1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/crypto/weakcryptospi/test/tplugins/src/rijndaelimpl.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,490 @@
1.4 +/*
1.5 +* Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include "rijndaelimpl.h"
1.23 +#include <cryptospi/keys.h>
1.24 +
1.25 +#include "rijndaeltables.h"
1.26 +#include "../../../source/common/inlines.h"
1.27 +#include "pluginconfig.h"
1.28 +#include "symmetriccipherimpl.h"
1.29 +#include <cryptostrength.h>
1.30 +
1.31 +using namespace SoftwareCrypto;
1.32 +
1.33 +const TUint KAESKeyBytes128 = 16;
1.34 +const TUint KAESKeyBytes192 = 24;
1.35 +const TUint KAESKeyBytes256 = 32;
1.36 +const TUint KAESBlockBytes = 16;
1.37 +
1.38 +/* CRijndaelmpl*/
1.39 +CRijndaelImpl::CRijndaelImpl(
1.40 + TUid aCryptoMode,
1.41 + TUid aOperationMode,
1.42 + TUid aPadding,
1.43 + TUid aImplementationUid) :
1.44 + CSymmetricBlockCipherImpl(KAESBlockBytes, aCryptoMode, aOperationMode, aPadding),
1.45 + iImplementationUid(aImplementationUid)
1.46 + {
1.47 + }
1.48 +
1.49 +CRijndaelImpl* CRijndaelImpl::NewL(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode,
1.50 + TUid aPadding, TUid aImplementationUid)
1.51 + {
1.52 + CRijndaelImpl* self = CRijndaelImpl::NewLC(aKey, aCryptoMode, aOperationMode,
1.53 + aPadding, aImplementationUid);
1.54 + CleanupStack::Pop(self);
1.55 + return self;
1.56 + }
1.57 +
1.58 +CRijndaelImpl* CRijndaelImpl::NewLC(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode,
1.59 + TUid aPadding, TUid aImplementationUid)
1.60 + {
1.61 + CRijndaelImpl* self = new(ELeave) CRijndaelImpl(aCryptoMode, aOperationMode, aPadding,
1.62 + aImplementationUid);
1.63 + CleanupStack::PushL(self);
1.64 + self->ConstructL(aKey);
1.65 +
1.66 + const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid);
1.67 + TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyContent.Size()) - keyContent.Size());
1.68 + return self;
1.69 + }
1.70 +
1.71 +CRijndaelImpl::~CRijndaelImpl()
1.72 + {
1.73 + // make sure key information isn't visible to other processes if the
1.74 + // page is reused.
1.75 + Mem::FillZ(&iK, sizeof(iK));
1.76 + }
1.77 +
1.78 +void CRijndaelImpl::ConstructL(const CKey& aKey)
1.79 + {
1.80 + CSymmetricBlockCipherImpl::ConstructL(aKey);
1.81 + SetKeySchedule();
1.82 + }
1.83 +
1.84 +CExtendedCharacteristics* CRijndaelImpl::CreateExtendedCharacteristicsL()
1.85 + {
1.86 + // All Symbian software plug-ins have unlimited concurrency, cannot be reserved
1.87 + // for exclusive use and are not CERTIFIED to be standards compliant.
