From 2ebbe6eb870313331bba48884112675107a6b866 Mon Sep 17 00:00:00 2001 From: areviu Date: Thu, 30 Nov 2017 21:12:58 +0000 Subject: update sha and trng lld git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@11091 35acf78f-673a-0410-8e92-d51de3d6d3f4 --- os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.c | 161 +++++++++++++++++++++++++++- os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.h | 35 ++++-- 2 files changed, 185 insertions(+), 11 deletions(-) (limited to 'os/hal/ports/SAMA/SAMA5D2x') diff --git a/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.c b/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.c index 79c4f3a3f..2e841cca7 100644 --- a/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.c +++ b/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.c @@ -83,6 +83,12 @@ void cry_lld_init(void) { void cry_lld_start(CRYDriver *cryp) { if (cryp->state == CRY_STOP) { + //clear key + for (size_t i=0;ikey0_buffer[i] = 0; + } + #if PLATFORM_CRY_USE_CRY1 if (&CRYD1 == cryp) { samaCryptoDriverStart(&CRYD1); @@ -126,9 +132,33 @@ void cry_lld_stop(CRYDriver *cryp) { cryerror_t cry_lld_loadkey(CRYDriver *cryp, cryalgorithm_t algorithm, size_t size, const uint8_t *keyp) { - (void)(cryp); - (void)(algorithm); - return samaCryptoDriverWriteTransientKey(keyp, size); + + uint8_t *p = (uint8_t *)cryp->key0_buffer; + + (void)algorithm; + + + if (size <= HAL_CRY_MAX_KEY_SIZE) + { + osalMutexLock(&cryp->mutex); + //clear key + for (size_t i=0;ikey0_buffer[i] = 0; + } + + for (size_t i=0;imutex); + } + else + { + return CRY_ERR_INV_KEY_SIZE; + } + + return CRY_NOERROR; } @@ -1096,6 +1126,131 @@ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, crykey_t key_id, return ret; } + + +/** + * @brief Hash using SHA1. + * @NOTE Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + cryerror_t ret; + + shaparams_t params = {CRY_SHA_1}; + + ret = sama_sha_lld_process(cryp, + ¶ms, + in, + out, + size + ); + + return ret; +} + +/** + * @brief Hash using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + cryerror_t ret; + + shaparams_t params = {CRY_SHA_256}; + + ret = sama_sha_lld_process(cryp, + ¶ms, + in, + out, + size + ); + + return ret; +} + +/** + * @brief Hash using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + cryerror_t ret; + + shaparams_t params = {CRY_SHA_512}; + + ret = sama_sha_lld_process(cryp, + ¶ms, + in, + out, + size + ); + + return ret; +} + +/** + * @brief True random numbers generator. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out) { + + if (!(cryp->enabledPer & TRNG_PER)) { + cryp->enabledPer |= TRNG_PER; + pmcEnableTRNG(); + + //start trng + TRNG->TRNG_CR = TRNG_CR_ENABLE | TRNG_CR_KEY_PASSWD; + } + + while (!(TRNG->TRNG_ISR & TRNG_ISR_DATRDY)); + + *((uint32_t*) out) = TRNG->TRNG_ODATA; + + return (cryerror_t)CRY_NOERROR; +} + #endif /* HAL_USE_CRY */ /** @} */ diff --git a/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.h b/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.h index 029b4d83c..4521bb57b 100644 --- a/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.h +++ b/os/hal/ports/SAMA/SAMA5D2x/hal_crypto_lld.h @@ -25,7 +25,7 @@ #ifndef HAL_CRYPTO_LLD_H #define HAL_CRYPTO_LLD_H -#if HAL_USE_CRY || defined(__DOXYGEN__) +#if (HAL_USE_CRY == TRUE) || defined(__DOXYGEN__) /*===========================================================================*/ /* Driver constants. */ @@ -40,10 +40,14 @@ #define CRY_LLD_SUPPORTS_AES_CBC TRUE #define CRY_LLD_SUPPORTS_AES_CFB TRUE #define CRY_LLD_SUPPORTS_AES_CTR TRUE -#define CRY_LLD_SUPPORTS_AES_GCM TRUE +#define CRY_LLD_SUPPORTS_AES_GCM FALSE #define CRY_LLD_SUPPORTS_DES TRUE #define CRY_LLD_SUPPORTS_DES_ECB TRUE #define CRY_LLD_SUPPORTS_DES_CBC TRUE +#define CRY_LLD_SUPPORTS_SHA1 TRUE +#define CRY_LLD_SUPPORTS_SHA256 TRUE +#define CRY_LLD_SUPPORTS_SHA512 TRUE +#define CRY_LLD_SUPPORTS_TRNG TRUE /** @{ */ /*===========================================================================*/ @@ -99,13 +103,13 @@ typedef enum { CRY_SHA_224, CRY_SHA_256, CRY_SHA_384, - CRY_SHA_512, + CRY_SHA_512 + }shadalgo_t; typedef struct { shadalgo_t algo; - }shaparams_t; /** @@ -138,14 +142,22 @@ typedef struct { } CRYConfig; +#define KEY0_BUFFER_SIZE_W HAL_CRY_MAX_KEY_SIZE/4 +#define SHA_MAX_PADDING_LEN (2 * 128) +#define SHA_UPDATE_LEN (128 * 1024) + #define CRY_DRIVER_EXT_FIELDS thread_reference_t thread; \ sama_dma_channel_t *dmarx; \ sama_dma_channel_t *dmatx; \ uint32_t rxdmamode; \ uint32_t txdmamode; \ - uint8_t dmawith; \ - uint8_t dmachunksize; \ - uint8_t enabledPer; + uint8_t dmawith; \ + uint8_t dmachunksize; \ + uint8_t enabledPer; \ + mutex_t mutex; \ + uint32_t key0_buffer[KEY0_BUFFER_SIZE_W]; \ + uint8_t sha_buffer[SHA_MAX_PADDING_LEN]; + /** * @brief Structure representing an CRY driver. */ @@ -302,11 +314,18 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); + cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } #endif -#endif /* HAL_USE_CRY */ +#endif /* HAL_USE_CRY == TRUE */ #endif /* HAL_CRYPTO_LLD_H */ -- cgit v1.2.3