2017-10-12 02:55 PM
Hardware and Software Versions:
MCU: STM32F767ZI Nucleo Board
En X Cube CryptoLib V3.1.0
Cube MX Version 4.22.1
Latest System Workbench 6 installation.
Problem:
Using AES 256 in CBC mode attempting to encrypt block of data on the Host which is the PC, and decrypt that same block on the MCU using the CryptoLib. Encryption on host is done correctly, decryption of the first block of data is done correctly on the MCU, but decryption of the second block of data fails(Bytes 16-31). Below is my test code.
uint8_t KeyTemp[32];
uint8_t KeyIvTemp[16]; uint8_t DataRaw[32]; uint8_t DataEncrypted[32];for(int i = 0; i < 32; i++)
{ KeyTemp[i] = (uint8_t)i; DataRaw[i] = 0; } for(int i = 0; i < 16; i++) { KeyIvTemp[i] = (uint8_t)i; } DataEncrypted[0] = 242; DataEncrypted[1] = 144; DataEncrypted[2] = 0; DataEncrypted[3] = 182; DataEncrypted[4] = 42; DataEncrypted[5] = 73; DataEncrypted[6] = 159; DataEncrypted[7] = 208; DataEncrypted[8] = 169; DataEncrypted[9] = 243; DataEncrypted[10] = 154; DataEncrypted[11] = 106; DataEncrypted[12] = 221; DataEncrypted[13] = 46; DataEncrypted[14] = 119; DataEncrypted[15] = 128; DataEncrypted[16] = 149; DataEncrypted[17] = 67; DataEncrypted[18] = 187; DataEncrypted[19] = 111; DataEncrypted[20] = 192; DataEncrypted[21] = 70; DataEncrypted[22] = 250; DataEncrypted[23] = 136; DataEncrypted[24] = 58; DataEncrypted[25] = 148; DataEncrypted[26] = 70; DataEncrypted[27] = 184; DataEncrypted[28] = 46; DataEncrypted[29] = 71; DataEncrypted[30] = 209; DataEncrypted[31] = 45;aesCTX.mIvSize = 16;
aesCTX.mKeySize = 32; aesCTX.mFlags = E_SK_DEFAULT; aeserror = AES_CBC_Decrypt_Init(&aesCTX, (uint8_t*)KeyTemp, (uint8_t*)KeyIvTemp);aeserror = AES_CBC_Decrypt_Append(&aesCTX,(uint8_t*)DataEncrypted,32,DataRaw,&aesoutputsize);
aeserror = AES_CBC_Decrypt_Finish(&aesCTX,(uint8_t*)DataRaw,&aesoutputsize);The decryption only works for the first 16 bytes, fails for the next 16 bytes. The following website shows what the decryption should be
http://aes.online-domain-tools.com/link/eea909ghxsatKRjSA/
.This is what i get when i run it.
Which is wrong since the plaintext goes from 0-31.
Anyone know what im doing wrong?
-Andriy
Solved! Go to Solution.
2017-10-12 10:51 PM
DataEncrypted[18] = 187; // This should be 184
2017-10-12 03:31 PM
For ST code make sure the clock is enabled on the CRC Peripheral, it is how they lock the libraries to the STM32 parts.
__CRC_CLK_ENABLE ();I'll take a look at the data a bit later..
2017-10-12 07:38 PM
>>
Encryption on host is done correctly, ...
I'm not convinced, show how you did it.
Your input data is flawed, using entirely different AES-256 code I get
0000 : 00 01 02 03 04 05 06 07-08 09 0A 0B 0C 0D 0E 0F ................
0010 : 44 F4 41 0E 50 24 30 88-55 41 46 07 17 8C 86 F2 D.A.P$0.UAF.....2017-10-12 07:53 PM
KEYLENGTH 32
BLOCKSIZE 16Plain
CRC32 6ED98175
0000 : 00 01 02 03 04 05 06 07-08 09 0A 0B 0C 0D 0E 0F ................0010 : 10 11 12 13 14 15 16 17-18 19 1A 1B 1C 1D 1E 1F ................Crypted
CRC32 5443FD6D0000 : F2 90 00 B6 2A 49 9F D0-A9 F3 9A 6A DD 2E 77 80 ....*I.....j..w.0010 : 95 43 B8 6F C0 46 FA 88-3A 94 46 B8 2E 47 D1 2D .C.o.F..:.F..G.-DataEncrypted[ 0] = 242; // F2
DataEncrypted[ 1] = 144; // 90DataEncrypted[ 2] = 0; // 00DataEncrypted[ 3] = 182; // B6DataEncrypted[ 4] = 42; // 2ADataEncrypted[ 5] = 73; // 49DataEncrypted[ 6] = 159; // 9FDataEncrypted[ 7] = 208; // D0DataEncrypted[ 8] = 169; // A9DataEncrypted[ 9] = 243; // F3DataEncrypted[10] = 154; // 9ADataEncrypted[11] = 106; // 6ADataEncrypted[12] = 221; // DDDataEncrypted[13] = 46; // 2EDataEncrypted[14] = 119; // 77DataEncrypted[15] = 128; // 80DataEncrypted[16] = 149; // 95DataEncrypted[17] = 67; // 43DataEncrypted[18] = 184; // B8DataEncrypted[19] = 111; // 6FDataEncrypted[20] = 192; // C0DataEncrypted[21] = 70; // 46DataEncrypted[22] = 250; // FADataEncrypted[23] = 136; // 88DataEncrypted[24] = 58; // 3ADataEncrypted[25] = 148; // 94DataEncrypted[26] = 70; // 46DataEncrypted[27] = 184; // B8DataEncrypted[28] = 46; // 2EDataEncrypted[29] = 71; // 47DataEncrypted[30] = 209; // D1DataEncrypted[31] = 45; // 2DDecrypted
CRC32 6ED981750000 : 00 01 02 03 04 05 06 07-08 09 0A 0B 0C 0D 0E 0F ................0010 : 10 11 12 13 14 15 16 17-18 19 1A 1B 1C 1D 1E 1F ................My guess is that your encryption code is miss applying the IV and that feeds through
2017-10-12 07:54 PM
See schema in first answer here related to CBC and IV application
2017-10-12 09:51 PM
I have studied the CBC mode and why IV is needed. The keys and values im using arent random so i can see it work.
Encryption was done in C# and since the first 16 bytes were decrypted correctly that must mean the rest were also encrypted correctly. Also this(
/external-link.jspa?url=http%3A%2F%2Faes.online-domain-tools.com%2Flink%2Feea909ghxsatKRjSA%2F
) site is an online AES decryptor and when i feed in those keys with the ciphertext i get exactly what i expect as the decrypted data. This leads me to believe the issue is somehow on the MCU decryption side.If you want to try replicate what im doing here is the C# code:
AesManaged myAes = new AesManaged();
byte[] IV = new byte[16];
byte[] key = new byte[32]; byte[] plaintext = new byte[32]; byte[] ciphertext = new byte[32];for(int i = 0; i < 32; i++)
{ key[i] = (byte)i; plaintext[i] = (byte)i; if(i < 16) { IV[i] = (byte)i; } }myAes.Mode = CipherMode.CBC;
myAes.IV = IV; myAes.Key = key; myAes.Padding = PaddingMode.None;// Create a encryption object to perform the stream transform.
ICryptoTransform encryptor = myAes.CreateEncryptor(); encryptor.TransformBlock(plaintext, 0, 32, ciphertext, 0);And hereare the values of the ciphertext at the end of executing the above:
Also side note tried _CRC_CLK_ENABLE(); right after the rest of the initialization no difference.
-Andriy
2017-10-12 10:51 PM
DataEncrypted[18] = 187; // This should be 184
2017-10-12 11:11 PM
Wow, such a dumb mistake on my part. Thanks
-Andriy