Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

1.4 Using the Library
Describes how to use the crypto library.
Description
This topic describes the basic architecture of the crypto library and provides information and examples on how to use it.
Interface Header File
: crypto.h
The interface to the crypto library is defined in the "crypto.h" header file. Any C language source (.c) file that uses the crypto
library should include "crypto.h". Several sub-header files are provided for individual algorithms. These have the format
"[algorithm].h" (e.g. "aes.h"). Additional header files are provided for the block cipher modes of operation; the generic header
file for this is "block_cipher_modes.h" and each specific mode has its own header, with the form "block_cipher_mode_xxx.h,"
where "xxx" is the mode (ecb, cbc, cfb, ofb, ctr, gcm).
Note that the depending on which implementation of the RSA module is used, it may require the big integer math library
(bigint). The big integer math library is included with this crypto library; any C language source (.c) file that uses the big
integer math library should include "bigint.h."
1.4.1 Abstraction Model
This library provides the low-level abstraction of the crypto module on the Microchip family of microcontrollers with a
convenient C language interface. This topic describes how that abstraction is modeled in the software and introduces the
library interface.
Description
Non-authenticating Block Cipher Modules
Depending on the mode of operation used with a block cipher, the message may be padded, initialized with an initialization
vector, or use feedback from previous encryption blocks to provide additional security. The currently available modes can be
grouped into two categories: modes that use keystreams (OFB, CTR), and modes that do not (ECB, CBC, CFB). The
keystream modes use initialization data (provided by feedback for OFB), but that data doesn't depend on the plaintext or
ciphertext used for the previous encryption or decryption. For this reason, a keystream can be generated before the plaintext
or ciphertext is available and then used to encrypt/decrypt a variable-length block of text when it becomes available. The
other modes required whole blocks of data before they can be encrypted/decrypted.
Block Cipher Mode Module Software Abstraction Block Diagram (Keystream modes)
1.4 Using the Library MLA - Crypto Library Help Abstraction Model
10

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh