ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

STM32 MBEDTLS: Remove specific STM32F4 & STM32F7 implementation 

All families (except STM32L4) will be aligned
pull/12747/head
jeromecoutant 2020-03-30 14:14:10 +02:00
parent 59df4efaac
commit 47aba83c2c
4 changed files with 0 additions and 2185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

530
features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/aes_alt.c
View File

@ -1,530 +0,0 @@
/*
* Hardware aes implementation for STM32F4 STM32F7 and STM32L4 families
*******************************************************************************
* Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include <string.h>
#include "mbedtls/aes.h"
#if defined(MBEDTLS_AES_ALT)
#if MBED_CONF_MBED_TRACE_ENABLE
#define TLSPRINT 1
#endif
static uint32_t swap(uint32_t in)
{
uint32_t in1, in2, in3, in4, out;
in1 = ((in & 0xff000000) >> 24);
in2 = ((in & 0x00FF0000) >> 8);
in3 = ((in & 0x0000FF00) << 8);
in4 = ((in & 0xFF) << 24);
out = in1 | in2 | in3 | in4;
return out;
}
static int aes_set_key(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits)
{
#if TLSPRINT
mbedtls_printf(" ****** aes_set_key *******\n");
mbedtls_printf("keybits = %d\n", keybits);
#endif
switch (keybits) {
case 128:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
memcpy(ctx->aes_key, key, 16);
ctx->aes_key[0] = swap(ctx->aes_key[0]);
ctx->aes_key[1] = swap(ctx->aes_key[1]);
ctx->aes_key[2] = swap(ctx->aes_key[2]);
ctx->aes_key[3] = swap(ctx->aes_key[3]);
break;
case 192:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
memcpy(ctx->aes_key, key, 24);
ctx->aes_key[0] = swap(ctx->aes_key[0]);
ctx->aes_key[1] = swap(ctx->aes_key[1]);
ctx->aes_key[2] = swap(ctx->aes_key[2]);
ctx->aes_key[3] = swap(ctx->aes_key[3]);
ctx->aes_key[4] = swap(ctx->aes_key[4]);
ctx->aes_key[5] = swap(ctx->aes_key[5]);
break;
case 256:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
memcpy(ctx->aes_key, key, 32);
ctx->aes_key[0] = swap(ctx->aes_key[0]);
ctx->aes_key[1] = swap(ctx->aes_key[1]);
ctx->aes_key[2] = swap(ctx->aes_key[2]);
ctx->aes_key[3] = swap(ctx->aes_key[3]);
ctx->aes_key[4] = swap(ctx->aes_key[4]);
ctx->aes_key[5] = swap(ctx->aes_key[5]);
ctx->aes_key[6] = swap(ctx->aes_key[6]);
ctx->aes_key[7] = swap(ctx->aes_key[7]);
break;
default :
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
}
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Instance = CRYP;
/* Deinitializes the CRYP peripheral */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
/* Enable CRYP clock */
__HAL_RCC_CRYP_CLK_ENABLE();
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return (0);
}
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize(void *v, size_t n)
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_zeroize *******\n");
#endif
volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
}
void mbedtls_aes_init(mbedtls_aes_context *ctx)
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_init *******\n");
#endif
memset(ctx, 0, sizeof(mbedtls_aes_context));
}
void mbedtls_aes_free(mbedtls_aes_context *ctx)
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_free *******\n");
#endif
if (ctx == NULL) {
return;
}
#if defined(DUAL_CORE)
uint32_t timeout = HSEM_TIMEOUT;
while (LL_HSEM_1StepLock(HSEM, CFG_HW_RCC_SEMID) && (--timeout != 0)) {
}
#endif /* DUAL_CORE */
/* Force the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_FORCE_RESET();
/* Release the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_RELEASE_RESET();
#if defined(DUAL_CORE)
LL_HSEM_ReleaseLock(HSEM, CFG_HW_RCC_SEMID, HSEM_CR_COREID_CURRENT);
#endif /* DUAL_CORE */
mbedtls_zeroize(ctx, sizeof(mbedtls_aes_context));
}
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_setkey_enc *******\n");
mbedtls_printf("enc keybits : %d\n", keybits);
mbedtls_printf("enc key :\n");
for (int i = 1; i <= keybits / 8; i++) {
mbedtls_printf("%x\t", key[i - 1]);
if ((i % 8) == 0) {
mbedtls_printf("\n");
}
}
#endif
ret_val = aes_set_key(ctx, key, keybits);
return (ret_val);
}
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_setkey_dec *******\n");
mbedtls_printf("dec keybits : %d\n", keybits);
mbedtls_printf("enc key:\n");
for (int i = 1; i <= keybits / 8; i++) {
mbedtls_printf("%x\t", key[i - 1]);
if ((i % 8) == 0) {
mbedtls_printf("\n");
}
}
#endif
ret_val = aes_set_key(ctx, key, keybits);
return (ret_val);
}
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16])
{
int ret;
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_crypt_ecb (%s)*******\n", mode == MBEDTLS_AES_DECRYPT ? "decrypt" : "encrypt");
mbedtls_printf("input:\n");
for (int i = 1; i <= 16; i++) {
mbedtls_printf("%x\t", input[i - 1]);
if ((i % 8) == 0) {
mbedtls_printf("\n");
}
}
#endif
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
/* Set the Algo if not configured till now */
if (CRYP_AES_ECB != (ctx->hcryp_aes.Instance->CR & CRYP_AES_ECB)) {
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_ECB;
/* Configure the CRYP */
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
#if TLSPRINT
mbedtls_printf(" ****** AES ECB algo configuration set : %ld *******\n", CRYP_AES_ECB);
#endif
}
if (mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
ret = mbedtls_internal_aes_decrypt(ctx, input, output);
if (ret) {
return ST_ERR_AES_BUSY;
} else {
#if TLSPRINT
mbedtls_printf("dec output :\n");
for (int j = 1; j <= 16; j++) {
mbedtls_printf("%x\t", output[j - 1]);
if ((j % 8) == 0) {
mbedtls_printf("\n");
}
}
#endif
}
} else { /* AES encryption */
ret = mbedtls_internal_aes_encrypt(ctx, input, output);
if (ret) {
return ST_ERR_AES_BUSY;
} else {
#if TLSPRINT
mbedtls_printf("enc output :\n");
for (int k = 1; k <= 16; k++) {
mbedtls_printf("%x\t", output[k - 1]);
if ((k % 8) == 0) {
mbedtls_printf("\n");
}
}
#endif
}
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return (0);
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
#if TLSPRINT
mbedtls_printf(" ****** st_cbc_restore_context *******\n");
#endif
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
/* Re-initialize AES processor with proper parameters
and (re-)apply key and IV for multi context usecases */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
return 0;
}
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
uint32_t tickstart;
uint32_t *iv_ptr = (uint32_t *)&iv[0];
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_crypt_cbc *******\n");
#endif
if (length % 16) {
return (MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
}
ctx->hcryp_aes.Init.pInitVect = (uint32_t *)&iv[0];
if (st_cbc_restore_context(ctx) != 0) {
return (ST_ERR_AES_BUSY);
}
/* Set the Algo if not configured till now */
if (CRYP_AES_CBC != (ctx->hcryp_aes.Instance->CR & CRYP_AES_CBC)) {
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_CBC;
/* Configure the CRYP */
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
}
if (mode == MBEDTLS_AES_DECRYPT) {
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, length / 4, (uint32_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick();
while ((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
}
}
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; // save here before overwritten
ctx->hcryp_aes.Instance->CR &= ~CRYP_CR_CRYPEN;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV0LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV0RR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR;
} else {
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, length / 4, (uint32_t *)output, 10) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
}
return 0;
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
int c;
size_t n = *iv_off;
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_crypt_cfb128 *******\n");
#endif
if (mode == MBEDTLS_AES_DECRYPT) {
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
c = *input++;
*output++ = (unsigned char)(c ^ iv[n]);
iv[n] = (unsigned char) c;
n = (n + 1) & 0x0F;
}
} else {
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
iv[n] = *output++ = (unsigned char)(iv[n] ^ *input++);
n = (n + 1) & 0x0F;
}
}
*iv_off = n;
return (0);
}
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
unsigned char c;
unsigned char ov[17];
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_crypt_cfb8 *******\n");
#endif
while (length--) {
memcpy(ov, iv, 16);
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
if (mode == MBEDTLS_AES_DECRYPT) {
ov[16] = *input;
}
c = *output++ = (unsigned char)(iv[0] ^ *input++);
if (mode == MBEDTLS_AES_ENCRYPT) {
ov[16] = c;
}
memcpy(iv, ov + 1, 16);
}
return (0);
}
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output)
{
int c, i;
size_t n = *nc_off;
while (length--) {
if (n == 0) {
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block) != 0) {
return ST_ERR_AES_BUSY;
}
for (i = 16; i > 0; i--)
if (++nonce_counter[i - 1] != 0) {
break;
}
}
c = *input++;
*output++ = (unsigned char)(c ^ stream_block[n]);
n = (n + 1) & 0x0F;
}
*nc_off = n;
return (0);
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_internal_aes_encrypt *******\n");
#endif
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, 10) != HAL_OK) {
// error found
return ST_ERR_AES_BUSY;
}
return 0;
}
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_internal_aes_decrypt *******\n");
#endif
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, 10) != HAL_OK) {
// error found
return ST_ERR_AES_BUSY;
}
return 0;
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_encrypt *******\n");
#endif
mbedtls_internal_aes_encrypt(ctx, input, output);
}
void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
#if TLSPRINT
mbedtls_printf(" ****** mbedtls_aes_decrypt *******\n");
