openssl/crypto/rijndael/README

85 lines
2.8 KiB
Text
Raw Normal View History

Rijndael
Joan Daemen
Optimised ANSI C v2.4
-----------------------------------------------------------
This archive contains the following files:
Makefile: A file that allows for easy compiling of the code with
Unix `make' (tested with GNU make).
README: This file.
boxes-fst.dat: Tables that are needed by the reference implementation.
The tables implement the S-box and its inverse, and also
some temporary tables needed for multiplying in the finite
field GF(2^8).
rijndael-alg-fst.c:
rijndael-alg-fst.h:
Algorithm implementation.
rijndael-api-fst.c:
rijndael-api-fst.h:
Interface to the C API.
rijndaeltest-fst.c:
Implementation of the KAT and MCT.
table.128:
table.192:
table.256:
Files needed for the KAT (for the Table Known Answer Test).
Instructions for the KAT and MCT software:
1) Compile the C code and put the executable in the same directory as the
table.??? files.
2) Run the executable. It generates all the tables in the NIST format.
3) Compare the generated tables with the original provided tables, e.g.
in Unix, with `diff'.
4) The code is independent of the ENDIANness of the machine.
However, the code casts char pointers to int pointers.
On some platforms, this casting can cause problems.
This will cause malfunctioning of the CBC Monte Carlo tests.
In this case, the compile parameter STRICT_ALIGN should be set to 1.
(Of course this results in slower code.)
Changes with respect to v1.0 (= round 1 submission)
---------------------------------------------------
1) Removed the parameter blockLen from makeKey() and cipherInit().
The parameter is still present in the structures keyInstance and
cipherInstance.
2) Removed some calls to sscan().
3) Corrected the CBC decryption Monte Carlo test code.
4) Provided code for platforms with pointer alignment problems.
----------------------------------------------------------------------
Changes from v2.0 (= round 2 submission)
----------------------------------------
Various bug fixes in CBC encryption and decryption mode.
----------------------------------------------------------------------
Changes from v2.2
-----------------
-- Moved number of rounds to the keyInstance structure
to make implementation thread-safe
-- Functions used only to generate the Intermediate Value
Known Answer Test are now conditionally compiled
via #define INTERMEDIATE_VALUE_KAT
-- Further optimized for the default 128-bit block size
-- Fixed CBC decryption bug (chained IV was lost if input
and outBuffer were the same)
-- Added padding capability to CBC mode (allows encryption
of any number of octets, not only full blocks)
----------------------------------------------------------------------
Changes from v2.3
-----------------
Fixed a small bug in CBC mode.