Skip to content

Commit 6c1c472

Browse files
jeromecoutantjeromecoutant
committed
STM32F4 V1.19.0 -> V1.25.0 : MBEDTLS adaptation
1 parent d1dd06e commit 6c1c472

File tree

3 files changed

+145
-10
lines changed

3 files changed

+145
-10
lines changed

features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/TARGET_STM32F439xI/mbedtls_device.h

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,15 @@
2121
#define MBEDTLS_DEVICE_H
2222

2323
#ifdef TARGET_UBLOX_EVK_ODIN_W2
24+
2425
#define MBEDTLS_MPI_WINDOW_SIZE 3 /**< Maximum windows size used. */
26+
27+
#else
28+
29+
#define MBEDTLS_AES_ALT
30+
#define MBEDTLS_SHA1_ALT
31+
#define MBEDTLS_MD5_ALT
32+
2533
#endif
2634

2735
#endif /* MBEDTLS_DEVICE_H */

features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/aes_alt.c

Lines changed: 136 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -23,20 +23,60 @@
2323

2424
#if defined(MBEDTLS_AES_ALT)
2525

26+
static uint32_t swap(uint32_t in)
27+
{
28+
uint32_t in1, in2, in3, in4, out;
29+
30+
in1 = ((in & 0xff000000) >> 24);
31+
in2 = ((in & 0x00FF0000) >> 8);
32+
in3 = ((in & 0x0000FF00) << 8);
33+
in4 = ((in & 0xFF) << 24);
34+
out = in1 | in2 | in3 | in4;
35+
36+
return out;
37+
}
38+
2639
static int aes_set_key(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits)
2740
{
41+
mbedtls_printf(" ****** aes_set_key *******\n");
42+
mbedtls_printf("keybits = %d\n", keybits);
43+
2844
switch (keybits) {
2945
case 128:
3046
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
3147
memcpy(ctx->aes_key, key, 16);
48+
49+
ctx->aes_key[0] = swap(ctx->aes_key[0]);
50+
ctx->aes_key[1] = swap(ctx->aes_key[1]);
51+
ctx->aes_key[2] = swap(ctx->aes_key[2]);
52+
ctx->aes_key[3] = swap(ctx->aes_key[3]);
53+
3254
break;
3355
case 192:
3456
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
3557
memcpy(ctx->aes_key, key, 24);
58+
59+
ctx->aes_key[0] = swap(ctx->aes_key[0]);
60+
ctx->aes_key[1] = swap(ctx->aes_key[1]);
61+
ctx->aes_key[2] = swap(ctx->aes_key[2]);
62+
ctx->aes_key[3] = swap(ctx->aes_key[3]);
63+
ctx->aes_key[4] = swap(ctx->aes_key[4]);
64+
ctx->aes_key[5] = swap(ctx->aes_key[5]);
65+
3666
break;
3767
case 256:
3868
ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
3969
memcpy(ctx->aes_key, key, 32);
70+
71+
ctx->aes_key[0] = swap(ctx->aes_key[0]);
72+
ctx->aes_key[1] = swap(ctx->aes_key[1]);
73+
ctx->aes_key[2] = swap(ctx->aes_key[2]);
74+
ctx->aes_key[3] = swap(ctx->aes_key[3]);
75+
ctx->aes_key[4] = swap(ctx->aes_key[4]);
76+
ctx->aes_key[5] = swap(ctx->aes_key[5]);
77+
ctx->aes_key[6] = swap(ctx->aes_key[6]);
78+
ctx->aes_key[7] = swap(ctx->aes_key[7]);
79+
4080
break;
4181
default :
4282
return (MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
@@ -67,6 +107,8 @@ static int aes_set_key(mbedtls_aes_context *ctx, const unsigned char *key, unsig
67107
/* Implementation that should never be optimized out by the compiler */
68108
static void mbedtls_zeroize(void *v, size_t n)
69109
{
110+
mbedtls_printf(" ****** mbedtls_zeroize *******\n");
111+
70112
volatile unsigned char *p = (unsigned char *)v;
71113
while (n--) {
72114
*p++ = 0;
@@ -76,13 +118,16 @@ static void mbedtls_zeroize(void *v, size_t n)
76118

77119
void mbedtls_aes_init(mbedtls_aes_context *ctx)
78120
{
79-
memset(ctx, 0, sizeof(mbedtls_aes_context));
121+
mbedtls_printf(" ****** mbedtls_aes_init *******\n");
80122

123+
memset(ctx, 0, sizeof(mbedtls_aes_context));
81124
}
82125

83126

84127
void mbedtls_aes_free(mbedtls_aes_context *ctx)
85128
{
129+
mbedtls_printf(" ****** mbedtls_aes_free *******\n");
130+
86131
if (ctx == NULL) {
87132
return;
88133
}
@@ -108,6 +153,16 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
108153
unsigned int keybits)
109154
{
110155
int ret_val = 0;
156+
157+
mbedtls_printf(" ****** mbedtls_aes_setkey_enc *******\n");
158+
mbedtls_printf("enc keybits : %d\n", keybits);
159+
mbedtls_printf("enc key :\n");
160+
for (int i=1; i<= keybits/8; i++)
161+
{
162+
mbedtls_printf("%x\t", key[i-1]);
163+
if ((i%8) == 0) mbedtls_printf("\n");
164+
}
165+
111166
ret_val = aes_set_key(ctx, key, keybits);
112167
return (ret_val);
113168
}
@@ -116,6 +171,16 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
116171
unsigned int keybits)
117172
{
118173
int ret_val = 0;
174+
175+
mbedtls_printf(" ****** mbedtls_aes_setkey_dec *******\n");
176+
mbedtls_printf("dec keybits : %d\n", keybits);
177+
mbedtls_printf("enc key:\n");
178+
for (int i=1; i<= keybits/8; i++)
179+
{
180+
mbedtls_printf("%x\t", key[i-1]);
181+
if ((i%8) == 0) mbedtls_printf("\n");
182+
}
183+
119184
ret_val = aes_set_key(ctx, key, keybits);
120185
return (ret_val);
121186
}
@@ -126,21 +191,60 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
126191
const unsigned char input[16],
127192
unsigned char output[16])
128193
{
194+
int ret;
195+
196+
mbedtls_printf(" ****** mbedtls_aes_crypt_ecb (%s)*******\n",mode == MBEDTLS_AES_DECRYPT?"decrypt":"encrypt" );
197+
mbedtls_printf("input:\n");
198+
for (int i=1; i<= 16; i++)
199+
{
200+
mbedtls_printf("%x\t", input[i-1]);
201+
if ((i%8) == 0) mbedtls_printf("\n");
202+
}
129203

130204
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
131205
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
132-
ctx->hcryp_aes.Phase = HAL_CRYP_PHASE_READY;
133206
ctx->hcryp_aes.Init.DataType = CRYP_DATATYPE_8B;
134207
ctx->hcryp_aes.Init.pKey = ctx->aes_key;
135208

209+
/* Set the Algo if not configured till now */
210+
if ( CRYP_AES_ECB != (ctx->hcryp_aes.Instance->CR & CRYP_AES_ECB))
211+
{
212+
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_ECB;
213+
214+
/* Configure the CRYP */
215+
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
216+
217+
mbedtls_printf(" ****** AES ECB algo configuration set : %ld *******\n", CRYP_AES_ECB);
218+
}
219+
136220
if (mode == MBEDTLS_AES_DECRYPT) { /* AES decryption */
137-
if (mbedtls_internal_aes_decrypt(ctx, input, output)) {
221+
ret = mbedtls_internal_aes_decrypt(ctx, input, output);
222+
if (ret) {
138223
return ST_ERR_AES_BUSY;
139224
}
225+
else
226+
{
227+
mbedtls_printf("dec output :\n");
228+
for (int j=1; j<= 16; j++)
229+
{
230+
mbedtls_printf("%x\t", output[j-1]);
231+
if ((j%8) == 0) mbedtls_printf("\n");
232+
}
233+
}
140234
} else { /* AES encryption */
141-
if (mbedtls_internal_aes_encrypt(ctx, input, output)) {
235+
ret = mbedtls_internal_aes_encrypt(ctx, input, output);
236+
if (ret) {
142237
return ST_ERR_AES_BUSY;
143238
}
239+
else
240+
{
241+
mbedtls_printf("enc output :\n");
242+
for (int k=1; k<= 16; k++)
243+
{
244+
mbedtls_printf("%x\t", output[k-1]);
245+
if ((k%8) == 0) mbedtls_printf("\n");
246+
}
247+
}
144248
}
145249
/* allow multi-instance of CRYP use: save context for CRYP HW module CR */
146250
ctx->ctx_save_cr = ctx->hcryp_aes.Instance->CR;
@@ -151,6 +255,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
151255
#if defined(MBEDTLS_CIPHER_MODE_CBC)
152256
static int st_cbc_restore_context(mbedtls_aes_context *ctx)
153257
{
258+
mbedtls_printf(" ****** st_cbc_restore_context *******\n");
154259
/* allow multi-instance of CRYP use: restore context for CRYP hw module */
155260
ctx->hcryp_aes.Instance->CR = ctx->ctx_save_cr;
156261
/* Re-initialize AES processor with proper parameters
@@ -173,16 +278,28 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
173278
{
174279
uint32_t tickstart;
175280
uint32_t *iv_ptr = (uint32_t *)&iv[0];
281+
282+
mbedtls_printf(" ****** mbedtls_aes_crypt_cbc *******\n");
283+
176284
if (length % 16) {
177285
return (MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH);
178286
}
179-
ctx->hcryp_aes.Init.pInitVect = &iv[0];
287+
ctx->hcryp_aes.Init.pInitVect = (uint32_t *)&iv[0];
180288
if (st_cbc_restore_context(ctx) != 0) {
181289
return (ST_ERR_AES_BUSY);
182290
}
183291

292+
/* Set the Algo if not configured till now */
293+
if ( CRYP_AES_CBC != (ctx->hcryp_aes.Instance->CR & CRYP_AES_CBC))
294+
{
295+
ctx->hcryp_aes.Init.Algorithm = CRYP_AES_CBC;
296+
297+
/* Configure the CRYP */
298+
HAL_CRYP_SetConfig(&ctx->hcryp_aes, &ctx->hcryp_aes.Init);
299+
}
300+
184301
if (mode == MBEDTLS_AES_DECRYPT) {
185-
if (HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
302+
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, length/4, (uint32_t *)output, 10) != HAL_OK) {
186303
return ST_ERR_AES_BUSY;
187304
}
188305
/* Save the internal IV vector for multi context purpose */
@@ -199,7 +316,7 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
199316
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1LR;
200317
*iv_ptr++ = ctx->hcryp_aes.Instance->IV1RR;
201318
} else {
202-
if (HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10) != HAL_OK) {
319+
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, length/4, (uint32_t *)output, 10) != HAL_OK) {
203320
return ST_ERR_AES_BUSY;
204321
}
205322
memcpy(iv, output, 16); /* current output is the IV vector for the next call */
@@ -222,6 +339,8 @@ int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
222339
int c;
223340
size_t n = *iv_off;
224341

342+
mbedtls_printf(" ****** mbedtls_aes_crypt_cfb128 *******\n");
343+
225344
if (mode == MBEDTLS_AES_DECRYPT) {
226345
while (length--) {
227346
if (n == 0)
@@ -264,6 +383,8 @@ int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
264383
unsigned char c;
265384
unsigned char ov[17];
266385

386+
mbedtls_printf(" ****** mbedtls_aes_crypt_cfb8 *******\n");
387+
267388
while (length--) {
268389
memcpy(ov, iv, 16);
269390
if (mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv) != 0) {
@@ -327,7 +448,9 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
327448
const unsigned char input[16],
328449
unsigned char output[16])
329450
{
330-
if (HAL_CRYP_AESECB_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
451+
mbedtls_printf(" ****** mbedtls_internal_aes_encrypt *******\n");
452+
453+
if (HAL_CRYP_Encrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, 10) != HAL_OK) {
331454
// error found
332455
return ST_ERR_AES_BUSY;
333456
}
@@ -339,7 +462,9 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
339462
const unsigned char input[16],
340463
unsigned char output[16])
341464
{
342-
if (HAL_CRYP_AESECB_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, 16, (uint8_t *)output, 10) != HAL_OK) {
465+
mbedtls_printf(" ****** mbedtls_internal_aes_decrypt *******\n");
466+
467+
if (HAL_CRYP_Decrypt(&ctx->hcryp_aes, (uint32_t *)input, 4, (uint32_t *)output, 10) != HAL_OK) {
343468
// error found
344469
return ST_ERR_AES_BUSY;
345470
}
@@ -351,13 +476,15 @@ void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
351476
const unsigned char input[16],
352477
unsigned char output[16])
353478
{
479+
mbedtls_printf(" ****** mbedtls_aes_encrypt *******\n");
354480
mbedtls_internal_aes_encrypt(ctx, input, output);
355481
}
356482

357483
void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
358484
const unsigned char input[16],
359485
unsigned char output[16])
360486
{
487+
mbedtls_printf(" ****** mbedtls_aes_decrypt *******\n");
361488
mbedtls_internal_aes_decrypt(ctx, input, output);
362489
}
363490
#endif /* MBEDTLS_DEPRECATED_REMOVED */

features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/aes_alt.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ extern "C" {
4242
* generating an extra round key
4343
*/
4444
typedef struct {
45-
unsigned char aes_key[32]; /* Decryption key */
45+
uint32_t aes_key[8]; /* Decryption key */
4646
CRYP_HandleTypeDef hcryp_aes;
4747
uint32_t ctx_save_cr; /* save context for multi-instance */
4848
}

0 commit comments

Comments
 (0)