{"id":1562,"date":"2017-02-12T23:58:54","date_gmt":"2017-02-12T15:58:54","guid":{"rendered":"http:\/\/blog.dynox.cn\/?p=1562"},"modified":"2023-08-11T02:03:43","modified_gmt":"2023-08-10T18:03:43","slug":"aes%e6%a0%87%e5%87%86%e5%8f%8arijndael%e7%ae%97%e6%b3%95%e8%a7%a3%e6%9e%90","status":"publish","type":"post","link":"https:\/\/blog.dynox.cn\/?p=1562","title":{"rendered":"AES\u6807\u51c6\u53caRijndael\u7b97\u6cd5\u89e3\u6790"},"content":{"rendered":"

AES\u7b80\u4ecb<\/h1>\n

AES, Advanced Encryption Standard\uff0c\u5176\u5b9e\u662f\u4e00\u5957\u6807\u51c6\uff1aFIPS 197<\/a>\uff0c\u800c\u6211\u4eec\u6240\u8bf4\u7684AES\u7b97\u6cd5\u5176\u5b9e\u662fRijndael\u7b97\u6cd5\u3002<\/p>\n

NIST (National INstitute of Standards and Technology) \u57281997\u5e749\u670812\u65e5\u516c\u5f00\u5f81\u96c6\u66f4\u9ad8\u6548\u66f4\u5b89\u5168\u7684\u66ff\u4ee3DES\u52a0\u5bc6\u7b97\u6cd5\uff0c\u7b2c\u4e00\u8f6e\u5171\u670915\u79cd\u7b97\u6cd5\u5165\u9009\uff0c\u5176\u4e2d5\u79cd\u7b97\u6cd5\u5165\u56f4\u4e86\u51b3\u8d5b\uff0c\u5206\u522b\u662fMARS\uff0cRC6\uff0cRijndael\uff0cSerpent\u548cTwofish\u3002\u53c8\u7ecf\u8fc73\u5e74\u7684\u9a8c\u8bc1\u3001\u8bc4\u6d4b\u53ca\u516c\u4f17\u8ba8\u8bba\u4e4b\u540eRijndael\u7b97\u6cd5\u6700\u7ec8\u5165\u9009\u3002<\/p>\n

\"\u601d\u7ef4\u5bfc\u56fe\"<\/p>\n

Rijndael\u7b97\u6cd5<\/h2>\n

Rijndael\u7b97\u6cd5\u662f\u7531\u6bd4\u5229\u65f6\u5b66\u8005Joan Daemen\u548cVincent Rijmen\u6240\u63d0\u51fa\u7684\uff0c\u7b97\u6cd5\u7684\u540d\u5b57\u5c31\u7531\u4e24\u4f4d\u4f5c\u8005\u7684\u540d\u5b57\u7ec4\u5408\u800c\u6210\u3002Rijndael\u7684\u4f18\u52bf\u5728\u4e8e\u96c6\u5b89\u5168\u6027\u3001\u6027\u80fd\u3001\u6548\u7387\u3001\u53ef\u5b9e\u73b0\u6027\u53ca\u7075\u6d3b\u6027\u4e0e\u4e00\u4f53\u3002<\/p>\n

Joan Daemen\u548cVincent Rijmen<\/h2>\n

\"Joan\"Joan\"Vincent<\/p>\n

AES vs Rijndael<\/h2>\n

Rijndael\u7b97\u6cd5\u652f\u6301\u591a\u79cd\u5206\u7ec4\u53ca\u5bc6\u94a5\u957f\u5ea6\uff0c\u4ecb\u4e8e128-256\u4e4b\u95f4\u6240\u670932\u7684\u500d\u6570\u5747\u53ef\uff0c\u6700\u5c0f\u652f\u6301128\u4f4d\uff0c\u6700\u5927256\u4f4d\uff0c\u517125\u79cd\u7ec4\u5408\u3002\u800cAES\u6807\u51c6\u652f\u6301\u7684\u5206\u7ec4\u5927\u5c0f\u56fa\u5b9a\u4e3a128\u4f4d\uff0c\u5bc6\u94a5\u957f\u5ea6\u67093\u79cd\u9009\u62e9\uff1a128\u4f4d\u3001192\u4f4d\u53ca256\u4f4d\u3002<\/p>\n

\u52a0\u5bc6\u5b9e\u4f8b<\/h1>\n

\u4e0b\u9762\u9488\u5bf916\u5b57\u8282\u7684\u7b80\u5355\u660e\u6587\u5b57\u4e32\u201c0011223344....eeff\u201d\uff0c\u5206\u522b\u7528AES-128\/AES-192\u53caAES-256\u8fdb\u884c\u52a0\u5bc6\u8fd0\u7b97\uff1a<\/p>\n

AES-128<\/h2>\n

\u5bc6\u94a5\u9009\u752816\u5b57\u8282\u957f\u7684\u7b80\u5355\u5b57\u4e32\uff1a\u201c00010203....0e0f\u201d \u6765\uff0c\u4e0a\u9762\u7684\u660e\u6587\u7ecf\u8fc7\u52a0\u5bc6\u53d8\u6362\u540e\u6210\u4e3a"69c4e0d8....6089"\u3002<\/p>\n

