Basic File Encrypt

Demonstrates encrypting and decrypting files with ZentriOS-compatible encryption.

API Features Demonstrated

Platforms

This app works on:

Requirements and Prerequisites

This app requires a ZentriOS evaluation board. See the Platforms list above.

Description

This example demonstrates how to encrypt/decrypt a file for ZentriOS using a custom generated key. The file is encrypted and written to the extended flash file system.

ZentriOS can then read and decrypt the file.

Note that this code is for reference only. ZentriOS provides built-in encryption via the File System API.

This example is mainly intended to demonstrate how ZentriOS file encryption/decryption is done.

The algorithm should be ported to external systems that pre-encrypt files before downloading to the ZentriOS device.

For details of encryption and decryption procedures, see File System, Encrypting Files for Use by ZentriOS.

Usage Instructions

Open a ZentriOS serial terminal to the device. See Getting Started, Opening a ZentriOS Terminal.

When the ZAP runs, terminal output is similar to the following:

Starting File Encryption Example
User key Set
Generating buffer with 1500 bytes of dummy data
Encrypting file ...
Buffer: 0x10083658 (16): IV
E5 88 58 8C 77 35 8C A9 35 6C A9 31 6C EE CE E8
Buffer: 0x10083668 (16): HMAC
53 1C 13 83 80 07 BD 72 B8 9C 41 3B F9 52 EE 30
File not found
[Opened: 0]
> File created
[Closed: 0]
> Encrypted file created: encrypted_file_example.bin
Derypting file ...
[Opened: 0]
> Buffer: 0x100834b8 (16): IV
E5 88 58 8C 77 35 8C A9 35 6C A9 31 6C EE CE E8
Buffer: 0x10083668 (16): HMAC
53 1C 13 83 80 07 BD 72 B8 9C 41 3B F9 52 EE 30
[Closed: 0]
> File successfully decrypted into buffer
ZAP exited. Reboot to run again.

Implementation

main.c

zn_app_init

The script runs once then exits.

It sets the variable system.security_key to a key defined in the source.

It generates a buffer of dummy data, then calls encrypt_buffer_to_file() (encrypt.c) to encrypt the buffer to a file using the key.

It then calls decrypt_file_to_buffer() (decrypt.c) to decrypt the file to a buffer.

encrypt.c

encrypt_buffer_to_file

This demonstrates the details of ZentriOS file encryption.

Calls to zn_dump_buffer display IV and HMAC blocks on the ZentriOS terminal.

The encrypted file has a special format and has file system flags set to indicate the encryption state:

decrypt.c

decrypt_buffer_from_file

This demonstrates the details of ZentriOS file decryption.

Calls to zn_dump_buffer display IV and HMAC blocks on the ZentriOS terminal.

Source

See: