aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGiovanni Di Sirio <gdisirio@gmail.com>2017-10-22 09:34:37 +0000
committerGiovanni Di Sirio <gdisirio@gmail.com>2017-10-22 09:34:37 +0000
commit695dbad0846781728a1c0d95343ea64a39f4eaa3 (patch)
tree2c76a1300fe1bb65d60678743d3a14fdfcab54f9
parent39daa496e9b2a7c3825ca102fa3c7462dc6683fc (diff)
downloadChibiOS-695dbad0846781728a1c0d95343ea64a39f4eaa3.tar.gz
ChibiOS-695dbad0846781728a1c0d95343ea64a39f4eaa3.tar.bz2
ChibiOS-695dbad0846781728a1c0d95343ea64a39f4eaa3.zip
More crypto code, still unfinished.
git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10870 35acf78f-673a-0410-8e92-d51de3d6d3f4
-rw-r--r--os/hal/include/hal_crypto.h83
-rw-r--r--os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c29
-rw-r--r--os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h66
-rw-r--r--os/hal/src/hal_crypto.c126
4 files changed, 189 insertions, 115 deletions
diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h
index 6e5309e37..091bc0829 100644
--- a/os/hal/include/hal_crypto.h
+++ b/os/hal/include/hal_crypto.h
@@ -35,27 +35,6 @@
/* Driver pre-compile time settings. */
/*===========================================================================*/
-/**
- * @name CRYPTO configuration options
- * @{
- */
-/**
- * @brief Enables asynchronous APIs.
- * @note Disabling this option saves both code and data space.
- */
-#if !defined(CRY_USE_CALLBACKS) || defined(__DOXYGEN__)
-#define CRY_USE_CALLBACKS TRUE
-#endif
-
-/**
- * @brief Enables the @p cryAcquireBus() and @p cryReleaseBus() APIs.
- * @note Disabling this option saves both code and data space.
- */
-#if !defined(CRY_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__)
-#define CRY_USE_MUTUAL_EXCLUSION TRUE
-#endif
-/** @} */
-
/*===========================================================================*/
/* Derived constants and error checks. */
/*===========================================================================*/
@@ -70,8 +49,7 @@
typedef enum {
CRY_UNINIT = 0, /**< Not initialized. */
CRY_STOP = 1, /**< Stopped. */
- CRY_READY = 2, /**< Ready. */
- CRY_ACTIVE = 3 /**< Operation running. */
+ CRY_READY = 2 /**< Ready. */
} crystate_t;
/**
@@ -85,6 +63,17 @@ typedef enum {
CRY_ERR_INV_KEY_ID = 4 /**< Invalid key type. */
} cryerror_t;
+/**
+ * @brief Type of an algorithm identifier.
+ * @note It is only used to determine the key required for operations.
+ */
+typedef enum {
+ cry_algo_none = 0,
+ cry_algo_aes,
+ cry_algo_des,
+ cry_algo_tripledes
+} cryalgorithm_t;
+
#include "hal_crypto_lld.h"
#if !defined(CRY_LLD_SUPPORTS_AES_ECB) || \
@@ -94,24 +83,6 @@ typedef enum {
#error "CRYPTO LLD does not export required switches"
#endif
-/**
- * @brief Type of an algorithm identifier.
- */
-typedef enum {
-#if (CRY_LLD_SUPPORTS_AES_ECB == TRUE) || defined(__DOXYGEN__)
- cry_algo_aes_ecb,
-#endif
-#if (CRY_LLD_SUPPORTS_AES_CBC == TRUE) || defined(__DOXYGEN__)
- cry_algo_aes_cbc,
-#endif
-#if (CRY_LLD_SUPPORTS_AES_CFB == TRUE) || defined(__DOXYGEN__)
- cry_algo_aes_cfb,
-#endif
-#if (CRY_LLD_SUPPORTS_AES_CTR == TRUE) || defined(__DOXYGEN__)
- cry_algo_aes_ctr,
-#endif
-} cryalgorithm_t;
-
/*===========================================================================*/
/* Driver macros. */
/*===========================================================================*/
@@ -133,29 +104,34 @@ extern "C" {
void cryObjectInit(CRYDriver *cryp);
void cryStart(CRYDriver *cryp, const CRYConfig *config);
void cryStop(CRYDriver *cryp);
+
cryerror_t cryLoadTransientKey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
#if CRY_LLD_SUPPORTS_AES_ECB == TRUE
- cryerror_t cryEncryptAES_ECB(crykey_t key_id,
+ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
- cryerror_t cryDecryptAES_ECB(crykey_t key_id,
+ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
#endif /* CRY_LLD_SUPPORTS_AES_ECB == TRUE */
#if CRY_LLD_SUPPORTS_AES_CBC == TRUE
- cryerror_t cryEncryptAES_CBC(crykey_t key_id,
+ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
- cryerror_t cryDecryptAES_CBC(crykey_t key_id,
+ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
@@ -163,12 +139,14 @@ extern "C" {
#endif /* CRY_LLD_SUPPORTS_AES_CBC == TRUE */
#if CRY_LLD_SUPPORTS_AES_CFB == TRUE
- cryerror_t cryEncryptAES_CFB(crykey_t key_id,
+ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
- cryerror_t cryDecryptAES_CFB(crykey_t key_id,
+ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
@@ -176,24 +154,21 @@ extern "C" {
#endif /* CRY_LLD_SUPPORTS_AES_CFB == TRUE */
#if CRY_LLD_SUPPORTS_AES_CTR == TRUE
- cryerror_t cryEncryptAES_CTR(crykey_t key_id,
+ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
- cryerror_t cryDecryptAES_CTR(crykey_t key_id,
+ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
#endif /* CRY_LLD_SUPPORTS_AES_CTR == TRUE */
-
-#if ADC_USE_MUTUAL_EXCLUSION == TRUE
- void cryAcquireBus(CRYDriver *cryp);
- void cryReleaseBus(CRYDriver *cryp);
-#endif
#ifdef __cplusplus
}
#endif
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c
index 37cdb2a71..a843ddd44 100644
--- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c
+++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c
@@ -34,8 +34,8 @@
/* Driver exported variables. */
/*===========================================================================*/
-/** @brief CRYP1 driver identifier.*/
-#if STM32_CRY_USE_CRYP1 || defined(__DOXYGEN__)
+/** @brief CRY1 driver identifier.*/
+#if PLATFORM_CRY_USE_CRY1 || defined(__DOXYGEN__)
CRYDriver CRYD1;
#endif
@@ -92,6 +92,31 @@ void cry_lld_stop(CRYDriver *cryp) {
}
}
+/**
+ * @brief Initializes the transient key for a specific algorithm.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] keyp pointer to the key data
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or
+ * unsupported.
+ * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_loadkey(CRYDriver *cryp,
+ cryalgorithm_t algorithm,
+ size_t size,
+ const uint8_t *keyp) {
+
+ (void)cryp;
+ (void)algorithm;
+ (void)size;
+ (void)keyp;
+
+ return CRY_NOERROR;
+}
#endif /* HAL_USE_CRY */
/** @} */
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h
index e7279728b..2bc94b31d 100644
--- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h
+++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h
@@ -107,23 +107,21 @@ typedef struct {
*/
struct CRYDriver {
/**
- * @brief Driver state.
+ * @brief Driver state.
*/
crystate_t state;
/**
- * @brief Current configuration data.
+ * @brief Current configuration data.
*/
const CRYConfig *config;
/**
- * @brief Waiting thread.
+ * @brief Algorithm type of transient key.
*/
- thread_reference_t thread;
-#if (CRY_USE_MUTUAL_EXCLUSION == TRUE) || defined(__DOXYGEN__)
+ cryalgorithm_t key0_type;
/**
- * @brief Mutex protecting the peripheral.
+ * @brief Size of transient key.
*/
- mutex_t mutex;
-#endif
+ size_t key0_size;
#if defined(CRY_DRIVER_EXT_FIELDS)
CRY_DRIVER_EXT_FIELDS
#endif
@@ -148,6 +146,58 @@ extern "C" {
void cry_lld_init(void);
void cry_lld_start(CRYDriver *cryp);
void cry_lld_stop(CRYDriver *cryp);
+ cryerror_t cry_lld_loadkey(CRYDriver *cryp,
+ cryalgorithm_t algorithm,
+ size_t size,
+ const uint8_t *keyp);
+ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *nonce,
+ uint8_t *cnt);
+ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *nonce,
+ uint8_t *cnt);
#ifdef __cplusplus
}
#endif
diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c
index 0493da872..79a5be9a2 100644
--- a/os/hal/src/hal_crypto.c
+++ b/os/hal/src/hal_crypto.c
@@ -69,10 +69,6 @@ void cryObjectInit(CRYDriver *cryp) {
cryp->state = CRY_STOP;
cryp->config = NULL;
- cryp->thread = NULL;
-#if CRY_USE_MUTUAL_EXCLUSION == TRUE
- osalMutexObjectInit(&cryp->mutex);
-#endif
#if defined(CRY_DRIVER_EXT_INIT_HOOK)
CRY_DRIVER_EXT_INIT_HOOK(cryp);
#endif
@@ -141,12 +137,28 @@ void cryStop(CRYDriver *cryp) {
cryerror_t cryLoadTransientKey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
- const uint8_t *keyp);
+ const uint8_t *keyp) {
+ cryerror_t err;
+
+ /* Storing the transient key metadata.*/
+ cryp->key0_type = algorithm;
+ cryp->key0_size = size;
+
+ /* Key setup in the low level driver.*/
+ err = cry_lld_loadkey(cryp, algorithm, size, keyp);
+ if (err != CRY_NOERROR) {
+ cryp->key0_type = cry_algo_none;
+ cryp->key0_size = (size_t)0;
+ }
+
+ return err;
+}
#if (CRY_LLD_SUPPORTS_AES_ECB == TRUE) || defined(__DOXYGEN__)
/**
* @brief Encryption operation using AES-ECB.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -164,16 +176,21 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp,
*
* @api
*/
-cryerror_t cryEncryptAES_ECB(crykey_t key_id,
+cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out) {
+ osalDbgCheck((in != NULL) && (out != NULL));
+
+ return cry_lld_encrypt_AES_ECB(cryp, key_id, size, in, out);
}
/**
* @brief Decryption operation using AES-ECB.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -191,11 +208,16 @@ cryerror_t cryEncryptAES_ECB(crykey_t key_id,
*
* @api
*/
-cryerror_t cryDecryptAES_ECB(crykey_t key_id,
- size_t blocks,
+cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
const uint8_t *in,
uint8_t *out) {
+ osalDbgCheck((in != NULL) && (out != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_decrypt_AES_ECB(cryp, key_id, size, in, out);
}
#endif /* CRY_LLD_SUPPORTS_AES_ECB == TRUE */
@@ -203,6 +225,7 @@ cryerror_t cryDecryptAES_ECB(crykey_t key_id,
/**
* @brief Encryption operation using AES-CBC.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -221,17 +244,23 @@ cryerror_t cryDecryptAES_ECB(crykey_t key_id,
*
* @api
*/
-cryerror_t cryEncryptAES_CBC(crykey_t key_id,
+cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
- const uint8_t *iv){
+ const uint8_t *iv) {
+ osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
/**
* @brief Decryption operation using AES-CBC.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -250,12 +279,17 @@ cryerror_t cryEncryptAES_CBC(crykey_t key_id,
*
* @api
*/
-cryerror_t cryDecryptAES_CBC(crykey_t key_id,
+cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
+ osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
#endif /* CRY_LLD_SUPPORTS_AES_CBC == TRUE */
@@ -263,6 +297,7 @@ cryerror_t cryDecryptAES_CBC(crykey_t key_id,
/**
* @brief Encryption operation using AES-CFB.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -281,17 +316,23 @@ cryerror_t cryDecryptAES_CBC(crykey_t key_id,
*
* @api
*/
-cryerror_t cryEncryptAES_CFB(crykey_t key_id,
+cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
+ osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
/**
* @brief Decryption operation using AES-CFB.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -310,12 +351,17 @@ cryerror_t cryEncryptAES_CFB(crykey_t key_id,
*
* @api
*/
-cryerror_t cryDecryptAES_CFB(crykey_t key_id,
+cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
+ osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
#endif /* CRY_LLD_SUPPORTS_AES_CFB == TRUE */
@@ -323,6 +369,7 @@ cryerror_t cryDecryptAES_CFB(crykey_t key_id,
/**
* @brief Encryption operation using AES-CTR.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -342,18 +389,25 @@ cryerror_t cryDecryptAES_CFB(crykey_t key_id,
*
* @api
*/
-cryerror_t cryEncryptAES_CTR(crykey_t key_id,
+cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt) {
+ osalDbgCheck((in != NULL) && (out != NULL) &&
+ (nonce != NULL) && (cnt != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+ return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt);
}
/**
* @brief Decryption operation using AES-CTR.
*
+ * @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@@ -373,51 +427,21 @@ cryerror_t cryEncryptAES_CTR(crykey_t key_id,
*
* @api
*/
-cryerror_t cryDecryptAES_CTR(crykey_t key_id,
+cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
+ crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt) {
-}
-#endif /* CRY_LLD_SUPPORTS_AES_CTR == TRUE */
-
-#if (CRY_USE_MUTUAL_EXCLUSION == TRUE) || defined(__DOXYGEN__)
-/**
- * @brief Gains exclusive access to the CRY peripheral.
- * @details This function tries to gain ownership to CRY bus, if the bus
- * is already being used then the invoking thread is queued.
- * @pre In order to use this function the option
- * @p CRY_USE_MUTUAL_EXCLUSION must be enabled.
- *
- * @param[in] cryp pointer to the @p CRYDriver object
- *
- * @api
- */
-void cryAcquireBus(CRYDriver *cryp) {
-
- osalDbgCheck(cryp != NULL);
-
- osalMutexLock(&cryp->mutex);
-}
+ osalDbgCheck((in != NULL) && (out != NULL) &&
+ (nonce != NULL) && (cnt != NULL));
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
-/**
- * @brief Releases exclusive access to the CRY peripheral.
- * @pre In order to use this function the option
- * @p CRY_USE_MUTUAL_EXCLUSION must be enabled.
- *
- * @param[in] cryp pointer to the @p CRYDriver object
- *
- * @api
- */
-void cryReleaseBus(CRYDriver *cryp) {
-
- osalDbgCheck(cryp != NULL);
-
- osalMutexUnlock(&cryp->mutex);
+ return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt);
}
-#endif /* CRY_USE_MUTUAL_EXCLUSION == TRUE */
+#endif /* CRY_LLD_SUPPORTS_AES_CTR == TRUE */
#endif /* HAL_USE_CRY == TRUE */