wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 11:44:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1720 from dgarske/stsafe_wolf

Browse Source 
Added STM32L4/ST-Safe support. Fixes for AES CBC Decrypt w/CubeMX
This commit is contained in:
toddouska
2018-07-31 07:41:49 -07:00
committed by GitHub
parent 62cb69ded6 0f86494161
commit f5bd376450
12 changed files with 806 additions and 518 deletions
Download Patch File Download Diff File Expand all files Collapse all files

732
wolfcrypt/src/aes.c
View File

@@ -279,106 +279,59 @@
/* Define AES implementation includes and functions */ /* Define AES implementation includes and functions */
#if defined(STM32_CRYPTO) #if defined(STM32_CRYPTO)
/* STM32F2/F4 hardware AES support for CBC, CTR modes */ /* STM32F2/F4/F7/L4 hardware AES support for ECB, CBC, CTR and GCM modes */
#ifdef WOLFSSL_STM32L4
#define CRYP AES
#endif
/* CRYPT_AES_GCM starts the IV with 2 */
#define STM32_GCM_IV_START 2
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESGCM) || defined(HAVE_AESCCM) #if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock) static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
#else
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); CRYP_InitTypeDef cryptInit;
switch(aes->rounds) { CRYP_KeyInitTypeDef keyInit;
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif #endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (uint8_t*)aes->key;
#ifdef WOLFSSL_STM32_CUBEMX
ret = wc_Stm32_Aes_Init(aes, &hcryp);
if (ret != 0)
return ret;
#ifdef STM32_CRYPTO_AES_ONLY
hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_ECB;
hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
HAL_CRYP_Init(&hcryp); HAL_CRYP_Init(&hcryp);
if (HAL_CRYP_AESECB_Encrypt(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE, #ifdef STM32_CRYPTO_AES_ONLY
outBlock, STM32_HAL_TIMEOUT) != HAL_OK) { ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE,
outBlock, STM32_HAL_TIMEOUT);
#else
ret = HAL_CRYP_AESECB_Encrypt(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE,
outBlock, STM32_HAL_TIMEOUT);
#endif
if (ret != HAL_OK) {
ret = WC_TIMEOUT_E; ret = WC_TIMEOUT_E;
} }
HAL_CRYP_DeInit(&hcryp); HAL_CRYP_DeInit(&hcryp);
#else
word32 *enc_key;
CRYP_InitTypeDef AES_CRYP_InitStructure;
CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure;
enc_key = aes->key; #else /* STD_PERI_LIB */
ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
/* crypto structure initialization */ if (ret != 0)
CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure); return ret;
CRYP_StructInit(&AES_CRYP_InitStructure);
/* reset registers to their default values */ /* reset registers to their default values */
CRYP_DeInit(); CRYP_DeInit();
/* load key into correct registers */ /* setup key */
switch (aes->rounds) { CRYP_KeyInit(&keyInit);
case 10: /* 128-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
break;
case 12: /* 192-bit key */ /* set direction and mode */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b; cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0]; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB;
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1]; CRYP_Init(&cryptInit);
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
break;
case 14: /* 256-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
break;
default:
break;
}
CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
/* set direction, mode, and datatype */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
CRYP_Init(&AES_CRYP_InitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -413,91 +366,48 @@
int ret = 0; int ret = 0;
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
#else
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); CRYP_InitTypeDef cryptInit;
switch(aes->rounds) { CRYP_KeyInitTypeDef keyInit;
case 10: /* 128-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif #endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (uint8_t*)aes->key;
#ifdef WOLFSSL_STM32_CUBEMX
ret = wc_Stm32_Aes_Init(aes, &hcryp);
if (ret != 0)
return ret;
#ifdef STM32_CRYPTO_AES_ONLY
hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT;
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_ECB;
hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
HAL_CRYP_Init(&hcryp); HAL_CRYP_Init(&hcryp);
if (HAL_CRYP_AESECB_Decrypt(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE, #ifdef STM32_CRYPTO_AES_ONLY
outBlock, STM32_HAL_TIMEOUT) != HAL_OK) { ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE,
outBlock, STM32_HAL_TIMEOUT);
#else
ret = HAL_CRYP_AESECB_Decrypt(&hcryp, (uint8_t*)inBlock, AES_BLOCK_SIZE,
outBlock, STM32_HAL_TIMEOUT)
#endif
if (ret != HAL_OK) {
ret = WC_TIMEOUT_E; ret = WC_TIMEOUT_E;
} }
HAL_CRYP_DeInit(&hcryp); HAL_CRYP_DeInit(&hcryp);
#else
word32 *enc_key;
CRYP_InitTypeDef AES_CRYP_InitStructure;
CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure;
enc_key = aes->key; #else /* STD_PERI_LIB */
ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
/* crypto structure initialization */ if (ret != 0)
CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure); return ret;
CRYP_StructInit(&AES_CRYP_InitStructure);
/* reset registers to their default values */ /* reset registers to their default values */
CRYP_DeInit(); CRYP_DeInit();
/* load key into correct registers */ /* set direction and key */
switch (aes->rounds) { CRYP_KeyInit(&keyInit);
case 10: /* 128-bit key */ cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0]; CRYP_Init(&cryptInit);
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
break;
case 12: /* 192-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
break;
case 14: /* 256-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
break;
default:
break;
}
CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
/* set direction, key, and datatype */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
CRYP_Init(&AES_CRYP_InitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -505,11 +415,10 @@
/* wait until decrypt key has been intialized */ /* wait until decrypt key has been intialized */
while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
/* set direction, mode, and datatype */ /* set direction and mode */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; CRYP_Init(&cryptInit);
CRYP_Init(&AES_CRYP_InitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -1838,8 +1747,13 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
(void)dir; (void)dir;
if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) if (keylen != 16 &&
#ifdef WOLFSSL_AES_192
keylen != 24 &&
#endif
keylen != 32) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
}
aes->keylen = keylen; aes->keylen = keylen;
aes->rounds = keylen/4 + 6; aes->rounds = keylen/4 + 6;
@@ -2367,32 +2281,27 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
word32 blocks = (sz / AES_BLOCK_SIZE); word32 blocks = (sz / AES_BLOCK_SIZE);
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); ret = wc_Stm32_Aes_Init(aes, &hcryp);
switch (aes->rounds) { if (ret != 0)
case 10: /* 128-bit key */ return ret;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (uint8_t*)aes->key;
hcryp.Init.pInitVect = (uint8_t*)aes->reg;
#ifdef STM32_CRYPTO_AES_ONLY
hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
hcryp.Init.pInitVect = (uint8_t*)aes->reg;
HAL_CRYP_Init(&hcryp); HAL_CRYP_Init(&hcryp);
while (blocks--) { while (blocks--) {
if (HAL_CRYP_AESCBC_Encrypt(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE, #ifdef STM32_CRYPTO_AES_ONLY
out, STM32_HAL_TIMEOUT) != HAL_OK) { ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE,
out, STM32_HAL_TIMEOUT);
#else
ret = HAL_CRYP_AESCBC_Encrypt(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE,
out, STM32_HAL_TIMEOUT);
#endif
if (ret != HAL_OK) {
ret = WC_TIMEOUT_E; ret = WC_TIMEOUT_E;
break; break;
} }
@@ -2416,33 +2325,33 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
word32 blocks = (sz / AES_BLOCK_SIZE); word32 blocks = (sz / AES_BLOCK_SIZE);
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); ret = wc_Stm32_Aes_Init(aes, &hcryp);
switch (aes->rounds) { if (ret != 0)
case 10: /* 128-bit key */ return ret;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (uint8_t*)aes->key;
hcryp.Init.pInitVect = (uint8_t*)aes->reg;
/* if input and output same will overwrite input iv */
XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#ifdef STM32_CRYPTO_AES_ONLY
hcryp.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT;
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
hcryp.Init.pInitVect = (uint8_t*)aes->reg;
HAL_CRYP_Init(&hcryp); HAL_CRYP_Init(&hcryp);
while (blocks--) { while (blocks--) {
if (HAL_CRYP_AESCBC_Decrypt(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE, #ifdef STM32_CRYPTO_AES_ONLY
out, STM32_HAL_TIMEOUT) != HAL_OK) { ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE,
out, STM32_HAL_TIMEOUT);
#else
ret = HAL_CRYP_AESCBC_Decrypt(&hcryp, (uint8_t*)in, AES_BLOCK_SIZE,
out, STM32_HAL_TIMEOUT);
#endif
if (ret != HAL_OK) {
ret = WC_TIMEOUT_E; ret = WC_TIMEOUT_E;
break;
} }
/* store iv for next call */ /* store iv for next call */
@@ -2457,76 +2366,40 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return ret; return ret;
} }
#endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_DECRYPT */
#else
#else /* STD_PERI_LIB */
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{ {
word32 *enc_key, *iv; word32 *iv;
word32 blocks = (sz / AES_BLOCK_SIZE); word32 blocks = (sz / AES_BLOCK_SIZE);
CRYP_InitTypeDef AES_CRYP_InitStructure; CRYP_InitTypeDef cryptInit;
CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; CRYP_KeyInitTypeDef keyInit;
CRYP_IVInitTypeDef AES_CRYP_IVInitStructure; CRYP_IVInitTypeDef ivInit;
enc_key = aes->key; ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
iv = aes->reg; if (ret != 0)
return ret;
/* crypto structure initialization */
CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
CRYP_StructInit(&AES_CRYP_InitStructure);
CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
/* reset registers to their default values */ /* reset registers to their default values */
CRYP_DeInit(); CRYP_DeInit();
/* load key into correct registers */ /* set key */
switch (aes->rounds) { CRYP_KeyInit(&keyInit);
case 10: /* 128-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
break;
case 12: /* 192-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
break;
case 14: /* 256-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
break;
default:
break;
}
CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
/* set iv */ /* set iv */
iv = aes->reg;
CRYP_IVStructInit(&ivInit);
ByteReverseWords(iv, iv, AES_BLOCK_SIZE); ByteReverseWords(iv, iv, AES_BLOCK_SIZE);
AES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; ivInit.CRYP_IV0Left = iv[0];
AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; ivInit.CRYP_IV0Right = iv[1];
AES_CRYP_IVInitStructure.CRYP_IV1Left = iv[2]; ivInit.CRYP_IV1Left = iv[2];
AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3]; ivInit.CRYP_IV1Right = iv[3];
CRYP_IVInit(&AES_CRYP_IVInitStructure); CRYP_IVInit(&ivInit);
/* set direction, mode, and datatype */ /* set direction and mode */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; CRYP_Init(&cryptInit);
CRYP_Init(&AES_CRYP_InitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -2565,19 +2438,15 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#ifdef HAVE_AES_DECRYPT #ifdef HAVE_AES_DECRYPT
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{ {
word32 *dec_key, *iv; word32 *iv;
word32 blocks = (sz / AES_BLOCK_SIZE); word32 blocks = (sz / AES_BLOCK_SIZE);
CRYP_InitTypeDef AES_CRYP_InitStructure; CRYP_InitTypeDef cryptInit;
CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; CRYP_KeyInitTypeDef keyInit;
CRYP_IVInitTypeDef AES_CRYP_IVInitStructure; CRYP_IVInitTypeDef ivInit;
dec_key = aes->key; ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
iv = aes->reg; if (ret != 0)
return ret;
/* crypto structure initialization */
CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
CRYP_StructInit(&AES_CRYP_InitStructure);
CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
/* if input and output same will overwrite input iv */ /* if input and output same will overwrite input iv */
XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
@@ -2585,48 +2454,11 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* reset registers to their default values */ /* reset registers to their default values */
CRYP_DeInit(); CRYP_DeInit();
/* load key into correct registers */ /* set direction and key */
switch (aes->rounds) { CRYP_KeyInit(&keyInit);
case 10: /* 128-bit key */ cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[0]; CRYP_Init(&cryptInit);
AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[3];
break;
case 12: /* 192-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
AES_CRYP_KeyInitStructure.CRYP_Key1Left = dec_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[5];
break;
case 14: /* 256-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
AES_CRYP_KeyInitStructure.CRYP_Key0Left = dec_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key0Right = dec_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key1Left = dec_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[5];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[6];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[7];
break;
default:
break;
}
/* set direction, mode, and datatype for key preparation */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_32b;
CRYP_Init(&AES_CRYP_InitStructure);
CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -2634,20 +2466,20 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* wait until key has been prepared */ /* wait until key has been prepared */
while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
/* set direction, mode, and datatype for decryption */ /* set direction and mode */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; CRYP_Init(&cryptInit);
CRYP_Init(&AES_CRYP_InitStructure);
/* set iv */ /* set iv */
iv = aes->reg;
CRYP_IVStructInit(&ivInit);
ByteReverseWords(iv, iv, AES_BLOCK_SIZE); ByteReverseWords(iv, iv, AES_BLOCK_SIZE);
ivInit.CRYP_IV0Left = iv[0];
AES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; ivInit.CRYP_IV0Right = iv[1];
AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; ivInit.CRYP_IV1Left = iv[2];
AES_CRYP_IVInitStructure.CRYP_IV1Left = iv[2]; ivInit.CRYP_IV1Right = iv[3];
AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3]; CRYP_IVInit(&ivInit);
CRYP_IVInit(&AES_CRYP_IVInitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -3126,101 +2958,62 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
int ret = 0; int ret = 0;
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
#else
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); word32 *iv;
switch (aes->rounds) { CRYP_InitTypeDef cryptInit;
case 10: /* 128-bit key */ CRYP_KeyInitTypeDef keyInit;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B; CRYP_IVInitTypeDef ivInit;
break;
#ifdef CRYP_KEYSIZE_192B
case 12: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif #endif
case 14: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (byte*)aes->key;
hcryp.Init.pInitVect = (byte*)aes->reg;
#ifdef WOLFSSL_STM32_CUBEMX
ret = wc_Stm32_Aes_Init(aes, &hcryp);
if (ret != 0)
return ret;
#ifdef STM32_CRYPTO_AES_ONLY
hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_CTR;
hcryp.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
#endif
hcryp.Init.pInitVect = (byte*)aes->reg;
HAL_CRYP_Init(&hcryp); HAL_CRYP_Init(&hcryp);
if (HAL_CRYP_AESCTR_Encrypt(&hcryp, (byte*)in, AES_BLOCK_SIZE, out, #ifdef STM32_CRYPTO_AES_ONLY
STM32_HAL_TIMEOUT) != HAL_OK) { ret = HAL_CRYPEx_AES(&hcryp, (byte*)in, AES_BLOCK_SIZE,
/* failed */ out, STM32_HAL_TIMEOUT);
#else
ret = HAL_CRYP_AESCTR_Encrypt(&hcryp, (byte*)in, AES_BLOCK_SIZE,
out, STM32_HAL_TIMEOUT);
#endif
if (ret != HAL_OK) {
ret = WC_TIMEOUT_E; ret = WC_TIMEOUT_E;
} }
HAL_CRYP_DeInit(&hcryp); HAL_CRYP_DeInit(&hcryp);
#else /* STD_PERI_LIB */ #else /* STD_PERI_LIB */
word32 *enc_key, *iv; ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
CRYP_InitTypeDef AES_CRYP_InitStructure; if (ret != 0)
CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; return ret;
CRYP_IVInitTypeDef AES_CRYP_IVInitStructure;
enc_key = aes->key;
iv = aes->reg;
/* crypto structure initialization */
CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
CRYP_StructInit(&AES_CRYP_InitStructure);
CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
/* reset registers to their default values */ /* reset registers to their default values */
CRYP_DeInit(); CRYP_DeInit();
/* load key into correct registers */ /* set key */
switch (aes->rounds) { CRYP_KeyInit(&keyInit);
case 10: /* 128-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
break;
case 12: /* 192-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
break;
case 14: /* 256-bit key */
AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0];
AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2];
AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4];
AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6];
AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
break;
default:
break;
}
CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
/* set iv */ /* set iv */
AES_CRYP_IVInitStructure.CRYP_IV0Left = ByteReverseWord32(iv[0]); iv = aes->reg;
AES_CRYP_IVInitStructure.CRYP_IV0Right = ByteReverseWord32(iv[1]); CRYP_IVStructInit(&ivInit);
AES_CRYP_IVInitStructure.CRYP_IV1Left = ByteReverseWord32(iv[2]); ivInit.CRYP_IV0Left = ByteReverseWord32(iv[0]);
AES_CRYP_IVInitStructure.CRYP_IV1Right = ByteReverseWord32(iv[3]); ivInit.CRYP_IV0Right = ByteReverseWord32(iv[1]);
CRYP_IVInit(&AES_CRYP_IVInitStructure); ivInit.CRYP_IV1Left = ByteReverseWord32(iv[2]);
ivInit.CRYP_IV1Right = ByteReverseWord32(iv[3]);
CRYP_IVInit(&ivInit);
/* set direction, mode, and datatype */ /* set direction and mode */
AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; cryptInit.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CTR; cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CTR;
AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; CRYP_Init(&cryptInit);
CRYP_Init(&AES_CRYP_InitStructure);
/* enable crypto processor */ /* enable crypto processor */
CRYP_Cmd(ENABLE); CRYP_Cmd(ENABLE);
@@ -8315,7 +8108,7 @@ static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
#else #else
byte keyCopy[AES_BLOCK_SIZE * 2]; byte keyCopy[AES_BLOCK_SIZE * 2];
#endif /* WOLFSSL_STM32_CUBEMX */ #endif
int status = 0; int status = 0;
byte* authInPadded = NULL; byte* authInPadded = NULL;
byte tag[AES_BLOCK_SIZE]; byte tag[AES_BLOCK_SIZE];
@@ -8346,30 +8139,15 @@ static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); ret = wc_Stm32_Aes_Init(aes, &hcryp);
switch (keySize) { if (ret != 0)
case 16: /* 128-bit key */ return ret;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 24: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 32: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (byte*)aes->key;
hcryp.Init.pInitVect = initialCounter; hcryp.Init.pInitVect = initialCounter;
hcryp.Init.Header = authInPadded; hcryp.Init.Header = authInPadded;
hcryp.Init.HeaderSize = authInSz; hcryp.Init.HeaderSize = authInSz;
#ifdef WOLFSSL_STM32L4 #ifdef STM32_CRYPTO_AES_ONLY
/* Set the CRYP parameters */ /* Set the CRYP parameters */
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC; hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC;
hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT; hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
@@ -8407,7 +8185,8 @@ static WC_INLINE int wc_AesGcmEncrypt_STM32(Aes* aes, byte* out, const byte* in,
if (status != HAL_OK) if (status != HAL_OK)
ret = AES_GCM_AUTH_E; ret = AES_GCM_AUTH_E;
HAL_CRYP_DeInit(&hcryp); HAL_CRYP_DeInit(&hcryp);
#else
#else /* STD_PERI_LIB */
ByteReverseWords((word32*)keyCopy, (word32*)aes->key, keySize); ByteReverseWords((word32*)keyCopy, (word32*)aes->key, keySize);
status = CRYP_AES_GCM(MODE_ENCRYPT, (uint8_t*)initialCounter, status = CRYP_AES_GCM(MODE_ENCRYPT, (uint8_t*)initialCounter,
(uint8_t*)keyCopy, keySize * 8, (uint8_t*)keyCopy, keySize * 8,
