[FFmpeg-devel] [PATCH] aes: When generating the expanded key, an XOR with the previous key was missing

Andy Parkins andyparkins
Wed Jul 18 10:02:49 CEST 2007

The line generating the primary word of the expanded key was done like

  for(i = 0; i < 4; i++)
      tk[0][i] ^= sbox[tk[KC-1][(i+1)&3]];

This was incorrect.  Every output byte should be XORed with the
equivalent byte in the previous key.  This is being correctly done for
the non-primary words, but not for the primary word.

This patch changes the above to

  for(i = 0; i < 4; i++) {
      tk[0][i] = sbox[tk[KC-1][(i+1)&3]];
      tk[0][i] ^= (a->round_key[0][0]+t)[i];

This uses the fact that the previous key has just been written to the
round_key array to look it up again and XOR it with the current value.

This change makes the expanded key from aes.c match the sample expansion
for a NUL key match shown on
 libavutil/aes.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)
Dr Andy Parkins, M Eng (hons), MIET
andyparkins at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: b02609dc241a3299babd49adfee8223198d71e6d.diff
Type: text/x-patch
Size: 593 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070718/161af4ef/attachment.bin>

More information about the ffmpeg-devel mailing list