AES 2
NAME
setupAESstate, aesCBCencrypt, aesCBCdecrypt, aesCTRencrypt, aesCTRdecrypt, setupAESXCBCstate, aesXCBCmac - advanced encryption standard (rijndael)
SYNOPSIS
#include <u.h> #include <libc.h>
#include <mp.h>
#include <libsec.h>
void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec)
void aesCBCencrypt(uchar *p, int len, AESstate *s)
void aesCBCdecrypt(uchar *p, int len, AESstate *s)
void aesCTRencrypt(uchar *p, int len, AESstate *s)
void aesCTRdecrypt(uchar *p, int len, AESstate *s)
void setupAESXCBCstate(AESstate *s)
void aesXCBCmac(uchar *p, int len, AESstate *s)
DESCRIPTION
AES (a.k.a. Rijndael) has replaced DES as the preferred
block cipher.
Aes_encrypt and
aes_decrypt are the block ciphers, corresponding to
des (2)'s block_cipher . SetupAESstate , aesCBCencrypt , and
aesCBCdecrypt implement cipher-block-chaining encryption.
AesCTRencrypt and
aesCTRdecrypt implement counter mode, per RFC 3686;
they are identical operations.
setupAESXCBCstate and
aesXCBCmac implement AES XCBC message authentication, per RFC 3566.
All ciphering is performed in place.
Keybytes should be 16, 24, or 32.
The initialization vector
ivec of
AESbsize bytes should be random enough to be unlikely to be reused
but does not need to be
cryptographically strongly unpredictable.
SOURCE
/sys/src/libsec SEE ALSO
aescbc in
secstore (1), mp (2), blowfish (2), des (2), dsa (2), elgamal (2), rc4 (2), rsa (2), sechash (2), prime (2), rand (2) http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
BUGS
The functions
aes_encrypt , aes_decrypt , aesCTRencrypt , aesCTRdecrypt , setupAESXCBCstate , and
aesXCBCmac have not yet been verified by running test vectors through them.