-
-
Notifications
You must be signed in to change notification settings - Fork 94
Crypt module #549
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Crypt module #549
Changes from all commits
Commits
Show all changes
12 commits
Select commit
Hold shift + click to select a range
f9c3622
Update crypt functions to have a C style interface
KenVanHoeylandt 757115a
Moved cryptography functions into a separate module and improved secu…
KenVanHoeylandt 93984b5
Add crypt-module tests
KenVanHoeylandt 3396097
Fixes
KenVanHoeylandt ec86e7a
Merge branch 'main' into crypt-module
KenVanHoeylandt fd19928
Remove build files
KenVanHoeylandt e280505
Logging fixes
KenVanHoeylandt 3ba0df0
gitignore build-* folders
KenVanHoeylandt 719abe8
Improve IV functions
KenVanHoeylandt 39f3a21
Fix
KenVanHoeylandt 39e3017
Add crypt module to SDK
KenVanHoeylandt 2fb4bbb
Add symbols to crypt-module
KenVanHoeylandt File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,6 +3,7 @@ | |
|
|
||
| build/ | ||
| buildsim/ | ||
| build-*/ | ||
| cmake-*/ | ||
| CMakeCache.txt | ||
| *.cbp | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| cmake_minimum_required(VERSION 3.20) | ||
|
|
||
| include("${CMAKE_CURRENT_LIST_DIR}/../../Buildscripts/module.cmake") | ||
|
|
||
| file(GLOB_RECURSE SOURCE_FILES "source/*.c*") | ||
|
|
||
| list(APPEND REQUIRES_LIST | ||
| TactilityKernel | ||
| mbedtls | ||
| ) | ||
|
|
||
| if (DEFINED ENV{ESP_IDF_VERSION}) | ||
| list(APPEND REQUIRES_LIST | ||
| nvs_flash | ||
| esp_hw_support | ||
| esp_rom | ||
| ) | ||
| endif () | ||
|
|
||
| tactility_add_module(crypt-module | ||
| SRCS ${SOURCE_FILES} | ||
| INCLUDE_DIRS include/ | ||
| REQUIRES ${REQUIRES_LIST} | ||
| ) | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| // SPDX-License-Identifier: Apache-2.0 | ||
| /** @file crypt.h | ||
| * | ||
| * @brief Encryption helper functions. | ||
| * | ||
| * Offers AES 256 CBC encryption with built-in key. | ||
| * The key is built from data including: | ||
| * - the internal factory MAC address | ||
| * - random data stored in NVS | ||
| * | ||
| * It's important to use flash encryption to avoid an attacker to get | ||
| * access to your encrypted data. If flash encryption is disabled, | ||
| * someone can fetch the key from the partitions. | ||
| * | ||
| * See: | ||
| * https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html | ||
| * https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html | ||
| */ | ||
| #pragma once | ||
|
|
||
| #include <stddef.h> | ||
| #include <stdint.h> | ||
|
|
||
| #ifdef __cplusplus | ||
| extern "C" { | ||
| #endif | ||
|
|
||
| /** | ||
| * @brief Deterministically derives an IV from the given data (the first 16 bytes of its SHA-256 hash). | ||
| * | ||
| * Calling this again with the same data always produces the same IV - use this when there's nowhere | ||
| * to store a per-encryption IV alongside the ciphertext, and the caller can supply the same associated | ||
| * data (e.g. an identifier that's known at both encrypt and decrypt time, not the secret itself) on both | ||
| * ends. Because the IV doesn't change between encryptions with the same associated data, encrypting the | ||
| * same plaintext twice produces the same ciphertext - prefer crypt_generate_iv() when ciphertext can be | ||
| * stored alongside a random IV instead. | ||
| * | ||
| * @param[in] data input data | ||
| * @param[in] dataLength input data length | ||
| * @param[out] iv output IV | ||
| */ | ||
| void crypt_get_iv(const void* data, size_t dataLength, uint8_t iv[16]); | ||
|
|
||
| /** | ||
| * @brief Fills the IV with cryptographically secure random bytes. | ||
| * | ||
| * Use this when the IV can be stored alongside the ciphertext (e.g. prefixed to it) and read back for | ||
| * decryption. This gives every encryption operation a unique, unpredictable IV, which is the standard | ||
| * and strongest way to use crypt_encrypt()/crypt_decrypt(). | ||
| * | ||
| * @param[out] iv output IV | ||
| */ | ||
| void crypt_generate_iv(uint8_t iv[16]); | ||
|
|
||
| /** | ||
| * @brief Encrypt data. | ||
| * | ||
| * Important: Use flash encryption to increase security. | ||
| * Important: input and output data must be aligned to 16 bytes. | ||
| * | ||
| * @param[in] iv the AES IV | ||
| * @param[in] inData input data | ||
| * @param[out] outData output data | ||
| * @param[in] dataLength data length, a multiple of 16 (for both inData and outData) | ||
| * @return the result of esp_aes_crypt_cbc() (MBEDTLS_ERR_*), or -1 if dataLength is not a positive multiple of 16 | ||
| */ | ||
| int crypt_encrypt(const uint8_t iv[16], const uint8_t* inData, uint8_t* outData, size_t dataLength); | ||
|
|
||
| /** | ||
| * @brief Decrypt data. | ||
| * | ||
| * Important: Use flash encryption to increase security. | ||
| * Important: input and output data must be aligned to 16 bytes. | ||
| * | ||
| * @param[in] iv AES IV | ||
| * @param[in] inData input data | ||
| * @param[out] outData output data | ||
| * @param[in] dataLength data length, a multiple of 16 (for both inData and outData) | ||
| * @return the result of esp_aes_crypt_cbc() (MBEDTLS_ERR_*), or -1 if dataLength is not a positive multiple of 16 | ||
| */ | ||
| int crypt_decrypt(const uint8_t iv[16], const uint8_t* inData, uint8_t* outData, size_t dataLength); | ||
|
|
||
| #ifdef __cplusplus | ||
| } | ||
| #endif |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| // SPDX-License-Identifier: Apache-2.0 | ||
| #pragma once | ||
|
|
||
| #ifdef __cplusplus | ||
| extern "C" { | ||
| #endif | ||
|
|
||
| extern struct Module crypt_module; | ||
|
|
||
| #ifdef __cplusplus | ||
| } | ||
| #endif |
17 changes: 11 additions & 6 deletions
17
TactilityCore/Include/Tactility/crypt/Hash.h → ...les/crypt-module/include/tactility/hash.h
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,23 +1,28 @@ | ||
| // SPDX-License-Identifier: Apache-2.0 | ||
| #pragma once | ||
|
|
||
| #include <cstddef> | ||
| #include <cstdint> | ||
| #include <stddef.h> | ||
| #include <stdint.h> | ||
|
|
||
| namespace tt::crypt { | ||
| #ifdef __cplusplus | ||
| extern "C" { | ||
| #endif | ||
|
|
||
| /** | ||
| * Implementation of DJB2 hashing algorithm. | ||
| * @param[in] str the string to calculate the hash for | ||
| * @return the hash | ||
| */ | ||
| uint32_t djb2(const char* str); | ||
| uint32_t djb2_str(const char* str); | ||
|
|
||
| /** | ||
| * Implementation of DJB2 hashing algorithm. | ||
| * @param[in] data the bytes to calculate the hash for | ||
| * @param[in] length the size of data | ||
| * @return the hash | ||
| */ | ||
| uint32_t djb2(const void* data, size_t length); | ||
| uint32_t djb2_data(const void* data, size_t length); | ||
|
|
||
| } // namespace | ||
| #ifdef __cplusplus | ||
| } | ||
| #endif |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.