Coverage Report

Created: 2017-10-25 09:10

/root/src/xen/xen/crypto/rijndael.c
Line
Count
Source (jump to first uncovered line)
1
/*  $OpenBSD: rijndael.c,v 1.19 2008/06/09 07:49:45 djm Exp $ */
2
3
/**
4
 * rijndael-alg-fst.c
5
 *
6
 * @version 3.0 (December 2000)
7
 *
8
 * Optimised ANSI C code for the Rijndael cipher (now AES)
9
 *
10
 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
11
 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
12
 * @author Paulo Barreto <paulo.barreto@terra.com.br>
13
 *
14
 * This code is hereby placed in the public domain.
15
 *
16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
17
 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
20
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
23
 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
25
 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
26
 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
 */
28
29
/* start for Xen */
30
#include <xen/init.h>
31
#include <xen/types.h>
32
#include <xen/lib.h>
33
#include <crypto/rijndael.h>
34
/* end for Xen */
35
36
#undef FULL_UNROLL
37
38
/*
39
Te0[x] = S [x].[02, 01, 01, 03];
40
Te1[x] = S [x].[03, 02, 01, 01];
41
Te2[x] = S [x].[01, 03, 02, 01];
42
Te3[x] = S [x].[01, 01, 03, 02];
43
Te4[x] = S [x].[01, 01, 01, 01];
44
45
Td0[x] = Si[x].[0e, 09, 0d, 0b];
46
Td1[x] = Si[x].[0b, 0e, 09, 0d];
47
Td2[x] = Si[x].[0d, 0b, 0e, 09];
48
Td3[x] = Si[x].[09, 0d, 0b, 0e];
49
Td4[x] = Si[x].[01, 01, 01, 01];
50
*/
51
52
static const u32 Te0[256] = {
53
    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
54
    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
55
    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
56
    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
57
    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
58
    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
59
    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
60
    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
61
    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
62
    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
63
    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
64
    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
65
    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
66
    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
67
    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
68
    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
69
    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
70
    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
71
    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
72
    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
73
    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
74
    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
75
    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
76
    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
77
    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
78
    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
79
    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
80
    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
81
    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
82
    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
83
    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
84
    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
85
    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
86
    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
87
    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
88
    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
89
    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
90
    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
91
    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
92
    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
93
    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
94
    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
95
    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
96
    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
97
    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
98
    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
99
    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
100
    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
101
    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
102
    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
103
    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
104
    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
105
    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
106
    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
107
    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
108
    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
109
    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
110
    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
111
    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
112
    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
113
    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
114
    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
115
    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
116
    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
117
};
118
static const u32 Te1[256] = {
119
    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
120
    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
121
    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
122
    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
123
    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
124
    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
125
    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
126
    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
127
    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
128
    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
129
    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
130
    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
131
    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
132
    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
133
    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
134
    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
135
    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
136
    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
137
    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
138
    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
139
    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
140
    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
141
    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
142
    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
143
    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
144
    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
145
    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
146
    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
147
    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
148
    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
149
    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
150
    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
151
    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
152
    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
153
    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
154
    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
155
    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
156
    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
157
    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
158
    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
159
    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
160
    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
161
    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
162
    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
163
    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
164
    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
165
    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
166
    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
167
    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
168
    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
169
    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
170
    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
171
    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
172
    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
173
    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
174
    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
175
    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
176
    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
177
    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
178
    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
179
    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
180
    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
181
    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
182
    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
183
};
184
static const u32 Te2[256] = {
185
    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
186
    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
187
    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
188
    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
189
    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
190
    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
191
    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
192
    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
193
    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
194
    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
195
    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
196
    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
197
    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
198
    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
199
    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
200
    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
201
    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
202
    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
203
    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
204
    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
205
    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
206
    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
207
    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
208
    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
209
    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
210
    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
211
    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
212
    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
213
    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
214
    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
215
    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
216
    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
217
    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
218
    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
219
    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
220
    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
221
    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
222
    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
223
    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
224
    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
225
    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
226
    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
227
    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
228
    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
229
    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
230
    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
231
    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
232
    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
233
    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
234
    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
235
    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
236
    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
237
    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
238
    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
239
    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
240
    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
241
    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
242
    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
243
    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
244
    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
245
    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
246
    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
247
    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
248
    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
249
};
250
static const u32 Te3[256] = {
251
    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
252
    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
253
    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
254
    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
255
    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
256
    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
257
    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
258
    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
259
