The aes egg implements the AES / Rijndael cryptosystem.
It does not provide any higher-level operations such as encryption 'modes'; it just provides two procedures per variant of the algorithm, which take a key (as a blob of the correct length) and return a procedure that maps 16-byte blobs to 16-byte blobs - one for encryption, one for decryption.
(use aes) (use crypto-tools) ; for the hexstring functions (define encryptor (make-aes128-encryptor (hexstring->blob "00010203050607080A0B0C0D0F101112"))) (define decryptor (make-aes128-decryptor (hexstring->blob "00010203050607080A0B0C0D0F101112"))) (define encrypted (encryptor (hexstring->blob "506812A45F08C889B97F5980038B8359"))) (define decrypted (decryptor encrypted)) (blob->hexstring encrypted) => "d8f532538289ef7d06b506a4fd5be9c9" (blob->hexstring decrypted) => "506812a45f08c889b97f5980038b8359"
- (make-aes128-encryptor BLOB) => PROCESSOR procedure
- (make-aes128-decryptor BLOB) => PROCESSOR procedure
- (make-aes192-encryptor BLOB) => PROCESSOR procedure
- (make-aes192-decryptor BLOB) => PROCESSOR procedure
- (make-aes256-encryptor BLOB) => PROCESSOR procedure
- (make-aes256-decryptor BLOB) => PROCESSOR procedure
Using the supplied blob as a raw key, return a procedure that maps 16-byte blobs to 16-byte blobs, either encrypting or decrypting them with the specified key. The key is not modified in any way; if you just split your data into blocks (with padding) and encrypt each, you will merely be operating in ECB mode, which isn't very secure.
128-bit keys must be 16 bytes long, 192-bit keys 24 bytes, and 256-bit keys 32 bytes. Otherwise, an error will be signalled. Likewise, passing a blob of other than 16 bytes to a `PROCESSOR` will result in an error.
My modifications extend no further than pasting it together, putting static modifiers on all the functions, and adding type casts for the u32-pointer key arguments.
The author of the original code is "Philip J. Erdelsky <email@example.com>", who based it on code by Vincent Rijmen firstname.lastname@example.org, Antoon Bosselaers email@example.com, and Paulo Barreto firstname.lastname@example.org
The C code is based on public-domain code.
However, the Scheme wrapper is subject to the following license:
Copyright (c) 2003-2009, Warhead.org.uk Ltd Copyright (c) 2016 Alaric Snell-Pym All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the names of Warhead.org.uk Ltd, Snell Systems, nor Kitten Technologies, nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The C implementation of the AES code is entirely embedded in the egg.
- 1.4: Fixed compiler warnings
- 1.3: Fixed metadata
- 1.2: Ported to chicken 4
- 1.1: Removed non-AES-specific support functionality into the crypto-tools egg
- 1.0: Initial release