MCUX CLNS
MCUX Crypto Library Normal Secure
Loading...
Searching...
No Matches
mcuxClCipherModes_Ecb_Aes128_Oneshot_PreloadedKey_example.c

Example for the mcuxClCipherModes component.

Example for the mcuxClCipherModes component

/*--------------------------------------------------------------------------*/
/* Copyright 2024-2025 NXP */
/* */
/* NXP Confidential and Proprietary. This software is owned or controlled */
/* by NXP and may only be used strictly in accordance with the applicable */
/* license terms. By expressly accepting such terms or by downloading, */
/* installing, activating and/or otherwise using the software, you are */
/* agreeing that you have read, and that you agree to comply with and are */
/* bound by, such license terms. If you do not agree to be bound by the */
/* applicable license terms, then you may not retain, install, activate or */
/* otherwise use the software. */
/*--------------------------------------------------------------------------*/
#include <mcuxClSession.h>
#include <mcuxClKey.h>
#include <mcuxClAes.h> // Interface to AES-related definitions and types
#include <mcuxClCipher.h> // Interface to the entire mcuxClCipher component
#include <mcuxClCipherModes.h> // Interface to the entire mcuxClCipherModes component
#include <mcuxCsslFlowProtection.h>
#include <mcuxClCore_FunctionIdentifiers.h> // Code flow protection
#include <mcuxClBuffer.h>
#include <mcuxClCore_Examples.h>
#include <mcuxClExample_Session_Helper.h>
#include <mcuxClExample_RNG_Helper.h>
static const uint8_t plain[64] = {
0x61U, 0x62U, 0x63U, 0x64U, 0x65U, 0x66U, 0x67U, 0x68U,
0x69U, 0x6AU, 0x6BU, 0x6CU, 0x6DU, 0x6EU, 0x6FU, 0x70U,
0x62U, 0x63U, 0x64U, 0x65U, 0x66U, 0x67U, 0x68U, 0x69U,
0x6AU, 0x6BU, 0x6CU, 0x6DU, 0x6EU, 0x6FU, 0x70U, 0x71U,
0x63U, 0x64U, 0x65U, 0x66U, 0x67U, 0x68U, 0x69U, 0x6AU,
0x6BU, 0x6CU, 0x6DU, 0x6EU, 0x6FU, 0x70U, 0x71U, 0x72U,
0x64U, 0x65U, 0x66U, 0x67U, 0x68U, 0x69U, 0x6AU, 0x6BU,
0x6CU, 0x6DU, 0x6EU, 0x6FU, 0x70U, 0x71U, 0x72U, 0x73U,
};
/* ECB encrypted data */
static const uint8_t encryptedRef[64] = {
0x82U, 0x4FU, 0x7AU, 0xB3U, 0xDFU, 0x5EU, 0x73U, 0x42U,
0x35U, 0xBBU, 0xCFU, 0xEAU, 0xDAU, 0x7EU, 0x74U, 0xC1U,
0x7AU, 0x08U, 0x34U, 0x2DU, 0x49U, 0xACU, 0xADU, 0x72U,
0x0EU, 0xB3U, 0x23U, 0xB6U, 0x49U, 0x42U, 0x01U, 0xF2U,
0x06U, 0x87U, 0x58U, 0xCFU, 0x41U, 0xB0U, 0xD6U, 0x63U,
0x66U, 0x50U, 0x1BU, 0xE8U, 0x05U, 0x66U, 0xA8U, 0xFBU,
0xA9U, 0xC3U, 0x3FU, 0x14U, 0xCAU, 0x96U, 0xB0U, 0x5CU,
0xBFU, 0x0EU, 0x0AU, 0x07U, 0x90U, 0xA9U, 0x1BU, 0xBAU
};
static const uint8_t keyBytes[MCUXCLAES_AES128_KEY_SIZE] = {
0x6BU, 0x6CU, 0x6DU, 0x6EU, 0x6FU, 0x70U, 0x71U, 0x72U,
0x73U, 0x74U, 0x75U, 0x76U, 0x77U, 0x78U, 0x79U, 0x7AU,
};
MCUXCLEXAMPLE_FUNCTION(mcuxClCipherModes_Ecb_Aes128_Oneshot_PreloadedKey_example)
{
/**************************************************************************/
/* Preparation */
/**************************************************************************/
mcuxClSession_Descriptor_t sessionDesc;
mcuxClSession_Handle_t session = &sessionDesc;
#define MCUXCLCIPHERMODES_CPU_WA MCUXCLEXAMPLE_MAX_WA(MCUXCLCIPHER_AES_ENCRYPT_CPU_WA_BUFFER_SIZE, MCUXCLCIPHER_AES_DECRYPT_CPU_WA_BUFFER_SIZE)
/* Allocate and initialize session */
MCUXCLEXAMPLE_ALLOCATE_AND_INITIALIZE_SESSION(session, MCUXCLEXAMPLE_MAX_WA(MCUXCLKEY_LOADCOPRO_CPU_WA_SIZE, MCUXCLEXAMPLE_MAX_WA(MCUXCLCIPHERMODES_CPU_WA, MCUXCLRANDOM_NCINIT_WACPU_SIZE)), 0U);
/* Initialize the PRNG */
MCUXCLEXAMPLE_INITIALIZE_PRNG(session);
uint32_t keyDesc[MCUXCLKEY_DESCRIPTOR_SIZE_IN_WORDS];
MCUX_CSSL_ANALYSIS_START_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
mcuxClKey_Handle_t key = (mcuxClKey_Handle_t) &keyDesc;
MCUX_CSSL_ANALYSIS_STOP_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(ki_status, ki_token, mcuxClKey_init(
/* mcuxClSession_Handle_t session: */ session,
/* mcuxClKey_Handle_t key: */ key,
/* mcuxClKey_Type_t type: */ mcuxClKey_Type_Aes128,
/* uint8_t * pKeyData: */ keyBytes,
/* uint32_t keyDataLength: */ sizeof(keyBytes))
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClKey_init) != ki_token) || (MCUXCLKEY_STATUS_OK != ki_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Key Load */
/* This preloads the key into an SGI key register. */
/* The key will stay in the SGI until it is explicitly flushed. */
/**************************************************************************/
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(kl_status, kl_token, mcuxClKey_loadCopro(
/* mcuxClSession_Handle_t session: */ session,
/* mcuxClKey_Handle_t key: */ key,
/* uint32_t options: */ MCUXCLKEY_LOADOPTION_SLOT_SGI_KEY_2)
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClKey_loadCopro) != kl_token) || (MCUXCLKEY_STATUS_OK != kl_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Encryption */
/**************************************************************************/
uint32_t encryptedSize = 0U;
uint8_t encryptedData[sizeof(encryptedRef)];
MCUXCLBUFFER_INIT_RO(plainBuf, session, plain, sizeof(plain));
MCUXCLBUFFER_INIT(encryptedDataBuf, session, encryptedData, sizeof(encryptedData));
MCUX_CSSL_ANALYSIS_START_SUPPRESS_DEREFERENCE_NULL_POINTER("Pointer is not dereferenced")
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(e_status, e_token, mcuxClCipher_encrypt(
/* mcuxClSession_Handle_t session: */ session,
/* const mcuxClKey_Handle_t key: */ key,
/* mcuxClCipher_Mode_t mode: */ mcuxClCipher_Mode_AES_ECB_NoPadding,
MCUX_CSSL_ANALYSIS_START_SUPPRESS_NULL_POINTER_CONSTANT("NULL is used in code")
/* mcuxCl_InputBuffer_t pIv: */ NULL,
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_NULL_POINTER_CONSTANT()
/* uint32_t ivLength: */ 0U,
/* mcuxCl_InputBuffer_t pIn: */ plainBuf,
/* uint32_t inLength: */ sizeof(plain),
/* mcuxCl_Buffer_t pOut: */ encryptedDataBuf,
/* uint32_t * const outLength: */ &encryptedSize) /* only relevant in case of padding being used */
);
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_DEREFERENCE_NULL_POINTER()
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClCipher_encrypt) != e_token) || (MCUXCLCIPHER_STATUS_OK != e_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Decryption */
/**************************************************************************/
uint32_t decryptedSize = 0U;
uint8_t decryptedData[sizeof(plain)];
MCUXCLBUFFER_INIT(decryptedDataBuf, session, decryptedData, sizeof(decryptedData));
MCUX_CSSL_ANALYSIS_START_SUPPRESS_DEREFERENCE_NULL_POINTER("Pointer pIv is not dereferenced")
MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("encryptedDataBuf initialized by MCUXCLBUFFER_INIT")
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(d_status, d_token, mcuxClCipher_decrypt(
/* mcuxClSession_Handle_t session: */ session,
/* const mcuxClKey_Handle_t key: */ key,
/* mcuxClCipher_Mode_t mode: */ mcuxClCipher_Mode_AES_ECB_NoPadding,
MCUX_CSSL_ANALYSIS_START_SUPPRESS_NULL_POINTER_CONSTANT("NULL is used in code")
/* mcuxCl_InputBuffer_t pIv: */ NULL,
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_NULL_POINTER_CONSTANT()
/* uint32_t ivLength: */ 0U,
/* const mcuxCl_Buffer_t pIn: */ (mcuxCl_Buffer_t) encryptedDataBuf,
/* uint32_t inLength: */ encryptedSize,
/* mcuxCl_Buffer_t pOut: */ decryptedDataBuf,
/* uint32_t * const outLength: */ &decryptedSize) /* only relevant in case of padding being used/removed */
);
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_DEREFERENCE_NULL_POINTER()
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClCipher_decrypt) != d_token) || (MCUXCLCIPHER_STATUS_OK != d_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Key Flush */
/**************************************************************************/
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(kf_status, kf_token, mcuxClKey_flush(
/* mcuxClSession_Handle_t session: */ session,
/* mcuxClKey_Handle_t key: */ key)
);
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClKey_flush) != kf_token) || (MCUXCLKEY_STATUS_OK != kf_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_FP_FUNCTION_CALL_END();
/**************************************************************************/
/* Destroy the current session */
/**************************************************************************/
if(!mcuxClExample_Session_Clean(session))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/**************************************************************************/
/* Verification */
/**************************************************************************/
if(encryptedSize != sizeof(encryptedRef))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("encryptedData initialized by mcuxClCipher_encrypt")
if(!mcuxClCore_assertEqual(encryptedRef, encryptedData, sizeof(encryptedRef)))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
if(sizeof(plain) != decryptedSize)
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("decryptedData initialized by mcuxClCipher_decrypt")
if(!mcuxClCore_assertEqual(plain, decryptedData, sizeof(plain)))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
return MCUXCLEXAMPLE_STATUS_OK;
}
mcuxClAes.h
Top-level include file for the mcuxClAes component.
mcuxClBuffer.h
Top-level include file for the mcuxClBuffer component.
mcuxClCipher.h
Top-level include file for the mcuxClCipher component.
mcuxClCipherModes.h
Top-level include file for the mcuxClCipherModes component.
mcuxClCore_FunctionIdentifiers.h
Definition of function identifiers for the flow protection mechanism.
mcuxClKey.h
Top-level include file for the mcuxClKey component.
mcuxClSession.h
Top-level include file for the mcuxClSession component.
mcuxCsslFlowProtection.h
Provides the API for the CSSL flow protection mechanism.
MCUXCLAES_AES128_KEY_SIZE
#define MCUXCLAES_AES128_KEY_SIZE
AES-128 key size in bytes.
Definition mcuxClAes_Constants.h:40
mcuxClKey_Type_Aes128
static const mcuxClKey_Type_t mcuxClKey_Type_Aes128
Key type pointer for AES-128 based keys.
Definition mcuxClAes_KeyTypes.h:51
MCUXCLBUFFER_INIT
#define MCUXCLBUFFER_INIT(name, info, ptr, size)
Initialize an input/output buffer (mcuxCl_Buffer_t).
Definition mcuxClBuffer.h:67
MCUXCLBUFFER_INIT_RO
#define MCUXCLBUFFER_INIT_RO(name, info, ptr, size)
Initialize an input buffer (mcuxCl_InputBuffer_t) with plain CPU handling.
Definition mcuxClBuffer.h:84
mcuxCl_Buffer_t
uint8_t * mcuxCl_Buffer_t
Input/output buffer type.
Definition mcuxClBuffer_Pointer.h:47
MCUXCLCIPHER_STATUS_OK
#define MCUXCLCIPHER_STATUS_OK
Blocking operation finished successfully.
Definition mcuxClCipher_Constants.h:35
mcuxClCipher_encrypt
mcuxClCipher_Status_t mcuxClCipher_encrypt(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClCipher_Mode_t mode, mcuxCl_InputBuffer_t pIv, uint32_t ivLength, mcuxCl_InputBuffer_t pIn, uint32_t inLength, mcuxCl_Buffer_t pOut, uint32_t *const pOutLength)
One-shot encryption function.
mcuxClCipher_decrypt
mcuxClCipher_Status_t mcuxClCipher_decrypt(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClCipher_Mode_t mode, mcuxCl_InputBuffer_t pIv, uint32_t ivLength, mcuxCl_InputBuffer_t pIn, uint32_t inLength, mcuxCl_Buffer_t pOut, uint32_t *const pOutLength)
One-shot decryption function.
mcuxClCipher_Mode_AES_ECB_NoPadding
static mcuxClCipher_Mode_t mcuxClCipher_Mode_AES_ECB_NoPadding
AES-ECB mode without padding.
Definition mcuxClCipherModes_Modes.h:51
MCUXCLKEY_STATUS_OK
#define MCUXCLKEY_STATUS_OK
Key operation successful.
Definition mcuxClKey_Constants.h:40
MCUXCLKEY_LOADOPTION_SLOT_SGI_KEY_2
#define MCUXCLKEY_LOADOPTION_SLOT_SGI_KEY_2
SGI key slot 2.
Definition mcuxClKey_Constants.h:174
mcuxClKey_init
mcuxClKey_Status_t mcuxClKey_init(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, mcuxClKey_Type_t type, const uint8_t *pKeyData, uint32_t keyDataLength)
Initializes a key handle.
mcuxClKey_flush
mcuxClKey_Status_t mcuxClKey_flush(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key)
Flush key from destination which can be a key slot of coprocessor or memory buffer.
mcuxClKey_loadCopro
mcuxClKey_Status_t mcuxClKey_loadCopro(mcuxClSession_Handle_t session, mcuxClKey_Handle_t key, uint32_t loadOptions)
Load key into destination key slot of a coprocessor.
mcuxClKey_Handle_t
mcuxClKey_Descriptor_t *const mcuxClKey_Handle_t
Key handle type.
Definition mcuxClKey_Types.h:91
mcuxClSession_Handle_t
mcuxClSession_Descriptor_t *const mcuxClSession_Handle_t
Type for mcuxClSession Handle.
Definition mcuxClSession_Types.h:98
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN
#define MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(...)
Call a flow protected function and check the protection token.
Definition mcuxCsslFlowProtection.h:623
MCUX_CSSL_FP_FUNCTION_CALLED
#define MCUX_CSSL_FP_FUNCTION_CALLED(...)
Expectation of a called function.
Definition mcuxCsslFlowProtection.h:777
MCUX_CSSL_FP_FUNCTION_CALL_END
#define MCUX_CSSL_FP_FUNCTION_CALL_END(...)
End a function call section started by MCUX_CSSL_FP_FUNCTION_CALL_BEGIN.
Definition mcuxCsslFlowProtection.h:658