ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TARGET_STM mbedtls astyle

pull/7351/head
jeromecoutant 2018-06-27 15:00:04 +02:00
parent 78410e7032
commit 057142167b
11 changed files with 331 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_MTB_ADV_WISE_1510/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/*
* mbedtls_device.h
* mbedtls_device.h
*******************************************************************************
* Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_MTB_ADV_WISE_1570/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/*
* mbedtls_device.h
* mbedtls_device.h
*******************************************************************************
* Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/*
* mbedtls_device.h
* mbedtls_device.h
*******************************************************************************
* Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0

268
features/mbedtls/targets/TARGET_STM/aes_alt.c
View File

@ -31,16 +31,16 @@
#define CRYP AES
#endif
static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits )
static int aes_set_key(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits)
{
switch( keybits ) {
switch (keybits) {
case 128:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
memcpy(ctx->aes_key, key, 16);
break;
case 192:
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
return(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
#else
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
memcpy(ctx->aes_key, key, 24);
@ -51,12 +51,14 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
memcpy(ctx->aes_key, key, 32);
break;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
default :
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
}
/* Deinitializes the CRYP peripheral */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR)
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Instance = CRYP;
@ -67,64 +69,69 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR)
if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return(0);
return (0);
}
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
static void mbedtls_zeroize(void *v, size_t n)
{
volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
}
void mbedtls_aes_init( mbedtls_aes_context *ctx )
void mbedtls_aes_init(mbedtls_aes_context *ctx)
{
memset( ctx, 0, sizeof( mbedtls_aes_context ) );
memset(ctx, 0, sizeof(mbedtls_aes_context));
}
void mbedtls_aes_free( mbedtls_aes_context *ctx )
void mbedtls_aes_free(mbedtls_aes_context *ctx)
{
if( ctx == NULL )
if (ctx == NULL) {
return;
}
/* Force the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_FORCE_RESET();
/* Release the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_RELEASE_RESET();
mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) );
mbedtls_zeroize(ctx, sizeof(mbedtls_aes_context));
}
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
ret_val = aes_set_key(ctx, key, keybits);
return(ret_val);
return (ret_val);
}
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits )
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
ret_val = aes_set_key(ctx, key, keybits);
return( ret_val );
return (ret_val);
}
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16])
{
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
@ -133,27 +140,28 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
if(mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
if (mbedtls_internal_aes_decrypt( ctx, input, output )){
if (mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
if (mbedtls_internal_aes_decrypt(ctx, input, output)) {
return ST_ERR_AES_BUSY;
}
} else { /* AES encryption */
if (mbedtls_internal_aes_encrypt( ctx, input, output )) {
if (mbedtls_internal_aes_encrypt(ctx, input, output)) {
return ST_ERR_AES_BUSY;
}
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return( 0 );
return (0);
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
static int st_cbc_restore_context(mbedtls_aes_context *ctx){
static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
uint32_t tickstart;
tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0){
while ((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
}
@ -163,62 +171,71 @@ static int st_cbc_restore_context(mbedtls_aes_context *ctx){
return 0;
}
static int st_hal_cryp_cbc( mbedtls_aes_context *ctx, uint32_t opmode, size_t length,
unsigned char iv[16], uint8_t *input, uint8_t *output)
static int st_hal_cryp_cbc(mbedtls_aes_context *ctx, uint32_t opmode, size_t length,
unsigned char iv[16], uint8_t *input, uint8_t *output)
{
ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init
/* At this moment only, we know we have CBC mode: Re-initialize AES
IP with proper parameters and apply key and IV for multi context usecase */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK)
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
ctx->hcryp_aes.Init.OperatingMode = opmode;
ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK)
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
if(HAL_CRYPEx_AES(&ctx->hcryp_aes, input, length, output, 10) != 0)
if (HAL_CRYPEx_AES(&ctx->hcryp_aes, input, length, output, 10) != 0) {
return ST_ERR_AES_BUSY;
}
return 0;
}
#else /* STM32F4 and STM32F7 */
static int st_cbc_restore_context(mbedtls_aes_context *ctx){
static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
/* Re-initialize AES processor with proper parameters
and (re-)apply key and IV for multi context usecases */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK)
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK)
}
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
return 0;
}
#endif /* TARGET_STM32L486xG || TARGET_STM32L443xC */
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
uint32_t tickstart;
uint32_t *iv_ptr = (uint32_t *)&iv[0];
if( length % 16 )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
if (length % 16) {
return (MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
}
ctx->hcryp_aes.Init.pInitVect = &iv[0];
if (st_cbc_restore_context(ctx) != 0)
if (st_cbc_restore_context(ctx) != 0) {
return (ST_ERR_AES_BUSY);
}
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
if( mode == MBEDTLS_AES_DECRYPT ) {
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_KEYDERIVATION_DECRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0)
if (mode == MBEDTLS_AES_DECRYPT) {
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_KEYDERIVATION_DECRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) {
return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0){
while ((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
}
@ -230,20 +247,22 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
*iv_ptr++ = ctx->hcryp_aes.Instance->IVR1;
*iv_ptr++ = ctx->hcryp_aes.Instance->IVR0;
} else {
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_ENCRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0)
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_ENCRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) {
return ST_ERR_AES_BUSY;
memcpy( iv, output, 16 ); /* current output is the IV vector for the next call */
}
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
}
#else
if( mode == MBEDTLS_AES_DECRYPT ) {
if (HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK)
if (mode == MBEDTLS_AES_DECRYPT) {
if (HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM){
while ((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
}
@ -255,9 +274,10 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR;
} else {
if (HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK)
if (HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY;
memcpy( iv, output, 16 ); /* current output is the IV vector for the next call */
}
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
}
@ -267,115 +287,121 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
int c;
size_t n = *iv_off;
if( mode == MBEDTLS_AES_DECRYPT ) {
while( length-- ) {
if( n == 0 )
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0)
if (mode == MBEDTLS_AES_DECRYPT) {
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
*output++ = (unsigned char)(c ^ iv[n]);
iv[n] = (unsigned char) c;
n = ( n + 1 ) & 0x0F;
n = (n + 1) & 0x0F;
}
} else {
while( length-- ) {
if( n == 0 )
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0)
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
iv[n] = *output++ = (unsigned char)(iv[n] ^ *input++);
n = ( n + 1 ) & 0x0F;
n = (n + 1) & 0x0F;
}
}
*iv_off = n;
return( 0 );
return (0);
}
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output )
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
unsigned char c;
unsigned char ov[17];
while( length-- ) {
memcpy( ov, iv, 16 );
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0)
while (length--) {
memcpy(ov, iv, 16);
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
if( mode == MBEDTLS_AES_DECRYPT )
if (mode == MBEDTLS_AES_DECRYPT) {
ov[16] = *input;
}
c = *output++ = (unsigned char)( iv[0] ^ *input++ );
c = *output++ = (unsigned char)(iv[0] ^ *input++);
if( mode == MBEDTLS_AES_ENCRYPT )
if (mode == MBEDTLS_AES_ENCRYPT) {
ov[16] = c;
}
memcpy( iv, ov + 1, 16 );
memcpy(iv, ov + 1, 16);
}
return( 0 );
return (0);
}
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output )
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output)
{
int c, i;
size_t n = *nc_off;
while( length-- )
{
if( n == 0 ) {
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ) != 0)
while (length--) {
if (n == 0) {
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block) != 0) {
return ST_ERR_AES_BUSY;
}
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
for (i = 16; i > 0; i--)
if (++nonce_counter[i - 1] != 0) {
break;
}
}
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
*output++ = (unsigned char)(c ^ stream_block[n]);
n = ( n + 1 ) & 0x0F;
n = (n + 1) & 0x0F;
}
*nc_off = n;
return( 0 );
return (0);
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
if (HAL_CRYP_AESECB_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
// error found
@ -385,11 +411,11 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
}
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
if(HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
if (HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
// error found
return ST_ERR_AES_BUSY;
}
@ -397,18 +423,18 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
mbedtls_internal_aes_encrypt( ctx, input, output );
mbedtls_internal_aes_encrypt(ctx, input, output);
}
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] )
void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
mbedtls_internal_aes_decrypt( ctx, input, output );
mbedtls_internal_aes_decrypt(ctx, input, output);
}
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /*MBEDTLS_AES_ALT*/

99
features/mbedtls/targets/TARGET_STM/aes_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* - to simplify key expansion in the 256-bit case by
* generating an extra round key
*/
typedef struct
{
typedef struct {
unsigned char aes_key[32]; /* Decryption key */
CRYP_HandleTypeDef hcryp_aes;
uint32_t ctx_save_cr; /* save context for multi-instance */
@ -54,14 +53,14 @@ mbedtls_aes_context;
*
* \param ctx AES context to be initialized
*/
void mbedtls_aes_init( mbedtls_aes_context *ctx );
void mbedtls_aes_init(mbedtls_aes_context *ctx);
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void mbedtls_aes_free( mbedtls_aes_context *ctx );
void mbedtls_aes_free(mbedtls_aes_context *ctx);
/**
* \brief AES key schedule (encryption)
@ -72,8 +71,8 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
/**
* \brief AES key schedule (decryption)
@ -84,8 +83,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits );
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
/**
* \brief AES-ECB block encryption/decryption
@ -97,10 +96,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@ -125,12 +124,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -159,13 +158,13 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
/**
* \brief AES-CFB8 buffer encryption/decryption.
@ -191,12 +190,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -222,13 +221,13 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output );
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/**
@ -242,9 +241,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
*
* \return 0 if successful
*/
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Internal AES block decryption function
@ -257,9 +256,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
*
* \return 0 if successful
*/
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@ -277,9 +276,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
* \param input Plaintext block
* \param output Output (ciphertext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Deprecated internal AES block decryption function
@ -291,9 +290,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
* \param input Ciphertext block
* \param output Output (plaintext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */

43
features/mbedtls/targets/TARGET_STM/md5_alt.c
View File

@ -24,8 +24,12 @@
#include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
static void mbedtls_zeroize(void *v, size_t n)
{
volatile unsigned char *p = v;
while (n--) {
*p++ = 0;
}
}
static int st_md5_restore_hw_context(mbedtls_md5_context *ctx)
@ -42,7 +46,7 @@ static int st_md5_restore_hw_context(mbedtls_md5_context *ctx)
}
HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i];
}
return 1;
@ -62,35 +66,36 @@ static int st_md5_save_hw_context(mbedtls_md5_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i];
}
return 1;
}
void mbedtls_md5_init( mbedtls_md5_context *ctx )
void mbedtls_md5_init(mbedtls_md5_context *ctx)
{
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
mbedtls_zeroize(ctx, sizeof(mbedtls_md5_context));
/* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE();
}
void mbedtls_md5_free( mbedtls_md5_context *ctx )
void mbedtls_md5_free(mbedtls_md5_context *ctx)
{
if( ctx == NULL )
if (ctx == NULL) {
return;
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
}
mbedtls_zeroize(ctx, sizeof(mbedtls_md5_context));
}
void mbedtls_md5_clone( mbedtls_md5_context *dst,
const mbedtls_md5_context *src )
void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src)
{
*dst = *src;
}
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx)
{
/* HASH IP initialization */
if (HAL_HASH_DeInit(&ctx->hhash_md5) != 0) {
@ -112,7 +117,7 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
return 0;
}
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE] )
int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE])
{
if (st_md5_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here
@ -128,7 +133,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char
return 0;
}
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen)
{
int err;
size_t currentlen = ilen;
@ -142,7 +147,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
// store mechanism to accumulate ST_MD5_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen < (ST_MD5_BLOCK_SIZE - ctx->sbuf_len)) {
// only buffurize
memcpy(ctx->sbuf+ctx->sbuf_len, input, currentlen);
memcpy(ctx->sbuf + ctx->sbuf_len, input, currentlen);
ctx->sbuf_len += currentlen;
} else {
// fill buffer and process it
@ -154,14 +159,14 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
}
// Process every input as long as it is %64 bytes, ie 512 bits
size_t iter = currentlen / ST_MD5_BLOCK_SIZE;
if (iter !=0) {
if (iter != 0) {
if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input + ST_MD5_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_MD5_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED;
}
}
// sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_MD5_BLOCK_SIZE;
if (ctx->sbuf_len !=0) {
if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
}
}
@ -174,7 +179,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
return 0;
}
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] )
int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, unsigned char output[16])
{
if (st_md5_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here
@ -186,7 +191,7 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] )
return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED;
}
mbedtls_zeroize( ctx->sbuf, ST_MD5_BLOCK_SIZE);
mbedtls_zeroize(ctx->sbuf, ST_MD5_BLOCK_SIZE);
ctx->sbuf_len = 0;
__HAL_HASH_START_DIGEST();

35
features/mbedtls/targets/TARGET_STM/md5_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* ST_MD5_BLOCK_SIZE bytes per ST_MD5_BLOCK_SIZE bytes
* If MD5_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_MD5_Finish
*/
typedef struct
{
typedef struct {
HASH_HandleTypeDef hhash_md5;/*!< ST HAL HASH struct */
unsigned char sbuf[ST_MD5_BLOCK_SIZE]; /*!< MBEDTLS_MD5_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */
@ -57,14 +56,14 @@ mbedtls_md5_context;
*
* \param ctx MD5 context to be initialized
*/
void mbedtls_md5_init( mbedtls_md5_context *ctx );
void mbedtls_md5_init(mbedtls_md5_context *ctx);
/**
* \brief Clear MD5 context
*
* \param ctx MD5 context to be cleared
*/
void mbedtls_md5_free( mbedtls_md5_context *ctx );
void mbedtls_md5_free(mbedtls_md5_context *ctx);
/**
* \brief Clone (the state of) an MD5 context
@ -72,8 +71,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx );
* \param dst The destination context
* \param src The context to be cloned
*/
void mbedtls_md5_clone( mbedtls_md5_context *dst,
const mbedtls_md5_context *src );
void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src);
/**
* \brief MD5 context setup
@ -82,7 +81,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
*
* \returns error code
*/
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx);
/**
* \brief MD5 process buffer
@ -93,7 +92,7 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
*
* \returns error code
*/
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen);
/**
* \brief MD5 final digest
@ -103,10 +102,10 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
*
* \returns error code
*/
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] );
int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, unsigned char output[16]);
/* Internal use */
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE] );
int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@ -126,7 +125,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx);
/**
* \brief MD5 process buffer
@ -142,9 +141,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen );
MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen);
/**
* \brief MD5 final digest
@ -159,8 +158,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
unsigned char output[16] );
MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx,
unsigned char output[16]);
/**
* \brief MD5 process data block (internal use only)
@ -175,8 +174,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
const unsigned char data[64] );
MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx,
const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */

49
features/mbedtls/targets/TARGET_STM/sha1_alt.c
View File

@ -22,8 +22,12 @@
#include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
static void mbedtls_zeroize(void *v, size_t n)
{
volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
}
static int st_sha1_restore_hw_context(mbedtls_sha1_context *ctx)
@ -40,7 +44,7 @@ static int st_sha1_restore_hw_context(mbedtls_sha1_context *ctx)
}
HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i];
}
return 1;
@ -60,35 +64,36 @@ static int st_sha1_save_hw_context(mbedtls_sha1_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i];
}
return 1;
}
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
void mbedtls_sha1_init(mbedtls_sha1_context *ctx)
{
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
mbedtls_zeroize(ctx, sizeof(mbedtls_sha1_context));
/* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE();
}
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
{
if( ctx == NULL )
if (ctx == NULL) {
return;
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
}
mbedtls_zeroize(ctx, sizeof(mbedtls_sha1_context));
}
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src )
void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src)
{
*dst = *src;
}
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx)
{
/* Deinitializes the HASH peripheral */
if (HAL_HASH_DeInit(&ctx->hhash_sha1) == HAL_ERROR) {
@ -109,7 +114,7 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
return 0;
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE] )
int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE])
{
if (st_sha1_restore_hw_context(ctx) != 1) {
// return HASH_BUSY timeout Error here
@ -126,7 +131,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned cha
return 0;
}
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen)
{
int err;
size_t currentlen = ilen;
@ -136,11 +141,11 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
}
// store mechanism to accumulate ST_SHA1_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen == 0){ // only change HW status is size if 0
if(ctx->hhash_sha1.Phase == HAL_HASH_PHASE_READY) {
/* Select the SHA1 mode and reset the HASH processor core, so that the HASH will be ready to compute
the message digest of a new message */
HASH->CR |= HASH_ALGOSELECTION_SHA1 | HASH_CR_INIT;
if (currentlen == 0) { // only change HW status is size if 0
if (ctx->hhash_sha1.Phase == HAL_HASH_PHASE_READY) {
/* Select the SHA1 mode and reset the HASH processor core, so that the HASH will be ready to compute
the message digest of a new message */
HASH->CR |= HASH_ALGOSELECTION_SHA1 | HASH_CR_INIT;
}
ctx->hhash_sha1.Phase = HAL_HASH_PHASE_PROCESS;
} else if (currentlen < (ST_SHA1_BLOCK_SIZE - ctx->sbuf_len)) {
@ -162,7 +167,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
}
// sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_SHA1_BLOCK_SIZE;
if (ctx->sbuf_len !=0) {
if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
}
}
@ -173,7 +178,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
return 0;
}
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] )
int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, unsigned char output[20])
{
if (st_sha1_restore_hw_context(ctx) != 1) {
// return HASH_BUSY timeout Error here
@ -189,7 +194,7 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20]
ctx->sbuf_len = 0;
__HAL_HASH_START_DIGEST();
if (HAL_HASH_SHA1_Finish(&ctx->hhash_sha1, output, 10) != 0){
if (HAL_HASH_SHA1_Finish(&ctx->hhash_sha1, output, 10) != 0) {
return MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED;
}
if (st_sha1_save_hw_context(ctx) != 1) {

35
features/mbedtls/targets/TARGET_STM/sha1_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* multiples of ST_SHA1_BLOCK_SIZE bytes
* If SHA1_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA1_Finish
*/
typedef struct
{
typedef struct {
unsigned char sbuf[ST_SHA1_BLOCK_SIZE]; /*!< MBEDTLS_SHA1_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes remaining in sbuf to be processed */
HASH_HandleTypeDef hhash_sha1; /*!< ST HAL HASH struct */
@ -57,14 +56,14 @@ mbedtls_sha1_context;
*
* \param ctx SHA-1 context to be initialized
*/
void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
/**
* \brief Clear SHA-1 context
*
* \param ctx SHA-1 context to be cleared
*/
void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
/**
* \brief Clone (the state of) a SHA-1 context
@ -72,8 +71,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
* \param dst The destination context
* \param src The context to be cloned
*/
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src );
void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src);
/**
* \brief SHA-1 context setup
@ -82,7 +81,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
*
* \returns error code
*/
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx);
/**
* \brief SHA-1 process buffer
@ -93,7 +92,7 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
*
* \returns error code
*/
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen );
int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen);
/**
* \brief SHA-1 final digest
@ -103,10 +102,10 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
*
* \returns error code
*/
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] );
int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, unsigned char output[20]);
/* Internal use */
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE] );
int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@ -126,7 +125,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned cha
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
/**
* \brief SHA-1 process buffer
@ -142,9 +141,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen );
MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen);
/**
* \brief SHA-1 final digest
@ -159,8 +158,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
unsigned char output[20] );
MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
unsigned char output[20]);
/**
* \brief SHA-1 process data block (internal use only)
@ -175,8 +174,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
* stronger message digests instead.
*
*/
MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] );
MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx,
const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */

45
features/mbedtls/targets/TARGET_STM/sha256_alt.c
View File

@ -23,8 +23,12 @@
#include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
static void mbedtls_zeroize(void *v, size_t n)
{
volatile unsigned char *p = v;
while (n--) {
*p++ = 0;
}
}
static int st_sha256_restore_hw_context(mbedtls_sha256_context *ctx)
@ -41,7 +45,7 @@ static int st_sha256_restore_hw_context(mbedtls_sha256_context *ctx)
}
HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i];
}
return 1;
@ -61,34 +65,35 @@ static int st_sha256_save_hw_context(mbedtls_sha256_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) {
for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i];
}
return 1;
}
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
void mbedtls_sha256_init(mbedtls_sha256_context *ctx)
{
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
mbedtls_zeroize(ctx, sizeof(mbedtls_sha256_context));
/* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE();
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
void mbedtls_sha256_free(mbedtls_sha256_context *ctx)
{
if( ctx == NULL )
if (ctx == NULL) {
return;
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
}
mbedtls_zeroize(ctx, sizeof(mbedtls_sha256_context));
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src )
void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src)
{
*dst = *src;
}
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224)
{
/* HASH IP initialization */
if (HAL_HASH_DeInit(&ctx->hhash_sha256) == HAL_ERROR) {
@ -111,7 +116,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
return 0;
}
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE] )
int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE])
{
if (st_sha256_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here
@ -134,7 +139,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned
return 0;
}
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen )
int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen)
{
int err;
size_t currentlen = ilen;
@ -145,7 +150,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
// store mechanism to accumulate ST_SHA256_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen == 0) { // only change HW status is size if 0
if(ctx->hhash_sha256.Phase == HAL_HASH_PHASE_READY) {
if (ctx->hhash_sha256.Phase == HAL_HASH_PHASE_READY) {
/* Select the SHA256 or SHA224 mode and reset the HASH processor core, so that the HASH will be ready to compute
the message digest of a new message */
if (ctx->is224 == 0) {
@ -169,20 +174,20 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
}
// Process every input as long as it is %64 bytes, ie 512 bits
size_t iter = currentlen / ST_SHA256_BLOCK_SIZE;
if (iter !=0) {
if (iter != 0) {
if (ctx->is224 == 0) {
if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED;
}
} else {
if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED;
}
}
}
// sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_SHA256_BLOCK_SIZE;
if (ctx->sbuf_len !=0) {
if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
}
}
@ -193,7 +198,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
return 0;
}
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] )
int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, unsigned char output[32])
{
if (st_sha256_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here

45
features/mbedtls/targets/TARGET_STM/sha256_alt.h
View File

@ -40,10 +40,9 @@ extern "C" {
* ST_SHA256_BLOCK_SIZE bytes per ST_SHA256_BLOCK_SIZE bytes
* If sha256_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA256_Finish
*/
typedef struct
{
int is224; /*!< 0 => SHA-256, else SHA-224 */
HASH_HandleTypeDef hhash_sha256;
typedef struct {
int is224; /*!< 0 => SHA-256, else SHA-224 */
HASH_HandleTypeDef hhash_sha256;
unsigned char sbuf[ST_SHA256_BLOCK_SIZE]; /*!< ST_SHA256_BLOCK_SIZE buffer to store values so that algorithm is called once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */
uint32_t ctx_save_cr;
@ -57,14 +56,14 @@ mbedtls_sha256_context;
*
* \param ctx SHA-256 context to be initialized
*/
void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
/**
* \brief Clear SHA-256 context
*
* \param ctx SHA-256 context to be cleared
*/
void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
/**
* \brief Clone (the state of) a SHA-256 context
@ -72,8 +71,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
* \param dst The destination context
* \param src The context to be cloned
*/
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src );
void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src);
/**
* \brief SHA-256 context setup
@ -83,7 +82,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
*
* \returns error code
*/
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224);
/**
* \brief SHA-256 process buffer
@ -94,9 +93,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
*
* \returns error code
*/
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen );
int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen);
/**
* \brief SHA-256 final digest
@ -106,10 +105,10 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
*
* \returns error code
*/
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] );
int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, unsigned char output[32]);
/* Internal use */
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE] );
int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@ -127,8 +126,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned
* <ul><li>0: Use SHA-256.</li>
* <li>1: Use SHA-224.</li></ul>
*/
MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
int is224 );
MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx,
int is224);
/**
* \brief This function feeds an input buffer into an ongoing
@ -140,9 +139,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
* \param input The buffer holding the data.
* \param ilen The length of the input data.
*/
MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen );
MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen);
/**
* \brief This function finishes the SHA-256 operation, and writes
@ -153,8 +152,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
* \param ctx The SHA-256 context.
* \param output The SHA-224or SHA-256 checksum result.
*/
MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
unsigned char output[32] );
MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
unsigned char output[32]);
/**
* \brief This function processes a single data block within
@ -166,8 +165,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
* \param ctx The SHA-256 context.
* \param data The buffer holding one block of data.
*/
MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] );
MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx,
const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */