feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added support for the STM32L4 with AES/SHA hardware acceleration. Fixed a few minor compiler warnings with mis-matched enum types.

Browse Source
This commit is contained in:
David Garske
2018-06-27 19:37:21 -07:00
parent ac3eb470f9
commit 7ae9e4359d
7 changed files with 122 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
wolfcrypt/src/aes.c
View File

@ -281,6 +281,10 @@
#if defined(STM32_CRYPTO)
/* STM32F2/F4 hardware AES support for CBC, CTR modes */
#ifdef WOLFSSL_STM32L4
#define CRYP AES
#endif
/* CRYPT_AES_GCM starts the IV with 2 */
#define STM32_GCM_IV_START 2
@ -296,9 +300,11 @@
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -413,9 +419,11 @@
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -2364,9 +2372,11 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -2411,9 +2421,11 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -3120,9 +3132,11 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -3373,16 +3387,6 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
* block counter during the encryption.
*/
enum {
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
CTR_SZ = 4,
AES_IV_FIXED_SZ = 4
};
#if (defined(HAVE_AESGCM) && !defined(WC_NO_RNG)) || defined(HAVE_AESCCM)
static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
{
@ -3405,6 +3409,7 @@ static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
#endif
#if !defined(FREESCALE_LTC_AES_GCM)
static WC_INLINE void IncrementGcmCounter(byte* inOutCtr)
{
@ -8291,7 +8296,9 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
}
#else
#if defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7))
defined(WOLFSSL_STM32F7) || \
defined(WOLFSSL_STM32L4))
static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
word32 sz, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
@ -8340,10 +8347,12 @@ static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
case 16: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 24: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
case 32: /* 256-bit key */
#endif
case 32: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
@ -8356,12 +8365,40 @@ static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
hcryp.Init.Header = authInPadded;
hcryp.Init.HeaderSize = authInSz;
#ifdef WOLFSSL_STM32L4
/* Set the CRYP parameters */
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC;
hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
hcryp.Init.GCMCMACPhase = CRYP_INIT_PHASE;
HAL_CRYP_Init(&hcryp);
/* GCM init phase */
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM header phase */
hcryp.Init.GCMCMACPhase = CRYP_HEADER_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM payload phase */
hcryp.Init.GCMCMACPhase = CRYP_PAYLOAD_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, (byte*)in, sz, out, STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM final phase */
hcryp.Init.GCMCMACPhase = CRYP_FINAL_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, tag, STM32_HAL_TIMEOUT);
}
}
}
#else
HAL_CRYP_Init(&hcryp);
status = HAL_CRYPEx_AESGCM_Encrypt(&hcryp, (byte*)in, sz,
out, STM32_HAL_TIMEOUT);
out, STM32_HAL_TIMEOUT);
/* Compute the authTag */
if (status == HAL_OK)
if (status == HAL_OK) {
status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, tag, STM32_HAL_TIMEOUT);
}
#endif
if (status != HAL_OK)
ret = AES_GCM_AUTH_E;
@ -8499,7 +8536,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
}
#if defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7))
defined(WOLFSSL_STM32F7) || \
defined(WOLFSSL_STM32L4))
/* additional argument checks - STM32 HW only supports 12 byte IV */
if (ivSz != GCM_NONCE_MID_SZ) {
@ -8618,7 +8656,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
}
#elif defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || defined(WOLFSSL_STM32F7))
#elif defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || \
defined(WOLFSSL_STM32L4))
int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
@ -8697,9 +8737,11 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
case 16: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 24: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 32: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
@ -8713,14 +8755,43 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
hcryp.Init.Header = authInPadded;
hcryp.Init.HeaderSize = authInSz;
#ifdef WOLFSSL_STM32L4
/* Set the CRYP parameters */
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC;
hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT;
hcryp.Init.GCMCMACPhase = CRYP_INIT_PHASE;
HAL_CRYP_Init(&hcryp);
/* GCM init phase */
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM header phase */
hcryp.Init.GCMCMACPhase = CRYP_HEADER_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM payload phase */
hcryp.Init.GCMCMACPhase = CRYP_PAYLOAD_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, (byte*)inPadded, sz, inPadded,
STM32_HAL_TIMEOUT);
if (status == HAL_OK) {
/* GCM final phase */
hcryp.Init.GCMCMACPhase = CRYP_FINAL_PHASE;
status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, tag,
STM32_HAL_TIMEOUT);
}
}
}
#else
HAL_CRYP_Init(&hcryp);
/* Use inPadded for output buffer instead of
* out so that we don't overflow our size. */
status = HAL_CRYPEx_AESGCM_Decrypt(&hcryp, (byte*)inPadded,
sz, inPadded, STM32_HAL_TIMEOUT);
/* Compute the authTag */
if (status == HAL_OK)
if (status == HAL_OK) {
status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, tag, STM32_HAL_TIMEOUT);
}
#endif
if (status != HAL_OK)
ret = AES_GCM_AUTH_E;

