Home Explore Help
Sign In
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 2ef16f684e
Branches Tags
linux-sgx-tr...
/
external
/
crypto_px
/
sources
/
ippcp
/
src
/
pcprijkeysca.c

pcprijkeysca.c 6.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196 
  1. /*
    2. 

  2. * Copyright (C) 2016 Intel Corporation. All rights reserved.
    3. 

  3. *
    4. 

  4. * Redistribution and use in source and binary forms, with or without
    5. 

  5. * modification, are permitted provided that the following conditions
    6. 

  6. * are met:
    7. 

  7. *
    8. 

  8. *   * Redistributions of source code must retain the above copyright
    9. 

  9. *     notice, this list of conditions and the following disclaimer.
    10. 

  10. *   * Redistributions in binary form must reproduce the above copyright
    11. 

  11. *     notice, this list of conditions and the following disclaimer in
    12. 

  12. *     the documentation and/or other materials provided with the
    13. 

  13. *     distribution.
    14. 

  14. *   * Neither the name of Intel Corporation nor the names of its
    15. 

  15. *     contributors may be used to endorse or promote products derived
    16. 

  16. *     from this software without specific prior written permission.
    17. 

  17. *
    18. 

  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    19. 

  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    20. 

  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
    21. 

  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
    22. 

  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    23. 

  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
    24. 

  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    25. 

  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
    26. 

  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
    27. 

  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
    28. 

  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    29. 

  29. *
    30. 

  30. */
    31. 

  31. 

  32. #include "owndefs.h"
    33. 

  33. #include "owncp.h"
    34. 

  34. #include "pcprij.h"
    35. 

  35. #include "pcprijtables.h"
    36. 

  36. #include "pcptool.h"
    37. 

  37. 

  38. 

  39. /*
    40. 

  40. // RconTbl[] contains [x**(i),{00},{00},{00}], i=0,..,10 GF(256)
    41. 

  41. //
    42. 

  42. // Note:
    43. 

  43. //    Reference sec 4.2 of FIPS-197 for calculation
    44. 

  44. */
    45. 

  45. static const Ipp32u RconTbl[] = {
    46. 

  46.    BYTE0_TO_WORD(0x01), BYTE0_TO_WORD(0x02), BYTE0_TO_WORD(0x04), BYTE0_TO_WORD(0x08),
    47. 

  47.    BYTE0_TO_WORD(0x10), BYTE0_TO_WORD(0x20), BYTE0_TO_WORD(0x40), BYTE0_TO_WORD(0x80),
    48. 

  48.    BYTE0_TO_WORD(0x1B), BYTE0_TO_WORD(0x36), BYTE0_TO_WORD(0x6C), BYTE0_TO_WORD(0xD8),
    49. 

  49.    BYTE0_TO_WORD(0xAB), BYTE0_TO_WORD(0x4D), BYTE0_TO_WORD(0x9A), BYTE0_TO_WORD(0x2F),
    50. 

  50.    BYTE0_TO_WORD(0x5E), BYTE0_TO_WORD(0xBC), BYTE0_TO_WORD(0x63), BYTE0_TO_WORD(0xC6),
    51. 

  51.    BYTE0_TO_WORD(0x97), BYTE0_TO_WORD(0x35), BYTE0_TO_WORD(0x6A), BYTE0_TO_WORD(0xD4),
    52. 

  52.    BYTE0_TO_WORD(0xB3), BYTE0_TO_WORD(0x7D), BYTE0_TO_WORD(0xFA), BYTE0_TO_WORD(0xEF),
    53. 

  53.    BYTE0_TO_WORD(0xC5)
    54. 

  54. };
    55. 

  55. 

  56. /* precomputed table for InvMixColumn() operation */
    57. 

  57. static const Ipp32u InvMixCol_Tbl[4][256] = {
    58. 

  58.    { LINE(inv_t0) },
    59. 

  59.    { LINE(inv_t1) },
    60. 

  60.    { LINE(inv_t2) },
    61. 

  61.    { LINE(inv_t3) }
    62. 

