glenda.party
term% ls -F
term% cat index.txt
AES(2)                        System Calls Manual                       AES(2)



NAME
       setupAESstate,  aesCBCencrypt,  aesCBCdecrypt, aesCTRencrypt, aesCTRde‐
       crypt, setupAESXCBCstate, aesXCBCmac  -  advanced  encryption  standard
       (rijndael)

SYNOPSIS
       #include <u.h>
       #include <libc.h>
       #include <mp.h>
       #include <libsec.h>

       void aes_encrypt(ulong rk[], int Nr, uchar pt[16], uchar ct[16]);

       void aes_decrypt(ulong rk[], int Nr, uchar ct[16], uchar pt[16]);

       void setupAESstate(AESstate *s, uchar key[], int keybytes, uchar *ivec)

       void aesCBCencrypt(uchar *p, int len, AESstate *s)

       void aesCBCdecrypt(uchar *p, int len, AESstate *s)

       void aesCTRencrypt(uchar *p, int len, AESstate *s)

       void aesCTRdecrypt(uchar *p, int len, AESstate *s)

       void setupAESXCBCstate(AESstate *s)

       void aesXCBCmac(uchar *p, int len, AESstate *s)

DESCRIPTION
       AES  (a.k.a.  Rijndael) has replaced DES as the preferred block cipher.
       Aes_encrypt and aes_decrypt are the  block  ciphers,  corresponding  to
       des(2)'s block_cipher.  SetupAESstate, aesCBCencrypt, and aesCBCdecrypt
       implement cipher-block-chaining encryption.   AesCTRencrypt  and  aesC‐
       TRdecrypt  implement  counter  mode,  per  RFC 3686; they are identical
       operations.  setupAESXCBCstate and aesXCBCmac implement AES  XCBC  mes‐
       sage  authentication,  per  RFC  3566.   All  ciphering is performed in
       place.  Keybytes should be 16, 24, or 32.   The  initialization  vector
       ivec  of  AESbsize  bytes  should be random enough to be unlikely to be
       reused but does  not  need  to  be  cryptographically  strongly  unpre‐
       dictable.

SOURCE
       /sys/src/libsec

SEE ALSO
       aescbc  in secstore(1), mp(2), blowfish(2), des(2), dsa(2), elgamal(2),
       rc4(2), rsa(2), sechash(2), prime(2), rand(2)
       http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

BUGS
       The functions aes_encrypt, aes_decrypt,  aesCTRencrypt,  aesCTRdecrypt,
       setupAESXCBCstate, and aesXCBCmac have not yet been verified by running
       test vectors through them.



                                                                        AES(2)