From ffd995280561875c353f5376bab0b2fca3991321 Mon Sep 17 00:00:00 2001 From: Nicko van Someren Date: Wed, 7 Jul 2021 16:57:22 -0600 Subject: [PATCH 1/2] Bring various submodules up to date --- lib/mbedtls | 2 +- lib/pico-sdk | 2 +- lib/tinyusb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/mbedtls b/lib/mbedtls index 1bc2c9cb8b8fe..1b6a24f759cef 160000 --- a/lib/mbedtls +++ b/lib/mbedtls @@ -1 +1 @@ -Subproject commit 1bc2c9cb8b8fe4659bd94b8ebba5a4c02029b7fa +Subproject commit 1b6a24f759cefbb4a69ae9476885d7f42a847e3d diff --git a/lib/pico-sdk b/lib/pico-sdk index bfcbefafc5d2a..fc10a97c386f6 160000 --- a/lib/pico-sdk +++ b/lib/pico-sdk @@ -1 +1 @@ -Subproject commit bfcbefafc5d2a210551a4d9d80b4303d4ae0adf7 +Subproject commit fc10a97c386f65c1a44c68684fe52a56aaf50df0 diff --git a/lib/tinyusb b/lib/tinyusb index d49938d0f5052..7b62c71dd5ec4 160000 --- a/lib/tinyusb +++ b/lib/tinyusb @@ -1 +1 @@ -Subproject commit d49938d0f5052bce70e55c652b657c0a6a7e84fe +Subproject commit 7b62c71dd5ec42e61499d2d83902df9484842670 From 1e3b6bd5c5fba4c7b08d402816ea8113d3fb25bb Mon Sep 17 00:00:00 2001 From: Nicko van Someren Date: Wed, 7 Jul 2021 16:57:22 -0600 Subject: [PATCH 2/2] ucryptolib: Add support for AES when no SSL library is present. --- extmod/crypto-algorithms/aes.c | 297 +++++++++++++++++++++++++++++++++ extmod/crypto-algorithms/aes.h | 66 ++++++++ extmod/moducryptolib.c | 76 ++++++++- ports/rp2/mpconfigport.h | 2 + ports/unix/mpconfigport.h | 2 +- 5 files changed, 441 insertions(+), 2 deletions(-) create mode 100644 extmod/crypto-algorithms/aes.c create mode 100644 extmod/crypto-algorithms/aes.h diff --git a/extmod/crypto-algorithms/aes.c b/extmod/crypto-algorithms/aes.c new file mode 100644 index 0000000000000..edddf67f7479c --- /dev/null +++ b/extmod/crypto-algorithms/aes.c @@ -0,0 +1,297 @@ +/* + * A small, lightweight AES implmentation suitable for microcontrollers. + * + * SPDX-License-Identifier: MIT + * The MIT License (MIT) + * + * Copyright (c) 2021 Nicko van Someren + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include +#include +#include + +#include "aes.h" + +#define ROUNDS_FOR_KEYLEN(l) \ + ((l == 16) ? AES_128_ROUNDS : \ + ((l == 24) ? AES_192_ROUNDS : \ + ((l == 32) ? AES_256_ROUNDS : \ + 0))) + +static const uint8_t sbox[256] = { + // 0 1 2 3 4 5 6 7 8 9 A B C D E F + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 +}; + +static const uint8_t rsbox[256] = { + // 0 1 2 3 4 5 6 7 8 9 A B C D E F + 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, + 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, + 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, + 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, + 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, + 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, + 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, + 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, + 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, + 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, + 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, + 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, + 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, + 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, + 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d +}; + +// For AES (as distinct from Rijndael), we only need the round constants 1 through 10 +static const uint8_t round_constants[11] = { + 0x8d, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36 +}; + +// Perform s-box substitution and row shift on round state +static void shift_sub_state(aes_state_word_t *state) { + uint8_t temp; + + // The first row only needs substitution, not rotation + state[0].b[0] = sbox[state[0].b[0]]; + state[1].b[0] = sbox[state[1].b[0]]; + state[2].b[0] = sbox[state[2].b[0]]; + state[3].b[0] = sbox[state[3].b[0]]; + + // The second row is rotated one column left + temp = sbox[state[0].b[1]]; + state[0].b[1] = sbox[state[1].b[1]]; + state[1].b[1] = sbox[state[2].b[1]]; + state[2].b[1] = sbox[state[3].b[1]]; + state[3].b[1] = temp; + + // The third row is rotated two columns left + temp = sbox[state[0].b[2]]; + state[0].b[2] = sbox[state[2].b[2]]; + state[2].b[2] = temp; + temp = sbox[state[1].b[2]]; + state[1].b[2] = sbox[state[3].b[2]]; + state[3].b[2] = temp; + + // The fourth row is rotated three columns left + temp = sbox[state[3].b[3]]; + state[3].b[3] = sbox[state[2].b[3]]; + state[2].b[3] = sbox[state[1].b[3]]; + state[1].b[3] = sbox[state[0].b[3]]; + state[0].b[3] = temp; +} + +// Perform reverse row shift and s-box substitution on round state +static void rsub_shift_state(aes_state_word_t *state) { + uint8_t temp; + + state[0].b[0] = rsbox[state[0].b[0]]; + state[1].b[0] = rsbox[state[1].b[0]]; + state[2].b[0] = rsbox[state[2].b[0]]; + state[3].b[0] = rsbox[state[3].b[0]]; + + temp = rsbox[state[3].b[1]]; + state[3].b[1] = rsbox[state[2].b[1]]; + state[2].b[1] = rsbox[state[1].b[1]]; + state[1].b[1] = rsbox[state[0].b[1]]; + state[0].b[1] = temp; + + temp = rsbox[state[0].b[2]]; + state[0].b[2] = rsbox[state[2].b[2]]; + state[2].b[2] = temp; + temp = rsbox[state[1].b[2]]; + state[1].b[2] = rsbox[state[3].b[2]]; + state[3].b[2] = temp; + + temp = rsbox[state[0].b[3]]; + state[0].b[3] = rsbox[state[1].b[3]]; + state[1].b[3] = rsbox[state[2].b[3]]; + state[2].b[3] = rsbox[state[3].b[3]]; + state[3].b[3] = temp; +} + +// Add round key to state +static void add_round_key(aes_state_word_t *state, aes_state_word_t *key) { + for (int i = 0; i < 4; i++) { + state[i].w ^= key[i].w; + } +} + +static inline uint8_t gf_double(uint8_t x) { + return (x << 1) ^ (((x >> 7) & 1) * 0x1b); +} + +static void mix_columns(aes_state_word_t *state) { + uint8_t temp, all_sum; + for (int i = 0; i < 4; i++) { + temp = state[i].b[0]; + all_sum = state[i].b[0] ^ state[i].b[1] ^ state[i].b[2] ^ state[i].b[3]; + state[i].b[0] ^= (gf_double(state[i].b[0] ^ state[i].b[1]) ^ all_sum); + state[i].b[1] ^= (gf_double(state[i].b[1] ^ state[i].b[2]) ^ all_sum); + state[i].b[2] ^= (gf_double(state[i].b[2] ^ state[i].b[3]) ^ all_sum); + state[i].b[3] ^= (gf_double(state[i].b[3] ^ temp) ^ all_sum); + } +} + +// Compute the GF weighted sum 14a + 11b + 13c + 9d +// 14 = 0b1110, 11 = 0b1011, 13 = 0b1101, 9 = 0b1001 +static const uint8_t poly_reduce_mask[8] = {0, 27, 54, 45, 108, 119, 90, 65}; + +static uint8_t gf_ploy_inv(uint8_t a, uint8_t b, uint8_t c, uint8_t d) { + uint8_t ac = a ^ c; + uint8_t bd = b ^ d; + uint8_t ab = a ^ b; + uint16_t sum = ((ac ^ bd) << 3) ^ (ac << 2) ^ (ab << 1) ^ (bd ^ c); + return (uint8_t)(sum ^ poly_reduce_mask[sum >> 8]); +} + +static void inv_mix_columns(aes_state_word_t *state) { + uint8_t a, b, c, d; + + for (int i = 0; i < 4; i++) { + a = state[i].b[0]; + b = state[i].b[1]; + c = state[i].b[2]; + d = state[i].b[3]; + + state[i].b[0] = gf_ploy_inv(a, b, c, d); + state[i].b[1] = gf_ploy_inv(b, c, d, a); + state[i].b[2] = gf_ploy_inv(c, d, a, b); + state[i].b[3] = gf_ploy_inv(d, a, b, c); + } +} + +// Key length is given in bytes, not bits +void aes_expand_key(aes_key_info_t *dest, const uint8_t *key, int keylen) { + int n_rounds = ROUNDS_FOR_KEYLEN(keylen); + int key_words = keylen / 4; + int subkey_words = (n_rounds + 1) * 4; + aes_state_word_t *array = dest->expanded_key.array; + + dest->key_length = keylen; + dest->n_rounds = n_rounds; + + memcpy(dest->expanded_key.flat, key, keylen); + + aes_state_word_t prev_word = array[key_words - 1]; + + for (int i = key_words; i < subkey_words; i++) { + aes_state_word_t this_word = array[i - key_words]; + + if ((i % key_words) == 0) { + this_word.b[0] ^= round_constants[i / key_words]; + + uint8_t temp = sbox[prev_word.b[0]]; + prev_word.b[0] = sbox[prev_word.b[1]]; + prev_word.b[1] = sbox[prev_word.b[2]]; + prev_word.b[2] = sbox[prev_word.b[3]]; + prev_word.b[3] = temp; + } else if (key_words > 6 && (i % key_words) == 4) { + prev_word.b[0] = sbox[prev_word.b[0]]; + prev_word.b[1] = sbox[prev_word.b[1]]; + prev_word.b[2] = sbox[prev_word.b[2]]; + prev_word.b[3] = sbox[prev_word.b[3]]; + } + this_word.w ^= prev_word.w; + prev_word = array[i] = this_word; + } +} + +void aes_encrypt_block(uint8_t *block, aes_key_info_t *key_info) { + uint32_t n_rounds = key_info->n_rounds; + aes_expanded_key_t *key = &key_info->expanded_key; + aes_round_state_t *state = (aes_round_state_t *)block; + + add_round_key(state->words, key->rounds[0]); + + uint32_t i; + for (i = 1; i < n_rounds; i++) { + shift_sub_state(state->words); + mix_columns(state->words); + add_round_key(state->words, key->rounds[i]); + } + + shift_sub_state(state->words); + add_round_key(state->words, key->rounds[i]); +} + +void aes_decrypt_block(uint8_t *block, aes_key_info_t *key_info) { + uint32_t n_rounds = key_info->n_rounds; + aes_expanded_key_t *key = &key_info->expanded_key; + aes_round_state_t *state = (aes_round_state_t *)block; + + add_round_key(state->words, key->rounds[n_rounds]); + rsub_shift_state(state->words); + + for (int i = n_rounds - 1; i > 0; i--) { + add_round_key(state->words, key->rounds[i]); + inv_mix_columns(state->words); + rsub_shift_state(state->words); + } + + add_round_key(state->words, key->rounds[0]); +} + +// Requires input_length % 16 == 0 +void aes_crypt_cbc(aes_key_info_t *key_info, int encrypt, size_t input_length, uint8_t *iv, const uint8_t *in, uint8_t *out) { + uint32_t *iv_words = (uint32_t *)iv; + uint32_t *in_words = (uint32_t *)in; + uint32_t *out_words = (uint32_t *)out; + + if (encrypt) { + while (input_length > 0) { + for (int i = 0; i < 4; i++) { + iv_words[i] ^= *(in_words++); + } + aes_encrypt_block((uint8_t *)iv_words, key_info); + memcpy(out_words, iv_words, 16); + out_words += 4; + input_length -= 16; + } + } else { + uint32_t block_words[4]; + while (input_length > 0) { + memcpy(block_words, in_words, 16); + aes_decrypt_block((uint8_t *)block_words, key_info); + for (int i = 0; i < 4; i++) { + *(out_words++) = iv_words[i] ^ block_words[i]; + iv_words[i] = *(in_words++); + } + input_length -= 16; + } + } +} diff --git a/extmod/crypto-algorithms/aes.h b/extmod/crypto-algorithms/aes.h new file mode 100644 index 0000000000000..d8766e91fbe98 --- /dev/null +++ b/extmod/crypto-algorithms/aes.h @@ -0,0 +1,66 @@ +/* + * A small, lightweight AES implmentation suitable for microcontrollers. + * + * SPDX-License-Identifier: MIT + * The MIT License (MIT) + * + * Copyright (c) 2021 Nicko van Someren + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#ifndef SMALL_AES_INCLUDE_AES_H +#define SMALL_AES_INCLUDE_AES_H + +#define AES_128_ROUNDS 10 +#define AES_192_ROUNDS 12 +#define AES_256_ROUNDS 14 + +#define AES_MAX_SUBKEYS 15 + +typedef union aes_state_word { + uint8_t b[4]; + uint32_t w; +} aes_state_word_t; + +typedef union aes_round_state { + aes_state_word_t words[4]; + uint8_t flat[16]; +} aes_round_state_t; + +typedef union aes_expanded_key { + aes_state_word_t rounds[AES_MAX_SUBKEYS][4]; + aes_state_word_t array[AES_MAX_SUBKEYS * 4]; + uint8_t flat[AES_MAX_SUBKEYS * 16]; +} aes_expanded_key_t; + +typedef struct aes_key_info { + uint16_t key_length; + uint16_t n_rounds; + aes_expanded_key_t expanded_key; +} aes_key_info_t; + +void aes_expand_key(aes_key_info_t *dest, const uint8_t *key, int keylen); +void aes_encrypt_block(uint8_t *block, aes_key_info_t *key_info); +void aes_decrypt_block(uint8_t *block, aes_key_info_t *key_info); + +// Requires input_length % 16 == 0 +void aes_crypt_cbc(aes_key_info_t *key_info, int encrypt, size_t input_length, uint8_t *iv, const uint8_t *in, uint8_t *out); + +#endif diff --git a/extmod/moducryptolib.c b/extmod/moducryptolib.c index 6c89d6d9fe81c..9e4647a1b7718 100644 --- a/extmod/moducryptolib.c +++ b/extmod/moducryptolib.c @@ -54,13 +54,30 @@ struct ctr_params { uint8_t encrypted_counter[16]; }; +#if !MICROPY_SSL_AXTLS && !MICROPY_SSL_MBEDTLS +#define AES_192_SUPPORTED (1) +#include "crypto-algorithms/aes.c" + +typedef struct native_aes_key_iv { + aes_key_info_t key_info; + uint8_t iv[16]; +} native_aes_key_iv_t; + +#define AES_CTX_IMPL native_aes_key_iv_t + +#endif + #if MICROPY_SSL_AXTLS +#define AES_192_SUPPORTED (0) + #include "lib/axtls/crypto/crypto.h" #define AES_CTX_IMPL AES_CTX #endif #if MICROPY_SSL_MBEDTLS +#define AES_192_SUPPORTED (0) + #include // we can't run mbedtls AES key schedule until we know whether we're used for encrypt or decrypt. @@ -102,6 +119,59 @@ static inline struct ctr_params *ctr_params_from_aes(mp_obj_aes_t *o) { return (struct ctr_params *)&o[1]; } +#if !MICROPY_SSL_AXTLS && !MICROPY_SSL_MBEDTLS +STATIC void aes_initial_set_key_impl(AES_CTX_IMPL *ctx, const uint8_t *key, size_t keysize, const uint8_t iv[16]) { + aes_expand_key(&ctx->key_info, key, keysize); + if (iv) { + memcpy(ctx->iv, iv, 16); + } +} + +STATIC void aes_final_set_key_impl(AES_CTX_IMPL *ctx, bool encrypt) { + // The native AES code doesn't care if we are encrypting or decrypting +} + +STATIC void aes_process_ecb_impl(AES_CTX_IMPL *ctx, const uint8_t in[16], uint8_t out[16], bool encrypt) { + memcpy(out, in, 16); + if (encrypt) { + aes_encrypt_block(out, &ctx->key_info); + } else { + aes_decrypt_block(out, &ctx->key_info); + } +} + +STATIC void aes_process_cbc_impl(AES_CTX_IMPL *ctx, const uint8_t *in, uint8_t *out, size_t in_len, bool encrypt) { + aes_crypt_cbc(&ctx->key_info, encrypt, in_len, ctx->iv, in, out); +} + +#if MICROPY_PY_UCRYPTOLIB_CTR +STATIC void aes_process_ctr_impl(AES_CTX_IMPL *ctx, const uint8_t *in, uint8_t *out, size_t in_len, struct ctr_params *ctr_params) { + size_t n = ctr_params->offset; + uint8_t *const counter = ctx->iv; + + while (in_len--) { + if (n == 0) { + aes_process_ecb_impl(ctx, counter, ctr_params->encrypted_counter, true); + + // increment the 128-bit counter + for (int i = 15; i >= 0; --i) { + if (++counter[i] != 0) { + break; + } + } + } + + *out++ = *in++ ^ ctr_params->encrypted_counter[n]; + n = (n + 1) & 0xf; + } + + ctr_params->offset = n; + +} +#endif + +#endif // !MICROPY_SSL_AXTLS && !MICROPY_SSL_MBEDTLS + #if MICROPY_SSL_AXTLS STATIC void aes_initial_set_key_impl(AES_CTX_IMPL *ctx, const uint8_t *key, size_t keysize, const uint8_t iv[16]) { assert(16 == keysize || 32 == keysize); @@ -236,7 +306,11 @@ STATIC mp_obj_t ucryptolib_aes_make_new(const mp_obj_type_t *type, size_t n_args mp_buffer_info_t keyinfo; mp_get_buffer_raise(args[0], &keyinfo, MP_BUFFER_READ); - if (32 != keyinfo.len && 16 != keyinfo.len) { + if (32 != keyinfo.len && + #if AES_192_SUPPORTED + 24 != keyinfo.len && + #endif + 16 != keyinfo.len) { mp_raise_ValueError(MP_ERROR_TEXT("key")); } diff --git a/ports/rp2/mpconfigport.h b/ports/rp2/mpconfigport.h index 218cd72752628..34a8612179df9 100644 --- a/ports/rp2/mpconfigport.h +++ b/ports/rp2/mpconfigport.h @@ -120,6 +120,8 @@ #define MICROPY_PY_URE_MATCH_SPAN_START_END (1) #define MICROPY_PY_URE_SUB (1) #define MICROPY_PY_UHASHLIB (1) +#define MICROPY_PY_UCRYPTOLIB (1) +#define MICROPY_PY_UCRYPTOLIB_CTR (1) #define MICROPY_PY_UBINASCII (1) #define MICROPY_PY_UBINASCII_CRC32 (1) #define MICROPY_PY_UTIME_MP_HAL (1) diff --git a/ports/unix/mpconfigport.h b/ports/unix/mpconfigport.h index d838f42b3f3dc..8e1b5a3c5733b 100644 --- a/ports/unix/mpconfigport.h +++ b/ports/unix/mpconfigport.h @@ -151,8 +151,8 @@ #if MICROPY_PY_USSL #define MICROPY_PY_UHASHLIB_MD5 (1) #define MICROPY_PY_UHASHLIB_SHA1 (1) -#define MICROPY_PY_UCRYPTOLIB (1) #endif +#define MICROPY_PY_UCRYPTOLIB (1) #define MICROPY_PY_UBINASCII (1) #define MICROPY_PY_UBINASCII_CRC32 (1) #define MICROPY_PY_URANDOM (1) pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy