Dependencies: BLE_API LoRaWAN-lib SX1276Lib mbed nRF51822 HCSR04Lib
Fork of
LoRa
by 
Olav Nymoen
system/crypto/aes.h@0:4c1fcbfcc7bf, 2016-05-09 (annotated)
- Committer:
- olav
- Date:
- Mon May 09 08:06:21 2016 +0000
- Revision:
- 0:4c1fcbfcc7bf
initial commit
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| olav | 0:4c1fcbfcc7bf | 1 | /* |
| olav | 0:4c1fcbfcc7bf | 2 | --------------------------------------------------------------------------- |
| olav | 0:4c1fcbfcc7bf | 3 | Copyright (c) 1998-2008, Brian Gladman, Worcester, UK. All rights reserved. |
| olav | 0:4c1fcbfcc7bf | 4 | |
| olav | 0:4c1fcbfcc7bf | 5 | LICENSE TERMS |
| olav | 0:4c1fcbfcc7bf | 6 | |
| olav | 0:4c1fcbfcc7bf | 7 | The redistribution and use of this software (with or without changes) |
| olav | 0:4c1fcbfcc7bf | 8 | is allowed without the payment of fees or royalties provided that: |
| olav | 0:4c1fcbfcc7bf | 9 | |
| olav | 0:4c1fcbfcc7bf | 10 | 1. source code distributions include the above copyright notice, this |
| olav | 0:4c1fcbfcc7bf | 11 | list of conditions and the following disclaimer; |
| olav | 0:4c1fcbfcc7bf | 12 | |
| olav | 0:4c1fcbfcc7bf | 13 | 2. binary distributions include the above copyright notice, this list |
| olav | 0:4c1fcbfcc7bf | 14 | of conditions and the following disclaimer in their documentation; |
| olav | 0:4c1fcbfcc7bf | 15 | |
| olav | 0:4c1fcbfcc7bf | 16 | 3. the name of the copyright holder is not used to endorse products |
| olav | 0:4c1fcbfcc7bf | 17 | built using this software without specific written permission. |
| olav | 0:4c1fcbfcc7bf | 18 | |
| olav | 0:4c1fcbfcc7bf | 19 | DISCLAIMER |
| olav | 0:4c1fcbfcc7bf | 20 | |
| olav | 0:4c1fcbfcc7bf | 21 | This software is provided 'as is' with no explicit or implied warranties |
| olav | 0:4c1fcbfcc7bf | 22 | in respect of its properties, including, but not limited to, correctness |
| olav | 0:4c1fcbfcc7bf | 23 | and/or fitness for purpose. |
| olav | 0:4c1fcbfcc7bf | 24 | --------------------------------------------------------------------------- |
| olav | 0:4c1fcbfcc7bf | 25 | Issue 09/09/2006 |
| olav | 0:4c1fcbfcc7bf | 26 | |
| olav | 0:4c1fcbfcc7bf | 27 | This is an AES implementation that uses only 8-bit byte operations on the |
| olav | 0:4c1fcbfcc7bf | 28 | cipher state. |
| olav | 0:4c1fcbfcc7bf | 29 | */ |
| olav | 0:4c1fcbfcc7bf | 30 | |
| olav | 0:4c1fcbfcc7bf | 31 | #ifndef AES_H |
| olav | 0:4c1fcbfcc7bf | 32 | #define AES_H |
| olav | 0:4c1fcbfcc7bf | 33 | |
| olav | 0:4c1fcbfcc7bf | 34 | #if 1 |
| olav | 0:4c1fcbfcc7bf | 35 | # define AES_ENC_PREKEYED /* AES encryption with a precomputed key schedule */ |
| olav | 0:4c1fcbfcc7bf | 36 | #endif |
| olav | 0:4c1fcbfcc7bf | 37 | #if 0 |
| olav | 0:4c1fcbfcc7bf | 38 | # define AES_DEC_PREKEYED /* AES decryption with a precomputed key schedule */ |
| olav | 0:4c1fcbfcc7bf | 39 | #endif |
| olav | 0:4c1fcbfcc7bf | 40 | #if 0 |
| olav | 0:4c1fcbfcc7bf | 41 | # define AES_ENC_128_OTFK /* AES encryption with 'on the fly' 128 bit keying */ |
| olav | 0:4c1fcbfcc7bf | 42 | #endif |
| olav | 0:4c1fcbfcc7bf | 43 | #if 0 |
| olav | 0:4c1fcbfcc7bf | 44 | # define AES_DEC_128_OTFK /* AES decryption with 'on the fly' 128 bit keying */ |
| olav | 0:4c1fcbfcc7bf | 45 | #endif |
| olav | 0:4c1fcbfcc7bf | 46 | #if 0 |
| olav | 0:4c1fcbfcc7bf | 47 | # define AES_ENC_256_OTFK /* AES encryption with 'on the fly' 256 bit keying */ |
