Click here to Skip to main content
Click here to Skip to main content

A C++ Implementation of the Rijndael Encryption/Decryption method

, 7 Nov 2002
Rate this:
Please Sign up or sign in to vote.
An article presenting a C++ implementation of the Rijndael (AES) encryption/decryption method.

Introduction

Rijndael (pronounced rain-dahl) is the block cipher algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). It was selected by contest from a list of five finalists, that were themselves selected from an original list of more than 15 submissions. Rijndael will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years in many cryptography applications. The algorithm was designed by two Belgian cryptologists, Vincent Rijmen and Joan Daemen, whose surnames are reflected in the cipher's name. Rijndael has its origins in Square, an earlier collaboration between the two cryptologists.

The cipher has a variable block length and key length. The authors currently specify how to use keys with a length of 128, 192 or 256 bits, to encrypt blocks with a length of 128, 192 or 256 bits (all nine combinations of key length and block length are possible). Both block length and key length can be extended very easily to multiples of 32 bits. Documentation and complete specification of the method (as required by NIST) can be found here.

Rijndael can be implemented very efficiently on a wide range of processors and in hardware. This C++ implementation presented here is based on the Java implementation used with the Cryptix toolkit found on the Internet here (Java code authors are Raif S. Naffah and Paulo S.L.M. Barreto). This implementation was tested against KAT test published by the authors of the method and the results were identical.

Implementation

The public user interface of the CRijndael class is given below:

class CRijndael
{
public:
  //Operation Modes
  enum { ECB=0, CBC=1, CFB=2 };

  //CONSTRUCTOR
  CRijndael();

  //DESTRUCTOR
  virtual ~CRijndael();

  //Expand a user-supplied key material into a session key.
  void MakeKey(char const* key, char const* chain, 
    int keylength=DEFAULT_BLOCK_SIZE, 
    int blockSize=DEFAULT_BLOCK_SIZE);

  //Encrypt exactly one block of plaintext.
  void EncryptBlock(char const* in, char* result);

  //Decrypt exactly one block of ciphertext.
  void DecryptBlock(char const* in, char* result);

  //Encrypt a larger block of data
  void Encrypt(char const* in, char* result, size_t n, int iMode=ECB);

  //Decrypt a larger block of data
  void Decrypt(char const* in, char* result, size_t n, int iMode=ECB);

  //Get Key Length
  int GetKeyLength();

  //Block Size
  int GetBlockSize();

  //Number of Rounds
  int GetRounds();

  //Resets chain block to initial chain block.
  void ResetChain();

  //Null chain block
  static char const* sm_chain0;
};

The MakeKey() function is used to expand a user-supplied key material into a session key and to initialize the chain block. The keylength and blockSize can be any combination of 16, 24 or 32 bytes sizes with DEFAULT_BLOCK_SIZE being 16. This function has to be called after construction before any other functions.

The EncryptBlock() function is used to encrypt a block of the specified size using the specified key.

The DecryptBlock() function is the reverse of the EncryptBlock() function and is used to decrypt a block of the specified size using the specified key.

The Encrypt() function is used to encrypt larger blocks of data. The block size has to be a multiple of the method's block size. This function can operate in the following modes: ECB, CBC or CFB. ECB mode is not using chaining. If the same block is encrypted twice with the same key, the resulting ciphertext blocks are the same. In CBC mode, a ciphertext block is obtained by first XORing the plaintext block with the previous ciphertext block, and encrypting the resulting value. In CFB mode, a ciphertext block is obtained by encrypting the previous ciphertext block and XORing the resulting value with the plaintext. The operation mode is specified in the iMode parameter with ECB being the default value.

The Decrypt() function is the reverse of the Encrypt() function.

The purposes of the other functions are obvious.

Use Examples

The use of CRijndael class is very easy. In the first code snippet example, a block and key size of 16 bytes are applied to a 16 bytes block. The initial chain block is a null block. The block "aaaaaaaabbbbbbbb" is encrypted and then decrypted back.

try
{
  char szHex[33];

  //Initialization
  CRijndael oRijndael;
  oRijndael.MakeKey("abcdefghabcdefgh", CRijndael::sm_chain0, 16, 16);

  char szDataIn[] = "aaaaaaaabbbbbbbb";
  char szDataOut[17] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

  //Encryption
  oRijndael.EncryptBlock(szDataIn, szDataOut);

  CharStr2HexStr((unsigned char*)szDataIn, szHex, 16);
  cout << szHex << endl;
  CharStr2HexStr((unsigned char*)szDataOut, szHex, 16);
  cout << szHex << endl;
  memset(szDataIn, 0, 16);

  //Decryption
  oRijndael.DecryptBlock(szDataOut, szDataIn);

  CharStr2HexStr((unsigned char*)szDataIn, szHex, 16);
  cout << szHex << endl;
}
catch(exception& roException)
{
  cout << roException.what() << endl;
}

