mcuxClCipherModes_Ctr_Aes128_Oneshot_Dma_NonBlocking_example.c

Example for the mcuxClCipherModes component.

Example for the mcuxClCipherModes component

/*--------------------------------------------------------------------------*/
/* Copyright 2023-2025 NXP                                                  */
/*                                                                          */
/* NXP Confidential and Proprietary. This software is owned or controlled   */
/* by NXP and may only be used strictly in accordance with the applicable   */
/* license terms.  By expressly accepting such terms or by downloading,     */
/* installing, activating and/or otherwise using the software, you are      */
/* agreeing that you have read, and that you agree to comply with and are   */
/* bound by, such license terms.  If you do not agree to be bound by the    */
/* applicable license terms, then you may not retain, install, activate or  */
/* otherwise use the software.                                              */
/*--------------------------------------------------------------------------*/

 
#include <mcuxClSession.h>
#include <mcuxClResource.h>
#include <mcuxClKey.h>
#include <mcuxClAes.h> // Interface to AES-related definitions and types
#include <mcuxClCipher.h> // Interface to the entire mcuxClCipher component
#include <mcuxClCipherModes.h> // Interface to the entire mcuxClCipherModes component
#include <mcuxCsslFlowProtection.h>
#include <mcuxClCore_FunctionIdentifiers.h> // Code flow protection
#include <mcuxClBuffer.h>
#include <mcuxClCore_Examples.h>
#include <mcuxClExample_OS.h>
#include <mcuxClExample_Session_Helper.h>
#include <mcuxClExample_RNG_Helper.h>
 
#include <platform_specific_headers.h> // needed for DMA interrupts
 
/************************************************************************************/
/* Reference data to process and check results                                      */
/************************************************************************************/
 
/* These example vectors are taken from NIST Special Publication 800-38A, 2001 Edition. */
 
/* CTR encrypted data */
static const uint8_t encryptedRef[64] = {
  0x87u, 0x4du, 0x61u, 0x91u, 0xb6u, 0x20u, 0xe3u, 0x26u,
  0x1bu, 0xefu, 0x68u, 0x64u, 0x99u, 0x0du, 0xb6u, 0xceu,
  0x98u, 0x06u, 0xf6u, 0x6bu, 0x79u, 0x70u, 0xfdu, 0xffu,
  0x86u, 0x17u, 0x18u, 0x7bu, 0xb9u, 0xffu, 0xfdu, 0xffu,
  0x5au, 0xe4u, 0xdfu, 0x3eu, 0xdbu, 0xd5u, 0xd3u, 0x5eu,
  0x5bu, 0x4fu, 0x09u, 0x02u, 0x0du, 0xb0u, 0x3eu, 0xabu,
  0x1eu, 0x03u, 0x1du, 0xdau, 0x2fu, 0xbeu, 0x03u, 0xd1u,
  0x79u, 0x21u, 0x70u, 0xa0u, 0xf3u, 0x00u, 0x9cu, 0xeeu
};
 
/* AES key for encrypting/ decrypting the data */
static const uint8_t keyBytes[16] = {
  0x2bu, 0x7eu, 0x15u, 0x16u, 0x28u, 0xaeu, 0xd2u, 0xa6u,
  0xabu, 0xf7u, 0x15u, 0x88u, 0x09u, 0xcfu, 0x4fu, 0x3cu
};
 
/************************************************************************************/
/* Helper code to synchronize example flow with nonBlocking background computation  */
/************************************************************************************/
 
#define MCUXCLCIPHER_STATUS_CALLBACK_NOT_EXECUTED ((uint32_t) 0xDEADBEEFu)
/* This variable is used to keep track of callbacks triggered by the non-blocking API. */
static volatile uint32_t cipherStatus_nonBlockingCallback = MCUXCLCIPHER_STATUS_CALLBACK_NOT_EXECUTED;
 
/* This function is called after the nonBlocking operation has finished */
static void user_callback(uint32_t status, void * data)
{
  (void)data;
  cipherStatus_nonBlockingCallback = status;
}
 
#define MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED ((uint32_t) 0xDEADBEEFu)
/* This variable is a flag to notify the caller that an interrupt happened.
   It will contain the DMA channel ID of the respective channel that had an interrupt. */
static volatile uint32_t flag_interruptNumber = MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED;
 
