1 /* aes-set-encrypt-key.c
3 * Key setup for the aes/rijndael block cipher.
6 /* nettle, low-level cryptographics library
8 * Copyright (C) 2000, 2001, 2002 Rafael R. Sevilla, Niels Möller
10 * The nettle library is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Lesser General Public License as published by
12 * the Free Software Foundation; either version 2.1 of the License, or (at your
13 * option) any later version.
15 * The nettle library is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
18 * License for more details.
20 * You should have received a copy of the GNU Lesser General Public License
21 * along with the nettle library; see the file COPYING.LIB. If not, write to
22 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
26 /* Originally written by Rafael R. Sevilla <dido@pacific.net.ph> */
34 #include "aes-internal.h"
51 aes_set_encrypt_key(struct aes_ctx *ctx,
52 unsigned keysize, const uint8_t *key)
54 unsigned nk, nr, i, lastkey;
57 assert(keysize >= AES_MIN_KEY_SIZE);
58 assert(keysize <= AES_MAX_KEY_SIZE);
60 /* Truncate keysizes to the valid key sizes provided by Rijndael */
64 } else if (keysize >= 24) {
67 } else { /* must be 16 or more */
72 lastkey = (AES_BLOCK_SIZE/4) * (nr + 1);
77 ctx->keys[i] = key[i*4] + (key[i*4+1]<<8) + (key[i*4+2]<<16) +
81 for (i=nk; i<lastkey; i++)
83 temp = ctx->keys[i-1];
86 temp = SUBBYTE(ROTBYTE(temp), aes_sbox) ^ rcon;
87 rcon = (uint32_t)xtime((uint8_t)rcon&0xff);
89 else if (nk > 6 && (i%nk) == 4)
91 temp = SUBBYTE(temp, aes_sbox);
93 ctx->keys[i] = ctx->keys[i-nk] ^ temp;