* http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
-
-#include "aes.h"
-
#include <string.h>
-#include "esp_thread.h"
+#include "aes.h"
+#include "esp_crypto.h"
/* Implementation that should never be optimized out by the compiler */
-static void esp_aes_zeroize( void *v, size_t n ) {
- volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//static void bzero( void *v, size_t n ) {
+// volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//}
void esp_aes_init( AES_CTX *ctx )
{
if( ctx == NULL )
return;
- esp_aes_zeroize( ctx, sizeof( AES_CTX ) );
+ bzero( ctx, sizeof( AES_CTX ) );
AES_LOCK();
AES_GIVE();
ctx->enc.keybites = keybits;
memset(ctx->enc.key, 0, sizeof(ctx->enc.key));
memcpy(ctx->enc.key, key, keybyte);
+ } else {
+ ets_aes_setkey_enc(key, keybit);
}
- ets_aes_setkey_enc(key, keybit);
return 0;
}
ctx->dec.keybites = keybits;
memset(ctx->dec.key, 0, sizeof(ctx->dec.key));
memcpy(ctx->dec.key, key, keybyte);
+ } else {
+ ets_aes_setkey_dec(key, keybit);
}
- ets_aes_setkey_dec(key, keybit);
return 0;
}
const unsigned char input[16],
unsigned char output[16] )
{
+ AES_LOCK();
+
+ esp_aes_process_enable(ctx, mode);
+
if( mode == AES_ENCRYPT )
esp_aes_encrypt( ctx, input, output );
else
esp_aes_decrypt( ctx, input, output );
+
+ esp_aes_process_disable(ctx, mode);
+
+ AES_UNLOCK();
+
return 0;
}
if( length % 16 )
return( ERR_AES_INVALID_INPUT_LENGTH );
- AES_LOCK();
-
- esp_aes_process_enable(ctx, mode);
if( mode == AES_DECRYPT )
{
while( length > 0 )
length -= 16;
}
}
- esp_aes_process_disable(ctx, mode);
-
- AES_UNLOCK();
return 0;
}
int c;
size_t n = *iv_off;
- AES_LOCK();
-
- esp_aes_process_enable(ctx, mode);
if( mode == AES_DECRYPT )
{
while( length-- )
}
*iv_off = n;
- esp_aes_process_disable(ctx, mode);
-
- AES_UNLOCK();
return 0;
}
unsigned char c;
unsigned char ov[17];
- AES_LOCK();
-
- esp_aes_process_enable(ctx, mode);
while( length-- )
{
memcpy( ov, iv, 16 );
memcpy( iv, ov + 1, 16 );
}
- esp_aes_process_disable(ctx, mode);
-
- AES_UNLOCK();
return 0;
}
int c, i;
size_t n = *nc_off;
- AES_LOCK();
-
- esp_aes_process_enable(ctx, AES_ENCRYPT);
-
while( length-- )
{
if( n == 0 ) {
}
*nc_off = n;
- esp_aes_process_disable(ctx, AES_ENCRYPT);
-
- AES_UNLOCK();
return 0;
}
* https://gmplib.org/manual/index.html
*
*/
-#include "bignum.h"
-#if defined(ESP_BIGNUM_ALT)
#include <string.h>
#include <stdlib.h>
-#include "esp_thread.h"
+#include "bignum.h"
+#include "esp_crypto.h"
/* Implementation that should never be optimized out by the compiler */
-static void esp_mpi_zeroize( void *v, size_t n ) {
- volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//static void bzero( void *v, size_t n ) {
+// volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//}
#define ciL (sizeof(esp_mpi_uint)) /* chars in limb */
#define biL (ciL << 3) /* bits in limb */
if( X->p != NULL )
{
- esp_mpi_zeroize( X->p, X->n * ciL );
+ bzero( X->p, X->n * ciL );
free( X->p );
}
if( X->p != NULL )
{
memcpy( p, X->p, X->n * ciL );
- esp_mpi_zeroize( X->p, X->n * ciL );
+ bzero( X->p, X->n * ciL );
free( X->p );
}
if( X->p != NULL )
{
memcpy( p, X->p, i * ciL );
- esp_mpi_zeroize( X->p, X->n * ciL );
+ bzero( X->p, X->n * ciL );
free( X->p );
}
/*
* Baseline multiplication: X = A * B (HAC 14.12)
*/
+
+static int mul_pram_alloc( mpi *X, const mpi *A, const mpi *B, char **pA, char **pB, char **pX, size_t *bites)
+{
+ char *sa, *sb, *sx;
+ int algn;
+ int words, bytes;
+ int abytes, bbytes, cbytes;
+
+ if (A->n > B->n)
+ words = A->n;
+ else
+ words = B->n;
+
+ bytes = (words / 16 + ((words % 16) ? 1 : 0 )) * 16 * 4 * 2;
+
+ abytes = A->n * 4;
+ bbytes = B->n * 4;
+
+ sa = malloc(bytes);
+ if (!sa) {
+ return -1;
+ }
+
+ sb = malloc(bytes);
+ if (!sb) {
+ free(sa);
+ return -1;
+ }
+
+ sx = malloc(bytes);
+ if (!sx) {
+ free(sa);
+ free(sb);
+ return -1;
+ }
+
+ memcpy(sa, A->p, abytes);
+ memset(sa + abytes, 0, bytes - abytes);
+
+ memcpy(sb, B->p, bbytes);
+ memset(sb + bbytes, 0, bytes - bbytes);
+
+ *pA = sa;
+ *pB = sb;
+
+ *pX = sx;
+
+ *bites = bytes * 4;
+
+ return 0;
+}
+
+void mul_pram_free(char **pA, char **pB, char **pX)
+{
+ free(*pA);
+ *pA = NULL;
+
+ free(*pB);
+ *pB = NULL;
+
+ free(*pX);
+ *pX = NULL;
+}
+
int esp_mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B )
{
- int ret;
+ int ret = -1;
size_t i, j;
- size_t n = 0;
+ char *s1 = NULL, *s2 = NULL, *dest = NULL;
+ size_t bites;
mpi TA, TB;
MPI_CHK( esp_mpi_grow( X, i + j ) );
MPI_CHK( esp_mpi_lset( X, 0 ) );
- n = j;
-// for( i++; j > 0; j-- )
- esp_mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] );
+ if (mul_pram_alloc(X, A, B, &s1, &s2, &dest, &bites)) {
+ goto cleanup;
+ }
- BIGNUM_LOCK();
- if (ets_bigint_mult_prepare(A->p, B->p, n)){
- ets_bigint_wait_finish();
- ets_bigint_mult_getz(X->p, n);
+ BIGNUM_LOCK();
+ if (ets_bigint_mult_prepare((uint32_t *)s1, (uint32_t *)s2, bites)){
+ ets_bigint_wait_finish();
+ if (ets_bigint_mult_getz((uint32_t *)dest, bites) == true) {
+ memcpy(X->p, dest, (i + j) * 4);
+ ret = 0;
+ } else {
+ esp_mpi_printf("ets_bigint_mult_getz failed\n");
+ }
} else{
esp_mpi_printf("Baseline multiplication failed\n");
}
X->s = A->s * B->s;
+ mul_pram_free(&s1, &s2, &dest);
+
cleanup:
esp_mpi_free( &TB ); esp_mpi_free( &TA );
--- /dev/null
+#include "esp_crypto.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/semphr.h"
+
+static SemaphoreHandle_t esp_crypto_mutex[MUTEX_MAX_NUM];
+static int esp_crypto_sig[MUTEX_MAX_NUM];
+
+#if 0
+ #define ESP_DEBUG ets_printf
+#else
+ #define ESP_DEBUG(...)
+#endif
+
+int esp_crypto_init(void)
+{
+ int i;
+
+ for (i = 0; i < MUTEX_MAX_NUM; i++) {
+ esp_crypto_mutex[i] = xSemaphoreCreateMutex();
+ ESP_DEBUG("init num %d mutex %p\n", i, esp_crypto_mutex[i]);
+ if (!esp_crypto_mutex[i]) {
+ goto failed1;
+ }
+ esp_crypto_sig[i] = 0;
+ }
+
+ return 0;
+
+failed1:
+ ESP_DEBUG("esp_crypto_init failed\n");
+ for (i--; i >= 0; i--)
+ vQueueDelete(esp_crypto_mutex[i]);
+
+ return -1;
+}
+
+void esp_crypto_lock(unsigned int num)
+{
+ ESP_DEBUG("1num %d, mutex %p\n", num, esp_crypto_mutex[num]);
+ xSemaphoreTake(esp_crypto_mutex[num], portMAX_DELAY);
+}
+
+void esp_crypto_unlock(unsigned int num)
+{
+ ESP_DEBUG("2num %d, mutex %p\n", num, esp_crypto_mutex[num]);
+ xSemaphoreGive(esp_crypto_mutex[num]);
+}
+
+void esp_crypto_take(unsigned int num)
+{
+ esp_crypto_sig[num]++;
+}
+
+void esp_crypto_give(unsigned int num)
+{
+ if (esp_crypto_sig[num])
+ esp_crypto_sig[num]--;
+}
+
+bool esp_crypto_is_used(unsigned int num)
+{
+ return (esp_crypto_sig[num] != 0) ? true : false;
+}
+
+++ /dev/null
-#include "esp_thread.h"
-#include "freertos/FreeRTOS.h"
-#include "freertos/semphr.h"
-
-static xSemaphoreHandle esp_thread_mutex[MUTEX_MAX_NUM];
-static int esp_thread_sig[MUTEX_MAX_NUM];
-
-int esp_thread_init(void)
-{
- int i;
-
- for (i = 0; i < MUTEX_MAX_NUM; i++) {
- esp_thread_mutex[i] = xSemaphoreCreateMutex();
- if (!esp_thread_mutex[i]) {
- goto failed1;
- }
- esp_thread_sig[i] = 0;
- }
-
- return 0;
-
-failed1:
- for (i--; i >= 0; i--)
- vQueueDelete(esp_thread_mutex[i]);
-
- return -1;
-}
-
-void esp_thread_lock(unsigned int num)
-{
- xSemaphoreTake(esp_thread_mutex[num], portMAX_DELAY);
-}
-
-void esp_thread_unlock(unsigned int num)
-{
- xSemaphoreGive(esp_thread_mutex[num]);
-}
-
-void esp_thread_take(unsigned int num)
-{
- esp_thread_sig[num]++;
-}
-
-void esp_thread_give(unsigned int num)
-{
- esp_thread_sig[num]--;
-}
-
-bool esp_thread_is_used(unsigned int num)
-{
- return (esp_thread_sig[num] != 0) ? true : false;
-}
-
#include "rom/ets_sys.h"
#include "rom/bigint.h"
-#define ESP_BIGNUM_ALT
+
#define MPI_DEBUG_ALT
-#if defined(ESP_BIGNUM_ALT)
+
#define ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
#define ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
int esp_mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
-#endif
+
#endif
-#ifndef _MULTI_THREAD_H_
-#define _MULTI_THREAD_H_
+#ifndef _MULTI_CRYPTO_H_
+#define _MULTI_CRYPTO_H_
#include "c_types.h"
#include "rom/ets_sys.h"
MUTEX_MAX_NUM,
};
-int esp_thread_init(void);
+int esp_crypto_init(void);
-void esp_thread_lock(unsigned int num);
-void esp_thread_unlock(unsigned int num);
+void esp_crypto_lock(unsigned int num);
+void esp_crypto_unlock(unsigned int num);
-void esp_thread_take(unsigned int num);
-void esp_thread_give(unsigned int num);
-bool esp_thread_is_used(unsigned int num);
+void esp_crypto_take(unsigned int num);
+void esp_crypto_give(unsigned int num);
+bool esp_crypto_is_used(unsigned int num);
-#define MUTEX_LOCK(num) esp_thread_lock(num)
-#define MUTEX_UNLOCK(num) esp_thread_unlock(num)
+#define MUTEX_LOCK(num) esp_crypto_lock(num)
+#define MUTEX_UNLOCK(num) esp_crypto_unlock(num)
-#define SIG_TAKE(num) esp_thread_take(num)
-#define SIG_GIVE(num) esp_thread_give(num)
-#define SIG_IS_USED(num) esp_thread_is_used(num)
+#define SIG_TAKE(num) esp_crypto_take(num)
+#define SIG_GIVE(num) esp_crypto_give(num)
+#define SIG_IS_USED(num) esp_crypto_is_used(num)
#define AES_LOCK() MUTEX_LOCK(AES_MUTEX)
#define AES_UNLOCK() MUTEX_UNLOCK(AES_MUTEX)
}
#endif
-#endif /* esp_thread.h */
+#endif /* esp_crypto.h */
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
-#include "sha.h"
-
#include <string.h>
-#include "esp_thread.h"
+#include "sha.h"
+#include "esp_crypto.h"
/* Implementation that should never be optimized out by the compiler */
