Flipper Zero Firmware
Loading...
Searching...
No Matches
furi_hal_crypto.h
Go to the documentation of this file.
1
39#pragma once
40
41#include <stdbool.h>
42#include <stdint.h>
43#include <stddef.h>
44
45#ifdef __cplusplus
46extern "C" {
47#endif
48
50#define FURI_HAL_CRYPTO_ENCLAVE_MASTER_KEY_SLOT (0u)
51
53#define FURI_HAL_CRYPTO_ENCLAVE_FACTORY_KEY_SLOT_START (1u)
54#define FURI_HAL_CRYPTO_ENCLAVE_FACTORY_KEY_SLOT_END (10u)
55
57#define FURI_HAL_CRYPTO_ENCLAVE_UNIQUE_KEY_SLOT (11u)
58
60#define FURI_HAL_CRYPTO_ENCLAVE_USER_KEY_SLOT_START (12u)
61#define FURI_HAL_CRYPTO_ENCLAVE_USER_KEY_SLOT_END (100u)
62
64#define FURI_HAL_CRYPTO_ADVANCED_AVAIL 1
65
72
74typedef enum {
75 FuriHalCryptoKeySize128,
76 FuriHalCryptoKeySize256,
78
80typedef struct {
83 uint8_t* data;
85
92
94void furi_hal_crypto_init(void);
95
103bool furi_hal_crypto_enclave_verify(uint8_t* keys_nb, uint8_t* valid_keys_nb);
104
119bool furi_hal_crypto_enclave_ensure_key(uint8_t key_slot);
120
129
139bool furi_hal_crypto_enclave_load_key(uint8_t slot, const uint8_t* iv);
140
149bool furi_hal_crypto_enclave_unload_key(uint8_t slot);
150
160bool furi_hal_crypto_load_key(const uint8_t* key, const uint8_t* iv);
161
169
178bool furi_hal_crypto_encrypt(const uint8_t* input, uint8_t* output, size_t size);
179
188bool furi_hal_crypto_decrypt(const uint8_t* input, uint8_t* output, size_t size);
189
204 const uint8_t* key,
205 const uint8_t* iv,
206 const uint8_t* input,
207 uint8_t* output,
208 size_t length);
209
230 const uint8_t* key,
231 const uint8_t* iv,
232 const uint8_t* aad,
233 size_t aad_length,
234 const uint8_t* input,
235 uint8_t* output,
236 size_t length,
237 uint8_t* tag,
238 bool decrypt);
239
257 const uint8_t* key,
258 const uint8_t* iv,
259 const uint8_t* aad,
260 size_t aad_length,
261 const uint8_t* input,
262 uint8_t* output,
263 size_t length,
264 uint8_t* tag);
265
284 const uint8_t* key,
285 const uint8_t* iv,
286 const uint8_t* aad,
287 size_t aad_length,
288 const uint8_t* input,
289 uint8_t* output,
290 size_t length,
291 const uint8_t* tag);
292
293#ifdef __cplusplus
294}
295#endif
bool furi_hal_crypto_enclave_ensure_key(uint8_t key_slot)
Ensure that requested slot and slots before this slot contains keys.
Definition furi_hal_crypto.c:105
bool furi_hal_crypto_unload_key(void)
Unload key and de-init AES engine.
Definition furi_hal_crypto.c:309
FuriHalCryptoGCMState
FuriHalCryptoGCMState Result of a GCM operation.
Definition furi_hal_crypto.h:87
@ FuriHalCryptoGCMStateError
error during encryption/decryption
Definition furi_hal_crypto.h:89
@ FuriHalCryptoGCMStateOk
operation successful
Definition furi_hal_crypto.h:88
@ FuriHalCryptoGCMStateAuthFailure
tags do not match, auth failed
Definition furi_hal_crypto.h:90
FuriHalCryptoKeySize
FuriHalCryptoKey Size in bits.
Definition furi_hal_crypto.h:74
bool furi_hal_crypto_load_key(const uint8_t *key, const uint8_t *iv)
Init AES engine and load supplied key.
Definition furi_hal_crypto.c:297
void furi_hal_crypto_init(void)
Initialize cryptography layer(includes AES engines, PKA and RNG)
Definition furi_hal_crypto.c:83
bool furi_hal_crypto_decrypt(const uint8_t *input, uint8_t *output, size_t size)
Decrypt data.
Definition furi_hal_crypto.c:341
bool furi_hal_crypto_enclave_unload_key(uint8_t slot)
Unload key and deinit AES engine.
Definition furi_hal_crypto.c:281
bool furi_hal_crypto_enclave_verify(uint8_t *keys_nb, uint8_t *valid_keys_nb)
Verify factory provisioned keys.
Definition furi_hal_crypto.c:131
bool furi_hal_crypto_gcm(const uint8_t *key, const uint8_t *iv, const uint8_t *aad, size_t aad_length, const uint8_t *input, uint8_t *output, size_t length, uint8_t *tag, bool decrypt)
Encrypt/decrypt the input using AES-GCM.
Definition furi_hal_crypto.c:637
bool furi_hal_crypto_enclave_store_key(FuriHalCryptoKey *key, uint8_t *slot)
Store key in crypto enclave.
Definition furi_hal_crypto.c:157
FuriHalCryptoGCMState furi_hal_crypto_gcm_encrypt_and_tag(const uint8_t *key, const uint8_t *iv, const uint8_t *aad, size_t aad_length, const uint8_t *input, uint8_t *output, size_t length, uint8_t *tag)
Encrypt the input using AES-GCM and generate a tag.
Definition furi_hal_crypto.c:692
bool furi_hal_crypto_ctr(const uint8_t *key, const uint8_t *iv, const uint8_t *input, uint8_t *output, size_t length)
Encrypt the input using AES-CTR.
Definition furi_hal_crypto.c:495
bool furi_hal_crypto_enclave_load_key(uint8_t slot, const uint8_t *iv)
Init AES engine and load key from crypto enclave.
Definition furi_hal_crypto.c:258
bool furi_hal_crypto_encrypt(const uint8_t *input, uint8_t *output, size_t size)
Encrypt data.
Definition furi_hal_crypto.c:318
FuriHalCryptoKeyType
FuriHalCryptoKey Type.
Definition furi_hal_crypto.h:67
@ FuriHalCryptoKeyTypeMaster
Master key.
Definition furi_hal_crypto.h:68
@ FuriHalCryptoKeyTypeSimple
Simple unencrypted key.
Definition furi_hal_crypto.h:69
@ FuriHalCryptoKeyTypeEncrypted
Encrypted with Master key.
Definition furi_hal_crypto.h:70
FuriHalCryptoGCMState furi_hal_crypto_gcm_decrypt_and_verify(const uint8_t *key, const uint8_t *iv, const uint8_t *aad, size_t aad_length, const uint8_t *input, uint8_t *output, size_t length, const uint8_t *tag)
Decrypt the input using AES-GCM and verify the provided tag.
Definition furi_hal_crypto.c:710
FuriHalCryptoKey.
Definition furi_hal_crypto.h:80