    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
260
    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
261
    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
262
    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
263
    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
264
    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
265
    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
266
    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
267
    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
268
    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
269
    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
270
    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
271
    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
272
    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
273
    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
274
    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
275
    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
276
    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
277
    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
278
    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
279
    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
280
    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
281
    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
282
    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
283
    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
284
    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
285
    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
286
    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
287
    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
288
    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
289
    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
290
    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
291
    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
292
    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
293
    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
294
    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
295
    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
296
    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
297
    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
298
    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
299
    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
300
    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
301
    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
302
    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
303
    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
304
    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
305
    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
306
    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
307
    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
308
    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
309
    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
310
    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
311
    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
312
    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
313
    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
314
    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
315
};
316
static const u32 Te4[256] = {
317
    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
318
    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
319
    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
320
    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
321
    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
322
    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
323
    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
324
    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
325
    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
326
    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
327
    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
328
    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
329
    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
330
    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
331
    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
332
    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
333
    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
334
    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
335
    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
336
    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
337
    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
338
    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
339
    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
340
    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
341
    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
342
    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
343
    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
344
    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
345
    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
346
    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
347
    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
348
    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
349
    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
350
    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
351
    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
352
    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
353
    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
354
    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
355
    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
356
    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
357
    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
358
    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
359
    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
360
    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
361
    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
362
    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
363
    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
364
    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
365
    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
366
    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
367
    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
368
    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
369
    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
370
    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
371
    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
372
    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
373
    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
374
    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
375
    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
376
    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
377
    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
378
    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
379
    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
380
    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
381
};
382
383
#ifdef NEED_RIJNDAEL_DECRYPT
384
static const u32 Td0[256] = {
385
    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
386
    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
387
    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
388
    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
389
    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
390
    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
391
    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
392
    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
393
    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
394
    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
395
    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
396
    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
397
    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
398
    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
399
    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
400
    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
401
    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
402
    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
403
    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
404
    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
405
    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
406
    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
407
    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
408
    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
409
    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
410
    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
411
    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
412
    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
413
    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
414
    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
415
    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
416
    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
417
    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
418
    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
419
    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
420
    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
421
    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
422
    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
423
    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
424
    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
425
    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
426
    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
427
    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
428
    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
429
    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
430
    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
431
    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
432
    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
433
    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
434
    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
435
    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
436
    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
437
    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
438
    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
439
    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
440
    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
441
    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
442
    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
443
    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
444
    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
445
    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
446
    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
447
    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
448
    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
449
};
450
static const u32 Td1[256] = {
451
    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
452
    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
453
    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
454
    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
455
    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
456
    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
457
    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
458
    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
459
    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
460
    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
461
    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
462
    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
463
    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
464
    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
465
    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
466
    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
467
    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
468
    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
469
    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
470
    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
471
    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
472
    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
473
    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
474
    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
475
    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
476
    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
477
    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
478
    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
479
    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
480
    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
481
    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
482
    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
483
    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
484
    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
485
    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
486
    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
487
    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
488
    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
489
    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
490
    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
491
    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
492
    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
493
    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
494
    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
495
    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
496
    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
497
    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
498
    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
499
    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
500
    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
501
    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
502
    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
503
    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
504
    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
505
    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
506
    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
507
    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
508
    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
509
    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
510
    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
511
    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
512
    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
513
    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
514
    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
515
};
516
static const u32 Td2[256] = {
517
    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
518
    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
519
    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
520
    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
521
    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
522
    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
523
    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
524
    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
525
    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
526
    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
527
    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
528
    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
529
    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
530
    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
531
    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
532
    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
533
    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
534
    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
535
    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
536
    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
537
    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
538
    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
539
    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
540
    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
541
    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
542
    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
543
    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
544
    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
545
    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
546
    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
547
    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
548
    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
549
    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
550
    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
551
    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
552
    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
553
    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
554
    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
555
    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
556
    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
557
    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
558
    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
559
    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
560
    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
561
    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
562
    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
563
    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
564
    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
565
    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
566
    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
567
    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
568
    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
569
    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
570
    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
571
    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
572
    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
573
    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
574
    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
575
    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
576
    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
577
    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
578
    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
579
    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
580
    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
581
};
582
static const u32 Td3[256] = {
583
    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
584
    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
585
    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
586
    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
587
    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
588
    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
589
    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
590
    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
591
    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
592
    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
593
    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
594
    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
595
    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
596
    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
597
    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
598
    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
599
    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
600
    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
601
    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
602
    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
603
    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
604
    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
605
    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
606
    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
607
    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
608
    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
609
    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
610
    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
611
    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
612
    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
613
    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
614
    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
615
    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
616
    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
617
    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
618
    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
619
    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
620
    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
621
    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
622
    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
623
    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
624
    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
625
    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
626
    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
627
    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
628
    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
629
    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
630
    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
631
    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
632
    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
633
    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
634
    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
635
    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
636
    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
637
    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
638
    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
639
    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
640
    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
641
    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
642
    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
643
    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
644
    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
645
    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
646
    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
647
};
648
static const u32 Td4[256] = {
649
    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
650
    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
651
    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
652
    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
653
    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
654
    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
655
    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
656
    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
657
    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
658
    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
659
    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
660
    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
661
    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
662
    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
663
    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
664
    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
665
    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
666
    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
667
    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
668
    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
669
    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
670
    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
671
    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
672
    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
673
    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
674
    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
675
    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
676
    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
677
    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
678
    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
679
    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
680
    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
681
    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
682
    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
683
    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
684
    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
685
    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
686
    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
687
    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
688
    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
689
    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
690
    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
691
    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
692
    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
693
    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
694
    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
695
    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
696
    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
697
    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
698
    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
699
    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
700
    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
701
    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
702
    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
703
    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
704
    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
705
    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
706
    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
707
    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
708
    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
709
    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
710
    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
711
    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
712
    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
713
};
714
#endif
715
static const u32 rcon[] = {
716
  0x01000000, 0x02000000, 0x04000000, 0x08000000,
717
  0x10000000, 0x20000000, 0x40000000, 0x80000000,
718
  0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
719
};
720
721
0
#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
722
0
#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
723
724
/**
725
 * Expand the cipher key into the encryption key schedule.
726
 *
727
 * @return  the number of rounds for the given cipher key size.
