////////////////////////////////////////////////////////////////////////////
//
// AES Encryption / Decryption - ECB Blocks
//
////////////////////////////////////////////////////////////////////////////
int AESCryptECB_Blocks( uint8 *key, uint8 keyLen, uint8 mode, uint8 nBlocks, uint8 *in, uint8 *out )
{
int i;
aes_context aes_ctx;
if( mode == AES_ENCRYPT )
{
aes_setkey_enc(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
}
else if( mode == AES_DECRYPT )
{
aes_setkey_dec(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
}
else
{
return (FAIL);
}
for( i = 0; i < nBlocks; i++)
{
if ( aes_crypt_ecb(&aes_ctx, mode, in, out) != aes_pass )
{
return (FAIL);
}
out += AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
}
return ( PASS );
}
void ctr_init_counter( ctr_aes_context* ctx,
u8 key[16],
u8 ctr[16] )
{
aes_setkey_enc(&ctx->aes, key, 128);
ctr_set_counter(ctx, ctr);
}
/*
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy)
*/
int ctr_drbg_init_entropy_len(
ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len,
size_t entropy_len )
{
int ret;
unsigned char key[CTR_DRBG_KEYSIZE];
memset( ctx, 0, sizeof(ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
ctx->entropy_len = entropy_len;
ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL;
/*
* Initialize with an empty key
*/
aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS );
if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret );
return( 0 );
}
void ctr_init_cbc_encrypt( ctr_aes_context* ctx,
u8 key[16],
u8 iv[16] )
{
aes_setkey_enc(&ctx->aes, key, 128);
ctr_set_iv(ctx, iv);
}
void indiv_gen(u8 *seed0, u8 *seed1, u8 *seed2, u8 *seed3, u8 *indiv) {
u32 i, rounds = INDIV_SIZE / INDIV_CHUNK_SIZE;
u8 iv[0x10];
aes_context aes_ctxt;
memset(indiv, 0, INDIV_SIZE);
//Copy seeds.
if (seed0 != NULL)
memcpy(indiv, seed0, INDIV_SEED_SIZE);
if (seed1 != NULL)
memcpy(indiv + INDIV_SEED_SIZE, seed1, INDIV_SEED_SIZE);
if (seed2 != NULL)
memcpy(indiv + INDIV_SEED_SIZE * 2, seed2, INDIV_SEED_SIZE);
if (seed3 != NULL)
memcpy(indiv + INDIV_SEED_SIZE * 3, seed3, INDIV_SEED_SIZE);
//Generate.
for (i = 0; i < rounds; i++, indiv += INDIV_CHUNK_SIZE) {
//Set key and iv.
aes_setkey_enc(&aes_ctxt, eid_root_key, KEY_BITS(ISO_ROOT_KEY_SIZE));
memcpy(iv, eid_root_key + 0x20, ISO_ROOT_IV_SIZE);
//Encrypt one chunk.
aes_crypt_cbc(&aes_ctxt, AES_ENCRYPT, INDIV_CHUNK_SIZE, iv, indiv, indiv);
}
}
////////////////////////////////////////////////////////////////////////////
//
// AES Encryption / Decryption - ECB
//
////////////////////////////////////////////////////////////////////////////
int AESCryptECB( uint8 *key, uint8 keyLen, uint8 mode, uint8 *in, uint8 *out )
{
int ret;
aes_context aes_ctx;
if( mode == AES_ENCRYPT )
{
aes_setkey_enc(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
if ( (ret = aes_crypt_ecb (&aes_ctx, AES_ENCRYPT, in, out)) != aes_pass )
{
return (FAIL);
}
}
