This module implements various Block Cipher Modes.

The five modes currently supported:

ECB (Electronic Code Book)
CBC (Cipher Block Chaining)
CFB (Cipher FeedBack)
OFB (Output FeedBack)
CTR (Counter)
GCM (Galois/Counter Mode)

You can use any of this modes with all the block ciphers of nimcrypto library

Tests made according to official test vectors (Appendix F) http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf GCM tests made according official test vectors (Appendix B) https://pdfs.semanticscholar.org/114a/4222c53f1a6879f1a77f1bae2fc0f8f55348.pdf and OpenSSL vectors https://github.com/majek/openssl/blob/master/crypto/evp/evptests.txt

ECB (Electronic Code Book) ModeCBC (Cipher Block Chaining) ModeCTR (Counter) ModeOFB (Output Feedback) ModeCFB (Cipher Feedback) ModeGCM (Galois Counter Mode)

Imports

utils

Types

ECB[T] = object cipher: T tmp: array[MaxBlockBytesSize, byte]: ECB (Electronic Code Book) context object
CBC[T] = object cipher: T iv: array[MaxBlockBytesSize, byte] tmp: array[MaxBlockBytesSize, byte]: CBC (Cipher Block Chaining) context object
OFB[T] = object cipher: T iv: array[MaxBlockBytesSize, byte]: OFB (Output FeedBack) context object
CFB[T] = object cipher: T iv: array[MaxBlockBytesSize, byte]: CFB (Cipher FeedBack) context object
CTR[T] = object cipher: T iv: array[MaxBlockBytesSize, byte] ecount: array[MaxBlockBytesSize, byte] num: uint: CTR (Counter) context object
GCM[T] = object cipher: T h: array[16, byte] y: array[16, byte] basectr: array[16, byte] buf: array[16, byte] aadlen: uint64 datalen: uint64: GCM (Galois/Counter Mode) context object

Procs

proc init[T](ctx: var ECB[T]; key: ptr byte)

Initialize ECB[T] with encryption key key.

Note! Size of data pointed by key must be at least ctx.sizeKey octets (bytes).

proc init[T](ctx: var ECB[T]; key: openArray[byte]) {...}{.inline.}

Initialize ECB[T] with encryption key key.

This procedure will not perform any additional padding for encryption key key.

Length of key must be at least ECB[T].sizeKey() octets (bytes).

You can see examples of usage ECB mode here examples/ecb.nim.

proc init[T](ctx: var ECB[T]; key: openArray[char]) {...}{.inline.}

Initialize ECB[T] with encryption key key.

This procedure will not perform any additional padding for encryption key key.

Length of key must be at least ECB[T].sizeKey() octets (bytes).

You can see examples of usage ECB mode here examples/ecb.nim.

proc clear[T](ctx: var ECB[T]) {...}{.inline.}

Clear ECB[T] context ctx.

proc encrypt[T](ctx: var ECB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform ECB[T] encryption of plain data pointed by inp of length length and store encrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc decrypt[T](ctx: var ECB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform ECB[T] decryption of encrypted data pointed by inp of length length and store plain data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc encrypt[T](ctx: var ECB[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using ECB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. Length of input must be aligned to the ctx.sizeBlock value, e.g. len(input) mod ctx.sizeBlock == 0.

proc encrypt[T](ctx: var ECB[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using ECB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var ECB[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using ECB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var ECB[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using ECB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc init[T](ctx: var CBC[T]; key: ptr byte; iv: ptr byte)

Initialize CBC[T] with encryption key key and initial vector (IV) iv.

Note! Size of encryption key pointed by key must be at least ctx.sizeKey octets (bytes) and size of initial vector iv must be at least ctx.sizeBlock octets (bytes).

You can see examples of usage CBC mode here examples/cbc.nim.

proc init[T](ctx: var CBC[T]; key: openArray[byte]; iv: openArray[byte])

Initialize CBC[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key must be at least ctx.sizeKey() octets (bytes). Length of iv must be at least ctx.sizeBlock() octets (bytes)

You can see examples of usage CBC mode here examples/cbc.nim.

proc init[T](ctx: var CBC[T]; key: openArray[char]; iv: openArray[char])

Initialize CBC[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key must be at least ctx.sizeKey() octets (bytes). Length of iv must be at least ctx.sizeBlock() octets (bytes)

You can see examples of usage CBC mode here examples/cbc.nim.

proc clear[T](ctx: var CBC[T]) {...}{.inline.}

Clear CBC[T] context ctx.

proc encrypt[T](ctx: var CBC[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform CBC[T] encryption of plain data pointed by inp of length length and store encrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc decrypt[T](ctx: var CBC[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform CBC[T] decryption of encrypted data pointed by inp of length length and store plain data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc encrypt[T](ctx: var CBC[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CBC[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc encrypt[T](ctx: var CBC[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CBC[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CBC[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using CBC[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CBC[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using CBC[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc init[T](ctx: var CTR[T]; key: ptr byte; iv: ptr byte)

Initialize CTR[T] with encryption key key and initial vector (IV) iv.

Note! Size of encryption key pointed by key must be at least ctx.sizeKey octets (bytes) and size of initial vector iv must be at least ctx.sizeBlock octets (bytes).

You can see examples of usage CTR mode here examples/ctr.nim.

proc init[T](ctx: var CTR[T]; key: openArray[byte]; iv: openArray[byte])

Initialize CTR[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage CTR mode here examples/ctr.nim.

proc init[T](ctx: var CTR[T]; key: openArray[char]; iv: openArray[char]) {...}{.inline.}

Initialize CTR[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage CTR mode here examples/ctr.nim.

proc clear[T](ctx: var CTR[T]) {...}{.inline.}

Clear CTR[T] context ctx.

proc encrypt[T](ctx: var CTR[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform CTR[T] encryption of plain data pointed by inp of length length and store encrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Procedure returns number of processed octets (bytes).

proc decrypt[T](ctx: var CTR[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable, inline.}

Perform CTR[T] decryption of encrypted data pointed by inp of length length and store decrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Procedures returns number of processed octets (bytes).

proc encrypt[T](ctx: var CTR[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CTR[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc encrypt[T](ctx: var CTR[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CTR[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CTR[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using CTR[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CTR[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using CTR[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc init[T](ctx: var OFB[T]; key: ptr byte; iv: ptr byte)

Initialize OFB[T] with encryption key key and initial vector (IV) iv.

Note! Size of encryption key pointed by key must be at least ctx.sizeKey octets (bytes) and size of initial vector iv must be at least ctx.sizeBlock octets (bytes).

You can see examples of usage OFB mode here examples/ofb.nim.

proc init[T](ctx: var OFB[T]; key: openArray[byte]; iv: openArray[byte])

Initialize OFB[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage OFB mode here examples/ofb.nim.

proc init[T](ctx: var OFB[T]; key: openArray[char]; iv: openArray[char])

Initialize OFB[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage OFB mode here examples/ofb.nim.

proc clear[T](ctx: var OFB[T]) {...}{.inline.}

Clear OFB[T] context ctx.

proc encrypt[T](ctx: var OFB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform OFB[T] encryption of plain data pointed by inp of length length and store encrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc decrypt[T](ctx: var OFB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable, inline.}

Perform OFB[T] decryption of encrypted data pointed by inp of length length and store plain data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc encrypt[T](ctx: var OFB[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using OFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc encrypt[T](ctx: var OFB[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using OFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var OFB[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using OFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var OFB[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Decrypt array of data input and store decrypted data to array output using OFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc init[T](ctx: var CFB[T]; key: ptr byte; iv: ptr byte)

Initialize CFB[T] with encryption key key and initial vector (IV) iv.

Note! Size of encryption key pointed by key must be at least ctx.sizeKey octets (bytes) and size of initial vector iv must be at least ctx.sizeBlock octets (bytes).

You can see examples of usage CFB mode here examples/cfb.nim.

proc init[T](ctx: var CFB[T]; key: openArray[byte]; iv: openArray[byte])

Initialize CFB[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage CFB mode here examples/cfb.nim.

proc init[T](ctx: var CFB[T]; key: openArray[char]; iv: openArray[char])

Initialize CFB[T] with encryption key key and initial vector (IV) iv.

This procedure will not perform any additional padding for encryption key key and initial vector iv.

Length of key array must be at least ctx.sizeKey() octets (bytes). Length of iv array must be at least ctx.sizeBlock() octets (bytes).

You can see examples of usage CFB mode here examples/cfb.nim.

proc clear[T](ctx: var CFB[T]) {...}{.inline.}

Clear CFB[T] context ctx.

proc encrypt[T](ctx: var CFB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform CFB[T] encryption of plain data pointed by inp of length length and store encrypted data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc decrypt[T](ctx: var CFB[T]; inp: ptr byte; oup: ptr byte; length: uint): uint {...}{. discardable.}

Perform CFB[T] decryption of encrypted data pointed by inp of length length and store plain data to oup. oup must be able to hold at least length octets (bytes) of data.

Note, that this procedure do not perform any additional padding, so you need to do it on your own. length must be aligned to the ctx.sizeBlock value, e.g. length mod ctx.sizeBlock == 0.

Procedure returns number of processed octets (bytes).

proc encrypt[T](ctx: var CFB[T]; input: openArray[byte]; output: var openArray[byte]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc encrypt[T](ctx: var CFB[T]; input: openArray[char]; output: var openArray[char]) {...}{. inline.}

Encrypt array of data input and store encrypted data to array output using CFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CFB[T]; input: openArray[byte]; output: var openArray[byte])

Decrypt array of data input and store decrypted data to array output using CFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc decrypt[T](ctx: var CFB[T]; input: openArray[char]; output: var openArray[char])

Decrypt array of data input and store decrypted data to array output using CFB[T] context ctx.

Note that length of input array must be less or equal to length of output array. Length of input array must not be zero.

proc init[T](ctx: var GCM[T]; key: openArray[byte]; iv: openArray[byte]; aad: openArray[byte])

Initialize GCM[T] with encryption key key, initial vector (IV) iv and additional authentication data (AAD) aad.

Size of key must be at least ctx.sizeKey() octets (bytes). Size of cipher T block must be 128 bits (16 bytes).

You can see examples of usage GCM mode here examples/gcm.nim.

proc encrypt[T](ctx: var GCM[T]; input: openArray[byte]; output: var openArray[byte])

Encrypt array of data input and store encrypted data to array output using GCM[T] context ctx.

Note that length of input must be less or equal to length of output. Length of input must not be zero.

proc decrypt[T](ctx: var GCM[T]; input: openArray[byte]; output: var openArray[byte])

Decrypt array of data input and store decrypted data to array output using GCM[T] context ctx.

Note that length of input must be less or equal to length of output. Length of input must not be zero.

proc getTag[T](ctx: var GCM[T]; tag: var openArray[byte])

Obtain authentication tag from GCM[T] context ctx and store it to tag.

Note that maximum size of tag is 128 bits (16 bytes).

proc getTag[T](ctx: var GCM[T]): array[16, byte] {...}{.noinit.}

Obtain authentication tag from GCM[T] context ctx and return it as result array.

proc clear[T](ctx: var GCM[T]) {...}{.inline.}

Clear GCM[T] context ctx.

Templates

template sizeBlock[T](ctx: ECB[T]): int: Size of ECB[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: ECB[T]): int: Size of ECB[T] key in octets (bytes). This value is equal to cipher T key size.
template sizeBlock[T](ctx: CBC[T]): int: Size of CBC[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: CBC[T]): int: Size of CBC[T] key in octets (bytes). This value is equal to cipher T key size.
template sizeBlock[T](ctx: CTR[T]): int: Size of CTR[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: CTR[T]): int: Size of CTR[T] key in octets (bytes). This value is equal to cipher T key size.
template sizeBlock[T](ctx: OFB[T]): int: Size of OFB[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: OFB[T]): int: Size of OFB[T] key in octets (bytes). This value is equal to cipher T key size.
template sizeBlock[T](ctx: CFB[T]): int: Size of CFB[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: CFB[T]): int: Size of CFB[T] key in octets (bytes). This value is equal to cipher T key size.
template sizeBlock[T](ctx: GCM[T]): int: Size of GCM[T] block in octets (bytes). This value is equal to cipher T block size.
template sizeKey[T](ctx: GCM[T]): int: Size of GCM[T] key in octets (bytes). This value is equal to cipher T key size.

Module bcmode

Imports

Types

Procs

Templates