In the next code snippet example, a block and key size of 16 bytes are applied to a larger block of data of size 48 bytes (the block of data size should be a multiple of the block size). The initial chain block is a null block. The block "ababababccccccccababababccccccccababababcccccccc" is encrypted and then decrypted back in all the operation modes (ECB, CBC and CFB).

try
{
  CRijndael oRijndael;
  oRijndael.MakeKey("1234567890123456", CRijndael::sm_chain0, 16, 16);
  char szDataIn1[49] = "ababababccccccccababababccccccccababababcccccccc";
  char szDataIn[49];
  char szDataOut[49];
  memset(szDataIn, 0, 49);
  memset(szDataOut, 0, 49);

  //Test ECB
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oRijndael.Encrypt(szDataIn, szDataOut, 48, CRijndael::ECB);
  memset(szDataIn, 0, 49);
  oRijndael.Decrypt(szDataOut, szDataIn, 48, CRijndael::ECB);

  //Test CBC
  oRijndael.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oRijndael.Encrypt(szDataIn, szDataOut, 48, CRijndael::CBC);
  memset(szDataIn, 0, 49);
  oRijndael.ResetChain();
  oRijndael.Decrypt(szDataOut, szDataIn, 48, CRijndael::CBC);

  //Test CFB
  oRijndael.ResetChain();
  strcpy(szDataIn, szDataIn1);
  memset(szDataOut, 0, 49);
  oRijndael.Encrypt(szDataIn, szDataOut, 48, CRijndael::CFB);
  memset(szDataIn, 0, 49);
  oRijndael.ResetChain();
  oRijndael.Decrypt(szDataOut, szDataIn, 48, CRijndael::CFB);
}
catch(exception& roException)
{
  cout << "Exception: " << roException.what() << endl;
}

I am interested in any opinions and new ideas about this implementation. The project AES.zip attached to this article is including the source code of the presented CRijndael class and a test code.

History

  • 8 Nov 2002 - updated download.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

George Anescu
Web Developer
Romania Romania
No Biography provided

Comments and Discussions

 
Questioncompile error PinmemberMember 777178619-Sep-13 7:08 
AnswerRe: compile error Pinmemberrasteron@live.com19-Sep-13 15:32 
GeneralPlease change the default mode away from ECB (security issue with default values!) PinmemberSeikilos16-Sep-13 23:30 
QuestionHow to encrypt a wide char (UTF -16) array? PinmemberMichael B Pliam22-Jun-13 20:37 
QuestionSo many issues in the code than anyone could even think! Pinmemberarvin8teen10-Jan-13 19:00 
AnswerRe: So many issues in the code than anyone could even think! PinmemberNah Naho7-Aug-14 12:21 
Questionportability between Linux and Windows? PinmemberSpike!14-Jun-12 12:24 
QuestionProblem with control characters? PinmemberJasonSTAL30-Jul-11 15:26 
GeneralDoesn't work on Japanese OS Pinmemberrajeshb7927-Jul-11 6:14 
GeneralDoes Rijndael only work on ascii text? PinmemberSpike!14-Jun-12 12:25 
Generalhow to work if i have rijndale 256? PinmemberFmeli8-Jun-11 4:08 
Generalinteroperability with openssl Pinmemberjogad5-Mar-11 4:18 
Questionhelp: what are the arrays: sm_T1 sm_T2 sm_T3 sm_T4...... sm_U1... sm_U4? PinmemberKalmah18-Feb-11 22:48 
GeneralHelp, point..... Pinmemberphuctt17-Aug-10 22:15 
GeneralRe: Help, point..... [modified] PinmemberBkg6-Oct-10 5:19 
GeneralRe: Help, point..... PinmemberJohn Tan Jin Kiat23-Jan-11 20:19 
GeneralMy vote of 3 Pinmembermod16016-Aug-10 10:05 
GeneralAES Mode ECB encryption result not compatible with JCE AES Pinmemberali_alaoui4-Oct-08 11:30 
GeneralRe: AES Mode ECB encryption result not compatible with JCE AES PinmemberUmut Simsekli4-Mar-09 23:50 
QuestionHave a Bug!!! Pinmembershycoffee19-Sep-08 23:17 
AnswerRe: Have a Bug!!! Pinmemberduanfh8208-Nov-09 21:40 
QuestionHave a Bug!!! Pinmembershycoffee19-Sep-08 23:15 
QuestionBinary files (images) Pinmemberseva.feldman20-Jul-08 5:04 
GeneralMy string is not a multiple of 16! Pinmembermark-w3-Jan-08 17:19 
GeneralRe: My string is not a multiple of 16! Pinmemberleedemon13-Mar-08 16:52 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140826.1 | Last Updated 8 Nov 2002
Article Copyright 2001 by George Anescu
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid