stm32mp1xx_crypto_cipher.c
Go to the documentation of this file.
1 /**
2  * @file stm32mp1xx_crypto_cipher.c
3  * @brief STM32MP1 cipher hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "stm32mp1xx.h"
36 #include "stm32mp1xx_hal.h"
37 #include "core/crypto.h"
42 #include "aead/aead_algorithms.h"
43 #include "debug.h"
44 
45 //Check crypto library configuration
46 #if (STM32MP1XX_CRYPTO_CIPHER_SUPPORT == ENABLED)
47 
48 
49 /**
50  * @brief CRYP module initialization
51  * @return Error code
52  **/
53 
55 {
56  //Enable CRYP peripheral clock
57  __HAL_RCC_CRYP2_CLK_ENABLE();
58 
59  //Successful processing
60  return NO_ERROR;
61 }
62 
63 
64 #if (DES_SUPPORT == ENABLED)
65 
66 /**
67  * @brief Perform DES encryption or decryption
68  * @param[in] context DES algorithm context
69  * @param[in,out] iv Initialization vector
70  * @param[in] input Data to be encrypted/decrypted
71  * @param[out] output Data resulting from the encryption/decryption process
72  * @param[in] length Total number of data bytes to be processed
73  * @param[in] mode Operation mode
74  **/
75 
76 void desProcessData(DesContext *context, uint8_t *iv, const uint8_t *input,
77  uint8_t *output, size_t length, uint32_t mode)
78 {
79  uint32_t temp;
80 
81  //Acquire exclusive access to the CRYP module
83 
84  //Configure the data type
85  CRYP2->CR = CRYP_CR_DATATYPE_8B;
86  //Configure the algorithm and chaining mode
87  CRYP2->CR |= mode;
88 
89  //Set encryption key
90  CRYP2->K1LR = context->ks[0];
91  CRYP2->K1RR = context->ks[1];
92 
93  //Valid initialization vector?
94  if(iv != NULL)
95  {
96  //Set initialization vector
97  CRYP2->IV0LR = LOAD32BE(iv);
98  CRYP2->IV0RR = LOAD32BE(iv + 4);
99  }
100 
101  //Flush the input and output FIFOs
102  CRYP2->CR |= CRYP_CR_FFLUSH;
103  //Enable the cryptographic processor
104  CRYP2->CR |= CRYP_CR_CRYPEN;
105 
106  //Process data
107  while(length >= DES_BLOCK_SIZE)
108  {
109  //Wait for the input FIFO to be ready to accept data
110  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
111  {
112  }
113 
114  //Write the input FIFO
115  CRYP2->DIN = LOAD32LE(input);
116  CRYP2->DIN = LOAD32LE(input + 4);
117 
118  //Wait for the output to be ready
119  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
120  {
121  }
122 
123  //Read the output FIFO
124  temp = CRYP2->DOUT;
125  STORE32LE(temp, output);
126  temp = CRYP2->DOUT;
127  STORE32LE(temp, output + 4);
128 
129  //Next block
130  input += DES_BLOCK_SIZE;
131  output += DES_BLOCK_SIZE;
133  }
134 
135  //Valid initialization vector?
136  if(iv != NULL)
137  {
138  //Update the value of the initialization vector
139  temp = CRYP2->IV0LR;
140  STORE32BE(temp, iv);
141  temp = CRYP2->IV0RR;
142  STORE32BE(temp, iv + 4);
143  }
144 
145  //Disable the cryptographic processor by clearing the CRYPEN bit
146  CRYP2->CR = 0;
147 
148  //Release exclusive access to the CRYP module
150 }
151 
152 
153 /**
154  * @brief Initialize a DES context using the supplied key
155  * @param[in] context Pointer to the DES context to initialize
156  * @param[in] key Pointer to the key
157  * @param[in] keyLen Length of the key (must be set to 8)
158  * @return Error code
159  **/
160 
161 error_t desInit(DesContext *context, const uint8_t *key, size_t keyLen)
162 {
163  //Check parameters
164  if(context == NULL || key == NULL)
166 
167  //Invalid key length?
168  if(keyLen != 8)
170 
171  //Copy the 64-bit key
172  context->ks[0] = LOAD32BE(key + 0);
173  context->ks[1] = LOAD32BE(key + 4);
174 
175  //No error to report
176  return NO_ERROR;
177 }
178 
179 
180 /**
181  * @brief Encrypt a 8-byte block using DES algorithm
182  * @param[in] context Pointer to the DES context
183  * @param[in] input Plaintext block to encrypt
184  * @param[out] output Ciphertext block resulting from encryption
185  **/
186 
187 void desEncryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
188 {
189  //Perform DES encryption
190  desProcessData(context, NULL, input, output, DES_BLOCK_SIZE,
192 }
193 
194 
195 /**
196  * @brief Decrypt a 8-byte block using DES algorithm
197  * @param[in] context Pointer to the DES context
198  * @param[in] input Ciphertext block to decrypt
199  * @param[out] output Plaintext block resulting from decryption
200  **/
201 
202 void desDecryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
203 {
204  //Perform DES decryption
205  desProcessData(context, NULL, input, output, DES_BLOCK_SIZE,
206  CRYP_CR_ALGOMODE_DES_ECB | CRYP_CR_ALGODIR);
207 }
208 
209 #endif
210 #if (DES3_SUPPORT == ENABLED)
211 
212 /**
213  * @brief Perform Triple DES encryption or decryption
214  * @param[in] context Triple DES algorithm context
215  * @param[in,out] iv Initialization vector
216  * @param[in] input Data to be encrypted/decrypted
217  * @param[out] output Data resulting from the encryption/decryption process
218  * @param[in] length Total number of data bytes to be processed
219  * @param[in] mode Operation mode
220  **/
221 
222 void des3ProcessData(Des3Context *context, uint8_t *iv, const uint8_t *input,
223  uint8_t *output, size_t length, uint32_t mode)
224 {
225  uint32_t temp;
226 
227  //Acquire exclusive access to the CRYP module
229 
230  //Configure the data type
231  CRYP2->CR = CRYP_CR_DATATYPE_8B;
232  //Configure the algorithm and chaining mode
233  CRYP2->CR |= mode;
234 
235  //Set encryption key
236  CRYP2->K1LR = context->k1.ks[0];
237  CRYP2->K1RR = context->k1.ks[1];
238  CRYP2->K2LR = context->k2.ks[0];
239  CRYP2->K2RR = context->k2.ks[1];
240  CRYP2->K3LR = context->k3.ks[0];
241  CRYP2->K3RR = context->k3.ks[1];
242 
243  //Valid initialization vector?
244  if(iv != NULL)
245  {
246  //Set initialization vector
247  CRYP2->IV0LR = LOAD32BE(iv);
248  CRYP2->IV0RR = LOAD32BE(iv + 4);
249  }
250 
251  //Flush the input and output FIFOs
252  CRYP2->CR |= CRYP_CR_FFLUSH;
253  //Enable the cryptographic processor
254  CRYP2->CR |= CRYP_CR_CRYPEN;
255 
256  //Process data
257  while(length >= DES3_BLOCK_SIZE)
258  {
259  //Wait for the input FIFO to be ready to accept data
260  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
261  {
262  }
263 
264  //Write the input FIFO
265  CRYP2->DIN = LOAD32LE(input);
266  CRYP2->DIN = LOAD32LE(input + 4);
267 
268  //Wait for the output to be ready
269  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
270  {
271  }
272 
273  //Read the output FIFO
274  temp = CRYP2->DOUT;
275  STORE32LE(temp, output);
276  temp = CRYP2->DOUT;
277  STORE32LE(temp, output + 4);
278 
279  //Next block
280  input += DES3_BLOCK_SIZE;
281  output += DES3_BLOCK_SIZE;
283  }
284 
285  //Valid initialization vector?
