MCUX CLNS
MCUX Crypto Library Normal Secure
Loading...
Searching...
No Matches
mcuxClAeadModes_Gcm_Aes128_Oneshot_LongNonce_example.c

Example for the mcuxClAeadModes component.

Example for the mcuxClAeadModes component

/*--------------------------------------------------------------------------*/
/* Copyright 2022-2025 NXP */
/* */
/* NXP Confidential and Proprietary. This software is owned or controlled */
/* by NXP and may only be used strictly in accordance with the applicable */
/* license terms. By expressly accepting such terms or by downloading, */
/* installing, activating and/or otherwise using the software, you are */
/* agreeing that you have read, and that you agree to comply with and are */
/* bound by, such license terms. If you do not agree to be bound by the */
/* applicable license terms, then you may not retain, install, activate or */
/* otherwise use the software. */
/*--------------------------------------------------------------------------*/
#include <mcuxClBuffer.h>
#include <mcuxClCore_Examples.h>
#include <mcuxClExample_Session_Helper.h>
#include <mcuxClSession.h>
#include <mcuxClKey.h>
#include <mcuxClAead.h>
#include <mcuxClAeadModes.h>
#include <mcuxCsslFlowProtection.h>
#include <mcuxClCore_FunctionIdentifiers.h> // Code flow protection
#include <mcuxClAes.h>
#include <mcuxClExample_RNG_Helper.h>
static const uint8_t plain[] = {
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U
};
static const uint8_t nonce[] = {
0xffU, 0xffU, 0xffU, 0xffU, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U
};
static const uint8_t keyBytes[] = {
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U,
0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U, 0x00U
};
static const uint8_t tagReference[] = {
0x8bU, 0x30U, 0x7fU, 0x6bU, 0x33U, 0x28U, 0x6dU, 0x0aU,
0xb0U, 0x26U, 0xa9U, 0xedU, 0x3fU, 0xe1U, 0xe8U, 0x5fU
};
static const uint8_t encryptedReference[] = {
0x56U, 0xb3U, 0x37U, 0x3cU, 0xa9U, 0xefU, 0x6eU, 0x4aU,
0x2bU, 0x64U, 0xfeU, 0x1eU, 0x9aU, 0x17U, 0xb6U, 0x14U,
0x25U, 0xf1U, 0x0dU, 0x47U, 0xa7U, 0x5aU, 0x5fU, 0xceU,
0x13U, 0xefU, 0xc6U, 0xbcU, 0x78U, 0x4aU, 0xf2U, 0x4fU,
0x41U, 0x41U, 0xbdU, 0xd4U, 0x8cU, 0xf7U, 0xc7U, 0x70U,
0x88U, 0x7aU, 0xfdU, 0x57U, 0x3cU, 0xcaU, 0x54U, 0x18U,
0xa9U, 0xaeU, 0xffU, 0xcdU, 0x7cU, 0x5cU, 0xedU, 0xdfU,
0xc6U, 0xa7U, 0x83U, 0x97U, 0xb9U, 0xa8U, 0x5bU, 0x49U,
0x9dU, 0xa5U, 0x58U, 0x25U, 0x72U, 0x67U, 0xcaU, 0xabU,
0x2aU, 0xd0U, 0xb2U, 0x3cU, 0xa4U, 0x76U, 0xa5U, 0x3cU,
0xb1U, 0x7fU, 0xb4U, 0x1cU, 0x4bU, 0x8bU, 0x47U, 0x5cU,
0xb4U, 0xf3U, 0xf7U, 0x16U, 0x50U, 0x94U, 0xc2U, 0x29U,
0xc9U, 0xe8U, 0xc4U, 0xdcU, 0x0aU, 0x2aU, 0x5fU, 0xf1U,
0x90U, 0x3eU, 0x50U, 0x15U, 0x11U, 0x22U, 0x13U, 0x76U,
0xa1U, 0xcdU, 0xb8U, 0x36U, 0x4cU, 0x50U, 0x61U, 0xa2U,
0x0cU, 0xaeU, 0x74U, 0xbcU, 0x4aU, 0xcdU, 0x76U, 0xceU,
0xb0U, 0xabU, 0xc9U, 0xfdU, 0x32U, 0x17U, 0xefU, 0x9fU,
0x8cU, 0x90U, 0xbeU, 0x40U, 0x2dU, 0xdfU, 0x6dU, 0x86U,
0x97U, 0xf4U, 0xf8U, 0x80U, 0xdfU, 0xf1U, 0x5bU, 0xfbU,
0x7aU, 0x6bU, 0x28U, 0x24U, 0x1eU, 0xc8U, 0xfeU, 0x18U,
0x3cU, 0x2dU, 0x59U, 0xe3U, 0xf9U, 0xdfU, 0xffU, 0x65U,
0x3cU, 0x71U, 0x26U, 0xf0U, 0xacU, 0xb9U, 0xe6U, 0x42U,
0x11U, 0xf4U, 0x2bU, 0xaeU, 0x12U, 0xafU, 0x46U, 0x2bU,
0x10U, 0x70U, 0xbeU, 0xf1U, 0xabU, 0x5eU, 0x36U, 0x06U,
0x87U, 0x2cU, 0xa1U, 0x0dU, 0xeeU, 0x15U, 0xb3U, 0x24U,
0x9bU, 0x1aU, 0x1bU, 0x95U, 0x8fU, 0x23U, 0x13U, 0x4cU,
0x4bU, 0xccU, 0xb7U, 0xd0U, 0x32U, 0x00U, 0xbcU, 0xe4U,
0x20U, 0xa2U, 0xf8U, 0xebU, 0x66U, 0xdcU, 0xf3U, 0x64U,
0x4dU, 0x14U, 0x23U, 0xc1U, 0xb5U, 0x69U, 0x90U, 0x03U,
0xc1U, 0x3eU, 0xceU, 0xf4U, 0xbfU, 0x38U, 0xa3U, 0xb6U,
0x0eU, 0xedU, 0xc3U, 0x40U, 0x33U, 0xbaU, 0xc1U, 0x90U,
0x27U, 0x83U, 0xdcU, 0x6dU, 0x89U, 0xe2U, 0xe7U, 0x74U,
0x18U, 0x8aU, 0x43U, 0x9cU, 0x7eU, 0xbcU, 0xc0U, 0x67U,
0x2dU, 0xbdU, 0xa4U, 0xddU, 0xcfU, 0xb2U, 0x79U, 0x46U,
0x13U, 0xb0U, 0xbeU, 0x41U, 0x31U, 0x5eU, 0xf7U, 0x78U,
0x70U, 0x8aU, 0x70U, 0xeeU, 0x7dU, 0x75U, 0x16U, 0x5cU
};
MCUXCLEXAMPLE_FUNCTION(mcuxClAeadModes_Gcm_Aes128_Oneshot_LongNonce_example)
{
/**************************************************************************/
/* Preparation */
/**************************************************************************/
mcuxClSession_Descriptor_t sessionDesc;
mcuxClSession_Handle_t session = &sessionDesc;
MCUXCLBUFFER_INIT_RO(plainBuf, session, plain, sizeof(plain));
MCUXCLBUFFER_INIT_RO(adataBuf, session, NULL, 0);
MCUXCLBUFFER_INIT_RO(nonceBuf, session, nonce, sizeof(nonce));
/* Allocate and initialize session */
#define maxBufferSize (((MCUXCLAEAD_ENCRYPT_CPU_WA_BUFFER_SIZE > MCUXCLAEAD_DECRYPT_CPU_WA_BUFFER_SIZE) ? \
MCUXCLAEAD_ENCRYPT_CPU_WA_BUFFER_SIZE : MCUXCLAEAD_DECRYPT_CPU_WA_BUFFER_SIZE) + MCUXCLRANDOM_NCINIT_WACPU_SIZE)
MCUXCLEXAMPLE_ALLOCATE_AND_INITIALIZE_SESSION(session, maxBufferSize, 0U);
/* Initialize the PRNG */
MCUXCLEXAMPLE_INITIALIZE_PRNG(session);
uint32_t keyDesc[MCUXCLKEY_DESCRIPTOR_SIZE_IN_WORDS];
MCUX_CSSL_ANALYSIS_START_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
mcuxClKey_Handle_t key = (mcuxClKey_Handle_t) &keyDesc;
MCUX_CSSL_ANALYSIS_STOP_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(ki_status, ki_token, mcuxClKey_init(
/* mcuxClSession_Handle_t session */ session,
/* mcuxClKey_Handle_t key */ key,
/* const mcuxClKey_Type_t * type */ mcuxClKey_Type_Aes128,
/* uint8_t * pKeyData */ keyBytes,
/* uint32_t keyDataLength */ sizeof(keyBytes))
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClKey_init) != ki_token) || (MCUXCLKEY_STATUS_OK != ki_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* One-shot Encryption */
/**************************************************************************/
uint32_t encryptedOneShotSize = 0U;
uint8_t encryptedOneshotData[sizeof(encryptedReference)];
MCUXCLBUFFER_INIT(encryptedOneshotDataBuf, session, encryptedOneshotData, sizeof(encryptedOneshotData));
uint8_t tagOneshotData[sizeof(tagReference)];
MCUXCLBUFFER_INIT(tagOneshotDataBuf, session, tagOneshotData, sizeof(tagOneshotData));
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(e_status, e_token, mcuxClAead_encrypt(
/* mcuxClSession_Handle_t session: */ session,
/* const mcuxClKey_Handle_t key: */ key,
