mbed-os-examples / Mbed OS mbed-os-example-tls-authcrypt

Hello world example of using the authenticated encryption with mbed TLS. The canonical source for this example lives at https://github.com/ARMmbed/mbed-os-example-tls

mbed TLS Benchmark example on mbed OS

This application performs authenticated encryption and authenticated decryption of a buffer. It serves as a tutorial for the basic authenticated encryption functions of mbed TLS.

Getting started

Building with mbed CLI

If you'd like to use mbed CLI to build this, then you should set up your environment if you have not done so already. For instructions, refer to the main readme. The instructions on this page relate to using the developer.mbed.org Online Compiler

Import the program in to the Online Compiler, select your board from the drop down in the top right hand corner and then compile the application. Once it has built, you can drag and drop the binary onto your device.

Monitoring the application

The output in the terminal window should be similar to this:

terminal output

plaintext message: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
ciphertext: c57f7afb94f14c7977d785d08682a2596bd62ee9dcf216b8cccd997afee9b402f5de1739e8e6467aa363749ef39392e5c66622b01c7203ec0a3d14
decrypted: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400

DONE

authcrypt.h@48:6b6340f5cdc3, 2017-11-09 (annotated)

Committer:
mbed_official
Date:
Thu Nov 09 09:15:07 2017 +0000
Revision:
48:6b6340f5cdc3
Parent:
36:454dcefc8453
Child:
63:5e7be856a68b
Change Arm trademarks in the examples' source files



.

Commit copied from https://github.com/ARMmbed/mbed-os-example-tls

Who changed what in which revision?

UserRevisionLine numberNew contents of line
mbed_official 36:454dcefc8453 1 /*
mbed_official 48:6b6340f5cdc3 2 * Hello world example of using the authenticated encryption with Mbed TLS
mbed_official 36:454dcefc8453 3 *
mbed_official 48:6b6340f5cdc3 4 * Copyright (C) 2017, Arm Limited, All Rights Reserved
mbed_official 36:454dcefc8453 5 * SPDX-License-Identifier: Apache-2.0
mbed_official 36:454dcefc8453 6 *
mbed_official 36:454dcefc8453 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
mbed_official 36:454dcefc8453 8 * not use this file except in compliance with the License.
mbed_official 36:454dcefc8453 9 * You may obtain a copy of the License at
mbed_official 36:454dcefc8453 10 *
mbed_official 36:454dcefc8453 11 * http://www.apache.org/licenses/LICENSE-2.0
mbed_official 36:454dcefc8453 12 *
mbed_official 36:454dcefc8453 13 * Unless required by applicable law or agreed to in writing, software
mbed_official 36:454dcefc8453 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
mbed_official 36:454dcefc8453 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mbed_official 36:454dcefc8453 16 * See the License for the specific language governing permissions and
mbed_official 36:454dcefc8453 17 * limitations under the License.
mbed_official 36:454dcefc8453 18 */
mbed_official 36:454dcefc8453 19
mbed_official 36:454dcefc8453 20 #ifndef _AUTHCRYPT_H_
mbed_official 36:454dcefc8453 21 #define _AUTHCRYPT_H_
mbed_official 36:454dcefc8453 22
mbed_official 36:454dcefc8453 23 #include "mbedtls/cipher.h"
mbed_official 36:454dcefc8453 24 #include "mbedtls/entropy.h"
mbed_official 36:454dcefc8453 25 #include "mbedtls/ctr_drbg.h"
mbed_official 36:454dcefc8453 26
mbed_official 36:454dcefc8453 27 /**
mbed_official 36:454dcefc8453 28 * This class implements the logic to demonstrate authenticated encryption using
mbed_official 36:454dcefc8453 29 * mbed TLS.
mbed_official 36:454dcefc8453 30 */
mbed_official 36:454dcefc8453 31 class Authcrypt
mbed_official 36:454dcefc8453 32 {
mbed_official 36:454dcefc8453 33 public:
mbed_official 36:454dcefc8453 34 /**
mbed_official 36:454dcefc8453 35 * Construct an Authcrypt instance
mbed_official 36:454dcefc8453 36 */
mbed_official 36:454dcefc8453 37 Authcrypt();
mbed_official 36:454dcefc8453 38
mbed_official 36:454dcefc8453 39 /**
mbed_official 36:454dcefc8453 40 * Free any allocated resources
mbed_official 36:454dcefc8453 41 */
mbed_official 36:454dcefc8453 42 ~Authcrypt();
mbed_official 36:454dcefc8453 43
mbed_official 36:454dcefc8453 44 /**
mbed_official 36:454dcefc8453 45 * Run the authenticated encryption example
mbed_official 36:454dcefc8453 46 *
mbed_official 36:454dcefc8453 47 * \return 0 if successful
mbed_official 36:454dcefc8453 48 */
mbed_official 36:454dcefc8453 49 int run();
mbed_official 36:454dcefc8453 50
mbed_official 36:454dcefc8453 51 private:
mbed_official 36:454dcefc8453 52 /**
mbed_official 36:454dcefc8453 53 * Print a buffer's contents in hexadecimal
mbed_official 36:454dcefc8453 54 *
mbed_official 36:454dcefc8453 55 * \param[in] title
mbed_official 36:454dcefc8453 56 * The string to print before the hex string
mbed_official 36:454dcefc8453 57 * \param[in] buf
mbed_official 36:454dcefc8453 58 * The buffer to print in hex
mbed_official 36:454dcefc8453 59 * \param[in] len
mbed_official 36:454dcefc8453 60 * The length of the buffer
mbed_official 36:454dcefc8453 61 */
mbed_official 36:454dcefc8453 62 void print_hex(const char *title, const unsigned char buf[], size_t len);
mbed_official 36:454dcefc8453 63
mbed_official 36:454dcefc8453 64 /**
mbed_official 36:454dcefc8453 65 * The pre-shared key
mbed_official 36:454dcefc8453 66 *
mbed_official 36:454dcefc8453 67 * \note This should be generated randomly and be unique to the
mbed_official 36:454dcefc8453 68 * device/channel/etc. Just used a fixed on here for simplicity.
mbed_official 36:454dcefc8453 69 */
mbed_official 36:454dcefc8453 70 static const unsigned char secret_key[16];
mbed_official 36:454dcefc8453 71
mbed_official 36:454dcefc8453 72 /**
mbed_official 36:454dcefc8453 73 * Message that should be protected
mbed_official 36:454dcefc8453 74 */
mbed_official 36:454dcefc8453 75 static const char message[];
mbed_official 36:454dcefc8453 76
mbed_official 36:454dcefc8453 77 /**
mbed_official 36:454dcefc8453 78 * Metadata transmitted in the clear but authenticated
mbed_official 36:454dcefc8453 79 */
mbed_official 36:454dcefc8453 80 static const char metadata[];
mbed_official 36:454dcefc8453 81
mbed_official 36:454dcefc8453 82 /**
mbed_official 36:454dcefc8453 83 * Ciphertext buffer large enough to hold message + nonce + tag
mbed_official 36:454dcefc8453 84 */
mbed_official 36:454dcefc8453 85 unsigned char ciphertext[128];
mbed_official 36:454dcefc8453 86
mbed_official 36:454dcefc8453 87 /**
mbed_official 36:454dcefc8453 88 * Plaintext buffer large enough to hold the decrypted message
mbed_official 36:454dcefc8453 89 */
mbed_official 36:454dcefc8453 90 unsigned char decrypted[128];
mbed_official 36:454dcefc8453 91
mbed_official 36:454dcefc8453 92 /**
mbed_official 36:454dcefc8453 93 * Entropy pool for seeding PRNG
mbed_official 36:454dcefc8453 94 */
mbed_official 36:454dcefc8453 95 mbedtls_entropy_context entropy;
mbed_official 36:454dcefc8453 96
mbed_official 36:454dcefc8453 97 /**
mbed_official 36:454dcefc8453 98 * Pseudo-random generator
mbed_official 36:454dcefc8453 99 */
mbed_official 36:454dcefc8453 100 mbedtls_ctr_drbg_context drbg;
mbed_official 36:454dcefc8453 101
mbed_official 36:454dcefc8453 102 /**
mbed_official 36:454dcefc8453 103 * The block cipher configuration
mbed_official 36:454dcefc8453 104 */
mbed_official 36:454dcefc8453 105 mbedtls_cipher_context_t cipher;
mbed_official 36:454dcefc8453 106 };
mbed_official 36:454dcefc8453 107
mbed_official 36:454dcefc8453 108 #endif /* _AUTHCRYPT_H_ */