crypto::aes +linux +x86_64

The crypto::aes module provides an implementation of the Advanced Encryption Standard per the crypto::cipher::block interface. Several implementations of AES are provided which are optimized for different scenarios. To choose the most appropriate one for your system, use new.

When combined with a block cipher mode from crypto::cipher, suitable buffer lengths for static allocation are provided as constants such as BLOCKSIZE, CTR_BUFSIZE, and CBC_BUFSIZE.

This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto module.

Be advised that Hare's cryptography implementations have not been audited.

Submodules

Index

Types

// Undocumented types:
type ct64_block;
type x86ni_block;

Constants

const BLOCKSIZE: size;
const CBC_BUFSIZE: size;
const CTR_BUFSIZE: size;

Functions

fn ct64() ct64_block;
fn ct64_init(*ct64_block, []u8) void;
fn x86ni() x86ni_block;
fn x86ni_available() bool;

// Undocumented functions:
fn x86ni_init(*x86ni_block, []u8) void;

Types

type ct64_block[link]

Show undocumented member
type ct64_block = struct {
	cipher::block,
	rounds: uint,
	sk_exp: [120]u64,
};

type x86ni_block[link]

Show undocumented member
type x86ni_block = struct {
	cipher::block,
	enc_rk: [RKLEN_256]u8,
	dec_rk: [RKLEN_256]u8,
	rklen: u8,
};

Constants

def BLOCKSIZE[link]

def BLOCKSIZE: size;

The block size used by the AES algorithm.

def CBC_BUFSIZE[link]

def CBC_BUFSIZE: size;

Size of the buffer used for crypto::cipher::cbc_encryptor and crypto::cipher::cbc_decryptor.

def CTR_BUFSIZE[link]

def CTR_BUFSIZE: size;

Size of the buffer used for crypto::cipher::ctr.

Functions

fn ct64[link]

fn ct64() ct64_block;

Returns an AES crypto::cipher::block cipher implementation optimized for constant time operation on 64-bit systems.

The caller must call ct64_init to add a key to the cipher before using the cipher, and must call crypto::cipher::finish when they are finished using the cipher to securely erase any secret data stored in the cipher state.

fn ct64_init[link]

fn ct64_init(cipher: *ct64_block, key: []u8) void;

Initializes the ct64 AES implementation with an encryption key.

fn x86ni[link]

fn x86ni() x86ni_block;

Returns a native AES crypto::cipher::block implementation for x86_64 CPUs supporting AES-NI.

The caller must call x86ni_init to add a key to the cipher before using the cipher, and must call crypto::cipher::finish when they are finished using the cipher to securely erase any secret data stored in the cipher state.

fn x86ni_available[link]

fn x86ni_available() bool;

Checks if the native AES interface is available.

fn x86ni_init[link]

Show undocumented member
fn x86ni_init(b: *x86ni_block, key: []u8) void;