diff --git a/mbed_aes_gcm/.gitignore b/mbed_aes_gcm/.gitignore new file mode 100644 index 0000000..eb261ea --- /dev/null +++ b/mbed_aes_gcm/.gitignore @@ -0,0 +1,3 @@ +out.dSYM +out +*.o diff --git a/templates/blackpill/Src/Makefile b/mbed_aes_gcm/Makefile similarity index 100% rename from templates/blackpill/Src/Makefile rename to mbed_aes_gcm/Makefile diff --git a/templates/blackpill/Src/aes.c b/mbed_aes_gcm/aes.c similarity index 100% rename from templates/blackpill/Src/aes.c rename to mbed_aes_gcm/aes.c diff --git a/templates/blackpill/Src/aes.h b/mbed_aes_gcm/aes.h similarity index 100% rename from templates/blackpill/Src/aes.h rename to mbed_aes_gcm/aes.h diff --git a/mbed_aes_gcm/api.h b/mbed_aes_gcm/api.h new file mode 100644 index 0000000..c3c0a27 --- /dev/null +++ b/mbed_aes_gcm/api.h @@ -0,0 +1,5 @@ +#define CRYPTO_KEYBYTES 16 +#define CRYPTO_NSECBYTES 0 +#define CRYPTO_NPUBBYTES 12 +#define CRYPTO_ABYTES 16 +#define CRYPTO_NOOVERLAP 1 diff --git a/templates/blackpill/Src/cipher.c b/mbed_aes_gcm/cipher.c similarity index 100% rename from templates/blackpill/Src/cipher.c rename to mbed_aes_gcm/cipher.c diff --git a/templates/blackpill/Src/cipher.h b/mbed_aes_gcm/cipher.h similarity index 100% rename from templates/blackpill/Src/cipher.h rename to mbed_aes_gcm/cipher.h diff --git a/templates/blackpill/Src/cipher_internal.h b/mbed_aes_gcm/cipher_internal.h similarity index 100% rename from templates/blackpill/Src/cipher_internal.h rename to mbed_aes_gcm/cipher_internal.h diff --git a/templates/blackpill/Src/cipher_wrap.c b/mbed_aes_gcm/cipher_wrap.c similarity index 100% rename from templates/blackpill/Src/cipher_wrap.c rename to mbed_aes_gcm/cipher_wrap.c diff --git a/mbed_aes_gcm/config.h b/mbed_aes_gcm/config.h new file mode 100644 index 0000000..953afea --- /dev/null +++ b/mbed_aes_gcm/config.h @@ -0,0 +1,5 @@ +#pragma once +#define MBEDTLS_GCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_AES_C +#define MBEDTLS_SELF_TEST diff --git a/mbed_aes_gcm/crypto_aead.h b/mbed_aes_gcm/crypto_aead.h new file mode 100644 index 0000000..d913c00 --- /dev/null +++ b/mbed_aes_gcm/crypto_aead.h @@ -0,0 +1,64 @@ +/* Reference implementation of ACE-128 AEAD + Written by: + Kalikinkar Mandal + */ + +typedef unsigned long long u64; + +int ace_init( + unsigned char *state, + const unsigned char *npub, + const unsigned char *k + ); +int ace_ad( + unsigned char *state, + const unsigned char *ad, + const u64 adlen + ); + +int ace_gentag( + unsigned char *tag, + const unsigned char tlen, + unsigned char *state, + const unsigned char *k + ); +int crypto_encrypt( + unsigned char *c,unsigned long long *clen, + const unsigned char *m,unsigned long long mlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k + ); + +int crypto_decrypt( + unsigned char *m,unsigned long long *mlen, + unsigned char *nsec, + const unsigned char *c,unsigned long long clen, + const unsigned char *npub, + const unsigned char *k + ); + +int crypto_aead_encrypt( + unsigned char *c, unsigned long long *clen, + const unsigned char *m, unsigned long long mlen, + const unsigned char *ad, unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k +); + +int crypto_aead_decrypt( + unsigned char *m, unsigned long long *mlen, + unsigned char *nsec, + const unsigned char *c, unsigned long long clen, + const unsigned char *ad, unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k +); + +int ace_gentag( + unsigned char *tag, + const unsigned char tlen, + unsigned char *state, + const unsigned char *k + ); diff --git a/templates/blackpill/Src/mygcmmain.c b/mbed_aes_gcm/example_decryption.c similarity index 50% rename from templates/blackpill/Src/mygcmmain.c rename to mbed_aes_gcm/example_decryption.c index b292efc..fdb53a3 100644 --- a/templates/blackpill/Src/mygcmmain.c +++ b/mbed_aes_gcm/example_decryption.c @@ -1,46 +1,46 @@ #include "gcm.h" #include "platform_util.h" +#include "api.h" #include +#include "crypto_aead.h" static void single_encryption(void) { - mbedtls_gcm_context ctx; - unsigned char buf[64]; - unsigned char tag_buf[16]; - int ret; - mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; // 32 bytes.. that's 256 bits - const unsigned char key[32] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + const unsigned char k[32] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }; - unsigned char plaintext[64] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, - 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, - 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, - 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, - 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, - 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, - 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, - 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }; - unsigned char expected_ciphertext[64] = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + unsigned char c[64] = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, - 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85}; - const unsigned char initial_value[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, +0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85}; + unsigned char npub[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }; - const unsigned char additional[] = {}; + unsigned char ad[1400]; + unsigned long long adlen = 0; + unsigned long long mlen = 0; + unsigned long long clen = 64; + unsigned char m[1400]; + unsigned char nsec[CRYPTO_NSECBYTES]; - mbedtls_gcm_init( &ctx ); - // 128 bits, not bytes! - ret = mbedtls_gcm_setkey( &ctx, cipher, key, 128 ); - ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, 64, initial_value, 12, additional, 0, plaintext, buf, 16, tag_buf); - mbedtls_gcm_free( &ctx ); - if (memcmp(buf, expected_ciphertext, 64) == 0) { - printf("Local test workerino!\n"); + //mbedtls_gcm_init( &ctx ); + // 128 bits, not bytes! + //ret = mbedtls_gcm_setkey( &ctx, cipher, key, 128 ); + + // Context, flag (1/0), length, nonce, nonce_len, AD, AD_len, PT, output, tag_len, tag + //ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, 64, initial_value, 12, additional, 0, plaintext, buf, 16, tag_buf); + //mbedtls_gcm_free( &ctx ); + + int res; + + res = crypto_aead_decrypt(m, mlen, nsec, c, clen, ad, adlen, npub, k); + if (res == 0) { + printf("Local decryption test workerino!\n"); } else { printf("Local test failed -.-\n"); } @@ -48,7 +48,7 @@ static void single_encryption(void) { } int main(void) { - mbedtls_gcm_self_test(1); + //mbedtls_gcm_self_test(1); single_encryption(); return 0; } diff --git a/mbed_aes_gcm/example_encryption.c b/mbed_aes_gcm/example_encryption.c new file mode 100644 index 0000000..1d53362 --- /dev/null +++ b/mbed_aes_gcm/example_encryption.c @@ -0,0 +1,53 @@ +#include "gcm.h" +#include "platform_util.h" +#include "api.h" +#include +#include "crypto_aead.h" + +static void single_encryption(void) { + // 32 bytes.. that's 256 bits + const unsigned char k[32] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }; + unsigned char m[64] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }; + unsigned char npub[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }; + unsigned char ad[1400]; + unsigned long long adlen = 0; + unsigned long long mlen = 64; + unsigned long long clen = 0; + unsigned char c[1400]; + unsigned char nsec[CRYPTO_NSECBYTES]; + + + //mbedtls_gcm_init( &ctx ); + // 128 bits, not bytes! + //ret = mbedtls_gcm_setkey( &ctx, cipher, key, 128 ); + + // Context, flag (1/0), length, nonce, nonce_len, AD, AD_len, PT, output, tag_len, tag + //ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, 64, initial_value, 12, additional, 0, plaintext, buf, 16, tag_buf); + //mbedtls_gcm_free( &ctx ); + + int res; + res = crypto_aead_encrypt(c, &clen, m, mlen, ad, adlen, nsec, npub, k); + if (res == 0) { + printf("Local encryption test workerino!\n"); + } else { + printf("Local test failed -.-\n"); + } + +} + +int main(void) { + //mbedtls_gcm_self_test(1); + single_encryption(); + return 0; +} diff --git a/mbed_aes_gcm/gcm b/mbed_aes_gcm/gcm new file mode 100755 index 0000000..7155828 Binary files /dev/null and b/mbed_aes_gcm/gcm differ diff --git a/templates/blackpill/Src/gcm.c b/mbed_aes_gcm/gcm.c similarity index 91% rename from templates/blackpill/Src/gcm.c rename to mbed_aes_gcm/gcm.c index d3af74c..089240d 100644 --- a/templates/blackpill/Src/gcm.c +++ b/mbed_aes_gcm/gcm.c @@ -38,6 +38,7 @@ #if defined(MBEDTLS_GCM_C) #include "gcm.h" +#include "crypto_aead.h" #include "platform_util.h" #include @@ -96,6 +97,51 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) } /* + * Encrypt function for NIST API +*/ +int crypto_aead_encrypt( + unsigned char *c,unsigned long long *clen, + const unsigned char *m,unsigned long long mlen, + const unsigned char *ad,unsigned long long adlen, + const unsigned char *nsec, + const unsigned char *npub, + const unsigned char *k + ) +{ + mbedtls_gcm_context ctx; + unsigned char tag_buf[16]; + int ret; + + mbedtls_gcm_init( &ctx ); + ret = mbedtls_gcm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, k, 128); + ret = mbedtls_gcm_crypt_and_tag( &ctx, 1, mlen, npub, 12, ad, adlen, m, c, 16, tag_buf ); + mbedtls_gcm_free( &ctx ); + + return ret; +} + +int crypto_aead_decrypt( + unsigned char *m, unsigned long long *mlen, + unsigned char *nsec, + const unsigned char *c, unsigned long long clen, + const unsigned char *ad, unsigned long long adlen, + const unsigned char *npub, + const unsigned char *k +) +{ + mbedtls_gcm_context ctx; + unsigned char tag_buf[16]; + int ret; + + mbedtls_gcm_init( &ctx ); + ret = mbedtls_gcm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, k, 128); + ret = mbedtls_gcm_crypt_and_tag( &ctx, 0, mlen, npub, 12, ad, adlen, m, c, 16, tag_buf ); + mbedtls_gcm_free( &ctx ); + + return ret; + +} +/* * Precompute small multiples of H, that is set * HH[i] || HL[i] = H times i, * where i is seen as a field element as in [MGV], ie high-order bits @@ -103,6 +149,7 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL * corresponds to P^127. */ + static int gcm_gen_table( mbedtls_gcm_context *ctx ) { int ret, i, j; diff --git a/templates/blackpill/Src/gcm.h b/mbed_aes_gcm/gcm.h similarity index 100% rename from templates/blackpill/Src/gcm.h rename to mbed_aes_gcm/gcm.h diff --git a/mbed_aes_gcm/main. b/mbed_aes_gcm/main. new file mode 100644 index 0000000..fdb53a3 --- /dev/null +++ b/mbed_aes_gcm/main. @@ -0,0 +1,54 @@ +#include "gcm.h" +#include "platform_util.h" +#include "api.h" +#include +#include "crypto_aead.h" + +static void single_encryption(void) { + // 32 bytes.. that's 256 bits + const unsigned char k[32] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }; + unsigned char c[64] = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, +0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85}; + unsigned char npub[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }; + unsigned char ad[1400]; + unsigned long long adlen = 0; + unsigned long long mlen = 0; + unsigned long long clen = 64; + unsigned char m[1400]; + unsigned char nsec[CRYPTO_NSECBYTES]; + + + //mbedtls_gcm_init( &ctx ); + // 128 bits, not bytes! + //ret = mbedtls_gcm_setkey( &ctx, cipher, key, 128 ); + + // Context, flag (1/0), length, nonce, nonce_len, AD, AD_len, PT, output, tag_len, tag + //ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, 64, initial_value, 12, additional, 0, plaintext, buf, 16, tag_buf); + //mbedtls_gcm_free( &ctx ); + + int res; + + res = crypto_aead_decrypt(m, mlen, nsec, c, clen, ad, adlen, npub, k); + if (res == 0) { + printf("Local decryption test workerino!\n"); + } else { + printf("Local test failed -.-\n"); + } + +} + +int main(void) { + //mbedtls_gcm_self_test(1); + single_encryption(); + return 0; +} diff --git a/mbed_aes_gcm/main.c b/mbed_aes_gcm/main.c new file mode 100644 index 0000000..fdb53a3 --- /dev/null +++ b/mbed_aes_gcm/main.c @@ -0,0 +1,54 @@ +#include "gcm.h" +#include "platform_util.h" +#include "api.h" +#include +#include "crypto_aead.h" + +static void single_encryption(void) { + // 32 bytes.. that's 256 bits + const unsigned char k[32] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }; + unsigned char c[64] = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, +0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85}; + unsigned char npub[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }; + unsigned char ad[1400]; + unsigned long long adlen = 0; + unsigned long long mlen = 0; + unsigned long long clen = 64; + unsigned char m[1400]; + unsigned char nsec[CRYPTO_NSECBYTES]; + + + //mbedtls_gcm_init( &ctx ); + // 128 bits, not bytes! + //ret = mbedtls_gcm_setkey( &ctx, cipher, key, 128 ); + + // Context, flag (1/0), length, nonce, nonce_len, AD, AD_len, PT, output, tag_len, tag + //ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, 64, initial_value, 12, additional, 0, plaintext, buf, 16, tag_buf); + //mbedtls_gcm_free( &ctx ); + + int res; + + res = crypto_aead_decrypt(m, mlen, nsec, c, clen, ad, adlen, npub, k); + if (res == 0) { + printf("Local decryption test workerino!\n"); + } else { + printf("Local test failed -.-\n"); + } + +} + +int main(void) { + //mbedtls_gcm_self_test(1); + single_encryption(); + return 0; +} diff --git a/templates/blackpill/Src/platform.c b/mbed_aes_gcm/platform.c similarity index 100% rename from templates/blackpill/Src/platform.c rename to mbed_aes_gcm/platform.c diff --git a/templates/blackpill/Src/platform.h b/mbed_aes_gcm/platform.h similarity index 100% rename from templates/blackpill/Src/platform.h rename to mbed_aes_gcm/platform.h diff --git a/templates/blackpill/Src/platform_time.h b/mbed_aes_gcm/platform_time.h similarity index 100% rename from templates/blackpill/Src/platform_time.h rename to mbed_aes_gcm/platform_time.h diff --git a/templates/blackpill/Src/platform_util.c b/mbed_aes_gcm/platform_util.c similarity index 100% rename from templates/blackpill/Src/platform_util.c rename to mbed_aes_gcm/platform_util.c diff --git a/templates/blackpill/Src/platform_util.h b/mbed_aes_gcm/platform_util.h similarity index 100% rename from templates/blackpill/Src/platform_util.h rename to mbed_aes_gcm/platform_util.h diff --git a/templates/blackpill/Src/threading.c b/mbed_aes_gcm/threading.c similarity index 100% rename from templates/blackpill/Src/threading.c rename to mbed_aes_gcm/threading.c diff --git a/templates/blackpill/Src/threading.h b/mbed_aes_gcm/threading.h similarity index 100% rename from templates/blackpill/Src/threading.h rename to mbed_aes_gcm/threading.h diff --git a/templates/blackpill/Src/utils.c b/mbed_aes_gcm/utils.c similarity index 100% rename from templates/blackpill/Src/utils.c rename to mbed_aes_gcm/utils.c diff --git a/templates/blackpill/Src/utils.h b/mbed_aes_gcm/utils.h similarity index 100% rename from templates/blackpill/Src/utils.h rename to mbed_aes_gcm/utils.h