Sat Aug 6 00:39:19 2011

Asterisk developer's documentation


aesopt.h

Go to the documentation of this file.
00001 /*
00002  ---------------------------------------------------------------------------
00003  Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
00004  All rights reserved.
00005 
00006  LICENSE TERMS
00007 
00008  The free distribution and use of this software in both source and binary
00009  form is allowed (with or without changes) provided that:
00010 
00011    1. distributions of this source code include the above copyright
00012       notice, this list of conditions and the following disclaimer;
00013 
00014    2. distributions in binary form include the above copyright
00015       notice, this list of conditions and the following disclaimer
00016       in the documentation and/or other associated materials;
00017 
00018    3. the copyright holder's name is not used to endorse products
00019       built using this software without specific written permission.
00020 
00021  ALTERNATIVELY, provided that this notice is retained in full, this product
00022  may be distributed under the terms of the GNU General Public License (GPL),
00023  in which case the provisions of the GPL apply INSTEAD OF those given above.
00024 
00025  DISCLAIMER
00026 
00027  This software is provided 'as is' with no explicit or implied warranties
00028  in respect of its properties, including, but not limited to, correctness
00029  and/or fitness for purpose.
00030  ---------------------------------------------------------------------------
00031  Issue Date: 26/08/2003
00032 
00033  My thanks go to Dag Arne Osvik for devising the schemes used here for key
00034  length derivation from the form of the key schedule
00035 
00036  This file contains the compilation options for AES (Rijndael) and code
00037  that is common across encryption, key scheduling and table generation.
00038 
00039     OPERATION
00040 
00041     These source code files implement the AES algorithm Rijndael designed by
00042     Joan Daemen and Vincent Rijmen. This version is designed for the standard
00043     block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
00044     and 32 bytes).
00045 
00046     This version is designed for flexibility and speed using operations on
00047     32-bit words rather than operations on bytes.  It can be compiled with
00048     either big or little endian internal byte order but is faster when the
00049     native byte order for the processor is used.
00050 
00051     THE CIPHER INTERFACE
00052 
00053     The cipher interface is implemented as an array of bytes in which lower
00054     AES bit sequence indexes map to higher numeric significance within bytes.
00055 
00056     aes_08t                 (an unsigned  8-bit type)
00057     aes_32t                 (an unsigned 32-bit type)
00058     struct aes_encrypt_ctx  (structure for the cipher encryption context)
00059     struct aes_decrypt_ctx  (structure for the cipher decryption context)
00060     aes_rval                the function return type
00061 
00062     C subroutine calls:
00063 
00064       aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
00065       aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
00066       aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
00067       aes_rval aes_encrypt(const void *in_blk,
00068                                  void *out_blk, const aes_encrypt_ctx cx[1]);
00069 
00070       aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
00071       aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
00072       aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
00073       aes_rval aes_decrypt(const void *in_blk,
00074                                  void *out_blk, const aes_decrypt_ctx cx[1]);
00075 
00076     IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
00077     you call genTabs() before AES is used so that the tables are initialised.
00078 
00079     C++ aes class subroutines:
00080 
00081         Class AESencrypt  for encryption
00082 
00083         Construtors:
00084             AESencrypt(void)
00085             AESencrypt(const void *in_key) - 128 bit key
00086         Members:
00087             void key128(const void *in_key)
00088             void key192(const void *in_key)
00089             void key256(const void *in_key)
00090             void encrypt(const void *in_blk, void *out_blk) const
00091 
00092         Class AESdecrypt  for encryption
00093         Construtors:
00094             AESdecrypt(void)
00095             AESdecrypt(const void *in_key) - 128 bit key
00096         Members:
00097             void key128(const void *in_key)
00098             void key192(const void *in_key)
00099             void key256(const void *in_key)
00100             void decrypt(const void *in_blk, void *out_blk) const
00101 
00102     COMPILATION
00103 
00104     The files used to provide AES (Rijndael) are
00105 
00106     a. aes.h for the definitions needed for use in C.
00107     b. aescpp.h for the definitions needed for use in C++.
00108     c. aesopt.h for setting compilation options (also includes common code).
00109     d. aescrypt.c for encryption and decrytpion, or
00110     e. aeskey.c for key scheduling.
00111     f. aestab.c for table loading or generation.
00112     g. aescrypt.asm for encryption and decryption using assembler code.
00113     h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.
00114 
00115     To compile AES (Rijndael) for use in C code use aes.h and set the
00116     defines here for the facilities you need (key lengths, encryption
00117     and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
00118     for optimisations and table sizes here.
00119 
00120     To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
00121     not define AES_DLL
00122 
00123     To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
00124     aes.h and include the AES_DLL define.
00125 
00126     CONFIGURATION OPTIONS (here and in aes.h)
00127 
00128     a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
00129     b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
00130     c. If you want the code to run in a specific internal byte order, then
00131        ALGORITHM_BYTE_ORDER must be set accordingly.
00132     d. set other configuration options decribed below.
00133 */
00134 
00135 #ifndef _AESOPT_H
00136 #define _AESOPT_H
00137 
00138 #include "asterisk/aes.h"
00139 #include "asterisk/endian.h"
00140 
00141 /*  CONFIGURATION - USE OF DEFINES
00142 
00143     Later in this section there are a number of defines that control the
00144     operation of the code.  In each section, the purpose of each define is
00145     explained so that the relevant form can be included or excluded by
00146     setting either 1's or 0's respectively on the branches of the related
00147     #if clauses.
00148 */
00149 
00150 /*  BYTE ORDER IN 32-BIT WORDS
00151 
00152     To obtain the highest speed on processors with 32-bit words, this code
00153     needs to determine the byte order of the target machine. The following 
00154     block of code is an attempt to capture the most obvious ways in which 
00155     various environemnts define byte order. It may well fail, in which case 
00156     the definitions will need to be set by editing at the points marked 
00157     **** EDIT HERE IF NECESSARY **** below.  My thanks to Peter Gutmann for 
00158     some of these defines (from cryptlib).
00159 */
00160 
00161 #define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
00162 #define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
00163 
00164 #if defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       ||   \
00165     defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    ||   \
00166     defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) ||   \
00167     defined( vax )       || defined( vms )     || defined( VMS )        ||   \
00168     defined( __VMS ) 
00169 
00170 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00171 
00172 #endif
00173 
00174 #if defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  ||   \
00175     defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   ||   \
00176     defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       ||   \
00177     defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) ||   \
00178     defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) ||   \
00179     defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
00180     
00181 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00182 
00183 #endif
00184 
00185 /*  if the platform is still not known, try to find its byte order  */
00186 /*  from commonly used definitions in the headers included earlier  */
00187 
00188 #if !defined(PLATFORM_BYTE_ORDER)
00189 
00190 #if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
00191 #  if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
00192 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00193 #  elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
00194 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00195 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
00196 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00197 #  elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
00198 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00199 #  endif
00200 
00201 #elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
00202 #  if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
00203 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00204 #  elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
00205 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00206 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
00207 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00208 #  elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
00209 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00210 #  endif
00211 
00212 #elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
00213 #  if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
00214 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00215 #  elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
00216 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00217 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
00218 #    define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00219 #  elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
00220 #    define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00221 #  endif
00222 
00223 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00224 #define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
00225 
00226 #elif 0     /* **** EDIT HERE IF NECESSARY **** */
00227 #define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
00228 
00229 #else
00230 #error Please edit aesopt.h (line 235 or 238) to set the platform byte order
00231 #endif
00232 
00233 #endif
00234 
00235 /*  SOME LOCAL DEFINITIONS  */
00236 
00237 #define NO_TABLES              0
00238 #define ONE_TABLE              1
00239 #define FOUR_TABLES            4
00240 #define NONE                   0
00241 #define PARTIAL                1
00242 #define FULL                   2
00243 
00244 #if defined(bswap32)
00245 #define aes_sw32    bswap32
00246 #elif defined(bswap_32)
00247 #define aes_sw32    bswap_32
00248 #else 
00249 #define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
00250 #define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
00251 #endif
00252 
00253 /*  1. FUNCTIONS REQUIRED
00254 
00255     This implementation provides subroutines for encryption, decryption
00256     and for setting the three key lengths (separately) for encryption
00257     and decryption. When the assembler code is not being used the following
00258     definition blocks allow the selection of the routines that are to be
00259     included in the compilation.
00260 */
00261 #ifdef AES_ENCRYPT
00262 #define ENCRYPTION
00263 #define ENCRYPTION_KEY_SCHEDULE
00264 #endif
00265 
00266 #ifdef AES_DECRYPT
00267 #define DECRYPTION
00268 #define DECRYPTION_KEY_SCHEDULE
00269 #endif
00270 
00271 /*  2. ASSEMBLER SUPPORT
00272 
00273     This define (which can be on the command line) enables the use of the
00274     assembler code routines for encryption and decryption with the C code
00275     only providing key scheduling
00276 */
00277 #if 0
00278 #define AES_ASM
00279 #endif
00280 
00281 /*  3. BYTE ORDER WITHIN 32 BIT WORDS
00282 
00283     The fundamental data processing units in Rijndael are 8-bit bytes. The
00284     input, output and key input are all enumerated arrays of bytes in which
00285     bytes are numbered starting at zero and increasing to one less than the
00286     number of bytes in the array in question. This enumeration is only used
00287     for naming bytes and does not imply any adjacency or order relationship
00288     from one byte to another. When these inputs and outputs are considered
00289     as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
00290     byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
00291     In this implementation bits are numbered from 0 to 7 starting at the
00292     numerically least significant end of each byte (bit n represents 2^n).
00293 
00294     However, Rijndael can be implemented more efficiently using 32-bit
00295     words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
00296     into word[n]. While in principle these bytes can be assembled into words
00297     in any positions, this implementation only supports the two formats in
00298     which bytes in adjacent positions within words also have adjacent byte
00299     numbers. This order is called big-endian if the lowest numbered bytes
00300     in words have the highest numeric significance and little-endian if the
00301     opposite applies.
00302 
00303     This code can work in either order irrespective of the order used by the
00304     machine on which it runs. Normally the internal byte order will be set
00305     to the order of the processor on which the code is to be run but this
00306     define can be used to reverse this in special situations
00307 
00308     NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
00309 */
00310 #if 1 || defined(AES_ASM)
00311 #define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
00312 #elif 0
00313 #define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
00314 #elif 0
00315 #define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
00316 #else
00317 #error The algorithm byte order is not defined
00318 #endif
00319 
00320 /*  4. FAST INPUT/OUTPUT OPERATIONS.
00321 
00322     On some machines it is possible to improve speed by transferring the
00323     bytes in the input and output arrays to and from the internal 32-bit
00324     variables by addressing these arrays as if they are arrays of 32-bit
00325     words.  On some machines this will always be possible but there may
00326     be a large performance penalty if the byte arrays are not aligned on
00327     the normal word boundaries. On other machines this technique will
00328     lead to memory access errors when such 32-bit word accesses are not
00329     properly aligned. The option SAFE_IO avoids such problems but will
00330     often be slower on those machines that support misaligned access
00331     (especially so if care is taken to align the input  and output byte
00332     arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
00333     assumed that access to byte arrays as if they are arrays of 32-bit
00334     words will not cause problems when such accesses are misaligned.
00335 */
00336 #if 1 && !defined(_MSC_VER)
00337 #define SAFE_IO
00338 #endif
00339 
00340 /*  5. LOOP UNROLLING
00341 
00342     The code for encryption and decrytpion cycles through a number of rounds
00343     that can be implemented either in a loop or by expanding the code into a
00344     long sequence of instructions, the latter producing a larger program but
00345     one that will often be much faster. The latter is called loop unrolling.
00346     There are also potential speed advantages in expanding two iterations in
00347     a loop with half the number of iterations, which is called partial loop
00348     unrolling.  The following options allow partial or full loop unrolling
00349     to be set independently for encryption and decryption
00350 */
00351 #if 1
00352 #define ENC_UNROLL  FULL
00353 #elif 0
00354 #define ENC_UNROLL  PARTIAL
00355 #else
00356 #define ENC_UNROLL  NONE
00357 #endif
00358 
00359 #if 1
00360 #define DEC_UNROLL  FULL
00361 #elif 0
00362 #define DEC_UNROLL  PARTIAL
00363 #else
00364 #define DEC_UNROLL  NONE
00365 #endif
00366 
00367 /*  6. FAST FINITE FIELD OPERATIONS
00368 
00369     If this section is included, tables are used to provide faster finite
00370     field arithmetic (this has no effect if FIXED_TABLES is defined).
00371 */
00372 #if 1
00373 #define FF_TABLES
00374 #endif
00375 
00376 /*  7. INTERNAL STATE VARIABLE FORMAT
00377 
00378     The internal state of Rijndael is stored in a number of local 32-bit
00379     word varaibles which can be defined either as an array or as individual
00380     names variables. Include this section if you want to store these local
00381     varaibles in arrays. Otherwise individual local variables will be used.
00382 */
00383 #if 1
00384 #define ARRAYS
00385 #endif
00386 
00387 /* In this implementation the columns of the state array are each held in
00388    32-bit words. The state array can be held in various ways: in an array
00389    of words, in a number of individual word variables or in a number of
00390    processor registers. The following define maps a variable name x and
00391    a column number c to the way the state array variable is to be held.
00392    The first define below maps the state into an array x[c] whereas the
00393    second form maps the state into a number of individual variables x0,
00394    x1, etc.  Another form could map individual state colums to machine
00395    register names.
00396 */
00397 
00398 #if defined(ARRAYS)
00399 #define s(x,c) x[c]
00400 #else
00401 #define s(x,c) x##c
00402 #endif
00403 
00404 /*  8. FIXED OR DYNAMIC TABLES
00405 
00406     When this section is included the tables used by the code are compiled
00407     statically into the binary file.  Otherwise the subroutine gen_tabs()
00408     must be called to compute them before the code is first used.
00409 */
00410 #if 1
00411 #define FIXED_TABLES
00412 #endif
00413 
00414 /*  9. TABLE ALIGNMENT
00415 
00416     On some sytsems speed will be improved by aligning the AES large lookup
00417     tables on particular boundaries. This define should be set to a power of
00418     two giving the desired alignment. It can be left undefined if alignment 
00419     is not needed.  This option is specific to the Microsft VC++ compiler -
00420     it seems to sometimes cause trouble for the VC++ version 6 compiler.
00421 */
00422 
00423 #if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
00424 #define TABLE_ALIGN 64
00425 #endif
00426 
00427 /*  10. INTERNAL TABLE CONFIGURATION
00428 
00429     This cipher proceeds by repeating in a number of cycles known as 'rounds'
00430     which are implemented by a round function which can optionally be speeded
00431     up using tables.  The basic tables are each 256 32-bit words, with either
00432     one or four tables being required for each round function depending on
00433     how much speed is required. The encryption and decryption round functions
00434     are different and the last encryption and decrytpion round functions are
00435     different again making four different round functions in all.
00436 
00437     This means that:
00438       1. Normal encryption and decryption rounds can each use either 0, 1
00439          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00440       2. The last encryption and decryption rounds can also use either 0, 1
00441          or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
00442 
00443     Include or exclude the appropriate definitions below to set the number
00444     of tables used by this implementation.
00445 */
00446 
00447 #if 1   /* set tables for the normal encryption round */
00448 #define ENC_ROUND   FOUR_TABLES
00449 #elif 0
00450 #define ENC_ROUND   ONE_TABLE
00451 #else
00452 #define ENC_ROUND   NO_TABLES
00453 #endif
00454 
00455 #if 1   /* set tables for the last encryption round */
00456 #define LAST_ENC_ROUND  FOUR_TABLES
00457 #elif 0
00458 #define LAST_ENC_ROUND  ONE_TABLE
00459 #else
00460 #define LAST_ENC_ROUND  NO_TABLES
00461 #endif
00462 
00463 #if 1   /* set tables for the normal decryption round */
00464 #define DEC_ROUND   FOUR_TABLES
00465 #elif 0
00466 #define DEC_ROUND   ONE_TABLE
00467 #else
00468 #define DEC_ROUND   NO_TABLES
00469 #endif
00470 
00471 #if 1   /* set tables for the last decryption round */
00472 #define LAST_DEC_ROUND  FOUR_TABLES
00473 #elif 0
00474 #define LAST_DEC_ROUND  ONE_TABLE
00475 #else
00476 #define LAST_DEC_ROUND  NO_TABLES
00477 #endif
00478 
00479 /*  The decryption key schedule can be speeded up with tables in the same
00480     way that the round functions can.  Include or exclude the following
00481     defines to set this requirement.
00482 */
00483 #if 1
00484 #define KEY_SCHED   FOUR_TABLES
00485 #elif 0
00486 #define KEY_SCHED   ONE_TABLE
00487 #else
00488 #define KEY_SCHED   NO_TABLES
00489 #endif
00490 
00491 /* END OF CONFIGURATION OPTIONS */
00492 
00493 #define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))
00494 
00495 /* Disable or report errors on some combinations of options */
00496 
00497 #if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
00498 #undef  LAST_ENC_ROUND
00499 #define LAST_ENC_ROUND  NO_TABLES
00500 #elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
00501 #undef  LAST_ENC_ROUND
00502 #define LAST_ENC_ROUND  ONE_TABLE
00503 #endif
00504 
00505 #if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
00506 #undef  ENC_UNROLL
00507 #define ENC_UNROLL  NONE
00508 #endif
00509 
00510 #if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
00511 #undef  LAST_DEC_ROUND
00512 #define LAST_DEC_ROUND  NO_TABLES
00513 #elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
00514 #undef  LAST_DEC_ROUND
00515 #define LAST_DEC_ROUND  ONE_TABLE
00516 #endif
00517 
00518 #if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
00519 #undef  DEC_UNROLL
00520 #define DEC_UNROLL  NONE
00521 #endif
00522 
00523 /*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
00524                higher index positions with wrap around into low positions
00525     ups(x,n):  moves bytes by n positions to higher index positions in
00526                words but without wrap around
00527     bval(x,n): extracts a byte from a word
00528 
00529     NOTE:      The definitions given here are intended only for use with
00530                unsigned variables and with shift counts that are compile
00531                time constants
00532 */
00533 
00534 #if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
00535 #define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
00536 #define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
00537 #define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
00538 #define bytes2word(b0, b1, b2, b3)  \
00539         (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
00540 #endif
00541 
00542 #if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
00543 #define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
00544 #define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
00545 #define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
00546 #define bytes2word(b0, b1, b2, b3)  \
00547         (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
00548 #endif
00549 
00550 #if defined(SAFE_IO)
00551 
00552 #define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
00553                                    ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
00554 #define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
00555                           ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }
00556 
00557 #elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)
00558 
00559 #define word_in(x,c)    (*((aes_32t*)(x)+(c)))
00560 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))
00561 
00562 #else
00563 
00564 #define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
00565 #define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))
00566 
00567 #endif
00568 
00569 /* the finite field modular polynomial and elements */
00570 
00571 #define WPOLY   0x011b
00572 #define BPOLY     0x1b
00573 
00574 /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
00575 
00576 #define m1  0x80808080
00577 #define m2  0x7f7f7f7f
00578 #define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
00579 
00580 /* The following defines provide alternative definitions of gf_mulx that might
00581    give improved performance if a fast 32-bit multiply is not available. Note
00582    that a temporary variable u needs to be defined where gf_mulx is used.
00583 
00584 #define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
00585 #define m4  (0x01010101 * BPOLY)
00586 #define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
00587 */
00588 
00589 /* Work out which tables are needed for the different options   */
00590 
00591 #ifdef  AES_ASM
00592 #ifdef  ENC_ROUND
00593 #undef  ENC_ROUND
00594 #endif
00595 #define ENC_ROUND   FOUR_TABLES
00596 #ifdef  LAST_ENC_ROUND
00597 #undef  LAST_ENC_ROUND
00598 #endif
00599 #define LAST_ENC_ROUND  FOUR_TABLES
00600 #ifdef  DEC_ROUND
00601 #undef  DEC_ROUND
00602 #endif
00603 #define DEC_ROUND   FOUR_TABLES
00604 #ifdef  LAST_DEC_ROUND
00605 #undef  LAST_DEC_ROUND
00606 #endif
00607 #define LAST_DEC_ROUND  FOUR_TABLES
00608 #ifdef  KEY_SCHED
00609 #undef  KEY_SCHED
00610 #define KEY_SCHED   FOUR_TABLES
00611 #endif
00612 #endif
00613 
00614 #if defined(ENCRYPTION) || defined(AES_ASM)
00615 #if ENC_ROUND == ONE_TABLE
00616 #define FT1_SET
00617 #elif ENC_ROUND == FOUR_TABLES
00618 #define FT4_SET
00619 #else
00620 #define SBX_SET
00621 #endif
00622 #if LAST_ENC_ROUND == ONE_TABLE
00623 #define FL1_SET
00624 #elif LAST_ENC_ROUND == FOUR_TABLES
00625 #define FL4_SET
00626 #elif !defined(SBX_SET)
00627 #define SBX_SET
00628 #endif
00629 #endif
00630 
00631 #if defined(DECRYPTION) || defined(AES_ASM)
00632 #if DEC_ROUND == ONE_TABLE
00633 #define IT1_SET
00634 #elif DEC_ROUND == FOUR_TABLES
00635 #define IT4_SET
00636 #else
00637 #define ISB_SET
00638 #endif
00639 #if LAST_DEC_ROUND == ONE_TABLE
00640 #define IL1_SET
00641 #elif LAST_DEC_ROUND == FOUR_TABLES
00642 #define IL4_SET
00643 #elif !defined(ISB_SET)
00644 #define ISB_SET
00645 #endif
00646 #endif
00647 
00648 #if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
00649 #if KEY_SCHED == ONE_TABLE
00650 #define LS1_SET
00651 #define IM1_SET
00652 #elif KEY_SCHED == FOUR_TABLES
00653 #define LS4_SET
00654 #define IM4_SET
00655 #elif !defined(SBX_SET)
00656 #define SBX_SET
00657 #endif
00658 #endif
00659 
00660 /* generic definitions of Rijndael macros that use tables    */
00661 
00662 #define no_table(x,box,vf,rf,c) bytes2word( \
00663     box[bval(vf(x,0,c),rf(0,c))], \
00664     box[bval(vf(x,1,c),rf(1,c))], \
00665     box[bval(vf(x,2,c),rf(2,c))], \
00666     box[bval(vf(x,3,c),rf(3,c))])
00667 
00668 #define one_table(x,op,tab,vf,rf,c) \
00669  (     tab[bval(vf(x,0,c),rf(0,c))] \
00670   ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
00671   ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
00672   ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
00673 
00674 #define four_tables(x,tab,vf,rf,c) \
00675  (  tab[0][bval(vf(x,0,c),rf(0,c))] \
00676   ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
00677   ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
00678   ^ tab[3][bval(vf(x,3,c),rf(3,c))])
00679 
00680 #define vf1(x,r,c)  (x)
00681 #define rf1(r,c)    (r)
00682 #define rf2(r,c)    ((8+r-c)&3)
00683 
00684 /* perform forward and inverse column mix operation on four bytes in long word x in */
00685 /* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */
00686 
00687 #if defined(FM4_SET)    /* not currently used */
00688 #define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
00689 #elif defined(FM1_SET)  /* not currently used */
00690 #define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
00691 #else
00692 #define dec_fmvars      aes_32t g2
00693 #define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
00694 #endif
00695 
00696 #if defined(IM4_SET)
00697 #define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
00698 #elif defined(IM1_SET)
00699 #define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
00700 #else
00701 #define dec_imvars      aes_32t g2, g4, g9
00702 #define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
00703                         (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
00704 #endif
00705 
00706 #if defined(FL4_SET)
00707 #define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
00708 #elif   defined(LS4_SET)
00709 #define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
00710 #elif defined(FL1_SET)
00711 #define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
00712 #elif defined(LS1_SET)
00713 #define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
00714 #else
00715 #define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
00716 #endif
00717 
00718 #if defined(__cplusplus)
00719 extern "C"
00720 {
00721 #endif
00722 
00723 /*  If there are no global variables, the definitions here can be
00724     used to put the AES tables in a structure so that a pointer 
00725     can then be added to the AES context to pass them to the AES
00726     routines that need them.  If this facility is used, the calling 
00727     program has to ensure that this pointer is managed appropriately. 
00728     In particular, the value of the t_dec(in,it) item in the table 
00729     structure must be set to zero in order to ensure that the tables 
00730     are initialised. In practice the three code sequences in aeskey.c 
00731     that control the calls to gen_tabs() and the gen_tabs() routine 
00732     itself will have to be changed for a specific implementation. If 
00733     global variables are available it will generally be preferable to 
00734     use them with the precomputed FIXED_TABLES option that uses static 
00735     global tables.
00736 
00737     The following defines can be used to control the way the tables
00738     are defined, initialised and used in embedded environments that
00739     require special features for these purposes
00740 
00741     the 't_dec' construction is used to declare fixed table arrays
00742     the 't_set' construction is used to set fixed table values
00743     the 't_use' construction is used to access fixed table values
00744 
00745     256 byte tables:
00746 
00747         t_xxx(s,box)    => forward S box
00748         t_xxx(i,box)    => inverse S box
00749 
00750     256 32-bit word OR 4 x 256 32-bit word tables:
00751 
00752         t_xxx(f,n)      => forward normal round
00753         t_xxx(f,l)      => forward last round
00754         t_xxx(i,n)      => inverse normal round
00755         t_xxx(i,l)      => inverse last round
00756         t_xxx(l,s)      => key schedule table
00757         t_xxx(i,m)      => key schedule table
00758 
00759     Other variables and tables:
00760 
00761         t_xxx(r,c)      => the rcon table
00762 */
00763 
00764 #define t_dec(m,n) t_##m##n
00765 #define t_set(m,n) t_##m##n
00766 #define t_use(m,n) t_##m##n
00767 
00768 #if defined(DO_TABLES)  /* declare and instantiate tables   */
00769 
00770 /*  finite field arithmetic operations for table generation */
00771 
00772 #if defined(FIXED_TABLES) || !defined(FF_TABLES)
00773 
00774 #define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
00775 #define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
00776 #define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
00777                         ^ (((x>>5) & 4) * WPOLY))
00778 #define f3(x)   (f2(x) ^ x)
00779 #define f9(x)   (f8(x) ^ x)
00780 #define fb(x)   (f8(x) ^ f2(x) ^ x)
00781 #define fd(x)   (f8(x) ^ f4(x) ^ x)
00782 #define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
00783 
00784 #else
00785 
00786 #define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
00787 #define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
00788 #define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
00789 #define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
00790 #define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
00791 #define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
00792 #define fi(x) ((x) ? pow[ 255 - log[x]] : 0)
00793 
00794 #endif
00795 
00796 #if defined(FIXED_TABLES)   /* declare and set values for static tables */
00797 
00798 #define sb_data(w) \
00799     w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
00800     w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
00801     w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
00802     w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
00803     w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
00804     w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
00805     w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
00806     w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
00807     w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
00808     w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
00809     w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
00810     w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
00811     w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
00812     w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
00813     w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
00814     w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
00815     w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
00816     w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
00817     w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
00818     w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
00819     w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
00820     w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
00821     w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
00822     w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
00823     w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
00824     w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
00825     w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
00826     w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
00827     w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
00828     w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
00829     w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
00830     w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16)
00831 
00832 #define isb_data(w) \
00833     w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
00834     w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
00835     w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
00836     w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
00837     w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
00838     w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
00839     w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
00840     w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
00841     w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
00842     w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
00843     w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
00844     w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
00845     w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
00846     w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
00847     w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
00848     w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
00849     w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
00850     w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
00851     w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
00852     w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
00853     w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
00854     w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
00855     w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
00856     w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
00857     w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
00858     w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
00859     w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
