From 7156f2c323f5b4d6a3f9eec7673b0b1680fb8ff9 Mon Sep 17 00:00:00 2001 From: Giovanni Di Sirio Date: Mon, 23 Oct 2017 14:43:43 +0000 Subject: git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10888 35acf78f-673a-0410-8e92-d51de3d6d3f4 --- os/hal/templates/hal_crypto_lld.c | 200 +++++++++++++++++++++++++++++++------- 1 file changed, 163 insertions(+), 37 deletions(-) (limited to 'os/hal/templates/hal_crypto_lld.c') diff --git a/os/hal/templates/hal_crypto_lld.c b/os/hal/templates/hal_crypto_lld.c index 9268e5398..1aa90d2af 100644 --- a/os/hal/templates/hal_crypto_lld.c +++ b/os/hal/templates/hal_crypto_lld.c @@ -15,8 +15,8 @@ */ /** - * @file CRYPv1/hal_crypto_lld.c - * @brief STM32 cryptographic subsystem low level driver source. + * @file hal_crypto_lld.c + * @brief PLATFORM cryptographic subsystem low level driver source. * * @addtogroup CRYPTO * @{ @@ -120,6 +120,9 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, /** * @brief Encryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -137,7 +140,7 @@ cryerror_t cry_lld_loadkey(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -151,11 +154,14 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, (void)in; (void)out; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-ECB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -173,7 +179,7 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, @@ -187,11 +193,14 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, (void)in; (void)out; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -201,7 +210,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -210,7 +219,7 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -226,11 +235,14 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CBC. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -240,7 +252,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -249,7 +261,7 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, @@ -265,11 +277,14 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -279,7 +294,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -288,7 +303,7 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -304,11 +319,14 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CFB. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the @@ -318,7 +336,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * multiple of the selected key size * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] iv input vector + * @param[in] iv 128 bits initial vector * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -327,7 +345,7 @@ cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, @@ -343,22 +361,25 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, (void)out; (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Encryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size + * multiple of 16 * @param[in] in buffer containing the input plaintext * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -367,40 +388,41 @@ cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid * or refers and empty key slot. * - * @api + * @notapi */ cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; } /** * @brief Decryption operation using AES-CTR. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. * * @param[in] cryp pointer to the @p CRYDriver object * @param[in] key_id the key to be used for the operation, zero is the * transient key, other values are keys stored in an * unspecified way * @param[in] size size of the plaintext buffer, this number must be a - * multiple of the selected key size - * @param[in] in buffer containing the input plaintext - * @param[out] out buffer for the output cyphertext - * @param[in] nonce the "nonce" constant - * @param[in,out] cnt the initial value of the counter, normally zero + * multiple of 16 + * @param[in] in buffer containing the input cyphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter * @return The operation status. * @retval CRY_NOERROR if the operation succeeded. * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this @@ -416,18 +438,122 @@ cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, size_t size, const uint8_t *in, uint8_t *out, - const uint8_t *nonce, - uint8_t *cnt) { + const uint8_t *iv) { (void)cryp; (void)key_id; (void)size; (void)in; (void)out; - (void)nonce; - (void)cnt; + (void)iv; - return CRY_NOERROR; + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Encryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output cyphertext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; +} + +/** + * @brief Decryption operation using AES-GCM. + * @note The function operates on data buffers whose lenght is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is the + * transient key, other values are keys stored in an + * unspecified way + * @param[in] size size of the text buffers, this number must be a + * multiple of 16 + * @param[in] in buffer for the output cyphertext + * @param[out] out buffer containing the input plaintext + * @param[in] iv 128 bits initial vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @param[in] aadsize size of the authentication data, this number must be a + * multiple of 16 + * @param[in] aad buffer containing the authentication data + * @param[in] authtag 128 bits buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers and empty key slot. + * + * @notapi + */ +cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv, + size_t aadsize, + const uint8_t *aad, + uint8_t *authtag) { + + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + (void)aadsize; + (void)aad; + (void)authtag; + + return CRY_ERR_INV_ALGO; } #endif /* HAL_USE_CRY == TRUE */ -- cgit v1.2.3