Print this page
5072963 Need an optimized AES implementation for amd64
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/common/crypto/aes/aes_impl.c
+++ new/usr/src/common/crypto/aes/aes_impl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 - * Common Development and Distribution License, Version 1.0 only
6 - * (the "License"). You may not use this file except in compliance
7 - * with the License.
5 + * Common Development and Distribution License (the "License").
6 + * You may not use this file except in compliance with the License.
8 7 *
9 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 9 * or http://www.opensolaris.org/os/licensing.
11 10 * See the License for the specific language governing permissions
12 11 * and limitations under the License.
13 12 *
14 13 * When distributing Covered Code, include this CDDL HEADER in each
15 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 15 * If applicable, add the following below this CDDL HEADER, with the
17 16 * fields enclosed by brackets "[]" replaced with your own identifying
18 17 * information: Portions Copyright [yyyy] [name of copyright owner]
19 18 *
20 19 * CDDL HEADER END
21 20 */
22 21 /*
23 - * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
22 + * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 23 * Use is subject to license terms.
25 24 */
26 25
26 +#pragma ident "@(#)aes_impl.c 1.3 08/06/12 SMI"
27 +
27 28 #include <sys/types.h>
28 29 #include <sys/systm.h>
29 30 #include <sys/ddi.h>
30 31 #include <sys/sysmacros.h>
31 32 #include <sys/strsun.h>
32 33 #include <netinet/in.h>
33 34 #include "aes_impl.h"
34 35 #ifndef _KERNEL
35 36 #include <strings.h>
36 37 #include <stdlib.h>
37 38 #endif /* !_KERNEL */
38 39
39 -#pragma ident "@(#)aes_impl.c 1.2 05/06/08 SMI"
40 40
41 41 /*
42 42 * This file is derived from the file rijndael-alg-fst.c taken from the
43 43 * "optimized C code v3.0" on the "rijndael home page"
44 - * (http://www.esat.kuleuven.ac.be/~rijmen/rijndael/)
45 - * pointed by the NIST web-site (http://nist.gov)
44 + * http://www.iaik.tu-graz.ac.at/research/krypto/AES/old/~rijmen/rijndael/
45 + * pointed by the NIST web-site http://csrc.nist.gov/archive/aes/
46 46 *
47 47 * The following note is from the original file:
48 48 */
49 49
50 50 /*
51 51 * rijndael-alg-fst.c
52 52 *
53 53 * @version 3.0 (December 2000)
54 54 *
55 55 * Optimised ANSI C code for the Rijndael cipher (now AES)
56 56 *
57 57 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
58 58 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
59 59 * @author Paulo Barreto <paulo.barreto@terra.com.br>
60 60 *
61 61 * This code is hereby placed in the public domain.
62 62 *
63 63 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
64 64 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
65 65 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
66 66 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
67 67 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
68 68 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
69 69 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
70 70 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
71 71 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
72 72 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
73 73 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
74 74 */
75 75
76 76 /* EXPORT DELETE START */
77 77
78 -#ifndef _RIJNDAEL_TBL_H
79 -#define _RIJNDAEL_TBL_H
78 +#if defined(sun4u) || defined(__amd64)
79 +/* External assembly functions: */
80 +extern void aes_encrypt_impl(const uint32_t rk[], int Nr, const uint32_t pt[4],
81 + uint32_t ct[4]);
82 +extern void aes_decrypt_impl(const uint32_t rk[], int Nr, const uint32_t ct[4],
83 + uint32_t pt[4]);
84 +#define AES_ENCRYPT_IMPL aes_encrypt_impl
85 +#define AES_DECRYPT_IMPL aes_decrypt_impl
80 86
87 +#ifdef __amd64
88 +extern int rijndael_key_setup_enc(uint32_t rk[], const uint32_t cipherKey[],
89 + int keyBits);
90 +extern int rijndael_key_setup_dec(uint32_t rk[], const uint32_t cipherKey[],
91 + int keyBits);
92 +#endif
93 +
94 +#else
95 +#define AES_ENCRYPT_IMPL rijndael_encrypt
96 +#define AES_DECRYPT_IMPL rijndael_decrypt
97 +#define rijndael_key_setup_enc_raw rijndael_key_setup_enc
98 +#endif /* sun4u || __amd64 */
99 +
100 +#if defined(_LITTLE_ENDIAN) && !defined(__amd64)
101 +#define AES_BYTE_SWAP
102 +#endif
103 +
104 +#ifndef __amd64
81 105 /*
82 106 * Constant tables
83 107 */
84 108
85 109 /*
86 110 * Te0[x] = S [x].[02, 01, 01, 03];
87 111 * Te1[x] = S [x].[03, 02, 01, 01];
88 112 * Te2[x] = S [x].[01, 03, 02, 01];
89 113 * Te3[x] = S [x].[01, 01, 03, 02];
90 114 * Te4[x] = S [x].[01, 01, 01, 01];
91 115 *
92 116 * Td0[x] = Si[x].[0e, 09, 0d, 0b];
93 117 * Td1[x] = Si[x].[0b, 0e, 09, 0d];
94 118 * Td2[x] = Si[x].[0d, 0b, 0e, 09];
95 119 * Td3[x] = Si[x].[09, 0d, 0b, 0e];
96 120 * Td4[x] = Si[x].[01, 01, 01, 01];
97 121 */
98 122
123 +/* Encrypt Sbox constants (for the substitute bytes operation) */
99 124
100 125 static const uint32_t Te0[256] =
101 126 {
102 127 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
103 128 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
104 129 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
105 130 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
106 131 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
107 132 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
108 133 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
109 134 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
110 135 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
111 136 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
112 137 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
113 138 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
114 139 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
115 140 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
116 141 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
117 142 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
118 143 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
119 144 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
120 145 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
121 146 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
122 147 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
123 148 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
124 149 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
125 150 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
126 151 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
127 152 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
128 153 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
129 154 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
130 155 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
131 156 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
132 157 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
133 158 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
134 159 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
135 160 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
136 161 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
137 162 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
138 163 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
139 164 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
140 165 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
141 166 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
142 167 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
143 168 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
144 169 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
145 170 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
146 171 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
147 172 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
148 173 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
149 174 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
150 175 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
151 176 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
152 177 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
153 178 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
154 179 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
155 180 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
156 181 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
157 182 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
158 183 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
159 184 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
160 185 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
161 186 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
162 187 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
163 188 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
164 189 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
165 190 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU
166 191 };
167 192
168 193
169 194 static const uint32_t Te1[256] =
170 195 {
171 196 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
172 197 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
173 198 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
174 199 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
175 200 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
176 201 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
177 202 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
178 203 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
179 204 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
180 205 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
181 206 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
182 207 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
183 208 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
184 209 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
185 210 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
186 211 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
187 212 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
188 213 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
189 214 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
190 215 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
191 216 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
192 217 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
193 218 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
194 219 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
195 220 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
196 221 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
197 222 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
198 223 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
199 224 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
200 225 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
201 226 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
202 227 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
203 228 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
204 229 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
205 230 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
206 231 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
207 232 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
208 233 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
209 234 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
210 235 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
211 236 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
212 237 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
213 238 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
214 239 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
215 240 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
216 241 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
217 242 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
218 243 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
219 244 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
220 245 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
221 246 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
222 247 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
223 248 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
224 249 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
225 250 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
226 251 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
227 252 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
228 253 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
229 254 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
230 255 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
231 256 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
232 257 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
233 258 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
234 259 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U
235 260 };
236 261
237 262
238 263 static const uint32_t Te2[256] =
239 264 {
240 265 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
241 266 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
242 267 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
243 268 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
244 269 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
245 270 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
246 271 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
247 272 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
248 273 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
249 274 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
250 275 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
251 276 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
252 277 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
253 278 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
254 279 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
255 280 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
256 281 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
257 282 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
258 283 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
259 284 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
260 285 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
261 286 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
262 287 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
263 288 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
264 289 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
265 290 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
266 291 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
267 292 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
268 293 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
269 294 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
270 295 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
271 296 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
272 297 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
273 298 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
274 299 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
275 300 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
276 301 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
277 302 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
278 303 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
279 304 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
280 305 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
281 306 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
282 307 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
283 308 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
284 309 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
285 310 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
286 311 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
287 312 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
288 313 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
289 314 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
290 315 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
291 316 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
292 317 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
293 318 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
294 319 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
295 320 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
296 321 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
297 322 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
298 323 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
299 324 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
300 325 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
301 326 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
302 327 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
303 328 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U
304 329 };
305 330
306 331
307 332 static const uint32_t Te3[256] =
308 333 {
309 334 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
310 335 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
311 336 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
312 337 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
313 338 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
314 339 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
315 340 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
316 341 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
317 342 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
318 343 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
319 344 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
320 345 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
321 346 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
322 347 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
323 348 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
324 349 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
325 350 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
326 351 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
327 352 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
328 353 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
329 354 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
330 355 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
331 356 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
332 357 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
333 358 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
334 359 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
335 360 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
336 361 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
337 362 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
338 363 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
339 364 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
340 365 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
341 366 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
342 367 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
343 368 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
344 369 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
345 370 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
346 371 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
347 372 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
348 373 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
349 374 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
350 375 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
351 376 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
352 377 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
353 378 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
354 379 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
355 380 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
356 381 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
357 382 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
358 383 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
359 384 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
360 385 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
361 386 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
362 387 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
363 388 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
364 389 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
365 390 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
366 391 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
367 392 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
368 393 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
369 394 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
370 395 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
371 396 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
372 397 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU
373 398 };
374 399
375 400 static const uint32_t Te4[256] =
376 401 {
377 402 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
378 403 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
379 404 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
380 405 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
381 406 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
382 407 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
383 408 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
384 409 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
385 410 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
386 411 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
387 412 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
388 413 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
389 414 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
390 415 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
391 416 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
392 417 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
393 418 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
394 419 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
395 420 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
396 421 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
397 422 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
398 423 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
399 424 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
400 425 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
401 426 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
402 427 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
403 428 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
404 429 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
405 430 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
