big bug fixed, still some problems with flow control

[avr-crypto-lib.git] / aes_keyschedule.c

diff --git a/aes_keyschedule.c b/aes_keyschedule.c
index 59b7bf43704bba261f8e492bec5f4cd4f2a81f40..9e58eb578320de6ae738aa34cad0b521d487fb3a 100644 (file)
--- a/aes_keyschedule.c
+++ b/aes_keyschedule.c
@@ -1,7 +1,7 @@
 /* aes_keyschedule.c */
 /*
-    This file is part of the Crypto-avr-lib/microcrypt-lib.
-    Copyright (C) 2008  Daniel Otte (daniel.otte@rub.de)
+    This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2008, 2009  Daniel Otte (daniel.otte@rub.de)
 
     This program is free software: you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -26,7 +26,6 @@
  */
 
 #include <stdint.h>
-#include "gf256mul.h"
 #include "aes.h"
 #include "aes_keyschedule.h"
 #include "aes_sbox.h"
@@ -43,53 +42,40 @@ void aes_rotword(void* a){
        ((uint8_t*)a)[3] = t;
 }
 
-#include "uart.h"
+uint8_t rc_tab[] PROGMEM = { 0x01, 0x02, 0x04, 0x08,
+                             0x10, 0x20, 0x40, 0x80,
+                             0x1b, 0x36 };
 
 void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx){
-       uint8_t hi,i,nk;
-       uint8_t rc=1;
+       uint8_t hi,i,nk, next_nk;
+       uint8_t rc=0;
        uint8_t tmp[4];
-       nk=keysize_b/32;
+       nk=keysize_b>>5; /* 4, 6, 8 */
        hi=4*(nk+6+1);
        memcpy(ctx, key, keysize_b/8);
-       i=keysize_b/32;
+       next_nk = nk;
        for(i=nk;i<hi;++i){
                *((uint32_t*)tmp) = ((uint32_t*)(ctx->key[0].ks))[i-1];
-       //      uart_putstr_P(PSTR("\r\nDBG: tmp = "));
-       //      uart_hexdump(tmp, 4);
-               if(i%nk){
-                       if(nk>6 && i%nk==4){
+               if(i!=next_nk){
+                       if(nk==8 && i%8==4){
                                tmp[0] = pgm_read_byte(aes_sbox+tmp[0]);
                                tmp[1] = pgm_read_byte(aes_sbox+tmp[1]);
                                tmp[2] = pgm_read_byte(aes_sbox+tmp[2]);
                                tmp[3] = pgm_read_byte(aes_sbox+tmp[3]);
-       //                      uart_putstr_P(PSTR("\r\nDBG: after sub = "));
-       //                      uart_hexdump(tmp, 4);
                        }
                } else {
+                       next_nk += nk;
                        aes_rotword(tmp);
-       //              uart_putstr_P(PSTR("\r\nDBG: after rot = "));
-       //              uart_hexdump(tmp, 4);
                        tmp[0] = pgm_read_byte(aes_sbox+tmp[0]);
                        tmp[1] = pgm_read_byte(aes_sbox+tmp[1]);
                        tmp[2] = pgm_read_byte(aes_sbox+tmp[2]);
                        tmp[3] = pgm_read_byte(aes_sbox+tmp[3]);
-       //              uart_putstr_P(PSTR("\r\nDBG: after sub = "));
-       //              uart_hexdump(tmp, 4);
-                       tmp[0] ^= rc;
-       //              uart_putstr_P(PSTR("\r\nDBG: after xor RC = "));
-       //              uart_hexdump(tmp, 4);
-                       rc = gf256mul(2,rc,0x1b);
+                       tmp[0] ^= pgm_read_byte(rc_tab+rc);
+                       rc++;
                }
                ((uint32_t*)(ctx->key[0].ks))[i] = ((uint32_t*)(ctx->key[0].ks))[i-nk]
                                                   ^ *((uint32_t*)tmp);
        }
-       
-       uint8_t buffer[16];
-       for(i=0; i<nk+7; ++i){
-               memcpy(buffer, ctx->key[i].ks, 16);
-               aes_buffer2state(ctx->key[i].ks, buffer);
-       }
 }
 
 void aes128_init(const void* key, aes128_ctx_t* ctx){