Advanced Encryption Standard (AES) User's Guide



Similar documents
AN AES encryption and decryption software on LPC microcontrollers. Document information

UM0586 User manual. STM32 Cryptographic Library. Introduction

Chapter 17. Transport-Level Security

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

SkyRecon Cryptographic Module (SCM)

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

Bootloader with AES Encryption

SecureDoc Disk Encryption Cryptographic Engine

Secure web transactions system

AN3270 Application note

Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version

Web Security Considerations

Package PKI. July 28, 2015

VERITAS NetBackup 6.0 Encryption

Secure Network Communications FIPS Non Proprietary Security Policy

Security Policy for FIPS Validation

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

How To Use Cmk On An Ipa (Intralinks) On A Pc Or Mac Mac (Apple) On An Iphone Or Ipa On A Mac Or Ipad (Apple Mac) On Pc Or Ipat (Apple

Pulse Secure, LLC. January 9, 2015

FIPS Non-Proprietary Security Policy. IBM Internet Security Systems SiteProtector Cryptographic Module (Version 1.0)

Open-Xchange Guard Major Release v Feature Overview V1.4

The Encryption Technology of Automatic Teller Machine Networks

Waspmote Encryption Libraries. Programming guide

Online signature API. Terms used in this document. The API in brief. Version 0.20,

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect

KeyStone Architecture Security Accelerator (SA) User Guide

Dell NetVault Backup Plug-in for Advanced Encryption 2.2. User s Guide

ERserver. iseries. Secure Sockets Layer (SSL)

IBM Client Security Solutions. Client Security User's Guide

BlackBerry Enterprise Solution Security Release Technical Overview

DIGIPASS CertiID. Getting Started 3.1.0

BlackBerry Enterprise Solution

AVR1318: Using the XMEGA built-in AES accelerator. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

Securing Data at Rest: Database Encryption Solution using Empress Embedded Database

EmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions

EPEAT CONFORMITY ASSESSMENT PROTOCOLS : 4.4 Product longevity/life cycle extension

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release corrections. ADYTON Release 2.12.

Ciphermail Gateway PDF Encryption Setup Guide

EMC DATA DOMAIN ENCRYPTION A Detailed Review

Apple Cryptographic Service Provider Functional Specification

TLS and SRTP for Skype Connect. Technical Datasheet

Salesforce1 Mobile Security Guide

WiMAX Public Key Infrastructure (PKI) Users Overview

ISY994 Series Network Security Configuration Guide Requires firmware version Requires Java 1.7+

FIPS Non Proprietary Security Policy: IBM Internet Security Systems Proventia GX Series Security

Security Policy. Security Policy.

CA SiteMinder. Web Agent Installation Guide for IIS. r12.5

EMC Celerra Version 5.6 Technical Primer: Public Key Infrastructure Support

OpenADR 2.0 Security. Jim Zuber, CTO QualityLogic, Inc.

FIPS Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive

MatrixSSL Developer s Guide

V850. Application Note. 32-Bit Single-Chip Microcontrollers AES 128 Encryption/Decryption. Document No. U19668EE1V0AN00 Date Published January 2009

Secure Shell SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt,

SMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1

Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version:

etrust Audit Using the Recorder for Check Point FireWall-1 1.5

Overview. SSL Cryptography Overview CHAPTER 1

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

CS z/os Application Enhancements: Introduction to Advanced Encryption Standards (AES)

Administration Guide. Wireless software upgrades

PrivyLink Cryptographic Key Server *

CA Nimsoft Unified Management Portal

Alliance AES Encryption for IBM i Solution Brief

Security Guide. BES12 Cloud

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

PrivateServer HSM EKM Provider for Microsoft SQL Server

CA Process Automation

Windows Quick Start Guide for syslog-ng Premium Edition 5 LTS

PrivyLink Internet Application Security Environment *

A Pluggable Security Framework for Message Oriented Middleware

SafeNet MSSQL EKM Provider User Guide

Harden SSL/TLS v1.01. Windows hardening tool. Thierry ZOLLER.

