感谢这位博主,文章具有很高的参考价值:
STM32F1做RSA,AES数据加解密,MD5信息摘要处理_我以为我爱了的博客-CSDN博客
概述
ST官方在很多年前就推出了自己的加密库,配合ST芯片用起来非常方便,支持ST的所有MCU,官方已经给出了例程,移植起来非常简单方便,其他厂家Cotex-M内核芯片应该也可以使用吧,没试过,各位看官可以试一下,我使用的是最新版的**V4.0.2 / 13-March-2023,**下面也是以该版本进行移植。
关于STM32 Cryptographic的介绍:
关于V4版本库和V3版本库的比较已经用法可以参考:
信息安全主题 | 新版STM32加解密算法库------X-Cube-Cryptolib V4 (stmicroelectronics.cn)
STM32 Cryptographic V4版本下载(建议使用V4,比上一代优化了):
V3版本下载:
所有Cryptolib V4相关的文档都通过STM32 MCU Wiki以网页形式提供,不再提供单独的UM和其他文档,官方文档:
Category:Cryptographic library - stm32mcu (stmicroelectronics.cn)
V3版本与V4版本比较
V4的参考例程则类似Cube/X-Cube包的结构,在Projects目录下的各个系列的子目录中提供。
新版本示例工程支持的系列包括STM32G0,STM32G4
STM32H7
STM32L0,STM32L1,STM32L4,STM32L5,STM32U5 (V4.0.1中包含)
STM32WB,STM32WL
移植
下载下加密库后,其文件夹各内容如下所示:
在【projects】文件夹下有很多ST的芯片的不同加密算法的加密实例,我们自己写程序时就可以参考里面的实例进行修改和使用,如下所示:
我们移植主要使用的是【\Middlewares\ST\STM32_Cryptographic】这个文件里的内容,你可以简单粗暴直接把STM32_Cryptographic文件夹复制到工程文件里,也可以只复制【include】【lib】和【interface】这3个文件夹到工程文件里,我们加密算法使用的就是这两个文件夹里的文件。其中需要注意的是【interface】这个文件夹里存放的【cmox_low_level_template.c】文件是芯片CRC使能和失能的配置文件,ST的加密库需要打开CRC才能使用,我们需要根据所使用的芯片编修改该文件;【include】文件存放的是一些头文件,不需要修改,【lib】文件夹存放的是加密库文件,根据不同的内核选择加密库;注意:V3版本的加密库使用的不是以内核来划分的。
修改Keil工程添加文件:
1.将【include】文件中的头文件包含在工程中
2.添加加密库lib文件中.a后缀的库,我这里是M4内核的
如果添加的.a后缀编译不识别就进行如下操作配置成库文件:
3.将cmox_low_level_template.c改成cmox_low_level.c文件添加到工程中(改不改都无所谓,添加进来就行),然后在cmox_ll_init()函数内修改为自己使用芯片的CRC使能配置;
原cmox_low_level_template.c文件:
cpp
#include "cmox_init.h"
#include "cmox_low_level.h"
/* #include "stm32<series>xx_hal.h" */
/**
* @brief CMOX library low level initialization
* @param pArg User defined parameter that is transmitted from initialize service
* @retval Initialization status: @ref CMOX_INIT_SUCCESS / @ref CMOX_INIT_FAIL
*/
cmox_init_retval_t cmox_ll_init(void *pArg)
{
(void)pArg;
/* Ensure CRC is enabled for cryptographic processing */
__HAL_RCC_CRC_RELEASE_RESET();
__HAL_RCC_CRC_CLK_ENABLE();
return CMOX_INIT_SUCCESS;
}
/**
* @brief CMOX library low level de-initialization
* @param pArg User defined parameter that is transmitted from finalize service
* @retval De-initialization status: @ref CMOX_INIT_SUCCESS / @ref CMOX_INIT_FAIL
*/
cmox_init_retval_t cmox_ll_deInit(void *pArg)
{
(void)pArg;
/* Do not turn off CRC to avoid side effect on other SW parts using it */
return CMOX_INIT_SUCCESS;
}
修改为我使用的F411芯片的CRC使能:
cpp
/**
******************************************************************************
* @file cmox_low_level_template.c
* @brief
******************************************************************************
* @attention
*
* Copyright (c) 2021 STMicroelectronics.
* All rights reserved.
*
* This software is licensed under terms that can be found in the LICENSE file
* in the root directory of this software component.
* If no LICENSE file comes with this software, it is provided AS-IS.