else if ( mode == AES_DECRYPT )
{
aes_setkey_dec(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
if ( (aes_crypt_ecb (&aes_ctx, AES_DECRYPT, in, out)) != aes_pass )
{
return (FAIL);
}
}
else
{
return ( FAIL );
}
return (PASS);
}
////////////////////////////////////////////////////////////////////////////
//
// AES Encryption / Decryption - CBC
//
////////////////////////////////////////////////////////////////////////////
int AESCryptCBC( uint8 *key, uint8 keyLen, uint8 mode, uint8 *iv, uint8 inLen, uint8 *in, uint8 *out )
{
aes_context aes_ctx;
int ret;
if(inLen % 16)
{
proj_printf("ERROR: Length is incorrect");
return inLen;
}
if ( mode == AES_ENCRYPT )
{
aes_setkey_enc(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
if ( ( ret = aes_crypt_cbc(&aes_ctx, mode, inLen, iv, in, out) ) != aes_pass )
{
return ( FAIL );
}
}
else if ( mode == AES_DECRYPT )
{
aes_setkey_dec(&aes_ctx, key, keyLen*8); //PolarSSL takes key length in bits
if ( (aes_crypt_cbc (&aes_ctx, mode, inLen, iv, in, out)) != aes_pass )
{
return (FAIL);
}
}
else
{
return ( FAIL );
}
return ( PASS );
}
void ctr_init_cbc_encrypt( ctr_crypto_context* ctx,
unsigned char key[16],
unsigned char iv[16] )
{
aes_setkey_enc(&ctx->aes, key, 128);
ctr_set_iv(ctx, iv);
}
static int l_aes128encrypt_ecb(lua_State *L)
{
//Check number of arguments
int i;
size_t size;
const char *p_key = luaL_checklstring(L, 1, &size);
if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
const char *p_txt = luaL_checklstring(L, 2, &size);
unsigned char indata[16] = {0x00};
unsigned char outdata[16] = {0x00};
unsigned char aes_key[16] = {0x00};
for (i = 0; i < 32; i += 2) {
sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
}
aes_context ctx;
aes_init(&ctx);
aes_setkey_enc(&ctx, aes_key, 128);
aes_crypt_ecb(&ctx, AES_ENCRYPT, indata, outdata );
//Push encrypted array as a string
lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
return 1;// return 1 to signal one return value
}
int main()
{
unsigned char key[16] = "123456789012344";
const unsigned char input[16] = "hallozestien34";
unsigned char output[16];
unsigned char original_input[16];
printf("%s\n", input);
aes_context ctx;
aes_setkey_enc(&ctx, key, 128);
aes_crypt_ecb(&ctx, AES_ENCRYPT, input, output);
unsigned char output_buf[1024];
size_t baselen = 1024;
base64_encode(output_buf, &baselen, output, 16);
printf("%s\n", output_buf);
aes_setkey_dec(&ctx, key, 128);
aes_crypt_ecb(&ctx, AES_DECRYPT, output, original_input);
printf("original input:\n%s\n", original_input);
return 0;
}
void ctr_init_counter( ctr_crypto_context* ctx,
unsigned char key[16],
unsigned char ctr[12] )
{
aes_setkey_enc(&ctx->aes, key, 128);
ctr_set_counter(ctx, ctr);
}
OSStatus
AES_CTR_Init(
AES_CTR_Context * inContext,
const uint8_t inKey[ kAES_CTR_Size ],
const uint8_t inNonce[ kAES_CTR_Size ] )
{
#if( AES_UTILS_USE_COMMON_CRYPTO )
OSStatus err;
inContext->cryptor = NULL;
