Topic: wc_AesGcmEncrypt / wc_AesGcmDecrypt questions
Hi,
I want to implement AES-GCM and have the following questions:
1. looking at the implementation of
wc_AesGcmDecrypt
in wolfcrypt/src/aes.c the code calls
AesGcmDecrypt_fips
. However, if I grep for
AesGcmDecrypt_fips
in the wolfSSL folder, I get no other result beside the
wc_AesGcmDecrypt
implementation. Where is
AesGcmDecrypt_fips
implemented?
2. In the code below,
wc_AesGcmDecrypt
returns -180. What does this mean?
#include <wolfssl/wolfcrypt/aes.h>
#include "stdio.h"
#include "string.h"
#include "stdlib.h"
#include "inttypes.h"
void printhex(unsigned char myarray[], unsigned int size);
//__aead(byte plaintext[], byte iv[], byte addAuthData[])
unsigned long main()
{
int result;
Aes enc;
printf("Entering aead() function...\n");
// additional plaintext that is to be authenticated
// with the plaintext being encrypted
const byte addAuthData[] =
{
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
const byte key[] =
{
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
};
const byte iv[] =
{
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
const byte plaintext[] =
{
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
};
byte plaintextresult[sizeof(plaintext)];
byte authTag[32];
byte ciphertext[32];
// set key for AES-GCM
// wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
wc_AesGcmSetKey(&enc, key, sizeof(key));
printf("\nSetting key for aead() operation:\n");
printhex(key, sizeof(key));
// perform encryption
/*
wc_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
*/
wc_AesGcmEncrypt(&enc, ciphertext,
plaintext, sizeof(plaintext),
iv, sizeof(iv),
authTag, sizeof(authTag),
addAuthData, sizeof(addAuthData));
printf("\nEncrypting plaintext:\n");
printhex(plaintext, sizeof(plaintext));
printf("\nCipher:\n");
printhex(ciphertext, sizeof(ciphertext));
// perform decryption
/*
wc_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
*/
result = wc_AesGcmDecrypt(&enc, plaintextresult,
ciphertext, sizeof(ciphertext),
iv, sizeof(iv),
authTag, sizeof(authTag),
addAuthData, sizeof(addAuthData));
printf("\nDecrypting ciphertext (result: %d)\n", result);
printhex(plaintextresult, sizeof(plaintextresult));
//printf();
return (0);
}