diff options
Diffstat (limited to 'drivers/staging/rt3090/common/crypt_aes.c')
| -rw-r--r-- | drivers/staging/rt3090/common/crypt_aes.c | 1007 |
1 files changed, 0 insertions, 1007 deletions
diff --git a/drivers/staging/rt3090/common/crypt_aes.c b/drivers/staging/rt3090/common/crypt_aes.c deleted file mode 100644 index f400f1eab51..00000000000 --- a/drivers/staging/rt3090/common/crypt_aes.c +++ /dev/null @@ -1,1007 +0,0 @@ -/* - ************************************************************************* - * Ralink Tech Inc. - * 5F., No.36, Taiyuan St., Jhubei City, - * Hsinchu County 302, - * Taiwan, R.O.C. - * - * (c) Copyright 2002-2007, Ralink Technology, Inc. - * - * This program is free software; you can redistribute it and/or modify * - * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License, or * - * (at your option) any later version. * - * * - * This program is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * - * GNU General Public License for more details. * - * * - * You should have received a copy of the GNU General Public License * - * along with this program; if not, write to the * - * Free Software Foundation, Inc., * - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - * * - ************************************************************************* - - Module Name: - crypt_aes.c - - Abstract: - - Revision History: - Who When What - -------- ---------- ---------------------------------------------- - Eddy 2009/01/19 Create AES-128, AES-192, AES-256, AES-CBC -*/ - -#include "crypt_aes.h" - -/* The value given by [x^(i-1),{00},{00},{00}], with x^(i-1) being powers of x in the field GF(2^8). */ -static const UINT32 aes_rcon[] = { - 0x00000000, 0x01000000, 0x02000000, 0x04000000, - 0x08000000, 0x10000000, 0x20000000, 0x40000000, - 0x80000000, 0x1B000000, 0x36000000}; - -static const UINT8 aes_sbox_enc[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7 ,0xab, 0x76, /* 0 */ - 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4 ,0x72, 0xc0, /* 1 */ - 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8 ,0x31, 0x15, /* 2 */ - 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27 ,0xb2, 0x75, /* 3 */ - 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3 ,0x2f, 0x84, /* 4 */ - 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c ,0x58, 0xcf, /* 5 */ - 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c ,0x9f, 0xa8, /* 6 */ - 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff ,0xf3, 0xd2, /* 7 */ - 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d ,0x19, 0x73, /* 8 */ - 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e ,0x0b, 0xdb, /* 9 */ - 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95 ,0xe4, 0x79, /* a */ - 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a ,0xae, 0x08, /* b */ - 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd ,0x8b, 0x8a, /* c */ - 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1 ,0x1d, 0x9e, /* d */ - 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55 ,0x28, 0xdf, /* e */ - 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54 ,0xbb, 0x16, /* f */ -}; - -static const UINT8 aes_sbox_dec[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, /* 0 */ - 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, /* 1 */ - 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, /* 2 */ - 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, /* 3 */ - 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, /* 4 */ - 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, /* 5 */ - 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, /* 6 */ - 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, /* 7 */ - 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, /* 8 */ - 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, /* 9 */ - 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, /* a */ - 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, /* b */ - 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, /* c */ - 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, /* d */ - 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, /* e */ - 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d, /* f */ -}; - -/* ArrayIndex*{02} */ -static const UINT8 aes_mul_2[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e, /* 0 */ - 0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e, /* 1 */ - 0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e, /* 2 */ - 0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e, /* 3 */ - 0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e, /* 4 */ - 0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe, /* 5 */ - 0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde, /* 6 */ - 0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe, /* 7 */ - 0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05, /* 8 */ - 0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25, /* 9 */ - 0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45, /* a */ - 0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65, /* b */ - 0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85, /* c */ - 0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5, /* d */ - 0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5, /* e */ - 0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5, /* f */ -}; - -/* ArrayIndex*{03} */ -static const UINT8 aes_mul_3[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 0x14, 0x17, 0x12, 0x11, /* 0 */ - 0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21, /* 1 */ - 0x60, 0x63, 0x66, 0x65, 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71, /* 2 */ - 0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 0x44, 0x47, 0x42, 0x41, /* 3 */ - 0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1, /* 4 */ - 0xf0, 0xf3, 0xf6, 0xf5, 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1, /* 5 */ - 0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 0xb4, 0xb7, 0xb2, 0xb1, /* 6 */ - 0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81, /* 7 */ - 0x9b, 0x98, 0x9d, 0x9e, 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a, /* 8 */ - 0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 0xbf, 0xbc, 0xb9, 0xba, /* 9 */ - 0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea, /* a */ - 0xcb, 0xc8, 0xcd, 0xce, 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda, /* b */ - 0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 0x4f, 0x4c, 0x49, 0x4a, /* c */ - 0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a, /* d */ - 0x3b, 0x38, 0x3d, 0x3e, 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a, /* e */ - 0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 0x1f, 0x1c, 0x19, 0x1a, /* f */ -}; - -/* ArrayIndex*{09} */ -static const UINT8 aes_mul_9[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 0x6c, 0x65, 0x7e, 0x77, /* 0 */ - 0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7, /* 1 */ - 0x3b, 0x32, 0x29, 0x20, 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c, /* 2 */ - 0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 0xc7, 0xce, 0xd5, 0xdc, /* 3 */ - 0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01, /* 4 */ - 0xe6, 0xef, 0xf4, 0xfd, 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91, /* 5 */ - 0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 0x21, 0x28, 0x33, 0x3a, /* 6 */ - 0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa, /* 7 */ - 0xec, 0xe5, 0xfe, 0xf7, 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b, /* 8 */ - 0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 0x10, 0x19, 0x02, 0x0b, /* 9 */ - 0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0, /* a */ - 0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30, /* b */ - 0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 0xf6, 0xff, 0xe4, 0xed, /* c */ - 0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d, /* d */ - 0xa1, 0xa8, 0xb3, 0xba, 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6, /* e */ - 0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 0x5d, 0x54, 0x4f, 0x46, /* f */ -}; - -/* ArrayIndex*{0b} */ -static const UINT8 aes_mul_b[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 0x74, 0x7f, 0x62, 0x69, /* 0 */ - 0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9, /* 1 */ - 0x7b, 0x70, 0x6d, 0x66, 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12, /* 2 */ - 0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 0xbf, 0xb4, 0xa9, 0xa2, /* 3 */ - 0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f, /* 4 */ - 0x46, 0x4d, 0x50, 0x5b, 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f, /* 5 */ - 0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 0xf9, 0xf2, 0xef, 0xe4, /* 6 */ - 0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54, /* 7 */ - 0xf7, 0xfc, 0xe1, 0xea, 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e, /* 8 */ - 0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 0x33, 0x38, 0x25, 0x2e, /* 9 */ - 0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5, /* a */ - 0x3c, 0x37, 0x2a, 0x21, 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55, /* b */ - 0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 0x75, 0x7e, 0x63, 0x68, /* c */ - 0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8, /* d */ - 0x7a, 0x71, 0x6c, 0x67, 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13, /* e */ - 0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 0xbe, 0xb5, 0xa8, 0xa3, /* f */ -}; - -/* ArrayIndex*{0d} */ -static const UINT8 aes_mul_d[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 0x5c, 0x51, 0x46, 0x4b, /* 0 */ - 0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b, /* 1 */ - 0xbb, 0xb6, 0xa1, 0xac, 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0, /* 2 */ - 0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 0x37, 0x3a, 0x2d, 0x20, /* 3 */ - 0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26, /* 4 */ - 0xbd, 0xb0, 0xa7, 0xaa, 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6, /* 5 */ - 0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 0x8a, 0x87, 0x90, 0x9d, /* 6 */ - 0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d, /* 7 */ - 0xda, 0xd7, 0xc0, 0xcd, 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91, /* 8 */ - 0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 0x56, 0x5b, 0x4c, 0x41, /* 9 */ - 0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a, /* a */ - 0xb1, 0xbc, 0xab, 0xa6, 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa, /* b */ - 0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 0xeb, 0xe6, 0xf1, 0xfc, /* c */ - 0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c, /* d */ - 0x0c, 0x01, 0x16, 0x1b, 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47, /* e */ - 0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 0x80, 0x8d, 0x9a, 0x97, /* f */ -}; - -/* ArrayIndex*{0e} */ -static const UINT8 aes_mul_e[] = { - /* 0 1 2 3 4 5 6 7 8 9 a b c d e f */ - 0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 0x48, 0x46, 0x54, 0x5a, /* 0 */ - 0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba, /* 1 */ - 0xdb, 0xd5, 0xc7, 0xc9, 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81, /* 2 */ - 0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 0x73, 0x7d, 0x6f, 0x61, /* 3 */ - 0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7, /* 4 */ - 0x4d, 0x43, 0x51, 0x5f, 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17, /* 5 */ - 0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 0x3e, 0x30, 0x22, 0x2c, /* 6 */ - 0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc, /* 7 */ - 0x41, 0x4f, 0x5d, 0x53, 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b, /* 8 */ - 0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 0xe9, 0xe7, 0xf5, 0xfb, /* 9 */ - 0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0, /* a */ - 0x7a, 0x74, 0x66, 0x68, 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20, /* b */ - 0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 0xa4, 0xaa, 0xb8, 0xb6, /* c */ - 0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56, /* d */ - 0x37, 0x39, 0x2b, 0x25, 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d, /* e */ - 0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 0x9f, 0x91, 0x83, 0x8d, /* f */ -}; - - -/* For AES_CMAC */ -#define AES_MAC_LENGTH 16 /* 128-bit string */ -static UINT8 Const_Zero[16] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; -static UINT8 Const_Rb[16] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87}; - - -/* -======================================================================== -Routine Description: - AES key expansion (key schedule) - -Arguments: - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - paes_ctx Pointer to AES_CTX_STRUC - -Return Value: - paes_ctx Retrun the KeyWordExpansion of AES_CTX_STRUC - -Note: - Pseudo code for key expansion - ------------------------------------------ - Nk = (key length/4); - - while (i < Nk) - KeyWordExpansion[i] = word(key[4*i], key[4*i + 1], key[4*i + 2], key[4*i + 3]); - i++; - end while - - while (i < ((key length/4 + 6 + 1)*4) ) - temp = KeyWordExpansion[i - 1]; - if (i % Nk ==0) - temp = SubWord(RotWord(temp)) ^ Rcon[i/Nk]; - else if ((Nk > 6) && (i % 4 == 4)) - temp = SubWord(temp); - end if - - KeyWordExpansion[i] = KeyWordExpansion[i - Nk]^ temp; - i++; - end while -======================================================================== -*/ -VOID AES_KeyExpansion ( - IN UINT8 Key[], - IN UINT KeyLength, - INOUT AES_CTX_STRUC *paes_ctx) -{ - UINT KeyIndex = 0; - UINT NumberOfWordOfKey, NumberOfWordOfKeyExpansion; - UINT8 TempWord[AES_KEY_ROWS], Temp; - UINT32 Temprcon; - - NumberOfWordOfKey = KeyLength >> 2; - while (KeyIndex < NumberOfWordOfKey) - { - paes_ctx->KeyWordExpansion[0][KeyIndex] = Key[4*KeyIndex]; - paes_ctx->KeyWordExpansion[1][KeyIndex] = Key[4*KeyIndex + 1]; - paes_ctx->KeyWordExpansion[2][KeyIndex] = Key[4*KeyIndex + 2]; - paes_ctx->KeyWordExpansion[3][KeyIndex] = Key[4*KeyIndex + 3]; - KeyIndex++; - } /* End of while */ - - NumberOfWordOfKeyExpansion = ((UINT) AES_KEY_ROWS) * ((KeyLength >> 2) + 6 + 1); - while (KeyIndex < NumberOfWordOfKeyExpansion) - { - TempWord[0] = paes_ctx->KeyWordExpansion[0][KeyIndex - 1]; - TempWord[1] = paes_ctx->KeyWordExpansion[1][KeyIndex - 1]; - TempWord[2] = paes_ctx->KeyWordExpansion[2][KeyIndex - 1]; - TempWord[3] = paes_ctx->KeyWordExpansion[3][KeyIndex - 1]; - if ((KeyIndex % NumberOfWordOfKey) == 0) { - Temprcon = aes_rcon[KeyIndex/NumberOfWordOfKey]; - Temp = aes_sbox_enc[TempWord[1]]^((Temprcon >> 24) & 0xff); - TempWord[1] = aes_sbox_enc[TempWord[2]]^((Temprcon >> 16) & 0xff); - TempWord[2] = aes_sbox_enc[TempWord[3]]^((Temprcon >> 8) & 0xff); - TempWord[3] = aes_sbox_enc[TempWord[0]]^((Temprcon ) & 0xff); - TempWord[0] = Temp; - } else if ((NumberOfWordOfKey > 6) && ((KeyIndex % NumberOfWordOfKey) == 4)) { - Temp = aes_sbox_enc[TempWord[0]]; - TempWord[1] = aes_sbox_enc[TempWord[1]]; - TempWord[2] = aes_sbox_enc[TempWord[2]]; - TempWord[3] = aes_sbox_enc[TempWord[3]]; - TempWord[0] = Temp; - } - paes_ctx->KeyWordExpansion[0][KeyIndex] = paes_ctx->KeyWordExpansion[0][KeyIndex - NumberOfWordOfKey]^TempWord[0]; - paes_ctx->KeyWordExpansion[1][KeyIndex] = paes_ctx->KeyWordExpansion[1][KeyIndex - NumberOfWordOfKey]^TempWord[1]; - paes_ctx->KeyWordExpansion[2][KeyIndex] = paes_ctx->KeyWordExpansion[2][KeyIndex - NumberOfWordOfKey]^TempWord[2]; - paes_ctx->KeyWordExpansion[3][KeyIndex] = paes_ctx->KeyWordExpansion[3][KeyIndex - NumberOfWordOfKey]^TempWord[3]; - KeyIndex++; - } /* End of while */ -} /* End of AES_KeyExpansion */ - - -/* -======================================================================== -Routine Description: - AES encryption - -Arguments: - PlainBlock The block of plain text, 16 bytes(128 bits) each block - PlainBlockSize The length of block of plain text in bytes - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - CipherBlockSize The length of allocated cipher block in bytes - -Return Value: - CipherBlock Return cipher text - CipherBlockSize Return the length of real used cipher block in bytes - -Note: - Reference to FIPS-PUB 197 - 1. Check if block size is 16 bytes(128 bits) and if key length is 16, 24, or 32 bytes(128, 192, or 256 bits) - 2. Transfer the plain block to state block - 3. Main encryption rounds - 4. Transfer the state block to cipher block - ------------------------------------------ - NumberOfRound = (key length / 4) + 6; - state block = plain block; - - AddRoundKey(state block, key); - for round = 1 to NumberOfRound - SubBytes(state block) - ShiftRows(state block) - MixColumns(state block) - AddRoundKey(state block, key); - end for - - SubBytes(state block) - ShiftRows(state block) - AddRoundKey(state block, key); - - cipher block = state block; -======================================================================== -*/ -VOID AES_Encrypt ( - IN UINT8 PlainBlock[], - IN UINT PlainBlockSize, - IN UINT8 Key[], - IN UINT KeyLength, - OUT UINT8 CipherBlock[], - INOUT UINT *CipherBlockSize) -{ - AES_CTX_STRUC aes_ctx; - UINT RowIndex, ColumnIndex; - UINT RoundIndex, NumberOfRound = 0; - UINT8 Temp, Row0, Row1, Row2, Row3; - - /* - * 1. Check if block size is 16 bytes(128 bits) and if key length is 16, 24, or 32 bytes(128, 192, or 256 bits) - */ - if (PlainBlockSize != AES_BLOCK_SIZES) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Encrypt: plain block size is %d bytes, it must be %d bytes(128 bits).\n", - PlainBlockSize, AES_BLOCK_SIZES)); - return; - } /* End of if */ - if ((KeyLength != AES_KEY128_LENGTH) && (KeyLength != AES_KEY192_LENGTH) && (KeyLength != AES_KEY256_LENGTH)) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Encrypt: key length is %d bytes, it must be %d, %d, or %d bytes(128, 192, or 256 bits).\n", - KeyLength, AES_KEY128_LENGTH, AES_KEY192_LENGTH, AES_KEY256_LENGTH)); - return; - } /* End of if */ - if (*CipherBlockSize < AES_BLOCK_SIZES) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Encrypt: cipher block size is %d bytes, it must be %d bytes(128 bits).\n", - *CipherBlockSize, AES_BLOCK_SIZES)); - return; - } /* End of if */ - - /* - * 2. Transfer the plain block to state block - */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = PlainBlock[RowIndex + 4*ColumnIndex]; - - /* - * 3. Main encryption rounds - */ - AES_KeyExpansion(Key, KeyLength, &aes_ctx); - NumberOfRound = (KeyLength >> 2) + 6; - - /* AES_AddRoundKey */ - RoundIndex = 0; - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - - for (RoundIndex = 1; RoundIndex < NumberOfRound;RoundIndex++) - { - /* AES_SubBytes */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = aes_sbox_enc[aes_ctx.State[RowIndex][ColumnIndex]]; - - /* AES_ShiftRows */ - Temp = aes_ctx.State[1][0]; - aes_ctx.State[1][0] = aes_ctx.State[1][1]; - aes_ctx.State[1][1] = aes_ctx.State[1][2]; - aes_ctx.State[1][2] = aes_ctx.State[1][3]; - aes_ctx.State[1][3] = Temp; - Temp = aes_ctx.State[2][0]; - aes_ctx.State[2][0] = aes_ctx.State[2][2]; - aes_ctx.State[2][2] = Temp; - Temp = aes_ctx.State[2][1]; - aes_ctx.State[2][1] = aes_ctx.State[2][3]; - aes_ctx.State[2][3] = Temp; - Temp = aes_ctx.State[3][3]; - aes_ctx.State[3][3] = aes_ctx.State[3][2]; - aes_ctx.State[3][2] = aes_ctx.State[3][1]; - aes_ctx.State[3][1] = aes_ctx.State[3][0]; - aes_ctx.State[3][0] = Temp; - - /* AES_MixColumns */ - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - { - Row0 = aes_ctx.State[0][ColumnIndex]; - Row1 = aes_ctx.State[1][ColumnIndex]; - Row2 = aes_ctx.State[2][ColumnIndex]; - Row3 = aes_ctx.State[3][ColumnIndex]; - aes_ctx.State[0][ColumnIndex] = aes_mul_2[Row0]^aes_mul_3[Row1]^Row2^Row3; - aes_ctx.State[1][ColumnIndex] = Row0^aes_mul_2[Row1]^aes_mul_3[Row2]^Row3; - aes_ctx.State[2][ColumnIndex] = Row0^Row1^aes_mul_2[Row2]^aes_mul_3[Row3]; - aes_ctx.State[3][ColumnIndex] = aes_mul_3[Row0]^Row1^Row2^aes_mul_2[Row3]; - } - - /* AES_AddRoundKey */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - } /* End of for */ - - /* AES_SubBytes */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = aes_sbox_enc[aes_ctx.State[RowIndex][ColumnIndex]]; - /* AES_ShiftRows */ - Temp = aes_ctx.State[1][0]; - aes_ctx.State[1][0] = aes_ctx.State[1][1]; - aes_ctx.State[1][1] = aes_ctx.State[1][2]; - aes_ctx.State[1][2] = aes_ctx.State[1][3]; - aes_ctx.State[1][3] = Temp; - Temp = aes_ctx.State[2][0]; - aes_ctx.State[2][0] = aes_ctx.State[2][2]; - aes_ctx.State[2][2] = Temp; - Temp = aes_ctx.State[2][1]; - aes_ctx.State[2][1] = aes_ctx.State[2][3]; - aes_ctx.State[2][3] = Temp; - Temp = aes_ctx.State[3][3]; - aes_ctx.State[3][3] = aes_ctx.State[3][2]; - aes_ctx.State[3][2] = aes_ctx.State[3][1]; - aes_ctx.State[3][1] = aes_ctx.State[3][0]; - aes_ctx.State[3][0] = Temp; - /* AES_AddRoundKey */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - - /* - * 4. Transfer the state block to cipher block - */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - CipherBlock[RowIndex + 4*ColumnIndex] = aes_ctx.State[RowIndex][ColumnIndex]; - - *CipherBlockSize = ((UINT) AES_STATE_ROWS)*((UINT) AES_STATE_COLUMNS); -} /* End of AES_Encrypt */ - - -/* -======================================================================== -Routine Description: - AES decryption - -Arguments: - CipherBlock The block of cipher text, 16 bytes(128 bits) each block - CipherBlockSize The length of block of cipher text in bytes - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - PlainBlockSize The length of allocated plain block in bytes - -Return Value: - PlainBlock Return plain text - PlainBlockSize Return the length of real used plain block in bytes - -Note: - Reference to FIPS-PUB 197 - 1. Check if block size is 16 bytes(128 bits) and if key length is 16, 24, or 32 bytes(128, 192, or 256 bits) - 2. Transfer the cipher block to state block - 3. Main decryption rounds - 4. Transfer the state block to plain block - ------------------------------------------ - NumberOfRound = (key length / 4) + 6; - state block = cipher block; - - AddRoundKey(state block, key); - for round = NumberOfRound to 1 - InvSubBytes(state block) - InvShiftRows(state block) - InvMixColumns(state block) - AddRoundKey(state block, key); - end for - - InvSubBytes(state block) - InvShiftRows(state block) - AddRoundKey(state block, key); - - plain block = state block; -======================================================================== -*/ -VOID AES_Decrypt ( - IN UINT8 CipherBlock[], - IN UINT CipherBlockSize, - IN UINT8 Key[], - IN UINT KeyLength, - OUT UINT8 PlainBlock[], - INOUT UINT *PlainBlockSize) -{ - AES_CTX_STRUC aes_ctx; - UINT RowIndex, ColumnIndex; - UINT RoundIndex, NumberOfRound = 0; - UINT8 Temp, Row0, Row1, Row2, Row3; - - /* - * 1. Check if block size is 16 bytes(128 bits) and if key length is 16, 24, or 32 bytes(128, 192, or 256 bits) - */ - if (*PlainBlockSize < AES_BLOCK_SIZES) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Decrypt: plain block size is %d bytes, it must be %d bytes(128 bits).\n", - *PlainBlockSize, AES_BLOCK_SIZES)); - return; - } /* End of if */ - if ((KeyLength != AES_KEY128_LENGTH) && (KeyLength != AES_KEY192_LENGTH) && (KeyLength != AES_KEY256_LENGTH)) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Decrypt: key length is %d bytes, it must be %d, %d, or %d bytes(128, 192, or 256 bits).\n", - KeyLength, AES_KEY128_LENGTH, AES_KEY192_LENGTH, AES_KEY256_LENGTH)); - return; - } /* End of if */ - if (CipherBlockSize != AES_BLOCK_SIZES) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_Decrypt: cipher block size is %d bytes, it must be %d bytes(128 bits).\n", - CipherBlockSize, AES_BLOCK_SIZES)); - return; - } /* End of if */ - - /* - * 2. Transfer the cipher block to state block - */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = CipherBlock[RowIndex + 4*ColumnIndex]; - - /* - * 3. Main decryption rounds - */ - AES_KeyExpansion(Key, KeyLength, &aes_ctx); - NumberOfRound = (KeyLength >> 2) + 6; - - /* AES_AddRoundKey */ - RoundIndex = NumberOfRound; - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - - for (RoundIndex = (NumberOfRound - 1); RoundIndex > 0 ;RoundIndex--) - { - /* AES_InvShiftRows */ - Temp = aes_ctx.State[1][3]; - aes_ctx.State[1][3] = aes_ctx.State[1][2]; - aes_ctx.State[1][2] = aes_ctx.State[1][1]; - aes_ctx.State[1][1] = aes_ctx.State[1][0]; - aes_ctx.State[1][0] = Temp; - Temp = aes_ctx.State[2][0]; - aes_ctx.State[2][0] = aes_ctx.State[2][2]; - aes_ctx.State[2][2] = Temp; - Temp = aes_ctx.State[2][1]; - aes_ctx.State[2][1] = aes_ctx.State[2][3]; - aes_ctx.State[2][3] = Temp; - Temp = aes_ctx.State[3][0]; - aes_ctx.State[3][0] = aes_ctx.State[3][1]; - aes_ctx.State[3][1] = aes_ctx.State[3][2]; - aes_ctx.State[3][2] = aes_ctx.State[3][3]; - aes_ctx.State[3][3] = Temp; - - /* AES_InvSubBytes */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = aes_sbox_dec[aes_ctx.State[RowIndex][ColumnIndex]]; - - /* AES_AddRoundKey */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - - /* AES_InvMixColumns */ - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - { - Row0 = aes_ctx.State[0][ColumnIndex]; - Row1 = aes_ctx.State[1][ColumnIndex]; - Row2 = aes_ctx.State[2][ColumnIndex]; - Row3 = aes_ctx.State[3][ColumnIndex]; - aes_ctx.State[0][ColumnIndex] = aes_mul_e[Row0]^aes_mul_b[Row1]^aes_mul_d[Row2]^aes_mul_9[Row3]; - aes_ctx.State[1][ColumnIndex] = aes_mul_9[Row0]^aes_mul_e[Row1]^aes_mul_b[Row2]^aes_mul_d[Row3]; - aes_ctx.State[2][ColumnIndex] = aes_mul_d[Row0]^aes_mul_9[Row1]^aes_mul_e[Row2]^aes_mul_b[Row3]; - aes_ctx.State[3][ColumnIndex] = aes_mul_b[Row0]^aes_mul_d[Row1]^aes_mul_9[Row2]^aes_mul_e[Row3]; - } - } /* End of for */ - - /* AES_InvShiftRows */ - Temp = aes_ctx.State[1][3]; - aes_ctx.State[1][3] = aes_ctx.State[1][2]; - aes_ctx.State[1][2] = aes_ctx.State[1][1]; - aes_ctx.State[1][1] = aes_ctx.State[1][0]; - aes_ctx.State[1][0] = Temp; - Temp = aes_ctx.State[2][0]; - aes_ctx.State[2][0] = aes_ctx.State[2][2]; - aes_ctx.State[2][2] = Temp; - Temp = aes_ctx.State[2][1]; - aes_ctx.State[2][1] = aes_ctx.State[2][3]; - aes_ctx.State[2][3] = Temp; - Temp = aes_ctx.State[3][0]; - aes_ctx.State[3][0] = aes_ctx.State[3][1]; - aes_ctx.State[3][1] = aes_ctx.State[3][2]; - aes_ctx.State[3][2] = aes_ctx.State[3][3]; - aes_ctx.State[3][3] = Temp; - /* AES_InvSubBytes */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] = aes_sbox_dec[aes_ctx.State[RowIndex][ColumnIndex]]; - /* AES_AddRoundKey */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - aes_ctx.State[RowIndex][ColumnIndex] ^= aes_ctx.KeyWordExpansion[RowIndex][(RoundIndex*((UINT) AES_STATE_COLUMNS)) + ColumnIndex]; - - /* - * 4. Transfer the state block to plain block - */ - for (RowIndex = 0; RowIndex < AES_STATE_ROWS;RowIndex++) - for (ColumnIndex = 0; ColumnIndex < AES_STATE_COLUMNS;ColumnIndex++) - PlainBlock[RowIndex + 4*ColumnIndex] = aes_ctx.State[RowIndex][ColumnIndex]; - - *PlainBlockSize = ((UINT) AES_STATE_ROWS)*((UINT) AES_STATE_COLUMNS); -} /* End of AES_Decrypt */ - - -/* -======================================================================== -Routine Description: - AES-CBC encryption - -Arguments: - PlainText Plain text - PlainTextLength The length of plain text in bytes - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - IV Initialization vector, it may be 16 bytes (128 bits) - IVLength The length of initialization vector in bytes - CipherTextLength The length of allocated cipher text in bytes - -Return Value: - CipherText Return cipher text - CipherTextLength Return the length of real used cipher text in bytes - -Note: - Reference to RFC 3602 and NIST 800-38A -======================================================================== -*/ -VOID AES_CBC_Encrypt ( - IN UINT8 PlainText[], - IN UINT PlainTextLength, - IN UINT8 Key[], - IN UINT KeyLength, - IN UINT8 IV[], - IN UINT IVLength, - OUT UINT8 CipherText[], - INOUT UINT *CipherTextLength) -{ - UINT PaddingSize, PlainBlockStart, CipherBlockStart, CipherBlockSize; - UINT Index; - UINT8 Block[AES_BLOCK_SIZES]; - - /* - * 1. Check the input parameters - * - CipherTextLength > (PlainTextLength + Padding size), Padding size = block size - (PlainTextLength % block size) - * - Key length must be 16, 24, or 32 bytes(128, 192, or 256 bits) - * - IV length must be 16 bytes(128 bits) - */ - PaddingSize = ((UINT) AES_BLOCK_SIZES) - (PlainTextLength % ((UINT)AES_BLOCK_SIZES)); - if (*CipherTextLength < (PlainTextLength + PaddingSize)) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Encrypt: cipher text length is %d bytes < (plain text length %d bytes + padding size %d bytes).\n", - *CipherTextLength, PlainTextLength, PaddingSize)); - return; - } /* End of if */ - if ((KeyLength != AES_KEY128_LENGTH) && (KeyLength != AES_KEY192_LENGTH) && (KeyLength != AES_KEY256_LENGTH)) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Encrypt: key length is %d bytes, it must be %d, %d, or %d bytes(128, 192, or 256 bits).\n", - KeyLength, AES_KEY128_LENGTH, AES_KEY192_LENGTH, AES_KEY256_LENGTH)); - return; - } /* End of if */ - if (IVLength != AES_CBC_IV_LENGTH) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Encrypt: IV length is %d bytes, it must be %d bytes(128bits).