Implement AES algorithm

Fix broken expandKey function
Initialize AES state properly
2023-11-14 11:06:11 +01:00 · 2023-11-14 11:04:48 +01:00 · 2023-11-14 08:58:24 +01:00 · 2023-11-14 08:58:09 +01:00 · 2023-11-14 08:53:30 +01:00 · 2023-11-14 08:53:21 +01:00
2 changed files with 83 additions and 13 deletions
--- a/HWBTutorials.code-workspace
+++ b/HWBTutorials.code-workspace
@ -106,5 +106,8 @@
            }
        ],
        "compounds": []
    },
    "settings": {
        "cortex-debug.variableUseNaturalFormat": false
    }
 }
--- a/aes/aes.cpp
+++ b/aes/aes.cpp
@ -11,6 +11,8 @@ http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
 */
 /* AES Constants */
 // AES polynomial
 const uint16_t POLYNOMIAL = 0b100011011;
 // forward sbox
 const uint8_t SBOX[256] = {
@ -78,26 +80,58 @@ uint32_t subWord(uint32_t w) {
 }
 void subBytes(t_state s) {
-    s[0] = 0; /* ??? */
+    for (uint8_t i = 0; i < 4; i++) {
        s[i] = subWord(s[i]);
    }
 }
 void shiftRows(t_state s) {
-    /* ??? */
+    for (uint8_t i = 0; i < 4; i++) {
        uint32_t mask = 0xFF << (i * 8);
        for (uint8_t shiftCount = 0; shiftCount < i; shiftCount++) {
            for (uint8_t currentByte = 0; currentByte < 3; currentByte++) {
                // Swap s[currentByte] and s[currentByte + 1]
                s[currentByte] = s[currentByte] ^ (mask & s[currentByte + 1]);
                s[currentByte + 1] = s[currentByte + 1] ^ (mask & s[currentByte]);
                s[currentByte] = s[currentByte] ^ (mask & s[currentByte + 1]);
            }
        }
    }
 }
 uint8_t xtime(uint8_t a) {
-    return 0; /* ??? */
+    uint8_t mask;
    if (a & 0b10000000) {
        mask = POLYNOMIAL & 0xFF;
    }
    else {
        mask = 0x00;
    }
    return ((a << 1) ^ mask) & 0xFF;
 }
 // not mandatory - mix a single column
 uint32_t mixColumn(uint32_t c) {
-    return 0; /* ??? */
+    uint32_t result = c;
    uint8_t *source = (uint8_t*)(&c);
    uint8_t *target = (uint8_t*)(&result);
    uint8_t base = *source ^ *(source + 1) ^ *(source + 2) ^ *(source + 3);
    *target ^= base ^ xtime(*source ^ *(source + 1));
    *(target + 1) ^= base ^ xtime(*(source + 1) ^ *(source + 2));
    *(target + 2) ^= base ^ xtime(*(source  + 2) ^ *(source + 3));
    *(target + 3) ^= base ^ xtime(*(source + 3) ^ *source);
    return result;
 }
 void mixColumns(t_state s) {
-    /* ??? */
+    for (uint8_t i = 0; i < 4; i++) {
        s[i] = mixColumn(s[i]);
    }
 }
 /*
@ -105,14 +139,31 @@ void mixColumns(t_state s) {
 * to 11 round keys (11*4*32b)
 * each round key is 4*32b
 */
 // Taken from: https://www.brainkart.com/article/AES-Key-Expansion_8410/
 void expandKey(uint8_t k[16], uint32_t ek[44]) {
-    /* ??? */
+    for (uint8_t i = 0; i < 4; i++) {
        ek[i] = word(k[i * 4], k[i * 4 + 1], k[i * 4 + 2], k[i * 4 + 3]);
    }
    for (uint8_t i = 4; i < 44; i++) {
        uint32_t key = ek[i - 1];
        if (i % 4 == 0) {
            key = (key >> 8) | (key << 24);
            key = subWord(key) ^ rCon[i / 4];
        }
        ek[i] = ek[i - 4] ^ key;
    }
 }
 /* Adding expanded round key (prepared before) */
 void addRoundKey(t_state s, uint32_t ek[], short round) {
-    /* ??? */
+    s[0] ^= ek[round];
    s[1] ^= ek[round + 1];
    s[2] ^= ek[round + 2];
    s[3] ^= ek[round + 3];
 }
 void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
@ -122,8 +173,9 @@ void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
    t_state state;
-    state[0] = word(in[0],  in[1],  in[2],  in[3]);
+    for (uint8_t i = 0; i < 4; i++) {
-    /* ??? */
+        state[i] = word(in[i * 4], in[i * 4 + 1], in[i * 4 + 2], in[i * 4 + 3]);
    }
    printf("IN:  "); printstate(state);
@ -139,10 +191,25 @@ void aes(uint8_t *in, uint8_t *out, uint8_t *skey)
    addRoundKey(state, expKey, 0);
    printf("ARK: "); printstate(state);
-    /* ??? */
+    for (int i = 1; i <= 10; i++) {
-    /* ??? */
+        subBytes(state);
-    /* ??? */
+        printf("SB:  ");
        printstate(state);
        shiftRows(state);
        printf("SR:  ");
        printstate(state);
        if (i < 10) {
            mixColumns(state);
            printf("MC:  ");
            printstate(state);
        }
        addRoundKey(state, expKey, 4*i);
        printf("ARK: ");
        printstate(state);
    }
    for (int i = 0; i < 16; i++) {
        if (i < 4) out[i] = wbyte(state[0], i % 4);
@ -265,7 +332,7 @@ int main(int argc, char* argv[])
        // test  AddRoundKey (last round)
        t_state state = { 0x01234567, 0x89abcdef, 0xdeadbeef, 0x00112233 };
        t_state res_state = { 0xb46d152d, 0x45e164c3, 0xa7cab335, 0x910eed36 };
-        addRoundKey(state, key_w, 10);
+        addRoundKey(state, key_w, 40);
        printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", state[0], state[1], state[2], state[3]);
        for (int i = 0; i < 4; i++) {
            if (state[i] != res_state[i]) { printf("Mismatch at state[%d]!\n", i); }
Author	SHA1	Message	Date
Manuel Thalmann	4720e95cf2	Implement AES algorithm	2023-11-14 11:06:11 +01:00
Manuel Thalmann	afe36cebe6	Fix broken `expandKey` function	2023-11-14 11:04:48 +01:00
Manuel Thalmann	579450af2b	Initialize AES state properly	2023-11-14 08:58:24 +01:00
Manuel Thalmann	2be8b672cb	Simplify key expansion	2023-11-14 08:58:09 +01:00
Manuel Thalmann	ea7b6b89de	Implement `addRoundKey`	2023-11-14 08:53:30 +01:00
Manuel Thalmann	aff464383e	Fix non-functioning test	2023-11-14 08:53:21 +01:00
Manuel Thalmann	79d2776d41	Implement `expandKey`	2023-11-14 08:32:32 +01:00
Manuel Thalmann	6587c04608	Implement `mixColumns` function	2023-11-12 20:18:03 +01:00
Manuel Thalmann	ffe2b8ef9a	Store polynomial in a constant variable	2023-11-12 20:17:51 +01:00
Manuel Thalmann	b3c10424a4	Add an `xtime` implementation	2023-11-08 22:27:12 +01:00
Manuel Thalmann	87f3102a45	Implement `shiftRows`	2023-11-07 19:25:49 +01:00
Manuel Thalmann	755623b0dc	Implement `subBytes`	2023-11-07 19:25:41 +01:00
Manuel Thalmann	1e52c33976	Display debug values in hex	2023-11-07 19:25:18 +01:00