LUA Aes library?

is there any AES 128 library available for Edge driver?

There is an SSL library but I haven’t seen a stand-alone AES one.

Did you look in the luarocks libraries? There are a few AES-related modules listed there:

aes_everywhere by mervick — downloads: 256
Cross Language AES256 Encryption Library. Lua implementation
bgcrypto-aes by moteus — downloads: 3,906
AES encryption library
AesFileEncrypt by moteus — downloads: 841
A simple file encryption library
lua-resty-crypto by moorefu — downloads: 55
ZipWriter by moteus — downloads: 9,501
Library for creating ZIP archive for Lua
luagcrypt by Lekensteyn — downloads: 49.7k
A Lua interface to the Libgcrypt library
sqlcipher by z7z8th — downloads: 124
SQLCipher is a security extension to SQLite3 database library
lua-easy-crypto by szeist — downloads: 2,881
Simple interface for password based AES-256-GCM encryption and decryption.
1 Like

I doubt that it’s even possible to install dependencies to ST. At least here were none mentions how to do it.

Most of the libraries in the given list is based on “resty” and LuaJIT FFI bindings for Nettle (a low-level cryptographic library)

I am not a real Lua programmer but I suppose
FFI requires .so file specific for a platform.

And it is not common x86 or x64 architectures, that makes a simple task very difficult.

You can include whatever Lua modules you need in your src directory. Whatever dependencies you include there will get included and installed to the hub as part of your driver package.

But yea, AES can get pretty messy. I wouldn’t give up, though. You may just need some guidance from the ST team. Maybe @nayelyz or @erickv can advise you further.

Thanks for your input @TAustin.
Up to now, no AES is supported directly by the SmartThings Lua library but the engineering team is aware of its benefits.
For now, @venua, you will have to import it yourself, you just need to consider the following:

  • All third-party library integration must be “pure” Lua, this means that it isn’t dependent on any native code/shared libraries/FFI (those are prohibited for security and portability reasons).

This library seems to provide a number of crypto primitives implemented in pure Lua. I cannot vouch for its correctness, though but you can take a look at it.

2 Likes

I got an error “no bitwise support found”

You need to add a bitop library (written in pure lua). I have used GitHub - AlberTajuelo/bitop-lua: Bitwise operators in pure Lua using Lua numbers successfully in my drivers.

is the bittop compatible with lua-lockbox?
also, bitwise operators in lua should be VERY slow

Haven’t tested it with lua-lockbox. A pure LUA bitop library is the only choice until ST add a native library.

I will be waiting for the AES-128 library from ST then

Bitwise operations are natively supported in lua 5.3 so libs like bit32 are not required as was the case in lua5.2 and prior versions. It looks like lua 5.3 support just hasn’t been implemented in lua-lockbox.

I think a contribution to add a polyfill like the following to the library would be a reasonable approach: Cheap way to add Lua 5.3 partial bit32 compatibility. You can try that out in a fork and contribute the patch to upstream. That post shows the fairly standard bitwise operators that were added in lua 5.3.