Last active
March 12, 2022 11:18
-
-
Save VNovytskyi/ba1479140226622d964885f277225df6 to your computer and use it in GitHub Desktop.
Arduino ESP32 RSA OAEP encryption with Base64 encoding
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "mbedtls/pk.h" | |
| #include "mbedtls/rsa.h" | |
| #include "mbedtls/error.h" | |
| #include "mbedtls/base64.h" | |
| #include "mbedtls/entropy.h" | |
| #include "mbedtls/ctr_drbg.h" | |
| #define PERS "rsa_encrypt" | |
| mbedtls_pk_context public_key; | |
| mbedtls_entropy_context entropy; | |
| mbedtls_ctr_drbg_context ctr_drbg; | |
| const char* esp_pub_key_pem_test = "-----BEGIN PUBLIC KEY-----\n\ | |
| MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvEn4AzPLEjQuD2bBKa5SQAEnT\n\ | |
| e2IuuURqYiALOuGPXW+XppcywC38FHuWnHlVtDS2NIk6F6V287wwkBX/a6r5XMH7\n\ | |
| pE9Qzlv6hWgQUYeoX7dKRLn5BlsqaxWsgvYpGoUfUhutL6I6q0g3LQDlvWKI5Kvc\n\ | |
| 9dWb27rSTMPsO27MmwIDAQAB\n\ | |
| -----END PUBLIC KEY-----"; | |
| const char* esp_priv_key_pem_test = "-----BEGIN PRIVATE KEY-----\n\ | |
| MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAK8SfgDM8sSNC4PZ\n\ | |
| sEprlJAASdN7Yi65RGpiIAs64Y9db5emlzLALfwUe5aceVW0NLY0iToXpXbzvDCQ\n\ | |
| Ff9rqvlcwfukT1DOW/qFaBBRh6hft0pEufkGWyprFayC9ikahR9SG60vojqrSDct\n\ | |
| AOW9Yojkq9z11ZvbutJMw+w7bsybAgMBAAECgYArgh38VvKyNBc7gjsUk53NF7VB\n\ | |
| MHWbBQHiqlYqVEzAE0lrV8RVoXsMHY8FRAfHa8x5x56e6Ed/w1zueLBu1LQdcPJc\n\ | |
| COf9noH1onkAuW52ofwuuuCGq+L8gyw5tTxmHhuyOTBy4syD9M4AMUDbb4wJPi1L\n\ | |
| WYe12pm6P3v+j6MDQQJBAOdsNhwciwxPGEle+HosSYrZJAK5dM8tL+w7doWdDCJ5\n\ | |
| oP1+f1sOa3n2xXfN7Kdr9t1jsz1UIQ4cKrX2OpbNgeECQQDBqkGnQb5Y0xYQ3Rxk\n\ | |
| hJEDIQC436g4GLy0kKsA2f7kboMURPfVv/senUSj4IVc9EdlUIhMjZ+sQcNoHfcf\n\ | |
| aRX7AkEAwNZo2E/ohd86q5jZkGRq+6oo2aRT83cB4eVCw9+zht63CcRotyVy5XR9\n\ | |
| 43DSbEgIsz4q00XRLYLHDE0bUSH5wQJBAJ68g4WpUHCTzBFUetI1CnsrEOF3iPU5\n\ | |
| 6WqC7XcMN21a25vAj/cmnZlRRJKiFA3Ft8NmR+Gfb5IMcTMk5IpdYwMCQEgpuLqq\n\ | |
| AxLc8u2j6I/FvbKvbFx8ZHKq0jPRXjzJz/0a39F8JPLT7M5LTSJ1zDIv4FQKY376\n\ | |
| D+3/XxFpEl40k3I=\n\ | |
| -----END PRIVATE KEY-----"; | |
| size_t get_encoded_size(size_t plain_data_size) { | |
| return (4 * ceil((double)plain_data_size / 3)) + 1; | |
| } | |
| void setup() { | |
| printf("\n"); | |
| mbedtls_pk_init(&public_key); | |
| mbedtls_ctr_drbg_init(&ctr_drbg); | |
| mbedtls_entropy_init(&entropy); | |
| int res = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const uint8_t*)PERS, strlen(PERS)); | |
| if (res != 0) { | |
| char buff[512]; | |
| mbedtls_strerror(res, buff, sizeof(buff)); | |
| printf("Error mbedtls_ctr_drbg_seed = %s", buff); | |
| return; | |
| } | |
| size_t key_len = strlen(esp_pub_key_pem_test) + 1; | |
| res = mbedtls_pk_parse_public_key(&public_key, (const uint8_t*)esp_pub_key_pem_test, key_len); | |
| if (res != 0) { | |
| char buff[512]; | |
| mbedtls_strerror(res, buff, sizeof(buff)); | |
| printf("Parse key error: %s\n", buff); | |
| return; | |
| } | |
| printf("Parse public key ok\n"); | |
| size_t ciphertext_buff_len = mbedtls_pk_rsa(public_key)->len; | |
| uint8_t *ciphertext_buff = (uint8_t*)malloc(ciphertext_buff_len); | |
| if (ciphertext_buff == NULL) { | |
| printf("Failed to allocate %zu bytes...\n", ciphertext_buff_len); | |
| return; | |
| } | |
| char *plain_text_p = "Hello"; | |
| mbedtls_rsa_set_padding(mbedtls_pk_rsa(public_key), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); | |
| res = mbedtls_rsa_rsaes_oaep_encrypt( | |
| mbedtls_pk_rsa(public_key), | |
| mbedtls_ctr_drbg_random, | |
| &ctr_drbg, | |
| MBEDTLS_RSA_PUBLIC, | |
| NULL, | |
| 0, | |
| strlen(plain_text_p), | |
| (const uint8_t*)plain_text_p, | |
| ciphertext_buff | |
| ); | |
| if (res != 0) { | |
| char buff[512]; | |
| mbedtls_strerror(res, buff, sizeof(buff)); | |
| printf("Encryption error: %s\n", buff); | |
| free(ciphertext_buff); | |
| return; | |
| } | |
| printf("Encryption finished\n"); | |
| size_t outlen = 0; | |
| size_t encoded_buff_size = get_encoded_size(ciphertext_buff_len); | |
| char *ciphertext_base64_buff = (char*)malloc(encoded_buff_size); | |
| if (ciphertext_base64_buff == NULL) { | |
| printf("Failed to allocate %zu bytes...\n", encoded_buff_size); | |
| free(ciphertext_buff); | |
| return; | |
| } | |
| res = mbedtls_base64_encode( | |
| (uint8_t*)ciphertext_base64_buff, | |
| encoded_buff_size, | |
| &outlen, | |
| ciphertext_buff, | |
| ciphertext_buff_len | |
| ); | |
| if (res != 0) { | |
| char buff[512]; | |
| mbedtls_strerror(res, buff, sizeof(buff)); | |
| printf("Encode error: %s\n", buff); | |
| free(ciphertext_base64_buff); | |
| free(ciphertext_buff); | |
| return; | |
| } | |
| printf("Ciphertext (Base64) [%zu]: %s\n", strlen(ciphertext_base64_buff), ciphertext_base64_buff); | |
| free(ciphertext_base64_buff); | |
| free(ciphertext_buff); | |
| } | |
| void loop() { | |
| delay(10); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment