cancel
Showing results for 
Search instead for 
Did you mean: 

Why the STM32_AES_CBC_Encrypt function doesn't return multiple of 64 bytes encrypted message

emil28
Senior

Hi,

I am using the function STM32_AES_CBC_Encrypt from the ST library Crypto 3.1.0. I don't understand why this function doesn't give me an encrypted message which is a multiple of 64 bytes.

For example, I would like to encrypt "thisisatest12345". The function returns a tab which is the same size of the original tab:

0693W000004ImLsQAK.jpg

Thes encrypted message is "0x1E 0xDD 0x1B 0x2A 0x8B 0xA6 0xDC 0x5E 0xBE 0xD6 0x9D 0x78 0xA4 0xA9 0xCA 0x3B ". Following the website https://www.devglan.com/online-tools/aes-encryption-decryption, the encypted message should be "1EDD1B2A8BA6DC5EBED69D78A4A9CA3B813290DF65F7ABD59239929768C8603F", which is 64 bytes. But, when I transform the encrypted message into Base 64, I have the same result as the previsous website, but there is a missing part:

From website;

0693W000004ImRgQAK.jpg

From my code:

0693W000004ImRDQA0.jpg

The beginning is the same, but a part is missing, and I don't know why.

Can you help me, I don't know how to solve this problem.

Thanks.

12 REPLIES 12
emil28
Senior

I made some progress concerning this issue. Even the project for the Nucleo F401RE from the ST library doesn't work. I have this warning:

0693W000004Ivt5QAC.jpg

I am working on IAR 8.42.2. Does this problem come from my IAR version or from the ST library ?

Jocelyn RICARD
ST Employee

Hello Emil,

I don't understand your issue on first post. AES constraint is 16 bytes alignment only.

Regarding this wchar_t size, you need to get a patch of the crypto library that includes the binaries compiled with IAR8.

Best regards

Jocelyn

emil28
Senior

Hello Jocelyn,

Thanks for your answer. Yes, AES is 16 bytes alignment. I used the cyrptoLib patch V3.1.3 and I don't have the warning anymore.

But I still have a problem: the result of the function " STM32_AES_CBC_Encrypt" always gives me an array which is the same lenght of the entry array. For example, if I have an array of 20 bytes to encrypt, the encrypted result will be also 20 bytes... The result should a multiple of 16 bytes ?

I am working on the stm32l476ccu6.

0693W0000059lh5QAA.jpg 

 Does the buffer to be encrypted need to be a multiple of 16 bytes ?

emil28
Senior

Hello,

I really need an answer because I don't understand how this function works.

Thanks.

@emil28​ If you encrypt multiples of 16 bytes, do you get correct results ?

-- pa

Hello,

Yes, if I encrypt multiples of 16 bytes, I get the correct results. The function doesn't work if I encrypt an array which is not a multiple of 16 bytes.

emil28
Senior

Hello,

Another question, is it possible to use PKCS5 padding with this library ? I don't find informations about this in the documentation.

I am a little bit disappointed by the lack of information from ST about this subject...

Hello Emil,

I'm not sure to catch your point. If you need to encrypt a buffer that is not aligned with 16 bytes, just pad it to make it aligned and encrypt it.

Best regards

Jocelyn

Jocelyn RICARD
ST Employee

Hello Emil,

the documentation of the X-CUBE-CRYPTOLIB is UM1924

https://www.st.com/resource/en/user_manual/dm00215061-stm32-crypto-library-stmicroelectronics.pdf

The is no PKCS5 mentioned in this documentation meaning this is not supported.

What kind of information would you expect ?

Best regards

Jocelyn