diff options
author | Giovanni Di Sirio <gdisirio@gmail.com> | 2017-10-29 13:58:48 +0000 |
---|---|---|
committer | Giovanni Di Sirio <gdisirio@gmail.com> | 2017-10-29 13:58:48 +0000 |
commit | c29cb727918744eb0ea1a287e2c042b00bf35a9b (patch) | |
tree | 08e409fb766cbf98bc44ab09d49925968b1963d4 | |
parent | 75fb789548aa316bff65c68bdf2be2bc2c257d23 (diff) | |
download | ChibiOS-c29cb727918744eb0ea1a287e2c042b00bf35a9b.tar.gz ChibiOS-c29cb727918744eb0ea1a287e2c042b00bf35a9b.tar.bz2 ChibiOS-c29cb727918744eb0ea1a287e2c042b00bf35a9b.zip |
Added (T)DES support to the crypto driver.
git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10904 35acf78f-673a-0410-8e92-d51de3d6d3f4
-rw-r--r-- | demos/STM32/RT-STM32F746G-DISCOVERY/halconf.h | 2 | ||||
-rw-r--r-- | os/hal/include/hal_crypto.h | 55 | ||||
-rw-r--r-- | os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 319 | ||||
-rw-r--r-- | os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 42 | ||||
-rw-r--r-- | os/hal/src/hal_crypto.c | 444 | ||||
-rw-r--r-- | os/hal/templates/hal_crypto_lld.c | 321 | ||||
-rw-r--r-- | os/hal/templates/hal_crypto_lld.h | 44 |
7 files changed, 1170 insertions, 57 deletions
diff --git a/demos/STM32/RT-STM32F746G-DISCOVERY/halconf.h b/demos/STM32/RT-STM32F746G-DISCOVERY/halconf.h index d7793e22c..f5aabb3bb 100644 --- a/demos/STM32/RT-STM32F746G-DISCOVERY/halconf.h +++ b/demos/STM32/RT-STM32F746G-DISCOVERY/halconf.h @@ -55,7 +55,7 @@ * @brief Enables the cryptographic subsystem.
*/
#if !defined(HAL_USE_CRY) || defined(__DOXYGEN__)
-#define HAL_USE_CRY FALSE
+#define HAL_USE_CRY TRUE
#endif
/**
diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h index 8836dafd5..91de0576d 100644 --- a/os/hal/include/hal_crypto.h +++ b/os/hal/include/hal_crypto.h @@ -104,9 +104,8 @@ typedef enum { */
typedef enum {
cry_algo_none = 0,
- cry_algo_aes,
- cry_algo_des,
- cry_algo_tripledes
+ cry_algo_aes, /**< AES 128, 192, 256 bits. */
+ cry_algo_des /**< DES 56, TDES 112, 168 bits.*/
} cryalgorithm_t;
#if HAL_CRY_ENFORCE_FALLBACK == FALSE
@@ -115,11 +114,15 @@ typedef enum { #else
/* No LLD at all, using the standalone mode.*/
+#define CRY_LLD_SUPPORTS_AES FALSE
#define CRY_LLD_SUPPORTS_AES_ECB FALSE
#define CRY_LLD_SUPPORTS_AES_CBC FALSE
#define CRY_LLD_SUPPORTS_AES_CFB FALSE
#define CRY_LLD_SUPPORTS_AES_CTR FALSE
#define CRY_LLD_SUPPORTS_AES_GCM FALSE
+#define CRY_LLD_SUPPORTS_DES FALSE
+#define CRY_LLD_SUPPORTS_DES_ECB FALSE
+#define CRY_LLD_SUPPORTS_DES_CBC FALSE
typedef uint_fast8_t crykey_t;
@@ -138,11 +141,15 @@ struct CRYDriver { };
#endif
-#if !defined(CRY_LLD_SUPPORTS_AES_ECB) || \
+#if !defined(CRY_LLD_SUPPORTS_AES) || \
+ !defined(CRY_LLD_SUPPORTS_AES_ECB) || \
!defined(CRY_LLD_SUPPORTS_AES_CBC) || \
!defined(CRY_LLD_SUPPORTS_AES_CFB) || \
!defined(CRY_LLD_SUPPORTS_AES_CTR) || \
- !defined(CRY_LLD_SUPPORTS_AES_GCM)
+ !defined(CRY_LLD_SUPPORTS_AES_GCM) || \
+ !defined(CRY_LLD_SUPPORTS_DES) || \
+ !defined(CRY_LLD_SUPPORTS_DES_ECB) || \
+ !defined(CRY_LLD_SUPPORTS_DES_CBC)
#error "CRYPTO LLD does not export the required switches"
#endif
@@ -171,6 +178,14 @@ extern "C" { cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
+ cryerror_t cryEncryptAES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cryDecryptAES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
@@ -235,6 +250,36 @@ extern "C" { size_t aadsize,
const uint8_t *aad,
uint8_t *authtag);
+ cryerror_t cryEncryptDES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cryDecryptDES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cryEncryptDES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cryDecryptDES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cryEncryptDES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cryDecryptDES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
#ifdef __cplusplus
}
#endif
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index 00a4478c7..7d305968a 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -119,6 +119,74 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, }
/**
+ * @brief Encryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
* @brief Encryption operation using AES-ECB.
* @note The function operates on data buffers whose lenght is a multiple
* of an AES block, this means that padding must be done by the
@@ -138,7 +206,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -177,7 +245,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -217,7 +285,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -259,7 +327,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -301,7 +369,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -343,7 +411,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -386,7 +454,7 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -429,7 +497,7 @@ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -476,7 +544,7 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -529,7 +597,7 @@ cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -556,6 +624,237 @@ cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, return CRY_ERR_INV_ALGO;
}
+/**
+ * @brief Encryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Encryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Encryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+}
+
#endif /* HAL_USE_CRY == TRUE */
/** @} */
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index 977e25438..3ae153943 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -35,11 +35,15 @@ * @name Driver capability switches
* @{
*/
+#define CRY_LLD_SUPPORTS_AES TRUE
#define CRY_LLD_SUPPORTS_AES_ECB TRUE
#define CRY_LLD_SUPPORTS_AES_CBC TRUE
#define CRY_LLD_SUPPORTS_AES_CFB FALSE
#define CRY_LLD_SUPPORTS_AES_CTR TRUE
#define CRY_LLD_SUPPORTS_AES_GCM TRUE
+#define CRY_LLD_SUPPORTS_DES TRUE
+#define CRY_LLD_SUPPORTS_DES_ECB TRUE
+#define CRY_LLD_SUPPORTS_DES_CBC TRUE
/** @{ */
/*===========================================================================*/
@@ -140,6 +144,14 @@ extern "C" { cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
+ cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
@@ -204,6 +216,36 @@ extern "C" { size_t aadsize,
const uint8_t *aad,
uint8_t *authtag);
+ cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
#ifdef __cplusplus
}
#endif
diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 31bee80db..c099335bf 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -127,6 +127,8 @@ void cryStop(CRYDriver *cryp) { /**
* @brief Initializes the transient key for a specific algorithm.
+ * @note It is the underlying implementation to decide which combinations
+ * of algorithm and key size are allowable.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] algorithm the algorithm identifier
@@ -136,7 +138,8 @@ void cryStop(CRYDriver *cryp) { * @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or
* unsupported.
- * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid.
+ * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid for
+ * the specified algorithm.
