andreika-git
/
ChibiOS
mirror of https://github.com/andreika-git/ChibiOS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More crypto code, still unfinished. 

git-svn-id: svn://svn.code.sf.net/p/chibios/svn/trunk@10870 35acf78f-673a-0410-8e92-d51de3d6d3f4
This commit is contained in:
Giovanni Di Sirio 2017-10-22 09:34:37 +00:00
parent 39daa496e9
commit 695dbad084
4 changed files with 216 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
os/hal/include/hal_crypto.h
View File

@ -35,27 +35,6 @@
/* Driver pre-compile time settings. */
/*===========================================================================*/
/**
* @name CRYPTO configuration options
* @{
*/
/**
* @brief Enables asynchronous APIs.
* @note Disabling this option saves both code and data space.
*/
#if !defined(CRY_USE_CALLBACKS) || defined(__DOXYGEN__)
#define CRY_USE_CALLBACKS TRUE
#endif
/**
* @brief Enables the @p cryAcquireBus() and @p cryReleaseBus() APIs.
* @note Disabling this option saves both code and data space.
*/
#if !defined(CRY_USE_MUTUAL_EXCLUSION) || defined(__DOXYGEN__)
#define CRY_USE_MUTUAL_EXCLUSION TRUE
#endif
/** @} */
/*===========================================================================*/
/* Derived constants and error checks. */
/*===========================================================================*/
@ -70,8 +49,7 @@
typedef enum {
CRY_UNINIT = 0, /**< Not initialized. */
CRY_STOP = 1, /**< Stopped. */
CRY_READY = 2, /**< Ready. */
CRY_ACTIVE = 3 /**< Operation running. */
CRY_READY = 2 /**< Ready. */
} crystate_t;
/**
@ -85,6 +63,17 @@ typedef enum {
CRY_ERR_INV_KEY_ID = 4 /**< Invalid key type. */
} cryerror_t;
/**
* @brief Type of an algorithm identifier.
* @note It is only used to determine the key required for operations.
*/
typedef enum {
cry_algo_none = 0,
cry_algo_aes,
cry_algo_des,
cry_algo_tripledes
} cryalgorithm_t;
#include "hal_crypto_lld.h"
#if !defined(CRY_LLD_SUPPORTS_AES_ECB) || \
@ -94,24 +83,6 @@ typedef enum {
#error "CRYPTO LLD does not export required switches"
#endif
/**
* @brief Type of an algorithm identifier.
*/
typedef enum {
#if (CRY_LLD_SUPPORTS_AES_ECB == TRUE) || defined(__DOXYGEN__)
cry_algo_aes_ecb,
#endif
#if (CRY_LLD_SUPPORTS_AES_CBC == TRUE) || defined(__DOXYGEN__)
cry_algo_aes_cbc,
#endif
#if (CRY_LLD_SUPPORTS_AES_CFB == TRUE) || defined(__DOXYGEN__)
cry_algo_aes_cfb,
#endif
#if (CRY_LLD_SUPPORTS_AES_CTR == TRUE) || defined(__DOXYGEN__)
cry_algo_aes_ctr,
#endif
} cryalgorithm_t;
/*===========================================================================*/
/* Driver macros. */
/*===========================================================================*/
@ -133,29 +104,34 @@ extern "C" {
void cryObjectInit(CRYDriver *cryp);
void cryStart(CRYDriver *cryp, const CRYConfig *config);
void cryStop(CRYDriver *cryp);
cryerror_t cryLoadTransientKey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
#if CRY_LLD_SUPPORTS_AES_ECB == TRUE
cryerror_t cryEncryptAES_ECB(crykey_t key_id,
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
cryerror_t cryDecryptAES_ECB(crykey_t key_id,
cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
#endif /* CRY_LLD_SUPPORTS_AES_ECB == TRUE */
#if CRY_LLD_SUPPORTS_AES_CBC == TRUE
cryerror_t cryEncryptAES_CBC(crykey_t key_id,
cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cryDecryptAES_CBC(crykey_t key_id,
cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
@ -163,12 +139,14 @@ extern "C" {
#endif /* CRY_LLD_SUPPORTS_AES_CBC == TRUE */
#if CRY_LLD_SUPPORTS_AES_CFB == TRUE
cryerror_t cryEncryptAES_CFB(crykey_t key_id,
cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cryDecryptAES_CFB(crykey_t key_id,
cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
@ -176,24 +154,21 @@ extern "C" {
#endif /* CRY_LLD_SUPPORTS_AES_CFB == TRUE */
#if CRY_LLD_SUPPORTS_AES_CTR == TRUE
cryerror_t cryEncryptAES_CTR(crykey_t key_id,
cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
cryerror_t cryDecryptAES_CTR(crykey_t key_id,
cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
#endif /* CRY_LLD_SUPPORTS_AES_CTR == TRUE */
#if ADC_USE_MUTUAL_EXCLUSION == TRUE
void cryAcquireBus(CRYDriver *cryp);
void cryReleaseBus(CRYDriver *cryp);
#endif
#ifdef __cplusplus
}
#endif

29
os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.c
View File

@ -34,8 +34,8 @@
/* Driver exported variables. */
/*===========================================================================*/
/** @brief CRYP1 driver identifier.*/
#if STM32_CRY_USE_CRYP1 || defined(__DOXYGEN__)
/** @brief CRY1 driver identifier.*/
#if PLATFORM_CRY_USE_CRY1 || defined(__DOXYGEN__)
CRYDriver CRYD1;
#endif
@ -92,6 +92,31 @@ void cry_lld_stop(CRYDriver *cryp) {
}
}
/**
* @brief Initializes the transient key for a specific algorithm.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] keyp pointer to the key data
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or
* unsupported.
* @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid.
*
* @notapi
*/
cryerror_t cry_lld_loadkey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp) {
(void)cryp;
(void)algorithm;
(void)size;
(void)keyp;
return CRY_NOERROR;
}
#endif /* HAL_USE_CRY */
/** @} */

66
os/hal/ports/STM32/LLD/CRYPv1/hal_crypto_lld.h
View File

@ -107,23 +107,21 @@ typedef struct {
*/
struct CRYDriver {
/**
* @brief Driver state.
* @brief Driver state.
*/
crystate_t state;
/**
* @brief Current configuration data.
* @brief Current configuration data.
*/
const CRYConfig *config;
/**
* @brief Waiting thread.
* @brief Algorithm type of transient key.
*/
thread_reference_t thread;
#if (CRY_USE_MUTUAL_EXCLUSION == TRUE) || defined(__DOXYGEN__)
cryalgorithm_t key0_type;
/**
* @brief Mutex protecting the peripheral.
* @brief Size of transient key.
*/
mutex_t mutex;
#endif
size_t key0_size;
#if defined(CRY_DRIVER_EXT_FIELDS)
CRY_DRIVER_EXT_FIELDS
#endif
@ -148,6 +146,58 @@ extern "C" {
void cry_lld_init(void);
void cry_lld_start(CRYDriver *cryp);
void cry_lld_stop(CRYDriver *cryp);
cryerror_t cry_lld_loadkey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out);
cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv);
cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt);
#ifdef __cplusplus
}
#endif

180
os/hal/src/hal_crypto.c
View File

@ -69,10 +69,6 @@ void cryObjectInit(CRYDriver *cryp) {
cryp->state = CRY_STOP;
cryp->config = NULL;
cryp->thread = NULL;
#if CRY_USE_MUTUAL_EXCLUSION == TRUE
osalMutexObjectInit(&cryp->mutex);
#endif
#if defined(CRY_DRIVER_EXT_INIT_HOOK)
CRY_DRIVER_EXT_INIT_HOOK(cryp);
#endif
@ -141,12 +137,28 @@ void cryStop(CRYDriver *cryp) {
cryerror_t cryLoadTransientKey(CRYDriver *cryp,
cryalgorithm_t algorithm,
size_t size,
const uint8_t *keyp);
const uint8_t *keyp) {
cryerror_t err;
/* Storing the transient key metadata.*/
cryp->key0_type = algorithm;
cryp->key0_size = size;
/* Key setup in the low level driver.*/
err = cry_lld_loadkey(cryp, algorithm, size, keyp);
if (err != CRY_NOERROR) {
cryp->key0_type = cry_algo_none;
cryp->key0_size = (size_t)0;
}
return err;
}
#if (CRY_LLD_SUPPORTS_AES_ECB == TRUE) || defined(__DOXYGEN__)
/**
* @brief Encryption operation using AES-ECB.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -164,16 +176,21 @@ cryerror_t cryLoadTransientKey(CRYDriver *cryp,
*
* @api
*/
cryerror_t cryEncryptAES_ECB(crykey_t key_id,
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out) {
osalDbgCheck((in != NULL) && (out != NULL));
return cry_lld_encrypt_AES_ECB(cryp, key_id, size, in, out);
}
/**
* @brief Decryption operation using AES-ECB.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -191,11 +208,16 @@ cryerror_t cryEncryptAES_ECB(crykey_t key_id,
*
* @api
*/
cryerror_t cryDecryptAES_ECB(crykey_t key_id,
size_t blocks,
cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out) {
osalDbgCheck((in != NULL) && (out != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_decrypt_AES_ECB(cryp, key_id, size, in, out);
}
#endif /* CRY_LLD_SUPPORTS_AES_ECB == TRUE */
@ -203,6 +225,7 @@ cryerror_t cryDecryptAES_ECB(crykey_t key_id,
/**
* @brief Encryption operation using AES-CBC.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -221,41 +244,52 @@ cryerror_t cryDecryptAES_ECB(crykey_t key_id,
*
* @api
*/
cryerror_t cryEncryptAES_CBC(crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv){
}
/**
* @brief Decryption operation using AES-CBC.
*
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
* @param[in] size size of the plaintext buffer, this number must be a
* multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
* @param[in] iv input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
* @api
*/
cryerror_t cryDecryptAES_CBC(crykey_t key_id,
cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
/**
* @brief Decryption operation using AES-CBC.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
* @param[in] size size of the plaintext buffer, this number must be a
* multiple of the selected key size
* @param[in] in buffer containing the input plaintext
* @param[out] out buffer for the output cyphertext
* @param[in] iv input vector
* @return The operation status.
* @retval CRY_NOERROR if the operation succeeded.
* @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
* device instance.
* @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
* @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
* or refers and empty key slot.
*
* @api
*/
cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
#endif /* CRY_LLD_SUPPORTS_AES_CBC == TRUE */
@ -263,6 +297,7 @@ cryerror_t cryDecryptAES_CBC(crykey_t key_id,
/**
* @brief Encryption operation using AES-CFB.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -281,17 +316,23 @@ cryerror_t cryDecryptAES_CBC(crykey_t key_id,
*
* @api
*/
cryerror_t cryEncryptAES_CFB(crykey_t key_id,
cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
/**
* @brief Decryption operation using AES-CFB.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -310,12 +351,17 @@ cryerror_t cryEncryptAES_CFB(crykey_t key_id,
*
* @api
*/
cryerror_t cryDecryptAES_CFB(crykey_t key_id,
cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *iv) {
osalDbgCheck((in != NULL) && (out != NULL) && (iv != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
}
#endif /* CRY_LLD_SUPPORTS_AES_CFB == TRUE */
@ -323,6 +369,7 @@ cryerror_t cryDecryptAES_CFB(crykey_t key_id,
/**
* @brief Encryption operation using AES-CTR.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -342,18 +389,25 @@ cryerror_t cryDecryptAES_CFB(crykey_t key_id,
*
* @api
*/
cryerror_t cryEncryptAES_CTR(crykey_t key_id,
cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt) {
osalDbgCheck((in != NULL) && (out != NULL) &&
(nonce != NULL) && (cnt != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt);
}
/**
* @brief Decryption operation using AES-CTR.
*
* @param[in] cryp pointer to the @p CRYDriver object
* @param[in] key_id the key to be used for the operation, zero is the
* transient key, other values are keys stored in an
* unspecified way
@ -373,52 +427,22 @@ cryerror_t cryEncryptAES_CTR(crykey_t key_id,
*
* @api
*/
cryerror_t cryDecryptAES_CTR(crykey_t key_id,
cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
crykey_t key_id,
size_t size,
const uint8_t *in,
uint8_t *out,
const uint8_t *nonce,
uint8_t *cnt) {
osalDbgCheck((in != NULL) && (out != NULL) &&
(nonce != NULL) && (cnt != NULL));
osalDbgAssert(cryp->state == CRY_READY, "not ready");
return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, nonce, cnt);
}
#endif /* CRY_LLD_SUPPORTS_AES_CTR == TRUE */
#if (CRY_USE_MUTUAL_EXCLUSION == TRUE) || defined(__DOXYGEN__)
/**
* @brief Gains exclusive access to the CRY peripheral.
* @details This function tries to gain ownership to CRY bus, if the bus
* is already being used then the invoking thread is queued.
* @pre In order to use this function the option
* @p CRY_USE_MUTUAL_EXCLUSION must be enabled.
*
* @param[in] cryp pointer to the @p CRYDriver object
*
* @api
*/
void cryAcquireBus(CRYDriver *cryp) {
osalDbgCheck(cryp != NULL);
osalMutexLock(&cryp->mutex);
}
/**
* @brief Releases exclusive access to the CRY peripheral.
* @pre In order to use this function the option
* @p CRY_USE_MUTUAL_EXCLUSION must be enabled.
*
* @param[in] cryp pointer to the @p CRYDriver object
*
* @api
*/
void cryReleaseBus(CRYDriver *cryp) {
osalDbgCheck(cryp != NULL);
osalMutexUnlock(&cryp->mutex);
}
#endif /* CRY_USE_MUTUAL_EXCLUSION == TRUE */
#endif /* HAL_USE_CRY == TRUE */
/** @} */