*
******************************************************************************
*/
#include "cmox_init.h"
#include "cmox_low_level.h"
#include "stm32f4xx.h"
/* #include "stm32<series>xx_hal.h" */
/**
* @brief CMOX library low level initialization
* @param pArg User defined parameter that is transmitted from initialize service
* @retval Initialization status: @ref CMOX_INIT_SUCCESS / @ref CMOX_INIT_FAIL
*/
cmox_init_retval_t cmox_ll_init(void *pArg)
{
(void)pArg;
/* Ensure CRC is enabled for cryptographic processing */
RCC_AHB1PeriphResetCmd(RCC_AHB1Periph_CRC, DISABLE); //失能CRC
RCC_AHB1PeriphClockCmd(RCC_AHB1Periph_CRC, ENABLE); //使能CRC时钟
return CMOX_INIT_SUCCESS;
}
/**
* @brief CMOX library low level de-initialization
* @param pArg User defined parameter that is transmitted from finalize service
* @retval De-initialization status: @ref CMOX_INIT_SUCCESS / @ref CMOX_INIT_FAIL
*/
cmox_init_retval_t cmox_ll_deInit(void *pArg)
{
(void)pArg;
/* Do not turn off CRC to avoid side effect on other SW parts using it */
return CMOX_INIT_SUCCESS;
}
移植步骤就做完了,下面进行验证
验证加密库
验证的话可以直接在移植文件夹的【Projects】内找到相同内核的芯片选择一个你要使用的加密方式将其main文件拷贝到你的工程中修改后进行验证,我这里使用的是AES加密,程序如下:
cpp
#include "main.h"
#include "communicate.h"
#include "cmox_crypto.h"
int lv_usart1_init(void);
int lv_delay_init(void);
/* Global variables ----------------------------------------------------------*/
/* CBC context handle */
cmox_cbc_handle_t Cbc_Ctx;
//__IO TestStatus glob_status = FAILED;
/* Private typedef -----------------------------------------------------------*/
/* Private defines -----------------------------------------------------------*/
#define CHUNK_SIZE 48u /* Chunk size (in bytes) when data to encrypt or decrypt are processed by chunk */
/* Private macros ------------------------------------------------------------*/
/* Private variables ---------------------------------------------------------*/
//密钥
const uint8_t Key[] =
{
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
};
//偏移量
const uint8_t IV[] =
{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
const uint8_t Plaintext[] =
{
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
const uint8_t Expected_Ciphertext[] =
{
0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46, 0xce, 0xe9, 0x8e, 0x9b, 0x12, 0xe9, 0x19, 0x7d,
0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2,
0x73, 0xbe, 0xd6, 0xb8, 0xe3, 0xc1, 0x74, 0x3b, 0x71, 0x16, 0xe6, 0x9e, 0x22, 0x22, 0x95, 0x16,
0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09, 0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7
};
/* Computed data buffer */
uint8_t Computed_Ciphertext[sizeof(Expected_Ciphertext)];
uint8_t Computed_Plaintext[sizeof(Plaintext)];
RCC_ClocksTypeDef get_rcc_clock;
int main(void)
{
cmox_cipher_retval_t retval;
size_t computed_size;
/* General cipher context */
cmox_cipher_handle_t *cipher_ctx;
/* Index for piecemeal processing */
uint32_t index;
lv_usart1_init();
lv_delay_init();
/*开启CRC,使用ST加密库需要开启CRC*/
if (cmox_initialize(NULL) != CMOX_INIT_SUCCESS)
{
printf("init error\r\n");
}
/***************************************************************************************************
* CRC-None加密
***************************************************************************************************/
retval = cmox_cipher_encrypt(CMOX_AESSMALL_CBC_ENC_ALGO, /* Use AES CBC algorithm */
Plaintext, sizeof(Plaintext)-1, /* Plaintext to encrypt */
Key, sizeof(Key), /* AES key to use */
IV, sizeof(IV), /* Initialization vector */
Computed_Ciphertext, &computed_size); /* Data buffer to receive generated ciphertext */
/* Verify API returned value */
if (retval != CMOX_CIPHER_SUCCESS)
{
printf("CBC ERROR\r\n");
}
printf("CBC encrypt data:\r\n");
for(int i=0; i<computed_size; i++)
{
printf("%x",Computed_Ciphertext[i]);
}
printf("\r\n");
/* Compute directly the plaintext passing all the needed parameters */
/* Note: CMOX_AES_CBC_DEC_ALGO refer to the default AES implementation
* selected in cmox_default_config.h. To use a specific implementation, user can
* directly choose:
* - CMOX_AESFAST_CBC_DEC_ALGO to select the AES fast implementation
* - CMOX_AESSMALL_CBC_DEC_ALGO to select the AES small implementation
*/
/********************************************************************************
*CRC-None解密
********************************************************************************/
retval = cmox_cipher_decrypt(CMOX_AES_CBC_DEC_ALGO, /* Use AES CBC algorithm */
Computed_Ciphertext, computed_size, /* Ciphertext to decrypt */
Key, sizeof(Key), /* AES key to use */
IV, sizeof(IV), /* Initialization vector */
Computed_Plaintext, &computed_size); /* Data buffer to receive generated plaintext */
/* Verify API returned value */
if (retval != CMOX_CIPHER_SUCCESS)
{
printf("CBC decrypt ERROR\r\n");
}
printf("CBC decrypt data:\r\n");
{
for(int i=0; i<computed_size; i++)
{
printf("%x",Computed_Plaintext[i]);
}
}
printf("\r\ncomputed_size:%d\r\n",computed_size);
/*******************************************************************************************
*
*SHA256演示
********************************************************************************************/
const uint8_t Message[] =
{
0x6b, 0x91, 0x8f, 0xb1, 0xa5, 0xad, 0x1f, 0x9c, 0x5e, 0x5d, 0xbd, 0xf1, 0x0a, 0x93, 0xa9, 0xc8,
0xf6, 0xbc, 0xa8, 0x9f, 0x37, 0xe7, 0x9c, 0x9f, 0xe1, 0x2a, 0x57, 0x22, 0x79, 0x41, 0xb1, 0x73,
0xac, 0x79, 0xd8, 0xd4, 0x40, 0xcd, 0xe8, 0xc6, 0x4c, 0x4e, 0xbc, 0x84, 0xa4, 0xc8, 0x03, 0xd1,
0x98, 0xa2, 0x96, 0xf3, 0xde, 0x06, 0x09, 0x00, 0xcc, 0x42, 0x7f, 0x58, 0xca, 0x6e, 0xc3, 0x73,
0x08, 0x4f, 0x95, 0xdd, 0x6c, 0x7c, 0x42, 0x7e, 0xcf, 0xbf, 0x78, 0x1f, 0x68, 0xbe, 0x57, 0x2a,
0x88, 0xdb, 0xcb, 0xb1, 0x88, 0x58, 0x1a, 0xb2, 0x00, 0xbf, 0xb9, 0x9a, 0x3a, 0x81, 0x64, 0x07,
0xe7, 0xdd, 0x6d, 0xd2, 0x10, 0x03, 0x55, 0x4d, 0x4f, 0x7a, 0x99, 0xc9, 0x3e, 0xbf, 0xce, 0x5c,
0x30, 0x2f, 0xf0, 0xe1, 0x1f, 0x26, 0xf8, 0x3f, 0xe6, 0x69, 0xac, 0xef, 0xb0, 0xc1, 0xbb, 0xb8,
0xb1, 0xe9, 0x09, 0xbd, 0x14, 0xaa, 0x48, 0xba, 0x34, 0x45, 0xc8, 0x8b, 0x0e, 0x11, 0x90, 0xee,
0xf7, 0x65, 0xad, 0x89, 0x8a, 0xb8, 0xca, 0x2f, 0xe5, 0x07, 0x01, 0x5f, 0x15, 0x78, 0xf1, 0x0d,
0xce, 0x3c, 0x11, 0xa5, 0x5f, 0xb9, 0x43, 0x4e, 0xe6, 0xe9, 0xad, 0x6c, 0xc0, 0xfd, 0xc4, 0x68,
0x44, 0x47, 0xa9, 0xb3, 0xb1, 0x56, 0xb9, 0x08, 0x64, 0x63, 0x60, 0xf2, 0x4f, 0xec, 0x2d, 0x8f,
0xa6, 0x9e, 0x2c, 0x93, 0xdb, 0x78, 0x70, 0x8f, 0xcd, 0x2e, 0xef, 0x74, 0x3d, 0xcb, 0x93, 0x53,
0x81, 0x9b, 0x8d, 0x66, 0x7c, 0x48, 0xed, 0x54, 0xcd, 0x43, 0x6f, 0xb1, 0x47, 0x65, 0x98, 0xc4,
0xa1, 0xd7, 0x02, 0x8e, 0x6f, 0x2f, 0xf5, 0x07, 0x51, 0xdb, 0x36, 0xab, 0x6b, 0xc3, 0x24, 0x35,
0x15, 0x2a, 0x00, 0xab, 0xd3, 0xd5, 0x8d, 0x9a, 0x87, 0x70, 0xd9, 0xa3, 0xe5, 0x2d, 0x5a, 0x36,
0x28, 0xae, 0x3c, 0x9e, 0x03, 0x25
};
uint8_t computed_hash[CMOX_SHA256_SIZE];
retval = cmox_hash_compute(CMOX_SHA256_ALGO, /* Use SHA256 algorithm */
Message, sizeof(Message), /* Message to digest */
computed_hash, /* Data buffer to receive digest data */
CMOX_SHA256_SIZE, /* Expected digest size */
&computed_size); /* Size of computed digest */
/* Verify API returned value */
if (retval != CMOX_HASH_SUCCESS)
{
printf("HASH ERROR\r\n");
}
printf("HASH data:\r\n");
for(int i=0; i<computed_size; i++)
{
printf("%x ",computed_hash[i]);
}
while(1)
{
}
}
结果:
AES加密SHA256