versadac  1
versadac - Scalable Recorder Firmware
AES.h
1 /* AES - Advanced Encryption Standard
2 
3  source version 1.0, June, 2005
4 
5  Copyright (C) 2000-2005 Chris Lomont
6 
7  This software is provided 'as-is', without any express or implied
8  warranty. In no event will the author be held liable for any damages
9  arising from the use of this software.
10 
11  Permission is granted to anyone to use this software for any purpose,
12  including commercial applications, and to alter it and redistribute it
13  freely, subject to the following restrictions:
14 
15  1. The origin of this software must not be misrepresented; you must not
16  claim that you wrote the original software. If you use this software
17  in a product, an acknowledgment in the product documentation would be
18  appreciated but is not required.
19  2. Altered source versions must be plainly marked as such, and must not be
20  misrepresented as being the original software.
21  3. This notice may not be removed or altered from any source distribution.
22 
23  Chris Lomont
24  chris@lomont.org
25 
26  The AES Standard is maintained by NIST
27  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
28 
29  This legalese is patterned after the zlib compression library
30 */
31 
32 // headed to implement Advanced Encryption Standard - Rijndael2
33 #ifndef _AES_H
34 #define _AES_H
35 
36 
37 #define AES_BLOCK_LENGTH_BYTES 16
38 #define AES_BLOCK_LENGTH_BITS (AES_BLOCK_LENGTH_BYTES * 8)
39 
40 /* USAGE:
41  1. Create a AES class (or more as necessary)
42  2. Call class method SetParameters
43  3. To encrypt, call method StartEncryption with the key, and then
44  call method Encrypt with enough space to store the proper size blocks.
45  4. To decrypt, call method StartDecryption with the key, and then
46  call method Decrypt with enough space to store the proper size blocks.
47 
48  Alternatively, you can call EncryptBlock and DecryptBlock block to process blocksize
49  (default to 16 bytes) bytes at a time. It is recommended to use the Encrypt function
50  for multiple block encryption since it uses chaining modes that make the overall
51  stream much more secure than the default block based encryption, which by default would
52  be mode ECB.
53 
54  EXAMPLE: want to encrypt 37 bytes of data with 192 bit key, which will use 3 16 byte blocks
55  AES aes;
56  aes.SetParameters(192);
57  aes.StartEncryption(key);
58  aes.Encrypt(data,output,3); // note data and output must be at least 48 bytes!
59  */
60 
61 // todo - replace all types with u1byte, u4byte, etc
62 
63 class AES
64  {
65 public:
66  // the constructor - makes sure local things are initialized
67  // it if fails, throws the string "Tables failed to initialize"
68  AES(void);
69 
70  // multiple block encryption/decryption modes
71  // See http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
72  enum BlockMode {
73  ECB = 0, // Electronic CodeBook - each block independent, weak
74  CBC = 1 // Cipher Block Chaining - most secure
75  // todo - CFB = 2, // Cipher FeedBack - secure
76  // todo - OFB = 3, // Output FeedBack - secure
77  // todo - CTR = 4, // Counter - allows midstream decryption, somewhat secure
78  // todo - EAX = 5, - http://www.cs.berkeley.edu/~daw/papers/eprint-short-ae.pdf
79  // todo - GCM = 6, - http://www.cryptobarn.com/papers/gcm-spec.pdf
80  };
81 
82  // block and key size are in bits, legal values are 128, 192, and 256 independently.
83  // NOTE: the AES standard only uses a blocksize of 128, so we default to that
84  void SetParameters(int keylength, int blocklength = 128);
85 
86  // call this before any encryption with the key to use
87  void StartEncryption(const unsigned char * key);
88  // encrypt a single block (default 128 bits, or unsigned char[16]) of data
89  void EncryptBlock(const unsigned char * datain, unsigned char * dataout);
90  // Call this to encrypt any length data. Note the size is in BLOCKS, so you must
91  // have enough space in datain and dataout to accomodate this. Pad your data before
92  // calling, preferably using the padding methods listed below.
93  // Decryption must use the same mode as the encryption.
94  void Encrypt(const unsigned char * datain, unsigned char * dataout, unsigned int numBlocks, BlockMode mode = CBC);
95 
96  // call this before any decryption with the key to use
97  void StartDecryption(const unsigned char * key);
98  // decrypt a single block (default 128 bits, or unsigned char[16]) of data
99  void DecryptBlock(const unsigned char * datain, unsigned char * dataout);
100  // Call this to decrypt any length data. Note the size is in BLOCKS, so you must
101  // have enough space in datain and dataout to accomodate this. Pad your data before
102  // calling, preferably using the padding methods listed below. You must know the desired
103  // length of the output data, since all the blocks are returned decrypted.
104  // Encryption must use the same mode as the decryption.
105  void Decrypt(const unsigned char * datain, unsigned char * dataout, unsigned int numBlocks, BlockMode mode = CBC);
106 
107 private:
108 
109  int Nb,Nk; // block and key length / 32, should be 4,6,or 8
110  int Nr; // number of rounds
111 
112  unsigned char W[4*8*15]; // the expanded key
113 
114  // Key expansion code - makes local copy
115  void KeyExpansion(const unsigned char * key);
116 
117  }; // class AES
118 
119 
120 /* PADDING:
121  The AES (Rijndael) encryption algorithm pads encrypted data to a multiple of 16 bytes by default.
122  Other blocksizes are similar. Methods:
123  1. RFC 1423 padding scheme:
124  Each padding byte is set to the number of padding bytes. If the data is already a multiple
125  of 16 bytes, 16 additional bytes are added, each having the value 0x10.
126  2. FIPS81 (Federal Information Processing Standards 81):
127  The last byte contains the number of padding bytes, including itself,
128  and the other padding bytes are set to random values.
129  3. Each padding byte is set to a random value. The decryptor must know how many bytes are in the original unencrypted data.
130  */
131 
132 /* TODO
133 The Encrypt() function is used to encrypt larger blocks of data. The block size has to be a multiple of the method's block size.
134 This function can operate in the following modes: ECB, CBC or CFB. ECB mode is not using chaining. If the same block is encrypted
135 twice with the same key, the resulting ciphertext blocks are the same. In CBC mode, a ciphertext block is obtained by first XORing
136 the plaintext block with the previous ciphertext block, and encrypting the resulting value. In CFB mode, a ciphertext block is
137 obtained by encrypting the previous ciphertext block and XORing the resulting value with the plaintext. The operation mode is
138 specified in the iMode parameter with ECB being the default value.
139 
140 */
141 
142 #endif // _AES_H
143 // end - AES.h
Definition: AES.h:63