Symaptic: os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/rijndaelimpl.cpp@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	#include "rijndaelimpl.h"
sl@0	20	#include "keys.h"
sl@0	21
sl@0	22	#include "rijndaeltables.h"
sl@0	23	#include "common/inlines.h"
sl@0	24	#include "pluginconfig.h"
sl@0	25	#include "symmetriccipherimpl.h"
sl@0	26	#include <cryptostrength.h>
sl@0	27
sl@0	28	using namespace SoftwareCrypto;
sl@0	29
sl@0	30	const TUint KAESKeyBytes128 = 16;
sl@0	31	const TUint KAESKeyBytes192 = 24;
sl@0	32	const TUint KAESKeyBytes256 = 32;
sl@0	33	const TUint KAESBlockBytes = 16;
sl@0	34
sl@0	35	/* CRijndaelmpl*/
sl@0	36	CRijndaelImpl::CRijndaelImpl(
sl@0	37	TUid aCryptoMode,
sl@0	38	TUid aOperationMode,
sl@0	39	TUid aPadding) :
sl@0	40	CSymmetricBlockCipherImpl(KAESBlockBytes, aCryptoMode, aOperationMode, aPadding)
sl@0	41	{
sl@0	42	}
sl@0	43
sl@0	44	CRijndaelImpl* CRijndaelImpl::NewL(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode, TUid aPadding)
sl@0	45	{
sl@0	46	CRijndaelImpl* self = CRijndaelImpl::NewLC(aKey, aCryptoMode, aOperationMode, aPadding);
sl@0	47	CleanupStack::Pop(self);
sl@0	48	return self;
sl@0	49	}
sl@0	50
sl@0	51	CRijndaelImpl* CRijndaelImpl::NewLC(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode, TUid aPadding)
sl@0	52	{
sl@0	53	CRijndaelImpl* self = new(ELeave) CRijndaelImpl(aCryptoMode, aOperationMode, aPadding);
sl@0	54	CleanupStack::PushL(self);
sl@0	55	self->ConstructL(aKey);
sl@0	56
sl@0	57	const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid);
sl@0	58	TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyContent.Size()) - keyContent.Size());
sl@0	59	return self;
sl@0	60	}
sl@0	61
sl@0	62	CRijndaelImpl::~CRijndaelImpl()
sl@0	63	{
sl@0	64	// make sure key information isn't visible to other processes if the
sl@0	65	// page is reused.
sl@0	66	Mem::FillZ(&iK, sizeof(iK));
sl@0	67	}
sl@0	68
sl@0	69	void CRijndaelImpl::ConstructL(const CKey& aKey)
sl@0	70	{
sl@0	71	CSymmetricBlockCipherImpl::ConstructL(aKey);
sl@0	72	SetKeySchedule();
sl@0	73	}
sl@0	74
sl@0	75	CExtendedCharacteristics* CRijndaelImpl::CreateExtendedCharacteristicsL()
sl@0	76	{
sl@0	77	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
sl@0	78	// for exclusive use and are not CERTIFIED to be standards compliant.
sl@0	79	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
sl@0	80	}
sl@0	81
sl@0	82	const CExtendedCharacteristics* CRijndaelImpl::GetExtendedCharacteristicsL()
sl@0	83	{
sl@0	84	return CRijndaelImpl::CreateExtendedCharacteristicsL();
sl@0	85	}
sl@0	86
sl@0	87	TUid CRijndaelImpl::ImplementationUid() const
sl@0	88	{
sl@0	89	return KCryptoPluginAesUid;
sl@0	90	}
sl@0	91
sl@0	92	TBool CRijndaelImpl::IsValidKeyLength(TInt aKeyBytes) const
sl@0	93	{
sl@0	94	switch(aKeyBytes)
sl@0	95	{
sl@0	96	case KAESKeyBytes128:
sl@0	97	case KAESKeyBytes192:
sl@0	98	case KAESKeyBytes256:
sl@0	99	return ETrue;
sl@0	100	default:
sl@0	101	return EFalse;
sl@0	102	}
sl@0	103	}
sl@0	104
sl@0	105	void CRijndaelImpl::SetKeySchedule()
sl@0	106	{
sl@0	107	iRounds = iKeyBytes/4 + 6;
sl@0	108	if (iCryptoMode.iUid == KCryptoModeEncrypt)
sl@0	109	{
sl@0	110	SetEncryptKeySchedule(*iKey, &iK[0]);
sl@0	111	}
sl@0	112	else
sl@0	113	{
sl@0	114	ASSERT(iCryptoMode.iUid == KCryptoModeDecrypt);
sl@0	115	SetDecryptKeySchedule(*iKey, &iK[0]);
