2016-02-16 7:01 AM
Hi! I'm using the X-CUBE-CRYPTOLIB (AES-256-ECB) on the STM3220 devboard using System Workbench (GCC) with no luck.
I set the config.h file (tried every permutation nearly), my project compiles successfully, and I am able to run my test program in which I want to encrypt an array then decrypt it immediately. Upon doing so I don't get the original plaintext back (some mumbo-jumbo only). I think I might be missing something small but significant (I used the non X- version in Keil before, and it had a Crypto_Deinit() function which this X- version doesn't have). I pasted my sample code below, can anyone help me?uint8_t key_enc_256[CRL_AES256_KEY]= AES256_KEY;
uint8_t iv[CRL_AES_BLOCK]= AES256_IV;
AESECBctx_stt AESctx_enc; /* The AES context */
AESECBctx_stt AESctx_dec; /* The AES context */
uint8_t test_plain[256];
uint8_t test_cypher[256];
/**
* \brief Initializes AES encrypt/decrypt contexts
* \param None
* \retval None
*/
void AES_init()
{
uint8_t retval;
int32_t i;
/* Initialize Context Flag with default value */
AESctx_enc.mFlags = E_SK_DEFAULT;
/* Set Iv size to 16 NOT USED IN ECB*/
AESctx_enc.mIvSize=32;
/* Set key size to 32 */
AESctx_enc.mKeySize=CRL_AES256_KEY;
/* Initialize Context Flag with default value */
AESctx_dec.mFlags = E_SK_DEFAULT;
/* Set Iv size to 16 NOT USED IN ECB*/
AESctx_dec.mIvSize=32;
/* Set key size to 32 */
AESctx_dec.mKeySize=CRL_AES256_KEY;
retval = AES_ECB_Encrypt_Init(&AESctx_enc, key_enc_256, iv);
if(retval != AES_SUCCESS)
{ while(1); }
retval = AES_ECB_Decrypt_Init(&AESctx_dec, key_enc_256, iv);
if(retval != AES_SUCCESS)
{ while(1); }
for(i = 0; i < 256; i++)
{
test_plain[i] = 0;
}
retval = AES_ECB_Encrypt_Append(&AESctx_enc,test_plain,256,test_cypher,&i);
if(retval != AES_SUCCESS)
{ while(1); }
retval = AES_ECB_Decrypt_Append(&AESctx_dec,test_cypher,256,test_plain,&i);
if(retval != AES_SUCCESS)
{ while(1); }
}2016-02-16 8:06 AM
Hi Daniel,
You have to enable CRC using this macro: __CRC_CLK_ENABLE (); -Syrine-2016-02-16 7:41 PM
Hopefully you're using the STM32F217!
STM32F207 does not have the crypto hardware! It would have to be a completely firmware solution.Regards,Carl.2016-02-17 4:07 PM
2016-02-18 1:30 AM
Please avoid using AES in ECB mode if you can do that, you are significantly increasing the chances of successful attack on your implementation.
If you must use AES, use it in GCM mode (the AES_GCM_* functions). There are some timing attacks on GCM mode when it is implemented using software (vs hardware) but it's much, much better (when used correctly) than ECB.2016-02-18 2:22 AM
As far as I understand GCM is close to CBC in the sense that both algorithms use a ''memory'' state. This makes them unusable in my application for communication specific reasons (I encrypt some bigger chunk of data and send it via a not too failsafe communication path, so if one packet fails it corrupts all the consequent data blocks as the memory state isn't updated properly).
2016-02-18 3:41 AM
Thanks a lot Syrine! It solved the problem!