#endif
mbedtls_internal_aes_decrypt(ctx, input, output);
}
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /*MBEDTLS_AES_ALT*/

307
features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/aes_alt.h
View File

@ -1,307 +0,0 @@
/*
* aes_alt.h AES block cipher
*******************************************************************************
* Copyright (c) 2017, STMicroelectronics
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#ifndef MBEDTLS_AES_ALT_H
#define MBEDTLS_AES_ALT_H
#if defined(MBEDTLS_AES_ALT)
#include "mbedtls/platform.h"
#include "mbedtls/config.h"
#include "cmsis.h"
#ifdef __cplusplus
extern "C" {
#endif
#define ST_AES_TIMEOUT ((uint32_t) 0xFF) /* 255 ms timeout for the crypto processor */
#define ST_ERR_AES_BUSY (-0x0023) /* Crypto processor is busy, timeout occured */
/**
* \brief AES context structure
*
* \note buf is able to hold 32 extra bytes, which can be used:
* - for alignment purposes if VIA padlock is used, and/or
* - to simplify key expansion in the 256-bit case by
* generating an extra round key
*/
typedef struct {
uint32_t aes_key[8]; /* Decryption key */
CRYP_HandleTypeDef hcryp_aes;
uint32_t ctx_save_cr; /* save context for multi-instance */
}
mbedtls_aes_context;
/**
* \brief Initialize AES context
*
* \param ctx AES context to be initialized
*/
void mbedtls_aes_init(mbedtls_aes_context *ctx);
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void mbedtls_aes_free(mbedtls_aes_context *ctx);
/**
* \brief AES key schedule (encryption)
*
* \param ctx AES context to be initialized
* \param key encryption key
* \param keybits must be 128, 192 or 256
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
/**
* \brief AES key schedule (decryption)
*
* \param ctx AES context to be initialized
* \param key decryption key
* \param keybits must be 128, 192 or 256
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
/**
* \brief AES-ECB block encryption/decryption
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
* \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/**
* \brief AES-CFB128 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
/**
* \brief AES-CFB8 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/**
* \brief AES-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \param ctx AES context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
* should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten
* by the function.
* \param input The input data stream
* \param output The output data stream
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/**
* \brief Internal AES block encryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_ENCRYPT_ALT)
*
* \param ctx AES context
* \param input Plaintext block
* \param output Output (ciphertext) block
*
* \return 0 if successful
*/
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Internal AES block decryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_DECRYPT_ALT)
*
* \param ctx AES context
* \param input Ciphertext block
* \param output Output (plaintext) block
*
* \return 0 if successful
*/
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Deprecated internal AES block encryption function
* without return value.
*
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Plaintext block
* \param output Output (ciphertext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Deprecated internal AES block decryption function
* without return value.
*
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Ciphertext block
* \param output Output (plaintext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_AES_ALT */
#endif /* MBEDTLS_AES_ALT_H */

846
features/mbedtls/targets/TARGET_STM/TARGET_STM32F7/aes_alt.c
View File

@ -1,846 +0,0 @@
/*
* FIPS-197 compliant AES implementation
*
* Copyright (C) 2006-2019, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (C) 2006-2019 STMicroelectronics, All Rights Reserved
*
* This file implements ST AES HW services based on API from mbed TLS
*
* The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
*
* http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
/* Includes ------------------------------------------------------------------*/
#include "mbedtls/aes.h"
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_AES_ALT)
#include "mbedtls/platform_util.h"
#include <string.h>
/* Parameter validation macros based on platform_util.h */
#define AES_VALIDATE_RET( cond ) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA )
#define AES_VALIDATE( cond ) \
MBEDTLS_INTERNAL_VALIDATE( cond )
/* Private typedef -----------------------------------------------------------*/
/* Private define ------------------------------------------------------------*/
#define TIMEOUT_VALUE 0xFF
/* Private macro -------------------------------------------------------------*/
#define SWAP_B32_TO_B8(b32,b8,i) \
{ \
(b8)[(i) + 3] = (unsigned char) ( ( (b32) ) & 0xFF ); \
(b8)[(i) + 2] = (unsigned char) ( ( (b32) >> 8 ) & 0xFF ); \
(b8)[(i) + 1] = (unsigned char) ( ( (b32) >> 16 ) & 0xFF ); \
(b8)[(i) ] = (unsigned char) ( ( (b32) >> 24 ) & 0xFF ); \
}
#define SWAP_B8_TO_B32(b32,b8,i) \
{ \
(b32) = ( (uint32_t) (b8)[(i) + 3] ) \
| ( (uint32_t) (b8)[(i) + 2] << 8 ) \
| ( (uint32_t) (b8)[(i) + 1] << 16 ) \
| ( (uint32_t) (b8)[(i) ] << 24 ); \
}
/* Private variables ---------------------------------------------------------*/
/* Private function prototypes -----------------------------------------------*/
/* Private functions ---------------------------------------------------------*/
static int aes_set_key(mbedtls_aes_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
/* Deinitializes the CRYP peripheral */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
switch (keybits) {
case 128:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;;
SWAP_B8_TO_B32(ctx->aes_key[0], key, 0);
SWAP_B8_TO_B32(ctx->aes_key[1], key, 4);
SWAP_B8_TO_B32(ctx->aes_key[2], key, 8);
SWAP_B8_TO_B32(ctx->aes_key[3], key, 12);
break;
case 192:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
SWAP_B8_TO_B32(ctx->aes_key[0], key, 0);
SWAP_B8_TO_B32(ctx->aes_key[1], key, 4);
SWAP_B8_TO_B32(ctx->aes_key[2], key, 8);
SWAP_B8_TO_B32(ctx->aes_key[3], key, 12);
SWAP_B8_TO_B32(ctx->aes_key[4], key, 16);
SWAP_B8_TO_B32(ctx->aes_key[5], key, 20);
break;
case 256:
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
SWAP_B8_TO_B32(ctx->aes_key[0], key, 0);
SWAP_B8_TO_B32(ctx->aes_key[1], key, 4);
SWAP_B8_TO_B32(ctx->aes_key[2], key, 8);
SWAP_B8_TO_B32(ctx->aes_key[3], key, 12);
SWAP_B8_TO_B32(ctx->aes_key[4], key, 16);
SWAP_B8_TO_B32(ctx->aes_key[5], key, 20);
SWAP_B8_TO_B32(ctx->aes_key[6], key, 24);
SWAP_B8_TO_B32(ctx->aes_key[7], key, 28);
break;
default :
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
}
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Instance = CRYP;
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
/* Enable CRYP clock */
__HAL_RCC_CRYP_CLK_ENABLE();
if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) {
return (HAL_ERROR);
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return (0);
}
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize(void *v, size_t n)
{
volatile unsigned char *p = (unsigned char *)v;
while (n--) {
*p++ = 0;
}
}
void mbedtls_aes_init(mbedtls_aes_context *ctx)
{
AES_VALIDATE(ctx != NULL);
memset(ctx, 0, sizeof(mbedtls_aes_context));
}
void mbedtls_aes_free(mbedtls_aes_context *ctx)
{
if (ctx == NULL) {
return;
}
/* Force the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_FORCE_RESET();
/* Release the CRYP Periheral Clock Reset */
__HAL_RCC_CRYP_RELEASE_RESET();
mbedtls_zeroize(ctx, sizeof(mbedtls_aes_context));
}
#if defined(MBEDTLS_CIPHER_MODE_XTS)
void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx)
{
AES_VALIDATE(ctx != NULL);
mbedtls_aes_init(&ctx->crypt);
mbedtls_aes_init(&ctx->tweak);
}
void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
{
if (ctx == NULL) {
return;
}
mbedtls_aes_free(&ctx->crypt);
mbedtls_aes_free(&ctx->tweak);
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/*
* AES key schedule (encryption)
*/
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(key != NULL);
ret_val = aes_set_key(ctx, key, keybits);
return (ret_val);
}
/*
* AES key schedule (decryption)
*/
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits)
{
int ret_val = 0;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(key != NULL);
ret_val = aes_set_key(ctx, key, keybits);
return (ret_val);
}
#if defined(MBEDTLS_CIPHER_MODE_XTS)
static int mbedtls_aes_xts_decode_keys(const unsigned char *key,
unsigned int keybits,
const unsigned char **key1,
unsigned int *key1bits,
const unsigned char **key2,
unsigned int *key2bits)
{
const unsigned int half_keybits = keybits / 2;
const unsigned int half_keybytes = half_keybits / 8;
switch (keybits) {
case 256:
break;
case 512:
break;
default :
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
}
*key1bits = half_keybits;
*key2bits = half_keybits;
*key1 = &key[0];
*key2 = &key[half_keybytes];
return 0;
}
int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(key != NULL);
ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits,
&key2, &key2bits);
if (ret != 0) {
return (ret);
}
/* Set the tweak key. Always set tweak key for the encryption mode. */
ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits);
if (ret != 0) {
return (ret);
}
/* Set crypt key for encryption. */
return mbedtls_aes_setkey_enc(&ctx->crypt, key1, key1bits);
}
int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits)
{
int ret;
const unsigned char *key1, *key2;
unsigned int key1bits, key2bits;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(key != NULL);
ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits,
&key2, &key2bits);
if (ret != 0) {
return (ret);
}
/* Set the tweak key. Always set tweak key for encryption. */
ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits);
if (ret != 0) {
return (ret);
}
/* Set crypt key for decryption. */
return mbedtls_aes_setkey_dec(&ctx->crypt, key1, key1bits);
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/*
* AES-ECB block encryption/decryption
*/
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16])
{
int ret;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT);
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
/* Set the Algo if not configured till now */
if (CRYP_AES_ECB != ctx->hcryp_aes.Init.Algorithm) {
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_ECB;
/* Configure the CRYP */
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
}
if (mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
ret = mbedtls_internal_aes_decrypt(ctx, input, output);
if (ret) {
return ST_ERR_AES_BUSY;
}
} else { /* AES encryption */
ret = mbedtls_internal_aes_encrypt(ctx, input, output);
if (ret) {
return ST_ERR_AES_BUSY;
}
}
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
return (0);
}
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* AES-CBC buffer encryption/decryption
*/
static int st_cbc_restore_context(mbedtls_aes_context *ctx)
{
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
/* Re-initialize AES processor with proper parameters
and (re-)apply key and IV for multi context usecases */
if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
return 0;
}
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
uint32_t tickstart;
uint32_t *iv_ptr = (uint32_t *)&iv[0];
ALIGN_32BYTES(static uint32_t iv_32B[4]);
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT);
AES_VALIDATE_RET(iv != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
if (length % 16) {
return (MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
}
if (st_cbc_restore_context(ctx) != 0) {
return (ST_ERR_AES_BUSY);
}
/* Set the Algo if not configured till now */
if (CRYP_AES_CBC != ctx->hcryp_aes.Init.Algorithm) {
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_CBC;
}
if (mode == MBEDTLS_AES_DECRYPT) {
ctx->hcryp_aes.Init.pInitVect = (uint32_t *)&iv[0];
/* reconfigure the CRYP */
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, length / 4, (uint32_t *)output, TIMEOUT_VALUE) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
/* Save the internal IV vector for multi context purpose */
tickstart = HAL_GetTick();
while ((ctx->hcryp_aes.Instance->SR & (CRYP_SR_IFEM | CRYP_SR_OFNE | CRYP_SR_BUSY)) != CRYP_SR_IFEM) {
if ((HAL_GetTick() - tickstart) > ST_AES_TIMEOUT) {
return ST_ERR_AES_BUSY; // timeout: CRYP processor is busy
}
}
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; // save here before overwritten
ctx->hcryp_aes.Instance->CR &= ~CRYP_CR_CRYPEN;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV0LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV0RR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR;
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR;
} else {
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
ctx->hcryp_aes.Init.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
SWAP_B8_TO_B32(iv_32B[0], iv, 0);
SWAP_B8_TO_B32(iv_32B[1], iv, 4);
SWAP_B8_TO_B32(iv_32B[2], iv, 8);
SWAP_B8_TO_B32(iv_32B[3], iv, 12);
ctx->hcryp_aes.Init.pInitVect = iv_32B;
/* reconfigure the CRYP */
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, length, (uint32_t *)output, TIMEOUT_VALUE) != HAL_OK) {
return ST_ERR_AES_BUSY;
}
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
}
return 0;
}
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/* Endianess with 64 bits values */
#ifndef GET_UINT64_LE
#define GET_UINT64_LE(n,b,i) \
{ \
(n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \
| ( (uint64_t) (b)[(i) + 6] << 48 ) \
| ( (uint64_t) (b)[(i) + 5] << 40 ) \
| ( (uint64_t) (b)[(i) + 4] << 32 ) \
| ( (uint64_t) (b)[(i) + 3] << 24 ) \
| ( (uint64_t) (b)[(i) + 2] << 16 ) \
| ( (uint64_t) (b)[(i) + 1] << 8 ) \
| ( (uint64_t) (b)[(i) ] ); \
}
#endif
#ifndef PUT_UINT64_LE
#define PUT_UINT64_LE(n,b,i) \
{ \
(b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \
(b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \
(b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \
(b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \
(b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) ] = (unsigned char) ( (n) ); \
}
#endif
/*
* GF(2^128) multiplication function
*
* This function multiplies a field element by x in the polynomial field
* representation. It uses 64-bit word operations to gain speed but compensates
* for machine endianess and hence works correctly on both big and little
* endian machines.
*/
static void mbedtls_gf128mul_x_ble(unsigned char r[16],
const unsigned char x[16])
{
uint64_t a, b, ra, rb;
GET_UINT64_LE(a, x, 0);
GET_UINT64_LE(b, x, 8);
ra = (a << 1) ^ 0x0087 >> (8 - ((b >> 63) << 3));
rb = (a >> 63) | (b << 1);
PUT_UINT64_LE(ra, r, 0);
PUT_UINT64_LE(rb, r, 8);
}
/*
* AES-XTS buffer encryption/decryption
*/
int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
int mode,
size_t length,
const unsigned char data_unit[16],
const unsigned char *input,
unsigned char *output)
{
int ret;
size_t blocks = length / 16;
size_t leftover = length % 16;
unsigned char tweak[16];
unsigned char prev_tweak[16];
unsigned char tmp[16];
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT);
AES_VALIDATE_RET(data_unit != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
/* Data units must be at least 16 bytes long. */
if (length < 16) {
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
}
/* NIST SP 800-38E disallows data units larger than 2**20 blocks. */
if (length > (1 << 20) * 16) {
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
}
/* Compute the tweak. */
ret = mbedtls_aes_crypt_ecb(&ctx->tweak, MBEDTLS_AES_ENCRYPT,
data_unit, tweak);
if (ret != 0) {
return (ret);
}
while (blocks--) {
size_t i;
if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) {
/* We are on the last block in a decrypt operation that has
* leftover bytes, so we need to use the next tweak for this block,
* and this tweak for the lefover bytes. Save the current tweak for
* the leftovers and then update the current tweak for use on this,
* the last full block. */
memcpy(prev_tweak, tweak, sizeof(tweak));
mbedtls_gf128mul_x_ble(tweak, tweak);
}
for (i = 0; i < 16; i++) {
tmp[i] = input[i] ^ tweak[i];
}
ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp);
if (ret != 0) {
return (ret);
}
for (i = 0; i < 16; i++) {
output[i] = tmp[i] ^ tweak[i];
}
/* Update the tweak for the next block. */
mbedtls_gf128mul_x_ble(tweak, tweak);
output += 16;
input += 16;
}
if (leftover) {
/* If we are on the leftover bytes in a decrypt operation, we need to
* use the previous tweak for these bytes (as saved in prev_tweak). */
unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak;
/* We are now on the final part of the data unit, which doesn't divide
* evenly by 16. It's time for ciphertext stealing. */
size_t i;
unsigned char *prev_output = output - 16;
/* Copy ciphertext bytes from the previous block to our output for each
* byte of cyphertext we won't steal. At the same time, copy the
* remainder of the input for this final round (since the loop bounds
* are the same). */
for (i = 0; i < leftover; i++) {
output[i] = prev_output[i];
tmp[i] = input[i] ^ t[i];
}
/* Copy ciphertext bytes from the previous block for input in this
* round. */
for (; i < 16; i++) {
tmp[i] = prev_output[i] ^ t[i];
}
ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp);
if (ret != 0) {
return ret;
}
/* Write the result back to the previous block, overriding the previous
* output we copied. */
for (i = 0; i < 16; i++) {
prev_output[i] = tmp[i] ^ t[i];
}
}
return (0);
}
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* AES-CFB128 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
int c;
size_t n;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT);
AES_VALIDATE_RET(iv_off != NULL);
AES_VALIDATE_RET(iv != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
n = *iv_off;
if (mode == MBEDTLS_AES_DECRYPT) {
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
c = *input++;
*output++ = (unsigned char)(c ^ iv[n]);
iv[n] = (unsigned char) c;
n = (n + 1) & 0x0F;
}
} else {
while (length--) {
if (n == 0)
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
iv[n] = *output++ = (unsigned char)(iv[n] ^ *input++);
n = (n + 1) & 0x0F;
}
}
*iv_off = n;
return (0);
}
/*
* AES-CFB8 buffer encryption/decryption
*/
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
unsigned char c;
unsigned char ov[17];
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT ||
mode == MBEDTLS_AES_DECRYPT);
AES_VALIDATE_RET(iv != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
while (length--) {
memcpy(ov, iv, 16);
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
return ST_ERR_AES_BUSY;
}
if (mode == MBEDTLS_AES_DECRYPT) {
ov[16] = *input;
}
c = *output++ = (unsigned char)(iv[0] ^ *input++);
if (mode == MBEDTLS_AES_ENCRYPT) {
ov[16] = c;
}
memcpy(iv, ov + 1, 16);
}
return (0);
}
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
/*
* AES-OFB (Output Feedback Mode) buffer encryption/decryption
*/
int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output)
{
int ret = 0;
size_t n;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(iv_off != NULL);
AES_VALIDATE_RET(iv != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
n = *iv_off;
if (n > 15) {
return (MBEDTLS_ERR_AES_BAD_INPUT_DATA);
}
while (length--) {
if (n == 0) {
ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv);
if (ret != 0) {
goto exit;
}
}
*output++ = *input++ ^ iv[n];
n = (n + 1) & 0x0F;
}
*iv_off = n;
exit:
return (ret);
}
#endif /* MBEDTLS_CIPHER_MODE_OFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* AES-CTR buffer encryption/decryption
*/
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output)
{
int c, i;
size_t n;
AES_VALIDATE_RET(ctx != NULL);
AES_VALIDATE_RET(nc_off != NULL);
AES_VALIDATE_RET(nonce_counter != NULL);
AES_VALIDATE_RET(stream_block != NULL);
AES_VALIDATE_RET(input != NULL);
AES_VALIDATE_RET(output != NULL);
n = *nc_off;
while (length--) {
if (n == 0) {
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block) != 0) {
return ST_ERR_AES_BUSY;
}
for (i = 16; i > 0; i--)
if (++nonce_counter[i - 1] != 0) {
break;
}
}
c = *input++;
*output++ = (unsigned char)(c ^ stream_block[n]);
n = (n + 1) & 0x0F;
}
*nc_off = n;
return (0);
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, TIMEOUT_VALUE) != HAL_OK) {
// error found
return ST_ERR_AES_BUSY;
}
return 0;
}
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, TIMEOUT_VALUE) != HAL_OK) {
// error found
return ST_ERR_AES_BUSY;
}
return 0;
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
mbedtls_internal_aes_encrypt(ctx, input, output);
}
void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16])
{
mbedtls_internal_aes_decrypt(ctx, input, output);
}
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /*MBEDTLS_AES_ALT*/
#endif /* MBEDTLS_AES_C */

502
features/mbedtls/targets/TARGET_STM/TARGET_STM32F7/aes_alt.h
View File

@ -1,502 +0,0 @@
/**
* \file aes_alt.h
*
* \brief This file contains AES definitions and functions.
*
* The Advanced Encryption Standard (AES) specifies a FIPS-approved
* cryptographic algorithm that can be used to protect electronic
* data.
*
* The AES algorithm is a symmetric block cipher that can
* encrypt and decrypt information. For more information, see
* <em>FIPS Publication 197: Advanced Encryption Standard</em> and
* <em>ISO/IEC 18033-2:2006: Information technology -- Security
* techniques -- Encryption algorithms -- Part 2: Asymmetric
* ciphers</em>.
*
* The AES-XTS block mode is standardized by NIST SP 800-38E
* <https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38e.pdf>
* and described in detail by IEEE P1619
* <https://ieeexplore.ieee.org/servlet/opac?punumber=4375278>.
*/
/* Copyright (C) 2006-2019, ARM Limited, All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (C) 2006-2019 STMicroelectronics, All Rights Reserved
*
* This file implements ST AES HW services based on API from mbed TLS
*/
#ifndef MBEDTLS_AES_ALT_H
#define MBEDTLS_AES_ALT_H
#if defined(MBEDTLS_AES_ALT)
#include "mbedtls/platform.h"
#include "cmsis.h"
#ifdef __cplusplus
extern "C" {
#endif
#define ST_AES_TIMEOUT ((uint32_t) 0xFF) /* 255 ms timeout for the crypto processor */
#define ST_ERR_AES_BUSY (-0x0023) /* Crypto processor is busy, timeout occured */
/**
* \brief AES context structure
*
* \note buf is able to hold 32 extra bytes, which can be used:
* - for alignment purposes if VIA padlock is used, and/or
* - to simplify key expansion in the 256-bit case by
* generating an extra round key
*/
typedef struct {
uint32_t aes_key[8]; /* Decryption key */
CRYP_HandleTypeDef hcryp_aes;
uint32_t ctx_save_cr; /* save context for multi-instance */
}
mbedtls_aes_context;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief The AES XTS context-type definition.
*/
typedef struct mbedtls_aes_xts_context {
mbedtls_aes_context crypt; /*!< The AES context to use for AES block
encryption or decryption. */
mbedtls_aes_context tweak; /*!< The AES context used for tweak
computation. */
} mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/**
* \brief Initialize AES context
*
* \param ctx AES context to be initialized
*/
void mbedtls_aes_init(mbedtls_aes_context *ctx);
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void mbedtls_aes_free(mbedtls_aes_context *ctx);
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief This function initializes the specified AES XTS context.
*
* It must be the first API called before using
* the context.
*
* \param ctx The AES XTS context to initialize. This must not be \c NULL.
*/
void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
/**
* \brief This function releases and clears the specified AES XTS context.
*
* \param ctx The AES XTS context to clear.
* If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized.
*/
void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/**
* \brief AES key schedule (encryption)
*
* \param ctx AES context to be initialized
* \param key encryption key
* \param keybits must be 128, 192 or 256
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
/**
* \brief AES key schedule (decryption)
*
* \param ctx AES context to be initialized
* \param key decryption key
* \param keybits must be 128, 192 or 256
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/
int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits);
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief This function prepares an XTS context for encryption and
* sets the encryption key.
*
* \param ctx The AES XTS context to which the key should be bound.
* It must be initialized.
* \param key The encryption key. This is comprised of the XTS key1
* concatenated with the XTS key2.
* This must be a readable buffer of size \p keybits bits.
* \param keybits The size of \p key passed in bits. Valid options are:
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits);
/**
* \brief This function prepares an XTS context for decryption and
* sets the decryption key.
*
* \param ctx The AES XTS context to which the key should be bound.
* It must be initialized.
* \param key The decryption key. This is comprised of the XTS key1
* concatenated with the XTS key2.
* This must be a readable buffer of size \p keybits bits.
* \param keybits The size of \p key passed in bits. Valid options are:
* <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
* <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
const unsigned char *key,
unsigned int keybits);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/**
* \brief AES-ECB block encryption/decryption
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
* \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/
int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief This function performs an AES-XTS encryption or decryption
* operation for an entire XTS data unit.
*
* AES-XTS encrypts or decrypts blocks based on their location as
* defined by a data unit number. The data unit number must be
* provided by \p data_unit.
*
* NIST SP 800-38E limits the maximum size of a data unit to 2^20
* AES blocks. If the data unit is larger than this, this function
* returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH.
*
* \param ctx The AES XTS context to use for AES XTS operations.
* It must be initialized and bound to a key.
* \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
* #MBEDTLS_AES_DECRYPT.
* \param length The length of a data unit in Bytes. This can be any
* length between 16 bytes and 2^24 bytes inclusive
* (between 1 and 2^20 block cipher blocks).
* \param data_unit The address of the data unit encoded as an array of 16
* bytes in little-endian format. For disk encryption, this
* is typically the index of the block device sector that
* contains the data.
* \param input The buffer holding the input data (which is an entire
* data unit). This function reads \p length Bytes from \p
* input.
* \param output The buffer holding the output data (which is an entire
* data unit). This function writes \p length Bytes to \p
* output.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH if \p length is
* smaller than an AES block in size (16 Bytes) or if \p
* length is larger than 2^20 blocks (16 MiB).
*/
int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
int mode,
size_t length,
const unsigned char data_unit[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/**
* \brief AES-CFB128 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
/**
* \brief AES-CFB8 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following
* block(s) of data and get the same result as if it was
* encrypted in one call. This allows a "streaming" usage.
* If on the other hand you need to retain the contents of the
* IV, you should either save it manually or use the cipher
* module instead.
*
* \param ctx AES context
* \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
/**
* \brief This function performs an AES-OFB (Output Feedback Mode)
* encryption or decryption operation.
*
* For OFB, you must set up the context with
* mbedtls_aes_setkey_enc(), regardless of whether you are
* performing an encryption or decryption operation. This is
* because OFB mode uses the same key schedule for encryption and
* decryption.
*
* The OFB operation is identical for encryption or decryption,
* therefore no operation mode needs to be specified.
*
* \note Upon exit, the content of iv, the Initialisation Vector, is
* updated so that you can call the same function again on the next
* block(s) of data and get the same result as if it was encrypted
* in one call. This allows a "streaming" usage, by initialising
* iv_off to 0 before the first call, and preserving its value
* between calls.
*
* For non-streaming use, the iv should be initialised on each call
* to a unique value, and iv_off set to 0 on each call.
*
* If you need to retain the contents of the initialisation vector,
* you must either save it manually or use the cipher module
* instead.
*
* \warning For the OFB mode, the initialisation vector must be unique
* every encryption operation. Reuse of an initialisation vector
* will compromise security.
*
* \param ctx The AES context to use for encryption or decryption.
* It must be initialized and bound to a key.
* \param length The length of the input data.
* \param iv_off The offset in IV (updated after use).
* It must point to a valid \c size_t.
* \param iv The initialization vector (updated after use).
* It must be a readable and writeable buffer of \c 16 Bytes.
* \param input The buffer holding the input data.
* It must be readable and of size \p length Bytes.
* \param output The buffer holding the output data.
* It must be writeable and of size \p length Bytes.
*
* \return \c 0 on success.
*/
int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_OFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/**
* \brief AES-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
*
* \param ctx AES context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
* should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten
* by the function.
* \param input The input data stream
* \param output The output data stream
*
* \return 0 if successful
*/
int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/**
* \brief Internal AES block encryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_ENCRYPT_ALT)
*
* \param ctx AES context
* \param input Plaintext block
* \param output Output (ciphertext) block
*
* \return 0 if successful
*/
int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Internal AES block decryption function
* (Only exposed to allow overriding it,
* see MBEDTLS_AES_DECRYPT_ALT)
*
* \param ctx AES context
* \param input Ciphertext block
* \param output Output (plaintext) block
*
* \return 0 if successful
*/
int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Deprecated internal AES block encryption function
* without return value.
*
* \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Plaintext block
* \param output Output (ciphertext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
/**
* \brief Deprecated internal AES block decryption function
* without return value.
*
* \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0
*
* \param ctx AES context
* \param input Ciphertext block
* \param output Output (plaintext) block
*/
MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16],
unsigned char output[16]);
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_AES_ALT */
#endif /* MBEDTLS_AES_ALT_H */