-
Notifications
You must be signed in to change notification settings - Fork 905
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added ndpi_quick_encrypt() ndpi_quick_decrypt() APi calls (#2568)
* Added ndpi_quick_encrypt() ndpi_quick_decrypt(0 APi calls based on AES * Added aes.c
- Loading branch information
Showing
6 changed files
with
838 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
#ifndef _AES_H_ | ||
#define _AES_H_ | ||
|
||
#include <stdint.h> | ||
#include <stddef.h> | ||
|
||
// #define the macros below to 1/0 to enable/disable the mode of operation. | ||
// | ||
// CBC enables AES encryption in CBC-mode of operation. | ||
// CTR enables encryption in counter-mode. | ||
// ECB enables the basic ECB 16-byte block algorithm. All can be enabled simultaneously. | ||
|
||
// The #ifndef-guard allows it to be configured before #include'ing or at compile time. | ||
#ifndef CBC | ||
#define CBC 1 | ||
#endif | ||
|
||
#ifndef ECB | ||
#define ECB 1 | ||
#endif | ||
|
||
#ifndef CTR | ||
#define CTR 1 | ||
#endif | ||
|
||
|
||
//#define AES128 1 | ||
//#define AES192 1 | ||
#define AES256 1 | ||
|
||
#define AES_BLOCKLEN 16 // Block length in bytes - AES is 128b block only | ||
|
||
#if defined(AES256) && (AES256 == 1) | ||
#define AES_KEYLEN 32 | ||
#define AES_keyExpSize 240 | ||
#elif defined(AES192) && (AES192 == 1) | ||
#define AES_KEYLEN 24 | ||
#define AES_keyExpSize 208 | ||
#else | ||
#define AES_KEYLEN 16 // Key length in bytes | ||
#define AES_keyExpSize 176 | ||
#endif | ||
|
||
struct AES_ctx | ||
{ | ||
uint8_t RoundKey[AES_keyExpSize]; | ||
#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1)) | ||
uint8_t Iv[AES_BLOCKLEN]; | ||
#endif | ||
}; | ||
|
||
void AES_init_ctx(struct AES_ctx* ctx, const uint8_t* key); | ||
#if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1)) | ||
void AES_init_ctx_iv(struct AES_ctx* ctx, const uint8_t* key, const uint8_t* iv); | ||
void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv); | ||
#endif | ||
|
||
#if defined(ECB) && (ECB == 1) | ||
// buffer size is exactly AES_BLOCKLEN bytes; | ||
// you need only AES_init_ctx as IV is not used in ECB | ||
// NB: ECB is considered insecure for most uses | ||
void AES_ECB_encrypt(const struct AES_ctx* ctx, uint8_t* buf); | ||
void AES_ECB_decrypt(const struct AES_ctx* ctx, uint8_t* buf); | ||
|
||
#endif // #if defined(ECB) && (ECB == !) | ||
|
||
|
||
#if defined(CBC) && (CBC == 1) | ||
// buffer size MUST be mutile of AES_BLOCKLEN; | ||
// Suggest https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme | ||
// NOTES: you need to set IV in ctx via AES_init_ctx_iv() or AES_ctx_set_iv() | ||
// no IV should ever be reused with the same key | ||
void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); | ||
void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); | ||
|
||
#endif // #if defined(CBC) && (CBC == 1) | ||
|
||
|
||
#if defined(CTR) && (CTR == 1) | ||
|
||
// Same function for encrypting as for decrypting. | ||
// IV is incremented for every block, and used after encryption as XOR-compliment for output | ||
// Suggesting https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme | ||
// NOTES: you need to set IV in ctx with AES_init_ctx_iv() or AES_ctx_set_iv() | ||
// no IV should ever be reused with the same key | ||
void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length); | ||
|
||
#endif // #if defined(CTR) && (CTR == 1) | ||
|
||
|
||
#endif // _AES_H_ |
Oops, something went wrong.