This is an automated email from the ASF dual-hosted git repository.
utzig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
commit bd226cd2afb7880a46c1f43202a0a1eeeff35ab0
Author: Fabio Utzig <ut...@apache.org>
AuthorDate: Fri Jan 31 06:51:39 2020 -0300
stm32: crypto: make driver obey syscfg HW support
Allow disabling of HW support for CBC/CTR. This is a correctness change;
nobody should do this in practice unless for testing the SW fallbacks or
in the unlikely case that there is a BUG found in one of those
encryption/decryption modes.
Signed-off-by: Fabio Utzig <ut...@apache.org>
---
hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c | 34 ++++++++++++++++++-----
1 file changed, 27 insertions(+), 7 deletions(-)
diff --git a/hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
b/hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
index 38b76b8..dc9652e 100644
--- a/hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
+++ b/hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
@@ -64,9 +64,13 @@ stm32_has_support(struct crypto_dev *crypto, uint8_t op,
uint16_t algo,
}
switch (mode) {
- case CRYPTO_MODE_ECB: /* fallthrough */
- case CRYPTO_MODE_CBC: /* fallthrough */
+ case CRYPTO_MODE_ECB:
+#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
+ case CRYPTO_MODE_CBC:
+#endif
+#if MYNEWT_VAL(CRYPTO_HW_AES_CTR)
case CRYPTO_MODE_CTR:
+#endif
return true;
}
@@ -82,12 +86,18 @@ stm32_crypto_op(struct crypto_dev *crypto, uint8_t op,
uint16_t algo,
CRYP_ConfigTypeDef conf;
uint32_t sz = 0;
uint8_t i;
- uint8_t iv_save[AES_BLOCK_LEN];
+#if MYNEWT_VAL(CRYPTO_HW_AES_CTR)
unsigned int inc;
unsigned int carry;
unsigned int v;
+#endif
+#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
+ uint8_t iv_save[AES_BLOCK_LEN];
+#endif
uint32_t key32[AES_MAX_KEY_LEN / sizeof(uint32_t)];
+#if (MYNEWT_VAL(CRYPTO_HW_AES_CTR) || MYNEWT_VAL(CRYPTO_HW_AES_CBC))
uint32_t iv32[AES_BLOCK_LEN / sizeof(uint32_t)];
+#endif
if (!stm32_has_support(crypto, op, algo, mode, keylen)) {
return 0;
@@ -106,21 +116,27 @@ stm32_crypto_op(struct crypto_dev *crypto, uint8_t op,
uint16_t algo,
conf.Algorithm = CRYP_AES_ECB;
conf.pInitVect = NULL;
break;
+#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
case CRYPTO_MODE_CBC:
conf.Algorithm = CRYP_AES_CBC;
conf.pInitVect = iv32;
break;
+#endif
+#if MYNEWT_VAL(CRYPTO_HW_AES_CTR)
case CRYPTO_MODE_CTR:
conf.Algorithm = CRYP_AES_CTR;
conf.pInitVect = iv32;
break;
+#endif
}
+#if (MYNEWT_VAL(CRYPTO_HW_AES_CTR) || MYNEWT_VAL(CRYPTO_HW_AES_CBC))
if (conf.pInitVect != NULL) {
for (i = 0; i < AES_BLOCK_LEN / sizeof(uint32_t); i++) {
iv32[i] = os_bswap_32(((uint32_t *)iv)[i]);
}
}
+#endif
os_mutex_pend(&gmtx, OS_TIMEOUT_NEVER);
@@ -134,28 +150,31 @@ stm32_crypto_op(struct crypto_dev *crypto, uint8_t op,
uint16_t algo,
case CRYPTO_MODE_ECB:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
} else {
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
}
break;
+#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
case CRYPTO_MODE_CBC:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, &outbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
}
} else {
memcpy(iv_save, &inbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, iv_save, AES_BLOCK_LEN);
}
}
break;
+#endif
+#if MYNEWT_VAL(CRYPTO_HW_AES_CTR)
case CRYPTO_MODE_CTR:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
@@ -175,6 +194,7 @@ stm32_crypto_op(struct crypto_dev *crypto, uint8_t op,
uint16_t algo,
}
}
break;
+#endif
default:
sz = 0;
goto out;
