You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
384 lines
16 KiB
C
384 lines
16 KiB
C
/*
|
|
ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
/**
|
|
* @file hal_crypto.h
|
|
* @brief Cryptographic Driver macros and structures.
|
|
*
|
|
* @addtogroup CRYPTO
|
|
* @{
|
|
*/
|
|
|
|
#ifndef HAL_CRYPTO_H
|
|
#define HAL_CRYPTO_H
|
|
|
|
#if (HAL_USE_CRY == TRUE) || defined(__DOXYGEN__)
|
|
|
|
/*===========================================================================*/
|
|
/* Driver constants. */
|
|
/*===========================================================================*/
|
|
|
|
/*===========================================================================*/
|
|
/* Driver pre-compile time settings. */
|
|
/*===========================================================================*/
|
|
|
|
/**
|
|
* @brief Enables the SW fall-back of the cryptographic driver.
|
|
* @details When enabled, this option, activates a fall-back software
|
|
* implementation for algorithms not supported by the underlying
|
|
* hardware.
|
|
* @note Fall-back implementations may not be present for all algorithms.
|
|
*/
|
|
#if !defined(HAL_CRY_USE_FALLBACK) || defined(__DOXYGEN__)
|
|
#define HAL_CRY_USE_FALLBACK FALSE
|
|
#endif
|
|
|
|
/**
|
|
* @brief Makes the driver forcibly use the fall-back implementations.
|
|
* @note If enabled then the LLD driver is not included at all.
|
|
*/
|
|
#if !defined(HAL_CRY_ENFORCE_FALLBACK) || defined(__DOXYGEN__)
|
|
#define HAL_CRY_ENFORCE_FALLBACK FALSE
|
|
#endif
|
|
|
|
/*===========================================================================*/
|
|
/* Derived constants and error checks. */
|
|
/*===========================================================================*/
|
|
|
|
#if HAL_CRY_ENFORCE_FALLBACK == TRUE
|
|
#undef HAL_CRY_USE_FALLBACK
|
|
#define HAL_CRY_USE_FALLBACK TRUE
|
|
#endif
|
|
|
|
/*===========================================================================*/
|
|
/* Driver data structures and types. */
|
|
/*===========================================================================*/
|
|
|
|
/**
|
|
* @brief Size, in bits, of a crypto field or message.
|
|
* @note It is assumed, for simplicity, that this type is equivalent to
|
|
* a @p size_t.
|
|
*/
|
|
typedef size_t bitsize_t;
|
|
|
|
/**
|
|
* @brief Driver state machine possible states.
|
|
*/
|
|
typedef enum {
|
|
CRY_UNINIT = 0, /**< Not initialized. */
|
|
CRY_STOP = 1, /**< Stopped. */
|
|
CRY_READY = 2 /**< Ready. */
|
|
} crystate_t;
|
|
|
|
/**
|
|
* @brief Driver error codes.
|
|
*/
|
|
typedef enum {
|
|
CRY_NOERROR = 0, /**< No error. */
|
|
CRY_ERR_INV_ALGO = 1, /**< Invalid cypher/mode. */
|
|
CRY_ERR_INV_KEY_SIZE = 2, /**< Invalid key size. */
|
|
CRY_ERR_INV_KEY_TYPE = 3, /**< Invalid key type. */
|
|
CRY_ERR_INV_KEY_ID = 4, /**< Invalid key identifier. */
|
|
CRY_ERR_AUTH_FAILED = 5, /**< Failed authentication. */
|
|
CRY_ERR_OP_FAILURE = 6 /**< Failed operation. */
|
|
} cryerror_t;
|
|
|
|
/**
|
|
* @brief Type of an algorithm identifier.
|
|
* @note It is only used to determine the key required for operations.
|
|
*/
|
|
typedef enum {
|
|
cry_algo_none = 0,
|
|
cry_algo_aes, /**< AES 128, 192, 256 bits. */
|
|
cry_algo_des, /**< DES 56, TDES 112, 168 bits.*/
|
|
cry_algo_hmac /**< HMAC variable size. */
|
|
} cryalgorithm_t;
|
|
|
|
#if HAL_CRY_ENFORCE_FALLBACK == FALSE
|
|
/* Use the defined low level driver.*/
|
|
#include "hal_crypto_lld.h"
|
|
|
|
#if !defined(CRY_LLD_SUPPORTS_AES) || \
|
|
!defined(CRY_LLD_SUPPORTS_AES_ECB) || \
|
|
!defined(CRY_LLD_SUPPORTS_AES_CBC) || \
|
|
!defined(CRY_LLD_SUPPORTS_AES_CFB) || \
|
|
!defined(CRY_LLD_SUPPORTS_AES_CTR) || \
|
|
!defined(CRY_LLD_SUPPORTS_AES_GCM) || \
|
|
!defined(CRY_LLD_SUPPORTS_DES) || \
|
|
!defined(CRY_LLD_SUPPORTS_DES_ECB) || \
|
|
!defined(CRY_LLD_SUPPORTS_DES_CBC) || \
|
|
!defined(CRY_LLD_SUPPORTS_SHA1) || \
|
|
!defined(CRY_LLD_SUPPORTS_SHA256) || \
|
|
!defined(CRY_LLD_SUPPORTS_SHA512) || \
|
|
!defined(CRY_LLD_SUPPORTS_HMAC_SHA256) || \
|
|
!defined(CRY_LLD_SUPPORTS_HMAC_SHA512)
|
|
#error "CRYPTO LLD does not export the required switches"
|
|
#endif
|
|
|
|
#else /* HAL_CRY_ENFORCE_FALLBACK == TRUE */
|
|
/* No LLD at all, using the standalone mode.*/
|
|
|
|
#define CRY_LLD_SUPPORTS_AES FALSE
|
|
#define CRY_LLD_SUPPORTS_AES_ECB FALSE
|
|
#define CRY_LLD_SUPPORTS_AES_CBC FALSE
|
|
#define CRY_LLD_SUPPORTS_AES_CFB FALSE
|
|
#define CRY_LLD_SUPPORTS_AES_CTR FALSE
|
|
#define CRY_LLD_SUPPORTS_AES_GCM FALSE
|
|
#define CRY_LLD_SUPPORTS_DES FALSE
|
|
#define CRY_LLD_SUPPORTS_DES_ECB FALSE
|
|
#define CRY_LLD_SUPPORTS_DES_CBC FALSE
|
|
#define CRY_LLD_SUPPORTS_SHA1 FALSE
|
|
#define CRY_LLD_SUPPORTS_SHA256 FALSE
|
|
#define CRY_LLD_SUPPORTS_SHA512 FALSE
|
|
#define CRY_LLD_SUPPORTS_HMAC_SHA256 FALSE
|
|
#define CRY_LLD_SUPPORTS_HMAC_SHA512 FALSE
|
|
|
|
typedef uint_fast8_t crykey_t;
|
|
|
|
typedef struct CRYDriver CRYDriver;
|
|
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} CRYConfig;
|
|
|
|
struct CRYDriver {
|
|
crystate_t state;
|
|
const CRYConfig *config;
|
|
};
|
|
#endif /* HAL_CRY_ENFORCE_FALLBACK == TRUE */
|
|
|
|
/* The fallback header is included only if required by settings.*/
|
|
#if HAL_CRY_USE_FALLBACK == TRUE
|
|
#include "hal_crypto_fallback.h"
|
|
#endif
|
|
|
|
#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA1 == FALSE)
|
|
/* Stub @p SHA1Context structure type declaration. It is not provided by
|
|
the LLD and the fallback is not enabled.*/
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} SHA1Context;
|
|
#endif
|
|
|
|
#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA256 == FALSE)
|
|
/* Stub @p SHA256Context structure type declaration. It is not provided by
|
|
the LLD and the fallback is not enabled.*/
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} SHA256Context;
|
|
#endif
|
|
|
|
#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA512 == FALSE)
|
|
/* Stub @p SHA512Context structure type declaration. It is not provided by
|
|
the LLD and the fallback is not enabled.*/
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} SHA512Context;
|
|
#endif
|
|
|
|
#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_HMAC_SHA256 == FALSE)
|
|
/* Stub @p HMACSHA256Context structure type declaration. It is not provided by
|
|
the LLD and the fallback is not enabled.*/
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} HMACSHA256Context;
|
|
#endif
|
|
|
|
#if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_HMAC_SHA512 == FALSE)
|
|
/* Stub @p HMACSHA512Context structure type declaration. It is not provided by
|
|
the LLD and the fallback is not enabled.*/
|
|
typedef struct {
|
|
uint32_t dummy;
|
|
} HMACSHA512Context;
|
|
#endif
|
|
|
|
/*===========================================================================*/
|
|
/* Driver macros. */
|
|
/*===========================================================================*/
|
|
|
|
/**
|
|
* @name Low level driver helper macros
|
|
* @{
|
|
*/
|
|
/** @} */
|
|
|
|
/*===========================================================================*/
|
|
/* External declarations. */
|
|
/*===========================================================================*/
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
void cryInit(void);
|
|
void cryObjectInit(CRYDriver *cryp);
|
|
void cryStart(CRYDriver *cryp, const CRYConfig *config);
|
|
void cryStop(CRYDriver *cryp);
|
|
cryerror_t cryLoadAESTransientKey(CRYDriver *cryp,
|
|
size_t size,
|
|
const uint8_t *keyp);
|
|
cryerror_t cryEncryptAES(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryDecryptAES(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryEncryptAES_GCM(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t auth_size,
|
|
const uint8_t *auth_in,
|
|
size_t text_size,
|
|
const uint8_t *text_in,
|
|
uint8_t *text_out,
|
|
const uint8_t *iv,
|
|
size_t tag_size,
|
|
uint8_t *tag_out);
|
|
cryerror_t cryDecryptAES_GCM(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t auth_size,
|
|
const uint8_t *auth_in,
|
|
size_t text_size,
|
|
const uint8_t *text_in,
|
|
uint8_t *text_out,
|
|
const uint8_t *iv,
|
|
size_t tag_size,
|
|
const uint8_t *tag_in);
|
|
cryerror_t cryLoadDESTransientKey(CRYDriver *cryp,
|
|
size_t size,
|
|
const uint8_t *keyp);
|
|
cryerror_t cryEncryptDES(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryDecryptDES(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryEncryptDES_ECB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryDecryptDES_ECB(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out);
|
|
cryerror_t cryEncryptDES_CBC(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t cryDecryptDES_CBC(CRYDriver *cryp,
|
|
crykey_t key_id,
|
|
size_t size,
|
|
const uint8_t *in,
|
|
uint8_t *out,
|
|
const uint8_t *iv);
|
|
cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp);
|
|
cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp,
|
|
size_t size, const uint8_t *in);
|
|
cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp,
|
|
uint8_t *out);
|
|
cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp);
|
|
cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp,
|
|
size_t size, const uint8_t *in);
|
|
cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp,
|
|
uint8_t *out);
|
|
cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp);
|
|
cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp,
|
|
size_t size, const uint8_t *in);
|
|
cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp,
|
|
uint8_t *out);
|
|
cryerror_t cryLoadHMACTransientKey(CRYDriver *cryp,
|
|
size_t size,
|
|
const uint8_t *keyp);
|
|
cryerror_t cryHMACSHA256Init(CRYDriver *cryp,
|
|
HMACSHA256Context *hmacsha256ctxp);
|
|
cryerror_t cryHMACSHA256Update(CRYDriver *cryp,
|
|
HMACSHA256Context *hmacsha256ctxp,
|
|
size_t size,
|
|
const uint8_t *in);
|
|
cryerror_t cryHMACSHA256Final(CRYDriver *cryp,
|
|
HMACSHA256Context *hmacsha256ctxp,
|
|
uint8_t *out);
|
|
cryerror_t cryHMACSHA512Init(CRYDriver *cryp,
|
|
HMACSHA512Context *hmacsha512ctxp);
|
|
cryerror_t cryHMACSHA512Update(CRYDriver *cryp,
|
|
HMACSHA512Context *hmacsha512ctxp,
|
|
size_t size,
|
|
const uint8_t *in);
|
|
cryerror_t cryHMACSHA512Final(CRYDriver *cryp,
|
|
HMACSHA512Context *hmacsha512ctxp,
|
|
uint8_t *out);
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* HAL_USE_CRYPTO == TRUE */
|
|
|
|
#endif /* HAL_CRYPTO_H */
|
|
|
|
/** @} */
|