aboutsummaryrefslogtreecommitdiffstats
path: root/src/block/aes/aes.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-10-14 18:04:35 +0000
committerlloyd <[email protected]>2010-10-14 18:04:35 +0000
commit0cb6bcfedef6ffa797801acd7cb945feb2d05d50 (patch)
treea89de84b769036989fd59364dfb2d4fa000c697f /src/block/aes/aes.cpp
parenta142500346e9bef5c4b0905103eac9a494d6822e (diff)
In all cases where the block size of the cipher is fixed, the key
parameters are as well. So make them template paramters. The sole exception was AES, because you could either initialize AES with a fixed key length, in which case it would only be that specific key length, or not, in which case it would support any valid AES key size. This is removed in this checkin; you have to specifically ask for AES-128, AES-192, or AES-256, depending on which one you want. This is probably actually a good thing, because every implementation other than the base one (SSSE3, AES-NI, OpenSSL) did not support "AES", only the versions with specific fixed key sizes. So forcing the user to ask for the one they want ensures they get the ones that are faster and/or safer.
Diffstat (limited to 'src/block/aes/aes.cpp')
-rw-r--r--src/block/aes/aes.cpp111
1 files changed, 80 insertions, 31 deletions
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index b317fa735..7f6c5ea9c 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -410,13 +410,16 @@ const u32bit TD[1024] = {
0x3C498B28, 0x0D9541FF, 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064,
0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 };
-}
-
/*
* AES Encryption
*/
-void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const
+void aes_encrypt_n(const byte in[], byte out[],
+ size_t blocks,
+ const MemoryRegion<u32bit>& EK,
+ const MemoryRegion<byte>& ME)
{
+ const size_t BLOCK_SIZE = 16;
+
const u32bit* TE0 = TE;
const u32bit* TE1 = TE + 256;
const u32bit* TE2 = TE + 512;
@@ -522,8 +525,12 @@ void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const
/*
* AES Decryption
*/
-void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const
+void aes_decrypt_n(const byte in[], byte out[], size_t blocks,
+ const MemoryRegion<u32bit>& DK,
+ const MemoryRegion<byte>& MD)
{
+ const size_t BLOCK_SIZE = 16;
+
const u32bit* TD0 = TD;
const u32bit* TD1 = TD + 256;
const u32bit* TD2 = TD + 512;
@@ -600,9 +607,19 @@ void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const
}
/*
-* AES Key Schedule
+* AES Byte Substitution
*/
-void AES::key_schedule(const byte key[], size_t length)
+u32bit aes_S(u32bit input)
+ {
+ return make_u32bit(SE[get_byte(0, input)], SE[get_byte(1, input)],
+ SE[get_byte(2, input)], SE[get_byte(3, input)]);
+ }
+
+void aes_key_schedule(const byte key[], size_t length,
+ MemoryRegion<u32bit>& EK,
+ MemoryRegion<u32bit>& DK,
+ MemoryRegion<byte>& ME,
+ MemoryRegion<byte>& MD)
{
static const u32bit RC[10] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
@@ -618,11 +635,11 @@ void AES::key_schedule(const byte key[], size_t length)
for(size_t i = X; i < 4*(rounds+1); i += X)
{
- XEK[i] = XEK[i-X] ^ S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X];
+ XEK[i] = XEK[i-X] ^ aes_S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X];
for(size_t j = 1; j != X; ++j)
{
if(X == 8 && j == 4)
- XEK[i+j] = XEK[i+j-X] ^ S(XEK[i+j-1]);
+ XEK[i+j] = XEK[i+j-X] ^ aes_S(XEK[i+j-1]);
else
XEK[i+j] = XEK[i+j-X] ^ XEK[i+j-1];
}
@@ -652,38 +669,70 @@ void AES::key_schedule(const byte key[], size_t length)
DK.set(&XDK[0], length + 24);
}
-/*
-* AES Byte Substitution
-*/
-u32bit AES::S(u32bit input)
+}
+
+void AES_128::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- return make_u32bit(SE[get_byte(0, input)], SE[get_byte(1, input)],
- SE[get_byte(2, input)], SE[get_byte(3, input)]);
+ aes_encrypt_n(in, out, blocks, EK, ME);
}
-/*
-* AES Constructor
-*/
-AES::AES() : BlockCipher_Fixed_Block_Size(16, 32, 8),
- EK(0), ME(16), DK(0), MD(16)
+void AES_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ aes_decrypt_n(in, out, blocks, DK, MD);
}
-/*
-* AES Constructor
-*/
-AES::AES(size_t key_size) : BlockCipher_Fixed_Block_Size(key_size),
- EK(key_size+24), ME(16),
- DK(key_size+24), MD(16)
+void AES_128::key_schedule(const byte key[], size_t length)
{
- if(key_size != 16 && key_size != 24 && key_size != 32)
- throw Invalid_Key_Length(name(), key_size);
+ aes_key_schedule(key, length, EK, DK, ME, MD);
}
-/*
-* Clear memory of sensitive data
-*/
-void AES::clear()
+void AES_128::clear()
+ {
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
+ }
+
+void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_encrypt_n(in, out, blocks, EK, ME);
+ }
+
+void AES_192::decrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_decrypt_n(in, out, blocks, DK, MD);
+ }
+
+void AES_192::key_schedule(const byte key[], size_t length)
+ {
+ aes_key_schedule(key, length, EK, DK, ME, MD);
+ }
+
+void AES_192::clear()
+ {
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
+ }
+
+void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_encrypt_n(in, out, blocks, EK, ME);
+ }
+
+void AES_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_decrypt_n(in, out, blocks, DK, MD);
+ }
+
+void AES_256::key_schedule(const byte key[], size_t length)
+ {
+ aes_key_schedule(key, length, EK, DK, ME, MD);
+ }
+
+void AES_256::clear()
{
zeroise(EK);
zeroise(DK);