Giter Club home page Giter Club logo

aes_frast's Introduction

aes_frast

NOT for Serious Usage
aes_frast is an easy-to-use lib for AES encryption and decryption, coded in pure safe Rust-lang. The AES algorithm is implemented by looking-up-tables.
In the name aes_frast, "frast" is a mix of the words "rust" and "fast". These lib is designed to run as fast as possible on pure Rust-lang code, no ASM.

Compatibility

Functions in this lib is compatible with OpenSSL if they can be found in OpenSSL although maybe in different names.

Security

Any cryptographic audit of this lib has NEVER been conducted. So, please be extremely careful when you are looking for high security.
The author tries to make it more secure, but never gives any guarantee of security.
In addition, some researches have reported that there could be timing problems in looking-up-tables implement. However, this lib assumes that the computers which run the lib are secure and users of this lib have done something to avoid the timing problems. Usages like file encryption may be suitable. Maybe, this lib is for somebody who just wants to know the structure of AES.

Features

  • 128bit, 192bit, 256bit key-size and fixed 128bit block-size.
  • ECB, CBC, CFB, OFB operation mode (with experimental PCBC mode and CFB8 mode).
  • ANSIX923, PKCS #7, Zeros padding and depadding.
  • Single-block process.
  • Working keys scheduling.

Examples

Please see the doc.

Next version? [HELP-WANTED]

In the future, what will the lib be?
I don't know.
Maybe the following will be considered, maybe not:

  1. CTR and GCM operation modes.
  2. Hash functions and HMAC.
  3. PBKDF2 and other key derivation functions.
  4. FFI.
  5. Try to speed up!
  6. More security and audits if possible.

Pull requests are always welcome. Thank all of you.

aes_frast's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

ntegan

aes_frast's Issues

Request: CFB mode with 1-byte segment size, useful for streaming (CFB-8 or CFB-1)

Can aes_frast CFB mode be used with segment sizes other than the block size? From the code https://github.com/KaneGreen/aes_frast/blob/master/src/aes_with_operation_mode.rs#L228 it doesn't appear so:

/// The feedback size is fixed to 128 bits, which is the same as block size.

but this would be useful for streaming, effectively converting the block cipher into a stream cipher. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Feedback_(CFB)

To use CFB to make a self-synchronizing stream cipher that will synchronize for any multiple of x bits lost, start by initializing a shift register the size of the block size with the initialization vector. This is encrypted with the block cipher, and the highest x bits of the result are XOR'ed with x bits of the plaintext to produce x bits of ciphertext. These x bits of output are shifted into the shift register, and the process (starting with encrypting the shift register with the block cipher) repeats for the next x bits of plaintext. Decryption is similar, start with the initialization vector, encrypt, and XOR the high bits of the result with x bits of the ciphertext to produce x bits of plaintext, then shift the x bits of the ciphertext into the shift register and encrypt again. This way of proceeding is known as CFB-8 or CFB-1 (according to the size of the shifting).

For comparison, openssl these are aes-128-cfb1 and aes-128-cfb8, and in Python PyCrypto, segment_size:

from Crypto.Cipher import AES

key=b"XXXXXXXXXXXXXXXX"
iv=key

cipher=AES.new(key, AES.MODE_CFB, iv, segment_size=8);
plain = b"\x41"
print "plain =",map(ord, plain)

print "encrypted =",map(ord, cipher.encrypt(plain)) # 209
print "encrypted2 =",map(ord, cipher.encrypt(plain)) # 150
print

cipher=AES.new(key, AES.MODE_CFB, iv);
print "decrypted =",map(ord, cipher.decrypt(b"\xd1")) # 65
print "decrypted2 =",map(ord, cipher.decrypt(b"\x96")) # 65

Trying to port some code which used the Rust OpenSSL crate for CFB in 8-bit mode, first attempt using RustCrypto crates but not yet supported RustCrypto/block-ciphers#28, maybe will switch if it is implemented or to this module if possible.

[ Important! ] Statement on the unauthorized use of the same user and repository on `gitcode.com`

ENGLISH

On June 26, 2024, I noticed that a high-copy repository with the same name as this repository appeared on https://gitcode.com/KaneGreen/aes_frast, and its username was also the same as my GitHub username.

I must declare here:

  1. I have never used KaneGreen to register an account on gitcode.com, nor have I authorized anyone to register an account on gitcode.com in my name. In other words, I do not have any control over that user account.

  2. I have never uploaded this aes_frast code repository to gitcode.com, nor have I authorized anyone to upload this aes_frast code repository to gitcode.com in my name. In other words, I do not have any control over that code repository.

  3. This code repository (controlled by me) is currently only published on GitHub.com. The corresponding Rust crate is only published on crates.io.

  4. I am currently unable to confirm the consistency between the code repository on gitcode.com and this repository. Please use https://github.com/KaneGreen/aes_frast instead of https://gitcode.com/KaneGreen/aes_frast.

  5. I still welcome users to fork this repository, but you cannot use my name when forking. You must clearly indicate that the forked repository is not controlled by me.

中文

2024年6月26日,我注意到在https://gitcode.com/KaneGreen/aes_frast上出现了与本仓库同名的高仿仓库,其用户名也与本人GitHub用户名相同。

我必须在此郑重声明:

  1. 我本人从未在gitcode.com上使用KaneGreen注册账号,也从未授权过任何人以我的名义在gitcode.com上注册账号。换句话说,我没任何那个用户账号的控制权。
  2. 我本人从未将本aes_frast代码仓库上传到gitcode.com上,也从未授权过任何人以我的名义将本aes_frast代码仓库上传到gitcode.com上。也就是说,我没有任何那个代码仓库的控制权。
  3. 本代码仓库(由我掌控的)目前仅在GitHub.com上发布。对应的Rust crate仅在crates.io上发布。
  4. 我目前无法确认在gitcode.com上的代码仓库与本仓库代码的一致性。请各位本代码仓库的使用者从https://github.com/KaneGreen/aes_frast上使用,而非https://gitcode.com/KaneGreen/aes_frast
  5. 我依然欢迎各位用户Fork本仓库,但在Fork时不能使用我的名义。您必须清楚地表明,Fork后的仓库不由我掌控。

Warnings on CFB example code

When building the CFB example https://github.com/KaneGreen/aes_frast/blob/master/src/aes_with_operation_mode.rs#L237 on Rust nightly-2018-09-29 it emits several warnings:

warning: unused import: `padding_128bit`                                                                                                                                                          
 --> src/main.rs:5:56                                                                                                                                                                             
  |                                                                                                                                                                                               
5 |     use aes_frast::{aes_core, aes_with_operation_mode, padding_128bit};                                                                                                                       
  |                                                        ^^^^^^^^^^^^^^                                                                                                                         
  |                                                                                                                                                                                               
  = note: #[warn(unused_imports)] on by default                                                                                                                                                   
                                                                                                                                                                                                  
warning: variable does not need to be mutable                                                                                                                                                     
 --> src/main.rs:7:9                                                                                                                                                                              
  |                                                                                                                                                                                               
7 |     let mut plain: Vec<u8> = vec![0x34, 0x63, 0xD0, 0x89, 0x1D, 0x71, 0x4A, 0xB0,                                                                                                             
  |         ----^^^^^                                                                                                                                                                             
  |         |                                                                                                                                                                                     
  |         help: remove this `mut`                                                                                                                                                               
  |                                                                                                                                                                                               
  = note: #[warn(unused_mut)] on by default                                                                                                                                                       
                                                                                                                                                                                                  
warning: variable does not need to be mutable                                                                                                                                                     
  --> src/main.rs:17:9                                                                                                                                                                            
   |                                                                                                                                                                                              
17 |     let mut o_key: Vec<u8> = vec![0x0F, 0x57, 0x9F, 0x79, 0x50, 0x99, 0x0A, 0xCE,                                                                                                            
   |         ----^^^^^                                                                                                                                                                            
   |         |                                                                                                                                                                                    
   |         help: remove this `mut`                                                                                                                                                              
                                                                                                                                                                                                  
warning: variable does not need to be mutable                                                                                                                                                     
  --> src/main.rs:22:9                                                                                                                                                                            
   |                                                                                                                                                                                              
22 |     let mut iv: Vec<u8> = vec![0x04, 0x7C, 0xF3, 0xEA, 0xE1, 0x76, 0x45, 0x85,                                                                                                               
   |         ----^^                                                                                                                                                                               
   |         |                                                                                                                                                                                    
   |         help: remove this `mut`                                                                                                                                                              
                                                                                                                                                                                                  
    Finished dev [unoptimized + debuginfo] target(s) in 0.55s

Fixing the warnings is straightforward, removed the unused import and mut's:

    use aes_frast::{aes_core, aes_with_operation_mode};
    let length: usize = 64;
    let plain: Vec<u8> = vec![0x34, 0x63, 0xD0, 0x89, 0x1D, 0x71, 0x4A, 0xB0,
                              0x08, 0x5D, 0x22, 0xE1, 0x8B, 0xFA, 0x77, 0xF0,
                              0xEB, 0xE4, 0xB8, 0x9E, 0xF0, 0x05, 0x32, 0x7D,
                              0x4F, 0xBD, 0x87, 0x69, 0x75, 0x76, 0x78, 0xAA,
                              0x3D, 0x24, 0x06, 0x0C, 0xA4, 0xA5, 0x8C, 0xA0,
                              0x21, 0x58, 0xB8, 0xA1, 0x86, 0xAD, 0xBB, 0x6D,
                              0x9E, 0x09, 0x1C, 0x47, 0x06, 0x25, 0x4B, 0x2E,
                              0x30, 0x53, 0x3A, 0x5F, 0xE9, 0xDF, 0x3A, 0x90];
    let mut cipher = vec![0u8; length];
    let mut dec_cipher = vec![0u8; length];
    let o_key: Vec<u8> = vec![0x0F, 0x57, 0x9F, 0x79, 0x50, 0x99, 0x0A, 0xCE,
                              0x66, 0x72, 0xA8, 0x17, 0x95, 0x1F, 0xF6, 0x06,
                              0x24, 0x40, 0xDE, 0xF5, 0x08, 0xF1, 0x64, 0x34,
                              0xD6, 0xEF, 0xEF, 0xFD, 0x26, 0x23, 0x04, 0x95];
    let mut w_keys: Vec<u32> = vec![0u32; 60];
    let iv: Vec<u8> = vec![0x04, 0x7C, 0xF3, 0xEA, 0xE1, 0x76, 0x45, 0x85,
                           0x72, 0x52, 0x7B, 0xAA, 0x26, 0x0D, 0x65, 0xBB];

    aes_core::setkey_enc_auto(&o_key, &mut w_keys);
    aes_with_operation_mode::cfb_enc(&plain, &mut cipher, &w_keys, &iv);

    let expected_encrypted = vec![0x9D, 0xF9, 0x3D, 0x71, 0xC1, 0x9E, 0x50, 0x22,
                                  0x36, 0x35, 0xF1, 0xB6, 0xED, 0xA6, 0x86, 0x74,
                                  0x5F, 0x34, 0xD6, 0x93, 0xA9, 0x0F, 0xFF, 0x50,
                                  0x4C, 0xE6, 0x8E, 0xC0, 0x06, 0x3F, 0x3A, 0x62,
                                  0x78, 0x9F, 0xAB, 0xB1, 0x06, 0x95, 0x64, 0xB6,
                                  0xBB, 0x06, 0x92, 0x02, 0x34, 0x2D, 0x36, 0x35,
                                  0xA4, 0x95, 0x30, 0x2E, 0x20, 0xD3, 0xE8, 0x53,
                                  0x95, 0xA2, 0xDF, 0x83, 0x9B, 0x7B, 0x12, 0x3F];

    assert_eq!(length, cipher.len(), "ERROR cipher.len()");

    for i in 0..length {
        assert_eq!(expected_encrypted[i], cipher[i], "ERROR in encrypt {}", i);
    }

    // Notice: CFB only uses block-encryption, no matter we use it as encryption or decryption.
    // So, keep don't use functions which start with`setkey_dec_` and keep the next line commented out.
    //aes_core::setkey_dec_auto(&o_key, &mut w_keys);
    aes_with_operation_mode::cfb_dec(&cipher, &mut dec_cipher, &w_keys, &iv);

    assert_eq!(length, dec_cipher.len(), "ERROR dec_cipher.len()");
    for i in 0..length {
        assert_eq!(plain[i], dec_cipher[i], "ERROR in decrypt {}", i);
    }

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.