os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/rijndaelimpl.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
*
sl@0
    16
*/
sl@0
    17
sl@0
    18
sl@0
    19
#include "rijndaelimpl.h"
sl@0
    20
#include "keys.h"
sl@0
    21
sl@0
    22
#include "rijndaeltables.h"
sl@0
    23
#include "common/inlines.h"
sl@0
    24
#include "pluginconfig.h"
sl@0
    25
#include "symmetriccipherimpl.h"
sl@0
    26
#include <cryptostrength.h>
sl@0
    27
sl@0
    28
using namespace SoftwareCrypto;
sl@0
    29
sl@0
    30
const TUint KAESKeyBytes128 = 16;
sl@0
    31
const TUint KAESKeyBytes192 = 24;
sl@0
    32
const TUint KAESKeyBytes256 = 32;
sl@0
    33
const TUint KAESBlockBytes = 16;
sl@0
    34
sl@0
    35
/* CRijndaelmpl*/
sl@0
    36
CRijndaelImpl::CRijndaelImpl(
sl@0
    37
	TUid aCryptoMode,
sl@0
    38
	TUid aOperationMode,
sl@0
    39
	TUid aPadding) :
sl@0
    40
	CSymmetricBlockCipherImpl(KAESBlockBytes, aCryptoMode, aOperationMode, aPadding)
sl@0
    41
	{
sl@0
    42
	}
sl@0
    43
sl@0
    44
CRijndaelImpl* CRijndaelImpl::NewL(const CKey& aKey, TUid aCryptoMode,	TUid aOperationMode, TUid aPadding)
sl@0
    45
	{
sl@0
    46
	CRijndaelImpl* self = CRijndaelImpl::NewLC(aKey, aCryptoMode, aOperationMode, aPadding);
sl@0
    47
	CleanupStack::Pop(self);
sl@0
    48
	return self;
sl@0
    49
	}
sl@0
    50
	
sl@0
    51
CRijndaelImpl* CRijndaelImpl::NewLC(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode, TUid aPadding)
sl@0
    52
	{
sl@0
    53
	CRijndaelImpl* self = new(ELeave) CRijndaelImpl(aCryptoMode, aOperationMode, aPadding);
sl@0
    54
	CleanupStack::PushL(self);
sl@0
    55
	self->ConstructL(aKey);
sl@0
    56
	
sl@0
    57
	const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid);
sl@0
    58
	TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyContent.Size()) - keyContent.Size());
sl@0
    59
	return self;
sl@0
    60
	}
sl@0
    61
		
sl@0
    62
CRijndaelImpl::~CRijndaelImpl()
sl@0
    63
	{
sl@0
    64
	// make sure key information isn't visible to other processes if the
sl@0
    65
	// page is reused.
sl@0
    66
	Mem::FillZ(&iK, sizeof(iK));
sl@0
    67
	}
sl@0
    68
	
sl@0
    69
void CRijndaelImpl::ConstructL(const CKey& aKey)
sl@0
    70
	{
sl@0
    71
	CSymmetricBlockCipherImpl::ConstructL(aKey);			
sl@0
    72
	SetKeySchedule();
sl@0
    73
	}
sl@0
    74
sl@0
    75
CExtendedCharacteristics* CRijndaelImpl::CreateExtendedCharacteristicsL()
sl@0
    76
	{
sl@0
    77
	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
sl@0
    78
	// for exclusive use and are not CERTIFIED to be standards compliant.
sl@0
    79
	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
sl@0
    80
	}
sl@0
    81
sl@0
    82
const CExtendedCharacteristics* CRijndaelImpl::GetExtendedCharacteristicsL()
sl@0
    83
	{
sl@0
    84
	return CRijndaelImpl::CreateExtendedCharacteristicsL();
sl@0
    85
	}
sl@0
    86
sl@0
    87
TUid CRijndaelImpl::ImplementationUid() const
sl@0
    88
	{
sl@0
    89
	return KCryptoPluginAesUid;
sl@0
    90
	}
sl@0
    91
	
sl@0
    92
TBool CRijndaelImpl::IsValidKeyLength(TInt aKeyBytes) const
sl@0
    93
	{
sl@0
    94
	switch(aKeyBytes)
sl@0
    95
		{
sl@0
    96
		case KAESKeyBytes128:
sl@0
    97
		case KAESKeyBytes192:
sl@0
    98
		case KAESKeyBytes256:
sl@0
    99
			return ETrue;
sl@0
   100
		default:
sl@0
   101
			return EFalse;
sl@0
   102
		}			
sl@0
   103
	}
sl@0
   104
	
sl@0
   105
void CRijndaelImpl::SetKeySchedule()
sl@0
   106
	{
sl@0
   107
	iRounds = iKeyBytes/4 + 6;
sl@0
   108
	if (iCryptoMode.iUid == KCryptoModeEncrypt)
sl@0
   109
		{
sl@0
   110
		SetEncryptKeySchedule(*iKey, &iK[0]);
sl@0
   111
		}
sl@0
   112
	else 
sl@0
   113
		{
sl@0
   114
		ASSERT(iCryptoMode.iUid == KCryptoModeDecrypt);
sl@0
   115
		SetDecryptKeySchedule(*iKey, &iK[0]);
sl@0
   116
		}	
sl@0
   117
	}	
sl@0
   118
sl@0
   119
void CRijndaelImpl::TransformEncrypt(
sl@0
   120
	TUint8* aBuffer, 
sl@0
   121
	TUint aNumBlocks)
sl@0
   122
	{
sl@0
   123
	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0
   124
		{		
sl@0
   125
		ModeEncryptStart(aBuffer);
sl@0
   126
			
sl@0
   127
		TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0
   128
		const TUint32* rk = &iK[0];
sl@0
   129
sl@0
   130
	/*
sl@0
   131
	 *	map byte array block to cipher state
sl@0
   132
	 *	and add initial round key:
sl@0
   133
	*/
sl@0
   134
		GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0
   135
		s0 ^= rk[0];
sl@0
   136
		s1 ^= rk[1];
sl@0
   137
		s2 ^= rk[2];
sl@0
   138
		s3 ^= rk[3];
sl@0
   139
	/*
sl@0
   140
	 *	Nr - 1 full rounds:
sl@0
   141
	*/
sl@0
   142
	    TUint r = iRounds >> 1;
sl@0
   143
		FOREVER
sl@0
   144
			{
sl@0
   145
	        t0 =
sl@0
   146
	            RIJNDAEL_TABLE::Te0[GETBYTE(s0, 3)] ^
sl@0
   147
	            RIJNDAEL_TABLE::Te1[GETBYTE(s1, 2)] ^
sl@0
   148
	            RIJNDAEL_TABLE::Te2[GETBYTE(s2, 1)] ^
sl@0
   149
	            RIJNDAEL_TABLE::Te3[GETBYTE(s3, 0)] ^
sl@0
   150
	            rk[4];
sl@0
   151
	        t1 =
sl@0
   152
	            RIJNDAEL_TABLE::Te0[GETBYTE(s1, 3)] ^
sl@0
   153
	            RIJNDAEL_TABLE::Te1[GETBYTE(s2, 2)] ^
sl@0
   154
	            RIJNDAEL_TABLE::Te2[GETBYTE(s3, 1)] ^
sl@0
   155
	            RIJNDAEL_TABLE::Te3[GETBYTE(s0, 0)] ^
sl@0
   156
	            rk[5];
sl@0
   157
	        t2 =
sl@0
   158
	            RIJNDAEL_TABLE::Te0[GETBYTE(s2, 3)] ^
sl@0
   159
	            RIJNDAEL_TABLE::Te1[GETBYTE(s3, 2)] ^
sl@0
   160
	            RIJNDAEL_TABLE::Te2[GETBYTE(s0, 1)] ^
sl@0
   161
	            RIJNDAEL_TABLE::Te3[GETBYTE(s1, 0)] ^
sl@0
   162
	            rk[6];
sl@0
   163
	        t3 =
sl@0
   164
	            RIJNDAEL_TABLE::Te0[GETBYTE(s3, 3)] ^
sl@0
   165
	            RIJNDAEL_TABLE::Te1[GETBYTE(s0, 2)] ^
sl@0
   166
	            RIJNDAEL_TABLE::Te2[GETBYTE(s1, 1)] ^
sl@0
   167
	            RIJNDAEL_TABLE::Te3[GETBYTE(s2, 0)] ^
sl@0
   168
	            rk[7];
sl@0
   169
sl@0
   170
	        rk += 8;
sl@0
   171
	        if (--r == 0) 
