cancel
Showing results for 
Search instead for 
Did you mean: 

AES-CCM encryption with stm32l496

adityarajchauhan051
Associate II

Hi, i am using stm32l496 and bluenrg module. i want to implement AES-CCM encryption but I don't have any idea about the implementation and also I don't have library for aes-ccm. please help me.

9 REPLIES 9
Jocelyn RICARD
ST Employee

Hello @adityarajchauhan051 ,

you can use the X-CUBE-CRYPTOLIB

Documentation is provided in the wiki pages here

It provides library and examples. You can use it on STM32L496.

Best regards

Jocelyn

adityarajchauhan051
Associate II

i am checking this library but i am not able to find the CCM example. cipher block chaining example is their but I need message authentication also. please help me.

 

Hello @adityarajchauhan051 ,

you can reuse the GCM example and replace GCM by CCM.

something like this:

  retval = cmox_aead_encrypt(CMOX_AES_CCM_ENC_ALGO,                  /* Use AES GCM algorithm */
                             Plaintext, sizeof(Plaintext),           /* Plaintext to encrypt */
                             sizeof(Expected_Tag),                   /* Authentication tag size */
                             Key, sizeof(Key),                       /* AES key to use */
                             IV, sizeof(IV),                         /* Initialization vector */
                             AddData, sizeof(AddData),               /* Additional authenticated data */
                             Computed_Ciphertext, &computed_size);   /* Data buffer to receive generated ciphertext
                                                                        and authentication tag */

Best regards

Jocelyn

 

Hello @adityarajchauhan051 ,

please find the updated main.c file to support AES CCM.

I provide main.c for STM32L4 and STM32U5. I tested only on STM32U5 and merge the changes on STM32L4.

So, to use this CCM implementation, please start from  AES GCM project example and replace the main.c file. 

Best regards

Jocelyn

adityarajchauhan051
Associate II

thanks for your help. can you also guide me to how to decode this in mobile side. 

Jocelyn RICARD
ST Employee

Hello @adityarajchauhan051 ,

I'm supporting STM32 only. I would suggest using ChatGPT together with internet resources for that

Best regards

Jocelyn

Hi @Jocelyn RICARD,

 

I use STM32WB55.

How to use the cmox_aead_decrypt function with CMOX_AES_CCM_DEC_ALGO with unknown tag size and unknown addData because Android app encrypts the message using the following code that has not tag/addData infos.

 

If I put tag size = 0, addData = null, I always got CMOX_CIPHER_ERR_BAD_PARAMETER.

 

Here is Android code to encrypt:

SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey, "AES");
//IvParameterSpec parameterSpec = new IvParameterSpec(iv);
IvParameterSpec parameterSpec = new IvParameterSpec(new byte[12])
Cipher cipher = Cipher.getInstance("AES/CCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, parameterSpec);
return cipher.doFinal(message);

Here is STM32 fw code : 

 cretval = cmox_aead_decrypt(CMOX_AES_CCM_DEC_ALGO, /* Use AES CBC algorithm */
blePkocEncryptedData, encryptedDataLen, /* Ciphertext to decrypt */
0,
blePkocSharedKeyData, sizeof(blePkocSharedKeyData), /* AES key to use */
IV, sizeof(IV), /* Initialization vector */
NULL, 0,
blePkocDecryptedData, &computed_size); /* Data buffer to receive generated plaintext */

Hello @GSain.1 ,

This question is not related to the original post.

Please create a new post when you have a new question. This will easier to find it later.

Thank you

Best regards

Jocelyn

Hi @Jocelyn RICARD ,

 

I modified the following code in STM32 device

        cretval = cmox_aead_decrypt(CMOX_AES_CCM_DEC_ALGO,                         /* Use AES CBC algorithm */
                       blePkocEncryptedData, encryptedDataLen,                      /* Ciphertext to decrypt */
                       //sizeof(Expected_Tag),
                       16,
                       blePkocSharedKeyData, sizeof(blePkocSharedKeyData),          /* AES key to use */
                       IV, sizeof(IV),                                             /* Initialization vector */
                       NULL, 0,
                       blePkocDecryptedData, &computed_size);                      /* Data buffer to receive generated plaintext */

I always got CMOX_CIPHER_ERR_BAD_PARAMETER :(

 

I am able to decrypt the encrypted message with CBC algo.

 

Thanks

Gregory