mbed library sources. Supersedes mbed-src.
Fork of mbed-dev by
targets/TARGET_NUVOTON/TARGET_NUC472/crypto/aes/aes_alt.c@149:156823d33999, 2016-10-28 (annotated)
- Committer:
- <>
- Date:
- Fri Oct 28 11:17:30 2016 +0100
- Revision:
- 149:156823d33999
This updates the lib to the mbed lib v128
NOTE: This release includes a restructuring of the file and directory locations and thus some
include paths in your code may need updating accordingly.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
<> | 149:156823d33999 | 1 | /* mbed Microcontroller Library |
<> | 149:156823d33999 | 2 | * Copyright (c) 2015-2016 Nuvoton |
<> | 149:156823d33999 | 3 | * |
<> | 149:156823d33999 | 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
<> | 149:156823d33999 | 5 | * you may not use this file except in compliance with the License. |
<> | 149:156823d33999 | 6 | * You may obtain a copy of the License at |
<> | 149:156823d33999 | 7 | * |
<> | 149:156823d33999 | 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
<> | 149:156823d33999 | 9 | * |
<> | 149:156823d33999 | 10 | * Unless required by applicable law or agreed to in writing, software |
<> | 149:156823d33999 | 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
<> | 149:156823d33999 | 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
<> | 149:156823d33999 | 13 | * See the License for the specific language governing permissions and |
<> | 149:156823d33999 | 14 | * limitations under the License. |
<> | 149:156823d33999 | 15 | */ |
<> | 149:156823d33999 | 16 | |
<> | 149:156823d33999 | 17 | /* |
<> | 149:156823d33999 | 18 | * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. |
<> | 149:156823d33999 | 19 | * |
<> | 149:156823d33999 | 20 | * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf |
<> | 149:156823d33999 | 21 | * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf |
<> | 149:156823d33999 | 22 | */ |
<> | 149:156823d33999 | 23 | |
<> | 149:156823d33999 | 24 | #if !defined(MBEDTLS_CONFIG_FILE) |
<> | 149:156823d33999 | 25 | #include "mbedtls/config.h" |
<> | 149:156823d33999 | 26 | #else |
<> | 149:156823d33999 | 27 | #include MBEDTLS_CONFIG_FILE |
<> | 149:156823d33999 | 28 | #endif |
<> | 149:156823d33999 | 29 | |
<> | 149:156823d33999 | 30 | #if defined(MBEDTLS_AES_C) |
<> | 149:156823d33999 | 31 | #if defined(MBEDTLS_AES_ALT) |
<> | 149:156823d33999 | 32 | |
<> | 149:156823d33999 | 33 | #include <string.h> |
<> | 149:156823d33999 | 34 | |
<> | 149:156823d33999 | 35 | #include "mbedtls/aes.h" |
<> | 149:156823d33999 | 36 | |
<> | 149:156823d33999 | 37 | #include "NUC472_442.h" |
<> | 149:156823d33999 | 38 | #include "toolchain.h" |
<> | 149:156823d33999 | 39 | #include "mbed_assert.h" |
<> | 149:156823d33999 | 40 | |
<> | 149:156823d33999 | 41 | //static int aes_init_done = 0; |
<> | 149:156823d33999 | 42 | |
<> | 149:156823d33999 | 43 | |
<> | 149:156823d33999 | 44 | #define mbedtls_trace(...) //printf(__VA_ARGS__) |
<> | 149:156823d33999 | 45 | |
<> | 149:156823d33999 | 46 | /* Implementation that should never be optimized out by the compiler */ |
<> | 149:156823d33999 | 47 | static void mbedtls_zeroize( void *v, size_t n ) { |
<> | 149:156823d33999 | 48 | volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; |
<> | 149:156823d33999 | 49 | } |
<> | 149:156823d33999 | 50 | |
<> | 149:156823d33999 | 51 | |
<> | 149:156823d33999 | 52 | static uint32_t au32MyAESIV[4] = { |
<> | 149:156823d33999 | 53 | 0x00000000, 0x00000000, 0x00000000, 0x00000000 |
<> | 149:156823d33999 | 54 | }; |
<> | 149:156823d33999 | 55 | |
<> | 149:156823d33999 | 56 | extern volatile int g_AES_done; |
<> | 149:156823d33999 | 57 | |
<> | 149:156823d33999 | 58 | // Must be a multiple of 16 bytes block size |
<> | 149:156823d33999 | 59 | #define MAX_DMA_CHAIN_SIZE (16*6) |
<> | 149:156823d33999 | 60 | static uint8_t au8OutputData[MAX_DMA_CHAIN_SIZE] MBED_ALIGN(4); |
<> | 149:156823d33999 | 61 | static uint8_t au8InputData[MAX_DMA_CHAIN_SIZE] MBED_ALIGN(4); |
<> | 149:156823d33999 | 62 | |
<> | 149:156823d33999 | 63 | static void dumpHex(const unsigned char au8Data[], int len) |
<> | 149:156823d33999 | 64 | { |
<> | 149:156823d33999 | 65 | int j; |
<> | 149:156823d33999 | 66 | for (j = 0; j < len; j++) mbedtls_trace("%02x ", au8Data[j]); |
<> | 149:156823d33999 | 67 | mbedtls_trace("\r\n"); |
<> | 149:156823d33999 | 68 | } |
<> | 149:156823d33999 | 69 | |
<> | 149:156823d33999 | 70 | static void swapInitVector(unsigned char iv[16]) |
<> | 149:156823d33999 | 71 | { |
<> | 149:156823d33999 | 72 | unsigned int* piv; |
<> | 149:156823d33999 | 73 | int i; |
<> | 149:156823d33999 | 74 | // iv SWAP |
<> | 149:156823d33999 | 75 | piv = (unsigned int*)iv; |
<> | 149:156823d33999 | 76 | for( i=0; i< 4; i++) |
<> | 149:156823d33999 | 77 | { |
<> | 149:156823d33999 | 78 | *piv = (((*piv) & 0x000000FF) << 24) | |
<> | 149:156823d33999 | 79 | (((*piv) & 0x0000FF00) << 8) | |
<> | 149:156823d33999 | 80 | (((*piv) & 0x00FF0000) >> 8) | |
<> | 149:156823d33999 | 81 | (((*piv) & 0xFF000000) >> 24); |
<> | 149:156823d33999 | 82 | piv++; |
<> | 149:156823d33999 | 83 | } |
<> | 149:156823d33999 | 84 | } |
<> | 149:156823d33999 | 85 | |
<> | 149:156823d33999 | 86 | //volatile void CRYPTO_IRQHandler() |
<> | 149:156823d33999 | 87 | //{ |
<> | 149:156823d33999 | 88 | // if (AES_GET_INT_FLAG()) { |
<> | 149:156823d33999 | 89 | // g_AES_done = 1; |
<> | 149:156823d33999 | 90 | // AES_CLR_INT_FLAG(); |
<> | 149:156823d33999 | 91 | // } |
<> | 149:156823d33999 | 92 | //} |
<> | 149:156823d33999 | 93 | |
<> | 149:156823d33999 | 94 | // AES available channel 0~3 |
<> | 149:156823d33999 | 95 | static unsigned char channel_flag[4]={0x00,0x00,0x00,0x00}; // 0: idle, 1: busy |
<> | 149:156823d33999 | 96 | static int channel_alloc() |
<> | 149:156823d33999 | 97 | { |
<> | 149:156823d33999 | 98 | int i; |
<> | 149:156823d33999 | 99 | for(i=0; i< (int)sizeof(channel_flag); i++) |
<> | 149:156823d33999 | 100 | { |
<> | 149:156823d33999 | 101 | if( channel_flag[i] == 0x00 ) |
<> | 149:156823d33999 | 102 | { |
<> | 149:156823d33999 | 103 | channel_flag[i] = 0x01; |
<> | 149:156823d33999 | 104 | return i; |
<> | 149:156823d33999 | 105 | } |
<> | 149:156823d33999 | 106 | } |
<> | 149:156823d33999 | 107 | return(-1); |
<> | 149:156823d33999 | 108 | } |
<> | 149:156823d33999 | 109 | |
<> | 149:156823d33999 | 110 | static void channel_free(int i) |
<> | 149:156823d33999 | 111 | { |
<> | 149:156823d33999 | 112 | if( i >=0 && i < (int)sizeof(channel_flag) ) |
<> | 149:156823d33999 | 113 | channel_flag[i] = 0x00; |
<> | 149:156823d33999 | 114 | } |
<> | 149:156823d33999 | 115 | |
<> | 149:156823d33999 | 116 | |
<> | 149:156823d33999 | 117 | void mbedtls_aes_init( mbedtls_aes_context *ctx ) |
<> | 149:156823d33999 | 118 | { |
<> | 149:156823d33999 | 119 | int i =-1; |
<> | 149:156823d33999 | 120 | |
<> | 149:156823d33999 | 121 | // sw_mbedtls_aes_init(ctx); |
<> | 149:156823d33999 | 122 | // return; |
<> | 149:156823d33999 | 123 | |
<> | 149:156823d33999 | 124 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 125 | memset( ctx, 0, sizeof( mbedtls_aes_context ) ); |
<> | 149:156823d33999 | 126 | |
<> | 149:156823d33999 | 127 | ctx->swapType = AES_IN_OUT_SWAP; |
<> | 149:156823d33999 | 128 | while( (i = channel_alloc()) < 0 ) |
<> | 149:156823d33999 | 129 | { |
<> | 149:156823d33999 | 130 | mbed_assert_internal("No available AES channel", __FILE__, __LINE__); |
<> | 149:156823d33999 | 131 | //osDelay(300); |
<> | 149:156823d33999 | 132 | } |
<> | 149:156823d33999 | 133 | ctx->channel = i; |
<> | 149:156823d33999 | 134 | ctx->iv = au32MyAESIV; |
<> | 149:156823d33999 | 135 | |
<> | 149:156823d33999 | 136 | /* Unlock protected registers */ |
<> | 149:156823d33999 | 137 | SYS_UnlockReg(); |
<> | 149:156823d33999 | 138 | CLK_EnableModuleClock(CRPT_MODULE); |
<> | 149:156823d33999 | 139 | /* Lock protected registers */ |
<> | 149:156823d33999 | 140 | SYS_LockReg(); |
<> | 149:156823d33999 | 141 | |
<> | 149:156823d33999 | 142 | NVIC_EnableIRQ(CRPT_IRQn); |
<> | 149:156823d33999 | 143 | AES_ENABLE_INT(); |
<> | 149:156823d33999 | 144 | mbedtls_trace("=== %s channel[%d]\r\n", __FUNCTION__, (int)ctx->channel); |
<> | 149:156823d33999 | 145 | } |
<> | 149:156823d33999 | 146 | |
<> | 149:156823d33999 | 147 | void mbedtls_aes_free( mbedtls_aes_context *ctx ) |
<> | 149:156823d33999 | 148 | { |
<> | 149:156823d33999 | 149 | |
<> | 149:156823d33999 | 150 | mbedtls_trace("=== %s channel[%d]\r\n", __FUNCTION__,(int)ctx->channel); |
<> | 149:156823d33999 | 151 | |
<> | 149:156823d33999 | 152 | if( ctx == NULL ) |
<> | 149:156823d33999 | 153 | return; |
<> | 149:156823d33999 | 154 | |
<> | 149:156823d33999 | 155 | /* Unlock protected registers */ |
<> | 149:156823d33999 | 156 | // SYS_UnlockReg(); |
<> | 149:156823d33999 | 157 | // CLK_DisableModuleClock(CRPT_MODULE); |
<> | 149:156823d33999 | 158 | /* Lock protected registers */ |
<> | 149:156823d33999 | 159 | // SYS_LockReg(); |
<> | 149:156823d33999 | 160 | |
<> | 149:156823d33999 | 161 | // NVIC_DisableIRQ(CRPT_IRQn); |
<> | 149:156823d33999 | 162 | // AES_DISABLE_INT(); |
<> | 149:156823d33999 | 163 | channel_free(ctx->channel); |
<> | 149:156823d33999 | 164 | mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) ); |
<> | 149:156823d33999 | 165 | } |
<> | 149:156823d33999 | 166 | |
<> | 149:156823d33999 | 167 | /* |
<> | 149:156823d33999 | 168 | * AES key schedule (encryption) |
<> | 149:156823d33999 | 169 | */ |
<> | 149:156823d33999 | 170 | #if defined(MBEDTLS_AES_SETKEY_ENC_ALT) |
<> | 149:156823d33999 | 171 | int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, |
<> | 149:156823d33999 | 172 | unsigned int keybits ) |
<> | 149:156823d33999 | 173 | { |
<> | 149:156823d33999 | 174 | unsigned int i; |
<> | 149:156823d33999 | 175 | |
<> | 149:156823d33999 | 176 | mbedtls_trace("=== %s keybits[%d]\r\n", __FUNCTION__, keybits); |
<> | 149:156823d33999 | 177 | dumpHex(key,keybits/8); |
<> | 149:156823d33999 | 178 | |
<> | 149:156823d33999 | 179 | switch( keybits ) |
<> | 149:156823d33999 | 180 | { |
<> | 149:156823d33999 | 181 | case 128: |
<> | 149:156823d33999 | 182 | ctx->keySize = AES_KEY_SIZE_128; |
<> | 149:156823d33999 | 183 | break; |
<> | 149:156823d33999 | 184 | case 192: |
<> | 149:156823d33999 | 185 | ctx->keySize = AES_KEY_SIZE_192; |
<> | 149:156823d33999 | 186 | break; |
<> | 149:156823d33999 | 187 | case 256: |
<> | 149:156823d33999 | 188 | ctx->keySize = AES_KEY_SIZE_256; |
<> | 149:156823d33999 | 189 | break; |
<> | 149:156823d33999 | 190 | default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); |
<> | 149:156823d33999 | 191 | } |
<> | 149:156823d33999 | 192 | |
<> | 149:156823d33999 | 193 | |
<> | 149:156823d33999 | 194 | |
<> | 149:156823d33999 | 195 | // key swap |
<> | 149:156823d33999 | 196 | for( i = 0; i < ( keybits >> 5 ); i++ ) |
<> | 149:156823d33999 | 197 | { |
<> | 149:156823d33999 | 198 | ctx->buf[i] = (*(key+i*4) << 24) | |
<> | 149:156823d33999 | 199 | (*(key+1+i*4) << 16) | |
<> | 149:156823d33999 | 200 | (*(key+2+i*4) << 8) | |
<> | 149:156823d33999 | 201 | (*(key+3+i*4) ); |
<> | 149:156823d33999 | 202 | } |
<> | 149:156823d33999 | 203 | AES_SetKey(ctx->channel, ctx->buf, ctx->keySize); |
<> | 149:156823d33999 | 204 | |
<> | 149:156823d33999 | 205 | |
<> | 149:156823d33999 | 206 | return( 0 ); |
<> | 149:156823d33999 | 207 | } |
<> | 149:156823d33999 | 208 | #endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ |
<> | 149:156823d33999 | 209 | |
<> | 149:156823d33999 | 210 | /* |
<> | 149:156823d33999 | 211 | * AES key schedule (decryption) |
<> | 149:156823d33999 | 212 | */ |
<> | 149:156823d33999 | 213 | #if defined(MBEDTLS_AES_SETKEY_DEC_ALT) |
<> | 149:156823d33999 | 214 | int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, |
<> | 149:156823d33999 | 215 | unsigned int keybits ) |
<> | 149:156823d33999 | 216 | { |
<> | 149:156823d33999 | 217 | int ret; |
<> | 149:156823d33999 | 218 | |
<> | 149:156823d33999 | 219 | mbedtls_trace("=== %s keybits[%d]\r\n", __FUNCTION__, keybits); |
<> | 149:156823d33999 | 220 | dumpHex((uint8_t *)key,keybits/8); |
<> | 149:156823d33999 | 221 | |
<> | 149:156823d33999 | 222 | /* Also checks keybits */ |
<> | 149:156823d33999 | 223 | if( ( ret = mbedtls_aes_setkey_enc( ctx, key, keybits ) ) != 0 ) |
<> | 149:156823d33999 | 224 | goto exit; |
<> | 149:156823d33999 | 225 | |
<> | 149:156823d33999 | 226 | exit: |
<> | 149:156823d33999 | 227 | |
<> | 149:156823d33999 | 228 | return( ret ); |
<> | 149:156823d33999 | 229 | } |
<> | 149:156823d33999 | 230 | #endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ |
<> | 149:156823d33999 | 231 | |
<> | 149:156823d33999 | 232 | |
<> | 149:156823d33999 | 233 | static void __nvt_aes_crypt( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 234 | const unsigned char input[16], |
<> | 149:156823d33999 | 235 | unsigned char output[16], int dataSize) |
<> | 149:156823d33999 | 236 | { |
<> | 149:156823d33999 | 237 | unsigned char* pIn; |
<> | 149:156823d33999 | 238 | unsigned char* pOut; |
<> | 149:156823d33999 | 239 | |
<> | 149:156823d33999 | 240 | // mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 241 | dumpHex(input,16); |
<> | 149:156823d33999 | 242 | |
<> | 149:156823d33999 | 243 | AES_Open(ctx->channel, ctx->encDec, ctx->opMode, ctx->keySize, ctx->swapType); |
<> | 149:156823d33999 | 244 | AES_SetInitVect(ctx->channel, ctx->iv); |
<> | 149:156823d33999 | 245 | if( ((uint32_t)input) & 0x03 ) |
<> | 149:156823d33999 | 246 | { |
<> | 149:156823d33999 | 247 | memcpy(au8InputData, input, dataSize); |
<> | 149:156823d33999 | 248 | pIn = au8InputData; |
<> | 149:156823d33999 | 249 | }else{ |
<> | 149:156823d33999 | 250 | pIn = (unsigned char*)input; |
<> | 149:156823d33999 | 251 | } |
<> | 149:156823d33999 | 252 | if( (((uint32_t)output) & 0x03) || (dataSize%4)) // HW CFB output byte count must be multiple of word |
<> | 149:156823d33999 | 253 | { |
<> | 149:156823d33999 | 254 | pOut = au8OutputData; |
<> | 149:156823d33999 | 255 | } else { |
<> | 149:156823d33999 | 256 | pOut = output; |
<> | 149:156823d33999 | 257 | } |
<> | 149:156823d33999 | 258 | |
<> | 149:156823d33999 | 259 | AES_SetDMATransfer(ctx->channel, (uint32_t)pIn, (uint32_t)pOut, dataSize); |
<> | 149:156823d33999 | 260 | |
<> | 149:156823d33999 | 261 | g_AES_done = 0; |
<> | 149:156823d33999 | 262 | AES_Start(ctx->channel, CRYPTO_DMA_ONE_SHOT); |
<> | 149:156823d33999 | 263 | while (!g_AES_done); |
<> | 149:156823d33999 | 264 | |
<> | 149:156823d33999 | 265 | if( pOut != output ) memcpy(output, au8OutputData, dataSize); |
<> | 149:156823d33999 | 266 | dumpHex(output,16); |
<> | 149:156823d33999 | 267 | |
<> | 149:156823d33999 | 268 | } |
<> | 149:156823d33999 | 269 | |
<> | 149:156823d33999 | 270 | /* |
<> | 149:156823d33999 | 271 | * AES-ECB block encryption |
<> | 149:156823d33999 | 272 | */ |
<> | 149:156823d33999 | 273 | #if defined(MBEDTLS_AES_ENCRYPT_ALT) |
<> | 149:156823d33999 | 274 | void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 275 | const unsigned char input[16], |
<> | 149:156823d33999 | 276 | unsigned char output[16] ) |
<> | 149:156823d33999 | 277 | { |
<> | 149:156823d33999 | 278 | |
<> | 149:156823d33999 | 279 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 280 | |
<> | 149:156823d33999 | 281 | ctx->encDec = 1; |
<> | 149:156823d33999 | 282 | __nvt_aes_crypt(ctx, input, output, 16); |
<> | 149:156823d33999 | 283 | |
<> | 149:156823d33999 | 284 | } |
<> | 149:156823d33999 | 285 | #endif /* MBEDTLS_AES_ENCRYPT_ALT */ |
<> | 149:156823d33999 | 286 | |
<> | 149:156823d33999 | 287 | /* |
<> | 149:156823d33999 | 288 | * AES-ECB block decryption |
<> | 149:156823d33999 | 289 | */ |
<> | 149:156823d33999 | 290 | #if defined(MBEDTLS_AES_DECRYPT_ALT) |
<> | 149:156823d33999 | 291 | void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 292 | const unsigned char input[16], |
<> | 149:156823d33999 | 293 | unsigned char output[16] ) |