\n", - IVLength, AES_CBC_IV_LENGTH)); - return; - } /* End of if */ - - - /* - * 2. Main algorithm - * - Plain text divide into serveral blocks (16 bytes/block) - * - If plain text is divided with no remainder by block, add a new block and padding size = block(16 bytes) - * - If plain text is not divided with no remainder by block, padding size = (block - remainder plain text) - * - Execute AES_Encrypt procedure. - * - * - Padding method: The remainder bytes will be filled with padding size (1 byte) - */ - PlainBlockStart = 0; - CipherBlockStart = 0; - while ((PlainTextLength - PlainBlockStart) >= AES_BLOCK_SIZES) - { - if (CipherBlockStart == 0) { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Block[Index] = PlainText[PlainBlockStart + Index]^IV[Index]; - } else { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Block[Index] = PlainText[PlainBlockStart + Index]^CipherText[CipherBlockStart - ((UINT) AES_BLOCK_SIZES) + Index]; - } /* End of if */ - - CipherBlockSize = *CipherTextLength - CipherBlockStart; - AES_Encrypt(Block, AES_BLOCK_SIZES , Key, KeyLength, CipherText + CipherBlockStart, &CipherBlockSize); - - PlainBlockStart += ((UINT) AES_BLOCK_SIZES); - CipherBlockStart += CipherBlockSize; - } /* End of while */ - - NdisMoveMemory(Block, (&PlainText[0] + PlainBlockStart), (PlainTextLength - PlainBlockStart)); - NdisFillMemory((Block + (((UINT) AES_BLOCK_SIZES) -PaddingSize)), PaddingSize, (UINT8) PaddingSize); - if (CipherBlockStart == 0) { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Block[Index] ^= IV[Index]; - } else { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Block[Index] ^= CipherText[CipherBlockStart - ((UINT) AES_BLOCK_SIZES) + Index]; - } /* End of if */ - CipherBlockSize = *CipherTextLength - CipherBlockStart; - AES_Encrypt(Block, AES_BLOCK_SIZES , Key, KeyLength, CipherText + CipherBlockStart, &CipherBlockSize); - CipherBlockStart += CipherBlockSize; - *CipherTextLength = CipherBlockStart; -} /* End of AES_CBC_Encrypt */ - - -/* -======================================================================== -Routine Description: - AES-CBC decryption - -Arguments: - CipherText Cipher text - CipherTextLength The length of cipher text in bytes - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - IV Initialization vector, it may be 16 bytes (128 bits) - IVLength The length of initialization vector in bytes - PlainTextLength The length of allocated plain text in bytes - -Return Value: - PlainText Return plain text - PlainTextLength Return the length of real used plain text in bytes - -Note: - Reference to RFC 3602 and NIST 800-38A -======================================================================== -*/ -VOID AES_CBC_Decrypt ( - IN UINT8 CipherText[], - IN UINT CipherTextLength, - IN UINT8 Key[], - IN UINT KeyLength, - IN UINT8 IV[], - IN UINT IVLength, - OUT UINT8 PlainText[], - INOUT UINT *PlainTextLength) -{ - UINT PaddingSize, PlainBlockStart, CipherBlockStart, PlainBlockSize; - UINT Index; - - /* - * 1. Check the input parameters - * - CipherTextLength must be divided with no remainder by block - * - Key length must be 16, 24, or 32 bytes(128, 192, or 256 bits) - * - IV length must be 16 bytes(128 bits) - */ - if ((CipherTextLength % AES_BLOCK_SIZES) != 0) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Decrypt: cipher text length is %d bytes, it can't be divided with no remainder by block size(%d).\n", - CipherTextLength, AES_BLOCK_SIZES)); - return; - } /* End of if */ - if ((KeyLength != AES_KEY128_LENGTH) && (KeyLength != AES_KEY192_LENGTH) && (KeyLength != AES_KEY256_LENGTH)) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Decrypt: key length is %d bytes, it must be %d, %d, or %d bytes(128, 192, or 256 bits).\n", - KeyLength, AES_KEY128_LENGTH, AES_KEY192_LENGTH, AES_KEY256_LENGTH)); - return; - } /* End of if */ - if (IVLength != AES_CBC_IV_LENGTH) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CBC_Decrypt: IV length is %d bytes, it must be %d bytes(128bits).\n", - IVLength, AES_CBC_IV_LENGTH)); - return; - } /* End of if */ - - - /* - * 2. Main algorithm - * - Cypher text divide into serveral blocks (16 bytes/block) - * - Execute AES_Decrypt procedure. - * - Remove padding bytes, padding size is the last byte of plain text - */ - CipherBlockStart = 0; - PlainBlockStart = 0; - while ((CipherTextLength - CipherBlockStart) >= AES_BLOCK_SIZES) - { - PlainBlockSize = *PlainTextLength - PlainBlockStart; - AES_Decrypt(CipherText + CipherBlockStart, AES_BLOCK_SIZES , Key, KeyLength, PlainText + PlainBlockStart, &PlainBlockSize); - - if (PlainBlockStart == 0) { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - PlainText[PlainBlockStart + Index] ^= IV[Index]; - } else { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - PlainText[PlainBlockStart + Index] ^= CipherText[CipherBlockStart + Index - ((UINT) AES_BLOCK_SIZES)]; - } /* End of if */ - - CipherBlockStart += AES_BLOCK_SIZES; - PlainBlockStart += PlainBlockSize; - } /* End of while */ - - PaddingSize = (UINT8) PlainText[PlainBlockStart -1]; - *PlainTextLength = PlainBlockStart - PaddingSize; - -} /* End of AES_CBC_Encrypt */ - - - -/* -======================================================================== -Routine Description: - AES-CMAC generate subkey - -Arguments: - Key Cipher key 128 bits - KeyLength The length of Cipher key in bytes - -Return Value: - SubKey1 SubKey 1 128 bits - SubKey2 SubKey 2 128 bits - -Note: - Reference to RFC 4493 - - Step 1. L := AES-128(K, const_Zero); - Step 2. if MSB(L) is equal to 0 - then K1 := L << 1; - else K1 := (L << 1) XOR const_Rb; - Step 3. if MSB(K1) is equal to 0 - then K2 := K1 << 1; - else K2 := (K1 << 1) XOR const_Rb; - Step 4. return K1, K2; -======================================================================== -*/ -VOID AES_CMAC_GenerateSubKey ( - IN UINT8 Key[], - IN UINT KeyLength, - OUT UINT8 SubKey1[], - OUT UINT8 SubKey2[]) -{ - UINT8 MSB_L = 0, MSB_K1 = 0, Top_Bit = 0; - UINT SubKey1_Length = 0; - INT Index = 0; - - if (KeyLength != AES_KEY128_LENGTH) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CMAC_GenerateSubKey: key length is %d bytes, it must be %d bytes(128 bits).\n", - KeyLength, AES_KEY128_LENGTH)); - return; - } /* End of if */ - - /* Step 1: L := AES-128(K, const_Zero); */ - SubKey1_Length = 16; - AES_Encrypt(Const_Zero, sizeof(Const_Zero), Key, KeyLength, SubKey1, &SubKey1_Length); - - /* - * Step 2. if MSB(L) is equal to 0 - * then K1 := L << 1; - * else K1 := (L << 1) XOR const_Rb; - */ - MSB_L = SubKey1[0] & 0x80; - for(Index = 0; Index < 15; Index++) { - Top_Bit = (SubKey1[Index + 1] & 0x80)?1:0; - SubKey1[Index] <<= 1; - SubKey1[Index] |= Top_Bit; - } - SubKey1[15] <<= 1; - if (MSB_L > 0) { - for(Index = 0; Index < 16; Index++) - SubKey1[Index] ^= Const_Rb[Index]; - } /* End of if */ - - /* - * Step 3. if MSB(K1) is equal to 0 - * then K2 := K1 << 1; - * else K2 := (K1 << 1) XOR const_Rb; - */ - MSB_K1 = SubKey1[0] & 0x80; - for(Index = 0; Index < 15; Index++) { - Top_Bit = (SubKey1[Index + 1] & 0x80)?1:0; - SubKey2[Index] = SubKey1[Index] << 1; - SubKey2[Index] |= Top_Bit; - } - SubKey2[15] = SubKey1[15] << 1; - if (MSB_K1 > 0) { - for(Index = 0; Index < 16; Index++) - SubKey2[Index] ^= Const_Rb[Index]; - } /* End of if */ -} /* End of AES_CMAC_GenerateSubKey */ - - -/* -======================================================================== -Routine Description: - AES-CMAC - -Arguments: - PlainText Plain text - PlainTextLength The length of plain text in bytes - Key Cipher key, it may be 16, 24, or 32 bytes (128, 192, or 256 bits) - KeyLength The length of cipher key in bytes - MACTextLength The length of allocated memory spaces in bytes - -Return Value: - MACText Message authentication code (128-bit string) - MACTextLength Return the length of Message authentication code in bytes - -Note: - Reference to RFC 4493 -======================================================================== -*/ -VOID AES_CMAC ( - IN UINT8 PlainText[], - IN UINT PlainTextLength, - IN UINT8 Key[], - IN UINT KeyLength, - OUT UINT8 MACText[], - INOUT UINT *MACTextLength) -{ - UINT PlainBlockStart; - UINT8 X[AES_BLOCK_SIZES], Y[AES_BLOCK_SIZES]; - UINT8 SubKey1[16]; - UINT8 SubKey2[16]; - INT X_Length, Index; - - if (*MACTextLength < AES_MAC_LENGTH) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CMAC: MAC text length is less than %d bytes).\n", - AES_MAC_LENGTH)); - return; - } /* End of if */ - if (KeyLength != AES_KEY128_LENGTH) { - DBGPRINT(RT_DEBUG_ERROR, ("AES_CMAC: key length is %d bytes, it must be %d bytes(128 bits).\n", - KeyLength, AES_KEY128_LENGTH)); - return; - } /* End of if */ - - /* Step 1. (K1,K2) := Generate_Subkey(K); */ - NdisZeroMemory(SubKey1, 16); - NdisZeroMemory(SubKey2, 16); - AES_CMAC_GenerateSubKey(Key, KeyLength, SubKey1, SubKey2); - - /* - * 2. Main algorithm - * - Plain text divide into serveral blocks (16 bytes/block) - * - If plain text is not divided with no remainder by block, padding size = (block - remainder plain text) - * - Execute AES_Encrypt procedure. - */ - PlainBlockStart = 0; - NdisMoveMemory(X, Const_Zero, AES_BLOCK_SIZES); - while ((PlainTextLength - PlainBlockStart) > AES_BLOCK_SIZES) - { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Y[Index] = PlainText[PlainBlockStart + Index]^X[Index]; - - X_Length = sizeof(X); - AES_Encrypt(Y, sizeof(Y) , Key, KeyLength, X, &X_Length); - PlainBlockStart += ((UINT) AES_BLOCK_SIZES); - } /* End of while */ - if ((PlainTextLength - PlainBlockStart) == AES_BLOCK_SIZES) { - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Y[Index] = PlainText[PlainBlockStart + Index]^X[Index]^SubKey1[Index]; - } else { - NdisZeroMemory(Y, AES_BLOCK_SIZES); - NdisMoveMemory(Y, &PlainText[PlainBlockStart], (PlainTextLength - PlainBlockStart)); - Y[(PlainTextLength - PlainBlockStart)] = 0x80; - for (Index = 0; Index < AES_BLOCK_SIZES; Index++) - Y[Index] = Y[Index]^X[Index]^SubKey2[Index]; - } /* End of if */ - AES_Encrypt(Y, sizeof(Y) , Key, KeyLength, MACText, MACTextLength); -} /* End of AES_CMAC */ |