00860     w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
00861     w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
00862     w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
00863     w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
00864     w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d),
00865 
00866 #define mm_data(w) \
00867     w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
00868     w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
00869     w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
00870     w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
00871     w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
00872     w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
00873     w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
00874     w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
00875     w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
00876     w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
00877     w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
00878     w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
00879     w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
00880     w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
00881     w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
00882     w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
00883     w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
00884     w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
00885     w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
00886     w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
00887     w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
00888     w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
00889     w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
00890     w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
00891     w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
00892     w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
00893     w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
00894     w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
00895     w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
00896     w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
00897     w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
00898     w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff)
00899 
00900 #define h0(x)   (x)
00901 
00902 /*  These defines are used to ensure tables are generated in the
00903     right format depending on the internal byte order required
00904 */
00905 
00906 #define w0(p)   bytes2word(p, 0, 0, 0)
00907 #define w1(p)   bytes2word(0, p, 0, 0)
00908 #define w2(p)   bytes2word(0, 0, p, 0)
00909 #define w3(p)   bytes2word(0, 0, 0, p)
00910 
00911 #define u0(p)   bytes2word(f2(p), p, p, f3(p))
00912 #define u1(p)   bytes2word(f3(p), f2(p), p, p)
00913 #define u2(p)   bytes2word(p, f3(p), f2(p), p)
00914 #define u3(p)   bytes2word(p, p, f3(p), f2(p))
00915 
00916 #define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
00917 #define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
00918 #define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
00919 #define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))
00920 
00921 const aes_32t t_dec(r,c)[RC_LENGTH] =
00922 {
00923     w0(0x01), w0(0x02), w0(0x04), w0(0x08), w0(0x10),
00924     w0(0x20), w0(0x40), w0(0x80), w0(0x1b), w0(0x36)
00925 };
00926 
00927 #define d_1(t,n,b,v) const t n[256]    =   { b(v##0) }
00928 #define d_4(t,n,b,v) const t n[4][256] = { { b(v##0) }, { b(v##1) }, { b(v##2) }, { b(v##3) } }
00929 
00930 #else   /* declare and instantiate tables for dynamic value generation in in tab.c  */
00931 
00932 aes_32t t_dec(r,c)[RC_LENGTH];
00933 
00934 #define d_1(t,n,b,v) t  n[256]
00935 #define d_4(t,n,b,v) t  n[4][256]
00936 
00937 #endif
00938 
00939 #else   /* declare tables without instantiation */
00940 
00941 #if defined(FIXED_TABLES)
00942 
00943 extern const aes_32t t_dec(r,c)[RC_LENGTH];
00944 
00945 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00946 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[256]
00947 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) const t  n[4][256]
00948 #else
00949 #define d_1(t,n,b,v) extern const t  n[256]
00950 #define d_4(t,n,b,v) extern const t  n[4][256]
00951 #endif
00952 #else
00953 
00954 extern aes_32t t_dec(r,c)[RC_LENGTH];
00955 
00956 #if defined(_MSC_VER) && defined(TABLE_ALIGN)
00957 #define d_1(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[256]
00958 #define d_4(t,n,b,v) extern __declspec(align(TABLE_ALIGN)) t  n[4][256]
00959 #else
00960 #define d_1(t,n,b,v) extern t  n[256]
00961 #define d_4(t,n,b,v) extern t  n[4][256]
00962 #endif
00963 #endif
00964 
00965 #endif
00966 
00967 #ifdef  SBX_SET
00968     d_1(aes_08t, t_dec(s,box), sb_data, h);
00969 #endif
00970 #ifdef  ISB_SET
00971     d_1(aes_08t, t_dec(i,box), isb_data, h);
00972 #endif
00973 
00974 #ifdef  FT1_SET
00975     d_1(aes_32t, t_dec(f,n), sb_data, u);
00976 #endif
00977 #ifdef  FT4_SET
00978     d_4(aes_32t, t_dec(f,n), sb_data, u);
00979 #endif
00980 
00981 #ifdef  FL1_SET
00982     d_1(aes_32t, t_dec(f,l), sb_data, w);
00983 #endif
00984 #ifdef  FL4_SET
00985     d_4(aes_32t, t_dec(f,l), sb_data, w);
00986 #endif
00987 
00988 #ifdef  IT1_SET
00989     d_1(aes_32t, t_dec(i,n), isb_data, v);
00990 #endif
00991 #ifdef  IT4_SET
00992     d_4(aes_32t, t_dec(i,n), isb_data, v);
00993 #endif
00994 
00995 #ifdef  IL1_SET
00996     d_1(aes_32t, t_dec(i,l), isb_data, w);
00997 #endif
00998 #ifdef  IL4_SET
00999     d_4(aes_32t, t_dec(i,l), isb_data, w);
01000 #endif
01001 
01002 #ifdef  LS1_SET
01003 #ifdef  FL1_SET
01004 #undef  LS1_SET
01005 #else
01006     d_1(aes_32t, t_dec(l,s), sb_data, w);
01007 #endif
01008 #endif
01009 
01010 #ifdef  LS4_SET
01011 #ifdef  FL4_SET
01012 #undef  LS4_SET
01013 #else
01014     d_4(aes_32t, t_dec(l,s), sb_data, w);
01015 #endif
01016 #endif
01017 
01018 #ifdef  IM1_SET
01019     d_1(aes_32t, t_dec(i,m), mm_data, v);
01020 #endif
01021 #ifdef  IM4_SET
01022     d_4(aes_32t, t_dec(i,m), mm_data, v);
01023 #endif
01024 
01025 #if defined(__cplusplus)
01026 }
01027 #endif
01028 
01029 #endif

Generated on Sat Aug 6 00:39:19 2011 for Asterisk - the Open Source PBX by  doxygen 1.4.7