sl@0
   172
				break;
sl@0
   173
	        
sl@0
   174
	        s0 =
sl@0
   175
	            RIJNDAEL_TABLE::Te0[GETBYTE(t0, 3)] ^
sl@0
   176
	            RIJNDAEL_TABLE::Te1[GETBYTE(t1, 2)] ^
sl@0
   177
	            RIJNDAEL_TABLE::Te2[GETBYTE(t2, 1)] ^
sl@0
   178
	            RIJNDAEL_TABLE::Te3[GETBYTE(t3, 0)] ^
sl@0
   179
	            rk[0];
sl@0
   180
	        s1 =
sl@0
   181
	            RIJNDAEL_TABLE::Te0[GETBYTE(t1, 3)] ^
sl@0
   182
	            RIJNDAEL_TABLE::Te1[GETBYTE(t2, 2)] ^
sl@0
   183
	            RIJNDAEL_TABLE::Te2[GETBYTE(t3, 1)] ^
sl@0
   184
	            RIJNDAEL_TABLE::Te3[GETBYTE(t0, 0)] ^
sl@0
   185
	            rk[1];
sl@0
   186
	        s2 =
sl@0
   187
	            RIJNDAEL_TABLE::Te0[GETBYTE(t2, 3)] ^
sl@0
   188
	            RIJNDAEL_TABLE::Te1[GETBYTE(t3, 2)] ^
sl@0
   189
	            RIJNDAEL_TABLE::Te2[GETBYTE(t0, 1)] ^
sl@0
   190
	            RIJNDAEL_TABLE::Te3[GETBYTE(t1, 0)] ^
sl@0
   191
	            rk[2];
sl@0
   192
	        s3 =
sl@0
   193
	            RIJNDAEL_TABLE::Te0[GETBYTE(t3, 3)] ^
sl@0
   194
	            RIJNDAEL_TABLE::Te1[GETBYTE(t0, 2)] ^
sl@0
   195
	            RIJNDAEL_TABLE::Te2[GETBYTE(t1, 1)] ^
sl@0
   196
	            RIJNDAEL_TABLE::Te3[GETBYTE(t2, 0)] ^
sl@0
   197
	            rk[3];
sl@0
   198
			}
sl@0
   199
	/*
sl@0
   200
	 *	apply last round and
sl@0
   201
	 *	map cipher state to byte array block:
sl@0
   202
	*/
sl@0
   203
sl@0
   204
		s0 =
sl@0
   205
			(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0
   206
			(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0
   207
			(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0
   208
			(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0
   209
			rk[0];
sl@0
   210
		s1 =
sl@0
   211
			(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0
   212
			(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0
   213
			(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0
   214
			(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0
   215
			rk[1];
sl@0
   216
		s2 =
sl@0
   217
			(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0
   218
			(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0
   219
			(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0
   220
			(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0
   221
			rk[2];
sl@0
   222
		s3 =
sl@0
   223
			(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0
   224
			(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0
   225
			(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0
   226
			(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0
   227
			rk[3];
sl@0
   228
sl@0
   229
		PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0
   230
		ModeEncryptEnd(aBuffer);
sl@0
   231
		aBuffer += KAESBlockBytes;
sl@0
   232
		}
sl@0
   233
	}
sl@0
   234
sl@0
   235
void CRijndaelImpl::TransformDecrypt(
sl@0
   236
	TUint8* aBuffer,
sl@0
   237
	TUint aNumBlocks)
sl@0
   238
	{
sl@0
   239
	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0
   240
		{		
sl@0
   241
		ModeDecryptStart(aBuffer);
sl@0
   242
		
sl@0
   243
		TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0
   244
	    const TUint32* rk = &iK[0];
sl@0
   245
sl@0
   246
	/*
sl@0
   247
	 *	map byte array block to cipher state
sl@0
   248
	 *	and add initial round key:
sl@0
   249
	*/
sl@0
   250
		GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0
   251
sl@0
   252
		s0 ^= rk[0];
sl@0
   253
		s1 ^= rk[1];
sl@0
   254
		s2 ^= rk[2];
sl@0
   255
		s3 ^= rk[3];
sl@0
   256
	/*
sl@0
   257
	 *	Nr - 1 full rounds:
sl@0
   258
	*/
sl@0
   259
	    TUint r = iRounds >> 1;
sl@0
   260
	    FOREVER
sl@0
   261
			{
sl@0
   262
	        t0 =
sl@0
   263
	            RIJNDAEL_TABLE::Td0[GETBYTE(s0, 3)] ^
sl@0
   264
	            RIJNDAEL_TABLE::Td1[GETBYTE(s3, 2)] ^
sl@0
   265
	            RIJNDAEL_TABLE::Td2[GETBYTE(s2, 1)] ^
sl@0
   266
	            RIJNDAEL_TABLE::Td3[GETBYTE(s1, 0)] ^
sl@0
   267
	            rk[4];
sl@0
   268
	        t1 =
sl@0
   269
	            RIJNDAEL_TABLE::Td0[GETBYTE(s1, 3)] ^
sl@0
   270
	            RIJNDAEL_TABLE::Td1[GETBYTE(s0, 2)] ^
sl@0
   271
	            RIJNDAEL_TABLE::Td2[GETBYTE(s3, 1)] ^
sl@0
   272
	            RIJNDAEL_TABLE::Td3[GETBYTE(s2, 0)] ^
sl@0
   273
	            rk[5];
sl@0
   274
	        t2 =
sl@0
   275
	            RIJNDAEL_TABLE::Td0[GETBYTE(s2, 3)] ^
sl@0
   276
	            RIJNDAEL_TABLE::Td1[GETBYTE(s1, 2)] ^
sl@0
   277
	            RIJNDAEL_TABLE::Td2[GETBYTE(s0, 1)] ^
sl@0
   278
	            RIJNDAEL_TABLE::Td3[GETBYTE(s3, 0)] ^
sl@0
   279
	            rk[6];
sl@0
   280
	        t3 =
sl@0
   281
	            RIJNDAEL_TABLE::Td0[GETBYTE(s3, 3)] ^
sl@0
   282
	            RIJNDAEL_TABLE::Td1[GETBYTE(s2, 2)] ^
sl@0
   283
	            RIJNDAEL_TABLE::Td2[GETBYTE(s1, 1)] ^
sl@0
   284
	            RIJNDAEL_TABLE::Td3[GETBYTE(s0, 0)] ^
sl@0
   285
	            rk[7];
sl@0
   286
sl@0
   287
	        rk += 8;
sl@0
   288
	        if (--r == 0)
sl@0
   289
	            break;
sl@0
   290
	        
sl@0
   291
	        s0 =
sl@0
   292
	            RIJNDAEL_TABLE::Td0[GETBYTE(t0, 3)] ^
sl@0
   293
	            RIJNDAEL_TABLE::Td1[GETBYTE(t3, 2)] ^
sl@0
   294
	            RIJNDAEL_TABLE::Td2[GETBYTE(t2, 1)] ^
sl@0
   295
	            RIJNDAEL_TABLE::Td3[GETBYTE(t1, 0)] ^
sl@0
   296
	            rk[0];
sl@0
   297
	        s1 =
sl@0
   298
	            RIJNDAEL_TABLE::Td0[GETBYTE(t1, 3)] ^
sl@0
   299
	            RIJNDAEL_TABLE::Td1[GETBYTE(t0, 2)] ^
sl@0
   300
	            RIJNDAEL_TABLE::Td2[GETBYTE(t3, 1)] ^
sl@0
   301
	            RIJNDAEL_TABLE::Td3[GETBYTE(t2, 0)] ^
sl@0
   302
	            rk[1];
sl@0
   303
	        s2 =
sl@0
   304
	            RIJNDAEL_TABLE::Td0[GETBYTE(t2, 3)] ^
sl@0
   305
	            RIJNDAEL_TABLE::Td1[GETBYTE(t1, 2)] ^
sl@0
   306
	            RIJNDAEL_TABLE::Td2[GETBYTE(t0, 1)] ^
sl@0
   307
	            RIJNDAEL_TABLE::Td3[GETBYTE(t3, 0)] ^
sl@0
   308
	            rk[2];
sl@0
   309
	        s3 =
sl@0
   310
	            RIJNDAEL_TABLE::Td0[GETBYTE(t3, 3)] ^
sl@0
   311
	            RIJNDAEL_TABLE::Td1[GETBYTE(t2, 2)] ^
sl@0
   312
	            RIJNDAEL_TABLE::Td2[GETBYTE(t1, 1)] ^
sl@0
   313
	            RIJNDAEL_TABLE::Td3[GETBYTE(t0, 0)] ^
sl@0
   314
	            rk[3];
sl@0
   315
			}
sl@0
   316
	/*
sl@0
   317
	 *	apply last round and
sl@0
   318
	 *	map cipher state to byte array block:
sl@0
   319
	*/
sl@0
   320
	   	s0 =
sl@0
   321
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0
   322
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0
   323
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0
   324
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0
   325
	   		rk[0];
sl@0
   326
	   	s1 =
sl@0
   327
