aes key长度_AES加密(1): 基本AES算法
2024-05-11 06:28:49
简介
AES原本指的是一套标准FIPS 197,而AES算法一般指分组大小为128bits的Rijndeal算法,由比利时学者Joan Daemen和Vincent Rijmen提出。
AES与Rijndeal的区别
AES仅指分段为128位的Rijndeal算法,两种算法对比如下:
(Nr表示循环轮数,Nb表示分组大小,Nk表示密钥长度,Nb和Nk单位都是32bits)
加密
总体流程
图片来自链接,这张图是AES-128的流程,AES-192和AES-256除了加密轮数和密钥长度以外都是一样的
AES加密的整个过程是在一个4×4的字节矩阵上运作的,这个字节矩阵称作state。这个字节矩阵是由当前明文块处理得到的,简而言之就是把当前的16个字节按照4个字节一行排列成矩阵,比如说
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f处理后得到的矩阵就是
0x00,0x01,0x02,0x03,
0x04,0x05,0x06,0x07,
0x08,0x09,0x0a,0x0b,
0x0c,0x0d,0x0e,0x0f加密前要先进行KeyExpansion,将原始的密钥扩展得到扩展密钥,原始密钥同样要做与上面一样的变换得到矩阵才能进行运算
然后是开始加密,按照上图中顺序调用如下四个轮函数:
AddRoundKey:轮密钥加运算,将当前的ByteSub:字节变换 (S盒变换)ShiftRows:行变换MixColumns:列变换
4个轮函数都是在伽罗瓦域$GF(256)$上进行的。伽罗瓦域 (Galois Field) 是一个满足特定规则的集合,其中元素可以进行加减乘除,且运算结果也都是这个集合的元素,具体细节可以。
接下来分析四个轮函数
轮密钥加 / AddRoundKey
这个就是简单的把当前状态 (state) 与扩展密钥进行按位异或,代码如下:
void aes::AddRoundKey(word *ExpandedKey, int i) {toBytes(ExpandedKey[Nb * i + 0], RoundKey + 0 * Nb);toBytes(ExpandedKey[Nb * i + 1], RoundKey + 1 * Nb);toBytes(ExpandedKey[Nb * i + 2], RoundKey + 2 * Nb);toBytes(ExpandedKey[Nb * i + 3], RoundKey + 3 * Nb);for (int k = 0; k < Nb * 4; ++k) {state[k] = state[k] ^ RoundKey[k];}
}
注意:AddRoundKey所异或的扩展密钥与当前加密轮数有关。扩展密钥是一个word数组,每个word有32bit,也就是说每个word能分解为4个byte,而异或轮密钥的时候需要把当前要异或的一组轮密钥(共4个word)分解为16个byte再进行异或。扩展密钥的长度是Nb*(Nr+1),每次AddRoundKey需要使用当前轮数乘上Nb开始的4个word长的轮密钥。
字节变换 / ByteSub
这一步就是将state中每一个字节替换为S_box中的对应字节。S_box是一个有256个元素的一维数组,直接查找当前字节所对应的新的字节并替换即可。
那肯定有人会问:S_box是怎么来的?
很显然这个S_box不是随随便便来的一个数组。这是通过计算得来的,当然我们直接把他看作一个常量数组即可。
S_box是怎么来的?
本段数学内容较多,可以直接跳到下一条分割线继续阅读。
首先我们要知道什么是GF(256)域,具体可以参考我的这篇文章:
AI1379:GF(256)域zhuanlan.zhihu.com
(接下来默认你已经明白GF(256)和它上面的运算了)
首先我们求出当前字节在GF(256)上的乘法逆元 (相当于实数域上倒数的概念) ,如果当前字节是0x00则不变。我们把得到的这个数设为 $x$ 并把它以多项式的形式表示成如下形式:
接着我们有一个8位二进制数 $y$ ,同样以上面的方式表示,并且满足:
这个y就是这个字节在S_box中所对应的值。
注意这里顺序是反的,高位在下低位在上,并且都是以2进制形式表示的
附上S_box数组:
const byte S_Box[256] = {0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
};
行变换 / ShiftRow
这个就比较好理解了,就是把每行左环移,第一行不变,第二行环移1位,第三行环移2位,第三行环移3位,代码如下:
void aes::ShiftRow() {for (int i = 1; i < Nb; ++i) {for (int j = 0; j < i; ++j) {byte tmp = state[i];state[i + 0 * 4] = state[i + (0 + 1) * 4];state[i + 1 * 4] = state[i + (1 + 1) * 4];state[i + 2 * 4] = state[i + (2 + 1) * 4];state[i + 3 * 4] = tmp;}}
}
列混合 / MixColumn
这是整个AES加密流程中最复杂的一步,同时要应用到之前在S盒变换里提到过的GF(256)域,如果真的想要理解这一步的话建议先去仔细了解一下GF(256)再来继续阅读
我们定义一个多项式
然后我们定义:
或者说
得到了一个新的列。
但是实际上我们很少会直接用GF(256)上的乘法来计算这个。由于AES的整个加密和解密过程只需要用到256*6个GFMul的值,因此我们可以直接用查表的方式加速计算。
代码:
void aes::MixColumn() {const byte y[16] = {0x02, 0x03, 0x01, 0x01,0x01, 0x02, 0x03, 0x01,0x01, 0x01, 0x02, 0x03,0x03, 0x01, 0x01, 0x02};byte arr[4];for (int i = 0; i < 4; ++i) {for (int k = 0; k < 4; ++k) {arr[k] = 0;for (int j = 0; j < 4; ++j) {arr[k] = arr[k] ^ GFMul(y[k * 4 + j], state[i * 4 + j]);}}for (int k = 0; k < 4; ++k) {state[i * 4 + k] = arr[k];}}
}
密钥扩展 / KeyExpansion
万事俱备,只欠东风。4个轮函数已经全部齐了,现在只差一步——密钥扩展。
扩展密钥是一个长为Nb*(Nr+1)的word数组,一个word相当于8个byte。对于AES-128和AES-192,代码如下:
void aes128::KeyExpansion() {for (int i = 0; i < Nk; ++i) {w[i] = toWord(key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]);}for (int i = Nk; i < Nb * (Nr + 1); ++i) {auto temp = w[i - 1];if (i % Nk == 0) {temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk];}w[i] = w[i - Nk] ^ temp;}
}
而对于AES-256则多了一步:
void aes256::KeyExpansion() {for (int i = 0; i < Nk; ++i) {w[i] = toWord(key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]);}for (int i = Nk; i < Nb * (Nr + 1); ++i) {auto temp = w[i - 1];if (i % Nk == 0) {temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk];} else if (i % Nk == 4) {temp = SubByte(temp);}w[i] = w[i - Nk] ^ temp;}
}
其中出现了几个东西:RotByte,SubByte和Rcon。
RotByte
RotByte函数是将这个word中的四个byte左环移一位,代码如下:
word aes::RotByte(crypto::word in) {word res;byte arr[4];toBytes(in, arr);res = toWord(arr[1], arr[2], arr[3], arr[0]);return res;
}
这个比较好理解,就不多说了。
SubByte
SubByte是对这个word里的每一个byte进行S盒变换,代码也很简单:
word aes::SubByte(crypto::word in) {word res;byte arr[4];toBytes(in, arr);res = toWord(S_Box[arr[0]], S_Box[arr[1]], S_Box[arr[2]], S_Box[arr[3]]);return res;
}
Rcon
这个就比较复杂了,仍然要用到$GF(256)$相关内容(当然我们也可以把它看作常数数组)
首先我们有一个数组RC,其中:
这里的所有运算都是在GF(256)上进行的。
而Rcon[i]=toWord(Rc[i],0x00,0x00,0x00)。
整个数组如下:
const word Rcon[16] = {0x00000000, 0x01000000, 0x02000000, 0x04000000,0x08000000, 0x10000000, 0x20000000, 0x40000000,0x80000000, 0x1b000000, 0x36000000, 0x6c000000,0xd8000000, 0xab000000, 0xed000000, 0x9a000000};
解密
解密过程与加密过程刚好相反。这里只放几个关键数据:
逆S盒
const byte Inv_S_Box[256] = {0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
};
逆列变换
void aes::InvMixColumn() {const byte y[16] = {0x0e, 0x0b, 0x0d, 0x09,0x09, 0x0e, 0x0b, 0x0d,0x0d, 0x09, 0x0e, 0x0b,0x0b, 0x0d, 0x09, 0x0e};byte arr[4];for (int i = 0; i < Nb; ++i) {for (int k = 0; k < 4; ++k) {arr[k] = 0;for (int j = 0; j < 4; ++j) {arr[k] = arr[k] ^ GFMul(y[k * 4 + j], state[i * 4 + j]);}}for (int k = 0; k < 4; ++k) {state[i * 4 + k] = arr[k];}}
}
逆行变换
void aes::InvShiftRow() {for (int i = 1; i < Nb; i++) {for (int j = 0; j < Nb - i; ++j) {byte tmp = state[i];state[i + 0 * 4] = state[i + (0 + 1) * 4];state[i + 1 * 4] = state[i + (1 + 1) * 4];state[i + 2 * 4] = state[i + (2 + 1) * 4];state[i + 3 * 4] = tmp;}}
}
轮密钥加和密钥扩展
加密和解密过程中轮密钥加和密钥扩展是完全一样的,不需要另外写新的代码。
完整的代码
aes.h:
#include <cstdint>
#include <cstring>namespace crypto {typedef uint8_t byte;typedef uint32_t word;class aes {protected:static constexpr int Nb = 4;static constexpr byte S_Box[256] = {/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16};static constexpr byte Inv_S_Box[256] = {/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d};static constexpr byte Mul_01[256] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff};static constexpr byte Mul_02[256] = {0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e,0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e,0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e,0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e,0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e,0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe,0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde,0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe,0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05,0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25,0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45,0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65,0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85,0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5,0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5,0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5};static constexpr byte Mul_03[256] = {0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 0x14, 0x17, 0x12, 0x11,0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21,0x60, 0x63, 0x66, 0x65, 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71,0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 0x44, 0x47, 0x42, 0x41,0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1,0xf0, 0xf3, 0xf6, 0xf5, 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1,0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 0xb4, 0xb7, 0xb2, 0xb1,0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81,0x9b, 0x98, 0x9d, 0x9e, 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a,0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 0xbf, 0xbc, 0xb9, 0xba,0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea,0xcb, 0xc8, 0xcd, 0xce, 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda,0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 0x4f, 0x4c, 0x49, 0x4a,0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a,0x3b, 0x38, 0x3d, 0x3e, 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a,0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 0x1f, 0x1c, 0x19, 0x1a};static constexpr byte Mul_09[256] = {0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 0x6c, 0x65, 0x7e, 0x77,0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7,0x3b, 0x32, 0x29, 0x20, 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c,0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 0xc7, 0xce, 0xd5, 0xdc,0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01,0xe6, 0xef, 0xf4, 0xfd, 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91,0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 0x21, 0x28, 0x33, 0x3a,0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa,0xec, 0xe5, 0xfe, 0xf7, 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b,0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 0x10, 0x19, 0x02, 0x0b,0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0,0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30,0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 0xf6, 0xff, 0xe4, 0xed,0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d,0xa1, 0xa8, 0xb3, 0xba, 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6,0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 0x5d, 0x54, 0x4f, 0x46};static constexpr byte Mul_0b[256] = {0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 0x74, 0x7f, 0x62, 0x69,0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9,0x7b, 0x70, 0x6d, 0x66, 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12,0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 0xbf, 0xb4, 0xa9, 0xa2,0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f,0x46, 0x4d, 0x50, 0x5b, 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f,0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 0xf9, 0xf2, 0xef, 0xe4,0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54,0xf7, 0xfc, 0xe1, 0xea, 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e,0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 0x33, 0x38, 0x25, 0x2e,0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5,0x3c, 0x37, 0x2a, 0x21, 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55,0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 0x75, 0x7e, 0x63, 0x68,0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8,0x7a, 0x71, 0x6c, 0x67, 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13,0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 0xbe, 0xb5, 0xa8, 0xa3};static constexpr byte Mul_0d[256] = {0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 0x5c, 0x51, 0x46, 0x4b,0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b,0xbb, 0xb6, 0xa1, 0xac, 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0,0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 0x37, 0x3a, 0x2d, 0x20,0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26,0xbd, 0xb0, 0xa7, 0xaa, 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6,0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 0x8a, 0x87, 0x90, 0x9d,0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d,0xda, 0xd7, 0xc0, 0xcd, 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91,0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 0x56, 0x5b, 0x4c, 0x41,0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a,0xb1, 0xbc, 0xab, 0xa6, 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa,0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 0xeb, 0xe6, 0xf1, 0xfc,0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c,0x0c, 0x01, 0x16, 0x1b, 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47,0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 0x80, 0x8d, 0x9a, 0x97};static constexpr byte Mul_0e[256] = {0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 0x48, 0x46, 0x54, 0x5a,0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba,0xdb, 0xd5, 0xc7, 0xc9, 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81,0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 0x73, 0x7d, 0x6f, 0x61,0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7,0x4d, 0x43, 0x51, 0x5f, 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17,0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 0x3e, 0x30, 0x22, 0x2c,0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc,0x41, 0x4f, 0x5d, 0x53, 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b,0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 0xe9, 0xe7, 0xf5, 0xfb,0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0,0x7a, 0x74, 0x66, 0x68, 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20,0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 0xa4, 0xaa, 0xb8, 0xb6,0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56,0x37, 0x39, 0x2b, 0x25, 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d,0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 0x9f, 0x91, 0x83, 0x8d};static constexpr word Rcon[16] = {0x00000000, 0x01000000, 0x02000000, 0x04000000,0x08000000, 0x10000000, 0x20000000, 0x40000000,0x80000000, 0x1b000000, 0x36000000, 0x6c000000,0xd8000000, 0xab000000, 0xed000000, 0x9a000000};void ByteSub();void ShiftRow();void MixColumn();void InvByteSub();void InvShiftRow();void InvMixColumn();void AddRoundKey(word *ExpandedKey, int i);byte GFMul(byte a, byte b);word SubByte(word in);word RotByte(word in);word toWord(byte k1, byte k2, byte k3, byte k4);void toBytes(word in, byte res[4]);virtual void KeyExpansion() = 0;virtual void clear() = 0;public:byte plain[4 * Nb]{};byte cipher[4 * Nb]{};byte state[4 * Nb]{};byte RoundKey[16]{};virtual void Encrypt() = 0;virtual void Decrypt() = 0;virtual void init(byte in[16], byte in_key[16], bool type) = 0;};class aes128 : public aes {private:static constexpr int Nr = 10;static constexpr int Nk = 4;word w[Nb * (Nr + 1)];void KeyExpansion() override;void clear() override;public:void Encrypt() override;void Decrypt() override;void init(byte in[4 * Nb], byte in_key[4 * Nk], bool type) override;byte key[4 * Nk];};class aes192 : public aes {private:static constexpr int Nr = 12;static constexpr int Nk = 6;word w[Nb * (Nr + 1)];void KeyExpansion() override;void clear() override;public:void Encrypt() override;void Decrypt() override;void init(byte in[4 * Nb], byte in_key[4 * Nk], bool type) override;byte key[4 * Nk];};class aes256 : public aes {private:static constexpr int Nr = 14;static constexpr int Nk = 8;word w[Nb * (Nr + 1)];void KeyExpansion() override;void clear() override;public:void Encrypt() override;void Decrypt() override;void init(byte in[4 * Nb], byte in_key[4 * Nk], bool type) override;byte key[4 * Nk];};
}
aes.cpp:
#include "aes.h"namespace crypto {void aes128::clear() {memset(w, 0, sizeof(w));memset(state, 0, sizeof(state));}void aes128::init(crypto::byte *in, crypto::byte *in_key, bool type) {memset(key, 0, sizeof(key));memset(plain, 0, sizeof(plain));memset(cipher, 0, sizeof(cipher));clear();if (type) {for (int i = 0; i < 4 * Nb; ++i) {plain[i] = in[i];}} else {for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = in[i];}}for (int i = 0; i < 4 * Nk; ++i) {key[i] = in_key[i];}}void aes192::clear() {memset(w, 0, sizeof(w));memset(state, 0, sizeof(state));}void aes192::init(crypto::byte *in, crypto::byte *in_key, bool type) {memset(key, 0, sizeof(key));memset(plain, 0, sizeof(plain));memset(cipher, 0, sizeof(cipher));clear();if (type) {for (int i = 0; i < 4 * Nb; ++i) {plain[i] = in[i];}} else {for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = in[i];}}for (int i = 0; i < 4 * Nk; ++i) {key[i] = in_key[i];}}void aes256::clear() {memset(w, 0, sizeof(w));memset(state, 0, sizeof(state));}void aes256::init(crypto::byte *in, crypto::byte *in_key, bool type) {memset(key, 0, sizeof(key));memset(plain, 0, sizeof(plain));memset(cipher, 0, sizeof(cipher));clear();if (type) {for (int i = 0; i < 4 * Nb; ++i) {plain[i] = in[i];}} else {for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = in[i];}}for (int i = 0; i < 4 * Nk; ++i) {key[i] = in_key[i];}}word aes::toWord(crypto::byte k1, crypto::byte k2, crypto::byte k3, crypto::byte k4) {word res;res = (k1 << 24) | (k2 << 16) | (k3 << 8) | (k4);return res;}void aes::toBytes(crypto::word in, crypto::byte *res) {word tmp = in;for (int i = 3; i >= 0; --i) {res[i] = tmp % 256;tmp /= 256;}}byte aes::GFMul(crypto::byte a, crypto::byte b) {switch (a) {case 0x01:return Mul_01[b];case 0x02:return Mul_02[b];case 0x03:return Mul_03[b];case 0x09:return Mul_09[b];case 0x0b:return Mul_0b[b];case 0x0d:return Mul_0d[b];case 0x0e:return Mul_0e[b];}}void aes::ByteSub() {for (auto &i:state) {i = S_Box[i];}}void aes::ShiftRow() {for (int i = 1; i < Nb; ++i) {for (int j = 0; j < i; ++j) {byte tmp = state[i];state[i + 0 * 4] = state[i + (0 + 1) * 4];state[i + 1 * 4] = state[i + (1 + 1) * 4];state[i + 2 * 4] = state[i + (2 + 1) * 4];state[i + 3 * 4] = tmp;}}}void aes::MixColumn() {const byte y[16] = {0x02, 0x03, 0x01, 0x01,0x01, 0x02, 0x03, 0x01,0x01, 0x01, 0x02, 0x03,0x03, 0x01, 0x01, 0x02};byte arr[4];for (int i = 0; i < 4; ++i) {for (int k = 0; k < 4; ++k) {arr[k] = 0;for (int j = 0; j < 4; ++j) {arr[k] = arr[k] ^ GFMul(y[k * 4 + j], state[i * 4 + j]);}}for (int k = 0; k < 4; ++k) {state[i * 4 + k] = arr[k];}}}void aes::AddRoundKey(word *ExpandedKey, int i) {toBytes(ExpandedKey[Nb * i + 0], RoundKey + 0 * Nb);toBytes(ExpandedKey[Nb * i + 1], RoundKey + 1 * Nb);toBytes(ExpandedKey[Nb * i + 2], RoundKey + 2 * Nb);toBytes(ExpandedKey[Nb * i + 3], RoundKey + 3 * Nb);for (int k = 0; k < Nb * 4; ++k) {state[k] = state[k] ^ RoundKey[k];}}void aes::InvByteSub() {for (auto &i:state) {i = Inv_S_Box[i];}}void aes::InvShiftRow() {for (int i = 1; i < Nb; i++) {for (int j = 0; j < Nb - i; ++j) {byte tmp = state[i];state[i + 0 * 4] = state[i + (0 + 1) * 4];state[i + 1 * 4] = state[i + (1 + 1) * 4];state[i + 2 * 4] = state[i + (2 + 1) * 4];state[i + 3 * 4] = tmp;}}}void aes::InvMixColumn() {const byte y[16] = {0x0e, 0x0b, 0x0d, 0x09,0x09, 0x0e, 0x0b, 0x0d,0x0d, 0x09, 0x0e, 0x0b,0x0b, 0x0d, 0x09, 0x0e};byte arr[4];for (int i = 0; i < Nb; ++i) {for (int k = 0; k < 4; ++k) {arr[k] = 0;for (int j = 0; j < 4; ++j) {arr[k] = arr[k] ^ GFMul(y[k * 4 + j], state[i * 4 + j]);}}for (int k = 0; k < 4; ++k) {state[i * 4 + k] = arr[k];}}}word aes::SubByte(crypto::word in) {word res;byte arr[4];toBytes(in, arr);res = toWord(S_Box[arr[0]], S_Box[arr[1]], S_Box[arr[2]], S_Box[arr[3]]);return res;}word aes::RotByte(crypto::word in) {word res;byte arr[4];toBytes(in, arr);res = toWord(arr[1], arr[2], arr[3], arr[0]);return res;}void aes128::KeyExpansion() {for (int i = 0; i < Nk; ++i) {w[i] = toWord(key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]);}for (int i = Nk; i < Nb * (Nr + 1); ++i) {auto temp = w[i - 1];if (i % Nk == 0) {temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk];}w[i] = w[i - Nk] ^ temp;}}void aes128::Encrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = plain[i];}KeyExpansion();for (int i = 0; i <= Nr; ++i) {if (i > 0) {ByteSub();ShiftRow();if (i < Nr) {MixColumn();}}AddRoundKey(w, i);}for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = state[i];}}void aes128::Decrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = cipher[i];}KeyExpansion();for (int i = Nr; i >= 0; --i) {AddRoundKey(w, i);if (i > 0) {if (i < Nr) {InvMixColumn();}InvShiftRow();InvByteSub();}}for (int i = 0; i < 4 * Nb; ++i) {plain[i] = state[i];}}void aes192::KeyExpansion() {for (int i = 0; i < Nk; ++i) {w[i] = toWord(key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]);}for (int i = Nk; i < Nb * (Nr + 1); ++i) {auto temp = w[i - 1];if (i % Nk == 0) {temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk];}w[i] = w[i - Nk] ^ temp;}}void aes192::Encrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = plain[i];}KeyExpansion();for (int i = 0; i <= Nr; ++i) {if (i > 0) {ByteSub();ShiftRow();if (i < Nr) {MixColumn();}}AddRoundKey(w, i);}for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = state[i];}}void aes192::Decrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = cipher[i];}KeyExpansion();for (int i = Nr; i >= 0; --i) {AddRoundKey(w, i);if (i > 0) {if (i < Nr) {InvMixColumn();}InvShiftRow();InvByteSub();}}for (int i = 0; i < 4 * Nb; ++i) {plain[i] = state[i];}}void aes256::KeyExpansion() {for (int i = 0; i < Nk; ++i) {w[i] = toWord(key[4 * i], key[4 * i + 1], key[4 * i + 2], key[4 * i + 3]);}for (int i = Nk; i < Nb * (Nr + 1); ++i) {auto temp = w[i - 1];if (i % Nk == 0) {temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk];} else if (i % Nk == 4) {temp = SubByte(temp);}w[i] = w[i - Nk] ^ temp;}}void aes256::Encrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = plain[i];}KeyExpansion();for (int i = 0; i <= Nr; ++i) {if (i > 0) {ByteSub();ShiftRow();if (i < Nr) {MixColumn();}}AddRoundKey(w, i);}for (int i = 0; i < 4 * Nb; ++i) {cipher[i] = state[i];}}void aes256::Decrypt() {clear();for (int i = 0; i < 4 * Nb; ++i) {state[i] = cipher[i];}KeyExpansion();for (int i = Nr; i >= 0; --i) {AddRoundKey(w, i);if (i > 0) {if (i < Nr) {InvMixColumn();}InvShiftRow();InvByteSub();}}for (int i = 0; i < 4 * Nb; ++i) {plain[i] = state[i];}}
}
test.cpp
#include <iostream>
#include <cstdio>
#include <cstddef>
#include "aes.h"int main(int argc, char **argv) {crypto::aes256 test;crypto::byte key[] = {0x00, 0x01, 0x02, 0x03,0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0a, 0x0b,0x0c, 0x0d, 0x0e, 0x0f,0x10, 0x11, 0x12, 0x13,0x14, 0x15, 0x16, 0x17,0x18, 0x19, 0x1a, 0x1b,0x1c, 0x1d, 0x1e, 0x1f};crypto::byte plain[16] = {0x00, 0x11, 0x22, 0x33,0x44, 0x55, 0x66, 0x77,0x88, 0x99, 0xaa, 0xbb,0xcc, 0xdd, 0xee, 0xff};test.init(plain, key, true);printf("Key:n");for (auto &i:test.key) {printf("%02x ", i);}printf("n");printf("Plain Text:n");for (auto &i:test.plain) {printf("%02x ", i);}printf("n");test.Encrypt();printf("Cipher Text:n");for (auto &i:test.cipher) {printf("%02x ", i);}printf("n");test.Decrypt();printf("Decrypt Plain Text:n");for (auto &i:test.plain) {printf("%02x ", i);}printf("n");return 0;
}
编译指令:gcc -o test.exe test.cpp aes.cpp
输出:
Key:
00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
Plain Text:
00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff
Cipher Text:
8e a2 b7 ca 51 67 45 bf ea fc 49 90 4b 49 60 89
Decrypt Plain Text:
00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff参考资料:
matt-wu: AES
The Rijndeal Block Cipher
文章首发于:
http://www.listener1379.top/Algorithm/Encryption/aes-encryption/www.listener1379.top
aes key长度_AES加密(1): 基本AES算法相关推荐
- php mcrypt aes,简单的PHP加密/解密(Mcrypt,AES)
我正在寻找使用Mcrypt的简单但加密强大的AES实现AES. 希望将其归结为一对简单的函数,$garble = encrypt($key,$payload)和$payload = decrypt($ ...
- ecb gcm java 加密,AES GCM和ECB加密软件,附算法源码和工程文件
[实例简介] AesTestTool为加密软件,支持GCM 和 ECB两种模式 128bit秘钥 GCM算法是一个C++工程,"C++gcm算法工程"目录里面有源码 加密软件是用C ...
- aes key长度_原创 | 浅谈Shiro反序列化获取Key的几种方式
点击"关注"了解更多信息 关于Apache Shiro反序列化 在shiro≤1.2.4版本,默认使⽤了CookieRememberMeManager,由于AES使用的key泄露, ...
- aes key长度_Go 语言 map 解析之 key 的定位核心流程
1 哈希表 哈希表属于编程中比较常见的数据结构之一,基本上所有的语言都会实现数组和哈希表这两种结构,Hash table 的历史是比较悠远的,我们在编程时也是离不开的,这种数据结构的作用其实很简单,就 ...
- aes密文长度_RSA加密密文可变(一句话说明)
先来看一个搜索结果: RSA算法本质上是基于数学[对极大整数做因数分解的难度]的原理,so 密文本质上是一堆有规则的数字经过编码和[填充]的结果. 原文和加密密钥相同,在java环境,默认Paddin ...
- java中aes明文长度_AES密文与明文长度的关系
AES介绍 严格地说,AES和Rijndael加密法并不完全一样(虽然在实际应用中二者可以互换),因为Rijndael加密法可以支持更大范围的区块和密钥长度:AES的区块长度固定为128位,密钥长度则 ...
- springboot+vue接口加密:RSA+AES
1. 整体预览 整体思想为: 先使用AES对数据进行加密,再使用RSA对AES密钥进行加密. 至于为什么要使用这种方式呢?总结起来大致就是又安全速度又快. 1. RSA算法复杂,比较耗时,但比较安全 ...
- AES 128位CBC加密解密(不使用固定IV)
安全检查时要求账号和密码加密后才能存到数据库中,要求加密算法如下: 1)分组密码算法:AES(密钥长度在128位及以上)(GCM或CBC模式) 2)流密码算法:AES(密钥长度在128位及以上)(OF ...
- AES解密,key长度不够16处理
AES解密,有时会遇到key长度不够16位的场景,如何处理,如下以AES-128-ECB解密模式为例进行展示. public class Test {public static void main(S ...
最新文章
- 深度盘点 Python11 个主流框架:Pandas、Django、Matplotlib、Numpy、PyTorch......
- Mustache初识
- hdu 5511 Minimum Cut-Cut——分类讨论思想+线段树合并
- Hive 基础(2):库、表、字段、交互式查询的基本操作
- 输入你的密码来连接到_手机怎样连接WiFi?详细步骤,教你操作
- 悄悄安装vcredist_x64.exe,不弹出对话框
- 01-artDialog4.1.7常用整理
- AutoCAD-线型
- Ubuntu 压缩多个vmdk文件
- 基于深度学习的多目标跟踪(MOT)技术一览
- wpf 监听退出事件_如何监听WPF的WebBrowser控件弹出新窗口的事件
- 石油石化物资采购杂志石油石化物资采购杂志社石油石化物资采购编辑部2022年第16期目录
- 楪祈机器人_饥荒 Inori楪祈人物MOD V20161211
- C/C++中的atan和atan2函数
- 多线程(二)互斥锁详解
- R语言初探之存储模型/报童问题
- CVE-2014-6271“破壳”漏洞
- 【大数据开发】SparkCore——Spark作业执行流程、RDD编程的两种方式、简单算子
- Hive收集函数和转换函数
- Mathorcup数学建模竞赛第六届-【妈妈杯】A题:水产养殖池塘综合研究(附一等奖获奖论文、lingo和matlab代码)