Kenji Arai / mbed-os_TYBLE16

Dependents:   TYBLE16_simple_data_logger TYBLE16_MP3_Air

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers aes_alt.c Source File

aes_alt.c

00001 /*
00002  *  aes_alt.c
00003  *
00004  *  Copyright (C) 2019, Arm Limited, All Rights Reserved
00005  *  SPDX-License-Identifier: Apache-2.0
00006  *
00007  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00008  *  not use this file except in compliance with the License.
00009  *  You may obtain a copy of the License at
00010  *
00011  *  http://www.apache.org/licenses/LICENSE-2.0
00012  *
00013  *  Unless required by applicable law or agreed to in writing, software
00014  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00015  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00016  *  See the License for the specific language governing permissions and
00017  *  limitations under the License.
00018  *
00019  */
00020 
00021 #include "mbedtls/aes.h"
00022 #if defined(MBEDTLS_AES_ALT)
00023 #include <string.h>
00024 #include "ssi_aes_defs.h"
00025 #include "mbedtls/platform.h"
00026 
00027 #if defined(MBEDTLS_CIPHER_MODE_CFB)
00028 /*
00029  * AES-CFB128 buffer encryption/decryption
00030  */
00031 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
00032                               int mode,
00033                               size_t length,
00034                               size_t *iv_off,
00035                               unsigned char iv[16],
00036                               const unsigned char *input,
00037                               unsigned char *output )
00038 {
00039     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00040 }
00041 
00042 /*
00043  * AES-CFB8 buffer encryption/decryption
00044  */
00045 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
00046                             int mode,
00047                             size_t length,
00048                             unsigned char iv[16],
00049                             const unsigned char *input,
00050                             unsigned char *output )
00051 {
00052     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00053 }
00054 #endif /*MBEDTLS_CIPHER_MODE_CFB */
00055 
00056 #if defined(MBEDTLS_CIPHER_MODE_XTS)
00057 
00058 int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
00059                                 const unsigned char *key,
00060                                 unsigned int keybits )
00061 {
00062     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00063 }
00064 
00065 int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
00066                                 const unsigned char *key,
00067                                 unsigned int keybits )
00068 {
00069     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00070 }
00071 
00072 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
00073                            int mode,
00074                            size_t length,
00075                            const unsigned char data_unit[16],
00076                            const unsigned char *input,
00077                            unsigned char *output )
00078 {
00079     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00080 }
00081 #endif /* MBEDTLS_CIPHER_MODE_XTS */
00082 
00083 #if defined(MBEDTLS_CIPHER_MODE_OFB)
00084 int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
00085                            size_t length,
00086                            size_t *iv_off,
00087                            unsigned char iv[16],
00088                            const unsigned char *input,
00089                            unsigned char *output );
00090 {
00091     return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00092 }
00093 #endif /* MBEDTLS_CIPHER_MODE_OFB */
00094 
00095 void mbedtls_aes_init( mbedtls_aes_context *ctx )
00096 {
00097     memset( ctx, 0, sizeof( mbedtls_aes_context ) );
00098 }
00099 
00100 void mbedtls_aes_free( mbedtls_aes_context *ctx )
00101 {
00102     if( ctx == NULL )
00103         return;
00104 
00105     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) );
00106 }
00107 #if defined(MBEDTLS_CIPHER_MODE_XTS)
00108 
00109 void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ){}
00110 
00111 void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ){}
00112 #endif /* MBEDTLS_CIPHER_MODE_XTS */
00113 
00114 static int CC_aes_setkey( mbedtls_aes_context *ctx, const unsigned char *key,
00115                           unsigned int keybits, SaSiAesEncryptMode_t  cipher_flag )
00116 {
00117     int ret = 0;
00118     if( ctx == NULL )
00119         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00120 
00121     switch( keybits )
00122     {
00123         case 128:
00124         {
00125             ctx->CC_cipherFlag = cipher_flag;
00126             ctx->CC_keySizeInBytes = ( keybits / 8 );
00127             memcpy( ctx->CC_Key, key, ctx->CC_keySizeInBytes );
00128         }
00129         break;
00130         case 192:
00131         case 256:
00132             return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED );
00133         default:
00134             return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
00135     }
00136 
00137     return( 0 );
00138 }
00139 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
00140                             unsigned int keybits )
00141 {
00142     return( CC_aes_setkey( ctx, key, keybits, SASI_AES_ENCRYPT  ) );
00143 }
00144 
00145 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
00146                             unsigned int keybits )
00147 {
00148     return( CC_aes_setkey( ctx, key, keybits, SASI_AES_DECRYPT  ) );
00149 }
00150 
00151 static int CC_aes_cipher( mbedtls_aes_context *ctx,
00152                           int mode,
00153                           SaSiAesOperationMode_t  aes_mode,
00154                           size_t length,
00155                           unsigned char* iv,
00156                           size_t iv_len,
00157                           const unsigned char *input,
00158                           unsigned char *output )
00159 {
00160     int ret = 0;
00161     SaSiAesUserKeyData_t  CC_KeyData = { ctx->CC_Key,
00162                                         ctx->CC_keySizeInBytes };
00163 
00164     ret = SaSi_AesInit( &ctx->CC_Context,
00165                         ctx->CC_cipherFlag,
00166                         aes_mode, SASI_AES_PADDING_NONE  );
00167     if( ret != 0 )
00168         return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00169 
00170     ret = SaSi_AesSetKey( &ctx->CC_Context, SASI_AES_USER_KEY ,
00171                           &CC_KeyData, sizeof( CC_KeyData ) );
00172     if( ret != 0 )
00173         return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00174 
00175     if( iv )
00176     {
00177         if( iv_len != SASI_AES_IV_SIZE_IN_BYTES )
00178             return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
00179 
00180         ret = SaSi_AesSetIv( &ctx->CC_Context, iv );
00181         if( ret != 0 )
00182             return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00183      }
00184 
00185      ret = SaSi_AesFinish( &ctx->CC_Context, length,
00186                            ( unsigned char* )input, length, output, &length );
00187      if( ret != 0 )
00188          return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00189 
00190      /* update the IV for next block
00191       * For CTR mode, update the nonce only if the current length is a full AES block length
00192       */
00193 
00194      if( ( ( aes_mode == SASI_AES_MODE_CBC  ) ||
00195           ( (aes_mode == SASI_AES_MODE_CTR ) && ( ( length % SASI_AES_BLOCK_SIZE_IN_BYTES) == 0) ) )
00196              && iv )
00197      {
00198           ret = SaSi_AesGetIv( &ctx->CC_Context, iv );
00199           if( ret != 0 )
00200               return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00201       }
00202 
00203       ret = SaSi_AesFree( &ctx->CC_Context );
00204       if( ret != 0 )
00205           return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
00206 
00207       return( 0 );
00208 }
00209 
00210 int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
00211                            int mode,
00212                            const unsigned char input[16],
00213                            unsigned char output[16] )
00214 {
00215     if( ctx == NULL )
00216         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00217 
00218     if( ( mode == MBEDTLS_AES_ENCRYPT  && ctx->CC_cipherFlag !=  SASI_AES_ENCRYPT  ) ||
00219         ( mode == MBEDTLS_AES_DECRYPT && ctx->CC_cipherFlag !=  SASI_AES_DECRYPT  ) )
00220         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00221 
00222     return( CC_aes_cipher( ctx, mode, SASI_AES_MODE_ECB , 16, NULL, 0, input, output ) );
00223 }
00224 
00225 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00226 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
00227                            int mode,
00228                            size_t length,
00229                            unsigned char iv[16],
00230                            const unsigned char *input,
00231                            unsigned char *output )
00232 {
00233     if( ctx == NULL )
00234         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00235 
00236     if( length % SASI_AES_BLOCK_SIZE_IN_BYTES )
00237         return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
00238 
00239     if( ( mode != MBEDTLS_AES_ENCRYPT  || ctx->CC_cipherFlag !=  SASI_AES_ENCRYPT  ) &&
00240         ( mode != MBEDTLS_AES_DECRYPT || ctx->CC_cipherFlag !=  SASI_AES_DECRYPT  ) )
00241         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00242 
00243     return( CC_aes_cipher( ctx, mode, SASI_AES_MODE_CBC , length, iv, 16, input, output ) );
00244 }
00245 
00246 #endif /* MBEDTLS_CIPHER_MODE_CBC */
00247 
00248 #if defined(MBEDTLS_CIPHER_MODE_CTR)
00249 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
00250                            size_t length,
00251                            size_t *nc_off,
00252                            unsigned char nonce_counter[16],
00253                            unsigned char stream_block[16],
00254                            const unsigned char *input,
00255                            unsigned char *output )
00256 {
00257     int ret = 0;
00258     int n = *nc_off, c, i;
00259     size_t j;
00260     if( ctx == NULL )
00261         return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
00262 
00263     if( *nc_off )
00264     {
00265         /* handle corner case where we are resuming a previous encryption,
00266          * and we are resuming within current cipher stream(stream_block) */
00267         while( n != 0 )
00268         {
00269             c = *input++;
00270             *output++ = (unsigned char)( c ^ stream_block[n] );
00271             n = ( n + 1) & 0x0F;
00272             if( length > 0)
00273                 --length;
00274         }
00275         /*
00276          * Increase the nonce_counter by 1 since we now passed one block
00277          */
00278           for( i = 16; i > 0; i-- )
00279               if( ++nonce_counter[i - 1] != 0 )
00280                   break;
00281     }
00282     if( CC_aes_cipher( ctx, MBEDTLS_AES_ENCRYPT, SASI_AES_MODE_CTR ,
00283                        length, nonce_counter, SASI_AES_IV_SIZE_IN_BYTES, input, output ) != 0 )
00284     {
00285         ret = -1;
00286     }
00287     if( ( ( length % SASI_AES_BLOCK_SIZE_IN_BYTES ) != 0 ) && ret == 0 )
00288     {
00289         /* in case the length is not aligned, generate stream block for resuming
00290          * increase nonce_block to the correct value*/
00291         for( j = 0; j < ( length/SASI_AES_BLOCK_SIZE_IN_BYTES ); j++)
00292             for( i = 16; i > 0; i-- )
00293                 if( ++nonce_counter[i - 1] != 0 )
00294                     break;
00295         if( ( ret = CC_aes_cipher( ctx, MBEDTLS_AES_ENCRYPT, SASI_AES_MODE_ECB ,
00296                                    SASI_AES_BLOCK_SIZE_IN_BYTES, NULL, 0,
00297                                    nonce_counter, stream_block ) ) != 0 )
00298         {
00299             goto exit;
00300         }
00301     }
00302     *nc_off = ( length % SASI_AES_BLOCK_SIZE_IN_BYTES );
00303 
00304 exit:
00305     return( ret );
00306 }
00307 #endif /* MBEDTLS_CIPHER_MODE_CTR */
00308 #endif/* MBEDTLS_AES_ALT */