mbedtls_aes_crypt_ecb incorrect output

blekyo
Posts: 10
Joined: Tue Nov 14, 2017 2:15 am

mbedtls_aes_crypt_ecb incorrect output

Postby blekyo » Wed Dec 20, 2017 6:11 pm

Hi,
Sorry to introduce on this post, but I have an issue with the function "mbedtls_aes_crypt_ecb". It seems to work on the esp32 itself. If I encrypt and decrypt it works fine. But if I try to encrypt the same data with the same key in IOS or any online encryption like http://aes.online-domain-tools.com/, I never get the same result.
Do you have any idea why it is like that or if I'm not understanding the encryption process well?
Thanks for your help

User avatar
urbanze
Posts: 301
Joined: Sat Jun 10, 2017 9:55 pm
Location: Brazil

Re: HWCrypto VS MbedTLS

Postby urbanze » Wed Dec 20, 2017 6:44 pm

blekyo wrote:Hi,
Sorry to introduce on this post, but I have an issue with the function "mbedtls_aes_crypt_ecb". It seems to work on the esp32 itself. If I encrypt and decrypt it works fine. But if I try to encrypt the same data with the same key in IOS or any online encryption like http://aes.online-domain-tools.com/, I never get the same result.
Do you have any idea why it is like that or if I'm not understanding the encryption process well?
Thanks for your help
Hi Blekyo! Show the code, maybe I can help you.

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: HWCrypto VS MbedTLS

Postby ESP_Angus » Wed Dec 20, 2017 11:44 pm

blekyo, I've split this into a new topic because it wasn't really related to the previous one.

As urbanze said, if you can post some code (and maybe some sample input/output values) then I'm sure someone can help. The mbedTLS AES ECB functions should work the same as any other AES ECB implementation, but the API can be a little unforgiving in terms of getting the API calls correct.

blekyo
Posts: 10
Joined: Tue Nov 14, 2017 2:15 am

Re: mbedtls_aes_crypt_ecb incorrect output

Postby blekyo » Thu Dec 21, 2017 1:51 am

Hi guys,
ESP_Angus, thanks for moving the subject to a new topic.
So here is my sample:

Code: Select all

#include "mbedtls/aes.h"

mbedtls_aes_context aes;

size_t _length = 16;
unsigned char iv[16] = "0123456789abcde";
unsigned char key[] = "F56C041F990E5374A1E78B333DAEBEB1";
unsigned char input[16] = "abcdefghijklmno"; 
unsigned char encrypt_output[16]; 
unsigned char decrypt_output[16]; 

static void hex_print(const void* pv, size_t len)
{
    const unsigned char * p = (const unsigned char*)pv;
    if (NULL == pv)
        printf("NULL");
    else
    {
        size_t i = 0;
        for (; i<len;++i)
            printf("%02X ", *p++);
    }
    printf("\n");
}

void _aes_encrypt(unsigned char *iv, size_t crypt_len, const unsigned char *input, unsigned char *output)
{
    size_t iv_offset = 0;
    mbedtls_aes_setkey_enc(&aes, key, 128);
    mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, input, output);
    //mbedtls_aes_crypt_cfb8(&aes, MBEDTLS_AES_ENCRYPT, crypt_len, iv, input, output);
    //mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_ENCRYPT, crypt_len, &iv_offset, iv, input, output);
}

void _aes_decrypt(unsigned char *iv, size_t crypt_len, const unsigned char *input, unsigned char *output)
{
    size_t iv_offset = 0;
    mbedtls_aes_setkey_dec(&aes, key, 128);
    mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, input, output);
    //mbedtls_aes_crypt_cfb8(&aes, MBEDTLS_AES_DECRYPT, crypt_len, iv, input, output);
    //mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_DECRYPT, crypt_len, &iv_offset, iv, input, output);
}

void _security_init(void)
{
    mbedtls_aes_init(&aes);
}

void _security_deinit(void)
{
    mbedtls_aes_free(&aes);
}

void setup() {
  Serial.begin(115200);
  
  _security_init();
  
  _aes_encrypt(iv, _length, input, encrypt_output);
  _aes_decrypt(iv, _length, encrypt_output, decrypt_output);
  
  printf("original:\t");
  hex_print(input, sizeof(input));

  printf("encrypted:\t");
  hex_print(encrypt_output, sizeof(encrypt_output));

  printf("decrypted:\t");
  hex_print(decrypt_output, sizeof(decrypt_output));
  
  _security_deinit();
}

void loop() {
}
The crypt and decrypt is working with "mbedtls_aes_crypt_ecb", but with http://aes.online-domain-tools.com/ I don't get the same encrypted result.

I even try with "mbedtls_aes_crypt_cfb8" and "mbedtls_aes_crypt_cfb128", but it's even worse, decrypted value doesn't match with the original. But for that, I think I'm not fully understanding the process.

ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: mbedtls_aes_crypt_ecb incorrect output

Postby ESP_Angus » Thu Dec 21, 2017 3:39 am

Thanks for posting the extra info. A couple of things:

- The code is specifying a 128 bit AES key but your key is 32 bytes (256 bits) long. The website doesn't seem to have a way to manually set the key length, so it may think you want AES-256.

- The input string is (I think) 15 characters long, plus a C string null byte to make a full 16 byte block. The website implementation probably doesn't use C strings so it may not pad the last character in the same way (AFAIK ECB is only specified to work on full blocks, padding is an implementation detail). You could try adding another character so your input is a full 16 ASCII characters.

- Using AES in CFB mode is a good option (especially compared to ECB) but comes with a number of caveats. One is to always set the key via mbedtls_setkey_enc() for both encryption and decryption. Also, the function modifies the iv parameter buffer to return the IV for the next block, so you can't reuse that buffer as-is for decryption. The aes.h header describes this in detail.

Hopefully some of that is helpful!

ak_torres
Posts: 1
Joined: Mon Jan 15, 2018 7:17 am

Re: mbedtls_aes_crypt_ecb incorrect output

Postby ak_torres » Mon Jan 15, 2018 10:35 am

blekyo wrote:Hi,
Sorry to introduce on this post, but I have an issue with the function "mbedtls_aes_crypt_ecb". It seems to work on the esp32 itself. If I encrypt and decrypt it works fine. But if I try to encrypt the same data with the same key in IOS or any online encryption like http://aes.online-domain-tools.com/, I never get the same result.
Do you have any idea why it is like that or if I'm not understanding the encryption process well?
Thanks for your help
hello.can you tell how you use the mbebtls for the aes.am new and want to run it in my esp32 please

Who is online

Users browsing this forum: No registered users and 98 guests