From 0b1cba4c2e057efcbd652a4026c6bc10527cac41 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Fri, 9 Mar 2018 11:37:12 +0000 Subject: Crypto SHA reworked. git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@11663 110e8d01-0319-4d1e-a829-52ad28d1bb01 --- os/hal/include/hal_crypto.h | 82 +++- os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 558 +++++++++++++-------- os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 48 +- os/hal/src/hal_crypto.c | 646 ++++++++++++++++--------- os/hal/templates/hal_crypto_lld.c | 558 +++++++++++++-------- os/hal/templates/hal_crypto_lld.h | 50 +- 6 files changed, 1261 insertions(+), 681 deletions(-) diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h index 3edf23440..f9a643f9a 100644 --- a/os/hal/include/hal_crypto.h +++ b/os/hal/include/hal_crypto.h @@ -53,6 +53,7 @@ /** * @brief Makes the driver forcibly use the fall-back implementations. + * @note If enabled then the LLD driver is not included at all. */ #if !defined(HAL_CRY_ENFORCE_FALLBACK) || defined(__DOXYGEN__) #define HAL_CRY_ENFORCE_FALLBACK FALSE @@ -111,7 +112,24 @@ typedef enum { #if HAL_CRY_ENFORCE_FALLBACK == FALSE /* Use the defined low level driver.*/ #include "hal_crypto_lld.h" -#else + +#if !defined(CRY_LLD_SUPPORTS_AES) || \ + !defined(CRY_LLD_SUPPORTS_AES_ECB) || \ + !defined(CRY_LLD_SUPPORTS_AES_CBC) || \ + !defined(CRY_LLD_SUPPORTS_AES_CFB) || \ + !defined(CRY_LLD_SUPPORTS_AES_CTR) || \ + !defined(CRY_LLD_SUPPORTS_AES_GCM) || \ + !defined(CRY_LLD_SUPPORTS_DES) || \ + !defined(CRY_LLD_SUPPORTS_DES_ECB) || \ + !defined(CRY_LLD_SUPPORTS_DES_CBC) || \ + !defined(CRY_LLD_SUPPORTS_SHA1) || \ + !defined(CRY_LLD_SUPPORTS_SHA256) || \ + !defined(CRY_LLD_SUPPORTS_SHA512) || \ + !defined(CRY_LLD_SUPPORTS_TRNG) +#error "CRYPTO LLD does not export the required switches" +#endif + +#else /* HAL_CRY_ENFORCE_FALLBACK == TRUE */ /* No LLD at all, using the standalone mode.*/ #define CRY_LLD_SUPPORTS_AES FALSE @@ -123,6 +141,10 @@ typedef enum { #define CRY_LLD_SUPPORTS_DES FALSE #define CRY_LLD_SUPPORTS_DES_ECB FALSE #define CRY_LLD_SUPPORTS_DES_CBC FALSE +#define CRY_LLD_SUPPORTS_SHA1 FALSE +#define CRY_LLD_SUPPORTS_SHA256 FALSE +#define CRY_LLD_SUPPORTS_SHA512 FALSE +#define CRY_LLD_SUPPORTS_TRNG FALSE typedef uint_fast8_t crykey_t; @@ -139,18 +161,35 @@ struct CRYDriver { size_t key0_size; uint8_t key0_buffer[HAL_CRY_MAX_KEY_SIZE]; }; +#endif /* HAL_CRY_ENFORCE_FALLBACK == TRUE */ + +/* The fallback header is included only if required by settings.*/ +#if HAL_CRY_USE_FALLBACK == TRUE +#include "hal_crypto_fallback.h" #endif -#if !defined(CRY_LLD_SUPPORTS_AES) || \ - !defined(CRY_LLD_SUPPORTS_AES_ECB) || \ - !defined(CRY_LLD_SUPPORTS_AES_CBC) || \ - !defined(CRY_LLD_SUPPORTS_AES_CFB) || \ - !defined(CRY_LLD_SUPPORTS_AES_CTR) || \ - !defined(CRY_LLD_SUPPORTS_AES_GCM) || \ - !defined(CRY_LLD_SUPPORTS_DES) || \ - !defined(CRY_LLD_SUPPORTS_DES_ECB) || \ - !defined(CRY_LLD_SUPPORTS_DES_CBC) -#error "CRYPTO LLD does not export the required switches" +#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA1 == FALSE) +/* Stub @p SHA1Context structure type declaration. It is not provided by the + LLD and the fallback is not enabled.*/ +typedef struct { + uint32_t dummy; +} SHA1Context; +#endif + +#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA256 == FALSE) +/* Stub @p SHA256Context structure type declaration. It is not provided by the + LLD and the fallback is not enabled.*/ +typedef struct { + uint32_t dummy; +} SHA256Context; +#endif + +#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA512 == FALSE) +/* Stub @p SHA512Context structure type declaration. It is not provided by the + LLD and the fallback is not enabled.*/ +typedef struct { + uint32_t dummy; +} SHA512Context; #endif /*===========================================================================*/ @@ -280,12 +319,21 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); - cryerror_t crySHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t crySHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t crySHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); + cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp); + cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in); + cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, + uint8_t *out); + cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp); + cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in); + cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out); + cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp); + cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in); + cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out); cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index d9d7c377d..bdbebe47d 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -67,7 +67,7 @@ void cry_lld_init(void) { /** * @brief Configures and activates the crypto peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @notapi */ @@ -81,7 +81,7 @@ void cry_lld_start(CRYDriver *cryp) { /** * @brief Deactivates the crypto peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @notapi */ @@ -95,9 +95,11 @@ void cry_lld_stop(CRYDriver *cryp) { /** * @brief Initializes the transient key for a specific algorithm. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] keyp pointer to the key data - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] algorithm the algorithm identifier + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or * unsupported. @@ -123,13 +125,13 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -157,13 +159,13 @@ cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -192,15 +194,15 @@ cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -231,15 +233,15 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -270,16 +272,16 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -312,16 +314,16 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -354,16 +356,16 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -396,16 +398,16 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -438,17 +440,17 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -481,17 +483,17 @@ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -524,21 +526,22 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -577,21 +580,22 @@ cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer for the output cyphertext - * @param[out] out buffer containing the input