AES Example

The AES Examples show how to perform an AES encryption and decryption operations, as well as MAC calculation with different AES modes using the AES - Advanced Encryption Standard library.
AES library comes with a lot of supported cryptography modes. Therefore, the example has been divided into four parts.

Each of these parts presents the usage of a different mode:

1. AES API for CTR
2. AES API for CBC-MAC
3. AEAD API for CCM
4. AES API and AEAD API for all Supported AES Modes.

Note

These examples can run in software or hardware, depending on the supported features of your SoC. They use the default backend for the specific platform, but you can test them using different backends. For more details on how to change backends, see Configuring nrf_crypto frontend and backends.

You can find the source code and the project file of the example in the following folder: <InstallFolder>\examples\crypto\nrf_crypto\aes

Testing AES CTR mode

1. Skip this step if you are using an RTT Viewer. By default, nrf_crypto examples are configured to use RTT for logging.
   Start a terminal emulator like PuTTY and connect to the used COM port with the following UART settings:
   • Baud rate: 115.200
   • 8 data bits
   • 1 stop bit
   • No parity
   • HW flow control: None
2. Compile and program the application.
3. Observe the logs from the application using an RTT Viewer or a terminal emulator.

Testing AES CBC_MAC mode

1. Skip this step if you are using an RTT Viewer. By default, nrf_crypto examples are configured to use RTT for logging.
   Start a terminal emulator like PuTTY and connect to the used COM port with the following UART settings:
   • Baud rate: 115.200
   • 8 data bits
   • 1 stop bit
   • No parity
   • HW flow control: None
2. Compile and program the application.
3. Observe the logs from the application using an RTT viewer or a terminal emulator.

Testing AES CCM mode

1. Skip this step if you are using an RTT Viewer. By default, nrf_crypto examples are configured to use RTT for logging.
   Start a terminal emulator like PuTTY and connect to the used COM port with the following UART settings:
   • Baud rate: 115.200
   • 8 data bits
   • 1 stop bit
   • No parity
   • HW flow control: None
2. Compile and program the application.
3. Observe the logs from the application using an RTT viewer or a terminal emulator.

Testing all AES modes

Test the All AES modes - CLI Example application by performing the following steps:

1. Compile and program the application.
2. Start a terminal emulator like PuTTY (recommended) with the following Terminal settings, and establish the connection:
   • Serial: for UART or USB CDC ACM transport.
   • Telnet, port 19021: for RTT transport. For establishing an RTT session, use JLink.exe and not J-Link Viewer.
3. You can now start using the command line interface.
4. Press the Tab button to see all available commands.
5. Test the functionality of each AES mode by running the following commands:

   • example aes <AES mode> 

     
     Available modes are: CBC, CFB, CTR, and ECB.

   • example aead <AEAD mode> 

     
     Available modes are: CCM, CCM*, EAX, and GCM.

   • example mac <MAC mode> 

     
     Available modes are: CBC-MAC and CMAC.
6. Change the key size and test the above functionality again to compare results. This can be done with the command:

   • example key_size <size> 

     
     Available sizes are: 128_bit, 192_bit, and 256_bit. Modes implemented by the CC310 backend support only the 128-bit key.
7. Use the Tab key to autocomplete and prompt commands.
8. If your chip features Cryptocell®, you can change between the backends (CC310 <-> mbed TLS) realizing a particular AES mode. See Configuring nrf_crypto frontend and backends. Compile and test again to compare results.