Are AES-CCM encryption functions available to the BlueNRG-LP application developer?

Forum|Forum|4 years ago
February 6, 2022
3 replies
1589 views

I noticed that the BlueNRG-LP BLE stack uses a special version of the cryptographic library "libcrypto.a" with only AES-CMAC cryptographic functions. But I do know that LE Legacy connections and LE Secure connections share AES in four different flavors: AES-ECB, AES-CBC, AES-CTR, and AES-CCM.

Since I need AES-CCM to encrypt(decrypt) traffic over UART, I have a question: is the AES-CCM encryption(decryption) used by the stack available to the application developer? If not, which of the plain AES encryption function is safe and better to use: AES_general_SW_enc (from cryptolib), AES_128_HW_enc (from aes_hw.c), hci_le_encrypt (from BLE stack) or AESMGR_Encrypt (from AESMGR)?

This topic has been closed for replies.

alemvAuthor

Associate

I haven't found a way to use the AES-CCM feature of the BLE stack itself. So I had to write my own encryption and decryption functions for my special case (1 <= payload <= 255, no extra data, MAC length = 4, nonce = 13 zeros, ciphertext = payload + 4) using the function hci_le_encrypt. It works.

Khojah

Visitor II

you saved my day thanks

let me ask how to encrypt an extended packet (more than 16 bytes)

alemvAuthor

Associate

See encrypt_special_aes_ccm and decrypt_special_aes_ccm functions in the attachment.

aes_ccm.zip

AndyR1

Senior

ok, i was using the BlueNRG-LP DK 1.0.0, I moved to the actual last BlueNRG-LP_LPS DK 1.2.0 to have the AES ECB.

JLEE.191

Visitor II

I haven't found a way to use the AES-CCM feature of the BLE stack itself. So I had to write my own encryption and decryption functions for my special case (1 <= payload <= 255, no extra data, MAC length = 4, nonce = 13 zeros, ciphertext = payload + 4) using the function hci_le_encrypt. It works.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded