Contiki-NG
aes.c
Go to the documentation of this file.
1 /*
2  * Original file:
3  * Copyright (C) 2012 Texas Instruments Incorporated - http://www.ti.com/
4  * All rights reserved.
5  *
6  * Port to Contiki:
7  * Copyright (c) 2013, ADVANSEE - http://www.advansee.com/
8  * All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  * notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  * notice, this list of conditions and the following disclaimer in the
17  * documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the copyright holder nor the names of its
20  * contributors may be used to endorse or promote products derived
21  * from this software without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
26  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
27  * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
28  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
30  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
32  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
34  * OF THE POSSIBILITY OF SUCH DAMAGE.
35  */
36 /**
37  * \addtogroup cc2538-aes
38  * @{
39  *
40  * \file
41  * Implementation of the cc2538 AES driver
42  */
43 #include "contiki.h"
44 #include "dev/rom-util.h"
45 #include "dev/nvic.h"
46 #include "dev/aes.h"
47 #include "reg.h"
48 
49 #include <stdbool.h>
50 #include <stdint.h>
51 /*---------------------------------------------------------------------------*/
52 uint8_t
53 aes_load_keys(const void *keys, uint8_t key_size, uint8_t count,
54  uint8_t start_area)
55 {
56  uint32_t aes_key_store_size;
57  uint32_t areas;
58  uint64_t aligned_keys[AES_KEY_AREAS * 128 / 8 / sizeof(uint64_t)];
59  int i;
60 
61  if(REG(AES_CTRL_ALG_SEL) != 0x00000000) {
62  return CRYPTO_RESOURCE_IN_USE;
63  }
64 
65  /* 192-bit keys must be padded to 256 bits */
66  if(key_size == AES_KEY_STORE_SIZE_KEY_SIZE_192) {
67  for(i = 0; i < count; i++) {
68  rom_util_memcpy(&aligned_keys[i << 2], &((const uint64_t *)keys)[i * 3],
69  192 / 8);
70  aligned_keys[(i << 2) + 3] = 0;
71  }
72  }
73 
74  /* Change count to the number of 128-bit key areas */
75  if(key_size != AES_KEY_STORE_SIZE_KEY_SIZE_128) {
76  count <<= 1;
77  }
78 
79  /* The keys base address needs to be 4-byte aligned */
80  if(key_size != AES_KEY_STORE_SIZE_KEY_SIZE_192) {
81  rom_util_memcpy(aligned_keys, keys, count << 4);
82  }
83 
84  /* Workaround for AES registers not retained after PM2 */
88 
89  /* Configure master control module */
91 
92  /* Clear any outstanding events */
95 
96  /* Configure key store module (areas, size)
97  * Note that writing AES_KEY_STORE_SIZE deletes all stored keys */
98  aes_key_store_size = REG(AES_KEY_STORE_SIZE);
99  if((aes_key_store_size & AES_KEY_STORE_SIZE_KEY_SIZE_M) != key_size) {
100  REG(AES_KEY_STORE_SIZE) = (aes_key_store_size &
101  ~AES_KEY_STORE_SIZE_KEY_SIZE_M) | key_size;
102  }
103 
104  /* Free possibly already occupied key areas */
105  areas = ((0x00000001 << count) - 1) << start_area;
106  REG(AES_KEY_STORE_WRITTEN_AREA) = areas;
107 
108  /* Enable key areas to write */
109  REG(AES_KEY_STORE_WRITE_AREA) = areas;
110 
111  /* Configure DMAC
112  * Enable DMA channel 0 */
114 
115  /* Base address of the keys in ext. memory */
116  REG(AES_DMAC_CH0_EXTADDR) = (uint32_t)aligned_keys;
117 
118  /* Total keys length in bytes (e.g. 16 for 1 x 128-bit key) */
121  (count << (4 + AES_DMAC_CH_DMALENGTH_DMALEN_S));
122 
123  /* Wait for operation to complete */
125 
126  /* Check for absence of errors in DMA and key store */
129  /* Disable master control / DMA clock */
130  REG(AES_CTRL_ALG_SEL) = 0x00000000;
131  return CRYPTO_DMA_BUS_ERROR;
132  }
135  /* Disable master control / DMA clock */
136  REG(AES_CTRL_ALG_SEL) = 0x00000000;
137  return AES_KEYSTORE_WRITE_ERROR;
138  }
139 
140  /* Acknowledge the interrupt */
143 
144  /* Disable master control / DMA clock */
145  REG(AES_CTRL_ALG_SEL) = 0x00000000;
146 
147  /* Check status, if error return error code */
148  if((REG(AES_KEY_STORE_WRITTEN_AREA) & areas) != areas) {
149  return AES_KEYSTORE_WRITE_ERROR;
150  }
151 
152  return CRYPTO_SUCCESS;
153 }
154 /*---------------------------------------------------------------------------*/
155 uint8_t
156 aes_auth_crypt_start(uint32_t ctrl, uint8_t key_area, const void *iv,
157  const void *adata, uint16_t adata_len,
158  const void *data_in, void *data_out, uint16_t data_len,
159  struct process *process)
160 {
161  if(REG(AES_CTRL_ALG_SEL) != 0x00000000) {
162  return CRYPTO_RESOURCE_IN_USE;
163  }
164 
165  /* Workaround for AES registers not retained after PM2 */
169 
173 
174  REG(AES_KEY_STORE_READ_AREA) = key_area;
175 
176  /* Wait until key is loaded to the AES module */
178 
179  /* Check for Key Store read error */
181  /* Clear the Keystore Read error bit */
183  /* Disable the master control / DMA clock */
184  REG(AES_CTRL_ALG_SEL) = 0x00000000;
185  return AES_KEYSTORE_READ_ERROR;
186  }
187 
188  if(iv != NULL) {
189  /* Write initialization vector */
190  REG(AES_AES_IV_0) = ((const uint32_t *)iv)[0];
191  REG(AES_AES_IV_1) = ((const uint32_t *)iv)[1];
192  REG(AES_AES_IV_2) = ((const uint32_t *)iv)[2];
193  REG(AES_AES_IV_3) = ((const uint32_t *)iv)[3];
194  }
195 
196  /* Program AES authentication/crypto operation */
197  REG(AES_AES_CTRL) = ctrl;
198 
199  /* Write the length of the payload block (lo) */
200  REG(AES_AES_C_LENGTH_0) = data_len;
201  /* Write the length of the payload block (hi) */
202  REG(AES_AES_C_LENGTH_1) = 0;
203 
204  /* For combined modes only (CCM or GCM) */
205  if(ctrl & (AES_AES_CTRL_CCM | AES_AES_CTRL_GCM)) {
206  /* Write the length of the AAD data block (may be non-block size-aligned) */
207  REG(AES_AES_AUTH_LENGTH) = adata_len;
208 
209  if(adata_len != 0) {
210  /* Configure DMAC to fetch the AAD data
211  * Enable DMA channel 0 */
213  /* Base address of the AAD data buffer */
214  REG(AES_DMAC_CH0_EXTADDR) = (uint32_t)adata;
215  /* AAD data length in bytes */
216  REG(AES_DMAC_CH0_DMALENGTH) = adata_len;
217 
218  /* Wait for completion of the AAD data transfer, DMA_IN_DONE */
220 
221  /* Check for the absence of error */
223  /* Clear the DMA error */
225  /* Disable the master control / DMA clock */
226  REG(AES_CTRL_ALG_SEL) = 0x00000000;
227  return CRYPTO_DMA_BUS_ERROR;
228  }
229 
230  /* Clear interrupt status */
232  }
233  }
234 
235  /* Enable result available bit in interrupt enable */
237 
238  if(process != NULL) {
242  }
243 
244  if(data_len != 0) {
245  /* Configure DMAC
246  * Enable DMA channel 0 */
248  /* Base address of the input payload data buffer */
249  REG(AES_DMAC_CH0_EXTADDR) = (uint32_t)data_in;
250  /* Input payload data length in bytes */
251  REG(AES_DMAC_CH0_DMALENGTH) = data_len;
252 
253  if(data_out != NULL) {
254  /* Enable DMA channel 1 */
256  /* Base address of the output payload data buffer */
257  REG(AES_DMAC_CH1_EXTADDR) = (uint32_t)data_out;
258  /* Output payload data length in bytes */
259  REG(AES_DMAC_CH1_DMALENGTH) = data_len;
260  }
261  }
262 
263  return CRYPTO_SUCCESS;
264 }
265 /*---------------------------------------------------------------------------*/
