aes 2.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101
  1. .TH AES 2
  2. .SH NAME
  3. setupAESstate, aesCBCencrypt, aesCBCdecrypt, aesCTRencrypt, aesCTRdecrypt, setupAESXCBCstate, aesXCBCmac - advanced encryption standard (rijndael)
  4. .SH SYNOPSIS
  5. .B #include <u.h>
  6. .br
  7. .B #include <libc.h>
  8. .br
  9. .B #include <mp.h>
  10. .br
  11. .B #include <libsec.h>
  12. .PP
  13. .in +0.5i
  14. .ti -0.5i
  15. .B
  16. void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
  17. .PP
  18. .B
  19. void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
  20. .PP
  21. .B
  22. void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec)
  23. .PP
  24. .B
  25. void aesCBCencrypt(uchar *p, int len, AESstate *s)
  26. .PP
  27. .B
  28. void aesCBCdecrypt(uchar *p, int len, AESstate *s)
  29. .PP
  30. .B
  31. void aesCTRencrypt(uchar *p, int len, AESstate *s)
  32. .PP
  33. .B
  34. void aesCTRdecrypt(uchar *p, int len, AESstate *s)
  35. .PP
  36. .B
  37. void setupAESXCBCstate(AESstate *s)
  38. .PP
  39. .B
  40. void aesXCBCmac(uchar *p, int len, AESstate *s)
  41. .SH DESCRIPTION
  42. AES (a.k.a. Rijndael) has replaced DES as the preferred
  43. block cipher.
  44. .I Aes_encrypt
  45. and
  46. .I aes_decrypt
  47. are the block ciphers, corresponding to
  48. .IR des (2)'s
  49. .IR block_cipher .
  50. .IR SetupAESstate ,
  51. .IR aesCBCencrypt ,
  52. and
  53. .I aesCBCdecrypt
  54. implement cipher-block-chaining encryption.
  55. .I AesCTRencrypt
  56. and
  57. .I aesCTRdecrypt
  58. implement counter mode, per RFC 3686;
  59. they are identical operations.
  60. .I setupAESXCBCstate
  61. and
  62. .I aesXCBCmac
  63. implement AES XCBC message authentication, per RFC 3566.
  64. All ciphering is performed in place.
  65. .I Keybytes
  66. should be 16, 24, or 32.
  67. The initialization vector
  68. .I ivec
  69. of
  70. .I AESbsize
  71. bytes should be random enough to be unlikely to be reused
  72. but does not need to be
  73. cryptographically strongly unpredictable.
  74. .SH SOURCE
  75. .B /sys/src/libsec
  76. .SH SEE ALSO
  77. .I aescbc
  78. in
  79. .IR secstore (1),
  80. .IR mp (2),
  81. .IR blowfish (2),
  82. .IR des (2),
  83. .IR dsa (2),
  84. .IR elgamal (2),
  85. .IR rc4 (2),
  86. .IR rsa (2),
  87. .IR sechash (2),
  88. .IR prime (2),
  89. .IR rand (2)
  90. .br
  91. .B http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
  92. .SH BUGS
  93. The functions
  94. .IR aes_encrypt ,
  95. .IR aes_decrypt ,
  96. .IR aesCTRencrypt ,
  97. .IR aesCTRdecrypt ,
  98. .IR setupAESXCBCstate ,
  99. and
  100. .IR aesXCBCmac
  101. have not yet been verified by running test vectors through them.