CRYPTO.SBR Enhancements

Parameters

Add new parameters initialization vector (iv), additional authentication data (aad) and authentication tag (authtag). New syntax is:

XCALL CRYPT, opcode, status, src, decoding, src, encoding, cflags {, cipher, key, keybits, cmode, padding {, cbsrc {, iv {, aad, authtag}}}}

iv  (String or Unfmt)  [in]

Initialization vector for optional use with CRYPTOP_ENCRYPT/DECRYPT opcodes with the AES cipher (all cipher modes except ECB). For cipher modes other than GCM or ECB, it should match the cipher block size, i.e. 16 bytes for AES (128 bits, not to be confused with the key size). For GCM cipher mode, 96 bits or less is recommended for best efficiency and interoperability. In all cases, it should be unique for any given key, preferably randomly generated. For GCM, it is only necessary that each IV not be used more than once. The same iv used for the encryption must be supplied to the decryption. The iv may be specified as raw bytes (preferably using an X format variable), or as a string of hex digits (in which case the CRYPF_IVHEX flag must be specified.)

aad  (String, null terminated)  [in]

Additional authentication data for use with the new GCM cipher mode (see below). Must be in the format of a string of hex digits. This is typically used to provide an identifying label or other association for the encrypted text, with the intent of making sure that the decrypted text is not just valid, but valid for a particular context/use. A corresponding authentication tag is generated (by combining the aad with the message and hashing and encrypting it) and output to the authtag parameter. The aad does not have to be kept secret, but both it and the corresponding authtag must be provided to the decryption routine in order to authenticate the result. The aad parameter can be null, but a unique authtag will still be generated and must be passed (along with the null aad) to the decryption.

authtag  (String, 33+ bytes)  [in/out]

Required for AES-GCM encryption/decryption. During encryption, an authentication tag is generated from the combination of the aad and the message text and output to this parameter in the form of a string of 32 hex digits. This computed value must then be passed along with the origional aad to the decryption.

Cipher Modes

Add new cipher modes (cmode) added for use with the AES encryption algorithm. See CIPHER.DEF table below.

Padding

The following text was added to the parameter description for padding:

Note that the stream cipher modes (CTR,CFB,OFB,GCM) do not require or use padding and thus ignore the padding parameter (use of CRYPT_PAD_NA recommended for clarity). Without padding, the encrypted text is the same size as the plain text (assuming the same encoding). The block cipher modes (ECB and CBC) do require one of the other padding options, all of which will increase the encrypted text size up to a multiple of the block size (i.e. a multiple of 16).

Linux

This release enables CRYPTO.SBR for A-Shell/Linux; previously only A-Shell/Windows was supported.

CIPHER.DEF

New symbols in ashinc:cipher.def

Cipher

Value

Description

CRYPTO_MODE_CTR

4

Counter Mode (stream)

CRYPTO_MODE_CFB

5

Cipher Feedback (stream)

CRYPTO_MODE_OFB

6

Output Feedback (stream)

CRYPTO_MODE_GCM

7

Galois/Counter Mode (stream)

 

 

 

CRYPF_IVHEX

&h0800

IV is hex-encoded, else binary.

 

 

 

CRYPTO_PAD_NA

-1

Padding not applicable; use with stream cipher modes CTR, CFB, OFG, GCM.

 

Libraries

All of the CRYPT-related enhancements described above require ASHNET.DLL 1.9.156+ (Windows) or libashnet.so.1.9.156 (Linux).