Mbed TLS is now part of TrustedFirmware.org.

AES256-GCM on LPC2388 using ARM7TDMI-S: my code crashes


Apr 25, 2018 11:29
Nickolai Dobrynin

I have an existing large firmware running on LPC2388. The firmware is built on top of FreeRTOS. My task is to encrypt whatever messages the firmware sends. Since I'm using mbedtls solely for its encryption layer, I chose

https://docs.mbed.com/docs/vignesh/en/latest/api/config-no-entropy_8h_source.html

as my config.h file. Before encrypting the actual messages, I want to write a simple demo. Right now, all I have is

#include "mbedtls/gcm.h"

void testEncryption() {

  mbedtls_gcm_context gcmContext;

  unsigned char encKey[]="sKlh2:0=.Z*:XEW+ns[--r1cL_{/^Z5)";

  mbedtls_gcm_init(&gcmContext);

  mbedtls_gcm_setkey(&gcmContext, MBEDTLS_CIPHER_ID_AES, encKey, 256);

  mbedtls_gcm_free(&gcmContext);

}

but these lines already cause a crash, so I want to know what went wrong. The mbedtls library was built (using the supplied Makefile) as follows:

+ echo '  CC    aes.c'
  CC    aes.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c aes.c
+ echo '  CC    aesni.c'
  CC    aesni.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c aesni.c
+ echo '  CC    arc4.c'
  CC    arc4.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c arc4.c
+ echo '  CC    asn1parse.c'
  CC    asn1parse.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c asn1parse.c
+ echo '  CC    asn1write.c'
  CC    asn1write.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c asn1write.c
+ echo '  CC    base64.c'
  CC    base64.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c base64.c
+ echo '  CC    bignum.c'
  CC    bignum.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c bignum.c
+ echo '  CC    blowfish.c'
  CC    blowfish.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c blowfish.c
+ echo '  CC    camellia.c'
  CC    camellia.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c camellia.c
+ echo '  CC    ccm.c'
  CC    ccm.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ccm.c
+ echo '  CC    cipher.c'
  CC    cipher.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c cipher.c
+ echo '  CC    cipher_wrap.c'
  CC    cipher_wrap.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c cipher_wrap.c
+ echo '  CC    cmac.c'
  CC    cmac.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c cmac.c
+ echo '  CC    ctr_drbg.c'
  CC    ctr_drbg.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ctr_drbg.c
+ echo '  CC    des.c'
  CC    des.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c des.c
+ echo '  CC    dhm.c'
  CC    dhm.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c dhm.c
+ echo '  CC    ecdh.c'
  CC    ecdh.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ecdh.c
+ echo '  CC    ecdsa.c'
  CC    ecdsa.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ecdsa.c
+ echo '  CC    ecjpake.c'
  CC    ecjpake.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ecjpake.c
+ echo '  CC    ecp.c'
  CC    ecp.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ecp.c
+ echo '  CC    ecp_curves.c'
  CC    ecp_curves.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ecp_curves.c
+ echo '  CC    entropy.c'
  CC    entropy.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c entropy.c
+ echo '  CC    entropy_poll.c'
  CC    entropy_poll.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c entropy_poll.c
+ echo '  CC    error.c'
  CC    error.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c error.c
+ echo '  CC    gcm.c'
  CC    gcm.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c gcm.c
+ echo '  CC    havege.c'
  CC    havege.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c havege.c
+ echo '  CC    hmac_drbg.c'
  CC    hmac_drbg.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c hmac_drbg.c
+ echo '  CC    md.c'
  CC    md.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c md.c
+ echo '  CC    md2.c'
  CC    md2.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c md2.c
+ echo '  CC    md4.c'
  CC    md4.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c md4.c
+ echo '  CC    md5.c'
  CC    md5.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c md5.c
+ echo '  CC    md_wrap.c'
  CC    md_wrap.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c md_wrap.c
+ echo '  CC    memory_buffer_alloc.c'
  CC    memory_buffer_alloc.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c memory_buffer_alloc.c
+ echo '  CC    oid.c'
  CC    oid.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c oid.c
+ echo '  CC    padlock.c'
  CC    padlock.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c padlock.c
+ echo '  CC    pem.c'
  CC    pem.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pem.c
+ echo '  CC    pk.c'
  CC    pk.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pk.c
+ echo '  CC    pk_wrap.c'
  CC    pk_wrap.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pk_wrap.c
+ echo '  CC    pkcs12.c'
  CC    pkcs12.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pkcs12.c
+ echo '  CC    pkcs5.c'
  CC    pkcs5.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pkcs5.c
+ echo '  CC    pkparse.c'
  CC    pkparse.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pkparse.c
+ echo '  CC    pkwrite.c'
  CC    pkwrite.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c pkwrite.c
+ echo '  CC    platform.c'
  CC    platform.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c platform.c
+ echo '  CC    ripemd160.c'
  CC    ripemd160.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c ripemd160.c
+ echo '  CC    rsa_internal.c'
  CC    rsa_internal.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c rsa_internal.c
+ echo '  CC    rsa.c'
  CC    rsa.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c rsa.c
+ echo '  CC    sha1.c'
  CC    sha1.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c sha1.c
+ echo '  CC    sha256.c'
  CC    sha256.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c sha256.c
+ echo '  CC    sha512.c'
  CC    sha512.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c sha512.c
+ echo '  CC    threading.c'
  CC    threading.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c threading.c
+ echo '  CC    timing.c'
  CC    timing.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c timing.c
+ echo '  CC    version.c'
  CC    version.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c version.c
+ echo '  CC    version_features.c'
  CC    version_features.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c version_features.c
+ echo '  CC    xtea.c'
  CC    xtea.c
+ arm-none-eabi-gcc -Wall -W -Wdeclaration-after-statement -I../include -D_FILE_OFFSET_BITS=64 -mcpu=arm7tdmi-s -mthumb-interwork -mthumb -O2 -c xtea.c
+ echo '  AR    libmbedcrypto.a'
  AR    libmbedcrypto.a
+ arm-none-eabi-gcc-ar -rc libmbedcrypto.a aes.o aesni.o arc4.o asn1parse.o asn1write.o base64.o bignum.o blowfish.o camellia.o ccm.o cipher.o cipher_wrap.o cmac.o ctr_drbg.o des.o dhm.o ecdh.o ecdsa.o ecjpake.o ecp.o ecp_curves.o entropy.o entropy_poll.o error.o gcm.o havege.o hmac_drbg.o md.o md2.o md4.o md5.o md_wrap.o memory_buffer_alloc.o oid.o padlock.o pem.o pk.o pk_wrap.o pkcs12.o pkcs5.o pkparse.o pkwrite.o platform.o ripemd160.o rsa_internal.o rsa.o sha1.o sha256.o sha512.o threading.o timing.o version.o version_features.o xtea.o
+ echo '  RL    libmbedcrypto.a'
  RL    libmbedcrypto.a
+ arm-none-eabi-gcc-ar -s libmbedcrypto.a

Any ideas?

Many thanks.

 
May 1, 2018 11:42
Ron Eldor

Hi Nickolai,
I have tried running your code with the relevant configuration file, on other platforms (windows and Linux), and didn't get a crash. In addition, the only issue I seed with your code is that you treat your key (encKey) as a string literal, and not as a binary buffer, as it should be. You should initiate it as a hex buffer, but I don't believe this is the cause for your crash.
Since on other platforms I don't see a crash, I believe this is a platform issue. It could be a memory issue, an issue related to 32bit, or any other platform related issue.
Please try running with a debugger on your platform, to recognize location of the crash, to identify the root cause.
Regards,
Mbed TLS Team member
Ron