3 * aes.c - integrated in QEMU by Fabrice Bellard from the OpenSSL project.
8 * @version 3.0 (December 2000)
10 * Optimised ANSI C code for the Rijndael cipher (now AES)
12 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
13 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
14 * @author Paulo Barreto <paulo.barreto@terra.com.br>
16 * This code is hereby placed in the public domain.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
19 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
25 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
26 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
27 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
28 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 #include "qemu-common.h"
43 #define MAXKC (256/32)
47 /* This controls loop-unrolling in aes_core.c */
49 # define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
50 # define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
53 Te0[x] = S [x].[02, 01, 01, 03];
54 Te1[x] = S [x].[03, 02, 01, 01];
55 Te2[x] = S [x].[01, 03, 02, 01];
56 Te3[x] = S [x].[01, 01, 03, 02];
57 Te4[x] = S [x].[01, 01, 01, 01];
59 Td0[x] = Si[x].[0e, 09, 0d, 0b];
60 Td1[x] = Si[x].[0b, 0e, 09, 0d];
61 Td2[x] = Si[x].[0d, 0b, 0e, 09];
62 Td3[x] = Si[x].[09, 0d, 0b, 0e];
63 Td4[x] = Si[x].[01, 01, 01, 01];
66 static const u32 Te0[256] = {
67 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
68 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
69 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
70 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
71 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
72 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
73 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
74 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
75 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
76 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
77 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
78 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
79 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
80 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
81 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
82 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
83 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
84 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
85 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
86 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
87 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
88 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
89 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
90 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
91 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
92 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
93 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
94 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
95 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
96 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
97 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
98 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
99 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
100 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
101 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
102 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
103 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
104 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
105 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
106 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
107 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
108 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
109 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
110 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
111 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
112 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
113 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
114 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
115 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
116 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
117 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
118 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
119 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
120 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
121 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
122 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
123 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
124 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
125 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
126 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
127 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
128 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
129 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
130 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
132 static const u32 Te1[256] = {
133 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
134 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
135 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
136 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
137 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
138 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
139 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
140 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
141 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
142 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
143 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
144 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
145 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
146 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
147 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
148 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
149 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
150 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
151 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
152 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
153 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
154 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
155 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
156 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
157 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
158 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
159 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
160 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
161 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
162 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
163 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
164 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
165 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
166 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
167 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
168 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
169 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
170 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
171 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
172 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
173 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
174 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
175 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
176 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
177 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
178 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
179 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
180 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
181 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
182 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
183 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
184 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
185 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
186 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
187 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
188 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
189 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
190 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
191 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
192 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
193 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
194 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
195 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
196 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
198 static const u32 Te2[256] = {
199 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
200 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
201 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
202 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
203 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
204 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
205 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
206 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
207 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
208 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
209 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
210 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
211 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
212 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
213 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
214 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
215 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
216 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
217 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
218 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
219 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
220 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
221 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
222 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
223 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
224 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
225 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
226 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
227 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
228 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
229 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
230 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
231 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
232 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
233 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
234 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
235 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
236 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
237 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
238 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
239 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
240 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
241 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
242 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
243 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
244 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
245 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
246 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
247 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
248 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
249 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
250 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
251 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
252 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
253 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
254 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
255 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
256 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
257 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
258 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
259 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
260 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
261 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
262 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
264 static const u32 Te3[256] = {
266 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
267 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
268 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
269 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
270 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
271 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
272 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
273 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
274 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
275 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
276 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
277 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
278 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
279 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
280 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
281 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
282 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
283 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
284 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
285 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
286 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
287 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
288 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
289 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
290 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
291 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
292 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
293 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
294 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
295 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
296 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
297 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
298 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
299 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
300 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
301 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
302 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
303 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
304 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
305 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
306 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
307 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
308 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
309 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
310 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
311 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
312 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
313 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
314 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
315 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
316 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
317 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
318 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
319 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
320 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
321 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
322 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
323 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
324 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
325 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
326 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
327 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
328 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
329 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
331 static const u32 Te4[256] = {
332 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
333 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
334 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
335 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
336 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
337 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
338 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
339 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
340 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
341 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
342 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
343 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
344 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
345 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
346 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
347 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
348 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
349 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
350 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
351 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
352 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
353 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
354 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
355 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
356 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
357 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
358 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
359 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
360 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
361 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
362 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
363 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
364 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
365 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
366 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
367 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
368 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
369 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
370 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
371 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
372 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
373 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
374 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
375 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
376 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
377 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
378 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
379 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
380 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
381 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
382 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
383 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
384 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
385 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
386 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
387 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
388 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
389 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
390 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
391 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
392 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
393 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
394 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
395 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
397 static const u32 Td0[256] = {
398 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
399 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
400 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
401 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
402 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
403 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
404 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
405 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
406 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
407 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
408 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
409 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
410 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
411 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
412 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
413 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
414 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
415 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
416 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
417 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
418 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
419 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
420 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
421 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
422 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
423 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
424 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
425 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
426 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
427 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
428 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
429 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
430 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
431 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
432 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
433 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
434 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
435 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
436 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
437 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
438 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
439 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
440 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
441 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
442 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
443 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
444 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
445 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
446 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
447 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
448 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
449 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
450 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
451 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
452 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
453 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
454 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
455 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
456 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
457 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
458 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
459 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
460 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
461 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
463 static const u32 Td1[256] = {
464 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
465 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
466 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
467 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
468 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
469 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
470 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
471 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
472 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
473 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
474 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
475 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
476 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
477 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
478 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
479 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
480 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
481 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
482 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
483 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
484 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
485 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
486 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
487 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
488 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
489 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
490 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
491 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
492 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
493 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
494 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
495 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
496 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
497 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
498 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
499 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
500 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
501 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
502 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
503 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
504 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
505 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
506 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
507 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
508 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
509 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
510 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
511 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
512 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
513 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
514 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
515 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
516 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
517 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
518 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
519 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
520 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
521 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
522 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
523 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
524 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
525 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
526 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
527 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
529 static const u32 Td2[256] = {
530 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
531 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
532 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
533 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
534 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
535 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
536 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
537 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
538 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
539 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
540 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
541 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
542 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
543 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
544 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
545 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
546 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
547 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
548 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
549 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
551 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
552 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
553 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
554 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
555 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
556 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
557 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
558 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
559 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
560 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
561 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
562 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
563 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
564 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
565 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
566 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
567 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
568 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
569 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
570 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
571 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
572 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
573 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
574 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
575 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
576 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
577 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
578 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
579 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
580 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
581 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
582 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
583 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
584 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
585 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
586 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
587 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
588 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
589 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
590 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
591 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
592 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
593 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
594 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
596 static const u32 Td3[256] = {
597 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
598 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
599 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
600 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
601 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
602 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
603 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
604 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
605 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
606 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
607 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
608 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
609 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
610 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
611 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
612 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
613 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
614 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
615 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
616 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
617 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
618 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
619 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
620 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
621 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
622 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
623 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
624 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
625 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
626 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
627 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
628 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
629 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
630 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
631 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
632 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
633 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
634 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
635 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
636 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
637 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
638 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
639 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
640 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
641 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
642 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
643 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
644 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
645 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
646 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
647 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
648 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
649 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
650 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
651 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
652 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
653 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
654 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
655 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
656 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
657 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
658 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
659 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
660 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
662 static const u32 Td4[256] = {
663 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
664 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
665 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
666 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
667 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
668 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
669 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
670 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
671 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
672 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
673 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
674 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
675 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
676 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
677 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
678 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
679 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
680 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
681 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
682 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
683 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
684 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
685 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
686 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
687 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
688 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
689 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
690 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
691 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
692 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
693 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
694 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
695 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
696 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
697 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
698 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
699 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
700 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
701 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
702 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
703 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
704 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
705 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
706 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
707 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
708 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
709 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
710 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
711 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
712 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
713 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
714 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
715 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
716 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
717 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
718 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
719 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
720 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
721 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
722 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
723 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
724 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
725 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
726 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
728 static const u32 rcon[] = {
729 0x01000000, 0x02000000, 0x04000000, 0x08000000,
730 0x10000000, 0x20000000, 0x40000000, 0x80000000,
731 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
735 * Expand the cipher key into the encryption key schedule.
737 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
744 if (!userKey || !key)
746 if (bits != 128 && bits != 192 && bits != 256)
758 rk[0] = GETU32(userKey );
759 rk[1] = GETU32(userKey + 4);
760 rk[2] = GETU32(userKey + 8);
761 rk[3] = GETU32(userKey + 12);
766 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
767 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
768 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
769 (Te4[(temp >> 24) ] & 0x000000ff) ^
771 rk[5] = rk[1] ^ rk[4];
772 rk[6] = rk[2] ^ rk[5];
773 rk[7] = rk[3] ^ rk[6];
780 rk[4] = GETU32(userKey + 16);
781 rk[5] = GETU32(userKey + 20);
786 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
787 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
788 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
789 (Te4[(temp >> 24) ] & 0x000000ff) ^
791 rk[ 7] = rk[ 1] ^ rk[ 6];
792 rk[ 8] = rk[ 2] ^ rk[ 7];
793 rk[ 9] = rk[ 3] ^ rk[ 8];
797 rk[10] = rk[ 4] ^ rk[ 9];
798 rk[11] = rk[ 5] ^ rk[10];
802 rk[6] = GETU32(userKey + 24);
803 rk[7] = GETU32(userKey + 28);
808 (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
809 (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
810 (Te4[(temp ) & 0xff] & 0x0000ff00) ^
811 (Te4[(temp >> 24) ] & 0x000000ff) ^
813 rk[ 9] = rk[ 1] ^ rk[ 8];
814 rk[10] = rk[ 2] ^ rk[ 9];
815 rk[11] = rk[ 3] ^ rk[10];
821 (Te4[(temp >> 24) ] & 0xff000000) ^
822 (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
823 (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
824 (Te4[(temp ) & 0xff] & 0x000000ff);
825 rk[13] = rk[ 5] ^ rk[12];
826 rk[14] = rk[ 6] ^ rk[13];
827 rk[15] = rk[ 7] ^ rk[14];
836 * Expand the cipher key into the decryption key schedule.
838 int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
845 /* first, start with an encryption schedule */
846 status = AES_set_encrypt_key(userKey, bits, key);
852 /* invert the order of the round keys: */
853 for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
854 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
855 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
856 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
857 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
859 /* apply the inverse MixColumn transform to all round keys but the first and the last: */
860 for (i = 1; i < (key->rounds); i++) {
863 Td0[Te4[(rk[0] >> 24) ] & 0xff] ^
864 Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
865 Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^
866 Td3[Te4[(rk[0] ) & 0xff] & 0xff];
868 Td0[Te4[(rk[1] >> 24) ] & 0xff] ^
869 Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
870 Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^
871 Td3[Te4[(rk[1] ) & 0xff] & 0xff];
873 Td0[Te4[(rk[2] >> 24) ] & 0xff] ^
874 Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
875 Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^
876 Td3[Te4[(rk[2] ) & 0xff] & 0xff];
878 Td0[Te4[(rk[3] >> 24) ] & 0xff] ^
879 Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
880 Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^
881 Td3[Te4[(rk[3] ) & 0xff] & 0xff];
888 * Encrypt a single block
889 * in and out can overlap
891 void AES_encrypt(const unsigned char *in, unsigned char *out,
892 const AES_KEY *key) {
895 u32 s0, s1, s2, s3, t0, t1, t2, t3;
898 #endif /* ?FULL_UNROLL */
900 assert(in && out && key);
904 * map byte array block to cipher state
905 * and add initial round key:
907 s0 = GETU32(in ) ^ rk[0];
908 s1 = GETU32(in + 4) ^ rk[1];
909 s2 = GETU32(in + 8) ^ rk[2];
910 s3 = GETU32(in + 12) ^ rk[3];
913 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
914 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
915 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
916 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
918 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
919 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
920 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
921 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
923 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
924 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
925 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
926 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
928 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
929 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
930 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
931 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
933 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
934 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
935 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
936 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
938 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
939 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
940 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
941 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
943 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
944 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
945 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
946 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
948 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
949 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
950 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
951 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
953 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
954 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
955 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
956 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
957 if (key->rounds > 10) {
959 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
960 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
961 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
962 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
964 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
965 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
966 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
967 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
968 if (key->rounds > 12) {
970 s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
971 s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
972 s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
973 s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
975 t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
976 t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
977 t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
978 t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
981 rk += key->rounds << 2;
982 #else /* !FULL_UNROLL */
984 * Nr - 1 full rounds:
986 r = key->rounds >> 1;
990 Te1[(s1 >> 16) & 0xff] ^
991 Te2[(s2 >> 8) & 0xff] ^
996 Te1[(s2 >> 16) & 0xff] ^
997 Te2[(s3 >> 8) & 0xff] ^
1002 Te1[(s3 >> 16) & 0xff] ^
1003 Te2[(s0 >> 8) & 0xff] ^
1008 Te1[(s0 >> 16) & 0xff] ^
1009 Te2[(s1 >> 8) & 0xff] ^
1020 Te1[(t1 >> 16) & 0xff] ^
1021 Te2[(t2 >> 8) & 0xff] ^
1026 Te1[(t2 >> 16) & 0xff] ^
1027 Te2[(t3 >> 8) & 0xff] ^
1032 Te1[(t3 >> 16) & 0xff] ^
1033 Te2[(t0 >> 8) & 0xff] ^
1038 Te1[(t0 >> 16) & 0xff] ^
1039 Te2[(t1 >> 8) & 0xff] ^
1043 #endif /* ?FULL_UNROLL */
1045 * apply last round and
1046 * map cipher state to byte array block:
1049 (Te4[(t0 >> 24) ] & 0xff000000) ^
1050 (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1051 (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1052 (Te4[(t3 ) & 0xff] & 0x000000ff) ^
1056 (Te4[(t1 >> 24) ] & 0xff000000) ^
1057 (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1058 (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1059 (Te4[(t0 ) & 0xff] & 0x000000ff) ^
1061 PUTU32(out + 4, s1);
1063 (Te4[(t2 >> 24) ] & 0xff000000) ^
1064 (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1065 (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1066 (Te4[(t1 ) & 0xff] & 0x000000ff) ^
1068 PUTU32(out + 8, s2);
1070 (Te4[(t3 >> 24) ] & 0xff000000) ^
1071 (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1072 (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1073 (Te4[(t2 ) & 0xff] & 0x000000ff) ^
1075 PUTU32(out + 12, s3);
1079 * Decrypt a single block
1080 * in and out can overlap
1082 void AES_decrypt(const unsigned char *in, unsigned char *out,
1083 const AES_KEY *key) {
1086 u32 s0, s1, s2, s3, t0, t1, t2, t3;
1089 #endif /* ?FULL_UNROLL */
1091 assert(in && out && key);
1095 * map byte array block to cipher state
1096 * and add initial round key:
1098 s0 = GETU32(in ) ^ rk[0];
1099 s1 = GETU32(in + 4) ^ rk[1];
1100 s2 = GETU32(in + 8) ^ rk[2];
1101 s3 = GETU32(in + 12) ^ rk[3];
1104 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
1105 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
1106 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
1107 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
1109 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1110 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1111 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1112 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1114 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1115 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1116 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1117 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1119 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1120 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1121 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1122 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1124 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1125 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1126 