ChibiOS/HAL  6.1.0
hal_crypto.c
Go to the documentation of this file.
1 /*
2  ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio
3 
4  Licensed under the Apache License, Version 2.0 (the "License");
5  you may not use this file except in compliance with the License.
6  You may obtain a copy of the License at
7 
8  http://www.apache.org/licenses/LICENSE-2.0
9 
10  Unless required by applicable law or agreed to in writing, software
11  distributed under the License is distributed on an "AS IS" BASIS,
12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  See the License for the specific language governing permissions and
14  limitations under the License.
15 */
16 
17 /**
18  * @file hal_crypto.c
19  * @brief Cryptographic Driver code.
20  *
21  * @addtogroup CRYPTO
22  * @{
23  */
24 
25 #include "hal.h"
26 
27 #if (HAL_USE_CRY == TRUE) || defined(__DOXYGEN__)
28 
29 /*===========================================================================*/
30 /* Driver local definitions. */
31 /*===========================================================================*/
32 
33 /*===========================================================================*/
34 /* Driver exported variables. */
35 /*===========================================================================*/
36 
37 /*===========================================================================*/
38 /* Driver local variables and types. */
39 /*===========================================================================*/
40 
41 /*===========================================================================*/
42 /* Driver local functions. */
43 /*===========================================================================*/
44 
45 /*===========================================================================*/
46 /* Driver exported functions. */
47 /*===========================================================================*/
48 
49 /**
50  * @brief Cryptographic Driver initialization.
51  * @note This function is implicitly invoked by @p halInit(), there is
52  * no need to explicitly initialize the driver.
53  *
54  * @init
55  */
56 void cryInit(void) {
57 
58 #if HAL_CRY_ENFORCE_FALLBACK == FALSE
59  cry_lld_init();
60 #endif
61 }
62 
63 /**
64  * @brief Initializes the standard part of a @p CRYDriver structure.
65  *
66  * @param[out] cryp pointer to the @p CRYDriver object
67  *
68  * @init
69  */
70 void cryObjectInit(CRYDriver *cryp) {
71 
72  cryp->state = CRY_STOP;
73  cryp->config = NULL;
74 #if defined(CRY_DRIVER_EXT_INIT_HOOK)
75  CRY_DRIVER_EXT_INIT_HOOK(cryp);
76 #endif
77 }
78 
79 /**
80  * @brief Configures and activates the cryptographic peripheral.
81  *
82  * @param[in] cryp pointer to the @p CRYDriver object
83  * @param[in] config pointer to the @p CRYConfig object. Depending
84  * on the implementation the value can be @p NULL.
85  *
86  * @api
87  */
88 void cryStart(CRYDriver *cryp, const CRYConfig *config) {
89 
90  osalDbgCheck(cryp != NULL);
91 
92  osalSysLock();
93  osalDbgAssert((cryp->state == CRY_STOP) || (cryp->state == CRY_READY),
94  "invalid state");
95  cryp->config = config;
96 #if HAL_CRY_ENFORCE_FALLBACK == FALSE
97  cry_lld_start(cryp);
98 #endif
99  cryp->state = CRY_READY;
100  osalSysUnlock();
101 }
102 
103 /**
104  * @brief Deactivates the cryptographic peripheral.
105  *
106  * @param[in] cryp pointer to the @p CRYDriver object
107  *
108  * @api
109  */
110 void cryStop(CRYDriver *cryp) {
111 
112  osalDbgCheck(cryp != NULL);
113 
114  osalSysLock();
115 
116  osalDbgAssert((cryp->state == CRY_STOP) || (cryp->state == CRY_READY),
117  "invalid state");
118 
119 #if HAL_CRY_ENFORCE_FALLBACK == FALSE
120  cry_lld_stop(cryp);
121 #endif
122  cryp->config = NULL;
123  cryp->state = CRY_STOP;
124 
125  osalSysUnlock();
126 }
127 
128 /**
129  * @brief Initializes the transient key for a specific algorithm.
130  * @note It is the underlying implementation to decide which combinations
131  * of algorithm and key size are allowable.
132  *
133  * @param[in] cryp pointer to the @p CRYDriver object
134  * @param[in] algorithm the algorithm identifier
135  * @param[in] size key size in bytes
136  * @param[in] keyp pointer to the key data
137  * @return The operation status.
138  * @retval CRY_NOERROR if the operation succeeded.
139  * @retval CRY_ERR_INV_ALGO if the specified algorithm is unknown or
140  * unsupported.
141  * @retval CRY_ERR_INV_KEY_SIZE if the specified key size is invalid for
142  * the specified algorithm.
143  *
144  * @api
145  */
147  cryalgorithm_t algorithm,
148  size_t size,
149  const uint8_t *keyp) {
150  cryerror_t err;
151 
152  osalDbgCheck((cryp != NULL) && (size <= HAL_CRY_MAX_KEY_SIZE) &&
153  (keyp != NULL));
154 
155 
156 #if HAL_CRY_ENFORCE_FALLBACK == FALSE
157  /* Key setup in the low level driver.*/
158  err = cry_lld_loadkey(cryp, algorithm, size, keyp);
159 #else
160  err = CRY_ERR_INV_ALGO;
161 #endif
162 
163 #if HAL_CRY_USE_FALLBACK == TRUE
164  if (err == CRY_ERR_INV_ALGO) {
165  err = cry_fallback_loadkey(cryp, algorithm, size, keyp);
166  }
167 #endif
168 
169  if (err == CRY_NOERROR) {
170  /* Storing the transient key info.*/
171  cryp->key0_type = algorithm;
172  cryp->key0_size = size;
173  }
174 
175  return err;
176 }
177 
178 /**
179  * @brief Encryption of a single block using AES.
180  * @note The implementation of this function must guarantee that it can
181  * be called from any context.
182  *
183  * @param[in] cryp pointer to the @p CRYDriver object
184  * @param[in] key_id the key to be used for the operation, zero is
185  * the transient key, other values are keys stored
186  * in an unspecified way
187  * @param[in] in buffer containing the input plaintext
188  * @param[out] out buffer for the output cyphertext
189  * @return The operation status.
190  * @retval CRY_NOERROR if the operation succeeded.
191  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
192  * device instance.
193  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
194  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
195  * or refers to an empty key slot.
196  *
197  * @special
198  */
200  crykey_t key_id,
201  const uint8_t *in,
202  uint8_t *out) {
203 
204  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
205 
206  osalDbgAssert(cryp->state == CRY_READY, "not ready");
207 
208 #if CRY_LLD_SUPPORTS_AES == TRUE
209  return cry_lld_encrypt_AES(cryp, key_id, in, out);
210 #elif HAL_CRY_USE_FALLBACK == TRUE
211  return cry_fallback_encrypt_AES(cryp, key_id, in, out);
212 #else
213  (void)cryp;
214  (void)key_id;
215  (void)in;
216  (void)out;
217 
218  return CRY_ERR_INV_ALGO;
219 #endif
220 }
221 
222 /**
223  * @brief Decryption of a single block using AES.
224  * @note The implementation of this function must guarantee that it can
225  * be called from any context.
226  *
227  * @param[in] cryp pointer to the @p CRYDriver object
228  * @param[in] key_id the key to be used for the operation, zero is
229  * the transient key, other values are keys stored
230  * in an unspecified way
231  * @param[in] in buffer containing the input cyphertext
232  * @param[out] out buffer for the output plaintext
233  * @return The operation status.
234  * @retval CRY_NOERROR if the operation succeeded.
235  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
236  * device instance.
237  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
238  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
239  * or refers to an empty key slot.
240  *
241  * @special
242  */
244  crykey_t key_id,
245  const uint8_t *in,
246  uint8_t *out) {
247 
248  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
249 
250  osalDbgAssert(cryp->state == CRY_READY, "not ready");
251 
252 #if CRY_LLD_SUPPORTS_AES == TRUE
253  return cry_lld_decrypt_AES(cryp, key_id, in, out);
254 #elif HAL_CRY_USE_FALLBACK == TRUE
255  return cry_fallback_decrypt_AES(cryp, key_id, in, out);
256 #else
257  (void)cryp;
258  (void)key_id;
259  (void)in;
260  (void)out;
261 
262  return CRY_ERR_INV_ALGO;
263 #endif
264 }
265 
266 /**
267  * @brief Encryption operation using AES-ECB.
268  * @note The function operates on data buffers whose length is a multiple
269  * of an AES block, this means that padding must be done by the
270  * caller.
271  *
272  * @param[in] cryp pointer to the @p CRYDriver object
273  * @param[in] key_id the key to be used for the operation, zero is
274  * the transient key, other values are keys stored
275  * in an unspecified way
276  * @param[in] size size of both buffers, this number must be a
277  * multiple of 16
278  * @param[in] in buffer containing the input plaintext
279  * @param[out] out buffer for the output cyphertext
280  * @return The operation status.
281  * @retval CRY_NOERROR if the operation succeeded.
282  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
283  * device instance.
284  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
285  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
286  * or refers to an empty key slot.
287  *
288  * @api
289  */
291  crykey_t key_id,
292  size_t size,
293  const uint8_t *in,
294  uint8_t *out) {
295 
296  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
297  ((size & (size_t)15) == (size_t)0));
298 
299  osalDbgAssert(cryp->state == CRY_READY, "not ready");
300 
301 #if CRY_LLD_SUPPORTS_AES_ECB == TRUE
302  return cry_lld_encrypt_AES_ECB(cryp, key_id, size, in, out);
303 #elif HAL_CRY_USE_FALLBACK == TRUE
304  return cry_fallback_encrypt_AES_ECB(cryp, key_id, size, in, out);
305 #else
306  (void)cryp;
307  (void)key_id;
308  (void)size;
309  (void)in;
310  (void)out;
311 
312  return CRY_ERR_INV_ALGO;
313 #endif
314 }
315 
316 /**
317  * @brief Decryption operation using AES-ECB.
318  * @note The function operates on data buffers whose length is a multiple
319  * of an AES block, this means that padding must be done by the
320  * caller.
321  *
322  * @param[in] cryp pointer to the @p CRYDriver object
323  * @param[in] key_id the key to be used for the operation, zero is
324  * the transient key, other values are keys stored
325  * in an unspecified way
326  * @param[in] size size of both buffers, this number must be a
327  * multiple of 16
328  * @param[in] in buffer containing the input cyphertext
329  * @param[out] out buffer for the output plaintext
330  * @return The operation status.
331  * @retval CRY_NOERROR if the operation succeeded.
332  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
333  * device instance.
334  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
335  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
336  * or refers to an empty key slot.
337  *
338  * @api
339  */
341  crykey_t key_id,
342  size_t size,
343  const uint8_t *in,
344  uint8_t *out) {
345 
346  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
347  ((size & (size_t)15) == (size_t)0));
348 
349  osalDbgAssert(cryp->state == CRY_READY, "not ready");
350 
351 #if CRY_LLD_SUPPORTS_AES_ECB == TRUE
352  return cry_lld_decrypt_AES_ECB(cryp, key_id, size, in, out);
353 #elif HAL_CRY_USE_FALLBACK == TRUE
354  return cry_fallback_decrypt_AES_ECB(cryp, key_id, size, in, out);
355 #else
356  (void)cryp;
357  (void)key_id;
358  (void)size;
359  (void)in;
360  (void)out;
361 
362  return CRY_ERR_INV_ALGO;
363 #endif
364 }
365 
366 /**
367  * @brief Encryption operation using AES-CBC.
368  * @note The function operates on data buffers whose length is a multiple
369  * of an AES block, this means that padding must be done by the
370  * caller.
371  *
372  * @param[in] cryp pointer to the @p CRYDriver object
373  * @param[in] key_id the key to be used for the operation, zero is
374  * the transient key, other values are keys stored
375  * in an unspecified way
376  * @param[in] size size of both buffers, this number must be a
377  * multiple of 16
378  * @param[in] in buffer containing the input plaintext
379  * @param[out] out buffer for the output cyphertext
380  * @param[in] iv 128 bits input vector
381  * @return The operation status.
382  * @retval CRY_NOERROR if the operation succeeded.
383  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
384  * device instance.
385  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
386  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
387  * or refers to an empty key slot.
388  *
389  * @api
390  */
392  crykey_t key_id,
393  size_t size,
394  const uint8_t *in,
395  uint8_t *out,
396  const uint8_t *iv) {
397 
398  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
399  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
400 
401  osalDbgAssert(cryp->state == CRY_READY, "not ready");
402 
403 #if CRY_LLD_SUPPORTS_AES_CBC == TRUE
404  return cry_lld_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
405 #elif HAL_CRY_USE_FALLBACK == TRUE
406  return cry_fallback_encrypt_AES_CBC(cryp, key_id, size, in, out, iv);
407 #else
408  (void)cryp;
409  (void)key_id;
410  (void)size;
411  (void)in;
412  (void)out;
413  (void)iv;
414 
415  return CRY_ERR_INV_ALGO;
416 #endif
417 }
418 
419 /**
420  * @brief Decryption operation using AES-CBC.
421  * @note The function operates on data buffers whose length is a multiple
422  * of an AES block, this means that padding must be done by the
423  * caller.
424  *
425  * @param[in] cryp pointer to the @p CRYDriver object
426  * @param[in] key_id the key to be used for the operation, zero is
427  * the transient key, other values are keys stored
428  * in an unspecified way
429  * @param[in] size size of both buffers, this number must be a
430  * multiple of 16
431  * @param[in] in buffer containing the input cyphertext
432  * @param[out] out buffer for the output plaintext
433  * @param[in] iv 128 bits input vector
434  * @return The operation status.
435  * @retval CRY_NOERROR if the operation succeeded.
436  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
437  * device instance.
438  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
439  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
440  * or refers to an empty key slot.
441  *
442  * @api
443  */
445  crykey_t key_id,
446  size_t size,
447  const uint8_t *in,
448  uint8_t *out,
449  const uint8_t *iv) {
450 
451  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
452  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
453 
454  osalDbgAssert(cryp->state == CRY_READY, "not ready");
455 
456 #if CRY_LLD_SUPPORTS_AES_CBC == TRUE
457  return cry_lld_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
458 #elif HAL_CRY_USE_FALLBACK == TRUE
459  return cry_fallback_decrypt_AES_CBC(cryp, key_id, size, in, out, iv);
460 #else
461  (void)cryp;
462  (void)key_id;
463  (void)size;
464  (void)in;
465  (void)out;
466  (void)iv;
467 
468  return CRY_ERR_INV_ALGO;
469 #endif
470 }
471 
472 /**
473  * @brief Encryption operation using AES-CFB.
474  * @note The function operates on data buffers whose length is a multiple
475  * of an AES block, this means that padding must be done by the
476  * caller.
477  *
478  * @param[in] cryp pointer to the @p CRYDriver object
479  * @param[in] key_id the key to be used for the operation, zero is
480  * the transient key, other values are keys stored
481  * in an unspecified way
482  * @param[in] size size of both buffers, this number must be a
483  * multiple of 16
484  * @param[in] in buffer containing the input plaintext
485  * @param[out] out buffer for the output cyphertext
486  * @param[in] iv 128 bits input vector
487  * @return The operation status.
488  * @retval CRY_NOERROR if the operation succeeded.
489  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
490  * device instance.
491  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
492  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
493  * or refers to an empty key slot.
494  *
495  * @api
496  */
498  crykey_t key_id,
499  size_t size,
500  const uint8_t *in,
501  uint8_t *out,
502  const uint8_t *iv) {
503 
504  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
505  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
506 
507  osalDbgAssert(cryp->state == CRY_READY, "not ready");
508 
509 #if CRY_LLD_SUPPORTS_AES_CFB == TRUE
510  return cry_lld_encrypt_AES_CFB(cryp, key_id, size, in, out, iv);
511 #elif HAL_CRY_USE_FALLBACK == TRUE
512  return cry_fallback_encrypt_AES_CFB(cryp, key_id, size, in, out, iv);
513 #else
514  (void)cryp;
515  (void)key_id;
516  (void)size;
517  (void)in;
518  (void)out;
519  (void)iv;
520 
521  return CRY_ERR_INV_ALGO;
522 #endif
523 }
524 
525 /**
526  * @brief Decryption operation using AES-CFB.
527  * @note The function operates on data buffers whose length is a multiple
528  * of an AES block, this means that padding must be done by the
529  * caller.
530  *
531  * @param[in] cryp pointer to the @p CRYDriver object
532  * @param[in] key_id the key to be used for the operation, zero is
533  * the transient key, other values are keys stored
534  * in an unspecified way
535  * @param[in] size size of both buffers, this number must be a
536  * multiple of 16
537  * @param[in] in buffer containing the input cyphertext
538  * @param[out] out buffer for the output plaintext
539  * @param[in] iv 128 bits input vector
540  * @return The operation status.
541  * @retval CRY_NOERROR if the operation succeeded.
542  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
543  * device instance.
544  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
545  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
546  * or refers to an empty key slot.
547  *
548  * @api
549  */
551  crykey_t key_id,
552  size_t size,
553  const uint8_t *in,
554  uint8_t *out,
555  const uint8_t *iv) {
556 
557  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
558  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
559 
560  osalDbgAssert(cryp->state == CRY_READY, "not ready");
561 
562 #if CRY_LLD_SUPPORTS_AES_CFB == TRUE
563  return cry_lld_decrypt_AES_CFB(cryp, key_id, size, in, out, iv);
564 #elif HAL_CRY_USE_FALLBACK == TRUE
565  return cry_fallback_decrypt_AES_CFB(cryp, key_id, size, in, out, iv);
566 #else
567  (void)cryp;
568  (void)key_id;
569  (void)size;
570  (void)in;
571  (void)out;
572  (void)iv;
573 
574  return CRY_ERR_INV_ALGO;
575 #endif
576 }
577 
578 /**
579  * @brief Encryption operation using AES-CTR.
580  * @note The function operates on data buffers whose length is a multiple
581  * of an AES block, this means that padding must be done by the
582  * caller.
583  *
584  * @param[in] cryp pointer to the @p CRYDriver object
585  * @param[in] key_id the key to be used for the operation, zero is
586  * the transient key, other values are keys stored
587  * in an unspecified way
588  * @param[in] size size of both buffers, this number must be a
589  * multiple of 16
590  * @param[in] in buffer containing the input plaintext
591  * @param[out] out buffer for the output cyphertext
592  * @param[in] iv 128 bits input vector + counter, it contains
593  * a 96 bits IV and a 32 bits counter
594  * @return The operation status.
595  * @retval CRY_NOERROR if the operation succeeded.
596  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
597  * device instance.
598  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
599  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
600  * or refers to an empty key slot.
601  *
602  * @api
603  */
605  crykey_t key_id,
606  size_t size,
607  const uint8_t *in,
608  uint8_t *out,
609  const uint8_t *iv) {
610 
611  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
612  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
613 
614  osalDbgAssert(cryp->state == CRY_READY, "not ready");
615 
616 #if CRY_LLD_SUPPORTS_AES_CTR == TRUE
617  return cry_lld_encrypt_AES_CTR(cryp, key_id, size, in, out, iv);
618 #elif HAL_CRY_USE_FALLBACK == TRUE
619  return cry_fallback_encrypt_AES_CTR(cryp, key_id, size, in, out, iv);
620 #else
621  (void)cryp;
622  (void)key_id;
623  (void)size;
624  (void)in;
625  (void)out;
626  (void)nonce;
627  (void)cnt;
628 
629  return CRY_ERR_INV_ALGO;
630 #endif
631 }
632 
633 /**
634  * @brief Decryption operation using AES-CTR.
635  * @note The function operates on data buffers whose length is a multiple
636  * of an AES block, this means that padding must be done by the
637  * caller.
638  *
639  * @param[in] cryp pointer to the @p CRYDriver object
640  * @param[in] key_id the key to be used for the operation, zero is
641  * the transient key, other values are keys stored
642  * in an unspecified way
643  * @param[in] size size of both buffers, this number must be a
644  * multiple of 16
645  * @param[in] in buffer containing the input cyphertext
646  * @param[out] out buffer for the output plaintext
647  * @param[in] iv 128 bits input vector + counter, it contains
648  * a 96 bits IV and a 32 bits counter
649  * @return The operation status.
650  * @retval CRY_NOERROR if the operation succeeded.
651  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
652  * device instance.
653  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
654  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
655  * or refers to an empty key slot.
656  *
657  * @api
658  */
660  crykey_t key_id,
661  size_t size,
662  const uint8_t *in,
663  uint8_t *out,
664  const uint8_t *iv) {
665 
666  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
667  (iv != NULL) && ((size & (size_t)15) == (size_t)0));
668 
669  osalDbgAssert(cryp->state == CRY_READY, "not ready");
670 
671 #if CRY_LLD_SUPPORTS_AES_CTR == TRUE
672  return cry_lld_decrypt_AES_CTR(cryp, key_id, size, in, out, iv);
673 #elif HAL_CRY_USE_FALLBACK == TRUE
674  return cry_fallback_decrypt_AES_CTR(cryp, key_id, size, in, out, iv);
675 #else
676  (void)cryp;
677  (void)key_id;
678  (void)size;
679  (void)in;
680  (void)out;
681  (void)nonce;
682  (void)cnt;
683 
684  return CRY_ERR_INV_ALGO;
685 #endif
686 }
687 
688 /**
689  * @brief Encryption operation using AES-GCM.
690  * @note The function operates on data buffers whose length is a multiple
691  * of an AES block, this means that padding must be done by the
692  * caller.
693  *
694  * @param[in] cryp pointer to the @p CRYDriver object
695  * @param[in] key_id the key to be used for the operation, zero is
696  * the transient key, other values are keys stored
697  * in an unspecified way
698  * @param[in] size size of the text buffers, this number must be a
699  * multiple of 16
700  * @param[in] in buffer containing the input plaintext
701  * @param[out] out buffer for the output cyphertext
702  * @param[in] iv 128 bits input vector + counter, it contains
703  * a 96 bits IV and a 32 bits counter
704  * @param[in] aadsize size of the authentication data, this number
705  * must be a multiple of 16
706  * @param[in] aad buffer containing the authentication data
707  * @param[in] authtag 128 bits buffer for the generated authentication
708  * tag
709  * @return The operation status.
710  * @retval CRY_NOERROR if the operation succeeded.
711  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
712  * device instance.
713  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
714  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
715  * or refers to an empty key slot.
716  *
717  * @api
718  */
720  crykey_t key_id,
721  size_t size,
722  const uint8_t *in,
723  uint8_t *out,
724  const uint8_t *iv,
725  size_t aadsize,
726  const uint8_t *aad,
727  uint8_t *authtag) {
728 
729  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
730  (iv != NULL) && (aad != NULL) && (authtag != NULL) &&
731  ((size & (size_t)15) == (size_t)0) &&
732  ((aadsize & (size_t)15) == (size_t)0));
733 
734  osalDbgAssert(cryp->state == CRY_READY, "not ready");
735 
736 #if CRY_LLD_SUPPORTS_AES_GCM== TRUE
737  return cry_lld_encrypt_AES_GCM(cryp, key_id, size, in, out, iv,
738  aadsize, aad, authtag);
739 #elif HAL_CRY_USE_FALLBACK == TRUE
740  return cry_fallback_encrypt_AES_GCM(cryp, key_id, size, in, out, iv,
741  aadsize, aad, authtag);
742 #else
743  (void)cryp;
744  (void)key_id;
745  (void)size;
746  (void)in;
747  (void)out;
748  (void)iv;
749  (void)aadsize;
750  (void)aad;
751  (void)authtag;
752 
753  return CRY_ERR_INV_ALGO;
754 #endif
755 }
756 
757 /**
758  * @brief Decryption operation using AES-GCM.
759  * @note The function operates on data buffers whose length is a multiple
760  * of an AES block, this means that padding must be done by the
761  * caller.
762  *
763  * @param[in] cryp pointer to the @p CRYDriver object
764  * @param[in] key_id the key to be used for the operation, zero is
765  * the transient key, other values are keys stored
766  * in an unspecified way
767  * @param[in] size size of the text buffers, this number must be a
768  * multiple of 16
769  * @param[in] in buffer for the output cyphertext
770  * @param[out] out buffer containing the input plaintext
771  * @param[in] iv 128 bits input vector + counter, it contains
772  * a 96 bits IV and a 32 bits counter
773  * @param[in] aadsize size of the authentication data, this number
774  * must be a multiple of 16
775  * @param[in] aad buffer containing the authentication data
776  * @param[in] authtag 128 bits buffer for the generated authentication
777  * tag
778  * @return The operation status.
779  * @retval CRY_NOERROR if the operation succeeded.
780  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
781  * device instance.
782  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
783  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
784  * or refers to an empty key slot.
785  *
786  * @api
787  */
789  crykey_t key_id,
790  size_t size,
791  const uint8_t *in,
792  uint8_t *out,
793  const uint8_t *iv,
794  size_t aadsize,
795  const uint8_t *aad,
796  uint8_t *authtag) {
797 
798  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
799  (iv != NULL) && (aad != NULL) && (authtag != NULL) &&
800  ((size & (size_t)15) == (size_t)0) &&
801  ((aadsize & (size_t)15) == (size_t)0));
802 
803  osalDbgAssert(cryp->state == CRY_READY, "not ready");
804 
805 #if CRY_LLD_SUPPORTS_AES_GCM== TRUE
806  return cry_lld_decrypt_AES_GCM(cryp, key_id, size, in, out, iv,
807  aadsize, aad, authtag);
808 #elif HAL_CRY_USE_FALLBACK == TRUE
809  return cry_fallback_decrypt_AES_GCM(cryp, key_id, size, in, out, iv,
810  aadsize, aad, authtag);
811 #else
812  (void)cryp;
813  (void)key_id;
814  (void)size;
815  (void)in;
816  (void)out;
817  (void)iv;
818  (void)aadsize;
819  (void)aad;
820  (void)authtag;
821 
822  return CRY_ERR_INV_ALGO;
823 #endif
824 }
825 
826 /**
827  * @brief Encryption of a single block using (T)DES.
828  * @note The implementation of this function must guarantee that it can
829  * be called from any context.
830  *
831  * @param[in] cryp pointer to the @p CRYDriver object
832  * @param[in] key_id the key to be used for the operation, zero is
833  * the transient key, other values are keys stored
834  * in an unspecified way
835  * @param[in] in buffer containing the input plaintext
836  * @param[out] out buffer for the output cyphertext
837  * @return The operation status.
838  * @retval CRY_NOERROR if the operation succeeded.
839  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
840  * device instance.
841  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
842  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
843  * or refers to an empty key slot.
844  *
845  * @special
846  */
848  crykey_t key_id,
849  const uint8_t *in,
850  uint8_t *out) {
851 
852  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
853 
854  osalDbgAssert(cryp->state == CRY_READY, "not ready");
855 
856 #if CRY_LLD_SUPPORTS_DES == TRUE
857  return cry_lld_encrypt_DES(cryp, key_id, in, out);
858 #elif HAL_CRY_USE_FALLBACK == TRUE
859  return cry_fallback_encrypt_DES(cryp, key_id, in, out);
860 #else
861  (void)cryp;
862  (void)key_id;
863  (void)in;
864  (void)out;
865 
866  return CRY_ERR_INV_ALGO;
867 #endif
868 }
869 
870 /**
871  * @brief Decryption of a single block using (T)DES.
872  * @note The implementation of this function must guarantee that it can
873  * be called from any context.
874  *
875  *
876  * @param[in] cryp pointer to the @p CRYDriver object
877  * @param[in] key_id the key to be used for the operation, zero is
878  * the transient key, other values are keys stored
879  * in an unspecified way
880  * @param[in] in buffer containing the input cyphertext
881  * @param[out] out buffer for the output plaintext
882  * @return The operation status.
883  * @retval CRY_NOERROR if the operation succeeded.
884  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
885  * device instance.
886  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
887  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
888  * or refers to an empty key slot.
889  *
890  * @special
891  */
893  crykey_t key_id,
894  const uint8_t *in,
895  uint8_t *out) {
896 
897  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL));
898 
899  osalDbgAssert(cryp->state == CRY_READY, "not ready");
900 
901 #if CRY_LLD_SUPPORTS_DES == TRUE
902  return cry_lld_decrypt_DES(cryp, key_id, in, out);
903 #elif HAL_CRY_USE_FALLBACK == TRUE
904  return cry_fallback_decrypt_DES(cryp, key_id, in, out);
905 #else
906  (void)cryp;
907  (void)key_id;
908  (void)in;
909  (void)out;
910 
911  return CRY_ERR_INV_ALGO;
912 #endif
913 }
914 
915 /**
916  * @brief Encryption operation using (T)DES-ECB.
917  * @note The function operates on data buffers whose length is a multiple
918  * of an DES block, this means that padding must be done by the
919  * caller.
920  *
921  * @param[in] cryp pointer to the @p CRYDriver object
922  * @param[in] key_id the key to be used for the operation, zero is
923  * the transient key, other values are keys stored
924  * in an unspecified way
925  * @param[in] size size of both buffers, this number must be a
926  * multiple of 8
927  * @param[in] in buffer containing the input plaintext
928  * @param[out] out buffer for the output cyphertext
929  * @return The operation status.
930  * @retval CRY_NOERROR if the operation succeeded.
931  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
932  * device instance.
933  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
934  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
935  * or refers to an empty key slot.
936  *
937  * @api
938  */
940  crykey_t key_id,
941  size_t size,
942  const uint8_t *in,
943  uint8_t *out) {
944 
945  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
946  ((size & (size_t)7) == (size_t)0));
947 
948  osalDbgAssert(cryp->state == CRY_READY, "not ready");
949 
950 #if CRY_LLD_SUPPORTS_DES_ECB == TRUE
951  return cry_lld_encrypt_DES_ECB(cryp, key_id, size, in, out);
952 #elif HAL_CRY_USE_FALLBACK == TRUE
953  return cry_fallback_encrypt_DES_ECB(cryp, key_id, size, in, out);
954 #else
955  (void)cryp;
956  (void)key_id;
957  (void)size;
958  (void)in;
959  (void)out;
960 
961  return CRY_ERR_INV_ALGO;
962 #endif
963 }
964 
965 /**
966  * @brief Decryption operation using (T)DES-ECB.
967  * @note The function operates on data buffers whose length is a multiple
968  * of an DES block, this means that padding must be done by the
969  * caller.
970  *
971  * @param[in] cryp pointer to the @p CRYDriver object
972  * @param[in] key_id the key to be used for the operation, zero is
973  * the transient key, other values are keys stored
974  * in an unspecified way
975  * @param[in] size size of both buffers, this number must be a
976  * multiple of 8
977  * @param[in] in buffer containing the input cyphertext
978  * @param[out] out buffer for the output plaintext
979  * @return The operation status.
980  * @retval CRY_NOERROR if the operation succeeded.
981  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
982  * device instance.
983  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
984  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
985  * or refers to an empty key slot.
986  *
987  * @api
988  */
990  crykey_t key_id,
991  size_t size,
992  const uint8_t *in,
993  uint8_t *out) {
994 
995  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
996  ((size & (size_t)7) == (size_t)0));
997 
998  osalDbgAssert(cryp->state == CRY_READY, "not ready");
999 
1000 #if CRY_LLD_SUPPORTS_DES_ECB == TRUE
1001  return cry_lld_decrypt_DES_ECB(cryp, key_id, size, in, out);
1002 #elif HAL_CRY_USE_FALLBACK == TRUE
1003  return cry_fallback_decrypt_DES_ECB(cryp, key_id, size, in, out);
1004 #else
1005  (void)cryp;
1006  (void)key_id;
1007  (void)size;
1008  (void)in;
1009  (void)out;
1010 
1011  return CRY_ERR_INV_ALGO;
1012 #endif
1013 }
1014 
1015 /**
1016  * @brief Encryption operation using (T)DES-CBC.
1017  * @note The function operates on data buffers whose length is a multiple
1018  * of an DES block, this means that padding must be done by the
1019  * caller.
1020  *
1021  * @param[in] cryp pointer to the @p CRYDriver object
1022  * @param[in] key_id the key to be used for the operation, zero is
1023  * the transient key, other values are keys stored
1024  * in an unspecified way
1025  * @param[in] size size of both buffers, this number must be a
1026  * multiple of 8
1027  * @param[in] in buffer containing the input plaintext
1028  * @param[out] out buffer for the output cyphertext
1029  * @param[in] iv 64 bits input vector
1030  * @return The operation status.
1031  * @retval CRY_NOERROR if the operation succeeded.
1032  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1033  * device instance.
1034  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
1035  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
1036  * or refers to an empty key slot.
1037  *
1038  * @api
1039  */
1041  crykey_t key_id,
1042  size_t size,
1043  const uint8_t *in,
1044  uint8_t *out,
1045  const uint8_t *iv) {
1046 
1047  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
1048  (iv != NULL) && ((size & (size_t)7) == (size_t)0));
1049 
1050  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1051 
1052 #if CRY_LLD_SUPPORTS_DES_CBC == TRUE
1053  return cry_lld_encrypt_DES_CBC(cryp, key_id, size, in, out, iv);
1054 #elif HAL_CRY_USE_FALLBACK == TRUE
1055  return cry_fallback_encrypt_DES_CBC(cryp, key_id, size, in, out, iv);
1056 #else
1057  (void)cryp;
1058  (void)key_id;
1059  (void)size;
1060  (void)in;
1061  (void)out;
1062  (void)iv;
1063 
1064  return CRY_ERR_INV_ALGO;
1065 #endif
1066 }
1067 
1068 /**
1069  * @brief Decryption operation using (T)DES-CBC.
1070  * @note The function operates on data buffers whose length is a multiple
1071  * of an DES block, this means that padding must be done by the
1072  * caller.
1073  *
1074  * @param[in] cryp pointer to the @p CRYDriver object
1075  * @param[in] key_id the key to be used for the operation, zero is
1076  * the transient key, other values are keys stored
1077  * in an unspecified way
1078  * @param[in] size size of both buffers, this number must be a
1079  * multiple of 8
1080  * @param[in] in buffer containing the input cyphertext
1081  * @param[out] out buffer for the output plaintext
1082  * @param[in] iv 64 bits input vector
1083  * @return The operation status.
1084  * @retval CRY_NOERROR if the operation succeeded.
1085  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1086  * device instance.
1087  * @retval CRY_ERR_INV_KEY_TYPE the selected key is invalid for this operation.
1088  * @retval CRY_ERR_INV_KEY_ID if the specified key identifier is invalid
1089  * or refers to an empty key slot.
1090  *
1091  * @api
1092  */
1094  crykey_t key_id,
1095  size_t size,
1096  const uint8_t *in,
1097  uint8_t *out,
1098  const uint8_t *iv) {
1099 
1100  osalDbgCheck((cryp != NULL) && (in != NULL) && (out != NULL) &&
1101  (iv != NULL) && ((size & (size_t)7) == (size_t)0));
1102 
1103  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1104 
1105 #if CRY_LLD_SUPPORTS_DES_CBC == TRUE
1106  return cry_lld_decrypt_DES_CBC(cryp, key_id, size, in, out, iv);
1107 #elif HAL_CRY_USE_FALLBACK == TRUE
1108  return cry_fallback_decrypt_DES_CBC(cryp, key_id, size, in, out, iv);
1109 #else
1110  (void)cryp;
1111  (void)key_id;
1112  (void)size;
1113  (void)in;
1114  (void)out;
1115  (void)iv;
1116 
1117  return CRY_ERR_INV_ALGO;
1118 #endif
1119 }
1120 
1121 /**
1122  * @brief Hash initialization using SHA1.
1123  * @note Use of this algorithm is not recommended because proven weak.
1124  *
1125  * @param[in] cryp pointer to the @p CRYDriver object
1126  * @param[out] sha1ctxp pointer to a SHA1 context to be initialized
1127  * @return The operation status.
1128  * @retval CRY_NOERROR if the operation succeeded.
1129  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1130  * device instance.
1131  *
1132  * @api
1133  */
1135 
1136  osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL));
1137 
1138  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1139 
1140 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1141  return cry_lld_SHA1_init(cryp, sha1ctxp);
1142 #elif HAL_CRY_USE_FALLBACK == TRUE
1143  return cry_fallback_SHA1_init(cryp, sha1ctxp);
1144 #else
1145  (void)cryp;
1146  (void)sha1ctxp;
1147 
1148  return CRY_ERR_INV_ALGO;
1149 #endif
1150 }
1151 
1152 /**
1153  * @brief Hash update using SHA1.
1154  * @note Use of this algorithm is not recommended because proven weak.
1155  *
1156  * @param[in] cryp pointer to the @p CRYDriver object
1157  * @param[in] sha1ctxp pointer to a SHA1 context
1158  * @param[in] size size of input buffer
1159  * @param[in] in buffer containing the input text
1160  * @return The operation status.
1161  * @retval CRY_NOERROR if the operation succeeded.
1162  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1163  * device instance.
1164  *
1165  * @api
1166  */
1168  size_t size, const uint8_t *in) {
1169 
1170  osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (in != NULL));
1171 
1172  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1173 
1174 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1175  return cry_lld_SHA1_update(cryp, sha1ctxp, size, in);
1176 #elif HAL_CRY_USE_FALLBACK == TRUE
1177  return cry_fallback_SHA1_update(cryp, sha1ctxp, size, in);
1178 #else
1179  (void)cryp;
1180  (void)sha1ctxp;
1181  (void)size;
1182  (void)in;
1183 
1184  return CRY_ERR_INV_ALGO;
1185 #endif
1186 }
1187 
1188 /**
1189  * @brief Hash finalization using SHA1.
1190  * @note Use of this algorithm is not recommended because proven weak.
1191  *
1192  * @param[in] cryp pointer to the @p CRYDriver object
1193  * @param[in] sha1ctxp pointer to a SHA1 context
1194  * @param[out] out 160 bits output buffer
1195  * @return The operation status.
1196  * @retval CRY_NOERROR if the operation succeeded.
1197  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1198  * device instance.
1199  *
1200  * @api
1201  */
1202 cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out) {
1203 
1204  osalDbgCheck((cryp != NULL) && (sha1ctxp != NULL) && (out != NULL));
1205 
1206  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1207 
1208 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1209  return cry_lld_SHA1_final(cryp, sha1ctxp, out);
1210 #elif HAL_CRY_USE_FALLBACK == TRUE
1211  return cry_fallback_SHA1_final(cryp, sha1ctxp, out);
1212 #else
1213  (void)cryp;
1214  (void)sha1ctxp;
1215  (void)out;
1216 
1217  return CRY_ERR_INV_ALGO;
1218 #endif
1219 }
1220 
1221 /**
1222  * @brief Hash initialization using SHA256.
1223  * @note Use of this algorithm is not recommended because proven weak.
1224  *
1225  * @param[in] cryp pointer to the @p CRYDriver object
1226  * @param[out] sha256ctxp pointer to a SHA256 context to be initialized
1227  * @return The operation status.
1228  * @retval CRY_NOERROR if the operation succeeded.
1229  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1230  * device instance.
1231  *
1232  * @api
1233  */
1235 
1236  osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL));
1237 
1238  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1239 
1240 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1241  return cry_lld_SHA256_init(cryp, sha256ctxp);
1242 #elif HAL_CRY_USE_FALLBACK == TRUE
1243  return cry_fallback_SHA256_init(cryp, sha256ctxp);
1244 #else
1245  (void)cryp;
1246  (void)sha256ctxp;
1247 
1248  return CRY_ERR_INV_ALGO;
1249 #endif
1250 }
1251 
1252 /**
1253  * @brief Hash update using SHA256.
1254  * @note Use of this algorithm is not recommended because proven weak.
1255  *
1256  * @param[in] cryp pointer to the @p CRYDriver object
1257  * @param[in] sha256ctxp pointer to a SHA256 context
1258  * @param[in] size size of input buffer
1259  * @param[in] in buffer containing the input text
1260  * @return The operation status.
1261  * @retval CRY_NOERROR if the operation succeeded.
1262  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1263  * device instance.
1264  *
1265  * @api
1266  */
1268  size_t size, const uint8_t *in) {
1269 
1270  osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (in != NULL));
1271 
1272  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1273 
1274 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1275  return cry_lld_SHA256_update(cryp, sha256ctxp, size, in);
1276 #elif HAL_CRY_USE_FALLBACK == TRUE
1277  return cry_fallback_SHA256_update(cryp, sha256ctxp, size, in);
1278 #else
1279  (void)cryp;
1280  (void)sha256ctxp;
1281  (void)size;
1282  (void)in;
1283 
1284  return CRY_ERR_INV_ALGO;
1285 #endif
1286 }
1287 
1288 /**
1289  * @brief Hash finalization using SHA256.
1290  * @note Use of this algorithm is not recommended because proven weak.
1291  *
1292  * @param[in] cryp pointer to the @p CRYDriver object
1293  * @param[in] sha256ctxp pointer to a SHA256 context
1294  * @param[out] out 256 bits output buffer
1295  * @return The operation status.
1296  * @retval CRY_NOERROR if the operation succeeded.
1297  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1298  * device instance.
1299  *
1300  * @api
1301  */
1303  uint8_t *out) {
1304 
1305  osalDbgCheck((cryp != NULL) && (sha256ctxp != NULL) && (out != NULL));
1306 
1307  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1308 
1309 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1310  return cry_lld_SHA256_final(cryp, sha256ctxp, out);
1311 #elif HAL_CRY_USE_FALLBACK == TRUE
1312  return cry_fallback_SHA256_final(cryp, sha256ctxp, out);
1313 #else
1314  (void)cryp;
1315  (void)sha256ctxp;
1316  (void)out;
1317 
1318  return CRY_ERR_INV_ALGO;
1319 #endif
1320 }
1321 
1322 /**
1323  * @brief Hash initialization using SHA512.
1324  * @note Use of this algorithm is not recommended because proven weak.
1325  *
1326  * @param[in] cryp pointer to the @p CRYDriver object
1327  * @param[out] sha512ctxp pointer to a SHA512 context to be initialized
1328  * @return The operation status.
1329  * @retval CRY_NOERROR if the operation succeeded.
1330  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1331  * device instance.
1332  *
1333  * @api
1334  */
1336 
1337  osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL));
1338 
1339  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1340 
1341 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1342  return cry_lld_SHA512_init(cryp, sha512ctxp);
1343 #elif HAL_CRY_USE_FALLBACK == TRUE
1344  return cry_fallback_SHA512_init(cryp, sha512ctxp);
1345 #else
1346  (void)cryp;
1347  (void)sha512ctxp;
1348 
1349  return CRY_ERR_INV_ALGO;
1350 #endif
1351 }
1352 
1353 /**
1354  * @brief Hash update using SHA512.
1355  * @note Use of this algorithm is not recommended because proven weak.
1356  *
1357  * @param[in] cryp pointer to the @p CRYDriver object
1358  * @param[in] sha512ctxp pointer to a SHA512 context
1359  * @param[in] size size of input buffer
1360  * @param[in] in buffer containing the input text
1361  * @return The operation status.
1362  * @retval CRY_NOERROR if the operation succeeded.
1363  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1364  * device instance.
1365  *
1366  * @api
1367  */
1369  size_t size, const uint8_t *in) {
1370 
1371  osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (in != NULL));
1372 
1373  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1374 
1375 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1376  return cry_lld_SHA512_update(cryp, sha512ctxp, size, in);
1377 #elif HAL_CRY_USE_FALLBACK == TRUE
1378  return cry_fallback_SHA512_update(cryp, sha512ctxp, size, in);
1379 #else
1380  (void)cryp;
1381  (void)sha512ctxp;
1382  (void)size;
1383  (void)in;
1384 
1385  return CRY_ERR_INV_ALGO;
1386 #endif
1387 }
1388 
1389 /**
1390  * @brief Hash finalization using SHA512.
1391  * @note Use of this algorithm is not recommended because proven weak.
1392  *
1393  * @param[in] cryp pointer to the @p CRYDriver object
1394  * @param[in] sha512ctxp pointer to a SHA512 context
1395  * @param[out] out 512 bits output buffer
1396  * @return The operation status.
1397  * @retval CRY_NOERROR if the operation succeeded.
1398  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1399  * device instance.
1400  *
1401  * @api
1402  */
1404  uint8_t *out) {
1405 
1406  osalDbgCheck((cryp != NULL) && (sha512ctxp != NULL) && (out != NULL));
1407 
1408  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1409 
1410 #if CRY_LLD_SUPPORTS_SHA1 == TRUE
1411  return cry_lld_SHA512_final(cryp, sha512ctxp, out);
1412 #elif HAL_CRY_USE_FALLBACK == TRUE
1413  return cry_fallback_SHA512_final(cryp, sha512ctxp, out);
1414 #else
1415  (void)cryp;
1416  (void)sha512ctxp;
1417  (void)out;
1418 
1419  return CRY_ERR_INV_ALGO;
1420 #endif
1421 }
1422 
1423 /**
1424  * @brief True random numbers generator.
1425  *
1426  * @param[in] cryp pointer to the @p CRYDriver object
1427  * @param[out] out 128 bits output buffer
1428  * @return The operation status.
1429  * @retval CRY_NOERROR if the operation succeeded.
1430  * @retval CRY_ERR_INV_ALGO if the operation is unsupported on this
1431  * device instance.
1432  *
1433  * @api
1434  */
1435 cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out) {
1436 
1437  osalDbgCheck((cryp != NULL) && (out != NULL));
1438 
1439  osalDbgAssert(cryp->state == CRY_READY, "not ready");
1440 
1441 #if CRY_LLD_SUPPORTS_TRNG == TRUE
1442  return cry_lld_TRNG(cryp, out);
1443 #elif HAL_CRY_USE_FALLBACK == TRUE
1444  return cry_fallback_TRNG(cryp, out);
1445 #else
1446  (void)cryp;
1447  (void)out;
1448 
1449  return CRY_ERR_INV_ALGO;
1450 #endif
1451 }
1452 
1453 #endif /* HAL_USE_CRY == TRUE */
1454 
1455 /** @} */
cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out)
Hash finalization using SHA1.
Definition: hal_crypto.c:1202
cryerror_t cry_lld_SHA1_init(CRYDriver *cryp, SHA1Context *sha1ctxp)
Hash initialization using SHA1.
cryerror_t cry_lld_decrypt_AES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Decryption operation using AES-GCM.
void cryInit(void)
Cryptographic Driver initialization.
Definition: hal_crypto.c:56
cryerror_t cry_lld_decrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CFB.
cryerror_t cry_lld_encrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CBC.
cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp)
Hash initialization using SHA256.
