Skip to content

Commit

Permalink
[crypto] copy otPlatCryptoPbkdf2GenerateKey() implementation from `…
Browse files Browse the repository at this point in the history 
…crypto_platform.cpp`
  • Loading branch information
@lmnotran
lmnotran committed Dec 8, 2023
1 parent 1ad2f42 commit 3fe2cb7
Show file tree
Hide file tree
Showing 9 changed files with 226 additions and 3 deletions.
4 changes: 2 additions & 2 deletions ot-efr32.slce
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
id: ot-efr32
version: 0.0.1
description: "ot-efr32 extension for Gecko SDK Suite"
label: "Silicon Labs Matter"
label: "Silicon Labs OpenThread"
sdk:
id: gecko_sdk
version: 4.2.1
version: 4.3.2
component_path:
- path: slc/component
57 changes: 57 additions & 0 deletions slc/component/ot_platform_abstraction_source.slcc
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
id: ot_platform_abstraction_source
label: Platform Abstraction (Source)
package: OpenThread
category: OpenThread
quality: production
description: This component provides the source files for the platform abstraction layer between the OpenThread stack and Silicon Labs platform
provides:
- name: ot_platform_abstraction_source
- name: ot_platform_abstraction_implementation
requires:
- name: security_manager
ui_hints:
visibility: never
include:
- path: openthread/examples/platforms/utils
file_list:
- path: code_utils.h
- path: link_metrics.h
- path: logging_rtt.h
- path: mac_frame.h
- path: settings.h
- path: src/src
file_list:
- path: ieee802154mac.h
- path: ieee802154-packet-utils.hpp
- path: platform-band.h
- path: rail_config.h
- path: sl_packet_utils.h
- path: sl_openthread.h
- path: diag.h
- path: soft_source_match_table.h
- path: third_party/silabs/gecko_sdk/protocol/openthread/platform-abstraction/include
file_list:
- path: radio_counters.h
- path: radio_extension.h
source:
- path: openthread/examples/platforms/utils/debug_uart.c
- path: openthread/examples/platforms/utils/link_metrics.cpp
- path: openthread/examples/platforms/utils/logging_rtt.c
- path: openthread/examples/platforms/utils/mac_frame.cpp
- path: openthread/examples/platforms/utils/settings_ram.c
- path: src/src/soft_source_match_table.c
- path: src/src/alarm.c
- path: src/src/diag.c
- path: src/src/entropy.c
- path: src/src/flash.c
- path: src/src/logging.c
unless: ["matter_integration"]
- path: src/src/memory.c
unless: ["matter_integration"]
- path: src/src/misc.c
- path: src/src/crypto.cpp
- path: src/src/ieee802154-packet-utils.cpp
- path: src/src/radio.c
- path: src/src/radio_extension.c
- path: src/src/startup-gcc.c
- path: src/src/system.c
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-rcp-spi.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_thirdparty
- id: ot_ncp_spidrv
Expand All @@ -20,3 +22,10 @@ define:
value: 1
- name: OPENTHREAD_RADIO
value: 1

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-rcp-uart.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_thirdparty
- id: uartdrv_usart
Expand All @@ -22,3 +24,10 @@ define:
value: 1
- name: OPENTHREAD_RADIO
value: 1

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-soc-with-buttons-power-manager-csl.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_psa_crypto
- id: ot_thirdparty
Expand Down Expand Up @@ -53,3 +55,10 @@ configuration:
define:
- name: OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE
value: 1

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-soc-with-buttons-power-manager.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_psa_crypto
- id: ot_thirdparty
Expand Down Expand Up @@ -49,3 +51,10 @@ configuration:
condition: [freertos]
- name: SL_STACK_SIZE
value: 4608

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-soc-with-buttons.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_psa_crypto
- id: ot_thirdparty
Expand Down Expand Up @@ -48,3 +50,10 @@ configuration:
condition: [freertos]
- name: SL_STACK_SIZE
value: 4608

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
9 changes: 9 additions & 0 deletions src/platform_projects/openthread-efr32-soc.slcp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ category: OpenThread Examples
quality: production

component:
- id: ot_platform_abstraction_source
from: ot-efr32
- id: ot_platform_abstraction_core
- id: ot_psa_crypto
- id: ot_thirdparty
Expand Down Expand Up @@ -35,3 +37,10 @@ configuration:
condition: [freertos]
- name: SL_STACK_SIZE
value: 4608

sdk:
id: gecko_sdk
version: 4.3.2
sdk_extension:
- id: ot-efr32
version: 0.0.1
114 changes: 113 additions & 1 deletion src/src/crypto.c → src/src/crypto.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,35 @@
* This file implements the OpenThread platform abstraction for PSA.
*
*/

#include <string.h>

#include <openthread/platform/crypto.h>

#include "common/code_utils.hpp"
#include "common/debug.hpp"
#include "common/error.hpp"
#include "common/num_utils.hpp"
#include "crypto/mbedtls.hpp"

#include "security_manager.h"
#include <openthread-core-config.h>
#include <openthread/error.h>
#include <openthread/platform/crypto.h>
#include "utils/code_utils.h"

#include <mbedtls/cmac.h>
#include <mbedtls/ecdsa.h>
#include <mbedtls/md.h>
#include <mbedtls/pk.h>
#include "mbedtls/psa_util.h"
#include <mbedtls/psa_util.h>
#include <mbedtls/version.h>

#if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA

using namespace ot;
using namespace Crypto;

// Helper function to convert otCryptoKeyType to psa_key_type_t
static psa_key_type_t getPsaKeyType(otCryptoKeyType aKeyType)
{
Expand Down Expand Up @@ -555,4 +571,100 @@ otError otPlatCryptoEcdsaVerifyUsingKeyRef(otCryptoKeyRef aKe
return error;
}

otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword,
uint16_t aPasswordLen,
const uint8_t *aSalt,
uint16_t aSaltLen,
uint32_t aIterationCounter,
uint16_t aKeyLen,
uint8_t *aKey)
{
#if (MBEDTLS_VERSION_NUMBER >= 0x03050000)
const size_t kBlockSize = MBEDTLS_CMAC_MAX_BLOCK_SIZE;
#else
const size_t kBlockSize = MBEDTLS_CIPHER_BLKSIZE_MAX;
#endif
uint8_t prfInput[OT_CRYPTO_PBDKF2_MAX_SALT_SIZE + 4]; // Salt || INT(), for U1 calculation
long prfOne[kBlockSize / sizeof(long)];
long prfTwo[kBlockSize / sizeof(long)];
long keyBlock[kBlockSize / sizeof(long)];
uint32_t blockCounter = 0;
uint8_t *key = aKey;
uint16_t keyLen = aKeyLen;
uint16_t useLen = 0;
Error error = kErrorNone;
int ret;

OT_ASSERT(aSaltLen <= sizeof(prfInput));
memcpy(prfInput, aSalt, aSaltLen);
OT_ASSERT(aIterationCounter % 2 == 0);
aIterationCounter /= 2;

#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
// limit iterations to avoid OSS-Fuzz timeouts
aIterationCounter = 2;
#endif

while (keyLen)
{
++blockCounter;
prfInput[aSaltLen + 0] = static_cast<uint8_t>(blockCounter >> 24);
prfInput[aSaltLen + 1] = static_cast<uint8_t>(blockCounter >> 16);
prfInput[aSaltLen + 2] = static_cast<uint8_t>(blockCounter >> 8);
prfInput[aSaltLen + 3] = static_cast<uint8_t>(blockCounter);

// Calculate U_1
ret = mbedtls_aes_cmac_prf_128(aPassword,
aPasswordLen,
prfInput,
aSaltLen + 4,
reinterpret_cast<uint8_t *>(keyBlock));
VerifyOrExit(ret == 0, error = MbedTls::MapError(ret));

// Calculate U_2
ret = mbedtls_aes_cmac_prf_128(aPassword,
aPasswordLen,
reinterpret_cast<const uint8_t *>(keyBlock),
kBlockSize,
reinterpret_cast<uint8_t *>(prfOne));
VerifyOrExit(ret == 0, error = MbedTls::MapError(ret));

for (uint32_t j = 0; j < kBlockSize / sizeof(long); ++j)
{
keyBlock[j] ^= prfOne[j];
}

for (uint32_t i = 1; i < aIterationCounter; ++i)
{
// Calculate U_{2 * i - 1}
ret = mbedtls_aes_cmac_prf_128(aPassword,
aPasswordLen,
reinterpret_cast<const uint8_t *>(prfOne),
kBlockSize,
reinterpret_cast<uint8_t *>(prfTwo));
VerifyOrExit(ret == 0, error = MbedTls::MapError(ret));
// Calculate U_{2 * i}
ret = mbedtls_aes_cmac_prf_128(aPassword,
aPasswordLen,
reinterpret_cast<const uint8_t *>(prfTwo),
kBlockSize,
reinterpret_cast<uint8_t *>(prfOne));
VerifyOrExit(ret == 0, error = MbedTls::MapError(ret));

for (uint32_t j = 0; j < kBlockSize / sizeof(long); ++j)
{
keyBlock[j] ^= prfOne[j] ^ prfTwo[j];
}
}

useLen = Min(keyLen, static_cast<uint16_t>(kBlockSize));
memcpy(key, keyBlock, useLen);
key += useLen;
keyLen -= useLen;
}

exit:
return error;
}

#endif // OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE

0 comments on commit 3fe2cb7

Please sign in to comment.