ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TARGET_STM mbedtls astyle

pull/7351/head
jeromecoutant 2018-06-27 15:00:04 +02:00
parent 78410e7032
commit 057142167b
11 changed files with 331 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_MTB_ADV_WISE_1510/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/* /*
* mbedtls_device.h * mbedtls_device.h
******************************************************************************* *******************************************************************************
* Copyright (c) 2017, STMicroelectronics * Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_MTB_ADV_WISE_1570/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/* /*
* mbedtls_device.h * mbedtls_device.h
******************************************************************************* *******************************************************************************
* Copyright (c) 2017, STMicroelectronics * Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0

2
features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h
View File

@ -1,5 +1,5 @@
/* /*
* mbedtls_device.h * mbedtls_device.h
******************************************************************************* *******************************************************************************
* Copyright (c) 2017, STMicroelectronics * Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0

268
features/mbedtls/targets/TARGET_STM/aes_alt.c
View File

@ -31,16 +31,16 @@
#define CRYP AES #define CRYP AES
#endif #endif
static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits ) static int aes_set_key(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits)
{ {
switch( keybits ) { switch (keybits) {
case 128: case 128:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
memcpy(ctx->aes_key, key, 16); memcpy(ctx->aes_key, key, 16);
break; break;
case 192: case 192:
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC) #if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
return(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH); return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
#else #else
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
memcpy(ctx->aes_key, key, 24); memcpy(ctx->aes_key, key, 24);
@ -51,12 +51,14 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
memcpy(ctx->aes_key, key, 32); memcpy(ctx->aes_key, key, 32);
break; break;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); default :
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
} }
/* Deinitializes the CRYP peripheral */ /* Deinitializes the CRYP peripheral */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR); return (HAL_ERROR);
}
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Instance = CRYP; ctx->hcryp_aes.Instance = CRYP;
@ -67,64 +69,69 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC) #if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif #endif
if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR); return (HAL_ERROR);
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */ /* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return(0); return (0);
} }
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) static void mbedtls_zeroize(void *v, size_t n)
{ {
volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
} }
void mbedtls_aes_init( mbedtls_aes_context *ctx ) void mbedtls_aes_init(mbedtls_aes_context *ctx)
{ {
memset( ctx, 0, sizeof( mbedtls_aes_context ) ); memset(ctx, 0, sizeof(mbedtls_aes_context));
} }
void mbedtls_aes_free( mbedtls_aes_context *ctx ) void mbedtls_aes_free(mbedtls_aes_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
/* Force the CRYP Periheral Clock Reset */ /* Force the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_FORCE_RESET(); __HAL_RCC_CRYP_FORCE_RESET();
/* Release the CRYP Periheral Clock Reset */ /* Release the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_RELEASE_RESET(); __HAL_RCC_CRYP_RELEASE_RESET();
mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) ); mbedtls_zeroize(ctx, sizeof(mbedtls_aes_context));
} }
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int ret_val = 0; int ret_val = 0;
ret_val = aes_set_key(ctx, key, keybits); ret_val = aes_set_key(ctx, key, keybits);
return(ret_val); return (ret_val);
} }
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int ret_val = 0; int ret_val = 0;
ret_val = aes_set_key(ctx, key, keybits); ret_val = aes_set_key(ctx, key, keybits);
return( ret_val ); return (ret_val);
} }
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
/* allow multi-instance of CRYP use: restore context for CRYP hw module */ /* allow multi-instance of CRYP use: restore context for CRYP hw module */
@ -133,27 +140,28 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Init.pKey = ctx->aes_key; ctx->hcryp_aes.Init.pKey = ctx->aes_key;
if(mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */ if (mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
if (mbedtls_internal_aes_decrypt( ctx, input, output )){ if (mbedtls_internal_aes_decrypt(ctx, input, output)) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
} }
} else { /* AES encryption */ } else { /* AES encryption */
if (mbedtls_internal_aes_encrypt( ctx, input, output )) { if (mbedtls_internal_aes_encrypt(ctx, input, output)) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
} }
} }
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */ /* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return( 0 ); return (0);
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC) #if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
static int st_cbc_restore_context(mbedtls_aes_context *ctx){ static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
uint32_t tickstart; uint32_t tickstart;
tickstart = HAL_GetTick(); tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0){ while ((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) { if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
} }
@ -163,62 +171,71 @@ static int st_cbc_restore_context(mbedtls_aes_context *ctx){
return 0; return 0;
} }
static int st_hal_cryp_cbc( mbedtls_aes_context *ctx, uint32_t opmode, size_t length, static int st_hal_cryp_cbc(mbedtls_aes_context *ctx, uint32_t opmode, size_t length,
unsigned char iv[16], uint8_t *input, uint8_t *output) unsigned char iv[16], uint8_t *input, uint8_t *output)
{ {
ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init
/* At this moment only, we know we have CBC mode: Re-initialize AES /* At this moment only, we know we have CBC mode: Re-initialize AES
IP with proper parameters and apply key and IV for multi context usecase */ IP with proper parameters and apply key and IV for multi context usecase */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
ctx->hcryp_aes.Init.OperatingMode = opmode; ctx->hcryp_aes.Init.OperatingMode = opmode;
ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC; ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
if(HAL_CRYPEx_AES(&ctx->hcryp_aes, input, length, output, 10) != 0) if (HAL_CRYPEx_AES(&ctx->hcryp_aes, input, length, output, 10) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
