概述

​ sec_crypto组件为安全算法组件,提供安全平台的安全算法抽象开发接口,实现常见的密码学算法,包含对称算法、非对称/公钥算法、摘要算法、消息验证码算法。

功能

  • 对称算法

AES ECB/CBC

AES with 128/192/256 bit keywidth

  • 非对称算法

RSA1024

RSA2048

ECC256

  • 摘要

SHA1、SHA2

  • 消息验证码

  • 随机数

接口定义

错误码

错误码
SC_OK 0
SC_FAIL 0x10000001
SC_MEM_OVERFLOW 0x10000002
SC_PARAM_INV 0x10000003
SC_OPERATION_BUSY 0x10000004
SC_AUTH_FAIL 0x10000005
SC_CRYPT_FAIL 0x10000006
SC_NOT_SUPPORT 0x10000007
SC_INVALID_PADDING 0x10000008
SC_BAD_INPUT_DATA 0x10000009
SC_INVALID_KEY_LENGTH 0x100000010
SC_INVALID_INPUT_LENGTH 0x100000011
SC_FEATURE_UNAVAILABLE 0x100000012
SC_HW_ACCEL_FAILED 0x100000013
SC_CCM_AUTH_FAILED 0x100000014
SC_KEY_GEN_FAILED 0x100000015
SC_KEY_CHECK_FAILED 0x100000016
SC_PUBLIC_FAILED 0x100000017
SC_PRIVATE_FAILED 0x100000018
SC_VERIFY_FAILED 0x100000019
SC_OUTPUT_TOO_LARGE 0x100000020
SC_RNG_FAILED 0x100000021
SC_BUFFER_TOO_SMALL 0x100000022
SC_INVALID_FORMAT 0x100000023
SC_ALLOC_FAILED 0x100000024
SC_DRV_FAILED 0x100000025

AES接口原型

sc_aes_init

uint32_t sc_aes_init(sc_aes_t *aes, uint32_t idx)

Initialize AES Interface. Initializes the resources needed for the AES interface.

Parameters [in] aes operate handle [in] idx device id

Returns error code uint32_t

sc_aes_uninit

void sc_aes_uninit(sc_aes_t *aes)

De-initialize AES Interface. stops operation and releases the software resources used by the interface.

Parameters [in] aes handle to operate

Returns None

sc_aes_set_encrypt_key

uint32_t sc_aes_set_encrypt_key(sc_aes_t *aes, void *key, sc_aes_key_bits_t key_len)

Set encrypt key.

Parameters [in] aes handle to operate [in] key Pointer to the key buf [in] key_len Pointer to \ref sc_aes_key_bits_t

Returns error code uint32_t

sc_aes_set_decrypt_key

uint32_t sc_aes_set_decrypt_key(sc_aes_t *aes, void *key, sc_aes_key_bits_t key_len)

Set decrypt key.

Parameters [in] aes handle to operate [in] key Pointer to the key buf [in] key_len Pointer to \ref sc_aes_key_bits_t

Returns error code uint32_t

sc_aes_ecb_encrypt

uint32_t sc_aes_ecb_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size)

Aes ecb encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size

Returns error code uint32_t

sc_aes_ecb_decrypt

uint32_t sc_aes_ecb_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size)

Aes ecb decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size

Returns error code uint32_t

sc_aes_cbc_encrypt

uint32_t sc_aes_cbc_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cbc encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cbc_decrypt

uint32_t sc_aes_cbc_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cbc decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cfb1_encrypt

uint32_t sc_aes_cfb1_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cfb1 encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cfb1_decrypt

uint32_t sc_aes_cfb1_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cfb1 decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cfb8_encrypt

uint32_t sc_aes_cfb8_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cfb8 encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cfb8_decrypt

uint32_t sc_aes_cfb8_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv);

Aes cfb8 decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector

Returns error code uint32_t

sc_aes_cfb128_decrypt

uint32_t sc_aes_cfb128_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv,uint32_t *num);

Aes cfb128 decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

sc_aes_cfb128_encrypt

uint32_t sc_aes_cfb128_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv,uint32_t *num);

Aes cfb128 encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

sc_aes_ofb_encrypt

uint32_t sc_aes_ofb_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv,uint32_t *num);

Aes ofb encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

sc_aes_ofb_decrypt

uint32_t sc_aes_ofb_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size, void *iv,uint32_t *num);

Aes ofb decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

sc_aes_ctr_encrypt

uint32_t sc_aes_ctr_encrypt(sc_aes_t *aes, void *in, void *out, uint32_t size,uint8_t nonce_counter[16], uint8_t stream_block[16], void *iv,uint32_t *num);

Aes ctr encrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] nonce_counter Pointer to the 128-bit nonce and counter [in] stream_block Pointer to the saved stream-block for resuming [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

sc_aes_ctr_decrypt

uint32_t sc_aes_ctr_decrypt(sc_aes_t *aes, void *in, void *out, uint32_t size,uint8_t nonce_counter[16], uint8_t stream_block[16], void *iv,uint32_t *num);

Aes ctr decrypt.

Parameters [in] aes handle to operate [in] in Pointer to the Source data [out] out Pointer to the Result data [in] size the Source data size [in] nonce_counter Pointer to the 128-bit nonce and counter [in] stream_block Pointer to the saved stream-block for resuming [in] iv init vector [out] num the number of the 128-bit block we have used

Returns error code uint32_t

SHA接口原型

SHA模式枚举

typedef enum {
  SHA_MODE_1 = 1U, 
  SHA_MODE_256,  
  SHA_MODE_224,   
  SHA_MODE_512,   
  SHA_MODE_384,   
  SHA_MODE_512_256,
  SHA_MODE_512_224  
} sc_sha_mode_t;

相关数据结构

typedef struct {
    uint32_t busy  : 1;  ///< calculate busy flag
    uint32_t error : 1; ///< calculate error flag
} sc_sha_state_t;

typedef struct {
#ifdef CONFIG_SYSTEM_SECURE
#ifdef CONFIG_CSI_V1
uint8_t ctx[SHA_CONTEXT_SIZE];
#endif /* CONFIG_CSI_V1 */
#ifdef CONFIG_CSI_V2
  csi_sha_context_t ctx;
#endif
#endif
#if defined(CONFIG_TEE_CA)
    uint8_t ctx[224+8];
#endif
#if defined(CONFIG_SEC_CRYPTO_SHA_SW)
  sc_mbedtls_sha1_context sha1_ctx;
  sc_mbedtls_sha256_context sha2_ctx;
#endif
    sc_sha_mode_t mode;        ///< sha mode
} sc_sha_context_t;

/****** SHA Event *****/
typedef enum {
    SC_SHA_EVENT_COMPLETE = 0U, ///< calculate completed
    SC_SHA_EVENT_ERROR          ///< calculate error
} sc_sha_event_t;

typedef struct sc_sha {
#ifdef CONFIG_SYSTEM_SECURE
#ifdef CONFIG_CSI_V1
  sha_handle_t handle;
  sc_sha_context_t ctx;
  sc_sha_mode_t mode;        ///< sha mode
#endif /* CONFIG_CSI_V1 */
#ifdef CONFIG_CSI_V2
  csi_sha_t csi_sha;
#endif
#endif
#if defined(CONFIG_TEE_CA)
#endif
  void *user;                 ///< CID 68702(1 的 1 数):编码标准冲突 (MISRA C-2012 Rule 21.18)
} sc_sha_t;

sc_sha_init

uint32_t sc_sha_init(sc_sha_t *sha, uint32_t idx);

Initialize SHA Interface. Initializes the resources needed for the SHA interface.

Parameters [in] sha operate handle. [in] idx index of sha

Returns error code uint32_t

sc_sha_uninit

void sc_sha_uninit(sc_sha_t *sha);

De-initialize SHA Interface. stops operation and releases the software resources used by the interface.

Parameters [in] sha sha handle to operate.

Returns none

sc_sha_attach_callback

uint32_t sc_sha_attach_callback(sc_sha_t *sha, void *callback, void *arg);

attach the callback handler to SHA.

Parameters [in] sha sha handle to operate [in] callback callback function [in] arg callback's param

Returns error code

sc_sha_detach_callback

void sc_sha_detach_callback(sc_sha_t *sha);

detach the callback handler.

Parameters [in] sha sha handle to operate

sc_sha_start

uint32_t sc_sha_start(sc_sha_t *sha, sc_sha_context_t *context, sc_sha_mode_t mode);

start the engine.

Parameters [in] sha sha handle to operate. [in] context Pointer to the sha context sc_sha_context_t [in] mode sha mode sc_sha_mode_t

Returns error code uint32_t

sc_sha_update

uint32_t sc_sha_update(sc_sha_t *sha, sc_sha_context_t *context, const void *input,uint32_t size);

update the engine.

Parameters [in] sha sha handle to operate. [in] context Pointer to the sha context sc_sha_context_t [in] input Pointer to the Source data [in] size the data size

Returns error code uint32_t

sc_sha_update_async

uint32_t sc_sha_update_async(sc_sha_t *sha, sc_sha_context_t *context, const void *input,uint32_t size);

accumulate the engine (async mode).

Parameters [in] sha sha handle to operate. [in] context Pointer to the sha context sc_sha_context_t [in] input Pointer to the Source data [in] size the data size

Returns error code uint32_t

sc_sha_finish

uint32_t sc_sha_finish(sc_sha_t *sha, sc_sha_context_t *context, void *output,uint32_t *out_size);

finish the engine.

