Adding generic aes encryption/decryption.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
@@ -18,7 +18,9 @@
|
||||
#include <pico/unique_id.h>
|
||||
#include "mbedtls/md.h"
|
||||
#include "mbedtls/sha256.h"
|
||||
#include "mbedtls/aes.h"
|
||||
#include "hash_utils.h"
|
||||
#include "sc_hsm.h"
|
||||
|
||||
void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]) {
|
||||
uint8_t o1[32];
|
||||
@@ -71,3 +73,31 @@ void generic_hash(mbedtls_md_type_t md, const uint8_t *input, size_t len, uint8_
|
||||
mbedtls_md_finish(&ctx, output);
|
||||
mbedtls_md_free(&ctx);
|
||||
}
|
||||
|
||||
int aes_encrypt(const uint8_t *key, const uint8_t *iv, int key_size, uint8_t *data, int len) {
|
||||
mbedtls_aes_context aes;
|
||||
mbedtls_aes_init(&aes);
|
||||
uint8_t tmp_iv[IV_SIZE];
|
||||
size_t iv_offset = 0;
|
||||
memset(tmp_iv, 0, IV_SIZE);
|
||||
if (iv)
|
||||
memcpy(tmp_iv, iv, IV_SIZE);
|
||||
int r = mbedtls_aes_setkey_enc(&aes, key, key_size);
|
||||
if (r != 0)
|
||||
return HSM_EXEC_ERROR;
|
||||
return mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_ENCRYPT, len, &iv_offset, tmp_iv, data, data);
|
||||
}
|
||||
|
||||
int aes_decrypt(const uint8_t *key, const uint8_t *iv, int key_size, uint8_t *data, int len) {
|
||||
mbedtls_aes_context aes;
|
||||
mbedtls_aes_init(&aes);
|
||||
uint8_t tmp_iv[IV_SIZE];
|
||||
size_t iv_offset = 0;
|
||||
memset(tmp_iv, 0, IV_SIZE);
|
||||
if (iv)
|
||||
memcpy(tmp_iv, iv, IV_SIZE);
|
||||
int r = mbedtls_aes_setkey_enc(&aes, key, key_size);
|
||||
if (r != 0)
|
||||
return HSM_EXEC_ERROR;
|
||||
return mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_DECRYPT, len, &iv_offset, tmp_iv, data, data);
|
||||
}
|
||||
@@ -18,9 +18,15 @@
|
||||
#ifndef _HASH_UTILS_H_
|
||||
#define _HASH_UTILS_H_
|
||||
|
||||
#include "stdlib.h"
|
||||
#include "pico/stdlib.h"
|
||||
#include "mbedtls/md.h"
|
||||
|
||||
extern void double_hash_pin(const uint8_t *pin, size_t len, uint8_t output[32]);
|
||||
extern void hash_multi(const uint8_t *input, size_t len, uint8_t output[32]);
|
||||
extern void hash256(const uint8_t *input, size_t len, uint8_t output[32]);
|
||||
extern void generic_hash(mbedtls_md_type_t md, const uint8_t *input, size_t len, uint8_t *output);
|
||||
extern int aes_encrypt(const uint8_t *key, const uint8_t *iv, int key_size, uint8_t *data, int len);
|
||||
extern int aes_decrypt(const uint8_t *key, const uint8_t *iv, int key_size, uint8_t *data, int len);
|
||||
|
||||
#endif
|
||||
|
||||
@@ -60,6 +60,8 @@ extern const uint8_t sc_hsm_aid[];
|
||||
#define HSM_ERR_BLOCKED -1004
|
||||
#define HSM_NO_LOGIN -1005
|
||||
#define HSM_EXEC_ERROR -1006
|
||||
#define HSM_WRONG_LENGTH -1007
|
||||
#define HSM_WRONG_DATA -1008
|
||||
|
||||
#define ALGO_RSA_RAW 0x20 /* RSA signature with external padding */
|
||||
#define ALGO_RSA_DECRYPT 0x21 /* RSA decrypt */
|
||||
|
||||
Reference in New Issue
Block a user