Hy!
I am trying to write a litle RIOT-OS project which uses AES encryption.
After some fiddling around, I made it work by adding a "CFLAGS +=
-DCRYPTO_AES" line to my Makefile.
Is this the recommended way to do it? I am asking, because I could not
find any reference to it in the documentations.
cheers
Mathias
Hi Mathias,
You need to add:
USEMODULE += crypto
to your Makefile to enable the AES cypher in your implementation.
This line includes the crypto module which includes AES.
Just head over to the RIOT wiki to learn more about modules [1] and how to use them.
You can also have a look into the crypto unittests [2] to get some hints how to use the AES implementation.
Best Regards,
Martin
[1] https://github.com/RIOT-OS/RIOT/wiki/Introduction#including-modules
[2] https://github.com/RIOT-OS/RIOT/tree/master/tests/unittests/tests-crypto
I did use the USEMODULE clause, but without the addtional CFLAGS
setting, it won't work. aes_init/cipher_init will return 0 because
CIPHER_MAX_CONTEXT_SIZE is set to 1 in sys/include/crypto/ciphers.h.
The unit test you referenced works, because it adds a "CFLAGS +=
-DCRYPTO_THREEDES" (which enables aes, too, because the
CIPHER_MAX_CONTEXT_SIZE set for 3DES is larger then the one for AES) in
the Makefile.include, too.
cheers
Mathias
Hi Mathias,
yes I forgot to mention the CFLAG.
If you use AES I suggest to use:
CFLAGS += -DCRYPTO_AES
and not:
CFLAGS += -DCRYPTO_THREEDES
then the appropriate CIPHER_MAX_CONTEXT_SIZE for AES will be defined [1].
Best regards,
Martin
[1] https://github.com/RIOT-OS/RIOT/blob/master/sys/include/crypto/ciphers.h#L56
So this is on purpose. This should be added to docs, I think.
cheers
Mathias
Hi!
Funny, my small example with AES worked without setting any CFLAGS.
Cheers,
Oleg
Hi,
that's really interesting since initialize AES should fail [1].
Best regards,
Martin
[1] https://github.com/RIOT-OS/RIOT/blob/master/sys/crypto/aes.c#L729
true,
I didn't tested it with failing initialization.
Could you change your small example accordingly?
Best regards,
Martin
I mean change the example in the documentation in #4786