Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/crypto/aes/aes_core.c

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « openssl/crypto/aes/aes_cfb.c ('k') | openssl/crypto/aes/aes_ctr.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */ 1 /* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
2 /** 2 /**
3 * rijndael-alg-fst.c 3 * rijndael-alg-fst.c
4 * 4 *
5 * @version 3.0 (December 2000) 5 * @version 3.0 (December 2000)
6 * 6 *
7 * Optimised ANSI C code for the Rijndael cipher (now AES) 7 * Optimised ANSI C code for the Rijndael cipher (now AES)
8 * 8 *
9 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> 9 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
10 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> 10 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
(...skipping 19 matching lines...) Expand all
30 30
31 #ifndef AES_DEBUG 31 #ifndef AES_DEBUG
32 # ifndef NDEBUG 32 # ifndef NDEBUG
33 # define NDEBUG 33 # define NDEBUG
34 # endif 34 # endif
35 #endif 35 #endif
36 #include <assert.h> 36 #include <assert.h>
37 37
38 #include <stdlib.h> 38 #include <stdlib.h>
39 #include <openssl/aes.h> 39 #include <openssl/aes.h>
40 #ifdef OPENSSL_FIPS
41 #include <openssl/fips.h>
42 #endif
43
44 #include "aes_locl.h" 40 #include "aes_locl.h"
45 41
42 #ifndef AES_ASM
46 /* 43 /*
47 Te0[x] = S [x].[02, 01, 01, 03]; 44 Te0[x] = S [x].[02, 01, 01, 03];
48 Te1[x] = S [x].[03, 02, 01, 01]; 45 Te1[x] = S [x].[03, 02, 01, 01];
49 Te2[x] = S [x].[01, 03, 02, 01]; 46 Te2[x] = S [x].[01, 03, 02, 01];
50 Te3[x] = S [x].[01, 01, 03, 02]; 47 Te3[x] = S [x].[01, 01, 03, 02];
51 48
52 Td0[x] = Si[x].[0e, 09, 0d, 0b]; 49 Td0[x] = Si[x].[0e, 09, 0d, 0b];
53 Td1[x] = Si[x].[0b, 0e, 09, 0d]; 50 Td1[x] = Si[x].[0b, 0e, 09, 0d];
54 Td2[x] = Si[x].[0d, 0b, 0e, 09]; 51 Td2[x] = Si[x].[0d, 0b, 0e, 09];
55 Td3[x] = Si[x].[09, 0d, 0b, 0e]; 52 Td3[x] = Si[x].[09, 0d, 0b, 0e];
(...skipping 572 matching lines...) Expand 10 before | Expand all | Expand 10 after
628 /** 625 /**
629 * Expand the cipher key into the encryption key schedule. 626 * Expand the cipher key into the encryption key schedule.
630 */ 627 */
631 int AES_set_encrypt_key(const unsigned char *userKey, const int bits, 628 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
632 AES_KEY *key) { 629 AES_KEY *key) {
633 630
634 u32 *rk; 631 u32 *rk;
635 int i = 0; 632 int i = 0;
636 u32 temp; 633 u32 temp;
637 634
638 #ifdef OPENSSL_FIPS
639 FIPS_selftest_check();
640 #endif
641
642 if (!userKey || !key) 635 if (!userKey || !key)
643 return -1; 636 return -1;
644 if (bits != 128 && bits != 192 && bits != 256) 637 if (bits != 128 && bits != 192 && bits != 256)
645 return -2; 638 return -2;
646 639
647 rk = key->rd_key; 640 rk = key->rd_key;
648 641
649 if (bits==128) 642 if (bits==128)
650 key->rounds = 10; 643 key->rounds = 10;
651 else if (bits==192) 644 else if (bits==192)
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after
774 Td3[Te1[(rk[2] ) & 0xff] & 0xff]; 767 Td3[Te1[(rk[2] ) & 0xff] & 0xff];
775 rk[3] = 768 rk[3] =
776 Td0[Te1[(rk[3] >> 24) ] & 0xff] ^ 769 Td0[Te1[(rk[3] >> 24) ] & 0xff] ^
777 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ 770 Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
778 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ 771 Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
779 Td3[Te1[(rk[3] ) & 0xff] & 0xff]; 772 Td3[Te1[(rk[3] ) & 0xff] & 0xff];
780 } 773 }
781 return 0; 774 return 0;
782 } 775 }
783 776
784 #ifndef AES_ASM
785 /* 777 /*
786 * Encrypt a single block 778 * Encrypt a single block
787 * in and out can overlap 779 * in and out can overlap
788 */ 780 */
