Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Library: file encryption/decryption support #163

Draft
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

an4tur0r
Copy link
Contributor

What's new

This PR adds functions to encrypt and decrypt file content using AES algorithm.

Verification

  • [ Describe how to verify changes ]

Checklist (For Reviewer)

  • PR has description of feature/bug
  • Description contains actions to verify feature/bugfix
  • I've built this code, uploaded it to the device and verified feature/bugfix


const char* enc_filepath = strcat((char*)path, ENCRYPTION_EXT);

if(file_stream_open(stream_from, path, FSAM_READ, FSOM_OPEN_EXISTING) &&
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unit test hangs here, I suspect something with Storage* instance.

@an4tur0r an4tur0r force-pushed the feature/storage_file_encryption branch from 3f2892b to ea0a922 Compare November 13, 2022 13:18
Copy link

@PraveenNanda124 PraveenNanda124 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

@DarkFlippers DarkFlippers deleted a comment from X7HYPER Dec 29, 2022
@DarkFlippers DarkFlippers deleted a comment from X7HYPER Dec 29, 2022
// create new random initialization vector
uint8_t iv[ENCRYPTION_IV_SIZE];
srand(DWT->CYCCNT);
furi_hal_random_fill_buf(iv, ENCRYPTION_IV_SIZE);
Copy link
Contributor

@Fasjeit Fasjeit Jan 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IV is generated here using srand PRNG + CYCCNT (i.e. cycle counter) as seed,

  • Only 32 bits of "entropy" for CYCCNT link
  • Predicted (CYCCNT is just incrementing counter), making predicted IV attacks possible (like complete plaintext recovery for low entropy plaintexts) as the resulted encryption is no longer CPA secure
  • srand is not a secure PRG (even with better seed as it has only 31 bit inner state)

Original flipper firmware already implemented much better random generation using sts32 hardware random generator. See furi_hal_random.c rand() function which can be used instead of srand.

@ssudac
Copy link

ssudac commented Mar 7, 2023

Any updates to this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants