Standalone one file AES library that includes the absolute minimum of code for the functionality selected
Supported modes:
+------------------+------------------+------------------+
| AES‑128 | AES‑192 | AES‑256 |
+------------------+------------------+------------------+
| AES‑128‑ECB | AES‑192‑ECB | AES‑256‑ECB |
| AES‑128‑CBC | AES‑192‑CBC | AES‑256‑CBC |
| AES‑128‑CTR | AES‑192‑CTR | AES‑256‑CTR |
| AES‑128‑CFB | AES‑192‑CFB | AES‑256‑CFB |
| AES‑128‑OFB | AES‑192‑OFB | AES‑256‑OFB |
| AES‑128‑GCM | AES‑192‑GCM | AES‑256‑GCM |
| AES‑128‑GMAC | AES‑192‑GMAC | AES‑256‑GMAC |
| AES‑128‑XEX | | AES‑256‑XEX |
| AES‑128‑XTS | | AES‑256‑XTS |
+------------------+------------------+------------------+
Bonus: PKCS7 Padding + Encryption/Decryption for ECB/CBC modes optionally supported
Features:
- Cross-platform
- No dependencies (no standard library, no runtime library, nothing at all)
- All modes support in-place encryption/decryption (plaintext buffer and ciphertext buffer may be the same)
- Encryption/decryption separated, only absolute minimum of internal functions included with any configuration
- AES S-Box and Inverse S-Box can be precalculated tables (either or both) or the substitution values can be calculated on demand
- All modes passed tests against NIST test vectors and IEEE P1619 test vectors with optimizations -O0, -O1, -O2, -Os, -O3
- Stack usage estimations included (depending on optimization level, on x86_64 the deepest stack use by functions is ~460 - ~670 bytes)
Usage notes:
- Included modes configured in the header
- Test file goes through all modes, check usage
- User handles key expansion with a supplied function (in case the user wants to reuse it)
- User handles XEX/XTS tweak initialization with a supplied function (in case the user wants to reuse it)
- ECB/CBC/XEX expect data length to be a multiple of full AES blocks (16 bytes), all other modes support arbitrary data length
- PKCS7 encryption appends padding to the input buffer after the data