From bc0fe0ea16c8124e56309bf5bb98c363940d4a97 Mon Sep 17 00:00:00 2001 From: anjiahao Date: Thu, 8 Sep 2022 14:13:08 +0800 Subject: [PATCH] crypto:add some hardware support esp32c3: aes hmac-sha1 hmac-sha256 stm32f0l0g0 stm32l1 : aes sam34: aes lpc43: aes Signed-off-by: anjiahao --- arch/arm/src/lpc43xx/Make.defs | 4 + arch/arm/src/lpc43xx/lpc43_aes.c | 2 +- arch/arm/src/lpc43xx/lpc43_crypto.c | 130 +++++ arch/arm/src/sam34/Make.defs | 4 + arch/arm/src/sam34/sam_crypto.c | 160 ++++++ arch/arm/src/stm32/Make.defs | 4 + arch/arm/src/stm32/stm32_crypto.c | 152 +++++ arch/arm/src/stm32f0l0g0/stm32_crypto.c | 160 ++++++ arch/risc-v/src/esp32c3/Make.defs | 4 + arch/risc-v/src/esp32c3/esp32c3_aes.c | 19 +- arch/risc-v/src/esp32c3/esp32c3_aes.h | 8 + arch/risc-v/src/esp32c3/esp32c3_crypto.c | 518 ++++++++++++++++++ arch/risc-v/src/esp32c3/esp32c3_sha.h | 148 +++++ .../esp32c3-devkit/configs/crypto/defconfig | 51 ++ crypto/Kconfig | 5 + crypto/Makefile | 1 + crypto/cryptosoft.c | 40 -- crypto/hmac_buff.c | 70 +++ include/crypto/cryptodev.h | 10 + include/crypto/cryptosoft.h | 3 - 20 files changed, 1440 insertions(+), 53 deletions(-) create mode 100644 arch/arm/src/lpc43xx/lpc43_crypto.c create mode 100644 arch/arm/src/sam34/sam_crypto.c create mode 100644 arch/arm/src/stm32/stm32_crypto.c create mode 100644 arch/arm/src/stm32f0l0g0/stm32_crypto.c create mode 100644 arch/risc-v/src/esp32c3/esp32c3_crypto.c create mode 100644 boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig create mode 100644 crypto/hmac_buff.c diff --git a/arch/arm/src/lpc43xx/Make.defs b/arch/arm/src/lpc43xx/Make.defs index ab3c658702..8ec251feb6 100644 --- a/arch/arm/src/lpc43xx/Make.defs +++ b/arch/arm/src/lpc43xx/Make.defs @@ -126,6 +126,10 @@ ifeq ($(CONFIG_CRYPTO_AES),y) CHIP_CSRCS += lpc43_aes.c endif +ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y) +CHIP_CSRCS += lpc43_crypto.c +endif + ifeq ($(CONFIG_LPC43_USB0),y) ifeq ($(CONFIG_USBDEV),y) CHIP_CSRCS += lpc43_usb0dev.c diff --git a/arch/arm/src/lpc43xx/lpc43_aes.c b/arch/arm/src/lpc43xx/lpc43_aes.c index 04c71ea083..e394de0416 100644 --- a/arch/arm/src/lpc43xx/lpc43_aes.c +++ b/arch/arm/src/lpc43xx/lpc43_aes.c @@ -37,7 +37,7 @@ #include "arm_internal.h" #include "chip.h" -#include +#include #define AES_BLOCK_SIZE 16 diff --git a/arch/arm/src/lpc43xx/lpc43_crypto.c b/arch/arm/src/lpc43xx/lpc43_crypto.c new file mode 100644 index 0000000000..cd06c321e6 --- /dev/null +++ b/arch/arm/src/lpc43xx/lpc43_crypto.c @@ -0,0 +1,130 @@ +/**************************************************************************** + * arch/arm/src/lpc43xx/lpc43_crypto.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +#include +#include +#include + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +static uint32_t g_lpc43_sesnum; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: authcompute + * + * Description: + * Calculate the hash. + * + ****************************************************************************/ + +/**************************************************************************** + * Name: lpc43_newsession + * + * Description: + * create new session for crypto. + * + ****************************************************************************/ + +static int lpc43_newsession(uint32_t *sid, struct cryptoini *cri) +{ + if (sid == NULL || cri == NULL || cri->cri_alg != CRYPTO_AES_CBC) + { + return -EINVAL; + } + + sid = g_lpc43_sesnum++; + return OK; +} + +/**************************************************************************** + * Name: lpc43_freesession + * + * Description: + * free session. + * + ****************************************************************************/ + +static int lpc43_freesession(uint64_t tid) +{ + return 0; +} + +/**************************************************************************** + * Name: lpc43_process + * + * Description: + * process session to use hardware algorithm. + * + ****************************************************************************/ + +static int lpc43_process(struct cryptop *crp) +{ + struct cryptodesc *crd; + + for (crd = crp->crp_desc; crd; crd = crd->crd_next) + { + switch (crd->crd_alg) + { + case CRYPTO_AES_CBC: + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + crd->crd_iv, crd->crd_key, 16, + AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT); + default: + return -EINVAL; + } + } +} + +/**************************************************************************** + * Name: hwcr_init + * + * Description: + * register the hardware crypto driver. + * + ****************************************************************************/ + +void hwcr_init(void) +{ + int hwcr_id; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + + hwcr_id = crypto_get_driverid(0); + DEBUGASSERT(hwcr_id >= 0); + + memset(algs, 0, sizeof(algs)); + + algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_register(hwcr_id, algs, lpc43_newsession, + lpc43_freesession, lpc43_process); +} diff --git a/arch/arm/src/sam34/Make.defs b/arch/arm/src/sam34/Make.defs index 9bda3fdcbf..faad35b62f 100644 --- a/arch/arm/src/sam34/Make.defs +++ b/arch/arm/src/sam34/Make.defs @@ -99,6 +99,10 @@ ifeq ($(CONFIG_SAM34_AES),y) CHIP_CSRCS += sam_aes.c endif +ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y) +CHIP_CSRCS += sam_crypto.c +endif + ifeq ($(CONFIG_SAM34_RTC),y) CHIP_CSRCS += sam_rtc.c endif diff --git a/arch/arm/src/sam34/sam_crypto.c b/arch/arm/src/sam34/sam_crypto.c new file mode 100644 index 0000000000..9bfe7f4b54 --- /dev/null +++ b/arch/arm/src/sam34/sam_crypto.c @@ -0,0 +1,160 @@ +/**************************************************************************** + * arch/arm/src/sam34/sam_crypto.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +#include +#include +#include + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +FAR static uint32_t g_sam_sesnum = 0; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: authcompute + * + * Description: + * Calculate the hash. + * + ****************************************************************************/ + +/**************************************************************************** + * Name: sam_newsession + * + * Description: + * create new session for crypto. + * + ****************************************************************************/ + +static int sam_newsession(FAR uint32_t *sid, FAR struct cryptoini *cri) +{ + if (sid == NULL || cri == NULL) + { + return -EINVAL; + } + + switch (cri->cri_alg) + { + case CRYPTO_AES_CBC: + *sid = g_sam_sesnum++; + break; + case CRYPTO_AES_CTR: + if ((cri->cri_klen / 8 - 4) != 16) + { + /* sam aes-ctr key bits just support 128 */ + + return -EINVAL; + } + + *sid = g_sam_sesnum++; + break; + default : + return -EINVAL; + } + + return OK; +} + +/**************************************************************************** + * Name: sam_freesession + * + * Description: + * free session. + * + ****************************************************************************/ + +static int sam_freesession(uint64_t tid) +{ + return 0; +} + +/**************************************************************************** + * Name: sam_process + * + * Description: + * process session to use hardware algorithm. + * + ****************************************************************************/ + +static int sam_process(struct cryptop *crp) +{ + struct cryptodesc *crd; + uint8_t iv[AESCTR_BLOCKSIZE]; + + for (crd = crp->crp_desc; crd; crd = crd->crd_next) + { + switch (crd->crd_alg) + { + case CRYPTO_AES_CBC: + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + crd->crd_iv, crd->crd_key, 16, + AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT); + case CRYPTO_AES_CTR: + + memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE, + AESCTR_NONCESIZE); + memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE); + memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4); + + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + iv, crd->crd_key, crd->crd_klen / 8 - 4, + AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT); + default: + return -EINVAL; + } + } +} + +/**************************************************************************** + * Name: hwcr_init + * + * Description: + * register the hardware crypto driver. + * + ****************************************************************************/ + +void hwcr_init(void) +{ + int hwcr_id; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + + hwcr_id = crypto_get_driverid(0); + DEBUGASSERT(hwcr_id >= 0); + + memset(algs, 0, sizeof(algs)); + + algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_register(hwcr_id, algs, sam_newsession, + sam_freesession, sam_process); +} diff --git a/arch/arm/src/stm32/Make.defs b/arch/arm/src/stm32/Make.defs index 4f7bf86e04..27087ce058 100644 --- a/arch/arm/src/stm32/Make.defs +++ b/arch/arm/src/stm32/Make.defs @@ -221,6 +221,10 @@ ifeq ($(CONFIG_STM32_AES),y) CHIP_CSRCS += stm32_aes.c endif +ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y) +CHIP_CSRCS += stm32_crypto.c +endif + ifeq ($(CONFIG_STM32_BBSRAM),y) CHIP_CSRCS += stm32_bbsram.c endif diff --git a/arch/arm/src/stm32/stm32_crypto.c b/arch/arm/src/stm32/stm32_crypto.c new file mode 100644 index 0000000000..472be58e50 --- /dev/null +++ b/arch/arm/src/stm32/stm32_crypto.c @@ -0,0 +1,152 @@ +/**************************************************************************** + * arch/arm/src/stm32/stm32_crypto.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +#include +#include +#include + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +static uint32_t g_stm32_sesnum = 0; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: stm32_newsession + * + * Description: + * create new session for crypto. + * + ****************************************************************************/ + +static int stm32_newsession(uint32_t *sid, struct cryptoini *cri) +{ + if (sid == NULL || cri == NULL) + { + return -EINVAL; + } + + switch (cri->cri_alg) + { + case CRYPTO_AES_CBC: + *sid = g_stm32_sesnum++; + break; + case CRYPTO_AES_CTR: + if ((cri->cri_klen / 8 - 4) != 16) + { + /* stm32 aes-ctr key bits just support 128 */ + + return -EINVAL; + } + + *sid = g_stm32_sesnum++; + break; + default : + return -EINVAL; + } + + return OK; +} + +/**************************************************************************** + * Name: stm32_freesession + * + * Description: + * free session. + * + ****************************************************************************/ + +static int stm32_freesession(uint64_t tid) +{ + return 0; +} + +/**************************************************************************** + * Name: stm32_process + * + * Description: + * process session to use hardware algorithm. + * + ****************************************************************************/ + +static int stm32_process(struct cryptop *crp) +{ + struct cryptodesc *crd; + uint8_t iv[AESCTR_BLOCKSIZE]; + + for (crd = crp->crp_desc; crd; crd = crd->crd_next) + { + switch (crd->crd_alg) + { + case CRYPTO_AES_CBC: + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + crd->crd_iv, crd->crd_key, 16, + AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT); + case CRYPTO_AES_CTR: + + memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE, + AESCTR_NONCESIZE); + memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE); + memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4); + + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + iv, crd->crd_key, crd->crd_klen / 8 - 4, + AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT); + default: + return -EINVAL; + } + } +} + +/**************************************************************************** + * Name: hwcr_init + * + * Description: + * register the hardware crypto driver. + * + ****************************************************************************/ + +void hwcr_init(void) +{ + int hwcr_id; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + + hwcr_id = crypto_get_driverid(0); + DEBUGASSERT(hwcr_id >= 0); + + memset(algs, 0, sizeof(algs)); + + algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_register(hwcr_id, algs, stm32_newsession, + stm32_freesession, stm32_process); +} diff --git a/arch/arm/src/stm32f0l0g0/stm32_crypto.c b/arch/arm/src/stm32f0l0g0/stm32_crypto.c new file mode 100644 index 0000000000..e93e4d15aa --- /dev/null +++ b/arch/arm/src/stm32f0l0g0/stm32_crypto.c @@ -0,0 +1,160 @@ +/**************************************************************************** + * arch/arm/src/stm32f0l0g0/stm32_crypto.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +#include +#include +#include + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +static uint32_t g_stm32_sesnum = 0; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: authcompute + * + * Description: + * Calculate the hash. + * + ****************************************************************************/ + +/**************************************************************************** + * Name: stm32_newsession + * + * Description: + * create new session for crypto. + * + ****************************************************************************/ + +static int stm32_newsession(uint32_t *sid, struct cryptoini *cri) +{ + if (sid == NULL || cri == NULL) + { + return -EINVAL; + } + + switch (cri->cri_alg) + { + case CRYPTO_AES_CBC: + *sid = g_stm32_sesnum++; + break; + case CRYPTO_AES_CTR: + if ((cri->cri_klen / 8 - 4) != 16) + { + /* stm32 aes-ctr key bits just support 128 */ + + return -EINVAL; + } + + *sid = g_stm32_sesnum++; + break; + default : + return -EINVAL; + } + + return OK; +} + +/**************************************************************************** + * Name: stm32_freesession + * + * Description: + * free session. + * + ****************************************************************************/ + +static int stm32_freesession(uint64_t tid) +{ + return 0; +} + +/**************************************************************************** + * Name: stm32_process + * + * Description: + * process session to use hardware algorithm. + * + ****************************************************************************/ + +static int stm32_process(struct cryptop *crp) +{ + struct cryptodesc *crd; + uint8_t iv[AESCTR_BLOCKSIZE]; + + for (crd = crp->crp_desc; crd; crd = crd->crd_next) + { + switch (crd->crd_alg) + { + case CRYPTO_AES_CBC: + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + crd->crd_iv, crd->crd_key, 16, + AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT); + case