diff options
| author | Giovanni Di Sirio <gdisirio@gmail.com> | 2017-10-23 14:43:43 +0000 |
|---|---|---|
| committer | Giovanni Di Sirio <gdisirio@gmail.com> | 2017-10-23 14:43:43 +0000 |
| commit | 7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9 (patch) | |
| tree | 759246e8d5beac64e8acafcb5e5e37903b907f69 /os/hal/ports/STM32 | |
| parent | 7707340e0b2e9e6552378d1520993686856f8134 (diff) | |
| download | ChibiOS-7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9.tar.gz ChibiOS-7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9.tar.bz2 ChibiOS-7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9.zip | |
git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10888 35acf78f-673a-0410-8e92-d51de3d6d3f4
Diffstat (limited to 'os/hal/ports/STM32')
| -rw-r--r-- | os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 180 | ||||
| -rw-r--r-- | os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 25 |
2 files changed, 174 insertions, 31 deletions
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index f871ff4d4..00a4478c7 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -120,6 +120,9 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, /**
* @brief Encryption operation using AES-ECB.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -137,7 +140,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
@@ -156,6 +159,9 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, /**
* @brief Decryption operation using AES-ECB.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -173,7 +179,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
@@ -192,6 +198,9 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CBC.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -201,7 +210,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv input vector
+ * @param[in] iv 128 bits initial vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -210,7 +219,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp,
crykey_t key_id,
@@ -231,6 +240,9 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, /**
* @brief Decryption operation using AES-CBC.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -240,7 +252,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv input vector
+ * @param[in] iv 128 bits initial vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -249,7 +261,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp,
crykey_t key_id,
@@ -270,6 +282,9 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CFB.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -279,7 +294,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv input vector
+ * @param[in] iv 128 bits initial vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -288,7 +303,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp,
crykey_t key_id,
@@ -309,6 +324,9 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, /**
* @brief Decryption operation using AES-CFB.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
@@ -318,7 +336,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] iv input vector
+ * @param[in] iv 128 bits initial vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -327,7 +345,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp,
crykey_t key_id,
@@ -348,17 +366,20 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, /**
* @brief Encryption operation using AES-CTR.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
* @param[in] size size of the plaintext buffer, this number must be a
- * multiple of the selected key size
+ * multiple of 16
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
- * @param[in] nonce the "nonce" constant
- * @param[in,out] cnt the initial value of the counter, normally zero
+ * @param[in] iv 128 bits initial vector + counter, it contains
+ * a 96 bits IV and a 32 bits counter
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -367,40 +388,41 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
- * @api
+ * @notapi
*/
cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
- const uint8_t *nonce,
- uint8_t *cnt) {
+ const uint8_t *iv) {
(void)cryp;
(void)key_id;
(void)size;
(void)in;
(void)out;
- (void)nonce;
- (void)cnt;
+ (void)iv;
return CRY_ERR_INV_ALGO;
}
/**
* @brief Decryption operation using AES-CTR.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
* @param[in] size size of the plaintext buffer, this number must be a
- * multiple of the selected key size
- * @param[in] in buffer containing the input plaintext
- * @param[out] out buffer for the output cyphertext
- * @param[in] nonce the "nonce" constant
- * @param[in,out] cnt the initial value of the counter, normally zero
+ * multiple of 16
+ * @param[in] in buffer containing the input cyphertext
+ * @param[out] out buffer for the output plaintext
+ * @param[in] iv 128 bits initial vector + counter, it contains
+ * a 96 bits IV and a 32 bits counter
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
@@ -416,16 +438,120 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, size_t size,
const uint8_t *in,
uint8_t *out,
- const uint8_t *nonce,
- uint8_t *cnt) {
+ const uint8_t *iv) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Encryption operation using AES-GCM.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the text buffers, this number must be a
+ * multiple of 16
+ * @param[in] in buffer containing the input plaintext
+ * @param[out] out buffer for the output cyphertext
+ * @param[in] iv 128 bits initial vector + counter, it contains
+ * a 96 bits IV and a 32 bits counter
+ * @param[in] aadsize size of the authentication data, this number must be a
+ * multiple of 16
+ * @param[in] aad buffer containing the authentication data
+ * @param[in] authtag 128 bits buffer for the generated authentication tag
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers and empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv,
+ size_t aadsize,
+ const uint8_t *aad,
+ uint8_t *authtag) {
(void)cryp;
(void)key_id;
(void)size;
(void)in;
(void)out;
- (void)nonce;
- (void)cnt;
+ (void)iv;
+ (void)aadsize;
+ (void)aad;
+ (void)authtag;
+
+ return CRY_ERR_INV_ALGO;
+}
+
+/**
+ * @brief Decryption operation using AES-GCM.
+ * @note The function operates on data buffers whose lenght is a multiple
+ * of an AES block, this means that padding must be done by the
+ * caller.
+ *
+ * @param[in] cryp pointer to the @p CRYDriver object
+ * @param[in] key_id the key to be used for the operation, zero is the
+ * transient key, other values are keys stored in an
+ * unspecified way
+ * @param[in] size size of the text buffers, this number must be a
+ * multiple of 16
+ * @param[in] in buffer for the output cyphertext
+ * @param[out] out buffer containing the input plaintext
+ * @param[in] iv 128 bits initial vector + counter, it contains
+ * a 96 bits IV and a 32 bits counter
+ * @param[in] aadsize size of the authentication data, this number must be a
+ * multiple of 16
+ * @param[in] aad buffer containing the authentication data
+ * @param[in] authtag 128 bits buffer for the generated authentication tag
+ * @return The operation status.
+ * @retval CRY_NOERROR if the operation succeeded.
+ * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
+ * device instance.
+ * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
+ * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
+ * or refers and empty key slot.
+ *
+ * @notapi
+ */
+cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv,
+ size_t aadsize,
+ const uint8_t *aad,
+ uint8_t *authtag) {
+
+ (void)cryp;
+ (void)key_id;
+ (void)size;
+ (void)in;
+ (void)out;
+ (void)iv;
+ (void)aadsize;
+ (void)aad;
+ (void)authtag;
return CRY_ERR_INV_ALGO;
}
diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index 4273340ad..977e25438 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -39,6 +39,7 @@ #define CRY_LLD_SUPPORTS_AES_CBC TRUE
#define CRY_LLD_SUPPORTS_AES_CFB FALSE
#define CRY_LLD_SUPPORTS_AES_CTR TRUE
+#define CRY_LLD_SUPPORTS_AES_GCM TRUE
/** @{ */
/*===========================================================================*/
@@ -178,15 +179,31 @@ extern "C" { size_t size,
const uint8_t *in,
uint8_t *out,
- const uint8_t *nonce,
- uint8_t *cnt);
+ const uint8_t *iv);
cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
- const uint8_t *nonce,
- uint8_t *cnt);
+ const uint8_t *iv);
+ cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv,
+ size_t aadsize,
+ const uint8_t *aad,
+ uint8_t *authtag);
+ cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp,
+ crykey_t key_id,
+ size_t size,
+ const uint8_t *in,
+ uint8_t *out,
+ const uint8_t *iv,
+ size_t aadsize,
+ const uint8_t *aad,
+ uint8_t *authtag);
#ifdef __cplusplus
}
#endif
|