mbed-os-examples
Hello world example of using the authenticated encryption with mbed TLS. The canonical source for this example lives at https://github.com/ARMmbed/mbed-os-example-tls
Embed:
(wiki syntax)
Show/hide line numbers
authcrypt.h
00001 /* 00002 * Hello world example of using the authenticated encryption with Mbed TLS 00003 * 00004 * Copyright (C) 2017, Arm Limited, All Rights Reserved 00005 * SPDX-License-Identifier: Apache-2.0 00006 * 00007 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00008 * not use this file except in compliance with the License. 00009 * You may obtain a copy of the License at 00010 * 00011 * http://www.apache.org/licenses/LICENSE-2.0 00012 * 00013 * Unless required by applicable law or agreed to in writing, software 00014 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00015 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00016 * See the License for the specific language governing permissions and 00017 * limitations under the License. 00018 */ 00019 00020 #ifndef _AUTHCRYPT_H_ 00021 #define _AUTHCRYPT_H_ 00022 00023 #include "mbedtls/cipher.h" 00024 #include "mbedtls/entropy.h" 00025 #include "mbedtls/ctr_drbg.h" 00026 #include "mbedtls/platform.h" 00027 00028 /** 00029 * This class implements the logic to demonstrate authenticated encryption using 00030 * mbed TLS. 00031 */ 00032 class Authcrypt 00033 { 00034 public: 00035 /** 00036 * Construct an Authcrypt instance 00037 */ 00038 Authcrypt(); 00039 00040 /** 00041 * Free any allocated resources 00042 */ 00043 ~Authcrypt(); 00044 00045 /** 00046 * Run the authenticated encryption example 00047 * 00048 * \return 0 if successful 00049 */ 00050 int run(); 00051 00052 private: 00053 /** 00054 * Print a buffer's contents in hexadecimal 00055 * 00056 * \param[in] title 00057 * The string to print before the hex string 00058 * \param[in] buf 00059 * The buffer to print in hex 00060 * \param[in] len 00061 * The length of the buffer 00062 */ 00063 void print_hex(const char *title, const unsigned char buf[], size_t len); 00064 00065 /** 00066 * The pre-shared key 00067 * 00068 * \note This should be generated randomly and be unique to the 00069 * device/channel/etc. Just used a fixed on here for simplicity. 00070 */ 00071 static const unsigned char secret_key[16]; 00072 00073 /** 00074 * Message that should be protected 00075 */ 00076 static const char message[]; 00077 00078 /** 00079 * Metadata transmitted in the clear but authenticated 00080 */ 00081 static const char metadata[]; 00082 00083 /** 00084 * Ciphertext buffer large enough to hold message + nonce + tag 00085 */ 00086 unsigned char ciphertext[128]; 00087 00088 /** 00089 * Plaintext buffer large enough to hold the decrypted message 00090 */ 00091 unsigned char decrypted[128]; 00092 00093 /** 00094 * Entropy pool for seeding PRNG 00095 */ 00096 mbedtls_entropy_context entropy; 00097 00098 /** 00099 * Pseudo-random generator 00100 */ 00101 mbedtls_ctr_drbg_context drbg; 00102 00103 /** 00104 * The block cipher configuration 00105 */ 00106 mbedtls_cipher_context_t cipher; 00107 }; 00108 00109 #endif /* _AUTHCRYPT_H_ */
Generated on Thu Jul 14 2022 01:25:58 by
1.7.2