1.88 + return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
1.89 + }
1.90 +
1.91 +const CExtendedCharacteristics* CRijndaelImpl::GetExtendedCharacteristicsL()
1.92 + {
1.93 + return CRijndaelImpl::CreateExtendedCharacteristicsL();
1.94 + }
1.95 +
1.96 +TUid CRijndaelImpl::ImplementationUid() const
1.97 + {
1.98 + return iImplementationUid;
1.99 + }
1.100 +
1.101 +TBool CRijndaelImpl::IsValidKeyLength(TInt aKeyBytes) const
1.102 + {
1.103 + switch(aKeyBytes)
1.104 + {
1.105 + case KAESKeyBytes128:
1.106 + case KAESKeyBytes192:
1.107 + case KAESKeyBytes256:
1.108 + return ETrue;
1.109 + default:
1.110 + return EFalse;
1.111 + }
1.112 + }
1.113 +
1.114 +void CRijndaelImpl::SetKeySchedule()
1.115 + {
1.116 + iRounds = iKeyBytes/4 + 6;
1.117 + if (iCryptoMode.iUid == KCryptoModeEncrypt)
1.118 + {
1.119 + SetEncryptKeySchedule(*iKey, &iK[0]);
1.120 + }
1.121 + else
1.122 + {
1.123 + ASSERT(iCryptoMode.iUid == KCryptoModeDecrypt);
1.124 + SetDecryptKeySchedule(*iKey, &iK[0]);
1.125 + }
1.126 + }
1.127 +
1.128 +void CRijndaelImpl::TransformEncrypt(
1.129 + TUint8* aBuffer,
1.130 + TUint aNumBlocks)
1.131 + {
1.132 + for (TInt i = 0; i < aNumBlocks; ++i)
1.133 + {
1.134 + ModeEncryptStart(aBuffer);
1.135 +
1.136 + TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
1.137 + const TUint32* rk = &iK[0];
1.138 +
1.139 + /*
1.140 + * map byte array block to cipher state
1.141 + * and add initial round key:
1.142 + */
1.143 + GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
1.144 + s0 ^= rk[0];
1.145 + s1 ^= rk[1];
1.146 + s2 ^= rk[2];
1.147 + s3 ^= rk[3];
1.148 + /*
1.149 + * Nr - 1 full rounds:
1.150 + */
1.151 + TUint r = iRounds >> 1;
1.152 + FOREVER
1.153 + {
1.154 + t0 =
1.155 + RIJNDAEL_TABLE::Te0[GETBYTE(s0, 3)] ^
1.156 + RIJNDAEL_TABLE::Te1[GETBYTE(s1, 2)] ^
1.157 + RIJNDAEL_TABLE::Te2[GETBYTE(s2, 1)] ^
1.158 + RIJNDAEL_TABLE::Te3[GETBYTE(s3, 0)] ^
1.159 + rk[4];
1.160 + t1 =
1.161 + RIJNDAEL_TABLE::Te0[GETBYTE(s1, 3)] ^
1.162 + RIJNDAEL_TABLE::Te1[GETBYTE(s2, 2)] ^
1.163 + RIJNDAEL_TABLE::Te2[GETBYTE(s3, 1)] ^
1.164 + RIJNDAEL_TABLE::Te3[GETBYTE(s0, 0)] ^
1.165 + rk[5];
1.166 + t2 =
1.167 + RIJNDAEL_TABLE::Te0[GETBYTE(s2, 3)] ^
1.168 + RIJNDAEL_TABLE::Te1[GETBYTE(s3, 2)] ^
1.169 + RIJNDAEL_TABLE::Te2[GETBYTE(s0, 1)] ^
1.170 + RIJNDAEL_TABLE::Te3[GETBYTE(s1, 0)] ^
1.171 + rk[6];
1.172 + t3 =
1.173 + RIJNDAEL_TABLE::Te0[GETBYTE(s3, 3)] ^
1.174 + RIJNDAEL_TABLE::Te1[GETBYTE(s0, 2)] ^
1.175 + RIJNDAEL_TABLE::Te2[GETBYTE(s1, 1)] ^
1.176 + RIJNDAEL_TABLE::Te3[GETBYTE(s2, 0)] ^
1.177 + rk[7];
1.178 +
1.179 + rk += 8;
1.180 + if (--r == 0)
1.181 + break;
1.182 +
1.183 + s0 =
1.184 + RIJNDAEL_TABLE::Te0[GETBYTE(t0, 3)] ^
1.185 + RIJNDAEL_TABLE::Te1[GETBYTE(t1, 2)] ^
1.186 + RIJNDAEL_TABLE::Te2[GETBYTE(t2, 1)] ^
1.187 + RIJNDAEL_TABLE::Te3[GETBYTE(t3, 0)] ^
1.188 + rk[0];
1.189 + s1 =
1.190 + RIJNDAEL_TABLE::Te0[GETBYTE(t1, 3)] ^
1.191 + RIJNDAEL_TABLE::Te1[GETBYTE(t2, 2)] ^
1.192 + RIJNDAEL_TABLE::Te2[GETBYTE(t3, 1)] ^
1.193 + RIJNDAEL_TABLE::Te3[GETBYTE(t0, 0)] ^
1.194 + rk[1];
1.195 + s2 =
1.196 + RIJNDAEL_TABLE::Te0[GETBYTE(t2, 3)] ^
1.197 + RIJNDAEL_TABLE::Te1[GETBYTE(t3, 2)] ^
1.198 + RIJNDAEL_TABLE::Te2[GETBYTE(t0, 1)] ^
1.199 + RIJNDAEL_TABLE::Te3[GETBYTE(t1, 0)] ^
1.200 + rk[2];
1.201 + s3 =
1.202 + RIJNDAEL_TABLE::Te0[GETBYTE(t3, 3)] ^
1.203 + RIJNDAEL_TABLE::Te1[GETBYTE(t0, 2)] ^
1.204 + RIJNDAEL_TABLE::Te2[GETBYTE(t1, 1)] ^
1.205 + RIJNDAEL_TABLE::Te3[GETBYTE(t2, 0)] ^
1.206 + rk[3];
1.207 + }
1.208 + /*
1.209 + * apply last round and
1.210 + * map cipher state to byte array block:
1.211 + */
1.212 +
1.213 + s0 =
1.214 + (RIJNDAEL_TABLE::Te4[GETBYTE(t0, 3)] & 0xff000000) ^
1.215 + (RIJNDAEL_TABLE::Te4[GETBYTE(t1, 2)] & 0x00ff0000) ^
1.216 + (RIJNDAEL_TABLE::Te4[GETBYTE(t2, 1)] & 0x0000ff00) ^
1.217 + (RIJNDAEL_TABLE::Te4[GETBYTE(t3, 0)] & 0x000000ff) ^
1.218 + rk[0];
1.219 + s1 =
1.220 + (RIJNDAEL_TABLE::Te4[GETBYTE(t1, 3)] & 0xff000000) ^
1.221 + (RIJNDAEL_TABLE::Te4[GETBYTE(t2, 2)] & 0x00ff0000) ^
1.222 + (RIJNDAEL_TABLE::Te4[GETBYTE(t3, 1)] & 0x0000ff00) ^
1.223 + (RIJNDAEL_TABLE::Te4[GETBYTE(t0, 0)] & 0x000000ff) ^
1.224 + rk[1];
1.225 + s2 =
1.226 + (RIJNDAEL_TABLE::Te4[GETBYTE(t2, 3)] & 0xff000000) ^
1.227 + (RIJNDAEL_TABLE::Te4[GETBYTE(t3, 2)] & 0x00ff0000) ^
1.228 + (RIJNDAEL_TABLE::Te4[GETBYTE(t0, 1)] & 0x0000ff00) ^
1.229 + (RIJNDAEL_TABLE::Te4[GETBYTE(t1, 0)] & 0x000000ff) ^
1.230 + rk[2];
1.231 + s3 =
1.232 + (RIJNDAEL_TABLE::Te4[GETBYTE(t3, 3)] & 0xff000000) ^
1.233 + (RIJNDAEL_TABLE::Te4[GETBYTE(t0, 2)] & 0x00ff0000) ^
1.234 + (RIJNDAEL_TABLE::Te4[GETBYTE(t1, 1)] & 0x0000ff00) ^
1.235 + (RIJNDAEL_TABLE::Te4[GETBYTE(t2, 0)] & 0x000000ff) ^
1.236 + rk[3];
1.237 +
1.238 + PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
1.239 + ModeEncryptEnd(aBuffer);
1.240 + aBuffer += KAESBlockBytes;
1.241 + }
1.242 + }
1.243 +
1.244 +void CRijndaelImpl::TransformDecrypt(
1.245 + TUint8* aBuffer,
1.246 + TUint aNumBlocks)
1.247 + {
1.248 + for (TInt i = 0; i < aNumBlocks; ++i)
1.249 + {
1.250 + ModeDecryptStart(aBuffer);
1.251 +
1.252 + TUint32 s0, s1, s2, s3, t0, t1, t2, t3;
1.253 + const TUint32* rk = &iK[0];
1.254 +
1.255 + /*
1.256 + * map byte array block to cipher state
1.257 + * and add initial round key:
1.258 + */
1.259 + GetBlockBigEndian(aBuffer, s0, s1, s2, s3);
1.260 +
1.261 + s0 ^= rk[0];
1.262 + s1 ^= rk[1];
1.263 + s2 ^= rk[2];
1.264 + s3 ^= rk[3];
1.265 + /*
1.266 + * Nr - 1 full rounds:
1.267 + */
1.268 + TUint r = iRounds >> 1;
1.269 + FOREVER
1.270 + {
1.271 + t0 =
1.272 + RIJNDAEL_TABLE::Td0[GETBYTE(s0, 3)] ^
1.273 + RIJNDAEL_TABLE::Td1[GETBYTE(s3, 2)] ^
1.274 + RIJNDAEL_TABLE::Td2[GETBYTE(s2, 1)] ^
1.275 + RIJNDAEL_TABLE::Td3[GETBYTE(s1, 0)] ^
1.276 + rk[4];
1.277 + t1 =
1.278 + RIJNDAEL_TABLE::Td0[GETBYTE(s1, 3)] ^
1.279 + RIJNDAEL_TABLE::Td1[GETBYTE(s0, 2)] ^
1.280 + RIJNDAEL_TABLE::Td2[GETBYTE(s3, 1)] ^
1.281 + RIJNDAEL_TABLE::Td3[GETBYTE(s2, 0)] ^
1.282 + rk[5];
1.283 + t2 =
1.284 + RIJNDAEL_TABLE::Td0[GETBYTE(s2, 3)] ^
1.285 + RIJNDAEL_TABLE::Td1[GETBYTE(s1, 2)] ^
1.286 + RIJNDAEL_TABLE::Td2[GETBYTE(s0, 1)] ^
1.287 + RIJNDAEL_TABLE::Td3[GETBYTE(s3, 0)] ^
1.288 + rk[6];
1.289 + t3 =
1.290 + RIJNDAEL_TABLE::Td0[GETBYTE(s3, 3)] ^
1.291 + RIJNDAEL_TABLE::Td1[GETBYTE(s2, 2)] ^
1.292 + RIJNDAEL_TABLE::Td2[GETBYTE(s1, 1)] ^
1.293 + RIJNDAEL_TABLE::Td3[GETBYTE(s0, 0)] ^
1.294 + rk[7];
1.295 +
1.296 + rk += 8;
1.297 + if (--r == 0)
1.298 + break;
1.299 +
1.300 + s0 =
1.301 + RIJNDAEL_TABLE::Td0[GETBYTE(t0, 3)] ^
1.302 + RIJNDAEL_TABLE::Td1[GETBYTE(t3, 2)] ^
1.303 + RIJNDAEL_TABLE::Td2[GETBYTE(t2, 1)] ^
1.304 + RIJNDAEL_TABLE::Td3[GETBYTE(t1, 0)] ^
1.305 + rk[0];
1.306 + s1 =
1.307 + RIJNDAEL_TABLE::Td0[GETBYTE(t1, 3)] ^
1.308 + RIJNDAEL_TABLE::Td1[GETBYTE(t0, 2)] ^
1.309 + RIJNDAEL_TABLE::Td2[GETBYTE(t3, 1)] ^
1.310 + RIJNDAEL_TABLE::Td3[GETBYTE(t2, 0)] ^
1.311 + rk[1];
1.312 + s2 =
1.313 + RIJNDAEL_TABLE::Td0[GETBYTE(t2, 3)] ^
1.314 + RIJNDAEL_TABLE::Td1[GETBYTE(t1, 2)] ^
1.315 + RIJNDAEL_TABLE::Td2[GETBYTE(t0, 1)] ^
1.316 + RIJNDAEL_TABLE::Td3[GETBYTE(t3, 0)] ^
1.317 + rk[2];
1.318 + s3 =
1.319 + RIJNDAEL_TABLE::Td0[GETBYTE(t3, 3)] ^
1.320 + RIJNDAEL_TABLE::Td1[GETBYTE(t2, 2)] ^
1.321 + RIJNDAEL_TABLE::Td2[GETBYTE(t1, 1)] ^
1.322 + RIJNDAEL_TABLE::Td3[GETBYTE(t0, 0)] ^
1.323 + rk[3];
1.324 + }
1.325 + /*
1.326 + * apply last round and
1.327 + * map cipher state to byte array block:
1.328 + */
1.329 + s0 =
1.330 + (RIJNDAEL_TABLE::Td4[GETBYTE(t0, 3)] & 0xff000000) ^
1.331 + (RIJNDAEL_TABLE::Td4[GETBYTE(t3, 2)] & 0x00ff0000) ^
1.332 + (RIJNDAEL_TABLE::Td4[GETBYTE(t2, 1)] & 0x0000ff00) ^
1.333 + (RIJNDAEL_TABLE::Td4[GETBYTE(t1, 0)] & 0x000000ff) ^
1.334 + rk[0];
1.335 + s1 =
1.336 + (RIJNDAEL_TABLE::Td4[GETBYTE(t1, 3)] & 0xff000000) ^
1.337 + (RIJNDAEL_TABLE::Td4[GETBYTE(t0, 2)] & 0x00ff0000) ^
1.338 + (RIJNDAEL_TABLE::Td4[GETBYTE(t3, 1)] & 0x0000ff00) ^
1.339 + (RIJNDAEL_TABLE::Td4[GETBYTE(t2, 0)] & 0x000000ff) ^
1.340 + rk[1];
1.341 + s2 =
1.342 + (RIJNDAEL_TABLE::Td4[GETBYTE(t2, 3)] & 0xff000000) ^
1.343 + (RIJNDAEL_TABLE::Td4[GETBYTE(t1, 2)] & 0x00ff0000) ^
1.344 + (RIJNDAEL_TABLE::Td4[GETBYTE(t0, 1)] & 0x0000ff00) ^