<> | 149:156823d33999 | 294 | { |
<> | 149:156823d33999 | 295 | |
<> | 149:156823d33999 | 296 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 297 | |
<> | 149:156823d33999 | 298 | ctx->encDec = 0; |
<> | 149:156823d33999 | 299 | __nvt_aes_crypt(ctx, input, output, 16); |
<> | 149:156823d33999 | 300 | |
<> | 149:156823d33999 | 301 | |
<> | 149:156823d33999 | 302 | } |
<> | 149:156823d33999 | 303 | #endif /* MBEDTLS_AES_DECRYPT_ALT */ |
<> | 149:156823d33999 | 304 | |
<> | 149:156823d33999 | 305 | /* |
<> | 149:156823d33999 | 306 | * AES-ECB block encryption/decryption |
<> | 149:156823d33999 | 307 | */ |
<> | 149:156823d33999 | 308 | int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 309 | int mode, |
<> | 149:156823d33999 | 310 | const unsigned char input[16], |
<> | 149:156823d33999 | 311 | unsigned char output[16] ) |
<> | 149:156823d33999 | 312 | { |
<> | 149:156823d33999 | 313 | |
<> | 149:156823d33999 | 314 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 315 | |
<> | 149:156823d33999 | 316 | ctx->opMode = AES_MODE_ECB; |
<> | 149:156823d33999 | 317 | if( mode == MBEDTLS_AES_ENCRYPT ) |
<> | 149:156823d33999 | 318 | mbedtls_aes_encrypt( ctx, input, output ); |
<> | 149:156823d33999 | 319 | else |
<> | 149:156823d33999 | 320 | mbedtls_aes_decrypt( ctx, input, output ); |
<> | 149:156823d33999 | 321 | |
<> | 149:156823d33999 | 322 | |
<> | 149:156823d33999 | 323 | return( 0 ); |
<> | 149:156823d33999 | 324 | } |
<> | 149:156823d33999 | 325 | |
<> | 149:156823d33999 | 326 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
<> | 149:156823d33999 | 327 | /* |
<> | 149:156823d33999 | 328 | * AES-CBC buffer encryption/decryption |
<> | 149:156823d33999 | 329 | */ |
<> | 149:156823d33999 | 330 | int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 331 | int mode, |
<> | 149:156823d33999 | 332 | size_t len, |
<> | 149:156823d33999 | 333 | unsigned char iv[16], |
<> | 149:156823d33999 | 334 | const unsigned char *input, |
<> | 149:156823d33999 | 335 | unsigned char *output ) |
<> | 149:156823d33999 | 336 | { |
<> | 149:156823d33999 | 337 | unsigned char temp[16]; |
<> | 149:156823d33999 | 338 | int length = len; |
<> | 149:156823d33999 | 339 | int blockChainLen; |
<> | 149:156823d33999 | 340 | mbedtls_trace("=== %s [0x%x]\r\n", __FUNCTION__,length); |
<> | 149:156823d33999 | 341 | if( length % 16 ) |
<> | 149:156823d33999 | 342 | return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); |
<> | 149:156823d33999 | 343 | |
<> | 149:156823d33999 | 344 | if( (((uint32_t)input) & 0x03) || (((uint32_t)output) & 0x03) ) |
<> | 149:156823d33999 | 345 | { |
<> | 149:156823d33999 | 346 | blockChainLen = (( length > MAX_DMA_CHAIN_SIZE ) ? MAX_DMA_CHAIN_SIZE : length ); |
<> | 149:156823d33999 | 347 | } else { |
<> | 149:156823d33999 | 348 | blockChainLen = length; |
<> | 149:156823d33999 | 349 | } |
<> | 149:156823d33999 | 350 | |
<> | 149:156823d33999 | 351 | while( length > 0 ) |
<> | 149:156823d33999 | 352 | { |
<> | 149:156823d33999 | 353 | ctx->opMode = AES_MODE_CBC; |
<> | 149:156823d33999 | 354 | swapInitVector(iv); // iv SWAP |
<> | 149:156823d33999 | 355 | ctx->iv = (uint32_t *)iv; |
<> | 149:156823d33999 | 356 | |
<> | 149:156823d33999 | 357 | if( mode == MBEDTLS_AES_ENCRYPT ) |
<> | 149:156823d33999 | 358 | { |
<> | 149:156823d33999 | 359 | ctx->encDec = 1; |
<> | 149:156823d33999 | 360 | __nvt_aes_crypt(ctx, input, output, blockChainLen); |
<> | 149:156823d33999 | 361 | // if( blockChainLen == length ) break; // finish last block chain but still need to prepare next iv for mbedtls_aes_self_test() |
<> | 149:156823d33999 | 362 | memcpy( iv, output+blockChainLen-16, 16 ); |
<> | 149:156823d33999 | 363 | }else{ |
<> | 149:156823d33999 | 364 | memcpy( temp, input+blockChainLen-16, 16 ); |
<> | 149:156823d33999 | 365 | ctx->encDec = 0; |
<> | 149:156823d33999 | 366 | __nvt_aes_crypt(ctx, input, output, blockChainLen); |
<> | 149:156823d33999 | 367 | // if( blockChainLen == length ) break; // finish last block chain but still need to prepare next iv for mbedtls_aes_self_test() |
<> | 149:156823d33999 | 368 | memcpy( iv, temp, 16 ); |
<> | 149:156823d33999 | 369 | } |
<> | 149:156823d33999 | 370 | length -= blockChainLen; |
<> | 149:156823d33999 | 371 | input += blockChainLen; |
<> | 149:156823d33999 | 372 | output += blockChainLen; |
<> | 149:156823d33999 | 373 | if(length < MAX_DMA_CHAIN_SIZE ) blockChainLen = length; // For last remainder block chain |
<> | 149:156823d33999 | 374 | |
<> | 149:156823d33999 | 375 | } |
<> | 149:156823d33999 | 376 | |
<> | 149:156823d33999 | 377 | return( 0 ); |
<> | 149:156823d33999 | 378 | } |
<> | 149:156823d33999 | 379 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
<> | 149:156823d33999 | 380 | |
<> | 149:156823d33999 | 381 | #if defined(MBEDTLS_CIPHER_MODE_CFB) |
<> | 149:156823d33999 | 382 | /* |
<> | 149:156823d33999 | 383 | * AES-CFB128 buffer encryption/decryption |
<> | 149:156823d33999 | 384 | */ |
<> | 149:156823d33999 | 385 | /* Support partial block encryption/decryption */ |
<> | 149:156823d33999 | 386 | static int __nvt_aes_crypt_partial_block_cfb128( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 387 | int mode, |
<> | 149:156823d33999 | 388 | size_t length, |
<> | 149:156823d33999 | 389 | size_t *iv_off, |
<> | 149:156823d33999 | 390 | unsigned char iv[16], |
<> | 149:156823d33999 | 391 | const unsigned char *input, |
<> | 149:156823d33999 | 392 | unsigned char *output ) |
<> | 149:156823d33999 | 393 | { |
<> | 149:156823d33999 | 394 | int c; |
<> | 149:156823d33999 | 395 | size_t n = *iv_off; |
<> | 149:156823d33999 | 396 | unsigned char iv_tmp[16]; |
<> | 149:156823d33999 | 397 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 398 | if( mode == MBEDTLS_AES_DECRYPT ) |
<> | 149:156823d33999 | 399 | { |
<> | 149:156823d33999 | 400 | while( length-- ) |
<> | 149:156823d33999 | 401 | { |
<> | 149:156823d33999 | 402 | if( n == 0) |
<> | 149:156823d33999 | 403 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); |
<> | 149:156823d33999 | 404 | else if( ctx->opMode == AES_MODE_CFB) // For previous cryption is CFB mode |
<> | 149:156823d33999 | 405 | { |
<> | 149:156823d33999 | 406 | memcpy(iv_tmp, iv, n); |
<> | 149:156823d33999 | 407 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, ctx->prv_iv, iv ); |
<> | 149:156823d33999 | 408 | memcpy(iv, iv_tmp, n); |
<> | 149:156823d33999 | 409 | } |
<> | 149:156823d33999 | 410 | |
<> | 149:156823d33999 | 411 | c = *input++; |
<> | 149:156823d33999 | 412 | *output++ = (unsigned char)( c ^ iv[n] ); |
<> | 149:156823d33999 | 413 | iv[n] = (unsigned char) c; |
<> | 149:156823d33999 | 414 | |
<> | 149:156823d33999 | 415 | n = ( n + 1 ) & 0x0F; |
<> | 149:156823d33999 | 416 | } |
<> | 149:156823d33999 | 417 | } |
<> | 149:156823d33999 | 418 | else |
<> | 149:156823d33999 | 419 | { |
<> | 149:156823d33999 | 420 | while( length-- ) |
<> | 149:156823d33999 | 421 | { |
<> | 149:156823d33999 | 422 | if( n == 0 ) |
<> | 149:156823d33999 | 423 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); |
<> | 149:156823d33999 | 424 | else if( ctx->opMode == AES_MODE_CFB) // For previous cryption is CFB mode |
<> | 149:156823d33999 | 425 | { |
<> | 149:156823d33999 | 426 | memcpy(iv_tmp, iv, n); |
<> | 149:156823d33999 | 427 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, ctx->prv_iv, iv ); |
<> | 149:156823d33999 | 428 | memcpy(iv, iv_tmp, n); |
<> | 149:156823d33999 | 429 | } |
<> | 149:156823d33999 | 430 | |
<> | 149:156823d33999 | 431 | iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); |
<> | 149:156823d33999 | 432 | |
<> | 149:156823d33999 | 433 | n = ( n + 1 ) & 0x0F; |
<> | 149:156823d33999 | 434 | } |
<> | 149:156823d33999 | 435 | } |
<> | 149:156823d33999 | 436 | |
<> | 149:156823d33999 | 437 | *iv_off = n; |
<> | 149:156823d33999 | 438 | |
<> | 149:156823d33999 | 439 | return( 0 ); |
<> | 149:156823d33999 | 440 | } |
<> | 149:156823d33999 | 441 | |
