mbed-os-examples / Mbed OS mbed-os-example-tls-authcrypt

Hello world example of using the authenticated encryption with mbed TLS. The canonical source for this example lives at https://github.com/ARMmbed/mbed-os-example-tls

mbed TLS Benchmark example on mbed OS

This application performs authenticated encryption and authenticated decryption of a buffer. It serves as a tutorial for the basic authenticated encryption functions of mbed TLS.

Getting started

Building with mbed CLI

If you'd like to use mbed CLI to build this, then you should set up your environment if you have not done so already. For instructions, refer to the main readme. The instructions on this page relate to using the developer.mbed.org Online Compiler

Import the program in to the Online Compiler, select your board from the drop down in the top right hand corner and then compile the application. Once it has built, you can drag and drop the binary onto your device.

Monitoring the application

The output in the terminal window should be similar to this:

terminal output

plaintext message: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400
ciphertext: c57f7afb94f14c7977d785d08682a2596bd62ee9dcf216b8cccd997afee9b402f5de1739e8e6467aa363749ef39392e5c66622b01c7203ec0a3d14
decrypted: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400

DONE

authcrypt.h@86:b2856f26f5c4, 2019-02-25 (annotated)

Committer:
mbed_official
Date:
Mon Feb 25 16:41:53 2019 +0000
Revision:
86:b2856f26f5c4
Parent:
78:2749cf972e5f 
Merge pull request #235 from adbridge/master



All the CI tests have passed.

Updating mbed-os to mbed-os-5.11.5

.

Commit copied from https://github.com/ARMmbed/mbed-os-example-tls

Who changed what in which revision?