406 431 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
407 432 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
408 433 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
409 434 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
410 435 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
411 436 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
412 437 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
413 438 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
414 439 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
415 440 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
416 441 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
417 442 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
418 443 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
419 444 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
420 445 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
421 446 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
422 447 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
423 448 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
424 449 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
425 450 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
426 451 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
427 452 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
428 453 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
429 454 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
430 455 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
431 456 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
432 457 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
|
↓ open down ↓ |
324 lines elided |
↑ open up ↑ |
433 458 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
434 459 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
435 460 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
436 461 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
437 462 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
438 463 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
439 464 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
440 465 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U
441 466 };
442 467
468 +/* Decrypt Sbox constants (for the substitute bytes operation) */
469 +
443 470 static const uint32_t Td0[256] =
444 471 {
445 472 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
446 473 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
447 474 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
448 475 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
449 476 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
450 477 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
451 478 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
452 479 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
453 480 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
454 481 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
455 482 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
456 483 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
457 484 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
458 485 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
459 486 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
460 487 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
461 488 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
462 489 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
463 490 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
464 491 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
465 492 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
466 493 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
467 494 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
468 495 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
469 496 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
470 497 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
471 498 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
472 499 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
473 500 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
474 501 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
475 502 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
476 503 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
477 504 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
478 505 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
479 506 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
480 507 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
481 508 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
482 509 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
483 510 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
484 511 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
485 512 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
486 513 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
487 514 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
488 515 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
489 516 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
490 517 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
491 518 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
492 519 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
493 520 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
494 521 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
495 522 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
496 523 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
497 524 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
498 525 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
499 526 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
500 527 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
501 528 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
502 529 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
503 530 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
504 531 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
505 532 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
506 533 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
507 534 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
508 535 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U
509 536 };
510 537
511 538 static const uint32_t Td1[256] =
512 539 {
513 540 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
514 541 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
515 542 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
516 543 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
517 544 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
518 545 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
519 546 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
520 547 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
521 548 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
522 549 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
523 550 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
524 551 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
525 552 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
526 553 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
527 554 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
528 555 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
529 556 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
530 557 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
531 558 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
532 559 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
533 560 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
534 561 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
535 562 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
536 563 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
537 564 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
538 565 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
539 566 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
540 567 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
541 568 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
542 569 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
543 570 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
544 571 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
545 572 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
546 573 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
547 574 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
548 575 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
549 576 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
550 577 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
551 578 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
552 579 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
553 580 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
554 581 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
555 582 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
556 583 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
557 584 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
558 585 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
559 586 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
560 587 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
561 588 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
562 589 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
563 590 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
564 591 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
565 592 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
566 593 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
567 594 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
568 595 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
569 596 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
570 597 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
571 598 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
572 599 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
573 600 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
574 601 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
575 602 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
576 603 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U
577 604 };
578 605
579 606 static const uint32_t Td2[256] =
580 607 {
581 608 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
582 609 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
583 610 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
584 611 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
585 612 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
586 613 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
587 614 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
588 615 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
589 616 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
590 617 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
591 618 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
592 619 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
593 620 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
594 621 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
595 622 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
596 623 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
597 624 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
598 625 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
599 626 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
600 627 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
601 628 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
602 629 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
603 630 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
604 631 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
605 632 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
606 633 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
607 634 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
608 635 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
609 636 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
610 637 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
611 638 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
612 639 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
613 640 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
614 641 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
615 642 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
616 643 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
617 644 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
618 645 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
619 646 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
620 647 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
621 648 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
622 649 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
623 650 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
624 651 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
625 652 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
626 653 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
627 654 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
628 655 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
629 656 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
630 657 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
631 658 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
632 659 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
633 660 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
634 661 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
635 662 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
636 663 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
637 664 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
638 665 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
639 666 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
640 667 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
641 668 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
642 669 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
643 670 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
644 671 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U
645 672 };
646 673
647 674 static const uint32_t Td3[256] =
648 675 {
649 676 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
650 677 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
651 678 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
652 679 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
653 680 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
654 681 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
655 682 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
656 683 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
657 684 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
658 685 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
659 686 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
660 687 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
661 688 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
662 689 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
663 690 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
664 691 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
665 692 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
666 693 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
667 694 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
668 695 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
669 696 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
670 697 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
671 698 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
672 699 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
673 700 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
674 701 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
675 702 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
676 703 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
677 704 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
678 705 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
679 706 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
680 707 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
681 708 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
682 709 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
683 710 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
684 711 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
685 712 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
686 713 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
687 714 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
688 715 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
689 716 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
690 717 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
691 718 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
692 719 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
693 720 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
694 721 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
695 722 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
696 723 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
697 724 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
698 725 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
699 726 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
700 727 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
701 728 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
702 729 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
703 730 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
704 731 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
705 732 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
706 733 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
707 734 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
708 735 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
709 736 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
710 737 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
711 738 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
712 739 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U
713 740 };
714 741
715 742
716 743 static const uint32_t Td4[256] =
717 744 {
718 745 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
719 746 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
720 747 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
721 748 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
722 749 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
723 750 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
724 751 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
725 752 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
726 753 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
727 754 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
728 755 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
729 756 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
730 757 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
731 758 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
732 759 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
733 760 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
734 761 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
735 762 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
736 763 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
737 764 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
738 765 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
739 766 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
740 767 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
741 768 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
742 769 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
743 770 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
744 771 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
745 772 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
746 773 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
747 774 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
748 775 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
749 776 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
750 777 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
751 778 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
752 779 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
753 780 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
754 781 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
755 782 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
756 783 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
757 784 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
758 785 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
759 786 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
760 787 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
761 788 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
762 789 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
763 790 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
764 791 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
765 792 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
766 793 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
767 794 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
768 795 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
769 796 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
770 797 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
771 798 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
772 799 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
773 800 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
|
↓ open down ↓ |
321 lines elided |
↑ open up ↑ |
774 801 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
775 802 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
776 803 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
777 804 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
778 805 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
779 806 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
780 807 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
781 808 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU
782 809 };
783 810
784 -static const uint32_t rcon[] =
811 +/* Rcon is Round Constant; used for encryption key expansion */
812 +static const uint32_t rcon[RC_LENGTH] =
785 813 {
786 814 /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
787 815 0x01000000, 0x02000000, 0x04000000, 0x08000000,
788 816 0x10000000, 0x20000000, 0x40000000, 0x80000000,
789 817 0x1B000000, 0x36000000
790 818 };
791 -#endif
792 819
820 +
793 821 /*
794 - * Expand the cipher key into the encryption key schedule.