plain :  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff\nkey   :  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f\ncypher:  69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a<\/code><\/pre>\n
AES-192<\/h2>\n
plain :  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff\nkey   :  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d .. .. .. 17\ncypher:  dd a9 7c a4 86 4c df e0 6e af 70 a0 ec 0d 71 91<\/code><\/pre>\n
AES-256<\/h2>\n
plain :  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff\nkey   :  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d .. .. .. 17 .. .. .. 1f\ncypher:  8e a2 b7 ca 51 67 45 bf ea fc 49 90 4b 49 60 89<\/code><\/pre>\n
\u603b\u4f53\u7ed3\u6784<\/h1>\n
Rijndael\u7b97\u6cd5\u662f\u57fa\u4e8e\u4ee3\u6362-\u7f6e\u6362\u7f51\u7edc\uff08SPN\uff0cSubstitution-permutation network\uff09\u7684\u8fed\u4ee3\u7b97\u6cd5\u3002\u660e\u6587\u6570\u636e\u7ecf\u8fc7\u591a\u8f6e\u6b21\u7684\u8f6c\u6362\u540e\u65b9\u80fd\u751f\u6210\u5bc6\u6587\uff0c\u6bcf\u4e2a\u8f6e\u6b21\u7684\u8f6c\u6362\u64cd\u4f5c\u7531\u8f6e\u51fd\u6570\u5b9a\u4e49\u3002\u8f6e\u51fd\u6570\u4efb\u52a1\u5c31\u662f\u6839\u636e\u5bc6\u94a5\u7f16\u6392\u5e8f\u5217\uff08\u5373\u8f6e\u5bc6\u7801\uff09\u5bf9\u6570\u636e\u8fdb\u884c\u4e0d\u540c\u7684\u4ee3\u6362\u53ca\u7f6e\u6362\u7b49\u64cd\u4f5c\u3002<\/p>\n
\"AES<\/p>\n
\u56fe\u5de6\u4fa7\u4e3a\u8f6e\u51fd\u6570\u7684\u6d41\u7a0b\uff0c\u4e3b\u8981\u5305\u542b4\u79cd\u4e3b\u8981\u8fd0\u7b97\u64cd\u4f5c\uff1a\u5b57\u8282\u4ee3\u6362(SubByte)\u3001\u884c\u79fb\u4f4d(ShiftRow)\u3001\u5217\u6df7\u5408(MixColumn)\u3001\u8f6e\u5bc6\u94a5\u52a0(AddRoundKey)\u3002\u56fe\u53f3\u4fa7\u4e3a\u5bc6\u94a5\u7f16\u6392\u65b9\u6848\uff0c\u5728Rijndael\u4e2d\u79f0\u4e3a\u5bc6\u94a5\u6269\u5c55\u7b97\u6cd5\uff08KeyExpansion\uff09\u3002<\/p>\n
AES\u6807\u51c6\u7b97\u6cd5\u5c06128\u4f4d\u7684\u660e\u6587\uff0c\u4ee5\u7279\u5b9a\u6b21\u5e8f\u751f\u6210\u4e00\u4e2a4x4\u7684\u77e9\u9635\uff08\u6bcf\u4e2a\u5143\u7d20\u662f\u4e00\u4e2a\u5b57\u8282\uff0c8\u4f4d\uff09\uff0c\u5373\u521d\u59cb\u72b6\u6001\uff08state\uff09\uff0c\u7ecf\u7531\u8f6e\u51fd\u6570\u7684\u8fed\u4ee3\u8f6c\u6362\u4e4b\u540e\u53c8\u5c06\u4f5c\u4e3a\u4e0b\u4e00\u8f6e\u8fed\u4ee3\u7684\u8f93\u5165\u7ee7\u7eed\u53c2\u4e0e\u8fd0\u7b97\u76f4\u5230\u8fed\u4ee3\u7ed3\u675f\u3002<\/p>\n
Rijndael\u7b97\u6cd5\u652f\u6301\u5927\u4e8e128\u4f4d\u7684\u660e\u6587\u5206\u7ec4\uff0c\u6240\u4ee5\u9700\u8981\u5217\u6570\u66f4\u591a\u7684\u77e9\u9635\u6765\u63cf\u8ff0\u3002Rijndael\u8f6e\u51fd\u6570\u7684\u8fd0\u7b97\u662f\u5728\u7279\u6b8a\u5b9a\u4e49\u7684\u6709\u9650\u57dfGF(256)\u4e0a\u8fdb\u884c\u7684\u3002\u6709\u9650\u57df\uff08Finite Field\uff09\u53c8\u540d\u4f3d\u7f57\u74e6\u57df\uff08Galois field\uff09\uff0c\u7b80\u5355\u8a00\u4e4b\u5c31\u662f\u4e00\u4e2a\u6ee1\u8db3\u7279\u5b9a\u89c4\u5219\u7684\u96c6\u5408\uff0c\u96c6\u5408\u4e2d\u7684\u5143\u7d20\u53ef\u4ee5\u8fdb\u884c\u52a0\u51cf\u4e58\u9664\u8fd0\u7b97\uff0c\u4e14\u8fd0\u7b97\u7ed3\u679c\u4e5f\u662f\u5c5e\u4e8e\u6b64\u96c6\u5408\u3002\u66f4\u8be6\u7ec6\u6709\u6709\u5173Rijndael\u7b97\u6cd5\u7684\u6570\u5b66\u63cf\u8ff0\uff0c\u53ef\u4ee5\u53c2\u9605\u672c\u6587\u6700\u540e\u6240\u7f57\u5217\u7684\u53c2\u8003\u8d44\u6599\uff0c\u5728\u6b64\u4e0d\u505a\u71ac\u8ff0\u3002<\/p>\n
\u8f6e\u51fd\u6570<\/h2>\n