6
wolfcrypt/src/asn.c
View File

@ -8618,8 +8618,9 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
*/
int wc_InitCert(Cert* cert)
{
#ifdef WOLFSSL_MULTI_ATTRIB
int i;
#endif
if (cert == NULL) {
return BAD_FUNC_ARG;
}
@ -8665,7 +8666,6 @@ int wc_InitCert(Cert* cert)
cert->heap = (void*)WOLFSSL_HEAP_TEST;
#endif
(void)i;
return 0;
}
@ -8674,7 +8674,7 @@ int wc_InitCert(Cert* cert)
typedef struct DerCert {
byte size[MAX_LENGTH_SZ]; /* length encoded */
byte version[MAX_VERSION_SZ]; /* version encoded */
byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */
byte serial[(int)CTC_SERIAL_SIZE + (int)MAX_LENGTH_SZ]; /* serial number encoded */
byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */
byte issuer[ASN_NAME_MAX]; /* issuer encoded */
byte subject[ASN_NAME_MAX]; /* subject encoded */

4
wolfcrypt/src/hash.c
View File

@ -270,7 +270,7 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
break;
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
#if !defined(NO_MD5) && !defined(NO_SHA)
dig_size = WC_MD5_DIGEST_SIZE + WC_SHA_DIGEST_SIZE;
dig_size = (int)WC_MD5_DIGEST_SIZE + (int)WC_SHA_DIGEST_SIZE;
#endif
break;
@ -354,7 +354,7 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
break;
case WC_HASH_TYPE_MD5_SHA: /* Old TLS Specific */
#if !defined(NO_MD5) && !defined(NO_SHA)
block_size = WC_MD5_BLOCK_SIZE + WC_SHA_BLOCK_SIZE;
block_size = (int)WC_MD5_BLOCK_SIZE + (int)WC_SHA_BLOCK_SIZE;
#endif
break;

4
wolfcrypt/src/port/st/stm32.c
View File

@ -41,6 +41,10 @@
#ifdef STM32_HASH
#ifdef WOLFSSL_STM32L4
#define HASH_STR_NBW HASH_STR_NBLW
#endif
/* User can override STM32_HASH_CLOCK_ENABLE and STM32_HASH_CLOCK_DISABLE */
#ifndef STM32_HASH_CLOCK_ENABLE
static WC_INLINE void wc_Stm32_Hash_Clock_Enable(STM32_HASH_Context* stmCtx)

8
wolfssl/wolfcrypt/aes.h
View File

@ -97,6 +97,14 @@ enum {
AES_BLOCK_SIZE = 16,
KEYWRAP_BLOCK_SIZE = 8,
GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
CCM_NONCE_MIN_SZ = 7,
CCM_NONCE_MAX_SZ = 13,
CTR_SZ = 4,
AES_IV_FIXED_SZ = 4
};

11
wolfssl/wolfcrypt/asn.h
View File

@ -95,17 +95,16 @@ enum ASN_Tags {
CRL_EXTENSIONS = 0xa0,
ASN_EXTENSIONS = 0xa3,
ASN_LONG_LENGTH = 0x80,
ASN_INDEF_LENGTH = 0x80
ASN_INDEF_LENGTH = 0x80,
/* ASN_Flags - Bitmask */
ASN_CONSTRUCTED = 0x20,
ASN_CONTEXT_SPECIFIC = 0x80,
};
#define ASN_UTC_TIME_SIZE 14
#define ASN_GENERALIZED_TIME_SIZE 16
enum ASN_Flags {
ASN_CONSTRUCTED = 0x20,
ASN_CONTEXT_SPECIFIC = 0x80
};
enum DN_Tags {
ASN_COMMON_NAME = 0x03, /* CN */
ASN_SUR_NAME = 0x04, /* SN */

13
wolfssl/wolfcrypt/settings.h
View File

@ -986,7 +986,8 @@ extern void uITRON4_free(void *p) ;
#endif
#if defined(WOLFSSL_STM32F2) || defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1)
defined(WOLFSSL_STM32F7) || defined(WOLFSSL_STM32F1) || \
defined(WOLFSSL_STM32L4)
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
@ -1012,6 +1013,8 @@ extern void uITRON4_free(void *p) ;
#ifdef WOLFSSL_STM32_CUBEMX
#if defined(WOLFSSL_STM32F2)
#include "stm32f2xx_hal.h"
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx_hal.h"
#elif defined(WOLFSSL_STM32F4)
#include "stm32f4xx_hal.h"
#elif defined(WOLFSSL_STM32F7)
@ -1040,6 +1043,14 @@ extern void uITRON4_free(void *p) ;
#ifdef STM32_HASH
#include "stm32f4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32L4)
#include "stm32l4xx.h"
#ifdef STM32_CRYPTO
#include "stm32l4xx_cryp.h"
#endif
#ifdef STM32_HASH
#include "stm32l4xx_hash.h"
#endif
#elif defined(WOLFSSL_STM32F7)
#include "stm32f7xx.h"
#elif defined(WOLFSSL_STM32F1)