From 30435141bc01b473ba59c36325872967635d60df Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Fri, 20 Feb 2015 19:21:07 +0100
Subject: Key scheduling fix for 256 bit keys.

Contributed by "SR" (kane5410 at gmx do tnet) in 2015.

Same fix also independently produced by Ron Charlton (charltoncr
at wowway dot com) in 2018.

* rijndael.c (rijn_sched_key): In the blocksize == 8 case that
corresponds to 256 bit keys, fix a column/row mixup in the key
scheduling.
---
 rijndael.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'rijndael.c')

diff --git a/rijndael.c b/rijndael.c
index e849c1a..a0253d1 100644
--- a/rijndael.c
+++ b/rijndael.c
@@ -224,10 +224,10 @@ rijn_sched_key(rijn_keysched_t *sched, rijn_key_t *key, const rijn_param_t *para
 		temp_key[i][2] ^= temp_key[i-1][2];
 		temp_key[i][3] ^= temp_key[i-1][3];
 	    }
-	    temp_key[0][i] ^= s_box[temp_key[i-1][0]];
-	    temp_key[1][i] ^= s_box[temp_key[i-1][1]];
-	    temp_key[2][i] ^= s_box[temp_key[i-1][2]];
-	    temp_key[3][i] ^= s_box[temp_key[i-1][3]];
+	    temp_key[i][0] ^= s_box[temp_key[i-1][0]];
+	    temp_key[i][1] ^= s_box[temp_key[i-1][1]];
+	    temp_key[i][2] ^= s_box[temp_key[i-1][2]];
+	    temp_key[i][3] ^= s_box[temp_key[i-1][3]];
 	    for (i++; i < keyrows; i++) {
 		temp_key[i][0] ^= temp_key[i-1][0];
 		temp_key[i][1] ^= temp_key[i-1][1];
-- 
cgit v1.2.3