image::exiftool::aes(3pm) [debian man page]
Image::ExifTool::AES(3pm) User Contributed Perl Documentation Image::ExifTool::AES(3pm) NAME
Image::ExifTool::AES - AES encryption with cipher-block chaining SYNOPSIS
use Image::ExifTool::AES qw(Crypt); $err = Crypt($plaintext, $key, 1); # encryption $err = Crypt($ciphertext, $key); # decryption DESCRIPTION
This module contains an implementation of the AES encryption/decryption algorithms with cipher-block chaining (CBC) and RFC 2898 PKCS #5 padding. This is the AESV2 and AESV3 encryption mode used in PDF documents. EXPORTS
Exports nothing by default, but "Crypt" may be exported. METHODS
Crypt Implement AES encryption/decryption with cipher-block chaining. Inputs: 0) Scalar reference for data to encrypt/decrypt. 1) Encryption key string (must have length 16, 24 or 32). 2) [optional] Encrypt flag (false to decrypt). 3) [optional] Flag to avoid removing padding after decrypting, or to avoid adding 16 bytes of padding before encrypting when data length is already a multiple of 16 bytes. Returns: On success, the return value is undefined and the data is encrypted or decrypted as specified. Otherwise returns an error string and the data is left in an indeterminate state. Notes: The length of the encryption key dictates the AES mode, with lengths of 16, 24 and 32 bytes resulting in AES-128, AES-192 and AES-256. When encrypting, the input data may be any length and will be padded to an even 16-byte block size using the specified padding technique. If the encrypt flag has length 16, it is used as the initialization vector for the cipher-block chaining, otherwise a random IV is generated. Upon successful return the data will be encrypted, with the first 16 bytes of the data being the CBC IV. When decrypting, the input data begins with the 16-byte CBC initialization vector. BUGS
This code is blindingly slow. But in truth, slowing down processing is the main purpose of encryption, so this really can't be considered a bug. AUTHOR
Copyright 2003-2011, Phil Harvey (phil at owl.phy.queensu.ca) This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. REFERENCES
<http://www.hoozi.com/Articles/AESEncryption.htm> http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf <http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf> <http://www.faqs.org/rfcs/rfc3602.html> SEE ALSO
Image::ExifTool(3pm) perl v5.12.4 2011-03-04 Image::ExifTool::AES(3pm)
Check Out this Related Man Page
aes(n) Advanced Encryption Standard (AES) aes(n) __________________________________________________________________________________________________________________________________________________ NAME
aes - Implementation of the AES block cipher SYNOPSIS
package require Tcl 8.2 package require aes ?1.0.1? ::aes::aes ?-mode [ecb|cbc]? ?-dir [encrypt|decrypt]? -key keydata ?-iv vector? ?-hex? ?-out channel? ?-chunksize size? [ -in channel | data ] ::aes::Init mode keydata iv ::aes::Encrypt Key data ::aes::Decrypt Key data ::aes::Reset Key iv ::aes::Final Key _________________________________________________________________ DESCRIPTION
This is an implementation in Tcl of the Advanced Encryption Standard (AES) as published by the U.S. National Institute of Standards and Technology [1]. AES is a 128-bit block cipher with a variable key size of 128, 192 or 256 bits. This implementation supports ECB and CBC modes. COMMANDS
::aes::aes ?-mode [ecb|cbc]? ?-dir [encrypt|decrypt]? -key keydata ?-iv vector? ?-hex? ?-out channel? ?-chunksize size? [ -in channel | data ] Perform the aes algorithm on either the data provided by the argument or on the data read from the -in channel. If an -out channel is given then the result will be written to this channel. The -key option must be given. This parameter takes a binary string of either 16, 24 or 32 bytes in length and is used to generate the key schedule. The -mode and -dir options are optional and default to cbc mode and encrypt respectively. The initialization vector -iv takes a 16 byte binary argument which defaults to all zeros. See MODES OF OPERATION for more about available modes and their uses. AES is a 128-bit block cipher. This means that the data must be provided in units that are a multiple of 16 bytes. PROGRAMMING INTERFACE
Internal state is maintained in an opaque structure that is returned from the Init function. In ECB mode the state is not affected by the input but for CBC mode some input dependent state is maintained and may be reset by calling the Reset function with a new initialization vector value. ::aes::Init mode keydata iv Construct a new AES key schedule using the specified key data and the given initialization vector. The initialization vector is not used with ECB mode but is important for CBC mode. See MODES OF OPERATION for details about cipher modes. ::aes::Encrypt Key data Use a prepared key acquired by calling Init to encrypt the provided data. The data argument should be a binary array that is a mul- tiple of the AES block size of 16 bytes. The result is a binary array the same size as the input of encrypted data. ::aes::Decrypt Key data Decipher data using the key. Note that the same key may be used to encrypt and decrypt data provided that the initialization vector is reset appropriately for CBC mode. ::aes::Reset Key iv Reset the initialization vector. This permits the programmer to re-use a key and avoid the cost of re-generating the key schedule where the same key data is being used multiple times. ::aes::Final Key This should be called to clean up resources associated with Key. Once this function has been called the key may not be used again. MODES OF OPERATION
Electronic Code Book (ECB) ECB is the basic mode of all block ciphers. Each block is encrypted independently and so identical plain text will produce identical output when encrypted with the same key. Any encryption errors will only affect a single block however this is vulnerable to known plaintext attacks. Cipher Block Chaining (CBC) CBC mode uses the output of the last block encryption to affect the current block. An initialization vector of the same size as the cipher block size is used to handle the first block. The initialization vector should be chosen randomly and transmitted as the first block of the output. Errors in encryption affect the current block and the next block after which the cipher will correct itself. CBC is the most commonly used mode in software encryption. EXAMPLES
% set nil_block [string repeat \0 16] % aes::aes -hex -mode cbc -dir encrypt -key $nil_block $nil_block 66e94bd4ef8a2c3b884cfa59ca342b2e set Key [aes::Init cbc $sixteen_bytes_key_data $sixteen_byte_iv] append ciphertext [aes::Encrypt $Key $plaintext] append ciphertext [aes::Encrypt $Key $additional_plaintext] aes::Final $Key REFERENCES
[1] "Advanced Encryption Standard", Federal Information Processing Standards Publication 197, 2001 (http://csrc.nist.gov/publica- tions/fips/fips197/fips-197.pdf) AUTHORS
Thorsten Schloermann, Pat Thoyts BUGS, IDEAS, FEEDBACK This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category aes of the Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883]. Please also report any ideas for enhancements you may have for either package and/or documentation. SEE ALSO
blowfish(n), des(n), md5(n), sha1(n) KEYWORDS
aes, block cipher, data integrity, encryption, security COPYRIGHT
Copyright (c) 2005, Pat Thoyts <patthoyts@users.sourceforge.net> aes 1.0.1 aes(n)