CRYPTO_AES_CTR: + + memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE, + AESCTR_NONCESIZE); + memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE); + memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4); + + return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len, + iv, crd->crd_key, crd->crd_klen / 8 - 4, + AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT); + default: + return -EINVAL; + } + } +} + +/**************************************************************************** + * Name: hwcr_init + * + * Description: + * register the hardware crypto driver. + * + ****************************************************************************/ + +void hwcr_init(void) +{ + int hwcr_id; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + + hwcr_id = crypto_get_driverid(0); + DEBUGASSERT(hwcr_id >= 0); + + memset(algs, 0, sizeof(algs)); + + algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED; + + crypto_register(hwcr_id, algs, stm32_newsession, + stm32_freesession, stm32_process); +} diff --git a/arch/risc-v/src/esp32c3/Make.defs b/arch/risc-v/src/esp32c3/Make.defs index 58a6f13eff..e9a775d3df 100644 --- a/arch/risc-v/src/esp32c3/Make.defs +++ b/arch/risc-v/src/esp32c3/Make.defs @@ -148,6 +148,10 @@ ifeq ($(CONFIG_ESP32C3_ADC),y) CHIP_CSRCS += esp32c3_adc.c endif +ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y) +CHIP_CSRCS += esp32c3_crypto.c +endif + ifeq ($(CONFIG_ESP32C3_AES_ACCELERATOR),y) CHIP_CSRCS += esp32c3_aes.c endif diff --git a/arch/risc-v/src/esp32c3/esp32c3_aes.c b/arch/risc-v/src/esp32c3/esp32c3_aes.c index ce9f412552..15041012f1 100644 --- a/arch/risc-v/src/esp32c3/esp32c3_aes.c +++ b/arch/risc-v/src/esp32c3/esp32c3_aes.c @@ -585,11 +585,9 @@ int esp32c3_aes_init(void) * Name: aes_cypher ****************************************************************************/ -#ifdef CONFIG_CRYPTO_AES - -int aes_cypher(void *out, const void *in, size_t size, - const void *iv, const void *key, size_t keysize, - int mode, int encrypt) +int esp32c3_aes_cypher(void *out, const void *in, size_t size, + const void *iv, const void *key, size_t keysize, + int mode, int encrypt) { int ret; uint8_t iv_buf[AES_BLK_SIZE]; @@ -602,7 +600,12 @@ int aes_cypher(void *out, const void *in, size_t size, return -EINVAL; } - if (keysize != 16) + if (mode == AES_MODE_CTR) + { + keysize -= 4; + } + + if (keysize != 16 && keysize != 32) { return -EINVAL; } @@ -640,6 +643,7 @@ int aes_cypher(void *out, const void *in, size_t size, memcpy(iv_buf, iv, AES_BLK_SIZE); ret = esp32c3_aes_ctr_cypher(&aes, &nc_off, iv_buf, cache_buf, in, out, size); + break; default : ret = -EINVAL; break; @@ -647,6 +651,3 @@ int aes_cypher(void *out, const void *in, size_t size, return ret; } - -#endif - diff --git a/arch/risc-v/src/esp32c3/esp32c3_aes.h b/arch/risc-v/src/esp32c3/esp32c3_aes.h index 6ed25f17c0..3dd2a276e6 100644 --- a/arch/risc-v/src/esp32c3/esp32c3_aes.h +++ b/arch/risc-v/src/esp32c3/esp32c3_aes.h @@ -208,6 +208,14 @@ int esp32c3_aes_xts_setkey(struct esp32c3_aes_xts_s *aes, const void *keyptr, int esp32c3_aes_init(void); +/**************************************************************************** + * Name: aes_cypher + ****************************************************************************/ + +int esp32c3_aes_cypher(void *out, const void *in, size_t size, + const void *iv, const void *key, size_t keysize, + int mode, int encrypt); + #ifdef __cplusplus } #endif diff --git a/arch/risc-v/src/esp32c3/esp32c3_crypto.c b/arch/risc-v/src/esp32c3/esp32c3_crypto.c new file mode 100644 index 0000000000..41b942771e --- /dev/null +++ b/arch/risc-v/src/esp32c3/esp32c3_crypto.c @@ -0,0 +1,518 @@ +/**************************************************************************** + * arch/risc-v/src/esp32c3/esp32c3_crypto.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +#include +#include +#include +#include + +#include "esp32c3_sha.h" +#include "esp32c3_aes.h" + +/**************************************************************************** + * Private Functions Prototypes + ****************************************************************************/ + +static void sha1_init(void *ctx); +static int sha1_update(void *ctx, const uint8_t *in, uint16_t len); +static void sha1_final(uint8_t *out, void *ctx); +static void sha256_init(void *ctx); +static int sha256_update(void *ctx, const uint8_t *in, uint16_t len); +static void sha256_final(uint8_t *out, void *ctx); +static int esp32c3_freesession(uint64_t tid); + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +SLIST_HEAD(esp32c3_crypto_list, esp32c3_crypto_data); +static struct esp32c3_crypto_list *g_esp32c3_sessions = NULL; +static uint32_t g_esp32c3_sesnum = 0; + +const struct auth_hash g_auth_hash_hmac_sha1_esp32c3 = +{ + CRYPTO_SHA1_HMAC, "HMAC-SHA1", + 20, 20, 12, sizeof(struct esp32c3_sha1_context_s), + HMAC_SHA1_BLOCK_LEN, + sha1_init, NULL, NULL, + sha1_update, + sha1_final +}; + +const struct auth_hash g_auth_hash_hmac_sha256_esp32c3 = +{ + CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256", + 32, 32, 16, sizeof(struct esp32c3_sha256_context_s), + HMAC_SHA2_256_BLOCK_LEN, + sha256_init, NULL, NULL, + sha256_update, + sha256_final +}; + +struct esp32c3_crypto_data +{ + int alg; /* Algorithm */ + union + { + struct + { + uint8_t *ictx; + uint8_t *octx; + uint32_t klen; + const struct auth_hash *axf; + } HWCR_AUTH; + } HWCR_UN; + +#define hw_ictx HWCR_UN.HWCR_AUTH.ictx +#define hw_octx HWCR_UN.HWCR_AUTH.octx +#define hw_klen HWCR_UN.HWCR_AUTH.klen +#define hw_axf HWCR_UN.HWCR_AUTH.axf + + SLIST_ENTRY(esp32c3_crypto_data) next; +}; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +static void sha1_init(void *ctx) +{ + esp32c3_sha1_starts(ctx); +} + +static int sha1_update(void *ctx, const uint8_t *in, uint16_t len) +{ + return esp32c3_sha1_update((struct esp32c3_sha1_context_s *)ctx, + (const unsigned char *)in, + (size_t)len); +} + +static void sha1_final(uint8_t *out, void *ctx) +{ + esp32c3_sha1_finish((struct esp32c3_sha1_context_s *)ctx, + (unsigned char *)out); +} + +static void sha256_init(void *ctx) +{ + esp32c3_sha256_starts(ctx, false); +} + +static int sha256_update(void *ctx, const uint8_t *in, uint16_t len) +{ + return esp32c3_sha256_update((struct esp32c3_sha256_context_s *)ctx, + (const unsigned char *)in, + (size_t)len); +} + +static void sha256_final(uint8_t *out, void *ctx) +{ + esp32c3_sha256_finish((struct esp32c3_sha256_context_s *)ctx, + (unsigned char *)out); +} + +/**************************************************************************** + * Name: authcompute + * + * Description: + * Calculate the hash. + * + ****************************************************************************/ + +static int authcompute(struct cryptop *crp, struct cryptodesc *crd, + struct esp32c3_crypto_data *data, + caddr_t buf) +{ + unsigned char aalg[AALG_MAX_RESULT_LEN]; + const struct auth_hash *axf; + int err = 0; + + if (data->hw_ictx == 0) + { + return -EINVAL; + } + + axf = data->hw_axf; + err = axf->update(data->hw_ictx, (uint8_t *)buf, crd->crd_len); + if (err) + { + return err; + } + + if (crd->crd_flags & CRD_F_ESN) + { + axf->update(data->hw_ictx, crd->crd_esn, 4); + } + + switch (data->alg) + { + case CRYPTO_SHA1_HMAC: + case CRYPTO_SHA2_256_HMAC: + if (data->hw_octx == NULL) + { + return -EINVAL; + } + + axf->final(aalg, data->hw_ictx); + axf->update(data->hw_octx, aalg, axf->hashsize); + axf->final(aalg, data->hw_octx); + + break; + } + + /* Inject the authentication data */ + + bcopy(aalg, crp->crp_mac, axf->hashsize); + return 0; +} + +/**************************************************************************** + * Name: esp32c3_newsession + * + * Description: + * create new session for crypto. + * + ****************************************************************************/ + +static int esp32c3_newsession(uint32_t *sid, struct cryptoini *cri) +{ + struct esp32c3_crypto_list *session; + struct esp32c3_crypto_data *prev = NULL; + struct esp32c3_crypto_data *data; + const struct auth_hash *axf; + int i; + int k; + + if (sid == NULL || cri == NULL) + { + return -EINVAL; + } + + for (i = 0; i < g_esp32c3_sesnum; i++) + { + if (SLIST_EMPTY(&g_esp32c3_sessions[i])) + { + break; + } + } + + if (i >= g_esp32c3_sesnum) + { + if (g_esp32c3_sessions == NULL) + { + g_esp32c3_sesnum = 1; + } + else + { + g_esp32c3_sesnum *= 2; + } + + session = kmm_calloc(g_esp32c3_sesnum, + sizeof(struct esp32c3_crypto_list)); + if (session == NULL) + { + g_esp32c3_sesnum /= 2; + return -ENOBUFS; + } + + if (g_esp32c3_sessions != NULL) + { + bcopy(g_esp32c3_sessions, session, (g_esp32c3_sesnum / 2) * + sizeof(struct esp32c3_crypto_list)); + kmm_free(g_esp32c3_sessions); + } + + g_esp32c3_sessions = session; + } + + session = &g_esp32c3_sessions[i]; + *sid = i; + + while (cri) + { + data = kmm_malloc(sizeof(struct esp32c3_crypto_data)); + if (data == NULL) + { + esp32c3_freesession(i); + return -ENOBUFS; + } + + switch (cri->cri_alg) + { + case CRYPTO_AES_CBC: + break; + case CRYPTO_AES_CTR: + if ((cri->cri_klen / 8 - 4) != 16 && + (cri->cri_klen / 8 -4) != 32) + { + /* esp32c3 aes-ctr key bits just support 128 & 256 */ + + esp32c3_freesession(i); + kmm_free(data); + return -EINVAL; + } + + break; + case CRYPTO_SHA1_HMAC: + axf = &g_auth_hash_hmac_sha1_esp32c3; + goto common; + case CRYPTO_SHA2_256_HMAC: + axf = &g_auth_hash_hmac_sha256_esp32c3; + goto common; + common: + data->hw_ictx = kmm_malloc(axf->ctxsize); + if (data->hw_ictx == NULL) + { + kmm_free(data); + return -ENOBUFS; + } + + data->hw_octx = kmm_malloc(axf->ctxsize); + if (data->hw_octx == NULL) + { + kmm_free(data->hw_ictx); + kmm_free(data); + return -ENOBUFS; + } + + for (k = 0; k < cri->cri_klen / 8; k++) + { + cri->cri_key[k] ^= HMAC_IPAD_VAL; + } + + axf->init(data->hw_ictx); + axf->update(data->hw_ictx, (uint8_t *)cri->cri_key, + cri->cri_klen / 8); + axf->update(data->hw_ictx, hmac_ipad_buffer, + axf->blocksize - (cri->cri_klen / 8)); + + for (k = 0; k < cri->cri_klen / 8; k++) + { + cri->cri_key[k] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL); + } + + axf->init(data->hw_octx); + axf->update(data->hw_octx, (uint8_t *)cri->cri_key, + cri->cri_klen / 8); + axf->update(data->hw_octx, hmac_opad_buffer, + axf->blocksize - (cri->cri_klen / 8)); + + for (k = 0; k < cri->cri_klen / 8; k++) + { + cri->cri_key[k] ^= HMAC_OPAD_VAL; + } + + data->hw_axf = axf; + break; + default : + esp32c3_freesession(i); + kmm_free(data); + return -EINVAL; + } + + if (prev == NULL) + { + SLIST_INSERT_HEAD(session, data, next); + } + else + { + SLIST_INSERT_AFTER(prev, data, next); + } + + data->alg = cri->cri_alg; + cri = cri->cri_next; + prev = data; + } + + return OK; +} + +/**************************************************************************** + * Name: esp32c3_freesession + * + * Description: + * free session. + * + ****************************************************************************/ + +static int esp32c3_freesession(uint64_t tid) +{ + struct esp32c3_crypto_list *session; + struct esp32c3_crypto_data *data; + const struct auth_hash *axf; + + uint32_t sid = ((uint32_t)tid) & 0xffffffff; + + if (sid > g_esp32c3_sesnum || SLIST_EMPTY(&g_esp32c3_sessions[sid])) + { + return -EINVAL; + } + + session = &g_esp32c3_sessions[sid]; + + while (!SLIST_EMPTY(session)) + { + data = SLIST_FIRST(session); + switch (data->alg) + { + case CRYPTO_SHA1_HMAC: + case CRYPTO_SHA2_256_HMAC: + axf = data->hw_axf; + if (data->hw_ictx) + { + explicit_bzero(data->hw_ictx, axf->ctxsize); + kmm_free(data->hw_ictx); + } + + if (data->hw_octx) + { + explicit_bzero(data->hw_octx, axf->ctxsize); + kmm_free(data->hw_octx); + } + + break; + } + + SLIST_REMOVE_HEAD(session, next); + kmm_free(data); + } + + return 0; +} + +/**************************************************************************** + * Name: esp32c3_process + * + * Description: + * process session to use hardware algorithm. + * + ****************************************************************************/ + +static int esp32c3_process(struct cryptop *crp) +{ + struct cryptodesc *crd; + struct esp32c3_crypto_list *session; + struct esp32c3_crypto_data *data; + uint8_t iv[AESCTR_BLOCKSIZE]; + uint32_t lid; + int err = 0; + + lid = crp->crp_sid & 0xffffffff; + + /* Go through crypto descriptors, processing as we go */ + + session = &g_esp32c3_sessions[lid]; + for (crd = crp->crp_desc; crd; crd = crd->crd_next) + { + SLIST_FOREACH(data, session, next) + { + if (data->alg == crd->crd_alg) + { + break; + } + } + + if (data == NULL) + { + crp->crp_etype = EINVAL; + return -EINVAL; + } + + switch (data->alg) + { + case CRYPTO_AES_CBC: + err = esp32c3_aes_cypher(crp->crp_dst, crp->crp_buf, + crd->crd_len, + crd->crd_iv, crd->crd_key, 16, + AES_MODE_CBC, + crd->crd_flags & CRD_F_ENCRYPT); + if (err < 0) + { + return err; + } + + break; + case CRYPTO_AES_CTR: + memcpy(iv, crd->crd_key + crd->crd_klen / 8 - 4, 4); + memcpy(iv + 4, crd->crd_iv, 8); + iv[15] = 0x1; + err = esp32c3_aes_cypher(crp->crp_dst, crp->crp_buf, + crd->crd_len, + iv, crd->crd_key, + crd->crd_klen / 8 - 4, + AES_MODE_CTR , + crd->crd_flags & CRD_F_ENCRYPT); + if (err < 0) + { + return err; + } + + break; + case CRYPTO_SHA1_HMAC: + case CRYPTO_SHA2_256_HMAC: + if ((crp->crp_etype = authcompute(crp, crd, data, + crp->crp_buf)) != 0) + { + return crp->crp_etype; + } + + break; + default: + return -EINVAL; + } + } + + return OK; +} + +/**************************************************************************** + * Name: hwcr_init + * + * Description: + * register the hardware crypto driver. + * + ****************************************************************************/ + +void hwcr_init(void) +{ + int hwcr_id; + int algs[CRYPTO_ALGORITHM_MAX + 1]; + + hwcr_id = crypto_get_driverid(0); + DEBUGASSERT(hwcr_id >= 0); + + memset(algs, 0, sizeof(algs)); + + algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + algs[CRYPTO_SHA2_256_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED; + + esp32c3_sha_init(); + crypto_register(hwcr_id, algs, esp32c3_newsession, + esp32c3_freesession, esp32c3_process); +} diff --git a/arch/risc-v/src/esp32c3/esp32c3_sha.h b/arch/risc-v/src/esp32c3/esp32c3_sha.h index 962204c30a..8c732ffcba 100644 --- a/arch/risc-v/src/esp32c3/esp32c3_sha.h +++ b/arch/risc-v/src/esp32c3/esp32c3_sha.h @@ -112,6 +112,154 @@ struct esp32c3_sha512_context_s int esp32c3_sha_init(void); +/**************************************************************************** + * Name: esp32c3_sha1_init + * + * Description: + * Initializes a SHA-1 context. + * + * Input Parameters: + * ctx - The SHA-1 context to initialize + * + * Returned Value: + * None. + * + ****************************************************************************/ + +void esp32c3_sha1_init(struct esp32c3_sha1_context_s *ctx); + +/**************************************************************************** + * Name: esp32c3_sha1_starts + * + * Description: + * Starts a SHA-1 checksum calculation. + * + * Input Parameters: + * ctx - The SHA-1 context to initialize + * + * Returned Value: + * OK is returned on success. + * + ****************************************************************************/ + +int esp32c3_sha1_starts(struct esp32c3_sha1_context_s *ctx); + +/**************************************************************************** + * Name: esp32c3_sha1_update + * + * Description: + * Feeds an input buffer into an ongoing SHA-1 checksum calculation. + * + * Input Parameters: + * ctx - The SHA-1 context to use + * input - The buffer holding the input data + * ilen - The length of the input data in Bytes + * + * Returned Value: + * OK is returned on success. + * Otherwise, a negated errno value is returned. + * + ****************************************************************************/ + +int esp32c3_sha1_update(struct esp32c3_sha1_context_s *ctx, + const unsigned char *input, + size_t ilen); + +/**************************************************************************** + * Name: esp32c3_sha1_finish + * + * Description: + * Finishes the SHA-1 operation, + * and writes the result to the output buffer. + * + * Input Parameters: + * ctx - The SHA-1 context to use + * output - The SHA-1 checksum result + * + * Returned Value: + * OK is returned on success. + * Otherwise, a negated errno value is returned. + * + ****************************************************************************/ + +int esp32c3_sha1_finish(struct esp32c3_sha1_context_s *ctx, + unsigned char output[20]); + +/**************************************************************************** + * Name: esp32c3_sha256_init + * + * Description: + * Initializes a SHA-256 context. + * + * Input Parameters: + * ctx - The SHA-256 context to initialize + * + * Returned Value: + * None. + * + ****************************************************************************/ + +void esp32c3_sha256_init(struct esp32c3_sha256_context_s *ctx); + +/**************************************************************************** + * Name: esp32c3_sha256_starts + * + * Description: + * Starts a SHA-224 or SHA-256 checksum calculation. + * + * Input Parameters: + * ctx - The SHA-256 context to initialize + * is224 - Determines which function to use + * + * Returned Value: + * OK is returned on success. + * + ****************************************************************************/ + +int esp32c3_sha256_starts(struct esp32c3_sha256_context_s *ctx, bool is224); + +/**************************************************************************** + * Name: esp32c3_sha256_update + * + * Description: + * Feeds an input buffer into an ongoing SHA-224 or SHA-256 + * checksum calculation. + * + * Input Parameters: + * ctx - The SHA-256 context to use + * input - The buffer holding the input data + * ilen - The length of the input data in Bytes + * + * Returned Value: + * OK is returned on success. + * Otherwise, a negated errno value is returned. + * + ****************************************************************************/ + +int esp32c3_sha256_update(struct esp32c3_sha256_context_s *ctx, + const unsigned char *input, + size_t ilen); + +/**************************************************************************** + * Name: esp32c3_sha256_finish + * + * Description: + * Finishes the SHA-224 or SHA-256 operation, and writes the result to + * the output buffer. + * + * Input Parameters: + * ctx - The SHA-256 context to use + * output - The SHA-256 checksum result + * + * Returned Value: + * OK is returned on success. + * Otherwise, a negated errno value is returned. + * + ****************************************************************************/ + +int esp32c3_sha256_finish(struct esp32c3_sha256_context_s *ctx, + unsigned char output[32]); + #ifdef __cplusplus } #endif diff --git a/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig b/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig new file mode 100644 index 0000000000..d08de2cdfc --- /dev/null +++ b/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig @@ -0,0 +1,51 @@ +# +# This file is autogenerated: PLEASE DO NOT EDIT IT. +# +# You can use "make menuconfig" to make any modifications to the installed .config file. +# You can then do "make savedefconfig" to generate a new defconfig file that includes your +# modifications. +# +# CONFIG_NSH_ARGCAT is not