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0
   328
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0
   329
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0
   330
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0
   331
	   		rk[1];
sl@0
   332
	   	s2 =
sl@0
   333
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0
   334
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0
   335
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0
   336
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0
   337
	   		rk[2];
sl@0
   338
	   	s3 =
sl@0
   339
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0
   340
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0
   341
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0
   342
	   		(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0
   343
	   		rk[3];		
sl@0
   344
		PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0
   345
		ModeDecryptEnd(aBuffer);
sl@0
   346
		aBuffer += KAESBlockBytes;
sl@0
   347
		}
sl@0
   348
	}
sl@0
   349
sl@0
   350
void CRijndaelImpl::SetEncryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0
   351
	{		
sl@0
   352
	TUint keySize = aKey.Length();
sl@0
   353
	TUint32 temp; 
sl@0
   354
	TUint32* rk = aKeySchedule;
sl@0
   355
sl@0
   356
	TUint i = 0;
sl@0
   357
sl@0
   358
	GetUserKeyBigEndian(rk, keySize/4, &aKey[0], keySize);
sl@0
   359
sl@0
   360
	switch(keySize)
sl@0
   361
		{
sl@0
   362
		case (KAESKeyBytes128):
sl@0
   363
			{
sl@0
   364
			FOREVER
sl@0
   365
				{
sl@0
   366
				temp  = rk[3];
sl@0
   367
				rk[4] = rk[0] ^
sl@0
   368
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0
   369
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0
   370
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0
   371
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0
   372
					RIJNDAEL_TABLE::rcon[i];
sl@0
   373
				rk[5] = rk[1] ^ rk[4];
sl@0
   374
				rk[6] = rk[2] ^ rk[5];
sl@0
   375
				rk[7] = rk[3] ^ rk[6];
sl@0
   376
				if (++i == 10)
sl@0
   377
					break;
sl@0
   378
				rk += 4;
sl@0
   379
				}
sl@0
   380
			}
sl@0
   381
		break;
sl@0
   382
sl@0
   383
		case (KAESKeyBytes192):
sl@0
   384
			{
sl@0
   385
			FOREVER
sl@0
   386
				{
sl@0
   387
				temp = rk[ 5];
sl@0
   388
				rk[ 6] = rk[ 0] ^
sl@0
   389
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0
   390
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0
   391
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0
   392
					(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0
   393
					RIJNDAEL_TABLE::rcon[i];
sl@0
   394
				rk[ 7] = rk[ 1] ^ rk[ 6];
sl@0
   395
				rk[ 8] = rk[ 2] ^ rk[ 7];
sl@0
   396
				rk[ 9] = rk[ 3] ^ rk[ 8];
sl@0
   397
				if (++i == 8)
sl@0
   398
					break;
sl@0
   399
				rk[10] = rk[ 4] ^ rk[ 9];
sl@0
   400
				rk[11] = rk[ 5] ^ rk[10];
sl@0
   401
				rk += 6;
sl@0
   402
				}
sl@0
   403
			}
sl@0
   404
		break;
sl@0
   405
sl@0
   406
		case (KAESKeyBytes256):
sl@0
   407
			{
sl@0
   408
			FOREVER
sl@0
   409
				{
sl@0
   410
        		temp = rk[ 7];
sl@0
   411
        		rk[ 8] = rk[ 0] ^
sl@0
   412
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0
   413
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0
   414
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0
   415
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0
   416
        			RIJNDAEL_TABLE::rcon[i];
sl@0
   417
        		rk[ 9] = rk[ 1] ^ rk[ 8];
sl@0
   418
        		rk[10] = rk[ 2] ^ rk[ 9];
sl@0
   419
        		rk[11] = rk[ 3] ^ rk[10];
sl@0
   420
				if (++i == 7)
sl@0
   421
					break;
sl@0
   422
        		temp = rk[11];
sl@0
   423
        		rk[12] = rk[ 4] ^
sl@0
   424
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0xff000000) ^
sl@0
   425
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0x00ff0000) ^
sl@0
   426
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x0000ff00) ^
sl@0
   427
        			(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x000000ff);
sl@0
   428
        		rk[13] = rk[ 5] ^ rk[12];
sl@0
   429
        		rk[14] = rk[ 6] ^ rk[13];
sl@0
   430
        		rk[15] = rk[ 7] ^ rk[14];
sl@0
   431
sl@0
   432
				rk += 8;
sl@0
   433
				}
sl@0
   434
			}
sl@0
   435
		break;
sl@0
   436
sl@0
   437
		default:
sl@0
   438
			assert(0);	//	Shouldn't get here, keeps compiler happy
sl@0
   439
		}
sl@0
   440
	}
sl@0
   441
sl@0
   442
void CRijndaelImpl::SetDecryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0
   443
	{
sl@0
   444
	SetEncryptKeySchedule(aKey, aKeySchedule);
sl@0
   445
sl@0
   446
	TUint i, j;
sl@0
   447
	TUint32* rk = aKeySchedule;
sl@0
   448
	TUint32 temp;
sl@0
   449
sl@0
   450
	// invert the order of the round keys 
sl@0
   451
	for (i = 0, j = 4*iRounds; i < j; i += 4, j -= 4)
sl@0
   452
		{
sl@0
   453
		temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
sl@0
   454
		temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
sl@0
   455
		temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
sl@0
   456
		temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
sl@0
   457
		}
sl@0
   458
sl@0
   459
	// apply the inverse MixColumn transform to all round keys but the first and the last
sl@0
   460
	for (i = 1; i < iRounds; i++)
sl@0
   461
		{
sl@0
   462
		rk += 4;
sl@0
   463
		rk[0] =
sl@0
   464
			RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 3)] & 0xff] ^
sl@0
   465
			RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 2)] & 0xff] ^
sl@0
   466
			RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 1)] & 0xff] ^
sl@0
   467
			RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 0)] & 0xff];
sl@0
   468
		rk[1] =
sl@0
   469
			RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 3)] & 0xff] ^
sl@0
   470
			RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 2)] & 0xff] ^
sl@0
   471
			RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 1)] & 0xff] ^
sl@0
   472
			RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 0)] & 0xff];
sl@0
   473
		rk[2] =
sl@0
   474
			RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 3)] & 0xff] ^
sl@0
   475
			RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 2)] & 0xff] ^
sl@0
   476
			RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 1)] & 0xff] ^
sl@0
   477
			RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 0)] & 0xff];
sl@0
   478
		rk[3] =
sl@0
   479
			RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 3)] & 0xff] ^
sl@0
   480
			RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 2)] & 0xff] ^
sl@0
   481
			RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 1)] & 0xff] ^
sl@0
   482
			RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 0)] & 0xff];
sl@0
   483
		}
sl@0
   484
	}