728
 */
729
int
730
rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
731
0
{
732
0
    int i = 0;
733
0
  u32 temp;
734
0
735
0
  rk[0] = GETU32(cipherKey     );
736
0
  rk[1] = GETU32(cipherKey +  4);
737
0
  rk[2] = GETU32(cipherKey +  8);
738
0
  rk[3] = GETU32(cipherKey + 12);
739
0
  if (keyBits == 128) {
740
0
    for (;;) {
741
0
      temp  = rk[3];
742
0
      rk[4] = rk[0] ^
743
0
        (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
744
0
        (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
745
0
        (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
746
0
        (Te4[(temp >> 24)       ] & 0x000000ff) ^
747
0
        rcon[i];
748
0
      rk[5] = rk[1] ^ rk[4];
749
0
      rk[6] = rk[2] ^ rk[5];
750
0
      rk[7] = rk[3] ^ rk[6];
751
0
      if (++i == 10) {
752
0
        return 10;
753
0
      }
754
0
      rk += 4;
755
0
    }
756
0
  }
757
0
  rk[4] = GETU32(cipherKey + 16);
758
0
  rk[5] = GETU32(cipherKey + 20);
759
0
  if (keyBits == 192) {
760
0
    for (;;) {
761
0
      temp = rk[ 5];
762
0
      rk[ 6] = rk[ 0] ^
763
0
        (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
764
0
        (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
765
0
        (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
766
0
        (Te4[(temp >> 24)       ] & 0x000000ff) ^
767
0
        rcon[i];
768
0
      rk[ 7] = rk[ 1] ^ rk[ 6];
769
0
      rk[ 8] = rk[ 2] ^ rk[ 7];
770
0
      rk[ 9] = rk[ 3] ^ rk[ 8];
771
0
      if (++i == 8) {
772
0
        return 12;
773
0
      }
774
0
      rk[10] = rk[ 4] ^ rk[ 9];
775
0
      rk[11] = rk[ 5] ^ rk[10];
776
0
      rk += 6;
777
0
    }
778
0
  }
779
0
  rk[6] = GETU32(cipherKey + 24);
780
0
  rk[7] = GETU32(cipherKey + 28);
781
0
  if (keyBits == 256) {
782
0
    for (;;) {
783
0
      temp = rk[ 7];
784
0
      rk[ 8] = rk[ 0] ^
785
0
        (Te4[(temp >> 16) & 0xff] & 0xff000000) ^
786
0
        (Te4[(temp >>  8) & 0xff] & 0x00ff0000) ^
787
0
        (Te4[(temp      ) & 0xff] & 0x0000ff00) ^
788
0
        (Te4[(temp >> 24)       ] & 0x000000ff) ^
789
0
        rcon[i];
790
0
      rk[ 9] = rk[ 1] ^ rk[ 8];
791
0
      rk[10] = rk[ 2] ^ rk[ 9];
792
0
      rk[11] = rk[ 3] ^ rk[10];
793
0
      if (++i == 7) {
794
0
        return 14;
795
0
      }
796
0
      temp = rk[11];
797
0
      rk[12] = rk[ 4] ^
798
0
        (Te4[(temp >> 24)       ] & 0xff000000) ^
799
0
        (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
800
0
        (Te4[(temp >>  8) & 0xff] & 0x0000ff00) ^
801
0
        (Te4[(temp      ) & 0xff] & 0x000000ff);
802
0
      rk[13] = rk[ 5] ^ rk[12];
803
0
      rk[14] = rk[ 6] ^ rk[13];
804
0
          rk[15] = rk[ 7] ^ rk[14];
805
0
      rk += 8;
806
0
    }
807
0
  }
808
0
  return 0;
809
0
}
810
811
#ifdef NEED_RIJNDAEL_DECRYPT
812
813
/**
814
 * Expand the cipher key into the decryption key schedule.
815
 *
816
 * @return  the number of rounds for the given cipher key size.