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft

MovieLabs Specification for Enhanced Content Protection Version 1.0

Secure Data Exchange Solution

2007 Microsoft Office System Document Encryption

Symmetric and Public-key Crypto Due April , 11:59PM

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

CA Data Protection. Content Provider Development Guide. Release 15.0

FIPS Documentation: Security Policy 05/06/ :21 AM. Windows CE and Windows Mobile Operating System. Abstract

CA SiteMinder. Web Agent Installation Guide for IIS 12.51

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Windows Server 2008 R2 Boot Manager Security Policy For FIPS Validation

Instructions on TLS/SSL Certificates on Yealink Phones

IBM FlashSystem. SNMP Guide

FIPS Security Policy LogRhythm Log Manager

Security Policy for Oracle Advanced Security Option Cryptographic Module

Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon

NEMA Standards Publication PS 3 Supplement 41. Digital Imaging and Communications in Medicine (DICOM) Digital Signatures

Enabling Security Features in Firmware DGW v2.0 June 22, 2011

AN10866 LPC1700 secondary USB bootloader

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Security Policy Revision Date: 23 April 2009

Chapter 8. Network Security

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy

ERserver. iseries. Securing applications with SSL

FIPS Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0

SECUDE AG. FinallySecure Enterprise Cryptographic Module. FIPS Security Policy

TLS/SSL in distributed systems. Eugen Babinciuc

Transcription:

Advanced Encryption Standard (AES) User's Guide Version 1.00 BETA For use with AES versions 1.6 and above Date: 11-Feb-2015 11:23 All rights reserved. This document and the associated software are the sole property of HCC Embedded. Reproduction or duplication by any means of any portion of this document without the prior written consent of HCC Embedded is expressly forbidden. HCC Embedded reserves the right to make changes to this document and to the related software at any time and without notice. The information in this document has been carefully checked for its accuracy; however, HCC Embedded makes no warranty relating to the correctness of this document. Copyright HCC Embedded 2014 1 www.hcc-embedded.com

Table of Contents System Overview 4 Introduction 4 Feature Check 5 Packages and Documents 5 Packages 5 Documents 5 Source File List 6 API Header File 6 Configuration File 6 System File 6 Version File 6 Configuration Options 7 Application Programming Interface (API) 8 aes_init_fn 8 Key Lengths 9 Error Codes 10 Integration 11 PSP Porting 11 Copyright HCC Embedded 2014 2 www.hcc-embedded.com

Version 1.00 BETA For use with AES versions 1.6 and above All rights reserved. This document and the associated software are the sole property of HCC Embedded. Reproduction or duplication by any means of any portion of this document without the prior written consent of HCC Embedded is expressly forbidden. HCC Embedded reserves the right to make changes to this document and to the related software at any time and without notice. The information in this document has been carefully checked for its accuracy; however, HCC Embedded makes no warranty relating to the correctness of this document. Encryption Documents Home Copyright HCC Embedded 2014 3 www.hcc-embedded.com

1 System Overview 1.1 Introduction This guide is for those who want to implement bulk encryption using the Advanced Encryption Standard ( AES). The AES uses a symmetric key algorithm, with the same key used to both encrypt and decrypt the data. The AES module implements the AES bulk encryption algorithm with Cipher Block Chaining (CBC). You register the AES module with HCC's Embedded Encryption Manager (EEM), making it usable by other applications (for example, HCC's TLS/SSL) through a standard interface. The EEM is the core component of HCC's encryption system. The system structure is shown below: Note: Although every attempt has been made to simplify the system s use, to get the best results you must understand clearly the requirements of the systems you design. HCC Embedded offers hardware and firmware development consultancy to help you implement your system; contact sales@hcc-embedded.com. Copyright HCC Embedded 2014 4 www.hcc-embedded.com

1.2 Feature Check The main features of the AES module are the following: It conforms to the HCC Advanced Embedded Framework. It conforms to the HCC Coding Standard including full MISRA compliance. It conforms to the HCC Embedded Encryption Manager (EEM) standard and is compatible with the EEM. It can be verified using the HCC Encryption Test Suite. 1.3 Packages and Documents Packages The table below lists the packages that you need in order to use this module. Package hcc_base_docs enc_base enc_aes Description This contains the two guides that will help you get started. The EEM base package. The AES package described in this document. Documents Readers should note the points in the HCC Documentation Guidelines on the HCC documentation website. HCC Firmware Quick Start Guide This document describes how to install packages provided by HCC in the target development environment. Also follow the HCC Source Tree Guide Quick Start Guide when HCC provides package updates. This document describes the HCC source tree. It gives an overview of the system to make clear the logic behind its organization. HCC Embedded Encryption Manager User's Guide This document describes the EEM. HCC Advanced Encryption Standard (AES) User's Guide This is this document. Copyright HCC Embedded 2014 5 www.hcc-embedded.com

2 Source File List This section describes all the source code files included in the system. These files follow the HCC Embedded standard source tree system, described in the HCC Source Tree Guide. All references to file pathnames refer to locations within this standard source tree, not within the package you initially receive. Note: Do not modify any files except the configuration file. 2.1 API Header File The file src/api/api_enc_sw_aes.h is the only file that should be included by an application using this module. It defines the aes_init_fn() function. 2.2 Configuration File The file src/config/config_enc_sw_aes.h contains the configurable parameters of the system. Configure these as required. This is the only file in the module that you should modify. 2.3 System File The file src/enc/software/aes/aes.c is the source code file. This file should only be modified by HCC. 2.4 Version File The file src/version/ver_enc_sw_aes.h contains the version number of this module. This version number is checked by all modules that use this module to ensure system consistency over upgrades. Copyright HCC Embedded 2014 6 www.hcc-embedded.com

3 Configuration Options Set the system configuration options in the file src/config/config_enc_sw_aes.h. AES_INSTANCE_NR The maximum number of AES algorithm instances. The default is 2. AES_TLS12_PADDING_METHOD This controls padding generation. The values are: 0 (the default) padding is generated consistent with PKCS #7 (RFC 5652, section 6.3). 1 use this for TLS 1.2 encryption. It generates padding in a manner consistent with RFC 5246 section 6.2.3.2. Copyright HCC Embedded 2014 7 www.hcc-embedded.com

4 Application Programming Interface (API) This section describes the single API function, the key lengths, and the error codes. 4.1 aes_init_fn Call this function from the EEM to forward the structure containing AES functions to it. Format t_enc_ret aes_init_fn ( t_enc_driver_fn const * * const pp_encdriver ) Arguments Parameter Description Type pp_encdriver A pointer to a structure containing AES functions. t_enc_driver_fn * * Return Values Return value ENC_SUCCESS ENC_INVALID_ERR Description Successful execution. The module has already been initialized. Copyright HCC Embedded 2014 8 www.hcc-embedded.com

4.2 Key Lengths The key lengths are as follows: Name Value Description AES_128_KEY_LEN 16U 128 bit AES key length in bytes. AES_256_KEY_LEN 32U 256 bit AES key length in bytes. Copyright HCC Embedded 2014 9 www.hcc-embedded.com

4.3 Error Codes The table below lists the error codes that may be generated by the API calls. Error code Value Meaning ENC_SUCCESS 0U Successful execution. ENC_INVALID_ERR 1U The module has already been initialized. Copyright HCC Embedded 2014 10 www.hcc-embedded.com

5 Integration The AES module is designed to be as open and as portable as possible. No assumptions are made about the functionality, the behavior, or even the existence, of the underlying operating system. For the system to work at its best, perform the porting outlined below. This is a straightforward task for an experienced engineer. 5.1 PSP Porting The Platform Support Package (PSP) is designed to hold all platform-specific functionality, either because it relies on specific features of a target system, or because this provides the most efficient or flexible solution for the developer. The module makes use of the following standard PSP function: Function Package Element Description psp_memcpy( ) psp_base psp_string Copies a block of memory. The result is a binary copy of the data. The module makes use of the following standard PSP macros: Macro Package Element Description PSP_RD_BE32 psp_base psp_endianness Reads a 32 bit value stored as big-endian from a memory location. PSP_RD_LE32 psp_base psp_endianness Reads a 32 bit value stored as little-endian from a memory location. PSP_WR_BE32 psp_base psp_endianness Writes a 32 bit value to be stored as big-endian to a memory location. PSP_WR_LE32 psp_base psp_endianness Writes a 32 bit value to be stored as little-endian to a memory location. Copyright HCC Embedded 2014 11 www.hcc-embedded.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information