-static void esp_sha_zeroize( void *v, size_t n ) {
- volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+//static void bzero( void *v, size_t n ) {
+// volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+//}
void esp_sha1_init( SHA1_CTX *ctx )
{
if( ctx == NULL )
return;
- esp_sha_zeroize( ctx, sizeof( SHA1_CTX ) );
+ bzero( ctx, sizeof( SHA1_CTX ) );
SHA_LOCK();
SHA_GIVE();
{
SHA_LOCK();
ets_sha_init(&ctx->context);
- SHA_UNLOCK();
ctx->context_type = SHA1;
}
*/
void esp_sha1_update( SHA1_CTX *ctx, const unsigned char *input, size_t ilen )
{
- SHA_LOCK();
ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
}
if( ctx == NULL )
return;
- esp_sha_zeroize( ctx, sizeof( SHA256_CTX ) );
+ bzero( ctx, sizeof( SHA256_CTX ) );
SHA_LOCK();
SHA_GIVE();
{
SHA_LOCK();
ets_sha_init(&ctx->context);
- SHA_UNLOCK();
if( is224 == 0 )
{
*/
void esp_sha256_update( SHA256_CTX *ctx, const unsigned char *input, size_t ilen )
{
- SHA_LOCK();
ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
}
if( ctx == NULL )
return;
- esp_sha_zeroize( ctx, sizeof( SHA512_CTX ) );
+ bzero( ctx, sizeof( SHA512_CTX ) );
SHA_LOCK();
SHA_GIVE();
{
SHA_LOCK();
ets_sha_init(&ctx->context);
- SHA_UNLOCK();
+
if( is384 == 0 )
{
/* SHA-512 */
*/
void esp_sha512_update( SHA512_CTX *ctx, const unsigned char *input,size_t ilen )
{
- SHA_LOCK();
ets_sha_update(&ctx->context, ctx->context_type, input, ilen * 8);
}
unsigned char stream_block[16];
#endif
mbedtls_aes_context ctx;
-
- memset( key, 0, 32 );
- mbedtls_aes_init( &ctx );
+
+ memset( key, 0, 32 );
/*
* ECB mode
memset( buf, 0, 16 );
+ mbedtls_aes_init( &ctx );
+
if( v == MBEDTLS_AES_DECRYPT )
{
mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_aes_free( &ctx );
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_aes_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+
+ mbedtls_aes_free( &ctx );
}
if( verbose != 0 )
memset( prv, 0, 16 );
memset( buf, 0, 16 );
+ mbedtls_aes_init( &ctx );
+
if( v == MBEDTLS_AES_DECRYPT )
{
mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_aes_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_aes_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+
+ mbedtls_aes_free( &ctx );
}
if( verbose != 0 )
memcpy( iv, aes_test_cfb128_iv, 16 );
memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
+ mbedtls_aes_init( &ctx );
+
offset = 0;
mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
memcpy( key, aes_test_ctr_key[u], 16 );
+ mbedtls_aes_init( &ctx );
+
offset = 0;
mbedtls_aes_setkey_enc( &ctx, key, 128 );
unsigned char sha1sum[20];
mbedtls_sha1_context ctx;
- mbedtls_sha1_init( &ctx );
-
/*
* SHA-1
*/
for( i = 0; i < 3; i++ )
{
+ mbedtls_sha1_init( &ctx );
+
if( verbose != 0 )
mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_sha1_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+
+ mbedtls_sha1_free( &ctx );
}
if( verbose != 0 )
mbedtls_printf( "\n" );
exit:
- mbedtls_sha1_free( &ctx );
return( ret );
}
unsigned char sha256sum[32];
mbedtls_sha256_context ctx;
- mbedtls_sha256_init( &ctx );
-
for( i = 0; i < 6; i++ )
{
j = i % 3;
k = i < 3;
+ mbedtls_sha256_init( &ctx );
+
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_sha256_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+
+ mbedtls_sha256_free( &ctx );
}
if( verbose != 0 )
mbedtls_printf( "\n" );
exit:
- mbedtls_sha256_free( &ctx );
return( ret );
}
unsigned char sha512sum[64];
mbedtls_sha512_context ctx;
- mbedtls_sha512_init( &ctx );
-
for( i = 0; i < 6; i++ )
{
j = i % 3;
k = i < 3;
+ mbedtls_sha512_init( &ctx );
+
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
if( verbose != 0 )
mbedtls_printf( "failed\n" );
+ mbedtls_sha512_free( &ctx );
+
ret = 1;
goto exit;
}
if( verbose != 0 )
mbedtls_printf( "passed\n" );
+
+ mbedtls_sha512_free( &ctx );
}
if( verbose != 0 )
mbedtls_printf( "\n" );
exit:
- mbedtls_sha512_free( &ctx );
+
return( ret );
}