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1127 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1129 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1130 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1131 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1132 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1134 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1135 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1136 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1137 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1139 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1140 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1141 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1142 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1144 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1145 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1146 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1147 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1148 if (key->rounds > 10) {
1150 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1151 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1152 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1153 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1155 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1156 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1157 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1158 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1159 if (key->rounds > 12) {
1161 s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1162 s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1163 s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1164 s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1166 t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1167 t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1168 t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1169 t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1172 rk += key->rounds << 2;
1173 #else /* !FULL_UNROLL */
1175 * Nr - 1 full rounds:
1177 r = key->rounds >> 1;
1181 Td1[(s3 >> 16) & 0xff] ^
1182 Td2[(s2 >> 8) & 0xff] ^
1187 Td1[(s0 >> 16) & 0xff] ^
1188 Td2[(s3 >> 8) & 0xff] ^
1193 Td1[(s1 >> 16) & 0xff] ^
1194 Td2[(s0 >> 8) & 0xff] ^
1199 Td1[(s2 >> 16) & 0xff] ^
1200 Td2[(s1 >> 8) & 0xff] ^
1211 Td1[(t3 >> 16) & 0xff] ^
1212 Td2[(t2 >> 8) & 0xff] ^
1217 Td1[(t0 >> 16) & 0xff] ^
1218 Td2[(t3 >> 8) & 0xff] ^
1223 Td1[(t1 >> 16) & 0xff] ^
1224 Td2[(t0 >> 8) & 0xff] ^
1229 Td1[(t2 >> 16) & 0xff] ^
1230 Td2[(t1 >> 8) & 0xff] ^
1234 #endif /* ?FULL_UNROLL */
1236 * apply last round and
1237 * map cipher state to byte array block:
1240 (Td4[(t0 >> 24) ] & 0xff000000) ^
1241 (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1242 (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^
1243 (Td4[(t1 ) & 0xff] & 0x000000ff) ^
1247 (Td4[(t1 >> 24) ] & 0xff000000) ^
1248 (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1249 (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^
1250 (Td4[(t2 ) & 0xff] & 0x000000ff) ^
1252 PUTU32(out + 4, s1);
1254 (Td4[(t2 >> 24) ] & 0xff000000) ^
1255 (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1256 (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^
1257 (Td4[(t3 ) & 0xff] & 0x000000ff) ^
1259 PUTU32(out + 8, s2);
1261 (Td4[(t3 >> 24) ] & 0xff000000) ^
1262 (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1263 (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^
1264 (Td4[(t0 ) & 0xff] & 0x000000ff) ^
1266 PUTU32(out + 12, s3);
1269 #endif /* AES_ASM */
1271 void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
1272 const unsigned long length, const AES_KEY *key,
1273 unsigned char *ivec, const int enc)
1277 unsigned long len = length;
1278 unsigned char tmp[AES_BLOCK_SIZE];
1280 assert(in && out && key && ivec);
1283 while (len >= AES_BLOCK_SIZE) {
1284 for(n=0; n < AES_BLOCK_SIZE; ++n)
1285 tmp[n] = in[n] ^ ivec[n];
1286 AES_encrypt(tmp, out, key);
1287 memcpy(ivec, out, AES_BLOCK_SIZE);
1288 len -= AES_BLOCK_SIZE;
1289 in += AES_BLOCK_SIZE;
1290 out += AES_BLOCK_SIZE;
1293 for(n=0; n < len; ++n)
1294 tmp[n] = in[n] ^ ivec[n];
1295 for(n=len; n < AES_BLOCK_SIZE; ++n)
1297 AES_encrypt(tmp, tmp, key);
1298 memcpy(out, tmp, AES_BLOCK_SIZE);
1299 memcpy(ivec, tmp, AES_BLOCK_SIZE);
1302 while (len >= AES_BLOCK_SIZE) {
1303 memcpy(tmp, in, AES_BLOCK_SIZE);
1304 AES_decrypt(in, out, key);
1305 for(n=0; n < AES_BLOCK_SIZE; ++n)
1307 memcpy(ivec, tmp, AES_BLOCK_SIZE);
1308 len -= AES_BLOCK_SIZE;
1309 in += AES_BLOCK_SIZE;
1310 out += AES_BLOCK_SIZE;
1313 memcpy(tmp, in, AES_BLOCK_SIZE);
1314 AES_decrypt(tmp, tmp, key);
1315 for(n=0; n < len; ++n)
1316 out[n] = tmp[n] ^ ivec[n];
1317 memcpy(ivec, tmp, AES_BLOCK_SIZE);
projects / qemu / blob