Symaptic: os/security/crypto/weakcryptospi/test/tplugins/src/rijndaelimpl.cpp@260cb5ec6c19 (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	#include "rijndaelimpl.h"
sl@0	20	#include <cryptospi/keys.h>
sl@0	21
sl@0	22	#include "rijndaeltables.h"
sl@0	23	#include "../../../source/common/inlines.h"
sl@0	24	#include "pluginconfig.h"
sl@0	25	#include "symmetriccipherimpl.h"
sl@0	26	#include <cryptostrength.h>
sl@0	27
sl@0	28	using namespace SoftwareCrypto;
sl@0	29
sl@0	30	const TUint KAESKeyBytes128 = 16;
sl@0	31	const TUint KAESKeyBytes192 = 24;
sl@0	32	const TUint KAESKeyBytes256 = 32;
sl@0	33	const TUint KAESBlockBytes = 16;
sl@0	34
sl@0	35	/* CRijndaelmpl*/
sl@0	36	CRijndaelImpl::CRijndaelImpl(
sl@0	37	TUid aCryptoMode,
sl@0	38	TUid aOperationMode,
sl@0	39	TUid aPadding,
sl@0	40	TUid aImplementationUid) :
sl@0	41	CSymmetricBlockCipherImpl(KAESBlockBytes, aCryptoMode, aOperationMode, aPadding),
sl@0	42	iImplementationUid(aImplementationUid)
sl@0	43	{
sl@0	44	}
sl@0	45
sl@0	46	CRijndaelImpl* CRijndaelImpl::NewL(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode,
sl@0	47	TUid aPadding, TUid aImplementationUid)
sl@0	48	{
sl@0	49	CRijndaelImpl* self = CRijndaelImpl::NewLC(aKey, aCryptoMode, aOperationMode,
sl@0	50	aPadding, aImplementationUid);
sl@0	51	CleanupStack::Pop(self);
sl@0	52	return self;
sl@0	53	}
sl@0	54
sl@0	55	CRijndaelImpl* CRijndaelImpl::NewLC(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode,
sl@0	56	TUid aPadding, TUid aImplementationUid)
sl@0	57	{
sl@0	58	CRijndaelImpl* self = new(ELeave) CRijndaelImpl(aCryptoMode, aOperationMode, aPadding,
sl@0	59	aImplementationUid);
sl@0	60	CleanupStack::PushL(self);
sl@0	61	self->ConstructL(aKey);
sl@0	62
sl@0	63	const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid);
sl@0	64	TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyContent.Size()) - keyContent.Size());
sl@0	65	return self;
sl@0	66	}
sl@0	67
sl@0	68	CRijndaelImpl::~CRijndaelImpl()
sl@0	69	{
sl@0	70	// make sure key information isn't visible to other processes if the
sl@0	71	// page is reused.
sl@0	72	Mem::FillZ(&iK, sizeof(iK));
sl@0	73	}
sl@0	74
sl@0	75	void CRijndaelImpl::ConstructL(const CKey& aKey)
sl@0	76	{
sl@0	77	CSymmetricBlockCipherImpl::ConstructL(aKey);
sl@0	78	SetKeySchedule();
sl@0	79	}
sl@0	80
sl@0	81	CExtendedCharacteristics* CRijndaelImpl::CreateExtendedCharacteristicsL()
sl@0	82	{
sl@0	83	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
sl@0	84	// for exclusive use and are not CERTIFIED to be standards compliant.
sl@0	85	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
sl@0	86	}
sl@0	87
sl@0	88	const CExtendedCharacteristics* CRijndaelImpl::GetExtendedCharacteristicsL()
sl@0	89	{
sl@0	90	return CRijndaelImpl::CreateExtendedCharacteristicsL();
sl@0	91	}
sl@0	92
sl@0	93	TUid CRijndaelImpl::ImplementationUid() const
sl@0	94	{
sl@0	95	return iImplementationUid;
sl@0	96	}
sl@0	97
sl@0	98	TBool CRijndaelImpl::IsValidKeyLength(TInt aKeyBytes) const
sl@0	99	{
sl@0	100	switch(aKeyBytes)
sl@0	101	{
sl@0	102	case KAESKeyBytes128:
sl@0	103	case KAESKeyBytes192:
sl@0	104	case KAESKeyBytes256:
sl@0	105	return ETrue;
sl@0	106	default:
sl@0	107	return EFalse;
sl@0	108	}
sl@0	109	}
sl@0	110
sl@0	111	void CRijndaelImpl::SetKeySchedule()
sl@0	112	{
sl@0	113	iRounds = iKeyBytes/4 + 6;
sl@0	114	if (iCryptoMode.iUid == KCryptoModeEncrypt)
sl@0	115	{
sl@0	116	SetEncryptKeySchedule(*iKey, &iK[0]);
sl@0	117	}
sl@0	118	else
sl@0	119	{
sl@0	120	ASSERT(iCryptoMode.iUid == KCryptoModeDecrypt);
sl@0	121	SetDecryptKeySchedule(*iKey, &iK[0]);
sl@0	122	}
sl@0	123	}
sl@0	124
sl@0	125	void CRijndaelImpl::TransformEncrypt(
sl@0	126	TUint8* aBuffer,
sl@0	127	TUint aNumBlocks)
sl@0	128	{
sl@0	129	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0	130	{
sl@0	131	ModeEncryptStart(aBuffer);
sl@0	132
sl@0	133	TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0	134	const TUint32* rk = &iK[0];
sl@0	135
sl@0	136	/*
sl@0	137	* map byte array block to cipher state
sl@0	138	* and add initial round key:
sl@0	139	*/
sl@0	140	GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	141	s0 ^= rk[0];
sl@0	142	s1 ^= rk[1];
sl@0	143	s2 ^= rk[2];
sl@0	144	s3 ^= rk[3];
sl@0	145	/*
sl@0	146	* Nr - 1 full rounds:
sl@0	147	*/
sl@0	148	TUint r = iRounds >> 1;
sl@0	149	FOREVER
sl@0	150	{
sl@0	151	t0 =
sl@0	152	RIJNDAEL_TABLE::Te0[GETBYTE(s0, 3)] ^
sl@0	153	RIJNDAEL_TABLE::Te1[GETBYTE(s1, 2)] ^
sl@0	154	RIJNDAEL_TABLE::Te2[GETBYTE(s2, 1)] ^
sl@0	155	RIJNDAEL_TABLE::Te3[GETBYTE(s3, 0)] ^
sl@0	156	rk[4];
sl@0	157	t1 =
sl@0	158	RIJNDAEL_TABLE::Te0[GETBYTE(s1, 3)] ^
sl@0	159	RIJNDAEL_TABLE::Te1[GETBYTE(s2, 2)] ^
sl@0	160	RIJNDAEL_TABLE::Te2[GETBYTE(s3, 1)] ^
sl@0	161	RIJNDAEL_TABLE::Te3[GETBYTE(s0, 0)] ^
sl@0	162	rk[5];
sl@0	163	t2 =
sl@0	164	RIJNDAEL_TABLE::Te0[GETBYTE(s2, 3)] ^
sl@0	165	RIJNDAEL_TABLE::Te1[GETBYTE(s3, 2)] ^
sl@0	166	RIJNDAEL_TABLE::Te2[GETBYTE(s0, 1)] ^
sl@0	167	RIJNDAEL_TABLE::Te3[GETBYTE(s1, 0)] ^
sl@0	168	rk[6];
sl@0	169	t3 =
sl@0	170	RIJNDAEL_TABLE::Te0[GETBYTE(s3, 3)] ^
sl@0	171	RIJNDAEL_TABLE::Te1[GETBYTE(s0, 2)] ^
sl@0	172	RIJNDAEL_TABLE::Te2[GETBYTE(s1, 1)] ^
sl@0	173	RIJNDAEL_TABLE::Te3[GETBYTE(s2, 0)] ^
sl@0	174	rk[7];
sl@0	175
sl@0	176	rk += 8;
sl@0	177	if (--r == 0)
sl@0	178	break;
sl@0	179
sl@0	180	s0 =
sl@0	181	RIJNDAEL_TABLE::Te0[GETBYTE(t0, 3)] ^
sl@0	182	RIJNDAEL_TABLE::Te1[GETBYTE(t1, 2)] ^
sl@0	183	RIJNDAEL_TABLE::Te2[GETBYTE(t2, 1)] ^
sl@0	184	RIJNDAEL_TABLE::Te3[GETBYTE(t3, 0)] ^
sl@0	185	rk[0];
sl@0	186	s1 =
sl@0	187	RIJNDAEL_TABLE::Te0[GETBYTE(t1, 3)] ^
sl@0	188	RIJNDAEL_TABLE::Te1[GETBYTE(t2, 2)] ^
sl@0	189	RIJNDAEL_TABLE::Te2[GETBYTE(t3, 1)] ^
sl@0	190	RIJNDAEL_TABLE::Te3[GETBYTE(t0, 0)] ^
sl@0	191	rk[1];
sl@0	192	s2 =
sl@0	193	RIJNDAEL_TABLE::Te0[GETBYTE(t2, 3)] ^
sl@0	194	RIJNDAEL_TABLE::Te1[GETBYTE(t3, 2)] ^
sl@0	195	RIJNDAEL_TABLE::Te2[GETBYTE(t0, 1)] ^
sl@0	196	RIJNDAEL_TABLE::Te3[GETBYTE(t1, 0)] ^
sl@0	197	rk[2];
sl@0	198	s3 =
sl@0	199	RIJNDAEL_TABLE::Te0[GETBYTE(t3, 3)] ^
sl@0	200	RIJNDAEL_TABLE::Te1[GETBYTE(t0, 2)] ^
sl@0	201	RIJNDAEL_TABLE::Te2[GETBYTE(t1, 1)] ^
sl@0	202	RIJNDAEL_TABLE::Te3[GETBYTE(t2, 0)] ^
sl@0	203	rk[3];
sl@0	204	}
sl@0	205	/*
sl@0	206	* apply last round and
sl@0	207	* map cipher state to byte array block:
sl@0	208	*/
sl@0	209
sl@0	210	s0 =
sl@0	211	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0	212	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0	213	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0	214	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0	215	rk[0];
sl@0	216	s1 =
sl@0	217	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0	218	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0	219	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0	220	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0	221	rk[1];
sl@0	222	s2 =
sl@0	223	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0	224	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0	225	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0	226	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0	227	rk[2];
sl@0	228	s3 =
sl@0	229	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0	230	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0	231	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0	232	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0	233	rk[3];
sl@0	234
sl@0	235	PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	236	ModeEncryptEnd(aBuffer);
sl@0	237	aBuffer += KAESBlockBytes;
sl@0	238	}
sl@0	239	}
sl@0	240
sl@0	241	void CRijndaelImpl::TransformDecrypt(
sl@0	242	TUint8* aBuffer,
sl@0	243	TUint aNumBlocks)
sl@0	244	{
sl@0	245	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0	246	{
sl@0	247	ModeDecryptStart(aBuffer);
sl@0	248
sl@0	249	TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0	250	const TUint32* rk = &iK[0];
sl@0	251
sl@0	252	/*
sl@0	253	* map byte array block to cipher state
sl@0	254	* and add initial round key:
sl@0	255	*/
sl@0	256	GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	257
sl@0	258	s0 ^= rk[0];
sl@0	259	s1 ^= rk[1];
sl@0	260	s2 ^= rk[2];
sl@0	261	s3 ^= rk[3];
sl@0	262	/*
sl@0	263	* Nr - 1 full rounds:
sl@0	264	*/
sl@0	265	TUint r = iRounds >> 1;
sl@0	266	FOREVER
sl@0	267	{
sl@0	268	t0 =
sl@0	269	RIJNDAEL_TABLE::Td0[GETBYTE(s0, 3)] ^
sl@0	270	RIJNDAEL_TABLE::Td1[GETBYTE(s3, 2)] ^
sl@0	271	RIJNDAEL_TABLE::Td2[GETBYTE(s2, 1)] ^
sl@0	272	RIJNDAEL_TABLE::Td3[GETBYTE(s1, 0)] ^
sl@0	273	rk[4];
sl@0	274	t1 =
sl@0	275	RIJNDAEL_TABLE::Td0[GETBYTE(s1, 3)] ^
sl@0	276	RIJNDAEL_TABLE::Td1[GETBYTE(s0, 2)] ^
sl@0	277	RIJNDAEL_TABLE::Td2[GETBYTE(s3, 1)] ^
sl@0	278	RIJNDAEL_TABLE::Td3[GETBYTE(s2, 0)] ^
sl@0	279	rk[5];
sl@0	280	t2 =
sl@0	281	RIJNDAEL_TABLE::Td0[GETBYTE(s2, 3)] ^
sl@0	282	RIJNDAEL_TABLE::Td1[GETBYTE(s1, 2)] ^
sl@0	283	RIJNDAEL_TABLE::Td2[GETBYTE(s0, 1)] ^
sl@0	284	RIJNDAEL_TABLE::Td3[GETBYTE(s3, 0)] ^
sl@0	285	rk[6];
sl@0	286	t3 =
sl@0	287	RIJNDAEL_TABLE::Td0[GETBYTE(s3, 3)] ^
sl@0	288	RIJNDAEL_TABLE::Td1[GETBYTE(s2, 2)] ^
sl@0	289	RIJNDAEL_TABLE::Td2[GETBYTE(s1, 1)] ^
sl@0	290	RIJNDAEL_TABLE::Td3[GETBYTE(s0, 0)] ^
sl@0	291	rk[7];
sl@0	292
sl@0	293	rk += 8;
sl@0	294	if (--r == 0)
sl@0	295	break;
sl@0	296
sl@0	297	s0 =
sl@0	298	RIJNDAEL_TABLE::Td0[GETBYTE(t0, 3)] ^
sl@0	299	RIJNDAEL_TABLE::Td1[GETBYTE(t3, 2)] ^
sl@0	300	RIJNDAEL_TABLE::Td2[GETBYTE(t2, 1)] ^
sl@0	301	RIJNDAEL_TABLE::Td3[GETBYTE(t1, 0)] ^
sl@0	302	rk[0];
sl@0	303	s1 =
sl@0	304	RIJNDAEL_TABLE::Td0[GETBYTE(t1, 3)] ^
sl@0	305	RIJNDAEL_TABLE::Td1[GETBYTE(t0, 2)] ^
sl@0	306	RIJNDAEL_TABLE::Td2[GETBYTE(t3, 1)] ^
sl@0	307	RIJNDAEL_TABLE::Td3[GETBYTE(t2, 0)] ^
sl@0	308	rk[1];
sl@0	309	s2 =
sl@0	310	RIJNDAEL_TABLE::Td0[GETBYTE(t2, 3)] ^
sl@0	311	RIJNDAEL_TABLE::Td1[GETBYTE(t1, 2)] ^
sl@0	312	RIJNDAEL_TABLE::Td2[GETBYTE(t0, 1)] ^
sl@0	313	RIJNDAEL_TABLE::Td3[GETBYTE(t3, 0)] ^
sl@0	314	rk[2];
sl@0	315	s3 =
sl@0	316	RIJNDAEL_TABLE::Td0[GETBYTE(t3, 3)] ^
sl@0	317	RIJNDAEL_TABLE::Td1[GETBYTE(t2, 2)] ^
sl@0	318	RIJNDAEL_TABLE::Td2[GETBYTE(t1, 1)] ^
sl@0	319	RIJNDAEL_TABLE::Td3[GETBYTE(t0, 0)] ^
sl@0	320	rk[3];
sl@0	321	}
sl@0	322	/*
sl@0	323	* apply last round and
sl@0	324	* map cipher state to byte array block:
sl@0	325	*/
sl@0	326	s0 =
sl@0	327	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0	328	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0	329	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0	330	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0	331	rk[0];
sl@0	332	s1 =
sl@0	333	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0	334	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0	335	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0	336	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0	337	rk[1];
sl@0	338	s2 =
sl@0	339	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0	340	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0	341	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0	342	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0	343	rk[2];
sl@0	344	s3 =
sl@0	345	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0	346	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0	347	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0	348	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0	349	rk[3];
sl@0	350	PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	351	ModeDecryptEnd(aBuffer);
sl@0	352	aBuffer += KAESBlockBytes;
sl@0	353	}
sl@0	354	}
sl@0	355
sl@0	356	void CRijndaelImpl::SetEncryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0	357	{
sl@0	358	TUint keySize = aKey.Length();
sl@0	359	TUint32 temp;
sl@0	360	TUint32* rk = aKeySchedule;
sl@0	361
sl@0	362	TUint i = 0;
sl@0	363
sl@0	364	GetUserKeyBigEndian(rk, keySize/4, &aKey[0], keySize);
sl@0	365
sl@0	366	switch(keySize)
sl@0	367	{
sl@0	368	case (KAESKeyBytes128):
sl@0	369	{
sl@0	370	FOREVER
sl@0	371	{
sl@0	372	temp = rk[3];
sl@0	373	rk[4] = rk[0] ^
sl@0	374	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	375	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	376	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	377	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	378	RIJNDAEL_TABLE::rcon[i];
sl@0	379	rk[5] = rk[1] ^ rk[4];
sl@0	380	rk[6] = rk[2] ^ rk[5];
sl@0	381	rk[7] = rk[3] ^ rk[6];
sl@0	382	if (++i == 10)
sl@0	383	break;
sl@0	384	rk += 4;
sl@0	385	}
sl@0	386	}
sl@0	387	break;
sl@0	388
sl@0	389	case (KAESKeyBytes192):
sl@0	390	{
sl@0	391	FOREVER
sl@0	392	{
sl@0	393	temp = rk[ 5];
sl@0	394	rk[ 6] = rk[ 0] ^
sl@0	395	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	396	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	397	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	398	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	399	RIJNDAEL_TABLE::rcon[i];
sl@0	400	rk[ 7] = rk[ 1] ^ rk[ 6];
sl@0	401	rk[ 8] = rk[ 2] ^ rk[ 7];
sl@0	402	rk[ 9] = rk[ 3] ^ rk[ 8];
sl@0	403	if (++i == 8)
sl@0	404	break;
sl@0	405	rk[10] = rk[ 4] ^ rk[ 9];
sl@0	406	rk[11] = rk[ 5] ^ rk[10];