  62. };
    63. 

  63. 

  64. #define InvMixColumn(x, tbl) \
    65. 

  65.    ( (tbl)[0][ EBYTE((x),0) ] \
    66. 

  66.     ^(tbl)[1][ EBYTE((x),1) ] \
    67. 

  67.     ^(tbl)[2][ EBYTE((x),2) ] \
    68. 

  68.     ^(tbl)[3][ EBYTE((x),3) ] )
    69. 

  69. 

  70. 

  71. /*
    72. 

  72. // Expansion of key for Rijndael's Encryption
    73. 

  73. */
    74. 

  74. void ExpandRijndaelKey(const Ipp8u* pKey, int NK, int NB, int NR, int nKeys,
    75. 

  75.                        Ipp8u* pEncKeys, Ipp8u* pDecKeys)
    76. 

  76. {
    77. 

  77.    Ipp32u* enc_keys = (Ipp32u*)pEncKeys;
    78. 

  78.    Ipp32u* dec_keys = (Ipp32u*)pDecKeys;
    79. 

  79.    /* convert security key to WORD and save into the enc_key array */
    80. 

  80.    int n;
    81. 

  81.    for(n=0; n<NK; n++)
    82. 

  82.       enc_keys[n] = BYTES_TO_WORD(pKey[4*n+0], pKey[4*n+1], pKey[4*n+2], pKey[4*n+3]);
    83. 

  83. 

  84.    /* 128-bits Key */
    85. 

  85.    if(NK128 == NK) {
    86. 

  86.       const Ipp32u* rtbl = RconTbl;
    87. 

  87.       Ipp32u k0 = enc_keys[0];
    88. 

  88.       Ipp32u k1 = enc_keys[1];
    89. 

  89.       Ipp32u k2 = enc_keys[2];
    90. 

  90.       Ipp32u k3 = enc_keys[3];
    91. 

  91. 

  92.       for(n=NK128; n<nKeys; n+=NK128) {
    93. 

  93.          /* key expansion: extract bytes, substitute via Sbox and rotate */
    94. 

  94.          k0 ^= BYTES_TO_WORD( RijEncSbox[EBYTE(k3,1)],
    95. 

  95.                               RijEncSbox[EBYTE(k3,2)],
    96. 

  96.                               RijEncSbox[EBYTE(k3,3)],
    97. 

  97.                               RijEncSbox[EBYTE(k3,0)] ) ^ *rtbl++;
    98. 

  98. 

  99.          k1 ^= k0;
    100. 

  100.          k2 ^= k1;
    101. 

  101.          k3 ^= k2;
    102. 

  102. 

  103.          /* add key expansion */
    104. 

  104.          enc_keys[n  ] = k0;
    105. 

  105.          enc_keys[n+1] = k1;
    106. 

  106.          enc_keys[n+2] = k2;
    107. 

  107.          enc_keys[n+3] = k3;
    108. 

  108.       }
    109. 

  109.    }
    110. 

  110. 

  111.    /* 192-bits Key */
    112. 

  112.    else if(NK192 == NK) {
    113. 

  113.       const Ipp32u* rtbl = RconTbl;
    114. 

  114.       Ipp32u k0 = enc_keys[0];
    115. 

  115.       Ipp32u k1 = enc_keys[1];
    116. 

  116.       Ipp32u k2 = enc_keys[2];
    117. 

  117.       Ipp32u k3 = enc_keys[3];
    118. 

  118.       Ipp32u k4 = enc_keys[4];
    119. 

  119.       Ipp32u k5 = enc_keys[5];
    120. 

  120. 

  121.       for(n=NK192; n<nKeys; n+=NK192) {
    122. 

  122.          /* key expansion: extract bytes, substitute via Sbox and rorate */
    123. 

  123.          k0 ^= BYTES_TO_WORD( RijEncSbox[EBYTE(k5,1)],
    124. 

