1(************************************************************************* 2 Include file for AES_DECR.PAS - AES_Decrypt for BIT32/Compressed tables 3 4 Version Date Author Modification 5 ------- -------- ------- ------------------------------------------ 6 0.10 09.07.06 W.Ehrhardt Initial version for compressed tables 7 0.11 09.07.06 we Removed AES_LONGBOX code 8 0.12 13.07.06 we Uses TCd box byte instead of InvSBox 9**************************************************************************) 10 11(**** (C) Copyright 2002-2006 Wolfgang Ehrhardt -- see copying_we.txt ****) 12 13 14{---------------------------------------------------------------------------} 15procedure AES_Decrypt(var ctx: TAESContext; const BI: TAESBlock; var BO: TAESBlock); 16 {-decrypt one block (in ECB mode)} 17var 18 r: integer; {round loop countdown counter} 19 pK: PWA4; {pointer to loop rount key } 20 s0,s1,s2,s3: longint; {TAESBlock s as separate variables} 21 t: TWA4; 22begin 23 24 {Setup key pointer} 25 pK := PWA4(@ctx.RK[ctx.Rounds]); 26 27 {Initialize with input block} 28 s0 := TWA4(BI)[0] xor pK^[0]; 29 s1 := TWA4(BI)[1] xor pK^[1]; 30 s2 := TWA4(BI)[2] xor pK^[2]; 31 s3 := TWA4(BI)[3] xor pK^[3]; 32 33 dec(pK); 34 {perform encryption rounds} 35 for r:=1 to ctx.Rounds-1 do begin 36 t[3] := Td[s3 and $ff].D0.L xor Td[s2 shr 8 and $ff].D1.L xor Td[s1 shr 16 and $ff].D2.L xor Td[s0 shr 24].D3.L xor pK^[3]; 37 t[2] := Td[s2 and $ff].D0.L xor Td[s1 shr 8 and $ff].D1.L xor Td[s0 shr 16 and $ff].D2.L xor Td[s3 shr 24].D3.L xor pK^[2]; 38 t[1] := Td[s1 and $ff].D0.L xor Td[s0 shr 8 and $ff].D1.L xor Td[s3 shr 16 and $ff].D2.L xor Td[s2 shr 24].D3.L xor pK^[1]; 39 s0 := Td[s0 and $ff].D0.L xor Td[s3 shr 8 and $ff].D1.L xor Td[s2 shr 16 and $ff].D2.L xor Td[s1 shr 24].D3.L xor pK^[0]; 40 s1 := t[1]; 41 s2 := t[2]; 42 s3 := t[3]; 43 dec(pK); 44 end; 45 46 {Uses InvSbox byte from Td and shl, needs type cast longint() for 16 bit compilers} 47 TWA4(BO)[0] := (longint(Td[s0 and $ff].D0.box) xor 48 longint(Td[s3 shr 8 and $ff].D0.box) shl 8 xor 49 longint(Td[s2 shr 16 and $ff].D0.box) shl 16 xor 50 longint(Td[s1 shr 24 ].D0.box) shl 24 ) xor pK^[0]; 51 TWA4(BO)[1] := (longint(Td[s1 and $ff].D0.box) xor 52 longint(Td[s0 shr 8 and $ff].D0.box) shl 8 xor 53 longint(Td[s3 shr 16 and $ff].D0.box) shl 16 xor 54 longint(Td[s2 shr 24 ].D0.box) shl 24 ) xor pK^[1]; 55 TWA4(BO)[2] := (longint(Td[s2 and $ff ].D0.box) xor 56 longint(Td[s1 shr 8 and $ff].D0.box) shl 8 xor 57 longint(Td[s0 shr 16 and $ff].D0.box) shl 16 xor 58 longint(Td[s3 shr 24 ].D0.box) shl 24 ) xor pK^[2]; 59 TWA4(BO)[3] := (longint(Td[s3 and $ff ].D0.box) xor 60 longint(Td[s2 shr 8 and $ff].D0.box) shl 8 xor 61 longint(Td[s1 shr 16 and $ff].D0.box) shl 16 xor 62 longint(Td[s0 shr 24 ].D0.box) shl 24 ) xor pK^[3]; 63 64end; 65 66 67{---------------------------------------------------------------------------} 68procedure MakeDecrKey(var ctx: TAESContext); 69 {-Calculate decryption key from encryption key} 70var 71 i: integer; 72 p: PLong; 73 x: longint; 74begin 75 p := PLong(@ctx.RK[1]); 76 for i:=1 to 4*(ctx.Rounds-1) do begin 77 x := p^; 78 p^ := Td[SBox[x shr 24]].D3.L xor Td[SBox[x shr 16 and $ff]].D2.L xor 79 Td[SBox[x shr 8 and $ff]].D1.L xor Td[SBox[x and $ff]].D0.L; 80 inc(p); 81 end; 82end; 83 84