return 0; return 0;
} }
#else /* STM32F4 and STM32F7 */ #else /* STM32F4 and STM32F7 */
static int st_cbc_restore_context(mbedtls_aes_context *ctx){ static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
/* allow multi-instance of CRYP use: restore context for CRYP hw module */ /* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr; ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
/* Re-initialize AES processor with proper parameters /* Re-initialize AES processor with proper parameters
and (re-)apply key and IV for multi context usecases */ and (re-)apply key and IV for multi context usecases */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) }
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
return 0; return 0;
} }
#endif /* TARGET_STM32L486xG || TARGET_STM32L443xC */ #endif /* TARGET_STM32L486xG || TARGET_STM32L443xC */
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
uint32_t tickstart; uint32_t tickstart;
uint32_t *iv_ptr = (uint32_t *)&iv[0]; uint32_t *iv_ptr = (uint32_t *)&iv[0];
if( length % 16 ) if (length % 16) {
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); return (MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
}
ctx->hcryp_aes.Init.pInitVect = &iv[0]; ctx->hcryp_aes.Init.pInitVect = &iv[0];
if (st_cbc_restore_context(ctx) != 0) if (st_cbc_restore_context(ctx) != 0) {
return (ST_ERR_AES_BUSY); return (ST_ERR_AES_BUSY);
}
#if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC) #if defined (TARGET_STM32L486xG) || defined (TARGET_STM32L443xC)
if( mode == MBEDTLS_AES_DECRYPT ) { if (mode == MBEDTLS_AES_DECRYPT) {
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_KEYDERIVATION_DECRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_KEYDERIVATION_DECRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */ /* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick(); tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0){ while ((ctx->hcryp_aes.Instance->SR & AES_SR_BUSY) != 0) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) { if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
} }
@ -230,20 +247,22 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
*iv_ptr++ = ctx->hcryp_aes.Instance->IVR1; *iv_ptr++ = ctx->hcryp_aes.Instance->IVR1;
*iv_ptr++ = ctx->hcryp_aes.Instance->IVR0; *iv_ptr++ = ctx->hcryp_aes.Instance->IVR0;
} else { } else {
if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_ENCRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) if (st_hal_cryp_cbc(ctx, CRYP_ALGOMODE_ENCRYPT, length, iv, (uint8_t *)input, (uint8_t *)output) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
memcpy( iv, output, 16 ); /* current output is the IV vector for the next call */ }
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
} }
#else #else
if( mode == MBEDTLS_AES_DECRYPT ) { if (mode == MBEDTLS_AES_DECRYPT) {
if (HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) if (HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */ /* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick(); tickstart = HAL_GetTick();
while((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM){ while ((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) { if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
} }
@ -255,9 +274,10 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR; *iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR; *iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR;
} else { } else {
if (HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) if (HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
memcpy( iv, output, 16 ); /* current output is the IV vector for the next call */ }
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
} }
@ -267,115 +287,121 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c; int c;
size_t n = *iv_off; size_t n = *iv_off;
if( mode == MBEDTLS_AES_DECRYPT ) { if (mode == MBEDTLS_AES_DECRYPT) {
while( length-- ) { while (length--) {
if( n == 0 ) if (n == 0)
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0) if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char)(c ^ iv[n]);
iv[n] = (unsigned char) c; iv[n] = (unsigned char) c;
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} else { } else {
while( length-- ) { while (length--) {
if( n == 0 ) if (n == 0)
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0) if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char)(iv[n] ^ *input++);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} }
*iv_off = n; *iv_off = n;
return( 0 ); return (0);
} }
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char c; unsigned char c;
unsigned char ov[17]; unsigned char ov[17];
while( length-- ) { while (length--) {
memcpy( ov, iv, 16 ); memcpy(ov, iv, 16);
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) != 0) if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
if( mode == MBEDTLS_AES_DECRYPT ) if (mode == MBEDTLS_AES_DECRYPT) {
ov[16] = *input; ov[16] = *input;
}
c = *output++ = (unsigned char)( iv[0] ^ *input++ ); c = *output++ = (unsigned char)(iv[0] ^ *input++);
if( mode == MBEDTLS_AES_ENCRYPT ) if (mode == MBEDTLS_AES_ENCRYPT) {
ov[16] = c; ov[16] = c;
}
memcpy( iv, ov + 1, 16 ); memcpy(iv, ov + 1, 16);
} }
return( 0 ); return (0);
} }
#endif /*MBEDTLS_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c, i; int c, i;
size_t n = *nc_off; size_t n = *nc_off;
while( length-- ) while (length--) {
{ if (n == 0) {
if( n == 0 ) { if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block) != 0) {
if (mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ) != 0)
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
}
for( i = 16; i > 0; i-- ) for (i = 16; i > 0; i--)
if( ++nonce_counter[i - 1] != 0 ) if (++nonce_counter[i - 1] != 0) {
break; break;
}
} }
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] ); *output++ = (unsigned char)(c ^ stream_block[n]);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
*nc_off = n; *nc_off = n;
return( 0 ); return (0);
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
if (HAL_CRYP_AESECB_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) { if (HAL_CRYP_AESECB_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
// error found // error found
@ -385,11 +411,11 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
} }
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
if(HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) { if (HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
// error found // error found
return ST_ERR_AES_BUSY; return ST_ERR_AES_BUSY;
} }
@ -397,18 +423,18 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
} }
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
mbedtls_internal_aes_encrypt( ctx, input, output ); mbedtls_internal_aes_encrypt(ctx, input, output);
} }
void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
mbedtls_internal_aes_decrypt( ctx, input, output ); mbedtls_internal_aes_decrypt(ctx, input, output);
} }
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /*MBEDTLS_AES_ALT*/ #endif /*MBEDTLS_AES_ALT*/