795 - * return the number of rounds for the given cipher key size.
796 - * The size of the key schedule depends on the number of rounds
797 - * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
822 + * Expand the cipher key into the encryption key schedule.
823 + *
824 + * Return the number of rounds for the given cipher key size.
825 + * The size of the key schedule depends on the number of rounds
826 + * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
827 + *
828 + * Parameters:
829 + * rk AES key schedule 32-bit array to be initialized
830 + * cipherKey User key
831 + * keyBits AES key size (128, 192, or 256 bits)
798 832 */
799 833 static int
800 834 rijndael_key_setup_enc_raw(uint32_t rk[], const uint32_t cipherKey[],
801 835 int keyBits)
802 836 {
803 837 int i = 0;
804 838 uint32_t temp;
805 839
806 840 rk[0] = cipherKey[0];
807 841 rk[1] = cipherKey[1];
808 842 rk[2] = cipherKey[2];
809 843 rk[3] = cipherKey[3];
810 844
811 845 if (keyBits == 128) {
812 846 for (;;) {
813 847 temp = rk[3];
814 848 rk[4] = rk[0] ^
815 849 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
816 850 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
817 851 (Te4[temp & 0xff] & 0x0000ff00) ^
818 852 (Te4[temp >> 24] & 0x000000ff) ^
819 853 rcon[i];
820 854 rk[5] = rk[1] ^ rk[4];
821 855 rk[6] = rk[2] ^ rk[5];
822 856 rk[7] = rk[3] ^ rk[6];
823 857
824 858 if (++i == 10) {
825 859 return (10);
826 860 }
827 861 rk += 4;
828 862 }
829 863 }
830 864
831 865 rk[4] = cipherKey[4];
832 866 rk[5] = cipherKey[5];
833 867
834 868 if (keyBits == 192) {
835 869 for (;;) {
836 870 temp = rk[5];
837 871 rk[6] = rk[0] ^
838 872 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
839 873 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
840 874 (Te4[temp & 0xff] & 0x0000ff00) ^
841 875 (Te4[temp >> 24] & 0x000000ff) ^
842 876 rcon[i];
843 877 rk[7] = rk[1] ^ rk[6];
844 878 rk[8] = rk[2] ^ rk[7];
845 879 rk[9] = rk[3] ^ rk[8];
846 880
847 881 if (++i == 8) {
848 882 return (12);
849 883 }
850 884
851 885 rk[10] = rk[4] ^ rk[9];
852 886 rk[11] = rk[5] ^ rk[10];
853 887 rk += 6;
854 888 }
855 889 }
856 890
857 891 rk[6] = cipherKey[6];
858 892 rk[7] = cipherKey[7];
859 893
860 894 if (keyBits == 256) {
861 895 for (;;) {
862 896 temp = rk[7];
863 897 rk[8] = rk[0] ^
864 898 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
865 899 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
866 900 (Te4[temp & 0xff] & 0x0000ff00) ^
867 901 (Te4[temp >> 24] & 0x000000ff) ^
868 902 rcon[i];
869 903 rk[9] = rk[1] ^ rk[8];
870 904 rk[10] = rk[2] ^ rk[9];
871 905 rk[11] = rk[3] ^ rk[10];
872 906
873 907 if (++i == 7) {
874 908 return (14);
875 909 }
876 910 temp = rk[11];
877 911 rk[12] = rk[4] ^
878 912 (Te4[temp >> 24] & 0xff000000) ^
879 913 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
880 914 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
881 915 (Te4[temp & 0xff] & 0x000000ff);
|
↓ open down ↓ |
74 lines elided |
↑ open up ↑ |
882 916 rk[13] = rk[5] ^ rk[12];
883 917 rk[14] = rk[6] ^ rk[13];
884 918 rk[15] = rk[7] ^ rk[14];
885 919
886 920 rk += 8;
887 921 }
888 922 }
889 923
890 924 return (0);
891 925 }
926 +#endif /* !__amd64 */
892 927
893 928
894 -#ifdef sun4u
929 +#ifdef sun4u
895 930
896 931 /*
897 - * Expand the cipher key into the enryption key schedule as used
898 - * by the sun4u optimized assembly implementation.
899 - * return the number of rounds for the given cipher key size.
900 - * The size of the key schedule depends on the number of rounds
901 - * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
932 + * Expand the cipher key into the encryption key schedule.
933 + * by the sun4u optimized assembly implementation.
934 + *
935 + * Return the number of rounds for the given cipher key size.
936 + * The size of the key schedule depends on the number of rounds
937 + * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
938 + *
939 + * Parameters:
940 + * rk AES key schedule 64-bit array to be initialized
941 + * cipherKey User key
942 + * keyBits AES key size (128, 192, or 256 bits)
902 943 */
903 944 static int
904 945 rijndael_key_setup_enc(uint64_t rk[], const uint32_t cipherKey[], int keyBits)
905 946 {
906 947 uint32_t rk1[4 * (MAX_AES_NR + 1)];
907 948 uint64_t *rk64 = (uint64_t *)rk;
908 949 uint32_t *rkt;
909 950 uint64_t t;
910 951 int i, Nr;
911 952
912 953 Nr = rijndael_key_setup_enc_raw(rk1, cipherKey, keyBits);
913 954
914 955 for (i = 0; i < 4 * Nr; i++) {
915 956 t = (uint64_t)(rk1[i]);
916 957 rk64[i] = ((t & 0xff000000) << 11) |
917 958 ((t & 0xff0000) << 8) |
918 959 ((t & 0xffff) << 3);
919 960 }
920 961
921 962 rkt = (uint32_t *)(&(rk64[4 * Nr]));
|
↓ open down ↓ |
10 lines elided |
↑ open up ↑ |
922 963
923 964 for (i = 0; i < 4; i++) {
924 965 rkt[i] = rk1[4 * Nr+i];
925 966 }
926 967
927 968 return (Nr);
928 969 }
929 970
930 971
931 972 /*
932 - * Expand the cipher key into the decryption key schedule as used
933 - * by the sun4u optimized assembly implementation.
934 - * return the number of rounds for the given cipher key size.
935 - * The size of the key schedule depends on the number of rounds
936 - * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
973 + * Expand the cipher key into the decryption key schedule as used
974 + * by the sun4u optimized assembly implementation.
975 + *
976 + * Return the number of rounds for the given cipher key size.
977 + * The size of the key schedule depends on the number of rounds
978 + * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
979 + *
980 + * Parameters:
981 + * rk AES key schedule 32-bit array to be initialized
982 + * cipherKey User key
983 + * keyBits AES key size (128, 192, or 256 bits)
937 984 */
938 985 static int
939 986 rijndael_key_setup_dec_raw(uint32_t rk[], const uint32_t cipherKey[],
940 987 int keyBits)
941 988 {
942 989 int Nr, i;
943 990 uint32_t temp;
944 991
945 992 /* expand the cipher key: */
946 993 Nr = rijndael_key_setup_enc_raw(rk, cipherKey, keyBits);
947 994
948 995 /* invert the order of the round keys: */
949 996
950 997 for (i = 0; i < 2 * Nr + 2; i++) {
951 998 temp = rk[i];
952 999 rk[i] = rk[4 * Nr - i + 3];
953 1000 rk[4 * Nr - i + 3] = temp;
954 1001 }
955 1002
956 1003 /*
957 1004 * apply the inverse MixColumn transform to all
958 1005 * round keys but the first and the last:
959 1006 */
960 1007 for (i = 1; i < Nr; i++) {
961 1008 rk += 4;
962 1009 rk[0] = Td0[Te4[rk[0] >> 24] & 0xff] ^
963 1010 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
964 1011 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
965 1012 Td3[Te4[rk[0] & 0xff] & 0xff];
966 1013 rk[1] = Td0[Te4[rk[1] >> 24] & 0xff] ^
967 1014 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
968 1015 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
969 1016 Td3[Te4[rk[1] & 0xff] & 0xff];
970 1017 rk[2] = Td0[Te4[rk[2] >> 24] & 0xff] ^
971 1018 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
972 1019 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
973 1020 Td3[Te4[rk[2] & 0xff] & 0xff];
974 1021 rk[3] = Td0[Te4[rk[3] >> 24] & 0xff] ^
|
↓ open down ↓ |
28 lines elided |
↑ open up ↑ |
975 1022 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
976 1023 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
977 1024 Td3[Te4[rk[3] & 0xff] & 0xff];
978 1025 }
979 1026
980 1027 return (Nr);
981 1028 }
982 1029
983 1030
984 1031 /*
985 - * The size of the key schedule depends on the number of rounds
986 - * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1032 + * The size of the key schedule depends on the number of rounds
1033 + * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1034 + *
1035 + * Parameters:
1036 + * rk AES key schedule 64-bit array to be initialized
1037 + * cipherKey User key
1038 + * keyBits AES key size (128, 192, or 256 bits)
987 1039 */
988 -int
1040 +static int
989 1041 rijndael_key_setup_dec(uint64_t rk[], const uint32_t cipherKey[], int keyBits)
990 1042 {
991 1043 uint32_t rk1[4 * (MAX_AES_NR + 1)];
992 1044 uint64_t *rk64 = (uint64_t *)rk;
993 1045 uint32_t *rkt;
994 1046 uint64_t t;
995 1047 int i, Nr;
996 1048
997 1049 Nr = rijndael_key_setup_dec_raw(rk1, cipherKey, keyBits);
998 1050 for (i = 0; i < 4 * Nr; i++) {
999 1051 t = (uint64_t)(rk1[i]);
1000 1052 rk64[i] = ((t & 0xff000000) << 11) |
1001 1053 ((t & 0xff0000) << 8) |
1002 1054 ((t & 0xffff) << 3);
1003 1055 }
1004 1056
|
↓ open down ↓ |
6 lines elided |
↑ open up ↑ |
1005 1057 rkt = (uint32_t *)(&(rk64[4 * Nr]));
1006 1058
1007 1059 for (i = 0; i < 4; i++) {
1008 1060 rkt[i] = rk1[4 * Nr + i];
1009 1061 }
1010 1062
1011 1063 return (Nr);
1012 1064 }
1013 1065
1014 1066
1067 +/*
1068 + * Expand the 64-bit AES cipher key array into the encryption and decryption
1069 + * key schedules.
1070 + *
1071 + * Parameters:
1072 + * key AES key schedule to be initialized
1073 + * keyarr32 User key
1074 + * keyBits AES key size (128, 192, or 256 bits)
1075 + */
1015 1076 static void
1016 -aes_setupkeys(aes_key_t *key, uint32_t *keyarr32, int keybits)
1077 +aes_setupkeys(aes_key_t *key, const uint32_t *keyarr32, int keybits)
1017 1078 {
1018 1079 key->nr = rijndael_key_setup_enc(&(key->encr_ks.ks64[0]), keyarr32,
1019 1080 keybits);
1020 1081 key->nr = rijndael_key_setup_dec(&(key->decr_ks.ks64[0]), keyarr32,
1021 1082 keybits);
1022 1083 key->type = AES_64BIT_KS;
1023 1084 }
1024 1085
1025 -#else /* !sun4u */
1026 1086
1027 -/*
1028 - * Expand the cipher key into the encryption key schedule.
1029 - * return the number of rounds for the given cipher key size.
1030 - * The size of the key schedule depends on the number of rounds
1031 - * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1032 - */
1033 -static int
1034 -rijndael_key_setup_enc(uint32_t rk[], const uint32_t cipherKey[], int keyBits)
1035 -{
1036 - return (rijndael_key_setup_enc_raw(rk, cipherKey, keyBits));
1037 -}
1087 +#elif !defined(__amd64)
1038 1088
1039 -
1040 1089 /*
1041 1090 * Expand the cipher key into the decryption key schedule.
1042 - * @return the number of rounds for the given cipher key size.
1091 + * Return the number of rounds for the given cipher key size.
