diff options
author | lloyd <[email protected]> | 2010-10-14 18:04:35 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-10-14 18:04:35 +0000 |
commit | 0cb6bcfedef6ffa797801acd7cb945feb2d05d50 (patch) | |
tree | a89de84b769036989fd59364dfb2d4fa000c697f /src/block/aes/aes.cpp | |
parent | a142500346e9bef5c4b0905103eac9a494d6822e (diff) |
In all cases where the block size of the cipher is fixed, the key
parameters are as well. So make them template paramters.
The sole exception was AES, because you could either initialize AES
with a fixed key length, in which case it would only be that specific
key length, or not, in which case it would support any valid AES key
size. This is removed in this checkin; you have to specifically ask for
AES-128, AES-192, or AES-256, depending on which one you want.
This is probably actually a good thing, because every implementation
other than the base one (SSSE3, AES-NI, OpenSSL) did not support
"AES", only the versions with specific fixed key sizes. So forcing
the user to ask for the one they want ensures they get the ones
that are faster and/or safer.
Diffstat (limited to 'src/block/aes/aes.cpp')
-rw-r--r-- | src/block/aes/aes.cpp | 111 |
1 files changed, 80 insertions, 31 deletions
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp index b317fa735..7f6c5ea9c 100644 --- a/src/block/aes/aes.cpp +++ b/src/block/aes/aes.cpp @@ -410,13 +410,16 @@ const u32bit TD[1024] = { 0x3C498B28, 0x0D9541FF, 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 }; -} - /* * AES Encryption */ -void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const +void aes_encrypt_n(const byte in[], byte out[], + size_t blocks, + const MemoryRegion<u32bit>& EK, + const MemoryRegion<byte>& ME) { + const size_t BLOCK_SIZE = 16; + const u32bit* TE0 = TE; const u32bit* TE1 = TE + 256; const u32bit* TE2 = TE + 512; @@ -522,8 +525,12 @@ void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const /* * AES Decryption */ -void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const +void aes_decrypt_n(const byte in[], byte out[], size_t blocks, + const MemoryRegion<u32bit>& DK, + const MemoryRegion<byte>& MD) { + const size_t BLOCK_SIZE = 16; + const u32bit* TD0 = TD; const u32bit* TD1 = TD + 256; const u32bit* TD2 = TD + 512; @@ -600,9 +607,19 @@ void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const } /* -* AES Key Schedule +* AES Byte Substitution */ -void AES::key_schedule(const byte key[], size_t length) +u32bit aes_S(u32bit input) + { + return make_u32bit(SE[get_byte(0, input)], SE[get_byte(1, input)], + SE[get_byte(2, input)], SE[get_byte(3, input)]); + } + +void aes_key_schedule(const byte key[], size_t length, + MemoryRegion<u32bit>& EK, + MemoryRegion<u32bit>& DK, + MemoryRegion<byte>& ME, + MemoryRegion<byte>& MD) { static const u32bit RC[10] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, @@ -618,11 +635,11 @@ void AES::key_schedule(const byte key[], size_t length) for(size_t i = X; i < 4*(rounds+1); i += X) { - XEK[i] = XEK[i-X] ^ S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X]; + XEK[i] = XEK[i-X] ^ aes_S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X]; for(size_t j = 1; j != X; ++j) { if(X == 8 && j == 4) - XEK[i+j] = XEK[i+j-X] ^ S(XEK[i+j-1]); + XEK[i+j] = XEK[i+j-X] ^ aes_S(XEK[i+j-1]); else XEK[i+j] = XEK[i+j-X] ^ XEK[i+j-1]; } @@ -652,38 +669,70 @@ void AES::key_schedule(const byte key[], size_t length) DK.set(&XDK[0], length + 24); } -/* -* AES Byte Substitution -*/ -u32bit AES::S(u32bit input) +} + +void AES_128::encrypt_n(const byte in[], byte out[], size_t blocks) const { - return make_u32bit(SE[get_byte(0, input)], SE[get_byte(1, input)], - SE[get_byte(2, input)], SE[get_byte(3, input)]); + aes_encrypt_n(in, out, blocks, EK, ME); } -/* -* AES Constructor -*/ -AES::AES() : BlockCipher_Fixed_Block_Size(16, 32, 8), - EK(0), ME(16), DK(0), MD(16) +void AES_128::decrypt_n(const byte in[], byte out[], size_t blocks) const { + aes_decrypt_n(in, out, blocks, DK, MD); } -/* -* AES Constructor -*/ -AES::AES(size_t key_size) : BlockCipher_Fixed_Block_Size(key_size), - EK(key_size+24), ME(16), - DK(key_size+24), MD(16) +void AES_128::key_schedule(const byte key[], size_t length) { - if(key_size != 16 && key_size != 24 && key_size != 32) - throw Invalid_Key_Length(name(), key_size); + aes_key_schedule(key, length, EK, DK, ME, MD); } -/* -* Clear memory of sensitive data -*/ -void AES::clear() +void AES_128::clear() + { + zeroise(EK); + zeroise(DK); + zeroise(ME); + zeroise(MD); + } + +void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const + { + aes_encrypt_n(in, out, blocks, EK, ME); + } + +void AES_192::decrypt_n(const byte in[], byte out[], size_t blocks) const + { + aes_decrypt_n(in, out, blocks, DK, MD); + } + +void AES_192::key_schedule(const byte key[], size_t length) + { + aes_key_schedule(key, length, EK, DK, ME, MD); + } + +void AES_192::clear() + { + zeroise(EK); + zeroise(DK); + zeroise(ME); + zeroise(MD); + } + +void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const + { + aes_encrypt_n(in, out, blocks, EK, ME); + } + +void AES_256::decrypt_n(const byte in[], byte out[], size_t blocks) const + { + aes_decrypt_n(in, out, blocks, DK, MD); + } + +void AES_256::key_schedule(const byte key[], size_t length) + { + aes_key_schedule(key, length, EK, DK, ME, MD); + } + +void AES_256::clear() { zeroise(EK); zeroise(DK); |