/* const mcuxClAead_Mode_t * const mode: */ mcuxClAead_Mode_GCM,
/* mcuxCl_InputBuffer_t nonce */ nonceBuf,
/* uint32_t nonceSize, */ sizeof(nonce),
/* mcuxCl_InputBuffer_t in */ plainBuf,
/* uint32_t inSize, */ sizeof(plain),
/* mcuxCl_InputBuffer_t adata */ adataBuf,
/* uint32_t adataSize, */ 0,
/* mcuxCl_Buffer_t out, */ encryptedOneshotDataBuf,
/* uint32_t * const outSize */ &encryptedOneShotSize,
/* mcuxCl_Buffer_t tag, */ tagOneshotDataBuf,
/* const uint32_t tagSize, */ sizeof(tagReference))
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClAead_encrypt) != e_token) || (MCUXCLAEAD_STATUS_OK != e_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* One-shot Decryption */
/**************************************************************************/
uint32_t decryptedOneshotSize = 0U;
uint8_t decryptedOneshotData[sizeof(plain)];
MCUXCLBUFFER_INIT(decryptedOneshotDataBuf, session, decryptedOneshotData, sizeof(decryptedOneshotData));
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(d_status, d_token, mcuxClAead_decrypt(
/* mcuxClSession_Handle_t session: */ session,
/* const mcuxClKey_Handle_t key: */ key,
/* const mcuxClAead_Mode_t * const mode: */ mcuxClAead_Mode_GCM,
/* mcuxCl_InputBuffer_t nonce, */ nonceBuf,
/* const uint32_t nonceSize, */ sizeof(nonce),
/* mcuxCl_InputBuffer_t in */ encryptedOneshotDataBuf,
/* uint32_t inSize, */ encryptedOneShotSize,
/* mcuxCl_InputBuffer_t adata */ adataBuf,
/* const uint32_t adataSize, */ 0,
/* mcuxCl_Buffer_t tag, */ tagOneshotDataBuf,
/* const uint32_t tagSize, */ sizeof(tagReference),
/* mcuxCl_Buffer_t out, */ decryptedOneshotDataBuf,
/* uint32_t * const outSize */ &decryptedOneshotSize)
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClAead_decrypt) != d_token) || (MCUXCLAEAD_STATUS_OK != d_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Destroy the current session */
/**************************************************************************/
if(!mcuxClExample_Session_Clean(session))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/**************************************************************************/
/* Verification */
/**************************************************************************/
MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("Initialized by MCUXCLBUFFER_INIT")
if (!mcuxClCore_assertEqual(encryptedOneshotData, encryptedReference, sizeof(encryptedReference)))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("Initialized by MCUXCLBUFFER_INIT")
if (!mcuxClCore_assertEqual(tagOneshotData, tagReference, sizeof(tagReference)))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
if (sizeof(encryptedReference) != encryptedOneShotSize)
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
if (!mcuxClCore_assertEqual(plain, decryptedOneshotData, sizeof(plain)))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
if (sizeof(plain) != decryptedOneshotSize)
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
return MCUXCLEXAMPLE_STATUS_OK;
}
mcuxClAead.h
Top-level include file for the mcuxClAead component.
