ChibiOS/HAL  6.1.0
hal_crypto.h
Go to the documentation of this file.
1 /*
2  ChibiOS - Copyright (C) 2006..2018 Giovanni Di Sirio
3 
4  Licensed under the Apache License, Version 2.0 (the "License");
5  you may not use this file except in compliance with the License.
6  You may obtain a copy of the License at
7 
8  http://www.apache.org/licenses/LICENSE-2.0
9 
10  Unless required by applicable law or agreed to in writing, software
11  distributed under the License is distributed on an "AS IS" BASIS,
12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  See the License for the specific language governing permissions and
14  limitations under the License.
15 */
16 
17 /**
18  * @file hal_crypto.h
19  * @brief Cryptographic Driver macros and structures.
20  *
21  * @addtogroup CRYPTO
22  * @{
23  */
24 
25 #ifndef HAL_CRYPTO_H
26 #define HAL_CRYPTO_H
27 
28 #if (HAL_USE_CRY == TRUE) || defined(__DOXYGEN__)
29 
30 /*===========================================================================*/
31 /* Driver constants. */
32 /*===========================================================================*/
33 
34 /**
35  * @brief Maximum size of a key for all supported algorithms.
36  */
37 #define HAL_CRY_MAX_KEY_SIZE 32
38 
39 /*===========================================================================*/
40 /* Driver pre-compile time settings. */
41 /*===========================================================================*/
42 
43 /**
44  * @brief Enables the SW fall-back of the cryptographic driver.
45  * @details When enabled, this option, activates a fall-back software
46  * implementation for algorithms not supported by the underlying
47  * hardware.
48  * @note Fall-back implementations may not be present for all algorithms.
49  */
50 #if !defined(HAL_CRY_USE_FALLBACK) || defined(__DOXYGEN__)
51 #define HAL_CRY_USE_FALLBACK FALSE
52 #endif
53 
54 /**
55  * @brief Makes the driver forcibly use the fall-back implementations.
56  * @note If enabled then the LLD driver is not included at all.
57  */
58 #if !defined(HAL_CRY_ENFORCE_FALLBACK) || defined(__DOXYGEN__)
59 #define HAL_CRY_ENFORCE_FALLBACK FALSE
60 #endif
61 
62 /*===========================================================================*/
63 /* Derived constants and error checks. */
64 /*===========================================================================*/
65 
66 #if HAL_CRY_ENFORCE_FALLBACK == TRUE
67 #undef HAL_CRY_USE_FALLBACK
68 #define HAL_CRY_USE_FALLBACK TRUE
69 #endif
70 
71 /*===========================================================================*/
72 /* Driver data structures and types. */
73 /*===========================================================================*/
74 
75 /**
76  * @brief Size, in bits, of a crypto field or message.
77  * @note It is assumed, for simplicity, that this type is equivalent to
78  * a @p size_t.
79  */
80 typedef size_t bitsize_t;
81 
82 /**
83  * @brief Driver state machine possible states.
84  */
85 typedef enum {
86  CRY_UNINIT = 0, /**< Not initialized. */
87  CRY_STOP = 1, /**< Stopped. */
88  CRY_READY = 2 /**< Ready. */
89 } crystate_t;
90 
91 /**
92  * @brief Driver error codes.
93  */
94 typedef enum {
95  CRY_NOERROR = 0, /**< No error. */
96  CRY_ERR_INV_ALGO = 1, /**< Invalid cypher/mode. */
97  CRY_ERR_INV_KEY_SIZE = 2, /**< Invalid key size. */
98  CRY_ERR_INV_KEY_TYPE = 3, /**< Invalid key type. */
99  CRY_ERR_INV_KEY_ID = 4 /**< Invalid key type. */
100 } cryerror_t;
101 
102 /**
103  * @brief Type of an algorithm identifier.
104  * @note It is only used to determine the key required for operations.