set +# CONFIG_NSH_CMDOPT_HEXDUMP is not set +# CONFIG_NSH_CMDPARMS is not set +CONFIG_ALLOW_BSD_COMPONENTS=y +CONFIG_ARCH="risc-v" +CONFIG_ARCH_BOARD="esp32c3-devkit" +CONFIG_ARCH_BOARD_ESP32C3_DEVKIT=y +CONFIG_ARCH_CHIP="esp32c3" +CONFIG_ARCH_CHIP_ESP32C3=y +CONFIG_ARCH_CHIP_ESP32C3WROOM02=y +CONFIG_ARCH_INTERRUPTSTACK=1536 +CONFIG_ARCH_RISCV=y +CONFIG_ARCH_STACKDUMP=y +CONFIG_BOARD_LOOPSPERMSEC=15000 +CONFIG_BUILTIN=y +CONFIG_CRYPTO=y +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_CRYPTODEV=y +CONFIG_CRYPTO_CRYPTODEV_HARDWARE=y +CONFIG_CRYPTO_RANDOM_POOL=y +CONFIG_DEV_ZERO=y +CONFIG_ESP32C3_AES_ACCELERATOR=y +CONFIG_ESP32C3_SHA_ACCELERATOR=y +CONFIG_FS_PROCFS=y +CONFIG_IDLETHREAD_STACKSIZE=2048 +CONFIG_INIT_ENTRYPOINT="nsh_main" +CONFIG_INTELHEX_BINARY=y +CONFIG_LIBC_PERROR_STDOUT=y +CONFIG_LIBC_STRERROR=y +CONFIG_NFILE_DESCRIPTORS_PER_BLOCK=6 +CONFIG_NSH_ARCHINIT=y +CONFIG_NSH_BUILTIN_APPS=y +CONFIG_NSH_FILEIOSIZE=512 +CONFIG_NSH_READLINE=y +CONFIG_NSH_STRERROR=y +CONFIG_PREALLOC_TIMERS=0 +CONFIG_RR_INTERVAL=200 +CONFIG_SCHED_WAITPID=y +CONFIG_START_DAY=29 +CONFIG_START_MONTH=11 +CONFIG_START_YEAR=2019 +CONFIG_SYSTEM_NSH=y +CONFIG_TESTING_CRYPTO=y +CONFIG_UART0_SERIAL_CONSOLE=y diff --git a/crypto/Kconfig b/crypto/Kconfig index 5dd465eac3..aafafa763b 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -40,6 +40,11 @@ config CRYPTO_CRYPTODEV depends on ALLOW_BSD_COMPONENTS default n +config CRYPTO_CRYPTODEV_HARDWARE + bool "cryptodev hardware support" + depends on CRYPTO_CRYPTODEV + default n + config CRYPTO_SW_AES bool "Software AES library" depends on ALLOW_BSD_COMPONENTS diff --git a/crypto/Makefile b/crypto/Makefile index 1029620f5c..0c2620aeb9 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -51,6 +51,7 @@ ifeq ($(CONFIG_CRYPTO_CRYPTODEV),y) CRYPTO_CSRCS += idgen.c CRYPTO_CSRCS += key_wrap.c CRYPTO_CSRCS += siphash.c + CRYPTO_CSRCS += hmac_buff.c endif # BLAKE2s hash algorithm diff --git a/crypto/cryptosoft.c b/crypto/cryptosoft.c index 77d011f901..1d1817e4a9 100644 --- a/crypto/cryptosoft.c +++ b/crypto/cryptosoft.c @@ -47,46 +47,6 @@ * Private Data ****************************************************************************/ -const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN] = -{ - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, - 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 -}; - -const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN] = -{ - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, - 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c -}; - FAR struct swcr_data **swcr_sessions = NULL; uint32_t swcr_sesnum = 0; int swcr_id = -1; diff --git a/crypto/hmac_buff.c b/crypto/hmac_buff.c new file mode 100644 index 0000000000..1dc581301f --- /dev/null +++ b/crypto/hmac_buff.c @@ -0,0 +1,70 @@ +/**************************************************************************** + * crypto/hmac_buff.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include +#include + +/**************************************************************************** + * Public Functions + ****************************************************************************/ + +const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN] = +{ + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, + 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 +}; + +const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN] = +{ + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, + 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c +}; diff --git a/include/crypto/cryptodev.h b/include/crypto/cryptodev.h index e0c1815009..b61ecba96a 100644 --- a/include/crypto/cryptodev.h +++ b/include/crypto/cryptodev.h @@ -313,6 +313,11 @@ struct crypt_op caddr_t iv; }; +/* hamc buffer, software & hardware need it */ + +extern const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN]; +extern const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN]; + #define CRYPTO_MAX_MAC_LEN 20 /* done against open of /dev/crypto, to get a cloned descriptor. @@ -344,4 +349,9 @@ int crypto_getfeat(FAR int *); FAR struct cryptop *crypto_getreq(int); void crypto_freereq(FAR struct cryptop *); + +#ifdef CONFIG_CRYPTO_CRYPTODEV_HARDWARE +void hwcr_init(void); +#endif + #endif /* __INCLUDE_CRYPTO_CRYPTODEV_H */ diff --git a/include/crypto/cryptosoft.h b/include/crypto/cryptosoft.h index ea8af3aa7b..ff7fa64f51 100644 --- a/include/crypto/cryptosoft.h +++ b/include/crypto/cryptosoft.h @@ -73,9 +73,6 @@ struct swcr_data struct swcr_data *sw_next; }; -extern const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN]; -extern const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN]; - int swcr_encdec(FAR struct cryptop *, FAR struct cryptodesc *, FAR struct swcr_data *, caddr_t); int swcr_authcompute(FAR struct cryptop *, FAR struct cryptodesc *,