1 /*
2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6 #include <stdio.h>
7 #include "mbedtls/aes_alt.h"
8
9 #if defined(MBEDTLS_AES_C) && defined (MBEDTLS_AES_ALT)
10
11 #include "cc_pal_types.h"
12 #include "cc_pal_mem.h"
13 #include "cc_pal_abort.h"
14 #include "aes_driver.h"
15
16 /**
17 * \brief Initialize AES context
18 *
19 *
20 * \note Context block should be pre-allocated by the caller.
21 *
22 * \param ctx AES context to be initialized
23 */
mbedtls_aes_init(mbedtls_aes_context * ctx)24 void mbedtls_aes_init(mbedtls_aes_context * ctx)
25 {
26 AesContext_t *aesCtx = NULL;
27
28 if (NULL == ctx)
29 {
30 CC_PalAbort("ctx cannot be NULL");
31 }
32
33 /* check size of structs match */
34 if (sizeof(mbedtls_aes_context) != sizeof(AesContext_t))
35 {
36 CC_PalAbort("!!!!AES context sizes mismatch!!!\n");
37 }
38
39 aesCtx = (AesContext_t *)ctx;
40
41 aesCtx->padType = CRYPTO_PADDING_NONE;
42 aesCtx->dataBlockType = FIRST_BLOCK;
43 aesCtx->inputDataAddrType = DLLI_ADDR;
44 aesCtx->outputDataAddrType = DLLI_ADDR;
45 }
46
47
48 /**
49 * \brief Clear AES context
50 *
51 * \param ctx AES context to be cleared
52 */
mbedtls_aes_free(mbedtls_aes_context * ctx)53 void mbedtls_aes_free(mbedtls_aes_context * ctx)
54 {
55 if (NULL == ctx)
56 {
57 CC_PAL_LOG_ERR("ctx cannot be NULL\n");
58 return;
59 }
60 CC_PalMemSet(ctx, 0, sizeof(mbedtls_aes_context));
61 }
62
63
64 /**
65 * @brief Internal function:
66 * This function checks the validity of inputs and set the encrypt/decript key & direction
67 * called by mbedtls_aes_setkey_* functions.
68 *
69 * @returns: 0 on success, verious error in case of error.
70 *
71 */
aes_setkey(mbedtls_aes_context * ctx,const unsigned char * key,unsigned int keybits,cryptoDirection_t dir)72 static int aes_setkey(mbedtls_aes_context * ctx, const unsigned char * key,
73 unsigned int keybits, cryptoDirection_t dir)
74 {
75 AesContext_t *aesCtx = NULL;
76
77 /* if the users context ID pointer is NULL return an error */
78 if (NULL == ctx)
79 {
80 CC_PAL_LOG_ERR("ctx cannot be NULL\n");
81 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
82 }
83
84 /* check the validity of the key data pointer */
85 if (NULL == key)
86 {
87 CC_PAL_LOG_ERR("key cannot be NULL\n");
88 return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
89 }
90
91 aesCtx = (AesContext_t *)ctx;
92 aesCtx->dir = dir;
93 aesCtx->cryptoKey = USER_KEY;
94
95 switch (keybits) {
96 case 128:
97 aesCtx->keySizeId = KEY_SIZE_128_BIT;
98 break;
99 case 192:
100 aesCtx->keySizeId = KEY_SIZE_192_BIT;
101 break;
102 case 256:
103 aesCtx->keySizeId = KEY_SIZE_256_BIT;
104 break;
105 default:
106 CC_PAL_LOG_ERR("key length (%d) not supported\n", keybits);
107 return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
108 }
109
110 CC_PalMemCopy(aesCtx->keyBuf, key, keybits/8);
111
112 return (0); // no mbedTLS const for OK.
113
114 }
115
116 /*
117 * Copy the key into the context, and set the direction to encryption.
118 * A lot of the initialization needed by CC, will be done in the actual crypt function.
119 *
120 * mbedTLS error codes are much more limited then CC, so have to map a bit.
121 *
122 *
123 */
mbedtls_aes_setkey_enc(mbedtls_aes_context * ctx,const unsigned char * key,unsigned int keybits)124 int mbedtls_aes_setkey_enc(mbedtls_aes_context * ctx, const unsigned char * key,
125 unsigned int keybits)
126 {
127 return aes_setkey(ctx, key, keybits, CRYPTO_DIRECTION_ENCRYPT);
128 }
129
130 /**
131 * \brief AES key schedule (decryption)
132 *
133 * \param ctx AES context to be initialized
134 * \param key decryption key
135 * \param keybits must be 128, 192 or 256
136 *
137 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH/
138 * MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
139 */
140
141
mbedtls_aes_setkey_dec(mbedtls_aes_context * ctx,const unsigned char * key,unsigned int keybits)142 int mbedtls_aes_setkey_dec(mbedtls_aes_context * ctx, const unsigned char * key,
143 unsigned int keybits)
144 {
145 return aes_setkey(ctx, key, keybits, CRYPTO_DIRECTION_DECRYPT);
146 }
147
148 /**
149 * \brief AES-ECB block encryption/decryption
150 *
151 * \param ctx AES context
152 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
153 * \param input 16-byte input block
154 * \param output 16-byte output block
155 *
156 * \return 0 if successful, MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH otherwise
157 */
158
159
mbedtls_aes_crypt_ecb(mbedtls_aes_context * ctx,int mode,const unsigned char input[AES_BLOCK_SIZE],unsigned char output[AES_BLOCK_SIZE])160 int mbedtls_aes_crypt_ecb(mbedtls_aes_context * ctx,
161 int mode,
162 const unsigned char input[AES_BLOCK_SIZE],
163 unsigned char output[AES_BLOCK_SIZE])
164 {
165 AesContext_t *aesCtx = NULL;
166 drvError_t drvRet;
167 CCBuffInfo_t inBuffInfo;
168 CCBuffInfo_t outBuffInfo;
169
170 if (NULL == ctx || NULL == input || NULL == output)
171 {
172 CC_PAL_LOG_ERR("Null pointer exception\n");
173 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
174 }
175 if (MBEDTLS_AES_ENCRYPT != mode && MBEDTLS_AES_DECRYPT != mode)
176 {
177 CC_PAL_LOG_ERR("Mode %d is not supported\n", mode);
178 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
179 }
180
181 aesCtx = (AesContext_t *)ctx;
182
183 if (((MBEDTLS_AES_ENCRYPT == mode) && (CRYPTO_DIRECTION_ENCRYPT != aesCtx->dir)) ||
184 ((MBEDTLS_AES_DECRYPT == mode) && (CRYPTO_DIRECTION_DECRYPT != aesCtx->dir)))
185 {
186 //someone made a mistake - set key in the wrong direction
187 CC_PAL_LOG_ERR("Key & operation mode mismatch: mode = %d. aesCtx->dir = %d\n", mode, aesCtx->dir);
188 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
189 }
190
191 aesCtx->mode = CIPHER_ECB;
192
193 drvRet = SetDataBuffersInfo(input, AES_BLOCK_SIZE, &inBuffInfo,
194 output, AES_BLOCK_SIZE, &outBuffInfo);
195 if (drvRet != 0) {
196 CC_PAL_LOG_ERR("illegal data buffers\n");
197 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
198 }
199
200 drvRet = ProcessAesDrv(aesCtx, &inBuffInfo, &outBuffInfo, AES_BLOCK_SIZE);
201
202 if (drvRet != AES_DRV_OK)
203 {
204 CC_PAL_LOG_ERR("ecb crypt failed with error code %d\n", drvRet);
205 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
206 }
207 return (0);
208 }
209
210 #if defined(MBEDTLS_CIPHER_MODE_CBC)
211 /*
212 * AES-CBC buffer encryption/decryption
213 */
mbedtls_aes_crypt_cbc(mbedtls_aes_context * ctx,int mode,size_t length,unsigned char iv[AES_IV_SIZE],const unsigned char * input,unsigned char * output)214 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
215 int mode,
216 size_t length,
