1 /*
2 * SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
7 #include "utils/common.h"
8 #include "aes_wrap.h"
9 #include "sha256.h"
10 #include "crypto.h"
11 #include "md5.h"
12 #include "sha1.h"
13 #include "aes.h"
14 #include "esp_wpa.h"
15 #include "ccmp.h"
16
17 #define DEFAULT_KEK_LEN 16
18
esp_aes_wrap(const u8 * kek,int n,const u8 * plain,u8 * cipher)19 static int esp_aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher)
20 {
21 return aes_wrap(kek, DEFAULT_KEK_LEN, n, plain, cipher);
22 }
23
esp_aes_unwrap(const u8 * kek,int n,const u8 * cipher,u8 * plain)24 static int esp_aes_unwrap(const u8 *kek, int n, const u8 *cipher, u8 *plain)
25 {
26 return aes_unwrap(kek, DEFAULT_KEK_LEN, n, cipher, plain);
27 }
28
esp_aes_encrypt(void * ctx,const u8 * plain,u8 * crypt)29 static void esp_aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
30 {
31 aes_encrypt(ctx, plain, crypt);
32 }
33
esp_aes_decrypt(void * ctx,const u8 * crypt,u8 * plain)34 static void esp_aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
35 {
36 aes_decrypt(ctx, crypt, plain);
37 }
38
esp_aes_gmac(const u8 * key,size_t key_len,const u8 * iv,size_t iv_len,const u8 * aad,size_t aad_len,u8 * tag)39 static int esp_aes_gmac(const u8 *key, size_t key_len, const u8 *iv, size_t iv_len,
40 const u8 *aad, size_t aad_len, u8 *tag)
41 {
42 #if CONFIG_GMAC
43 return aes_gmac(key, key_len, iv, iv_len, aad, aad_len, tag);
44 #else
45 return 0;
46 #endif
47 }
48
49 /*
50 * This structure is used to set the cyrpto callback function for station to connect when in security mode.
51 * These functions either call MbedTLS API's if USE_MBEDTLS_CRYPTO flag is set through Kconfig, or native
52 * API's otherwise. We recommend setting the flag since MbedTLS API's utilize hardware acceleration while
53 * native API's are use software implementations.
54 */
55 const wpa_crypto_funcs_t g_wifi_default_wpa_crypto_funcs = {
56 .size = sizeof(wpa_crypto_funcs_t),
57 .version = ESP_WIFI_CRYPTO_VERSION,
58 .aes_wrap = (esp_aes_wrap_t)esp_aes_wrap,
59 .aes_unwrap = (esp_aes_unwrap_t)esp_aes_unwrap,
60 .hmac_sha256_vector = (esp_hmac_sha256_vector_t)hmac_sha256_vector,
61 .sha256_prf = (esp_sha256_prf_t)sha256_prf,
62 .hmac_md5 = (esp_hmac_md5_t)hmac_md5,
63 .hamc_md5_vector = (esp_hmac_md5_vector_t)hmac_md5_vector,
64 .hmac_sha1 = (esp_hmac_sha1_t)hmac_sha1,
65 .hmac_sha1_vector = (esp_hmac_sha1_vector_t)hmac_sha1_vector,
66 .sha1_prf = (esp_sha1_prf_t)sha1_prf,
67 .sha1_vector = (esp_sha1_vector_t)sha1_vector,
68 .pbkdf2_sha1 = (esp_pbkdf2_sha1_t)pbkdf2_sha1,
69 .rc4_skip = (esp_rc4_skip_t)rc4_skip,
70 .md5_vector = (esp_md5_vector_t)md5_vector,
71 .aes_encrypt = (esp_aes_encrypt_t)esp_aes_encrypt,
72 .aes_encrypt_init = (esp_aes_encrypt_init_t)aes_encrypt_init,
73 .aes_encrypt_deinit = (esp_aes_encrypt_deinit_t)aes_encrypt_deinit,
74 .aes_decrypt = (esp_aes_decrypt_t)esp_aes_decrypt,
75 .aes_decrypt_init = (esp_aes_decrypt_init_t)aes_decrypt_init,
76 .aes_decrypt_deinit = (esp_aes_decrypt_deinit_t)aes_decrypt_deinit,
77 .aes_128_encrypt = (esp_aes_128_encrypt_t)aes_128_cbc_encrypt,
78 .aes_128_decrypt = (esp_aes_128_decrypt_t)aes_128_cbc_decrypt,
79 .omac1_aes_128 = (esp_omac1_aes_128_t)omac1_aes_128,
80 .ccmp_decrypt = (esp_ccmp_decrypt_t)ccmp_decrypt,
81 .ccmp_encrypt = (esp_ccmp_encrypt_t)ccmp_encrypt,
82 .aes_gmac = (esp_aes_gmac_t)esp_aes_gmac,
83 };
84
85 const mesh_crypto_funcs_t g_wifi_default_mesh_crypto_funcs = {
86 .aes_128_encrypt = (esp_aes_128_encrypt_t)aes_128_cbc_encrypt,
87 .aes_128_decrypt = (esp_aes_128_decrypt_t)aes_128_cbc_decrypt,
88 };
89
