embedded
/
owner-nrf52sdk


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319
							/**
 * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modification,
 * are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice, this
 *    list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form, except as embedded into a Nordic
 *    Semiconductor ASA integrated circuit in a product or a software update for
 *    such product, must reproduce the above copyright notice, this list of
 *    conditions and the following disclaimer in the documentation and/or other
 *    materials provided with the distribution.
 *
 * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
 *    contributors may be used to endorse or promote products derived from this
 *    software without specific prior written permission.
 *
 * 4. This software, with or without modification, must only be used with a
 *    Nordic Semiconductor ASA integrated circuit.
 *
 * 5. Any software provided in binary form under this license must not be reverse
 *    engineered, decompiled, modified and/or disassembled.
 *
 * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#include "sdk_common.h"
#if NRF_MODULE_ENABLED(NRF_CRYPTO)

#include "nrf_crypto_aes.h"
#include "nrf_crypto_mem.h"
#include "nrf_crypto_error.h"
#include "nrf_crypto_shared.h"
#include "nrf_crypto_aes_shared.h"
#include "nrf_crypto_aes_backend.h"

#if NRF_MODULE_ENABLED(NRF_CRYPTO_AES)

static ret_code_t context_verify(nrf_crypto_aes_internal_context_t const * p_context)
{
    if (p_context == NULL)
    {
        return NRF_ERROR_CRYPTO_CONTEXT_NULL;
    }

    if (p_context->init_value != NRF_CRYPTO_AES_INIT_MAGIC_VALUE)
    {
        return NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED;
    }

    return NRF_SUCCESS;
}

ret_code_t nrf_crypto_aes_init(nrf_crypto_aes_context_t * const    p_context,
                               nrf_crypto_aes_info_t const * const p_info,
                               nrf_crypto_operation_t              operation)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    VERIFY_TRUE((ret_val == NRF_SUCCESS) || (ret_val == NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED),
                ret_val);

    VERIFY_TRUE(p_info != NULL, NRF_ERROR_CRYPTO_INPUT_NULL);

    p_int_context->p_info = p_info;

    ret_val = p_info->init_fn(p_context, operation);

    if (ret_val == NRF_SUCCESS)
    {
        p_int_context->init_value = NRF_CRYPTO_AES_INIT_MAGIC_VALUE;
    }

    return ret_val;
}

ret_code_t nrf_crypto_aes_uninit(nrf_crypto_aes_context_t * const p_context)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);

    if (ret_val == NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED)
    {
        /* If context was uninitialized with function nrf_crypto_aes_finalize it shall be still
           possible to clear init_value */
        if (p_int_context->init_value == NRF_CRYPTO_AES_UNINIT_MAGIC_VALUE)
        {
            ret_val = NRF_SUCCESS;
        }
    }
    VERIFY_SUCCESS(ret_val);

    ret_val = p_int_context->p_info->uninit_fn(p_context);

    p_int_context->init_value = 0;

    return ret_val;
}

ret_code_t nrf_crypto_aes_key_set(nrf_crypto_aes_context_t * const p_context, uint8_t * p_key)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    VERIFY_SUCCESS(ret_val);

    VERIFY_TRUE((p_key != NULL), NRF_ERROR_CRYPTO_INPUT_NULL);

    ret_val = p_int_context->p_info->key_set_fn(p_context, p_key);

    return ret_val;
}

ret_code_t nrf_crypto_aes_iv_set(nrf_crypto_aes_context_t * const p_context, uint8_t * p_iv)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    VERIFY_SUCCESS(ret_val);

    VERIFY_TRUE((p_int_context->p_info->iv_set_fn != NULL), NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE);

    VERIFY_TRUE((p_iv != NULL), NRF_ERROR_CRYPTO_INPUT_NULL);

    ret_val = p_int_context->p_info->iv_set_fn(p_context, p_iv);

    return ret_val;
}

ret_code_t nrf_crypto_aes_iv_get(nrf_crypto_aes_context_t * const p_context, uint8_t * p_iv)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    if (ret_val == NRF_ERROR_CRYPTO_CONTEXT_NOT_INITIALIZED)
    {
        /* If context was uninitialized with function nrf_crypto_aes_finalize it shall be still
           possible to read IV value */
        if (p_int_context->init_value == NRF_CRYPTO_AES_UNINIT_MAGIC_VALUE)
        {
            ret_val = NRF_SUCCESS;
        }
    }
    VERIFY_SUCCESS(ret_val);

    VERIFY_TRUE((p_iv != NULL), NRF_ERROR_CRYPTO_INPUT_NULL);

    VERIFY_TRUE((p_int_context->p_info->iv_get_fn != NULL), NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE);

    ret_val = p_int_context->p_info->iv_get_fn(p_context, p_iv);

    return ret_val;
}

ret_code_t nrf_crypto_aes_update(nrf_crypto_aes_context_t * const p_context,
                                 uint8_t *                        p_data_in,
                                 size_t                           data_size,
                                 uint8_t *                        p_data_out)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    VERIFY_SUCCESS(ret_val);

    VERIFY_TRUE((data_size != 0), NRF_ERROR_CRYPTO_INPUT_LENGTH);

    VERIFY_TRUE((p_data_in != NULL), NRF_ERROR_CRYPTO_INPUT_NULL);

    VERIFY_TRUE((p_data_out != NULL), NRF_ERROR_CRYPTO_OUTPUT_NULL);

    if ((data_size & 0xF) != 0)
    {
        VERIFY_TRUE((p_int_context->p_info->mode == NRF_CRYPTO_AES_MODE_CFB),
                    NRF_ERROR_CRYPTO_INPUT_LENGTH);
    }

    ret_val = p_int_context->p_info->update_fn(p_context,
                                               p_data_in,
                                               data_size,
                                               p_data_out);

    return ret_val;
}

ret_code_t nrf_crypto_aes_finalize(nrf_crypto_aes_context_t * const p_context,
                                   uint8_t *                        p_data_in,
                                   size_t                           data_size,
                                   uint8_t *                        p_data_out,
                                   size_t *                         p_data_out_size)
{
    ret_code_t ret_val;

    nrf_crypto_aes_internal_context_t * p_int_context =
        (nrf_crypto_aes_internal_context_t *)p_context;

    ret_val = context_verify(p_int_context);
    VERIFY_SUCCESS(ret_val);

    VERIFY_TRUE((p_data_in != NULL), NRF_ERROR_CRYPTO_INPUT_NULL);

    VERIFY_TRUE((p_data_out != NULL), NRF_ERROR_CRYPTO_OUTPUT_NULL);

    VERIFY_TRUE((p_data_out_size != NULL), NRF_ERROR_CRYPTO_OUTPUT_NULL);

    ret_val = p_int_context->p_info->finalize_fn(p_context,
                                                 p_data_in,
                                                 data_size,
                                                 p_data_out,
                                                 p_data_out_size);

    VERIFY_TRUE((ret_val == NRF_SUCCESS), ret_val);

    ret_val = nrf_crypto_aes_uninit(p_context);

    if (ret_val == NRF_SUCCESS)
    {
        /* This line will allow to read IV for AES supporting IV get function. */
        p_int_context->init_value = NRF_CRYPTO_AES_UNINIT_MAGIC_VALUE;
    }

    return ret_val;
}

ret_code_t nrf_crypto_aes_crypt(nrf_crypto_aes_context_t * const    p_context,
                                nrf_crypto_aes_info_t const * const p_info,
                                nrf_crypto_operation_t              operation,
                                uint8_t *                           p_key,
                                uint8_t *                           p_iv,
                                uint8_t *                           p_data_in,
                                size_t                              data_size,
                                uint8_t *                           p_data_out,
                                size_t *                            p_data_out_size)
{
    ret_code_t ret_val;
    void *     p_allocated_context = NULL;

    nrf_crypto_aes_context_t * p_ctx = p_context;

    VERIFY_TRUE(p_info != NULL, NRF_ERROR_CRYPTO_INPUT_NULL);

    if (p_ctx == NULL)
    {
        p_allocated_context = NRF_CRYPTO_ALLOC(p_info->context_size);
        if (p_allocated_context == NULL)
        {
            return NRF_ERROR_CRYPTO_ALLOC_FAILED;
        }
        p_ctx = (nrf_crypto_aes_context_t *)p_allocated_context;
    }

    ret_val = nrf_crypto_aes_init(p_ctx, p_info, operation);
    NRF_CRYPTO_VERIFY_SUCCESS_DEALLOCATE(ret_val, p_allocated_context);

    ret_val = nrf_crypto_aes_key_set(p_ctx, p_key);
    NRF_CRYPTO_VERIFY_SUCCESS_DEALLOCATE(ret_val, p_allocated_context);

    ret_val = nrf_crypto_aes_iv_set(p_ctx, p_iv);
    /* not all AES modes support IV */
    if (ret_val != NRF_ERROR_CRYPTO_FEATURE_UNAVAILABLE)
    {
        NRF_CRYPTO_VERIFY_SUCCESS_DEALLOCATE(ret_val, p_allocated_context);
    }

    ret_val = nrf_crypto_aes_finalize(p_ctx,
                                      p_data_in,
                                      data_size,
                                      p_data_out,
                                      p_data_out_size);
    if (ret_val != NRF_SUCCESS)
    {
        /* Context was not successfully deinitialized in nrf_crypto_aes_finalize */
        UNUSED_RETURN_VALUE(nrf_crypto_aes_uninit(p_ctx));
    }

    if (p_allocated_context != NULL)
    {
        NRF_CRYPTO_FREE(p_allocated_context);
    }

    return ret_val;
}

#endif // NRF_MODULE_ENABLED(NRF_CRYPTO_AES)
#endif // NRF_MODULE_ENABLED(NRF_CRYPTO)