\u6211\u4eec\u5df2\u7ecf\u5f97\u77e5\u8f6e\u51fd\u6570\u4e3b\u8981\u5305\u542b4\u79cd\u8fd0\u7b97\uff0c\u4f46\u4e0d\u540c\u7684\u8fd0\u7b97\u8f6e\u6240\u505a\u7684\u5177\u4f53\u8fd0\u7684\u7b97\u7ec4\u5408\u5e76\u4e0d\u76f8\u540c\u3002\u4e3b\u8981\u533a\u522b\u662f\u521d\u59cb\u8f6e\uff08Round: 0\uff09\u548c\u6700\u540e\u4e00\u8f6e\uff08Round: Nr\uff09\uff0c\u6240\u6709\u4e2d\u95f4\u8f6e\u7684\u8fd0\u7b97\u90fd\u662f\u76f8\u540c\u7684\uff0c\u4f1a\u4f9d\u6b21\u8fdb\u884c4\u79cd\u8fd0\u7b97\uff0c\u5373\uff1a<\/p>\n
    \n
  1. \u5b57\u8282\u4ee3\u6362(SubByte)<\/li>\n
  2. \u884c\u79fb\u4f4d(ShiftRow)<\/li>\n
  3. \u5217\u6df7\u5408(MixColumn)<\/li>\n
  4. \u8f6e\u5bc6\u94a5\u52a0(AddRoundKey)<\/li>\n<\/ol>\n
    \u6839\u636eRinjdael\u7b97\u6cd5\u7684\u5b9a\u4e49\uff0c\u52a0\u5bc6\u8f6e\u6570\u4f1a\u9488\u5bf9\u4e0d\u540c\u7684\u5206\u7ec4\u53ca\u4e0d\u540c\u7684\u5bc6\u94a5\u957f\u5ea6\u9009\u62e9\u4e0d\u540c\u7684\u6570\u503c\uff1a<\/p>\n
    \"AES<\/p>\n
    AES\u6807\u51c6\u53ea\u652f\u6301128\u4f4d\u5206\u7ec4\uff08Nb = 4\uff09\u7684\u60c5\u51b5\u3002<\/p>\n
    \u8f6e\u51fd\u6570\u7684\u5b9e\u73b0\u4ee3\u7801\u5982\u4e0b\uff0c\u76f4\u63a5\u5b9e\u73b0\u5728\u52a0\u5bc6\u51fd\u6570\u5185\u90e8\u5faa\u73af\u4e2d\uff1a<\/p>\n
    int aes_encrypt(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)\n{\n    uint8_t w[4 * 4 * 15] = {0}; \/* round key *\/\n    uint8_t s[4 * 4] = {0}; \/* state *\/\n\n    int nr, i, j;\n\n    \/* key expansion *\/\n    aes_key_expansion(mode, key, w);\n\n    \/* start data cypher loop over input buffer *\/\n    for (i = 0; i &lt; len; i += 4 * g_aes_nb[mode]) {\n\n        \/* init state from user buffer (plaintext) *\/\n        for (j = 0; j &lt; 4 * g_aes_nb[mode]; j++)\n            s[j] = data[i + j];\n\n        \/* start AES cypher loop over all AES rounds *\/\n        for (nr = 0; nr &lt;= g_aes_rounds[mode]; nr++) {\n\n            if (nr &gt; 0) {\n\n                \/* do SubBytes *\/\n                aes_sub_bytes(mode, s);\n\n                \/* do ShiftRows *\/\n                aes_shift_rows(mode, s);\n\n                if (nr &lt; g_aes_rounds[mode]) {\n                    \/* do MixColumns *\/\n                    aes_mix_columns(mode, s);\n                }\n            }\n\n            \/* do AddRoundKey *\/\n            aes_add_round_key(mode, s, w, nr);\n        }\n\n        \/* save state (cypher) to user buffer *\/\n        for (j = 0; j &lt; 4 * g_aes_nb[mode]; j++)\n            data[i + j] = s[j];\n    }\n\n    return 0;\n}<\/code><\/pre>\n
    \u52a8\u753b\u6f14\u793a\u52a0\u5bc6\u8fc7\u7a0b<\/h2>\n
    Enrique Zabala\u521b\u5efa\u4e86\u4e00\u4e2aAES-128\u52a0\u5bc6\u7b97\u6cd5\u7684\u52a8\u753b\u6f14\u793a\uff0c\u6e05\u695a\u3001\u76f4\u89c2\u5730\u4ecb\u7ecd\u4e86\u8f6e\u51fd\u6570\u6267\u884c\u7684\u8fc7\u7a0b\u3002\u70b9\u51fb\u53ef\u76f4\u63a5\u89c2\u770b<\/a>\u3002<\/p>\n
    \u8f6e\u51fd\u6570\u62c6\u89e3\uff1a\u5b57\u8282\u4ee3\u6362\uff08Substitute Bytes\uff09<\/h2>\n
    \"AES:\u5b57\u8282\u66ff\u6362\"<\/p>\n
    \u5b57\u8282\u4ee3\u6362\uff08SubBytes\uff09\u662f\u5bf9state\u77e9\u9635\u4e2d\u7684\u6bcf\u4e00\u4e2a\u72ec\u7acb\u5143\u7d20\u4e8e\u7f6e\u6362\u76d2<\/strong> \uff08Substitution-box\uff0cS\u76d2\uff09\u4e2d\u8fdb\u884c\u67e5\u627e\u5e76\u4ee5\u6b64\u66ff\u6362\u8f93\u5165\u72b6\u6001\u7684\u64cd\u4f5c\u3002\u5b57\u8282\u4ee3\u6362\u662f\u53ef\u9006\u7684\u975e\u7ebf\u6027\u53d8\u6362\uff0c\u4e5f\u662fAES\u8fd0\u7b97\u7ec4\u4e2d\u552f\u4e00\u7684\u975e\u7ebf\u6027\u53d8\u6362\u3002\u5b57\u8282\u4ee3\u6362\u9006\u64cd\u4f5c\u4e5f\u662f\u901a\u8fc7\u9006\u5411\u7f6e\u6362\u76d2\u7684\u67e5\u627e\u53ca\u66ff\u6362\u6765\u5b8c\u6210\u7684\u3002<\/p>\n
    S\u76d2\u662f\u4e8b\u5148\u8bbe\u8ba1\u597d\u768416x16\u7684\u67e5\u8be2\u8868\uff0c\u5373256\u4e2a\u5143\u7d20\u3002\u5176\u8bbe\u8ba1\u4e0d\u662f\u968f\u610f\u7684\uff0c\u8981\u6839\u636e\u8bbe\u8ba1\u539f\u5219\u4e25\u683c\u8ba1\u7b97\u6c42\u5f97\uff0c\u4e0d\u7136\u65e0\u6cd5\u4fdd\u8bc1\u7b97\u6cd5\u7684\u5b89\u5168\u6027\u3002\u65e2\u7136\u662fS\u76d2\u662f\u8ba1\u7b97\u5f97\u6765\uff0c\u6240\u4ee5\u5b57\u8282\u4ee3\u6362\u7684\u64cd\u4f5c\u5b8c\u5168\u53ef\u4ee5\u901a\u8fc7\u8ba1\u7b97\u6765\u5b8c\u6210\uff0c\u4e0d\u8fc7\u901a\u8fc7S\u76d2\u67e5\u8868\u64cd\u4f5c\u66f4\u65b9\u4fbf\u5feb\u6377\uff0c\u56fe\u4e2d\u6240\u793a\u5c31\u662f\u901a\u8fc7S\u76d2\u67e5\u627e\u5bf9\u5e94\u5143\u7d20\u8fdb\u884c\u7684\u66ff\u6362\u64cd\u4f5c\u3002<\/p>\n
    \"AES<\/p>\n
    void aes_sub_bytes(AES_CYPHER_T mode, uint8_t *state)\n{\n    int i, j;\n\n    for (i = 0; i &lt; g_aes_nb[mode]; i++) {\n        for (j = 0; j &lt; 4; j++) {\n            state[i * 4 + j] = aes_sub_sbox(state[i * 4 + j]);\n        }\n    }\n}<\/code><\/pre>\n
    \u5b9e\u4f8b\u8bf4\u660e\uff1a<\/p>\n
       input:  00 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0\n     sub:  63 ca b7 04 09 53 d0 51 cd 60 e0 e7 ba 70 e1 8c<\/code><\/pre>\n
    \u8f6e\u51fd\u6570\u62c6\u89e3\uff1a\u884c\u79fb\u4f4d\uff08Shift Rows\uff09<\/h2>\n
    \"AES:<\/p>\n
    \u884c\u79fb\u4f4d\u4e3b\u8981\u76ee\u7684\u662f\u5b9e\u73b0\u5b57\u8282\u5728\u6bcf\u4e00\u884c\u7684\u6269\u6563\uff0c\u5c5e\u4e8e\u7ebf\u6027\u53d8\u6362\u3002<\/p>\n
    void aes_shift_rows(AES_CYPHER_T mode, uint8_t *state)\n{\n    uint8_t *s = (uint8_t *)state;\n    int i, j, r;\n\n    for (i = 1; i &lt; g_aes_nb[mode]; i++) {\n        for (j = 0; j &lt; i; j++) {\n            uint8_t tmp = s[i];\n            for (r = 0; r &lt; g_aes_nb[mode]; r++) {\n                s[i + r * 4] = s[i + (r + 1) * 4];\n            }\n            s[i + (g_aes_nb[mode] - 1) * 4] = tmp;\n        }\n    }\n}<\/code><\/pre>\n
    \u5b9e\u4f8b\u8bf4\u660e\uff1a<\/p>\n
         sub:  63 ca b7 04 09 53 d0 51 cd 60 e0 e7 ba 70 e1 8c\n   shift:  63 53 e0 8c 09 60 e1 04 cd 70 b7 51 ba ca d0 e7<\/code><\/pre>\n
    \u8f6e\u51fd\u6570\u62c6\u89e3\uff1a\u5217\u6df7\u5408\uff08Mix Columns\uff09<\/h2>\n
    \"AES:<\/p>\n
    \u5217\u6df7\u5408\u662f\u901a\u8fc7\u5c06state\u77e9\u9635\u4e0e\u5e38\u77e9\u9635C\u76f8\u4e58\u4ee5\u8fbe\u6210\u5728\u5217\u4e0a\u7684\u6269\u6563\uff0c\u5c5e\u4e8e\u4ee3\u66ff\u53d8\u6362\u3002\u5217\u6df7\u5408\u662fRijndael\u7b97\u6cd5\u4e2d\u6700\u590d\u6742\u7684\u4e00\u6b65\uff0c\u5176\u5b9e\u8d28\u662f\u5728\u6709\u9650\u57dfGF(256)\u4e0a\u7684\u591a\u9879\u5f0f\u4e58\u6cd5\u8fd0\u7b97\u3002<\/p>\n
    void aes_mix_columns(AES_CYPHER_T mode, uint8_t *state)\n{\n    uint8_t y[16] = { 2, 3, 1, 1,  1, 2, 3, 1,  1, 1, 2, 3,  3, 1, 1, 2};\n    uint8_t s[4];\n    int i, j, r;\n\n    for (i = 0; i &lt; g_aes_nb[mode]; i++) {\n        for (r = 0; r &lt; 4; r++) {\n            s[r] = 0;\n            for (j = 0; j &lt; 4; j++) {\n                s[r] = s[r] ^ aes_mul(state[i * 4 + j], y[r * 4 + j]);\n            }\n        }\n        for (r = 0; r &lt; 4; r++) {\n            state[i * 4 + r] = s[r];\n        }\n    }\n}<\/code><\/pre>\n
    \u5b9e\u4f8b\u8bf4\u660e\uff1a<\/p>\n
       shift:  63 53 e0 8c 09 60 e1 04 cd 70 b7 51 ba ca d0 e7\n     mix:  5f 72 64 15 57 f5 bc 92 f7 be 3b 29 1d b9 f9 1a<\/code><\/pre>\n
    \u8f6e\u51fd\u6570\u62c6\u89e3\uff1a\u8f6e\u5bc6\u94a5\u52a0\uff08Add Round Key\uff09<\/h2>\n
    \"AES<\/p>\n
    \u5bc6\u94a5\u52a0\u662f\u5c06\u8f6e\u5bc6\u94a5\u7b80\u5355\u5730\u4e0e\u72b6\u6001\u8fdb\u884c\u9010\u6bd4\u7279\u5f02\u6216\u3002\u5b9e\u73b0\u4ee3\u7801\u5982\u4e0b\uff1a<\/p>\n
    void aes_add_round_key(AES_CYPHER_T mode, uint8_t *state,\n                       uint8_t *round, int nr)\n{\n    uint32_t *w = (uint32_t *)round;\n    uint32_t *s = (uint32_t *)state;\n    int i;\n\n    for (i = 0; i &lt; g_aes_nb[mode]; i++) {\n        s[i] ^= w[nr * g_aes_nb[mode] + i];\n    }\n}<\/code><\/pre>\n
    \u5b9e\u4f8b\u8bf4\u660e\uff1a<\/p>\n
         mix:  5f 72 64 15 57 f5 bc 92 f7 be 3b 29 1d b9 f9 1a\n   round:  d6 aa 74 fd d2 af 72 fa da a6 78 f1 d6 ab 76 fe\n   state:  89 d8 10 e8 85 5a ce 68 2d 18 43 d8 cb 12 8f e4<\/code><\/pre>\n
    \u5bc6\u94a5\u6269\u5c55\u7b97\u6cd5\uff08Key Expansion\uff09<\/h2>\n
    \u5bc6\u94a5\u6269\u5c55\u7b97\u6cd5\u662fRijndael\u7684\u5bc6\u94a5\u7f16\u6392\u5b9e\u73b0\u7b97\u6cd5\uff0c\u5176\u76ee\u7684\u662f\u6839\u636e\u79cd\u5b50\u5bc6\u94a5\uff08\u7528\u6237\u5bc6\u94a5\uff09\u751f\u6210\u591a\u7ec4\u8f6e\u5bc6\u94a5\u3002\u8f6e\u5bc6\u94a5\u4e3a\u591a\u7ec4128\u4f4d\u5bc6\u94a5\uff0c\u5bf9\u5e94\u4e0d\u540c\u5bc6\u94a5\u957f\u5ea6\uff0c\u5206\u522b\u662f11\uff0c13\uff0c15\u7ec4\u3002<\/p>\n
    \"AES:<\/p>\n
    \u5b9e\u73b0\u4ee3\u7801\uff1a<\/p>\n
    \/*\n * nr: number of rounds\n * nb: number of columns comprising the state, nb = 4 dwords (16 bytes)\n * nk: number of 32-bit words comprising cipher key, nk = 4, 6, 8 (KeyLength\/(4*8))\n *\/\n\nvoid aes_key_expansion(AES_CYPHER_T mode, uint8_t *key, uint8_t *round)\n{\n    uint32_t *w = (uint32_t *)round;\n    uint32_t  t;\n    int      i = 0;\n\n    do {\n        w[i] = *((uint32_t *)&amp;key[i * 4 + 0]);\n    } while (++i &lt; g_aes_nk[mode]);\n\n    do {\n        if ((i % g_aes_nk[mode]) == 0) {\n            t = aes_rot_dword(w[i - 1]);\n            t = aes_sub_dword(t);\n            t = t ^ aes_swap_dword(g_aes_rcon[i\/g_aes_nk[mode] - 1]);\n        } else if (g_aes_nk[mode] &gt; 6 &amp;&amp; (i % g_aes_nk[mode]) == 4) {\n            t = aes_sub_dword(w[i - 1]);\n        } else {\n            t = w[i - 1];\n        }\n        w[i] = w[i - g_aes_nk[mode]] ^ t;\n\n    } while (++i &lt; g_aes_nb[mode] * (g_aes_rounds[mode] + 1));\n\n    \/* key can be discarded (or zeroed) from memory *\/\n}<\/code><\/pre>\n
    \u4ee5AES-128\u4e3a\u4f8b\uff0c\u4ece128\u4f4d\u79cd\u5b50\u5bc6\u94a5\u751f\u621011\u7ec4\u8f6e\u5bc6\u94a5\uff08\u6bcf\u7ec4128\u4f4d\uff09\uff1a<\/p>\n
    Input:\n    key :  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f\nKey Expansion:\n    00:  rs: 00010203\n    01:  rs: 04050607\n    02:  rs: 08090a0b\n    03:  rs: 0c0d0e0f\n    04:  rot: 0d0e0f0c sub: d7ab76fe rcon: 01000000 xor: fe76abd6 rs: d6aa74fd\n    05:  equ: d6aa74fd rs: d2af72fa\n    06:  equ: d2af72fa rs: daa678f1\n    07:  equ: daa678f1 rs: d6ab76fe\n    08:  rot: ab76fed6 sub: 6238bbf6 rcon: 02000000 xor: f6bb3860 rs: b692cf0b\n    09:  equ: b692cf0b rs: 643dbdf1\n    10:  equ: 643dbdf1 rs: be9bc500\n    11:  equ: be9bc500 rs: 6830b3fe\n    12:  rot: 30b3fe68 sub: 046dbb45 rcon: 04000000 xor: 45bb6d00 rs: b6ff744e\n    13:  equ: b6ff744e rs: d2c2c9bf\n    14:  equ: d2c2c9bf rs: 6c590cbf\n    15:  equ: 6c590cbf rs: 0469bf41\n    16:  rot: 69bf4104 sub: f90883f2 rcon: 08000000 xor: f28308f1 rs: 47f7f7bc\n    17:  equ: 47f7f7bc rs: 95353e03\n    18:  equ: 95353e03 rs: f96c32bc\n    19:  equ: f96c32bc rs: fd058dfd\n    20:  rot: 058dfdfd sub: 6b5d5454 rcon: 10000000 xor: 54545d7b rs: 3caaa3e8\n    21:  equ: 3caaa3e8 rs: a99f9deb\n    22:  equ: a99f9deb rs: 50f3af57\n    23:  equ: 50f3af57 rs: adf622aa\n    24:  rot: f622aaad sub: 4293ac95 rcon: 20000000 xor: 95ac9362 rs: 