err = CCCryptorCreate( kCCEncrypt, kCCAlgorithmAES128, kCCOptionECBMode, inKey, kAES_CTR_Size, NULL,
&inContext->cryptor );
check_noerr( err );
if( err ) return( err );
#elif( AES_UTILS_USE_GLADMAN_AES )
aes_init();
aes_encrypt_key128( inKey, &inContext->ctx );
#elif( AES_UTILS_USE_USSL )
aes_setkey_enc( &inContext->ctx, (unsigned char *) inKey, kAES_CTR_Size * 8 );
#else
AES_set_encrypt_key( inKey, kAES_CTR_Size * 8, &inContext->key );
#endif
memcpy( inContext->ctr, inNonce, kAES_CTR_Size );
inContext->used = 0;
inContext->legacy = false;
return( kNoErr );
}
OSStatus
AES_CBCFrame_Init(
AES_CBCFrame_Context * inContext,
const uint8_t inKey[ kAES_CBCFrame_Size ],
const uint8_t inIV[ kAES_CBCFrame_Size ],
Boolean inEncrypt )
{
#if( AES_UTILS_USE_COMMON_CRYPTO )
OSStatus err;
inContext->cryptor = NULL;
err = CCCryptorCreate( inEncrypt ? kCCEncrypt : kCCDecrypt, kCCAlgorithmAES128, 0, inKey, kAES_CTR_Size,
NULL, &inContext->cryptor );
check_noerr( err );
if( err ) return( err );
#elif( AES_UTILS_USE_GLADMAN_AES )
aes_init();
if( inEncrypt ) aes_encrypt_key128( inKey, &inContext->ctx.encrypt );
else aes_decrypt_key128( inKey, &inContext->ctx.decrypt );
inContext->encrypt = inEncrypt;
#elif( AES_UTILS_USE_USSL )
if( inEncrypt ) aes_setkey_enc( &inContext->ctx, (unsigned char *) inKey, kAES_CBCFrame_Size * 8 );
else aes_setkey_dec( &inContext->ctx, (unsigned char *) inKey, kAES_CBCFrame_Size * 8 );
inContext->encrypt = inEncrypt;
#else
if( inEncrypt ) AES_set_encrypt_key( inKey, kAES_CBCFrame_Size * 8, &inContext->key );
else AES_set_decrypt_key( inKey, kAES_CBCFrame_Size * 8, &inContext->key );
inContext->mode = inEncrypt ? AES_ENCRYPT : AES_DECRYPT;
#endif
memcpy( inContext->iv, inIV, kAES_CBCFrame_Size );
return( kNoErr );
}
void cAESCFBDecryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
{
ASSERT(!IsValid()); // Cannot Init twice
memcpy(m_IV, a_IV, 16);
aes_setkey_enc(&m_Aes, a_Key, 128);
m_IsValid = true;
}
USING_NAMESPACE_CRYPTO
AES& AES::SetEncryptKey(const unsigned char *key, const int length)
{
assert(128 == length || 192 == length || 256 == length);
aes_setkey_enc(&m_encctx, (unsigned char *)key, length);
return *this;
}
void Crypto::AesCtr(const u8* in, u32 size, const u8 key[kAes128KeySize], u8 ctr[kAesBlockSize], u8* out)
{
aes_context ctx;
u8 block[kAesBlockSize] = { 0 };
size_t counterOffset = 0;
aes_setkey_enc(&ctx, key, 128);
aes_crypt_ctr(&ctx, size, &counterOffset, ctr, block, in, out);
}
void eid0_hash_encrypt_section_0(u8 *section_in, u8 *section_out)
{
u8 indiv[INDIV_SIZE];
u8 key[0x10];
aes_context aes_ctxt;
//Generate individuals.
indiv_gen(eid0_indiv_seed, NULL, NULL, NULL, indiv);
//Generate key.
aes_setkey_enc(&aes_ctxt, indiv + INDIV_EID0_SEC_0_GENKEY_OFFSET, 0x100);
aes_crypt_ecb(&aes_ctxt, AES_ENCRYPT, eid0_keyseed_1, key);
//Calculate aes omac1.
aes_omac1(section_in + 0xA8, section_in, 0xA8, key, 0x80);
//Encrypt section 0 of eid0.
