.radix 16
; RIJNDAEL cipher program (DOS) Using
; CFB block chaining, supporting 128,
; 192, And 256-Bit blocks And keys And
; UC file Name (repeated) As IV
; This program incorporates a Davies-
; Meyer Type key hash With 00 As IV
; The Input key length is 2*blockbytes,
; which more closely matches entropy
; of user Input To that of cipher
; This version can be assembled On the
; A86 shareware assembler, available
; From [url="http://www.eji.com"]www.eji.com[/url]  And runs On Any '86
; Copyright April 12, 2000 by
; Robert G. Durnal ([email protected])
; Released For free use by anyone!
; Source posted under 'Unrestricted
; Source Code' license exception to
; EAR regulations
; Block Size In bits = 32 x NCOLS
; Key Size In bits = 32 x NKEYS
NCOLS equ 8 ; May be 4, 6, Or 8
NKEYS equ 8 ; May be 4, 6, Or 8
KEYBYTES equ NKEYS*4
BLOCKBYTES equ NCOLS*4
READSIZE equ 0C000
DATABUF equ 1084 ; Value saves 1 Byte
PWR_TAB equ 0E00
LOG_TAB equ 0F00
SBOX equ LOG_TAB
CFBBUF equ PWR_TAB
#If NCOLS GT NKEYS
ROUNDS equ 6+NCOLS
#Else
ROUNDS equ 6+NKEYS
#EndIf
; Routines For RIJNDAEL S-box creation
; derived From formulas In Dr. Brian
; Gladman's RIJNDAEL implementation
; First prepare Pwr And Log tables.
;
; For (i=0; p=1; i<256; ++i)
; {
; pwr_tab[i]=p; log_tab[p]=i;
; p=p^(p<<1)^(p&0x80?0x01b:0)
; }
MAKETABLES:
mov di,pwr_tab
mov bp,di ; Save pointer To CFBBUF
mov bh,log_tab/100
mov cx,100
inc ax ; DOS starts AX At 0000
MAKETABLOOP:
mov bl,al
xchg ax,di
mov [bx],al ; Store Log value
xchg ax,di
stosb ; And Pwr value
mov ah,al ; Compute Next Pwr
Call xtime ; (p<<1)^(p&0x80?0x1b:0)
Xor al,ah ; p^(p<<1)^(p&0x80?0x1b:0)
Loop maketabloop
; Now use those tables To Create S-box
; OK To overwrite Log table.
;
; For (i=0; i<256; ++i)
; {
; p=(i?(pwr_tab[255-log_tab[i]]):0);
; q=p;
; q=(q>>7) | (q<<1); p^=q;
; q=(q>>7) | (q<<1); p^=q;
; q=(q>>7) | (q<<1); p^=q;
; q=(q>>7) | (q<<1); p^=q^0x63;
; sbx_tab[i]=p;
; }
MAKESBOX: ; Starts With CX = 0
mov bx,bp ; --> PWR_TAB For XLAT
db 0D6 ; Clears AL To start
SBOXLOOP: ; AL = p, AH = q
mov ah,al ; q=p
mov ch,4 ; CX always 04xx here
MAKES1: ; C formula For ROL q,1
rol ah,1 ; q=(q>>7) | (q<<1)
Xor al,ah ; p ^= q
dec ch
jnz makes1 ; 4 times
Xor al,63 ; Here CH always 00
stosb ; Store computed value
mov al,[di] ; Get Next log_tab[i]
Not al ; 255-log_tab[i]
xlat ; pwr_tab[255-log_tab[i]]
Loop sboxloop
CHECKCMD: ; Check cmd Line syntax
mov si,80 ; Default DTA location
lodsw
cmp al,4 ; Check For parameters
jc exit1
lodsw
Sub al,'+' ; Test for encrypt (+)
jz getkey
Add b[direction],al
Sub al,2 ; Test For decrypt (-)
jnz exit1
GETKEY:
push si ; SI --> FileName In DTA
mov dx,askforkey
mov ah,9 ; Solicit via STDOUT
Int 21
mov dl,keybuf Mod 100
mov ah,0A
Int 21 ; Get key via STDIN
mov ax,3
Int 10 ; Clear key From screen
xchg si,dx ; SI --> KEYBUF DX = 0084
lodsb
lodsb ; SI --> KEYARRAY
xchg ax,di ; DI = Length of key
Add di,si ; DI = CR In KEYARRAY
mov cl,2*keybytes
rep movsb ; Move more than enough
mov di,bp ; CFBBUF
mov cl,2*keybytes
PUSHKEY: ; Push All key bytes
dec si ; Push In reverse order
mov al,[si]
push ax ; Only AL will be used
db 0D6 ; Zero AL by SALC
stosb ; Clear CFBBUF this Loop
Loop pushkey ; Sets 00 IV For hash
HASHKEY: ; Hash the Input key
mov cl,blockbytes
mov di,bp
POPKEY: ; Pop key Mat'l to CFBBUF
pop ax
stosb
push bx ; BL always 00 here
pop bx ; Overwrite key In stack
cmp sp,0FFFC ; Restrict POPs ó PUSHs
loopnz popkey
EXPANDKEY:
Call keysched ; Make key And encrypt
mov di,bp
mov cl,blockbytes/2
mov si,keyarray
KEYCRYPT: ; Mix With original key
mov ax,[di]
Xor [si],ax
movsw ; Dup In CFBBUF = New IV
cmp si,keyarray+keybytes ; End of key?
loopnz keycrypt
cmp sp,0FFFC
jnc endhash ; No more PUSHed Data
inc cx
Loop keycrypt-3 ; ð JCXNZ
jmp hashkey
EXIT1: ; Bad cmd Line Show usage
mov si,offset usage
Exit: ; Print Error messages via INT29
lodsb
Int 29
Or al,al
jnz Exit
ret ; INT20 Exit via PSP 00
ENDHASH:
Call keysched ; Final key schedule
pop dx
mov si,dx ; DX --> fname In DTA
mov di,bp
mov cl,blockbytes
PARSEFNAME: ; Set into CFBBUF As IV
lodsb
And al,5F ; Quasi U/C, OK For IV
stosb
cmp b[si],20
ja parsefname
mov [si],ch ; Make Asciiz In DTA
mov si,bp ; Finish filling CFBBUF
rep movsb ; More than enough bytes
OPENFILE: ; Open the Data file
mov ax,3D02 ; Read/Write mode
Int 21 ; Open Data file
xchg ax,bx ; Handle
mov dh,databuf/100
REREAD: ; Loop here Until Read = 0 bytes
mov si,filerrmsg
jc Exit
mov ch,readsize/100
mov ah,3F
Int 21
jc reread
GOODREAD: ; Check On Read length
Or ax,ax ; 0 length Read = done
jz endprog ; Any RET within ñ 80h
push dx ; Databuf address
mov si,dx
push ax ; Bytes Read
push bx ; Handle
BLOCK: ; Process block of Data
push ax ; # bytes Left In DATABUF
push si ; Databuf pointer
Call cipher ; Encrypt CFBBUF
mov di,bp ; CFBbuf
pop si ; Databuf pointer
mov cl,blockbytes/2
DATACRYPT: ; Xor CFBBUF & Data
mov ax,[si] ; Old Data value
xchg [di],ax ; AX = CFB, [DI] = Data
Xor [si],ax ; [SI] = newdata
DIRECTION:
movsw ; CMPSW For decrypt
Loop datacrypt
pop ax
Sub ax,blockbytes
ja block
PTRSET: ; Decrement file pointer
pop bx ; Handle
pop dx ; Bytes Read
push dx
neg dx
dec cx ; CX X=-(bytes Read)
mov ax,4201
Int 21 ; Back file Ptr by bytes Read
WRITEDATA: ; Write # bytes Read
pop cx ; Bytes Read
pop dx ; Databuf address
mov ah,40
Int 21
jmp reread
; Start of subroutines
XTIME: ; Subroutine For multiplication
; In GF(2^8) modulo x^8+x^4+x^3+x+1
shl al,1
jnc endprog
Xor al,1B
ENDPROG: ; Int 20 via PSP 00
ret
KEYSCHED: ; Run key schedule On key
; RIJNDAEL key schedule expands first
; KEYBYTES of key into sufficient key
; material For ROUNDS+1 key mixing
; Rounds+2 avoids roundoff Error
mov di,keyarray+keybytes ; Fall thru RJ
mov dl,1 ; Initialize RCON
mov cl,(rounds+2)*ncols/nkeys
KEYSCHEDLOOP:
push cx ; On entry CH = 0, saved
mov bx,-4 ; Effective rotation of key
cmp ch,3 ; material achieved by
jnz $+4 ; index manipulation
rcl bl,1
adc bl,0 ; BX = -3, -4, Or -7
mov al,[di+bx]
test ch,-(ncols/8*10+4)
jnz keycont ; TEST With 0EC Or 0FC
KEYSUB:
mov bx,sbox ; Bytesub
xlat
Or ch,ch
jnz keycont
Xor al,dl ; CH = 0, mix With RCON
xchg ax,dx
Call xtime ; Update RCON
xchg ax,dx
KEYCONT: ; Final Step For All keys
Xor al,[di-keybytes]
stosb
inc ch
cmp ch,keybytes
jb keyschedloop+1
pop cx
Loop keyschedloop
CIPHER: ; The RIJNDAEL encryption cipher
; The 'state' of the cipher is located
; In CFBBUF And is treated As a Byte
; matrix of 4 rows by NCOLS columns
; For purpuses of SHIFTROW And
; MIXCOLUMN routines. BP is pointer
; To CFBBUF throughout, SI is pointer
; To Next Byte of key material.
; This routine automatically follows
; the KEYSCHED routine, Or is called
; directly From the BLOCK sequence.
mov si,keyarray
mov cx,rounds ; CH non-zero after Read
push cx
RIJNLOOP: ; Encrypt CFBBUF
mov di,bp ; CFBBUF
mov cl,blockbytes
mov bx,sbox
ADDKEYLOOP:
lodsb ; Next key Byte
Xor al,[di]
xlat ; Do the BYTESUB here
stosb
Loop addkeyloop
SHIFTROW:
mov cl,3 ; CX is row # Base 0
std ; Move Right To Left
SR_OUTER:
mov bx,cx
#If ncols EQ 8
cmp bx,2
jc $+3
inc bx ; 1,2,3 --> 1,3,4
#EndIf
mov di,cfbbuf+blockbytes-4
Add di,cx ; Add row number
SR_INNER:
mov ch,ncols-1
push di
mov al,[di]
SHIFTER: ; Shift row 1 space <--
scasw
scasw ; Move DI <-- 1 col
xchg al,[di]
dec ch
jnz shifter
pop di
mov [di],al
dec bx
jnz sr_inner
Loop sr_outer
ENDSR:
cld
pop ax ; Round counter
dec ax
jz lastaddkey ; Skip last MIXCOLUMN
push ax ; Restack Round counter
MIXCOLUMN: ; Matrix mult In GF(2^8)
mov di,bp ; CFBBUF
mov cl,ncols
NEXTCOL: ; Multiplier matrix is
mov ch,4 ; º 2 3 1 1 º
mov dx,[di] ; º 1 2 3 1 º
mov bx,[di+2] ; º 1 1 2 3 º
COLUMNLOOP: ; º 3 1 1 2 º
mov ax,dx
Call xtime ; 2x Byte 0
xchg ah,al
Call xtime ; 2x Byte 1
Xor al,dh ; 3x Byte 1
Xor ax,bx ; Add In bytes 2 And 3
Xor al,ah ; AL=matrix product Byte
stosb ; Store In original Byte
xchg dh,dl ; Proceed To Next Byte
xchg bl,dh ; 3 XCHGs equivalent To
xchg bh,bl ; ROL 8 On 32-Bit reg
dec ch
jnz columnloop
Loop nextcol
jmp rijnloop
LASTADDKEY:
mov cl,blockbytes/2
mov di,bp
LASTKEYLOOP:
lodsw
Xor [di],ax
scasw
Loop lastkeyloop
ret
USAGE db 'TINYRIJN ñ file',0
ASKFORKEY: db 'Key:',0,24
FILERRMSG: db 'File error',0
KEYBUF: db 2*keybytes+1
KEYARRAY equ $+1 ; Leave space For count
FILESIZE equ $-100