SDK版本17.0.2
AES包含的C文件
<folder Name="nrf_cc310">
<file file_name="../../../../../../external/nrf_cc310/lib/cortex-m4/hard-float/libnrf_cc310_0.9.13.a" />
</folder>
<folder Name="nRF_Crypto backend nRF HW">
<file file_name="../../../../../../components/libraries/crypto/backend/nrf_hw/nrf_hw_backend_init.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/nrf_hw/nrf_hw_backend_rng.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/nrf_hw/nrf_hw_backend_rng_mbedtls.c" />
</folder>
<folder Name="nRF_Crypto backend uECC">
<file file_name="../../../../../../components/libraries/crypto/backend/micro_ecc/micro_ecc_backend_ecc.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/micro_ecc/micro_ecc_backend_ecdh.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/micro_ecc/micro_ecc_backend_ecdsa.c" />
</folder>
<folder Name="nRF_Crypto backend mbed TLS">
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_aes.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_aes_aead.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_ecc.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_ecdh.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_ecdsa.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_hash.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_hmac.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/mbedtls/mbedtls_backend_init.c" />
</folder>
<folder Name="nRF_Crypto">
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_aead.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_aes.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_aes_shared.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_ecc.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_ecdh.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_ecdsa.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_eddsa.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_error.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_hash.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_hkdf.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_hmac.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_init.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_rng.c" />
<file file_name="../../../../../../components/libraries/crypto/nrf_crypto_shared.c" />
</folder>
<folder Name="nRF_Oberon_Crypto">
<file file_name="../../../../../../external/nrf_oberon/lib/cortex-m4/hard-float/liboberon_3.0.6.a" />
</folder>
<folder Name="nRF_Crypto backend CC310">
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_aes.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_aes_aead.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_chacha_poly_aead.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_ecc.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_ecdh.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_ecdsa.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_eddsa.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_hash.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_hmac.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_init.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_mutex.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_rng.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/cc310/cc310_backend_shared.c" />
</folder>
<folder Name="nRF_Crypto backend cifra">
<file file_name="../../../../../../components/libraries/crypto/backend/cifra/cifra_backend_aes_aead.c" />
</folder>
<folder Name="nRF_Crypto backend Oberon">
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_chacha_poly_aead.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_ecc.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_ecdh.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_ecdsa.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_eddsa.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_hash.c" />
<file file_name="../../../../../../components/libraries/crypto/backend/oberon/oberon_backend_hmac.c" />
</folder>
<folder Name="nRF_TLS">
<file file_name="../../../../../../external/mbedtls/library/aes.c" />
<file file_name="../../../../../../external/mbedtls/library/aesni.c" />
<file file_name="../../../../../../external/mbedtls/library/arc4.c" />
<file file_name="../../../../../../external/mbedtls/library/aria.c" />
<file file_name="../../../../../../external/mbedtls/library/asn1parse.c" />
<file file_name="../../../../../../external/mbedtls/library/asn1write.c" />
<file file_name="../../../../../../external/mbedtls/library/base64.c" />
<file file_name="../../../../../../external/mbedtls/library/bignum.c" />
<file file_name="../../../../../../external/mbedtls/library/blowfish.c" />
<file file_name="../../../../../../external/mbedtls/library/camellia.c" />
<file file_name="../../../../../../external/mbedtls/library/ccm.c" />
<file file_name="../../../../../../external/mbedtls/library/certs.c" />
<file file_name="../../../../../../external/mbedtls/library/chacha20.c" />
<file file_name="../../../../../../external/mbedtls/library/chachapoly.c" />
<file file_name="../../../../../../external/mbedtls/library/cipher.c" />
<file file_name="../../../../../../external/mbedtls/library/cipher_wrap.c" />
<file file_name="../../../../../../external/mbedtls/library/cmac.c" />
<file file_name="../../../../../../external/mbedtls/library/ctr_drbg.c" />
<file file_name="../../../../../../external/mbedtls/library/debug.c" />
<file file_name="../../../../../../external/mbedtls/library/des.c" />
<file file_name="../../../../../../external/mbedtls/library/dhm.c" />
<file file_name="../../../../../../external/mbedtls/library/ecdh.c" />
<file file_name="../../../../../../external/mbedtls/library/ecdsa.c" />
<file file_name="../../../../../../external/mbedtls/library/ecjpake.c" />
<file file_name="../../../../../../external/mbedtls/library/ecp.c" />
<file file_name="../../../../../../external/mbedtls/library/ecp_curves.c" />
<file file_name="../../../../../../external/mbedtls/library/entropy.c" />
<file file_name="../../../../../../external/mbedtls/library/entropy_poll.c" />
<file file_name="../../../../../../external/mbedtls/library/error.c" />
<file file_name="../../../../../../external/mbedtls/library/gcm.c" />
<file file_name="../../../../../../external/mbedtls/library/havege.c" />
<file file_name="../../../../../../external/mbedtls/library/hmac_drbg.c" />
<file file_name="../../../../../../external/mbedtls/library/md.c" />
<file file_name="../../../../../../external/mbedtls/library/md2.c" />
<file file_name="../../../../../../external/mbedtls/library/md4.c" />
<file file_name="../../../../../../external/mbedtls/library/md5.c" />
<file file_name="../../../../../../external/mbedtls/library/md_wrap.c" />
<file file_name="../../../../../../external/mbedtls/library/memory_buffer_alloc.c" />
<file file_name="../../../../../../external/mbedtls/library/net_sockets.c" />
<file file_name="../../../../../../external/mbedtls/library/nist_kw.c" />
<file file_name="../../../../../../external/mbedtls/library/oid.c" />
<file file_name="../../../../../../external/mbedtls/library/padlock.c" />
<file file_name="../../../../../../external/mbedtls/library/pem.c" />
<file file_name="../../../../../../external/mbedtls/library/pk.c" />
<file file_name="../../../../../../external/mbedtls/library/pk_wrap.c" />
<file file_name="../../../../../../external/mbedtls/library/pkcs11.c" />
<file file_name="../../../../../../external/mbedtls/library/pkcs12.c" />
<file file_name="../../../../../../external/mbedtls/library/pkcs5.c" />
<file file_name="../../../../../../external/mbedtls/library/pkparse.c" />
<file file_name="../../../../../../external/mbedtls/library/pkwrite.c" />
<file file_name="../../../../../../external/mbedtls/library/platform.c" />
<file file_name="../../../../../../external/mbedtls/library/platform_util.c" />
<file file_name="../../../../../../external/mbedtls/library/poly1305.c" />
<file file_name="../../../../../../external/mbedtls/library/ripemd160.c" />
<file file_name="../../../../../../external/mbedtls/library/rsa.c" />
<file file_name="../../../../../../external/mbedtls/library/rsa_internal.c" />
<file file_name="../../../../../../external/mbedtls/library/sha1.c" />
<file file_name="../../../../../../external/mbedtls/library/sha256.c" />
<file file_name="../../../../../../external/mbedtls/library/sha512.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_cache.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_ciphersuites.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_cli.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_cookie.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_srv.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_ticket.c" />
<file file_name="../../../../../../external/mbedtls/library/ssl_tls.c" />
<file file_name="../../../../../../external/mbedtls/library/threading.c" />
<file file_name="../../../../../../external/mbedtls/library/version.c" />
<file file_name="../../../../../../external/mbedtls/library/version_features.c" />
<file file_name="../../../../../../external/mbedtls/library/x509.c" />
<file file_name="../../../../../../external/mbedtls/library/x509_create.c" />
<file file_name="../../../../../../external/mbedtls/library/x509_crl.c" />
<file file_name="../../../../../../external/mbedtls/library/x509_crt.c" />
<file file_name="../../../../../../external/mbedtls/library/x509_csr.c" />
<file file_name="../../../../../../external/mbedtls/library/x509write_crt.c" />
<file file_name="../../../../../../external/mbedtls/library/x509write_csr.c" />
<file file_name="../../../../../../external/mbedtls/library/xtea.c" />
</folder>
AES包含文件路径
../../../
../../../core
../../../core/ble
../../../core/acs
../../../../../../components/ble/ble_link_ctx_manager
../../../../../../components/libraries/crypto
../../../../../../components/libraries/crypto/backend/cc310
../../../../../../components/libraries/crypto/backend/cc310_bl
../../../../../../components/libraries/crypto/backend/cifra
../../../../../../components/libraries/crypto/backend/mbedtls
../../../../../../components/libraries/crypto/backend/micro_ecc
../../../../../../components/libraries/crypto/backend/nrf_hw
../../../../../../components/libraries/crypto/backend/nrf_sw
../../../../../../components/libraries/crypto/backend/oberon
../../../../../../components/libraries/crypto/backend/optiga
../../../../../../components/libraries/stack_info
../../../../../../components/libraries/mem_manager
../../../../../../external/cifra_AES128-EAX
../../../../../../external/fnmatch
../../../../../../external/mbedtls/include
../../../../../../external/micro-ecc/micro-ecc
../../../../../../external/nrf_cc310/include
../../../../../../external/nrf_oberon
../../../../../../external/nrf_oberon/include
../../../../../../external/nrf_tls/mbedtls/nrf_crypto/config
../../../../../../external/mbedtls/library
AES的宏定义
MBEDTLS_CONFIG_FILE="nrf_crypto_mbedtls_config.h"
NRF_CRYPTO_MAX_INSTANCE_COUNT=1
uECC_ENABLE_VLI_API=0
uECC_OPTIMIZATION_LEVEL=3
uECC_SQUARE_FUNC=0
uECC_SUPPORT_COMPRESSED_POINT=0
uECC_VLI_NATIVE_LITTLE_ENDIAN=1
生成public key 和 private key
ret_code_t btk_ble_crypto_key_pair_generate(void)
{
ret_code_t err_code = NRF_SUCCESS;
size_t size;
static nrf_crypto_ecc_public_key_t device_public_key;
NRF_LOG_INFO("Generating new key pair");
err_code = nrf_crypto_ecc_key_pair_generate(NULL,
&g_nrf_crypto_ecc_secp256r1_curve_info,
&m_device_private_key,
&device_public_key);
DEMO_ERROR_CHECK(err_code);
size = sizeof(raw_device_public_key_buffer);
err_code = nrf_crypto_ecc_public_key_to_raw(&device_public_key,
raw_device_public_key_buffer,
&size);
DEMO_ERROR_CHECK(err_code);
err_code = nrf_crypto_ecc_public_key_free(&device_public_key);
DEMO_ERROR_CHECK(err_code);
NRF_LOG_INFO(" --> public key size = %d", sizeof(raw_device_public_key_buffer));
NRF_LOG_HEXDUMP_INFO(raw_device_public_key_buffer, sizeof(raw_device_public_key_buffer));
// NRF_LOG_INFO(" --> private key size = %d", sizeof(m_device_private_key.key_secp256r1.key));
// BTK_LOG_HEXDUMP_INFO(m_device_private_key.key_secp256r1.key, sizeof(m_device_private_key.key_secp256r1.key));
return err_code;
}
生成shared key
ret_code_t btk_ble_crypto_shared_key(uint8_t *p_pkey, size_t len, uint8_t *p_generated_pkey)
{
ret_code_t err_code = NRF_SUCCESS;
static nrf_crypto_ecc_public_key_t public_key;
size_t size;
nrf_crypto_ecc_secp256r1_raw_public_key_t raw_public_key;
memcpy(raw_public_key, p_pkey, len);
// bitLock receives Alice's raw public key
// size=sizeof(raw_public_key);
size = len;
// bitLock converts Alice's raw public key to internal representation
err_code = nrf_crypto_ecc_public_key_from_raw(&g_nrf_crypto_ecc_secp256r1_curve_info,
&public_key,
raw_public_key,
size);
DEMO_ERROR_CHECK(err_code);
// bitLock computes shared secret using ECDH
size = sizeof(m_shared_secret);
err_code = nrf_crypto_ecdh_compute(NULL,
&m_device_private_key,
&public_key,
m_shared_secret,
&size);
DEMO_ERROR_CHECK(err_code);