817
 */
818
int
819
rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits)
820
{
821
  int Nr, i, j;
822
  u32 temp;
823
824
  /* expand the cipher key: */
825
  Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
826
827
  /* invert the order of the round keys: */
828
  for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {
829
    temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
830
    temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
831
    temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
832
    temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
833
  }
834
  /* apply the inverse MixColumn transform to all round keys but the first and the last: */
835
  for (i = 1; i < Nr; i++) {
836
    rk += 4;
837
    rk[0] =
838
      Td0[Te4[(rk[0] >> 24)       ] & 0xff] ^
839
      Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^
840
      Td2[Te4[(rk[0] >>  8) & 0xff] & 0xff] ^
841
      Td3[Te4[(rk[0]      ) & 0xff] & 0xff];
842
    rk[1] =
843
      Td0[Te4[(rk[1] >> 24)       ] & 0xff] ^
844
      Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^
845
      Td2[Te4[(rk[1] >>  8) & 0xff] & 0xff] ^
846
      Td3[Te4[(rk[1]      ) & 0xff] & 0xff];
847
    rk[2] =
848
      Td0[Te4[(rk[2] >> 24)       ] & 0xff] ^
849
      Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^
850
      Td2[Te4[(rk[2] >>  8) & 0xff] & 0xff] ^
851
      Td3[Te4[(rk[2]      ) & 0xff] & 0xff];
852
    rk[3] =
853
      Td0[Te4[(rk[3] >> 24)       ] & 0xff] ^
854
      Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^
855
      Td2[Te4[(rk[3] >>  8) & 0xff] & 0xff] ^
856
      Td3[Te4[(rk[3]      ) & 0xff] & 0xff];
857
  }
858
  return Nr;
859
}
860
861
#endif /* NEED_RIJNDAEL_DECRYPT */
862
863
void
864
rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16],
865
    u8 ct[16])
866
0
{
867
0
  u32 s0, s1, s2, s3, t0, t1, t2, t3;
868
0
#ifndef FULL_UNROLL
869
0
    int r;
870
0
#endif /* ?FULL_UNROLL */
871
0
872
0
    /*
873
0
   * map byte array block to cipher state
874
0
   * and add initial round key:
875
0
   */
876
0
  s0 = GETU32(pt     ) ^ rk[0];
877
0
  s1 = GETU32(pt +  4) ^ rk[1];
878
0
  s2 = GETU32(pt +  8) ^ rk[2];
879
0
  s3 = GETU32(pt + 12) ^ rk[3];
880
0
#ifdef FULL_UNROLL
881
    /* round 1: */
882
    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
883
    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
884
    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
885
    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
886
    /* round 2: */
887
    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
888
    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
889
    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
890
    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
891
    /* round 3: */
892
    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
893
    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
894
    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
895
    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
896
    /* round 4: */
897
    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
898
    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
899
    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
900
    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
901
    /* round 5: */
902
    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
903
    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
904
    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
905
    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
906
    /* round 6: */
907
    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
908
    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
909
    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
910
    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
911
    /* round 7: */
912
    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
913
    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
914
    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
915
    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
916
    /* round 8: */
917
    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
918
    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
919
    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
920
    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
921
    /* round 9: */
922
    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
923
    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
924
    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
925
    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
926
    if (Nr > 10) {
927
  /* round 10: */
928
  s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
929
  s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
930
  s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
931
  s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
932
  /* round 11: */
933
  t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
934
  t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
935
  t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
936
  t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
937
  if (Nr > 12) {
938
      /* round 12: */
939
      s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
940
      s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
941
      s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
942
      s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
943
      /* round 13: */
944
      t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
945
      t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
946
      t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
947
      t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
948
  }
949
    }
950
    rk += Nr << 2;
951
#else  /* !FULL_UNROLL */
952
0
    /*
953
0
   * Nr - 1 full rounds:
954
0
   */
955
0
    r = Nr >> 1;
956
0
    for (;;) {
957
0
  t0 =
958
0
      Te0[(s0 >> 24)       ] ^
959
0
      Te1[(s1 >> 16) & 0xff] ^
960
0
      Te2[(s2 >>  8) & 0xff] ^
961
0
      Te3[(s3      ) & 0xff] ^
962
0
      rk[4];
963
0
  t1 =
964
0
      Te0[(s1 >> 24)       ] ^
965
0
      Te1[(s2 >> 16) & 0xff] ^
966
0
      Te2[(s3 >>  8) & 0xff] ^
967
0
      Te3[(s0      ) & 0xff] ^
968
0
      rk[5];
969
0
  t2 =
970
0
      Te0[(s2 >> 24)       ] ^
971
0
      Te1[(s3 >> 16) & 0xff] ^
972
0
      Te2[(s0 >>  8) & 0xff] ^
973
0
      Te3[(s1      ) & 0xff] ^
974
0
      rk[6];
975
0
  t3 =
976
0
      Te0[(s3 >> 24)       ] ^
977
0
      Te1[(s0 >> 16) & 0xff] ^
978
0
      Te2[(s1 >>  8) & 0xff] ^
979
0
      Te3[(s2      ) & 0xff] ^
980
0
      rk[7];
981
0
982
0
  rk += 8;
983
0
  if (--r == 0) {
984
0
      break;
985
0
  }
986
0
987
0
  s0 =
988
0
      Te0[(t0 >> 24)       ] ^
989
0
      Te1[(t1 >> 16) & 0xff] ^
990
0
      Te2[(t2 >>  8) & 0xff] ^
991
0
      Te3[(t3      ) & 0xff] ^
992
0
      rk[0];
993
0
  s1 =
994
0
      Te0[(t1 >> 24)       ] ^
995
0
      Te1[(t2 >> 16) & 0xff] ^
996
0
      Te2[(t3 >>  8) & 0xff] ^
997
0
      Te3[(t0      ) & 0xff] ^
998
0
      rk[1];
999
0
  s2 =
1000
0
      Te0[(t2 >> 24)       ] ^
1001
0
      Te1[(t3 >> 16) & 0xff] ^
1002
0
      Te2[(t0 >>  8) & 0xff] ^
1003
0
      Te3[(t1      ) & 0xff] ^
1004
0
      rk[2];
1005
0
  s3 =
1006
0
      Te0[(t3 >> 24)       ] ^
1007
0
      Te1[(t0 >> 16) & 0xff] ^
1008
0
      Te2[(t1 >>  8) & 0xff] ^
1009
0
      Te3[(t2      ) & 0xff] ^
1010
0
      rk[3];
1011
0
    }
1012
0
#endif /* ?FULL_UNROLL */
1013
0
    /*
1014
0
   * apply last round and
1015
0
   * map cipher state to byte array block:
1016
0
   */
1017
0
  s0 =
1018
0
    (Te4[(t0 >> 24)       ] & 0xff000000) ^
1019
0
    (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1020
0
    (Te4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
1021
0
    (Te4[(t3      ) & 0xff] & 0x000000ff) ^
1022
0
    rk[0];
1023
0
  PUTU32(ct     , s0);
1024
0
  s1 =
1025
0
    (Te4[(t1 >> 24)       ] & 0xff000000) ^
1026
0
    (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1027
0
    (Te4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
1028
0
    (Te4[(t0      ) & 0xff] & 0x000000ff) ^
1029
0
    rk[1];
1030
0
  PUTU32(ct +  4, s1);
1031
0
  s2 =
1032
0
    (Te4[(t2 >> 24)       ] & 0xff000000) ^
1033
0
    (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1034
0
    (Te4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
1035
0
    (Te4[(t1      ) & 0xff] & 0x000000ff) ^
1036
0
    rk[2];
1037
0
  PUTU32(ct +  8, s2);
1038
0
  s3 =
1039
0
    (Te4[(t3 >> 24)       ] & 0xff000000) ^
1040
0
    (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1041
0
    (Te4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
1042
0
    (Te4[(t2      ) & 0xff] & 0x000000ff) ^
1043
0
    rk[3];
1044
0
  PUTU32(ct + 12, s3);
1045
0
}
1046
1047
#ifdef NEED_RIJNDAEL_DECRYPT
1048
1049
static void
1050
rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16],
1051
    u8 pt[16])
1052
{
1053
  u32 s0, s1, s2, s3, t0, t1, t2, t3;
1054
#ifndef FULL_UNROLL
1055
    int r;
1056
#endif /* ?FULL_UNROLL */
1057
1058
    /*
1059
   * map byte array block to cipher state
1060
   * and add initial round key:
1061
   */
1062
    s0 = GETU32(ct     ) ^ rk[0];
1063
    s1 = GETU32(ct +  4) ^ rk[1];
1064
    s2 = GETU32(ct +  8) ^ rk[2];
1065
    s3 = GETU32(ct + 12) ^ rk[3];
1066
#ifdef FULL_UNROLL
1067
    /* round 1: */
1068
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
1069
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
1070
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
1071
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
1072
    /* round 2: */
1073
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
1074
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
1075
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
1076
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
1077
    /* round 3: */
1078
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
1079
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
1080
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
1081
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
1082
    /* round 4: */
1083
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
1084
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
1085
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
1086
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
1087
    /* round 5: */
1088
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
1089
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
1090
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
1091
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
1092
    /* round 6: */
1093
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
1094
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
1095
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
1096
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
1097
    /* round 7: */
1098
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
1099
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
1100
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
1101
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
1102
    /* round 8: */
1103
    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
1104
    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
1105
    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
1106
    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
1107
    /* round 9: */
1108
    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
1109
    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
1110
    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
1111
    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
1112
    if (Nr > 10) {
1113
  /* round 10: */
1114
  s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
1115
  s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
1116
  s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
1117
  s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
1118
  /* round 11: */
1119
  t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
1120
  t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
1121
  t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
1122
  t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
1123
  if (Nr > 12) {
1124
      /* round 12: */
1125
      s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
1126
      s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
1127
      s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
1128
      s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
1129
      /* round 13: */
1130
      t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
1131
      t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
1132
      t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
1133
      t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
1134
  }
1135
    }
1136
  rk += Nr << 2;
1137
#else  /* !FULL_UNROLL */
1138
    /*
1139
     * Nr - 1 full rounds:
1140
     */
1141
    r = Nr >> 1;
1142
    for (;;) {
1143
  t0 =
1144
      Td0[(s0 >> 24)       ] ^
1145
      Td1[(s3 >> 16) & 0xff] ^
1146
      Td2[(s2 >>  8) & 0xff] ^
1147
      Td3[(s1      ) & 0xff] ^
1148
      rk[4];
1149
  t1 =
1150
      Td0[(s1 >> 24)       ] ^
1151
      Td1[(s0 >> 16) & 0xff] ^
1152
      Td2[(s3 >>  8) & 0xff] ^
1153
      Td3[(s2      ) & 0xff] ^
1154
      rk[5];
1155
  t2 =
1156
      Td0[(s2 >> 24)       ] ^
1157
      Td1[(s1 >> 16) & 0xff] ^
1158
      Td2[(s0 >>  8) & 0xff] ^
1159
      Td3[(s3      ) & 0xff] ^
1160
      rk[6];
1161
  t3 =
1162
      Td0[(s3 >> 24)       ] ^
1163
      Td1[(s2 >> 16) & 0xff] ^
1164
      Td2[(s1 >>  8) & 0xff] ^
1165
      Td3[(s0      ) & 0xff] ^
1166
      rk[7];
1167
1168
  rk += 8;
1169
  if (--r == 0) {
1170
      break;
1171
  }
1172
1173
  s0 =
1174
      Td0[(t0 >> 24)       ] ^
1175
      Td1[(t3 >> 16) & 0xff] ^
1176
      Td2[(t2 >>  8) & 0xff] ^
1177
      Td3[(t1      ) & 0xff] ^
1178
      rk[0];
1179
  s1 =
1180
      Td0[(t1 >> 24)       ] ^
1181
      Td1[(t0 >> 16) & 0xff] ^
1182
      Td2[(t3 >>  8) & 0xff] ^
1183
      Td3[(t2      ) & 0xff] ^
1184
      rk[1];
1185
  s2 =
1186
      Td0[(t2 >> 24)       ] ^
1187
      Td1[(t1 >> 16) & 0xff] ^
1188
      Td2[(t0 >>  8) & 0xff] ^
1189
      Td3[(t3      ) & 0xff] ^
1190
      rk[2];
1191
  s3 =
1192
      Td0[(t3 >> 24)       ] ^
1193
      Td1[(t2 >> 16) & 0xff] ^
1194
      Td2[(t1 >>  8) & 0xff] ^
1195
      Td3[(t0      ) & 0xff] ^
1196
      rk[3];
1197
    }
1198
#endif /* ?FULL_UNROLL */
1199
    /*
1200
   * apply last round and
1201
   * map cipher state to byte array block:
1202
   */
1203
    s0 =
1204
      (Td4[(t0 >> 24)       ] & 0xff000000) ^
1205
      (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^
1206
      (Td4[(t2 >>  8) & 0xff] & 0x0000ff00) ^
1207
      (Td4[(t1      ) & 0xff] & 0x000000ff) ^
1208
      rk[0];
1209
  PUTU32(pt     , s0);
1210
    s1 =
1211
      (Td4[(t1 >> 24)       ] & 0xff000000) ^
1212
      (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^
1213
      (Td4[(t3 >>  8) & 0xff] & 0x0000ff00) ^
1214
      (Td4[(t2      ) & 0xff] & 0x000000ff) ^
1215
      rk[1];
1216
  PUTU32(pt +  4, s1);
1217
    s2 =
1218
      (Td4[(t2 >> 24)       ] & 0xff000000) ^
1219
      (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^
1220
      (Td4[(t0 >>  8) & 0xff] & 0x0000ff00) ^
1221
      (Td4[(t3      ) & 0xff] & 0x000000ff) ^
1222
      rk[2];
1223
  PUTU32(pt +  8, s2);
1224
    s3 =
1225
      (Td4[(t3 >> 24)       ] & 0xff000000) ^
1226
      (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^
1227
      (Td4[(t1 >>  8) & 0xff] & 0x0000ff00) ^
1228
      (Td4[(t0      ) & 0xff] & 0x000000ff) ^
1229
      rk[3];
1230
  PUTU32(pt + 12, s3);
1231
}
1232
1233
#endif /* NEED_RIJNDAEL_DECRYPT */
1234
1235
#ifdef NEED_RIJNDAEL_WRAPPERS
1236
1237
/* setup key context for encryption only */
1238
int
1239
rijndael_set_key_enc_only(rijndael_ctx *ctx, const unsigned char *key, int bits)
1240
{
1241
  int rounds;
1242
1243
  rounds = rijndaelKeySetupEnc(ctx->ek, key, bits);
1244
  if (rounds == 0)
1245
    return -1;
1246
1247
  ctx->Nr = rounds;
1248
  ctx->enc_only = 1;
1249
1250
  return 0;
1251
}
1252
1253
/* setup key context for both encryption and decryption */
1254
int
1255
rijndael_set_key(rijndael_ctx *ctx, const unsigned char *key, int bits)
1256
{
1257
  int rounds;
1258
1259
  rounds = rijndaelKeySetupEnc(ctx->ek, key, bits);
1260
  if (rounds == 0)
1261
    return -1;
1262
  if (rijndaelKeySetupDec(ctx->dk, key, bits) != rounds)
1263
    return -1;
1264
1265
  ctx->Nr = rounds;
1266
  ctx->enc_only = 0;
1267
1268
  return 0;
1269
}
1270
1271
void
1272
rijndael_decrypt(rijndael_ctx *ctx, const unsigned char *src, unsigned char *dst)
1273
{
1274
  rijndaelDecrypt(ctx->dk, ctx->Nr, src, dst);
1275
}
1276
1277
void
1278
rijndael_encrypt(rijndael_ctx *ctx, const unsigned char *src, unsigned char *dst)
1279
{
1280
  rijndaelEncrypt(ctx->ek, ctx->Nr, src, dst);
1281
}
1282
1283
#endif /* NEED_RIJNDAEL_WRAPPERS */