Mercurial > dropbear

comparison aes.c @ 15:6362d3854bb4 libtomcrypt-orig

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
0.96 release of LibTomCrypt
author Matt Johnston <matt@ucc.asn.au>
date Tue, 15 Jun 2004 14:07:21 +0000
parents 7faae8f46238
children 5d99163f7e32
comparison
equal deleted inserted replaced
3:7faae8f46238 15:6362d3854bb4
28 28
29 #include "mycrypt.h" 29 #include "mycrypt.h"
30 30
31 #ifdef RIJNDAEL 31 #ifdef RIJNDAEL
32 32
33 #ifndef ENCRYPT_ONLY
34
35 #define SETUP rijndael_setup
36 #define ECB_ENC rijndael_ecb_encrypt
37 #define ECB_DEC rijndael_ecb_decrypt
38 #define ECB_TEST rijndael_test
39 #define ECB_KS rijndael_keysize
40
33 const struct _cipher_descriptor rijndael_desc = 41 const struct _cipher_descriptor rijndael_desc =
34 { 42 {
35 "rijndael", 43 "rijndael",
36 6, 44 6,
37 16, 32, 16, 10, 45 16, 32, 16, 10,
38 &rijndael_setup, 46 SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_KS
39 &rijndael_ecb_encrypt,
40 &rijndael_ecb_decrypt,
41 &rijndael_test,
42 &rijndael_keysize
43 }; 47 };
44 48
45 const struct _cipher_descriptor aes_desc = 49 const struct _cipher_descriptor aes_desc =
46 { 50 {
47 "aes", 51 "aes",
48 6, 52 6,
49 16, 32, 16, 10, 53 16, 32, 16, 10,
50 &rijndael_setup, 54 SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_KS
51 &rijndael_ecb_encrypt,
52 &rijndael_ecb_decrypt,
53 &rijndael_test,
54 &rijndael_keysize
55 }; 55 };
56 56
57 #else
58
59 #define SETUP rijndael_enc_setup
60 #define ECB_ENC rijndael_enc_ecb_encrypt
61 #define ECB_KS rijndael_enc_keysize
62
63 const struct _cipher_descriptor rijndael_enc_desc =
64 {
65 "rijndael",
66 6,
67 16, 32, 16, 10,
68 SETUP, ECB_ENC, NULL, NULL, ECB_KS
69 };
70
71 const struct _cipher_descriptor aes_enc_desc =
72 {
73 "aes",
74 6,
75 16, 32, 16, 10,
76 SETUP, ECB_ENC, NULL, NULL, ECB_KS
77 };
78
79 #endif
80
57 #include "aes_tab.c" 81 #include "aes_tab.c"
58 82
59 int rijndael_setup(const unsigned char *key, int keylen, int rounds, symmetric_key *skey) 83 static ulong32 setup_mix(ulong32 temp)
84 {
85 return (Te4_3[byte(temp, 2)]) ^
86 (Te4_2[byte(temp, 1)]) ^
87 (Te4_1[byte(temp, 0)]) ^
88 (Te4_0[byte(temp, 3)]);
89 }
90
91 #ifndef ENCRYPT_ONLY
92
93 static ulong32 setup_mix2(ulong32 temp)
94 {
95 return Td0(255 & Te4[byte(temp, 3)]) ^
96 Td1(255 & Te4[byte(temp, 2)]) ^
97 Td2(255 & Te4[byte(temp, 1)]) ^
98 Td3(255 & Te4[byte(temp, 0)]);
99 }
100
101 #endif
102
103 int SETUP(const unsigned char *key, int keylen, int rounds, symmetric_key *skey)
60 { 104 {
61 int i, j; 105 int i, j;
62 ulong32 temp, *rk, *rrk; 106 ulong32 temp, *rk;
63 107 #ifndef ENCRYPT_ONLY
64 _ARGCHK(key != NULL); 108 ulong32 *rrk;
109 #endif
110 _ARGCHK(key != NULL);
65 _ARGCHK(skey != NULL); 111 _ARGCHK(skey != NULL);
66 112
67 if (keylen != 16 && keylen != 24 && keylen != 32) { 113 if (keylen != 16 && keylen != 24 && keylen != 32) {
68 return CRYPT_INVALID_KEYSIZE; 114 return CRYPT_INVALID_KEYSIZE;
69 } 115 }
83 LOAD32H(rk[3], key + 12); 129 LOAD32H(rk[3], key + 12);
84 if (keylen == 16) { 130 if (keylen == 16) {
85 j = 44; 131 j = 44;
86 for (;;) { 132 for (;;) {
87 temp = rk[3]; 133 temp = rk[3];
88 rk[4] = rk[0] ^ 134 rk[4] = rk[0] ^ setup_mix(temp) ^ rcon[i];
89 (Te4_3[byte(temp, 2)]) ^
90 (Te4_2[byte(temp, 1)]) ^
91 (Te4_1[byte(temp, 0)]) ^
92 (Te4_0[byte(temp, 3)]) ^
93 rcon[i];
94 rk[5] = rk[1] ^ rk[4]; 135 rk[5] = rk[1] ^ rk[4];
95 rk[6] = rk[2] ^ rk[5]; 136 rk[6] = rk[2] ^ rk[5];
96 rk[7] = rk[3] ^ rk[6]; 137 rk[7] = rk[3] ^ rk[6];
97 if (++i == 10) { 138 if (++i == 10) {
98 break; 139 break;
107 #ifdef _MSC_VER 148 #ifdef _MSC_VER
108 temp = skey->rijndael.eK[rk - skey->rijndael.eK + 5]; 149 temp = skey->rijndael.eK[rk - skey->rijndael.eK + 5];
109 #else 150 #else
110 temp = rk[5]; 151 temp = rk[5];
111 #endif 152 #endif
112 rk[ 6] = rk[ 0] ^ 153 rk[ 6] = rk[ 0] ^ setup_mix(temp) ^ rcon[i];
113 (Te4_3[byte(temp, 2)]) ^
114 (Te4_2[byte(temp, 1)]) ^
115 (Te4_1[byte(temp, 0)]) ^
116 (Te4_0[byte(temp, 3)]) ^
117 rcon[i];
118 rk[ 7] = rk[ 1] ^ rk[ 6]; 154 rk[ 7] = rk[ 1] ^ rk[ 6];
119 rk[ 8] = rk[ 2] ^ rk[ 7]; 155 rk[ 8] = rk[ 2] ^ rk[ 7];
120 rk[ 9] = rk[ 3] ^ rk[ 8]; 156 rk[ 9] = rk[ 3] ^ rk[ 8];
121 if (++i == 8) { 157 if (++i == 8) {
122 break; 158 break;
135 #ifdef _MSC_VER 171 #ifdef _MSC_VER
136 temp = skey->rijndael.eK[rk - skey->rijndael.eK + 7]; 172 temp = skey->rijndael.eK[rk - skey->rijndael.eK + 7];
137 #else 173 #else
138 temp = rk[7]; 174 temp = rk[7];
139 #endif 175 #endif
140 rk[ 8] = rk[ 0] ^ 176 rk[ 8] = rk[ 0] ^ setup_mix(temp) ^ rcon[i];
141 (Te4_3[byte(temp, 2)]) ^
142 (Te4_2[byte(temp, 1)]) ^
143 (Te4_1[byte(temp, 0)]) ^
144 (Te4_0[byte(temp, 3)]) ^
145 rcon[i];
146 rk[ 9] = rk[ 1] ^ rk[ 8]; 177 rk[ 9] = rk[ 1] ^ rk[ 8];
147 rk[10] = rk[ 2] ^ rk[ 9]; 178 rk[10] = rk[ 2] ^ rk[ 9];
148 rk[11] = rk[ 3] ^ rk[10]; 179 rk[11] = rk[ 3] ^ rk[10];
149 if (++i == 7) { 180 if (++i == 7) {
150 break; 181 break;
151 } 182 }
152 temp = rk[11]; 183 temp = rk[11];
153 rk[12] = rk[ 4] ^ 184 rk[12] = rk[ 4] ^ setup_mix(ROR(temp, 8));
154 (Te4_3[byte(temp, 3)]) ^
155 (Te4_2[byte(temp, 2)]) ^
156 (Te4_1[byte(temp, 1)]) ^
157 (Te4_0[byte(temp, 0)]);
158 rk[13] = rk[ 5] ^ rk[12]; 185 rk[13] = rk[ 5] ^ rk[12];
159 rk[14] = rk[ 6] ^ rk[13]; 186 rk[14] = rk[ 6] ^ rk[13];
160 rk[15] = rk[ 7] ^ rk[14]; 187 rk[15] = rk[ 7] ^ rk[14];
