From 5b31410098434a2aff0c0729621fee6c6f2b3519 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Thu, 30 Nov 2017 11:38:07 +0000 Subject: Added SHAx and TRNG to the crypto driver model. git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@11090 35acf78f-673a-0410-8e92-d51de3d6d3f4 --- os/hal/include/hal_crypto.h | 7 ++ os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c | 96 +++++++++++++++ os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h | 21 +++- os/hal/src/hal_crypto.c | 160 +++++++++++++++++++++++-- os/hal/templates/hal_crypto_lld.c | 96 +++++++++++++++ os/hal/templates/hal_crypto_lld.h | 11 ++ 6 files changed, 374 insertions(+), 17 deletions(-) (limited to 'os') diff --git a/os/hal/include/hal_crypto.h b/os/hal/include/hal_crypto.h index 91de0576d..df2167b02 100644 --- a/os/hal/include/hal_crypto.h +++ b/os/hal/include/hal_crypto.h @@ -280,6 +280,13 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); + cryerror_t crySHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t crySHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t crySHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } #endif diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c index 7d305968a..7e2f7f9db 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c @@ -855,6 +855,102 @@ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, return CRY_ERR_INV_ALGO; } +/** + * @brief Hash using SHA1. + * @NOTE Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief True random numbers generator. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out) { + + (void)cryp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + #endif /* HAL_USE_CRY == TRUE */ /** @} */ diff --git a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h index 3ae153943..fee426ac0 100644 --- a/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h +++ b/os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h @@ -44,6 +44,10 @@ #define CRY_LLD_SUPPORTS_DES TRUE #define CRY_LLD_SUPPORTS_DES_ECB TRUE #define CRY_LLD_SUPPORTS_DES_CBC TRUE +#define CRY_LLD_SUPPORTS_SHA1 TRUE +#define CRY_LLD_SUPPORTS_SHA256 TRUE +#define CRY_LLD_SUPPORTS_SHA512 TRUE +#define CRY_LLD_SUPPORTS_TRNG TRUE /** @{ */ /*===========================================================================*/ @@ -51,16 +55,16 @@ /*===========================================================================*/ /** - * @name PLATFORM configuration options + * @name STM32 configuration options * @{ */ /** * @brief CRY1 driver enable switch. - * @details If set to @p TRUE the support for CRY1 is included. + * @details If set to @p TRUE the support for CRYP1 is included. * @note The default is @p FALSE. */ -#if !defined(PLATFORM_CRY_USE_CRY1) || defined(__DOXYGEN__) -#define PLATFORM_CRY_USE_CRY1 FALSE +#if !defined(STM32_CRY_USE_CRYP1) || defined(__DOXYGEN__) +#define STM32_CRY_USE_CRYP1 FALSE #endif /** @} */ @@ -130,7 +134,7 @@ struct CRYDriver { /* External declarations. */ /*===========================================================================*/ -#if (PLATFORM_CRY_USE_CRY1 == TRUE) && !defined(__DOXYGEN__) +#if (STM32_CRY_USE_CRYP1 == TRUE) && !defined(__DOXYGEN__) extern CRYDriver CRYD1; #endif @@ -246,6 +250,13 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); + cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } #endif diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index c099335bf..d1c139f64 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -273,7 +273,7 @@ cryerror_t cryDecryptAES(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -323,7 +323,7 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -373,7 +373,7 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -426,7 +426,7 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -479,7 +479,7 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -532,7 +532,7 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -585,7 +585,7 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -640,7 +640,7 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 16 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -920,7 +920,7 @@ cryerror_t cryDecryptDES(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 8 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -970,7 +970,7 @@ cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 8 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -1020,7 +1020,7 @@ cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 8 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext @@ -1073,7 +1073,7 @@ cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way - * @param[in] size size of the plaintext buffer, this number must be a + * @param[in] size size of both buffers, this number must be a * multiple of 8 * @param[in] in buffer containing the input cyphertext * @param[out] out buffer for the output plaintext @@ -1116,6 +1116,142 @@ cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, #endif } +/** + * @brief Hash using SHA1. + * @NOTE Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1(cryp, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1(cryp, size, in, out); +#else + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA256 == TRUE + return cry_lld_SHA256(cryp, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256(cryp, size, in, out); +#else + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA512 == TRUE + return cry_lld_SHA512(cryp, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512(cryp, size, in, out); +#else + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief True random numbers generator. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_TRNG == TRUE + return cry_lld_TRNG(cryp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_TRNG(cryp, out); +#else + (void)cryp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + #endif /* HAL_USE_CRY == TRUE */ /** @} */ diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index 2d8a18ef1..d58af0bc1 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -855,6 +855,102 @@ cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, return CRY_ERR_INV_ALGO; } +/** + * @brief Hash using SHA1. + * @NOTE Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Hash using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out) { + + (void)cryp; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief True random numbers generator. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out) { + + (void)cryp; + (void)out; + + return CRY_ERR_INV_ALGO; +} + #endif /* HAL_USE_CRY == TRUE */ /** @} */ diff --git a/os/hal/templates/hal_crypto_lld.h b/os/hal/templates/hal_crypto_lld.h index 3900b5b64..31d458c08 100644 --- a/os/hal/templates/hal_crypto_lld.h +++ b/os/hal/templates/hal_crypto_lld.h @@ -44,6 +44,10 @@ #define CRY_LLD_SUPPORTS_DES TRUE #define CRY_LLD_SUPPORTS_DES_ECB TRUE #define CRY_LLD_SUPPORTS_DES_CBC TRUE +#define CRY_LLD_SUPPORTS_SHA1 TRUE +#define CRY_LLD_SUPPORTS_SHA256 TRUE +#define CRY_LLD_SUPPORTS_SHA512 TRUE +#define CRY_LLD_SUPPORTS_TRNG TRUE /** @{ */ /*===========================================================================*/ @@ -246,6 +250,13 @@ extern "C" { const uint8_t *in, uint8_t *out, const uint8_t *iv); + cryerror_t cry_lld_SHA1(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA256(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_SHA512(CRYDriver *cryp, size_t size, + const uint8_t *in, uint8_t *out); + cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out); #ifdef __cplusplus } #endif -- cgit v1.2.3