glenda.party
term% ls -F
term% cat index.txt
AES(2)                        System Calls Manual                       AES(2)



NAME
       setupAESstate,  aesCBCencrypt,  aesCBCdecrypt, aesCTRencrypt, aesCTRde‐
       crypt, setupAESXCBCstate, aesXCBCmac  -  advanced  encryption  standard
       (rijndael)

SYNOPSIS
       #include <u.h>
       #include <libc.h>
       #include <mp.h>
       #include <libsec.h>

       void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);

       void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);

       void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec)

       void aesCBCencrypt(uchar *p, int len, AESstate *s)

       void aesCBCdecrypt(uchar *p, int len, AESstate *s)

       void aesCTRencrypt(uchar *p, int len, AESstate *s)

       void aesCTRdecrypt(uchar *p, int len, AESstate *s)

       void setupAESXCBCstate(AESstate *s)

       void aesXCBCmac(uchar *p, int len, AESstate *s)

DESCRIPTION
       AES  (a.k.a.  Rijndael) has replaced DES as the preferred block cipher.
       Aes_encrypt and aes_decrypt are the  block  ciphers,  corresponding  to
       des(2)'s block_cipher.  SetupAESstate, aesCBCencrypt, and aesCBCdecrypt
       implement cipher-block-chaining encryption.   AesCTRencrypt  and  aesC‐
       TRdecrypt  implement counter mode, per RFC 3686; they are identical op‐
       erations.  setupAESXCBCstate and aesXCBCmac implement AES XCBC  message
       authentication,  per  RFC  3566.   All ciphering is performed in place.
       Keybytes should be 16, 24, or 32.  The initialization  vector  ivec  of
       AESbsize  bytes should be random enough to be unlikely to be reused but
       does not need to be cryptographically strongly unpredictable.

SOURCE
       /sys/src/libsec

SEE ALSO
       aescbc in secstore(1), mp(2), blowfish(2), des(2), dsa(2),  elgamal(2),
       rc4(2), rsa(2), sechash(2), prime(2), rand(2)
       http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

BUGS
       The  functions  aes_encrypt, aes_decrypt, aesCTRencrypt, aesCTRdecrypt,
       setupAESXCBCstate, and aesXCBCmac have not yet been verified by running
       test vectors through them.



                                                                        AES(2)