CRYPTO Devices
Encryption/Decryption is a file and message encryption and decryption technology. With the rapid development of the Internet of Things, users have a strong demand for data encryption and decryption in their normal work.
To ensure the information security of IoT devices, the TLS secure transport layer protocol was introduced at the software level. At the same time, security-related encryption and decryption modules were gradually added to hardware chips, and even security chips designed specifically for security appeared. The hardware security module on the chip has a faster computing speed and smaller resource usage than the security algorithm implemented purely by software. However, most IoT devices still use pure software security algorithms. One of the most important reasons is that the hardware interfaces are different and diverse, making it difficult to connect with software.
Therefore, RT-Thread launched the hwcrypto hardware encryption and decryption driver framework and connected it to common security transmission kits. As long as the hardware supports the encryption and decryption module, the hardware-based encryption and decryption security transmission kit can be used directly, and the transmission speed can be increased several times.
hwcrypto is a hardware encryption and decryption device driver framework. It is mainly composed of two parts: the hardware encryption and decryption driver abstraction layer and various encryption and decryption API interfaces. For upper-layer applications, it can be connected to a security suite or used directly, and the usage is very flexible. For the driver, there are few interfaces to be connected, the function is single, and the driver development is simple and fast. The following figure is a Crypto framework hierarchy diagram:
The main features are as follows:
Thin and light design, efficient operation
The most important function of the hardware encryption and decryption driver is interface conversion, which realizes interface unification and facilitates upper-layer applications to use hardware encryption and decryption. Therefore, it is designed to be very thin and light. It has extremely low resource usage, ROM < 0.8K / RAM < 0.2K.
Encryption and decryption also have very high requirements on running speed. Therefore, for frequently called code, careful consideration is given to reduce the steps of the running process to a minimum, so as to minimize the performance loss, and make it as fast as directly operating the hardware registers.
Thoughtful and easy to use
In API design, we start from two dimensions: simplicity and ease of use, and full functionality. First, users directly use the hardware encryption and decryption API, which requires easy to use. For this reason, we evaluated many software interfaces in the early stage. After personal use and testing, we finally defined a set of APIs with full functionality and simple interfaces.
While meeting the needs of users, we also made a lot of considerations in the connection with the secure transmission suite. We added an API specifically for the secure transmission suite. In the end, this set of API users can use or connect to the secure transmission suite with ease.
Fully compatible and versatile
The interface design of the driver docking is also carefully designed. In the early stage, the encryption and decryption peripherals of many hardware manufacturers were classified according to their functions, analyzed and sorted, and a set of driver interfaces with single functions and comprehensive parameters were extracted. This driver interface can fully adapt to conventional MCU encryption and decryption peripherals. It has been verified on multiple platforms, such as Lianshengde W60X series, STM32 series, etc.
The hardware encryption and decryption framework currently supports encryption and decryption related interfaces such as AES/DES/3DES/RC4/SHA1/SHA2/MD5/CRC/RNG/BIGNUM.
The above encryption and decryption algorithms are divided into the following categories according to different types. Each category has rich APIs available for use. The currently supported types are as follows:
hash: hash algorithm
symmetric: symmetric encryption and decryption algorithm
gcm: GMAC message authentication code
crc: CRC redundancy check
rng: random number generator
bignum: large number operations
A hash algorithm transforms an input of any length into an output of a fixed length through a hash algorithm. It is a function that compresses a message of any length into a message digest of a fixed length. The space of hash values is usually much smaller than the space of inputs. Different inputs may hash to the same output, so it is impossible to determine the unique input value from the hash value.
The application accesses the hash algorithm device hardware through the hash algorithm device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_hash_create() | Creating a hash context |
rt_hwcrypto_hash_destroy() | Release context |
rt_hwcrypto_hash_finish() | Calculate the final hash value |
rt_hwcrypto_hash_update() | Process a packet of data |
rt_hwcrypto_hash_cpy() | Copy context |
rt_hwcrypto_hash_reset() | Reset Context |
rt_hwcrypto_hash_set_type() | Set the hash algorithm type |
The application creates a hash context based on the handle of the hash device as follows:
parameter | describe |
device | Encryption and decryption device handle |
type | Hash algorithm type |
return | —— |
NULL | fail |
other | Device Object |
Common types and subtypes of hash algorithms are as follows
If you create a hash algorithm of the MD5 type, the usage example is as follows
The prototype of the rt_hwcrypto_dev_default() function is
struct rt_hwcrypto_device *rt_hwcrypto_dev_default(void)to return the default hardware encryption and decryption device handle.
The application deletes the context based on the hash context and releases the resources as follows:
parameter | describe |
ctx | Context |
return | —— |
Based on the hash context, the application can output the final hash value as follows:
parameter | describe |
ctx | Context |
output | Output Data |
length | Data length |
return | —— |
RT_EOK | Calculation success |
other | fail |
The application inputs a packet of data and calculates the hash value according to the hash context, as shown below:
parameter | describe |
ctx | Context |
input | Input Data |
length | Input data length |
return | —— |
RT_EOK | Calculation success |
other | fail |
The usage examples are as follows:
The application copies the context of the source hash to the context of the target hash as follows:
parameter | describe |
of the | Target context |
src | Source context |
return | —— |
RT_EOK | Calculation success |
other | fail |
The application resets the hash context text according to the hash context, as follows:
parameter | describe |
ctx | Context |
return | —— |
Before releasing the context, the next packet of data can be calculated only after it is reset.
The application sets the hash algorithm type according to the hash context, as follows:
parameter | describe |
ctx | Context |
type | Hash algorithm type |
return | —— |
RT_EOK | Calculation success |
other | fail |
Common hash algorithm types, refer to the type introduction in the creation of hash context
Setting the type is only valid before data operation. Changing the type during operation will result in incorrect operation results.
Symmetric encryption and decryption refers to an encryption algorithm that uses the same key for encryption and decryption, so this encryption algorithm is also called a secret key algorithm or a single key algorithm. The security of a symmetric algorithm depends on the key. Leaking the key means that anyone can decrypt the messages they send or receive, so the confidentiality of the key is crucial to the security of communication.
The application accesses the symmetric algorithm device hardware through the symmetric device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_symmetric_create() | Create a symmetric encryption and decryption context |
rt_hwcrypto_symmetric_destroy() | Release context |
rt_hwcrypto_symmetric_crypt() | Encryption and decryption operations |
rt_hwcrypto_symmetric_setkey() | Set encryption and decryption keys |
rt_hwcrypto_symmetric_getkey() | Get encryption and decryption keys |
rt_hwcrypto_symmetric_setiv() | Set the symmetric encryption and decryption initialization vector |
rt_hwcrypto_symmetric_getiv() | Get the symmetric encryption and decryption initialization vector |
rt_hwcrypto_symmetric_set_ivoff() | Set the symmetric encryption and decryption initialization vector offset value |
rt_hwcrypto_symmetric_get_ivoff() | Get the symmetric encryption and decryption initialization vector offset value |
rt_hwcrypto_symmetric_cpy() | Copy context |
rt_hwcrypto_symmetric_reset() | Reset Context |
rt_hwcrypto_symmetric_set_type() | Set the encryption and decryption type |
The application creates a symmetric encryption and decryption context based on the handle of the symmetric encryption and decryption device, as shown below:
parameter | describe |
device | Encryption and decryption device handle |
type | Symmetric encryption and decryption algorithm type |
return | —— |
NULL | fail |
other | Device Object |
Common types and subtypes of symmetric encryption and decryption algorithms are as follows
Create an AES-CBC encryption as follows
The application deletes the context based on the symmetric encryption and decryption context and releases resources as shown below:
parameter | describe |
ctx | Context Handle |
return | —— |
The application can output the final calculated value based on the context of symmetric encryption and decryption, encryption and decryption mode, input data and length, as shown below:
parameter | describe |
ctx | Context Handle |
mode | Encryption or decryption |
length | Data length |
in | Input Data |
out | Output Data |
return | —— |
RT_EOK | Calculation success |
other | fail |
The encryption or decryption modes are as follows
The application sets the encryption and decryption keys according to the context, key and secret key, and length of symmetric encryption and decryption, as shown below:
parameter | describe |
ctx | Context Handle |
key | Enter the key |
Bitlen | Key length |
return | —— |
RT_EOK | Set key successfully |
other | fail |
The application obtains the key length based on the context, key, and length of symmetric encryption and decryption, as shown below:
parameter | describe |
ctx | Target context |
key | Key |
Bitlen | Key length |
return | —— |
int | Copy key length |
other | fail |
The application sets the symmetric encryption and decryption initialization vector according to the symmetric encryption and decryption context, initialization vector, and vector length, as shown below:
parameter | describe |
ctx | Context |
iv | Initialization Vector |
only | Length of the initialization vector |
return | —— |
RT_EOK | Set up for success |
other | fail |
The application obtains the symmetric encryption and decryption initialization vector according to the symmetric encryption and decryption context, as shown below:
parameter | describe |
ctx | Context |
iv | Will get the initialization vector |
only | Length of the initialization vector |
return | —— |
int | Get the length of success |
other | fail |
The application sets the offset value of the symmetric encryption and decryption initialization vector according to the context of symmetric encryption and decryption and the initialization vector offset value, as shown below:
parameter | describe |
ctx | Context |
iv_off | Initialization vector offset |
return | —— |
The application obtains the offset value of the symmetric encryption and decryption initialization vector according to the context of symmetric encryption and decryption, as shown below:
parameter | describe |
ctx | Context |
iv_off | Initialization vector offset pointer |
return | —— |
The application copies the source symmetric encryption and decryption context to the destination context as shown below:
parameter | describe |
of the | Target context |
src | Source context |
return | —— |
RT_EOK | Set up for success |
other | fail |
The application resets the context based on the symmetric encryption and decryption context as follows:
parameter | describe |
of the | Context |
return | —— |
The application sets encryption or decryption based on the context of symmetric encryption and decryption, as shown below:
parameter | describe |
ctx | Context |
type | Encryption and decryption type |
return | —— |
RT_EOK | Set up for success |
other | fail |
For common encryption and decryption types, refer to the type introduction in Creating Symmetric Encryption and Decryption Contexts.
AES-CBC is used for encryption. The application examples are as follows:
GCM message authentication can provide encryption and integrity verification of messages, and can also verify the authenticity of other attached messages.
The application accesses the GCM algorithm device hardware through the GCM device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_gcm_create() | Creating a Context |
rt_hwcrypto_gcm_destroy() | Release context |
rt_hwcrypto_gcm_start() | Passing in additional value |
rt_hwcrypto_gcm_finish() | Generate a message authentication code |
rt_hwcrypto_gcm_crypt() | Encryption and decryption |
rt_hwcrypto_gcm_setkey() | Setting the key |
rt_hwcrypto_gcm_getkey() | Get the key |
rt_hwcrypto_gcm_setiv() | Setting the Initialization Vector |
rt_hwcrypto_gcm_getiv() | Get the initialization vector |
rt_hwcrypto_gcm_set_ivoff() | Set the initialization vector offset |
rt_hwcrypto_gcm_get_ivoff() | Get the initialization vector offset |
rt_hwcrypto_gcm_cpy() | Copy context |
rt_hwcrypto_gcm_reset() | Reset Context |
The application creates a symmetric encryption and decryption context based on the handle of the gcm message authentication, as shown below:
parameter | describe |
device | Encryption and decryption device handle |
crypt_type | Encryption and decryption algorithm type |
return | —— |
NULL | fail |
other | Device Object |
The common types of gcm are as follows
The application deletes the context and releases resources based on the gcm context, as shown below:
parameter | describe |
ctx | Context |
return | —— |
The application passes in the initial value of the additional value for encryption according to the context of gcm, as shown below:
parameter | describe |
ctx | Context |
add | Additional Message |
add_len | Additional message length |
return | —— |
RT_EOK | success |
other | fail |
After encrypting the data according to the context of GCM, the application outputs the tag value and length as a verification of integrity and authenticity, as shown below:
parameter | describe |
ctx | Context |
tag | Message Authentication Code |
tag_len | Message authentication code length |
return | —— |
RT_EOK | success |
other | fail |
The application encrypts the data according to the context of GCM, encryption and decryption mode, data length and input data, and then outputs the data buffer as shown below:
parameter | describe |
ctx | Context |
mode | Encryption and decryption mode |
length | Input data length |
in | Input Data |
out | Output Data |
return | —— |
RT_EOK | success |
other | fail |
The application sets the key according to the gcm context, encryption and decryption key and length, as shown below:
parameter | describe |
ctx | Context |
key | Key |
Bitlen | Key length |
return | —— |
RT_EOK | success |
other | fail |
The application obtains the key based on the gcm context, encryption and decryption key and length, as shown below:
parameter | describe |
ctx | Context |
key | Key |
Bitlen | Key length |
return | —— |
RT_EOK | success |
other | fail |
The application sets the initialization vector according to the gcm context, initialization vector and length, as shown below:
parameter | describe |
ctx | Context |
iv | Initialization Vector |
only | Initialization vector length |
return | —— |
RT_EOK | success |
other | fail |
The application obtains the initialization vector based on the gcm context, initialization vector and length, as shown below:
parameter | describe |
ctx | Context |
iv | Initialization Vector |
only | Initialization vector length |
return | —— |
RT_EOK | success |
other | fail |
The application sets the initialization vector offset according to the context of gcm, as shown below:
parameter | describe |
ctx | Context |
iv_off | Initialization vector offset |
return | —— |
The application obtains the initialization vector offset based on the gcm context and initialization vector offset, as shown below:
parameter | describe |
ctx | Context |
iv_off | Initialization vector offset |
return | —— |
The application copies the gcm context to the target context as follows:
parameter | describe |
of the | Target context |
src | Source context |
return | —— |
RT_EOK | success |
other | fail |
Cyclic Redundancy Check (CRC) is a hash function that generates a short fixed-bit check code based on network data packets or computer files. It is mainly used to detect or verify errors that may occur after data transmission or storage. It uses the principle of division and remainder for error detection.
The application accesses the CRC algorithm device hardware through the CRC device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_crc_create() | Create CRC context |
rt_hwcrypto_crc_destroy() | Release context |
rt_hwcrypto_crc_update() | Calculate a packet of data |
rt_hwcrypto_crc_cfg() | Set context calculation data |
The application creates a CRC context based on the handle of the CRC device as follows:
parameter | describe |
device | Device to be set up |
mode | CRC calculation mode |
return | —— |
NULL | fail |
other | Device Object |
The commonly used CRC calculation modes are as follows:
These modes correspond to different calculation polynomials, as shown in the notes.
The application deletes the context according to the CRC context and releases the resources as follows:
parameter | describe |
ctx | Context |
return | —— |
The application calculates the CRC calculation result based on the CRC context, input data and its length as follows:
parameter | describe |
ctx | Context |
input | Input Data |
length | Input data length |
return | —— |
uint32_t | Calculation results |
0 | fail |
The application releases resources based on the CRC context and configuration information as follows:
parameter | describe |
ctx | Context |
cfg | Encryption and decryption configuration parameters |
return | —— |
The CRC configuration structure is as follows
Calculate the data checksum of 0 - 7 and implement the following configuration
To obtain the checksum value, the specific procedure is as follows
The data generated by the Random Numeral Generator (RNG) has nothing to do with the previous numbers.
The application accesses the RNG algorithm device hardware through the RNG device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_rng_update() | Get the default device random number |
The application generates random numbers according to the context of the RNG default device as follows:
parameter | describe |
return | —— |
rt_uint32_t | Random numbers generated |
other | fail |
For example, to detect random number generation 1000,000 times and count the number of odd and even numbers generated, the code is as follows:
Since the basic numeric data types provided by programming languages have a limited range of values and cannot satisfy large-scale high-precision numerical calculations, other methods are needed to achieve high-precision numerical calculations.
The application accesses the big number algorithm device hardware through the big number device management interface provided by RT-Thread. The relevant interface is as follows:
function | describe |
rt_hwcrypto_bignum_default() | Get the default context |
rt_hwcrypto_bignum_init() | Initialize a large number object |
rt_hwcrypto_bignum_free() | Release the big numbers |
rt_hwcrypto_bignum_get_len() | Get the length of a large number |
rt_hwcrypto_bignum_export_bin() | Output binary data in big-endian mode |
rt_hwcrypto_bignum_import_bin() | Input binary in big-endian mode |
rt_hwcrypto_bignum_add() | Adding large numbers |
rt_hwcrypto_bignum_sub() | Subtracting large numbers |
rt_hwcrypto_bignum_mul() | Multiplying large numbers |
rt_hwcrypto_bignum_mulmod | Modulo the product of large numbers |
rt_hwcrypto_bignum_exptmod | Modulo large number exponentiation |
The application obtains the default context based on the large number of device handles, as follows:
parameter | describe |
device | Device handle |
return | —— |
RT_EOK | success |
other | fail |
The application initializes the big number object according to the big number context, as shown below:
parameter | describe |
n | Initialize a large number object |
return | —— |
The structure of a large number object is as follows:
The application releases a large number of objects as follows:
parameter | describe |
n | Large number objects |
return | —— |
The application obtains the length of a large number as follows:
parameter | describe |
n | The large number object whose length will be obtained |
return | —— |
int | Returns the length of a large number |
other | fail |
The application outputs the binary number in big-endian mode according to the large number object and returns the copied length, as shown below:
parameter | describe |
n | Large number objects |
buf | Data to be output |
only | Data length |
return | —— |
int | Returns the copy length |
other | fail |
The application inputs a binary number in big-endian mode according to the handle of the large number, as shown below:
parameter | describe |
n | Large number objects |
buf | Input Data |
only | Data length |
return | —— |
RT_EOK | success |
other | fail |
The application adds two large number objects and assigns the result to x, as shown below
parameter | describe |
x | Output |
a | Input Data |
b | Input Data |
return | —— |
RT_EOK | success |
other | fail |
The application subtracts two large number objects and assigns the result to x, as shown below
parameter | describe |
x | Output |
a | Input Data |
b | Input Data |
return | —— |
RT_EOK | success |
other | fail |
The application multiplies two large number objects and assigns the result to x, as shown below
parameter | describe |
x | Output |
a | Input Data |
b | Input Data |
return | —— |
RT_EOK | success |
other | fail |
The application multiplies the large number object modulo the product and assigns the result to x = a * b (mod c), as shown below
parameter | describe |
x | Output |
a | Input Data |
b | Input Data |
c | Input Data |
return | —— |
RT_EOK | success |
other | fail |
The application performs exponential modulo on the large number object and assigns the result to x = a ^ b (mod c), as shown below
parameter | describe |
x | Output |
a | Input Data |
b | Input Data |
c | Input Data |
return | —— |
RT_EOK | success |
other | fail |
Usually, the process of using hardware encryption and decryption can be roughly divided into four steps: the first step is to create a context of a specific encryption and decryption type; the second step is to configure the context, such as setting keys and other operations; the third step is to execute the corresponding function and obtain the processed result; the fourth step is to delete the context and release resources.
The following code first uses AES-CBC to encrypt the data, and then decrypts the encrypted data. After decryption, the MD5 and SHA1 hash algorithms are used to generate information summaries, and some log information is output at the same time (the specific implementation code of hardware encryption and decryption is below the main() function).
1. AES-CBC encryption and decryption
2. HASH message summary
After normal operation, the terminal output information is as follows:
Last updated