// bitLock can now use shared secret
NRF_LOG_INFO("Shared secret: size = %d", size);
NRF_LOG_HEXDUMP_INFO(m_shared_secret, size);
memcpy(btk_acs.btk_app_shared_secret_key,
m_shared_secret,
NRF_CRYPTO_ECDH_SECP256R1_SHARED_SECRET_SIZE);
// Key deallocation
err_code = nrf_crypto_ecc_public_key_free(&public_key);
DEMO_ERROR_CHECK(err_code);
memcpy(p_generated_pkey, raw_device_public_key_buffer, sizeof(raw_device_public_key_buffer));
}
数据加密
ret_code_t btk_ble_crypto_aes_encrypt(
uint8_t *p_str,
size_t len,
uint8_t *p_encrypted_data,
size_t *p_encrypted_size)
{
ret_code_t ret_val;
size_t len_padding;
size_t len_in;
size_t len_out = *p_encrypted_size;
nrf_crypto_aes_info_t const * p_ecb_info;
nrf_crypto_aes_context_t ecb_encr_ctx;
#ifdef LOGGING_CRYPTO_IO
debug_printf("ENCRYPTING length: %d (%02x)\n", len, len);
for (int i = 0; i < len; i++) {
debug_printf("%02x", p_str[i]);
}
debug_printf("\n--- \n");
#endif
NRF_LOG_INFO("Encrypt AES mode: ECB | ");
m_key_size = NRF_CRYPTO_KEY_SIZE_128;
switch (m_key_size)
{
case NRF_CRYPTO_KEY_SIZE_128:
{
p_ecb_info = &g_nrf_crypto_aes_ecb_128_info;
NRF_LOG_INFO("Encrypt AES key: 128 bit");
// BTK_LOG_HEXDUMP_INFO(btk_info.btk_info_acs.btk_app_shared_secret_key, 16);
break;
}
#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_MBEDTLS_AES_ECB)
case NRF_CRYPTO_KEY_SIZE_192:
p_ecb_info = &g_nrf_crypto_aes_ecb_192_info;
// NRF_LOG_INFO("AES key: 192 bit");
break;
case NRF_CRYPTO_KEY_SIZE_256:
p_ecb_info = &g_nrf_crypto_aes_ecb_256_info;
// NRF_LOG_INFO("AES key: 256 bit");
break;
#endif
default:
return 0;
}
memcpy(m_plain_text, p_str, len);
memset(m_plain_text + len, 0, 16);
len_in = ((len / 16) + 1) * 16;
/* Encrypt text with integrated function */
ret_val = nrf_crypto_aes_crypt(
&ecb_encr_ctx,
p_ecb_info,
NRF_CRYPTO_ENCRYPT,
btk_info.btk_info_acs.btk_app_shared_secret_key,
NULL,
(uint8_t *)m_plain_text,
len_in,
(uint8_t *)p_encrypted_data,
&len_out
);
(*p_encrypted_size) = len_out;
#ifdef LOGGING_CRYPTO_IO
debug_printf("ENCRYPTED length: %d (%02x)\n", len_out, len_out);
for (int i = 0; i < len_out; i++) {
debug_printf("%02x", p_encrypted_data[i]);
}
debug_printf("\n--- \n");
#endif
NRF_LOG_INFO(" --> Encrypted: size = %d", (*p_encrypted_size));
BTK_LOG_HEXDUMP_INFO(p_encrypted_data, (*p_encrypted_size));
return ret_val;
}
数据解密
ret_code_t btk_ble_crypto_ecb_decrypt(
uint8_t *p_str,
size_t len,
uint8_t *p_decrypted_data,
size_t *p_decrypted_size)
{
ret_code_t ret_val;
size_t len_in;
size_t len_out;
nrf_crypto_aes_info_t const * p_ecb_info;
nrf_crypto_aes_context_t ecb_decr_ctx;
#ifdef LOGGING_CRYPTO_IO
debug_printf("DECRYPTING length: %d (%02x) \n", len, len);
for (int i = 0; i < len; i++) {
debug_printf("%02x", p_str[i]);
}
debug_printf("\n--- \n");
#endif
memset(p_decrypted_data, 0, sizeof(p_decrypted_data));
NRF_LOG_INFO("Decrypt AES mode: ECB | ");
m_key_size = NRF_CRYPTO_KEY_SIZE_128;
switch (m_key_size)
{
case NRF_CRYPTO_KEY_SIZE_128:
{
p_ecb_info = &g_nrf_crypto_aes_ecb_128_info;
NRF_LOG_INFO("AES key: 128 bit");
// BTK_LOG_HEXDUMP_INFO(btk_info.btk_info_acs.btk_app_shared_secret_key, 16);
break;
}
#if NRF_MODULE_ENABLED(NRF_CRYPTO_BACKEND_MBEDTLS_AES_ECB)
case NRF_CRYPTO_KEY_SIZE_192:
p_ecb_info = &g_nrf_crypto_aes_ecb_192_info;
NRF_LOG_INFO("AES key: 192 bit");
break;
case NRF_CRYPTO_KEY_SIZE_256:
p_ecb_info = &g_nrf_crypto_aes_ecb_256_info;
NRF_LOG_INFO("AES key: 256 bit");
break;
#endif
default:
return;
}
len_in = len;
ret_val = nrf_crypto_aes_init(&ecb_decr_ctx,
p_ecb_info,
NRF_CRYPTO_DECRYPT);
/* Set encryption and decryption key */
ret_val = nrf_crypto_aes_key_set(&ecb_decr_ctx, btk_info.btk_info_acs.btk_app_shared_secret_key);
/* Decrypt blocks */
// NRF_LOG_INFO(" --> Decrypt: size = %d", len_in);
// BTK_LOG_HEXDUMP_INFO(p_str, len_in);
len_out = BTK_BLE_CRYPTO_MAX_DATA_SIZE;
ret_val = nrf_crypto_aes_finalize(&ecb_decr_ctx,
(uint8_t *)p_str,
len_in,
(uint8_t *)p_decrypted_data,
&len_out);
(*p_decrypted_size) = len_out;
#ifdef LOGGING_CRYPTO_IO
debug_printf("DECRYPTED length: %d (%02x)\n", *p_decrypted_size, *p_decrypted_size);
for (int i = 0; i < *p_decrypted_size; i++) {
debug_printf("%02x", p_decrypted_data[i]);
}
debug_printf("\n--- \n");
#endif
NRF_LOG_INFO(" --> Decrypted: size = %d", (*p_decrypted_size));
BTK_LOG_HEXDUMP_INFO(p_decrypted_data, (*p_decrypted_size));
return ret_val;
}