aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2020-10-08 09:50:24 -0400
committerJack Lloyd <[email protected]>2020-10-08 09:50:24 -0400
commit082b337ceea7194cd099c0b2643e749eacbdfe1a (patch)
tree9d4591d5c09fab90d77db89e0c95b1f8267af510 /src
parent74de10e06f626a8c61ef3d6e0ad514c4da70a4c3 (diff)
parent89851cac5b88a7ac24ea6787b1bd84d5065c6c86 (diff)
Merge GH #2417 Do InvMixColumn using words instead of bytes
Diffstat (limited to 'src')
-rw-r--r--src/lib/block/aes/aes.cpp38
1 files changed, 19 insertions, 19 deletions
diff --git a/src/lib/block/aes/aes.cpp b/src/lib/block/aes/aes.cpp
index 221114c5a..bf7ffd120 100644
--- a/src/lib/block/aes/aes.cpp
+++ b/src/lib/block/aes/aes.cpp
@@ -627,18 +627,26 @@ void aes_decrypt_n(const uint8_t in[], uint8_t out[], size_t blocks,
}
}
-inline constexpr uint8_t xtime(uint8_t s) { return static_cast<uint8_t>(s << 1) ^ ((s >> 7) * 0x1B); }
+inline uint32_t xtime32(uint32_t s)
+ {
+ const uint32_t lo_bit = 0x01010101;
+ const uint32_t mask = 0x7F7F7F7F;
+ const uint32_t poly = 0x1B;
+
+ return ((s & mask) << 1) ^ (((s >> 7) & lo_bit) * poly);
+ }
-inline uint32_t InvMixColumn(uint8_t s1)
+inline uint32_t InvMixColumn(uint32_t s1)
{
- const uint8_t s2 = xtime(s1);
- const uint8_t s4 = xtime(s2);
- const uint8_t s8 = xtime(s4);
- const uint8_t s9 = s8 ^ s1;
- const uint8_t s11 = s9 ^ s2;
- const uint8_t s13 = s9 ^ s4;
- const uint8_t s14 = s8 ^ s4 ^ s2;
- return make_uint32(s14, s9, s13, s11);
+ const uint32_t s2 = xtime32(s1);
+ const uint32_t s4 = xtime32(s2);
+ const uint32_t s8 = xtime32(s4);
+ const uint32_t s9 = s8 ^ s1;
+ const uint32_t s11 = s9 ^ s2;
+ const uint32_t s13 = s9 ^ s4;
+ const uint32_t s14 = s8 ^ s4 ^ s2;
+
+ return s14 ^ rotr<8>(s9) ^ rotr<16>(s13) ^ rotr<24>(s11);
}
uint32_t SE_word(uint32_t x)
@@ -705,15 +713,7 @@ void aes_key_schedule(const uint8_t key[], size_t length,
for(size_t i = 4; i != 4*rounds; ++i)
{
const uint32_t K = EK[4*rounds - 4*(i/4) + (i%4)];
- const uint8_t s0 = get_byte(0, K);
- const uint8_t s1 = get_byte(1, K);
- const uint8_t s2 = get_byte(2, K);
- const uint8_t s3 = get_byte(3, K);
-
- DK[i] = InvMixColumn(s0) ^
- rotr<8>(InvMixColumn(s1)) ^
- rotr<16>(InvMixColumn(s2)) ^
- rotr<24>(InvMixColumn(s3));
+ DK[i] = InvMixColumn(K);
}
DK[4*rounds ] = EK[0];