1043 1092 * The size of the key schedule depends on the number of rounds
1044 1093 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1094 + *
1095 + * Parameters:
1096 + * rk AES key schedule 32-bit array to be initialized
1097 + * cipherKey User key
1098 + * keyBits AES key size (128, 192, or 256 bits)
1045 1099 */
1046 1100 static int
1047 1101 rijndael_key_setup_dec(uint32_t rk[], const uint32_t cipherKey[], int keyBits)
1048 1102 {
1049 1103 int Nr, i, j;
1050 1104 uint32_t temp;
1051 1105
1052 1106 /* expand the cipher key: */
1053 1107 Nr = rijndael_key_setup_enc_raw(rk, cipherKey, keyBits);
1054 1108
1055 1109 /* invert the order of the round keys: */
1056 1110 for (i = 0, j = 4 * Nr; i < j; i += 4, j -= 4) {
1057 1111 temp = rk[i];
1058 1112 rk[i] = rk[j];
1059 1113 rk[j] = temp;
1060 1114 temp = rk[i + 1];
1061 1115 rk[i + 1] = rk[j + 1];
1062 1116 rk[j + 1] = temp;
1063 1117 temp = rk[i + 2];
1064 1118 rk[i + 2] = rk[j + 2];
1065 1119 rk[j + 2] = temp;
1066 1120 temp = rk[i + 3];
1067 1121 rk[i + 3] = rk[j + 3];
1068 1122 rk[j + 3] = temp;
1069 1123 }
1070 1124
1071 1125 /*
1072 1126 * apply the inverse MixColumn transform to all
1073 1127 * round keys but the first and the last:
1074 1128 */
1075 1129 for (i = 1; i < Nr; i++) {
1076 1130 rk += 4;
1077 1131 rk[0] = Td0[Te4[rk[0] >> 24] & 0xff] ^
1078 1132 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
1079 1133 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
1080 1134 Td3[Te4[rk[0] & 0xff] & 0xff];
1081 1135 rk[1] = Td0[Te4[rk[1] >> 24] & 0xff] ^
1082 1136 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
1083 1137 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
1084 1138 Td3[Te4[rk[1] & 0xff] & 0xff];
1085 1139 rk[2] = Td0[Te4[rk[2] >> 24] & 0xff] ^
1086 1140 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
1087 1141 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
1088 1142 Td3[Te4[rk[2] & 0xff] & 0xff];
|
↓ open down ↓ |
34 lines elided |
↑ open up ↑ |
1089 1143 rk[3] = Td0[Te4[rk[3] >> 24] & 0xff] ^
1090 1144 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
1091 1145 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
1092 1146 Td3[Te4[rk[3] & 0xff] & 0xff];
1093 1147 }
1094 1148
1095 1149 return (Nr);
1096 1150 }
1097 1151
1098 1152
1099 -static void
1100 -aes_setupkeys(aes_key_t *key, uint32_t *keyarr32, int keybits)
1101 -{
1102 - key->nr = rijndael_key_setup_enc(&(key->encr_ks.ks32[0]), keyarr32,
1103 - keybits);
1104 - key->nr = rijndael_key_setup_dec(&(key->decr_ks.ks32[0]), keyarr32,
1105 - keybits);
1106 - key->type = AES_32BIT_KS;
1107 -}
1108 -
1109 1153 /*
1110 1154 * Encrypt one block of data. The block is assumed to be an array
1111 1155 * of four uint32_t values, so copy for alignment (and byte-order
1112 1156 * reversal for little endian systems might be necessary on the
1113 1157 * input and output byte streams.
1114 1158 * The size of the key schedule depends on the number of rounds
1115 1159 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1160 + *
1161 + * Parameters:
1162 + * rk Key schedule, of aes_ks_t (60 32-bit integers)
1163 + * Nr Number of rounds
1164 + * pt Input block (plain text)
1165 + * ct Output block (crypto text). Can overlap with pt
1116 1166 */
1117 -void
1167 +static void
1118 1168 rijndael_encrypt(const uint32_t rk[], int Nr, const uint32_t pt[4],
1119 1169 uint32_t ct[4])
1120 1170 {
1121 1171 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
1122 1172 int r;
1123 1173
1124 1174 /*
1125 1175 * map byte array block to cipher state
1126 1176 * and add initial round key:
1127 1177 */
1128 1178
1129 1179 s0 = pt[0] ^ rk[0];
1130 1180 s1 = pt[1] ^ rk[1];
1131 1181 s2 = pt[2] ^ rk[2];
1132 1182 s3 = pt[3] ^ rk[3];
1133 1183
1134 1184 /*
1135 1185 * Nr - 1 full rounds:
1136 1186 */
1137 1187
1138 1188 r = Nr >> 1;
1139 1189
1140 1190 for (;;) {
1141 1191 t0 = Te0[s0 >> 24] ^
1142 1192 Te1[(s1 >> 16) & 0xff] ^
1143 1193 Te2[(s2 >> 8) & 0xff] ^
1144 1194 Te3[s3 & 0xff] ^
1145 1195 rk[4];
1146 1196
1147 1197 t1 = Te0[s1 >> 24] ^
1148 1198 Te1[(s2 >> 16) & 0xff] ^
1149 1199 Te2[(s3 >> 8) & 0xff] ^
1150 1200 Te3[s0 & 0xff] ^
1151 1201 rk[5];
1152 1202
1153 1203 t2 = Te0[s2 >> 24] ^
1154 1204 Te1[(s3 >> 16) & 0xff] ^
1155 1205 Te2[(s0 >> 8) & 0xff] ^
1156 1206 Te3[s1 & 0xff] ^
1157 1207 rk[6];
1158 1208
1159 1209 t3 = Te0[s3 >> 24] ^
1160 1210 Te1[(s0 >> 16) & 0xff] ^
1161 1211 Te2[(s1 >> 8) & 0xff] ^
1162 1212 Te3[s2 & 0xff] ^
1163 1213 rk[7];
1164 1214
1165 1215 rk += 8;
1166 1216
1167 1217 if (--r == 0) {
1168 1218 break;
1169 1219 }
1170 1220
1171 1221 s0 = Te0[t0 >> 24] ^
1172 1222 Te1[(t1 >> 16) & 0xff] ^
1173 1223 Te2[(t2 >> 8) & 0xff] ^
1174 1224 Te3[t3 & 0xff] ^
1175 1225 rk[0];
1176 1226
1177 1227 s1 = Te0[t1 >> 24] ^
1178 1228 Te1[(t2 >> 16) & 0xff] ^
1179 1229 Te2[(t3 >> 8) & 0xff] ^
1180 1230 Te3[t0 & 0xff] ^
1181 1231 rk[1];
1182 1232
1183 1233 s2 = Te0[t2 >> 24] ^
1184 1234 Te1[(t3 >> 16) & 0xff] ^
1185 1235 Te2[(t0 >> 8) & 0xff] ^
1186 1236 Te3[t1 & 0xff] ^
1187 1237 rk[2];
1188 1238
1189 1239 s3 = Te0[t3 >> 24] ^
1190 1240 Te1[(t0 >> 16) & 0xff] ^
1191 1241 Te2[(t1 >> 8) & 0xff] ^
1192 1242 Te3[t2 & 0xff] ^
1193 1243 rk[3];
1194 1244 }
1195 1245
1196 1246 /*
1197 1247 * apply last round and
1198 1248 * map cipher state to byte array block:
1199 1249 */
1200 1250
1201 1251 s0 = (Te4[(t0 >> 24)] & 0xff000000) ^
1202 1252 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1203 1253 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1204 1254 (Te4[t3 & 0xff] & 0x000000ff) ^
1205 1255 rk[0];
1206 1256 ct[0] = s0;
1207 1257
1208 1258 s1 = (Te4[(t1 >> 24)] & 0xff000000) ^
1209 1259 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1210 1260 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1211 1261 (Te4[t0 & 0xff] & 0x000000ff) ^
1212 1262 rk[1];
1213 1263 ct[1] = s1;
1214 1264
1215 1265 s2 = (Te4[(t2 >> 24)] & 0xff000000) ^
1216 1266 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1217 1267 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1218 1268 (Te4[t1 & 0xff] & 0x000000ff) ^
1219 1269 rk[2];
1220 1270 ct[2] = s2;
1221 1271
1222 1272 s3 = (Te4[(t3 >> 24)] & 0xff000000) ^
1223 1273 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1224 1274 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1225 1275 (Te4[t2 & 0xff] & 0x000000ff) ^
1226 1276 rk[3];
1227 1277 ct[3] = s3;
|
↓ open down ↓ |
100 lines elided |
↑ open up ↑ |
1228 1278 }
1229 1279
1230 1280
1231 1281 /*
1232 1282 * Decrypt one block of data. The block is assumed to be an array
1233 1283 * of four uint32_t values, so copy for alignment (and byte-order
1234 1284 * reversal for little endian systems might be necessary on the
1235 1285 * input and output byte streams.
1236 1286 * The size of the key schedule depends on the number of rounds
1237 1287 * (which can be computed from the size of the key), i.e. 4*(Nr + 1).
1288 + *
1289 + * Parameters:
1290 + * rk Key schedule, of aes_ks_t (60 32-bit integers)
1291 + * Nr Number of rounds
1292 + * ct Input block (crypto text)
1293 + * pt Output block (plain text). Can overlap with pt
1238 1294 */
1239 -void
1295 +static void
1240 1296 rijndael_decrypt(const uint32_t rk[], int Nr, const uint32_t ct[4],
1241 1297 uint32_t pt[4])
1242 1298 {
1243 1299 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
1244 1300 int r;
1245 1301
1246 1302 /*
1247 1303 * map byte array block to cipher state
1248 1304 * and add initial round key:
1249 1305 */
1250 1306 s0 = ct[0] ^ rk[0];
1251 1307 s1 = ct[1] ^ rk[1];
1252 1308 s2 = ct[2] ^ rk[2];
1253 1309 s3 = ct[3] ^ rk[3];
1254 1310
1255 1311 /*
1256 1312 * Nr - 1 full rounds:
1257 1313 */
1258 1314
1259 1315 r = Nr >> 1;
1260 1316
1261 1317 for (;;) {
1262 1318 t0 = Td0[s0 >> 24] ^
1263 1319 Td1[(s3 >> 16) & 0xff] ^
1264 1320 Td2[(s2 >> 8) & 0xff] ^
1265 1321 Td3[s1 & 0xff] ^
1266 1322 rk[4];
1267 1323
1268 1324 t1 = Td0[s1 >> 24] ^
1269 1325 Td1[(s0 >> 16) & 0xff] ^
1270 1326 Td2[(s3 >> 8) & 0xff] ^
1271 1327 Td3[s2 & 0xff] ^
1272 1328 rk[5];
1273 1329
1274 1330 t2 = Td0[s2 >> 24] ^
1275 1331 Td1[(s1 >> 16) & 0xff] ^
1276 1332 Td2[(s0 >> 8) & 0xff] ^
1277 1333 Td3[s3 & 0xff] ^
1278 1334 rk[6];
1279 1335
1280 1336 t3 = Td0[s3 >> 24] ^
1281 1337 Td1[(s2 >> 16) & 0xff] ^
1282 1338 Td2[(s1 >> 8) & 0xff] ^
1283 1339 Td3[s0 & 0xff] ^
1284 1340 rk[7];
1285 1341
1286 1342 rk += 8;
1287 1343
1288 1344 if (--r == 0) {
1289 1345 break;
1290 1346 }
1291 1347
1292 1348 s0 = Td0[t0 >> 24] ^
1293 1349 Td1[(t3 >> 16) & 0xff] ^
1294 1350 Td2[(t2 >> 8) & 0xff] ^
1295 1351 Td3[t1 & 0xff] ^
1296 1352 rk[0];
1297 1353
1298 1354 s1 = Td0[t1 >> 24] ^
1299 1355 Td1[(t0 >> 16) & 0xff] ^
1300 1356 Td2[(t3 >> 8) & 0xff] ^
1301 1357 Td3[t2 & 0xff] ^
1302 1358 rk[1];
1303 1359
1304 1360 s2 = Td0[t2 >> 24] ^
1305 1361 Td1[(t1 >> 16) & 0xff] ^
1306 1362 Td2[(t0 >> 8) & 0xff] ^
1307 1363 Td3[t3 & 0xff] ^
1308 1364 rk[2];
1309 1365
1310 1366 s3 = Td0[t3 >> 24] ^
1311 1367 Td1[(t2 >> 16) & 0xff] ^
1312 1368 Td2[(t1 >> 8) & 0xff] ^
1313 1369 Td3[t0 & 0xff] ^
1314 1370 rk[3];
1315 1371 }
1316 1372
1317 1373 /*
1318 1374 * apply last round and
1319 1375 * map cipher state to byte array block:
1320 1376 */
1321 1377
1322 1378 s0 = (Td4[t0 >> 24] & 0xff000000) ^
1323 1379 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1324 1380 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1325 1381 (Td4[t1 & 0xff] & 0x000000ff) ^
1326 1382 rk[0];
1327 1383 pt[0] = s0;
1328 1384
1329 1385 s1 = (Td4[t1 >> 24] & 0xff000000) ^
1330 1386 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1331 1387 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1332 1388 (Td4[t2 & 0xff] & 0x000000ff) ^
1333 1389 rk[1];
1334 1390 pt[1] = s1;
1335 1391
1336 1392 s2 = (Td4[t2 >> 24] & 0xff000000) ^
1337 1393 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1338 1394 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1339 1395 (Td4[t3 & 0xff] & 0x000000ff) ^
|
↓ open down ↓ |
90 lines elided |
↑ open up ↑ |
1340 1396 rk[2];
1341 1397 pt[2] = s2;
1342 1398
1343 1399 s3 = (Td4[t3 >> 24] & 0xff000000) ^
1344 1400 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1345 1401 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1346 1402 (Td4[t0 & 0xff] & 0x000000ff) ^
1347 1403 rk[3];
1348 1404 pt[3] = s3;
1349 1405 }
1406 +#endif /* sun4u, !__amd64 */
1350 1407
1351 -void
1352 -aes_encrypt_impl(const aes_ks_t *ks, int Nr, const uint32_t pt[4],
1353 - uint32_t ct[4])
1408 +#ifndef sun4u
1409 +/*
1410 + * Expand the 32-bit AES cipher key array into the encryption and decryption
1411 + * key schedules.
1412 + *
1413 + * Parameters:
1414 + * key AES key schedule to be initialized
1415 + * keyarr32 User key
1416 + * keyBits AES key size (128, 192, or 256 bits)
1417 + */
1418 +static void
1419 +aes_setupkeys(aes_key_t *key, const uint32_t *keyarr32, int keybits)
1354 1420 {
1355 - rijndael_encrypt(&(ks->ks32[0]), Nr, pt, ct);
1421 + key->nr = rijndael_key_setup_enc(&(key->encr_ks.ks32[0]), keyarr32,
1422 + keybits);
1423 + key->nr = rijndael_key_setup_dec(&(key->decr_ks.ks32[0]), keyarr32,
1424 + keybits);
1425 + key->type = AES_32BIT_KS;
1356 1426 }
1357 -
1358 -void
1359 -aes_decrypt_impl(const aes_ks_t *ks, int Nr, const uint32_t ct[4],
1360 - uint32_t pt[4])
1361 -{
1362 - rijndael_decrypt(&(ks->ks32[0]), Nr, ct, pt);
1363 -}
1364 -
1365 -#endif /* sun4u */
1427 +#endif /* sun4u */
1366 1428 /* EXPORT DELETE END */
1367 1429
1368 1430
1369 1431 /*
1370 1432 * Initialize key schedules for AES
1433 + *
1434 + * Parameters:
1435 + * cipherKey User key
1436 + * keyBits AES key size (128, 192, or 256 bits)
1437 + * keysched AES key schedule to be initialized, of type aes_key_t.
1438 + * Allocated by aes_alloc_keysched().
1371 1439 */
1372 1440 void
1373 -aes_init_keysched(uint8_t *cipherKey, uint_t keyBits, void *keysched)
1441 +aes_init_keysched(const uint8_t *cipherKey, uint_t keyBits, void *keysched)
1374 1442 {
1375 1443 /* EXPORT DELETE START */
1376 - aes_key_t *newbie = keysched;
1377 - uint64_t keyarr64[4];
1378 - uint32_t *keyarr32 = (uint32_t *)keyarr64;
1379 - uint_t keysize, i, j;
1444 + aes_key_t *newbie = keysched;
1445 + uint_t keysize, i, j;
1446 + union {
1447 + uint64_t ka64[4];
1448 + uint32_t ka32[8];
1449 + } keyarr;
1380 1450
1381 1451 switch (keyBits) {
1382 1452 case 128:
1383 1453 newbie->nr = 10;
1384 1454 break;
1385 1455
1386 1456 case 192:
1387 1457 newbie->nr = 12;
1388 1458 break;
1389 1459
1390 1460 case 256:
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
1391 1461 newbie->nr = 14;
1392 1462 break;
1393 1463
1394 1464 default:
1395 1465 /* should never get here */
1396 1466 return;
1397 1467 }
1398 1468 keysize = keyBits >> 3;
1399 1469
1400 1470 /*
1401 - * The code below, that is always executed on LITTLE_ENDIAN machines,
1402 - * reverses every 4 bytes in the key. On BIG_ENDIAN, the same code
1403 - * copies the key without reversing bytes.
1471 + * For _LITTLE_ENDIAN machines (except AMD64), reverse every
1472 + * 4 bytes in the key. On _BIG_ENDIAN and AMD64, copy the key
1473 + * without reversing bytes.
1474 + * For AMD64, do not byte swap for aes_setupkeys().
1475 + *
1476 + * SPARCv8/v9 uses a key schedule array with 64-bit elements.
1477 + * X86/AMD64 uses a key schedule array with 32-bit elements.
1404 1478 */
1405 -#ifdef _BIG_ENDIAN
1479 +#ifndef AES_BYTE_SWAP
1406 1480 if (IS_P2ALIGNED(cipherKey, sizeof (uint64_t))) {
1407 1481 for (i = 0, j = 0; j < keysize; i++, j += 8) {
1408 1482 /* LINTED: pointer alignment */
1409 - keyarr64[i] = *((uint64_t *)&cipherKey[j]);
1483 + keyarr.ka64[i] = *((uint64_t *)&cipherKey[j]);
1410 1484 }
1411 1485 } else {
1412 -#endif
1413 - for (i = 0, j = 0; j < keysize; i++, j += 4) {
1414 - keyarr32[i] = (((uint32_t)cipherKey[j] << 24) |
1415 - ((uint32_t)cipherKey[j + 1] << 16) |
1416 - ((uint32_t)cipherKey[j + 2] << 8) |
1417 - (uint32_t)cipherKey[j + 3]);
1418 - }
1419 -#ifdef _BIG_ENDIAN
1486 + bcopy(cipherKey, keyarr.ka32, keysize);
1420 1487 }
1488 +
1489 +#else /* byte swap */
1490 + for (i = 0, j = 0; j < keysize; i++, j += 4) {
1491 + keyarr.ka32[i] = (((uint32_t)cipherKey[j] << 24) |
1492 + ((uint32_t)cipherKey[j + 1] << 16) |
1493 + ((uint32_t)cipherKey[j + 2] << 8) |
1494 + (uint32_t)cipherKey[j + 3]);
1495 + }
1421 1496 #endif
1422 - aes_setupkeys(newbie, keyarr32, keyBits);
1423 1497
1498 + aes_setupkeys(newbie, keyarr.ka32, keyBits);
1424 1499 /* EXPORT DELETE END */
1425 1500 }
1426 1501
1502 +
1503 +/*
1504 + * Encrypt one block using AES.
1505 + * Align if needed and (for x86 32-bit only) byte-swap.
1506 + *
1507 + * Parameters:
1508 + * ks Key schedule, of type aes_key_t
1509 + * pt Input block (plain text)
1510 + * ct Output block (crypto text). Can overlap with pt
1511 + */
1427 1512 void
1428 -aes_encrypt_block(void *ks, uint8_t *pt, uint8_t *ct)
1513 +aes_encrypt_block(const void *ks, const uint8_t *pt, uint8_t *ct)
1429 1514 {
1430 1515 /* EXPORT DELETE START */
1516 + aes_key_t *ksch = (aes_key_t *)ks;
1431 1517
1432 - aes_key_t *ksch = (aes_key_t *)ks;
1433 -
1434 -#ifdef _BIG_ENDIAN
1435 - if (IS_P2ALIGNED(pt, sizeof (uint32_t)) &&
1436 - IS_P2ALIGNED(ct, sizeof (uint32_t))) {
1437 - /* LINTED: pointer alignment */
1438 - aes_encrypt_impl(&ksch->encr_ks, ksch->nr, (uint32_t *)pt,
1518 +#ifndef AES_BYTE_SWAP
1519 + if (IS_P2ALIGNED2(pt, ct, sizeof (uint32_t))) {
1520 + AES_ENCRYPT_IMPL(&ksch->encr_ks.ks32[0], ksch->nr,
1439 1521 /* LINTED: pointer alignment */
1440 - (uint32_t *)ct);
1522 + (uint32_t *)pt, (uint32_t *)ct);
1441 1523 } else {
1442 1524 #endif
1443 1525 uint32_t buffer[AES_BLOCK_LEN / sizeof (uint32_t)];
1444 1526
1527 + /* Copy input block into buffer */
1528 +#ifndef AES_BYTE_SWAP
1529 + bcopy(pt, &buffer, AES_BLOCK_LEN);
1530 +
1531 +#else /* byte swap */
1445 1532 buffer[0] = (((uint32_t)pt[0] << 24) | ((uint32_t)pt[1] << 16) |
1446 1533 ((uint32_t)pt[2] << 8) | (uint32_t)pt[3]);
1447 -
1448 1534 buffer[1] = (((uint32_t)pt[4] << 24) | ((uint32_t)pt[5] << 16) |
1449 1535 ((uint32_t)pt[6] << 8) | (uint32_t)pt[7]);
1450 -
1451 1536 buffer[2] = (((uint32_t)pt[8] << 24) | ((uint32_t)pt[9] << 16) |
1452 1537 ((uint32_t)pt[10] << 8) | (uint32_t)pt[11]);
1453 -
1454 1538 buffer[3] = (((uint32_t)pt[12] << 24) |
1455 1539 ((uint32_t)pt[13] << 16) | ((uint32_t)pt[14] << 8) |
1456 1540 (uint32_t)pt[15]);
1541 +#endif
1457 1542
1458 - aes_encrypt_impl(&ksch->encr_ks, ksch->nr, buffer, buffer);
1543 + AES_ENCRYPT_IMPL(&ksch->encr_ks.ks32[0], ksch->nr,
1544 + buffer, buffer);
1459 1545
1546 + /* Copy result from buffer to output block */
1547 +#ifndef AES_BYTE_SWAP
1548 + bcopy(&buffer, ct, AES_BLOCK_LEN);
1549 + }
1550 +
1551 +#else /* byte swap */
1460 1552 ct[0] = buffer[0] >> 24;
1461 1553 ct[1] = buffer[0] >> 16;
1462 1554 ct[2] = buffer[0] >> 8;
1463 1555 ct[3] = (uint8_t)buffer[0];
1464 1556 ct[4] = buffer[1] >> 24;
1465 1557 ct[5] = buffer[1] >> 16;
1466 1558 ct[6] = buffer[1] >> 8;
1467 1559 ct[7] = (uint8_t)buffer[1];
1468 1560 ct[8] = buffer[2] >> 24;
1469 1561 ct[9] = buffer[2] >> 16;
1470 1562 ct[10] = buffer[2] >> 8;
1471 1563 ct[11] = (uint8_t)buffer[2];
1472 1564 ct[12] = buffer[3] >> 24;
1473 1565 ct[13] = buffer[3] >> 16;
1474 1566 ct[14] = buffer[3] >> 8;
1475 1567 ct[15] = (uint8_t)buffer[3];
1476 -#ifdef _BIG_ENDIAN
1477 - }
1478 1568 #endif
1479 -
1480 1569 /* EXPORT DELETE END */
1481 1570 }
1482 1571
1572 +
1573 +/*
1574 + * Decrypt one block using AES.
