mkv5x_crypto_cipher.c
Go to the documentation of this file.
1 /**
2  * @file mkv5x_crypto_cipher.c
3  * @brief Kinetis KV5x cipher hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "fsl_device_registers.h"
36 #include "fsl_mmcau.h"
37 #include "core/crypto.h"
38 #include "hardware/mkv5x/mkv5x_crypto.h"
39 #include "hardware/mkv5x/mkv5x_crypto_cipher.h"
40 #include "cipher/cipher_algorithms.h"
41 #include "debug.h"
42 
43 //Check crypto library configuration
44 #if (MKV5X_CRYPTO_CIPHER_SUPPORT == ENABLED)
45 #if (DES_SUPPORT == ENABLED)
46 
47 /**
48  * @brief Initialize a DES context using the supplied key
49  * @param[in] context Pointer to the DES context to initialize
50  * @param[in] key Pointer to the key
51  * @param[in] keyLen Length of the key (must be set to 8)
52  * @return Error code
53  **/
54 
55 error_t desInit(DesContext *context, const uint8_t *key, size_t keyLen)
56 {
57  //Check parameters
58  if(context == NULL || key == NULL)
59  return ERROR_INVALID_PARAMETER;
60 
61  //Invalid key length?
62  if(keyLen != 8)
63  return ERROR_INVALID_KEY_LENGTH;
64 
65  //Copy the key
66  osMemcpy(context->ks, key, keyLen);
67 
68  //Successful initialization
69  return NO_ERROR;
70 }
71 
72 
73 /**
74  * @brief Encrypt a 8-byte block using DES algorithm
75  * @param[in] context Pointer to the DES context
76  * @param[in] input Plaintext block to encrypt
77  * @param[out] output Ciphertext block resulting from encryption
78  **/
79 
80 void desEncryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
81 {
82  uint8_t temp[DES_BLOCK_SIZE];
83 
84  //Acquire exclusive access to the MMCAU module
85  osAcquireMutex(&mkv5xCryptoMutex);
86  //Perform DES encryption
87  MMCAU_DES_EncryptEcb(input, (const uint8_t *) context->ks, temp);
88  //Release exclusive access to the MMCAU module
89  osReleaseMutex(&mkv5xCryptoMutex);
90 
91  //Copy the resulting ciphertext
92  osMemcpy(output, temp, DES_BLOCK_SIZE);
93 }
94 
95 
96 /**
97  * @brief Decrypt a 8-byte block using DES algorithm
98  * @param[in] context Pointer to the DES context
99  * @param[in] input Ciphertext block to decrypt
100  * @param[out] output Plaintext block resulting from decryption
101  **/
102 
103 void desDecryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
104 {
105  uint8_t temp[DES_BLOCK_SIZE];
106 
107  //Acquire exclusive access to the MMCAU module
108  osAcquireMutex(&mkv5xCryptoMutex);
109  //Perform DES decryption
110  MMCAU_DES_DecryptEcb(input, (const uint8_t *) context->ks, temp);
111  //Release exclusive access to the MMCAU module
112  osReleaseMutex(&mkv5xCryptoMutex);
113 
114  //Copy the resulting plaintext
115  osMemcpy(output, temp, DES_BLOCK_SIZE);
116 }
117 
118 #endif
119 #if (DES3_SUPPORT == ENABLED)
120 
121 /**
122  * @brief Encrypt a 8-byte block using Triple DES algorithm
123  * @param[in] context Pointer to the Triple DES context
124  * @param[in] input Plaintext block to encrypt
125  * @param[out] output Ciphertext block resulting from encryption
126  **/
127 
128 void des3EncryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
129 {
130  uint8_t temp[DES_BLOCK_SIZE];
131 
132  //Acquire exclusive access to the MMCAU module
133  osAcquireMutex(&mkv5xCryptoMutex);
134 
135  //The first pass is a DES encryption
136  MMCAU_DES_EncryptEcb(input, (const uint8_t *) context->k1.ks, temp);
137  //The second pass is a DES decryption of the first ciphertext result
138  MMCAU_DES_DecryptEcb(temp, (const uint8_t *) context->k2.ks, output);
