Reply by davidkiryat8 June 19, 20132013-06-19
--- In l..., "fhriley" wrote:
>
> Doing a quick read of the app note looks like it only implements the AES encryption and decryption. You still need to implement your mode of operation. From your C# code, that looks like Cipher-block chaining (CBC).
>
> https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
>

Thank you! I finally had time to check this. The application note uses CipherMode.ECB as I understood from the page you sent me to. After I XORed things I was able to get the C# CipherMode.CBC to work too!
Thanks again.

An Engineer's Guide to the LPC2100 Series

Reply by fhriley May 29, 20132013-05-29
Doing a quick read of the app note looks like it only implements the AES encryption and decryption. You still need to implement your mode of operation. From your C# code, that looks like Cipher-block chaining (CBC).

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

Reply by davidkiryat8 May 29, 20132013-05-29
I am trying to communicate with a custom protocol encrypted in AES 256 on the LPC1768 and the other end using a C# DotNet server. I am using the NXP AN11241_1 example code. On the PC side I use the C# code below.
When I encrypt a buffer with a single 16 byte block, both sides encrypt/decrypt the same way and all works. When I fill a 48 byte buffer with data 0 through 47 and encrypt the buffer on both ends, only the first 16 encrypted bytes are the same. So when I send more than one 16 byte block, the decrypting always fails.
I also did a test where I encrypted the 48bytes and then decrypted them on the same side (PC and LPC) and verified that the results which also worked.
I conclude that PC and the LPC are using different AES modes.
Any help would be appreciated.
Thanks
==============================namespace AES_FFF
{
using System;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
///
/// A simple wrapper to the AesManaged class and the AES algorithm.
/// Requires a securely stored key which should be a random string of characters that an attacker could never guess.
/// Make sure to save the Key if you want to decrypt your data later!
/// If you're using this with a Web app, put the key in the web.config and encrypt the web.config.
///
public class AesEncryptamajig
{
private static byte[] IV = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};

private static byte[] Encrypt(byte[] original, byte[] key, byte[] iv,int StartPos)
{
using (var memoryStream = new MemoryStream())
{
using (var aes = new AesManaged { Key = key, IV = iv , Padding = PaddingMode.None/*PaddingMode.PKCS7*/, Mode = CipherMode.CBC})
{
try{
using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write))
{
cryptoStream.Write(original, StartPos, original.Length-StartPos);
}
}finally{
aes.Clear();
}
}
return memoryStream.ToArray();
}
} // Encrypt
private static Boolean Decrypt(ref byte[] encrypted, byte[] key, byte[] iv,int StartPos)
{
//-----------------------------
// Create a buffer to return decrypted data
//-----------------------------
int len = encrypted.Length - StartPos;
byte[] encrypt_only = new byte[len];
System.Array.Copy(encrypted,StartPos,encrypt_only,0,len);
using (var memoryStream = new MemoryStream(encrypt_only))
{
using (var aes = new AesManaged { Key = key, IV = iv, Padding = PaddingMode.None/*PaddingMode.PKCS7*/, Mode = CipherMode.CBC })
{
try{
using (var cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Read))
{
//-------------------
// Create a buffer to return decrypted data
//-------------------
byte[] decrypt = new byte[len];
int pos = 0;
do{
int numRead = cryptoStream.Read(decrypt,pos,16);
pos += numRead;
}while(pos System.Array.Copy(decrypt,0,encrypted,StartPos,len);
}
}finally{
aes.Clear();
}
}
}
return true;
} // Decrypt
public static Boolean Decrypt(ref byte[] Encrypted,String Key,int StartPos)
{
try{
//-----------------------------
// First Time create random IV
//-----------------------------
if (IV==null){
// RNGCryptoServiceProvider is an implementation of a random number generator.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
IV = new Byte[16];
rng.GetBytes(IV); //
}
return Decrypt(ref Encrypted, System.Text.Encoding.UTF8.GetBytes (Key), IV,StartPos);

}catch (Exception exc){
Logger.logWrite(LoggerOption.LO_Both,LogPriorityEnum.LOG_PRIORITY_HIGH,
LogTypeEnum.LOG_TYPE_ERR,"Error in AES Decrypt [EXC]:{0}",exc.Message);
return false;
}
} // Decrypt
public static byte[] Encrypt(byte[] PlainText,String Key,int StartPos)
{
//-----------------------------
// First Time create random IV
//-----------------------------
if (IV==null){
// RNGCryptoServiceProvider is an implementation of a random number generator.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
IV = new Byte[16];
rng.GetBytes(IV); //
}
return Encrypt(PlainText, System.Text.Encoding.UTF8.GetBytes (Key), IV,StartPos);
} // Encrypt
} // class
}