217 unsigned char iv[AES_IV_SIZE],
218 const unsigned char *input,
219 unsigned char *output )
220 {
221
222 AesContext_t *aesCtx = NULL;
223 drvError_t drvRet;
224 CCBuffInfo_t inBuffInfo;
225 CCBuffInfo_t outBuffInfo;
226
227 if (0 == length) /* In case input size is 0 - do nothing and return with success*/
228 {
229 return (0);
230 }
231
232 if (NULL == ctx || NULL == input || NULL == output || NULL == iv)
233 {
234 CC_PAL_LOG_ERR("Null pointer exception\n");
235 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
236 }
237
238 if (MBEDTLS_AES_ENCRYPT != mode && MBEDTLS_AES_DECRYPT != mode)
239 {
240 CC_PAL_LOG_ERR("Mode %d is not supported\n", mode);
241 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
242 }
243
244 if( length % AES_BLOCK_SIZE )
245 {
246 CC_PAL_LOG_ERR("Length should be a multiple of the block size (16 bytes)\n");
247 return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
248 }
249
250 aesCtx = (AesContext_t *)ctx;
251
252 if (((MBEDTLS_AES_ENCRYPT == mode) && (CRYPTO_DIRECTION_ENCRYPT != aesCtx->dir)) ||
253 ((MBEDTLS_AES_DECRYPT == mode) && (CRYPTO_DIRECTION_DECRYPT != aesCtx->dir)))
254 {
255 //someone made a mistake - set key in the wrong direction
256 CC_PAL_LOG_ERR("Key & operation mode mismatch: operation %d key %d\n", mode, aesCtx->dir);
257 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
258 }
259
260 CC_PalMemCopy(aesCtx->ivBuf, iv, AES_IV_SIZE);
261 aesCtx->mode = CIPHER_CBC;
262
263 drvRet = SetDataBuffersInfo(input, length, &inBuffInfo,
264 output, length, &outBuffInfo);
265 if (drvRet != 0) {
266 CC_PAL_LOG_ERR("illegal data buffers\n");
267 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
268 }
269
270 drvRet = ProcessAesDrv(aesCtx, &inBuffInfo, &outBuffInfo, length);
271
272 if (drvRet != AES_DRV_OK)
273 {
274 CC_PAL_LOG_ERR("cbc crypt failed with error code %d\n", drvRet);
275 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
276 }
277
278 CC_PalMemCopy(iv, aesCtx->ivBuf, AES_IV_SIZE);
279
280 return (0);
281 }
282 #endif /* MBEDTLS_CIPHER_MODE_CBC */
283
284 #if defined(MBEDTLS_CIPHER_MODE_CFB)
285 /*
286 * AES-CFB128 buffer encryption/decryption
287 */
mbedtls_aes_crypt_cfb128(mbedtls_aes_context * ctx,int mode,size_t length,size_t * iv_off,unsigned char iv[AES_IV_SIZE],const unsigned char * input,unsigned char * output)288 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
289 int mode,
290 size_t length,
291 size_t *iv_off,
292 unsigned char iv[AES_IV_SIZE],
293 const unsigned char *input,
294 unsigned char *output )
295 {
296 CC_UNUSED_PARAM(ctx);
297 CC_UNUSED_PARAM(mode);
298 CC_UNUSED_PARAM(length);
299 CC_UNUSED_PARAM(iv_off);
300 CC_UNUSED_PARAM(iv);
301 CC_UNUSED_PARAM(input);
302 CC_UNUSED_PARAM(output);
303 return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
304 }
305
306 /*
307 * AES-CFB8 buffer encryption/decryption
308 */
mbedtls_aes_crypt_cfb8(mbedtls_aes_context * ctx,int mode,size_t length,unsigned char iv[AES_IV_SIZE],const unsigned char * input,unsigned char * output)309 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
310 int mode,
311 size_t length,
312 unsigned char iv[AES_IV_SIZE],
313 const unsigned char *input,
314 unsigned char *output )
315 {
316 CC_UNUSED_PARAM(ctx);
317 CC_UNUSED_PARAM(mode);
318 CC_UNUSED_PARAM(length);
319 CC_UNUSED_PARAM(iv);
320 CC_UNUSED_PARAM(input);
321 CC_UNUSED_PARAM(output);
322 return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
323 }
324
325 #endif /*MBEDTLS_CIPHER_MODE_CFB */
326 #if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_OFB)
327 /*
328 * AES-CTR buffer encryption/decryption
329 */
aes_crypt_ctr_ofb(mbedtls_aes_context * ctx,aesMode_t mode,size_t length,size_t * iv_off,unsigned char iv[AES_BLOCK_SIZE],const unsigned char * input,unsigned char * output)330 static int aes_crypt_ctr_ofb( mbedtls_aes_context *ctx,
331 aesMode_t mode,
332 size_t length,
333 size_t *iv_off,
334 unsigned char iv[AES_BLOCK_SIZE],
335 const unsigned char *input,
336 unsigned char *output )
337 {
338 AesContext_t *aesCtx = NULL;
339 drvError_t drvRet;
340 CCBuffInfo_t inBuffInfo;
341 CCBuffInfo_t outBuffInfo;
342
343 if (0 == length) /* In case input size is 0 - do nothing and return with success*/
344 {
345 return (0);
346 }
347
348 if (NULL == ctx || NULL == iv || NULL == input || NULL == output)
349 {
350 CC_PAL_LOG_ERR("Null pointer exception\n");
351 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
352 }
353
354 if ((iv_off != NULL) && (*iv_off != 0))
355 {
356 CC_PAL_LOG_ERR("offset other then 0 is not supported\n");
357 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
358 }
359
360 aesCtx = (AesContext_t *)ctx;
361
362 aesCtx->mode = mode;
363 CC_PalMemCopy(aesCtx->ivBuf, iv, AES_BLOCK_SIZE);
364
365 drvRet = SetDataBuffersInfo(input, length, &inBuffInfo,
366 output, length, &outBuffInfo);
367 if (drvRet != 0) {
368 CC_PAL_LOG_ERR("illegal data buffers\n");
369 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
370 }
371
372 drvRet = ProcessAesDrv(aesCtx, &inBuffInfo, &outBuffInfo, length);
373 if (drvRet != AES_DRV_OK)
374 {
375 CC_PAL_LOG_ERR("ctr/ofb crypt failed with error code %d\n", drvRet);
376 return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
377 }
378 CC_PalMemCopy(iv, aesCtx->ivBuf, AES_BLOCK_SIZE);
379
380 return (0);
381 }
382 #endif /* MBEDTLS_CIPHER_MODE_CTR || MBEDTLS_CIPHER_MODE_OFB*/
383
384 #if defined(MBEDTLS_CIPHER_MODE_CTR)
385 /*
386 * AES-CTR buffer encryption/decryption
387 */
mbedtls_aes_crypt_ctr(mbedtls_aes_context * ctx,size_t length,size_t * nc_off,unsigned char nonce_counter[AES_BLOCK_SIZE],unsigned char stream_block[AES_BLOCK_SIZE],const unsigned char * input,unsigned char * output)388 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
389 size_t length,
390 size_t *nc_off,
391 unsigned char nonce_counter[AES_BLOCK_SIZE],
392 unsigned char stream_block[AES_BLOCK_SIZE],
393 const unsigned char *input,
394 unsigned char *output )
395 {
396 CC_UNUSED_PARAM(stream_block);
397 return aes_crypt_ctr_ofb(ctx, CIPHER_CTR, length, nc_off, nonce_counter, input, output);
398 }
399 #endif /* MBEDTLS_CIPHER_MODE_CTR */
400
401 #if defined(MBEDTLS_CIPHER_MODE_OFB)
402 /*
403 * AES-CTR buffer encryption/decryption
404 */
mbedtls_aes_crypt_ofb(mbedtls_aes_context * ctx,size_t length,size_t * iv_off,unsigned char iv[AES_BLOCK_SIZE],const unsigned char * input,unsigned char * output)405 int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
406 size_t length,
407 size_t *iv_off,
408 unsigned char iv[AES_BLOCK_SIZE],
409 const unsigned char *input,
410 unsigned char *output )
411 {
412 return aes_crypt_ctr_ofb(ctx, CIPHER_OFB, length, iv_off, iv, input, output);
413 }
414 #endif /* MBEDTLS_CIPHER_MODE_OFB */
415
416 /*
417 * AES-ECB block encryption
418 */
mbedtls_internal_aes_encrypt(mbedtls_aes_context * ctx,const unsigned char input[16],unsigned char output[16])419 int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
