Rizin
unix-like reverse engineering framework and cli tools
aes-decrypt-internal.c File Reference
#include <assert.h>
#include "aes-internal.h"
#include "macros.h"

Go to the source code of this file.

Functions

void _nettle_aes_decrypt (unsigned rounds, const uint32_t *keys, const struct aes_table *T, size_t length, uint8_t *dst, const uint8_t *src)
 

Function Documentation

◆ _nettle_aes_decrypt()

void _nettle_aes_decrypt ( unsigned  rounds,
const uint32_t keys,
const struct aes_table T,
size_t  length,
uint8_t dst,
const uint8_t src 
)

Definition at line 57 of file aes-decrypt-internal.c.

61 {
63  {
64  uint32_t w0, w1, w2, w3; /* working ciphertext */
65  uint32_t t0, t1, t2, t3;
66  unsigned i;
67 
68  /* Get clear text, using little-endian byte order.
69  * Also XOR with the first subkey. */
70 
71  w0 = LE_READ_UINT32(src) ^ keys[0];
72  w1 = LE_READ_UINT32(src + 4) ^ keys[1];
73  w2 = LE_READ_UINT32(src + 8) ^ keys[2];
74  w3 = LE_READ_UINT32(src + 12) ^ keys[3];
75 
76  for (i = 1; i < rounds; i++)
77  {
78  t0 = AES_ROUND(T, w0, w3, w2, w1, keys[4*i]);
79  t1 = AES_ROUND(T, w1, w0, w3, w2, keys[4*i + 1]);
80  t2 = AES_ROUND(T, w2, w1, w0, w3, keys[4*i + 2]);
81  t3 = AES_ROUND(T, w3, w2, w1, w0, keys[4*i + 3]);
82 
83  /* We could unroll the loop twice, to avoid these
84  assignments. If all eight variables fit in registers,
85  that should give a slight speedup. */
86  w0 = t0;
87  w1 = t1;
88  w2 = t2;
89  w3 = t3;
90  }
91 
92  /* Final round */
93 
94  t0 = AES_FINAL_ROUND(T, w0, w3, w2, w1, keys[4*i]);
95  t1 = AES_FINAL_ROUND(T, w1, w0, w3, w2, keys[4*i + 1]);
96  t2 = AES_FINAL_ROUND(T, w2, w1, w0, w3, keys[4*i + 2]);
97  t3 = AES_FINAL_ROUND(T, w3, w2, w1, w0, keys[4*i + 3]);
98 
99  LE_WRITE_UINT32(dst, t0);
100  LE_WRITE_UINT32(dst + 4, t1);
101  LE_WRITE_UINT32(dst + 8, t2);
102  LE_WRITE_UINT32(dst + 12, t3);
103  }
104 }
#define T(op)
#define AES_ROUND(T, w0, w1, w2, w3, k)
Definition: aes-internal.h:90
#define AES_FINAL_ROUND(T, w0, w1, w2, w3, k)
Definition: aes-internal.h:96
lzma_index ** i
Definition: index.h:629
lzma_index * src
Definition: index.h:567
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void length
Definition: sflib.h:133
char * dst
Definition: lz4.h:724
#define FOR_BLOCKS(length, dst, src, blocksize)
Definition: macros.h:148
#define LE_WRITE_UINT32(p, i)
Definition: macros.h:128
#define LE_READ_UINT32(p)
Definition: macros.h:122
static struct @218 keys[]
unsigned int uint32_t
Definition: sftypes.h:29
#define AES_BLOCK_SIZE
Definition: zipint.h:77

References AES_BLOCK_SIZE, AES_FINAL_ROUND, AES_ROUND, dst, FOR_BLOCKS, i, keys, LE_READ_UINT32, LE_WRITE_UINT32, length, src, T, benchmark::t1, w0, w1, w2, and w3.

Referenced by nettle_aes128_decrypt(), nettle_aes192_decrypt(), and nettle_aes256_decrypt().