161 rk += 8; 188 rk += 8;
162 } 189 }
163 } else { 190 } else {
164 /* this can't happen */ 191 /* this can't happen */
165 j = 4; 192 j = 4;
166 } 193 }
167 194
195 #ifndef ENCRYPT_ONLY
168 /* setup the inverse key now */ 196 /* setup the inverse key now */
169 rk = skey->rijndael.dK; 197 rk = skey->rijndael.dK;
170 rrk = skey->rijndael.eK + j - 4; 198 rrk = skey->rijndael.eK + j - 4;
171 199
172 /* apply the inverse MixColumn transform to all round keys but the first and the last: */ 200 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
180 for (i = 1; i < skey->rijndael.Nr; i++) { 208 for (i = 1; i < skey->rijndael.Nr; i++) {
181 rrk -= 4; 209 rrk -= 4;
182 rk += 4; 210 rk += 4;
183 #ifdef SMALL_CODE 211 #ifdef SMALL_CODE
184 temp = rrk[0]; 212 temp = rrk[0];
185 rk[0] = 213 rk[0] = setup_mix2(temp);
186 Td0(255 & Te4[byte(temp, 3)]) ^
187 Td1(255 & Te4[byte(temp, 2)]) ^
188 Td2(255 & Te4[byte(temp, 1)]) ^
189 Td3(255 & Te4[byte(temp, 0)]);
190 temp = rrk[1]; 214 temp = rrk[1];
191 rk[1] = 215 rk[1] = setup_mix2(temp);
192 Td0(255 & Te4[byte(temp, 3)]) ^
193 Td1(255 & Te4[byte(temp, 2)]) ^
194 Td2(255 & Te4[byte(temp, 1)]) ^
195 Td3(255 & Te4[byte(temp, 0)]);
196 temp = rrk[2]; 216 temp = rrk[2];
197 rk[2] = 217 rk[2] = setup_mix2(temp);
198 Td0(255 & Te4[byte(temp, 3)]) ^
199 Td1(255 & Te4[byte(temp, 2)]) ^
200 Td2(255 & Te4[byte(temp, 1)]) ^
201 Td3(255 & Te4[byte(temp, 0)]);
202 temp = rrk[3]; 218 temp = rrk[3];
203 rk[3] = 219 rk[3] = setup_mix2(temp);
204 Td0(255 & Te4[byte(temp, 3)]) ^
205 Td1(255 & Te4[byte(temp, 2)]) ^
206 Td2(255 & Te4[byte(temp, 1)]) ^
207 Td3(255 & Te4[byte(temp, 0)]);
208 #else 220 #else
209 temp = rrk[0]; 221 temp = rrk[0];
210 rk[0] = 222 rk[0] =
211 Tks0[byte(temp, 3)] ^ 223 Tks0[byte(temp, 3)] ^
212 Tks1[byte(temp, 2)] ^ 224 Tks1[byte(temp, 2)] ^
239 rk += 4; 251 rk += 4;
240 *rk++ = *rrk++; 252 *rk++ = *rrk++;
241 *rk++ = *rrk++; 253 *rk++ = *rrk++;
242 *rk++ = *rrk++; 254 *rk++ = *rrk++;
243 *rk = *rrk; 255 *rk = *rrk;
256 #endif /* ENCRYPT_ONLY */
244 257
245 return CRYPT_OK; 258 return CRYPT_OK;
246 } 259 }
247 260
248 #ifdef CLEAN_STACK 261 #ifdef CLEAN_STACK
249 static void _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 262 static void _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
250 #else 263 #else
251 void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 264 void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
252 #endif 265 #endif
253 { 266 {
254 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; 267 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
255 int Nr, r; 268 int Nr, r;
256 269
267 */ 280 */
268 LOAD32H(s0, pt ); s0 ^= rk[0]; 281 LOAD32H(s0, pt ); s0 ^= rk[0];
269 LOAD32H(s1, pt + 4); s1 ^= rk[1]; 282 LOAD32H(s1, pt + 4); s1 ^= rk[1];
270 LOAD32H(s2, pt + 8); s2 ^= rk[2]; 283 LOAD32H(s2, pt + 8); s2 ^= rk[2];
271 LOAD32H(s3, pt + 12); s3 ^= rk[3]; 284 LOAD32H(s3, pt + 12); s3 ^= rk[3];
285
286
287 #ifdef SMALL_CODE
288
289 for (r = 0; ; r++) {
290 rk += 4;
291 t0 =
292 Te0(byte(s0, 3)) ^
293 Te1(byte(s1, 2)) ^
294 Te2(byte(s2, 1)) ^
295 Te3(byte(s3, 0)) ^
296 rk[0];
297 t1 =
298 Te0(byte(s1, 3)) ^
299 Te1(byte(s2, 2)) ^
300 Te2(byte(s3, 1)) ^
301 Te3(byte(s0, 0)) ^
302 rk[1];
303 t2 =
304 Te0(byte(s2, 3)) ^
305 Te1(byte(s3, 2)) ^
306 Te2(byte(s0, 1)) ^
307 Te3(byte(s1, 0)) ^
308 rk[2];
309 t3 =
310 Te0(byte(s3, 3)) ^
311 Te1(byte(s0, 2)) ^
312 Te2(byte(s1, 1)) ^
313 Te3(byte(s2, 0)) ^
314 rk[3];
315 if (r == Nr-2) {
316 break;
317 }
318 s0 = t0; s1 = t1; s2 = t2; s3 = t3;
319 }
320 rk += 4;
321
322 #else
272 323
273 /* 324 /*
274 * Nr - 1 full rounds: 325 * Nr - 1 full rounds:
275 */ 326 */
276 r = Nr >> 1; 327 r = Nr >> 1;
328 Te1(byte(t0, 2)) ^ 379 Te1(byte(t0, 2)) ^
329 Te2(byte(t1, 1)) ^ 380 Te2(byte(t1, 1)) ^
330 Te3(byte(t2, 0)) ^ 381 Te3(byte(t2, 0)) ^
331 rk[3]; 382 rk[3];
332 } 383 }
384
385 #endif
386
333 /* 387 /*
334 * apply last round and 388 * apply last round and
335 * map cipher state to byte array block: 389 * map cipher state to byte array block:
336 */ 390 */
337 s0 = 391 s0 =
338 (Te4_3[(t0 >> 24) ]) ^ 392 (Te4_3[byte(t0, 3)]) ^
339 (Te4_2[(t1 >> 16) & 0xff]) ^ 393 (Te4_2[byte(t1, 2)]) ^
340 (Te4_1[(t2 >> 8) & 0xff]) ^ 394 (Te4_1[byte(t2, 1)]) ^
341 (Te4_0[(t3 ) & 0xff]) ^ 395 (Te4_0[byte(t3, 0)]) ^
342 rk[0]; 396 rk[0];
343 STORE32H(s0, ct); 397 STORE32H(s0, ct);
344 s1 = 398 s1 =
345 (Te4_3[(t1 >> 24) ]) ^ 399 (Te4_3[byte(t1, 3)]) ^
346 (Te4_2[(t2 >> 16) & 0xff]) ^ 400 (Te4_2[byte(t2, 2)]) ^
347 (Te4_1[(t3 >> 8) & 0xff]) ^ 401 (Te4_1[byte(t3, 1)]) ^
348 (Te4_0[(t0 ) & 0xff]) ^ 402 (Te4_0[byte(t0, 0)]) ^
349 rk[1]; 403 rk[1];
350 STORE32H(s1, ct+4); 404 STORE32H(s1, ct+4);
351 s2 = 405 s2 =
352 (Te4_3[(t2 >> 24) ]) ^ 406 (Te4_3[byte(t2, 3)]) ^
353 (Te4_2[(t3 >> 16) & 0xff]) ^ 407 (Te4_2[byte(t3, 2)]) ^
354 (Te4_1[(t0 >> 8) & 0xff]) ^ 408 (Te4_1[byte(t0, 1)]) ^
355 (Te4_0[(t1 ) & 0xff]) ^ 409 (Te4_0[byte(t1, 0)]) ^
356 rk[2]; 410 rk[2];
357 STORE32H(s2, ct+8); 411 STORE32H(s2, ct+8);
358 s3 = 412 s3 =
359 (Te4_3[(t3 >> 24) ]) ^ 413 (Te4_3[byte(t3, 3)]) ^
360 (Te4_2[(t0 >> 16) & 0xff]) ^ 414 (Te4_2[byte(t0, 2)]) ^
361 (Te4_1[(t1 >> 8) & 0xff]) ^ 415 (Te4_1[byte(t1, 1)]) ^
362 (Te4_0[(t2 ) & 0xff]) ^ 416 (Te4_0[byte(t2, 0)]) ^
363 rk[3]; 417 rk[3];
