diff --git a/features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h b/features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h new file mode 100644 index 0000000000..2e087cd175 --- /dev/null +++ b/features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h @@ -0,0 +1,30 @@ +/* + * mbedtls_device.h + ******************************************************************************* + * Copyright (c) 2017, STMicroelectronics + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +#ifndef MBEDTLS_DEVICE_H +#define MBEDTLS_DEVICE_H + +#define MBEDTLS_AES_ALT + +//the following defines are provided to maintain compatibility between STM32 families +#define __HAL_RCC_CRYP_CLK_ENABLE __HAL_RCC_AES_CLK_ENABLE +#define __HAL_RCC_CRYP_FORCE_RESET __HAL_RCC_AES_FORCE_RESET +#define __HAL_RCC_CRYP_RELEASE_RESET __HAL_RCC_AES_RELEASE_RESET +#define CRYP AES +#endif /* MBEDTLS_DEVICE_H */ diff --git a/features/mbedtls/targets/TARGET_STM/aes_alt.c b/features/mbedtls/targets/TARGET_STM/aes_alt.c index a5a8fa4dce..4fc3125b59 100644 --- a/features/mbedtls/targets/TARGET_STM/aes_alt.c +++ b/features/mbedtls/targets/TARGET_STM/aes_alt.c @@ -28,17 +28,22 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi switch( keybits ) { case 128: - ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; - memcpy(ctx->aes_key, key, 16); - break; + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; + memcpy(ctx->aes_key, key, 16); + break; case 192: - ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; - memcpy(ctx->aes_key, key, 24); - break; +#if defined (TARGET_STM32L486xG) + return(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH); +#else + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; + memcpy(ctx->aes_key, key, 24); + break; +#endif + case 256: - ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; - memcpy(ctx->aes_key, key, 32); - break; + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; + memcpy(ctx->aes_key, key, 32); + break; default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); } @@ -52,6 +57,9 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi __HAL_RCC_CRYP_CLK_ENABLE(); ctx->hcryp_aes.Init.pKey = ctx->aes_key; +#if defined (TARGET_STM32L486xG) + ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; +#endif if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) return (HAL_ERROR); @@ -148,14 +156,46 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, if( mode == MBEDTLS_AES_DECRYPT ) { ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init - +#if defined (TARGET_STM32L486xG) + if ((ctx->hcryp_aes.Init.OperatingMode != CRYP_ALGOMODE_KEYDERIVATION_DECRYPT) || \ + (ctx->hcryp_aes.Init.ChainingMode != CRYP_CHAINMODE_AES_CBC) || \ + (ctx->hcryp_aes.Init.KeyWriteFlag != CRYP_KEY_WRITE_ENABLE)) { + /* Re-initialize AES IP with proper parameters */ + if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) + return HAL_ERROR; + ctx->hcryp_aes.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT; + ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC; + ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; + if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) + return HAL_ERROR; + } + + status = HAL_CRYPEx_AES(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); +#else status = HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); +#endif } else { ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init - +#if defined (TARGET_STM32L486xG) + if ((ctx->hcryp_aes.Init.OperatingMode != CRYP_ALGOMODE_ENCRYPT) || \ + (ctx->hcryp_aes.Init.ChainingMode != CRYP_CHAINMODE_AES_CBC) || \ + (ctx->hcryp_aes.Init.KeyWriteFlag != CRYP_KEY_WRITE_ENABLE)) { + /* Re-initialize AES IP with proper parameters */ + if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) + return HAL_ERROR; + ctx->hcryp_aes.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT; + ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC; + ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE; + if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) + return HAL_ERROR; + } + + status = HAL_CRYPEx_AES(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); +#else status = HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); +#endif } return( status ); } diff --git a/targets/targets.json b/targets/targets.json index 1b6ef220ea..0eb73c4ef8 100644 --- a/targets/targets.json +++ b/targets/targets.json @@ -1109,7 +1109,7 @@ "core": "Cortex-M4F", "extra_labels_add": ["STM32L4", "STM32L486RG", "STM32L486xG"], "detect_code": ["0827"], - "macros_add": ["USBHOST_OTHER"], + "macros_add": ["USBHOST_OTHER", "MBEDTLS_CONFIG_HW_SUPPORT"], "device_has_add": ["ANALOGOUT", "CAN", "LOWPOWERTIMER", "SERIAL_ASYNCH", "SERIAL_FC", "TRNG", "FLASH"], "release_versions": ["2", "5"], "device_name": "STM32L486RG"