An easy to integrate AES implementation for resource constrained targets.
Highlights:
- Source linted to MISRA 2012
- Embedded interface documentation
- Tests
- Compile time options for porting
Modules
- AES
- byte oriented (512B of tables)
- support for 128, 196 and 256 bit keys
- AES GCM
- depends on AES
- table-less
- vector operations optimised for target word size
- single pass mode only
- AES Key Wrap
- depends on AES
- RFC 3394:2002
- AES CMAC
- depends on AES
- vector operations optimised for target word size
- NIST SP 800-38B
- single pass mode only
Integrating With Your Project
Example makefile snippet:
1 INCLUDES += $(DIR_MODA)/include
3 VPATH += $(DIR_MODA)/src
5 SRC += $(wildcard $(DIR_MODA)/src/*.c)
7 OBJECTS += $(SRC:.c=.o)
Add #include "moda.h" to source files that use the MODA API.
Build Time Options
1 // define to remove assert.h (as per usual)
4 // define to set target endian as big endian
5 // default: undefined (not relevant if MODA_WORD_SIZE == 1)
8 // define to set target word size {1, 2, 4 or 8}
12 // define to apply compiler specific restrict attribute
13 // default: __restrict__
14 -DMODA_RESTRICT=__restrict__
16 // include settings for putting constant data into program memory for avr gcc
18 -DMODA_AVR_GCC_PROGMEM
20 // define to apply target specific attribute after sbox, rsbox and rcon constants
22 -DMODA_CONST_POST=PROGMEM
24 // define to apply target specific attribute before sbox, rsbox and rcon constants
26 -D'MODA_CONST_PRE=__flash'
28 // define an alternate instruction to use to access rsbox constant
30 -D'RSBOX(C)=pgm_read_byte(&rsbox[C])'
32 // define an alternate instruction to use to access sbox constant
34 -D'SBOX(C)=pgm_read_byte(&sbox[C])'
36 // define an alternate instruction to use to access rcon constant
38 -D'RCON(C)=pgm_read_byte(&rcon[C])'
Recommended Further Reading
https://en.wikipedia.org/wiki/Side-channel_attack
License
Moda has an MIT license.