sl@0	116	}
sl@0	117	}
sl@0	118
sl@0	119	void CRijndaelImpl::TransformEncrypt(
sl@0	120	TUint8* aBuffer,
sl@0	121	TUint aNumBlocks)
sl@0	122	{
sl@0	123	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0	124	{
sl@0	125	ModeEncryptStart(aBuffer);
sl@0	126
sl@0	127	TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0	128	const TUint32* rk = &iK[0];
sl@0	129
sl@0	130	/*
sl@0	131	* map byte array block to cipher state
sl@0	132	* and add initial round key:
sl@0	133	*/
sl@0	134	GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	135	s0 ^= rk[0];
sl@0	136	s1 ^= rk[1];
sl@0	137	s2 ^= rk[2];
sl@0	138	s3 ^= rk[3];
sl@0	139	/*
sl@0	140	* Nr - 1 full rounds:
sl@0	141	*/
sl@0	142	TUint r = iRounds >> 1;
sl@0	143	FOREVER
sl@0	144	{
sl@0	145	t0 =
sl@0	146	RIJNDAEL_TABLE::Te0[GETBYTE(s0, 3)] ^
sl@0	147	RIJNDAEL_TABLE::Te1[GETBYTE(s1, 2)] ^
sl@0	148	RIJNDAEL_TABLE::Te2[GETBYTE(s2, 1)] ^
sl@0	149	RIJNDAEL_TABLE::Te3[GETBYTE(s3, 0)] ^
sl@0	150	rk[4];
sl@0	151	t1 =
sl@0	152	RIJNDAEL_TABLE::Te0[GETBYTE(s1, 3)] ^
sl@0	153	RIJNDAEL_TABLE::Te1[GETBYTE(s2, 2)] ^
sl@0	154	RIJNDAEL_TABLE::Te2[GETBYTE(s3, 1)] ^
sl@0	155	RIJNDAEL_TABLE::Te3[GETBYTE(s0, 0)] ^
sl@0	156	rk[5];
sl@0	157	t2 =
sl@0	158	RIJNDAEL_TABLE::Te0[GETBYTE(s2, 3)] ^
sl@0	159	RIJNDAEL_TABLE::Te1[GETBYTE(s3, 2)] ^
sl@0	160	RIJNDAEL_TABLE::Te2[GETBYTE(s0, 1)] ^
sl@0	161	RIJNDAEL_TABLE::Te3[GETBYTE(s1, 0)] ^
sl@0	162	rk[6];
sl@0	163	t3 =
sl@0	164	RIJNDAEL_TABLE::Te0[GETBYTE(s3, 3)] ^
sl@0	165	RIJNDAEL_TABLE::Te1[GETBYTE(s0, 2)] ^
sl@0	166	RIJNDAEL_TABLE::Te2[GETBYTE(s1, 1)] ^
sl@0	167	RIJNDAEL_TABLE::Te3[GETBYTE(s2, 0)] ^
sl@0	168	rk[7];
sl@0	169
sl@0	170	rk += 8;
sl@0	171	if (--r == 0)
sl@0	172	break;
sl@0	173
sl@0	174	s0 =
sl@0	175	RIJNDAEL_TABLE::Te0[GETBYTE(t0, 3)] ^
sl@0	176	RIJNDAEL_TABLE::Te1[GETBYTE(t1, 2)] ^
sl@0	177	RIJNDAEL_TABLE::Te2[GETBYTE(t2, 1)] ^
sl@0	178	RIJNDAEL_TABLE::Te3[GETBYTE(t3, 0)] ^
sl@0	179	rk[0];
sl@0	180	s1 =
sl@0	181	RIJNDAEL_TABLE::Te0[GETBYTE(t1, 3)] ^
sl@0	182	RIJNDAEL_TABLE::Te1[GETBYTE(t2, 2)] ^
sl@0	183	RIJNDAEL_TABLE::Te2[GETBYTE(t3, 1)] ^
sl@0	184	RIJNDAEL_TABLE::Te3[GETBYTE(t0, 0)] ^
sl@0	185	rk[1];
sl@0	186	s2 =
sl@0	187	RIJNDAEL_TABLE::Te0[GETBYTE(t2, 3)] ^
sl@0	188	RIJNDAEL_TABLE::Te1[GETBYTE(t3, 2)] ^
sl@0	189	RIJNDAEL_TABLE::Te2[GETBYTE(t0, 1)] ^
sl@0	190	RIJNDAEL_TABLE::Te3[GETBYTE(t1, 0)] ^
sl@0	191	rk[2];
sl@0	192	s3 =
sl@0	193	RIJNDAEL_TABLE::Te0[GETBYTE(t3, 3)] ^
sl@0	194	RIJNDAEL_TABLE::Te1[GETBYTE(t0, 2)] ^
sl@0	195	RIJNDAEL_TABLE::Te2[GETBYTE(t1, 1)] ^
sl@0	196	RIJNDAEL_TABLE::Te3[GETBYTE(t2, 0)] ^
sl@0	197	rk[3];
sl@0	198	}
sl@0	199	/*
sl@0	200	* apply last round and
sl@0	201	* map cipher state to byte array block:
sl@0	202	*/
sl@0	203
sl@0	204	s0 =
sl@0	205	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0	206	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0	207	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0	208	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0	209	rk[0];
sl@0	210	s1 =
sl@0	211	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0	212	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0	213	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0	214	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0	215	rk[1];
sl@0	216	s2 =