| olav | 0:4c1fcbfcc7bf | 48 | #endif |
| olav | 0:4c1fcbfcc7bf | 49 | #if 0 |
| olav | 0:4c1fcbfcc7bf | 50 | # define AES_DEC_256_OTFK /* AES decryption with 'on the fly' 256 bit keying */ |
| olav | 0:4c1fcbfcc7bf | 51 | #endif |
| olav | 0:4c1fcbfcc7bf | 52 | |
| olav | 0:4c1fcbfcc7bf | 53 | #define N_ROW 4 |
| olav | 0:4c1fcbfcc7bf | 54 | #define N_COL 4 |
| olav | 0:4c1fcbfcc7bf | 55 | #define N_BLOCK (N_ROW * N_COL) |
| olav | 0:4c1fcbfcc7bf | 56 | #define N_MAX_ROUNDS 14 |
| olav | 0:4c1fcbfcc7bf | 57 | |
| olav | 0:4c1fcbfcc7bf | 58 | typedef uint8_t return_type; |
| olav | 0:4c1fcbfcc7bf | 59 | |
| olav | 0:4c1fcbfcc7bf | 60 | /* Warning: The key length for 256 bit keys overflows a byte |
| olav | 0:4c1fcbfcc7bf | 61 | (see comment below) |
| olav | 0:4c1fcbfcc7bf | 62 | */ |
| olav | 0:4c1fcbfcc7bf | 63 | |
| olav | 0:4c1fcbfcc7bf | 64 | typedef uint8_t length_type; |
| olav | 0:4c1fcbfcc7bf | 65 | |
| olav | 0:4c1fcbfcc7bf | 66 | typedef struct |
| olav | 0:4c1fcbfcc7bf | 67 | { uint8_t ksch[(N_MAX_ROUNDS + 1) * N_BLOCK]; |
| olav | 0:4c1fcbfcc7bf | 68 | uint8_t rnd; |
| olav | 0:4c1fcbfcc7bf | 69 | } aes_context; |
| olav | 0:4c1fcbfcc7bf | 70 | |
| olav | 0:4c1fcbfcc7bf | 71 | /* The following calls are for a precomputed key schedule |
| olav | 0:4c1fcbfcc7bf | 72 | |
| olav | 0:4c1fcbfcc7bf | 73 | NOTE: If the length_type used for the key length is an |
| olav | 0:4c1fcbfcc7bf | 74 | unsigned 8-bit character, a key length of 256 bits must |
| olav | 0:4c1fcbfcc7bf | 75 | be entered as a length in bytes (valid inputs are hence |
| olav | 0:4c1fcbfcc7bf | 76 | 128, 192, 16, 24 and 32). |
| olav | 0:4c1fcbfcc7bf | 77 | */ |
| olav | 0:4c1fcbfcc7bf | 78 | |
| olav | 0:4c1fcbfcc7bf | 79 | #if defined( AES_ENC_PREKEYED ) || defined( AES_DEC_PREKEYED ) |
| olav | 0:4c1fcbfcc7bf | 80 | |
| olav | 0:4c1fcbfcc7bf | 81 | return_type aes_set_key( const uint8_t key[], |
| olav | 0:4c1fcbfcc7bf | 82 | length_type keylen, |
| olav | 0:4c1fcbfcc7bf | 83 | aes_context ctx[1] ); |
| olav | 0:4c1fcbfcc7bf | 84 | #endif |
| olav | 0:4c1fcbfcc7bf | 85 | |
| olav | 0:4c1fcbfcc7bf | 86 | #if defined( AES_ENC_PREKEYED ) |
| olav | 0:4c1fcbfcc7bf | 87 | |
| olav | 0:4c1fcbfcc7bf | 88 | return_type aes_encrypt( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 89 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 90 | const aes_context ctx[1] ); |
| olav | 0:4c1fcbfcc7bf | 91 | |
| olav | 0:4c1fcbfcc7bf | 92 | return_type aes_cbc_encrypt( const uint8_t *in, |
| olav | 0:4c1fcbfcc7bf | 93 | uint8_t *out, |
| olav | 0:4c1fcbfcc7bf | 94 | int32_t n_block, |
| olav | 0:4c1fcbfcc7bf | 95 | uint8_t iv[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 96 | const aes_context ctx[1] ); |
| olav | 0:4c1fcbfcc7bf | 97 | #endif |
| olav | 0:4c1fcbfcc7bf | 98 | |
| olav | 0:4c1fcbfcc7bf | 99 | #if defined( AES_DEC_PREKEYED ) |
| olav | 0:4c1fcbfcc7bf | 100 | |
| olav | 0:4c1fcbfcc7bf | 101 | return_type aes_decrypt( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 102 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 103 | const aes_context ctx[1] ); |
| olav | 0:4c1fcbfcc7bf | 104 | |
| olav | 0:4c1fcbfcc7bf | 105 | return_type aes_cbc_decrypt( const uint8_t *in, |
| olav | 0:4c1fcbfcc7bf | 106 | uint8_t *out, |
| olav | 0:4c1fcbfcc7bf | 107 | int32_t n_block, |
| olav | 0:4c1fcbfcc7bf | 108 | uint8_t iv[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 109 | const aes_context ctx[1] ); |
| olav | 0:4c1fcbfcc7bf | 110 | #endif |
| olav | 0:4c1fcbfcc7bf | 111 | |
| olav | 0:4c1fcbfcc7bf | 112 | /* The following calls are for 'on the fly' keying. In this case the |
| olav | 0:4c1fcbfcc7bf | 113 | encryption and decryption keys are different. |
| olav | 0:4c1fcbfcc7bf | 114 | |
| olav | 0:4c1fcbfcc7bf | 115 | The encryption subroutines take a key in an array of bytes in |
| olav | 0:4c1fcbfcc7bf | 116 | key[L] where L is 16, 24 or 32 bytes for key lengths of 128, |
| olav | 0:4c1fcbfcc7bf | 117 | 192, and 256 bits respectively. They then encrypts the input |
| olav | 0:4c1fcbfcc7bf | 118 | data, in[] with this key and put the reult in the output array |
| olav | 0:4c1fcbfcc7bf | 119 | out[]. In addition, the second key array, o_key[L], is used |
| olav | 0:4c1fcbfcc7bf | 120 | to output the key that is needed by the decryption subroutine |
| olav | 0:4c1fcbfcc7bf | 121 | to reverse the encryption operation. The two key arrays can |
| olav | 0:4c1fcbfcc7bf | 122 | be the same array but in this case the original key will be |
| olav | 0:4c1fcbfcc7bf | 123 | overwritten. |
| olav | 0:4c1fcbfcc7bf | 124 | |
| olav | 0:4c1fcbfcc7bf | 125 | In the same way, the decryption subroutines output keys that |
| olav | 0:4c1fcbfcc7bf | 126 | can be used to reverse their effect when used for encryption. |
| olav | 0:4c1fcbfcc7bf | 127 | |
| olav | 0:4c1fcbfcc7bf | 128 | Only 128 and 256 bit keys are supported in these 'on the fly' |
| olav | 0:4c1fcbfcc7bf | 129 | modes. |
| olav | 0:4c1fcbfcc7bf | 130 | */ |
| olav | 0:4c1fcbfcc7bf | 131 | |
| olav | 0:4c1fcbfcc7bf | 132 | #if defined( AES_ENC_128_OTFK ) |
| olav | 0:4c1fcbfcc7bf | 133 | void aes_encrypt_128( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 134 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 135 | const uint8_t key[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 136 | uint8_t o_key[N_BLOCK] ); |
| olav | 0:4c1fcbfcc7bf | 137 | #endif |
| olav | 0:4c1fcbfcc7bf | 138 | |
| olav | 0:4c1fcbfcc7bf | 139 | #if defined( AES_DEC_128_OTFK ) |
| olav | 0:4c1fcbfcc7bf | 140 | void aes_decrypt_128( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 141 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 142 | const uint8_t key[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 143 | uint8_t o_key[N_BLOCK] ); |
| olav | 0:4c1fcbfcc7bf | 144 | #endif |
| olav | 0:4c1fcbfcc7bf | 145 | |
| olav | 0:4c1fcbfcc7bf | 146 | #if defined( AES_ENC_256_OTFK ) |
| olav | 0:4c1fcbfcc7bf | 147 | void aes_encrypt_256( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 148 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 149 | const uint8_t key[2 * N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 150 | uint8_t o_key[2 * N_BLOCK] ); |
| olav | 0:4c1fcbfcc7bf | 151 | #endif |
| olav | 0:4c1fcbfcc7bf | 152 | |
| olav | 0:4c1fcbfcc7bf | 153 | #if defined( AES_DEC_256_OTFK ) |
| olav | 0:4c1fcbfcc7bf | 154 | void aes_decrypt_256( const uint8_t in[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 155 | uint8_t out[N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 156 | const uint8_t key[2 * N_BLOCK], |
| olav | 0:4c1fcbfcc7bf | 157 | uint8_t o_key[2 * N_BLOCK] ); |
| olav | 0:4c1fcbfcc7bf | 158 | #endif |
| olav | 0:4c1fcbfcc7bf | 159 | |
| olav | 0:4c1fcbfcc7bf | 160 | #endif |