/* aes_keyschedule.c */
/*
    This file is part of the ARM-Crypto-Lib.
    Copyright (C) 2006-2010  Daniel Otte (daniel.otte@rub.de)

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
/**
 * \file     aes_keyschedule.c
 * \email    daniel.otte@rub.de
 * \author   Daniel Otte
 * \date     2008-12-30
 * \license  GPLv3 or later
 *
 */

#include <stdint.h>
#include <string.h>
#include "memxor.h"
#include "aes.h"
#include "aes_keyschedule.h"
#include "aes_sbox.h"

/*
static
void aes_rotword(void* a){
	uint8_t t;
	t=((uint8_t*)a)[0];
	((uint8_t*)a)[0] = ((uint8_t*)a)[1];
	((uint8_t*)a)[1] = ((uint8_t*)a)[2];
	((uint8_t*)a)[2] = ((uint8_t*)a)[3];
	((uint8_t*)a)[3] = t;
}
*/

const uint8_t rc_tab[] = {
	0x01, 0x02, 0x04, 0x08,
	0x10, 0x20, 0x40, 0x80,
	0x1b, 0x36 };

void aes_init(const void* key, uint16_t keysize_b, aes_genctx_t* ctx){
	uint8_t hi,i,nk, next_nk;
	uint8_t rc=0;
	union __attribute__((packed)) {
		uint32_t v32;
		uint8_t  v8[4];
	} tmp;
	nk = keysize_b >> 5; /* 4, 6, 8 */
	hi = 4 * (nk + 6 + 1);
	memcpy(ctx, key, keysize_b/8);
	next_nk = nk;
	for(i=nk; i<hi; ++i){
	/*	tmp.v32 = ((uint32_t*)(ctx->key[0].ks))[i-1]; */
		memcpy(tmp.v8, ctx->key[0].ks + (i - 1) * 4, 4);
		if(i != next_nk){
			if(nk == 8 && i % 8 == 4){
				tmp.v8[0] = aes_sbox[tmp.v8[0]];
				tmp.v8[1] = aes_sbox[tmp.v8[1]];
				tmp.v8[2] = aes_sbox[tmp.v8[2]];
				tmp.v8[3] = aes_sbox[tmp.v8[3]];
			}
		} else {
			next_nk += nk;
/*			aes_rotword(&(tmp.v32)); */
			tmp.v32 = (tmp.v32 >> 8) | (tmp.v32 << 24);
			tmp.v8[0] = aes_sbox[tmp.v8[0]];
			tmp.v8[1] = aes_sbox[tmp.v8[1]];
			tmp.v8[2] = aes_sbox[tmp.v8[2]];
			tmp.v8[3] = aes_sbox[tmp.v8[3]];
			tmp.v8[0] ^= rc_tab[rc];
			rc++;
		}
		memcpy(ctx->key[0].ks + 4 * i, ctx->key[0].ks + (i - nk) * 4, 4);
		memxor(ctx->key[0].ks + 4 * i, tmp.v8, 4);
/*
		((uint32_t*)(ctx->key[0].ks))[i] = ((uint32_t*)(ctx->key[0].ks))[i-nk]
		                                   ^ tmp.v32;
*/
	}
}

void aes128_init(const void* key, aes128_ctx_t* ctx){
	aes_init(key, 128, (aes_genctx_t*)ctx);
}

void aes192_init(const void* key, aes192_ctx_t* ctx){
	aes_init(key, 192, (aes_genctx_t*)ctx);
}

void aes256_init(const void* key, aes256_ctx_t* ctx){
	aes_init(key, 256, (aes_genctx_t*)ctx);
}