sl@0	217	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0	218	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0	219	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0	220	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0	221	rk[2];
sl@0	222	s3 =
sl@0	223	(RIJNDAEL_TABLE::Te4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0	224	(RIJNDAEL_TABLE::Te4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0	225	(RIJNDAEL_TABLE::Te4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0	226	(RIJNDAEL_TABLE::Te4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0	227	rk[3];
sl@0	228
sl@0	229	PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	230	ModeEncryptEnd(aBuffer);
sl@0	231	aBuffer += KAESBlockBytes;
sl@0	232	}
sl@0	233	}
sl@0	234
sl@0	235	void CRijndaelImpl::TransformDecrypt(
sl@0	236	TUint8* aBuffer,
sl@0	237	TUint aNumBlocks)
sl@0	238	{
sl@0	239	for (TInt i = 0; i < aNumBlocks; ++i)
sl@0	240	{
sl@0	241	ModeDecryptStart(aBuffer);
sl@0	242
sl@0	243	TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
sl@0	244	const TUint32* rk = &iK[0];
sl@0	245
sl@0	246	/*
sl@0	247	* map byte array block to cipher state
sl@0	248	* and add initial round key:
sl@0	249	*/
sl@0	250	GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	251
sl@0	252	s0 ^= rk[0];
sl@0	253	s1 ^= rk[1];
sl@0	254	s2 ^= rk[2];
sl@0	255	s3 ^= rk[3];
sl@0	256	/*
sl@0	257	* Nr - 1 full rounds:
sl@0	258	*/
sl@0	259	TUint r = iRounds >> 1;
sl@0	260	FOREVER
sl@0	261	{
sl@0	262	t0 =
sl@0	263	RIJNDAEL_TABLE::Td0[GETBYTE(s0, 3)] ^
sl@0	264	RIJNDAEL_TABLE::Td1[GETBYTE(s3, 2)] ^
sl@0	265	RIJNDAEL_TABLE::Td2[GETBYTE(s2, 1)] ^
sl@0	266	RIJNDAEL_TABLE::Td3[GETBYTE(s1, 0)] ^
sl@0	267	rk[4];
sl@0	268	t1 =
sl@0	269	RIJNDAEL_TABLE::Td0[GETBYTE(s1, 3)] ^
sl@0	270	RIJNDAEL_TABLE::Td1[GETBYTE(s0, 2)] ^
sl@0	271	RIJNDAEL_TABLE::Td2[GETBYTE(s3, 1)] ^
sl@0	272	RIJNDAEL_TABLE::Td3[GETBYTE(s2, 0)] ^
sl@0	273	rk[5];
sl@0	274	t2 =
sl@0	275	RIJNDAEL_TABLE::Td0[GETBYTE(s2, 3)] ^
sl@0	276	RIJNDAEL_TABLE::Td1[GETBYTE(s1, 2)] ^
sl@0	277	RIJNDAEL_TABLE::Td2[GETBYTE(s0, 1)] ^
sl@0	278	RIJNDAEL_TABLE::Td3[GETBYTE(s3, 0)] ^
sl@0	279	rk[6];
sl@0	280	t3 =
sl@0	281	RIJNDAEL_TABLE::Td0[GETBYTE(s3, 3)] ^
sl@0	282	RIJNDAEL_TABLE::Td1[GETBYTE(s2, 2)] ^
sl@0	283	RIJNDAEL_TABLE::Td2[GETBYTE(s1, 1)] ^
sl@0	284	RIJNDAEL_TABLE::Td3[GETBYTE(s0, 0)] ^
sl@0	285	rk[7];
sl@0	286
sl@0	287	rk += 8;
sl@0	288	if (--r == 0)
sl@0	289	break;
sl@0	290
sl@0	291	s0 =
sl@0	292	RIJNDAEL_TABLE::Td0[GETBYTE(t0, 3)] ^
sl@0	293	RIJNDAEL_TABLE::Td1[GETBYTE(t3, 2)] ^
sl@0	294	RIJNDAEL_TABLE::Td2[GETBYTE(t2, 1)] ^
sl@0	295	RIJNDAEL_TABLE::Td3[GETBYTE(t1, 0)] ^
sl@0	296	rk[0];
sl@0	297	s1 =
sl@0	298	RIJNDAEL_TABLE::Td0[GETBYTE(t1, 3)] ^
sl@0	299	RIJNDAEL_TABLE::Td1[GETBYTE(t0, 2)] ^
sl@0	300	RIJNDAEL_TABLE::Td2[GETBYTE(t3, 1)] ^
sl@0	301	RIJNDAEL_TABLE::Td3[GETBYTE(t2, 0)] ^
sl@0	302	rk[1];
sl@0	303	s2 =
sl@0	304	RIJNDAEL_TABLE::Td0[GETBYTE(t2, 3)] ^
sl@0	305	RIJNDAEL_TABLE::Td1[GETBYTE(t1, 2)] ^
sl@0	306	RIJNDAEL_TABLE::Td2[GETBYTE(t0, 1)] ^
sl@0	307	RIJNDAEL_TABLE::Td3[GETBYTE(t3, 0)] ^
sl@0	308	rk[2];
sl@0	309	s3 =
sl@0	310	RIJNDAEL_TABLE::Td0[GETBYTE(t3, 3)] ^
sl@0	311	RIJNDAEL_TABLE::Td1[GETBYTE(t2, 2)] ^
sl@0	312	RIJNDAEL_TABLE::Td2[GETBYTE(t1, 1)] ^
sl@0	313	RIJNDAEL_TABLE::Td3[GETBYTE(t0, 0)] ^
sl@0	314	rk[3];
sl@0	315	}
sl@0	316	/*