364 STORE32H(s3, ct+12); 418 STORE32H(s3, ct+12);
365 } 419 }
366 420
367 #ifdef CLEAN_STACK 421 #ifdef CLEAN_STACK
368 void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 422 void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
369 { 423 {
370 _rijndael_ecb_encrypt(pt, ct, skey); 424 _rijndael_ecb_encrypt(pt, ct, skey);
371 burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); 425 burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
372 } 426 }
373 #endif 427 #endif
428
429 #ifndef ENCRYPT_ONLY
374 430
375 #ifdef CLEAN_STACK 431 #ifdef CLEAN_STACK
376 static void _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 432 static void _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
377 #else 433 #else
378 void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 434 void ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
379 #endif 435 #endif
380 { 436 {
381 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk; 437 ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
382 int Nr, r; 438 int Nr, r;
383 439
394 */ 450 */
395 LOAD32H(s0, ct ); s0 ^= rk[0]; 451 LOAD32H(s0, ct ); s0 ^= rk[0];
396 LOAD32H(s1, ct + 4); s1 ^= rk[1]; 452 LOAD32H(s1, ct + 4); s1 ^= rk[1];
397 LOAD32H(s2, ct + 8); s2 ^= rk[2]; 453 LOAD32H(s2, ct + 8); s2 ^= rk[2];
398 LOAD32H(s3, ct + 12); s3 ^= rk[3]; 454 LOAD32H(s3, ct + 12); s3 ^= rk[3];
455
456 #ifdef SMALL_CODE
457 for (r = 0; ; r++) {
458 rk += 4;
459 t0 =
460 Td0(byte(s0, 3)) ^
461 Td1(byte(s3, 2)) ^
462 Td2(byte(s2, 1)) ^
463 Td3(byte(s1, 0)) ^
464 rk[0];
465 t1 =
466 Td0(byte(s1, 3)) ^
467 Td1(byte(s0, 2)) ^
468 Td2(byte(s3, 1)) ^
469 Td3(byte(s2, 0)) ^
470 rk[1];
471 t2 =
472 Td0(byte(s2, 3)) ^
473 Td1(byte(s1, 2)) ^
474 Td2(byte(s0, 1)) ^
475 Td3(byte(s3, 0)) ^
476 rk[2];
477 t3 =
478 Td0(byte(s3, 3)) ^
479 Td1(byte(s2, 2)) ^
480 Td2(byte(s1, 1)) ^
481 Td3(byte(s0, 0)) ^
482 rk[3];
483 if (r == Nr-2) {
484 break;
485 }
486 s0 = t0; s1 = t1; s2 = t2; s3 = t3;
487 }
488 rk += 4;
489
490 #else
399 491
400 /* 492 /*
401 * Nr - 1 full rounds: 493 * Nr - 1 full rounds:
402 */ 494 */
403 r = Nr >> 1; 495 r = Nr >> 1;
457 Td1(byte(t2, 2)) ^ 549 Td1(byte(t2, 2)) ^
458 Td2(byte(t1, 1)) ^ 550 Td2(byte(t1, 1)) ^
459 Td3(byte(t0, 0)) ^ 551 Td3(byte(t0, 0)) ^
460 rk[3]; 552 rk[3];
461 } 553 }
554 #endif
462 555
463 /* 556 /*
464 * apply last round and 557 * apply last round and
465 * map cipher state to byte array block: 558 * map cipher state to byte array block:
466 */ 559 */
467 s0 = 560 s0 =
468 (Td4[(t0 >> 24) ] & 0xff000000) ^ 561 (Td4[byte(t0, 3)] & 0xff000000) ^
469 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ 562 (Td4[byte(t3, 2)] & 0x00ff0000) ^
470 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ 563 (Td4[byte(t2, 1)] & 0x0000ff00) ^
471 (Td4[(t1 ) & 0xff] & 0x000000ff) ^ 564 (Td4[byte(t1, 0)] & 0x000000ff) ^
472 rk[0]; 565 rk[0];
473 STORE32H(s0, pt); 566 STORE32H(s0, pt);
474 s1 = 567 s1 =
475 (Td4[(t1 >> 24) ] & 0xff000000) ^ 568 (Td4[byte(t1, 3)] & 0xff000000) ^
476 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ 569 (Td4[byte(t0, 2)] & 0x00ff0000) ^
477 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ 570 (Td4[byte(t3, 1)] & 0x0000ff00) ^
478 (Td4[(t2 ) & 0xff] & 0x000000ff) ^ 571 (Td4[byte(t2, 0)] & 0x000000ff) ^
479 rk[1]; 572 rk[1];
480 STORE32H(s1, pt+4); 573 STORE32H(s1, pt+4);
481 s2 = 574 s2 =
482 (Td4[(t2 >> 24) ] & 0xff000000) ^ 575 (Td4[byte(t2, 3)] & 0xff000000) ^
483 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ 576 (Td4[byte(t1, 2)] & 0x00ff0000) ^
484 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ 577 (Td4[byte(t0, 1)] & 0x0000ff00) ^
485 (Td4[(t3 ) & 0xff] & 0x000000ff) ^ 578 (Td4[byte(t3, 0)] & 0x000000ff) ^
486 rk[2]; 579 rk[2];
487 STORE32H(s2, pt+8); 580 STORE32H(s2, pt+8);
488 s3 = 581 s3 =
489 (Td4[(t3 >> 24) ] & 0xff000000) ^ 582 (Td4[byte(t3, 3)] & 0xff000000) ^
490 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ 583 (Td4[byte(t2, 2)] & 0x00ff0000) ^
491 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ 584 (Td4[byte(t1, 1)] & 0x0000ff00) ^
492 (Td4[(t0 ) & 0xff] & 0x000000ff) ^ 585 (Td4[byte(t0, 0)] & 0x000000ff) ^
493 rk[3]; 586 rk[3];
494 STORE32H(s3, pt+12); 587 STORE32H(s3, pt+12);
495 } 588 }
496 589
497 590
498 #ifdef CLEAN_STACK 591 #ifdef CLEAN_STACK
499 void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 592 void ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
500 { 593 {
501 _rijndael_ecb_decrypt(ct, pt, skey); 594 _rijndael_ecb_decrypt(ct, pt, skey);
502 burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2); 595 burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
503 } 596 }
504 #endif 597 #endif
505 598
506 int rijndael_test(void) 599 int ECB_TEST(void)
507 { 600 {
508 #ifndef LTC_TEST 601 #ifndef LTC_TEST
509 return CRYPT_NOP; 602 return CRYPT_NOP;
510 #else 603 #else
511 int err; 604 int err;
582 } 675 }
583 return CRYPT_OK; 676 return CRYPT_OK;
584 #endif 677 #endif
585 } 678 }
586 679
587 int rijndael_keysize(int *desired_keysize) 680 #endif /* ENCRYPT_ONLY */
681
682 int ECB_KS(int *desired_keysize)
588 { 683 {
589 _ARGCHK(desired_keysize != NULL); 684 _ARGCHK(desired_keysize != NULL);
590 685
591 if (*desired_keysize < 16) 686 if (*desired_keysize < 16)
592 return CRYPT_INVALID_KEYSIZE; 687 return CRYPT_INVALID_KEYSIZE;