ThirdParty: Add aes.cpp

src/common/CMakeLists.txt

@@ -58,6 +58,8 @@ add_library(common
   string_util.h
   thirdparty/SmallVector.cpp
   thirdparty/SmallVector.h
+  thirdparty/aes.cpp
+  thirdparty/aes.h
   threading.cpp
   threading.h
   timer.cpp

src/common/common.vcxproj

@@ -41,6 +41,7 @@
     <ClInclude Include="heterogeneous_containers.h" />
     <ClInclude Include="binary_reader_writer.h" />
     <ClInclude Include="string_util.h" />
+    <ClInclude Include="thirdparty\aes.h" />
     <ClInclude Include="thirdparty\SmallVector.h" />
     <ClInclude Include="thirdparty\StackWalker.h" />
     <ClInclude Include="threading.h" />
@@ -69,6 +70,7 @@
     <ClCompile Include="small_string.cpp" />
     <ClCompile Include="binary_reader_writer.cpp" />
     <ClCompile Include="string_util.cpp" />
+    <ClCompile Include="thirdparty\aes.cpp" />
     <ClCompile Include="thirdparty\SmallVector.cpp" />
     <ClCompile Include="thirdparty\StackWalker.cpp" />
     <ClCompile Include="threading.cpp" />

src/common/common.vcxproj.filters

@@ -51,6 +51,7 @@
     <ClInclude Include="ryml_helpers.h" />
     <ClInclude Include="log_channels.h" />
     <ClInclude Include="sha256_digest.h" />
+    <ClInclude Include="thirdparty\aes.h" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="small_string.cpp" />
@@ -80,6 +81,7 @@
     <ClCompile Include="binary_reader_writer.cpp" />
     <ClCompile Include="gsvector.cpp" />
     <ClCompile Include="sha256_digest.cpp" />
+    <ClCompile Include="thirdparty\aes.cpp" />
   </ItemGroup>
   <ItemGroup>
     <Natvis Include="bitfield.natvis" />