sl@0	317	* apply last round and
sl@0	318	* map cipher state to byte array block:
sl@0	319	*/
sl@0	320	s0 =
sl@0	321	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 3)] & 0xff000000) ^
sl@0	322	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^
sl@0	323	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^
sl@0	324	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 0)] & 0x000000ff) ^
sl@0	325	rk[0];
sl@0	326	s1 =
sl@0	327	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 3)] & 0xff000000) ^
sl@0	328	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^
sl@0	329	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 1)] & 0x0000ff00) ^
sl@0	330	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 0)] & 0x000000ff) ^
sl@0	331	rk[1];
sl@0	332	s2 =
sl@0	333	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 3)] & 0xff000000) ^
sl@0	334	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 2)] & 0x00ff0000) ^
sl@0	335	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 1)] & 0x0000ff00) ^
sl@0	336	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 0)] & 0x000000ff) ^
sl@0	337	rk[2];
sl@0	338	s3 =
sl@0	339	(RIJNDAEL_TABLE::Td4[GETBYTE(t3, 3)] & 0xff000000) ^
sl@0	340	(RIJNDAEL_TABLE::Td4[GETBYTE(t2, 2)] & 0x00ff0000) ^
sl@0	341	(RIJNDAEL_TABLE::Td4[GETBYTE(t1, 1)] & 0x0000ff00) ^
sl@0	342	(RIJNDAEL_TABLE::Td4[GETBYTE(t0, 0)] & 0x000000ff) ^
sl@0	343	rk[3];
sl@0	344	PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
sl@0	345	ModeDecryptEnd(aBuffer);
sl@0	346	aBuffer += KAESBlockBytes;
sl@0	347	}
sl@0	348	}
sl@0	349
sl@0	350	void CRijndaelImpl::SetEncryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0	351	{
sl@0	352	TUint keySize = aKey.Length();
sl@0	353	TUint32 temp;
sl@0	354	TUint32* rk = aKeySchedule;
sl@0	355
sl@0	356	TUint i = 0;
sl@0	357
sl@0	358	GetUserKeyBigEndian(rk, keySize/4, &aKey[0], keySize);
sl@0	359
sl@0	360	switch(keySize)
sl@0	361	{
sl@0	362	case (KAESKeyBytes128):
sl@0	363	{
sl@0	364	FOREVER
sl@0	365	{
sl@0	366	temp = rk[3];
sl@0	367	rk[4] = rk[0] ^
sl@0	368	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	369	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	370	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	371	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	372	RIJNDAEL_TABLE::rcon[i];
sl@0	373	rk[5] = rk[1] ^ rk[4];
sl@0	374	rk[6] = rk[2] ^ rk[5];
sl@0	375	rk[7] = rk[3] ^ rk[6];
sl@0	376	if (++i == 10)
sl@0	377	break;
sl@0	378	rk += 4;
sl@0	379	}
sl@0	380	}
sl@0	381	break;
sl@0	382
sl@0	383	case (KAESKeyBytes192):
sl@0	384	{
sl@0	385	FOREVER
sl@0	386	{
sl@0	387	temp = rk[ 5];
sl@0	388	rk[ 6] = rk[ 0] ^
sl@0	389	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	390	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	391	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	392	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	393	RIJNDAEL_TABLE::rcon[i];
sl@0	394	rk[ 7] = rk[ 1] ^ rk[ 6];
sl@0	395	rk[ 8] = rk[ 2] ^ rk[ 7];
sl@0	396	rk[ 9] = rk[ 3] ^ rk[ 8];
sl@0	397	if (++i == 8)
sl@0	398	break;
sl@0	399	rk[10] = rk[ 4] ^ rk[ 9];
sl@0	400	rk[11] = rk[ 5] ^ rk[10];
sl@0	401	rk += 6;
sl@0	402	}
sl@0	403	}
sl@0	404	break;
sl@0	405
sl@0	406	case (KAESKeyBytes256):
sl@0	407	{
sl@0	408	FOREVER
sl@0	409	{
sl@0	410	temp = rk[ 7];
sl@0	411	rk[ 8] = rk[ 0] ^
