rijndael-api-fst.c revision 121257
1121257Sume/* $KAME: rijndael-api-fst.c,v 1.10 2001/05/27 09:34:18 itojun Exp $ */ 267957Skris 3121257Sume/* 4121257Sume * rijndael-api-fst.c v2.3 April '2000 567957Skris * 6121257Sume * Optimised ANSI C code 767957Skris * 8121257Sume * authors: v1.0: Antoon Bosselaers 9121257Sume * v2.0: Vincent Rijmen 10121257Sume * v2.1: Vincent Rijmen 11121257Sume * v2.2: Vincent Rijmen 12121257Sume * v2.3: Paulo Barreto 13121257Sume * v2.4: Vincent Rijmen 1467957Skris * 15121257Sume * This code is placed in the public domain. 1667957Skris */ 1767957Skris 18116174Sobrien#include <sys/cdefs.h> 19116174Sobrien__FBSDID("$FreeBSD: head/sys/crypto/rijndael/rijndael-api-fst.c 121257 2003-10-19 21:28:34Z ume $"); 20116174Sobrien 2167957Skris#include <sys/param.h> 22121257Sume#include <sys/types.h> 2378064Sume#ifdef _KERNEL 2467957Skris#include <sys/systm.h> 2578064Sume#else 2678064Sume#include <string.h> 2778064Sume#endif 2867957Skris#include <crypto/rijndael/rijndael-alg-fst.h> 2967957Skris#include <crypto/rijndael/rijndael-api-fst.h> 30121257Sume#include <crypto/rijndael/rijndael_local.h> 3167957Skris 32121257Sume#ifndef TRUE 33121257Sume#define TRUE 1 34121257Sume#endif 35121257Sume 36121257Sumetypedef u_int8_t BYTE; 37121257Sume 3867957Skrisint rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) { 39121257Sume u8 k[RIJNDAEL_MAXKC][4]; 40121257Sume int i; 41121257Sume char *keyMat; 4267957Skris 4367957Skris if (key == NULL) { 4467957Skris return BAD_KEY_INSTANCE; 4567957Skris } 4667957Skris 4767957Skris if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) { 4867957Skris key->direction = direction; 4967957Skris } else { 5067957Skris return BAD_KEY_DIR; 5167957Skris } 5267957Skris 53121257Sume if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) { 5467957Skris key->keyLen = keyLen; 5567957Skris } else { 5667957Skris return BAD_KEY_MAT; 5767957Skris } 5867957Skris 5967957Skris if (keyMaterial != NULL) { 60121257Sume bcopy(keyMaterial, key->keyMaterial, keyLen/8); 6167957Skris } 6267957Skris 63121257Sume key->ROUNDS = keyLen/32 + 6; 64121257Sume 6567957Skris /* initialize key schedule: */ 66121257Sume keyMat = key->keyMaterial; 67121257Sume for (i = 0; i < key->keyLen/8; i++) { 68121257Sume k[i >> 2][i & 3] = (u8)keyMat[i]; 6967957Skris } 70121257Sume rijndaelKeySched(k, key->keySched, key->ROUNDS); 71121257Sume if (direction == DIR_DECRYPT) { 72121257Sume rijndaelKeyEncToDec(key->keySched, key->ROUNDS); 73121257Sume } 74121257Sume 7567957Skris return TRUE; 7667957Skris} 7767957Skris 7867957Skrisint rijndael_cipherInit(cipherInstance *cipher, BYTE mode, char *IV) { 7967957Skris if ((mode == MODE_ECB) || (mode == MODE_CBC) || (mode == MODE_CFB1)) { 8067957Skris cipher->mode = mode; 8167957Skris } else { 8267957Skris return BAD_CIPHER_MODE; 8367957Skris } 8467957Skris if (IV != NULL) { 85121257Sume bcopy(IV, cipher->IV, MAX_IV_SIZE); 8667957Skris } else { 87121257Sume bzero(cipher->IV, MAX_IV_SIZE); 8867957Skris } 8967957Skris return TRUE; 9067957Skris} 9167957Skris 9267957Skrisint rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, 9367957Skris BYTE *input, int inputLen, BYTE *outBuffer) { 94121257Sume int i, k, numBlocks; 95121257Sume