Improved key handling.

git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@12786 27425a3e-05d8-49a3-a47f-9c15f0e5edd8
This commit is contained in:
Giovanni Di Sirio 2019-05-12 08:06:48 +00:00
parent 773a65024b
commit 24fbf940cd
3 changed files with 62 additions and 15 deletions

View File

@ -86,6 +86,8 @@ static inline void cryp_set_key_encrypt(CRYDriver *cryp, uint32_t algomode) {
cr &= ~(CRYP_CR_KEYSIZE_Msk | CRYP_CR_ALGOMODE_Msk | CRYP_CR_ALGODIR_Msk);
cr |= cryp->cryp_ksize | algomode | CRYP_CR_CRYPEN;
CRYP->CR = cr;
cryp->cryp_ktype = cryp_key_aes_encrypt;
}
/**
@ -107,6 +109,8 @@ static inline void cryp_set_key_decrypt(CRYDriver *cryp, uint32_t algomode) {
cr &= ~(CRYP_CR_KEYSIZE_Msk | CRYP_CR_ALGOMODE_Msk | CRYP_CR_ALGODIR_Msk);
cr |= cryp->cryp_ksize | algomode | CRYP_CR_ALGODIR | CRYP_CR_CRYPEN;
CRYP->CR = cr;
cryp->cryp_ktype = cryp_key_aes_decrypt;
}
/**
@ -447,6 +451,18 @@ void cry_lld_start(CRYDriver *cryp) {
#endif
}
/* Resetting trasient key data.*/
cryp->cryp_ktype = cryp_key_none;
cryp->cryp_ksize = 0U;
cryp->cryp_k[0] = 0U;
cryp->cryp_k[1] = 0U;
cryp->cryp_k[2] = 0U;
cryp->cryp_k[3] = 0U;
cryp->cryp_k[4] = 0U;
cryp->cryp_k[5] = 0U;
cryp->cryp_k[6] = 0U;
cryp->cryp_k[7] = 0U;
#if STM32_CRY_USE_CRYP1
/* CRYP setup.*/
CRYP->CR = CRYP_CR_DATATYPE_1;
@ -594,7 +610,9 @@ cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp,
}
/* Setting the stored key.*/
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
if (cryp->cryp_ktype != cryp_key_aes_encrypt) {
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
}
/* Pushing the AES block in the FIFO, it is assumed to be empty.*/
CRYP->DR = __UNALIGNED_UINT32_READ(&in[0]);
@ -650,7 +668,9 @@ cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp,
}
/* Setting the stored key.*/
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
if (cryp->cryp_ktype != cryp_key_aes_decrypt) {
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
}
/* Pushing the AES block in the FIFO, it is assumed to be empty.*/
CRYP->DR = __UNALIGNED_UINT32_READ(&in[0]);
@ -711,7 +731,9 @@ cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
}
/* Setting the stored key.*/
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
if (cryp->cryp_ktype != cryp_key_aes_encrypt) {
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
}
return cryp_do_transfer(cryp, size, in, out);
}
@ -754,7 +776,9 @@ cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp,
}
/* Setting the stored key.*/
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
if (cryp->cryp_ktype != cryp_key_aes_decrypt) {
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_ECB);
}
return cryp_do_transfer(cryp, size, in, out);
}
@ -802,7 +826,9 @@ cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp,
/* Setting the stored key and IV.*/
cryp_set_iv(cryp, iv);
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_CBC);
if (cryp->cryp_ktype != cryp_key_aes_encrypt) {
cryp_set_key_encrypt(cryp, CRYP_CR_ALGOMODE_AES_CBC);
}
return cryp_do_transfer(cryp, size, in, out);
}
@ -848,7 +874,9 @@ cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp,
/* Setting the stored key and IV.*/
cryp_set_iv(cryp, iv);
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_CBC);
if (cryp->cryp_ktype != cryp_key_aes_decrypt) {
cryp_set_key_decrypt(cryp, CRYP_CR_ALGOMODE_AES_CBC);
}
return cryp_do_transfer(cryp, size, in, out);
}

View File

@ -225,7 +225,7 @@
#define CRY_LLD_SUPPORTS_AES TRUE
#define CRY_LLD_SUPPORTS_AES_ECB TRUE
#define CRY_LLD_SUPPORTS_AES_CBC TRUE
#define CRY_LLD_SUPPORTS_AES_CFB TRUE
#define CRY_LLD_SUPPORTS_AES_CFB FALSE
#define CRY_LLD_SUPPORTS_AES_CTR TRUE
#define CRY_LLD_SUPPORTS_AES_GCM TRUE
#define CRY_LLD_SUPPORTS_DES TRUE
@ -271,6 +271,17 @@ typedef uint32_t crykey_t;
*/
typedef struct CRYDriver CRYDriver;
/**
* @brief Type of key stored in CRYP.
*/
typedef enum {
cryp_key_none = 0,
cryp_key_des = 1,
cryp_key_tdes = 2,
cryp_key_aes_encrypt = 3,
cryp_key_aes_decrypt = 4
} cryp_ktype_t;
/**
* @brief Driver configuration structure.
* @note It could be empty on some architectures.
@ -296,6 +307,18 @@ struct CRYDriver {
#endif
/* End of the mandatory fields.*/
#if (STM32_CRY_USE_CRYP1 == TRUE) || defined (__DOXYGEN__)
/**
* @brief Type of the key currently stored in CRYP.
*/
cryp_ktype_t cryp_ktype;
/**
* @brief Key size setup value for CR register.
*/
uint32_t cryp_ksize;
/**
* @brief Transient key data.
*/
uint32_t cryp_k[8];
#if (STM32_CRY_CRYP_SIZE_THRESHOLD != 0) || defined (__DOXYGEN__)
/**
* @brief Thread reference for CRYP operations.
@ -310,14 +333,6 @@ struct CRYDriver {
*/
const stm32_dma_stream_t *cryp_dma_out;
#endif /* STM32_CRY_CRYP_SIZE_THRESHOLD != 0 */
/**
* @brief Key size setup value for CR register.
*/
uint32_t cryp_ksize;
/**
* @brief Transient key data.
*/
uint32_t cryp_k[8];
#endif /* STM32_CRY_USE_CRYP1 == TRUE */
#if (STM32_CRY_USE_HASH1 == TRUE) || defined (__DOXYGEN__)
#if (STM32_CRY_HASH_SIZE_THRESHOLD != 0) || defined (__DOXYGEN__)

View File

@ -66,6 +66,8 @@ int main(void) {
/* Normal main() thread activity, in this demo it does nothing.*/
while (true) {
uint8_t digest[32];
static uint8_t iv[16] = {00, 00, 00, 00, 00, 00, 00, 00,
00, 00, 00, 00, 00, 00, 00, 00};
static uint8_t key[16] = {00, 00, 00, 00, 00, 00, 00, 00,
00, 00, 00, 00, 00, 00, 00, 00};
static uint8_t data[16] = {00, 00, 00, 00, 00, 00, 00, 00,
@ -92,6 +94,8 @@ int main(void) {
cryDecryptAES(&CRYD1, (crykey_t)0, data, out);
cryEncryptAES_ECB(&CRYD1, (crykey_t)0, 16U, data, out);
cryDecryptAES_ECB(&CRYD1, (crykey_t)0, 16U, data, out);
cryEncryptAES_CBC(&CRYD1, (crykey_t)0, 16U, data, out, iv);
cryDecryptAES_CBC(&CRYD1, (crykey_t)0, 16U, data, out, iv);
}
chThdSleepMilliseconds(500);
}