RE: nrf_aes_crypto output buffer size

Kaja — Fri, 06 Aug 2021 08:25:00 GMT

Hi,

has your problem been solved?

Best regards,
Kaja

RE: nrf_aes_crypto output buffer size

Bloq — Mon, 15 Mar 2021 15:43:52 GMT

Here is the AES Encryption Documentation. Can you confirm that I am incorrect in my assumption below.

ECB output:

Encrypted or decrypted text.
When padding mode is selected, the last encrypted block is always padded, even if plain text is a multiple of 16 bytes.
Upon a finished decryption operation, when padding mode is selected, p_data_out_size is decreased by the number of padded bytes.

I am using padding so I interpreted this as:

During encryption of a uint8_t value, I must size my output buffer to to the nearest multiple of 16 bytes of my input value. aka 16 bytes.

During decryption, I must size my output buffer to the nearest 16 bytes on top of my input buffer. aka 32 bytes

I seemed to have an instance of corruption if I did not do this. Does the aes encryption library allocate its own space to handle the cipher block operations.

If this is incorrect I would propose to change the wording of the documentation to be slightly more specific during decryption. To something like:

ECB output:

Encrypted text
- When padding mode is selected, the last encrypted block is always padded, even if plain text is a multiple of 16 bytes.
Decrypted text
- Buffer size must be size of the expected decrypted value.
- Upon a finished decryption operation, when padding mode is selected, p_data_out_size is decreased by the number of padded bytes.

RE: nrf_aes_crypto output buffer size

tesc — Tue, 09 Mar 2021 08:42:33 GMT

Hi,

For those and similar functions, the p_data_out buffer holds the outputted data from the function, and must be large enough to fit that output.

When encrypting, it means big enough for holding the encrypted value.

When decrypting, it means big enough for holding the decrypted value.

For both, include padding if needed.

Regards,
Terje