Mistake on this page?
Report an issue in GitHub or email us
aes_alt_stm32l4.h
1 /*
2  * aes_alt.h AES block cipher
3  *******************************************************************************
4  * Copyright (c) 2017, STMicroelectronics
5  * SPDX-License-Identifier: Apache-2.0
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License"); you may
8  * not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  *
19  */
20 #ifndef MBEDTLS_STM32L4_AES_ALT_H
21 #define MBEDTLS_STM32L4_AES_ALT_H
22 
23 
24 #if (TARGET_STM32L4)
25 #if defined(MBEDTLS_AES_ALT)
26 #include "mbedtls/platform.h"
27 #include "mbedtls/config.h"
28 
29 #include "cmsis.h"
30 
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34 
35 #define ST_AES_TIMEOUT ((uint32_t) 0xFF) /* 255 ms timeout for the crypto processor */
36 #define ST_ERR_AES_BUSY (-0x0023) /* Crypto processor is busy, timeout occured */
37 /**
38  * \brief AES context structure
39  *
40  * \note buf is able to hold 32 extra bytes, which can be used:
41  * - for alignment purposes if VIA padlock is used, and/or
42  * - to simplify key expansion in the 256-bit case by
43  * generating an extra round key
44  */
45 typedef struct {
46  unsigned char aes_key[32]; /* Decryption key */
47  CRYP_HandleTypeDef hcryp_aes;
48  uint32_t ctx_save_cr; /* save context for multi-instance */
49 }
50 mbedtls_aes_context;
51 
52 /**
53  * \brief Initialize AES context
54  *
55  * \param ctx AES context to be initialized
56  */
57 void mbedtls_aes_init(mbedtls_aes_context *ctx);
58 
59 /**
60  * \brief Clear AES context
61  *
62  * \param ctx AES context to be cleared
63  */
64 void mbedtls_aes_free(mbedtls_aes_context *ctx);
65 
66 /**
67  * \brief AES key schedule (encryption)
68  *
69  * \param ctx AES context to be initialized
70  * \param key encryption key
71  * \param keybits must be 128, 192 or 256
72  *
73  * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
74  */
75 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
76  unsigned int keybits);
77 
78 /**
79  * \brief AES key schedule (decryption)
80  *
81  * \param ctx AES context to be initialized
82  * \param key decryption key
83  * \param keybits must be 128, 192 or 256
84  *
85  * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
86  */
87 int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
88  unsigned int keybits);
89 
90 /**
91  * \brief AES-ECB block encryption/decryption
92  *
93  * \param ctx AES context
94  * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
95  * \param input 16-byte input block
96  * \param output 16-byte output block
97  *
98  * \return 0 if successful
99  */
100 int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
101  int mode,
102  const unsigned char input[16],
103  unsigned char output[16]);
104 
105 #if defined(MBEDTLS_CIPHER_MODE_CBC)
106 /**
107  * \brief AES-CBC buffer encryption/decryption
108  * Length should be a multiple of the block
109  * size (16 bytes)
110  *
111  * \note Upon exit, the content of the IV is updated so that you can
112  * call the function same function again on the following
113  * block(s) of data and get the same result as if it was
114  * encrypted in one call. This allows a "streaming" usage.
115  * If on the other hand you need to retain the contents of the
116  * IV, you should either save it manually or use the cipher
117  * module instead.
118  *
119  * \param ctx AES context
120  * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
121  * \param length length of the input data
122  * \param iv initialization vector (updated after use)
123  * \param input buffer holding the input data
124  * \param output buffer holding the output data
125  *
126  * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
127  */
128 int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
129  int mode,
130  size_t length,
131  unsigned char iv[16],
132  const unsigned char *input,
133  unsigned char *output);
134 #endif /* MBEDTLS_CIPHER_MODE_CBC */
135 
136 #if defined(MBEDTLS_CIPHER_MODE_CFB)
137 /**
138  * \brief AES-CFB128 buffer encryption/decryption.
139  *
140  * Note: Due to the nature of CFB you should use the same key schedule for
141  * both encryption and decryption. So a context initialized with
142  * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
143  *
144  * \note Upon exit, the content of the IV is updated so that you can
145  * call the function same function again on the following
146  * block(s) of data and get the same result as if it was
147  * encrypted in one call. This allows a "streaming" usage.
148  * If on the other hand you need to retain the contents of the
149  * IV, you should either save it manually or use the cipher
150  * module instead.
151  *
152  * \param ctx AES context
153  * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
154  * \param length length of the input data
155  * \param iv_off offset in IV (updated after use)
156  * \param iv initialization vector (updated after use)
157  * \param input buffer holding the input data
158  * \param output buffer holding the output data
159  *
160  * \return 0 if successful
161  */
162 int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
163  int mode,
164  size_t length,
165  size_t *iv_off,
166  unsigned char iv[16],
167  const unsigned char *input,
168  unsigned char *output);
169 
170 /**
171  * \brief AES-CFB8 buffer encryption/decryption.
172  *
173  * Note: Due to the nature of CFB you should use the same key schedule for
174  * both encryption and decryption. So a context initialized with
175  * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
176  *
177  * \note Upon exit, the content of the IV is updated so that you can
178  * call the function same function again on the following
179  * block(s) of data and get the same result as if it was
180  * encrypted in one call. This allows a "streaming" usage.
181  * If on the other hand you need to retain the contents of the
182  * IV, you should either save it manually or use the cipher
183  * module instead.
184  *
185  * \param ctx AES context
186  * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
187  * \param length length of the input data
188  * \param iv initialization vector (updated after use)
189  * \param input buffer holding the input data
190  * \param output buffer holding the output data
191  *
192  * \return 0 if successful
193  */
194 int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
195  int mode,
196  size_t length,
197  unsigned char iv[16],
198  const unsigned char *input,
199  unsigned char *output);
200 #endif /*MBEDTLS_CIPHER_MODE_CFB */
201 
202 #if defined(MBEDTLS_CIPHER_MODE_CTR)
203 /**
204  * \brief AES-CTR buffer encryption/decryption
205  *
206  * Warning: You have to keep the maximum use of your counter in mind!
207  *
208  * Note: Due to the nature of CTR you should use the same key schedule for
209  * both encryption and decryption. So a context initialized with
210  * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
211  *
212  * \param ctx AES context
213  * \param length The length of the data
214  * \param nc_off The offset in the current stream_block (for resuming
215  * within current cipher stream). The offset pointer to
216  * should be 0 at the start of a stream.
217  * \param nonce_counter The 128-bit nonce and counter.
218  * \param stream_block The saved stream-block for resuming. Is overwritten
219  * by the function.
220  * \param input The input data stream
221  * \param output The output data stream
222  *
223  * \return 0 if successful
224  */
225 int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
226  size_t length,
227  size_t *nc_off,
228  unsigned char nonce_counter[16],
229  unsigned char stream_block[16],
230  const unsigned char *input,
231  unsigned char *output);
232 #endif /* MBEDTLS_CIPHER_MODE_CTR */
233 
234 /**
235  * \brief Internal AES block encryption function
236  * (Only exposed to allow overriding it,
237  * see MBEDTLS_AES_ENCRYPT_ALT)
238  *
239  * \param ctx AES context
240  * \param input Plaintext block
241  * \param output Output (ciphertext) block
242  *
243  * \return 0 if successful
244  */
245 int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
246  const unsigned char input[16],
247  unsigned char output[16]);
248 
249 /**
250  * \brief Internal AES block decryption function
251  * (Only exposed to allow overriding it,
252  * see MBEDTLS_AES_DECRYPT_ALT)
253  *
254  * \param ctx AES context
255  * \param input Ciphertext block
256  * \param output Output (plaintext) block
257  *
258  * \return 0 if successful
259  */
260 int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
261  const unsigned char input[16],
262  unsigned char output[16]);
263 
264 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
265 #if defined(MBEDTLS_DEPRECATED_WARNING)
266 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
267 #else
268 #define MBEDTLS_DEPRECATED
269 #endif
270 /**
271  * \brief Deprecated internal AES block encryption function
272  * without return value.
273  *
274  * \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0
275  *
276  * \param ctx AES context
277  * \param input Plaintext block
278  * \param output Output (ciphertext) block
279  */
280 MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
281  const unsigned char input[16],
282  unsigned char output[16]);
283 
284 /**
285  * \brief Deprecated internal AES block decryption function
286  * without return value.
287  *
288  * \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0
289  *
290  * \param ctx AES context
291  * \param input Ciphertext block
292  * \param output Output (plaintext) block
293  */
294 MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
295  const unsigned char input[16],
296  unsigned char output[16]);
297 
298 #undef MBEDTLS_DEPRECATED
299 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
300 
301 #ifdef __cplusplus
302 }
303 #endif
304 
305 #endif /* MBEDTLS_AES_ALT */
306 
307 #endif /* TARGET_STM32L4 */
308 
309 #endif /* MBEDTLS_STM32L4_AES_ALT_H */
Important Information for this Arm website

This site uses cookies to store information on your computer. By continuing to use our site, you consent to our cookies. If you are not happy with the use of these cookies, please review our Cookie Policy to learn how they can be disabled. By disabling cookies, some features of the site will not work.