<> | 149:156823d33999 | 442 | int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 443 | int mode, |
<> | 149:156823d33999 | 444 | size_t len, |
<> | 149:156823d33999 | 445 | size_t *iv_off, |
<> | 149:156823d33999 | 446 | unsigned char iv[16], |
<> | 149:156823d33999 | 447 | const unsigned char *input, |
<> | 149:156823d33999 | 448 | unsigned char *output ) |
<> | 149:156823d33999 | 449 | { |
<> | 149:156823d33999 | 450 | size_t n = *iv_off; |
<> | 149:156823d33999 | 451 | unsigned char temp[16]; |
<> | 149:156823d33999 | 452 | int length=len; |
<> | 149:156823d33999 | 453 | int blockChainLen; |
<> | 149:156823d33999 | 454 | int remLen=0; |
<> | 149:156823d33999 | 455 | int ivLen; |
<> | 149:156823d33999 | 456 | |
<> | 149:156823d33999 | 457 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 458 | |
<> | 149:156823d33999 | 459 | // proceed: start with partial block by ECB mode first |
<> | 149:156823d33999 | 460 | if( n !=0 ) { |
<> | 149:156823d33999 | 461 | __nvt_aes_crypt_partial_block_cfb128(ctx, mode, 16 - n , iv_off, iv, input, output); |
<> | 149:156823d33999 | 462 | input += (16 - n); |
<> | 149:156823d33999 | 463 | output += (16 - n); |
<> | 149:156823d33999 | 464 | length -= (16 - n); |
<> | 149:156823d33999 | 465 | } |
<> | 149:156823d33999 | 466 | |
<> | 149:156823d33999 | 467 | // For address or byte count non-word alignment, go through reserved DMA buffer. |
<> | 149:156823d33999 | 468 | if( (((uint32_t)input) & 0x03) || (((uint32_t)output) & 0x03) ) // Must reserved DMA buffer for each block |
<> | 149:156823d33999 | 469 | { |
<> | 149:156823d33999 | 470 | blockChainLen = (( length > MAX_DMA_CHAIN_SIZE ) ? MAX_DMA_CHAIN_SIZE : length ); |
<> | 149:156823d33999 | 471 | } else if(length%4) { // Need reserved DMA buffer once for last chain |
<> | 149:156823d33999 | 472 | blockChainLen = (( length > MAX_DMA_CHAIN_SIZE ) ? (length - length%16) : length ); |
<> | 149:156823d33999 | 473 | } else { // Not need reserved DMA buffer |
<> | 149:156823d33999 | 474 | blockChainLen = length; |
<> | 149:156823d33999 | 475 | } |
<> | 149:156823d33999 | 476 | |
<> | 149:156823d33999 | 477 | // proceed: start with block alignment |
<> | 149:156823d33999 | 478 | while( length > 0 ) |
<> | 149:156823d33999 | 479 | { |
<> | 149:156823d33999 | 480 | |
<> | 149:156823d33999 | 481 | ctx->opMode = AES_MODE_CFB; |
<> | 149:156823d33999 | 482 | |
<> | 149:156823d33999 | 483 | swapInitVector(iv); // iv SWAP |
<> | 149:156823d33999 | 484 | |
<> | 149:156823d33999 | 485 | ctx->iv = (uint32_t *)iv; |
<> | 149:156823d33999 | 486 | remLen = blockChainLen%16; |
<> | 149:156823d33999 | 487 | ivLen = (( remLen > 0) ? remLen: 16 ); |
<> | 149:156823d33999 | 488 | |
<> | 149:156823d33999 | 489 | if( mode == MBEDTLS_AES_DECRYPT ) |
<> | 149:156823d33999 | 490 | { |
<> | 149:156823d33999 | 491 | memcpy(temp, input+blockChainLen - ivLen, ivLen); |
<> | 149:156823d33999 | 492 | if(blockChainLen >= 16) memcpy(ctx->prv_iv, input+blockChainLen-remLen-16 , 16); |
<> | 149:156823d33999 | 493 | ctx->encDec = 0; |
<> | 149:156823d33999 | 494 | __nvt_aes_crypt(ctx, input, output, blockChainLen); |
<> | 149:156823d33999 | 495 | memcpy(iv,temp, ivLen); |
<> | 149:156823d33999 | 496 | } |
<> | 149:156823d33999 | 497 | else |
<> | 149:156823d33999 | 498 | { |
<> | 149:156823d33999 | 499 | ctx->encDec = 1; |
<> | 149:156823d33999 | 500 | __nvt_aes_crypt(ctx, input, output, blockChainLen); |
<> | 149:156823d33999 | 501 | if(blockChainLen >= 16) memcpy(ctx->prv_iv, output+blockChainLen-remLen-16 , 16); |
<> | 149:156823d33999 | 502 | memcpy(iv,output+blockChainLen-ivLen,ivLen); |
<> | 149:156823d33999 | 503 | } |
<> | 149:156823d33999 | 504 | length -= blockChainLen; |
<> | 149:156823d33999 | 505 | input += blockChainLen; |
<> | 149:156823d33999 | 506 | output += blockChainLen; |
<> | 149:156823d33999 | 507 | if(length < MAX_DMA_CHAIN_SIZE ) blockChainLen = length; // For last remainder block chain |
<> | 149:156823d33999 | 508 | } |
<> | 149:156823d33999 | 509 | |
<> | 149:156823d33999 | 510 | *iv_off = remLen; |
<> | 149:156823d33999 | 511 | |
<> | 149:156823d33999 | 512 | return( 0 ); |
<> | 149:156823d33999 | 513 | } |
<> | 149:156823d33999 | 514 | |
<> | 149:156823d33999 | 515 | |
<> | 149:156823d33999 | 516 | /* |
<> | 149:156823d33999 | 517 | * AES-CFB8 buffer encryption/decryption |
<> | 149:156823d33999 | 518 | */ |
<> | 149:156823d33999 | 519 | int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 520 | int mode, |
<> | 149:156823d33999 | 521 | size_t length, |
<> | 149:156823d33999 | 522 | unsigned char iv[16], |
<> | 149:156823d33999 | 523 | const unsigned char *input, |
<> | 149:156823d33999 | 524 | unsigned char *output ) |
<> | 149:156823d33999 | 525 | { |
<> | 149:156823d33999 | 526 | unsigned char c; |
<> | 149:156823d33999 | 527 | unsigned char ov[17]; |
<> | 149:156823d33999 | 528 | |
<> | 149:156823d33999 | 529 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 530 | while( length-- ) |
<> | 149:156823d33999 | 531 | { |
<> | 149:156823d33999 | 532 | memcpy( ov, iv, 16 ); |
<> | 149:156823d33999 | 533 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); |
<> | 149:156823d33999 | 534 | |
<> | 149:156823d33999 | 535 | if( mode == MBEDTLS_AES_DECRYPT ) |
<> | 149:156823d33999 | 536 | ov[16] = *input; |
<> | 149:156823d33999 | 537 | |
<> | 149:156823d33999 | 538 | c = *output++ = (unsigned char)( iv[0] ^ *input++ ); |
<> | 149:156823d33999 | 539 | |
<> | 149:156823d33999 | 540 | if( mode == MBEDTLS_AES_ENCRYPT ) |
<> | 149:156823d33999 | 541 | ov[16] = c; |
<> | 149:156823d33999 | 542 | |
<> | 149:156823d33999 | 543 | memcpy( iv, ov + 1, 16 ); |
<> | 149:156823d33999 | 544 | } |
<> | 149:156823d33999 | 545 | |
<> | 149:156823d33999 | 546 | return( 0 ); |
<> | 149:156823d33999 | 547 | } |
<> | 149:156823d33999 | 548 | #endif /*MBEDTLS_CIPHER_MODE_CFB */ |
<> | 149:156823d33999 | 549 | |
<> | 149:156823d33999 | 550 | #if defined(MBEDTLS_CIPHER_MODE_CTR) |
<> | 149:156823d33999 | 551 | /* |
<> | 149:156823d33999 | 552 | * AES-CTR buffer encryption/decryption |
<> | 149:156823d33999 | 553 | */ |
<> | 149:156823d33999 | 554 | int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, |
<> | 149:156823d33999 | 555 | size_t length, |
<> | 149:156823d33999 | 556 | size_t *nc_off, |
<> | 149:156823d33999 | 557 | unsigned char nonce_counter[16], |
<> | 149:156823d33999 | 558 | unsigned char stream_block[16], |
<> | 149:156823d33999 | 559 | const unsigned char *input, |
<> | 149:156823d33999 | 560 | unsigned char *output ) |
<> | 149:156823d33999 | 561 | { |
<> | 149:156823d33999 | 562 | int c, i; |
<> | 149:156823d33999 | 563 | size_t n = *nc_off; |
<> | 149:156823d33999 | 564 | |
<> | 149:156823d33999 | 565 | mbedtls_trace("=== %s \r\n", __FUNCTION__); |
<> | 149:156823d33999 | 566 | while( length-- ) |
<> | 149:156823d33999 | 567 | { |
<> | 149:156823d33999 | 568 | if( n == 0 ) { |
<> | 149:156823d33999 | 569 | mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); |
<> | 149:156823d33999 | 570 | |
<> | 149:156823d33999 | 571 | for( i = 16; i > 0; i-- ) |
<> | 149:156823d33999 | 572 | if( ++nonce_counter[i - 1] != 0 ) |
<> | 149:156823d33999 | 573 | break; |
<> | 149:156823d33999 | 574 | } |
<> | 149:156823d33999 | 575 | c = *input++; |
<> | 149:156823d33999 | 576 | *output++ = (unsigned char)( c ^ stream_block[n] ); |
<> | 149:156823d33999 | 577 | |
<> | 149:156823d33999 | 578 | n = ( n + 1 ) & 0x0F; |
<> | 149:156823d33999 | 579 | } |
<> | 149:156823d33999 | 580 | |
<> | 149:156823d33999 | 581 | *nc_off = n; |
<> | 149:156823d33999 | 582 | |
<> | 149:156823d33999 | 583 | return( 0 ); |
<> | 149:156823d33999 | 584 | } |
<> | 149:156823d33999 | 585 | #endif /* MBEDTLS_CIPHER_MODE_CTR */ |
<> | 149:156823d33999 | 586 | |
<> | 149:156823d33999 | 587 | #endif /* MBEDTLS_AES_ALT */ |
<> | 149:156823d33999 | 588 | |
<> | 149:156823d33999 | 589 | |
<> | 149:156823d33999 | 590 | #endif /* MBEDTLS_AES_C */ |