Go to the documentation of this file.
40 static const uint8_t
rcon[10] = {
41 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36
55 # define ROT(x, s) (((x) >> (s)) | ((x) << (32-(s))))
57 # define ROT(x, s) (((x) << (s)) | ((x) >> (32-(s))))
86 s0[0].u8[ 0] = box[
s0[1].u8[ 0]];
87 s0[0].u8[ 4] = box[
s0[1].u8[ 4]];
88 s0[0].u8[ 8] = box[
s0[1].u8[ 8]];
89 s0[0].u8[12] = box[
s0[1].u8[12]];
90 s1[0].u8[ 3] = box[
s1[1].u8[ 7]];
91 s1[0].u8[ 7] = box[
s1[1].u8[11]];
92 s1[0].u8[11] = box[
s1[1].u8[15]];
93 s1[0].u8[15] = box[
s1[1].u8[ 3]];
94 s0[0].u8[ 2] = box[
s0[1].u8[10]];
95 s0[0].u8[10] = box[
s0[1].u8[ 2]];
96 s0[0].u8[ 6] = box[
s0[1].u8[14]];
97 s0[0].u8[14] = box[
s0[1].u8[ 6]];
98 s3[0].u8[ 1] = box[
s3[1].u8[13]];
99 s3[0].u8[13] = box[
s3[1].u8[ 9]];
100 s3[0].u8[ 9] = box[
s3[1].u8[ 5]];
101 s3[0].u8[ 5] = box[
s3[1].u8[ 1]];
104 static inline int mix_core(uint32_t multbl[][256],
int a,
int b,
int c,
int d)
107 return multbl[0][
a] ^
ROT(multbl[0][
b], 8) ^
ROT(multbl[0][
c], 16) ^
ROT(multbl[0][
d], 24);
109 return multbl[0][
a] ^ multbl[1][
b] ^ multbl[2][
c] ^ multbl[3][
d];
123 uint32_t multbl[][256])
127 for (
r =
a->rounds - 1;
r > 0;
r--) {
128 mix(
a->state, multbl, 3 -
s, 1 +
s);
129 addkey(&
a->state[1], &
a->state[0], &
a->round_key[
r]);
136 int count, uint8_t *iv,
int rounds)
143 addkey_d(dst, &
a->state[0], &
a->round_key[0]);
152 int count, uint8_t *iv,
int rounds)
161 addkey_d(dst, &
a->state[0], &
a->round_key[0]);
168 int count, uint8_t *iv,
int decrypt)
170 a->crypt(
a, dst,
src, count, iv,
a->rounds);
174 const uint8_t *log8,
const uint8_t *alog8,
179 for (
i = 0;
i < 256;
i++) {
184 k = alog8[x + log8[
c[0]]];
185 l = alog8[x + log8[
c[1]]];
186 m = alog8[x + log8[
c[2]]];
187 n = alog8[x + log8[
c[3]]];
190 tbl[1][
i] =
ROT(tbl[0][
i], 8);
191 tbl[2][
i] =
ROT(tbl[0][
i], 16);
192 tbl[3][
i] =
ROT(tbl[0][
i], 24);
201 int i, j, t, rconpointer = 0;
203 int KC = key_bits >> 5;
212 for (
i = 0;
i < 255;
i++) {
213 alog8[
i] = alog8[
i + 255] = j;
219 for (
i = 0;
i < 256;
i++) {
220 j =
i ? alog8[255 - log8[
i]] : 0;
221 j ^= (j << 1) ^ (j << 2) ^ (j << 3) ^ (j << 4);
222 j = (j ^ (j >> 8) ^ 99) & 255;
232 if (key_bits != 128 && key_bits != 192 && key_bits != 256)
237 memcpy(tk,
key, KC * 4);
238 memcpy(
a->round_key[0].u8,
key, KC * 4);
240 for (t = KC * 4; t < (
rounds + 1) * 16; t += KC * 4) {
241 for (
i = 0;
i < 4;
i++)
242 tk[0][
i] ^=
sbox[tk[KC - 1][(
i + 1) & 3]];
243 tk[0][0] ^=
rcon[rconpointer++];
245 for (j = 1; j < KC; j++) {
246 if (KC != 8 || j != KC >> 1)
247 for (
i = 0;
i < 4;
i++)
248 tk[j][
i] ^= tk[j - 1][
i];
250 for (
i = 0;
i < 4;
i++)
251 tk[j][
i] ^=
sbox[tk[j - 1][
i]];
254 memcpy(
a->round_key[0].u8 + t, tk, KC * 4);
260 tmp[2] =
a->round_key[
i];
263 a->round_key[
i] =
tmp[0];
int av_aes_init(AVAES *a, const uint8_t *key, int key_bits, int decrypt)
Initialize an AVAES context.
Filter the word “frame” indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later. That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another. Frame references ownership and permissions
static void aes_crypt(AVAES *a, int s, const uint8_t *sbox, uint32_t multbl[][256])
static void init_multbl2(uint32_t tbl[][256], const int c[4], const uint8_t *log8, const uint8_t *alog8, const uint8_t *sbox)
static uint8_t inv_sbox[256]
static void addkey(av_aes_block *dst, const av_aes_block *src, const av_aes_block *round_key)
#define FF_ARRAY_ELEMS(a)
static void addkey_s(av_aes_block *dst, const uint8_t *src, const av_aes_block *round_key)
static void mix(av_aes_block state[2], uint32_t multbl[][256], int s1, int s3)
void av_aes_crypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int decrypt)
Encrypt or decrypt a buffer using a previously initialized context.
struct AVAES * av_aes_alloc(void)
Allocate an AVAES context.
Undefined Behavior In the C some operations are like signed integer dereferencing freed accessing outside allocated Undefined Behavior must not occur in a C it is not safe even if the output of undefined operations is unused The unsafety may seem nit picking but Optimizing compilers have in fact optimized code on the assumption that no undefined Behavior occurs Optimizing code based on wrong assumptions can and has in some cases lead to effects beyond the output of computations The signed integer overflow problem in speed critical code Code which is highly optimized and works with signed integers sometimes has the problem that often the output of the computation does not c
av_aes_block round_key[15]
static void aes_encrypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int rounds)
#define MKBETAG(a, b, c, d)
The reader does not expect b to be semantically here and if the code is changed by maybe adding a a division or other the signedness will almost certainly be mistaken To avoid this confusion a new type was SUINT is the C unsigned type but it holds a signed int to use the same example SUINT a
static void aes_decrypt(AVAES *a, uint8_t *dst, const uint8_t *src, int count, uint8_t *iv, int rounds)
static uint32_t dec_multbl[4][256]
#define i(width, name, range_min, range_max)
void * av_mallocz(size_t size)
Allocate a memory block with alignment suitable for all memory accesses (including vectors if availab...
#define FFSWAP(type, a, b)
static uint32_t enc_multbl[4][256]
static const uint8_t rcon[10]
static void addkey_d(uint8_t *dst, const av_aes_block *src, const av_aes_block *round_key)
#define MKTAG(a, b, c, d)
static void subshift(av_aes_block s0[2], int s, const uint8_t *box)
static int mix_core(uint32_t multbl[][256], int a, int b, int c, int d)