• Registered: 2016-10-07
  • Posts: 20

Topic: [SOLVED] AES encrypt and decrypt error

Hi, I followed the examples from wolfssl documentation to use AES. -> https://www.wolfssl.com/wolfSSL/Docs-wo … ence.html.

After executing this code:

#include <wolfssl.h>
#include <wolfssl/wolfcrypt/aes.h>

int x = 0;
 
void setup(void){

  while(!Serial);
  Serial.begin(9600);
}
 
void loop(void){

//AES block
Aes enc;
Aes dec;

byte key[] = {"1234567890abcdef"};

byte iv[]  = {"1234567890abcdef"};

byte plain[32]  = {"Hola mundoHola mundoHola mundo"};   // an increment of 16, fill with data
byte plain2[32];
byte cipher[32];

Serial.print("plain value  ");

for(x=0; x<32; x++){
  Serial.print(plain[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");


Serial.print("printing key value ");

for(x=0; x<32; x++){
  Serial.print(key[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");


Serial.print("printing iv value ");
for(x=0; x<32; x++){
  Serial.print(iv[x], HEX);
  Serial.print(" ");
  }

Serial.println(" ");

//encrypt
wc_AesSetKey(&enc, key, sizeof(key), iv, AES_ENCRYPTION);
wc_AesCbcEncrypt(&enc, cipher, plain, sizeof(plain));



Serial.print("cipher value ");

for(x=0; x<32; x++){
  Serial.print(cipher[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");



Serial.print("printing key value before cipher");

for(x=0; x<32; x++){
  Serial.print(key[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");


Serial.print("printing iv value before cipher");
for(x=0; x<32; x++){
  Serial.print(iv[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");

//decrypt
wc_AesSetKey(&dec, key, sizeof(key), iv, AES_DECRYPTION);
wc_AesCbcDecrypt(&dec, plain2, cipher, sizeof(cipher));


Serial.print("plain2 value  ");

for(x=0; x<32; x++){
  Serial.print(plain2[x], HEX);
  Serial.print(" ");
  }

Serial.println(" ");
Serial.println(" ");
Serial.println(" ");

 delay(10000);
}

We get this:

https://fotos.subefotos.com/aecc999c283568d93e3b9318406c7a28o.jpg

We can see that is not changing any input parameter at the function, but in each Arduino iteration we see differents values from encryption and decryption.
Besides decryption value never matches with value that we had before encrypting.
I've even used two variables "plain" and "plain2" to avoid any possible conflict.

NOTE: "for" loops just serve to print on screen, do not affect functionality, so you can ignore it.


Any idea why it happens?

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] AES encrypt and decrypt error

Hi jesussotofan,

the key must be modulo AES_SIZE (16). A byte array containing 1234567890abcdef is size 17 (array indexing if it contains 16 elements it's one larger for the '\0' or NULL character on the end of the string in c. Change your key to "234567890abcdef" and you test should work.


One other note you are printing out HEX values and looping 32 times. Each hex byte is 8 bytes long. You're working with an array of 32 8-byte elements and the print in the for loop prints out 2 8-bytes elements each loop. You should only loop 16 times, not 32. You're printing memory off the end of your buffers.

for(x=0; x<16; x++){
  Serial.print(plain[x], HEX);
  Serial.print(" ");
  }
Serial.println(" ");

ALSO it is highly recommended you check your return codes and you would have seen the error happening IE:

wc_AesSetKey(&enc, key, sizeof(key), iv, AES_ENCRYPTION);

SHOULD BE:

/* make an integer "ret" */
ret = wc_AesSetKey(&enc, key, sizeof(key), iv, AES_ENCRYPTION);
if (ret != 0) {
    Serial.println(" Aes Set Key Failed with error code: ");
    Serial.print(ret, INTEGER); /* or however you output an int I'm not familiar with this print functionality */
}

And do the same for other wolfSSL API's.


Regards,

Kaleb

Kaleb J. Himes's Website

Share

3 Reply by Kaleb J. Himes (edited by Kaleb J. Himes 2016-10-28 09:05:14)

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] AES encrypt and decrypt error

Hi jesussotofan,

I have taken your code, re-compiled and run the test on Linux, I'm giving you my source code, just update the print statements and you should observe intended test case.


#include <stdio.h>
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/aes.h>

int main(void) {
Aes enc;
Aes dec;
int ret;

int x;

byte key[] = {"234567890abcdef"};

byte iv[]  = {"1234567890abcdef"};

byte plain[32]  = {"Hola mundoHola mundoHola mundo"};   // an increment of 16, fill with data
byte plain2[32];
byte cipher[32];

printf("sizeof key = %d\n", (int) sizeof(key));
printf("sizeof cipher = %d\n", (int) sizeof(cipher));
printf("sizeof plain = %d\n", (int) sizeof(plain));

printf("plain value                      ");

for(x=0; x<16; x++){
  printf("%02x", plain[x]);
  printf(" ");
  }
printf(" \n");



printf("printing key value               ");

for(x=0; x<16; x++){
  printf("%02x", key[x]);
  printf(" ");
  }
printf(" \n");


printf("printing iv value                ");
for(x=0; x<16; x++){
  printf("%02x", iv[x]);
  printf(" ");
  }

printf(" \n");

//encrypt
ret = wc_AesSetKey(&enc, key, sizeof(key), iv, AES_ENCRYPTION);
if (ret != 0) {
    printf("Encrypt set key failed with error: %d\n", ret);
    return ret;
}
ret = wc_AesCbcEncrypt(&enc, cipher, plain, sizeof(plain));
if (ret != 0) {
    printf("AesCbcEncrypt failed with error: %d\n", ret);
    return ret;
}



printf("cipher value                     ");

for(x=0; x<16; x++){
  printf("%02x", cipher[x]);
  printf(" ");
  }
printf(" \n");



printf("printing key value before cipher ");

for(x=0; x<16; x++){
  printf("%02x", key[x]);
  printf(" ");
  }
printf(" \n");


printf("printing iv value before cipher  ");
for(x=0; x<16; x++){
  printf("%02x", iv[x]);
  printf(" ");
  }
printf(" \n");

//decrypt
ret = wc_AesSetKey(&dec, key, sizeof(key), iv, AES_DECRYPTION);
if (ret != 0) {
    printf("Decrypt set key failed with error: %d\n", ret);
    return ret;
}
ret = wc_AesCbcDecrypt(&dec, plain2, cipher, sizeof(cipher));
if (ret != 0) {
    printf("AesCbcDecrypt failed with error: %d\n", ret);
    return ret;
}


printf("plain2 value                     ");

for(x=0; x<16; x++){
  printf("%02x", plain2[x]);
  printf(" ");
  }

printf(" \n");
printf(" \n");
printf(" \n");

}

Regards,

Kaleb

Kaleb J. Himes's Website

Share

4 Reply by Kaleb J. Himes (edited by Kaleb J. Himes 2016-10-28 09:09:15)

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: [SOLVED] AES encrypt and decrypt error

Hi Jesussotofan,

One final comment on this.

If you were to change the way you are getting the length of the key you could use the original key of "1234567890abcdef".

You currently are using "sizeof" which is why it's counting the null terminator or '\0' character in the length. You have two options when passing into our library:

Option 1:

ret = wc_AesSetKey(&enc, key, strlen(key), iv, AES_ENCRYPTION);

NOTE: strlen will count the length of the string MINUS the null terminator giving you a length of 16 instead of 17

Option 2:

ret = wc_AesSetKey(&enc, key, sizeof(key) - 1, iv, AES_ENCRYPTION);

NOTE: Do the same as you did originally and pass in sizeof(key) - 1. This way you don't have a hex value of 00 or '\0' included in the key.

Regards,

Kaleb

Kaleb J. Himes's Website

Share