Hi,
I'm really struggling with encryption, kind of lost in the woods of libraries, api's and documentation. Can anyone point me in the right direction?
Config: I have CONFIG_NORDIC_SECURITY_BACKEND=y set
To start simple, I want to encrypt a block of data using AES.
Using the following code:
u8_t testkey[16] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5 };
u8_t testiv[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 1, 2, 3, 4, 5, 6 };
u8_t testinput[] = { 't', 'e', 's', 't',0,0,0,0,0,0,0,0,0,0,0,0};
u8_t testoutput[64];
memset(testoutput, 0, sizeof(testoutput));
mbedtls_aes_setkey_enc(&aes, testkey, sizeof(testkey) * 8);
mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, 16, testiv, testinput, testoutput);
This runs (the two mbedtls functions return 0, all ok), but 'testoutput' does not contain anything (all zero's)
So, I found out about the 'cipher' API (from the nrfconnect crypto test). Created the following code for that:
mbedtls_cipher_init (&ctx);
LOG_DBG("setup %d", mbedtls_cipher_setup (&ctx, mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, sizeof(testkey)*8, MBEDTLS_MODE_ECB)));
LOG_DBG("setkey %d", mbedtls_cipher_setkey (&ctx, testkey, sizeof(testkey)*8, MBEDTLS_ENCRYPT));
LOG_DBG("setiv %d", mbedtls_cipher_set_iv (&ctx, testiv, sizeof(testiv)*8));
LOG_DBG("reset %d", mbedtls_cipher_reset (&ctx));
LOG_DBG("update %d", mbedtls_cipher_update (&ctx, testinput, sizeof(testinput), testoutput, &r));
LOG_DBG("finish %d", mbedtls_cipher_finish (&ctx, testoutput, &r));
mbedtls_cipher_free (&ctx);
The mbedtls_cipher_setup call fails with MBEDTLS_ERR_CIPHER_ALLOC_FAILED, so obviously the subsequent calls fail aswell.
So.. help? What am I doing wrong here? Which API should I use, what configuration do I need?
