OLD | NEW |
1 // Copyright 2009 The Go Authors. All rights reserved. | 1 // Copyright 2009 The Go Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
4 | 4 |
5 // This Go implementation is derived in part from the reference | 5 // This Go implementation is derived in part from the reference |
6 // ANSI C implementation, which carries the following notice: | 6 // ANSI C implementation, which carries the following notice: |
7 // | 7 // |
8 // rijndael-alg-fst.c | 8 // rijndael-alg-fst.c |
9 // | 9 // |
10 // @version 3.0 (December 2000) | 10 // @version 3.0 (December 2000) |
(...skipping 19 matching lines...) Expand all Loading... |
30 // EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 30 // EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
31 // | 31 // |
32 // See FIPS 197 for specification, and see Daemen and Rijmen's Rijndael submissi
on | 32 // See FIPS 197 for specification, and see Daemen and Rijmen's Rijndael submissi
on |
33 // for implementation details. | 33 // for implementation details. |
34 // http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf | 34 // http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf |
35 // http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf | 35 // http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf |
36 | 36 |
37 package aes | 37 package aes |
38 | 38 |
39 // Encrypt one block from src into dst, using the expanded key xk. | 39 // Encrypt one block from src into dst, using the expanded key xk. |
40 func encryptBlock(xk []uint32, dst, src []byte) { | 40 func encryptBlockGo(xk []uint32, dst, src []byte) { |
41 var s0, s1, s2, s3, t0, t1, t2, t3 uint32 | 41 var s0, s1, s2, s3, t0, t1, t2, t3 uint32 |
42 | 42 |
43 s0 = uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint3
2(src[3]) | 43 s0 = uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint3
2(src[3]) |
44 s1 = uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint3
2(src[7]) | 44 s1 = uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint3
2(src[7]) |
45 s2 = uint32(src[8])<<24 | uint32(src[9])<<16 | uint32(src[10])<<8 | uint
32(src[11]) | 45 s2 = uint32(src[8])<<24 | uint32(src[9])<<16 | uint32(src[10])<<8 | uint
32(src[11]) |
46 s3 = uint32(src[12])<<24 | uint32(src[13])<<16 | uint32(src[14])<<8 | ui
nt32(src[15]) | 46 s3 = uint32(src[12])<<24 | uint32(src[13])<<16 | uint32(src[14])<<8 | ui
nt32(src[15]) |
47 | 47 |
48 // First round just XORs input with key. | 48 // First round just XORs input with key. |
49 s0 ^= xk[0] | 49 s0 ^= xk[0] |
50 s1 ^= xk[1] | 50 s1 ^= xk[1] |
(...skipping 24 matching lines...) Expand all Loading... |
75 s2 ^= xk[k+2] | 75 s2 ^= xk[k+2] |
76 s3 ^= xk[k+3] | 76 s3 ^= xk[k+3] |
77 | 77 |
78 dst[0], dst[1], dst[2], dst[3] = byte(s0>>24), byte(s0>>16), byte(s0>>8)
, byte(s0) | 78 dst[0], dst[1], dst[2], dst[3] = byte(s0>>24), byte(s0>>16), byte(s0>>8)
, byte(s0) |
79 dst[4], dst[5], dst[6], dst[7] = byte(s1>>24), byte(s1>>16), byte(s1>>8)
, byte(s1) | 79 dst[4], dst[5], dst[6], dst[7] = byte(s1>>24), byte(s1>>16), byte(s1>>8)
, byte(s1) |
80 dst[8], dst[9], dst[10], dst[11] = byte(s2>>24), byte(s2>>16), byte(s2>>
8), byte(s2) | 80 dst[8], dst[9], dst[10], dst[11] = byte(s2>>24), byte(s2>>16), byte(s2>>
8), byte(s2) |
81 dst[12], dst[13], dst[14], dst[15] = byte(s3>>24), byte(s3>>16), byte(s3
>>8), byte(s3) | 81 dst[12], dst[13], dst[14], dst[15] = byte(s3>>24), byte(s3>>16), byte(s3
>>8), byte(s3) |
82 } | 82 } |
83 | 83 |
84 // Decrypt one block from src into dst, using the expanded key xk. | 84 // Decrypt one block from src into dst, using the expanded key xk. |
85 func decryptBlock(xk []uint32, dst, src []byte) { | 85 func decryptBlockGo(xk []uint32, dst, src []byte) { |
86 var s0, s1, s2, s3, t0, t1, t2, t3 uint32 | 86 var s0, s1, s2, s3, t0, t1, t2, t3 uint32 |
87 | 87 |
88 s0 = uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint3
2(src[3]) | 88 s0 = uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint3
2(src[3]) |
89 s1 = uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint3
2(src[7]) | 89 s1 = uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint3
2(src[7]) |
90 s2 = uint32(src[8])<<24 | uint32(src[9])<<16 | uint32(src[10])<<8 | uint
32(src[11]) | 90 s2 = uint32(src[8])<<24 | uint32(src[9])<<16 | uint32(src[10])<<8 | uint
32(src[11]) |
91 s3 = uint32(src[12])<<24 | uint32(src[13])<<16 | uint32(src[14])<<8 | ui
nt32(src[15]) | 91 s3 = uint32(src[12])<<24 | uint32(src[13])<<16 | uint32(src[14])<<8 | ui
nt32(src[15]) |
92 | 92 |
93 // First round just XORs input with key. | 93 // First round just XORs input with key. |
94 s0 ^= xk[0] | 94 s0 ^= xk[0] |
95 s1 ^= xk[1] | 95 s1 ^= xk[1] |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
132 uint32(sbox0[w>>16&0xff])<<16 | | 132 uint32(sbox0[w>>16&0xff])<<16 | |
133 uint32(sbox0[w>>8&0xff])<<8 | | 133 uint32(sbox0[w>>8&0xff])<<8 | |
134 uint32(sbox0[w&0xff]) | 134 uint32(sbox0[w&0xff]) |
135 } | 135 } |
136 | 136 |
137 // Rotate | 137 // Rotate |
138 func rotw(w uint32) uint32 { return w<<8 | w>>24 } | 138 func rotw(w uint32) uint32 { return w<<8 | w>>24 } |
139 | 139 |
140 // Key expansion algorithm. See FIPS-197, Figure 11. | 140 // Key expansion algorithm. See FIPS-197, Figure 11. |
141 // Their rcon[i] is our powx[i-1] << 24. | 141 // Their rcon[i] is our powx[i-1] << 24. |
142 func expandKey(key []byte, enc, dec []uint32) { | 142 func expandKeyGo(key []byte, enc, dec []uint32) { |
143 // Encryption key setup. | 143 // Encryption key setup. |
144 var i int | 144 var i int |
145 nk := len(key) / 4 | 145 nk := len(key) / 4 |
146 for i = 0; i < nk; i++ { | 146 for i = 0; i < nk; i++ { |
147 enc[i] = uint32(key[4*i])<<24 | uint32(key[4*i+1])<<16 | uint32(
key[4*i+2])<<8 | uint32(key[4*i+3]) | 147 enc[i] = uint32(key[4*i])<<24 | uint32(key[4*i+1])<<16 | uint32(
key[4*i+2])<<8 | uint32(key[4*i+3]) |
148 } | 148 } |
149 for ; i < len(enc); i++ { | 149 for ; i < len(enc); i++ { |
150 t := enc[i-1] | 150 t := enc[i-1] |
151 if i%nk == 0 { | 151 if i%nk == 0 { |
152 t = subw(rotw(t)) ^ (uint32(powx[i/nk-1]) << 24) | 152 t = subw(rotw(t)) ^ (uint32(powx[i/nk-1]) << 24) |
(...skipping 14 matching lines...) Expand all Loading... |
167 ei := n - i - 4 | 167 ei := n - i - 4 |
168 for j := 0; j < 4; j++ { | 168 for j := 0; j < 4; j++ { |
169 x := enc[ei+j] | 169 x := enc[ei+j] |
170 if i > 0 && i+4 < n { | 170 if i > 0 && i+4 < n { |
171 x = td0[sbox0[x>>24]] ^ td1[sbox0[x>>16&0xff]] ^
td2[sbox0[x>>8&0xff]] ^ td3[sbox0[x&0xff]] | 171 x = td0[sbox0[x>>24]] ^ td1[sbox0[x>>16&0xff]] ^
td2[sbox0[x>>8&0xff]] ^ td3[sbox0[x&0xff]] |
172 } | 172 } |
173 dec[i+j] = x | 173 dec[i+j] = x |
174 } | 174 } |
175 } | 175 } |
176 } | 176 } |
OLD | NEW |