  124.                               RijEncSbox[EBYTE(k5,2)],
    125. 

  125.                               RijEncSbox[EBYTE(k5,3)],
    126. 

  126.                               RijEncSbox[EBYTE(k5,0)] ) ^ *rtbl++;
    127. 

  127.          k1 ^= k0;
    128. 

  128.          k2 ^= k1;
    129. 

  129.          k3 ^= k2;
    130. 

  130.          k4 ^= k3;
    131. 

  131.          k5 ^= k4;
    132. 

  132. 

  133.          /* add key expansion */
    134. 

  134.          enc_keys[n  ] = k0;
    135. 

  135.          enc_keys[n+1] = k1;
    136. 

  136.          enc_keys[n+2] = k2;
    137. 

  137.          enc_keys[n+3] = k3;
    138. 

  138.          enc_keys[n+4] = k4;
    139. 

  139.          enc_keys[n+5] = k5;
    140. 

  140.       }
    141. 

  141.    }
    142. 

  142. 

  143.    /* 256-bits Key */
    144. 

  144.    else {
    145. 

  145.       const Ipp32u* rtbl = RconTbl;
    146. 

  146.       Ipp32u k0 = enc_keys[0];
    147. 

  147.       Ipp32u k1 = enc_keys[1];
    148. 

  148.       Ipp32u k2 = enc_keys[2];
    149. 

  149.       Ipp32u k3 = enc_keys[3];
    150. 

  150.       Ipp32u k4 = enc_keys[4];
    151. 

  151.       Ipp32u k5 = enc_keys[5];
    152. 

  152.       Ipp32u k6 = enc_keys[6];
    153. 

  153.       Ipp32u k7 = enc_keys[7];
    154. 

  154. 

  155.       for(n=NK256; n<nKeys; n+=NK256) {
    156. 

  156.          /* key expansion: extract bytes, substitute via Sbox and rorate */
    157. 

  157.          k0 ^= BYTES_TO_WORD( RijEncSbox[EBYTE(k7,1)],
    158. 

  158.                               RijEncSbox[EBYTE(k7,2)],
    159. 

  159.                               RijEncSbox[EBYTE(k7,3)],
    160. 

  160.                               RijEncSbox[EBYTE(k7,0)] ) ^ *rtbl++;
    161. 

  161.          k1 ^= k0;
    162. 

  162.          k2 ^= k1;
    163. 

  163.          k3 ^= k2;
    164. 

  164. 

  165.          k4 ^= BYTES_TO_WORD( RijEncSbox[EBYTE(k3,0)],
    166. 

  166.                               RijEncSbox[EBYTE(k3,1)],
    167. 

  167.                               RijEncSbox[EBYTE(k3,2)],
    168. 

  168.                               RijEncSbox[EBYTE(k3,3)] );
    169. 

  169.          k5 ^= k4;
    170. 

  170.          k6 ^= k5;
    171. 

  171.          k7 ^= k6;
    172. 

  172. 

  173.          /* add key expansion */
    174. 

  174.          enc_keys[n  ] = k0;
    175. 

  175.          enc_keys[n+1] = k1;
    176. 

  176.          enc_keys[n+2] = k2;
    177. 

  177.          enc_keys[n+3] = k3;
    178. 

  178.          enc_keys[n+4] = k4;
    179. 

  179.          enc_keys[n+5] = k5;
    180. 

  180.          enc_keys[n+6] = k6;
    181. 

  181.          enc_keys[n+7] = k7;
    182. 

  182.       }
    183. 

  183.    }
    184. 

  184. 

  185. 

  186.    /*
    187. 

  187.    // Key Expansion for Decryption
    188. 

  188.    */
    189. 

  189. 

  190.    /* copy keys */
    191. 

  191.    CopyBlock(enc_keys, dec_keys, sizeof(Ipp32u)*nKeys);
    192. 

  192. 

  193.    /* update decryption keys */
    194. 

  194.    for(n=NB; n<NR*NB; n++)
    195. 

  195.       dec_keys[n] = InvMixColumn(dec_keys[n], InvMixCol_Tbl);
    196. 

  196. }
    197.