UserRevisionLine numberNew contents of line
mbed_official 36:454dcefc8453 1 /*
mbed_official 48:6b6340f5cdc3 2 * Hello world example of using the authenticated encryption with Mbed TLS
mbed_official 36:454dcefc8453 3 *
mbed_official 48:6b6340f5cdc3 4 * Copyright (C) 2017, Arm Limited, All Rights Reserved
mbed_official 36:454dcefc8453 5 * SPDX-License-Identifier: Apache-2.0
mbed_official 36:454dcefc8453 6 *
mbed_official 36:454dcefc8453 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
mbed_official 36:454dcefc8453 8 * not use this file except in compliance with the License.
mbed_official 36:454dcefc8453 9 * You may obtain a copy of the License at
mbed_official 36:454dcefc8453 10 *
mbed_official 36:454dcefc8453 11 * http://www.apache.org/licenses/LICENSE-2.0
mbed_official 36:454dcefc8453 12 *
mbed_official 36:454dcefc8453 13 * Unless required by applicable law or agreed to in writing, software
mbed_official 36:454dcefc8453 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
mbed_official 36:454dcefc8453 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mbed_official 36:454dcefc8453 16 * See the License for the specific language governing permissions and
mbed_official 36:454dcefc8453 17 * limitations under the License.
mbed_official 36:454dcefc8453 18 */
mbed_official 36:454dcefc8453 19
mbed_official 36:454dcefc8453 20 #ifndef _AUTHCRYPT_H_
mbed_official 36:454dcefc8453 21 #define _AUTHCRYPT_H_
mbed_official 36:454dcefc8453 22
mbed_official 36:454dcefc8453 23 #include "mbedtls/cipher.h"
mbed_official 36:454dcefc8453 24 #include "mbedtls/entropy.h"
mbed_official 36:454dcefc8453 25 #include "mbedtls/ctr_drbg.h"
mbed_official 63:5e7be856a68b 26 #include "mbedtls/platform.h"
mbed_official 36:454dcefc8453 27
mbed_official 36:454dcefc8453 28 /**
mbed_official 36:454dcefc8453 29 * This class implements the logic to demonstrate authenticated encryption using
mbed_official 36:454dcefc8453 30 * mbed TLS.
mbed_official 36:454dcefc8453 31 */
mbed_official 36:454dcefc8453 32 class Authcrypt
mbed_official 36:454dcefc8453 33 {
mbed_official 36:454dcefc8453 34 public:
mbed_official 36:454dcefc8453 35 /**
mbed_official 36:454dcefc8453 36 * Construct an Authcrypt instance
mbed_official 36:454dcefc8453 37 */
mbed_official 78:2749cf972e5f 38 Authcrypt();
mbed_official 36:454dcefc8453 39
mbed_official 36:454dcefc8453 40 /**
mbed_official 36:454dcefc8453 41 * Free any allocated resources
mbed_official 36:454dcefc8453 42 */
mbed_official 36:454dcefc8453 43 ~Authcrypt();
mbed_official 36:454dcefc8453 44
mbed_official 36:454dcefc8453 45 /**
mbed_official 36:454dcefc8453 46 * Run the authenticated encryption example
mbed_official 36:454dcefc8453 47 *
mbed_official 36:454dcefc8453 48 * \return 0 if successful
mbed_official 36:454dcefc8453 49 */
mbed_official 36:454dcefc8453 50 int run();
mbed_official 36:454dcefc8453 51
mbed_official 36:454dcefc8453 52 private:
mbed_official 36:454dcefc8453 53 /**
mbed_official 36:454dcefc8453 54 * Print a buffer's contents in hexadecimal
mbed_official 36:454dcefc8453 55 *
mbed_official 36:454dcefc8453 56 * \param[in] title
mbed_official 36:454dcefc8453 57 * The string to print before the hex string
mbed_official 36:454dcefc8453 58 * \param[in] buf
mbed_official 36:454dcefc8453 59 * The buffer to print in hex
mbed_official 36:454dcefc8453 60 * \param[in] len
mbed_official 36:454dcefc8453 61 * The length of the buffer
mbed_official 36:454dcefc8453 62 */
mbed_official 36:454dcefc8453 63 void print_hex(const char *title, const unsigned char buf[], size_t len);
mbed_official 36:454dcefc8453 64
mbed_official 36:454dcefc8453 65 /**
mbed_official 36:454dcefc8453 66 * The pre-shared key
mbed_official 36:454dcefc8453 67 *
mbed_official 36:454dcefc8453 68 * \note This should be generated randomly and be unique to the
mbed_official 36:454dcefc8453 69 * device/channel/etc. Just used a fixed on here for simplicity.
mbed_official 36:454dcefc8453 70 */
mbed_official 36:454dcefc8453 71 static const unsigned char secret_key[16];
mbed_official 36:454dcefc8453 72
mbed_official 36:454dcefc8453 73 /**
mbed_official 36:454dcefc8453 74 * Message that should be protected
mbed_official 36:454dcefc8453 75 */
mbed_official 36:454dcefc8453 76 static const char message[];
mbed_official 36:454dcefc8453 77
mbed_official 36:454dcefc8453 78 /**
mbed_official 36:454dcefc8453 79 * Metadata transmitted in the clear but authenticated
mbed_official 36:454dcefc8453 80 */
mbed_official 36:454dcefc8453 81 static const char metadata[];
mbed_official 36:454dcefc8453 82
mbed_official 36:454dcefc8453 83 /**
mbed_official 36:454dcefc8453 84 * Ciphertext buffer large enough to hold message + nonce + tag
mbed_official 36:454dcefc8453 85 */
mbed_official 36:454dcefc8453 86 unsigned char ciphertext[128];
mbed_official 36:454dcefc8453 87
mbed_official 36:454dcefc8453 88 /**
mbed_official 36:454dcefc8453 89 * Plaintext buffer large enough to hold the decrypted message
mbed_official 36:454dcefc8453 90 */
mbed_official 36:454dcefc8453 91 unsigned char decrypted[128];
mbed_official 36:454dcefc8453 92
mbed_official 36:454dcefc8453 93 /**
mbed_official 36:454dcefc8453 94 * Entropy pool for seeding PRNG
mbed_official 36:454dcefc8453 95 */
mbed_official 36:454dcefc8453 96 mbedtls_entropy_context entropy;
mbed_official 36:454dcefc8453 97
mbed_official 36:454dcefc8453 98 /**
mbed_official 36:454dcefc8453 99 * Pseudo-random generator
mbed_official 36:454dcefc8453 100 */
mbed_official 36:454dcefc8453 101 mbedtls_ctr_drbg_context drbg;
mbed_official 36:454dcefc8453 102
mbed_official 36:454dcefc8453 103 /**
mbed_official 36:454dcefc8453 104 * The block cipher configuration
mbed_official 36:454dcefc8453 105 */
mbed_official 36:454dcefc8453 106 mbedtls_cipher_context_t cipher;
mbed_official 36:454dcefc8453 107 };
mbed_official 36:454dcefc8453 108
mbed_official 36:454dcefc8453 109 #endif /* _AUTHCRYPT_H_ */