139  //The third pass is a DES encryption of the second pass result
140  MMCAU_DES_EncryptEcb(output, (const uint8_t *) context->k3.ks, temp);
141 
142  //Release exclusive access to the MMCAU module
143  osReleaseMutex(&mkv5xCryptoMutex);
144 
145  //Copy the resulting ciphertext
146  osMemcpy(output, temp, DES_BLOCK_SIZE);
147 }
148 
149 
150 /**
151  * @brief Decrypt a 8-byte block using Triple DES algorithm
152  * @param[in] context Pointer to the Triple DES context
153  * @param[in] input Ciphertext block to decrypt
154  * @param[out] output Plaintext block resulting from decryption
155  **/
156 
157 void des3DecryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
158 {
159  uint8_t temp[DES_BLOCK_SIZE];
160 
161  //Acquire exclusive access to the MMCAU module
162  osAcquireMutex(&mkv5xCryptoMutex);
163 
164  //The first pass is a DES decryption
165  MMCAU_DES_DecryptEcb(input, (const uint8_t *) context->k3.ks, temp);
166  //The second pass is a DES encryption of the first pass result
167  MMCAU_DES_EncryptEcb(temp, (const uint8_t *) context->k2.ks, output);
168  //The third pass is a DES decryption of the second ciphertext result
169  MMCAU_DES_DecryptEcb(output, (const uint8_t *) context->k1.ks, temp);
170 
171  //Release exclusive access to the MMCAU module
172  osReleaseMutex(&mkv5xCryptoMutex);
173 
174  //Copy the resulting plaintext
175  osMemcpy(output, temp, DES_BLOCK_SIZE);
176 }
177 
178 #endif
179 #if (AES_SUPPORT == ENABLED)
180 
181 /**
182  * @brief Key expansion
183  * @param[in] context Pointer to the AES context to initialize
184  * @param[in] key Pointer to the key
185  * @param[in] keyLen Length of the key
186  * @return Error code
187  **/
188 
189 error_t aesInit(AesContext *context, const uint8_t *key, size_t keyLen)
190 {
191  status_t status;
192 
193  //Check parameters
194  if(context == NULL || key == NULL)
195  return ERROR_INVALID_PARAMETER;
196 
197  //Check the length of the key
198  if(keyLen == 16)
199  {
200  //10 rounds are required for 128-bit key
201  context->nr = 10;
202  }
203  else if(keyLen == 24)
204  {
205  //12 rounds are required for 192-bit key
206  context->nr = 12;
207  }
208  else if(keyLen == 32)
209  {
210  //14 rounds are required for 256-bit key
211  context->nr = 14;
212  }
213  else
214  {
215  //Report an error
216  return ERROR_INVALID_KEY_LENGTH;
217  }
218 
219  //Acquire exclusive access to the MMCAU module
220  osAcquireMutex(&mkv5xCryptoMutex);
221  //Perform AES key expansion
222  status = MMCAU_AES_SetKey(key, keyLen, (uint8_t *) context->ek);
223  //Release exclusive access to the MMCAU module
224  osReleaseMutex(&mkv5xCryptoMutex);
225 
226  //Return status code
227  return (status == kStatus_Success) ? NO_ERROR : ERROR_FAILURE;
228 }
229 
230 
231 /**
232  * @brief Encrypt a 16-byte block using AES algorithm
233  * @param[in] context Pointer to the AES context
234  * @param[in] input Plaintext block to encrypt
235  * @param[out] output Ciphertext block resulting from encryption
236  **/
237 
238 void aesEncryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
239 {
240  uint8_t temp[AES_BLOCK_SIZE];
241 
242  //Acquire exclusive access to the MMCAU module
243  osAcquireMutex(&mkv5xCryptoMutex);
244 
245  //Perform AES encryption
246  MMCAU_AES_EncryptEcb(input, (const uint8_t *) context->ek, context->nr,
247  temp);
248 
249  //Release exclusive access to the MMCAU module
250  osReleaseMutex(&mkv5xCryptoMutex);
251 
252  //Copy the resulting ciphertext
253  osMemcpy(output, temp, AES_BLOCK_SIZE);
254 }
255 
256 
257 /**
258  * @brief Decrypt a 16-byte block using AES algorithm
259  * @param[in] context Pointer to the AES context
260  * @param[in] input Ciphertext block to decrypt
261  * @param[out] output Plaintext block resulting from decryption
262  **/
263 
264 void aesDecryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
265 {
266  uint8_t temp[AES_BLOCK_SIZE];
267 
268  //Acquire exclusive access to the MMCAU module
269  osAcquireMutex(&mkv5xCryptoMutex);
270 
271  //Perform AES decryption
272  MMCAU_AES_DecryptEcb(input, (const uint8_t *) context->ek, context->nr,
273  temp);
274 
275  //Release exclusive access to the MMCAU module
276  osReleaseMutex(&mkv5xCryptoMutex);
277 
278  //Copy the resulting plaintext
279  osMemcpy(output, temp, AES_BLOCK_SIZE);
280 }
281 
282 #endif
283 #endif
mkv5x_crypto_cipher.h
Kinetis KV5x cipher hardware accelerator.
cipher_algorithms.h
Collection of AEAD algorithms.
mkv5xCryptoMutex
OsMutex mkv5xCryptoMutex
Definition: mkv5x_crypto.c:41
Des3Context::k1
DesContext k1
Definition: des3.h:60
AesContext
AES algorithm context.
Definition: aes.h:58
AES_BLOCK_SIZE
#define AES_BLOCK_SIZE
Definition: aes.h:43
des3EncryptBlock
void des3EncryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
Encrypt a 8-byte block using Triple DES algorithm.
Definition: mkv5x_crypto_cipher.c:128
DesContext
DES algorithm context.
Definition: des.h:58
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:141
error_t
error_t
Error codes.
Definition: error.h:43
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
ERROR_INVALID_KEY_LENGTH
@ ERROR_INVALID_KEY_LENGTH
Definition: error.h:107
crypto.h
General definitions for cryptographic algorithms.
des3DecryptBlock
void des3DecryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
Decrypt a 8-byte block using Triple DES algorithm.
Definition: mkv5x_crypto_cipher.c:157
Des3Context::k3
DesContext k3
Definition: des3.h:62
aesInit
error_t aesInit(AesContext *context, const uint8_t *key, size_t keyLen)
Key expansion.
Definition: mkv5x_crypto_cipher.c:189
desInit
error_t desInit(DesContext *context, const uint8_t *key, size_t keyLen)
Initialize a DES context using the supplied key.
Definition: mkv5x_crypto_cipher.c:55
AesContext::nr
uint_t nr
Definition: aes.h:59
desEncryptBlock
void desEncryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
Encrypt a 8-byte block using DES algorithm.
Definition: mkv5x_crypto_cipher.c:80
Des3Context
Triple DES algorithm context.
Definition: des3.h:59
mkv5x_crypto.h
Kinetis KV5x hardware cryptographic accelerator.
osAcquireMutex
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
Definition: os_port_chibios.c:396
osReleaseMutex
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
Definition: os_port_chibios.c:408
DES_BLOCK_SIZE
#define DES_BLOCK_SIZE
Definition: des.h:43
Des3Context::k2
DesContext k2
Definition: des3.h:61
desDecryptBlock
void desDecryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
Decrypt a 8-byte block using DES algorithm.
Definition: mkv5x_crypto_cipher.c:103
AesContext::ek
uint32_t ek[60]
Definition: aes.h:60
aesEncryptBlock
void aesEncryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
Encrypt a 16-byte block using AES algorithm.
Definition: mkv5x_crypto_cipher.c:238
DesContext::ks
uint32_t ks[32]
Definition: des.h:59
aesDecryptBlock
void aesDecryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
Decrypt a 16-byte block using AES algorithm.
Definition: mkv5x_crypto_cipher.c:264
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.