diff --git a/features/mbedtls/targets/TARGET_STM/aes_alt.c b/features/mbedtls/targets/TARGET_STM/aes_alt.c index 7e23ffe0c8..080364831b 100644 --- a/features/mbedtls/targets/TARGET_STM/aes_alt.c +++ b/features/mbedtls/targets/TARGET_STM/aes_alt.c @@ -17,34 +17,63 @@ * limitations under the License. * */ + +#include +#include "mbedtls/aes.h" + #if defined(MBEDTLS_AES_ALT) -#include -#include "cmsis.h" -#include "string.h" -#include "aes.h" -CRYP_HandleTypeDef hcryp_aes; +static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits ) +{ + switch( keybits ) + { + case 128: + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; + memcpy(ctx->aes_key, key, 16); + break; + case 192: + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; + memcpy(ctx->aes_key, key, 24); + break; + case 256: + ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; + memcpy(ctx->aes_key, key, 32); + break; + default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + } + + /* Deinitializes the CRYP peripheral */ + if (HAL_CRYP_DeInit(&ctx->hcryp_aes) == HAL_ERROR) + return (HAL_ERROR); + + ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; + ctx->hcryp_aes.Instance = CRYP; + /* Enable CRYP clock */ + __HAL_RCC_CRYP_CLK_ENABLE(); + + ctx->hcryp_aes.Init.pKey = ctx->aes_key; + if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR) + return (HAL_ERROR); + + /* allow multi-instance of CRYP use: save context for CRYP HW module CR */ + ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; + return(0); + +} /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; } -/** - * \brief Initialize AES context - * - * \param ctx AES context to be initialized - */ + void mbedtls_aes_init( mbedtls_aes_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_aes_context ) ); + } -/** - * \brief Clear AES context - * - * \param ctx AES context to be cleared - */ + void mbedtls_aes_free( mbedtls_aes_context *ctx ) { if( ctx == NULL ) @@ -56,163 +85,55 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ) __HAL_RCC_CRYP_RELEASE_RESET(); mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) ); - } -/** - * \brief AES key schedule (encryption) - * - * \param ctx AES context to be initialized - * \param key encryption key - * \param keybits must be 128, 192 or 256 - * - * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH - */ -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) + int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits ) { - switch( keybits ) - { - case 128: - ctx->nr = 10; - memcpy(ctx->aes_enc_key, key, 16); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; - break; - case 192: - ctx->nr = 12; - memcpy(ctx->aes_enc_key, key, 24); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; - break; - case 256: - ctx->nr = 14; - memcpy(ctx->aes_enc_key, key, 32); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; - break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - - /* Deinitializes the CRYP peripheral */ - HAL_CRYP_DeInit(&hcryp_aes); - - hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; - - hcryp_aes.Instance = CRYP; - /* Enable CRYP clock */ - __HAL_RCC_CRYP_CLK_ENABLE(); - - hcryp_aes.Init.pKey = ctx->aes_enc_key; - HAL_CRYP_Init(&hcryp_aes); - - return(0); + int ret_val = 0; + ret_val = aes_set_key(ctx, key, keybits); + return(ret_val); } -#endif /* MBEDTLS_AES_SETKEY_END_ALT */ -/** - * \brief AES key schedule (decryption) - * - * \param ctx AES context to be initialized - * \param key decryption key - * \param keybits must be 128, 192 or 256 - * - * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH - */ -#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits ) { - switch( keybits ) - { - case 128: - ctx->nr = 10; - memcpy(ctx->aes_dec_key, key, 16); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; - break; - case 192: - ctx->nr = 12; - memcpy(ctx->aes_dec_key, key, 24); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; - break; - case 256: - ctx->nr = 14; - memcpy(ctx->aes_dec_key, key, 32); - hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; - break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - - /* Deinitializes the CRYP peripheral */ - HAL_CRYP_DeInit(&hcryp_aes); - /* Enable CRYP clock */ - hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; - - hcryp_aes.Instance = CRYP; - /* Enable CRYP clock */ - __HAL_RCC_CRYP_CLK_ENABLE(); - - hcryp_aes.Init.pKey = ctx->aes_dec_key; - - HAL_CRYP_Init(&hcryp_aes); - - return( 0 ); + int ret_val = 0; + ret_val = aes_set_key(ctx, key, keybits); + return( ret_val ); } -#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ -/** - * \brief AES-ECB block encryption/decryption - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if successful - */ + int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ) { - if ((ctx->nr != 10) && (ctx->nr != 12) && (ctx->nr != 14)) - return(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH); + /* allow multi-instance of CRYP use: restore context for CRYP hw module */ + ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr; - /*------------------ AES Decryption ------------------*/ if(mode == MBEDTLS_AES_DECRYPT) /* AES decryption */ { + ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; + ctx->hcryp_aes.Init.pKey = ctx->aes_key; mbedtls_aes_decrypt( ctx, input, output ); } - /*------------------ AES Encryption ------------------*/ else /* AES encryption */ { + ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B; + ctx->hcryp_aes.Init.pKey = ctx->aes_key; mbedtls_aes_encrypt( ctx, input, output ); } + /* allow multi-instance of CRYP use: save context for CRYP HW module CR */ + ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR; + return( 0 ); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -/** - * \brief AES-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (16 bytes) - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH - */ + int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mode, size_t length, @@ -224,56 +145,23 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, if( length % 16 ) return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - switch( ctx->nr ) - { - case 10: hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B; break; - case 12: hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B; break; - case 14: hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B; break; - default : return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - if( mode == MBEDTLS_AES_DECRYPT ) { - hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init + ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init - status = HAL_CRYP_AESCBC_Decrypt(&hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); + status = HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); } else { - hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init + ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init - status = HAL_CRYP_AESCBC_Encrypt(&hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); + status = HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10); } return( status ); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -/** - * \brief AES-CFB128 buffer encryption/decryption. - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful - */ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mode, size_t length, @@ -318,30 +206,6 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, } -/** - * \brief AES-CFB8 buffer encryption/decryption. - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful - */ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mode, size_t length, @@ -374,28 +238,6 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, #endif /*MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -/** - * \brief AES-CTR buffer encryption/decryption - * - * Warning: You have to keep the maximum use of your counter in mind! - * - * Note: Due to the nature of CTR you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. - * - * \param ctx AES context - * \param length The length of the data - * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful - */ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, size_t length, size_t *nc_off, @@ -428,40 +270,23 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -/** - * \brief Internal AES block encryption function - * (Only exposed to allow overriding it, - * see MBEDTLS_AES_ENCRYPT_ALT) - * - * \param ctx AES context - * \param input Plaintext block - * \param output Output (ciphertext) block - */ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) { - HAL_CRYP_AESECB_Encrypt(&hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10); + if (HAL_CRYP_AESECB_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) !=0) + mbedtls_printf( "HAL_CRYP_AESECB_Encrypt timeout\n" ); } -/** - * \brief Internal AES block decryption function - * (Only exposed to allow overriding it, - * see MBEDTLS_AES_DECRYPT_ALT) - * - * \param ctx AES context - * \param input Ciphertext block - * \param output Output (plaintext) block - */ void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) { - HAL_CRYP_AESECB_Decrypt(&hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10); - + if(HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10)) + mbedtls_printf( "HAL_CRYP_AESECB_Decrypt timeout\n" ); } diff --git a/features/mbedtls/targets/TARGET_STM/aes_alt.h b/features/mbedtls/targets/TARGET_STM/aes_alt.h index 708dc4defa..dbe4fdeec3 100644 --- a/features/mbedtls/targets/TARGET_STM/aes_alt.h +++ b/features/mbedtls/targets/TARGET_STM/aes_alt.h @@ -22,6 +22,8 @@ #if defined(MBEDTLS_AES_ALT) +#include "mbedtls/platform.h" +#include "mbedtls/config.h" #include "cmsis.h" @@ -38,11 +40,9 @@ extern "C" { */ typedef struct { - int nr; /*!< number of rounds */ - uint32_t *rk; /*!< AES round keys */ - uint32_t buf[68]; /*!< unaligned data */ - unsigned char aes_enc_key[32]; /* Encryption key */ - unsigned char aes_dec_key[32]; /* Decryption key */ + unsigned char aes_key[32]; /* Decryption key */ + CRYP_HandleTypeDef hcryp_aes; + uint32_t ctx_save_cr; /* save context for multi-instance */ } mbedtls_aes_context;