You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a small and portable implementation of the AES ECB, CTR and CBC encryption algorithms written in C.
You can override the default key-size of 128 bit with 192 or 256 bit by defining the symbols AES192 or AES256 in aes.h.
The API is very simple and looks like this (I am using C99 <stdint.h>-style annotated types):
/* Initialize context calling one of: */voidAES_init_ctx(structAES_ctx*ctx, constuint8_t*key);
voidAES_init_ctx_iv(structAES_ctx*ctx, constuint8_t*key, constuint8_t*iv);
/* ... or reset IV at random point: */voidAES_ctx_set_iv(structAES_ctx*ctx, constuint8_t*iv);
/* Then start encrypting and decrypting with the functions below: */voidAES_ECB_encrypt(conststructAES_ctx*ctx, uint8_t*buf);
voidAES_ECB_decrypt(conststructAES_ctx*ctx, uint8_t*buf);
voidAES_CBC_encrypt_buffer(structAES_ctx*ctx, uint8_t*buf, size_tlength);
voidAES_CBC_decrypt_buffer(structAES_ctx*ctx, uint8_t*buf, size_tlength);
/* Same function for encrypting as for decrypting in CTR mode */voidAES_CTR_xcrypt_buffer(structAES_ctx*ctx, uint8_t*buf, size_tlength);
Important notes:
No padding is provided so for CBC and ECB all buffers should be multiples of 16 bytes. For padding PKCS7 is recommendable.
ECB mode is considered unsafe for most uses and is not implemented in streaming mode. If you need this mode, call the function for every block of 16 bytes you need encrypted. See wikipedia's article on ECB for more details.
This library is designed for small code size and simplicity, intended for cases where small binary size, low memory footprint and portability is more important than high performance. If speed is a concern, you can try more complex libraries, e.g. Mbed TLS, OpenSSL etc.
You can choose to use any or all of the modes-of-operations, by defining the symbols CBC, CTR or ECB in aes.h (read the comments for clarification).
There is no built-in error checking or protection from out-of-bounds memory access errors as a result of malicious input.
The module uses less than 200 bytes of RAM and 1-2K ROM when compiled for ARM, but YMMV depending on which modes are enabled.
It is one of the smallest implementations in C I've seen yet, but do contact me if you know of something smaller (or have improvements to the code here).
I've successfully used the code on 64bit x86, 32bit ARM and 8 bit AVR platforms.
GCC size output when only CTR mode is compiled for ARM:
$ arm-none-eabi-gcc -Os -DCBC=0 -DECB=0 -DCTR=1 -c aes.c
$ size aes.o
text data bss dec hex filename
1171 0 0 1171 493 aes.o
.. and when compiling for the THUMB instruction set, we end up well below 1K in code size.
$ arm-none-eabi-gcc -Os -mthumb -DCBC=0 -DECB=0 -DCTR=1 -c aes.c
$ size aes.o
text data bss dec hex filename
903 0 0 903 387 aes.o
I am using the Free Software Foundation, ARM GCC compiler:
$ arm-none-eabi-gcc --version
arm-none-eabi-gcc (4.8.4-1+11-1) 4.8.4 20141219 (release)
Copyright (C) 2013 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
This implementation is verified against the data in:
