java实现的AES128,192,256算法
1 布尔掩码
2 密钥恢复函数
import java.util.Random;
public class MyAesMask
{
public static final byte[] Sbox = {(byte) 0x63, (byte) 0x7C, (byte) 0x77, (byte) 0x7B, (byte) 0xF2, (byte) 0x6B, (byte) 0x6F, (byte) 0xC5, (byte) 0x30, (byte) 0x01, (byte) 0x67, (byte) 0x2B, (byte) 0xFE, (byte) 0xD7, (byte) 0xAB, (byte) 0x76, (byte) 0xCA, (byte) 0x82, (byte) 0xC9, (byte) 0x7D, (byte) 0xFA, (byte) 0x59, (byte) 0x47, (byte) 0xF0, (byte) 0xAD, (byte) 0xD4, (byte) 0xA2, (byte) 0xAF, (byte) 0x9C, (byte) 0xA4, (byte) 0x72, (byte) 0xC0, (byte) 0xB7, (byte) 0xFD, (byte) 0x93, (byte) 0x26, (byte) 0x36, (byte) 0x3F, (byte) 0xF7, (byte) 0xCC, (byte) 0x34, (byte) 0xA5, (byte) 0xE5, (byte) 0xF1, (byte) 0x71, (byte) 0xD8, (byte) 0x31, (byte) 0x15, (byte) 0x04, (byte) 0xC7, (byte) 0x23, (byte) 0xC3, (byte) 0x18, (byte) 0x96, (byte) 0x05, (byte) 0x9A, (byte) 0x07, (byte) 0x12, (byte) 0x80, (byte) 0xE2, (byte) 0xEB, (byte) 0x27, (byte) 0xB2, (byte) 0x75, (byte) 0x09, (byte) 0x83, (byte) 0x2C, (byte) 0x1A, (byte) 0x1B, (byte) 0x6E, (byte) 0x5A, (byte) 0xA0, (byte) 0x52, (byte) 0x3B, (byte) 0xD6, (byte) 0xB3, (byte) 0x29, (byte) 0xE3, (byte) 0x2F, (byte) 0x84, (byte) 0x53, (byte) 0xD1, (byte) 0x00, (byte) 0xED, (byte) 0x20, (byte) 0xFC, (byte) 0xB1, (byte) 0x5B, (byte) 0x6A, (byte) 0xCB, (byte) 0xBE, (byte) 0x39, (byte) 0x4A, (byte) 0x4C, (byte) 0x58, (byte) 0xCF, (byte) 0xD0, (byte) 0xEF, (byte) 0xAA, (byte) 0xFB, (byte) 0x43, (byte) 0x4D, (byte) 0x33, (byte) 0x85, (byte) 0x45, (byte) 0xF9, (byte) 0x02, (byte) 0x7F, (byte) 0x50, (byte) 0x3C, (byte) 0x9F, (byte) 0xA8, (byte) 0x51, (byte) 0xA3, (byte) 0x40, (byte) 0x8F, (byte) 0x92, (byte) 0x9D, (byte) 0x38, (byte) 0xF5, (byte) 0xBC, (byte) 0xB6, (byte) 0xDA, (byte) 0x21, (byte) 0x10, (byte) 0xFF, (byte) 0xF3, (byte) 0xD2, (byte) 0xCD, (byte) 0x0C, (byte) 0x13, (byte) 0xEC, (byte) 0x5F, (byte) 0x97, (byte) 0x44, (byte) 0x17, (byte) 0xC4, (byte) 0xA7, (byte) 0x7E, (byte) 0x3D, (byte) 0x64, (byte) 0x5D, (byte) 0x19, (byte) 0x73, (byte) 0x60, (byte) 0x81, (byte) 0x4F, (byte) 0xDC, (byte) 0x22, (byte) 0x2A, (byte) 0x90, (byte) 0x88, (byte) 0x46, (byte) 0xEE, (byte) 0xB8, (byte) 0x14, (byte) 0xDE, (byte) 0x5E, (byte) 0x0B, (byte) 0xDB, (byte) 0xE0, (byte) 0x32, (byte) 0x3A, (byte) 0x0A, (byte) 0x49, (byte) 0x06, (byte) 0x24, (byte) 0x5C, (byte) 0xC2, (byte) 0xD3, (byte) 0xAC, (byte) 0x62, (byte) 0x91, (byte) 0x95, (byte) 0xE4, (byte) 0x79, (byte) 0xE7, (byte) 0xC8, (byte) 0x37, (byte) 0x6D, (byte) 0x8D, (byte) 0xD5, (byte) 0x4E, (byte) 0xA9, (byte) 0x6C, (byte) 0x56, (byte) 0xF4, (byte) 