FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Procedure for Sending AES-ECB Encrypted Data to STM32WLE5 for Decryption

sandeep_kumar_v
Associate II

‎2026-02-05 4:01 AM

Hi,

I'm using two STM32WLE5 LoRa as TX and RX and added AES-ECB Encryption with Hardware Accelerator in the TX side and receive and decrypt it in RX side with the same Key. Now I want to change the TX module and want to implement same logic of AES Encryption in the TX side. Is there any documentation on how that can be implemented in the C/Python code for sending the same data with different module?

 

I have used PyCryptodome Python library for sending the data with encryption but it didn't work as expected. So, Is there any other library or documentation for implementing Encryption by which Receiver can be able to decrypt as before?

Configuration of AES in Both TX and RX sidesConfiguration of AES in Both TX and RX sides

Any insights or guidance would be greatly appreciated.

Thanks in Advance.

 

Labels:
0 Kudos
2 REPLIES 2
sandeep_kumar_v
Associate II

‎2026-02-05 10:32 PM - last edited on ‎2026-04-08 10:46 AM by

I have tested AES Encryption in the TX side and found that the encrypted data is not same as that mentioned in the https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf file. Is there any configuration mismatch for the encryption?

 

sandeep_kumar_v_0-1770359041609.png

 

I have got the output as follows:

Actual Data:
6b c1 be e2 2e 40 9f 96 e9 3d 7e 11 73 93 17 2a
Encrypted Data:
7c 64 5e ae 8 8d 5b 97 10 bc 96 a9 9 35 e1 4b

 

Code is as follows:

CRYP_HandleTypeDef hcryp;
__ALIGN_BEGIN static const uint32_t pKeyAES[4] __ALIGN_END = {
0x2B7E1516,0x28AED2A6,0xABF71588,0x09CF4F3C};

/* AES init function */
void MX_AES_Init(void)
{

/* USER CODE BEGIN AES_Init 0 */

/* USER CODE END AES_Init 0 */

/* USER CODE BEGIN AES_Init 1 */

/* USER CODE END AES_Init 1 */
hcryp.Instance = AES;
hcryp.Init.DataType = CRYP_DATATYPE_32B;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
hcryp.Init.pKey = (uint32_t *)pKeyAES;
hcryp.Init.Algorithm = CRYP_AES_ECB;
hcryp.Init.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
hcryp.Init.HeaderWidthUnit = CRYP_HEADERWIDTHUNIT_BYTE;
hcryp.Init.KeyIVConfigSkip = CRYP_KEYIVCONFIG_ALWAYS;
if (HAL_CRYP_Init(&hcryp) != HAL_OK)
{
Error_Handler();
}
/* USER CODE BEGIN AES_Init 2 */

/* USER CODE END AES_Init 2 */

}

 

Encryption Block:

APP_LOG(TS_OFF, VLEVEL_L, "Actual Data:\n");
for(int i=0; i< bytes_to_send + bytes_to_pad; i++){
APP_LOG(TS_OFF, VLEVEL_L, "%x ", Tx_Buffer[i]);
}
APP_LOG(TS_OFF, VLEVEL_L, "\n");
status = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)Tx_Buffer, (bytes_to_send + bytes_to_pad), (uint32_t*)Tx_Buffer_enc, 10);
APP_LOG(TS_OFF, VLEVEL_L, "Encryptrd Data:\n");
for(int i=0; i< bytes_to_send + bytes_to_pad; i++){
APP_LOG(TS_OFF, VLEVEL_L, "%x ", Tx_Buffer_enc[i]);
}
APP_LOG(TS_OFF, VLEVEL_L, "\n");

 

Do I need to change any configuration in AES Encryption to work as expected?

0 Kudos
Onizuka09
ST Employee

‎2026-04-06 10:59 AM - edited ‎2026-04-10 7:41 AM

hello @sandeep_kumar_v,
The NIST vector example is 16 bytes long, so there is no need for padding.
If you are declaring the NIST plaintext as a byte array:

uint8_t tmp [] = { 0x6b, 0xc1, 0xbe ,0xe2 ,0x2e ,0x40 ,0x9f ,0x96 ,0xe9 ,0x3d ,0x7e ,0x11 ,0x73 ,0x93 ,0x17 ,0x2a} ;

 

Change the data type to enable BYTE swapping as follows:

  hcryp.Init.DataType = CRYP_DATATYPE_8B ; // BYTE_SWAP

Best regards,

0 Kudos
Top