From 33479f263aff0e2c5354b9d22c43f759a05a4d52 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Fri, 12 Apr 2019 08:30:49 +0000 Subject: Modified AES GCM function signatures. git-svn-id: svn://svn.code.sf.net/p/chibios/svn/branches/stable_19.1.x@12734 27425a3e-05d8-49a3-a47f-9c15f0e5edd8 --- os/hal/src/hal_crypto.c | 131 ++++++++++++++++++++++++++---------------------- 1 file changed, 71 insertions(+), 60 deletions(-) (limited to 'os/hal/src') diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 5609e1ee3..57430912b 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -699,17 +699,16 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is * the transient key, other values are keys stored * in an unspecified way - * @param[in] size size of the text buffers, this number must be a + * @param[in] auth_size size of the data buffer to be authenticated + * @param[in] auth_in buffer containing the data to be authenticated + * @param[in] text_size size of the text buffer, this number must be a * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number - * must be a multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication - * tag + * @param[in] text_in buffer containing the input plaintext + * @param[out] text_out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @param[in] tag_size size of the authentication tag, this number + * must be between 1 and 16 + * @param[out] tag_out buffer for the generated authentication tag * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -724,37 +723,43 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, */ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, crykey_t key_id, - size_t size, - const uint8_t *in, - uint8_t *out, + size_t auth_size, + const uint8_t *auth_in, + size_t text_size, + const uint8_t *text_in, + uint8_t *text_out, const uint8_t *iv, - size_t aadsize, - const uint8_t *aad, - uint8_t *authtag) { + size_t tag_size, + uint8_t *tag_out) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && - (iv != NULL) && (aad != NULL) && (authtag != NULL) && - ((size & (size_t)15) == (size_t)0) && - ((aadsize & (size_t)15) == (size_t)0)); + osalDbgCheck((cryp != NULL) && (auth_in != NULL) && + (text_size > (size_t)0) && + ((text_size & (size_t)15) == (size_t)0) && + (text_in != NULL) && (text_out != NULL) && (iv != NULL) && + (tag_size >= (size_t)1) && (tag_size <= (size_t)16) && + (tag_out != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_AES_GCM== TRUE - return cry_lld_encrypt_AES_GCM(cryp, key_id, size, in, out, iv, - aadsize, aad, authtag); + return cry_lld_encrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_out); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_encrypt_AES_GCM(cryp, key_id, size, in, out, iv, - aadsize, aad, authtag); + return cry_fallback_encrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_out); #else (void)cryp; (void)key_id; - (void)size; - (void)in; - (void)out; + (void)auth_size; + (void)auth_in; + (void)text_size; + (void)text_in; + (void)text_out; (void)iv; - (void)aadsize; - (void)aad; - (void)authtag; + (void)tag_size; + (void)tag_out; return CRY_ERR_INV_ALGO; #endif @@ -770,17 +775,16 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is * the transient key, other values are keys stored * in an unspecified way - * @param[in] size size of the text buffers, this number must be a + * @param[in] auth_size size of the data buffer to be authenticated + * @param[in] auth_in buffer containing the data to be authenticated + * @param[in] text_size size of the text buffer, this number must be a * multiple of 16 - * @param[in] in buffer for the output cyphertext - * @param[out] out buffer containing the input plaintext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number - * must be a multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication - * tag + * @param[in] text_in buffer containing the input plaintext + * @param[out] text_out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @param[in] tag_size size of the authentication tag, this number + * must be between 1 and 16 + * @param[in] tag_in buffer for the generated authentication tag * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -788,6 +792,7 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers to an empty key slot. + * @retval CRY_ERR_AUTH_FAILED authentication failed * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation * dependent. * @@ -795,37 +800,43 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, */ cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, crykey_t key_id, - size_t size, - const uint8_t *in, - uint8_t *out, + size_t auth_size, + const uint8_t *auth_in, + size_t text_size, + const uint8_t *text_in, + uint8_t *text_out, const uint8_t *iv, - size_t aadsize, - const uint8_t *aad, - uint8_t *authtag) { + size_t tag_size, + const uint8_t *tag_in) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && - (iv != NULL) && (aad != NULL) && (authtag != NULL) && - ((size & (size_t)15) == (size_t)0) && - ((aadsize & (size_t)15) == (size_t)0)); + osalDbgCheck((cryp != NULL) && (auth_in != NULL) && + (text_size > (size_t)0) && + ((text_size & (size_t)15) == (size_t)0) && + (text_in != NULL) && (text_out != NULL) && (iv != NULL) && + (tag_size >= (size_t)1) && (tag_size <= (size_t)16) && + (tag_in != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_AES_GCM== TRUE - return cry_lld_decrypt_AES_GCM(cryp, key_id, size, in, out, iv, - aadsize, aad, authtag); + return cry_lld_decrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_in); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_decrypt_AES_GCM(cryp, key_id, size, in, out, iv, - aadsize, aad, authtag); + return cry_fallback_decrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_in); #else (void)cryp; (void)key_id; - (void)size; - (void)in; - (void)out; + (void)auth_size; + (void)auth_in; + (void)text_size; + (void)text_in; + (void)text_out; (void)iv; - (void)aadsize; - (void)aad; - (void)authtag; + (void)tag_size; + (void)tag_in; return CRY_ERR_INV_ALGO; #endif -- cgit v1.2.3