Recently, while debugging my code, I encountered an issue when using the AES-GCM algorithm. I found that when calling the mbedtls_gcm_auth_decrypt interface in version 3.6.1, the calculated tag consistently does not match the input tag. However, when using the same interface in version 2.28.2, the tag is successfully calculated as expected. Below is the demo code we are using:
tstSecKeyList g_stPreInterKey =
.enuSecType = SEC_AES_GCM,
0x68U, 0xffU, 0xb7U, 0xffU, 0x5eU, 0xffU, 0x10U, 0xffU, 0x9eU, 0xffU, 0xb8U, 0xffU, 0x01U, 0xffU,
0xb9U, 0xffU, 0xa0U, 0xffU, 0x1cU, 0xffU, 0xdfU, 0xffU, 0x0aU, 0xffU, 0xe6U, 0xffU, 0xc8U, 0xffU,
0xc5U, 0xffU, 0x39U, 0xffU
0x3, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x0, 0x1, 0x2, 0x3
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0
static uint8_t s_au8SecMemoryBuffer[6*1024];
mbedtls_gcm_context aesGcmContext;
uint8_t *pau8EncryptedPlain = inParam0;
(note: inParam0=434421d30c9abf31b96d2d28d00b5cb4e6fe84033999d53d3a50674b3aedd81f)
uint8_t *pau8AesTag = inParam0 + 16; (e6fe84033999d53d3a50674b3aedd81f)
uint8_t u8EncryptedPlainLen = 16;
uint8_t u8AesTagKeyLen = 16;
mbedtls_gcm_init(&aesGcmContext);
mbedtls_memory_buffer_alloc_init(s_au8SecMemoryBuffer, 6*1024);
vidPreInterKeyget(g_stPreInterKey.au8Key, au8preInterKey);
mbedtls_gcm_setkey(&aesGcmContext, MBEDTLS_CIPHER_ID_AES, au8preInterKey, 16*8);
s32Ret = mbedtls_gcm_auth_decrypt(&aesGcmContext, u8EncryptedPlainLen, g_stPreInterKey.au8Iv,
g_stPreInterKey.u16IVLen, g_stPreInterKey.au8Add, g_stPreInterKey.u16AddLen,
pau8AesTag, u8AesTagKeyLen, pau8EncryptedPlain, s_au8DecryptKey);
---- Email Disclaimer ----
This email, and any files transmitted with it, are confidential and intended solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error, please reply to advise the sender of the error. If not, you are receiving this email because you have either subscribed,
purchased or have been in contact with Suteng Innovation Technology Co., LTD (RoboSense).