1.345 + (RIJNDAEL_TABLE::Td4[GETBYTE(t3, 0)] & 0x000000ff) ^
1.346 + rk[2];
1.347 + s3 =
1.348 + (RIJNDAEL_TABLE::Td4[GETBYTE(t3, 3)] & 0xff000000) ^
1.349 + (RIJNDAEL_TABLE::Td4[GETBYTE(t2, 2)] & 0x00ff0000) ^
1.350 + (RIJNDAEL_TABLE::Td4[GETBYTE(t1, 1)] & 0x0000ff00) ^
1.351 + (RIJNDAEL_TABLE::Td4[GETBYTE(t0, 0)] & 0x000000ff) ^
1.352 + rk[3];
1.353 + PutBlockBigEndian(aBuffer, s0, s1, s2, s3);
1.354 + ModeDecryptEnd(aBuffer);
1.355 + aBuffer += KAESBlockBytes;
1.356 + }
1.357 + }
1.358 +
1.359 +void CRijndaelImpl::SetEncryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
1.360 + {
1.361 + TUint keySize = aKey.Length();
1.362 + TUint32 temp;
1.363 + TUint32* rk = aKeySchedule;
1.364 +
1.365 + TUint i = 0;
1.366 +
1.367 + GetUserKeyBigEndian(rk, keySize/4, &aKey[0], keySize);
1.368 +
1.369 + switch(keySize)
1.370 + {
1.371 + case (KAESKeyBytes128):
1.372 + {
1.373 + FOREVER
1.374 + {
1.375 + temp = rk[3];
1.376 + rk[4] = rk[0] ^
1.377 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
1.378 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
1.379 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
1.380 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
1.381 + RIJNDAEL_TABLE::rcon[i];
1.382 + rk[5] = rk[1] ^ rk[4];
1.383 + rk[6] = rk[2] ^ rk[5];
1.384 + rk[7] = rk[3] ^ rk[6];
1.385 + if (++i == 10)
1.386 + break;
1.387 + rk += 4;
1.388 + }
1.389 + }
1.390 + break;
1.391 +
1.392 + case (KAESKeyBytes192):
1.393 + {
1.394 + FOREVER
1.395 + {
1.396 + temp = rk[ 5];
1.397 + rk[ 6] = rk[ 0] ^
1.398 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
1.399 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
1.400 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
1.401 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
1.402 + RIJNDAEL_TABLE::rcon[i];
1.403 + rk[ 7] = rk[ 1] ^ rk[ 6];
1.404 + rk[ 8] = rk[ 2] ^ rk[ 7];
1.405 + rk[ 9] = rk[ 3] ^ rk[ 8];
1.406 + if (++i == 8)
1.407 + break;
1.408 + rk[10] = rk[ 4] ^ rk[ 9];
1.409 + rk[11] = rk[ 5] ^ rk[10];
1.410 + rk += 6;
1.411 + }
1.412 + }
1.413 + break;
1.414 +
1.415 + case (KAESKeyBytes256):
1.416 + {
1.417 + FOREVER
1.418 + {
1.419 + temp = rk[ 7];
1.420 + rk[ 8] = rk[ 0] ^
1.421 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0xff000000) ^
1.422 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x00ff0000) ^
1.423 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x0000ff00) ^
1.424 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0x000000ff) ^
1.425 + RIJNDAEL_TABLE::rcon[i];
1.426 + rk[ 9] = rk[ 1] ^ rk[ 8];
1.427 + rk[10] = rk[ 2] ^ rk[ 9];
1.428 + rk[11] = rk[ 3] ^ rk[10];
1.429 + if (++i == 7)
1.430 + break;
1.431 + temp = rk[11];
1.432 + rk[12] = rk[ 4] ^
1.433 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 3)] & 0xff000000) ^
1.434 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 2)] & 0x00ff0000) ^
1.435 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 1)] & 0x0000ff00) ^
1.436 + (RIJNDAEL_TABLE::Te4[GETBYTE(temp, 0)] & 0x000000ff);
1.437 + rk[13] = rk[ 5] ^ rk[12];
1.438 + rk[14] = rk[ 6] ^ rk[13];
1.439 + rk[15] = rk[ 7] ^ rk[14];
1.440 +
1.441 + rk += 8;
1.442 + }
1.443 + }
1.444 + break;
1.445 +
1.446 + default:
1.447 + assert(0); // Shouldn't get here, keeps compiler happy
1.448 + }
1.449 + }
1.450 +
1.451 +void CRijndaelImpl::SetDecryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule)
1.452 + {
1.453 + SetEncryptKeySchedule(aKey, aKeySchedule);
1.454 +
1.455 + TUint i, j;
1.456 + TUint32* rk = aKeySchedule;
1.457 + TUint32 temp;
1.458 +
1.459 + // invert the order of the round keys
1.460 + for (i = 0, j = 4*iRounds; i < j; i += 4, j -= 4)
1.461 + {
1.462 + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
1.463 + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
1.464 + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
1.465 + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
1.466 + }
1.467 +
1.468 + // apply the inverse MixColumn transform to all round keys but the first and the last
1.469 + for (i = 1; i < iRounds; i++)
1.470 + {
1.471 + rk += 4;
1.472 + rk[0] =
1.473 + RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 3)] & 0xff] ^
1.474 + RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 2)] & 0xff] ^
1.475 + RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 1)] & 0xff] ^
1.476 + RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[0], 0)] & 0xff];
1.477 + rk[1] =
1.478 + RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 3)] & 0xff] ^
1.479 + RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 2)] & 0xff] ^
1.480 + RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 1)] & 0xff] ^
1.481 + RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[1], 0)] & 0xff];
1.482 + rk[2] =
1.483 + RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 3)] & 0xff] ^
1.484 + RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 2)] & 0xff] ^
1.485 + RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 1)] & 0xff] ^
1.486 + RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[2], 0)] & 0xff];
1.487 + rk[3] =
1.488 + RIJNDAEL_TABLE::Td0[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 3)] & 0xff] ^
1.489 + RIJNDAEL_TABLE::Td1[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 2)] & 0xff] ^
1.490 + RIJNDAEL_TABLE::Td2[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 1)] & 0xff] ^
1.491 + RIJNDAEL_TABLE::Td3[RIJNDAEL_TABLE::Te4[GETBYTE(rk[3], 0)] & 0xff];
1.492 + }
1.493 + }