*
* @api
*/
@@ -173,8 +176,96 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp, }
/**
+ * @brief Encryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @special
+ */
+cryerror_t cryEncryptAES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_AES == TRUE
+ return cry_lld_encrypt_AES(cryp, key_id, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_encrypt_AES(cryp, key_id, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Decryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @special
+ */
+cryerror_t cryDecryptAES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_AES == TRUE
+ return cry_lld_decrypt_AES(cryp, key_id, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_decrypt_AES(cryp, key_id, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
* @brief Encryption operation using AES-ECB.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -192,7 +283,7 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -224,7 +315,7 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, /**
* @brief Decryption operation using AES-ECB.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -242,7 +333,7 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -274,7 +365,7 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CBC.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -286,14 +377,14 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv 128 bits initial vector
+ * @param[in] iv 128 bits input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -327,7 +418,7 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, /**
* @brief Decryption operation using AES-CBC.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -339,14 +430,14 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input cyphertext
* @param[out] out buffer for the output plaintext
- * @param[in] iv 128 bits initial vector
+ * @param[in] iv 128 bits input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -380,7 +471,7 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CFB.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -392,14 +483,14 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv 128 bits initial vector
+ * @param[in] iv 128 bits input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -433,7 +524,7 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, /**
* @brief Decryption operation using AES-CFB.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -445,14 +536,14 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input cyphertext
* @param[out] out buffer for the output plaintext
- * @param[in] iv 128 bits initial vector
+ * @param[in] iv 128 bits input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -486,7 +577,7 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CTR.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -498,7 +589,7 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv 128 bits initial vector + counter, it contains
+ * @param[in] iv 128 bits input vector + counter, it contains
* a 96 bits IV and a 32 bits counter
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
@@ -506,7 +597,7 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -541,7 +632,7 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, /**
* @brief Decryption operation using AES-CTR.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -553,7 +644,7 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input cyphertext
* @param[out] out buffer for the output plaintext
- * @param[in] iv 128 bits initial vector + counter, it contains
+ * @param[in] iv 128 bits input vector + counter, it contains
* a 96 bits IV and a 32 bits counter
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
@@ -561,7 +652,7 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -596,7 +687,7 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, /**
* @brief Encryption operation using AES-GCM.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -608,7 +699,7 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv 128 bits initial vector + counter, it contains
+ * @param[in] iv 128 bits input vector + counter, it contains
* a 96 bits IV and a 32 bits counter
* @param[in] aadsize size of the authentication data, this number must be a
* multiple of 16
@@ -620,7 +711,7 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -664,7 +755,7 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, /**
* @brief Decryption operation using AES-GCM.
- * @note The function operates on data buffers whose lenght is a multiple
+ * @note The function operates on data buffers whose length is a multiple
* of an AES block, this means that padding must be done by the
* caller.
*
@@ -676,7 +767,7 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * multiple of 16
* @param[in] in buffer for the output cyphertext
* @param[out] out buffer containing the input plaintext
- * @param[in] iv 128 bits initial vector + counter, it contains
+ * @param[in] iv 128 bits input vector + counter, it contains
* a 96 bits IV and a 32 bits counter
* @param[in] aadsize size of the authentication data, this number must be a
* multiple of 16
@@ -688,7 +779,7 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @api
*/
@@ -730,6 +821,301 @@ cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, #endif
}
+/**
+ * @brief Encryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @special
+ */
+cryerror_t cryEncryptDES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES == TRUE
+ return cry_lld_encrypt_DES(cryp, key_id, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_encrypt_DES(cryp, key_id, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Decryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @special
+ */
+cryerror_t cryDecryptDES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES == TRUE
+ return cry_lld_decrypt_DES(cryp, key_id, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_decrypt_DES(cryp, key_id, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Encryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @api
+ */
+cryerror_t cryEncryptDES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
+ ((size & (size_t)7) == (size_t)0));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES_ECB == TRUE
+ return cry_lld_encrypt_DES_ECB(cryp, key_id, size, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_encrypt_DES_ECB(cryp, key_id, size, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Decryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @api
+ */
+cryerror_t cryDecryptDES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
+ ((size & (size_t)7) == (size_t)0));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES_ECB == TRUE
+ return cry_lld_decrypt_DES_ECB(cryp, key_id, size, in, out);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_decrypt_DES_ECB(cryp, key_id, size, in, out);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Encryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @api
+ */
+cryerror_t cryEncryptDES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
+ (iv != NULL) && ((size & (size_t)7) == (size_t)0));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES_CBC == TRUE
+ return cry_lld_encrypt_DES_CBC(cryp, key_id, size, in, out, iv);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_encrypt_DES_CBC(cryp, key_id, size, in, out, iv);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
+/**
+ * @brief Decryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @api
+ */
+cryerror_t cryDecryptDES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
+ (iv != NULL) && ((size & (size_t)7) == (size_t)0));
+
+ osalDbgAssert(cryp->state == CRY_READY, "not ready");
+
+#if CRY_LLD_SUPPORTS_DES_CBC == TRUE
+ return cry_lld_decrypt_DES_CBC(cryp, key_id, size, in, out, iv);
+#elif HAL_CRY_USE_FALLBACK == TRUE
+ return cry_fallback_decrypt_DES_CBC(cryp, key_id, size, in, out, iv);
+#else
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+#endif
+}
+
#endif /* HAL_USE_CRY == TRUE */
/** @} */
diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index 1aa90d2af..2d8a18ef1 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -35,7 +35,7 @@ /*===========================================================================*/
/** @brief CRY1 driver identifier.*/
-#if PLATFORM_CRY_USE_CRY1 || defined(__DOXYGEN__)
+#if STM32_CRY_USE_CRYP1 || defined(__DOXYGEN__)
CRYDriver CRYD1;
#endif
@@ -119,6 +119,74 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, }
/**
+ * @brief Encryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption of a single block using AES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
* @brief Encryption operation using AES-ECB.
* @note The function operates on data buffers whose lenght is a multiple
* of an AES block, this means that padding must be done by the
@@ -138,7 +206,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -177,7 +245,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -217,7 +285,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -259,7 +327,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -301,7 +369,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -343,7 +411,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -386,7 +454,7 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -429,7 +497,7 @@ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -476,7 +544,7 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -529,7 +597,7 @@ cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, * device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
- * or refers and empty key slot.
+ * or refers to an empty key slot.
*
* @notapi
*/
@@ -556,6 +624,237 @@ cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, return CRY_ERR_INV_ALGO;
}
+/**
+ * @brief Encryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption of a single block using (T)DES.
+ * @note The implementation of this function must guarantee that it can
+ * be called from any context.
+ *
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Encryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption operation using (T)DES-ECB.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Encryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption operation using (T)DES-CBC.
+ * @note The function operates on data buffers whose length is a multiple
+ * of an DES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the plaintext buffer, this number must be a
+ * multiple of 8
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @param[in] iv 64 bits input vector
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers to an empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+}
+
#endif /* HAL_USE_CRY == TRUE */
/** @} */
diff --git a/os/hal/templates/hal_crypto_lld.h b/os/hal/templates/hal_crypto_lld.h index eb139e4aa..3900b5b64 100644 --- a/os/hal/templates/hal_crypto_lld.h +++ b/os/hal/templates/hal_crypto_lld.h @@ -35,11 +35,15 @@ * @name Driver capability switches
* @{
*/
+#define CRY_LLD_SUPPORTS_AES TRUE
#define CRY_LLD_SUPPORTS_AES_ECB TRUE
#define CRY_LLD_SUPPORTS_AES_CBC TRUE
-#define CRY_LLD_SUPPORTS_AES_CFB TRUE
+#define CRY_LLD_SUPPORTS_AES_CFB FALSE
#define CRY_LLD_SUPPORTS_AES_CTR TRUE
#define CRY_LLD_SUPPORTS_AES_GCM TRUE
+#define CRY_LLD_SUPPORTS_DES TRUE
+#define CRY_LLD_SUPPORTS_DES_ECB TRUE
+#define CRY_LLD_SUPPORTS_DES_CBC TRUE
/** @{ */
/*===========================================================================*/
@@ -140,6 +144,14 @@ extern "C" { cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
+ cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
@@ -204,6 +216,36 @@ extern "C" { size_t aadsize,
const uint8_t *aad,
uint8_t *authtag);
+ cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp,
+ crykey_t key_id,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out);
+ cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
+ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv);
#ifdef __cplusplus
}
#endif
|