1575 + * Align and byte-swap if needed.
1576 + *
1577 + * Parameters:
1578 + * ks Key schedule, of type aes_key_t
1579 + * ct Input block (crypto text)
1580 + * pt Output block (plain text). Can overlap with pt
1581 + */
1483 1582 void
1484 -aes_decrypt_block(void *ks, uint8_t *ct, uint8_t *pt)
1583 +aes_decrypt_block(const void *ks, const uint8_t *ct, uint8_t *pt)
1485 1584 {
1486 1585 /* EXPORT DELETE START */
1586 + aes_key_t *ksch = (aes_key_t *)ks;
1487 1587
1488 - aes_key_t *ksch = (aes_key_t *)ks;
1489 -
1490 -#ifdef _BIG_ENDIAN
1491 - if (IS_P2ALIGNED(ct, sizeof (uint32_t)) &&
1492 - IS_P2ALIGNED(pt, sizeof (uint32_t))) {
1493 - /* LINTED: pointer alignment */
1494 - aes_decrypt_impl(&ksch->decr_ks, ksch->nr, (uint32_t *)ct,
1588 +#ifndef AES_BYTE_SWAP
1589 + if (IS_P2ALIGNED2(ct, pt, sizeof (uint32_t))) {
1590 + AES_DECRYPT_IMPL(&ksch->decr_ks.ks32[0], ksch->nr,
1495 1591 /* LINTED: pointer alignment */
1496 - (uint32_t *)pt);
1592 + (uint32_t *)ct, (uint32_t *)pt);
1497 1593 } else {
1498 1594 #endif
1499 1595 uint32_t buffer[AES_BLOCK_LEN / sizeof (uint32_t)];
1500 1596
1597 + /* Copy input block into buffer */
1598 +#ifndef AES_BYTE_SWAP
1599 + bcopy(ct, &buffer, AES_BLOCK_LEN);
1600 +
1601 +#else /* byte swap */
1501 1602 buffer[0] = (((uint32_t)ct[0] << 24) | ((uint32_t)ct[1] << 16) |
1502 1603 ((uint32_t)ct[2] << 8) | (uint32_t)ct[3]);
1503 1604
1504 1605 buffer[1] = (((uint32_t)ct[4] << 24) | ((uint32_t)ct[5] << 16) |
1505 1606 ((uint32_t)ct[6] << 8) | (uint32_t)ct[7]);
1506 1607
1507 1608 buffer[2] = (((uint32_t)ct[8] << 24) | ((uint32_t)ct[9] << 16) |
1508 1609 ((uint32_t)ct[10] << 8) | (uint32_t)ct[11]);
1509 1610
1510 1611 buffer[3] = (((uint32_t)ct[12] << 24) |
1511 1612 ((uint32_t)ct[13] << 16) | ((uint32_t)ct[14] << 8) |
1512 1613 (uint32_t)ct[15]);
1614 +#endif
1513 1615
1514 - aes_decrypt_impl(&ksch->decr_ks, ksch->nr, buffer, buffer);
1616 + AES_DECRYPT_IMPL(&ksch->decr_ks.ks32[0], ksch->nr,
1617 + buffer, buffer);
1515 1618
1619 + /* Copy result from buffer to output block */
1620 +#ifndef AES_BYTE_SWAP
1621 + bcopy(&buffer, pt, AES_BLOCK_LEN);
1622 + }
1623 +
1624 +#else /* byte swap */
1516 1625 pt[0] = buffer[0] >> 24;
1517 1626 pt[1] = buffer[0] >> 16;
1518 1627 pt[2] = buffer[0] >> 8;
1519 1628 pt[3] = (uint8_t)buffer[0];
1520 1629 pt[4] = buffer[1] >> 24;
1521 1630 pt[5] = buffer[1] >> 16;
1522 1631 pt[6] = buffer[1] >> 8;
1523 1632 pt[7] = (uint8_t)buffer[1];
1524 1633 pt[8] = buffer[2] >> 24;
1525 1634 pt[9] = buffer[2] >> 16;
1526 1635 pt[10] = buffer[2] >> 8;
1527 1636 pt[11] = (uint8_t)buffer[2];
1528 1637 pt[12] = buffer[3] >> 24;
1529 1638 pt[13] = buffer[3] >> 16;
1530 1639 pt[14] = buffer[3] >> 8;
1531 1640 pt[15] = (uint8_t)buffer[3];
1532 -#ifdef _BIG_ENDIAN
1533 - }
1534 1641 #endif
1535 1642
1536 1643 /* EXPORT DELETE END */
1537 1644 }
1538 1645
1646 +
1539 1647 /*
1540 - * Allocate key schedule for AES
1648 + * Allocate key schedule for AES.
1649 + *
1650 + * Return the pointer and set size to the number of bytes allocated.
1651 + * Memory allocated must be freed by the caller when done.
1652 + *
1653 + * Parameters:
1654 + * size Size of key schedule allocated, in bytes
1655 + * kmflag Flag passed to kmem_alloc(9F); ignored in userland.
1541 1656 */
1542 1657 /* ARGSUSED */
1543 1658 void *
1544 1659 aes_alloc_keysched(size_t *size, int kmflag)
1545 1660 {
1546 -
1547 1661 /* EXPORT DELETE START */
1548 -
1549 1662 aes_key_t *keysched;
1550 1663
1551 -#ifdef _KERNEL
1664 +#ifdef _KERNEL
1552 1665 keysched = (aes_key_t *)kmem_alloc(sizeof (aes_key_t), kmflag);
1553 1666 #else /* !_KERNEL */
1554 1667 keysched = (aes_key_t *)malloc(sizeof (aes_key_t));
1555 1668 #endif /* _KERNEL */
1556 1669
1557 1670 if (keysched != NULL) {
1558 1671 *size = sizeof (aes_key_t);
1559 1672 return (keysched);
1560 1673 }
1561 -
1562 1674 /* EXPORT DELETE END */
1563 -
1564 1675 return (NULL);
1565 1676 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX