Key scheduling fix for 256 bit keys.HEADmaster

Contributed by "SR" (kane5410 at gmx do tnet) in 2015.

Same fix also independently produced by Ron Charlton (charltoncr
at wowway dot com) in 2018.

* rijndael.c (rijn_sched_key): In the blocksize == 8 case that
corresponds to 256 bit keys, fix a column/row mixup in the key
scheduling.

1 files changed, 4 insertions, 4 deletions

diff --git a/rijndael.c b/rijndael.c
index e849c1a..a0253d1 100644
--- a/rijndael.c
+++ b/rijndael.c
@@ -224,10 +224,10 @@ rijn_sched_key(rijn_keysched_t *sched, rijn_key_t *key, const rijn_param_t *para
 		temp_key[i][2] ^= temp_key[i-1][2];
 		temp_key[i][3] ^= temp_key[i-1][3];
 	    }
-	    temp_key[0][i] ^= s_box[temp_key[i-1][0]];
-	    temp_key[1][i] ^= s_box[temp_key[i-1][1]];
-	    temp_key[2][i] ^= s_box[temp_key[i-1][2]];
-	    temp_key[3][i] ^= s_box[temp_key[i-1][3]];
+	    temp_key[i][0] ^= s_box[temp_key[i-1][0]];
+	    temp_key[i][1] ^= s_box[temp_key[i-1][1]];
+	    temp_key[i][2] ^= s_box[temp_key[i-1][2]];
+	    temp_key[i][3] ^= s_box[temp_key[i-1][3]];
 	    for (i++; i < keyrows; i++) {
 		temp_key[i][0] ^= temp_key[i-1][0];
 		temp_key[i][1] ^= temp_key[i-1][1];