5e390f7d\n    25:  equ: 5e390f7d rs: f7a69296\n    26:  equ: f7a69296 rs: a7553dc1\n    27:  equ: a7553dc1 rs: 0aa31f6b\n    28:  rot: a31f6b0a sub: 0ac07f67 rcon: 40000000 xor: 677fc04a rs: 14f9701a\n    29:  equ: 14f9701a rs: e35fe28c\n    30:  equ: e35fe28c rs: 440adf4d\n    31:  equ: 440adf4d rs: 4ea9c026\n    32:  rot: a9c0264e sub: d3baf72f rcon: 80000000 xor: 2ff7ba53 rs: 47438735\n    33:  equ: 47438735 rs: a41c65b9\n    34:  equ: a41c65b9 rs: e016baf4\n    35:  equ: e016baf4 rs: aebf7ad2\n    36:  rot: bf7ad2ae sub: 08dab5e4 rcon: 1b000000 xor: e4b5da13 rs: 549932d1\n    37:  equ: 549932d1 rs: f0855768\n    38:  equ: f0855768 rs: 1093ed9c\n    39:  equ: 1093ed9c rs: be2c974e\n    40:  rot: 2c974ebe sub: 71882fae rcon: 36000000 xor: ae2f8847 rs: 13111d7f\n    41:  equ: 13111d7f rs: e3944a17\n    42:  equ: e3944a17 rs: f307a78b\n    43:  equ: f307a78b rs: 4d2b30c5<\/code><\/pre>\n
    \u52a0\u5bc6\u8fc7\u7a0b\u5b9e\u4f8b<\/h2>\n
    Encrypting block ...\n Round 0:\n   input:  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff\n   round:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f\n   state:  00 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0\n Round 1:\n   input:  00 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0\n     sub:  63 ca b7 04 09 53 d0 51 cd 60 e0 e7 ba 70 e1 8c\n   shift:  63 53 e0 8c 09 60 e1 04 cd 70 b7 51 ba ca d0 e7\n     mix:  5f 72 64 15 57 f5 bc 92 f7 be 3b 29 1d b9 f9 1a\n   round:  d6 aa 74 fd d2 af 72 fa da a6 78 f1 d6 ab 76 fe\n   state:  89 d8 10 e8 85 5a ce 68 2d 18 43 d8 cb 12 8f e4\n Round 2:\n   input:  89 d8 10 e8 85 5a ce 68 2d 18 43 d8 cb 12 8f e4\n     sub:  a7 61 ca 9b 97 be 8b 45 d8 ad 1a 61 1f c9 73 69\n   shift:  a7 be 1a 69 97 ad 73 9b d8 c9 ca 45 1f 61 8b 61\n     mix:  ff 87 96 84 31 d8 6a 51 64 51 51 fa 77 3a d0 09\n   round:  b6 92 cf 0b 64 3d bd f1 be 9b c5 00 68 30 b3 fe\n   state:  49 15 59 8f 55 e5 d7 a0 da ca 94 fa 1f 0a 63 f7\n Round 3:\n   input:  49 15 59 8f 55 e5 d7 a0 da ca 94 fa 1f 0a 63 f7\n     sub:  3b 59 cb 73 fc d9 0e e0 57 74 22 2d c0 67 fb 68\n   shift:  3b d9 22 68 fc 74 fb 73 57 67 cb e0 c0 59 0e 2d\n     mix:  4c 9c 1e 66 f7 71 f0 76 2c 3f 86 8e 53 4d f2 56\n   round:  b6 ff 74 4e d2 c2 c9 bf 6c 59 0c bf 04 69 bf 41\n   state:  fa 63 6a 28 25 b3 39 c9 40 66 8a 31 57 24 4d 17\n Round 4:\n   input:  fa 63 6a 28 25 b3 39 c9 40 66 8a 31 57 24 4d 17\n     sub:  2d fb 02 34 3f 6d 12 dd 09 33 7e c7 5b 36 e3 f0\n   shift:  2d 6d 7e f0 3f 33 e3 34 09 36 02 dd 5b fb 12 c7\n     mix:  63 85 b7 9f fc 53 8d f9 97 be 47 8e 75 47 d6 91\n   round:  47 f7 f7 bc 95 35 3e 03 f9 6c 32 bc fd 05 8d fd\n   state:  24 72 40 23 69 66 b3 fa 6e d2 75 32 88 42 5b 6c\n Round 5:\n   input:  24 72 40 23 69 66 b3 fa 6e d2 75 32 88 42 5b 6c\n     sub:  36 40 09 26 f9 33 6d 2d 9f b5 9d 23 c4 2c 39 50\n   shift:  36 33 9d 50 f9 b5 39 26 9f 2c 09 2d c4 40 6d 23\n     mix:  f4 bc d4 54 32 e5 54 d0 75 f1 d6 c5 1d d0 3b 3c\n   round:  3c aa a3 e8 a9 9f 9d eb 50 f3 af 57 ad f6 22 aa\n   state:  c8 16 77 bc 9b 7a c9 3b 25 02 79 92 b0 26 19 96\n Round 6:\n   input:  c8 16 77 bc 9b 7a c9 3b 25 02 79 92 b0 26 19 96\n     sub:  e8 47 f5 65 14 da dd e2 3f 77 b6 4f e7 f7 d4 90\n   shift:  e8 da b6 90 14 77 d4 65 3f f7 f5 e2 e7 47 dd 4f\n     mix:  98 16 ee 74 00 f8 7f 55 6b 2c 04 9c 8e 5a d0 36\n   round:  5e 39 0f 7d f7 a6 92 96 a7 55 3d c1 0a a3 1f 6b\n   state:  c6 2f e1 09 f7 5e ed c3 cc 79 39 5d 84 f9 cf 5d\n Round 7:\n   input:  c6 2f e1 09 f7 5e ed c3 cc 79 39 5d 84 f9 cf 5d\n     sub:  b4 15 f8 01 68 58 55 2e 4b b6 12 4c 5f 99 8a 4c\n   shift:  b4 58 12 4c 68 b6 8a 01 4b 99 f8 2e 5f 15 55 4c\n     mix:  c5 7e 1c 15 9a 9b d2 86 f0 5f 4b e0 98 c6 34 39\n   round:  14 f9 70 1a e3 5f e2 8c 44 0a df 4d 4e a9 c0 26\n   state:  d1 87 6c 0f 79 c4 30 0a b4 55 94 ad d6 6f f4 1f\n Round 8:\n   input:  d1 87 6c 0f 79 c4 30 0a b4 55 94 ad d6 6f f4 1f\n     sub:  3e 17 50 76 b6 1c 04 67 8d fc 22 95 f6 a8 bf c0\n   shift:  3e 1c 22 c0 b6 fc bf 76 8d a8 50 67 f6 17 04 95\n     mix:  ba a0 3d e7 a1 f9 b5 6e d5 51 2c ba 5f 41 4d 23\n   round:  47 43 87 35 a4 1c 65 b9 e0 16 ba f4 ae bf 7a d2\n   state:  fd e3 ba d2 05 e5 d0 d7 35 47 96 4e f1 fe 37 f1\n Round 9:\n   input:  fd e3 ba d2 05 e5 d0 d7 35 47 96 4e f1 fe 37 f1\n     sub:  54 11 f4 b5 6b d9 70 0e 96 a0 90 2f a1 bb 9a a1\n   shift:  54 d9 90 a1 6b a0 9a b5 96 bb f4 0e a1 11 70 2f\n     mix:  e9 f7 4e ec 02 30 20 f6 1b f2 cc f2 35 3c 21 c7\n   round:  54 99 32 d1 f0 85 57 68 10 93 ed 9c be 2c 97 4e\n   state:  bd 6e 7c 3d f2 b5 77 9e 0b 61 21 6e 8b 10 b6 89\n Round 10:\n   input:  bd 6e 7c 3d f2 b5 77 9e 0b 61 21 6e 8b 10 b6 89\n     sub:  7a 9f 10 27 89 d5 f5 0b 2b ef fd 9f 3d ca 4e a7\n   shift:  7a d5 fd a7 89 ef 4e 27 2b ca 10 0b 3d 9f f5 9f\n   round:  13 11 1d 7f e3 94 4a 17 f3 07 a7 8b 4d 2b 30 c5\n   state:  69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a\nOutput:\n  cypher:  69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a<\/code><\/pre>\n
    \u89e3\u5bc6\u8f6e\u51fd\u6570<\/h2>\n
    \u5bf9Rijndael\u7b97\u6cd5\u6765\u8bf4\u89e3\u5bc6\u8fc7\u7a0b\u5c31\u662f\u52a0\u5bc6\u8fc7\u7a0b\u7684\u9006\u5411\u8fc7\u7a0b\uff0c\u5176\u89e3\u5bc6\u8f6e\u51fd\u6570\u5b9e\u73b0\u5982\u4e0b\uff1a<\/p>\n
    int aes_decrypt(AES_CYPHER_T mode, uint8_t *data, int len, uint8_t *key)\n{\n    uint8_t w[4 * 4 * 15] = {0}; \/* round key *\/\n    uint8_t s[4 * 4] = {0}; \/* state *\/\n\n    int nr, i, j;\n\n    \/* key expansion *\/\n    aes_key_expansion(mode, key, w);\n\n    \/* start data cypher loop over input buffer *\/\n    for (i = 0; i &lt; len; i += 4 * g_aes_nb[mode]) {\n\n        \/* init state from user buffer (cyphertext) *\/\n        for (j = 0; j &lt; 4 * g_aes_nb[mode]; j++)\n            s[j] = data[i + j];\n\n        \/* start AES cypher loop over all AES rounds *\/\n        for (nr = g_aes_rounds[mode]; nr &gt;= 0; nr--) {\n\n            \/* do AddRoundKey *\/\n            aes_add_round_key(mode, s, w, nr);\n\n            if (nr &gt; 0) {\n                if (nr &lt; g_aes_rounds[mode]) {\n                    \/* do MixColumns *\/\n                    inv_mix_columns(mode, s);\n                }\n\n                \/* do ShiftRows *\/\n                inv_shift_rows(mode, s);\n\n                \/* do SubBytes *\/\n                inv_sub_bytes(mode, s);\n            }\n        }\n\n        \/* save state (cypher) to user buffer *\/\n        for (j = 0; j &lt; 4 * g_aes_nb[mode]; j++)\n            data[i + j] = s[j];\n    }\n\n    return 0;\n}<\/code><\/pre>\n
    \u89e3\u5bc6\u8fc7\u7a0b\u5b9e\u4f8b<\/h2>\n
    Decrypting block ...\n Round 10:\n   input:  69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a\n   round:  13 11 1d 7f e3 94 4a 17 f3 07 a7 8b 4d 2b 30 c5\n   shift:  7a d5 fd a7 89 ef 4e 27 2b ca 10 0b 3d 9f f5 9f\n     sub:  7a 9f 10 27 89 d5 f5 0b 2b ef fd 9f 3d ca 4e a7\n   state:  bd 6e 7c 3d f2 b5 77 9e 0b 61 21 6e 8b 10 b6 89\n Round 9:\n   input:  bd 6e 7c 3d f2 b5 77 9e 0b 61 21 6e 8b 10 b6 89\n   round:  54 99 32 d1 f0 85 57 68 10 93 ed 9c be 2c 97 4e\n     mix:  e9 f7 4e ec 02 30 20 f6 1b f2 cc f2 35 3c 21 c7\n   shift:  54 d9 90 a1 6b a0 9a b5 96 bb f4 0e a1 11 70 2f\n     sub:  54 11 f4 b5 6b d9 70 0e 96 a0 90 2f a1 bb 9a a1\n   state:  fd e3 ba d2 05 e5 d0 d7 35 47 96 4e f1 fe 37 f1\n Round 8:\n   input:  fd e3 ba d2 05 e5 d0 d7 35 47 96 4e f1 fe 37 f1\n   round:  47 43 87 35 a4 1c 65 b9 e0 16 ba f4 ae bf 7a d2\n     mix:  ba a0 3d e7 a1 f9 b5 6e d5 51 2c ba 5f 41 4d 23\n   shift:  3e 1c 22 c0 b6 fc bf 76 8d a8 50 67 f6 17 04 95\n     sub:  3e 17 50 76 b6 1c 04 67 8d fc 22 95 f6 a8 bf c0\n   state:  d1 87 6c 0f 79 c4 30 0a b4 55 94 ad d6 6f f4 1f\n Round 7:\n   input:  d1 87 6c 0f 79 c4 30 0a b4 55 94 ad d6 6f f4 1f\n   round:  14 f9 70 1a e3 5f e2 8c 44 0a df 4d 4e a9 c0 26\n     mix:  c5 7e 1c 15 9a 9b d2 86 f0 5f 4b e0 98 c6 34 39\n   shift:  b4 58 12 4c 68 b6 8a 01 4b 99 f8 2e 5f 15 55 4c\n     sub:  b4 15 f8 01 68 58 55 2e 4b b6 12 4c 5f 99 8a 4c\n   state:  c6 2f e1 09 f7 5e ed c3 cc 79 39 5d 84 f9 cf 5d\n Round 6:\n   input:  c6 2f e1 09 f7 5e ed c3 cc 79 39 5d 84 f9 cf 5d\n   round:  5e 39 0f 7d f7 a6 92 96 a7 55 3d c1 0a a3 1f 6b\n     mix:  98 16 ee 74 00 f8 7f 55 6b 2c 04 9c 8e 5a d0 36\n   shift:  e8 da b6 90 14 77 d4 65 3f f7 f5 e2 e7 47 dd 4f\n     sub:  e8 47 f5 65 14 da dd e2 3f 77 b6 4f e7 f7 d4 90\n   state:  c8 16 77 bc 9b 7a c9 3b 25 02 79 92 b0 26 19 96\n Round 5:\n   input:  c8 16 77 bc 9b 7a c9 3b 25 02 79 92 b0 26 19 96\n   round:  3c aa a3 e8 a9 9f 9d eb 50 f3 af 57 ad f6 22 aa\n     mix:  f4 bc d4 54 32 e5 54 d0 75 f1 d6 c5 1d d0 3b 3c\n   shift:  36 33 9d 50 f9 b5 39 26 9f 2c 09 2d c4 40 6d 23\n     sub:  36 40 09 26 f9 33 6d 2d 9f b5 9d 23 c4 2c 39 50\n   state:  24 72 40 23 69 66 b3 fa 6e d2 75 32 88 42 5b 6c\n Round 4:\n   input:  24 72 40 23 69 66 b3 fa 6e d2 75 32 88 42 5b 6c\n   round:  47 f7 f7 bc 95 35 3e 03 f9 6c 32 bc fd 05 8d fd\n     mix:  63 85 b7 9f fc 53 8d f9 97 be 47 8e 75 47 d6 91\n   shift:  2d 6d 7e f0 3f 33 e3 34 09 36 02 dd 5b fb 12 c7\n     sub:  2d fb 02 34 3f 6d 12 dd 09 33 7e c7 5b 36 e3 f0\n   state:  fa 63 6a 28 25 b3 39 c9 40 66 8a 31 57 24 4d 17\n Round 3:\n   input:  fa 63 6a 28 25 b3 39 c9 40 66 8a 31 57 24 4d 17\n   round:  b6 ff 74 4e d2 c2 c9 bf 6c 59 0c bf 04 69 bf 41\n     mix:  4c 9c 1e 66 f7 71 f0 76 2c 3f 86 8e 53 4d f2 56\n   shift:  3b d9 22 68 fc 74 fb 73 57 67 cb e0 c0 59 0e 2d\n     sub:  3b 59 cb 73 fc d9 0e e0 57 74 22 2d c0 67 fb 68\n   state:  49 15 59 8f 55 e5 d7 a0 da ca 94 fa 1f 0a 63 f7\n Round 2:\n   input:  49 15 59 8f 55 e5 d7 a0 da ca 94 fa 1f 0a 63 f7\n   round:  b6 92 cf 0b 64 3d bd f1 be 9b c5 00 68 30 b3 fe\n     mix:  ff 87 96 84 31 d8 6a 51 64 51 51 fa 77 3a d0 09\n   shift:  a7 be 1a 69 97 ad 73 9b d8 c9 ca 45 1f 61 8b 61\n     sub:  a7 61 ca 9b 97 be 8b 45 d8 ad 1a 61 1f c9 73 69\n   state:  89 d8 10 e8 85 5a ce 68 2d 18 43 d8 cb 12 8f e4\n Round 1:\n   input:  89 d8 10 e8 85 5a ce 68 2d 18 43 d8 cb 12 8f e4\n   round:  d6 aa 74 fd d2 af 72 fa da a6 78 f1 d6 ab 76 fe\n     mix:  5f 72 64 15 57 f5 bc 92 f7 be 3b 29 1d b9 f9 1a\n   shift:  63 53 e0 8c 09 60 e1 04 cd 70 b7 51 ba ca d0 e7\n     sub:  63 ca b7 04 09 53 d0 51 cd 60 e0 e7 ba 70 e1 8c\n   state:  00 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0\n Round 0:\n   input:  00 10 20 30 40 50 60 70 80 90 a0 b0 c0 d0 e0 f0\n   round:  00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f\n   state:  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff\nOutput:\n   plain:  00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff<\/code><\/pre>\n
    \u7b97\u6cd5\u8bbe\u8ba1\u601d\u60f3<\/h1>\n
    \u52a0\u5bc6\u7b97\u6cd5\u7684\u4e00\u822c\u8bbe\u8ba1\u51c6\u5219<\/h2>\n