sl@0	412	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
sl@0	413	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
sl@0	414	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
sl@0	415	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
sl@0	416	RIJNDAEL_TABLE::rcon[i];
sl@0	417	rk[ 9] = rk[ 1] ^ rk[ 8];
sl@0	418	rk[10] = rk[ 2] ^ rk[ 9];
sl@0	419	rk[11] = rk[ 3] ^ rk[10];
sl@0	420	if (++i == 7)
sl@0	421	break;
sl@0	422	temp = rk[11];
sl@0	423	rk[12] = rk[ 4] ^
sl@0	424	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0xff000000) ^
sl@0	425	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0x00ff0000) ^
sl@0	426	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x0000ff00) ^
sl@0	427	(RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x000000ff);
sl@0	428	rk[13] = rk[ 5] ^ rk[12];
sl@0	429	rk[14] = rk[ 6] ^ rk[13];
sl@0	430	rk[15] = rk[ 7] ^ rk[14];
sl@0	431
sl@0	432	rk += 8;
sl@0	433	}
sl@0	434	}
sl@0	435	break;
sl@0	436
sl@0	437	default:
sl@0	438	assert(0); // Shouldn't get here, keeps compiler happy
sl@0	439	}
sl@0	440	}
sl@0	441
sl@0	442	void CRijndaelImpl::SetDecryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
sl@0	443	{
sl@0	444	SetEncryptKeySchedule(aKey, aKeySchedule);
sl@0	445
sl@0	446	TUint i, j;
sl@0	447	TUint32* rk = aKeySchedule;
sl@0	448	TUint32 temp;
sl@0	449
sl@0	450	// invert the order of the round keys
sl@0	451	for (i = 0, j = 4*iRounds; i < j; i += 4, j -= 4)
sl@0	452	{
sl@0	453	temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
sl@0	454	temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
sl@0	455	temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
sl@0	456	temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
sl@0	457	}
sl@0	458
sl@0	459	// apply the inverse MixColumn transform to all round keys but the first and the last
sl@0	460	for (i = 1; i < iRounds; i++)
sl@0	461	{
sl@0	462	rk += 4;
sl@0	463	rk[0] =
sl@0	464	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 3)] & 0xff] ^
sl@0	465	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 2)] & 0xff] ^
sl@0	466	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 1)] & 0xff] ^
sl@0	467	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 0)] & 0xff];
sl@0	468	rk[1] =
sl@0	469	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 3)] & 0xff] ^
sl@0	470	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 2)] & 0xff] ^
sl@0	471	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 1)] & 0xff] ^
sl@0	472	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 0)] & 0xff];
sl@0	473	rk[2] =
sl@0	474	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 3)] & 0xff] ^
sl@0	475	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 2)] & 0xff] ^
sl@0	476	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 1)] & 0xff] ^
sl@0	477	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 0)] & 0xff];
sl@0	478	rk[3] =
sl@0	479	RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 3)] & 0xff] ^
sl@0	480	RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 2)] & 0xff] ^
sl@0	481	RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 1)] & 0xff] ^
sl@0	482	RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 0)] & 0xff];
sl@0	483	}
sl@0	484	}

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--