdef  IM4_SET
01040     d_4(aes_32t, t_dec(i,m), mm_data, v);
01041 #endif
01042 
01043 #if defined(__cplusplus)
01044 }
01045 #endif
01046 
01047 #endif

Generated on Sat Nov 25 19:09:28 2006 for Asterisk by  doxygen 1.4.2