Is STs crypt lib compatible with openssl encrypted content?

hanspeter · ‎2013-11-09

Posted on November 09, 2013 at 13:03

Hello Everyone,

Does anybody know, how exactly to use STs crypto library (V2.0.6 for STM32F427) such that it behaves / is compatible with openssl?

i.e. generating an encrypted file via:

openssl enc $encryption -p -e -in $inputFile -out $outputFile -K $key -iv $iv

I'm using AES-128-CBC as encryption mode

with e.g.:

key=80880964C96E0420BD76097325E90C72

iv =1695FB863212FE678E315A313AACAB38

and then trying to decrypt it with the ST library does not seem to work, i.e. the 'clear text' is not clear at all...

What I did so far:

key and iv have been put into a uint8_t array in the order of bytes, as they appear in the hex-strings above, i.e. aKey[] = { 0x80, 0x88, etc. }

Same with IV.

This should work like this, shouldn't it?

Or do I have to swap certain byte / word order?

Your help is very much appreciated.

Regards

Hanspeter

#stm32f4 #crypto

Tesla DeLorean · ‎2013-11-09

Posted on November 09, 2013 at 16:31

Well the HASH unit had certain block/word alignment requirements, routines expecting to pass arbitrary byte lengths need additional buffering.

The CRYPT units operate in a straight forward manner, start with small test blocks until you are comfortable with the behaviour, and review the source of the open library.

In terms of the KEY/IV you could readily try reversing the ordering you have now. Just 4 permutations there. Ideally you should be able to parse cut-n-paste input strings rather than try to hard code byte sequences.

Can't say I've played with openssl, but have used the AES units on F215 and F439 parts.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..

hanspeter · ‎2013-11-11

Posted on November 11, 2013 at 09:11

Thanks for your input.

Permuting the inputs (key and iv) I've already done; but to no success so far...

Now I've found an alternative open source library which seems to work all right.

So for me, the problem is solved for the moment.

Regards

Hanspeter

martin239955_stm1_st · ‎2015-07-15

Posted on July 15, 2015 at 17:04

-

Tesla DeLorean · ‎2015-07-15

Posted on July 15, 2015 at 17:28

Are you using an STM32 part with hardware CRYPT/HASH support?

For F2/F4 support of the ''STM32 Cryptographic library package V2.0.6'' you need to enable the CRC peripheral for it to function properly.

I don't know how OPENSSL chains from block to block, or how the library handles/supports that. You'll likely have to experiment until you're comfortable with the mechanics end-to-end. The only reason to use the ST library is if you think it's significantly better optimized than other open or Cortex-Mx tuned solutions.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..