commit 947bf969e0b40e11b187c92557672bc07064975f
author Jerry Yu <jerry.h.yu@arm.com> Thu Feb 23 11:07:57 2023 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Thu Feb 23 11:07:57 2023 +0800
tree e1b40859fb2040dfc841e94c6a7dbe6250ac26c5
parent fac5a54f8ad5ae52ea10f22b86faa1ffea9db4ef

Improve readability of expansion size

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

library/aesce.c

diff --git a/library/aesce.c b/library/aesce.c
index 356d0a3..e47665a 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -185,15 +185,17 @@
                              const unsigned char *key,
                              const size_t key_bit_length)
 {
-
-    const uint32_t key_len_in_words = key_bit_length / 32;
-    const size_t round_key_len_in_words = 4;
     static uint8_t const rcon[] = { 0x01, 0x02, 0x04, 0x08, 0x10,
                                     0x20, 0x40, 0x80, 0x1b, 0x36 };
-    /* Require max(key_len_in_words, round_key_len_len_in_words) + 7 */
-    const size_t round_keys_needed = key_len_in_words + 7;
+    /* See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
+     *   - Section 5, Nr = Nk + 6
+     *   - Section 5.2, the key expansion size is Nb*(Nr+1)
+     */
+    const uint32_t key_len_in_words = key_bit_length / 32;  /* Nk */
+    const size_t round_key_len_in_words = 4;                /* Nb */
+    const size_t round_keys_needed = key_len_in_words + 6;  /* Nr */
     const size_t key_expansion_size_in_words =
-        round_keys_needed * round_key_len_in_words;
+        round_key_len_in_words * (round_keys_needed + 1);   /* Nb*(Nr+1) */
     const uint32_t *rko_end = (uint32_t *) rk + key_expansion_size_in_words;
 
     memcpy(rk, key, key_len_in_words * 4);