AES-GCM API Example Usage - 2022.2 English

Xilinx Standalone Library Documentation: BSP and Libraries Document Collection (UG643)

Document ID
UG643
Release Date
2022-10-19
Version
2022.2 English

The following example illustrates the usage of AES encryption and decryption APIs.

static s32 SecureAesExample(void)
{
        XCsuDma_Config *Config;
        s32 Status;
        u32 Index;
        XCsuDma CsuDmaInstance;
        XSecure_Aes Secure_Aes;

        /* Initialize CSU DMA driver */
        Config = XCsuDma_LookupConfig(XSECURE_CSUDMA_DEVICEID);
        if (NULL == Config) {
                return XST_FAILURE;
        }

        Status = XCsuDma_CfgInitialize(&CsuDmaInstance, Config,
                                        Config->BaseAddress);
        if (Status != XST_SUCCESS) {
                return XST_FAILURE;
        }

        /* Initialize the Aes driver so that it's ready to use */
        XSecure_AesInitialize(&Secure_Aes, &CsuDmaInstance,
                                XSECURE_CSU_AES_KEY_SRC_KUP,
                                (u32 *)Iv, (u32 *)Key);

        xil_printf("Data to be encrypted: \n\r");
        for (Index = 0; Index < XSECURE_DATA_SIZE; Index++) {
                xil_printf("%02x", Data[Index]);
        }
        xil_printf( "\r\n\n");

        /* Encryption of Data */
        /*
         * If all the data to be encrypted is contiguous one can call
         * XSecure_AesEncryptData API directly.
         */
        XSecure_AesEncryptInit(&Secure_Aes, EncData, XSECURE_DATA_SIZE);
        XSecure_AesEncryptUpdate(&Secure_Aes, Data, XSECURE_DATA_SIZE);

        xil_printf("Encrypted data: \n\r");
        for (Index = 0; Index < XSECURE_DATA_SIZE; Index++) {
                xil_printf("%02x", EncData[Index]);
        }
        xil_printf( "\r\n");

        xil_printf("GCM tag: \n\r");
        for (Index = 0; Index < XSECURE_SECURE_GCM_TAG_SIZE; Index++) {
                xil_printf("%02x", EncData[XSECURE_DATA_SIZE + Index]);
        }
        xil_printf( "\r\n\n");

        /* Decrypt's the encrypted data */
        /*
         * If data to be decrypted is contiguous one can also call
         * single API XSecure_AesDecryptData
         */
        XSecure_AesDecryptInit(&Secure_Aes, DecData, XSECURE_DATA_SIZE,
                                        EncData + XSECURE_DATA_SIZE);
        /* Only the last update will return the GCM TAG matching status */
        Status = XSecure_AesDecryptUpdate(&Secure_Aes, EncData,
                                                 XSECURE_DATA_SIZE);
        if (Status != XST_SUCCESS) {
                xil_printf("Decryption failure- GCM tag was not matched\n\r");
                return Status;
        }

        xil_printf("Decrypted data\n\r");
        for (Index = 0; Index < XSECURE_DATA_SIZE; Index++) {
                xil_printf("%02x", DecData[Index]);
        }
        xil_printf( "\r\n");

        /* Comparison of Decrypted Data with original data */
        for(Index = 0; Index < XSECURE_DATA_SIZE; Index++) {
                if (Data[Index] != DecData[Index]) {
                        xil_printf("Failure during comparison of the data\n\r");
                        return XST_FAILURE;
                }
        }

        return XST_SUCCESS;
}
Note: Relevant examples are available in the <library-install-path>\examples folder. Where <library-install-path> is the XilSecure library installation path.