286  if(iv != NULL)
287  {
288  //Update the value of the initialization vector
289  temp = CRYP2->IV0LR;
290  STORE32BE(temp, iv);
291  temp = CRYP2->IV0RR;
292  STORE32BE(temp, iv + 4);
293  }
294 
295  //Disable the cryptographic processor by clearing the CRYPEN bit
296  CRYP2->CR = 0;
297 
298  //Release exclusive access to the CRYP module
300 }
301 
302 
303 /**
304  * @brief Initialize a Triple DES context using the supplied key
305  * @param[in] context Pointer to the Triple DES context to initialize
306  * @param[in] key Pointer to the key
307  * @param[in] keyLen Length of the key
308  * @return Error code
309  **/
310 
311 error_t des3Init(Des3Context *context, const uint8_t *key, size_t keyLen)
312 {
313  //Check parameters
314  if(context == NULL || key == NULL)
316 
317  //Check key length
318  if(keyLen == 8)
319  {
320  //This option provides backward compatibility with DES, because the
321  //first and second DES operations cancel out
322  context->k1.ks[0] = LOAD32BE(key + 0);
323  context->k1.ks[1] = LOAD32BE(key + 4);
324  context->k2.ks[0] = LOAD32BE(key + 0);
325  context->k2.ks[1] = LOAD32BE(key + 4);
326  context->k3.ks[0] = LOAD32BE(key + 0);
327  context->k3.ks[1] = LOAD32BE(key + 4);
328  }
329  else if(keyLen == 16)
330  {
331  //If the key length is 128 bits including parity, the first 8 bytes of the
332  //encoding represent the key used for the two outer DES operations, and
333  //the second 8 bytes represent the key used for the inner DES operation
334  context->k1.ks[0] = LOAD32BE(key + 0);
335  context->k1.ks[1] = LOAD32BE(key + 4);
336  context->k2.ks[0] = LOAD32BE(key + 8);
337  context->k2.ks[1] = LOAD32BE(key + 12);
338  context->k3.ks[0] = LOAD32BE(key + 0);
339  context->k3.ks[1] = LOAD32BE(key + 4);
340  }
341  else if(keyLen == 24)
342  {
343  //If the key length is 192 bits including parity, then 3 independent DES
344  //keys are represented, in the order in which they are used for encryption
345  context->k1.ks[0] = LOAD32BE(key + 0);
346  context->k1.ks[1] = LOAD32BE(key + 4);
347  context->k2.ks[0] = LOAD32BE(key + 8);
348  context->k2.ks[1] = LOAD32BE(key + 12);
349  context->k3.ks[0] = LOAD32BE(key + 16);
350  context->k3.ks[1] = LOAD32BE(key + 20);
351  }
352  else
353  {
354  //The length of the key is not valid
356  }
357 
358  //No error to report
359  return NO_ERROR;
360 }
361 
362 
363 /**
364  * @brief Encrypt a 8-byte block using Triple DES algorithm
365  * @param[in] context Pointer to the Triple DES context
366  * @param[in] input Plaintext block to encrypt
367  * @param[out] output Ciphertext block resulting from encryption
368  **/
369 
370 void des3EncryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
371 {
372  //Perform Triple DES encryption
373  des3ProcessData(context, NULL, input, output, DES3_BLOCK_SIZE,
375 }
376 
377 
378 /**
379  * @brief Decrypt a 8-byte block using Triple DES algorithm
380  * @param[in] context Pointer to the Triple DES context
381  * @param[in] input Ciphertext block to decrypt
382  * @param[out] output Plaintext block resulting from decryption
383  **/
384 
385 void des3DecryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
386 {
387  //Perform Triple DES decryption
388  des3ProcessData(context, NULL, input, output, DES3_BLOCK_SIZE,
389  CRYP_CR_ALGOMODE_TDES_ECB | CRYP_CR_ALGODIR);
390 }
391 
392 #endif
393 #if (AES_SUPPORT == ENABLED)
394 
395 /**
396  * @brief Load AES key
397  * @param[in] context AES algorithm context
398  **/
399 
400 void aesLoadKey(AesContext *context)
401 {
402  uint32_t temp;
403 
404  //Read control register
405  temp = CRYP2->CR & ~CRYP_CR_KEYSIZE;
406 
407  //Check the length of the key
408  if(context->nr == 10)
409  {
410  //10 rounds are required for 128-bit key
411  CRYP2->CR = temp | CRYP_CR_KEYSIZE_128B;
412 
413  //Set the 128-bit encryption key
414  CRYP2->K2LR = context->ek[0];
415  CRYP2->K2RR = context->ek[1];
416  CRYP2->K3LR = context->ek[2];
417  CRYP2->K3RR = context->ek[3];
418  }
419  else if(context->nr == 12)
420  {
421  //12 rounds are required for 192-bit key
422  CRYP2->CR = temp | CRYP_CR_KEYSIZE_192B;
423 
424  //Set the 192-bit encryption key
425  CRYP2->K1LR = context->ek[0];
426  CRYP2->K1RR = context->ek[1];
427  CRYP2->K2LR = context->ek[2];
428  CRYP2->K2RR = context->ek[3];
429  CRYP2->K3LR = context->ek[4];
430  CRYP2->K3RR = context->ek[5];
431  }
432  else
433  {
434  //14 rounds are required for 256-bit key
435  CRYP2->CR = temp | CRYP_CR_KEYSIZE_256B;
436 
437  //Set the 256-bit encryption key
438  CRYP2->K0LR = context->ek[0];
439  CRYP2->K0RR = context->ek[1];
440  CRYP2->K1LR = context->ek[2];
441  CRYP2->K1RR = context->ek[3];
442  CRYP2->K2LR = context->ek[4];
443  CRYP2->K2RR = context->ek[5];
444  CRYP2->K3LR = context->ek[6];
445  CRYP2->K3RR = context->ek[7];
446  }
447 }
448 
449 
450 /**
451  * @brief Perform AES encryption or decryption
452  * @param[in] context AES algorithm context
453  * @param[in,out] iv Initialization vector
454  * @param[in] input Data to be encrypted/decrypted
455  * @param[out] output Data resulting from the encryption/decryption process
456  * @param[in] length Total number of data bytes to be processed
457  * @param[in] mode Operation mode
458  **/
459 
460 void aesProcessData(AesContext *context, uint8_t *iv, const uint8_t *input,
461  uint8_t *output, size_t length, uint32_t mode)
462 {
463  uint32_t temp;
464 
465  //Acquire exclusive access to the CRYP module
467 
468  //Configure the data type
469  CRYP2->CR = CRYP_CR_DATATYPE_8B;
470 
471  //AES-ECB or AES-CBC decryption?
472  if((mode & CRYP_CR_ALGODIR) != 0)
473  {
474  //Configure the key preparation mode by setting the ALGOMODE bits to '111'
475  CRYP2->CR |= CRYP_CR_ALGOMODE_AES_KEY;
476  //Set encryption key
477  aesLoadKey(context);
478  //Write the CRYPEN bit to 1
479  CRYP2->CR |= CRYP_CR_CRYPEN;
480 
481  //Wait until BUSY returns to 0
482  while((CRYP2->SR & CRYP_SR_BUSY) != 0)
483  {
484  }
485 
486  //The algorithm must be configured once the key has been prepared
487  temp = CRYP2->CR & ~CRYP_CR_ALGOMODE;
488  CRYP2->CR = temp | mode;
489  }
490  else
491  {
492  //Configure the algorithm and chaining mode
493  CRYP2->CR |= mode;
494  //Set encryption key
495  aesLoadKey(context);
496  }
497 
498  //Valid initialization vector?
499  if(iv != NULL)
500  {
501  //Set initialization vector
502  CRYP2->IV0LR = LOAD32BE(iv);
503  CRYP2->IV0RR = LOAD32BE(iv + 4);
504  CRYP2->IV1LR = LOAD32BE(iv + 8);
505  CRYP2->IV1RR = LOAD32BE(iv + 12);
506  }
507 
508  //Flush the input and output FIFOs
509  CRYP2->CR |= CRYP_CR_FFLUSH;
510  //Enable the cryptographic processor
511  CRYP2->CR |= CRYP_CR_CRYPEN;
512 
513  //Process data
514  while(length >= AES_BLOCK_SIZE)
515  {
516  //Wait for the input FIFO to be ready to accept data
517  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
518  {
519  }
520 
521  //Write the input FIFO
522  CRYP2->DIN = LOAD32LE(input);
523  CRYP2->DIN = LOAD32LE(input + 4);
524  CRYP2->DIN = LOAD32LE(input + 8);
525  CRYP2->DIN = LOAD32LE(input + 12);
526 
527  //Wait for the output to be ready
528  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
529  {
530  }
531 
532  //Read the output FIFO
533  temp = CRYP2->DOUT;
534  STORE32LE(temp, output);
535  temp = CRYP2->DOUT;
536  STORE32LE(temp, output + 4);
537  temp = CRYP2->DOUT;
538  STORE32LE(temp, output + 8);
539  temp = CRYP2->DOUT;
540  STORE32LE(temp, output + 12);
541 
542  //Next block
543  input += AES_BLOCK_SIZE;
544  output += AES_BLOCK_SIZE;
546  }
547 
548  //Process final block of data
549  if(length > 0)
550  {
551  uint32_t buffer[4];
552 
553  //Copy partial block
554  osMemset(buffer, 0, AES_BLOCK_SIZE);
555  osMemcpy(buffer, input, length);
556 
557  //Wait for the input FIFO to be ready to accept data
558  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
559  {
560  }
561 
562  //Write input block
563  CRYP2->DIN = buffer[0];
564  CRYP2->DIN = buffer[1];
565  CRYP2->DIN = buffer[2];
566  CRYP2->DIN = buffer[3];
567 
568  //Wait for the output to be ready
569  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
570  {
571  }
572 
573  //Read output block
574  buffer[0] = CRYP2->DOUT;
575  buffer[1] = CRYP2->DOUT;
576  buffer[2] = CRYP2->DOUT;
577  buffer[3] = CRYP2->DOUT;
578 
579  //Copy partial block
580  osMemcpy(output, buffer, length);
581  }
582 
583  //Valid initialization vector?
584  if(iv != NULL)
585  {
586  //Update the value of the initialization vector
587  temp = CRYP2->IV0LR;
588  STORE32BE(temp, iv);
589  temp = CRYP2->IV0RR;
590  STORE32BE(temp, iv + 4);
591  temp = CRYP2->IV1LR;
592  STORE32BE(temp, iv + 8);
593  temp = CRYP2->IV1RR;
594  STORE32BE(temp, iv + 12);
595  }
596 
597  //Disable the cryptographic processor by clearing the CRYPEN bit
598  CRYP2->CR = 0;
599 
600  //Release exclusive access to the CRYP module
602 }
603 
604 
605 /**
606  * @brief Key expansion
607  * @param[in] context Pointer to the AES context to initialize
608  * @param[in] key Pointer to the key
609  * @param[in] keyLen Length of the key
610  * @return Error code
611  **/
612 
613 error_t aesInit(AesContext *context, const uint8_t *key, size_t keyLen)
614 {
615  size_t i;
616 
617  //Check parameters
618  if(context == NULL || key == NULL)
620 
621  //Check the length of the key
622  if(keyLen == 16)
623  {
624  //10 rounds are required for 128-bit key
625  context->nr = 10;
626  }
627  else if(keyLen == 24)
628  {
629  //12 rounds are required for 192-bit key
630  context->nr = 12;
631  }
632  else if(keyLen == 32)
633  {
634  //14 rounds are required for 256-bit key
635  context->nr = 14;
636  }
637  else
638  {
639  //Report an error
641  }
642 
643  //Determine the number of 32-bit words in the key
644  keyLen /= 4;
645 
646  //Copy the original key
647  for(i = 0; i < keyLen; i++)
648  {
649  context->ek[i] = LOAD32BE(key + (i * 4));
650  }
651 
652  //No error to report
653  return NO_ERROR;
654 }
655 
656 
657 /**
658  * @brief Encrypt a 16-byte block using AES algorithm
659  * @param[in] context Pointer to the AES context
660  * @param[in] input Plaintext block to encrypt
661  * @param[out] output Ciphertext block resulting from encryption
662  **/
663 
664 void aesEncryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
665 {
666  //Perform AES encryption
667  aesProcessData(context, NULL, input, output, AES_BLOCK_SIZE,
669 }
670 
671 
672 /**
673  * @brief Decrypt a 16-byte block using AES algorithm
674  * @param[in] context Pointer to the AES context
675  * @param[in] input Ciphertext block to decrypt
676  * @param[out] output Plaintext block resulting from decryption
677  **/
678 
679 void aesDecryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
680 {
681  //Perform AES decryption
682  aesProcessData(context, NULL, input, output, AES_BLOCK_SIZE,
683  CRYP_CR_ALGOMODE_AES_ECB | CRYP_CR_ALGODIR);
684 }
685 
686 #endif
687 #if (ECB_SUPPORT == ENABLED)
688 
689 /**
690  * @brief ECB encryption
691  * @param[in] cipher Cipher algorithm
692  * @param[in] context Cipher algorithm context
693  * @param[in] p Plaintext to be encrypted
694  * @param[out] c Ciphertext resulting from the encryption
695  * @param[in] length Total number of data bytes to be encrypted
696  * @return Error code
697  **/
698 
699 error_t ecbEncrypt(const CipherAlgo *cipher, void *context,
700  const uint8_t *p, uint8_t *c, size_t length)
701 {
702  error_t error;
703 
704  //Initialize status code
705  error = NO_ERROR;
706 
707 #if (DES_SUPPORT == ENABLED)
708  //DES cipher algorithm?
709  if(cipher == DES_CIPHER_ALGO)
710  {
711  //Check the length of the payload
712  if(length == 0)
713  {
714  //No data to process
715  }
716  else if((length % DES_BLOCK_SIZE) == 0)
717  {
718  //Encrypt payload data
719  desProcessData(context, NULL, p, c, length, CRYP_CR_ALGOMODE_DES_ECB);
720  }
721  else
722  {
723  //The length of the payload must be a multiple of the block size
724  error = ERROR_INVALID_LENGTH;
725  }
726  }
727  else
728 #endif
729 #if (DES3_SUPPORT == ENABLED)
730  //Triple DES cipher algorithm?
731  if(cipher == DES3_CIPHER_ALGO)
732  {
733  //Check the length of the payload
734  if(length == 0)
735  {
736  //No data to process
737  }
738  else if((length % DES3_BLOCK_SIZE) == 0)
739  {
740  //Encrypt payload data
742  }
743  else
744  {
745  //The length of the payload must be a multiple of the block size
746  error = ERROR_INVALID_LENGTH;
747  }
748  }
749  else
750 #endif
751 #if (AES_SUPPORT == ENABLED)
752  //AES cipher algorithm?
753  if(cipher == AES_CIPHER_ALGO)
754  {
755  //Check the length of the payload
756  if(length == 0)
757  {
758  //No data to process
759  }
760  else if((length % AES_BLOCK_SIZE) == 0)
761  {
762  //Encrypt payload data
763  aesProcessData(context, NULL, p, c, length, CRYP_CR_ALGOMODE_AES_ECB);
764  }
765  else
766  {
767  //The length of the payload must be a multiple of the block size
768  error = ERROR_INVALID_LENGTH;
769  }
770  }
771  else
772 #endif
773  //Unknown cipher algorithm?
774  {
775  //ECB mode operates in a block-by-block fashion
776  while(length >= cipher->blockSize)
777  {
778  //Encrypt current block
779  cipher->encryptBlock(context, p, c);
780 
781  //Next block
782  p += cipher->blockSize;
783  c += cipher->blockSize;
784  length -= cipher->blockSize;
785  }
786 
787  //The length of the payload must be a multiple of the block size
788  if(length != 0)
789  {
790  error = ERROR_INVALID_LENGTH;
791  }
792  }
793 
794  //Return status code
795  return error;
796 }
797 
798 
799 /**
800  * @brief ECB decryption
801  * @param[in] cipher Cipher algorithm
802  * @param[in] context Cipher algorithm context
803  * @param[in] c Ciphertext to be decrypted
804  * @param[out] p Plaintext resulting from the decryption
805  * @param[in] length Total number of data bytes to be decrypted
806  * @return Error code
807  **/
808 
809 error_t ecbDecrypt(const CipherAlgo *cipher, void *context,
810  const uint8_t *c, uint8_t *p, size_t length)
811 {
812  error_t error;
813 
814  //Initialize status code
815  error = NO_ERROR;
816 
817 #if (DES_SUPPORT == ENABLED)
818  //DES cipher algorithm?
819  if(cipher == DES_CIPHER_ALGO)
820  {
821  //Check the length of the payload
822  if(length == 0)
823  {
824  //No data to process
825  }
826  else if((length % DES_BLOCK_SIZE) == 0)
827  {
828  //Decrypt payload data
829  desProcessData(context, NULL, c, p, length, CRYP_CR_ALGOMODE_DES_ECB |
830  CRYP_CR_ALGODIR);
831  }
832  else
833  {
834  //The length of the payload must be a multiple of the block size
835  error = ERROR_INVALID_LENGTH;
836  }
837  }
838  else
839 #endif
840 #if (DES3_SUPPORT == ENABLED)
841  //Triple DES cipher algorithm?
842  if(cipher == DES3_CIPHER_ALGO)
843  {
844  //Check the length of the payload
845  if(length == 0)
846  {
847  //No data to process
848  }
849  else if((length % DES3_BLOCK_SIZE) == 0)
850  {
851  //Decrypt payload data
853  CRYP_CR_ALGODIR);
854  }
855  else
856  {
857  //The length of the payload must be a multiple of the block size
858  error = ERROR_INVALID_LENGTH;
859  }
860  }
861  else
862 #endif
863 #if (AES_SUPPORT == ENABLED)
864  //AES cipher algorithm?
865  if(cipher == AES_CIPHER_ALGO)
866  {
867  //Check the length of the payload
868  if(length == 0)
869  {
870  //No data to process
871  }
872  else if((length % AES_BLOCK_SIZE) == 0)
873  {
874  //Decrypt payload data
875  aesProcessData(context, NULL, c, p, length, CRYP_CR_ALGOMODE_AES_ECB |
876  CRYP_CR_ALGODIR);
877  }
878  else
879  {
880  //The length of the payload must be a multiple of the block size
881  error = ERROR_INVALID_LENGTH;
882  }
883  }
884  else
885 #endif
886  //Unknown cipher algorithm?
887  {
888  //ECB mode operates in a block-by-block fashion
889  while(length >= cipher->blockSize)
890  {
891  //Decrypt current block
892  cipher->decryptBlock(context, c, p);
893 
894  //Next block
895  c += cipher->blockSize;
896  p += cipher->blockSize;
897  length -= cipher->blockSize;
898  }
899 
900  //The length of the payload must be a multiple of the block size
901  if(length != 0)
902  {
903  error = ERROR_INVALID_LENGTH;
904  }
905  }
906 
907  //Return status code
908  return error;
909 }
910 
911 #endif
912 #if (CBC_SUPPORT == ENABLED)
913 
914 /**
915  * @brief CBC encryption
916  * @param[in] cipher Cipher algorithm
917  * @param[in] context Cipher algorithm context
918  * @param[in,out] iv Initialization vector
919  * @param[in] p Plaintext to be encrypted
920  * @param[out] c Ciphertext resulting from the encryption
921  * @param[in] length Total number of data bytes to be encrypted
922  * @return Error code
923  **/
924 
925 error_t cbcEncrypt(const CipherAlgo *cipher, void *context,
926  uint8_t *iv, const uint8_t *p, uint8_t *c, size_t length)
927 {
928  error_t error;
929 
930  //Initialize status code
931  error = NO_ERROR;
932 
933 #if (DES_SUPPORT == ENABLED)
934  //DES cipher algorithm?
935  if(cipher == DES_CIPHER_ALGO)
936  {
937  //Check the length of the payload
938  if(length == 0)
939  {
940  //No data to process
941  }
942  else if((length % DES_BLOCK_SIZE) == 0)
943  {
944  //Encrypt payload data
946  }
947  else
948  {
949  //The length of the payload must be a multiple of the block size
950  error = ERROR_INVALID_LENGTH;
951  }
952  }
953  else
954 #endif
955 #if (DES3_SUPPORT == ENABLED)
956  //Triple DES cipher algorithm?
957  if(cipher == DES3_CIPHER_ALGO)
958  {
959  //Check the length of the payload
960  if(length == 0)
961  {
962  //No data to process
963  }
964  else if((length % DES3_BLOCK_SIZE) == 0)
965  {
966  //Encrypt payload data
968  }
969  else
970  {
971  //The length of the payload must be a multiple of the block size
972  error = ERROR_INVALID_LENGTH;
973  }
974  }
975  else
976 #endif
977 #if (AES_SUPPORT == ENABLED)
978  //AES cipher algorithm?
979  if(cipher == AES_CIPHER_ALGO)
980  {
981  //Check the length of the payload
982  if(length == 0)
983  {
984  //No data to process
985  }
986  else if((length % AES_BLOCK_SIZE) == 0)
987  {
988  //Encrypt payload data
990  }
991  else
992  {
993  //The length of the payload must be a multiple of the block size
994  error = ERROR_INVALID_LENGTH;
995  }
996  }
997  else
998 #endif
999  //Unknown cipher algorithm?
1000  {
1001  size_t i;
1002 
1003  //CBC mode operates in a block-by-block fashion
1004  while(length >= cipher->blockSize)
1005  {
1006  //XOR input block with IV contents
1007  for(i = 0; i < cipher->blockSize; i++)
1008  {
1009  c[i] = p[i] ^ iv[i];
1010  }
1011 
1012  //Encrypt the current block based upon the output of the previous
1013  //encryption
1014  cipher->encryptBlock(context, c, c);
1015 
1016  //Update IV with output block contents
1017  osMemcpy(iv, c, cipher->blockSize);
1018 
1019  //Next block
1020  p += cipher->blockSize;
1021  c += cipher->blockSize;
1022  length -= cipher->blockSize;
1023  }
1024 
1025  //The length of the payload must be a multiple of the block size
1026  if(length != 0)
1027  {
1028  error = ERROR_INVALID_LENGTH;
1029  }
1030  }
1031 
1032  //Return status code
1033  return error;
1034 }
1035 
1036 
1037 /**
1038  * @brief CBC decryption
1039  * @param[in] cipher Cipher algorithm
1040  * @param[in] context Cipher algorithm context
1041  * @param[in,out] iv Initialization vector
1042  * @param[in] c Ciphertext to be decrypted
1043  * @param[out] p Plaintext resulting from the decryption
1044  * @param[in] length Total number of data bytes to be decrypted
1045  * @return Error code
1046  **/
1047 
1048 error_t cbcDecrypt(const CipherAlgo *cipher, void *context,
1049  uint8_t *iv, const uint8_t *c, uint8_t *p, size_t length)
1050 {
1051  error_t error;
1052 
1053  //Initialize status code
1054  error = NO_ERROR;
1055 
1056 #if (DES_SUPPORT == ENABLED)
1057  //DES cipher algorithm?
1058  if(cipher == DES_CIPHER_ALGO)
1059  {
1060  //Check the length of the payload
1061  if(length == 0)
1062  {
1063  //No data to process
1064  }
1065  else if((length % DES_BLOCK_SIZE) == 0)
1066  {
1067  //Decrypt payload data
1069  CRYP_CR_ALGODIR);
1070  }
1071  else
1072  {
1073  //The length of the payload must be a multiple of the block size
1074  error = ERROR_INVALID_LENGTH;
1075  }
1076  }
1077  else
1078 #endif
1079 #if (DES3_SUPPORT == ENABLED)
1080  //Triple DES cipher algorithm?
1081  if(cipher == DES3_CIPHER_ALGO)
1082  {
1083  //Check the length of the payload
1084  if(length == 0)
1085  {
1086  //No data to process
1087  }
1088  else if((length % DES3_BLOCK_SIZE) == 0)
1089  {
1090  //Decrypt payload data
1092  CRYP_CR_ALGODIR);
1093  }
1094  else
1095  {
1096  //The length of the payload must be a multiple of the block size
1097  error = ERROR_INVALID_LENGTH;
1098  }
1099  }
1100  else
1101 #endif
1102 #if (AES_SUPPORT == ENABLED)
1103  //AES cipher algorithm?
1104  if(cipher == AES_CIPHER_ALGO)
1105  {
1106  //Check the length of the payload
1107  if(length == 0)
1108  {
1109  //No data to process
1110  }
1111  else if((length % AES_BLOCK_SIZE) == 0)
1112  {
1113  //Decrypt payload data
1115  CRYP_CR_ALGODIR);
1116  }
1117  else
1118  {
1119  //The length of the payload must be a multiple of the block size
1120  error = ERROR_INVALID_LENGTH;
1121  }
1122  }
1123  else
1124 #endif
1125  //Unknown cipher algorithm?
1126  {
1127  size_t i;
1128  uint8_t t[16];
1129 
1130  //CBC mode operates in a block-by-block fashion
1131  while(length >= cipher->blockSize)
1132  {
1133  //Save input block
1134  osMemcpy(t, c, cipher->blockSize);
1135 
1136  //Decrypt the current block
1137  cipher->decryptBlock(context, c, p);
1138 
1139  //XOR output block with IV contents
1140  for(i = 0; i < cipher->blockSize; i++)
1141  {
1142  p[i] ^= iv[i];
1143  }
1144 
1145  //Update IV with input block contents
1146  osMemcpy(iv, t, cipher->blockSize);
1147 
1148  //Next block
1149  c += cipher->blockSize;
1150  p += cipher->blockSize;
1151  length -= cipher->blockSize;
1152  }
1153 
1154  //The length of the payload must be a multiple of the block size
1155  if(length != 0)
1156  {
1157  error = ERROR_INVALID_LENGTH;
1158  }
1159  }
1160 
1161  //Return status code
1162  return error;
1163 }
1164 
1165 #endif
1166 #if (CTR_SUPPORT == ENABLED && AES_SUPPORT == ENABLED)
1167 
1168 /**
1169  * @brief CTR encryption
1170  * @param[in] cipher Cipher algorithm
1171  * @param[in] context Cipher algorithm context
1172  * @param[in] m Size in bits of the specific part of the block to be incremented
1173  * @param[in,out] t Initial counter block
1174  * @param[in] p Plaintext to be encrypted
1175  * @param[out] c Ciphertext resulting from the encryption
1176  * @param[in] length Total number of data bytes to be encrypted
1177  * @return Error code
1178  **/
1179 
1180 error_t ctrEncrypt(const CipherAlgo *cipher, void *context, uint_t m,
1181  uint8_t *t, const uint8_t *p, uint8_t *c, size_t length)
1182 {
1183  error_t error;
1184 
1185  //Initialize status code
1186  error = NO_ERROR;
1187 
1188  //Check the value of the parameter
1189  if((m % 8) == 0 && m <= (cipher->blockSize * 8))
1190  {
1191  //Determine the size, in bytes, of the specific part of the block to be
1192  //incremented
1193  m = m / 8;
1194 
1195  //AES cipher algorithm?
1196  if(cipher == AES_CIPHER_ALGO)
1197  {
1198  size_t k;
1199  size_t n;
1200  uint8_t iv[AES_BLOCK_SIZE];
1201 
1202  //Process plaintext
1203  while(length > 0)
1204  {
1205  //Limit the number of blocks to process at a time
1206  k = 256 - t[AES_BLOCK_SIZE - 1];
1207  n = MIN(length, k * AES_BLOCK_SIZE);
1208  k = (n + AES_BLOCK_SIZE - 1) / AES_BLOCK_SIZE;
1209 
1210  //Copy initial counter value
1212  //Encrypt payload data
1214 
1215  //Standard incrementing function
1216  ctrIncBlock(t, k, AES_BLOCK_SIZE, m);
1217 
1218  //Next block
1219  p += n;
1220  c += n;
1221  length -= n;
1222  }
1223  }
1224  else
1225  {
1226  size_t i;
1227  size_t n;
1228  uint8_t o[16];
1229 
1230  //Process plaintext
1231  while(length > 0)
1232  {
1233  //CTR mode operates in a block-by-block fashion
1234  n = MIN(length, cipher->blockSize);
1235 
1236  //Compute O(j) = CIPH(T(j))
1237  cipher->encryptBlock(context, t, o);
1238 
1239  //Compute C(j) = P(j) XOR T(j)
1240  for(i = 0; i < n; i++)
1241  {
1242  c[i] = p[i] ^ o[i];
1243  }
1244 
1245  //Standard incrementing function
1246  ctrIncBlock(t, 1, cipher->blockSize, m);
1247 
1248  //Next block
1249  p += n;
1250  c += n;
1251  length -= n;
1252  }
1253  }
1254  }
1255  else
1256  {
1257  //The value of the parameter is not valid
1258  error = ERROR_INVALID_PARAMETER;
1259  }
1260 
1261  //Return status code
1262  return error;
1263 }
1264 
1265 #endif
1266 #if (GCM_SUPPORT == ENABLED && AES_SUPPORT == ENABLED)
1267 
1268 /**
1269  * @brief Perform AES-GCM encryption or decryption
1270  * @param[in] context AES algorithm context
1271  * @param[in] iv Initialization vector
1272  * @param[in] a Additional authenticated data
1273  * @param[in] aLen Length of the additional data
1274  * @param[in] input Data to be encrypted/decrypted
1275  * @param[out] output Data resulting from the encryption/decryption process
1276  * @param[in] length Total number of data bytes to be processed
1277  * @param[out] t Authentication tag
1278  * @param[in] mode Operation mode
1279  **/
1280 
1281 void gcmProcessData(AesContext *context, const uint8_t *iv,
1282  const uint8_t *a, size_t aLen, const uint8_t *input, uint8_t *output,
1283  size_t length, uint8_t *t, uint32_t mode)
1284 {
1285  size_t n;
1286  uint64_t m;
1287  uint32_t temp;
1288  uint32_t buffer[4];
1289 
1290  //Acquire exclusive access to the CRYP module
1292 
1293  //Configure the data type
1294  CRYP2->CR = CRYP_CR_DATATYPE_8B;
1295 
1296  //Select the GCM chaining mode by programming ALGOMODE bits to '01000'
1297  temp = CRYP2->CR & ~CRYP_CR_ALGOMODE;
1298  CRYP2->CR = temp | CRYP_CR_ALGOMODE_AES_GCM;
1299 
1300  //Configure GCM_CCMPH bits to '00' to start the GCM init phase
1301  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1302  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_INIT;
1303 
1304  //Set encryption key
1305  aesLoadKey(context);
1306 
1307  //Set initialization vector
1308  CRYP2->IV0LR = LOAD32BE(iv);
1309  CRYP2->IV0RR = LOAD32BE(iv + 4);
1310  CRYP2->IV1LR = LOAD32BE(iv + 8);
1311  CRYP2->IV1RR = 2;
1312 
1313  //Set CRYPEN bit to 1 to start the calculation of the HASH key
1314  CRYP2->CR |= CRYP_CR_CRYPEN;
1315 
1316  //Wait for the CRYPEN bit to be cleared to 0 before moving on to the
1317  //next phase
1318  while((CRYP2->CR & CRYP_CR_CRYPEN) != 0)
1319  {
1320  }
1321 
1322  //Configure GCM_CCMPH bits to '01' to start GCM header phase
1323  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1324  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_HEADER;
1325 
1326  //Flush the input and output FIFOs
1327  CRYP2->CR |= CRYP_CR_FFLUSH;
1328  //Set the CRYPEN bit to 1 to start accepting data
1329  CRYP2->CR |= CRYP_CR_CRYPEN;
1330 
1331  //Process additional authenticated data
1332  for(n = aLen; n >= AES_BLOCK_SIZE; n -= AES_BLOCK_SIZE)
1333  {
1334  //Wait for the input FIFO to be ready to accept data
1335  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1336  {
1337  }
1338 
1339  //Write the input FIFO
1340  CRYP2->DIN = LOAD32LE(a);
1341  CRYP2->DIN = LOAD32LE(a + 4);
1342  CRYP2->DIN = LOAD32LE(a + 8);
1343  CRYP2->DIN = LOAD32LE(a + 12);
1344 
1345  //Next block
1346  a += AES_BLOCK_SIZE;
1347  }
1348 
1349  //Process final block of additional authenticated data
1350  if(n > 0)
1351  {
1352  //Copy partial block
1353  osMemset(buffer, 0, AES_BLOCK_SIZE);
1354  osMemcpy(buffer, a, n);
1355 
1356  //Wait for the input FIFO to be ready to accept data
1357  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1358  {
1359  }
1360 
1361  //Write the input FIFO
1362  CRYP2->DIN = buffer[0];
1363  CRYP2->DIN = buffer[1];
1364  CRYP2->DIN = buffer[2];
1365  CRYP2->DIN = buffer[3];
1366  }
1367 
1368  //Once all header data have been supplied, wait until the BUSY bit is
1369  //cleared
1370  while((CRYP2->SR & CRYP_SR_BUSY) != 0)
1371  {
1372  }
1373 
1374  //Set the CRYPEN bit to 0
1375  CRYP2->CR &= ~CRYP_CR_CRYPEN;
1376 
1377  //Configure GCM_CCMPH bits to '10' to start GCM payload phase
1378  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1379  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_PAYLOAD;
1380 
1381  //Select the algorithm direction by using the ALGODIR bit
1382  temp = CRYP2->CR & ~CRYP_CR_ALGODIR;
1383  CRYP2->CR |= mode;
1384 
1385  //Set the CRYPEN bit to 1 to start accepting data
1386  CRYP2->CR |= CRYP_CR_CRYPEN;
1387 
1388  //Process data
1389  for(n = length; n >= AES_BLOCK_SIZE; n -= AES_BLOCK_SIZE)
1390  {
1391  //Wait for the input FIFO to be ready to accept data
1392  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1393  {
1394  }
1395 
1396  //Write the input FIFO
1397  CRYP2->DIN = LOAD32LE(input);
1398  CRYP2->DIN = LOAD32LE(input + 4);
1399  CRYP2->DIN = LOAD32LE(input + 8);
1400  CRYP2->DIN = LOAD32LE(input + 12);
1401 
1402  //Wait for the output to be ready
1403  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1404  {
1405  }
1406 
1407  //Read the output FIFO
1408  temp = CRYP2->DOUT;
1409  STORE32LE(temp, output);
1410  temp = CRYP2->DOUT;
1411  STORE32LE(temp, output + 4);
1412  temp = CRYP2->DOUT;
1413  STORE32LE(temp, output + 8);
1414  temp = CRYP2->DOUT;
1415  STORE32LE(temp, output + 12);
1416 
1417  //Next block
1418  input += AES_BLOCK_SIZE;
1419  output += AES_BLOCK_SIZE;
1420  }
1421 
1422  //Process final block of data
1423  if(n > 0)
1424  {
1425  //Copy partial block
1426  osMemset(buffer, 0, AES_BLOCK_SIZE);
1427  osMemcpy(buffer, input, n);
1428 
1429  //Specify the number of padding bytes in the last block
1430  temp = CRYP2->CR & ~CRYP_CR_NPBLB;
1431  CRYP2->CR = temp | ((AES_BLOCK_SIZE - n) << CRYP_CR_NPBLB_Pos);
1432 
1433  //Wait for the input FIFO to be ready to accept data
1434  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1435  {
1436  }
1437 
1438  //Write the input FIFO
1439  CRYP2->DIN = buffer[0];
1440  CRYP2->DIN = buffer[1];
1441  CRYP2->DIN = buffer[2];
1442  CRYP2->DIN = buffer[3];
1443 
1444  //Wait for the output to be ready
1445  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1446  {
1447  }
1448 
1449  //Read the output FIFO
1450  buffer[0] = CRYP2->DOUT;
1451  buffer[1] = CRYP2->DOUT;
1452  buffer[2] = CRYP2->DOUT;
1453  buffer[3] = CRYP2->DOUT;
1454 
1455  //Copy partial block
1456  osMemcpy(output, buffer, n);
1457  }
1458 
1459  //Once all payload data have been supplied, wait until the BUSY flag is
1460  //cleared
1461  while((CRYP2->SR & CRYP_SR_BUSY) != 0)
1462  {
1463  }
1464 
1465  //Configure GCM_CCMPH bits to '11' to start GCM final phase
1466  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1467  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_FINAL;
1468 
1469  //Write the input into the CRYP_DIN register 4 times. The input must
1470  //contain the number of bits in the header (64 bits) concatenated with
1471  //the number of bits in the payload (64 bits)
1472  m = aLen * 8;
1473  CRYP2->DIN = htole32(m >> 32);
1474  CRYP2->DIN = htole32(m);
1475  m = length * 8;
1476  CRYP2->DIN = htole32(m >> 32);
1477  CRYP2->DIN = htole32(m);
1478 
1479  //Wait until the OFNE flag is set to 1 in the CRYP_SR register
1480  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1481  {
1482  }
1483 
1484  //Read the CRYP_DOUT register 4 times. The output corresponds to the
1485  //authentication tag
1486  temp = CRYP2->DOUT;
1487  STORE32LE(temp, t);
1488  temp = CRYP2->DOUT;
1489  STORE32LE(temp, t + 4);
1490  temp = CRYP2->DOUT;
1491  STORE32LE(temp, t + 8);
1492  temp = CRYP2->DOUT;
1493  STORE32LE(temp, t + 12);
1494 
1495  //Disable the cryptographic processor by clearing the CRYPEN bit
1496  CRYP2->CR = 0;
1497 
1498  //Release exclusive access to the CRYP module
1500 }
1501 
1502 
1503 /**
1504  * @brief Initialize GCM context
1505  * @param[in] context Pointer to the GCM context
1506  * @param[in] cipherAlgo Cipher algorithm
1507  * @param[in] cipherContext Pointer to the cipher algorithm context
1508  * @return Error code
1509  **/
1510 
1511 error_t gcmInit(GcmContext *context, const CipherAlgo *cipherAlgo,
1512  void *cipherContext)
1513 {
1514  //Check parameters
1515  if(context == NULL || cipherContext == NULL)
1516  return ERROR_INVALID_PARAMETER;
1517 
1518  //The CRYP module only supports AES cipher algorithm
1519  if(cipherAlgo != AES_CIPHER_ALGO)
1520  return ERROR_INVALID_PARAMETER;
1521 
1522  //Save cipher algorithm context
1523  context->cipherAlgo = cipherAlgo;
1524  context->cipherContext = cipherContext;
1525 
1526  //Successful initialization
1527  return NO_ERROR;
1528 }
1529 
1530 
1531 /**
1532  * @brief Authenticated encryption using GCM
1533  * @param[in] context Pointer to the GCM context
1534  * @param[in] iv Initialization vector
1535  * @param[in] ivLen Length of the initialization vector
1536  * @param[in] a Additional authenticated data
1537  * @param[in] aLen Length of the additional data
1538  * @param[in] p Plaintext to be encrypted
1539  * @param[out] c Ciphertext resulting from the encryption
1540  * @param[in] length Total number of data bytes to be encrypted
1541  * @param[out] t Authentication tag
1542  * @param[in] tLen Length of the authentication tag
1543  * @return Error code
1544  **/
1545 
1546 error_t gcmEncrypt(GcmContext *context, const uint8_t *iv,
1547  size_t ivLen, const uint8_t *a, size_t aLen, const uint8_t *p,
1548  uint8_t *c, size_t length, uint8_t *t, size_t tLen)
1549 {
1550  uint8_t authTag[16];
1551 
1552  //Make sure the GCM context is valid
1553  if(context == NULL)
1554  return ERROR_INVALID_PARAMETER;
1555 
1556  //Check whether the length of the IV is 96 bits
1557  if(ivLen != 12)
1558  return ERROR_INVALID_LENGTH;
1559 
1560  //Check the length of the authentication tag
1561  if(tLen < 4 || tLen > 16)
1562  return ERROR_INVALID_LENGTH;
1563 
1564  //Perform AES-GCM encryption
1565  gcmProcessData(context->cipherContext, iv, a, aLen, p, c, length,
1566  authTag, 0);
1567 
1568  //Copy the resulting authentication tag
1569  osMemcpy(t, authTag, tLen);
1570 
1571  //Successful processing
1572  return NO_ERROR;
1573 }
1574 
1575 
1576 /**
1577  * @brief Authenticated decryption using GCM
1578  * @param[in] context Pointer to the GCM context
1579  * @param[in] iv Initialization vector
1580  * @param[in] ivLen Length of the initialization vector
1581  * @param[in] a Additional authenticated data
1582  * @param[in] aLen Length of the additional data
1583  * @param[in] c Ciphertext to be decrypted
1584  * @param[out] p Plaintext resulting from the decryption
1585  * @param[in] length Total number of data bytes to be decrypted
1586  * @param[in] t Authentication tag
1587  * @param[in] tLen Length of the authentication tag
1588  * @return Error code
1589  **/
1590 
1591 error_t gcmDecrypt(GcmContext *context, const uint8_t *iv,
1592  size_t ivLen, const uint8_t *a, size_t aLen, const uint8_t *c,
1593  uint8_t *p, size_t length, const uint8_t *t, size_t tLen)
1594 {
1595  size_t i;
1596  uint8_t mask;
1597  uint8_t authTag[16];
1598 
1599  //Make sure the GCM context is valid
1600  if(context == NULL)
1601  return ERROR_INVALID_PARAMETER;
1602 
1603  //Check whether the length of the IV is 96 bits
1604  if(ivLen != 12)
1605  return ERROR_INVALID_LENGTH;
1606 
1607  //Check the length of the authentication tag
1608  if(tLen < 4 || tLen > 16)
1609  return ERROR_INVALID_LENGTH;
1610 
1611  //Perform AES-GCM decryption
1612  gcmProcessData(context->cipherContext, iv, a, aLen, c, p, length,
1613  authTag, CRYP_CR_ALGODIR);
1614 
1615  //The calculated tag is bitwise compared to the received tag
1616  for(mask = 0, i = 0; i < tLen; i++)
1617  {
1618  mask |= authTag[i] ^ t[i];
1619  }
1620 
1621  //The message is authenticated if and only if the tags match
1622  return (mask == 0) ? NO_ERROR : ERROR_FAILURE;
1623 }
1624 
1625 #endif
1626 #if (CCM_SUPPORT == ENABLED && AES_SUPPORT == ENABLED)
1627 
1628 /**
1629  * @brief Perform AES-CCM encryption or decryption
1630  * @param[in] context AES algorithm context
1631  * @param[in] b0 Pointer to the B0 block
1632  * @param[in] a Additional authenticated data
1633  * @param[in] aLen Length of the additional data
1634  * @param[in] input Data to be encrypted/decrypted
1635  * @param[out] output Data resulting from the encryption/decryption process
1636  * @param[in] length Total number of data bytes to be processed
1637  * @param[out] t Authentication tag
1638  * @param[in] mode Operation mode
1639  **/
1640 
1641 void ccmProcessData(AesContext *context, const uint8_t *b0, const uint8_t *a,
1642  size_t aLen, const uint8_t *input, uint8_t *output, size_t length,
1643  uint8_t *t, uint32_t mode)
1644 {
1645  size_t n;
1646  size_t qLen;
1647  uint32_t temp;
1648  uint8_t buffer[16];
1649 
1650  //Acquire exclusive access to the CRYP module
1652 
1653  //Configure the data type
1654  CRYP2->CR = CRYP_CR_DATATYPE_8B;
1655 
1656  //Select the CCM chaining mode by programming ALGOMODE bits to '01001'
1657  temp = CRYP2->CR & ~CRYP_CR_ALGOMODE;
1658  CRYP2->CR = temp | CRYP_CR_ALGOMODE_AES_CCM;
1659 
1660  //Configure GCM_CCMPH bits to '00' to start the CCM init phase
1661  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1662  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_INIT;
1663 
1664  //Set encryption key
1665  aesLoadKey(context);
1666 
1667  //Retrieve the octet length of Q
1668  qLen = (b0[0] & 0x07) + 1;
1669 
1670  //Format CTR(1)
1671  osMemcpy(buffer, b0, 16 - qLen);
1672  osMemset(buffer + 16 - qLen, 0, qLen);
1673 
1674  //Set the leading octet
1675  buffer[0] = (uint8_t) (qLen - 1);
1676  //Set counter value
1677  buffer[15] = 1;
1678 
1679  //Initialize CRYP_IVRx registers with CTR(1)
1680  CRYP2->IV0LR = LOAD32BE(buffer);
1681  CRYP2->IV0RR = LOAD32BE(buffer + 4);
1682  CRYP2->IV1LR = LOAD32BE(buffer + 8);
1683  CRYP2->IV1RR = LOAD32BE(buffer + 12);
1684 
1685  //Set the CRYPEN bit to 1 in CRYP_CR to start accepting data
1686  CRYP2->CR |= CRYP_CR_CRYPEN;
1687 
1688  //Write the B0 packet into CRYP_DIN register
1689  CRYP2->DIN = LOAD32BE(b0);
1690  CRYP2->DIN = LOAD32BE(b0 + 4);
1691  CRYP2->DIN = LOAD32BE(b0 + 8);
1692  CRYP2->DIN = LOAD32BE(b0 + 12);
1693 
1694  //Wait for the CRYPEN bit to be cleared to 0 by the cryptographic processor
1695  //before moving on to the next phase
1696  while((CRYP2->CR & CRYP_CR_CRYPEN) != 0)
1697  {
1698  }
1699 
1700  //Configure GCM_CCMPH bits to '01' to start CCM header phase
1701  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1702  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_HEADER;
1703 
1704  //Flush the input and output FIFOs
1705  CRYP2->CR |= CRYP_CR_FFLUSH;
1706  //Set the CRYPEN bit to 1 to start accepting data
1707  CRYP2->CR |= CRYP_CR_CRYPEN;
1708 
1709  //The header phase can be skipped if there is no associated data
1710  if(aLen > 0)
1711  {
1712  //The first block of the associated data (B1) must be formatted by
1713  //software, with the associated data length
1714  osMemset(buffer, 0, 16);
1715 
1716  //Check the length of the associated data string
1717  if(aLen < 0xFF00)
1718  {
1719  //The length is encoded as 2 octets
1720  STORE16BE(aLen, buffer);
1721 
1722  //Number of bytes to copy
1723  n = MIN(aLen, 16 - 2);
1724  //Concatenate the associated data A
1725  osMemcpy(buffer + 2, a, n);
1726  }
1727  else
1728  {
1729  //The length is encoded as 6 octets
1730  buffer[0] = 0xFF;
1731  buffer[1] = 0xFE;
1732 
1733  //MSB is stored first
1734  STORE32BE(aLen, buffer + 2);
1735 
1736  //Number of bytes to copy
1737  n = MIN(aLen, 16 - 6);
1738  //Concatenate the associated data A
1739  osMemcpy(buffer + 6, a, n);
1740  }
1741 
1742  //Wait for the input FIFO to be ready to accept data
1743  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1744  {
1745  }
1746 
1747  //Write the input FIFO
1748  CRYP2->DIN = LOAD32LE(buffer);
1749  CRYP2->DIN = LOAD32LE(buffer + 4);
1750  CRYP2->DIN = LOAD32LE(buffer + 8);
1751  CRYP2->DIN = LOAD32LE(buffer + 12);
1752 
1753  //Number of remaining data bytes
1754  aLen -= n;
1755  a += n;
1756  }
1757 
1758  //Process additional authenticated data
1759  while(aLen >= AES_BLOCK_SIZE)
1760  {
1761  //Wait for the input FIFO to be ready to accept data
1762  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1763  {
1764  }
1765 
1766  //Write the input FIFO
1767  CRYP2->DIN = LOAD32LE(a);
1768  CRYP2->DIN = LOAD32LE(a + 4);
1769  CRYP2->DIN = LOAD32LE(a + 8);
1770  CRYP2->DIN = LOAD32LE(a + 12);
1771 
1772  //Next block
1773  a += AES_BLOCK_SIZE;
1774  aLen -= AES_BLOCK_SIZE;
1775  }
1776 
1777  //Process final block of additional authenticated data
1778  if(aLen > 0)
1779  {
1780  //If the AAD size in the last block is inferior to 128 bits, pad the
1781  //remainder of the block with zeros
1782  osMemset(buffer, 0, AES_BLOCK_SIZE);
1783  osMemcpy(buffer, a, aLen);
1784 
1785  //Wait for the input FIFO to be ready to accept data
1786  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1787  {
1788  }
1789 
1790  //Write the input FIFO
1791  CRYP2->DIN = LOAD32LE(buffer);
1792  CRYP2->DIN = LOAD32LE(buffer + 4);
1793  CRYP2->DIN = LOAD32LE(buffer + 8);
1794  CRYP2->DIN = LOAD32LE(buffer + 12);
1795  }
1796 
1797  //Once all header data have been supplied, wait until the BUSY bit is
1798  //cleared
1799  while((CRYP2->SR & CRYP_SR_BUSY) != 0)
1800  {
1801  }
1802 
1803  //Set the CRYPEN bit to 0
1804  CRYP2->CR &= ~CRYP_CR_CRYPEN;
1805 
1806  //Configure GCM_CCMPH bits to '10' to start CCM payload phase
1807  temp = CRYP2->CR & ~CRYP_CR_GCM_CCMPH;
1808  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_PAYLOAD;
1809 
1810  //Select the algorithm direction by using the ALGODIR bit
1811  temp = CRYP2->CR & ~CRYP_CR_ALGODIR;
1812  CRYP2->CR |= mode;
1813 
1814  //Set the CRYPEN bit to 1 to start accepting data
1815  CRYP2->CR |= CRYP_CR_CRYPEN;
1816 
1817  //Process data
1818  while(length >= AES_BLOCK_SIZE)
1819  {
1820  //Wait for the input FIFO to be ready to accept data
1821  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1822  {
1823  }
1824 
1825  //Write the input FIFO
1826  CRYP2->DIN = LOAD32LE(input);
1827  CRYP2->DIN = LOAD32LE(input + 4);
1828  CRYP2->DIN = LOAD32LE(input + 8);
1829  CRYP2->DIN = LOAD32LE(input + 12);
1830 
1831  //Wait for the output to be ready
1832  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1833  {
1834  }
1835 
1836  //Read the output FIFO
1837  temp = CRYP2->DOUT;
1838  STORE32LE(temp, output);
1839  temp = CRYP2->DOUT;
1840  STORE32LE(temp, output + 4);
1841  temp = CRYP2->DOUT;
1842  STORE32LE(temp, output + 8);
1843  temp = CRYP2->DOUT;
1844  STORE32LE(temp, output + 12);
1845 
1846  //Next block
1847  input += AES_BLOCK_SIZE;
1848  output += AES_BLOCK_SIZE;
1850  }
1851 
1852  //Process final block of data
1853  if(length > 0)
1854  {
1855  //If it is the last block and the plaintext (encryption) or ciphertext
1856  //(decryption) size in the block is inferior to 128 bits, pad the
1857  //remainder of the block with zeros
1858  osMemset(buffer, 0, AES_BLOCK_SIZE);
1859  osMemcpy(buffer, input, length);
1860 
1861  //Specify the number of padding bytes in the last block
1862  temp = CRYP2->CR & ~CRYP_CR_NPBLB;
1863  CRYP2->CR = temp | ((AES_BLOCK_SIZE - length) << CRYP_CR_NPBLB_Pos);
1864 
1865  //Wait for the input FIFO to be ready to accept data
1866  while((CRYP2->SR & CRYP_SR_IFNF) == 0)
1867  {
1868  }
1869 
1870  //Write the input FIFO
1871  CRYP2->DIN = LOAD32LE(buffer);
1872  CRYP2->DIN = LOAD32LE(buffer + 4);
1873  CRYP2->DIN = LOAD32LE(buffer + 8);
1874  CRYP2->DIN = LOAD32LE(buffer + 12);
1875 
1876  //Wait for the output to be ready
1877  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1878  {
1879  }
1880 
1881  //Read the output FIFO
1882  temp = CRYP2->DOUT;
1883  STORE32LE(temp, buffer);
1884  temp = CRYP2->DOUT;
1885  STORE32LE(temp, buffer + 4);
1886  temp = CRYP2->DOUT;
1887  STORE32LE(temp, buffer + 8);
1888  temp = CRYP2->DOUT;
1889  STORE32LE(temp, buffer + 12);
1890 
1891  //Discard the bits that are not part of the payload when the last block
1892  //size is less than 16 bytes
1893  osMemcpy(output, buffer, length);
1894  }
1895 
1896  //Once all payload data have been supplied, wait until the BUSY flag is
1897  //cleared
1898  while((CRYP2->SR & CRYP_SR_BUSY) != 0)
1899  {
1900  }
1901 
1902  //Configure GCM_CCMPH bits to '11' in CRYP_CR to indicate that the CCM final
1903  //phase is ongoing and set the ALGODIR bit to 0 in the same register
1904  temp = CRYP2->CR & ~(CRYP_CR_GCM_CCMPH | CRYP_CR_ALGODIR);
1905  CRYP2->CR = temp | CRYP_CR_GCM_CCMPH_FINAL;
1906 
1907  //Format CTR(0)
1908  osMemcpy(buffer, b0, 16 - qLen);
1909  osMemset(buffer + 16 - qLen, 0, qLen);
1910 
1911  //Set the leading octet
1912  buffer[0] = (uint8_t) (qLen - 1);
1913 
1914  //Load in CRYP_DIN the CTR(0) information
1915  CRYP2->DIN = LOAD32BE(buffer);
1916  CRYP2->DIN = LOAD32BE(buffer + 4);
1917  CRYP2->DIN = LOAD32BE(buffer + 8);
1918  CRYP2->DIN = LOAD32BE(buffer + 12);
1919 
1920  //Wait until the OFNE flag is set to 1 in the CRYP_SR register
1921  while((CRYP2->SR & CRYP_SR_OFNE) == 0)
1922  {
1923  }
1924 
1925  //Read the CRYP_DOUT register 4 times. The output corresponds to the
1926  //authentication tag
1927  temp = CRYP2->DOUT;
1928  STORE32LE(temp, t);
1929  temp = CRYP2->DOUT;
1930  STORE32LE(temp, t + 4);
1931  temp = CRYP2->DOUT;
1932  STORE32LE(temp, t + 8);
1933  temp = CRYP2->DOUT;
1934  STORE32LE(temp, t + 12);
1935 
1936  //Disable the cryptographic processor by clearing the CRYPEN bit
1937  CRYP2->CR = 0;
1938 
1939  //Release exclusive access to the CRYP module
1941 }
1942 
1943 
1944 /**
1945  * @brief Authenticated encryption using CCM
1946  * @param[in] cipher Cipher algorithm
1947  * @param[in] context Cipher algorithm context
1948  * @param[in] n Nonce
1949  * @param[in] nLen Length of the nonce
1950  * @param[in] a Additional authenticated data
1951  * @param[in] aLen Length of the additional data
1952  * @param[in] p Plaintext to be encrypted
1953  * @param[out] c Ciphertext resulting from the encryption
1954  * @param[in] length Total number of data bytes to be encrypted
1955  * @param[out] t MAC resulting from the encryption process
1956  * @param[in] tLen Length of the MAC
1957  * @return Error code
1958  **/
1959 
1960 error_t ccmEncrypt(const CipherAlgo *cipher, void *context, const uint8_t *n,
1961  size_t nLen, const uint8_t *a, size_t aLen, const uint8_t *p, uint8_t *c,
1962  size_t length, uint8_t *t, size_t tLen)
1963 {
1964  error_t error;
1965  uint8_t b0[16];
1966  uint8_t authTag[16];
1967 
1968  //The CRYP module only supports AES cipher algorithm
1969  if(cipher != AES_CIPHER_ALGO)
1970  return ERROR_INVALID_PARAMETER;
1971 
1972  //Make sure the cipher context is valid
1973  if(context == NULL)
1974  return ERROR_INVALID_PARAMETER;
1975 
1976  //Format first block B(0)
1977  error = ccmFormatBlock0(length, n, nLen, aLen, tLen, b0);
1978  //Invalid parameters?
1979  if(error)
1980  return error;
1981 
1982  //Perform AES-CCM encryption
1983  ccmProcessData(context, b0, a, aLen, p, c, length, authTag, 0);
1984 
1985  //Copy the resulting authentication tag
1986  osMemcpy(t, authTag, tLen);
1987 
1988  //Successful processing
1989  return NO_ERROR;
1990 }
1991 
1992 
1993 /**
1994  * @brief Authenticated decryption using CCM
1995  * @param[in] cipher Cipher algorithm
1996  * @param[in] context Cipher algorithm context
1997  * @param[in] n Nonce
1998  * @param[in] nLen Length of the nonce
1999  * @param[in] a Additional authenticated data
2000  * @param[in] aLen Length of the additional data
2001  * @param[in] c Ciphertext to be decrypted
2002  * @param[out] p Plaintext resulting from the decryption
2003  * @param[in] length Total number of data bytes to be decrypted
2004  * @param[in] t MAC to be verified
2005  * @param[in] tLen Length of the MAC
2006  * @return Error code
2007  **/
2008 
2009 error_t ccmDecrypt(const CipherAlgo *cipher, void *context, const uint8_t *n,
2010  size_t nLen, const uint8_t *a, size_t aLen, const uint8_t *c, uint8_t *p,
2011  size_t length, const uint8_t *t, size_t tLen)
2012 {
2013  error_t error;
2014  size_t i;
2015  uint8_t mask;
2016  uint8_t b0[16];
2017  uint8_t authTag[16];
2018 
2019  //The CRYP module only supports AES cipher algorithm
2020  if(cipher != AES_CIPHER_ALGO)
2021  return ERROR_INVALID_PARAMETER;
2022 
2023  //Make sure the cipher context is valid
2024  if(context == NULL)
2025  return ERROR_INVALID_PARAMETER;
2026 
2027  //Format first block B(0)
2028  error = ccmFormatBlock0(length, n, nLen, aLen, tLen, b0);
2029  //Invalid parameters?
2030  if(error)
2031  return error;
2032 
2033  //Perform AES-CCM decryption
2034  ccmProcessData(context, b0, a, aLen, c, p, length, authTag, CRYP_CR_ALGODIR);
2035 
2036  //The calculated tag is bitwise compared to the received tag
2037  for(mask = 0, i = 0; i < tLen; i++)
2038  {
2039  mask |= authTag[i] ^ t[i];
2040  }
2041 
2042  //The message is authenticated if and only if the tags match
2043  return (mask == 0) ? NO_ERROR : ERROR_FAILURE;
2044 }
2045 
2046 #endif
2047 #endif
uint8_t a
Definition: ndp.h:411
void desDecryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
Decrypt a 8-byte block using DES algorithm.
#define LOAD32BE(p)
Definition: cpu_endian.h:210
CipherAlgoDecryptBlock decryptBlock
Definition: crypto.h:1077
uint8_t p
Definition: ndp.h:300
void ccmProcessData(AesContext *context, const uint8_t *b0, const uint8_t *a, size_t aLen, const uint8_t *input, uint8_t *output, size_t length, uint8_t *t, uint32_t mode)
Perform AES-CCM encryption or decryption.
uint8_t t
Definition: lldp_ext_med.h:212
error_t des3Init(Des3Context *context, const uint8_t *key, size_t keyLen)
Initialize a Triple DES context using the supplied key.
uint8_t o
Collection of AEAD algorithms.
#define CRYP_CR_ALGOMODE_DES_ECB
#define STORE32LE(a, p)
Definition: cpu_endian.h:279
#define CRYP_CR_GCM_CCMPH_INIT
size_t blockSize
Definition: crypto.h:1072
#define CRYP_CR_GCM_CCMPH_PAYLOAD
STM32MP1 hardware cryptographic accelerator.
error_t ecbEncrypt(const CipherAlgo *cipher, void *context, const uint8_t *p, uint8_t *c, size_t length)
ECB encryption.
#define CRYP_CR_KEYSIZE_128B
#define CRYP_CR_DATATYPE_8B
STM32MP1 cipher hardware accelerator.
DesContext k1
Definition: des3.h:60
error_t crypInit(void)
CRYP module initialization.
#define CRYP_CR_ALGOMODE_AES_ECB
CipherAlgoEncryptBlock encryptBlock
Definition: crypto.h:1076
#define DES3_BLOCK_SIZE
Definition: des3.h:44
error_t aesInit(AesContext *context, const uint8_t *key, size_t keyLen)
Key expansion.
void aesEncryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
Encrypt a 16-byte block using AES algorithm.
AES algorithm context.
Definition: aes.h:58
#define AES_BLOCK_SIZE
Definition: aes.h:43
void aesProcessData(AesContext *context, uint8_t *iv, const uint8_t *input, uint8_t *output, size_t length, uint32_t mode)
Perform AES encryption or decryption.
error_t gcmDecrypt(GcmContext *context, const uint8_t *iv, size_t ivLen, const uint8_t *a, size_t aLen, const uint8_t *c, uint8_t *p, size_t length, const uint8_t *t, size_t tLen)
Authenticated decryption using GCM.
DES algorithm context.
Definition: des.h:58
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
#define osMemcpy(dest, src, length)
Definition: os_port.h:141
error_t
Error codes.
Definition: error.h:43
#define htole32(value)
Definition: cpu_endian.h:430
#define CRYP_CR_GCM_CCMPH_FINAL
OsMutex stm32mp1xxCryptoMutex
void aesLoadKey(AesContext *context)
Load AES key.
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
#define CRYP_CR_ALGOMODE_AES_CCM
#define CRYP_CR_ALGOMODE_AES_CBC
#define STORE16BE(a, p)
Definition: cpu_endian.h:262
error_t ccmFormatBlock0(size_t q, const uint8_t *n, size_t nLen, size_t aLen, size_t tLen, uint8_t *b)
Format first block B(0)
Definition: ccm.c:353
#define CRYP_CR_GCM_CCMPH_HEADER
error_t ccmDecrypt(const CipherAlgo *cipher, void *context, const uint8_t *n, size_t nLen, const uint8_t *a, size_t aLen, const uint8_t *c, uint8_t *p, size_t length, const uint8_t *t, size_t tLen)
Authenticated decryption using CCM.
@ ERROR_INVALID_KEY_LENGTH
Definition: error.h:107
@ ERROR_INVALID_LENGTH
Definition: error.h:111
General definitions for cryptographic algorithms.
#define CRYP_CR_ALGOMODE_TDES_ECB
uint8_t mask
Definition: web_socket.h:319
uint8_t iv[]
Definition: ike.h:1502
Block cipher modes of operation.
#define DES_CIPHER_ALGO
Definition: des.h:45
const CipherAlgo * cipherAlgo
Cipher algorithm.
Definition: gcm.h:65
uint8_t length
Definition: tcp.h:368
#define MIN(a, b)
Definition: os_port.h:63
DesContext k3
Definition: des3.h:62
void des3EncryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
Encrypt a 8-byte block using Triple DES algorithm.
uint_t nr
Definition: aes.h:59
void desEncryptBlock(DesContext *context, const uint8_t *input, uint8_t *output)
Encrypt a 8-byte block using DES algorithm.
void gcmProcessData(AesContext *context, const uint8_t *iv, const uint8_t *a, size_t aLen, const uint8_t *input, uint8_t *output, size_t length, uint8_t *t, uint32_t mode)
Perform AES-GCM encryption or decryption.
#define CRYP_CR_ALGOMODE_AES_CTR
GCM context.
Definition: gcm.h:64
Triple DES algorithm context.
Definition: des3.h:59
#define CRYP_CR_ALGOMODE_DES_CBC
#define CRYP_CR_KEYSIZE_256B
error_t cbcDecrypt(const CipherAlgo *cipher, void *context, uint8_t *iv, const uint8_t *c, uint8_t *p, size_t length)
CBC decryption.
uint8_t m
Definition: ndp.h:304
void des3ProcessData(Des3Context *context, uint8_t *iv, const uint8_t *input, uint8_t *output, size_t length, uint32_t mode)
Perform Triple DES encryption or decryption.
uint8_t n
error_t ctrEncrypt(const CipherAlgo *cipher, void *context, uint_t m, uint8_t *t, const uint8_t *p, uint8_t *c, size_t length)
CTR encryption.
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
#define DES_BLOCK_SIZE
Definition: des.h:43
error_t ccmEncrypt(const CipherAlgo *cipher, void *context, const uint8_t *n, size_t nLen, const uint8_t *a, size_t aLen, const uint8_t *p, uint8_t *c, size_t length, uint8_t *t, size_t tLen)
Authenticated encryption using CCM.
#define CRYP_CR_ALGOMODE_AES_GCM
Common interface for encryption algorithms.
Definition: crypto.h:1068
error_t desInit(DesContext *context, const uint8_t *key, size_t keyLen)
Initialize a DES context using the supplied key.
void des3DecryptBlock(Des3Context *context, const uint8_t *input, uint8_t *output)
Decrypt a 8-byte block using Triple DES algorithm.
DesContext k2
Definition: des3.h:61
#define AES_CIPHER_ALGO
Definition: aes.h:45
void aesDecryptBlock(AesContext *context, const uint8_t *input, uint8_t *output)
Decrypt a 16-byte block using AES algorithm.
void desProcessData(DesContext *context, uint8_t *iv, const uint8_t *input, uint8_t *output, size_t length, uint32_t mode)
Perform DES encryption or decryption.
#define CRYP_CR_ALGOMODE_TDES_CBC
#define DES3_CIPHER_ALGO
Definition: des3.h:46
#define LOAD32LE(p)
Definition: cpu_endian.h:203
uint32_t ek[60]
Definition: aes.h:60
unsigned int uint_t
Definition: compiler_port.h:50
error_t gcmEncrypt(GcmContext *context, const uint8_t *iv, size_t ivLen, const uint8_t *a, size_t aLen, const uint8_t *p, uint8_t *c, size_t length, uint8_t *t, size_t tLen)
Authenticated encryption using GCM.
error_t ecbDecrypt(const CipherAlgo *cipher, void *context, const uint8_t *c, uint8_t *p, size_t length)
ECB decryption.
#define osMemset(p, value, length)
Definition: os_port.h:135
error_t gcmInit(GcmContext *context, const CipherAlgo *cipherAlgo, void *cipherContext)
Initialize GCM context.
void * cipherContext
Cipher algorithm context.
Definition: gcm.h:66
#define CRYP_CR_ALGOMODE_AES_KEY
uint32_t ks[32]
Definition: des.h:59
#define STORE32BE(a, p)
Definition: cpu_endian.h:286
error_t cbcEncrypt(const CipherAlgo *cipher, void *context, uint8_t *iv, const uint8_t *p, uint8_t *c, size_t length)
CBC encryption.
void ctrIncBlock(uint8_t *ctr, uint32_t inc, size_t blockSize, size_t m)
Increment counter block.
Definition: ctr.c:138
@ NO_ERROR
Success.
Definition: error.h:44
uint8_t c
Definition: ndp.h:514
Debugging facilities.
#define CRYP_CR_KEYSIZE_192B