mcuxClAeadModes.h
Top-level include file for the mcuxClAeadModes component.
mcuxClAes.h
Top-level include file for the mcuxClAes component.
mcuxClBuffer.h
Top-level include file for the mcuxClBuffer component.
mcuxClCore_FunctionIdentifiers.h
Definition of function identifiers for the flow protection mechanism.
mcuxClKey.h
Top-level include file for the mcuxClKey component.
mcuxClSession.h
Top-level include file for the mcuxClSession component.
mcuxCsslFlowProtection.h
Provides the API for the CSSL flow protection mechanism.
MCUXCLAEAD_STATUS_OK
#define MCUXCLAEAD_STATUS_OK
Aead function returned successfully.
Definition mcuxClAead_Constants.h:32
mcuxClAead_encrypt
mcuxClAead_Status_t mcuxClAead_encrypt(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClAead_Mode_t mode, mcuxCl_InputBuffer_t pNonce, uint32_t nonceLength, mcuxCl_InputBuffer_t pIn, uint32_t inLength, mcuxCl_InputBuffer_t pAdata, uint32_t adataLength, mcuxCl_Buffer_t pOut, uint32_t *const pOutLength, mcuxCl_Buffer_t pTag, uint32_t tagLength)
One-shot authenticated encryption function.
mcuxClAead_decrypt
mcuxClAead_Status_t mcuxClAead_decrypt(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClAead_Mode_t mode, mcuxCl_InputBuffer_t pNonce, uint32_t nonceLength, mcuxCl_InputBuffer_t pIn, uint32_t inLength, mcuxCl_InputBuffer_t pAdata, uint32_t adataLength, mcuxCl_InputBuffer_t pTag, uint32_t tagLength, mcuxCl_Buffer_t pOut, uint32_t *const pOutLength)
One-shot authenticated decryption function.
mcuxClAead_Mode_GCM
static mcuxClAead_Mode_t mcuxClAead_Mode_GCM
GCM mode.
Definition mcuxClAeadModes_Modes.h:68
mcuxClKey_Type_Aes128
static const mcuxClKey_Type_t mcuxClKey_Type_Aes128
Key type pointer for AES-128 based keys.
Definition mcuxClAes_KeyTypes.h:51
MCUXCLBUFFER_INIT
#define MCUXCLBUFFER_INIT(name, info, ptr, size)
Initialize an input/output buffer (mcuxCl_Buffer_t).
Definition mcuxClBuffer.h:67
MCUXCLBUFFER_INIT_RO
#define MCUXCLBUFFER_INIT_RO(name, info, ptr, size)
Initialize an input buffer (mcuxCl_InputBuffer_t) with plain CPU handling.
Definition mcuxClBuffer.h:84
MCUXCLKEY_STATUS_OK
#define MCUXCLKEY_STATUS_OK
Key operation successful.
Definition mcuxClKey_Constants.h:40
mcuxClKey_init
mcuxClKey_Status_t mcuxClKey_init(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClKey_Type_t type, const uint8_t *pKeyData, uint32_t keyDataLength)
Initializes a key handle.
mcuxClKey_Handle_t
mcuxClKey_Descriptor_t *const mcuxClKey_Handle_t
Key handle type.
Definition mcuxClKey_Types.h:91
mcuxClSession_Handle_t
mcuxClSession_Descriptor_t *const mcuxClSession_Handle_t
Type for mcuxClSession Handle.
Definition mcuxClSession_Types.h:98
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN
#define MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(...)
Call a flow protected function and check the protection token.
Definition mcuxCsslFlowProtection.h:623
MCUX_CSSL_FP_FUNCTION_CALLED
#define MCUX_CSSL_FP_FUNCTION_CALLED(...)
Expectation of a called function.
Definition mcuxCsslFlowProtection.h:777
MCUX_CSSL_FP_FUNCTION_CALL_END
#define MCUX_CSSL_FP_FUNCTION_CALL_END(...)
End a function call section started by MCUX_CSSL_FP_FUNCTION_CALL_BEGIN.
Definition mcuxCsslFlowProtection.h:658