plaintext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -629,13 +633,13 @@ cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -664,13 +668,13 @@ cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp, * be called from any context. * * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -699,15 +703,15 @@ cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -738,15 +742,15 @@ cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return T he operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -777,16 +781,16 @@ cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -819,16 +823,16 @@ cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -856,76 +860,204 @@ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, } /** - * @brief Hash using SHA1. - * @NOTE Use of this algorithm is not recommended because proven weak. + * @brief Hash initialization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 160 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha1ctxp pointer to a SHA1 context to be initialized * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi + */ +cryerror_t cry_lld_SHA1_init(CRYDriver *cryp, SHA1Context *sha1ctxp) { + + (void)cryp; + (void)sha1ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi */ -cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA1_update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in) { (void)cryp; + (void)sha1ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA1_final(CRYDriver *cryp, SHA1Context *sha1ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha1ctxp; (void)out; return CRY_ERR_INV_ALGO; } /** - * @brief Hash using SHA256. + * @brief Hash initialization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha256ctxp pointer to a SHA256 context to be initialized + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA256_init(CRYDriver *cryp, SHA256Context *sha256ctxp) { + + (void)cryp; + (void)sha256ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA256. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 256 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ -cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA256_update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in) { (void)cryp; + (void)sha256ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA256_final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha256ctxp; (void)out; return CRY_ERR_INV_ALGO; } /** - * @brief Hash using SHA512. + * @brief Hash initialization using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha512ctxp pointer to a SHA512 context to be initialized + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA512_init(CRYDriver *cryp, SHA512Context *sha512ctxp) { + + (void)cryp; + (void)sha512ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA512. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 512 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ -cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA512_update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in) { (void)cryp; + (void)sha512ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha512ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -934,14 +1066,14 @@ cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, /** * @brief True random numbers generator. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[out] out 128 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out) { diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index 7a5980451..e2ba05f01 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -126,6 +126,33 @@ struct CRYDriver { /* End of the mandatory fields.*/ }; +#if (CRY_LLD_SUPPORTS_SHA1 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA1 context. + */ +typedef struct { + uint32_t dummy; +} SHA1Context; +#endif + +#if (CRY_LLD_SUPPORTS_SHA256 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA256 context. + */ +typedef struct { + uint32_t dummy; +} SHA256Context; +#endif + +#if (CRY_LLD_SUPPORTS_SHA512 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA512 context. + */ +typedef struct { + uint32_t dummy; +} SHA512Context; +#endif + /*===========================================================================*/ /* Driver macros. */ /*===========================================================================*/ @@ -250,12 +277,21 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); - cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA1_init(CRYDriver *cryp, SHA1Context *sha1ctxp); + cryerror_t cry_lld_SHA1_update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA1_final(CRYDriver *cryp, SHA1Context *sha1ctxp, + uint8_t *out); + cryerror_t cry_lld_SHA256_init(CRYDriver *cryp, SHA256Context *sha256ctxp); + cryerror_t cry_lld_SHA256_update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA256_final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out); + cryerror_t cry_lld_SHA512_init(CRYDriver *cryp, SHA512Context *sha512ctxp); + cryerror_t cry_lld_SHA512_update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out); cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 5ab286ecd..3fb665098 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -63,7 +63,7 @@ void cryInit(void) { /** * @brief Initializes the standard part of a @p CRYDriver structure. * - * @param[out] cryp pointer to the @p CRYDriver object + * @param[out] cryp pointer to the @p CRYDriver object * * @init */ @@ -79,9 +79,9 @@ void cryObjectInit(CRYDriver *cryp) { /** * @brief Configures and activates the cryptographic peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] config pointer to the @p CRYConfig object. Depending on - * the implementation the value can be @p NULL. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] config pointer to the @p CRYConfig object. Depending + * on the implementation the value can be @p NULL. * * @api */ @@ -103,7 +103,7 @@ void cryStart(CRYDriver *cryp, const CRYConfig *config) { /** * @brief Deactivates the cryptographic peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @api */ @@ -130,11 +130,11 @@ void cryStop(CRYDriver *cryp) { * @note It is the underlying implementation to decide which combinations * of algorithm and key size are allowable. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] algorithm the algorithm identifier - * @param[in] size key size in bytes - * @param[in] keyp pointer to the key data - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] algorithm the algorithm identifier + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or * unsupported. @@ -180,13 +180,13 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -224,13 +224,13 @@ cryerror_t cryEncryptAES(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -269,15 +269,15 @@ cryerror_t cryDecryptAES(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -319,15 +319,15 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -369,16 +369,16 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -422,16 +422,16 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -475,16 +475,16 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -528,16 +528,16 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -581,17 +581,17 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -636,17 +636,17 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -691,21 +691,22 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -759,21 +760,22 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer for the output cyphertext - * @param[out] out buffer containing the input plaintext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -826,13 +828,13 @@ cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -871,13 +873,13 @@ cryerror_t cryEncryptDES(CRYDriver *cryp, * be called from any context. * * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -916,15 +918,15 @@ cryerror_t cryDecryptDES(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -966,15 +968,15 @@ cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1016,16 +1018,16 @@ cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1069,16 +1071,16 @@ cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1117,35 +1119,99 @@ cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, } /** - * @brief Hash using SHA1. + * @brief Hash initialization using SHA1. * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 160 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha1ctxp pointer to a SHA1 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_SHA1 == TRUE - return cry_lld_SHA1(cryp, size, in, out); + return cry_lld_SHA1_init(cryp, sha1ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA1(cryp, size, in, out); + return cry_fallback_SHA1_init(cryp, sha1ctxp); #else (void)cryp; + (void)sha1ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_update(cryp, sha1ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_update(cryp, sha1ctxp, size, in); +#else + (void)cryp; + (void)sha1ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_final(cryp, sha1ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_final(cryp, sha1ctxp, out); +#else + (void)cryp; + (void)sha1ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1153,34 +1219,100 @@ cryerror_t crySHA1(CRYDriver *cryp, size_t size, } /** - * @brief Hash using SHA256. + * @brief Hash initialization using SHA256. + * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 256 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha256ctxp pointer to a SHA256 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA256 == TRUE - return cry_lld_SHA256(cryp, size, in, out); +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_init(cryp, sha256ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_init(cryp, sha256ctxp); +#else + (void)cryp; + (void)sha256ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_update(cryp, sha256ctxp, size, in); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA256(cryp, size, in, out); + return cry_fallback_SHA256_update(cryp, sha256ctxp, size, in); #else (void)cryp; + (void)sha256ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_final(cryp, sha256ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_final(cryp, sha256ctxp, out); +#else + (void)cryp; + (void)sha256ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1188,34 +1320,100 @@ cryerror_t crySHA256(CRYDriver *cryp, size_t size, } /** - * @brief Hash using SHA512. + * @brief Hash initialization using SHA512. + * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 512 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha512ctxp pointer to a SHA512 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA512 == TRUE - return cry_lld_SHA512(cryp, size, in, out); +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_init(cryp, sha512ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA512(cryp, size, in, out); + return cry_fallback_SHA512_init(cryp, sha512ctxp); #else (void)cryp; + (void)sha512ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_update(cryp, sha512ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_update(cryp, sha512ctxp, size, in); +#else + (void)cryp; + (void)sha512ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_final(cryp, sha512ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_final(cryp, sha512ctxp, out); +#else + (void)cryp; + (void)sha512ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1225,9 +1423,9 @@ cryerror_t crySHA512(CRYDriver *cryp, size_t size, /** * @brief True random numbers generator. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[out] out 128 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index abaaf1d78..e2f8af18a 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -67,7 +67,7 @@ void cry_lld_init(void) { /** * @brief Configures and activates the crypto peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @notapi */ @@ -81,7 +81,7 @@ void cry_lld_start(CRYDriver *cryp) { /** * @brief Deactivates the crypto peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @notapi */ @@ -95,11 +95,11 @@ void cry_lld_stop(CRYDriver *cryp) { /** * @brief Initializes the transient key for a specific algorithm. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] algorithm the algorithm identifier - * @param[in] size key size in bytes - * @param[in] keyp pointer to the key data - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] algorithm the algorithm identifier + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or * unsupported. @@ -125,13 +125,13 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -159,13 +159,13 @@ cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -194,15 +194,15 @@ cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -233,15 +233,15 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -272,16 +272,16 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -314,16 +314,16 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -356,16 +356,16 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -398,16 +398,16 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of the selected key size + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -440,17 +440,17 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -483,17 +483,17 @@ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -526,21 +526,22 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -579,21 +580,22 @@ cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer for the output cyphertext - * @param[out] out buffer containing the input plaintext - * @param[in] iv 128 bits initial vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -631,13 +633,13 @@ cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -666,13 +668,13 @@ cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp, * be called from any context. * * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -701,15 +703,15 @@ cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -740,15 +742,15 @@ cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return T he operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -779,16 +781,16 @@ cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -821,16 +823,16 @@ cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the plaintext buffer, this number must + * be a multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -858,76 +860,204 @@ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, } /** - * @brief Hash using SHA1. + * @brief Hash initialization using SHA1. * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 160 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha1ctxp pointer to a SHA1 context to be initialized * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ -cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA1_init(CRYDriver *cryp, SHA1Context *sha1ctxp) { (void)cryp; + (void)sha1ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA1_update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in) { + + (void)cryp; + (void)sha1ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA1_final(CRYDriver *cryp, SHA1Context *sha1ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha1ctxp; (void)out; return CRY_ERR_INV_ALGO; } /** - * @brief Hash using SHA256. + * @brief Hash initialization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha256ctxp pointer to a SHA256 context to be initialized + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA256_init(CRYDriver *cryp, SHA256Context *sha256ctxp) { + + (void)cryp; + (void)sha256ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA256. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 256 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ -cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA256_update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in) { (void)cryp; + (void)sha256ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA256_final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha256ctxp; (void)out; return CRY_ERR_INV_ALGO; } /** - * @brief Hash using SHA512. + * @brief Hash initialization using SHA512. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 512 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha512ctxp pointer to a SHA512 context to be initialized * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ -cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t cry_lld_SHA512_init(CRYDriver *cryp, SHA512Context *sha512ctxp) { (void)cryp; + (void)sha512ctxp; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash update using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA512_update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in) { + + (void)cryp; + (void)sha512ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash finalization using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @notapi + */ +cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out) { + + (void)cryp; + (void)sha512ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -936,14 +1066,14 @@ cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, /** * @brief True random numbers generator. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[out] out 128 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * - * @api + * @notapi */ cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out) { diff --git a/os/hal/templates/hal_crypto_lld.h b/os/hal/templates/hal_crypto_lld.h index 77212b4db..23cc18ee5 100644 --- a/os/hal/templates/hal_crypto_lld.h +++ b/os/hal/templates/hal_crypto_lld.h @@ -38,7 +38,7 @@ #define CRY_LLD_SUPPORTS_AES TRUE #define CRY_LLD_SUPPORTS_AES_ECB TRUE #define CRY_LLD_SUPPORTS_AES_CBC TRUE -#define CRY_LLD_SUPPORTS_AES_CFB FALSE +#define CRY_LLD_SUPPORTS_AES_CFB TRUE #define CRY_LLD_SUPPORTS_AES_CTR TRUE #define CRY_LLD_SUPPORTS_AES_GCM TRUE #define CRY_LLD_SUPPORTS_DES TRUE @@ -126,6 +126,33 @@ struct CRYDriver { /* End of the mandatory fields.*/ }; +#if (CRY_LLD_SUPPORTS_SHA1 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA1 context. + */ +typedef struct { + uint32_t dummy; +} SHA1Context; +#endif + +#if (CRY_LLD_SUPPORTS_SHA256 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA256 context. + */ +typedef struct { + uint32_t dummy; +} SHA256Context; +#endif + +#if (CRY_LLD_SUPPORTS_SHA512 == TRUE) || defined(__DOXYGEN__) +/** + * @brief Type of a SHA512 context. + */ +typedef struct { + uint32_t dummy; +} SHA512Context; +#endif + /*===========================================================================*/ /* Driver macros. */ /*===========================================================================*/ @@ -250,12 +277,21 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); - cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); - cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA1_init(CRYDriver *cryp, SHA1Context *sha1ctxp); + cryerror_t cry_lld_SHA1_update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA1_final(CRYDriver *cryp, SHA1Context *sha1ctxp, + uint8_t *out); + cryerror_t cry_lld_SHA256_init(CRYDriver *cryp, SHA256Context *sha256ctxp); + cryerror_t cry_lld_SHA256_update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA256_final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out); + cryerror_t cry_lld_SHA512_init(CRYDriver *cryp, SHA512Context *sha512ctxp); + cryerror_t cry_lld_SHA512_update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in); + cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out); cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } -- cgit v1.2.3