Definition: hal_crypto.c:1234
cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, size_t size, const uint8_t *in)
Hash update using SHA1.
Definition: hal_crypto.c:1167
void cryStart(CRYDriver *cryp, const CRYConfig *config)
Configures and activates the cryptographic peripheral.
Definition: hal_crypto.c:88
cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CFB.
Definition: hal_crypto.c:497
cryerror_t cry_lld_SHA1_final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out)
Hash finalization using SHA1.
cryerror_t cry_lld_SHA1_update(CRYDriver *cryp, SHA1Context *sha1ctxp, size_t size, const uint8_t *in)
Hash update using SHA1.
cryerror_t cryDecryptDES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using (T)DES.
Definition: hal_crypto.c:892
cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CTR.
Definition: hal_crypto.c:659
Type of a SHA512 context.
Definition: hal_crypto.h:190
cryerror_t cry_lld_decrypt_DES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using (T)DES-ECB.
cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Encryption operation using AES-GCM.
Definition: hal_crypto.c:719
cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using AES-ECB.
Definition: hal_crypto.c:340
cryerror_t cry_lld_TRNG(CRYDriver *cryp, uint8_t *out)
True random numbers generator.
Structure representing an CRY driver.
HAL subsystem header.
cryerror_t cryEncryptDES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using (T)DES.
Definition: hal_crypto.c:847
cryerror_t cry_lld_encrypt_DES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using (T)DES-CBC.
#define HAL_CRY_MAX_KEY_SIZE
Maximum size of a key for all supported algorithms.
Definition: hal_crypto.h:37
static void osalSysUnlock(void)
Leaves a critical zone from thread context.
Definition: osal.h:540
cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using (T)DES-CBC.
Definition: hal_crypto.c:1093
void cry_lld_stop(CRYDriver *cryp)
Deactivates the crypto peripheral.
cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Decryption operation using AES-GCM.
Definition: hal_crypto.c:788
void cryStop(CRYDriver *cryp)
Deactivates the cryptographic peripheral.
Definition: hal_crypto.c:110
cryerror_t cry_lld_encrypt_AES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CFB.
cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using (T)DES-ECB.
Definition: hal_crypto.c:989
cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp)
Hash initialization using SHA1.
Definition: hal_crypto.c:1134
cryerror_t
Driver error codes.
Definition: hal_crypto.h:94
cryerror_t cry_lld_encrypt_AES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Encryption operation using AES-GCM.
cryerror_t cry_lld_decrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using AES-ECB.
Driver configuration structure.
cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CTR.
Definition: hal_crypto.c:604
cryalgorithm_t key0_type
Algorithm type of transient key.
cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, size_t size, const uint8_t *in)
Hash update using SHA256.
Definition: hal_crypto.c:1267
void cry_lld_start(CRYDriver *cryp)
Configures and activates the crypto peripheral.
uint32_t crykey_t
CRY key identifier type.
cryerror_t cry_lld_decrypt_AES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using AES.
cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp)
Hash initialization using SHA512.
Definition: hal_crypto.c:1335
cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, uint8_t *out)
Hash finalization using SHA256.
Definition: hal_crypto.c:1302
cryerror_t cry_lld_SHA512_init(CRYDriver *cryp, SHA512Context *sha512ctxp)
Hash initialization using SHA512.
#define osalDbgCheck(c)
Function parameters check.
Definition: osal.h:278
cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CFB.
Definition: hal_crypto.c:550
void cry_lld_init(void)
Low level crypto driver initialization.
cryerror_t cry_lld_SHA512_final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out)
Hash finalization using SHA512.
cryerror_t cry_lld_decrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CTR.
cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out)
Hash finalization using SHA512.
Definition: hal_crypto.c:1403
cryalgorithm_t
Type of an algorithm identifier.
Definition: hal_crypto.h:106
cryerror_t cry_lld_encrypt_AES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using AES-ECB.
cryerror_t cry_lld_decrypt_DES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using (T)DES-CBC.
cryerror_t cry_lld_encrypt_DES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using (T)DES-ECB.
cryerror_t cry_lld_decrypt_DES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using (T)DES.
static void osalSysLock(void)
Enters a critical zone from thread context.
Definition: osal.h:530
size_t key0_size
Size of transient key.
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using AES-ECB.
Definition: hal_crypto.c:290
cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CBC.
Definition: hal_crypto.c:391
cryerror_t cry_lld_encrypt_AES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using AES.
cryerror_t cry_lld_SHA512_update(CRYDriver *cryp, SHA512Context *sha512ctxp, size_t size, const uint8_t *in)
Hash update using SHA512.
USBInEndpointState in
IN EP0 state.
Definition: hal_usb_lld.c:57
cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CBC.
Definition: hal_crypto.c:444
#define osalDbgAssert(c, remark)
Condition assertion.
Definition: osal.h:258
cryerror_t cry_lld_SHA256_init(CRYDriver *cryp, SHA256Context *sha256ctxp)
Hash initialization using SHA256.
cryerror_t cry_lld_decrypt_AES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CBC.
crystate_t state
Driver state.
cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, size_t size, const uint8_t *in)
Hash update using SHA512.
Definition: hal_crypto.c:1368
Type of a SHA1 context.
Definition: hal_crypto.h:174
USBOutEndpointState out
OUT EP0 state.
Definition: hal_usb_lld.c:61
cryerror_t cry_lld_encrypt_DES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using (T)DES.
cryerror_t cry_lld_loadkey(CRYDriver *cryp, cryalgorithm_t algorithm, size_t size, const uint8_t *keyp)
Initializes the transient key for a specific algorithm.
cryerror_t cryLoadTransientKey(CRYDriver *cryp, cryalgorithm_t algorithm, size_t size, const uint8_t *keyp)
Initializes the transient key for a specific algorithm.
Definition: hal_crypto.c:146
cryerror_t cry_lld_SHA256_update(CRYDriver *cryp, SHA256Context *sha256ctxp, size_t size, const uint8_t *in)
Hash update using SHA256.
Type of a SHA256 context.
Definition: hal_crypto.h:182
cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out)
True random numbers generator.
Definition: hal_crypto.c:1435
cryerror_t cry_lld_SHA256_final(CRYDriver *cryp, SHA256Context *sha256ctxp, uint8_t *out)
Hash finalization using SHA256.
cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using (T)DES-ECB.
Definition: hal_crypto.c:939
const CRYConfig * config
Current configuration data.
cryerror_t cryEncryptAES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using AES.
Definition: hal_crypto.c:199
cryerror_t cryDecryptAES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using AES.
Definition: hal_crypto.c:243
cryerror_t cry_lld_encrypt_AES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CTR.
void cryObjectInit(CRYDriver *cryp)
Initializes the standard part of a CRYDriver structure.
Definition: hal_crypto.c:70
cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using (T)DES-CBC.
Definition: hal_crypto.c:1040