99
features/mbedtls/targets/TARGET_STM/aes_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* - to simplify key expansion in the 256-bit case by * - to simplify key expansion in the 256-bit case by
* generating an extra round key * generating an extra round key
*/ */
typedef struct typedef struct {
{
unsigned char aes_key[32]; /* Decryption key */ unsigned char aes_key[32]; /* Decryption key */
CRYP_HandleTypeDef hcryp_aes; CRYP_HandleTypeDef hcryp_aes;
uint32_t ctx_save_cr; /* save context for multi-instance */ uint32_t ctx_save_cr; /* save context for multi-instance */
@ -54,14 +53,14 @@ mbedtls_aes_context;
* *
* \param ctx AES context to be initialized * \param ctx AES context to be initialized
*/ */
void mbedtls_aes_init( mbedtls_aes_context *ctx ); void mbedtls_aes_init(mbedtls_aes_context *ctx);
/** /**
* \brief Clear AES context * \brief Clear AES context
* *
* \param ctx AES context to be cleared * \param ctx AES context to be cleared
*/ */
void mbedtls_aes_free( mbedtls_aes_context *ctx ); void mbedtls_aes_free(mbedtls_aes_context *ctx);
/** /**
* \brief AES key schedule (encryption) * \brief AES key schedule (encryption)
@ -72,8 +71,8 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
* *
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief AES key schedule (decryption) * \brief AES key schedule (decryption)
@ -84,8 +83,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
* *
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief AES-ECB block encryption/decryption * \brief AES-ECB block encryption/decryption
@ -97,10 +96,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -125,12 +124,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/ */
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -159,13 +158,13 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief AES-CFB8 buffer encryption/decryption. * \brief AES-CFB8 buffer encryption/decryption.
@ -191,12 +190,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -222,13 +221,13 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/** /**
@ -242,9 +241,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Internal AES block decryption function * \brief Internal AES block decryption function
@ -257,9 +256,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
@ -277,9 +276,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
* \param input Plaintext block * \param input Plaintext block
* \param output Output (ciphertext) block * \param output Output (ciphertext) block
*/ */
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Deprecated internal AES block decryption function * \brief Deprecated internal AES block decryption function
@ -291,9 +290,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
* \param input Ciphertext block * \param input Ciphertext block
* \param output Output (plaintext) block * \param output Output (plaintext) block
*/ */
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

43
features/mbedtls/targets/TARGET_STM/md5_alt.c
View File

@ -24,8 +24,12 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) { static void mbedtls_zeroize(void *v, size_t n)
volatile unsigned char *p = v; while( n-- ) *p++ = 0; {
volatile unsigned char *p = v;
while (n--) {
*p++ = 0;
}
} }
static int st_md5_restore_hw_context(mbedtls_md5_context *ctx) static int st_md5_restore_hw_context(mbedtls_md5_context *ctx)
@ -42,7 +46,7 @@ static int st_md5_restore_hw_context(mbedtls_md5_context *ctx)
} }
HASH->STR = ctx->ctx_save_str; HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT); HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i]; HASH->CSR[i] = ctx->ctx_save_csr[i];
} }
return 1; return 1;
@ -62,35 +66,36 @@ static int st_md5_save_hw_context(mbedtls_md5_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */ /* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR; ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR; ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i]; ctx->ctx_save_csr[i] = HASH->CSR[i];
} }
return 1; return 1;
} }
void mbedtls_md5_init( mbedtls_md5_context *ctx ) void mbedtls_md5_init(mbedtls_md5_context *ctx)
{ {
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) ); mbedtls_zeroize(ctx, sizeof(mbedtls_md5_context));
/* Enable HASH clock */ /* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE(); __HAL_RCC_HASH_CLK_ENABLE();
} }
void mbedtls_md5_free( mbedtls_md5_context *ctx ) void mbedtls_md5_free(mbedtls_md5_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) ); }
mbedtls_zeroize(ctx, sizeof(mbedtls_md5_context));
} }
void mbedtls_md5_clone( mbedtls_md5_context *dst, void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src ) const mbedtls_md5_context *src)
{ {
*dst = *src; *dst = *src;
} }
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx)
{ {
/* HASH IP initialization */ /* HASH IP initialization */
if (HAL_HASH_DeInit(&ctx->hhash_md5) != 0) { if (HAL_HASH_DeInit(&ctx->hhash_md5) != 0) {
@ -112,7 +117,7 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
return 0; return 0;
} }
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE] ) int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE])
{ {
if (st_md5_restore_hw_context(ctx) != 1) { if (st_md5_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here // Return HASH_BUSY timeout error here
@ -128,7 +133,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char
return 0; return 0;
} }
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen)
{ {
int err; int err;
size_t currentlen = ilen; size_t currentlen = ilen;
@ -142,7 +147,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
// store mechanism to accumulate ST_MD5_BLOCK_SIZE bytes (512 bits) in the HW // store mechanism to accumulate ST_MD5_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen < (ST_MD5_BLOCK_SIZE - ctx->sbuf_len)) { if (currentlen < (ST_MD5_BLOCK_SIZE - ctx->sbuf_len)) {
// only buffurize // only buffurize
memcpy(ctx->sbuf+ctx->sbuf_len, input, currentlen); memcpy(ctx->sbuf + ctx->sbuf_len, input, currentlen);
ctx->sbuf_len += currentlen; ctx->sbuf_len += currentlen;
} else { } else {
// fill buffer and process it // fill buffer and process it
@ -154,14 +159,14 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
} }
// Process every input as long as it is %64 bytes, ie 512 bits // Process every input as long as it is %64 bytes, ie 512 bits
size_t iter = currentlen / ST_MD5_BLOCK_SIZE; size_t iter = currentlen / ST_MD5_BLOCK_SIZE;
if (iter !=0) { if (iter != 0) {
if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input + ST_MD5_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_MD5_BLOCK_SIZE)) != 0) { if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input + ST_MD5_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_MD5_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED; return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED;
} }
} }
// sbuf is completely accumulated, now copy up to 63 remaining bytes // sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_MD5_BLOCK_SIZE; ctx->sbuf_len = currentlen % ST_MD5_BLOCK_SIZE;
if (ctx->sbuf_len !=0) { if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len); memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
} }
} }
@ -174,7 +179,7 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
return 0; return 0;
} }
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ) int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, unsigned char output[16])
{ {
if (st_md5_restore_hw_context(ctx) != 1) { if (st_md5_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here // Return HASH_BUSY timeout error here
@ -186,7 +191,7 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] )
return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED; return MBEDTLS_ERR_MD5_HW_ACCEL_FAILED;
} }
mbedtls_zeroize( ctx->sbuf, ST_MD5_BLOCK_SIZE); mbedtls_zeroize(ctx->sbuf, ST_MD5_BLOCK_SIZE);
ctx->sbuf_len = 0; ctx->sbuf_len = 0;
__HAL_HASH_START_DIGEST(); __HAL_HASH_START_DIGEST();

35
features/mbedtls/targets/TARGET_STM/md5_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* ST_MD5_BLOCK_SIZE bytes per ST_MD5_BLOCK_SIZE bytes * ST_MD5_BLOCK_SIZE bytes per ST_MD5_BLOCK_SIZE bytes
* If MD5_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_MD5_Finish * If MD5_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_MD5_Finish
*/ */
typedef struct typedef struct {
{
HASH_HandleTypeDef hhash_md5;/*!< ST HAL HASH struct */ HASH_HandleTypeDef hhash_md5;/*!< ST HAL HASH struct */
unsigned char sbuf[ST_MD5_BLOCK_SIZE]; /*!< MBEDTLS_MD5_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */ unsigned char sbuf[ST_MD5_BLOCK_SIZE]; /*!< MBEDTLS_MD5_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */ unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */
@ -57,14 +56,14 @@ mbedtls_md5_context;
* *
* \param ctx MD5 context to be initialized * \param ctx MD5 context to be initialized
*/ */
void mbedtls_md5_init( mbedtls_md5_context *ctx ); void mbedtls_md5_init(mbedtls_md5_context *ctx);
/** /**
* \brief Clear MD5 context * \brief Clear MD5 context
* *
* \param ctx MD5 context to be cleared * \param ctx MD5 context to be cleared
*/ */
void mbedtls_md5_free( mbedtls_md5_context *ctx ); void mbedtls_md5_free(mbedtls_md5_context *ctx);
/** /**
* \brief Clone (the state of) an MD5 context * \brief Clone (the state of) an MD5 context
@ -72,8 +71,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx );
* \param dst The destination context * \param dst The destination context
* \param src The context to be cloned * \param src The context to be cloned
*/ */
void mbedtls_md5_clone( mbedtls_md5_context *dst, void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src ); const mbedtls_md5_context *src);
/** /**
* \brief MD5 context setup * \brief MD5 context setup
@ -82,7 +81,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
* *
* \returns error code * \returns error code
*/ */
int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx);
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@ -93,7 +92,7 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
* *
* \returns error code * \returns error code
*/ */
int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ); int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen);
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@ -103,10 +102,10 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input
* *
* \returns error code * \returns error code
*/ */
int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ); int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, unsigned char output[16]);
/* Internal use */ /* Internal use */
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE] ); int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[ST_MD5_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
@ -126,7 +125,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, const unsigned char
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx ); MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx);
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@ -142,9 +141,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx, MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@ -159,8 +158,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx, MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx,
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief MD5 process data block (internal use only) * \brief MD5 process data block (internal use only)
@ -175,8 +174,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx, MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

49
features/mbedtls/targets/TARGET_STM/sha1_alt.c
View File

@ -22,8 +22,12 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) { static void mbedtls_zeroize(void *v, size_t n)
volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; {
volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
} }
static int st_sha1_restore_hw_context(mbedtls_sha1_context *ctx) static int st_sha1_restore_hw_context(mbedtls_sha1_context *ctx)
@ -40,7 +44,7 @@ static int st_sha1_restore_hw_context(mbedtls_sha1_context *ctx)
} }
HASH->STR = ctx->ctx_save_str; HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT); HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i]; HASH->CSR[i] = ctx->ctx_save_csr[i];
} }
return 1; return 1;
@ -60,35 +64,36 @@ static int st_sha1_save_hw_context(mbedtls_sha1_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */ /* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR; ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR; ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i]; ctx->ctx_save_csr[i] = HASH->CSR[i];
} }
return 1; return 1;
} }
void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) void mbedtls_sha1_init(mbedtls_sha1_context *ctx)
{ {
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); mbedtls_zeroize(ctx, sizeof(mbedtls_sha1_context));
/* Enable HASH clock */ /* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE(); __HAL_RCC_HASH_CLK_ENABLE();
} }
void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); }
mbedtls_zeroize(ctx, sizeof(mbedtls_sha1_context));
} }
void mbedtls_sha1_clone( mbedtls_sha1_context *dst, void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src ) const mbedtls_sha1_context *src)
{ {
*dst = *src; *dst = *src;
} }
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx)
{ {
/* Deinitializes the HASH peripheral */ /* Deinitializes the HASH peripheral */
if (HAL_HASH_DeInit(&ctx->hhash_sha1) == HAL_ERROR) { if (HAL_HASH_DeInit(&ctx->hhash_sha1) == HAL_ERROR) {
@ -109,7 +114,7 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
return 0; return 0;
} }
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE] ) int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE])
{ {
if (st_sha1_restore_hw_context(ctx) != 1) { if (st_sha1_restore_hw_context(ctx) != 1) {
// return HASH_BUSY timeout Error here // return HASH_BUSY timeout Error here
@ -126,7 +131,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned cha
return 0; return 0;
} }
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen)
{ {
int err; int err;
size_t currentlen = ilen; size_t currentlen = ilen;
@ -136,11 +141,11 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
} }
// store mechanism to accumulate ST_SHA1_BLOCK_SIZE bytes (512 bits) in the HW // store mechanism to accumulate ST_SHA1_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen == 0){ // only change HW status is size if 0 if (currentlen == 0) { // only change HW status is size if 0
if(ctx->hhash_sha1.Phase == HAL_HASH_PHASE_READY) { if (ctx->hhash_sha1.Phase == HAL_HASH_PHASE_READY) {
/* Select the SHA1 mode and reset the HASH processor core, so that the HASH will be ready to compute /* Select the SHA1 mode and reset the HASH processor core, so that the HASH will be ready to compute
the message digest of a new message */ the message digest of a new message */
HASH->CR |= HASH_ALGOSELECTION_SHA1 | HASH_CR_INIT; HASH->CR |= HASH_ALGOSELECTION_SHA1 | HASH_CR_INIT;
} }
ctx->hhash_sha1.Phase = HAL_HASH_PHASE_PROCESS; ctx->hhash_sha1.Phase = HAL_HASH_PHASE_PROCESS;
} else if (currentlen < (ST_SHA1_BLOCK_SIZE - ctx->sbuf_len)) { } else if (currentlen < (ST_SHA1_BLOCK_SIZE - ctx->sbuf_len)) {
@ -162,7 +167,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
} }
// sbuf is completely accumulated, now copy up to 63 remaining bytes // sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_SHA1_BLOCK_SIZE; ctx->sbuf_len = currentlen % ST_SHA1_BLOCK_SIZE;
if (ctx->sbuf_len !=0) { if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len); memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
} }
} }
@ -173,7 +178,7 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
return 0; return 0;
} }
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, unsigned char output[20])
{ {
if (st_sha1_restore_hw_context(ctx) != 1) { if (st_sha1_restore_hw_context(ctx) != 1) {
// return HASH_BUSY timeout Error here // return HASH_BUSY timeout Error here
@ -189,7 +194,7 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20]
ctx->sbuf_len = 0; ctx->sbuf_len = 0;
__HAL_HASH_START_DIGEST(); __HAL_HASH_START_DIGEST();
if (HAL_HASH_SHA1_Finish(&ctx->hhash_sha1, output, 10) != 0){ if (HAL_HASH_SHA1_Finish(&ctx->hhash_sha1, output, 10) != 0) {
return MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED; return MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED;
} }
if (st_sha1_save_hw_context(ctx) != 1) { if (st_sha1_save_hw_context(ctx) != 1) {

35
features/mbedtls/targets/TARGET_STM/sha1_alt.h
View File

@ -41,8 +41,7 @@ extern "C" {
* multiples of ST_SHA1_BLOCK_SIZE bytes * multiples of ST_SHA1_BLOCK_SIZE bytes
* If SHA1_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA1_Finish * If SHA1_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA1_Finish
*/ */
typedef struct typedef struct {
{
unsigned char sbuf[ST_SHA1_BLOCK_SIZE]; /*!< MBEDTLS_SHA1_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */ unsigned char sbuf[ST_SHA1_BLOCK_SIZE]; /*!< MBEDTLS_SHA1_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes remaining in sbuf to be processed */ unsigned char sbuf_len; /*!< number of bytes remaining in sbuf to be processed */
HASH_HandleTypeDef hhash_sha1; /*!< ST HAL HASH struct */ HASH_HandleTypeDef hhash_sha1; /*!< ST HAL HASH struct */
@ -57,14 +56,14 @@ mbedtls_sha1_context;
* *
* \param ctx SHA-1 context to be initialized * \param ctx SHA-1 context to be initialized
*/ */
void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
/** /**
* \brief Clear SHA-1 context * \brief Clear SHA-1 context
* *
* \param ctx SHA-1 context to be cleared * \param ctx SHA-1 context to be cleared
*/ */
void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
/** /**
* \brief Clone (the state of) a SHA-1 context * \brief Clone (the state of) a SHA-1 context
@ -72,8 +71,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
* \param dst The destination context * \param dst The destination context
* \param src The context to be cloned * \param src The context to be cloned
*/ */
void mbedtls_sha1_clone( mbedtls_sha1_context *dst, void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src ); const mbedtls_sha1_context *src);
/** /**
* \brief SHA-1 context setup * \brief SHA-1 context setup
@ -82,7 +81,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx);
/** /**
* \brief SHA-1 process buffer * \brief SHA-1 process buffer
@ -93,7 +92,7 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ); int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen);
/** /**
* \brief SHA-1 final digest * \brief SHA-1 final digest
@ -103,10 +102,10 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *inp
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ); int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, unsigned char output[20]);
/* Internal use */ /* Internal use */
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE] ); int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[ST_SHA1_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
@ -126,7 +125,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned cha
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
/** /**
* \brief SHA-1 process buffer * \brief SHA-1 process buffer
@ -142,9 +141,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief SHA-1 final digest * \brief SHA-1 final digest
@ -159,8 +158,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
unsigned char output[20] ); unsigned char output[20]);
/** /**
* \brief SHA-1 process data block (internal use only) * \brief SHA-1 process data block (internal use only)
@ -175,8 +174,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

45
features/mbedtls/targets/TARGET_STM/sha256_alt.c
View File

@ -23,8 +23,12 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) { static void mbedtls_zeroize(void *v, size_t n)
volatile unsigned char *p = v; while( n-- ) *p++ = 0; {
volatile unsigned char *p = v;
while (n--) {
*p++ = 0;
}
} }
static int st_sha256_restore_hw_context(mbedtls_sha256_context *ctx) static int st_sha256_restore_hw_context(mbedtls_sha256_context *ctx)
@ -41,7 +45,7 @@ static int st_sha256_restore_hw_context(mbedtls_sha256_context *ctx)
} }
HASH->STR = ctx->ctx_save_str; HASH->STR = ctx->ctx_save_str;
HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT); HASH->CR = (ctx->ctx_save_cr | HASH_CR_INIT);
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
HASH->CSR[i] = ctx->ctx_save_csr[i]; HASH->CSR[i] = ctx->ctx_save_csr[i];
} }
return 1; return 1;
@ -61,34 +65,35 @@ static int st_sha256_save_hw_context(mbedtls_sha256_context *ctx)
/* allow multi-instance of HASH use: restore context for HASH HW module CR */ /* allow multi-instance of HASH use: restore context for HASH HW module CR */
ctx->ctx_save_cr = HASH->CR; ctx->ctx_save_cr = HASH->CR;
ctx->ctx_save_str = HASH->STR; ctx->ctx_save_str = HASH->STR;
for (i=0;i<38;i++) { for (i = 0; i < 38; i++) {
ctx->ctx_save_csr[i] = HASH->CSR[i]; ctx->ctx_save_csr[i] = HASH->CSR[i];
} }
return 1; return 1;
} }
void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) void mbedtls_sha256_init(mbedtls_sha256_context *ctx)
{ {
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); mbedtls_zeroize(ctx, sizeof(mbedtls_sha256_context));
/* Enable HASH clock */ /* Enable HASH clock */
__HAL_RCC_HASH_CLK_ENABLE(); __HAL_RCC_HASH_CLK_ENABLE();
} }
void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) void mbedtls_sha256_free(mbedtls_sha256_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); }
mbedtls_zeroize(ctx, sizeof(mbedtls_sha256_context));
} }
void mbedtls_sha256_clone( mbedtls_sha256_context *dst, void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src ) const mbedtls_sha256_context *src)
{ {
*dst = *src; *dst = *src;
} }
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224)
{ {
/* HASH IP initialization */ /* HASH IP initialization */
if (HAL_HASH_DeInit(&ctx->hhash_sha256) == HAL_ERROR) { if (HAL_HASH_DeInit(&ctx->hhash_sha256) == HAL_ERROR) {
@ -111,7 +116,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
return 0; return 0;
} }
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE] ) int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE])
{ {
if (st_sha256_restore_hw_context(ctx) != 1) { if (st_sha256_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here // Return HASH_BUSY timeout error here
@ -134,7 +139,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned
return 0; return 0;
} }
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen)
{ {
int err; int err;
size_t currentlen = ilen; size_t currentlen = ilen;
@ -145,7 +150,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
// store mechanism to accumulate ST_SHA256_BLOCK_SIZE bytes (512 bits) in the HW // store mechanism to accumulate ST_SHA256_BLOCK_SIZE bytes (512 bits) in the HW
if (currentlen == 0) { // only change HW status is size if 0 if (currentlen == 0) { // only change HW status is size if 0
if(ctx->hhash_sha256.Phase == HAL_HASH_PHASE_READY) { if (ctx->hhash_sha256.Phase == HAL_HASH_PHASE_READY) {
/* Select the SHA256 or SHA224 mode and reset the HASH processor core, so that the HASH will be ready to compute /* Select the SHA256 or SHA224 mode and reset the HASH processor core, so that the HASH will be ready to compute
the message digest of a new message */ the message digest of a new message */
if (ctx->is224 == 0) { if (ctx->is224 == 0) {
@ -169,20 +174,20 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
} }
// Process every input as long as it is %64 bytes, ie 512 bits // Process every input as long as it is %64 bytes, ie 512 bits
size_t iter = currentlen / ST_SHA256_BLOCK_SIZE; size_t iter = currentlen / ST_SHA256_BLOCK_SIZE;
if (iter !=0) { if (iter != 0) {
if (ctx->is224 == 0) { if (ctx->is224 == 0) {
if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) { if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED; return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED;
} }
} else { } else {
if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) { if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + ST_SHA256_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_SHA256_BLOCK_SIZE)) != 0) {
return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED; return MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED;
} }
} }
} }
// sbuf is completely accumulated, now copy up to 63 remaining bytes // sbuf is completely accumulated, now copy up to 63 remaining bytes
ctx->sbuf_len = currentlen % ST_SHA256_BLOCK_SIZE; ctx->sbuf_len = currentlen % ST_SHA256_BLOCK_SIZE;
if (ctx->sbuf_len !=0) { if (ctx->sbuf_len != 0) {
memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len); memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
} }
} }
@ -193,7 +198,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char
return 0; return 0;
} }
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, unsigned char output[32])
{ {
if (st_sha256_restore_hw_context(ctx) != 1) { if (st_sha256_restore_hw_context(ctx) != 1) {
// Return HASH_BUSY timeout error here // Return HASH_BUSY timeout error here

45
features/mbedtls/targets/TARGET_STM/sha256_alt.h
View File

@ -40,10 +40,9 @@ extern "C" {
* ST_SHA256_BLOCK_SIZE bytes per ST_SHA256_BLOCK_SIZE bytes * ST_SHA256_BLOCK_SIZE bytes per ST_SHA256_BLOCK_SIZE bytes
* If sha256_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA256_Finish * If sha256_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA256_Finish
*/ */
typedef struct typedef struct {
{ int is224; /*!< 0 => SHA-256, else SHA-224 */
int is224; /*!< 0 => SHA-256, else SHA-224 */ HASH_HandleTypeDef hhash_sha256;
HASH_HandleTypeDef hhash_sha256;
unsigned char sbuf[ST_SHA256_BLOCK_SIZE]; /*!< ST_SHA256_BLOCK_SIZE buffer to store values so that algorithm is called once the buffer is filled */ unsigned char sbuf[ST_SHA256_BLOCK_SIZE]; /*!< ST_SHA256_BLOCK_SIZE buffer to store values so that algorithm is called once the buffer is filled */
unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */ unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */
uint32_t ctx_save_cr; uint32_t ctx_save_cr;
@ -57,14 +56,14 @@ mbedtls_sha256_context;
* *
* \param ctx SHA-256 context to be initialized * \param ctx SHA-256 context to be initialized
*/ */
void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
/** /**
* \brief Clear SHA-256 context * \brief Clear SHA-256 context
* *
* \param ctx SHA-256 context to be cleared * \param ctx SHA-256 context to be cleared
*/ */
void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
/** /**
* \brief Clone (the state of) a SHA-256 context * \brief Clone (the state of) a SHA-256 context
@ -72,8 +71,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
* \param dst The destination context * \param dst The destination context
* \param src The context to be cloned * \param src The context to be cloned
*/ */
void mbedtls_sha256_clone( mbedtls_sha256_context *dst, void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src ); const mbedtls_sha256_context *src);
/** /**
* \brief SHA-256 context setup * \brief SHA-256 context setup
@ -83,7 +82,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224);
/** /**
* \brief SHA-256 process buffer * \brief SHA-256 process buffer
@ -94,9 +93,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief SHA-256 final digest * \brief SHA-256 final digest
@ -106,10 +105,10 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
* *
* \returns error code * \returns error code
*/ */
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ); int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, unsigned char output[32]);
/* Internal use */ /* Internal use */
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE] ); int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[ST_SHA256_BLOCK_SIZE]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
@ -127,8 +126,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned
* <ul><li>0: Use SHA-256.</li> * <ul><li>0: Use SHA-256.</li>
* <li>1: Use SHA-224.</li></ul> * <li>1: Use SHA-224.</li></ul>
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx,
int is224 ); int is224);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -140,9 +139,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
* \param input The buffer holding the data. * \param input The buffer holding the data.
* \param ilen The length of the input data. * \param ilen The length of the input data.
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-256 operation, and writes * \brief This function finishes the SHA-256 operation, and writes
@ -153,8 +152,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
* \param ctx The SHA-256 context. * \param ctx The SHA-256 context.
* \param output The SHA-224or SHA-256 checksum result. * \param output The SHA-224or SHA-256 checksum result.
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
unsigned char output[32] ); unsigned char output[32]);
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@ -166,8 +165,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
* \param ctx The SHA-256 context. * \param ctx The SHA-256 context.
* \param data The buffer holding one block of data. * \param data The buffer holding one block of data.
*/ */
MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */