crypto::aes — Hare documentation

crypto::aes+x86_64 +linux

The crypto::aes module provides an implementation of the Advanced Encryption Standard per the crypto::cipher::block interface. Several implementations of AES are provided which are optimized for different scenarios. To choose the most appropriate one for your system, use aes.

When combined with a block cipher mode from crypto::cipher::, suitable buffer lengths for static allocation are provided as constants such as BLOCKSZ, CTR_BUFSZ, and CBC_BUFSZ.

This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto:: module.

Be advised that Hare's cryptography implementations have not been audited.

Submodules

Index

Types

// Undocumented types:
type block = struct {
	vtable: cipher::block,
	rounds: u32,
	expkey: [MAXEXPKEYSZ]u8,
};

Constants

def BLOCKSZ: size = 16;
def CBC_BUFSZ: size = BLOCKSZ * 2;
def CTR_BUFSZ: size = BLOCKSZ * (MAXNPARALLEL + 1);

Functions

fn aes() block;
fn hwsupport() bool;
fn init(b: *block, key: []u8) void;

Types

type block[permalink] [source]

Show undocumented member

type block = struct {
	vtable: cipher::block,
	rounds: u32,
	expkey: [MAXEXPKEYSZ]u8,
};

Constants

def BLOCKSZ[permalink] [source]

def BLOCKSZ: size = 16;

The block size used by the AES algorithm.

def CBC_BUFSZ[permalink] [source]

def CBC_BUFSZ: size = BLOCKSZ * 2;

Size of the buffer used for crypto::cipher::cbc_encryptor and crypto::cipher::cbc_decryptor.

def CTR_BUFSZ[permalink] [source]

def CTR_BUFSZ: size = BLOCKSZ * (MAXNPARALLEL + 1);

Size of the buffer used for crypto::cipher::ctr.

Functions

fn aes[permalink] [source]

fn aes() block;

Returns an AES crypto::cipher::block cipher implementation that has hardware support if possible. Check hwsupport to see if it is available.

The caller must call init to add a key to the cipher before using the cipher, and must call crypto::cipher::finish when they are finished using the cipher to securely erase any secret data stored in the cipher state.

fn hwsupport[permalink] [source]

fn hwsupport() bool;

Checks whether hardware AES support is available.

fn init[permalink] [source]

fn init(b: *block, key: []u8) void;

Initializes the AES block with an encryption key.