/**************************************************************************/
/* Interrupt configuration code                                           */
/**************************************************************************/
 
/* Global resource context to handle status and session for the available HW resources.
   It shall be global and therefor only allocated once, for all sessions.
   Note that the examples create a "static" version of this global context, which is done
   solely to make sure examples are self-contained and do not conflict with each other. */
/* TODO CLNS-16969: Use one global resource ctx for all examples */
static uint32_t resourceContext[MCUXCLRESOURCE_CONTEXT_SIZE/sizeof(uint32_t)];
static mcuxClResource_Context_t * resourceCtxHandle = (mcuxClResource_Context_t *) &resourceContext;
 
/* This is the Interrupt handler for DMA done and error interrupts on the input channel.
   This function only sets the interrupt number as a global flag, the actual handler
   mcuxClResource_handle_interrupt needs to be called afterwards to wrap-up the CLib operation. */
static void handleDmaInterrupt_channel0(void)
{
  MCUX_CSSL_ANALYSIS_START_PATTERN_SFR_ACCESS()
  /* Clear DMA interrupt request status, W1C. Needed for DONE interrupts. */
  DMA0->CH[0].CH_INT = 1U;
 
  /* Clear the DMA error interrupt request status, W1C. Needed for ERROR interrupts. */
  uint32_t chCsr = DMA0->CH[0].CH_CSR;
  /* 1. Unset the DONE bit, to not accidentally perform a W1C. CLib needs this bit for internal checks. */
  chCsr &= ~((uint32_t)DMA_CH_CSR_DONE_MASK);
  /* 2. Clear the EEI bit. */
  chCsr &= ~((uint32_t)DMA_CH_CSR_EEI_MASK);
  /* 3. Write to CH_CSR */
  DMA0->CH[0].CH_CSR = chCsr;
  MCUX_CSSL_ANALYSIS_STOP_PATTERN_SFR_ACCESS()
 
  /* DMA_CH0 caused the interrupt */
  flag_interruptNumber = GET_DMA_CHX_IRQ_NUMBER(0U);
}
 
/* This is the Interrupt handler for DMA done and error interrupts on the output channel.
   This function only sets the interrupt number as a global flag, the actual handler
   mcuxClResource_handle_interrupt needs to be called afterwards to wrap-up the CLib operation. */
static void handleDmaInterrupt_channel1(void)
{
  MCUX_CSSL_ANALYSIS_START_PATTERN_SFR_ACCESS()
  /* Clear DMA interrupt request status, W1C. Needed for DONE interrupts. */
  DMA0->CH[1].CH_INT = 1U;
 
  /* Clear the DMA error interrupt request status, W1C. Needed for ERROR interrupts. */
  uint32_t chCsr = DMA0->CH[1].CH_CSR;
  /* 1. Unset the DONE bit, to not accidentally perform a W1C. CLib needs this bit for internal checks. */
  chCsr &= ~((uint32_t)DMA_CH_CSR_DONE_MASK);
  /* 2. Clear the EEI bit. */
  chCsr &= ~((uint32_t)DMA_CH_CSR_EEI_MASK);
  /* 3. Write to CH_CSR */
  DMA0->CH[1].CH_CSR = chCsr;
  MCUX_CSSL_ANALYSIS_STOP_PATTERN_SFR_ACCESS()
 
  /* DMA_CH1 caused the interrupt */
  flag_interruptNumber = GET_DMA_CHX_IRQ_NUMBER(1U);
}
 
/* Initialize (install, enable) the interrupts */
static void interruptInit(void)
{
  /* Enable interrupts for the input channel */
  mcuxClExample_OS_Interrupt_Callback_Install(handleDmaInterrupt_channel0, GET_DMA_CHX_IRQ_NUMBER(0U));
 
  /* Enable interrupts for the output channel */
  mcuxClExample_OS_Interrupt_Callback_Install(handleDmaInterrupt_channel1, GET_DMA_CHX_IRQ_NUMBER(1U));
 
  /* Enable the interrupts in the controller */
  mcuxClExample_OS_Interrupt_Enable(GET_DMA_CHX_IRQ_NUMBER(0U));
  mcuxClExample_OS_Interrupt_Enable(GET_DMA_CHX_IRQ_NUMBER(1U));
}
 
/* Uninitialize (disable) the interrupts */
static void interruptUninit(void)
{
  /* Disable the interrupts in the controller */
  mcuxClExample_OS_Interrupt_Disable(GET_DMA_CHX_IRQ_NUMBER(0U));
  mcuxClExample_OS_Interrupt_Disable(GET_DMA_CHX_IRQ_NUMBER(1U));
}
 
/**************************************************************************/
/* Example for non-blocking CTR encryption and decryption                 */
/*                                                                        */
/* The example shows which functions need to be called to configure the   */
/* non-blocking flow. Its important that the interrupt is triggered on    */
/* input channel. To show the non-blocking interrupt flow a polling-loop  */
/* is used to wait for the user-callback to be triggered by an interrupt. */
/**************************************************************************/
MCUXCLEXAMPLE_FUNCTION(mcuxClCipherModes_Ctr_Aes128_Oneshot_Dma_NonBlocking_example)
{
  /**************************************************************************/
  /* General Preparation                                                    */
  /**************************************************************************/
 
  /* Enable DMA interrupt and set callback */
  interruptInit();
 
  /* Note: input buffer needs to be on the stack because DMA cannot access ROM */
  const uint8_t plain[64] = {
    0x6bu, 0xc1u, 0xbeu, 0xe2u, 0x2eu, 0x40u, 0x9fu, 0x96u,
    0xe9u, 0x3du, 0x7eu, 0x11u, 0x73u, 0x93u, 0x17u, 0x2au,
    0xaeu, 0x2du, 0x8au, 0x57u, 0x1eu, 0x03u, 0xacu, 0x9cu,
    0x9eu, 0xb7u, 0x6fu, 0xacu, 0x45u, 0xafu, 0x8eu, 0x51u,
    0x30u, 0xc8u, 0x1cu, 0x46u, 0xa3u, 0x5cu, 0xe4u, 0x11u,
    0xe5u, 0xfbu, 0xc1u, 0x19u, 0x1au, 0x0au, 0x52u, 0xefu,
    0xf6u, 0x9fu, 0x24u, 0x45u, 0xdfu, 0x4fu, 0x9bu, 0x17u,
    0xadu, 0x2bu, 0x41u, 0x7bu, 0xe6u, 0x6cu, 0x37u, 0x10u
  };
 
  /* Note: input buffer needs to be on the stack because DMA cannot access ROM */
  const uint8_t iv[16] = {
    0xf0u, 0xf1u, 0xf2u, 0xf3u, 0xf4u, 0xf5u, 0xf6u, 0xf7u,
    0xf8u, 0xf9u, 0xfau, 0xfbu, 0xfcu, 0xfdu, 0xfeu, 0xffu
  };
 
  mcuxClSession_Descriptor_t sessionDesc;
  mcuxClSession_Handle_t session = &sessionDesc;
 
  /* Allocate and initialize session */
  MCUXCLEXAMPLE_ALLOCATE_AND_INITIALIZE_SESSION_NONBLOCKING(session, MCUXCLEXAMPLE_MAX_WA(MCUXCLCIPHER_MAX_AES_CPU_WA_BUFFER_SIZE, MCUXCLRANDOM_NCINIT_WACPU_SIZE), 0u);
 
  /* Initialize the PRNG */
  MCUXCLEXAMPLE_INITIALIZE_PRNG(session);
 
  /* Initialize the key */
  uint32_t keyDesc[MCUXCLKEY_DESCRIPTOR_SIZE_IN_WORDS];
  MCUX_CSSL_ANALYSIS_START_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
  mcuxClKey_Handle_t key = (mcuxClKey_Handle_t) &keyDesc;
  MCUX_CSSL_ANALYSIS_STOP_PATTERN_REINTERPRET_MEMORY_OF_OPAQUE_TYPES()
 
  MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(ki_status, ki_token, mcuxClKey_init(
    /* mcuxClSession_Handle_t session:        */ session,
    /* mcuxClKey_Handle_t key:                */ key,
    /* mcuxClKey_Type_t type:                 */ mcuxClKey_Type_Aes128,
    /* uint8_t * pKeyData:                   */ keyBytes,
    /* uint32_t keyDataLength:               */ sizeof(keyBytes))
  );
 
  if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClKey_init) != ki_token) || (MCUXCLKEY_STATUS_OK != ki_status))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
  MCUX_CSSL_FP_FUNCTION_CALL_END();
 
