Anyone know how to decrypt with mbed aes CTR mode?

Posts: 13
Joined: Mon Jun 10, 2019 4:01 pm

Anyone know how to decrypt with mbed aes CTR mode?

Postby phantomBlurrr » Tue Aug 13, 2019 3:08 pm

I'm trying to encrypt/decrypt data using mbed aes CTR mode. I can get the encryption to work, but I can't figure out how to make it decrypt. Below is my code:

Code: Select all

        mbedtls_aes_context aes;
	unsigned char key[16];
	unsigned char input[128] = {0x48, 0x45, 0x4c, 0x4c, 0x4f};
	unsigned char output[128];
	unsigned char decrypt[128];
	size_t input_len = 40;
	unsigned char nonce_counter[16] = {0};
	unsigned char stream_block[16];
	unsigned int nc_off = 0;

	memcpy(key, key_128, 16);

	printf("aes Key: \n");
	for(int i = 0; i < 16; i++)

	mbedtls_aes_setkey_enc(&aes, key, 128);
	mbedtls_aes_setkey_dec(&aes, key, 128);
	mbedtls_aes_crypt_ctr(&aes, input_len, &nc_off, nonce_counter, stream_block, input, output);

	printf("aes input: \n");
	for(int i = 0; i < 5; i++)

	printf("aes encrypt: \n");
	for(int i = 0; i < 5; i++)

	mbedtls_aes_crypt_ctr(&aes, input_len, &nc_off, nonce_counter, stream_block, output, decrypt);

	printf("aes decrypt: \n");
	for(int i = 0; i < 5; i++)
I get the following:
aes input: 48454c4c4f
aes encrypt: 3856ba1f36
aes decrypt: 3853a9924d

As you can see, aes input =/= aes decrypt. Any ideas?

Posts: 1732
Joined: Sun May 08, 2016 4:11 am

Re: Anyone know how to decrypt with mbed aes CTR mode?

Postby ESP_Angus » Wed Aug 14, 2019 1:22 am

When you use an mbedTLS CTR function it updates the nonce counter block and the stream block contents, in preparation for additional bytes. So the "decrypt" is not using the same nonce & counter block data as the initial "encrypt".

If you set the nonce block back to the same value used for the initial encryption (the initial nonce is all zeroes in your case, which not recommended), then you'll be able to decrypt.

Posts: 777
Joined: Wed Jun 14, 2017 9:00 pm

Re: Anyone know how to decrypt with mbed aes CTR mode?

Postby chegewara » Wed Aug 14, 2019 8:32 pm ... ain/main.c

As Angus said, nonce value is changed by encrypt/decrypt function and you cant pass it to the next function. You can see i have 2 nonce, one for encrypt and one for decrypt function.

Code: Select all

static void ctr()
    size_t nc_off = 0;
    size_t nc_off1 = 0;
    unsigned char nonce_counter[16] = {0};
    unsigned char stream_block[16] = {0};
    unsigned char nonce_counter1[16] = {0};
    unsigned char stream_block1[16] = {0};
    unsigned char encrypt_output[INPUT_LENGTH] = {0};
    unsigned char decrypt_output[INPUT_LENGTH] = {0};
    size_t iv_offset = 0;
    size_t iv_offset1 = 0;
    mbedtls_aes_crypt_ctr(&aes, INPUT_LENGTH, &nc_off, nonce_counter, stream_block, input, encrypt_output);
    mbedtls_aes_crypt_ctr(&aes, INPUT_LENGTH, &nc_off1, nonce_counter1, stream_block1, encrypt_output, decrypt_output);
    ESP_LOG_BUFFER_HEX("ctr", encrypt_output, INPUT_LENGTH);
    ESP_LOG_BUFFER_HEX("ctr", decrypt_output, INPUT_LENGTH);
    ESP_LOGI("ctr", "%s", decrypt_output);

Who is online

Users browsing this forum: Bing [Bot], danylook, Ritesh and 14 guests