src/common/thirdparty/aes.h

@@ -0,0 +1,122 @@
+/*********************************************************************
+ * Filename:   aes.h
+ * Author:     Brad Conte (brad AT bradconte.com)
+ * Copyright:
+ * Disclaimer: This code is presented "as is" without any guarantees.
+ * Details:    Defines the API for the corresponding AES implementation.
+ *********************************************************************/
+
+#pragma once
+
+/*************************** HEADER FILES ***************************/
+#include <cstddef>
+#include <cstdint>
+
+/****************************** MACROS ******************************/
+static constexpr uint32_t AES_BLOCK_SIZE = 16; // AES operates on 16 bytes at a time
+static constexpr uint32_t AES_KEY_SCHEDULE_SIZE = 60;
+
+/*********************** FUNCTION DECLARATIONS **********************/
+///////////////////
+// AES
+///////////////////
+// Key setup must be done before any AES en/de-cryption functions can be used.
+void aes_key_setup(const uint8_t key[], // The key, must be 128, 192, or 256 bits
+                   uint32_t w[],        // Output key schedule to be used later
+                   int keysize);        // Bit length of the key, 128, 192, or 256
+
+void aes_encrypt(const uint8_t in[],   // 16 bytes of plaintext
+                 uint8_t out[],        // 16 bytes of ciphertext
+                 const uint32_t key[], // From the key setup
+                 int keysize);         // Bit length of the key, 128, 192, or 256
+
+void aes_decrypt(const uint8_t in[],   // 16 bytes of ciphertext
+                 uint8_t out[],        // 16 bytes of plaintext
+                 const uint32_t key[], // From the key setup
+                 int keysize);         // Bit length of the key, 128, 192, or 256
+
+///////////////////
+// AES - CBC
+///////////////////
+bool aes_encrypt_cbc(const uint8_t in[],   // Plaintext
+                     size_t in_len,        // Must be a multiple of AES_BLOCK_SIZE
+                     uint8_t out[],        // Ciphertext, same length as plaintext
+                     const uint32_t key[], // From the key setup
+                     int keysize,          // Bit length of the key, 128, 192, or 256
+                     const uint8_t iv[]);  // IV, must be AES_BLOCK_SIZE bytes long
+bool aes_decrypt_cbc(const uint8_t in[],   // Ciphertext
+                     size_t in_len,        // Must be a multiple of AES_BLOCK_SIZE
+                     uint8_t out[],        // Plaintext, same length as ciphertext
+                     const uint32_t key[], // From the key setup
+                     int keysize,          // Bit length of the key, 128, 192, or 256
+                     const uint8_t iv[]);  // IV, must be AES_BLOCK_SIZE bytes long
+
+#if 0
+// Disabled since it's not being used.
+// Only output the CBC-MAC of the input.
+bool aes_encrypt_cbc_mac(const uint8_t in[],   // plaintext
+                         size_t in_len,        // Must be a multiple of AES_BLOCK_SIZE
+                         uint8_t out[],        // Output MAC
+                         const uint32_t key[], // From the key setup
+                         int keysize,          // Bit length of the key, 128, 192, or 256
+                         const uint8_t iv[]);  // IV, must be AES_BLOCK_SIZE bytes long
+
+///////////////////
+// AES - CTR
+///////////////////
+void aes_increment_iv(uint8_t iv[],      // Must be a multiple of AES_BLOCK_SIZE
+                  int counter_size); // Bytes of the IV used for counting (low end)
+
+void aes_encrypt_ctr(const uint8_t in[],   // Plaintext
+                     size_t in_len,        // Any byte length
+                     uint8_t out[],        // Ciphertext, same length as plaintext
+                     const uint32_t key[], // From the key setup
+                     int keysize,          // Bit length of the key, 128, 192, or 256
+                     const uint8_t iv[]);  // IV, must be AES_BLOCK_SIZE bytes long
+
+void aes_decrypt_ctr(const uint8_t in[],   // Ciphertext
+                     size_t in_len,        // Any byte length
+                     uint8_t out[],        // Plaintext, same length as ciphertext
+                     const uint32_t key[], // From the key setup
+                     int keysize,          // Bit length of the key, 128, 192, or 256
+                     const uint8_t iv[]);  // IV, must be AES_BLOCK_SIZE bytes long
+
+///////////////////
+// AES - CCM
+///////////////////
+// Returns True if the input parameters do not violate any constraint.
+bool aes_encrypt_ccm(
+  const uint8_t plaintext[],          // IN  - Plaintext.
+  uint32_t plaintext_len,             // IN  - Plaintext length.
+  const uint8_t associated_data[],    // IN  - Associated Data included in authentication, but not encryption.
+  unsigned short associated_data_len, // IN  - Associated Data length in bytes.
+  const uint8_t nonce[],              // IN  - The Nonce to be used for encryption.
+  unsigned short nonce_len,           // IN  - Nonce length in bytes.
+  uint8_t ciphertext[],               // OUT - Ciphertext, a concatination of the plaintext and the MAC.
+  uint32_t* ciphertext_len,           // OUT - The length of the ciphertext, always plaintext_len + mac_len.
+  uint32_t mac_len,                   // IN  - The desired length of the MAC, must be 4, 6, 8, 10, 12, 14, or 16.
+  const uint8_t key[],                // IN  - The AES key for encryption.
+  int keysize);                       // IN  - The length of the key in bits. Valid values are 128, 192, 256.
+
+// Returns True if the input parameters do not violate any constraint.
+// Use mac_auth to ensure decryption/validation was preformed correctly.
+// If authentication does not succeed, the plaintext is zeroed out. To overwride
+// this, call with mac_auth = NULL. The proper proceedure is to decrypt with
+// authentication enabled (mac_auth != NULL) and make a second call to that
+// ignores authentication explicitly if the first call failes.
+bool aes_decrypt_ccm(
+  const uint8_t ciphertext[], // IN  - Ciphertext, the concatination of encrypted plaintext and MAC.
+  uint32_t ciphertext_len,    // IN  - Ciphertext length in bytes.
+  const uint8_t assoc[],      // IN  - The Associated Data, required for authentication.
+  unsigned short assoc_len,   // IN  - Associated Data length in bytes.
+  const uint8_t nonce[],      // IN  - The Nonce to use for decryption, same one as for encryption.
+  unsigned short nonce_len,   // IN  - Nonce length in bytes.
+  uint8_t plaintext[], // OUT - The plaintext that was decrypted. Will need to be large enough to hold ciphertext_len -
+                       // mac_len.
+  uint32_t* plaintext_len, // OUT - Length in bytes of the output plaintext, always ciphertext_len - mac_len .
+  uint32_t mac_len,        // IN  - The length of the MAC that was calculated.
+  int* mac_auth,           // OUT - TRUE if authentication succeeded, FALSE if it did not. NULL pointer will ignore the
+                           // authentication.
+  const uint8_t key[],     // IN  - The AES key for decryption.
+  int keysize);            // IN  - The length of the key in BITS. Valid values are 128, 192, 256.
+#endif