diff --git a/src/aes.rs b/src/aes.rs index eadefab..0966947 100644 --- a/src/aes.rs +++ b/src/aes.rs @@ -143,7 +143,6 @@ static RC: [u8; 11] = [ 0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36, ]; - fn clone_into_array(slice: &[T]) -> A where A: Default + AsMut<[T]>, @@ -273,6 +272,32 @@ fn mix_columns(state: &mut [[u8; 4]; 4]) { } } +fn inverse_mix_columns(state: &mut [[u8; 4]; 4]) { + for i in 0..4 { + let mut temp = [0u8; 4]; + for j in 0..4 { + temp[j] = state[j][i]; + } + + state[0][i] = galois_multiplication(temp[0], 14) + ^ galois_multiplication(temp[3], 9) + ^ galois_multiplication(temp[2], 13) + ^ galois_multiplication(temp[1], 11); + state[1][i] = galois_multiplication(temp[1], 14) + ^ galois_multiplication(temp[0], 9) + ^ galois_multiplication(temp[3], 13) + ^ galois_multiplication(temp[2], 11); + state[2][i] = galois_multiplication(temp[2], 14) + ^ galois_multiplication(temp[1], 9) + ^ galois_multiplication(temp[0], 13) + ^ galois_multiplication(temp[3], 11); + state[3][i] = galois_multiplication(temp[3], 14) + ^ galois_multiplication(temp[2], 9) + ^ galois_multiplication(temp[1], 13) + ^ galois_multiplication(temp[0], 11); + } +} + fn add_round_key(state: &mut [[u8; 4]; 4], key: &[[u8; 4]; 4]) { // for i in 0..4 { // for j in 0..4 { @@ -333,6 +358,39 @@ impl Aes { result } + fn decrypt_block(&self, block: &[u8; 16]) -> [u8; 16] { + let mut result = [0u8; 16]; + + let mut state = [[0u8; 4]; 4]; + for i in 0..16 { + state[i % 4][i / 4] = block[i]; + } + + add_round_key(&mut state, &clone_into_array(&self.expanded_key[40..44])); + inverse_shift_rows(&mut state); + inverse_substitute_state(&mut state); + + for i in (1..self.n_turn).rev() { + add_round_key( + &mut state, + &clone_into_array(&self.expanded_key[i * 4..(i + 1) * 4]), + ); + inverse_mix_columns(&mut state); + inverse_shift_rows(&mut state); + inverse_substitute_state(&mut state); + } + + add_round_key(&mut state, &clone_into_array(&self.expanded_key[0..4])); + + for i in 0..4 { + for j in 0..4 { + result[4 * j + i] = state[i][j] + } + } + + result + } + pub fn key_schedule(key_bytes: &[u8; 16]) -> [[u8; 4]; 44] { let mut original_key = [[0u8; 4]; 4]; let mut expanded_key = [[0u8; 4]; 44]; @@ -438,4 +496,23 @@ mod tests { ]; assert_eq!(ciphertext, expected_ciphertext); } + #[test] + fn decrypt_test() { + let ciphertext: [u8; 16] = [ + 0x39, 0x25, 0x84, 0x1d, 0x02, 0xdc, 0x09, 0xfb, 0xdc, 0x11, 0x85, 0x97, 0x19, 0x6a, + 0x0b, 0x32, + ]; + let key: [u8; 16] = [ + 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, + 0x4f, 0x3c, + ]; + let nturn = 10; + let aescipher = Aes::new(&key, &nturn); + let cleartext: [u8; 16] = aescipher.decrypt_block(&ciphertext); + let expected_cleartext: [u8; 16] = [ + 0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d, 0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, + 0x07, 0x34, + ]; + assert_eq!(cleartext, expected_cleartext); + } }