sascha_hemi/pycom-documentation
1
0
Fork 0
mirror of https://github.com/sascha-hemi/pycom-documentation.git synced 2026-03-21 12:05:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ac8fed2012b39d446e9bb608c5aa7f748c726f50
pycom-documentation/firmwareapi/pycom/aes.md
Daniel Spindelbauer 015fdc88ef GitBook: [master] 333 pages modified
2018-09-19 15:38:13 +00:00

63 lines
2.6 KiB
Markdown
Raw Blame History

# AES
AES \(Advanced Encryption Standard\) is a symmetric block cipher standardised by NIST. It has a fixed data block size of 16 bytes. Its keys can be 128, 192, or 256 bits long.
{% hint style="info" %}
AES is implemented using the ESP32 hardware module.
{% endhint %}
## Quick Usage Example
```python
from crypto import AES
import crypto
key = b'notsuchsecretkey' # 128 bit (16 bytes) key
iv = crypto.getrandbits(128) # hardware generated random IV (never reuse it)
cipher = AES(key, AES.MODE_CFB, iv)
msg = iv + cipher.encrypt(b'Attack at dawn')
# ... after properly sent the encrypted message somewhere ...
cipher = AES(key, AES.MODE_CFB, msg[:16]) # on the decryption side
original = cipher.decrypt(msg[16:])
print(original)
```
## Constructors
#### class ucrypto.AES\(key, mode, IV, \* , counter, segment\_size\)
Create an AES object that will let you encrypt and decrypt messages.
The arguments are:
* `key` \(byte string\) is the secret key to use. It must be 16 \(AES-128\), 24 \(AES-192\), or 32 \(AES-256\) bytes long.
* `mode` is the chaining mode to use for encryption and decryption. Default is `AES.MODE_ECB`.
* `IV` \(byte string\) initialisation vector. Should be 16 bytes long. It is ignored in modes `AES.MODE_ECB` and `AES.MODE_CRT`.
* `counter` \(byte string\) used only for `AES.MODE_CTR`. Should be 16 bytes long. Should not be reused.
* `segment_size` is the number of bits `plaintext` and `ciphertext` are segmented in. Is only used in `AES.MODE_CFB`. Supported values are `AES.SEGMENT_8` and `AES.SEGMENT_128`
## Methods
#### ucrypto.encrypt\(\)
Encrypt data with the key and the parameters set at initialisation.
#### ucrypto.decrypt\(\)
Decrypt data with the key and the parameters set at initialisation.
## Constants
* `AES.MODE_ECB`: Electronic Code Book. Simplest encryption mode. It does not hide data patterns well \(see this article for more info\)
* `AES.MODE_CBC`: Cipher-Block Chaining. An Initialisation Vector \(IV\) is required.
* `AES.MODE_CFB`: Cipher feedback. `plaintext` and `ciphertext` are processed in segments of `segment_size` bits. Works a stream cipher.
* `AES.MODE_CTR`: Counter mode. Each message block is associated to a counter which must be unique across all messages that get encrypted with the same key.
* `AES.SEGMENT_8`, `AES.SEGMENT_128`: Length of the segment for `AES.MODE_CFB`
{% hint style="danger" %}
To avoid security issues, IV should always be a random number and should never be reused to encrypt two different messages. The same applies to the counter in CTR mode. You can use `crypto.getrandbits()` for this purpose.
{% endhint %}
Reference in New Issue View Git Blame Copy Permalink