Compare commits

...

13 commits

2 changed files with 83 additions and 13 deletions

View file

@ -106,5 +106,8 @@
}
],
"compounds": []
},
"settings": {
"cortex-debug.variableUseNaturalFormat": false
}
}

View file

@ -11,6 +11,8 @@ http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
/* AES Constants */
// AES polynomial
const uint16_t POLYNOMIAL = 0b100011011;
// forward sbox
const uint8_t SBOX[256] = {
@ -78,26 +80,58 @@ uint32_t subWord(uint32_t w) {
}
void subBytes(t_state s) {
s[0] = 0; /* ??? */
for (uint8_t i = 0; i < 4; i++) {
s[i] = subWord(s[i]);
}
}
void shiftRows(t_state s) {
/* ??? */
for (uint8_t i = 0; i < 4; i++) {
uint32_t mask = 0xFF << (i * 8);
for (uint8_t shiftCount = 0; shiftCount < i; shiftCount++) {
for (uint8_t currentByte = 0; currentByte < 3; currentByte++) {
// Swap s[currentByte] and s[currentByte + 1]
s[currentByte] = s[currentByte] ^ (mask & s[currentByte + 1]);
s[currentByte + 1] = s[currentByte + 1] ^ (mask & s[currentByte]);
s[currentByte] = s[currentByte] ^ (mask & s[currentByte + 1]);
}
}
}
}
uint8_t xtime(uint8_t a) {
return 0; /* ??? */
uint8_t mask;
if (a & 0b10000000) {
mask = POLYNOMIAL & 0xFF;
}
else {
mask = 0x00;
}
return ((a << 1) ^ mask) & 0xFF;
}
// not mandatory - mix a single column
uint32_t mixColumn(uint32_t c) {
return 0; /* ??? */
uint32_t result = c;
uint8_t *source = (uint8_t*)(&c);
uint8_t *target = (uint8_t*)(&result);
uint8_t base = *source ^ *(source + 1) ^ *(source + 2) ^ *(source + 3);
*target ^= base ^ xtime(*source ^ *(source + 1));
*(target + 1) ^= base ^ xtime(*(source + 1) ^ *(source + 2));
*(target + 2) ^= base ^ xtime(*(source + 2) ^ *(source + 3));
*(target + 3) ^= base ^ xtime(*(source + 3) ^ *source);
return result;
}
void mixColumns(t_state s) {
/* ??? */
for (uint8_t i = 0; i < 4; i++) {
s[i] = mixColumn(s[i]);
}
}
/*
@ -105,14 +139,31 @@ void mixColumns(t_state s) {
* to 11 round keys (11*4*32b)
* each round key is 4*32b
*/
// Taken from: https://www.brainkart.com/article/AES-Key-Expansion_8410/
void expandKey(uint8_t k[16], uint32_t ek[44]) {
/* ??? */
for (uint8_t i = 0; i < 4; i++) {
ek[i] = word(k[i * 4], k[i * 4 + 1], k[i * 4 + 2], k[i * 4 + 3]);
}
for (uint8_t i = 4; i < 44; i++) {
uint32_t key = ek[i - 1];
if (i % 4 == 0) {
key = (key >> 8) | (key << 24);
key = subWord(key) ^ rCon[i / 4];
}
ek[i] = ek[i - 4] ^ key;
}
}
/* Adding expanded round key (prepared before) */
void addRoundKey(t_state s, uint32_t ek[], short round) {
/* ??? */
s[0] ^= ek[round];
s[1] ^= ek[round + 1];
s[2] ^= ek[round + 2];
s[3] ^= ek[round + 3];
}
void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
@ -122,8 +173,9 @@ void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
t_state state;
state[0] = word(in[0], in[1], in[2], in[3]);
/* ??? */
for (uint8_t i = 0; i < 4; i++) {
state[i] = word(in[i * 4], in[i * 4 + 1], in[i * 4 + 2], in[i * 4 + 3]);
}
printf("IN: "); printstate(state);
@ -139,10 +191,25 @@ void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
addRoundKey(state, expKey, 0);
printf("ARK: "); printstate(state);
/* ??? */
/* ??? */
/* ??? */
for (int i = 1; i <= 10; i++) {
subBytes(state);
printf("SB: ");
printstate(state);
shiftRows(state);
printf("SR: ");
printstate(state);
if (i < 10) {
mixColumns(state);
printf("MC: ");
printstate(state);
}
addRoundKey(state, expKey, 4*i);
printf("ARK: ");
printstate(state);
}
for (int i = 0; i < 16; i++) {
if (i < 4) out[i] = wbyte(state[0], i % 4);
@ -265,7 +332,7 @@ int main(int argc, char* argv[])
// test AddRoundKey (last round)
t_state state = { 0x01234567, 0x89abcdef, 0xdeadbeef, 0x00112233 };
t_state res_state = { 0xb46d152d, 0x45e164c3, 0xa7cab335, 0x910eed36 };
addRoundKey(state, key_w, 10);
addRoundKey(state, key_w, 40);
printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", state[0], state[1], state[2], state[3]);
for (int i = 0; i < 4; i++) {
if (state[i] != res_state[i]) { printf("Mismatch at state[%d]!\n", i); }