rijndael: Make implementation big-endian.

[catacomb] / rijndael-base.c

/* -*-c-*-
 *
 * $Id: rijndael-base.c,v 1.2 2004/04/08 01:36:15 mdw Exp $
 *
 * Low-level stuff for all Rijndael block sizes
 *
 * (c) 2001 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of Catacomb.
 *
 * Catacomb is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Library General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 * 
 * Catacomb is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Library General Public License for more details.
 * 
 * You should have received a copy of the GNU Library General Public
 * License along with Catacomb; if not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

/*----- Header files ------------------------------------------------------*/

#include <assert.h>
#include <stdio.h>

#include <mLib/bits.h>

#include "blkc.h"
#include "gcipher.h"
#include "rijndael.h"
#include "rijndael-base.h"
#include "rijndael-tab.h"

/*----- Global variables --------------------------------------------------*/

const octet rijndael_keysz[] = { KSZ_RANGE, RIJNDAEL_KEYSZ, 4, 32, 4 };

/*----- Constant tables ---------------------------------------------------*/

const octet rijndael_s[256] = RIJNDAEL_S;
const octet rijndael_si[256] = RIJNDAEL_SI;
const uint32 rijndael_t[4][256] = RIJNDAEL_T;
const uint32 rijndael_ti[4][256] = RIJNDAEL_TI;
const uint32 rijndael_u[4][256] = RIJNDAEL_U;
const octet rijndael_rcon[] = RIJNDAEL_RCON;

/*----- Main code ---------------------------------------------------------*/

/* --- @rijndael_setup@ --- *
 *
 * Arguments:   @rijndael_ctx *k@ = pointer to context to initialize
 *              @unsigned nb@ = number of words in the block
 *              @const void *buf@ = pointer to buffer of key material
 *              @size_t sz@ = size of the key material
 *
 * Returns:     ---
 *
 * Use:         Low-level key-scheduling.
 */

void rijndael_setup(rijndael_ctx *k, unsigned nb, const void *buf, size_t sz)
{
  unsigned nk, nr, nw;
  unsigned i, j, jj;
  const octet *p;
  uint32 ww;

  /* --- Sort out the key size --- */

  KSZ_ASSERT(rijndael, sz);
  nk = sz / 4;

  /* --- Select the number of rounds --- */

  nr = (nk > nb ? nk : nb) + 6;
  if (nr < 10)
    nr = 10;
  k->nr = nr;

  /* --- Fetch the first key words out --- */

  p = buf;
  for (i = 0; i < nk; i++) {
    k->w[i] = LOAD32_B(p);
    p += 4;
  }

  /* --- Expand this material to fill the rest of the table --- */

  nw = (nr + 1) * nb;
  ww = k->w[i - 1];
  p = RCON;
  for (; i < nw; i++) {
    uint32 w = k->w[i - nk];
    if (i % nk == 0) {
      ww = ROL32(ww, 8);
      w ^= SUB(S, ww, ww, ww, ww) ^ (*p++ << 24);
    } else if (nk > 6 && i % nk == 4)
      w ^= SUB(S, ww, ww, ww, ww);
    else
      w ^= ww;
    k->w[i] = ww = w;
  }

  /* --- Make the decryption keys --- */

  j = nw; i = 0;

  j -= nb; jj = 0;
  for (; i < nb; i++)
    k->wi[i] = k->w[j + jj++];

  for (; i < nw - nb; i += nb) {
    j -= nb;
    for (jj = 0; jj < nb; jj++) {
      uint32 w = k->w[j + jj];
      k->wi[i + jj] = MIX(U, w, w, w, w);
    }
  }

  j -= nb; jj = 0;
  for (; i < nw; i++)
    k->wi[i] = k->w[j + jj++];
}

/*----- That's all, folks -------------------------------------------------*/