From 218dbd8b7a76ea9f1e3b7051a4d6326b7fb4c942 Mon Sep 17 00:00:00 2001 From: kokke Date: Mon, 30 Mar 2020 21:43:47 +0200 Subject: [PATCH 01/15] Update aes.h --- aes.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aes.h b/aes.h index 87f1471..0d3b2e0 100644 --- a/aes.h +++ b/aes.h @@ -27,7 +27,7 @@ //#define AES192 1 //#define AES256 1 -#define AES_BLOCKLEN 16 //Block length in bytes AES is 128b block only +#define AES_BLOCKLEN 16 // Block length in bytes - AES is 128b block only #if defined(AES256) && (AES256 == 1) #define AES_KEYLEN 32 @@ -87,4 +87,4 @@ void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); #endif // #if defined(CTR) && (CTR == 1) -#endif //_AES_H_ +#endif // _AES_H_ From 7a3de7ed01df452c7798dc1936c0d089423989db Mon Sep 17 00:00:00 2001 From: kokke Date: Mon, 30 Mar 2020 21:47:48 +0200 Subject: [PATCH 02/15] removing commented-out call to printf... --- aes.c | 1 - 1 file changed, 1 deletion(-) diff --git a/aes.c b/aes.c index 32b7041..eaf2b69 100644 --- a/aes.c +++ b/aes.c @@ -505,7 +505,6 @@ void AES_CBC_encrypt_buffer(struct AES_ctx *ctx, uint8_t* buf, uint32_t length) Cipher((state_t*)buf, ctx->RoundKey); Iv = buf; buf += AES_BLOCKLEN; - //printf("Step %d - %d", i/16, i); } /* store Iv in ctx for next call */ memcpy(ctx->Iv, Iv, AES_BLOCKLEN); From b4240662c6e59834394a680d0a9260acc2d14807 Mon Sep 17 00:00:00 2001 From: kokke Date: Mon, 30 Mar 2020 21:53:26 +0200 Subject: [PATCH 03/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 883e687..96950ac 100644 --- a/README.md +++ b/README.md @@ -75,7 +75,7 @@ This implementation is verified against the data in: The other appendices in the document are valuable for implementation details on e.g. padding, generation of IVs and nonces in CTR-mode etc. -A heartfelt thank-you to all the nice people out there who have contributed to this project. +A heartfelt thank-you to [all the nice people](https://github.com/kokke/tiny-AES-c/graphs/contributors) out there who have contributed to this project. All material in this repository is in the public domain. From d2b3cd64e83747f7114a2a39b1bf9263b565a5b1 Mon Sep 17 00:00:00 2001 From: Jacob Siverskog Date: Thu, 28 May 2020 10:52:50 +0200 Subject: [PATCH 04/15] Fix compiler warning in CTR only mode Fixes the following warning: aes.c:98:22: warning: 'rsbox' defined but not used [-Wunused-const-variable=] 98 | static const uint8_t rsbox[256] = { | ^~~~~ With CBC = 0, ECB = 0 and CTR = 1. --- aes.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/aes.c b/aes.c index eaf2b69..f0fc791 100644 --- a/aes.c +++ b/aes.c @@ -95,6 +95,7 @@ static const uint8_t sbox[256] = { 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; +#if (defined(CBC) && CBC == 1) || (defined(ECB) && ECB == 1) static const uint8_t rsbox[256] = { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, @@ -112,6 +113,7 @@ static const uint8_t rsbox[256] = { 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d }; +#endif // The round constant word array, Rcon[i], contains the values given by // x to the power (i-1) being powers of x (x is denoted as {02}) in the field GF(2^8) @@ -139,13 +141,6 @@ static uint8_t getSBoxValue(uint8_t num) } */ #define getSBoxValue(num) (sbox[(num)]) -/* -static uint8_t getSBoxInvert(uint8_t num) -{ - return rsbox[num]; -} -*/ -#define getSBoxInvert(num) (rsbox[(num)]) // This function produces Nb(Nr+1) round keys. The round keys are used in each round to decrypt the states. static void KeyExpansion(uint8_t* RoundKey, const uint8_t* Key) @@ -341,6 +336,14 @@ static uint8_t Multiply(uint8_t x, uint8_t y) #endif #if (defined(CBC) && CBC == 1) || (defined(ECB) && ECB == 1) +/* +static uint8_t getSBoxInvert(uint8_t num) +{ + return rsbox[num]; +} +*/ +#define getSBoxInvert(num) (rsbox[(num)]) + // MixColumns function mixes the columns of the state matrix. // The method used to multiply may be difficult to understand for the inexperienced. // Please use the references to gain more information. From 58d9ab69101252bd654ae800a0aa8cd8de60727a Mon Sep 17 00:00:00 2001 From: k6dsp Date: Tue, 30 Jun 2020 11:56:20 -0700 Subject: [PATCH 05/15] update cmakelists.txt to be able to use it in add_subdirectory() - Remove reference to ASM language - advance minimum version of the cmake required as far version 2 is VERY outdated. - remove hardcoded folder name of "tiny-AES-c as target_include_directory which by some reason is PRIVATE and could not be used as add_subdirectory() in main project. --- CMakeLists.txt | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3c6081f..539cd68 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,9 +1,17 @@ -cmake_minimum_required(VERSION 2.8.12) +cmake_minimum_required(VERSION 3.12) -project(tinyaes C ASM) +project(tiny-aes C) -add_library(tiny-aes - aes.c - ) +add_library(${PROJECT_NAME} "") +target_sources(${PROJECT_NAME} + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/aes.c + INTERFACE + ${CMAKE_CURRENT_LIST_DIR}/aes.h + ${CMAKE_CURRENT_LIST_DIR}/aes.hpp +) -target_include_directories(tiny-aes PRIVATE tiny-AES-c/) +target_include_directories(${PROJECT_NAME} + INTERFACE + ${CMAKE_CURRENT_LIST_DIR} +) From 2ca3e81f3c065a780d0d66cc8a77faabbb4d62f1 Mon Sep 17 00:00:00 2001 From: Ihor Dutchak Date: Sat, 26 Sep 2020 19:10:19 +0300 Subject: [PATCH 06/15] use size_t for buffer size and its indexes - this allows using CBC/CTR with buffers larger than 4GB on 64bit systems; Closes: #172 Signed-off-by: Ihor Dutchak --- aes.c | 12 ++++++------ aes.h | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/aes.c b/aes.c index eaf2b69..555457a 100644 --- a/aes.c +++ b/aes.c @@ -495,9 +495,9 @@ static void XorWithIv(uint8_t* buf, const uint8_t* Iv) } } -void AES_CBC_encrypt_buffer(struct AES_ctx *ctx, uint8_t* buf, uint32_t length) +void AES_CBC_encrypt_buffer(struct AES_ctx *ctx, uint8_t* buf, size_t length) { - uintptr_t i; + size_t i; uint8_t *Iv = ctx->Iv; for (i = 0; i < length; i += AES_BLOCKLEN) { @@ -510,9 +510,9 @@ void AES_CBC_encrypt_buffer(struct AES_ctx *ctx, uint8_t* buf, uint32_t length) memcpy(ctx->Iv, Iv, AES_BLOCKLEN); } -void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length) +void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length) { - uintptr_t i; + size_t i; uint8_t storeNextIv[AES_BLOCKLEN]; for (i = 0; i < length; i += AES_BLOCKLEN) { @@ -532,11 +532,11 @@ void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length) #if defined(CTR) && (CTR == 1) /* Symmetrical operation: same function for encrypting as for decrypting. Note any IV/nonce should never be reused with the same key */ -void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length) +void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length) { uint8_t buffer[AES_BLOCKLEN]; - unsigned i; + size_t i; int bi; for (i = 0, bi = AES_BLOCKLEN; i < length; ++i, ++bi) { diff --git a/aes.h b/aes.h index 0d3b2e0..ade29e8 100644 --- a/aes.h +++ b/aes.h @@ -69,8 +69,8 @@ void AES_ECB_decrypt(const struct AES_ctx* ctx, uint8_t* buf); // Suggest https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme // NOTES: you need to set IV in ctx via AES_init_ctx_iv() or AES_ctx_set_iv() // no IV should ever be reused with the same key -void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); -void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); +void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); +void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); #endif // #if defined(CBC) && (CBC == 1) @@ -82,7 +82,7 @@ void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); // Suggesting https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme // NOTES: you need to set IV in ctx with AES_init_ctx_iv() or AES_ctx_set_iv() // no IV should ever be reused with the same key -void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); +void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); #endif // #if defined(CTR) && (CTR == 1) From 7279b02ac9decf032d9e519b2d400ee7d76f5e89 Mon Sep 17 00:00:00 2001 From: kokke Date: Wed, 6 Jan 2021 02:31:18 +0100 Subject: [PATCH 07/15] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 96950ac..44c108d 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); Note: * No padding is provided so for CBC and ECB all buffers should be multiples of 16 bytes. For padding [PKCS7](https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7) is recommendable. * ECB mode is considered unsafe for most uses and is not implemented in streaming mode. If you need this mode, call the function for every block of 16 bytes you need encrypted. See [wikipedia's article on ECB](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB)) for more details. + * This library is not super fast. It is intended for portability and small size, not high speed. OpenSSL for example, is probably much faster. You can choose to use any or all of the modes-of-operations, by defining the symbols CBC, CTR or ECB. See the header file for clarification. From c0ca6f5857f840bd3091bf99cd00029f152e3dac Mon Sep 17 00:00:00 2001 From: kokke Date: Wed, 6 Jan 2021 02:36:16 +0100 Subject: [PATCH 08/15] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 44c108d..8731992 100644 --- a/README.md +++ b/README.md @@ -18,11 +18,11 @@ void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv); void AES_ECB_encrypt(const struct AES_ctx* ctx, uint8_t* buf); void AES_ECB_decrypt(const struct AES_ctx* ctx, uint8_t* buf); -void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); -void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); +void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); +void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); /* Same function for encrypting as for decrypting in CTR mode */ -void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, uint32_t length); +void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); ``` Note: From 7f70d54d6e8e22dec58a59254f53c3e66e978199 Mon Sep 17 00:00:00 2001 From: kokke Date: Wed, 6 Jan 2021 18:07:35 +0100 Subject: [PATCH 09/15] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8731992..6cedcfc 100644 --- a/README.md +++ b/README.md @@ -25,10 +25,10 @@ void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); ``` -Note: +Important notes: * No padding is provided so for CBC and ECB all buffers should be multiples of 16 bytes. For padding [PKCS7](https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7) is recommendable. * ECB mode is considered unsafe for most uses and is not implemented in streaming mode. If you need this mode, call the function for every block of 16 bytes you need encrypted. See [wikipedia's article on ECB](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB)) for more details. - * This library is not super fast. It is intended for portability and small size, not high speed. OpenSSL for example, is probably much faster. + * This library is designed for small code size and simplicity, intended for cases where small binary size, low memory footprint and portability is more important than high performance. If speed is a concern, you can try more complex libraries, e.g. [Mbed TLS](https://tls.mbed.org/), [OpenSSL](https://www.openssl.org/) etc. You can choose to use any or all of the modes-of-operations, by defining the symbols CBC, CTR or ECB. See the header file for clarification. From cd58bb2d57a7f1a8c38655e6e96d5cb2dc08a261 Mon Sep 17 00:00:00 2001 From: kokke Date: Fri, 8 Jan 2021 21:48:00 +0100 Subject: [PATCH 10/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6cedcfc..8a9a226 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ Important notes: * ECB mode is considered unsafe for most uses and is not implemented in streaming mode. If you need this mode, call the function for every block of 16 bytes you need encrypted. See [wikipedia's article on ECB](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB)) for more details. * This library is designed for small code size and simplicity, intended for cases where small binary size, low memory footprint and portability is more important than high performance. If speed is a concern, you can try more complex libraries, e.g. [Mbed TLS](https://tls.mbed.org/), [OpenSSL](https://www.openssl.org/) etc. -You can choose to use any or all of the modes-of-operations, by defining the symbols CBC, CTR or ECB. See the header file for clarification. +You can choose to use any or all of the modes-of-operations, by defining the symbols CBC, CTR or ECB in [`aes.h`](https://github.com/kokke/tiny-AES-c/blob/master/aes.h) (read the comments for clarification). C++ users should `#include` [aes.hpp](https://github.com/kokke/tiny-AES-c/blob/master/aes.hpp) instead of [aes.h](https://github.com/kokke/tiny-AES-c/blob/master/aes.h) From 6a0bce9ea948b9bf94b27c9be5be14880299e361 Mon Sep 17 00:00:00 2001 From: kokke Date: Sat, 9 Jan 2021 03:25:14 +0100 Subject: [PATCH 11/15] Create c-cpp.yml --- .github/workflows/c-cpp.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/c-cpp.yml diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml new file mode 100644 index 0000000..ee86dde --- /dev/null +++ b/.github/workflows/c-cpp.yml @@ -0,0 +1,24 @@ +name: C/C++ CI + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: make clean + run: make clean + - name: make + run: make + - name: make test + run: make test From 362de561edbaa8555112664485c469372faafb88 Mon Sep 17 00:00:00 2001 From: kokke Date: Sat, 9 Jan 2021 03:25:38 +0100 Subject: [PATCH 12/15] Update c-cpp.yml --- .github/workflows/c-cpp.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index ee86dde..e92bfbc 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -1,4 +1,4 @@ -name: C/C++ CI +name: CI on: push: From 60fdf9768c4e65a8987e17de0c5a9d18ce940e6a Mon Sep 17 00:00:00 2001 From: kokke Date: Sat, 9 Jan 2021 03:27:13 +0100 Subject: [PATCH 13/15] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 8a9a226..6811e0e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,4 @@ +![CI](https://github.com/kokke/tiny-AES-c/workflows/CI/badge.svg) ### Tiny AES in C This is a small and portable implementation of the AES [ECB](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29), [CTR](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_.28CTR.29) and [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_.28CBC.29) encryption algorithms written in C. From 9a97587a489582e2aae2d8b83d63413a9f64c0e6 Mon Sep 17 00:00:00 2001 From: Ilya Kondrashkin Date: Tue, 16 Feb 2021 14:07:45 +0300 Subject: [PATCH 14/15] include stddef.h --- aes.h | 1 + 1 file changed, 1 insertion(+) diff --git a/aes.h b/aes.h index ade29e8..b29b668 100644 --- a/aes.h +++ b/aes.h @@ -2,6 +2,7 @@ #define _AES_H_ #include +#include // #define the macros below to 1/0 to enable/disable the mode of operation. // From a0ce4cf48e3a817b5175efe58c5fe8db9575e975 Mon Sep 17 00:00:00 2001 From: Christoph Honal Date: Sun, 19 Dec 2021 19:23:30 +0100 Subject: [PATCH 15/15] Exclude tests from build in library.json for PlatfomIO --- library.json | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/library.json b/library.json index d7abe89..c3acc24 100644 --- a/library.json +++ b/library.json @@ -1,13 +1,19 @@ { - "name": "tiny-AES-c", - "keywords": "cryptography, aes", - "description": "Small portable AES128/192/256 in C", - "repository": - { - "type": "git", - "url": "https://github.com/kokke/tiny-AES-c.git" - }, - "frameworks": "*", - "platforms": "*", - "examples": "test.c" + "version": "1.0.0", + "name": "tiny-AES-c", + "keywords": "cryptography, aes", + "description": "Small portable AES128/192/256 in C", + "repository": + { + "type": "git", + "branch": "master", + "url": "https://github.com/kokke/tiny-AES-c.git" + }, + "frameworks": "*", + "platforms": "*", + "examples": "test.c", + "build": + { + "srcFilter": "+<*> -<.git/> - - -" + } }