aes_setkey_enc(&aes_ctxt, key, 0x80);
aes_crypt_cbc(&aes_ctxt, AES_ENCRYPT, 0xC0, indiv + INDIV_EID0_SEC_0_IV_OFFSET, section_in, section_out);
}
/**Takes in a key value. That key value must be 128 bits. This method
only returns an encrypted password. */
void HANDLE_THIS_PASSWORD(unsigned char *pass, unsigned char *ciphertext) {
aes_context ctx;
unsigned char* key = calloc(16, sizeof(char));
for (unsigned int i = 0; i < 16; i++) {
key[i] = pass[i];
}
unsigned char* plaintext = calloc(16, sizeof(char));
aes_setkey_enc(&ctx, key, 128);
aes_crypt_ecb(&ctx, AES_ENCRYPT, plaintext, ciphertext); //Need Error Handling code
free(key);
free(plaintext);
}
void CryptState_genKey(cryptState_t *cs) {
RAND_bytes(cs->raw_key, AES_BLOCK_SIZE);
RAND_bytes(cs->encrypt_iv, AES_BLOCK_SIZE);
RAND_bytes(cs->decrypt_iv, AES_BLOCK_SIZE);
#ifndef USE_POLARSSL
AES_set_encrypt_key(cs->raw_key, 128, &cs->encrypt_key);
AES_set_decrypt_key(cs->raw_key, 128, &cs->decrypt_key);
#else
aes_setkey_enc(&cs->aes_enc, cs->raw_key, 128);
aes_setkey_dec(&cs->aes_dec, cs->raw_key, 128);
#endif
cs->bInit = true;
}
void CryptState_setKey(cryptState_t *cs, const unsigned char *rkey, const unsigned char *eiv, const unsigned char *div)
{
memcpy(cs->raw_key, rkey, AES_BLOCK_SIZE);
memcpy(cs->encrypt_iv, eiv, AES_BLOCK_SIZE);
memcpy(cs->decrypt_iv, div, AES_BLOCK_SIZE);
#ifndef USE_POLARSSL
AES_set_encrypt_key(cs->decrypt_iv, 128, &cs->encrypt_key);
AES_set_decrypt_key(cs->raw_key, 128, &cs->decrypt_key);
#else
aes_setkey_enc(&cs->aes_enc, cs->decrypt_iv, 128);
aes_setkey_dec(&cs->aes_dec, cs->raw_key, 128);
#endif
cs->bInit = true;
}
struct obj_str *aes_encrypt(UCHAR * plain, int plainlen, UCHAR * iv, char *key,
int keylen)
{
UCHAR ciphertext[AES_MSG_SIZE];
UCHAR digest[AES_KEY_SIZE];
UCHAR plain_padded[AES_MSG_SIZE];
UCHAR iv_local[AES_IV_SIZE];
aes_context aes_ctx;
int plainlen_padded = 0;
int i = 0;
struct obj_str *cipher = NULL;
/* Plaintext out of boundary */
if (plainlen <= 0 || plainlen > AES_MSG_SIZE) {
return NULL;
}
/* Compute padded plaintext length */
i = plainlen % AES_BLOCK_SIZE;
plainlen_padded = (i == 0) ? plainlen : plainlen - i + AES_BLOCK_SIZE;
/* Plaintext out of boundary */
if (plainlen_padded <= 0 || plainlen_padded > AES_MSG_SIZE) {
return NULL;
}
/* Store padded message */
memset(plain_padded, '\0', AES_MSG_SIZE);
memcpy(plain_padded, plain, plainlen);
/* Store iv locally because it gets modified by aes_crypt_cbc() later */
memcpy(iv_local, iv, AES_IV_SIZE);
/* Setup AES context with the key and the IV */
aes_key_setup(digest, iv_local, key, keylen);
if (aes_setkey_enc(&aes_ctx, digest, 256) != 0) {
return NULL;
}
/* Encrypt message */
if (aes_crypt_cbc
(&aes_ctx, AES_ENCRYPT, plainlen_padded, iv_local, plain_padded,
ciphertext) != 0) {
return NULL;
}
cipher = str_init(ciphertext, plainlen_padded);
return cipher;
}
void AesCtrCrypt(u8 *key, u8 *ctr, u8 *input, u8 *output, u64 length, u64 offset)
{
u8 stream[16];
aes_context aes;
size_t nc_off = 0;
clrmem(&aes,sizeof(aes_context));
aes_setkey_enc(&aes, key, 128);
SetAesCtrOffset(ctr,offset);
aes_crypt_ctr(&aes, length, &nc_off, ctr, stream, input, output);
return;
}
TEST_FIXTURE(AESFixture, EncryptsSameAsOpenSSL)
{
uint8_t buf[32];
memcpy(buf, plaintext, 32);
