AES加密C语言实现代码.doc

#define bpoly 0x1b /! lower 8 bits of (x8+x4+x3+x+1), ie. (x4+x3+x+1).#define blocksize 16 /! block size in number of bytes.#define key_count 3#if key_count = 1 #define keybits 128 /! use aes128.#elif key_count = 2 #define keybits 192 /! use aes196.#elif key_count = 3 #define keybits 256 /! use aes256.#else #error use 1, 2 or 3 keys!#endif#if keybits = 128 #define rounds 10 /! number of rounds. #define keylength 16 /! key length in number of bytes.#elif keybits = 192 #define rounds 12 /! number of rounds. #define keylength 24 /! / key length in number of bytes.#elif keybits = 256 #define rounds 14 /! number of rounds. #define keylength 32 /! key length in number of bytes.#else #error key must be 128, 192 or 256 bits!#endif#define expanded_key_size (blocksize * (rounds+1) /! 176, 208 or 240 bytes.unsigned char aes_key_table32 = 0xd0, 0x94, 0x3f, 0x8c, 0x29, 0x76, 0x15, 0xd8, 0x20, 0x40, 0xe3, 0x27, 0x45, 0xd8, 0x48, 0xad, 0xea, 0x8b, 0x2a, 0x73, 0x16, 0xe9, 0xb0, 0x49, 0x45, 0xb3, 0x39, 0x28, 0x0a, 0xc3, 0x28, 0x3c,;unsigned char block1256; /! workspace 1.unsigned char block2256; /! worksapce 2.unsigned char tempbuf256;unsigned char *powtbl; /! final location of exponentiation lookup table.unsigned char *logtbl; /! final location of logarithm lookup table.unsigned char *sbox; /! final location of s-box.unsigned char *sboxinv; /! final location of inverse s-box.unsigned char *expandedkey; /! final location of expanded key.void calcpowlog(unsigned char *powtbl, unsigned char *logtbl)unsigned char i = 0;unsigned char t = 1;do / use 0x03 as root for exponentiation and logarithms.powtbli = t;logtblt = i;i+;/ muliply t by 3 in gf(28).t = (t 1) (t & 0x80 ? bpoly : 0);while( t != 1 ); / cyclic properties ensure that i 0 ) temp = powtbl 255 - logtbli ; else temp = 0;/ affine transformation in gf(2).result = temp 0x63; / start with adding a vector in gf(2).for( rot = 0; rot 4; rot+ )/ rotate left.temp = (temp7);/ add rotated byte in gf(2).result = temp;/ put result in table.sboxi = result; while( +i != 0 );void calcsboxinv( unsigned char * sbox, unsigned char * sboxinv )unsigned char i = 0;unsigned char j = 0;/ iterate through all elements in sboxinv using i.do / search through sbox using j.do / check if current j is the inverse of current i.if( sbox j = i )/ if so, set sboxinc and indicate search finished.sboxinv i = j;j = 255; while( +j != 0 ); while( +i != 0 );void cycleleft( unsigned char * row )/ cycle 4 bytes in an array left once.unsigned char temp = row0;row0 = row1;row1 = row2;row2 = row3;row3 = temp;void invmixcolumn( unsigned char * column )unsigned char r0, r1, r2, r3;r0 = column1 column2 column3;r1 = column0 column2 column3;r2 = column0 column1 column3;r3 = column0 column1 column2;column0 = (column0 1) (column0 & 0x80 ? bpoly : 0);column1 = (column1 1) (column1 & 0x80 ? bpoly : 0);column2 = (column2 1) (column2 & 0x80 ? bpoly : 0);column3 = (column3 1) (column3 & 0x80 ? bpoly : 0);r0 = column0 column1;r1 = column1 column2;r2 = column2 column3;r3 = column0 column3;column0 = (column0 1) (column0 & 0x80 ? bpoly : 0);column1 = (column1 1) (column1 & 0x80 ? bpoly : 0);column2 = (column2 1) (column2 & 0x80 ? bpoly : 0);column3 = (column3 1) (column3 & 0x80 ? bpoly : 0);r0 = column0 column2;r1 = column1 column3;r2 = column0 column2;r3 = column1 column3;column0 = (column0 1) (column0 & 0x80 ? bpoly : 0);column1 = (column1 1) (column1 & 0x80 ? bpoly : 0);column2 = (column2 1) (column2 & 0x80 ? bpoly : 0);column3 = (column3 1) (column3 & 0x80 ? bpoly : 0);column0 = column1 column2 column3;r0 = column0;r1 = column0;r2 = column0;r3 = column0;column0 = r0;column1 = r1;column2 = r2;column3 = r3;void subbytes( unsigned char * bytes, unsigned char count )do *bytes = sbox *bytes ; / substitute every byte in state.bytes+; while( -count );void invsubbytesandxor( unsigned char * bytes, unsigned char * key, unsigned char count )do / *bytes = sboxinv *bytes *key; / inverse substitute every byte in state and add key.*bytes = block2 *bytes *key; / use block2 directly. increases speed.bytes+;key+; while( -count );void invshiftrows( unsigned char * state )unsigned char temp;/ note: state is arranged column by column./ cycle second row right one time.temp = state 1 + 3*4 ;state 1 + 3*4 = state 1 + 2*4 ;state 1 + 2*4 = state 1 + 1*4 ;state 1 + 1*4 = state 1 + 0*4 ;state 1 + 0*4 = temp;/ cycle third row right two times.temp = state 2 + 0*4 ;state 2 + 0*4 = state 2 + 2*4 ;state 2 + 2*4 = temp;temp = state 2 + 1*4 ;state 2 + 1*4 = state 2 + 3*4 ;state 2 + 3*4 = temp;/ cycle fourth row right three times, ie. left once.temp = state 3 + 0*4 ;state 3 + 0*4 = state 3 + 1*4 ;state 3 + 1*4 = state 3 + 2*4 ;state 3 + 2*4 = state 3 + 3*4 ;state 3 + 3*4 = temp;void invmixcolumns( unsigned char * state )invmixcolumn( state + 0*4 );invmixcolumn( state + 1*4 );invmixcolumn( state + 2*4 );invmixcolumn( state + 3*4 );void xorbytes( unsigned char * bytes1, unsigned char * bytes2, unsigned char count )do *bytes1 = *bytes2; / add in gf(2), ie. xor.bytes1+;bytes2+; while( -count );void copybytes( unsigned char * to, unsigned char * from, unsigned char count )do *to = *from;to+;from+; while( -count );void keyexpansion( unsigned char * expandedkey )unsigned char temp4;unsigned char i;unsigned char rcon4 = 0x01, 0x00, 0x00, 0x00 ; / round constant.unsigned char * key = aes_key_table;/ copy key to start of expanded key.i = keylength;do *expandedkey = *key;expandedkey+;key+; while( -i );/ prepare last 4 bytes of key in temp.expandedkey -= 4;temp0 = *(expandedkey+);temp1 = *(expandedkey+);temp2 = *(expandedkey+);temp3 = *(expandedkey+);/ expand key.i = keylength;while( i blocksize*(rounds+1) ) / are we at the start of a multiple of the key size?if( (i % keylength) = 0 )cycleleft( temp ); / cycle left once.subbytes( temp, 4 ); / substitute each byte.xorbytes( temp, rcon, 4 ); / add constant in gf(2).*rcon = (*rcon 24/ are we right past a block size?else if( (i % keylength) = blocksize ) subbytes( temp, 4 ); / substitute each byte.#endif/ add bytes in gf(2) one keylength away.xorbytes( temp, expandedkey - keylength, 4 );/ copy result to current 4 bytes.*(expandedkey+) = temp 0 ;*(expandedkey+) = temp 1 ;*(expandedkey+) = temp 2 ;*(expandedkey+) = temp 3 ;i += 4; / next 4 bytes.void invcipher( unsigned char * block, unsigned char * expandedkey )unsigned char round = rounds-1;expandedkey += blocksize * rounds;xorbytes( block, expandedkey, 16 );expandedkey -= blocksize;do invshiftrows( block );invsubbytesandxor( block, expandedkey, 16 );expandedkey -= blocksize;invmixcolumns( block ); while( -round );invshiftrows( block );invsubbytesandxor( block, expandedkey, 16 );void aesdecinit(void)powtbl = block1;logtbl = block2;calcpowlog( powtbl, logtbl );sbox = tempbuf;calcsbox( sbox );expandedkey = block1;keyexpansion( expandedkey );sboxinv = block2; / must be block2.calcsboxinv( sbox, sboxinv );void aesdecrypt( unsigned char * buffer, unsigned char * chainblock )unsigned char temp blocksize ;copybytes( temp, buffer, blocksize );invcipher( buffer, expandedkey );xorbytes( buffer, chainblock, blocksize );copybytes( chainblock, temp, blocksize );unsigned char multiply( unsigned char num, unsigned char factor )unsigned char mask = 1;unsigned char result = 0;while( mask != 0 ) / check bit of factor given by mask.if( mask & factor ) / add current multiple of num in gf(2). result = num;/ shift mask to indicate next bit.mask = 1;/ double num.num = (num 1) (num & 0x80 ? bpoly : 0);return result;unsigned char dotproduct( unsigned char * vector1, unsigned char * vector2 )unsigned char result = 0;result = multiply( *vector1+, *vector2+ );result = multiply( *vector1+, *vector2+ );result = multiply( *vector1+, *vector2+ );result = multiply( *vector1 , *vector2 );return result;void mixcolumn( unsigned char * column )unsigned char row8 = 0x02, 0x03, 0x01, 0x01, 0x02, 0x03, 0x01, 0x01; / prepare first row of matrix twice, to eliminate need for cycling.unsigned char result4;/ take dot products of each matrix row and the column vector.result0 = dotproduct( row+0, column );result1 = dotproduct( row+3, column );result2 = dotproduct( row+2, column );result3 = dotproduct( row+1, column );/ copy temporary result to original column.column0 = result0;column1 = result1;column2 = result2;column3 = result3;void mixcolumns( unsigned char * state )mixcolumn( state + 0*4 );mixcolumn( state + 1*4 );mixcolumn( state + 2*4 );mixcolumn( state + 3*4 );void shiftrows( unsigned char * state )unsigned char temp;/ note: state is arranged column by column./ cycle second row left one time.temp = state 1 + 0*4 ;state 1 + 0*4 = state 1 + 1*4 ;state 1 + 1*4 = state 1 + 2*4 ;state 1 + 2*4 = state 1 + 3*4 ;state 1 + 3*4 = temp;/ cycle third row left two times.temp = state 2 + 0*4 ;state 2 + 0*4 = state 2 + 2*4 ;state 2 + 2*4 = temp;temp = state 2 + 1*4 ;state 2 + 1*4 = state 2 + 3*4 ;state 2 + 3*4 = temp;/ cycle fourth row left three times, ie. right once.temp = state 3 + 3*4 ;state 3 + 3*4 = state 3 + 2*4 ;state 3 + 2*4 = state 3 + 1*4 ;state 3 + 1*4 = state 3 + 0*4 ;state 3 + 0*4 = temp;void cipher( unsigned char * block, unsigned char * expandedkey )unsigned char round = rounds-1;xorbytes( block, expandedkey, 16 );expandedkey += blocksize;do subbytes( block, 16 );shiftrows( block );mixcolumns( block );xorbytes( block, expandedkey, 16 );expandedkey += blocksize; while( -round );subbytes( block, 16 );shiftrows( b