CCS C Software and Maintenance Offers
FAQFAQ   FAQForum Help   FAQOfficial CCS Support   SearchSearch  RegisterRegister 

ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

CCS does not monitor this forum on a regular basis.

Please do not post bug reports on this forum. Send them to CCS Technical Support

AES-128

 
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion
View previous topic :: View next topic  
Author Message
pilar



Joined: 30 Jan 2008
Posts: 197

View user's profile Send private message

AES-128
PostPosted: Mon Jul 16, 2018 11:11 am     Reply with quote

HI
I'm trying to move this code of AES-128 to CCS for a PIC18F4620, apparently I have no memory problems but the encrypted and decrypted data does not match, someone has managed to make it work, can you give me any suggestions ?

Here is my code:
Code:
#include <18F4520.h>
#DEVICE ADC=8
#fuses HS,NOWDT,NOPROTECT,NOLVP,NOBROWNOUT
#use delay(clock=20000000)
#use rs232(baud=9600, xmit=PIN_C6, rcv=PIN_C7)// RS232 Estándar

const unsigned char sbox[256] =   {
//0     1    2      3     4    5     6     7      8    9     A      B    C     D     E     F
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, //0
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, //1
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, //2
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, //3
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, //4
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, //5
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, //6
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, //7
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, //8
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, //9
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, //A
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, //B
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, //C
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, //D
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, //E
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; //F

// multiply by 2 in the galois field
unsigned char galois_mul2(unsigned char value)
{
  signed char temp;
  // cast to signed value
  temp = (signed char) value;
  // if MSB is 1, then this will signed extend and fill the temp variable with 1's
  temp = temp >> 7;
  // AND with the reduction variable
  temp = temp & 0x1b;
  // finally shift and reduce the value
  return ((value << 1)^temp);
}

// aes encryption function
// It manipulates the state and computes the key schedule on the fly
void aes_encrypt(unsigned char *state, unsigned char *key)
{
  unsigned char buf1, buf2, buf3, buf4, round, i;
  unsigned char rcon;

  // Rcon initial value. All subsequent values are computed.
  rcon = 0x01;

  // main AES data loop
  for (round = 0; round < 10; round++){
    //add key + sbox
    for (i = 0; i <16; i++){
      state[i]=sbox[state[i] ^ key[i]];
    }
    //shift rows
    buf1 = state[1];
    state[1] = state[5];
    state[5] = state[9];
    state[9] = state[13];
    state[13] = buf1;

    buf1 = state[2];
    buf2 = state[6];
    state[2] = state[10];
    state[6] = state[14];
    state[10] = buf1;
    state[14] = buf2;

    buf1 = state[15];
    state[15] = state[11];
    state[11] = state[7];
    state[7] = state[3];
    state[3] = buf1;

    //process mixcolumn for all rounds but the last one
    if (round < 9) {
      for (i=0; i <4; i++){
        // compute the current index
        buf4 = (i << 2);
   buf1 = state[buf4] ^ (state[buf4+1]) ^ (state[buf4+2]) ^ (state[buf4+3]);
   buf2 = state[buf4];
   buf3 = state[buf4]^(state[buf4+1]); buf3=galois_mul2(buf3); state[buf4] = state[buf4] ^ buf3 ^ buf1;
   buf3 = state[buf4+1]^(state[buf4+2]); buf3=galois_mul2(buf3); state[buf4+1] = state[buf4+1] ^ buf3 ^ buf1;
   buf3 = state[buf4+3]^buf2;     buf3=galois_mul2(buf3); state[buf4+3] = state[buf4+3] ^ buf3 ^ buf1;
   }
    }
    
    //key schedule
    // compute the 16 next round key bytes
    key[0] = sbox[key[13]]^key[0]^rcon;
    key[1] = sbox[key[14]]^key[1];
    key[2] = sbox[key[15]]^key[2];
    key[3] = sbox[key[12]]^key[3];
    for (i=4; i<16; i++) {
   key[i] = key[i] ^ (key[i-4]);
    }
    // compute the next Rcon value
    rcon = galois_mul2(rcon);
  }

  // process last AddRoundKey
  for (i = 0; i <16; i++){
    state[i]=state[i] ^ key[i];

printf("%x",state[i]);      //   Print DATA Encrypt !!!!
  }

}

int main( void ){ 
unsigned char state[] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff};
unsigned char ciphertext[] = {0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a};
unsigned char key[]   = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
unsigned char i;
unsigned char err_count = 0;
 
  aes_encrypt(state,key);
  for (i=0;i<16;i++) {
    if (state[i] != ciphertext[i]) {
      err_count++;
    }
  }

  return 0;
}


The encrypted data must be identical to: ciphertext[] = {0x69, 0xc4, 0xe0, 0xd8, 0x6a, 0x7b, 0x04, 0x30, 0xd8, 0xcd, 0xb7, 0x80, 0x70, 0xb4, 0xc5, 0x5a};

but I'm getting: 0xe1, 0x69, 0x6c, 0x5b, 0x40, 0x46, 0x72, 0xc5, 0x45, 0x26, 0x4a, 0x82, 0x3a, 0x68, 0x35, 0x6f


Last edited by pilar on Tue Jul 17, 2018 10:20 am; edited 2 times in total
Ttelmah



Joined: 11 Mar 2010
Posts: 19546

View user's profile Send private message

PostPosted: Mon Jul 16, 2018 11:33 am     Reply with quote

Your problem will be with this:
Code:

  // if MSB is 1, then this will signed extend and fill the temp variable with 1's
  temp = temp >> 7;


This will not happen. CCS shift right does not sign extend. This is 'implementation defined' in C.

Simply test the high bit, and if it is '1' or with 0xFF.
pilar



Joined: 30 Jan 2008
Posts: 197

View user's profile Send private message

PostPosted: Mon Jul 16, 2018 11:41 am     Reply with quote

Hi Ttelmah,

I did not understand you, please can you give me an example or tell me how to change it...
Ttelmah



Joined: 11 Mar 2010
Posts: 19546

View user's profile Send private message

PostPosted: Mon Jul 16, 2018 12:43 pm     Reply with quote

CCS performs a logical shift right, not an arithmetic shift right.
Now the operation here is designed to propagate the sign bit down to fill the entire byte.
You can do the same thing with:
Code:

if (bit_test(temp,7))
    temp=0xFF;
else
    temp=0;

So if the sign bit is set, the entire byte gets filled with 1's, if it is not set the byte gets filled with 0's.
Display posts from previous:   
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group