nordic-dev.net/embassy
2
0
Fork 0
mirror of https://github.com/embassy-rs/embassy.git synced 2024-11-25 08:12:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2619 from caleb-garrett/cryp

Browse Source 
STM32 Crypto Accelerator
This commit is contained in:
Dario Nieuwenhuis 2024-03-01 19:35:57 +00:00 committed by GitHub
commit d5c9c611fa
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 1513 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
embassy-stm32/Cargo.toml
View File

@ -70,7 +70,7 @@ rand_core = "0.6.3"
sdio-host = "0.5.0"
critical-section = "1.1"
#stm32-metapac = { version = "15" }
stm32-metapac = { git = "https://github.com/embassy-rs/stm32-data-generated", tag = "stm32-data-4a0bcec33362449fb733c066936d25cbabab396a" }
stm32-metapac = { git = "https://github.com/embassy-rs/stm32-data-generated", tag = "stm32-data-d7462d805ef05892531a83cd9ad60c9cba568d54" }
vcell = "0.1.3"
bxcan = "0.7.0"
nb = "1.0.0"
@ -94,7 +94,7 @@ critical-section = { version = "1.1", features = ["std"] }
proc-macro2 = "1.0.36"
quote = "1.0.15"
#stm32-metapac = { version = "15", default-features = false, features = ["metadata"]}
stm32-metapac = { git = "https://github.com/embassy-rs/stm32-data-generated", tag = "stm32-data-4a0bcec33362449fb733c066936d25cbabab396a", default-features = false, features = ["metadata"]}
stm32-metapac = { git = "https://github.com/embassy-rs/stm32-data-generated", tag = "stm32-data-d7462d805ef05892531a83cd9ad60c9cba568d54", default-features = false, features = ["metadata"]}
[features]

1356
embassy-stm32/src/cryp/mod.rs Normal file
View File

File diff suppressed because it is too large Load Diff

2
embassy-stm32/src/lib.rs
View File

@ -34,6 +34,8 @@ pub mod adc;
pub mod can;
#[cfg(crc)]
pub mod crc;
#[cfg(cryp)]
pub mod cryp;
#[cfg(dac)]
pub mod dac;
#[cfg(dcmi)]

1
examples/stm32f7/Cargo.toml
View File

@ -30,6 +30,7 @@ embedded-storage = "0.3.1"
static_cell = "2"
sha2 = { version = "0.10.8", default-features = false }
hmac = "0.12.1"
aes-gcm = {version = "0.10.3", default-features = false, features = ["aes", "heapless"] }
[profile.release]
debug = 2

74
examples/stm32f7/src/bin/cryp.rs Normal file
View File

@ -0,0 +1,74 @@
#![no_std]
#![no_main]
use aes_gcm::aead::heapless::Vec;
use aes_gcm::aead::{AeadInPlace, KeyInit};
use aes_gcm::Aes128Gcm;
use defmt::info;
use embassy_executor::Spawner;
use embassy_stm32::cryp::*;
use embassy_stm32::Config;
use embassy_time::Instant;
use {defmt_rtt as _, panic_probe as _};
#[embassy_executor::main]
async fn main(_spawner: Spawner) -> ! {
let config = Config::default();
let p = embassy_stm32::init(config);
let payload: &[u8] = b"hello world";
let aad: &[u8] = b"additional data";
let hw_cryp = Cryp::new(p.CRYP);
let key: [u8; 16] = [0; 16];
let mut ciphertext: [u8; 11] = [0; 11];
let mut plaintext: [u8; 11] = [0; 11];
let iv: [u8; 12] = [0; 12];
let hw_start_time = Instant::now();
// Encrypt in hardware using AES-GCM 128-bit
let aes_gcm = AesGcm::new(&key, &iv);
let mut gcm_encrypt = hw_cryp.start(&aes_gcm, Direction::Encrypt);
hw_cryp.aad_blocking(&mut gcm_encrypt, aad, true);
hw_cryp.payload_blocking(&mut gcm_encrypt, payload, &mut ciphertext, true);
let encrypt_tag = hw_cryp.finish_blocking(gcm_encrypt);
// Decrypt in hardware using AES-GCM 128-bit
let mut gcm_decrypt = hw_cryp.start(&aes_gcm, Direction::Decrypt);
hw_cryp.aad_blocking(&mut gcm_decrypt, aad, true);
hw_cryp.payload_blocking(&mut gcm_decrypt, &ciphertext, &mut plaintext, true);
let decrypt_tag = hw_cryp.finish_blocking(gcm_decrypt);
let hw_end_time = Instant::now();
let hw_execution_time = hw_end_time - hw_start_time;
info!("AES-GCM Ciphertext: {:?}", ciphertext);
info!("AES-GCM Plaintext: {:?}", plaintext);
assert_eq!(payload, plaintext);
assert_eq!(encrypt_tag, decrypt_tag);
let sw_start_time = Instant::now();
// Encrypt in software using AES-GCM 128-bit
let mut payload_vec: Vec<u8, 32> = Vec::from_slice(&payload).unwrap();
let cipher = Aes128Gcm::new(&key.into());
let _ = cipher.encrypt_in_place(&iv.into(), aad.into(), &mut payload_vec);
assert_eq!(ciphertext, payload_vec[0..ciphertext.len()]);
assert_eq!(
encrypt_tag,
payload_vec[ciphertext.len()..ciphertext.len() + encrypt_tag.len()]
);
// Decrypt in software using AES-GCM 128-bit
let _ = cipher.decrypt_in_place(&iv.into(), aad.into(), &mut payload_vec);
let sw_end_time = Instant::now();
let sw_execution_time = sw_end_time - sw_start_time;
info!("Hardware Execution Time: {:?}", hw_execution_time);
info!("Software Execution Time: {:?}", sw_execution_time);
loop {}
}

