#include <stddef.h>\r
\r
/****************************** MACROS ******************************/\r
-#define AES_BLOCK_SIZE 16 // AES operates on 16 bytes at a time\r
+#define AES_BLOCK_SIZE 16 // AES operates on 16 bytes at a time\r
\r
/**************************** DATA TYPES ****************************/\r
-typedef unsigned char BYTE; // 8-bit byte\r
-typedef unsigned int WORD; // 32-bit word, change to "long" for 16-bit machines\r
+typedef unsigned char BYTE; // 8-bit byte\r
+typedef unsigned int WORD; // 32-bit word, change to "long" for 16-bit machines\r
\r
/*********************** FUNCTION DECLARATIONS **********************/\r
///////////////////\r
// AES\r
///////////////////\r
// Key setup must be done before any AES en/de-cryption functions can be used.\r
-void aes_key_setup(const BYTE key[], // The key, must be 128, 192, or 256 bits\r
- WORD w[], // Output key schedule to be used later\r
- int keysize); // Bit length of the key, 128, 192, or 256\r
+void aes_key_setup(const BYTE key[], // The key, must be 128, 192, or 256 bits\r
+ WORD w[], // Output key schedule to be used later\r
+ int keysize); // Bit length of the key, 128, 192, or 256\r
\r
-void aes_encrypt(const BYTE in[], // 16 bytes of plaintext\r
- BYTE out[], // 16 bytes of ciphertext\r
- const WORD key[], // From the key setup\r
- int keysize); // Bit length of the key, 128, 192, or 256\r
+void aes_encrypt(const BYTE in[], // 16 bytes of plaintext\r
+ BYTE out[], // 16 bytes of ciphertext\r
+ const WORD key[], // From the key setup\r
+ int keysize); // Bit length of the key, 128, 192, or 256\r
\r
-void aes_decrypt(const BYTE in[], // 16 bytes of ciphertext\r
- BYTE out[], // 16 bytes of plaintext\r
- const WORD key[], // From the key setup\r
- int keysize); // Bit length of the key, 128, 192, or 256\r
+void aes_decrypt(const BYTE in[], // 16 bytes of ciphertext\r
+ BYTE out[], // 16 bytes of plaintext\r
+ const WORD key[], // From the key setup\r
+ int keysize); // Bit length of the key, 128, 192, or 256\r
\r
///////////////////\r
// AES - CBC\r
///////////////////\r
-int aes_encrypt_cbc(const BYTE in[], // Plaintext\r
- size_t in_len, // Must be a multiple of AES_BLOCK_SIZE\r
- BYTE out[], // Ciphertext, same length as plaintext\r
- const WORD key[], // From the key setup\r
- int keysize, // Bit length of the key, 128, 192, or 256\r
- const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
+int aes_encrypt_cbc(const BYTE in[], // Plaintext\r
+ size_t in_len, // Must be a multiple of AES_BLOCK_SIZE\r
+ BYTE out[], // Ciphertext, same length as plaintext\r
+ const WORD key[], // From the key setup\r
+ int keysize, // Bit length of the key, 128, 192, or 256\r
+ const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
\r
// Only output the CBC-MAC of the input.\r
-int aes_encrypt_cbc_mac(const BYTE in[], // plaintext\r
- size_t in_len, // Must be a multiple of AES_BLOCK_SIZE\r
- BYTE out[], // Output MAC\r
- const WORD key[], // From the key setup\r
- int keysize, // Bit length of the key, 128, 192, or 256\r
- const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
+int aes_encrypt_cbc_mac(const BYTE in[], // plaintext\r
+ size_t in_len, // Must be a multiple of AES_BLOCK_SIZE\r
+ BYTE out[], // Output MAC\r
+ const WORD key[], // From the key setup\r
+ int keysize, // Bit length of the key, 128, 192, or 256\r
+ const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
\r
///////////////////\r
// AES - CTR\r
///////////////////\r
-void increment_iv(BYTE iv[], // Must be a multiple of AES_BLOCK_SIZE\r
- int counter_size); // Bytes of the IV used for counting (low end)\r
-\r
-void aes_encrypt_ctr(const BYTE in[], // Plaintext\r
- size_t in_len, // Any byte length\r
- BYTE out[], // Ciphertext, same length as plaintext\r
- const WORD key[], // From the key setup\r
- int keysize, // Bit length of the key, 128, 192, or 256\r
- const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
-\r
-void aes_decrypt_ctr(const BYTE in[], // Ciphertext\r
- size_t in_len, // Any byte length\r
- BYTE out[], // Plaintext, same length as ciphertext\r
- const WORD key[], // From the key setup\r
- int keysize, // Bit length of the key, 128, 192, or 256\r
- const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
+void increment_iv(BYTE iv[], // Must be a multiple of AES_BLOCK_SIZE\r
+ int counter_size); // Bytes of the IV used for counting (low end)\r
+\r
+void aes_encrypt_ctr(const BYTE in[], // Plaintext\r
+ size_t in_len, // Any byte length\r
+ BYTE out[], // Ciphertext, same length as plaintext\r
+ const WORD key[], // From the key setup\r
+ int keysize, // Bit length of the key, 128, 192, or 256\r
+ const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
+\r
+void aes_decrypt_ctr(const BYTE in[], // Ciphertext\r
+ size_t in_len, // Any byte length\r
+ BYTE out[], // Plaintext, same length as ciphertext\r
+ const WORD key[], // From the key setup\r
+ int keysize, // Bit length of the key, 128, 192, or 256\r
+ const BYTE iv[]); // IV, must be AES_BLOCK_SIZE bytes long\r
\r
///////////////////\r
// AES - CCM\r
///////////////////\r
// Returns True if the input parameters do not violate any constraint.\r
-int aes_encrypt_ccm(const BYTE plaintext[], // IN - Plaintext.\r
- WORD plaintext_len, // IN - Plaintext length.\r
- const BYTE associated_data[], // IN - Associated Data included in authentication, but not encryption.\r
- unsigned short associated_data_len, // IN - Associated Data length in bytes.\r
- const BYTE nonce[], // IN - The Nonce to be used for encryption.\r
- unsigned short nonce_len, // IN - Nonce length in bytes.\r
- BYTE ciphertext[], // OUT - Ciphertext, a concatination of the plaintext and the MAC.\r
- WORD *ciphertext_len, // OUT - The length of the ciphertext, always plaintext_len + mac_len.\r
- WORD mac_len, // IN - The desired length of the MAC, must be 4, 6, 8, 10, 12, 14, or 16.\r
- const BYTE key[], // IN - The AES key for encryption.\r
- int keysize); // IN - The length of the key in bits. Valid values are 128, 192, 256.\r
+int aes_encrypt_ccm(const BYTE plaintext[], // IN - Plaintext.\r
+ WORD plaintext_len, // IN - Plaintext length.\r
+ const BYTE associated_data[], // IN - Associated Data included in authentication, but not encryption.\r
+ unsigned short associated_data_len, // IN - Associated Data length in bytes.\r
+ const BYTE nonce[], // IN - The Nonce to be used for encryption.\r
+ unsigned short nonce_len, // IN - Nonce length in bytes.\r
+ BYTE ciphertext[], // OUT - Ciphertext, a concatination of the plaintext and the MAC.\r
+ WORD *ciphertext_len, // OUT - The length of the ciphertext, always plaintext_len + mac_len.\r
+ WORD mac_len, // IN - The desired length of the MAC, must be 4, 6, 8, 10, 12, 14, or 16.\r
+ const BYTE key[], // IN - The AES key for encryption.\r
+ int keysize); // IN - The length of the key in bits. Valid values are 128, 192, 256.\r
\r
// Returns True if the input parameters do not violate any constraint.\r
// Use mac_auth to ensure decryption/validation was preformed correctly.\r
// this, call with mac_auth = NULL. The proper proceedure is to decrypt with\r
// authentication enabled (mac_auth != NULL) and make a second call to that\r
// ignores authentication explicitly if the first call failes.\r
-int aes_decrypt_ccm(const BYTE ciphertext[], // IN - Ciphertext, the concatination of encrypted plaintext and MAC.\r
- WORD ciphertext_len, // IN - Ciphertext length in bytes.\r
- const BYTE assoc[], // IN - The Associated Data, required for authentication.\r
- unsigned short assoc_len, // IN - Associated Data length in bytes.\r
- const BYTE nonce[], // IN - The Nonce to use for decryption, same one as for encryption.\r
- unsigned short nonce_len, // IN - Nonce length in bytes.\r
- BYTE plaintext[], // OUT - The plaintext that was decrypted. Will need to be large enough to hold ciphertext_len - mac_len.\r
- WORD *plaintext_len, // OUT - Length in bytes of the output plaintext, always ciphertext_len - mac_len .\r
- WORD mac_len, // IN - The length of the MAC that was calculated.\r
- int *mac_auth, // OUT - TRUE if authentication succeeded, FALSE if it did not. NULL pointer will ignore the authentication.\r
- const BYTE key[], // IN - The AES key for decryption.\r
- int keysize); // IN - The length of the key in BITS. Valid values are 128, 192, 256.\r
+int aes_decrypt_ccm(const BYTE ciphertext[], // IN - Ciphertext, the concatination of encrypted plaintext and MAC.\r
+ WORD ciphertext_len, // IN - Ciphertext length in bytes.\r
+ const BYTE assoc[], // IN - The Associated Data, required for authentication.\r
+ unsigned short assoc_len, // IN - Associated Data length in bytes.\r
+ const BYTE nonce[], // IN - The Nonce to use for decryption, same one as for encryption.\r
+ unsigned short nonce_len, // IN - Nonce length in bytes.\r
+ BYTE plaintext[], // OUT - The plaintext that was decrypted. Will need to be large enough to hold ciphertext_len - mac_len.\r
+ WORD *plaintext_len, // OUT - Length in bytes of the output plaintext, always ciphertext_len - mac_len .\r
+ WORD mac_len, // IN - The length of the MAC that was calculated.\r
+ int *mac_auth, // OUT - TRUE if authentication succeeded, FALSE if it did not. NULL pointer will ignore the authentication.\r
+ const BYTE key[], // IN - The AES key for decryption.\r
+ int keysize); // IN - The length of the key in BITS. Valid values are 128, 192, 256.\r
\r
///////////////////\r
// Test functions\r
int aes_ctr_test();\r
int aes_ccm_test();\r
\r
-#endif // AES_H\r
+#endif // AES_H\r