Topic: AES-GCM compilation problem

Dear all,

amongst other crypto blocks (HMAC-SHA256) I want to use AES-GCM in my code. In particular, I want to use wc_AesGcmSetKey(), wc_AesGcmEncrypt() and wc_AesGcmDecrypt(). For test purposes I created the file aead.c with the following content:

#include <wolfssl/wolfcrypt/aes.h>
#include "stdio.h"
#include "string.h"
#include "stdlib.h"
#include "inttypes.h"

...
...

unsigned long __aead(void);

unsigned long __aead()
{
      int  result;
    Aes enc;

    // additional plaintext that is to be authenticated
    // with the plaintext being encrypted
    const byte addAuthData[] =
    {
        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
        0xab, 0xad, 0xda, 0xd2
    };

    const byte key[] =
    {
        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
    };

    const byte iv[] =
    {
        0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
        0xde, 0xca, 0xf8, 0x88
    };

    const byte plaintext[] =
    {
        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
    };

    byte plaintextresult[sizeof(plaintext)];
    byte authTag[32];
    byte ciphertext[32];

    //    set key for AES-GCM
    //    wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
    wc_AesGcmSetKey(&enc, key, sizeof(key));


    //    perform encryption
    /*
    wc_AesGcmEncrypt(Aes* aes, byte* out,
                     const byte* in, word32 sz,
                     const byte* iv, word32 ivSz,
                     byte* authTag, word32 authTagSz,
                     const byte* authIn, word32 authInSz);
    */
    wc_AesGcmEncrypt(&enc, ciphertext,
                    plaintext, sizeof(plaintext),
                    iv, sizeof(iv), 
                    authTag, sizeof(authTag),
                    addAuthData, sizeof(addAuthData));

    //    perform decryption
    /*
    wc_AesGcmDecrypt(Aes* aes, byte* out,
                    const byte* in, word32 sz,
                    const byte* iv, word32 ivSz,
                    const byte* authTag, word32 authTagSz,
                    const byte* authIn, word32 authInSz);
    */
    result = wc_AesGcmDecrypt(&enc, plaintextresult,
                    ciphertext, sizeof(ciphertext),
                    iv, sizeof(iv),
                    authTag, sizeof(authTag),
                    addAuthData, sizeof(addAuthData));

    c_stop = HWREG(DWT_BASE + DWT_O_CYCCNT);

}

My Makefile looks like this:

PART=LM4F120H5QR
VARIANT=cm4f
ROOT=../../..
include ${ROOT}/makedefs
VPATH=../../../third_party/FreeRTOS/Source/portable/GCC/ARM_CM4F
VPATH+=../../../third_party/FreeRTOS/Source/portable/MemMang/
VPATH+=../../../third_party/FreeRTOS/Source
VPATH+=../drivers
VPATH+=../../../utils
VPATH+=../../../utils
VPATH+=wolfcrypt/src/
VPATH+=wolfss/wolfcrypt/
IPATH=.
IPATH+=..
IPATH+=../../..
IPATH+=../../../third_party/FreeRTOS/Source/portable/GCC/ARM_CM4F
IPATH+=../../../third_party/FreeRTOS
IPATH+=../../../third_party/FreeRTOS/Source/include
IPATH+=../../../third_party

all: ${COMPILER}
all: ${COMPILER}/attest_freertos.axf

clean:
    @rm -rf ${COMPILER} ${wildcard *~}


${COMPILER}:
    @mkdir -p ${COMPILER}

${COMPILER}/attest_freertos.axf: ${COMPILER}/aead.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/aes.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/attest_freertos.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/buttons.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/heap_2.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/enableTiming.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/hmac.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/led_task.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/lets_hash.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/list.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/printhex.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/port.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/queue.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/rgb.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/set_key.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/sha256.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/startup_${COMPILER}.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/startup_flash.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/switch_task.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/tasks.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/uartstdio.o
${COMPILER}/attest_freertos.axf: ${COMPILER}/ustdlib.o
${COMPILER}/attest_freertos.axf: ${ROOT}/driverlib/${COMPILER}-cm4f/libdriver-cm4f.a
${COMPILER}/attest_freertos.axf: attest_freertos.ld
SCATTERgcc_attest_freertos=attest_freertos.ld
ENTRY_attest_freertos=ResetISR
CFLAGSgcc=-DTARGET_IS_BLIZZARD_RA1

ifneq (${MAKECMDGOALS},clean)
-include ${wildcard ${COMPILER}/*.d} __dummy__
endif

Trying to compile the *axf file using make, the following errors pop up:

CC    aead.c
In file included from ./wolfssl/wolfcrypt/types.h:27:0,
                 from ./wolfssl/wolfcrypt/aes.h:25,
                 from aead.c:1:
./wolfssl/wolfcrypt/wc_port.h:104:33: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'wolfSSL_Mutex'
./wolfssl/wolfcrypt/wc_port.h:167:42: error: expected ')' before '*' token
./wolfssl/wolfcrypt/wc_port.h:168:42: error: expected ')' before '*' token
./wolfssl/wolfcrypt/wc_port.h:169:42: error: expected ')' before '*' token
./wolfssl/wolfcrypt/wc_port.h:170:44: error: expected ')' before '*' token
aead.c: In function '__aead':
aead.c:73:2: warning: implicit declaration of function 'wc_AesGcmSetKey'
aead.c:84:2: warning: implicit declaration of function 'wc_AesGcmEncrypt'
aead.c:98:2: warning: implicit declaration of function 'wc_AesGcmDecrypt'
../../../makedefs:189: recipe for target 'gcc/aead.o' failed
make: *** [gcc/aead.o] Error 1

This is strange as I was able to successfully use other crypto primitives (SHA-1, HMAC) this way.

What am I missing?

Best regards.

Share

Re: AES-GCM compilation problem

Hi,

It looks like you need a couple extra defines when compiling wolfSSL and your application, mainly:

FREERTOS - this enables wolfSSL's FreeRTOS port layer
HAVE_AESGCM - this enables AES-GCM in wolfSSL

You'll need to compile both your application code and the wolfSSL library with the same preprocessor defines.  To make this easier, if you define WOLFSSL_USER_SETTINGS when compiling wolfSSL, wolfSSL will expect to find a <user_settings.h> header file on the include path.  You can put all your custom defines there, and also include it in your application code.

Do you mind if I ask what type of project you are working on?

Best Regards,
Chris