mbed-os-examples
Hello world example of using the authenticated encryption with mbed TLS. The canonical source for this example lives at https://github.com/ARMmbed/mbed-os-example-tls
mbed TLS Benchmark example on mbed OS
This application performs authenticated encryption and authenticated decryption of a buffer. It serves as a tutorial for the basic authenticated encryption functions of mbed TLS.
Getting started
Building with mbed CLI
If you'd like to use mbed CLI to build this, then you should set up your environment if you have not done so already. For instructions, refer to the main readme. The instructions on this page relate to using the developer.mbed.org Online Compiler
Import the program in to the Online Compiler, select your board from the drop down in the top right hand corner and then compile the application. Once it has built, you can drag and drop the binary onto your device.
Monitoring the application
The output in the terminal window should be similar to this:
terminal output
plaintext message: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400 ciphertext: c57f7afb94f14c7977d785d08682a2596bd62ee9dcf216b8cccd997afee9b402f5de1739e8e6467aa363749ef39392e5c66622b01c7203ec0a3d14 decrypted: 536f6d65207468696e67732061726520626574746572206c65667420756e7265616400 DONE
authcrypt.h
- Committer:
- mbed_official
- Date:
- 2019-02-25
- Revision:
- 86:b2856f26f5c4
- Parent:
- 78:2749cf972e5f
File content as of revision 86:b2856f26f5c4:
/*
* Hello world example of using the authenticated encryption with Mbed TLS
*
* Copyright (C) 2017, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef _AUTHCRYPT_H_
#define _AUTHCRYPT_H_
#include "mbedtls/cipher.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/platform.h"
/**
* This class implements the logic to demonstrate authenticated encryption using
* mbed TLS.
*/
class Authcrypt
{
public:
/**
* Construct an Authcrypt instance
*/
Authcrypt();
/**
* Free any allocated resources
*/
~Authcrypt();
/**
* Run the authenticated encryption example
*
* \return 0 if successful
*/
int run();
private:
/**
* Print a buffer's contents in hexadecimal
*
* \param[in] title
* The string to print before the hex string
* \param[in] buf
* The buffer to print in hex
* \param[in] len
* The length of the buffer
*/
void print_hex(const char *title, const unsigned char buf[], size_t len);
/**
* The pre-shared key
*
* \note This should be generated randomly and be unique to the
* device/channel/etc. Just used a fixed on here for simplicity.
*/
static const unsigned char secret_key[16];
/**
* Message that should be protected
*/
static const char message[];
/**
* Metadata transmitted in the clear but authenticated
*/
static const char metadata[];
/**
* Ciphertext buffer large enough to hold message + nonce + tag
*/
unsigned char ciphertext[128];
/**
* Plaintext buffer large enough to hold the decrypted message
*/
unsigned char decrypted[128];
/**
* Entropy pool for seeding PRNG
*/
mbedtls_entropy_context entropy;
/**
* Pseudo-random generator
*/
mbedtls_ctr_drbg_context drbg;
/**
* The block cipher configuration
*/
mbedtls_cipher_context_t cipher;
};
#endif /* _AUTHCRYPT_H_ */