From 7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Mon, 23 Oct 2017 14:43:43 +0000 Subject: git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10888 35acf78f-673a-0410-8e92-d51de3d6d3f4 --- os/hal/include/hal_crypto.h | 31 ++-- os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 180 +++++++++++++++++---- os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 25 ++- os/hal/src/hal_crypto.c | 212 +++++++++++++++++++++---- os/hal/templates/hal_crypto_lld.c | 200 ++++++++++++++++++----- os/hal/templates/hal_crypto_lld.h | 25 ++- 6 files changed, 557 insertions(+), 116 deletions(-) (limited to 'os') diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h index 433953e45..8836dafd5 100644 --- a/os/hal/include/hal_crypto.h +++ b/os/hal/include/hal_crypto.h @@ -95,8 +95,7 @@ typedef enum { CRY_ERR_INV_ALGO = 1, /**< Invalid cypher/mode. */ CRY_ERR_INV_KEY_SIZE = 2, /**< Invalid key size. */ CRY_ERR_INV_KEY_TYPE = 3, /**< Invalid key type. */ - CRY_ERR_INV_KEY_ID = 4, /**< Invalid key type. */ - CRY_ERR_AUTH_FAILED = 5 /**< Authentication failed. */ + CRY_ERR_INV_KEY_ID = 4 /**< Invalid key type. */ } cryerror_t; /** @@ -120,6 +119,7 @@ typedef enum { #define CRY_LLD_SUPPORTS_AES_CBC FALSE #define CRY_LLD_SUPPORTS_AES_CFB FALSE #define CRY_LLD_SUPPORTS_AES_CTR FALSE +#define CRY_LLD_SUPPORTS_AES_GCM FALSE typedef uint_fast8_t crykey_t; @@ -141,8 +141,9 @@ struct CRYDriver { #if !defined(CRY_LLD_SUPPORTS_AES_ECB) || \ !defined(CRY_LLD_SUPPORTS_AES_CBC) || \ !defined(CRY_LLD_SUPPORTS_AES_CFB) || \ - !defined(CRY_LLD_SUPPORTS_AES_CTR) -#error "CRYPTO LLD does not export required switches" + !defined(CRY_LLD_SUPPORTS_AES_CTR) || \ + !defined(CRY_LLD_SUPPORTS_AES_GCM) +#error "CRYPTO LLD does not export the required switches" #endif /*===========================================================================*/ @@ -209,33 +210,31 @@ extern "C" { size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, crykey_t key_id, - bitsize_t size, + size_t size, const uint8_t *in, uint8_t *out, - bitsize_t ivsize, const uint8_t *iv, - bitsize_t authsize, - uint8_t *authout); + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, crykey_t key_id, - bitsize_t size, + size_t size, const uint8_t *in, uint8_t *out, - bitsize_t ivsize, const uint8_t *iv, - bitsize_t authsize, - const uint8_t *authin); + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); #ifdef __cplusplus } #endif diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index f871ff4d4..00a4478c7 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -120,6 +120,9 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, /** * @brief Encryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -137,7 +140,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -156,6 +159,9 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, /** * @brief Decryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -173,7 +179,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -192,6 +198,9 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, /** * @brief Encryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -201,7 +210,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -210,7 +219,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -231,6 +240,9 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, /** * @brief Decryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -240,7 +252,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -249,7 +261,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -270,6 +282,9 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, /** * @brief Encryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -279,7 +294,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -288,7 +303,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -309,6 +324,9 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, /** * @brief Decryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -318,7 +336,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -327,7 +345,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -348,17 +366,20 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, /** * @brief Encryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size + * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -367,40 +388,41 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -416,16 +438,120 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Encryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Decryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; return CRY_ERR_INV_ALGO; } diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index 4273340ad..977e25438 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -39,6 +39,7 @@ #define CRY_LLD_SUPPORTS_AES_CBC TRUE #define CRY_LLD_SUPPORTS_AES_CFB FALSE #define CRY_LLD_SUPPORTS_AES_CTR TRUE +#define CRY_LLD_SUPPORTS_AES_GCM TRUE /** @{ */ /*===========================================================================*/ @@ -178,15 +179,31 @@ extern "C" { size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); + cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); + cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); #ifdef __cplusplus } #endif diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 710495343..31bee80db 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -174,6 +174,9 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp, /** * @brief Encryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -221,6 +224,9 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, /** * @brief Decryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -228,8 +234,8 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, * unspecified way * @param[in] size size of the plaintext buffer, this number must be a * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -268,6 +274,9 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, /** * @brief Encryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -277,7 +286,7 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -318,6 +327,9 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, /** * @brief Decryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -325,9 +337,9 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, * unspecified way * @param[in] size size of the plaintext buffer, this number must be a * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -368,6 +380,9 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, /** * @brief Encryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -377,7 +392,7 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -418,6 +433,9 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, /** * @brief Decryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -425,9 +443,9 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, * unspecified way * @param[in] size size of the plaintext buffer, this number must be a * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -468,6 +486,9 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, /** * @brief Encryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -477,8 +498,8 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -494,19 +515,17 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && - (nonce != NULL) && (cnt != NULL) && - ((size & (size_t)15) == (size_t)0)); + (iv != NULL) && ((size & (size_t)15) == (size_t)0)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_AES_CTR == TRUE - return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt); + return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, iv); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_encrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt); + return cry_fallback_encrypt_AES_CTR(cryp, key_id, size, in, out, iv); #else (void)cryp; (void)key_id; @@ -522,6 +541,9 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, /** * @brief Decryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -529,10 +551,10 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * unspecified way * @param[in] size size of the plaintext buffer, this number must be a * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -548,19 +570,17 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && - (nonce != NULL) && (cnt != NULL) && - ((size & (size_t)15) == (size_t)0)); + (iv != NULL) && ((size & (size_t)15) == (size_t)0)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_AES_CTR == TRUE - return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt); + return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, iv); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_decrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt); + return cry_fallback_decrypt_AES_CTR(cryp, key_id, size, in, out, iv); #else (void)cryp; (void)key_id; @@ -574,6 +594,142 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, #endif } +/** + * @brief Encryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @api + */ +cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (aad != NULL) && (authtag != NULL) && + ((size & (size_t)15) == (size_t)0) && + ((aadsize & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_GCM== TRUE + return cry_lld_encrypt_AES_GCM(cryp, key_id, size, in, out, iv, + aadsize, aad, authtag); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_GCM(cryp, key_id, size, in, out, iv, + aadsize, aad, authtag); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @api + */ +cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (aad != NULL) && (authtag != NULL) && + ((size & (size_t)15) == (size_t)0) && + ((aadsize & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_GCM== TRUE + return cry_lld_decrypt_AES_GCM(cryp, key_id, size, in, out, iv, + aadsize, aad, authtag); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_GCM(cryp, key_id, size, in, out, iv, + aadsize, aad, authtag); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; +#endif +} + #endif /* HAL_USE_CRY == TRUE */ /** @} */ diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index 9268e5398..1aa90d2af 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -15,8 +15,8 @@ */ /** - * @file CRYPv1/hal_crypto_lld.c - * @brief STM32 cryptographic subsystem low level driver source. + * @file hal_crypto_lld.c + * @brief PLATFORM cryptographic subsystem low level driver source. * * @addtogroup CRYPTO * @{ @@ -120,6 +120,9 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, /** * @brief Encryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -137,7 +140,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -151,11 +154,14 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, (void)in; (void)out; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -173,7 +179,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -187,11 +193,14 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, (void)in; (void)out; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -201,7 +210,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -210,7 +219,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -226,11 +235,14 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -240,7 +252,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -249,7 +261,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -265,11 +277,14 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -279,7 +294,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -288,7 +303,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -304,11 +319,14 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -318,7 +336,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -327,7 +345,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -343,22 +361,25 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size + * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -367,40 +388,41 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -416,18 +438,122 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Encryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Decryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; } #endif /* HAL_USE_CRY == TRUE */ diff --git a/os/hal/templates/hal_crypto_lld.h b/os/hal/templates/hal_crypto_lld.h index 05aa5566d..eb139e4aa 100644 --- a/os/hal/templates/hal_crypto_lld.h +++ b/os/hal/templates/hal_crypto_lld.h @@ -39,6 +39,7 @@ #define CRY_LLD_SUPPORTS_AES_CBC TRUE #define CRY_LLD_SUPPORTS_AES_CFB TRUE #define CRY_LLD_SUPPORTS_AES_CTR TRUE +#define CRY_LLD_SUPPORTS_AES_GCM TRUE /** @{ */ /*===========================================================================*/ @@ -178,15 +179,31 @@ extern "C" { size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt); + const uint8_t *iv); + cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); + cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag); #ifdef __cplusplus } #endif -- cgit v1.2.3