Merge pull request #1773 from evoskuil/master

Update AES, add tests.

Author: evoskuil

include/bitcoin/system/crypto/aes256.hpp

@@ -24,25 +24,34 @@
 
 namespace libbitcoin {
 namespace system {
-namespace aes256 {
-    
-/// This is an implementation of AES256 (in ECB mode).
-/// ECB mode is the simplest block cipher mode but is insecure for most
-/// applications because it doesn't hide patterns in the plaintext.
-/// NIST selected three members of the Rijndael family, each with a block
-/// size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
 
-constexpr size_t block_size = bytes<128>;
-typedef data_array<block_size> block;
+/// Advanced Encryption Standard (AES) 256.
+class BC_API aes256 final
+{
+public:
+    /// AES block is always 128 bits.
+    typedef data_array<bytes<128>> block;
 
-constexpr size_t secret_size = bytes<256>;
-typedef data_array<secret_size> secret;
+    /// AES-256 secret is always 256 bits.
+    typedef data_array<bytes<256>> secret;
 
-/// Perform aes256 encryption/decryption on a data block.
-void encrypt(block& bytes, const secret& key) NOEXCEPT;
-void decrypt(block& bytes, const secret& key) NOEXCEPT;
+    /// nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197-upd1.pdf
+    static void encrypt_ecb(block& bytes, const secret& key) NOEXCEPT;
+    static void decrypt_ecb(block& bytes, const secret& key) NOEXCEPT;
+
+private:
+    struct context
+    {
+        secret key;
+        secret enckey;
+        secret deckey;
+    };
+
+    static void initialize(context& context, const secret& key) NOEXCEPT;
+    static void encrypt_ecb(context& context, block& bytes) NOEXCEPT;
+    static void decrypt_ecb(context& context, block& bytes) NOEXCEPT;
+};
 
-} // namespace aes256
 } // namespace system
 } // namespace libbitcoin
 

include/bitcoin/system/hash/pbkd.hpp

@@ -56,7 +56,7 @@ struct pbkd
 
 protected:
     template <size_t Length>
-    static constexpr auto xor_n(data_array<Length>& to,
+    static constexpr void xor_n(data_array<Length>& to,
         const data_array<Length>& from) NOEXCEPT;
 };
 

include/bitcoin/system/impl/hash/hmac.ipp

@@ -90,7 +90,7 @@ xor_n(block_t& pad, const byte_t* key, size_t size) NOEXCEPT
     // append zeros to the end of K to create a B byte string [skip].
     // XOR (bitwise exclusive-OR) the B byte string ... with [ipad/opad].
     // [not xoring beyond K length is the same as xoring that with zero].
-    for (size_t i = 0; i < size; ++i)
+    for (size_t i{}; i < size; ++i)
         pad[i] ^= key[i];
 
     return pad;

include/bitcoin/system/impl/hash/pbkd.ipp

@@ -36,12 +36,12 @@ BC_PUSH_WARNING(NO_ARRAY_INDEXING)
 // static/protected
 TEMPLATE
 template <size_t Length>
-constexpr auto CLASS::
+constexpr void CLASS::
 xor_n(data_array<Length>& to, const data_array<Length>& from) NOEXCEPT
 {
     // rfc8018
     // F (P, S, c, i) = U_1 \xor U_2 \xor ... \xor U_c
-    for (size_t i = 0; i < Length; ++i)
+    for (size_t i{}; i < Length; ++i)
         to[i] ^= from[i];
 };
 

include/bitcoin/system/impl/math/bits.ipp

@@ -306,8 +306,7 @@ template <typename Value, if_unsigned_integral_integer<Value>>
 constexpr void shift_left_into(Value& value, size_t shift, bool overflow) NOEXCEPT
 {
     constexpr auto span = bits<Value>;
-    overflow && shift >= span ? value = 0 : depromote<Value>(
-        value <<= (shift % span));
+    overflow && shift >= span ? value = 0 : value <<= (shift % span);
 }
 
 // signed overloads (shift left of negative is undefined behavior).
@@ -337,8 +336,7 @@ template <typename Value, if_unsigned_integral_integer<Value>>
 constexpr void shift_right_into(Value& value, size_t shift, bool overflow) NOEXCEPT
 {
     constexpr auto span = bits<Value>;
-    overflow && shift >= span ? value = 0 : depromote<Value>(
-        value >>= (shift % span));
+    overflow && shift >= span ? value = 0 : value >>= (shift % span);
 }
 
 // signed overloads (shift right of negative is unspecified behavior).

include/bitcoin/system/impl/math/cast.ipp

@@ -48,7 +48,7 @@ constexpr Restored depromote(Common value) NOEXCEPT
 
 template <typename Restored, typename Common,
     if_integer<Restored>,
-    if_non_integral_integer<Common> >
+    if_non_integral_integer<Common>>
 constexpr Restored depromote(Common value) NOEXCEPT
 {
     BC_PUSH_WARNING(NO_IDENTITY_CAST)