11
tests/stm32/Cargo.toml
View File

@ -16,8 +16,8 @@ stm32f767zi = ["embassy-stm32/stm32f767zi", "chrono", "not-gpdma", "eth", "rng"]
stm32g071rb = ["embassy-stm32/stm32g071rb", "cm0", "not-gpdma", "dac"]
stm32g491re = ["embassy-stm32/stm32g491re", "chrono", "stop", "not-gpdma", "rng", "fdcan"]
stm32h563zi = ["embassy-stm32/stm32h563zi", "chrono", "eth", "rng", "hash"]
stm32h753zi = ["embassy-stm32/stm32h753zi", "chrono", "not-gpdma", "eth", "rng", "fdcan", "hash"]
stm32h755zi = ["embassy-stm32/stm32h755zi-cm7", "chrono", "not-gpdma", "eth", "dac", "rng", "fdcan", "hash"]
stm32h753zi = ["embassy-stm32/stm32h753zi", "chrono", "not-gpdma", "eth", "rng", "fdcan", "hash", "cryp"]
stm32h755zi = ["embassy-stm32/stm32h755zi-cm7", "chrono", "not-gpdma", "eth", "dac", "rng", "fdcan", "hash", "cryp"]
stm32h7a3zi = ["embassy-stm32/stm32h7a3zi", "not-gpdma", "rng", "fdcan"]
stm32l073rz = ["embassy-stm32/stm32l073rz", "cm0", "not-gpdma", "rng"]
stm32l152re = ["embassy-stm32/stm32l152re", "chrono", "not-gpdma"]
@ -33,6 +33,7 @@ stm32wl55jc = ["embassy-stm32/stm32wl55jc-cm4", "not-gpdma", "rng", "chrono"]
stm32f091rc = ["embassy-stm32/stm32f091rc", "cm0", "not-gpdma", "chrono"]
stm32h503rb = ["embassy-stm32/stm32h503rb", "rng"]
cryp = []
hash = []
eth = ["embassy-executor/task-arena-size-16384"]
rng = []
@ -80,6 +81,7 @@ portable-atomic = { version = "1.5", features = [] }
chrono = { version = "^0.4", default-features = false, optional = true}
sha2 = { version = "0.10.8", default-features = false }
hmac = "0.12.1"
aes-gcm = {version = "0.10.3", default-features = false, features = ["aes", "heapless"] }
# BEGIN TESTS
# Generated by gen_test.py. DO NOT EDIT.
@ -88,6 +90,11 @@ name = "can"
path = "src/bin/can.rs"
required-features = [ "can",]
[[bin]]
name = "cryp"
path = "src/bin/cryp.rs"
required-features = [ "cryp",]
[[bin]]
name = "dac"
path = "src/bin/dac.rs"

69
tests/stm32/src/bin/cryp.rs Normal file
View File

@ -0,0 +1,69 @@
// required-features: cryp
#![no_std]
#![no_main]
#[path = "../common.rs"]
mod common;
use aes_gcm::aead::heapless::Vec;
use aes_gcm::aead::{AeadInPlace, KeyInit};
use aes_gcm::Aes128Gcm;
use common::*;
use embassy_executor::Spawner;
use embassy_stm32::cryp::*;
use {defmt_rtt as _, panic_probe as _};
#[embassy_executor::main]
async fn main(_spawner: Spawner) {
let p: embassy_stm32::Peripherals = embassy_stm32::init(config());
const PAYLOAD1: &[u8] = b"payload data 1 ;zdfhzdfhS;GKJASBDG;ASKDJBAL,zdfhzdfhzdfhzdfhvljhb,jhbjhb,sdhsdghsdhsfhsghzdfhzdfhzdfhzdfdhsdthsthsdhsgaadfhhgkdgfuoyguoft6783567";
const PAYLOAD2: &[u8] = b"payload data 2 ;SKEzdfhzdfhzbhgvljhb,jhbjhb,sdhsdghsdhsfhsghshsfhshstsdthadfhsdfjhsfgjsfgjxfgjzdhgDFghSDGHjtfjtjszftjzsdtjhstdsdhsdhsdhsdhsdthsthsdhsgfh";
const AAD1: &[u8] = b"additional data 1 stdargadrhaethaethjatjatjaetjartjstrjsfkk;'jopofyuisrteytweTASTUIKFUKIXTRDTEREharhaeryhaterjartjarthaethjrtjarthaetrhartjatejatrjsrtjartjyt1";
const AAD2: &[u8] = b"additional data 2 stdhthsthsthsrthsrthsrtjdykjdukdyuldadfhsdghsdghsdghsadghjk'hioethjrtjarthaetrhartjatecfgjhzdfhgzdfhzdfghzdfhzdfhzfhjatrjsrtjartjytjfytjfyg";
let hw_cryp = Cryp::new(p.CRYP);
let key: [u8; 16] = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
let mut ciphertext: [u8; PAYLOAD1.len() + PAYLOAD2.len()] = [0; PAYLOAD1.len() + PAYLOAD2.len()];
let mut plaintext: [u8; PAYLOAD1.len() + PAYLOAD2.len()] = [0; PAYLOAD1.len() + PAYLOAD2.len()];
let iv: [u8; 12] = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12];
// Encrypt in hardware using AES-GCM 128-bit
let aes_gcm = AesGcm::new(&key, &iv);
let mut gcm_encrypt = hw_cryp.start(&aes_gcm, Direction::Encrypt);
hw_cryp.aad_blocking(&mut gcm_encrypt, AAD1, false);
hw_cryp.aad_blocking(&mut gcm_encrypt, AAD2, true);
hw_cryp.payload_blocking(&mut gcm_encrypt, PAYLOAD1, &mut ciphertext[..PAYLOAD1.len()], false);
hw_cryp.payload_blocking(&mut gcm_encrypt, PAYLOAD2, &mut ciphertext[PAYLOAD1.len()..], true);
let encrypt_tag = hw_cryp.finish_blocking(gcm_encrypt);
// Decrypt in hardware using AES-GCM 128-bit
let mut gcm_decrypt = hw_cryp.start(&aes_gcm, Direction::Decrypt);
hw_cryp.aad_blocking(&mut gcm_decrypt, AAD1, false);
hw_cryp.aad_blocking(&mut gcm_decrypt, AAD2, true);
hw_cryp.payload_blocking(&mut gcm_decrypt, &ciphertext, &mut plaintext, true);
let decrypt_tag = hw_cryp.finish_blocking(gcm_decrypt);
info!("AES-GCM Ciphertext: {:?}", ciphertext);
info!("AES-GCM Plaintext: {:?}", plaintext);
defmt::assert!(PAYLOAD1 == &plaintext[..PAYLOAD1.len()]);
defmt::assert!(PAYLOAD2 == &plaintext[PAYLOAD1.len()..]);
defmt::assert!(encrypt_tag == decrypt_tag);
// Encrypt in software using AES-GCM 128-bit
let mut payload_vec: Vec<u8, { PAYLOAD1.len() + PAYLOAD2.len() + 16 }> = Vec::from_slice(&PAYLOAD1).unwrap();
payload_vec.extend_from_slice(&PAYLOAD2).unwrap();
let cipher = Aes128Gcm::new(&key.into());
let mut aad: Vec<u8, { AAD1.len() + AAD2.len() }> = Vec::from_slice(&AAD1).unwrap();
aad.extend_from_slice(&AAD2).unwrap();
let _ = cipher.encrypt_in_place(&iv.into(), &aad, &mut payload_vec);
defmt::assert!(ciphertext == payload_vec[0..ciphertext.len()]);
defmt::assert!(encrypt_tag == payload_vec[ciphertext.len()..ciphertext.len() + encrypt_tag.len()]);
// Decrypt in software using AES-GCM 128-bit
let _ = cipher.decrypt_in_place(&iv.into(), &aad, &mut payload_vec);
info!("Test OK");
cortex_m::asm::bkpt();
}