u8 block[16], iv[4][4]; 9667957Skris 9767957Skris if (cipher == NULL || 9867957Skris key == NULL || 9967957Skris key->direction == DIR_DECRYPT) { 10067957Skris return BAD_CIPHER_STATE; 10167957Skris } 10267957Skris if (input == NULL || inputLen <= 0) { 10367957Skris return 0; /* nothing to do */ 10467957Skris } 10567957Skris 10667957Skris numBlocks = inputLen/128; 10767957Skris 10867957Skris switch (cipher->mode) { 109121257Sume case MODE_ECB: 11067957Skris for (i = numBlocks; i > 0; i--) { 111121257Sume rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); 11267957Skris input += 16; 11367957Skris outBuffer += 16; 11467957Skris } 11567957Skris break; 11667957Skris 11767957Skris case MODE_CBC: 118121085Sume#if 1 /*STRICT_ALIGN*/ 119121257Sume bcopy(cipher->IV, block, 16); 120121257Sume bcopy(input, iv, 16); 121121257Sume ((u32*)block)[0] ^= ((u32*)iv)[0]; 122121257Sume ((u32*)block)[1] ^= ((u32*)iv)[1]; 123121257Sume ((u32*)block)[2] ^= ((u32*)iv)[2]; 124121257Sume ((u32*)block)[3] ^= ((u32*)iv)[3]; 125121085Sume#else 126121257Sume ((u32*)block)[0] = ((u32*)cipher->IV)[0] ^ ((u32*)input)[0]; 127121257Sume ((u32*)block)[1] = ((u32*)cipher->IV)[1] ^ ((u32*)input)[1]; 128121257Sume ((u32*)block)[2] = ((u32*)cipher->IV)[2] ^ ((u32*)input)[2]; 129121257Sume ((u32*)block)[3] = ((u32*)cipher->IV)[3] ^ ((u32*)input)[3]; 130121085Sume#endif 131121257Sume rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); 132121257Sume input += 16; 133121257Sume for (i = numBlocks - 1; i > 0; i--) { 134121085Sume#if 1 /*STRICT_ALIGN*/ 135121257Sume bcopy(outBuffer, block, 16); 136121257Sume bcopy(input, iv, 16); 137121257Sume ((u32*)block)[0] ^= ((u32*)iv)[0]; 138121257Sume ((u32*)block)[1] ^= ((u32*)iv)[1]; 139121257Sume ((u32*)block)[2] ^= ((u32*)iv)[2]; 140121257Sume ((u32*)block)[3] ^= ((u32*)iv)[3]; 141121085Sume#else 142121257Sume ((u32*)block)[0] = ((u32*)outBuffer)[0] ^ ((u32*)input)[0]; 143121257Sume ((u32*)block)[1] = ((u32*)outBuffer)[1] ^ ((u32*)input)[1]; 144121257Sume ((u32*)block)[2] = ((u32*)outBuffer)[2] ^ ((u32*)input)[2]; 145121257Sume ((u32*)block)[3] = ((u32*)outBuffer)[3] ^ ((u32*)input)[3]; 146121085Sume#endif 147121257Sume outBuffer += 16; 148121257Sume rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); 149121050Sume input += 16; 15067957Skris } 15167957Skris break; 152121257Sume 153121257Sume case MODE_CFB1: 154121085Sume#if 1 /*STRICT_ALIGN*/ 155121257Sume bcopy(cipher->IV, iv, 16); 156121257Sume#else /* !STRICT_ALIGN */ 157121257Sume *((u32*)iv[0]) = *((u32*)(cipher->IV )); 158121257Sume *((u32*)iv[1]) = *((u32*)(cipher->IV+ 4)); 159121257Sume *((u32*)iv[2]) = *((u32*)(cipher->IV+ 8)); 160121257Sume *((u32*)iv[3]) = *((u32*)(cipher->IV+12)); 161121257Sume#endif /* ?STRICT_ALIGN */ 162121257Sume for (i = numBlocks; i > 0; i--) { 163121257Sume for (k = 0; k < 128; k++) { 164121257Sume *((u32*) block ) = *((u32*)iv[0]); 165121257Sume *((u32*)(block+ 4)) = *((u32*)iv[1]); 166121257Sume *((u32*)(block+ 8)) = *((u32*)iv[2]); 167121257Sume *((u32*)(block+12)) = *((u32*)iv[3]); 168121257Sume rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); 169121257Sume outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); 170121257Sume iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); 171121257Sume iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); 172121257Sume iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); 173121257Sume iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); 174121257Sume iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); 175121257Sume iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); 176121257Sume iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); 177121257Sume iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); 178121257Sume iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); 179121257Sume iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); 180121257Sume iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); 181121257Sume iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); 182121257Sume iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); 183121257Sume iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); 184121257Sume iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); 185121257Sume iv[3][3] = (iv[3][3] << 1) | ((outBuffer[k/8] >> (7-(k&7))) & 1); 186121257Sume } 187121257Sume } 188121257Sume break; 189121257Sume 19067957Skris default: 19167957Skris return BAD_CIPHER_STATE; 19267957Skris } 19367957Skris 19467957Skris return 128*numBlocks; 19567957Skris} 19667957Skris 19767957Skris/** 19867957Skris * Encrypt data partitioned in octets, using RFC 2040-like padding. 19967957Skris * 20067957Skris * @param input data to be encrypted (octet sequence) 20167957Skris * @param inputOctets input length in octets (not bits) 20267957Skris * @param outBuffer encrypted output data 20367957Skris * 20467957Skris * @return length in octets (not bits) of the encrypted output buffer. 20567957Skris */ 20667957Skrisint rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, 20767957Skris BYTE *input, int inputOctets, BYTE *outBuffer) { 20867957Skris int i, numBlocks, padLen; 209121257Sume u8 block[16], *iv, *cp; 21067957Skris 21167957Skris if (cipher == NULL || 21267957Skris key == NULL || 21367957Skris key->direction == DIR_DECRYPT) { 21467957Skris return BAD_CIPHER_STATE; 21567957Skris } 21667957Skris if (input == NULL || inputOctets <= 0) { 21767957Skris return 0; /* nothing to do */ 21867957Skris } 21967957Skris 22067957Skris numBlocks = inputOctets/16; 22167957Skris 22267957Skris switch (cipher->mode) { 223121257Sume case MODE_ECB: 22467957Skris for (i = numBlocks; i > 0; i--) { 225121257Sume rijndaelEncrypt(input, outBuffer, key->keySched, key->ROUNDS); 22667957Skris input += 16; 22767957Skris outBuffer += 16; 22867957Skris } 22967957Skris padLen = 16 - (inputOctets - 16*numBlocks); 230120157Sume if (padLen <= 0 || padLen > 16) 231105099Sphk return BAD_CIPHER_STATE; 232121257Sume bcopy(input, block, 16 - padLen); 233121257Sume for (cp = block + 16 - padLen; cp < block + 16; cp++) 234121257Sume *cp = padLen; 235121257Sume rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); 23667957Skris break; 23767957Skris 23867957Skris case MODE_CBC: 23967957Skris iv = cipher->IV; 24067957Skris for (i = numBlocks; i > 0; i--) { 241121257Sume ((u32*)block)[0] = ((u32*)input)[0] ^ ((u32*)iv)[0]; 242121257Sume ((u32*)block)[1] = ((u32*)input)[1] ^ ((u32*)iv)[1]; 243121257Sume ((u32*)block)[2] = ((u32*)input)[2] ^ ((u32*)iv)[2]; 244121257Sume ((u32*)block)[3] = ((u32*)input)[3] ^ ((u32*)iv)[3]; 245121257Sume rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); 24667957Skris iv = outBuffer; 24767957Skris input += 16; 24867957Skris outBuffer += 16; 24967957Skris } 25067957Skris padLen = 16 - (inputOctets - 16*numBlocks); 251120206Sume if (padLen <= 0 || padLen > 16) 252105099Sphk return BAD_CIPHER_STATE; 25367957Skris for (i = 0; i < 16 - padLen; i++) { 25467957Skris block[i] = input[i] ^ iv[i]; 25567957Skris } 25667957Skris for (i = 16 - padLen; i < 16; i++) { 25767957Skris block[i] = (BYTE)padLen ^ iv[i]; 25867957Skris } 259121257Sume rijndaelEncrypt(block, outBuffer, key->keySched, key->ROUNDS); 26067957Skris break; 26167957Skris 26267957Skris default: 26367957Skris return BAD_CIPHER_STATE; 26467957Skris } 26567957Skris 26667957Skris return 16*(numBlocks + 1); 26767957Skris} 26867957Skris 26967957Skrisint rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, 27067957Skris BYTE *input, int inputLen, BYTE *outBuffer) { 271121257Sume int i, k, numBlocks; 272121257Sume u8 block[16], iv[4][4]; 27367957Skris 27467957Skris if (cipher == NULL || 27567957Skris key == NULL || 27667957Skris (cipher->mode != MODE_CFB1 && key->direction == DIR_ENCRYPT)) { 27767957Skris return BAD_CIPHER_STATE; 27867957Skris } 27967957Skris if (input == NULL || inputLen <= 0) { 28067957Skris return 0; /* nothing to do */ 28167957Skris } 28267957Skris 28367957Skris numBlocks = inputLen/128; 28467957Skris 28567957Skris switch (cipher->mode) { 286121257Sume case MODE_ECB: 287121257Sume for (i = numBlocks; i > 0; i--) { 288121257Sume rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); 28967957Skris input += 16; 29067957Skris outBuffer += 16; 29167957Skris } 29267957Skris break; 29367957Skris 29467957Skris case MODE_CBC: 295121257Sume#if 1 /*STRICT_ALIGN */ 296121257Sume bcopy(cipher->IV, iv, 16); 297121085Sume#else 298121257Sume *((u32*)iv[0]) = *((u32*)(cipher->IV )); 299121257Sume *((u32*)iv[1]) = *((u32*)(cipher->IV+ 4)); 300121257Sume *((u32*)iv[2]) = *((u32*)(cipher->IV+ 8)); 301121257Sume *((u32*)iv[3]) = *((u32*)(cipher->IV+12)); 302121085Sume#endif 30367957Skris for (i = numBlocks; i > 0; i--) { 304121257Sume rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); 305121257Sume ((u32*)block)[0] ^= *((u32*)iv[0]); 306121257Sume ((u32*)block)[1] ^= *((u32*)iv[1]); 307121257Sume ((u32*)block)[2] ^= *((u32*)iv[2]); 308121257Sume ((u32*)block)[3] ^= *((u32*)iv[3]); 309121085Sume#if 1 /*STRICT_ALIGN*/ 310121257Sume bcopy(input, iv, 16); 311121257Sume bcopy(block, outBuffer, 16); 312121085Sume#else 313121257Sume *((u32*)iv[0]) = ((u32*)input)[0]; ((u32*)outBuffer)[0] = ((u32*)block)[0]; 314121257Sume *((u32*)iv[1]) = ((u32*)input)[1]; ((u32*)outBuffer)[1] = ((u32*)block)[1]; 315121257Sume *((u32*)iv[2]) = ((u32*)input)[2]; ((u32*)outBuffer)[2] = ((u32*)block)[2]; 316121257Sume *((u32*)iv[3]) = ((u32*)input)[3]; ((u32*)outBuffer)[3] = ((u32*)block)[3]; 317121085Sume#endif 31867957Skris input += 16; 31967957Skris outBuffer += 16; 32067957Skris } 32167957Skris break; 322121257Sume 323121257Sume case MODE_CFB1: 324121257Sume#if 1 /*STRICT_ALIGN */ 325121257Sume bcopy(cipher->IV, iv, 16); 326121085Sume#else 327121257Sume *((u32*)iv[0]) = *((u32*)(cipher->IV)); 328121257Sume *((u32*)iv[1]) = *((u32*)(cipher->IV+ 4)); 329121257Sume *((u32*)iv[2]) = *((u32*)(cipher->IV+ 8)); 330121257Sume *((u32*)iv[3]) = *((u32*)(cipher->IV+12)); 331121085Sume#endif 332121257Sume for (i = numBlocks; i > 0; i--) { 333121257Sume for (k = 0; k < 128; k++) { 334121257Sume *((u32*) block ) = *((u32*)iv[0]); 335121257Sume *((u32*)(block+ 4)) = *((u32*)iv[1]); 336121257Sume *((u32*)(block+ 8)) = *((u32*)iv[2]); 337121257Sume *((u32*)(block+12)) = *((u32*)iv[3]); 338121257Sume rijndaelEncrypt(block, block, key->keySched, key->ROUNDS); 339121257Sume iv[0][0] = (iv[0][0] << 1) | (iv[0][1] >> 7); 340121257Sume iv[0][1] = (iv[0][1] << 1) | (iv[0][2] >> 7); 341121257Sume iv[0][2] = (iv[0][2] << 1) | (iv[0][3] >> 7); 342121257Sume iv[0][3] = (iv[0][3] << 1) | (iv[1][0] >> 7); 343121257Sume iv[1][0] = (iv[1][0] << 1) | (iv[1][1] >> 7); 344121257Sume iv[1][1] = (iv[1][1] << 1) | (iv[1][2] >> 7); 345121257Sume iv[1][2] = (iv[1][2] << 1) | (iv[1][3] >> 7); 346121257Sume iv[1][3] = (iv[1][3] << 1) | (iv[2][0] >> 7); 347121257Sume iv[2][0] = (iv[2][0] << 1) | (iv[2][1] >> 7); 348121257Sume iv[2][1] = (iv[2][1] << 1) | (iv[2][2] >> 7); 349121257Sume iv[2][2] = (iv[2][2] << 1) | (iv[2][3] >> 7); 350121257Sume iv[2][3] = (iv[2][3] << 1) | (iv[3][0] >> 7); 351121257Sume iv[3][0] = (iv[3][0] << 1) | (iv[3][1] >> 7); 352121257Sume iv[3][1] = (iv[3][1] << 1) | (iv[3][2] >> 7); 353121257Sume iv[3][2] = (iv[3][2] << 1) | (iv[3][3] >> 7); 354121257Sume iv[3][3] = (iv[3][3] << 1) | ((input[k/8] >> (7-(k&7))) & 1); 355121257Sume outBuffer[k/8] ^= (block[0] & 0x80) >> (k & 7); 356121257Sume } 357121257Sume } 358121257Sume break; 359121050Sume 36067957Skris default: 36167957Skris return BAD_CIPHER_STATE; 36267957Skris } 36367957Skris 36467957Skris return 128*numBlocks; 36567957Skris} 36667957Skris 36767957Skrisint rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, 36867957Skris BYTE *input, int inputOctets, BYTE *outBuffer) { 36967957Skris int i, numBlocks, padLen; 370121257Sume u8 block[16]; 371121257Sume u32 iv[4]; 37267957Skris 37367957Skris if (cipher == NULL || 37467957Skris key == NULL || 37567957Skris key->direction == DIR_ENCRYPT) { 37667957Skris return BAD_CIPHER_STATE; 37767957Skris } 37867957Skris if (input == NULL || inputOctets <= 0) { 37967957Skris return 0; /* nothing to do */ 38067957Skris } 38167957Skris if (inputOctets % 16 != 0) { 38267957Skris return BAD_DATA; 38367957Skris } 38467957Skris 38567957Skris numBlocks = inputOctets/16; 38667957Skris 38767957Skris switch (cipher->mode) { 38867957Skris case MODE_ECB: 38967957Skris /* all blocks but last */ 390121257Sume for (i = numBlocks - 1; i > 0; i--) { 391121257Sume rijndaelDecrypt(input, outBuffer, key->keySched, key->ROUNDS); 39267957Skris input += 16; 39367957Skris outBuffer += 16; 39467957Skris } 39567957Skris /* last block */ 396121257Sume rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); 39767957Skris padLen = block[15]; 39867957Skris if (padLen >= 16) { 39967957Skris return BAD_DATA; 40067957Skris } 40167957Skris for (i = 16 - padLen; i < 16; i++) { 40267957Skris if (block[i] != padLen) { 40367957Skris return BAD_DATA; 40467957Skris } 40567957Skris } 406121257Sume bcopy(block, outBuffer, 16 - padLen); 40767957Skris break; 40867957Skris 40967957Skris case MODE_CBC: 410121257Sume bcopy(cipher->IV, iv, 16); 41167957Skris /* all blocks but last */ 41267957Skris for (i = numBlocks - 1; i > 0; i--) { 413121257Sume rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); 414121257Sume ((u32*)block)[0] ^= iv[0]; 415121257Sume ((u32*)block)[1] ^= iv[1]; 416121257Sume ((u32*)block)[2] ^= iv[2]; 417121257Sume ((u32*)block)[3] ^= iv[3]; 418121257Sume bcopy(input, iv, 16); 419121257Sume bcopy(block, outBuffer, 16); 42067957Skris input += 16; 42167957Skris outBuffer += 16; 42267957Skris } 42367957Skris /* last block */ 424121257Sume rijndaelDecrypt(input, block, key->keySched, key->ROUNDS); 425121257Sume ((u32*)block)[0] ^= iv[0]; 426121257Sume ((u32*)block)[1] ^= iv[1]; 427121257Sume ((u32*)block)[2] ^= iv[2]; 428121257Sume ((u32*)block)[3] ^= iv[3]; 42967957Skris padLen = block[15]; 43067957Skris if (padLen <= 0 || padLen > 16) { 43167957Skris return BAD_DATA; 43267957Skris } 43367957Skris for (i = 16 - padLen; i < 16; i++) { 43467957Skris if (block[i] != padLen) { 43567957Skris return BAD_DATA; 43667957Skris } 43767957Skris } 438121257Sume bcopy(block, outBuffer, 16 - padLen); 43967957Skris break; 44067957Skris 44167957Skris default: 44267957Skris return BAD_CIPHER_STATE; 44367957Skris } 44467957Skris 44567957Skris return 16*numBlocks - padLen; 44667957Skris} 44767957Skris 448121257Sume#ifdef INTERMEDIATE_VALUE_KAT 449121257Sume/** 450121257Sume * cipherUpdateRounds: 451121257Sume * 452121257Sume * Encrypts/Decrypts exactly one full block a specified number of rounds. 453121257Sume * Only used in the Intermediate Value Known Answer Test. 454121257Sume * 455121257Sume * Returns: 456121257Sume * TRUE - on success 457121257Sume * BAD_CIPHER_STATE - cipher in bad state (e.g., not initialized) 458121257Sume */ 459121257Sumeint rijndael_cipherUpdateRounds(cipherInstance *cipher, keyInstance *key, 460121257Sume BYTE *input, int inputLen, BYTE *outBuffer, int rounds) { 461121257Sume int j; 462121257Sume u8 block[4][4]; 463121257Sume 464121257Sume if (cipher == NULL || key == NULL) { 465121257Sume return BAD_CIPHER_STATE; 466121257Sume } 467121257Sume 468121257Sume for (j = 3; j >= 0; j--) { 469121257Sume /* parse input stream into rectangular array */ 470121257Sume *((u32*)block[j]) = *((u32*)(input+4*j)); 471121257Sume } 472121257Sume 473121257Sume switch (key->direction) { 474121257Sume case DIR_ENCRYPT: 475121257Sume rijndaelEncryptRound(block, key->keySched, key->ROUNDS, rounds); 476121257Sume break; 477121257Sume 478121257Sume case DIR_DECRYPT: 479121257Sume rijndaelDecryptRound(block, key->keySched, key->ROUNDS, rounds); 480121257Sume break; 481121257Sume 482121257Sume default: 483121257Sume return BAD_KEY_DIR; 484121257Sume } 485121257Sume 486121257Sume for (j = 3; j >= 0; j--) { 487121257Sume /* parse rectangular array into output ciphertext bytes */ 488121257Sume *((u32*)(outBuffer+4*j)) = *((u32*)block[j]); 489121257Sume } 490121257Sume 491121257Sume return TRUE; 492121257Sume} 493121257Sume#endif /* INTERMEDIATE_VALUE_KAT */ 494