  /**************************************************************************/
  /* Non-Blocking Preparation                                               */
  /**************************************************************************/
 
  /* Configure the DMA channels that should be used.
   * Use DMA channel 0 for HW input operations, and DMA channel 1 for HW output operations */
  mcuxClSession_Channels_t dmaChannels = {
    .input = (mcuxClSession_Channel_t) 0u,
    .output = (mcuxClSession_Channel_t) 1u
  };
 
  /* Set DMA channels and user callback function */
  MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(scj_status, scj_token, mcuxClSession_configure_job(
    /* mcuxClSession_Handle_t session:          */ session,
    /* mcuxClSession_Channels_t dmaChannels,    */ dmaChannels,
    /* mcuxClSession_Callback_t pUserCallback,  */ user_callback,
    MCUX_CSSL_ANALYSIS_START_SUPPRESS_NULL_POINTER_CONSTANT("NULL is used in code")
    /* void * pUserData                        */ NULL)
    MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_NULL_POINTER_CONSTANT()
  );
 
  /* Initialize resource context and add it to the session */
  if(!mcuxClExample_Session_InitAndSetResourceCtx(session, resourceCtxHandle))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClSession_configure_job) != scj_token) || (MCUXCLSESSION_STATUS_OK != scj_status))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
  MCUX_CSSL_FP_FUNCTION_CALL_END();
 
  /**************************************************************************/
  /* Encryption                                                             */
  /**************************************************************************/
 
  uint32_t encryptedSize = 0u;
  uint8_t encryptedData[sizeof(encryptedRef)];
 
  MCUXCLBUFFER_INIT_DMA_RO(ivBuf, session, iv, sizeof(iv));
  MCUXCLBUFFER_INIT_DMA_RO(plainBuf, session, plain, sizeof(plain));
  MCUXCLBUFFER_INIT_DMA(encryptedDataBuf, session, encryptedData, sizeof(encryptedData));
  MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(e_status, e_token, mcuxClCipher_encrypt(
    /* mcuxClSession_Handle_t session:         */ session,
    /* const mcuxClKey_Handle_t key:           */ key,
    /* mcuxClCipher_Mode_t mode:               */ mcuxClCipher_Mode_AES_CTR_NonBlocking,
    /* mcuxCl_InputBuffer_t pIv:               */ ivBuf,
    /* uint32_t ivLength:                     */ sizeof(iv),
    /* mcuxCl_InputBuffer_t pIn:               */ plainBuf,
    /* uint32_t inLength:                     */ sizeof(plain),
    /* mcuxCl_Buffer_t pOut:                   */ encryptedDataBuf,
    /* uint32_t * const outLength:            */ &encryptedSize) /* only relevant in case of padding being used */
  );
 
  if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClCipher_encrypt) != e_token) || ((MCUXCLCIPHER_STATUS_JOB_STARTED != e_status) && (MCUXCLCIPHER_STATUS_OK != e_status)))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  if(MCUXCLCIPHER_STATUS_JOB_STARTED == e_status)
  {
    /* A non-blocking job was started. Wait for the interrupt */
    while(MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED == flag_interruptNumber) {};
 
    /* Call the resource interrupt handler to finish the non-blocking operation.
     * On normal operation flow, this will trigger the user_callback function at the end,
     * which sets cipherStatus_nonBlockingCallback to the status code of the Cipher operation.
     * On error, mcuxClResource_handle_interrupt returns an ERROR code without triggering
     * the user_callback. */
    MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(rhi_status, rhi_token, mcuxClResource_handle_interrupt(resourceCtxHandle, flag_interruptNumber));
    if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClResource_handle_interrupt) != rhi_token) || (MCUXCLRESOURCE_STATUS_OK != rhi_status))
    {
      return MCUXCLEXAMPLE_STATUS_ERROR;
    }
    MCUX_CSSL_FP_FUNCTION_CALL_END();
 
    if(MCUXCLCIPHER_STATUS_JOB_COMPLETED != cipherStatus_nonBlockingCallback)
    {
      return MCUXCLEXAMPLE_STATUS_ERROR;
    }
 
    /* Reset polling loop condition and the status code */
    flag_interruptNumber = MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED;
    cipherStatus_nonBlockingCallback = MCUXCLCIPHER_STATUS_CALLBACK_NOT_EXECUTED;
  }
 
  MCUX_CSSL_FP_FUNCTION_CALL_END();
 
  /**************************************************************************/
  /* Decryption                                                             */
  /**************************************************************************/
 
  uint32_t decryptedSize = 0u;
  uint8_t decryptedData[sizeof(plain)];
 
  MCUXCLBUFFER_INIT_DMA(decryptedDataBuf, session, decryptedData, sizeof(decryptedData));
  MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(d_status, d_token, mcuxClCipher_decrypt(
    /* mcuxClSession_Handle_t session:        */ session,
    /* const mcuxClKey_Handle_t key:          */ key,
    /* mcuxClCipher_Mode_t mode:              */ mcuxClCipher_Mode_AES_CTR_NonBlocking,
    /* mcuxCl_InputBuffer_t pIv:              */ ivBuf,
    /* uint32_t ivLength:                    */ sizeof(iv),
    MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("Initialized by MCUXCLBUFFER_INIT_DMA")
    /* const mcuxCl_InputBuffer_t pIn:        */ (mcuxCl_InputBuffer_t) encryptedDataBuf,
    MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
    /* uint32_t inLength:                    */ encryptedSize,
    /* mcuxCl_Buffer_t pOut:                  */ decryptedDataBuf,
    /* uint32_t * const outLength:           */ &decryptedSize) /* only relevant in case of padding being used/removed */
  );
 
  if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClCipher_decrypt) != d_token) || ((MCUXCLCIPHER_STATUS_JOB_STARTED != d_status) && (MCUXCLCIPHER_STATUS_OK != d_status)))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  if(MCUXCLCIPHER_STATUS_JOB_STARTED == d_status)
  {
    /* A non-blocking job was started. Wait for the interrupt */
    while(MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED == flag_interruptNumber) {};
 
    /* Call the resource interrupt handler to finish the non-blocking operation.
     * On normal operation flow, this will trigger the user_callback function at the end,
     * which sets cipherStatus_nonBlockingCallback to the status code of the Cipher operation.
     * On error, mcuxClResource_handle_interrupt returns an ERROR code without triggering
     * the user_callback. */
    MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(rhi_status, rhi_token, mcuxClResource_handle_interrupt(resourceCtxHandle, flag_interruptNumber));
    if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClResource_handle_interrupt) != rhi_token) || (MCUXCLRESOURCE_STATUS_OK != rhi_status))
    {
      return MCUXCLEXAMPLE_STATUS_ERROR;
    }
    MCUX_CSSL_FP_FUNCTION_CALL_END();
 
    if(MCUXCLCIPHER_STATUS_JOB_COMPLETED != cipherStatus_nonBlockingCallback)
    {
      return MCUXCLEXAMPLE_STATUS_ERROR;
    }
 
    /* Reset polling loop condition and the status code */
    flag_interruptNumber = MCUXCLCIPHER_FLAG_DMA_INTERRUPT_NOT_TRIGGERED;
    cipherStatus_nonBlockingCallback = MCUXCLCIPHER_STATUS_CALLBACK_NOT_EXECUTED;
  }
  MCUX_CSSL_FP_FUNCTION_CALL_END();
 
  /**************************************************************************/
  /* Destroy the current session and clean-up                               */
  /**************************************************************************/
 
  if(!mcuxClExample_Session_Clean(session))
  {
      return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  /* Disable the interrupts */
  interruptUninit();
 
  /**************************************************************************/
  /* Verification                                                           */
  /**************************************************************************/
 
  if(sizeof(encryptedRef) != encryptedSize)
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("encryptedData initialized by mcuxClCipher_encrypt")
  if(!mcuxClCore_assertEqual(encryptedRef, encryptedData, sizeof(encryptedRef)))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
  MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
 
  if(sizeof(plain) != decryptedSize)
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
 
  MCUX_CSSL_ANALYSIS_START_SUPPRESS_ALREADY_INITIALIZED("decryptedData initialized by mcuxClCipher_decrypt")
  if(!mcuxClCore_assertEqual(plain, decryptedData, sizeof(plain)))
  {
    return MCUXCLEXAMPLE_STATUS_ERROR;
  }
  MCUX_CSSL_ANALYSIS_STOP_SUPPRESS_ALREADY_INITIALIZED()
 
  return MCUXCLEXAMPLE_STATUS_OK;
}