3 setupAESstate, aesCBCencrypt, aesCBCdecrypt, setupAESXCBCstate, aesXCBCmac, setupAESGCMstate - advanced encryption standard (rijndael)
11 .B #include <libsec.h>
16 void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);
19 void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);
22 void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec)
25 void aesCBCencrypt(uchar *p, int len, AESstate *s)
28 void aesCBCdecrypt(uchar *p, int len, AESstate *s)
31 void setupAESXCBCstate(AESstate *s)
34 void aesXCBCmac(uchar *p, int len, AESstate *s)
37 void setupAESGCMstate(AESGCMstate *s, uchar *key, int keylen, uchar *iv, int ivlen)
40 void aesgcm_setiv(AESGCMstate *s, uchar *iv, int ivlen)
43 void aesgcm_encrypt(uchar *dat, ulong ndat, uchar *aad, ulong naad, uchar tag[16], AESGCMstate *s)
46 int aesgcm_decrypt(uchar *dat, ulong ndat, uchar *aad, ulong naad, uchar tag[16], AESGCMstate *s)
48 AES (a.k.a. Rijndael) has replaced DES as the preferred
53 are the block ciphers, corresponding to
60 implement cipher-block-chaining encryption.
64 implement AES XCBC message authentication, per RFC 3566.
65 .IR SetupAESGCMstate ,
70 implement Galois/Counter Mode (GCM) authenticated encryption with associated data (AEAD).
71 Before encryption or decryption, a new initialization vector (nonce) has to be set with
80 Aesgcm_decrypt returns zero when authentication and decryption where successfull and
82 All ciphering is performed in place.
84 should be 16, 24, or 32.
85 The initialization vector
89 bytes should be random enough to be unlikely to be reused
90 but does not need to be
91 cryptographically strongly unpredictable.
109 .B http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
114 .IR setupAESXCBCstate ,
117 have not yet been verified by running test vectors through them.
119 Because of the way that non-multiple-of-16 buffers are handled,
121 must be fed buffers of the same size as the
123 calls that encrypted it.