Ciao a tutti,
apro questo post perchè mi sono scontrando un un problema relativo al decrypt di payload attraverso l'AES Accelerator presente nel mio MSP430FR5969.
La mia esigenza è criptare e decriptare payload dati che saranno inviati attraverso un modulo radio.
Putroppo le librerie TI per l'AES fornisco funzione per l' Encryption e le Descryption senza utilizzare i modi di crittografia quali CBC, ECB,CTR,OCB,CFB.
Io ho la necessità di criptare e decriptare utilizzando l'AES 128 CBC.
Dopo essermi letto la parte relativa al AES accelerator sul datasheet (almeno 20 volte) sono riuscito ad implementare correttamente la funziona di cifratura ma purtroppo la decrifatura non funziona.
Per la cifratura utilizzo due canali DMA per il trasferimento dei byte nei registri dell'AES accelerator, mentre la decifratura richiede 3 canali DMA.
Il processo di decrifatura viene portato a termine però i dati decriptati non coincidono con quello in chiaro.
Secondo me il problema è nella reinizializzazione del primo canale DMA che inizialmente viene utilizzato trasferire il vettore di inizializzazione e successivamente verrù utilizzato per trasferire il testo criptato nel registro AESAXIN del AES accelerator.
Di seguito riporto il codice per la configurazione delle periferiche AES e DMA:
Code:
void AES128CBC_Decryption(const uint8_t* key, const uint8_t* IVvector, uint8_t* plainText, uint8_t* cipherText, uint8_t numBlocks)
{
//Reset AES Accelerator
AES256_reset(AES256_BASE);
//Enable Ready Interrupt
AES256_enableInterrupt(AES256_BASE);
//Configure AES
// 1) AES DMA cipher mode disable
HWREG16(AES256_BASE + OFS_AESACTL0) &= ~AESCMEN;
//3) AES Operation Bit
HWREG16(AES256_BASE + OFS_AESACTL0) &= ~AESOP0_L;
// HWREG16(AES256_BASE + OFS_AESACTL0) |= AESOP0_L;
HWREG16(AES256_BASE + OFS_AESACTL0) |= AESOP1_L;
// Load a cipher key to module
//AES256_setDecipherKey(AES256_BASE, key, AES256_KEYLENGTH_128BIT);
loadKey(AES256_BASE, key, AES256_KEYLENGTH_128BIT);
// Enable CBC Mode
AES256_setCBCModeDecryption(AES256_BASE);
// Load a cipher key to module
//AES256_setDecipherKey(AES256_BASE, key, AES256_KEYLENGTH_128BIT);
//Load IV key to module
//AES256_setIV(AES256_BASE, IVvector);
//Config DMA
AES128CBC_DecryptionConfigDMA(IVvector, plainText, cipherText, numBlocks);
//Set AES blocks number and this operation start the AES Accelerator
AES256_setBlockNumber(numBlocks);
while (DMA_getInterruptStatus(DMA_CHANNEL_0) == 0x00); //attnedere il trasferimento del primo blocco decrifrato nel vettore PlainText.
//DMA_clearInterrupt(DMA_CHANNEL_1);
AES128CBC_DecryptionConfigDMAforXOR(cipherText, numBlocks);
while (DMA_getInterruptStatus(DMA_CHANNEL_1) == 0x00); //attende il completamento della decodifica.
}
void AES128CBC_DecryptionConfigDMA(const uint8_t* IVvector, uint8_t* plainText, uint8_t* cypherText, uint8_t numBlocks)
{
DMA_initializeParam DMA_A_param = {0};
DMA_initializeParam DMA_B_param = {0};
DMA_initializeParam DMA_C_param = {0};
/*==== Initialize DMA A: Read AESADOUT Text from PlainText ====*/
DMA_A_param.channelSelect = DMA_CHANNEL_1;
DMA_A_param.transferModeSelect = DMA_TRANSFER_SINGLE;
DMA_A_param.transferSize = numBlocks * 8; // word mode transfer
DMA_A_param.triggerSourceSelect = DMA_TRIGGERSOURCE_12;
DMA_A_param.transferUnitSelect = DMA_SIZE_SRCWORD_DSTWORD;
DMA_A_param.triggerTypeSelect = DMA_TRIGGER_HIGH;
DMA_initialize(&DMA_A_param);
/* Source AESADOUT */
DMA_setSrcAddress(
DMA_CHANNEL_1,
AES256_getDataOutRegister(AES256_BASE),
DMA_DIRECTION_UNCHANGED);
DMA_setDstAddress(
DMA_CHANNEL_1,
(uint32_t)plainText,
DMA_DIRECTION_INCREMENT);
//Enable Interrupt
DMA_enableInterrupt(DMA_CHANNEL_1);
//Enable transfers on DMA channel 1
DMA_enableTransfers(DMA_CHANNEL_1);
/*==== Initialize DMA B: Write Plain Text to AESAXDIN, which also triggers the next encryption ====*/
DMA_B_param.channelSelect = DMA_CHANNEL_2;
DMA_B_param.transferModeSelect = DMA_TRANSFER_SINGLE;
DMA_B_param.transferSize = numBlocks * 8; // word mode transfer
DMA_B_param.triggerSourceSelect = DMA_TRIGGERSOURCE_13;
DMA_B_param.transferUnitSelect = DMA_SIZE_SRCWORD_DSTWORD;
DMA_B_param.triggerTypeSelect = DMA_TRIGGER_HIGH;
DMA_initialize(&DMA_B_param);
/* Source AESADOUT */
DMA_setSrcAddress(
DMA_CHANNEL_2,
(uint32_t)cypherText,
DMA_DIRECTION_INCREMENT);
DMA_setDstAddress(
DMA_CHANNEL_2,
AES256_getDataInRegister(AES256_BASE),
DMA_DIRECTION_UNCHANGED);
//Enable Interrupt
DMA_enableInterrupt(DMA_CHANNEL_2);
//Enable transfers on DMA channel 2
DMA_enableTransfers(DMA_CHANNEL_2);
/*==== Initialize DMA C: Read CipherTexrt Text from AESAXIN ====*/
DMA_C_param.channelSelect = DMA_CHANNEL_0;
DMA_C_param.transferModeSelect = DMA_TRANSFER_SINGLE;
DMA_C_param.transferSize = 8; // Transfer only the 16 byte of first IV Vector
DMA_C_param.triggerSourceSelect = DMA_TRIGGERSOURCE_11;
DMA_C_param.transferUnitSelect = DMA_SIZE_SRCWORD_DSTWORD;
DMA_C_param.triggerTypeSelect = DMA_TRIGGER_HIGH;
DMA_initialize(&DMA_C_param);
/* Source AESADOUT */
DMA_setSrcAddress(
DMA_CHANNEL_0,
(uint32_t)IVvector,
DMA_DIRECTION_INCREMENT);
DMA_setDstAddress(
DMA_CHANNEL_0,
AES256_getXORedDataInRegister(AES256_BASE),
DMA_DIRECTION_UNCHANGED);
//Enable Interrupt
DMA_enableInterrupt(DMA_CHANNEL_0);
//Enable transfers on DMA channel
DMA_enableTransfers(DMA_CHANNEL_0);
}
void AES128CBC_DecryptionConfigDMAforXOR(uint8_t* cypherText, uint8_t numBlocks)
{
DMA_initializeParam DMA_C_param = {0};
/*==== Initialize DMA A: Read AESADOUT Text from PlainText ====*/
DMA_C_param.channelSelect = DMA_CHANNEL_0;
DMA_C_param.transferModeSelect = DMA_TRANSFER_SINGLE;
DMA_C_param.transferSize = (numBlocks - 1) * 8; // word mode transfer
DMA_C_param.triggerSourceSelect = DMA_TRIGGERSOURCE_11;
DMA_C_param.transferUnitSelect = DMA_SIZE_SRCWORD_DSTWORD;
DMA_C_param.triggerTypeSelect = DMA_TRIGGER_HIGH;
DMA_initialize(&DMA_C_param);
/* Source AESADOUT */
DMA_setSrcAddress(
DMA_CHANNEL_0,
(uint32_t)cypherText,
DMA_DIRECTION_INCREMENT
);
DMA_setDstAddress(
DMA_CHANNEL_0,
AES256_getXORedDataInRegister(AES256_BASE),
DMA_DIRECTION_UNCHANGED);
//Enable Interrupt
DMA_enableInterrupt(DMA_CHANNEL_0);
//Clear other DMA Interrupt
// DMA_clearInterrupt(DMA_CHANNEL_1);
// DMA_clearInterrupt(DMA_CHANNEL_2);
//Enable transfers on DMA channel
DMA_enableTransfers(DMA_CHANNEL_0);
DMA_enableTransfers(DMA_CHANNEL_1);
DMA_enableTransfers(DMA_CHANNEL_2);
}
void loadKey(uint16_t baseAddress, const uint8_t* cipherKey, uint8_t keyLength)
{
uint8_t i;
uint16_t tempVariable;
keyLength = keyLength / 8;
uint16_t numBusy = 0;
HWREG16(baseAddress + OFS_AESACTL0) |= AESKL__128;
// Write cipher key to key register
for( i = 0; i < keyLength; i = i + 2 )
{
tempVariable = (uint16_t)(cipherKey[i]);
tempVariable = tempVariable | ((uint16_t)(cipherKey[i + 1]) << 8);
HWREG16(baseAddress + OFS_AESAKEY) = tempVariable;
// HWREG8(baseAddress + OFS_AESAKEY) = (cipherKey[i]);
}
// Wait until key is processed ~52 MCLK
while((HWREG16(baseAddress + OFS_AESASTAT) & AESBUSY) == AESBUSY)
{
numBusy++;
}
while ((HWREG16(AES256_BASE + OFS_AESASTAT) & AESDOUTRD_L) == 0x00)
{
numBusy++;
}
//Wait for AES IT Flag
//while ((HWREG16(AES256_BASE + OFS_AESACTL0) & AESRDYIFG) == 0x00);
}
Qualche idea ???
Ho provato a cercare su google utilizzando lepiù disparete chiavi di ricerca.
Sono ad un punto morto..
Grazie
Federico
