| 1 | [[tags:egg]] |
|---|
| 2 | |
|---|
| 3 | == AES |
|---|
| 4 | |
|---|
| 5 | === Introduction |
|---|
| 6 | |
|---|
| 7 | The aes egg implements the AES / Rijndael cryptosystem. |
|---|
| 8 | |
|---|
| 9 | It does not provide any higher-level operations such as encryption 'modes'; it just provides two procedures per variant of the algorithm, which take a key (as a blob of the correct length) and return a procedure that maps 16-byte blobs to 16-byte blobs - one for encryption, one for decryption. |
|---|
| 10 | |
|---|
| 11 | === Examples |
|---|
| 12 | |
|---|
| 13 | <enscript highlight="scheme"> |
|---|
| 14 | (use aes) |
|---|
| 15 | (use crypto-tools) ; for the hexstring functions |
|---|
| 16 | (define encryptor (make-aes128-encryptor (hexstring->blob "00010203050607080A0B0C0D0F101112"))) |
|---|
| 17 | (define decryptor (make-aes128-decryptor (hexstring->blob "00010203050607080A0B0C0D0F101112"))) |
|---|
| 18 | (define encrypted (encryptor (hexstring->blob "506812A45F08C889B97F5980038B8359"))) |
|---|
| 19 | (define decrypted (decryptor encrypted)) |
|---|
| 20 | |
|---|
| 21 | (blob->hexstring encrypted) |
|---|
| 22 | => "d8f532538289ef7d06b506a4fd5be9c9" |
|---|
| 23 | |
|---|
| 24 | (blob->hexstring decrypted) |
|---|
| 25 | => "506812a45f08c889b97f5980038b8359" |
|---|
| 26 | </enscript> |
|---|
| 27 | |
|---|
| 28 | === Library functions |
|---|
| 29 | |
|---|
| 30 | <procedure>(make-aes128-encryptor BLOB) => PROCESSOR</procedure> |
|---|
| 31 | <procedure>(make-aes128-decryptor BLOB) => PROCESSOR</procedure> |
|---|
| 32 | <procedure>(make-aes192-encryptor BLOB) => PROCESSOR</procedure> |
|---|
| 33 | <procedure>(make-aes192-decryptor BLOB) => PROCESSOR</procedure> |
|---|
| 34 | <procedure>(make-aes256-encryptor BLOB) => PROCESSOR</procedure> |
|---|
| 35 | <procedure>(make-aes256-decryptor BLOB) => PROCESSOR</procedure> |
|---|
| 36 | |
|---|
| 37 | Using the supplied blob as a raw key, return a procedure that maps 16-byte blobs to 16-byte blobs, either encrypting or decrypting them with the specified key. The key is not modified in any way; if you just split your data into blocks (with padding) and encrypt each, you will merely be operating in ECB mode, which isn't very secure. |
|---|
| 38 | |
|---|
| 39 | 128-bit keys must be 16 bytes long, 192-bit keys 24 bytes, and 256-bit keys 32 bytes. Otherwise, an error will be signalled. Likewise, passing a blob of other than 16 bytes to a `PROCESSOR` will result in an error. |
|---|
| 40 | |
|---|
| 41 | === Authors |
|---|
| 42 | |
|---|
| 43 | [[alaric-blagrave-snellpym|Alaric B. Snell-Pym]], based on public domain code from [[http://www.efgh.com/software/rijndael.htm]]. |
|---|
| 44 | |
|---|
| 45 | My modifications extend no further than pasting it together, putting static modifiers on all the functions, and adding type casts for the u32-pointer key arguments. |
|---|
| 46 | |
|---|
| 47 | The author of the original code is "Philip J. Erdelsky <pje@efgh.com>", who based it on code by Vincent Rijmen vincent.rijmen@esat.kuleuven.ac.be, Antoon Bosselaers antoon.bosselaers@esat.kuleuven.ac.be, and Paulo Barreto paulo.barreto@terra.com.br |
|---|
| 48 | |
|---|
| 49 | === License |
|---|
| 50 | |
|---|
| 51 | The C code is based on public-domain code. |
|---|
| 52 | |
|---|
| 53 | However, the Scheme wrapper is subject to the following license: |
|---|
| 54 | |
|---|
| 55 | Copyright (c) 2003-2009, Warhead.org.uk Ltd |
|---|
| 56 | Copyright (c) 2016 Alaric Snell-Pym |
|---|
| 57 | All rights reserved. |
|---|
| 58 | |
|---|
| 59 | Redistribution and use in source and binary forms, with or without |
|---|
| 60 | modification, are permitted provided that the following conditions |
|---|
| 61 | are met: |
|---|
| 62 | |
|---|
| 63 | Redistributions of source code must retain the above copyright |
|---|
| 64 | notice, this list of conditions and the following disclaimer. |
|---|
| 65 | |
|---|
| 66 | Redistributions in binary form must reproduce the above copyright |
|---|
| 67 | notice, this list of conditions and the following disclaimer in the |
|---|
| 68 | documentation and/or other materials provided with the distribution. |
|---|
| 69 | |
|---|
| 70 | Neither the names of Warhead.org.uk Ltd, Snell Systems, nor Kitten |
|---|
| 71 | Technologies, nor the names of their contributors may be used to |
|---|
| 72 | endorse or promote products derived from this software without |
|---|
| 73 | specific prior written permission. |
|---|
| 74 | |
|---|
| 75 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|---|
| 76 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|---|
| 77 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|---|
| 78 | FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
|---|
| 79 | COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
|---|
| 80 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|---|
| 81 | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|---|
| 82 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
|---|
| 83 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|---|
| 84 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|---|
| 85 | ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|---|
| 86 | POSSIBILITY OF SUCH DAMAGE. |
|---|
| 87 | |
|---|
| 88 | === Requirements |
|---|
| 89 | |
|---|
| 90 | The C implementation of the AES code is entirely embedded in the egg. |
|---|
| 91 | |
|---|
| 92 | === Version History |
|---|
| 93 | |
|---|
| 94 | * 1.4: Fixed compiler warnings |
|---|
| 95 | * 1.3: Fixed metadata |
|---|
| 96 | * 1.2: Ported to chicken 4 |
|---|
| 97 | * 1.1: Removed non-AES-specific support functionality into the [[crypto-tools]] egg |
|---|
| 98 | * 1.0: Initial release |
|---|