sl@0	407	rk += 6;
sl@0	408	}
sl@0	409	}
sl@0	410	break;
sl@0	411
sl@0	412	case (KAESKeyBytes256):
sl@0	413	{
sl@0	414	FOREVER
sl@0	415	{
sl@0	416	temp = rk[ 7];
sl@0	417	rk[ 8] = rk[ 0] ^
sl@0	418	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	419	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	420	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	421	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	422	RIJNDAEL_TABLE::rcon[i];
sl@0	423	rk[ 9] = rk[ 1] ^ rk[ 8];
sl@0	424	rk[10] = rk[ 2] ^ rk[ 9];
sl@0	425	rk[11] = rk[ 3] ^ rk[10];
sl@0	426	if (++i == 7)
sl@0	427	break;
sl@0	428	temp = rk[11];
sl@0	429	rk[12] = rk[ 4] ^
sl@0	430	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0xff000000) ^
sl@0	431	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0x00ff0000) ^
sl@0	432	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x0000ff00) ^
sl@0	433	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x000000ff);
sl@0	434	rk[13] = rk[ 5] ^ rk[12];
sl@0	435	rk[14] = rk[ 6] ^ rk[13];
sl@0	436	rk[15] = rk[ 7] ^ rk[14];
sl@0	437
sl@0	438	rk += 8;
sl@0	439	}
sl@0	440	}
sl@0	441	break;
sl@0	442
sl@0	443	default:
sl@0	444	assert(0); // Shouldn't get here, keeps compiler happy
sl@0	445	}
sl@0	446	}
sl@0	447
sl@0	448	void CRijndaelImpl::SetDecryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0	449	{
sl@0	450	SetEncryptKeySchedule(aKey, aKeySchedule);
sl@0	451
sl@0	452	TUint i, j;
sl@0	453	TUint32* rk = aKeySchedule;
sl@0	454	TUint32 temp;
sl@0	455
sl@0	456	// invert the order of the round keys
sl@0	457	for (i = 0, j = 4*iRounds; i < j; i += 4, j -= 4)
sl@0	458	{
sl@0	459	temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
sl@0	460	temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
sl@0	461	temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
sl@0	462	temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
sl@0	463	}
sl@0	464
sl@0	465	// apply the inverse MixColumn transform to all round keys but the first and the last
sl@0	466	for (i = 1; i < iRounds; i++)
sl@0	467	{
sl@0	468	rk += 4;
sl@0	469	rk[0] =
sl@0	470	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 3)] & 0xff] ^
sl@0	471	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 2)] & 0xff] ^
sl@0	472	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 1)] & 0xff] ^
sl@0	473	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 0)] & 0xff];
sl@0	474	rk[1] =
sl@0	475	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 3)] & 0xff] ^
sl@0	476	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 2)] & 0xff] ^
sl@0	477	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 1)] & 0xff] ^
sl@0	478	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 0)] & 0xff];
sl@0	479	rk[2] =
sl@0	480	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 3)] & 0xff] ^
sl@0	481	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 2)] & 0xff] ^
sl@0	482	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 1)] & 0xff] ^
sl@0	483	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 0)] & 0xff];
sl@0	484	rk[3] =
sl@0	485	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 3)] & 0xff] ^
sl@0	486	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 2)] & 0xff] ^
sl@0	487	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 1)] & 0xff] ^
sl@0	488	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 0)] & 0xff];
sl@0	489	}
sl@0	490	}

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--