Parameters [in] sha sha handle to operate. [in] context Pointer to the sha context sc_sha_context_t [out] output Pointer to the result data [out] out_size Pointer to the result data size(bytes)

Returns error code uint32_t

RSA接口原型

RSA padding模式

typedef enum {
  RSA_PADDING_MODE_NO = 0,   
  RSA_PADDING_MODE_PKCS1,    
  RSA_PADDING_MODE_PKCS1_OAEP,
  RSA_PADDING_MODE_SSLV23,   
  RSA_PADDING_MODE_X931,    
  RSA_PADDING_MODE_PSS     
} sc_rsa_padding_type_t;

相关数据结构

/*----- RSA Control Codes: Mode Parameters: Key Bits -----*/
typedef enum {
    SC_RSA_KEY_BITS_192 = 0, ///< 192 Key bits
    SC_RSA_KEY_BITS_256,     ///< 256 Key bits
    SC_RSA_KEY_BITS_512,     ///< 512 Key bits
    SC_RSA_KEY_BITS_1024,    ///< 1024 Key bits
    SC_RSA_KEY_BITS_2048,    ///< 2048 Key bits
    SC_RSA_KEY_BITS_3072,    ///< 3072 Key bits
    SC_RSA_KEY_BITS_4096     ///< 4096 Key bits
} sc_rsa_key_bits_t;

typedef enum {
    SC_RSA_HASH_TYPE_MD5 = 0,
    SC_RSA_HASH_TYPE_SHA1,
    SC_RSA_HASH_TYPE_SHA224,
    SC_RSA_HASH_TYPE_SHA256,
    SC_RSA_HASH_TYPE_SHA384,
    SC_RSA_HASH_TYPE_SHA512
} sc_rsa_hash_type_t;

typedef struct {
// #if (defined(CONFIG_SYSTEM_SECURE) && defined(CONFIG_CSI_V2))
//   csi_rsa_context_t rsa_ctx;
// #else
    void *                 n;            ///< Pointer to the public modulus
    void *                 e;            ///< Pointer to the public exponent
    void *                 d;            ///< Pointer to the private exponent
    uint32_t     key_bits;               ///< RSA KEY BITS
    sc_rsa_padding_type_t padding_type;  ///< RSA PADDING TYPE
    sc_rsa_hash_type_t hash_type;
// #endif
} sc_rsa_context_t;

typedef struct {
    uint8_t busy  : 1; ///< Calculate busy flag
    uint8_t error : 1; ///< Calculate error flag
} sc_rsa_state_t;

typedef struct {
#ifdef CONFIG_SYSTEM_SECURE
#ifdef CONFIG_CSI_V1
  rsa_handle_t handle;
#endif /* CONFIG_CSI_V1 */
#ifdef CONFIG_CSI_V2
  csi_rsa_t csi_rsa;
#endif
#endif
#if defined(CONFIG_SEC_CRYPTO_RSA_SW)
    sc_mbedtls_rsa_context rsa_ctx;
#endif
  sc_rsa_key_bits_t bits;
} sc_rsa_t;

typedef enum {
    SC_RSA_EVENT_COMPLETE = 0, ///< rsa event completed
    SC_RSA_EVENT_VERIFY_SUCCESS,
    SC_RSA_EVENT_VERIFY_FAILED,
    SC_RSA_EVENT_ERROR,        ///< error event
} sc_rsa_event_t;

typedef void (*sc_rsa_callback_t)(sc_rsa_t *rsa, sc_rsa_event_t event,void *arg); ///< Pointer to \ref sc_rsa_callback_t : RSA Event call back.

sc_rsa_init

uint32_t sc_rsa_init(sc_rsa_t *rsa, uint32_t idx,sc_rsa_key_bits_t data_bits);

Initialize RSA Interface. 1. Initializes the resources needed for the RSA interface 2.registers event callback function.

Parameters [in] rsa rsa handle to operate. [in] idx device id [in] data_bits rsa bit width

Returns uint32_t

sc_rsa_uninit

void sc_rsa_uninit(sc_rsa_t *rsa);

De-initialize RSA Interface. stops operation and releases the software resources used by the interface.

Parameters [in] rsa rsa handle to operate.

Returns none

sc_rsa_attach_callback

uint32_t sc_rsa_attach_callback(sc_rsa_t *rsa, sc_rsa_callback_t cb, void *arg);

attach the callback handler to RSA.

Parameters [in] rsa rsa handle to operate. [in] cb callback function. [in] arg user can define it by himself as callback's param.

Returns error code

sc_rsa_detach_callback

void sc_rsa_detach_callback(sc_rsa_t *rsa);

detach the callback handler.

Parameters [in] rsa rsa handle to operate.

sc_rsa_gen_key

uint32_t sc_rsa_gen_key(sc_rsa_t *rsa, sc_rsa_context_t *context);

generate rsa key pair.

Parameters [in] rsa rsa handle to operate [out] context Pointer to the rsa context

Returns uint32_t

sc_rsa_encrypt

uint32_t sc_rsa_encrypt(sc_rsa_t *rsa, sc_rsa_context_t *context,
void *src,uint32_t src_size, void *out);

RSA encrypt.

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] out Pointer to the result buffer

Returns uint32_t

sc_rsa_decrypt

uint32_t sc_rsa_decrypt(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src,uint32_t src_size, void *out, uint32_t *out_size);

RSA decrypt.

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] out Pointer to the result buffer [out] out_size the result size

Returns uint32_t

sc_rsa_sign

uint32_t sc_rsa_sign(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src, uint32_t src_size,void *signature, sc_rsa_hash_type_t hash_type);

RSA sign.

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] signature Pointer to the signature [in] hash_type the source data hash type

Returns uint32_t

sc_rsa_verify

bool sc_rsa_verify(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src, uint32_t src_size,void *signature, uint32_t sig_size, sc_rsa_hash_type_t hash_type)

RSA verify

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [in] signature Pointer to the signature [in] sig_size the signature size [in] hash_type the source data hash type

Returns verify result

sc_rsa_encrypt_async

uint32_t sc_rsa_encrypt_async(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src,uint32_t src_size, void *out);

encrypt(async mode).

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] out Pointer to the result buffer

Returns uint32_t

sc_rsa_decrypt_async

uint32_t sc_rsa_decrypt_async(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src,uint32_t src_size, void *out, uint32_t *out_size);

decrypt(async mode).

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] out Pointer to the result buffer [out] out_size the result size

Returns uint32_t

sc_rsa_sign_async

uint32_t sc_rsa_sign_async(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src,uint32_t src_size, void *signature, sc_rsa_hash_type_t hash_type);

rsa sign(async mode).

Parameters [in] rsa rsa handle to operate. [in] context Pointer to the rsa context [in] src Pointer to the source data. [in] src_size the source data len [out] signature Pointer to the signature [in] hash_type the source data hash type

Returns uint32_t

sc_rsa_verify_async

uint32_t sc_rsa_verify_async(sc_rsa_t *rsa, sc_rsa_context_t *context, void *src,uint32_t src_size, void *signature, uint32_t sig_size,sc_rsa_hash_type_t hash_type);

rsa verify(async mode).

Parameters [in] rsa rsa handle to operate [in] context Pointer to the rsa context [in] src Pointer to the source data [in] src_size the source data len [in] signature Pointer to the signature [in] sig_size the signature size [in] hash_type the source data hash type

Returns verify result

sc_rsa_get_state

uint32_t sc_rsa_get_state(sc_rsa_t *rsa, sc_rsa_state_t *state);

Get RSA state.

Parameters [in] rsa rsa handle to operate [out] state rsa state sc_rsa_state_t

Returns uint32_t

sc_rsa_get_prime

uint32_t sc_rsa_get_prime(sc_rsa_t *rsa, void *p, uint32_t bit_length);

Get big prime data.

Parameters [in] rsa rsa handle to operate [in] p Pointer to the prime [in] bit_length Pointer to the prime bit length

Returns uint32_t

sc_rsa_get_prime

uint32_t sc_rsa_get_prime(sc_rsa_t *rsa, void *p, uint32_t bit_length);

Get big prime data.

Parameters [in] rsa rsa handle to operate [in] p Pointer to the prime [in] bit_length Pointer to the prime bit length

Returns uint32_t

sc_rsa_enable_pm

uint32_t sc_rsa_enable_pm(sc_rsa_t *rsa);

enable rsa power manage.

Parameters [in] rsa rsa handle to operate

Returns error code

sc_rsa_disable_pm

void sc_rsa_disable_pm(sc_rsa_t *rsa);

disable rsa power manage.

Parameters [in] rsa rsa handle to operate

RNG接口

sc_rng_get_multi_word

uint32_t sc_rng_get_multi_word(uint32_t *data, uint32_t num);

Get multword data from the TRNG engine.

Parameters [out] data Pointer to buffer with data get from TRNG [in] num Number of data items,uinit in uint32

Returns error code

sc_rng_get_single_word

uint32_t sc_rng_get_single_word(uint32_t *data);

Get single word data from the TRNG engine.

Parameters [out] data Pointer to buffer with data get from TRNG

Returns error code

ECC接口

ECC接口移植自开源micro-ecc项目,参考链接

https://github.com/kmackay/micro-ecc

results matching ""

    No results matching ""