unsigned char iv[16];
memcpy(iv, credentials + 16, 16);
aes_context ctx;
aes_setkey_enc(&ctx, credentials, 128);
/* Note length 21, without PKCS #7 padding */
aes_crypt_cbc(&ctx, AES_ENCRYPT, 21, iv, buf, buf);
CHECK_ARRAY_EQUAL(ciphertext, buf, 32);
}
int
cryAesEncrypt(const char *sKey, int iKeyLen,
const char *sInBuf, int iInLen, char *sOutBuf, int *piOutLen)
{
unsigned char sHash[48];
unsigned char *pIV = sHash + 32;
aes_context tCtx;
int iLast;
iLast = iInLen % 16;
if (iLast) {
iInLen -= iLast;
if (*piOutLen < iInLen + 16) {
return -1;
}
*piOutLen = iInLen + 16;
} else {
if (*piOutLen < iInLen) {
return -2;
}
*piOutLen = iInLen;
}
sha4((const unsigned char *)sKey, iKeyLen, sHash, 1);
aes_setkey_enc(&tCtx, sHash, 256);
if (aes_crypt_cbc(&tCtx, DES_ENCRYPT, iInLen, pIV,
(const unsigned char *)sInBuf,
(unsigned char *)sOutBuf) != 0) {
return -3;
}
if (iLast) {
memcpy(sOutBuf + iInLen, sInBuf + iInLen, iLast);
memset(sOutBuf + iInLen + iLast, 0, 16 - iLast);
if (aes_crypt_cbc(&tCtx, DES_ENCRYPT, 16, pIV,
(const unsigned char *)sOutBuf + iInLen,
(unsigned char *)sOutBuf + iInLen) != 0) {
return -4;
}
}
return 0;
}
/*
* @brief Wrapper for AES-256 in CFB128 mode decryption
* The key must be 32 bytes long and the IV must be 16 bytes long, IV is not updated
*
* @param[in] key decryption key, 256 bits long
* @param[in] IV Initialisation vector, 128 bits long, is not modified by this function.
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[out] output Output data buffer
*
*/
void bctbx_aes256CfbDecrypt(const uint8_t key[32],
const uint8_t IV[16],
const uint8_t *input,
size_t inputLength,
uint8_t *output)
{
uint8_t IVbuffer[16];
size_t iv_offset=0;
aes_context context;
memcpy(IVbuffer, IV, 16*sizeof(uint8_t));
memset (&context, 0, sizeof(aes_context));
aes_setkey_enc(&context, key, 256);
/* decrypt */
aes_crypt_cfb128 (&context, AES_DECRYPT, inputLength, &iv_offset, IVbuffer, input, output);
}
CWiiSaveCrypted::CWiiSaveCrypted(const char* FileName, u64 TitleID)
: m_TitleID(TitleID)
{
Common::ReadReplacements(replacements);
encryptedSavePath = std::string(FileName);
memcpy(SD_IV, "\x21\x67\x12\xE6\xAA\x1F\x68\x9F\x95\xC5\xA2\x23\x24\xDC\x6A\x98", 0x10);
if (!TitleID) // Import
{
aes_setkey_dec(&m_AES_ctx, SDKey, 128);
b_valid = true;
ReadHDR();
ReadBKHDR();
ImportWiiSaveFiles();
// TODO: check_sig()
if (b_valid)
{
SuccessAlertT("Successfully imported save files");
}
else
{
PanicAlertT("Import failed");
}
}
else
{
aes_setkey_enc(&m_AES_ctx, SDKey, 128);
if (getPaths(true))
{
b_valid = true;
WriteHDR();
WriteBKHDR();
ExportWiiSaveFiles();
do_sig();
if (b_valid)
{
SuccessAlertT("Successfully exported file to %s", encryptedSavePath.c_str());
}
else
{
PanicAlertT("Export failed");
}
}
}
}
void AesCbcCrypt(u8 *key, u8 *iv, u8 *input, u8 *output, u64 length, u8 mode)
{
aes_context aes;
clrmem(&aes,sizeof(aes_context));
switch(mode){
case(ENC):
aes_setkey_enc(&aes, key, 128);
aes_crypt_cbc(&aes, AES_ENCRYPT, length, iv, input, output);
return;
case(DEC):
aes_setkey_dec(&aes, key, 128);
aes_crypt_cbc(&aes, AES_DECRYPT, length, iv, input, output);
return;
default:
return;
}
}
void eid3_decrypt_buffer(u8 *eid3)
{
u8 indiv[INDIV_SIZE];
u8 key[0x10], iv[0x10];
aes_context aes_ctxt;
//Generate individuals.
indiv_gen(eid3_indiv_seed, NULL, NULL, NULL, indiv);
//Generate key.
memset(iv, 0, 0x10);
aes_setkey_enc(&aes_ctxt, indiv + 0x20, 0x100);
aes_crypt_cbc(&aes_ctxt, AES_ENCRYPT, 0x10, iv, eid3_keyseed, key);
//Calculate eid3 aes omac1.
u8 digest[AES_OMAC1_DIGEST_SIZE];
aes_omac1(digest, eid3, 0xF0, key, 0x80);
_hexdump(stdout,"",0,digest,AES_OMAC1_DIGEST_SIZE,0);
_hexdump(stdout,"",0,(u8*)eid3 + 0xF0,AES_OMAC1_DIGEST_SIZE,0);
if(memcmp(digest, eid3 + 0xF0, AES_OMAC1_DIGEST_SIZE) != 0)
printf("warning: eid3 omac1 hash check failed!\n");
//Decrypt eid3.
aes_setkey_dec(&aes_ctxt, key, 0x80);
memcpy(iv, eid3 + 0x10, 0x10);
aes_crypt_cbc(&aes_ctxt, AES_DECRYPT, 0xD0, iv, eid3 + 0x20, eid3 + 0x20);
//Decrypt second layer.
memset(iv, 0, 0x10);
aes_setkey_dec(&aes_ctxt, eid3_static_key, 0x80);
aes_crypt_cbc(&aes_ctxt, AES_DECRYPT, 0xD0, iv, eid3 + 0x20, eid3 + 0x20);
u8 sha1_digest[20];
sha1(eid3 + 0x20, 0xB8, sha1_digest);
_hexdump(stdout,"",0,sha1_digest,20,0);
_hexdump(stdout,"",0,(u8*)eid3 + 0x20 + 0xB8,20,0);
if(memcmp(sha1_digest, eid3 + 0x20 + 0xB8, 20) != 0)
printf("warning: eid3 sha1 hash check failed!\n");
}
bool PacketEncryptor::processOutPacket(Peer* peer, Packet* packet, int channelId)
{
if(!GetBitFlag(packet->getFlags(), PacketFlags::Encrypted))
return true;
auto stream = packet->getMemoryStream();
// Add AES padding
uint8 p = 16 - (stream->getPosition()+1)%16;
stream->setPosition(p, StreamSeekMode::Relative);
stream->write(&p, 1);
// Encrypt
int size = stream->getPosition();
uint8* data = stream->data.data();
aes_setkey_enc(aes, secret.data(), secret.size());
aes_crypt_cbc(aes, AES_ENCRYPT, size, iv, data, data);
return true;
}
/*
* @brief Wrapper for AES-128 in CFB128 mode decryption
* Both key and IV must be 16 bytes long, IV is not updated
*
* @param[in] key decryption key, 128 bits long
* @param[in] IV Initialisation vector, 128 bits long, is not modified by this function.
* @param[in] input Input data buffer
* @param[in] inputLength Input data length
* @param[out] output Output data buffer
*
*/
void bctbx_aes128CfbDecrypt(const uint8_t key[16],
const uint8_t IV[16],
const uint8_t *input,
size_t inputLength,
uint8_t *output)
{
uint8_t IVbuffer[16];
size_t iv_offset=0; /* is not used by us but needed and updated by polarssl */
aes_context context;
memset (&context, 0, sizeof(aes_context));
/* make a local copy of IV which is modified by the polar ssl AES-CFB function */
memcpy(IVbuffer, IV, 16*sizeof(uint8_t));
/* initialise the aes context and key - use the aes_setkey_enc function as requested by the documentation of aes_crypt_cfb128 function */
aes_setkey_enc(&context, key, 128);
/* encrypt */
aes_crypt_cfb128 (&context, AES_DECRYPT, inputLength, &iv_offset, IVbuffer, input, output);
}