789 void AES_encrypt(const unsigned char *in, unsigned char *out, 781 void AES_encrypt(const unsigned char *in, unsigned char *out,
790 const AES_KEY *key) { 782 const AES_KEY *key) {
791 783
792 const u32 *rk; 784 const u32 *rk;
793 u32 s0, s1, s2, s3, t0, t1, t2, t3; 785 u32 s0, s1, s2, s3, t0, t1, t2, t3;
794 #ifndef FULL_UNROLL 786 #ifndef FULL_UNROLL
(...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after
1157 PUTU32(out + 8, s2); 1149 PUTU32(out + 8, s2);
1158 s3 = 1150 s3 =
1159 (Td4[(t3 >> 24) ] << 24) ^ 1151 (Td4[(t3 >> 24) ] << 24) ^
1160 (Td4[(t2 >> 16) & 0xff] << 16) ^ 1152 (Td4[(t2 >> 16) & 0xff] << 16) ^
1161 (Td4[(t1 >> 8) & 0xff] << 8) ^ 1153 (Td4[(t1 >> 8) & 0xff] << 8) ^
1162 (Td4[(t0 ) & 0xff]) ^ 1154 (Td4[(t0 ) & 0xff]) ^
1163 rk[3]; 1155 rk[3];
1164 PUTU32(out + 12, s3); 1156 PUTU32(out + 12, s3);
1165 } 1157 }
1166 1158
1159 #else /* AES_ASM */
1160
1161 static const u8 Te4[256] = {
1162 0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
1163 0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
1164 0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
1165 0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
1166 0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
1167 0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
1168 0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
1169 0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
1170 0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
1171 0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
1172 0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
1173 0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
1174 0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
1175 0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
1176 0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
1177 0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
1178 0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
1179 0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
1180 0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
1181 0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
1182 0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
1183 0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
1184 0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
1185 0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
1186 0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
1187 0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
1188 0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
1189 0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
1190 0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
1191 0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
1192 0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
1193 0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
1194 };
1195 static const u32 rcon[] = {
1196 0x01000000, 0x02000000, 0x04000000, 0x08000000,
1197 0x10000000, 0x20000000, 0x40000000, 0x80000000,
1198 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
1199 };
1200
1201 /**
1202 * Expand the cipher key into the encryption key schedule.
1203 */
1204 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
1205 AES_KEY *key) {
1206 u32 *rk;
1207 int i = 0;
1208 u32 temp;
1209
1210 if (!userKey || !key)
1211 return -1;
1212 if (bits != 128 && bits != 192 && bits != 256)
1213 return -2;
1214
1215 rk = key->rd_key;
1216
1217 if (bits==128)
1218 key->rounds = 10;
1219 else if (bits==192)
1220 key->rounds = 12;
1221 else
1222 key->rounds = 14;
1223
1224 rk[0] = GETU32(userKey );
1225 rk[1] = GETU32(userKey + 4);
1226 rk[2] = GETU32(userKey + 8);
1227 rk[3] = GETU32(userKey + 12);
1228 if (bits == 128) {
1229 while (1) {
1230 temp = rk[3];
1231 rk[4] = rk[0] ^
1232 (Te4[(temp >> 16) & 0xff] << 24) ^
1233 (Te4[(temp >> 8) & 0xff] << 16) ^
1234 (Te4[(temp ) & 0xff] << 8) ^
1235 (Te4[(temp >> 24) ]) ^
1236 rcon[i];
1237 rk[5] = rk[1] ^ rk[4];
1238 rk[6] = rk[2] ^ rk[5];
1239 rk[7] = rk[3] ^ rk[6];
1240 if (++i == 10) {
1241 return 0;
1242 }
1243 rk += 4;
1244 }
1245 }
1246 rk[4] = GETU32(userKey + 16);
1247 rk[5] = GETU32(userKey + 20);
1248 if (bits == 192) {
1249 while (1) {
1250 temp = rk[ 5];
1251 rk[ 6] = rk[ 0] ^
1252 (Te4[(temp >> 16) & 0xff] << 24) ^
1253 (Te4[(temp >> 8) & 0xff] << 16) ^
1254 (Te4[(temp ) & 0xff] << 8) ^
1255 (Te4[(temp >> 24) ]) ^
1256 rcon[i];
1257 rk[ 7] = rk[ 1] ^ rk[ 6];
1258 rk[ 8] = rk[ 2] ^ rk[ 7];
1259 rk[ 9] = rk[ 3] ^ rk[ 8];
1260 if (++i == 8) {
1261 return 0;
1262 }
1263 rk[10] = rk[ 4] ^ rk[ 9];
1264 rk[11] = rk[ 5] ^ rk[10];
1265 rk += 6;
1266 }
1267 }
1268 rk[6] = GETU32(userKey + 24);
1269 rk[7] = GETU32(userKey + 28);
1270 if (bits == 256) {
1271 while (1) {
1272 temp = rk[ 7];
1273 rk[ 8] = rk[ 0] ^
1274 (Te4[(temp >> 16) & 0xff] << 24) ^
1275 (Te4[(temp >> 8) & 0xff] << 16) ^
1276 (Te4[(temp ) & 0xff] << 8) ^
1277 (Te4[(temp >> 24) ]) ^
1278 rcon[i];
1279 rk[ 9] = rk[ 1] ^ rk[ 8];
1280 rk[10] = rk[ 2] ^ rk[ 9];
1281 rk[11] = rk[ 3] ^ rk[10];
1282 if (++i == 7) {
1283 return 0;
1284 }
1285 temp = rk[11];
1286 rk[12] = rk[ 4] ^
1287 (Te4[(temp >> 24) ] << 24) ^
1288 (Te4[(temp >> 16) & 0xff] << 16) ^
1289 (Te4[(temp >> 8) & 0xff] << 8) ^
1290 (Te4[(temp ) & 0xff]);
1291 rk[13] = rk[ 5] ^ rk[12];
1292 rk[14] = rk[ 6] ^ rk[13];
1293 rk[15] = rk[ 7] ^ rk[14];
1294
1295 rk += 8;
1296 }
1297 }
1298 return 0;
1299 }
1300
1301 /**
1302 * Expand the cipher key into the decryption key schedule.
1303 */
1304 int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
1305 AES_KEY *key) {
1306
1307 u32 *rk;
1308 int i, j, status;
1309 u32 temp;
1310
1311 /* first, start with an encryption schedule */
1312 status = AES_set_encrypt_key(userKey, bits, key);
1313 if (status < 0)
1314 return status;
1315
1316 rk = key->rd_key;
1317
1318 /* invert the order of the round keys: */
1319 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
1320 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
1321 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
1322 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
1323 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
1324 }
1325 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
1326 for (i = 1; i < (key->rounds); i++) {
1327 rk += 4;
1328 for (j = 0; j < 4; j++) {
1329 u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
1330
1331 tp1 = rk[j];
1332 m = tp1 & 0x80808080;
1333 tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
1334 ((m - (m >> 7)) & 0x1b1b1b1b);
1335 m = tp2 & 0x80808080;
1336 tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
1337 ((m - (m >> 7)) & 0x1b1b1b1b);
1338 m = tp4 & 0x80808080;
1339 tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
1340 ((m - (m >> 7)) & 0x1b1b1b1b);
1341 tp9 = tp8 ^ tp1;
1342 tpb = tp9 ^ tp2;
1343 tpd = tp9 ^ tp4;
1344 tpe = tp8 ^ tp4 ^ tp2;
1345 #if defined(ROTATE)
1346 rk[j] = tpe ^ ROTATE(tpd,16) ^
1347 ROTATE(tp9,24) ^ ROTATE(tpb,8);
1348 #else
1349 rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
1350 (tp9 >> 8) ^ (tp9 << 24) ^
1351 (tpb >> 24) ^ (tpb << 8);
1352 #endif
1353 }
1354 }
1355 return 0;
1356 }
1357
1167 #endif /* AES_ASM */ 1358 #endif /* AES_ASM */
OLDNEW
« no previous file with comments | « openssl/crypto/aes/aes_cfb.c ('k') | openssl/crypto/aes/aes_ctr.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698