From 0b1cba4c2e057efcbd652a4026c6bc10527cac41 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Fri, 9 Mar 2018 11:37:12 +0000 Subject: Crypto SHA reworked. git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@11663 110e8d01-0319-4d1e-a829-52ad28d1bb01 --- os/hal/src/hal_crypto.c | 646 +++++++++++++++++++++++++++++++----------------- 1 file changed, 422 insertions(+), 224 deletions(-) (limited to 'os/hal/src/hal_crypto.c') diff --git a/os/hal/src/hal_crypto.c b/os/hal/src/hal_crypto.c index 5ab286ecd..3fb665098 100644 --- a/os/hal/src/hal_crypto.c +++ b/os/hal/src/hal_crypto.c @@ -63,7 +63,7 @@ void cryInit(void) { /** * @brief Initializes the standard part of a @p CRYDriver structure. * - * @param[out] cryp pointer to the @p CRYDriver object + * @param[out] cryp pointer to the @p CRYDriver object * * @init */ @@ -79,9 +79,9 @@ void cryObjectInit(CRYDriver *cryp) { /** * @brief Configures and activates the cryptographic peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] config pointer to the @p CRYConfig object. Depending on - * the implementation the value can be @p NULL. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] config pointer to the @p CRYConfig object. Depending + * on the implementation the value can be @p NULL. * * @api */ @@ -103,7 +103,7 @@ void cryStart(CRYDriver *cryp, const CRYConfig *config) { /** * @brief Deactivates the cryptographic peripheral. * - * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] cryp pointer to the @p CRYDriver object * * @api */ @@ -130,11 +130,11 @@ void cryStop(CRYDriver *cryp) { * @note It is the underlying implementation to decide which combinations * of algorithm and key size are allowable. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] algorithm the algorithm identifier - * @param[in] size key size in bytes - * @param[in] keyp pointer to the key data - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] algorithm the algorithm identifier + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or * unsupported. @@ -180,13 +180,13 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -224,13 +224,13 @@ cryerror_t cryEncryptAES(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -269,15 +269,15 @@ cryerror_t cryDecryptAES(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -319,15 +319,15 @@ cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -369,16 +369,16 @@ cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -422,16 +422,16 @@ cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -475,16 +475,16 @@ cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -528,16 +528,16 @@ cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -581,17 +581,17 @@ cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -636,17 +636,17 @@ cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -691,21 +691,22 @@ cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -759,21 +760,22 @@ cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, * of an AES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of the text buffers, this number must be a - * multiple of 16 - * @param[in] in buffer for the output cyphertext - * @param[out] out buffer containing the input plaintext - * @param[in] iv 128 bits input vector + counter, it contains - * a 96 bits IV and a 32 bits counter - * @param[in] aadsize size of the authentication data, this number must be a - * multiple of 16 - * @param[in] aad buffer containing the authentication data - * @param[in] authtag 128 bits buffer for the generated authentication tag - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number + * must be a multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication + * tag + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -826,13 +828,13 @@ cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, * @note The implementation of this function must guarantee that it can * be called from any context. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -871,13 +873,13 @@ cryerror_t cryEncryptDES(CRYDriver *cryp, * be called from any context. * * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -916,15 +918,15 @@ cryerror_t cryDecryptDES(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -966,15 +968,15 @@ cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1016,16 +1018,16 @@ cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1069,16 +1071,16 @@ cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, * of an DES block, this means that padding must be done by the * caller. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] key_id the key to be used for the operation, zero is the - * transient key, other values are keys stored in an - * unspecified way - * @param[in] size size of both buffers, this number must be a - * multiple of 8 - * @param[in] in buffer containing the input cyphertext - * @param[out] out buffer for the output plaintext - * @param[in] iv 64 bits input vector - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 64 bits input vector + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. @@ -1117,35 +1119,99 @@ cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, } /** - * @brief Hash using SHA1. + * @brief Hash initialization using SHA1. * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 160 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha1ctxp pointer to a SHA1 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA1(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); #if CRY_LLD_SUPPORTS_SHA1 == TRUE - return cry_lld_SHA1(cryp, size, in, out); + return cry_lld_SHA1_init(cryp, sha1ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA1(cryp, size, in, out); + return cry_fallback_SHA1_init(cryp, sha1ctxp); #else (void)cryp; + (void)sha1ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_update(cryp, sha1ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_update(cryp, sha1ctxp, size, in); +#else + (void)cryp; + (void)sha1ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_final(cryp, sha1ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_final(cryp, sha1ctxp, out); +#else + (void)cryp; + (void)sha1ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1153,34 +1219,100 @@ cryerror_t crySHA1(CRYDriver *cryp, size_t size, } /** - * @brief Hash using SHA256. + * @brief Hash initialization using SHA256. + * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 256 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha256ctxp pointer to a SHA256 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA256(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA256 == TRUE - return cry_lld_SHA256(cryp, size, in, out); +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_init(cryp, sha256ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_init(cryp, sha256ctxp); +#else + (void)cryp; + (void)sha256ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_update(cryp, sha256ctxp, size, in); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA256(cryp, size, in, out); + return cry_fallback_SHA256_update(cryp, sha256ctxp, size, in); #else (void)cryp; + (void)sha256ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA256. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA256_final(cryp, sha256ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_final(cryp, sha256ctxp, out); +#else + (void)cryp; + (void)sha256ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1188,34 +1320,100 @@ cryerror_t crySHA256(CRYDriver *cryp, size_t size, } /** - * @brief Hash using SHA512. + * @brief Hash initialization using SHA512. + * @note Use of this algorithm is not recommended because proven weak. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[in] size size of input buffer - * @param[in] in buffer containing the input text - * @param[out] out 512 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha512ctxp pointer to a SHA512 context to be initialized + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. * * @api */ -cryerror_t crySHA512(CRYDriver *cryp, size_t size, - const uint8_t *in, uint8_t *out) { +cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp) { - osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL)); osalDbgAssert(cryp->state == CRY_READY, "not ready"); -#if CRY_LLD_SUPPORTS_SHA512 == TRUE - return cry_lld_SHA512(cryp, size, in, out); +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_init(cryp, sha512ctxp); #elif HAL_CRY_USE_FALLBACK == TRUE - return cry_fallback_SHA512(cryp, size, in, out); + return cry_fallback_SHA512_init(cryp, sha512ctxp); #else (void)cryp; + (void)sha512ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_update(cryp, sha512ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_update(cryp, sha512ctxp, size, in); +#else + (void)cryp; + (void)sha512ctxp; (void)size; (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA512. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * + * @api + */ +cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA512_final(cryp, sha512ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_final(cryp, sha512ctxp, out); +#else + (void)cryp; + (void)sha512ctxp; (void)out; return CRY_ERR_INV_ALGO; @@ -1225,9 +1423,9 @@ cryerror_t crySHA512(CRYDriver *cryp, size_t size, /** * @brief True random numbers generator. * - * @param[in] cryp pointer to the @p CRYDriver object - * @param[out] out 128 bits output buffer - * @return The operation status. + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] out 128 bits output buffer + * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this * device instance. -- cgit v1.2.3