I am introducing a crypto module in the HAL, the module is supposed to be a wrapper around crypto/hashing capabilities and also to provide a SW fall-back for algorithm not supported in HW (a pure SW mode is also possible).
See the files hal_crypto.h and hal_crypto.c in trunk.
Now, I want to provide an effective API without too much complexity, it would help to receive feedback on APIs defined until now. For example the AES-GCM looks very complex:
Code: Select all
cryerror_t cryEncryptAES_GCM(CRYDriver *cryp,
crykey_t key_id,
bitsize_t size,
const uint8_t *in,
uint8_t *out,
bitsize_t ivsize,
const uint8_t *iv,
bitsize_t authsize,
uint8_t *authout);
cryerror_t cryDecryptAES_GCM(CRYDriver *cryp,
crykey_t key_id,
bitsize_t size,
const uint8_t *in,
uint8_t *out,
bitsize_t ivsize,
const uint8_t *iv,
bitsize_t authsize,
const uint8_t *authin);
Could this be simplified? for example size_t instead of bitsize_t, assuming IVs to be 64 bits, assuming AUTH fields to be 96 bits and so on. Some insight about use cases would be appreciated.
Next I will introduce SHA-1, SHA-2, DES, TDES and possibly others.
Note, there are no implementations yet, I am just trying to define the API.
Giovanni