266 uint8_t
268 {
269  return !!(REG(AES_CTRL_INT_STAT) &
272 }
273 /*---------------------------------------------------------------------------*/
274 uint8_t
275 aes_auth_crypt_get_result(void *iv, void *tag)
276 {
277  uint32_t aes_ctrl_int_stat;
278 
279  aes_ctrl_int_stat = REG(AES_CTRL_INT_STAT);
280  /* Clear the error bits */
284 
287 
288  /* Disable the master control / DMA clock */
289  REG(AES_CTRL_ALG_SEL) = 0x00000000;
290 
291  if(aes_ctrl_int_stat & AES_CTRL_INT_STAT_DMA_BUS_ERR) {
292  return CRYPTO_DMA_BUS_ERROR;
293  }
294  if(aes_ctrl_int_stat & AES_CTRL_INT_STAT_KEY_ST_WR_ERR) {
295  return AES_KEYSTORE_WRITE_ERROR;
296  }
297  if(aes_ctrl_int_stat & AES_CTRL_INT_STAT_KEY_ST_RD_ERR) {
298  return AES_KEYSTORE_READ_ERROR;
299  }
300 
301  if(iv != NULL || tag != NULL) {
302  /* Read result
303  * Wait for the context ready bit */
305 
306  if(iv != NULL) {
307  /* Read the initialization vector registers */
308  ((uint32_t *)iv)[0] = REG(AES_AES_IV_0);
309  ((uint32_t *)iv)[1] = REG(AES_AES_IV_1);
310  ((uint32_t *)iv)[2] = REG(AES_AES_IV_2);
311  ((uint32_t *)iv)[3] = REG(AES_AES_IV_3);
312  }
313 
314  if(tag != NULL) {
315  /* Read the tag registers */
316  ((uint32_t *)tag)[0] = REG(AES_AES_TAG_OUT_0);
317  ((uint32_t *)tag)[1] = REG(AES_AES_TAG_OUT_1);
318  ((uint32_t *)tag)[2] = REG(AES_AES_TAG_OUT_2);
319  ((uint32_t *)tag)[3] = REG(AES_AES_TAG_OUT_3);
320  }
321  }
322 
323  /* Clear the interrupt status */
326 
327  return CRYPTO_SUCCESS;
328 }
329 
330 /** @} */
#define AES_DMAC_CH0_CTRL
Channel 0 control.
Definition: aes.h:60
Header file for the ARM Nested Vectored Interrupt Controller.
#define AES_KEY_STORE_READ_AREA
Key store read area.
Definition: aes.h:77
#define AES_AES_CTRL_CCM
AES-CCM mode.
Definition: aes.h:279
#define AES_KEY_STORE_SIZE
Key store size.
Definition: aes.h:76
uint8_t aes_auth_crypt_get_result(void *iv, void *tag)
Gets the result of the AES authentication/crypto operation.
Definition: aes.c:275
#define AES_KEY_STORE_SIZE_KEY_SIZE_128
Key size: 128 bits.
Definition: aes.h:247
#define AES_AES_CTRL
AES input/output buffer control and mode.
Definition: aes.h:90
#define AES_CTRL_ALG_SEL_AES
Select AES engine as DMA source/destination.
Definition: aes.h:344
#define AES_KEY_STORE_SIZE_KEY_SIZE_M
Key size mask.
Definition: aes.h:250
Header file with register manipulation macro definitions.
#define AES_AES_C_LENGTH_1
AES crypto length (MSW)
Definition: aes.h:92
#define AES_AES_IV_3
AES initialization vector.
Definition: aes.h:89
#define AES_CTRL_INT_STAT_DMA_BUS_ERR
DMA bus error detected.
Definition: aes.h:405
#define AES_AES_IV_2
AES initialization vector.
Definition: aes.h:88
#define AES_CTRL_INT_CLR_DMA_BUS_ERR
Clear DMA bus error status.
Definition: aes.h:381
#define AES_CTRL_ALG_SEL_KEYSTORE
Select Key Store as DMA destination.
Definition: aes.h:345
#define AES_KEY_STORE_WRITE_AREA
Key store write area.
Definition: aes.h:72
__STATIC_INLINE void NVIC_DisableIRQ(IRQn_Type IRQn)
Disable External Interrupt.
Definition: core_cm0.h:653
#define AES_DMAC_CH1_CTRL
Channel 1 control.
Definition: aes.h:65
uint8_t aes_auth_crypt_start(uint32_t ctrl, uint8_t key_area, const void *iv, const void *adata, uint16_t adata_len, const void *data_in, void *data_out, uint16_t data_len, struct process *process)
Starts an AES authentication/crypto operation.
Definition: aes.c:156
__STATIC_INLINE void NVIC_EnableIRQ(IRQn_Type IRQn)
Enable External Interrupt.
Definition: core_cm0.h:642
#define AES_CTRL_INT_STAT_RESULT_AV
Result available interrupt status.
Definition: aes.h:413
#define AES_CTRL_INT_CLR_RESULT_AV
Clear result available interrupt.
Definition: aes.h:389
#define AES_AES_AUTH_LENGTH
Authentication length.
Definition: aes.h:93
#define AES_CTRL_INT_CLR_DMA_IN_DONE
Clear DMA in done interrupt.
Definition: aes.h:387
#define AES_AES_C_LENGTH_0
AES crypto length (LSW)
Definition: aes.h:91
#define AES_CTRL_INT_STAT_KEY_ST_RD_ERR
Read error detected.
Definition: aes.h:409
Header file for the cc2538 AES driver.
#define AES_CTRL_INT_CFG_LEVEL
Level interrupt type.
Definition: aes.h:366
#define AES_CTRL_ALG_SEL
Algorithm select.
Definition: aes.h:130
#define AES_AES_TAG_OUT_3
TAG.
Definition: aes.h:101
#define AES_CTRL_INT_CLR
Interrupt clear.
Definition: aes.h:135
#define AES_KEY_STORE_READ_AREA_BUSY
Key store operation busy.
Definition: aes.h:258
#define AES_CTRL_INT_EN_RESULT_AV
Result available interrupt enabled.
Definition: aes.h:374
#define AES_CTRL_INT_EN_DMA_IN_DONE
DMA input done interrupt enabled.
Definition: aes.h:372
__STATIC_INLINE void NVIC_ClearPendingIRQ(IRQn_Type IRQn)
Clear Pending Interrupt.
Definition: core_cm0.h:688
#define AES_CTRL_INT_STAT_DMA_IN_DONE
DMA data in done interrupt status.
Definition: aes.h:411
#define AES_DMAC_CH0_EXTADDR
Channel 0 external address.
Definition: aes.h:61
#define AES_DMAC_CH1_DMALENGTH
Channel 1 DMA length.
Definition: aes.h:67
#define AES_DMAC_CH_DMALENGTH_DMALEN_M
Channel DMA length in bytes mask.
Definition: aes.h:152
#define AES_DMAC_CH_DMALENGTH_DMALEN_S
Channel DMA length in bytes shift.
Definition: aes.h:154
#define AES_AES_TAG_OUT_0
TAG.
Definition: aes.h:98
#define AES_CTRL_INT_EN
Interrupt enable.
Definition: aes.h:134
#define AES_DMAC_CH0_DMALENGTH
Channel 0 DMA length.
Definition: aes.h:62
uint8_t aes_auth_crypt_check_status(void)
Checks the status of the AES authentication/crypto operation.
Definition: aes.c:267
#define AES_AES_CTRL_GCM
AES-GCM mode.
Definition: aes.h:280
#define AES_CTRL_INT_STAT
Interrupt status.
Definition: aes.h:137
uint8_t aes_load_keys(const void *keys, uint8_t key_size, uint8_t count, uint8_t start_area)
Writes keys into the Key RAM.
Definition: aes.c:53
#define AES_CTRL_INT_STAT_KEY_ST_WR_ERR
Write error detected.
Definition: aes.h:407
Header file for the cc2538 ROM utility function library driver.
#define AES_DMAC_CH_CTRL_EN
Channel enable.
Definition: aes.h:146
#define AES_AES_IV_0
AES initialization vector.
Definition: aes.h:86
#define AES_KEY_STORE_SIZE_KEY_SIZE_192
Key size: 192 bits.
Definition: aes.h:248
#define AES_DMAC_CH1_EXTADDR
Channel 1 external address.
Definition: aes.h:66
#define AES_AES_TAG_OUT_2
TAG.
Definition: aes.h:100
AES Interrupt.
Definition: cc2538_cm3.h:111
#define AES_AES_IV_1
AES initialization vector.
Definition: aes.h:87
#define AES_CTRL_INT_CFG
Interrupt configuration.
Definition: aes.h:133
#define AES_AES_CTRL_SAVED_CONTEXT_READY
AES auth.
Definition: aes.h:271
#define AES_CTRL_INT_CLR_KEY_ST_RD_ERR
Clear key store read error status.
Definition: aes.h:385
#define AES_AES_TAG_OUT_1
TAG.
Definition: aes.h:99
#define AES_KEY_STORE_WRITTEN_AREA
Key store written area.
Definition: aes.h:74
void crypto_register_process_notification(struct process *p)
Registers a process to be notified of the completion of a crypto operation.
Definition: crypto.c:110
#define AES_CTRL_INT_CLR_KEY_ST_WR_ERR
Clear key store write error status.
Definition: aes.h:383