420 const unsigned char input[16],
421 unsigned char output[16] )
422 {
423 return( mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, input, output) );
424 }
425
426 /**
427 * \brief Internal AES block encryption function
428 * (Only exposed to allow overriding it,
429 * see MBEDTLS_AES_ENCRYPT_ALT)
430 *
431 * \param ctx AES context
432 * \param input Plaintext block
433 * \param output Output (ciphertext) block
434 */
mbedtls_aes_encrypt(mbedtls_aes_context * ctx,const unsigned char input[16],unsigned char output[16])435 void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
436 const unsigned char input[16],
437 unsigned char output[16] )
438 {
439 mbedtls_internal_aes_encrypt( ctx, input, output );
440 }
441
442 /*
443 * AES-ECB block decryption
444 */
mbedtls_internal_aes_decrypt(mbedtls_aes_context * ctx,const unsigned char input[16],unsigned char output[16])445 int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
446 const unsigned char input[16],
447 unsigned char output[16] )
448 {
449 return( mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_DECRYPT, input, output) );
450 }
451
mbedtls_aes_decrypt(mbedtls_aes_context * ctx,const unsigned char input[16],unsigned char output[16])452 void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
453 const unsigned char input[16],
454 unsigned char output[16] )
455 {
456 mbedtls_internal_aes_decrypt( ctx, input, output );
457 }
458
459 #if defined(MBEDTLS_CIPHER_MODE_XTS)
460
mbedtls_aes_xts_init(mbedtls_aes_xts_context * ctx)461 void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx )
462 {
463 CC_UNUSED_PARAM(ctx);
464 return ;
465 }
466
mbedtls_aes_xts_free(mbedtls_aes_xts_context * ctx)467 void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx )
468 {
469 CC_UNUSED_PARAM(ctx);
470 return ;
471 }
472
473
mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context * ctx,const unsigned char * key,unsigned int keybits)474 int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
475 const unsigned char *key,
476 unsigned int keybits)
477 {
478 CC_UNUSED_PARAM(ctx);
479 CC_UNUSED_PARAM(key);
480 CC_UNUSED_PARAM(keybits);
481 return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
482 }
483
mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context * ctx,const unsigned char * key,unsigned int keybits)484 int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
485 const unsigned char *key,
486 unsigned int keybits)
487 {
488 CC_UNUSED_PARAM(ctx);
489 CC_UNUSED_PARAM(key);
490 CC_UNUSED_PARAM(keybits);
491 return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
492 }
493
494
mbedtls_aes_crypt_xts(mbedtls_aes_xts_context * ctx,int mode,size_t length,const unsigned char data_unit[AES_BLOCK_SIZE],const unsigned char * input,unsigned char * output)495 int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
496 int mode,
497 size_t length,
498 const unsigned char data_unit[AES_BLOCK_SIZE],
499 const unsigned char *input,
500 unsigned char *output )
501
502 {
503 CC_UNUSED_PARAM(ctx);
504 CC_UNUSED_PARAM(mode);
505 CC_UNUSED_PARAM(length);
506 CC_UNUSED_PARAM(data_unit);
507 CC_UNUSED_PARAM(input);
508 CC_UNUSED_PARAM(output);
509 return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE;
510 }
511 #endif //defined(MBEDTLS_CIPHER_MODE_XTS)
512
513 #endif //defined(MBEDTLS_AES_C) && defined (MBEDTLS_AES_ALT)
514