@@ -8645,8 +8424,11 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
status_t status; status_t status;
/* argument checks */ /* argument checks */
if (aes == NULL || out == NULL || in == NULL || iv == NULL || /* If the sz is non-zero, both in and out must be set. If sz is 0,
authTag == NULL || authTagSz > AES_BLOCK_SIZE) { * in and out are don't cares, as this is is the GMAC case. */
if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
authTag == NULL || authTagSz > AES_BLOCK_SIZE || authTagSz == 0) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
@@ -8660,21 +8442,24 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E; return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
} }
#elif defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
#else
#if defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || \ defined(WOLFSSL_STM32F7) || \
defined(WOLFSSL_STM32L4)) defined(WOLFSSL_STM32L4))
int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, static WC_INLINE int wc_AesGcmDecrypt_STM32(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz, const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz, const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz) const byte* authIn, word32 authInSz)
{ {
int ret; int ret;
word32 keySize;
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
CRYP_HandleTypeDef hcryp; CRYP_HandleTypeDef hcryp;
#else #else
byte keyCopy[AES_BLOCK_SIZE * 2]; byte keyCopy[AES_BLOCK_SIZE * 2];
#endif /* WOLFSSL_STM32_CUBEMX */ #endif
int status; int status;
int inPadSz, authPadSz; int inPadSz, authPadSz;
byte tag[AES_BLOCK_SIZE]; byte tag[AES_BLOCK_SIZE];
@@ -8682,22 +8467,6 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte *authInPadded = NULL; byte *authInPadded = NULL;
byte initialCounter[AES_BLOCK_SIZE]; byte initialCounter[AES_BLOCK_SIZE];
/* argument checks */
if (aes == NULL || out == NULL || in == NULL || iv == NULL ||
authTag == NULL || authTagSz > AES_BLOCK_SIZE) {
return BAD_FUNC_ARG;
}
ret = wc_AesGetKeySize(aes, &keySize);
if (ret != 0) {
return ret;
}
/* additional argument checks - STM32 HW only supports 12 byte IV */
if (ivSz != GCM_NONCE_MID_SZ) {
return BAD_FUNC_ARG;
}
XMEMSET(initialCounter, 0, AES_BLOCK_SIZE); XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
XMEMCPY(initialCounter, iv, ivSz); XMEMCPY(initialCounter, iv, ivSz);
initialCounter[AES_BLOCK_SIZE - 1] = STM32_GCM_IV_START; initialCounter[AES_BLOCK_SIZE - 1] = STM32_GCM_IV_START;
@@ -8736,30 +8505,15 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
} }
#ifdef WOLFSSL_STM32_CUBEMX #ifdef WOLFSSL_STM32_CUBEMX
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); ret = wc_Stm32_Aes_Init(aes, &hcryp);
switch(keySize) { if (ret != 0)
case 16: /* 128-bit key */ return ret;
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 24: /* 192-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 32: /* 256-bit key */
hcryp.Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp.Instance = CRYP;
hcryp.Init.DataType = CRYP_DATATYPE_8B;
hcryp.Init.pKey = (byte*)aes->key;
hcryp.Init.pInitVect = initialCounter; hcryp.Init.pInitVect = initialCounter;
hcryp.Init.Header = authInPadded; hcryp.Init.Header = authInPadded;
hcryp.Init.HeaderSize = authInSz; hcryp.Init.HeaderSize = authInSz;
#ifdef WOLFSSL_STM32L4 #ifdef STM32_CRYPTO_AES_ONLY
/* Set the CRYP parameters */ /* Set the CRYP parameters */
hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC; hcryp.Init.ChainingMode = CRYP_CHAINMODE_AES_GCM_GMAC;
hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT; hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT;
@@ -8801,8 +8555,9 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = AES_GCM_AUTH_E; ret = AES_GCM_AUTH_E;
HAL_CRYP_DeInit(&hcryp); HAL_CRYP_DeInit(&hcryp);
#else
ByteReverseWords((word32*)keyCopy, (word32*)aes->key, keySize); #else /* STD_PERI_LIB */
ByteReverseWords((word32*)keyCopy, (word32*)aes->key, aes->keylen);
/* Input size and auth size need to be the actual sizes, even though /* Input size and auth size need to be the actual sizes, even though
* they are not block aligned, because this length (in bits) is used * they are not block aligned, because this length (in bits) is used
@@ -8817,10 +8572,12 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
ret = AES_GCM_AUTH_E; ret = AES_GCM_AUTH_E;
#endif /* WOLFSSL_STM32_CUBEMX */ #endif /* WOLFSSL_STM32_CUBEMX */
if (ret == 0 && ConstantCompare(authTag, tag, authTagSz) == 0) { if (ConstantCompare(authTag, tag, authTagSz) != 0) {
/* Only keep the decrypted data if authTag success. */ ret = AES_GCM_AUTH_E;
}
if (ret == 0) {
/* Only return the decrypted data if authTag success. */
XMEMCPY(out, inPadded, sz); XMEMCPY(out, inPadded, sz);
ret = 0; /* success */
} }
/* only allocate padding buffers if the inputs are not a multiple of block sz */ /* only allocate padding buffers if the inputs are not a multiple of block sz */
@@ -8831,7 +8588,8 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return ret; return ret;
} }
#else #endif /* STM32 */
#ifdef WOLFSSL_AESNI #ifdef WOLFSSL_AESNI
int AES_GCM_decrypt_C(Aes* aes, byte* out, const byte* in, word32 sz, int AES_GCM_decrypt_C(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz, const byte* iv, word32 ivSz,
@@ -8949,6 +8707,30 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#if defined(STM32_CRYPTO) && (defined(WOLFSSL_STM32F4) || \
defined(WOLFSSL_STM32F7) || \
defined(WOLFSSL_STM32L4))
/* additional argument checks - STM32 HW only supports 12 byte IV */
if (ivSz != GCM_NONCE_MID_SZ) {
return BAD_FUNC_ARG;
}
/* STM32 HW AES-GCM requires / assumes inputs are a multiple of block size.
* We can avoid this by zero padding (authIn) AAD, but zero-padded plaintext
* will be encrypted and output incorrectly, causing a bad authTag.
* We will use HW accelerated AES-GCM if plain%AES_BLOCK_SZ==0.
* Otherwise, we will use accelerated AES_CTR for encrypt, and then
* perform GHASH in software.
* See NIST SP 800-38D */
/* Plain text is a multiple of block size, so use HW-Accelerated AES_GCM */
if (sz % AES_BLOCK_SIZE == 0) {
return wc_AesGcmDecrypt_STM32(aes, out, in, sz, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
/* if async and byte count above threshold */ /* if async and byte count above threshold */
/* only 12-byte IV is supported in HW */ /* only 12-byte IV is supported in HW */
@@ -9024,7 +8806,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
} }
#endif #endif
#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */ #endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
#endif /* (WOLFSSL_XILINX_CRYPT) */ #endif /* WOLFSSL_XILINX_CRYPT */
#endif /* end of block for AESGCM implementation selection */ #endif /* end of block for AESGCM implementation selection */

19
wolfcrypt/src/ecc.c
View File

@@ -3915,7 +3915,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
} }
#endif #endif
} }
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_ECC */
#ifdef WOLFSSL_ATECC508A #ifdef WOLFSSL_ATECC508A
key->type = ECC_PRIVATEKEY; key->type = ECC_PRIVATEKEY;
@@ -3942,11 +3942,12 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
} }
else else
#endif #endif
#endif #endif /* WOLFSSL_HAVE_SP_ECC */
{ /* software key gen */
#ifdef WOLFSSL_SP_MATH #ifdef WOLFSSL_SP_MATH
err = WC_KEY_SIZE_E; err = WC_KEY_SIZE_E;
#else #else
{
ALLOC_CURVE_SPECS(ECC_CURVE_FIELD_COUNT); ALLOC_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
/* setup the key variables */ /* setup the key variables */
@@ -3978,8 +3979,8 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
#ifndef WOLFSSL_ATECC508A #ifndef WOLFSSL_ATECC508A
FREE_CURVE_SPECS(); FREE_CURVE_SPECS();
#endif #endif
#endif /* WOLFSSL_SP_MATH */
} }
#endif
#endif /* WOLFSSL_ATECC508A */ #endif /* WOLFSSL_ATECC508A */
@@ -5168,6 +5169,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key) word32 hashlen, int* res, ecc_key* key)
{ {
int err; int err;
word32 keySz;
#ifdef WOLFSSL_ATECC508A #ifdef WOLFSSL_ATECC508A
byte sigRS[ATECC_KEY_SIZE*2]; byte sigRS[ATECC_KEY_SIZE*2];
#elif !defined(WOLFSSL_SP_MATH) #elif !defined(WOLFSSL_SP_MATH)
@@ -5205,6 +5207,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
} }
keySz = key->dp->size;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \ #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
defined(WOLFSSL_ASYNC_CRYPT_TEST) defined(WOLFSSL_ASYNC_CRYPT_TEST)
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) { if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
@@ -5227,7 +5231,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
if (err != MP_OKAY) { if (err != MP_OKAY) {
return err; return err;
} }
err = mp_to_unsigned_bin(s, &sigRS[ATECC_KEY_SIZE]); err = mp_to_unsigned_bin(s, &sigRS[keySz]);
if (err != MP_OKAY) { if (err != MP_OKAY) {
return err; return err;
} }
@@ -5330,8 +5334,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
if (NitroxEccIsCurveSupported(key)) if (NitroxEccIsCurveSupported(key))
#endif #endif
{ {
word32 keySz = key->dp->size;
err = wc_mp_to_bigint_sz(e, &e->raw, keySz); err = wc_mp_to_bigint_sz(e, &e->raw, keySz);
if (err == MP_OKAY) if (err == MP_OKAY)
err = wc_mp_to_bigint_sz(key->pubkey.x, &key->pubkey.x->raw, keySz); err = wc_mp_to_bigint_sz(key->pubkey.x, &key->pubkey.x->raw, keySz);
@@ -5508,6 +5510,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
#endif /* WOLFSSL_SP_MATH */ #endif /* WOLFSSL_SP_MATH */
#endif /* WOLFSSL_ATECC508A */ #endif /* WOLFSSL_ATECC508A */
(void)keySz;
(void)hashlen;
return err; return err;
} }
#endif /* HAVE_ECC_VERIFY */ #endif /* HAVE_ECC_VERIFY */

3
wolfcrypt/src/include.am
View File

@@ -61,7 +61,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/caam/caam_init.c \ wolfcrypt/src/port/caam/caam_init.c \
wolfcrypt/src/port/caam/caam_sha.c \ wolfcrypt/src/port/caam/caam_sha.c \
wolfcrypt/src/port/caam/caam_doc.pdf \ wolfcrypt/src/port/caam/caam_doc.pdf \
wolfcrypt/src/port/st/stm32.c wolfcrypt/src/port/st/stm32.c \
wolfcrypt/src/port/st/stsafe.c
if BUILD_CRYPTODEV if BUILD_CRYPTODEV
src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptodev.c src_libwolfssl_la_SOURCES += wolfcrypt/src/cryptodev.c

109
wolfcrypt/src/port/st/stm32.c
View File

@@ -1,6 +1,6 @@
/* stm32.c /* stm32.c
* *
* Copyright (C) 2006-2017 wolfSSL Inc. * Copyright (C) 2006-2018 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@@ -39,6 +39,11 @@
#include <wolfcrypt/src/misc.c> #include <wolfcrypt/src/misc.c>
#endif #endif
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifdef STM32_HASH #ifdef STM32_HASH
#ifdef WOLFSSL_STM32L4 #ifdef WOLFSSL_STM32L4
@@ -253,3 +258,105 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
} }
#endif /* STM32_HASH */ #endif /* STM32_HASH */
#ifdef STM32_CRYPTO
#ifndef NO_AES
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
#ifdef WOLFSSL_STM32_CUBEMX
int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
{
int ret;
word32 keySize;
ret = wc_AesGetKeySize(aes, &keySize);
if (ret != 0)
return ret;
XMEMSET(hcryp, 0, sizeof(CRYP_HandleTypeDef));
switch (keySize) {
case 16: /* 128-bit key */
hcryp->Init.KeySize = CRYP_KEYSIZE_128B;
break;
#ifdef CRYP_KEYSIZE_192B
case 24: /* 192-bit key */
hcryp->Init.KeySize = CRYP_KEYSIZE_192B;
break;
#endif
case 32: /* 256-bit key */
hcryp->Init.KeySize = CRYP_KEYSIZE_256B;
break;
default:
break;
}
hcryp->Instance = CRYP;
hcryp->Init.DataType = CRYP_DATATYPE_8B;
hcryp->Init.pKey = (uint8_t*)aes->key;
return 0;
}
#else /* STD_PERI_LIB */
int wc_Stm32_Aes_Init(Aes* aes, CRYP_InitTypeDef* cryptInit,
CRYP_KeyInitTypeDef* keyInit)
{
int ret;
word32 keySize;
word32* aes_key;
ret = wc_AesGetKeySize(aes, &keySize);
if (ret != 0)
return ret;
aes_key = aes->key;
/* crypto structure initialization */
CRYP_KeyStructInit(keyInit);
CRYP_StructInit(cryptInit);
/* load key into correct registers */
switch (keySize) {
case 16: /* 128-bit key */
cryptInit->CRYP_KeySize = CRYP_KeySize_128b;
keyInit->CRYP_Key2Left = aes_key[0];
keyInit->CRYP_Key2Right = aes_key[1];
keyInit->CRYP_Key3Left = aes_key[2];
keyInit->CRYP_Key3Right = aes_key[3];
break;
case 24: /* 192-bit key */
cryptInit->CRYP_KeySize = CRYP_KeySize_192b;
keyInit->CRYP_Key1Left = aes_key[0];
keyInit->CRYP_Key1Right = aes_key[1];
keyInit->CRYP_Key2Left = aes_key[2];
keyInit->CRYP_Key2Right = aes_key[3];
keyInit->CRYP_Key3Left = aes_key[4];
keyInit->CRYP_Key3Right = aes_key[5];
break;
case 32: /* 256-bit key */
cryptInit->CRYP_KeySize = CRYP_KeySize_256b;
keyInit->CRYP_Key0Left = aes_key[0];
keyInit->CRYP_Key0Right = aes_key[1];
keyInit->CRYP_Key1Left = aes_key[2];
keyInit->CRYP_Key1Right = aes_key[3];
keyInit->CRYP_Key2Left = aes_key[4];
keyInit->CRYP_Key2Right = aes_key[5];
keyInit->CRYP_Key3Left = aes_key[6];
keyInit->CRYP_Key3Right = aes_key[7];
break;
default:
break;
}
cryptInit->CRYP_DataType = CRYP_DataType_8b;
return 0;
}
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_AES_DIRECT || HAVE_AESGCM || HAVE_AESCCM */
#endif /* !NO_AES */
#endif /* STM32_CRYPTO */

272
wolfcrypt/src/port/st/stsafe.c Normal file
View File

@@ -0,0 +1,272 @@
/* stsafe.c
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/port/st/stsafe.h>
#include <wolfssl/wolfcrypt/logging.h>
#ifdef WOLFSSL_STSAFEA100
int SSL_STSAFE_LoadDeviceCertificate(byte** pRawCertificate,
word32* pRawCertificateLen)
{
int err;
if (pRawCertificate == NULL || pRawCertificateLen == NULL) {
return BAD_FUNC_ARG;
}
#ifdef USE_STSAFE_VERBOSE
WOLFSSL_MSG("SSL_STSAFE_LoadDeviceCertificate");
#endif
/* Try reading device certificate from ST-SAFE Zone 0 */
err = stsafe_interface_read_device_certificate_raw(
pRawCertificate, pRawCertificateLen);
if (err == 0) {
#if 0
/* example for loading into WOLFSSL_CTX */
err = wolfSSL_CTX_use_certificate_buffer(ctx,
*pRawCertificate, *pRawCertificateLen, SSL_FILETYPE_ASN1);
if (err != WOLFSSL_SUCCESS) {
/* failed */
}
/* can free now */
XFREE(*pRawCertificate, NULL, DYNAMIC_TEMP_BUFFER);
*pRawCertificate = NULL;
#endif
}
return err;
}
#ifdef HAVE_PK_CALLBACKS
/**
* \brief Verify Peer Cert Callback.
*/
int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
const unsigned char* sig, unsigned int sigSz,
const unsigned char* hash, unsigned int hashSz,
const unsigned char* keyDer, unsigned int keySz,
int* result, void* ctx)
{
int err;
byte sigRS[STSAFE_MAX_SIG_LEN];
byte *r, *s;
word32 r_len = STSAFE_MAX_SIG_LEN/2, s_len = STSAFE_MAX_SIG_LEN/2;
byte pubKeyX[STSAFE_MAX_PUBKEY_RAW_LEN/2];
byte pubKeyY[STSAFE_MAX_PUBKEY_RAW_LEN/2];
word32 pubKeyX_len = sizeof(pubKeyX);
word32 pubKeyY_len = sizeof(pubKeyY);
ecc_key key;
word32 inOutIdx = 0;
StSafeA_CurveId curve_id;
int ecc_curve;
(void)ssl;
(void)ctx;
#ifdef USE_STSAFE_VERBOSE
WOLFSSL_MSG("VerifyPeerCertCB: STSAFE");
#endif
err = wc_ecc_init(&key);
if (err != 0) {
return err;
}
/* Decode the public key */
err = wc_EccPublicKeyDecode(keyDer, &inOutIdx, &key, keySz);
if (err == 0) {
/* Extract Raw X and Y coordinates of the public key */
err = wc_ecc_export_public_raw(&key, pubKeyX, &pubKeyX_len,
pubKeyY, &pubKeyY_len);
}
if (err == 0) {
int key_sz;
/* determine curve */
ecc_curve = key.dp->id;
curve_id = stsafe_get_ecc_curve_id(ecc_curve);
key_sz = stsafe_get_key_size(curve_id);
/* Extract R and S from signature */
XMEMSET(sigRS, 0, sizeof(sigRS));
r = &sigRS[0];
s = &sigRS[key_sz];
err = wc_ecc_sig_to_rs(sig, sigSz, r, &r_len, s, &s_len);
(void)r_len;
(void)s_len;
}
if (err == 0) {
/* Verify signature */
err = stsafe_interface_verify(curve_id, (uint8_t*)hash, sigRS,
pubKeyX, pubKeyY, result);
}
wc_ecc_free(&key);
return err;
}
/**
* \brief Sign Certificate Callback.
*/
int SSL_STSAFE_SignCertificateCb(WOLFSSL* ssl, const byte* in,
word32 inSz, byte* out, word32* outSz,
const byte* key, word32 keySz, void* ctx)
{
int err;
byte digest[STSAFE_MAX_KEY_LEN];
byte sigRS[STSAFE_MAX_SIG_LEN];
byte *r, *s;
StSafeA_CurveId curve_id;
int key_sz;
(void)ssl;
(void)ctx;
#ifdef USE_STSAFE_VERBOSE
WOLFSSL_MSG("SignCertificateCb: STSAFE");
#endif
curve_id = stsafe_get_curve_mode();
key_sz = stsafe_get_key_size(curve_id);
/* Build input digest */
if (inSz > key_sz)
inSz = key_sz;
XMEMSET(&digest[0], 0, sizeof(digest));
XMEMCPY(&digest[key_sz - inSz], in, inSz);
/* Sign using slot 0: Result is R then S */
/* Sign will always use the curve type in slot 0 (the TLS curve needs to match) */
XMEMSET(sigRS, 0, sizeof(sigRS));
err = stsafe_interface_sign(STSAFE_A_SLOT_0, curve_id, digest, sigRS);
if (err != 0) {
return err;
}
/* Convert R and S to signature */
r = &sigRS[0];
s = &sigRS[key_sz];
err = wc_ecc_rs_raw_to_sig((const byte*)r, key_sz, (const byte*)s, key_sz,
out, outSz);
if (err !=0) {
#ifdef USE_STSAFE_VERBOSE
WOLFSSL_MSG("Error converting RS to Signature");
#endif
}
return err;
}
/**
* \brief Create pre master secret using peer's public key and self private key.
*/
int SSL_STSAFE_SharedSecretCb(WOLFSSL* ssl, ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
int side, void* ctx)
{
int err;
byte otherKeyX[STSAFE_MAX_KEY_LEN];
byte otherKeyY[STSAFE_MAX_KEY_LEN];
word32 otherKeyX_len = sizeof(otherKeyX);
word32 otherKeyY_len = sizeof(otherKeyY);
byte pubKeyRaw[STSAFE_MAX_PUBKEY_RAW_LEN];
StSafeA_KeySlotNumber slot;
StSafeA_CurveId curve_id;
ecc_key tmpKey;
int ecc_curve;
int key_sz;
(void)ssl;
(void)ctx;
#ifdef USE_STSAFE_VERBOSE
WOLFSSL_MSG("SharedSecretCb: STSAFE");
#endif
err = wc_ecc_init(&tmpKey);
if (err != 0) {
return err;
}
/* set curve */
ecc_curve = otherKey->dp->id;
curve_id = stsafe_get_ecc_curve_id(ecc_curve);
key_sz = stsafe_get_key_size(curve_id);
/* for client: create and export public key */
if (side == WOLFSSL_CLIENT_END) {
/* Export otherKey raw X and Y */
err = wc_ecc_export_public_raw(otherKey,
&otherKeyX[0], (word32*)&otherKeyX_len,
&otherKeyY[0], (word32*)&otherKeyY_len);
if (err != 0) {
return err;
}
err = stsafe_interface_create_key(&slot, curve_id, (uint8_t*)&pubKeyRaw[0]);
if (err != 0) {
return err;
}
/* convert raw unsigned public key to X.963 format for TLS */
err = wc_ecc_init(&tmpKey);
if (err == 0) {
err = wc_ecc_import_unsigned(&tmpKey, &pubKeyRaw[0], &pubKeyRaw[key_sz],
NULL, ecc_curve);
if (err == 0) {
err = wc_ecc_export_x963(&tmpKey, pubKeyDer, pubKeySz);
}
wc_ecc_free(&tmpKey);
}
}
/* for server: import public key */
else if (side == WOLFSSL_SERVER_END) {
/* import peer's key and export as raw unsigned for hardware */
err = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, &tmpKey, ecc_curve);
if (err == 0) {
err = wc_ecc_export_public_raw(&tmpKey, otherKeyX, &otherKeyX_len,
otherKeyY, &otherKeyY_len);
}
}
else {
err = BAD_FUNC_ARG;
}
wc_ecc_free(&tmpKey);
if (err != 0) {
return err;
}
/* Compute shared secret */
err = stsafe_interface_shared_secret(curve_id, &otherKeyX[0], &otherKeyY[0],
out, (int32_t*)outlen);
return err;
}
#endif /* HAVE_PK_CALLBACKS */
#endif /* WOLFSSL_STSAFEA100 */

8
wolfcrypt/src/wc_port.c
View File

@@ -50,6 +50,10 @@
#include <wolfssl/wolfcrypt/port/atmel/atmel.h> #include <wolfssl/wolfcrypt/port/atmel/atmel.h>
#endif #endif
#if defined(WOLFSSL_STSAFEA100)
#include <wolfssl/wolfcrypt/port/st/stsafe.h>
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
#include <wolfssl/openssl/evp.h> #include <wolfssl/openssl/evp.h>
#endif #endif
@@ -141,6 +145,10 @@ int wolfCrypt_Init(void)
atmel_init(); atmel_init();
#endif #endif
#if defined(WOLFSSL_STSAFEA100)
stsafe_interface_init();
#endif
#ifdef WOLFSSL_ARMASM #ifdef WOLFSSL_ARMASM
WOLFSSL_MSG("Using ARM hardware acceleration"); WOLFSSL_MSG("Using ARM hardware acceleration");
#endif #endif

12
wolfcrypt/test/test.c
View File

@@ -434,6 +434,7 @@ int wolfcrypt_test(void* args)
{ {
int ret; int ret;
if (args)
((func_args*)args)->return_code = -1; /* error state */ ((func_args*)args)->return_code = -1; /* error state */
#ifdef WOLFSSL_STATIC_MEMORY #ifdef WOLFSSL_STATIC_MEMORY
@@ -1003,6 +1004,7 @@ initDefaultName();
wc_ecc_fp_free(); wc_ecc_fp_free();
#endif #endif
if (args)
((func_args*)args)->return_code = ret; ((func_args*)args)->return_code = ret;
EXIT_TEST(ret); EXIT_TEST(ret);
@@ -6801,7 +6803,7 @@ int aesgcm_test(void)
} }
#endif #endif
/* Variable authenticed data length test */ /* Variable authenticated data length test */
for (alen=0; alen<(int)sizeof(p); alen++) { for (alen=0; alen<(int)sizeof(p); alen++) {
/* AES-GCM encrypt and decrypt both use AES encrypt internally */ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
result = wc_AesGcmEncrypt(&enc, resultC, p, sizeof(p), iv1, result = wc_AesGcmEncrypt(&enc, resultC, p, sizeof(p), iv1,
@@ -16623,8 +16625,12 @@ int ecc_test_buffers(void) {
int verify = 0; int verify = 0;
word32 x; word32 x;
XMEMSET(&cliKey, 0, sizeof(ecc_key)); ret = wc_ecc_init_ex(&cliKey, HEAP_HINT, devId);
XMEMSET(&servKey, 0, sizeof(ecc_key)); if (ret != 0)
return -8721;
ret = wc_ecc_init_ex(&servKey, HEAP_HINT, devId);
if (ret != 0)
return -8722;
bytes = (size_t)sizeof_ecc_clikey_der_256; bytes = (size_t)sizeof_ecc_clikey_der_256;
/* place client key into ecc_key struct cliKey */ /* place client key into ecc_key struct cliKey */

6
wolfssl/wolfcrypt/aes.h
View File

@@ -48,6 +48,12 @@
#endif #endif
#endif #endif
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef STM32_CRYPTO
#include <wolfssl/wolfcrypt/port/st/stm32.h>
#endif
#ifdef WOLFSSL_AESNI #ifdef WOLFSSL_AESNI

3
wolfssl/wolfcrypt/include.am
View File

@@ -76,7 +76,8 @@ noinst_HEADERS+= \
wolfssl/wolfcrypt/port/caam/caam_driver.h \ wolfssl/wolfcrypt/port/caam/caam_driver.h \
wolfssl/wolfcrypt/port/caam/wolfcaam.h \ wolfssl/wolfcrypt/port/caam/wolfcaam.h \
wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h \ wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h \
wolfssl/wolfcrypt/port/st/stm32.h wolfssl/wolfcrypt/port/st/stm32.h \
wolfssl/wolfcrypt/port/st/stsafe.h
if BUILD_ASYNCCRYPT if BUILD_ASYNCCRYPT
nobase_include_HEADERS+= wolfssl/wolfcrypt/async.h nobase_include_HEADERS+= wolfssl/wolfcrypt/async.h

39
wolfssl/wolfcrypt/port/st/stm32.h
View File

@@ -1,6 +1,6 @@
/* stm32.h /* stm32.h
* *
* Copyright (C) 2006-2017 wolfSSL Inc. * Copyright (C) 2006-2018 wolfSSL Inc.
* *
* This file is part of wolfSSL. * This file is part of wolfSSL.
* *
@@ -22,15 +22,16 @@
#ifndef _WOLFPORT_STM32_H_ #ifndef _WOLFPORT_STM32_H_
#define _WOLFPORT_STM32_H_ #define _WOLFPORT_STM32_H_
#ifdef STM32_HASH /* Generic STM32 Hashing and Crypto Functions */
#define WOLFSSL_NO_HASH_RAW
/* Generic STM32 Hashing Function */
/* Supports CubeMX HAL or Standard Peripheral Library */ /* Supports CubeMX HAL or Standard Peripheral Library */
#include <wolfssl/wolfcrypt/types.h> #include <wolfssl/wolfcrypt/types.h>
#ifdef STM32_HASH
#define WOLFSSL_NO_HASH_RAW
#ifdef HASH_DIGEST #ifdef HASH_DIGEST
/* The HASH_DIGEST register indicates SHA224/SHA256 support */ /* The HASH_DIGEST register indicates SHA224/SHA256 support */
#define STM32_HASH_SHA2 #define STM32_HASH_SHA2
@@ -82,4 +83,30 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
#endif /* STM32_HASH */ #endif /* STM32_HASH */
#ifdef STM32_CRYPTO
#ifndef NO_AES
#ifdef WOLFSSL_STM32L4
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
#define CRYP AES
#endif
/* CRYPT_AES_GCM starts the IV with 2 */
#define STM32_GCM_IV_START 2
#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
struct Aes;
#ifdef WOLFSSL_STM32_CUBEMX
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_HandleTypeDef* hcryp);
#else /* STD_PERI_LIB */
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_InitTypeDef* cryptInit,
CRYP_KeyInitTypeDef* keyInit);
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_AES_DIRECT || HAVE_AESGCM || HAVE_AESCCM */
#endif /* !NO_AES */
#endif /* STM32_CRYPTO */
#endif /* _WOLFPORT_STM32_H_ */ #endif /* _WOLFPORT_STM32_H_ */

66
wolfssl/wolfcrypt/port/st/stsafe.h Normal file
View File

@@ -0,0 +1,66 @@
/* stsafe.h
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _WOLFPORT_STSAFE_H_
#define _WOLFPORT_STSAFE_H_
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_STSAFEA100
#include "stsafe_interface.h"
#ifndef STSAFE_MAX_KEY_LEN
#define STSAFE_MAX_KEY_LEN ((uint32_t)48) /* for up to 384-bit keys */
#endif
#ifndef STSAFE_MAX_PUBKEY_RAW_LEN
#define STSAFE_MAX_PUBKEY_RAW_LEN ((uint32_t)STSAFE_MAX_KEY_LEN * 2) /* x/y */
#endif
#ifndef STSAFE_MAX_SIG_LEN
#define STSAFE_MAX_SIG_LEN ((uint32_t)STSAFE_MAX_KEY_LEN * 2) /* r/s */
#endif
WOLFSSL_API int SSL_STSAFE_LoadDeviceCertificate(byte** pRawCertificate,
word32* pRawCertificateLen);
#ifdef HAVE_PK_CALLBACKS
WOLFSSL_API int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl,
const unsigned char* sig, unsigned int sigSz,
const unsigned char* hash, unsigned int hashSz,
const unsigned char* keyDer, unsigned int keySz,
int* result, void* ctx);
WOLFSSL_API int SSL_STSAFE_SignCertificateCb(WOLFSSL* ssl,
const byte* in, word32 inSz,
byte* out, word32* outSz,
const byte* key, word32 keySz, void* ctx);
WOLFSSL_API int SSL_STSAFE_SharedSecretCb(WOLFSSL* ssl,
ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
int side, void* ctx);
#endif
#endif /* WOLFSSL_STSAFEA100 */
#endif /* _WOLFPORT_STSAFE_H_ */

9
wolfssl/wolfcrypt/settings.h
View File

@@ -98,6 +98,9 @@
/* Uncomment next line if using STM32F4 */ /* Uncomment next line if using STM32F4 */
/* #define WOLFSSL_STM32F4 */ /* #define WOLFSSL_STM32F4 */
/* Uncomment next line if using STM32FL */
/* #define WOLFSSL_STM32FL */
/* Uncomment next line if using STM32F7 */ /* Uncomment next line if using STM32F7 */
/* #define WOLFSSL_STM32F7 */ /* #define WOLFSSL_STM32F7 */
@@ -1053,6 +1056,10 @@ extern void uITRON4_free(void *p) ;
#ifndef NO_STM32_CRYPTO #ifndef NO_STM32_CRYPTO
#undef STM32_CRYPTO #undef STM32_CRYPTO
#define STM32_CRYPTO #define STM32_CRYPTO
#ifdef WOLFSSL_STM32L4
#define NO_AES_192 /* hardware does not support 192-bit */
#endif
#endif #endif
#ifndef NO_STM32_HASH #ifndef NO_STM32_HASH
#undef STM32_HASH #undef STM32_HASH
@@ -1109,7 +1116,7 @@ extern void uITRON4_free(void *p) ;
#include "stm32f1xx.h" #include "stm32f1xx.h"
#endif #endif
#endif /* WOLFSSL_STM32_CUBEMX */ #endif /* WOLFSSL_STM32_CUBEMX */
#endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32F7 */ #endif /* WOLFSSL_STM32F2 || WOLFSSL_STM32F4 || WOLFSSL_STM32L4 || WOLFSSL_STM32F7 */
#ifdef MICRIUM #ifdef MICRIUM
#include <stdlib.h> #include <stdlib.h>