| 1 | ### Tiny AES128 in C |
|---|
| 2 | |
|---|
| 3 | This is a small and portable implementation of the AES128 ECB and CBC encryption algorithms written in C. |
|---|
| 4 | |
|---|
| 5 | The API is very simple and looks like this (I am using C99 `<stdint.h>`-style annotated types): |
|---|
| 6 | |
|---|
| 7 | ```C |
|---|
| 8 | void AES128_ECB_encrypt(uint8_t* input, const uint8_t* key, uint8_t* output); |
|---|
| 9 | void AES128_ECB_decrypt(uint8_t* input, const uint8_t* key, uint8_t* output); |
|---|
| 10 | void AES128_CBC_encrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv); |
|---|
| 11 | void AES128_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv); |
|---|
| 12 | ``` |
|---|
| 13 | |
|---|
| 14 | You can choose to use one or both of the modes-of-operation, by defining the symbols CBC and ECB. See the header file for clarification. |
|---|
| 15 | |
|---|
| 16 | There is no built-in error checking or protection from out-of-bounds memory access errors as a result of malicious input. The two functions AES128_ECB_xxcrypt() do most of the work, and they expect inputs of 128 bit length. |
|---|
| 17 | |
|---|
| 18 | The module uses around 200 bytes of RAM and 2.5K ROM when compiled for ARM (~2K for Thumb but YMMV). |
|---|
| 19 | |
|---|
| 20 | It is one of the smallest implementation in C I've seen yet, but do contact me if you know of something smaller (or have improvements to the code here). |
|---|
| 21 | |
|---|
| 22 | I've successfully used the code on 64bit x86, 32bit ARM and 8 bit AVR platforms. |
|---|
| 23 | |
|---|
| 24 | |
|---|
| 25 | GCC size output when ECB mode is compiled for ARM: |
|---|
| 26 | |
|---|
| 27 | |
|---|
| 28 | |
|---|
| 29 | $ arm-none-eabi-gcc -Os -c aes.c -DCBC=0 |
|---|
| 30 | $ size aes.o |
|---|
| 31 | text data bss dec hex filename |
|---|
| 32 | 2323 0 184 2507 9cb aes.o |
|---|
| 33 | |
|---|
| 34 | |
|---|
| 35 | |
|---|
| 36 | |
|---|
| 37 | .. and when compiling for the THUMB instruction set, we end up around 2K in code size. |
|---|
| 38 | |
|---|
| 39 | $ arm-none-eabi-gcc -mthumb -Os -c aes.c -DCBC=0 |
|---|
| 40 | $ size aes.o |
|---|
| 41 | text data bss dec hex filename |
|---|
| 42 | 1775 0 184 1959 7a7 aes.o |
|---|
| 43 | |
|---|
| 44 | |
|---|
| 45 | |
|---|
| 46 | I am using Mentor Graphics free ARM toolchain: |
|---|
| 47 | |
|---|
| 48 | |
|---|
| 49 | $ arm-none-eabi-gcc --version |
|---|
| 50 | arm-none-eabi-gcc (GNU Tools for ARM Embedded Processors) 4.8.4 20140526 (release) [ARM/embedded-4_8-branch revision 211358] |
|---|
| 51 | Copyright (C) 2013 Free Software Foundation, Inc. |
|---|
| 52 | This is free software; see the source for copying conditions. There is NO |
|---|
| 53 | warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
|---|
| 54 | |
|---|
| 55 | |
|---|
| 56 | |
|---|
| 57 | |
|---|
| 58 | This implementation is verified against the data in: |
|---|
| 59 | |
|---|
| 60 | [National Institute of Standards and Technology Special Publication 800-38A 2001 ED](http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf) Appendix F: Example Vectors for Modes of Operation of the AES. |
|---|
| 61 | |
|---|
| 62 | |
|---|
| 63 | All material in this repository is in the public domain. |
|---|
| 64 | |
|---|
| 65 | I am a bit slow to react to pull requests and issues, but I have an ambition to go through all issues sometime in the future and release a stable version. |
|---|