105  */
106 typedef enum {
107  cry_algo_none = 0,
108  cry_algo_aes, /**< AES 128, 192, 256 bits. */
109  cry_algo_des /**< DES 56, TDES 112, 168 bits.*/
110 } cryalgorithm_t;
111 
112 #if HAL_CRY_ENFORCE_FALLBACK == FALSE
113 /* Use the defined low level driver.*/
114 #include "hal_crypto_lld.h"
115 
116 #if !defined(CRY_LLD_SUPPORTS_AES) || \
117  !defined(CRY_LLD_SUPPORTS_AES_ECB) || \
118  !defined(CRY_LLD_SUPPORTS_AES_CBC) || \
119  !defined(CRY_LLD_SUPPORTS_AES_CFB) || \
120  !defined(CRY_LLD_SUPPORTS_AES_CTR) || \
121  !defined(CRY_LLD_SUPPORTS_AES_GCM) || \
122  !defined(CRY_LLD_SUPPORTS_DES) || \
123  !defined(CRY_LLD_SUPPORTS_DES_ECB) || \
124  !defined(CRY_LLD_SUPPORTS_DES_CBC) || \
125  !defined(CRY_LLD_SUPPORTS_SHA1) || \
126  !defined(CRY_LLD_SUPPORTS_SHA256) || \
127  !defined(CRY_LLD_SUPPORTS_SHA512) || \
128  !defined(CRY_LLD_SUPPORTS_TRNG)
129 #error "CRYPTO LLD does not export the required switches"
130 #endif
131 
132 #else /* HAL_CRY_ENFORCE_FALLBACK == TRUE */
133 /* No LLD at all, using the standalone mode.*/
134 
135 #define CRY_LLD_SUPPORTS_AES FALSE
136 #define CRY_LLD_SUPPORTS_AES_ECB FALSE
137 #define CRY_LLD_SUPPORTS_AES_CBC FALSE
138 #define CRY_LLD_SUPPORTS_AES_CFB FALSE
139 #define CRY_LLD_SUPPORTS_AES_CTR FALSE
140 #define CRY_LLD_SUPPORTS_AES_GCM FALSE
141 #define CRY_LLD_SUPPORTS_DES FALSE
142 #define CRY_LLD_SUPPORTS_DES_ECB FALSE
143 #define CRY_LLD_SUPPORTS_DES_CBC FALSE
144 #define CRY_LLD_SUPPORTS_SHA1 FALSE
145 #define CRY_LLD_SUPPORTS_SHA256 FALSE
146 #define CRY_LLD_SUPPORTS_SHA512 FALSE
147 #define CRY_LLD_SUPPORTS_TRNG FALSE
148 
149 typedef uint_fast8_t crykey_t;
150 
151 typedef struct CRYDriver CRYDriver;
152 
153 typedef struct {
154  uint32_t dummy;
155 } CRYConfig;
156 
157 struct CRYDriver {
158  crystate_t state;
159  const CRYConfig *config;
160  cryalgorithm_t key0_type;
161  size_t key0_size;
162  uint8_t key0_buffer[HAL_CRY_MAX_KEY_SIZE];
163 };
164 #endif /* HAL_CRY_ENFORCE_FALLBACK == TRUE */
165 
166 /* The fallback header is included only if required by settings.*/
167 #if HAL_CRY_USE_FALLBACK == TRUE
168 #include "hal_crypto_fallback.h"
169 #endif
170 
171 #if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA1 == FALSE)
172 /* Stub @p SHA1Context structure type declaration. It is not provided by the
173  LLD and the fallback is not enabled.*/
174 typedef struct {
175  uint32_t dummy;
176 } SHA1Context;
177 #endif
178 
179 #if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA256 == FALSE)
180 /* Stub @p SHA256Context structure type declaration. It is not provided by the
181  LLD and the fallback is not enabled.*/
182 typedef struct {
183  uint32_t dummy;
184 } SHA256Context;
185 #endif
186 
187 #if (HAL_CRY_USE_FALLBACK == FALSE) && (CRY_LLD_SUPPORTS_SHA512 == FALSE)
188 /* Stub @p SHA512Context structure type declaration. It is not provided by the
189  LLD and the fallback is not enabled.*/
190 typedef struct {
191  uint32_t dummy;
192 } SHA512Context;
193 #endif
194 
195 /*===========================================================================*/
196 /* Driver macros. */
197 /*===========================================================================*/
198 
199 /**
200  * @name Low level driver helper macros
201  * @{
202  */
203 /** @} */
204 
205 /*===========================================================================*/
206 /* External declarations. */
207 /*===========================================================================*/
208 
209 #ifdef __cplusplus
210 extern "C" {
211 #endif
212  void cryInit(void);
213  void cryObjectInit(CRYDriver *cryp);
214  void cryStart(CRYDriver *cryp, const CRYConfig *config);
215  void cryStop(CRYDriver *cryp);
216  cryerror_t cryLoadTransientKey(CRYDriver *cryp,
217  cryalgorithm_t algorithm,
218  size_t size,
219  const uint8_t *keyp);
220  cryerror_t cryEncryptAES(CRYDriver *cryp,
221  crykey_t key_id,
222  const uint8_t *in,
223  uint8_t *out);
224  cryerror_t cryDecryptAES(CRYDriver *cryp,
225  crykey_t key_id,
226  const uint8_t *in,
227  uint8_t *out);
228  cryerror_t cryEncryptAES_ECB(CRYDriver *cryp,
229  crykey_t key_id,
230  size_t size,
231  const uint8_t *in,
232  uint8_t *out);
233  cryerror_t cryDecryptAES_ECB(CRYDriver *cryp,
234  crykey_t key_id,
235  size_t size,
236  const uint8_t *in,
237  uint8_t *out);
238  cryerror_t cryEncryptAES_CBC(CRYDriver *cryp,
239  crykey_t key_id,
240  size_t size,
241  const uint8_t *in,
242  uint8_t *out,
243  const uint8_t *iv);
244  cryerror_t cryDecryptAES_CBC(CRYDriver *cryp,
245  crykey_t key_id,
246  size_t size,
247  const uint8_t *in,
248  uint8_t *out,
249  const uint8_t *iv);
250  cryerror_t cryEncryptAES_CFB(CRYDriver *cryp,
251  crykey_t key_id,
252  size_t size,
253  const uint8_t *in,
254  uint8_t *out,
255  const uint8_t *iv);
256  cryerror_t cryDecryptAES_CFB(CRYDriver *cryp,
257  crykey_t key_id,
258  size_t size,
259  const uint8_t *in,
260  uint8_t *out,
261  const uint8_t *iv);
262  cryerror_t cryEncryptAES_CTR(CRYDriver *cryp,
263  crykey_t key_id,
264  size_t size,
265  const uint8_t *in,
266  uint8_t *out,
267  const uint8_t *iv);
268  cryerror_t cryDecryptAES_CTR(CRYDriver *cryp,
269  crykey_t key_id,
270  size_t size,
271  const uint8_t *in,
272  uint8_t *out,
273  const uint8_t *iv);
274  cryerror_t cryEncryptAES_GCM(CRYDriver *cryp,
275  crykey_t key_id,
276  size_t size,
277  const uint8_t *in,
278  uint8_t *out,
279  const uint8_t *iv,
280  size_t aadsize,
281  const uint8_t *aad,
282  uint8_t *authtag);
283  cryerror_t cryDecryptAES_GCM(CRYDriver *cryp,
284  crykey_t key_id,
285  size_t size,
286  const uint8_t *in,
287  uint8_t *out,
288  const uint8_t *iv,
289  size_t aadsize,
290  const uint8_t *aad,
291  uint8_t *authtag);
292  cryerror_t cryEncryptDES(CRYDriver *cryp,
293  crykey_t key_id,
294  const uint8_t *in,
295  uint8_t *out);
296  cryerror_t cryDecryptDES(CRYDriver *cryp,
297  crykey_t key_id,
298  const uint8_t *in,
299  uint8_t *out);
300  cryerror_t cryEncryptDES_ECB(CRYDriver *cryp,
301  crykey_t key_id,
302  size_t size,
303  const uint8_t *in,
304  uint8_t *out);
305  cryerror_t cryDecryptDES_ECB(CRYDriver *cryp,
306  crykey_t key_id,
307  size_t size,
308  const uint8_t *in,
309  uint8_t *out);
310  cryerror_t cryEncryptDES_CBC(CRYDriver *cryp,
311  crykey_t key_id,
312  size_t size,
313  const uint8_t *in,
314  uint8_t *out,
315  const uint8_t *iv);
316  cryerror_t cryDecryptDES_CBC(CRYDriver *cryp,
317  crykey_t key_id,
318  size_t size,
319  const uint8_t *in,
320  uint8_t *out,
321  const uint8_t *iv);
322  cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp);
323  cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp,
324  size_t size, const uint8_t *in);
325  cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp,
326  uint8_t *out);
327  cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp);
328  cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp,
329  size_t size, const uint8_t *in);
330  cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp,
331  uint8_t *out);
332  cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp);
333  cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp,
334  size_t size, const uint8_t *in);
335  cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp,
336  uint8_t *out);
337  cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out);
338 #ifdef __cplusplus
339 }
340 #endif
341 
342 #endif /* HAL_USE_CRYPTO == TRUE */
343 
344 #endif /* HAL_CRYPTO_H */
345 
346 /** @} */
crySHA1Final
cryerror_t crySHA1Final(CRYDriver *cryp, SHA1Context *sha1ctxp, uint8_t *out)
Hash finalization using SHA1.
Definition: hal_crypto.c:1202
cryInit
void cryInit(void)
Cryptographic Driver initialization.
Definition: hal_crypto.c:56
crySHA256Init
cryerror_t crySHA256Init(CRYDriver *cryp, SHA256Context *sha256ctxp)
Hash initialization using SHA256.
Definition: hal_crypto.c:1234
crySHA1Update
cryerror_t crySHA1Update(CRYDriver *cryp, SHA1Context *sha1ctxp, size_t size, const uint8_t *in)
Hash update using SHA1.
Definition: hal_crypto.c:1167
cryStart
void cryStart(CRYDriver *cryp, const CRYConfig *config)
Configures and activates the cryptographic peripheral.
Definition: hal_crypto.c:88
cryEncryptAES_CFB
cryerror_t cryEncryptAES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CFB.
Definition: hal_crypto.c:497
CRY_STOP
Definition: hal_crypto.h:87
cryDecryptDES
cryerror_t cryDecryptDES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using (T)DES.
Definition: hal_crypto.c:892
cryDecryptAES_CTR
cryerror_t cryDecryptAES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CTR.
Definition: hal_crypto.c:659
SHA512Context
Type of a SHA512 context.
Definition: hal_crypto.h:190
CRY_ERR_INV_KEY_SIZE
Definition: hal_crypto.h:97
hal_crypto_lld.h
PLATFORM cryptographic subsystem low level driver header.
cryEncryptAES_GCM
cryerror_t cryEncryptAES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Encryption operation using AES-GCM.
Definition: hal_crypto.c:719
cryDecryptAES_ECB
cryerror_t cryDecryptAES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using AES-ECB.
Definition: hal_crypto.c:340
CRYDriver
Structure representing an CRY driver.
Definition: hal_crypto_lld.h:100
cryEncryptDES
cryerror_t cryEncryptDES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using (T)DES.
Definition: hal_crypto.c:847
CRY_UNINIT
Definition: hal_crypto.h:86
HAL_CRY_MAX_KEY_SIZE
#define HAL_CRY_MAX_KEY_SIZE
Maximum size of a key for all supported algorithms.
Definition: hal_crypto.h:37
cryDecryptDES_CBC
cryerror_t cryDecryptDES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using (T)DES-CBC.
Definition: hal_crypto.c:1093
cryDecryptAES_GCM
cryerror_t cryDecryptAES_GCM(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv, size_t aadsize, const uint8_t *aad, uint8_t *authtag)
Decryption operation using AES-GCM.
Definition: hal_crypto.c:788
cryStop
void cryStop(CRYDriver *cryp)
Deactivates the cryptographic peripheral.
Definition: hal_crypto.c:110
bitsize_t
size_t bitsize_t
Size, in bits, of a crypto field or message.
Definition: hal_crypto.h:80
cryDecryptDES_ECB
cryerror_t cryDecryptDES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Decryption operation using (T)DES-ECB.
Definition: hal_crypto.c:989
crySHA1Init
cryerror_t crySHA1Init(CRYDriver *cryp, SHA1Context *sha1ctxp)
Hash initialization using SHA1.
Definition: hal_crypto.c:1134
cryerror_t
cryerror_t
Driver error codes.
Definition: hal_crypto.h:94
CRYConfig
Driver configuration structure.
Definition: hal_crypto_lld.h:93
CRY_ERR_INV_KEY_ID
Definition: hal_crypto.h:99
cryEncryptAES_CTR
cryerror_t cryEncryptAES_CTR(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CTR.
Definition: hal_crypto.c:604
CRYDriver::key0_type
cryalgorithm_t key0_type
Algorithm type of transient key.
Definition: hal_crypto_lld.h:112
crySHA256Update
cryerror_t crySHA256Update(CRYDriver *cryp, SHA256Context *sha256ctxp, size_t size, const uint8_t *in)
Hash update using SHA256.
Definition: hal_crypto.c:1267
crykey_t
uint32_t crykey_t
CRY key identifier type.
Definition: hal_crypto_lld.h:82
crySHA512Init
cryerror_t crySHA512Init(CRYDriver *cryp, SHA512Context *sha512ctxp)
Hash initialization using SHA512.
Definition: hal_crypto.c:1335
crySHA256Final
cryerror_t crySHA256Final(CRYDriver *cryp, SHA256Context *sha256ctxp, uint8_t *out)
Hash finalization using SHA256.
Definition: hal_crypto.c:1302
cryDecryptAES_CFB
cryerror_t cryDecryptAES_CFB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CFB.
Definition: hal_crypto.c:550
crySHA512Final
cryerror_t crySHA512Final(CRYDriver *cryp, SHA512Context *sha512ctxp, uint8_t *out)
Hash finalization using SHA512.
Definition: hal_crypto.c:1403
cryalgorithm_t
cryalgorithm_t
Type of an algorithm identifier.
Definition: hal_crypto.h:106
cry_algo_aes
Definition: hal_crypto.h:108
CRYDriver::key0_size
size_t key0_size
Size of transient key.
Definition: hal_crypto_lld.h:116
CRY_ERR_INV_KEY_TYPE
Definition: hal_crypto.h:98
CRY_READY
Definition: hal_crypto.h:88
cryEncryptAES_ECB
cryerror_t cryEncryptAES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using AES-ECB.
Definition: hal_crypto.c:290
cry_algo_des
Definition: hal_crypto.h:109
cryEncryptAES_CBC
cryerror_t cryEncryptAES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using AES-CBC.
Definition: hal_crypto.c:391
CRY_NOERROR
Definition: hal_crypto.h:95
CRY_ERR_INV_ALGO
Definition: hal_crypto.h:96
crystate_t
crystate_t
Driver state machine possible states.
Definition: hal_crypto.h:85
in
USBInEndpointState in
IN EP0 state.
Definition: hal_usb_lld.c:57
cryDecryptAES_CBC
cryerror_t cryDecryptAES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Decryption operation using AES-CBC.
Definition: hal_crypto.c:444
CRYDriver::state
crystate_t state
Driver state.
Definition: hal_crypto_lld.h:104
crySHA512Update
cryerror_t crySHA512Update(CRYDriver *cryp, SHA512Context *sha512ctxp, size_t size, const uint8_t *in)
Hash update using SHA512.
Definition: hal_crypto.c:1368
SHA1Context
Type of a SHA1 context.
Definition: hal_crypto.h:174
out
USBOutEndpointState out
OUT EP0 state.
Definition: hal_usb_lld.c:61
cryLoadTransientKey
cryerror_t cryLoadTransientKey(CRYDriver *cryp, cryalgorithm_t algorithm, size_t size, const uint8_t *keyp)
Initializes the transient key for a specific algorithm.
Definition: hal_crypto.c:146
SHA256Context
Type of a SHA256 context.
Definition: hal_crypto.h:182
cryTRNG
cryerror_t cryTRNG(CRYDriver *cryp, uint8_t *out)
True random numbers generator.
Definition: hal_crypto.c:1435
cryEncryptDES_ECB
cryerror_t cryEncryptDES_ECB(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out)
Encryption operation using (T)DES-ECB.
Definition: hal_crypto.c:939
CRYDriver::config
const CRYConfig * config
Current configuration data.
Definition: hal_crypto_lld.h:108
cryEncryptAES
cryerror_t cryEncryptAES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Encryption of a single block using AES.
Definition: hal_crypto.c:199
cryDecryptAES
cryerror_t cryDecryptAES(CRYDriver *cryp, crykey_t key_id, const uint8_t *in, uint8_t *out)
Decryption of a single block using AES.
Definition: hal_crypto.c:243
CRYDriver::key0_buffer
uint8_t key0_buffer[HAL_CRY_MAX_KEY_SIZE]
Key buffer for the fall-back implementation.
Definition: hal_crypto_lld.h:121
cryObjectInit
void cryObjectInit(CRYDriver *cryp)
Initializes the standard part of a CRYDriver structure.
Definition: hal_crypto.c:70
cryEncryptDES_CBC
cryerror_t cryEncryptDES_CBC(CRYDriver *cryp, crykey_t key_id, size_t size, const uint8_t *in, uint8_t *out, const uint8_t *iv)
Encryption operation using (T)DES-CBC.
Definition: hal_crypto.c:1040