0xEA, (byte) 0x65, (byte) 0x7A, (byte) 0xAE, (byte) 0x08, (byte) 0xBA, (byte) 0x78, (byte) 0x25, (byte) 0x2E, (byte) 0x1C, (byte) 0xA6, (byte) 0xB4, (byte) 0xC6, (byte) 0xE8, (byte) 0xDD, (byte) 0x74, (byte) 0x1F, (byte) 0x4B, (byte) 0xBD, (byte) 0x8B, (byte) 0x8A, (byte) 0x70, (byte) 0x3E, (byte) 0xB5, (byte) 0x66, (byte) 0x48, (byte) 0x03, (byte) 0xF6, (byte) 0x0E, (byte) 0x61, (byte) 0x35, (byte) 0x57, (byte) 0xB9, (byte) 0x86, (byte) 0xC1, (byte) 0x1D, (byte) 0x9E, (byte) 0xE1, (byte) 0xF8, (byte) 0x98, (byte) 0x11, (byte) 0x69, (byte) 0xD9, (byte) 0x8E, (byte) 0x94, (byte) 0x9B, (byte) 0x1E, (byte) 0x87, (byte) 0xE9, (byte) 0xCE, (byte) 0x55, (byte) 0x28, (byte) 0xDF, (byte) 0x8C, (byte) 0xA1, (byte) 0x89, (byte) 0x0D, (byte) 0xBF, (byte) 0xE6, (byte) 0x42, (byte) 0x68, (byte) 0x41, (byte) 0x99, (byte) 0x2D, (byte) 0x0F, (byte) 0xB0, (byte) 0x54, (byte) 0xBB, (byte) 0x16};
public byte[] MSbox = new byte[256];//加密掩码S盒
private static final byte[] InvSbox = {(byte) 82, (byte) 9, (byte) 106, (byte) 213, (byte) 48, (byte) 54, (byte) 165, (byte) 56, (byte) 191, (byte) 64, (byte) 163, (byte) 158, (byte) 129, (byte) 243, (byte) 215, (byte) 251, (byte) 124, (byte) 227, (byte) 57, (byte) 130, (byte) 155, (byte) 47, (byte) 255, (byte) 135, (byte) 52, (byte) 142, (byte) 67, (byte) 68, (byte) 196, (byte) 222, (byte) 233, (byte) 203, (byte) 84, (byte) 123, (byte) 148, (byte) 50, (byte) 166, (byte) 194, (byte) 35, (byte) 61, (byte) 238, (byte) 76, (byte) 149, (byte) 11, (byte) 66, (byte) 250, (byte) 195, (byte) 78, (byte) 8, (byte) 46, (byte) 161, (byte) 102, (byte) 40, (byte) 217, (byte) 36, (byte) 178, (byte) 118, (byte) 91, (byte) 162, (byte) 73, (byte) 109, (byte) 139, (byte) 209, (byte) 37, (byte) 114, (byte) 248, (byte) 246, (byte) 100, (byte) 134, (byte) 104, (byte) 152, (byte) 22, (byte) 212, (byte) 164, (byte) 92, (byte) 204, (byte) 93, (byte) 101, (byte) 182, (byte) 146, (byte) 108, (byte) 112, (byte) 72, (byte) 80, (byte) 253, (byte) 237, (byte) 185, (byte) 218, (byte) 94, (byte) 21, (byte) 70, (byte) 87, (byte) 167, (byte) 141, (byte) 157, (byte) 132, (byte) 144, (byte) 216, (byte) 171, (byte) 0, (byte) 140, (byte) 188, (byte) 211, (byte) 10, (byte) 247, (byte) 228, (byte) 88, (byte) 5, (byte) 184, (byte) 179, (byte) 69, (byte) 6, (byte) 208, (byte) 44, (byte) 30, (byte) 143, (byte) 202, (byte) 63, (byte) 15, (byte) 2, (byte) 193, (byte) 175, (byte) 189, (byte) 3, (byte) 1, (byte) 19, (byte) 138, (byte) 107, (byte) 58, (byte) 145, (byte) 17, (byte) 65, (byte) 79, (byte) 103, (byte) 220, (byte) 234, (byte) 151, (byte) 242, (byte) 207, (byte) 206, (byte) 240, (byte) 180, (byte) 230, (byte) 115, (byte) 150, (byte) 172, (byte) 116, (byte) 34, (byte) 231, (byte) 173, (byte) 53, (byte) 133, (byte) 226, (byte) 249, (byte) 55, (byte) 232, (byte) 28, (byte) 117, (byte) 223, (byte) 110, (byte) 71, (byte) 241, (byte) 26, (byte) 113, (byte) 29, (byte) 41, (byte) 197, (byte) 137, (byte) 111, (byte) 183, (byte) 98, (byte) 14, (byte) 170, (byte) 24, (byte) 190, (byte) 27, (byte) 252, (byte) 86, (byte) 62, (byte) 75, (byte) 198, (byte) 210, (byte) 121, (byte) 32, (byte) 154, (byte) 219, (byte) 192, (byte) 254, (byte) 120, (byte) 205, (byte) 90, (byte) 244, (byte) 31, (byte) 221, (byte) 168, (byte) 51, (byte) 136, (byte) 7, (byte) 199, (byte) 49, (byte) 177, (byte) 18, (byte) 16, (byte) 89, (byte) 39, (byte) 128, (byte) 236, (byte) 95, (byte) 96, (byte) 81, (byte) 127, (byte) 169, (byte) 25, (byte) 181, (byte) 74, (byte) 13, (byte) 45, (byte) 229, (byte) 122, (byte) 159, (byte) 147, (byte) 201, (byte) 156, (byte) 239, (byte) 160, (byte) 224, (byte) 59, (byte) 77, (byte) 174, (byte) 42, (byte) 245, (byte) 176, (byte) 200, (byte) 235, (byte) 187, (byte) 60, (byte) 131, (byte) 83, (byte) 153, (byte) 97, (byte) 23, (byte) 43, (byte) 4, (byte) 126, (byte) 186, (byte) 119, (byte) 214, (byte) 38, (byte) 225, (byte) 105, (byte) 20, (byte) 99, (byte) 85, (byte) 33, (byte) 12, (byte) 125,};
public byte[] InvMSbox = new byte[256];//解密掩码S盒
private static final byte[] Rcon = {0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, (byte) 0x80, 0x1b, 0x36, 0x6c, (byte) 0xd8, (byte) 0xab, 0x4d, (byte) 0x9a, 0x2f, 0x5e, (byte) 0xbc, 0x63, (byte) 0xc6, (byte) 0x97, 0x35, 0x6a, (byte) 0xd4, (byte) 0xb3, 0x7d, (byte) 0xfa, (byte) 0xef, (byte) 0xc5, (byte) 0x91};
byte m;//掩码 m
byte m_;//掩码 m'
byte[] mi = new byte[4];//掩码 m1 m2 m3 m4
byte[] mi_ = new byte[4];//加密列混淆后的掩码 m1' m2' m3' m4'
byte[] Invmi_ = new byte[4];//解密列混淆后的掩码 m1' m2' m3' m4'
byte[][][] KeyExpansion(byte[] mk)//rk[轮数][行数][列数]
{
int nk, nr;
byte[][][] rk;
switch (mk.length)
{
case 16:
nk = 4;
nr = 10;
rk = new byte[11][4][4];
break;
case 24:
nk = 6;
nr = 12;
rk = new byte[13][4][4];
break;
case 32:
nk = 8;
nr = 14;
rk = new byte[15][4][4];
break;
default:
return null;
}
byte[][] temprk = new byte[4][4 * (nr + 1)];//temprk[行数 = 4][列数 = 60]
for (int i = 0; i < nk; i++)
{
temprk[0][i] = mk[i * 4];
temprk[1][i] = mk[i * 4 + 1];
temprk[2][i] = mk[i * 4 + 2];
temprk[3][i] = mk[i * 4 + 3];
}
for (int i = nk; i < 4 * (nr + 1); i++)
{
if (i % nk == 0)
{
temprk[0][i] = (byte) (temprk[0][i - nk] ^ Sbox[temprk[1][i - 1] & 0xFF] ^ Rcon[i / nk - 1]);
temprk[1][i] = (byte) (temprk[1][i - nk] ^ Sbox[temprk[2][i - 1] & 0xFF]);
temprk[2][i] = (byte) (temprk[2][i - nk] ^ Sbox[temprk[3][i - 1] & 0xFF]);
temprk[3][i] = (byte) (temprk[3][i - nk] ^ Sbox[temprk[0][i - 1] & 0xFF]);
}
else if (i % 4 == 0 && nk == 8)
{
temprk[0][i] = (byte) (temprk[0][i - nk] ^ Sbox[temprk[0][i - 1] & 0xFF]);
temprk[1][i] = (byte) (temprk[1][i - nk] ^ Sbox[temprk[1][i - 1] & 0xFF]);
temprk[2][i] = (byte) (temprk[2][i - nk] ^ Sbox[temprk[2][i - 1] & 0xFF]);
temprk[3][i] = (byte) (temprk[3][i - nk] ^ Sbox[temprk[3][i - 1] & 0xFF]);
}
else
{
temprk[0][i] = (byte) (temprk[0][i - nk] ^ temprk[0][i - 1]);
temprk[1][i] = (byte) (temprk[1][i - nk] ^ temprk[1][i - 1]);
temprk[2][i] = (byte) (temprk[2][i - nk] ^ temprk[2][i - 1]);
temprk[3][i] = (byte) (temprk[3][i - nk] ^ temprk[3][i - 1]);
}
}
for (int i = 0; i <= nr; i++)
{
for (int j = 0; j < 4; j++)
{
rk[i][0][j] = temprk[0][i * 4 + j];
rk[i][1][j] = temprk[1][i * 4 + j];
rk[i][2][j] = temprk[2][i * 4 + j];
rk[i][3][j] = temprk[3][i * 4 + j];
}
}
return rk;
}
byte[] InvKeyExpansion(byte[][] rk_n, byte[][] rk_n1, int round_n, int nk)//rk[轮数][行数][列数]
{
round_n = Math.max(round_n, 0);//轮数>=0
byte[] mk;
byte[][] temprk;
switch (nk)
{
case 4:
if (round_n > 10)
{
return null;
}
mk = new byte[16];
temprk = new byte[4][44];
break;
case 6:
if (round_n > 11)
{
return null;
}
mk = new byte[24];
temprk = new byte[4][52];
break;
case 8:
if (round_n > 13)
{
return null;
}
mk = new byte[32];
temprk = new byte[4][60];
break;
default:
return null;
}
for (int i = 0; i < 4; i++)
{
temprk[0][round_n * 4 + i] = rk_n[0][i];
temprk[1][round_n * 4 + i] = rk_n[1][i];
temprk[2][round_n * 4 + i] = rk_n[2][i];
temprk[3][round_n * 4 + i] = rk_n[3][i];
if (nk > 4)
{
temprk[0][(round_n + 1) * 4 + i] = rk_n1[0][i];
temprk[1][(round_n + 1) * 4 + i] = rk_n1[1][i];
temprk[2][(round_n + 1) * 4 + i] = rk_n1[2][i];
temprk[3][(round_n + 1) * 4 + i] = rk_n1[3][i];
}
}
for (int i = round_n * 4 + (nk > 4 ? 7 : 3); i > nk - 1; i--)
{
if (i % nk == 0)
{
temprk[0][i - nk] = (byte) (temprk[0][i] ^ Sbox[temprk[1][i - 1] & 0xFF] ^ Rcon[i / nk - 1]);
temprk[1][i - nk] = (byte) (temprk[1][i] ^ Sbox[temprk[2][i - 1] & 0xFF]);
temprk[2][i - nk] = (byte) (temprk[2][i] ^ Sbox[temprk[3][i - 1] & 0xFF]);
temprk[3][i - nk] = (byte) (temprk[3][i] ^ Sbox[temprk[0][i - 1] & 0xFF]);
}
else if (i % 4 == 0 && nk == 8)
{
temprk[0][i - nk] = (byte) (temprk[0][i] ^ Sbox[temprk[0][i - 1] & 0xFF]);
temprk[1][i - nk] = (byte) (temprk[1][i] ^ Sbox[temprk[1][i - 1] & 0xFF]);
temprk[2][i - nk] = (byte) (temprk[2][i] ^ Sbox[temprk[2][i - 1] & 0xFF]);
temprk[3][i - nk] = (byte) (temprk[3][i] ^ Sbox[temprk[3][i - 1] & 0xFF]);
}
else
{
temprk[0][i - nk] = (byte) (temprk[0][i] ^ temprk[0][i - 1]);
temprk[1][i - nk] = (byte) (temprk[1][i] ^ temprk[1][i - 1]);
temprk[2][i - nk] = (byte) (temprk[2][i] ^ temprk[2][i - 1]);
temprk[3][i - nk] = (byte) (temprk[3][i] ^ temprk[3][i - 1]);
}
}
for (int i = 0; i < mk.length; i++)
{
mk[i] = temprk[i % 4][i / 4];
}
return mk;
}
byte[][] SetState(byte[] data)
{
byte[][] state = new byte[4][4];
int index = 0;
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
state[j][i] = data[index++];
}
}
return state;
}
byte[] GetState(byte[][] state)
{
byte[] data = new byte[16];
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
data[j * 4 + i] = state[i][j];
}
}
return data;
}
void AddRoundKey(byte[][] state, byte[][] rk)
{
int i, j;
for (i = 0; i < 4; i++)
{
for (j = 0; j < 4; j++)
{
state[i][j] ^= rk[i][j];
}
}
}
void SubBytes(byte[][] state)
{
int i, j;
for (i = 0; i < 4; i++)
{
for (j = 0; j < 4; j++)
{
state[i][j] = Sbox[state[i][j] & 0xFF];
}
}
}
void MSubBytes(byte[][] state)
{
int i, j;
for (i = 0; i < 4; i++)
{
for (j = 0; j < 4; j++)
{
state[i][j] = MSbox[state[i][j] & 0xFF];
}
}
}
void InvSubBytes(byte[][] state)
{
int i, j;
for (i = 0; i < 4; i++)
{
for (j = 0; j < 4; j++)
{
state[i][j] = InvSbox[state[i][j] & 0xFF];
}
}
}
void InvMSubBytes(byte[][] state)
{
int i, j;
for (i = 0; i < 4; i++)
{
for (j = 0; j < 4; j++)
{
state[i][j] = InvMSbox[state[i][j] & 0xFF];
}
}
}
void ShiftRows(byte[][] state)//(j + i) % 4相当于左移 i 位
{
byte[] temp = new byte[4];
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
temp[j] = state[i][(j + i) % 4];
}
System.arraycopy(temp, 0, state[i], 0, 4);
}
}
void InvShiftRows(byte[][] state)//(j + 4 - i) % 4相当于右移 i 位
{
byte[] temp = new byte[4];
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
temp[j] = state[i][(j + 4 - i) % 4];
}
System.arraycopy(temp, 0, state[i], 0, 4);
}
}
byte m(byte multiplicand)
{
byte result;
if ((multiplicand & 0x80) == 0)
{
result = (byte) (multiplicand << 1);
}
else
{
result = (byte) ((multiplicand << 1) ^ 0x1B);
}
return result;
}
byte mul(byte multiplier, byte multiplicand)
{
byte result;
if (multiplier == 0x02)
{
result = m(multiplicand);
}
else if (multiplier == 0x03)
{
result = (byte) (m(multiplicand) ^ multiplicand);
}
else if (multiplier == 0x0E)
{
result = (byte) (m(m(m(multiplicand))) ^ m(m(multiplicand)) ^ m(multiplicand));
}
else if (multiplier == 0x0B)
{
result = (byte) (m(m(m(multiplicand))) ^ m(multiplicand) ^ multiplicand);
}
else if (multiplier == 0x0D)
{
result = (byte) (m(m(m(multiplicand))) ^ m(m(multiplicand)) ^ multiplicand);
}
else if (multiplier == 0x09)
{
result = (byte) (m(m(m(multiplicand))) ^ multiplicand);
}
else
{
result = multiplicand;
}
return result;
}
void MixColumns(byte[][] state)
{
byte[][] tempstate = new byte[4][4];
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
tempstate[j][i] = (byte) (mul((byte) 0x02, state[j][i]) ^ mul((byte) 0x03, state[(j + 1) % 4][i]) ^ state[(j + 2) % 4][i] ^ state[(j + 3) % 4][i]);
}
}
for (int i = 0; i < 4; i++)
{
System.arraycopy(tempstate[i], 0, state[i], 0, tempstate[0].length);
}
}
void InvMixColumns(byte[][] state)
{
byte[][] tempstate = new byte[4][4];
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
tempstate[j][i] = (byte) (mul((byte) 0x0E, state[j][i]) ^ mul((byte) 0x0B, state[(j + 1) % 4][i]) ^ mul((byte) 0x0D, state[(j + 2) % 4][i]) ^ mul((byte) 0x09, state[(j + 3) % 4][i]));
}
}
for (int i = 0; i < 4; i++)
{
System.arraycopy(tempstate[i], 0, state[i], 0, tempstate[0].length);
}
}
byte[] Encrypt(byte[] plain, byte[] mk)
{
int nr;
switch (mk.length)
{
case 16:
nr = 10;
break;
case 24:
nr = 12;
break;
case 32:
nr = 14;
break;
default:
return null;
}
byte[][][] rk = KeyExpansion(mk);
byte[][] state = SetState(plain);
for (int i = 0; i <= nr; i++)
{
if (i == 0)
{
AddRoundKey(state, rk[i]);
}
else if (i == nr)
{
SubBytes(state);
ShiftRows(state);
AddRoundKey(state, rk[i]);
}
else
{
SubBytes(state);
ShiftRows(state);
MixColumns(state);
AddRoundKey(state, rk[i]);
}
}
return GetState(state);
}
byte[] Decrypt(byte[] ciper, byte[] mk)
{
int nr;
switch (mk.length)
{
case 16:
nr = 10;
break;
case 24:
nr = 12;
break;
case 32:
nr = 14;
break;
default:
return null;
}
byte[][][] rk = KeyExpansion(mk);
byte[][] state = SetState(ciper);
for (int i = nr; i >= 0; i--)
{
if (i == nr)
{
AddRoundKey(state, rk[i]);
InvShiftRows(state);
InvSubBytes(state);
}
else if (i == 0)
{
AddRoundKey(state, rk[i]);
}
else
{
AddRoundKey(state, rk[i]);
InvMixColumns(state);
InvShiftRows(state);
InvSubBytes(state);
}
}
return GetState(state);
}
void MaskCreat()
{
Random rng = new Random();
rng.nextBytes(mi);
m = (byte) rng.nextInt();
m_ = (byte) rng.nextInt();
}
void mi_Cal()
{
for (int i = 0; i < 4; i++)
{
mi_[i] = (byte) (mul((byte) 0x02, mi[i]) ^ mul((byte) 0x03, mi[(i + 1) % 4]) ^ mi[(i + 2) % 4] ^ mi[(i + 3) % 4]);
}
}
void Invmi_Cal()
{
for (int i = 0; i < 4; i++)
{
Invmi_[i] = (byte) (mul((byte) 0x0E, mi[i]) ^ mul((byte) 0x0B, mi[(i + 1) % 4]) ^ mul((byte) 0x0D, mi[(i + 2) % 4]) ^ mul((byte) 0x09, mi[(i + 3) % 4]));
}
}
public void MSboxCal()
{
int temp;
for (int i = 0; i < Sbox.length; i++)
{
temp = i ^ (m & 0xFF);
MSbox[temp] = (byte) ((Sbox[i] & 0xFF ^ m_ & 0xFF));
}
}
public void InvMSboxCal()
{
int temp;
for (int i = 0; i < Sbox.length; i++)
{
temp = i ^ (m & 0xFF);
InvMSbox[temp] = (byte) ((InvSbox[i] & 0xFF ^ m_ & 0xFF));
}
}
void StateMask1(byte[][] state, byte m)
{
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
state[i][j] ^= m;
}
}
}
void StateMask4(byte[][] state, byte[] m)
{
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
state[i][j] ^= m[i];
}
}
}
byte[] MaskEncrypt(byte[] plain, byte[] mk)
{
int nr;
switch (mk.length)
{
case 16:
nr = 10;
break;
case 24:
nr = 12;
break;
case 32:
nr = 14;
break;
default:
return null;
}
byte[][][] rk = KeyExpansion(mk);
byte[][] state = SetState(plain);
MaskCreat();//掩码生成
mi_Cal();//计算加密mi'
MSboxCal();//预计算掩码表
for (int i = 0; i <= nr; i++)
{
if (i == 0)
{
StateMask1(state, m);//state加掩码 m (掩码状态:m)
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:掩码状态:m1 m2 m3 m4)
}
else if (i == nr)
{
MSubBytes(state);//过掩码S盒 去掩码 m 加掩码 m' (掩码状态:m')
ShiftRows(state);//行移位 (掩码状态:m')
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:m')
StateMask1(state, m_);//state去掩码 m' (掩码状态:无)
}
else
{
MSubBytes(state);//过掩码S盒 去掩码 m 加掩码 m' (掩码状态:m')
ShiftRows(state);//行移位(掩码状态:m')
StateMask4(state, mi);//加掩码 m1 m2 m3 m4 (掩码状态 m'+m1 m'+m2 m'+m3 m'+m4)
StateMask1(state, m_);//去掩码 m' (掩码状态:m1 m2 m3 m4)
MixColumns(state);//列混淆(掩码状态:m1' m2' m3' m4')
StateMask4(state, mi);//state加掩码 mi(掩码状态:m1'+m1 m2'+m2 m3'+m3 m4'+m4
StateMask4(state, mi_);//state去掩码 mi'(掩码状态:m1 m2 m3 m4)
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:m1 m2 m3 m4)
StateMask1(state, m);//state加掩码 m (掩码状态:m1+m m2+m m3+m m4+m)
StateMask4(state, mi);//state去掩码 m1 m2 m3 m4 (掩码状态:m)
}
}
return GetState(state);
}
byte[] MaskDecrypt(byte[] ciper, byte[] mk)
{
int nr;
switch (mk.length)
{
case 16:
nr = 10;
break;
case 24:
nr = 12;
break;
case 32:
nr = 14;
break;
default:
return null;
}
byte[][][] rk = KeyExpansion(mk);
byte[][] state = SetState(ciper);
MaskCreat();//掩码生成
Invmi_Cal();//计算解密mi'
InvMSboxCal();//预计算掩码表
for (int i = nr; i >= 0; i--)
{
if (i == nr)
{
StateMask1(state, m);//state加掩码 m (掩码状态:m)
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:m)
InvShiftRows(state);//逆行移位 (掩码状态:m)
InvMSubBytes(state);//过逆掩码S盒 去掩码 m 加掩码 m' (掩码状态:m')
}
else if (i == 0)
{
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:m')
StateMask1(state, m_);//state去掩码 m' (掩码状态:无)
}
else
{
AddRoundKey(state, rk[i]);//轮密钥加 (掩码状态:m')
StateMask4(state, mi);//state加掩码 m1 m2 m3 m4 (掩码状态:m'+m1 m'+m2 m'+m3 m'+m4)
StateMask1(state, m_);//state去掩码 m' (掩码状态:m1 m2 m3 m4)
InvMixColumns(state);//逆列混淆(掩码状态:m1' m2' m3' m4')
InvShiftRows(state);//逆行移位 (掩码状态:m1' m2' m3' m4')
StateMask1(state, m);//state加掩码 m (掩码状态:m1'+m m2'+m m3'+m m4'+m)
StateMask4(state, Invmi_);//state去掩码 m1' m2' m3' m4' (掩码状态:m)
InvMSubBytes(state);//过逆掩码S盒 去掩码 m 加掩码 m' (掩码状态:m')
}
}
return GetState(state);
}
void PrintState(String title, byte[][] state)
{
System.out.println(title);
for (int i = 0; i < 4; i++)
{
for (int j = 0; j < 4; j++)
{
System.out.printf("%02X ", state[i][j]);
}
System.out.println();
}
}
void PrintByteArr(String title, byte[] data)
{
System.out.print(title);
for (byte value : data)
{
System.out.printf("%02X ", value);
}
System.out.println();
}
public static void main(String[] args)
{
MyAesMask aes = new MyAesMask();
byte[] mk128 = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
byte[] data128 = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, (byte) 0x88, (byte) 0x99, (byte) 0xaa, (byte) 0xbb, (byte) 0xcc, (byte) 0xdd, (byte) 0xee, (byte) 0xff};
aes.PrintByteArr("Encrypt no mask: ", aes.Encrypt(data128, mk128));
aes.PrintByteArr("Encrypt masked: ", aes.MaskEncrypt(data128, mk128));
aes.PrintByteArr("Dncrypt no mask: ", aes.Decrypt(data128, mk128));
aes.PrintByteArr("Dncrypt masked: ", aes.MaskDecrypt(data128, mk128));
byte[] data192 = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, (byte) 0x88, (byte) 0x99, (byte) 0xaa, (byte) 0xbb, (byte) 0xcc, (byte) 0xdd, (byte) 0xee, (byte) 0xff};
byte[] mk192 = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17};
aes.PrintByteArr("Encrypt no mask: ", aes.Encrypt(data192, mk192));
aes.PrintByteArr("Encrypt masked: ", aes.MaskEncrypt(data192, mk192));
aes.PrintByteArr("Dncrypt no mask: ", aes.Decrypt(data192, mk192));
aes.PrintByteArr("Dncrypt masked: ", aes.MaskDecrypt(data192, mk192));
byte[] data256 = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, (byte) 0x88, (byte) 0x99, (byte) 0xaa, (byte) 0xbb, (byte) 0xcc, (byte) 0xdd, (byte) 0xee, (byte) 0xff};
byte[] mk256 = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f};
aes.PrintByteArr("Encrypt no mask: ", aes.Encrypt(data256, mk256));
aes.PrintByteArr("Encrypt masked: ", aes.MaskEncrypt(data256, mk256));
aes.PrintByteArr("Dncrypt no mask: ", aes.Decrypt(data256, mk256));
aes.PrintByteArr("Dncrypt masked: ", aes.MaskDecrypt(data256, mk256));
}
}
3128
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
