From 48026bb824fd2d9cfb00ecd040db6ef3a416bae9 Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Fri, 22 Jan 2021 21:43:36 -0500 Subject: upload initial port --- ChibiOS_20.3.2/os/hal/src/hal_crypto.c | 1736 ++++++++++++++++++++++++++++++++ 1 file changed, 1736 insertions(+) create mode 100644 ChibiOS_20.3.2/os/hal/src/hal_crypto.c (limited to 'ChibiOS_20.3.2/os/hal/src/hal_crypto.c') diff --git a/ChibiOS_20.3.2/os/hal/src/hal_crypto.c b/ChibiOS_20.3.2/os/hal/src/hal_crypto.c new file mode 100644 index 0000000..4e2914f --- /dev/null +++ b/ChibiOS_20.3.2/os/hal/src/hal_crypto.c @@ -0,0 +1,1736 @@ +/* + ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +/** + * @file hal_crypto.c + * @brief Cryptographic Driver code. + * + * @addtogroup CRYPTO + * @{ + */ + +#include "hal.h" + +#if (HAL_USE_CRY == TRUE) || defined(__DOXYGEN__) + +/*===========================================================================*/ +/* Driver local definitions. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Driver exported variables. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Driver local variables and types. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Driver local functions. */ +/*===========================================================================*/ + +/*===========================================================================*/ +/* Driver exported functions. */ +/*===========================================================================*/ + +/** + * @brief Cryptographic Driver initialization. + * @note This function is implicitly invoked by @p halInit(), there is + * no need to explicitly initialize the driver. + * + * @init + */ +void cryInit(void) { + +#if HAL_CRY_ENFORCE_FALLBACK == FALSE + cry_lld_init(); +#endif +} + +/** + * @brief Initializes the standard part of a @p CRYDriver structure. + * + * @param[out] cryp pointer to the @p CRYDriver object + * + * @init + */ +void cryObjectInit(CRYDriver *cryp) { + + cryp->state = CRY_STOP; + cryp->config = NULL; +#if defined(CRY_DRIVER_EXT_INIT_HOOK) + CRY_DRIVER_EXT_INIT_HOOK(cryp); +#endif +} + +/** + * @brief Configures and activates the cryptographic peripheral. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] config pointer to the @p CRYConfig object. Depending + * on the implementation the value can be @p NULL. + * + * @api + */ +void cryStart(CRYDriver *cryp, const CRYConfig *config) { + + osalDbgCheck(cryp != NULL); + + osalSysLock(); + osalDbgAssert((cryp->state == CRY_STOP) || (cryp->state == CRY_READY), + "invalid state"); + cryp->config = config; +#if HAL_CRY_ENFORCE_FALLBACK == FALSE + cry_lld_start(cryp); +#endif + cryp->state = CRY_READY; + osalSysUnlock(); +} + +/** + * @brief Deactivates the cryptographic peripheral. + * + * @param[in] cryp pointer to the @p CRYDriver object + * + * @api + */ +void cryStop(CRYDriver *cryp) { + + osalDbgCheck(cryp != NULL); + + osalSysLock(); + + osalDbgAssert((cryp->state == CRY_STOP) || (cryp->state == CRY_READY), + "invalid state"); + +#if HAL_CRY_ENFORCE_FALLBACK == FALSE + cry_lld_stop(cryp); +#endif + cryp->config = NULL; + cryp->state = CRY_STOP; + + osalSysUnlock(); +} + +/** + * @brief Initializes the AES transient key. + * @note It is the underlying implementation to decide which key sizes are + * allowable. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the algorithm is unsupported. + * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid for + * the specified algorithm. + * + * @api + */ +cryerror_t cryLoadAESTransientKey(CRYDriver *cryp, + size_t size, + const uint8_t *keyp) { + + osalDbgCheck((cryp != NULL) && (keyp != NULL)); + +#if CRY_LLD_SUPPORTS_AES == TRUE + return cry_lld_aes_loadkey(cryp, size, keyp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_aes_loadkey(cryp, size, keyp); +#else + (void)cryp; + (void)size; + (void)keyp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption of a single block using AES. + * @note The implementation of this function must guarantee that it can + * be called from any context. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @special + */ +cryerror_t cryEncryptAES(CRYDriver *cryp, + crykey_t key_id, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES == TRUE + return cry_lld_encrypt_AES(cryp, key_id, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES(cryp, key_id, in, out); +#else + (void)cryp; + (void)key_id; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption of a single block using AES. + * @note The implementation of this function must guarantee that it can + * be called from any context. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @special + */ +cryerror_t cryDecryptAES(CRYDriver *cryp, + crykey_t key_id, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES == TRUE + return cry_lld_decrypt_AES(cryp, key_id, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES(cryp, key_id, in, out); +#else + (void)cryp; + (void)key_id; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using AES-ECB. + * @note The function operates on data buffers whose length is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + ((size & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_ECB == TRUE + return cry_lld_encrypt_AES_ECB(cryp, key_id, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_ECB(cryp, key_id, size, in, out); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-ECB. + * @note The function operates on data buffers whose length is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + ((size & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_ECB == TRUE + return cry_lld_decrypt_AES_ECB(cryp, key_id, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_ECB(cryp, key_id, size, in, out); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using AES-CBC. + * @note The function operates on data buffers whose length is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @param[in] iv 128 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && ((size & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CBC == TRUE + return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_CBC(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-CBC. + * @note The function operates on data buffers whose length is a multiple + * of an AES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 16 + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && ((size & (size_t)15) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CBC == TRUE + return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_CBC(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using AES-CFB. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @param[in] iv 128 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (size > (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CFB == TRUE + return cry_lld_encrypt_AES_CFB(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_CFB(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-CFB. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (size > (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CFB == TRUE + return cry_lld_decrypt_AES_CFB(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_CFB(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using AES-CTR. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (size > (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CTR == TRUE + return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_CTR(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-CTR. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 128 bits input vector + counter, it contains + * a 96 bits IV and a 32 bits counter + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && (size > (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_CTR == TRUE + return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_CTR(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using AES-GCM. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] auth_size size of the data buffer to be authenticated + * @param[in] auth_in buffer containing the data to be authenticated + * @param[in] text_size size of the text buffer + * @param[in] text_in buffer containing the input plaintext + * @param[out] text_out buffer for the output ciphertext + * @param[in] iv 128 bits input vector + * @param[in] tag_size size of the authentication tag, this number + * must be between 1 and 16 + * @param[out] tag_out buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t auth_size, + const uint8_t *auth_in, + size_t text_size, + const uint8_t *text_in, + uint8_t *text_out, + const uint8_t *iv, + size_t tag_size, + uint8_t *tag_out) { + + osalDbgCheck((cryp != NULL) && (auth_in != NULL) && + (text_size > (size_t)0) && + (text_in != NULL) && (text_out != NULL) && (iv != NULL) && + (tag_size >= (size_t)1) && (tag_size <= (size_t)16) && + (tag_out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_GCM == TRUE + return cry_lld_encrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_out); +#else + (void)cryp; + (void)key_id; + (void)auth_size; + (void)auth_in; + (void)text_size; + (void)text_in; + (void)text_out; + (void)iv; + (void)tag_size; + (void)tag_out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using AES-GCM. + * @note This is a stream cipher, there are no size restrictions. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] auth_size size of the data buffer to be authenticated + * @param[in] auth_in buffer containing the data to be authenticated + * @param[in] text_size size of the text buffer + * @param[in] text_in buffer containing the input plaintext + * @param[out] text_out buffer for the output ciphertext + * @param[in] iv 128 bits input vector + * @param[in] tag_size size of the authentication tag, this number + * must be between 1 and 16 + * @param[in] tag_in buffer for the generated authentication tag + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_AUTH_FAILED authentication failed + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, + crykey_t key_id, + size_t auth_size, + const uint8_t *auth_in, + size_t text_size, + const uint8_t *text_in, + uint8_t *text_out, + const uint8_t *iv, + size_t tag_size, + const uint8_t *tag_in) { + + osalDbgCheck((cryp != NULL) && (auth_in != NULL) && + (text_size > (size_t)0) && + (text_in != NULL) && (text_out != NULL) && (iv != NULL) && + (tag_size >= (size_t)1) && (tag_size <= (size_t)16) && + (tag_in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_AES_GCM == TRUE + return cry_lld_decrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_AES_GCM(cryp, key_id, auth_size, auth_in, + text_size, text_in, text_out, iv, + tag_size, tag_in); +#else + (void)cryp; + (void)key_id; + (void)auth_size; + (void)auth_in; + (void)text_size; + (void)text_in; + (void)text_out; + (void)iv; + (void)tag_size; + (void)tag_in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Initializes the DES transient key. + * @note It is the underlying implementation to decide which key sizes are + * allowable. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the algorithm is unsupported. + * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid for + * the specified algorithm. + * + * @api + */ +cryerror_t cryLoadDESTransientKey(CRYDriver *cryp, + size_t size, + const uint8_t *keyp) { + + osalDbgCheck((cryp != NULL) && (keyp != NULL)); + +#if CRY_LLD_SUPPORTS_DES == TRUE + return cry_lld_des_loadkey(cryp, size, keyp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_des_loadkey(cryp, size, keyp); +#else + (void)cryp; + (void)size; + (void)keyp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption of a single block using (T)DES. + * @note The implementation of this function must guarantee that it can + * be called from any context. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @special + */ +cryerror_t cryEncryptDES(CRYDriver *cryp, + crykey_t key_id, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES == TRUE + return cry_lld_encrypt_DES(cryp, key_id, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_DES(cryp, key_id, in, out); +#else + (void)cryp; + (void)key_id; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption of a single block using (T)DES. + * @note The implementation of this function must guarantee that it can + * be called from any context. + * + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @special + */ +cryerror_t cryDecryptDES(CRYDriver *cryp, + crykey_t key_id, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES == TRUE + return cry_lld_decrypt_DES(cryp, key_id, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_DES(cryp, key_id, in, out); +#else + (void)cryp; + (void)key_id; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using (T)DES-ECB. + * @note The function operates on data buffers whose length is a multiple + * of an DES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + ((size & (size_t)7) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES_ECB == TRUE + return cry_lld_encrypt_DES_ECB(cryp, key_id, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_DES_ECB(cryp, key_id, size, in, out); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using (T)DES-ECB. + * @note The function operates on data buffers whose length is a multiple + * of an DES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + ((size & (size_t)7) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES_ECB == TRUE + return cry_lld_decrypt_DES_ECB(cryp, key_id, size, in, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_DES_ECB(cryp, key_id, size, in, out); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Encryption operation using (T)DES-CBC. + * @note The function operates on data buffers whose length is a multiple + * of an DES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input plaintext + * @param[out] out buffer for the output ciphertext + * @param[in] iv 64 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && ((size & (size_t)7) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES_CBC == TRUE + return cry_lld_encrypt_DES_CBC(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_encrypt_DES_CBC(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Decryption operation using (T)DES-CBC. + * @note The function operates on data buffers whose length is a multiple + * of an DES block, this means that padding must be done by the + * caller. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] key_id the key to be used for the operation, zero is + * the transient key, other values are keys stored + * in an unspecified way + * @param[in] size size of both buffers, this number must be a + * multiple of 8 + * @param[in] in buffer containing the input ciphertext + * @param[out] out buffer for the output plaintext + * @param[in] iv 64 bits input vector + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation. + * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid + * or refers to an empty key slot. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, + crykey_t key_id, + size_t size, + const uint8_t *in, + uint8_t *out, + const uint8_t *iv) { + + osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) && + (iv != NULL) && ((size & (size_t)7) == (size_t)0)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_DES_CBC == TRUE + return cry_lld_decrypt_DES_CBC(cryp, key_id, size, in, out, iv); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_decrypt_DES_CBC(cryp, key_id, size, in, out, iv); +#else + (void)cryp; + (void)key_id; + (void)size; + (void)in; + (void)out; + (void)iv; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha1ctxp pointer to a SHA1 context to be initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_init(cryp, sha1ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_init(cryp, sha1ctxp); +#else + (void)cryp; + (void)sha1ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_update(cryp, sha1ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_update(cryp, sha1ctxp, size, in); +#else + (void)cryp; + (void)sha1ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA1. + * @note Use of this algorithm is not recommended because proven weak. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha1ctxp pointer to a SHA1 context + * @param[out] out 160 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA1 == TRUE + return cry_lld_SHA1_final(cryp, sha1ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA1_final(cryp, sha1ctxp, out); +#else + (void)cryp; + (void)sha1ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha256ctxp pointer to a SHA256 context to be initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA256 == TRUE + return cry_lld_SHA256_init(cryp, sha256ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_init(cryp, sha256ctxp); +#else + (void)cryp; + (void)sha256ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA256 == TRUE + return cry_lld_SHA256_update(cryp, sha256ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_update(cryp, sha256ctxp, size, in); +#else + (void)cryp; + (void)sha256ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha256ctxp pointer to a SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA256 == TRUE + return cry_lld_SHA256_final(cryp, sha256ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA256_final(cryp, sha256ctxp, out); +#else + (void)cryp; + (void)sha256ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] sha512ctxp pointer to a SHA512 context to be initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA512 == TRUE + return cry_lld_SHA512_init(cryp, sha512ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_init(cryp, sha512ctxp); +#else + (void)cryp; + (void)sha512ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, + size_t size, const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA512 == TRUE + return cry_lld_SHA512_update(cryp, sha512ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_update(cryp, sha512ctxp, size, in); +#else + (void)cryp; + (void)sha512ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] sha512ctxp pointer to a SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_SHA512 == TRUE + return cry_lld_SHA512_final(cryp, sha512ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_SHA512_final(cryp, sha512ctxp, out); +#else + (void)cryp; + (void)sha512ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Initializes the HMAC transient key. + * @note It is the underlying implementation to decide which key sizes are + * allowable. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] size key size in bytes + * @param[in] keyp pointer to the key data + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the algorithm is unsupported. + * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid for + * the specified algorithm. + * + * @api + */ +cryerror_t cryLoadHMACTransientKey(CRYDriver *cryp, + size_t size, + const uint8_t *keyp) { + + osalDbgCheck((cryp != NULL) && (keyp != NULL)); + +#if (CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE) || \ + (CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE) + return cry_lld_hmac_loadkey(cryp, size, keyp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_hmac_loadkey(cryp, size, keyp); +#else + (void)cryp; + (void)size; + (void)keyp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using HMAC_SHA256. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha256ctxp pointer to a HMAC_SHA256 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA256Init(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_init(cryp, hmacsha256ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_init(cryp, hmacsha256ctxp); +#else + (void)cryp; + (void)hmacsha256ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using HMAC. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA256Update(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + size_t size, + const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_update(cryp, hmacsha256ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_update(cryp, hmacsha256ctxp, size, in); +#else + (void)cryp; + (void)hmacsha256ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using HMAC. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha256ctxp pointer to a HMAC_SHA256 context + * @param[out] out 256 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA256Final(CRYDriver *cryp, + HMACSHA256Context *hmacsha256ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (hmacsha256ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA256 == TRUE + return cry_lld_HMACSHA256_final(cryp, hmacsha256ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA256_final(cryp, hmacsha256ctxp, out); +#else + (void)cryp; + (void)hmacsha256ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash initialization using HMAC_SHA512. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[out] hmacsha512ctxp pointer to a HMAC_SHA512 context to be + * initialized + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA512Init(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_init(cryp, hmacsha512ctxp); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_init(cryp, hmacsha512ctxp); +#else + (void)cryp; + (void)hmacsha512ctxp; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash update using HMAC. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[in] size size of input buffer + * @param[in] in buffer containing the input text + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA512Update(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + size_t size, + const uint8_t *in) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL) && (in != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_update(cryp, hmacsha512ctxp, size, in); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_update(cryp, hmacsha512ctxp, size, in); +#else + (void)cryp; + (void)hmacsha512ctxp; + (void)size; + (void)in; + + return CRY_ERR_INV_ALGO; +#endif +} + +/** + * @brief Hash finalization using HMAC. + * + * @param[in] cryp pointer to the @p CRYDriver object + * @param[in] hmacsha512ctxp pointer to a HMAC_SHA512 context + * @param[out] out 512 bits output buffer + * @return The operation status. + * @retval CRY_NOERROR if the operation succeeded. + * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this + * device instance. + * @retval CRY_ERR_OP_FAILURE if the operation failed, implementation + * dependent. + * + * @api + */ +cryerror_t cryHMACSHA512Final(CRYDriver *cryp, + HMACSHA512Context *hmacsha512ctxp, + uint8_t *out) { + + osalDbgCheck((cryp != NULL) && (hmacsha512ctxp != NULL) && (out != NULL)); + + osalDbgAssert(cryp->state == CRY_READY, "not ready"); + +#if CRY_LLD_SUPPORTS_HMAC_SHA512 == TRUE + return cry_lld_HMACSHA512_final(cryp, hmacsha512ctxp, out); +#elif HAL_CRY_USE_FALLBACK == TRUE + return cry_fallback_HMACSHA512_final(cryp, hmacsha512ctxp, out); +#else + (void)cryp; + (void)hmacsha512ctxp; + (void)out; + + return CRY_ERR_INV_ALGO; +#endif +} + +#endif /* HAL_USE_CRY == TRUE */ + +/** @} */ -- cgit v1.2.3