Stashing work on AES-192 and AES256 software-based encryption I

Author: Dr. Maxie Dion Schmidt

Firmware/Chameleon-Mini/Application/CryptoAESExtended.c

@@ -31,4 +31,57 @@ This notice must be retained at the top of all source files where indicated.
  *       https://github.com/kokke/tiny-AES-c
  */
 
+#ifdef ENABLE_DESFIRE_AES_EXTENDED
+
+#ifndef __CRYPTO_AES_EXTENDED_SW_H__
+#define __CRYPTO_AES_EXTENDED_SW_H__
+
+#define _CRYPTO_TYPE_AES192        (0x8A)
+#define _CRYPTO_TYPE_AES256        (0xDA)
+
+#define AES_BLOCKLEN               (16)
+#define CRYPTO_AES_MAX_KEY_EXPSIZE (240)
+
+typedef struct {
+    int Nk; // The number of 32 bit words in a key.
+    int Nr; // The number of rounds in AES Cipher.
+    int KeySize;
+    int KeyExpSize;
+    uint8_t *RoundKey;
+    uint8_t *Iv;
+} AES_ctx;
+
+extern uint8_t AESCryptoType;
+extern uint8_t Nk;
+extern uint8_t Nr;
+extern uint8_t AES_KEYLEN;
+extern uint8_t AES_keyExpSize;
+extern uint8_t RoundKey[CRYPTO_AES_MAX_KEY_EXPSIZE];
+extern uint8_t IV[AES_BLOCKLEN];
+extern const uint8_t SBox[256];
+extern const uint8_t RSBox[256];
+extern const uint8_t RCon[11];
+
+void SetupLocalAESContext(AES_ctx *ctx, uint8_t cryptoType);
+
+void AES_init_ctx(struct AES_ctx* ctx, const uint8_t* key);
+void AES_init_ctx_iv(struct AES_ctx* ctx, const uint8_t* key, const uint8_t* iv);
+void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv);
+
+// Buffer size is exactly AES_BLOCKLEN bytes. 
+// You need only AES_init_ctx as IV is not used in ECB.
+// NB: ECB is considered insecure for most uses.
+void AES_ECB_encrypt(const struct AES_ctx* ctx, uint8_t* buf);
+void AES_ECB_decrypt(const struct AES_ctx* ctx, uint8_t* buf);
+
+// Buffer size MUST be mutile of AES_BLOCKLEN.
+// See https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme.
+// NOTES: you need to set IV in ctx via AES_init_ctx_iv() or AES_ctx_set_iv()
+//        no IV should ever be reused with the same key 
+void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
+void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
+
+#endif
+
+#endif
 

Firmware/Chameleon-Mini/Application/CryptoAESExtended.h

@@ -29,6 +29,9 @@ This notice must be retained at the top of all source files where indicated.
 
 #include "../../Common.h"
 #include "../CryptoAES128.h"
+#include "../CryptoAESExtended.h"
+#include "../CryptoTDEA.h"
+#include "../CryptoCMAC.h"
 
 #include "DESFireFirmwareSettings.h"
 
@@ -44,6 +47,8 @@ This notice must be retained at the top of all source files where indicated.
 #define DESFIRE_COMMS_PLAINTEXT_MAC        (0x01)
 #define DESFIRE_COMMS_CIPHERTEXT_DES       (0x03)
 #define DESFIRE_COMMS_CIPHERTEXT_AES128    (0x04)
+#define DESFIRE_COMMS_CIPHERTEXT_AES192    (0x05)
+#define DESFIRE_COMMS_CIPHERTEXT_AES256    (0x06)
 #define DESFIRE_DEFAULT_COMMS_STANDARD     (DESFIRE_COMMS_PLAINTEXT)
 
 extern BYTE DesfireCommMode;
@@ -53,6 +58,8 @@ extern BYTE DesfireCommMode;
 #define CRYPTO_TYPE_2KTDEA      (0x0A)
 #define CRYPTO_TYPE_3K3DES      (0x1A)
 #define CRYPTO_TYPE_AES128      (0x4A)
+#define CRYPTO_TYPE_AES192      (0x8A)
+#define CRYPTO_TYPE_AES256      (0xDA)
 
 #define CryptoTypeDES(ct)    \
     ((ct == CRYPTO_TYPE_DES) || (ct == CRYPTO_TYPE_ANY))
@@ -61,10 +68,17 @@ extern BYTE DesfireCommMode;
 #define CryptoType3KTDEA(ct) \
     ((ct == CRYPTO_TYPE_3K3DES) || (ct == CRYPTO_TYPE_ANY))
 #define CryptoTypeAES(ct)    \
-    ((ct == CRYPTO_TYPE_AES128) || (ct == CRYPTO_TYPE_ANY))
+    ((ct == CRYPTO_TYPE_AES128) || \
+     (ct == CRYPTO_TYPE_AES192) || \
+     (ct == CRYPTO_TYPE_AES256) || \
+     (ct == CRYPTO_TYPE_ANY))
 
 /* Key sizes, block sizes (in bytes): */
-#define CRYPTO_MAX_KEY_SIZE                  (24)
+#ifdef ENABLE_DESFIRE_AES_EXTENDED
+    #define CRYPTO_MAX_KEY_SIZE              (32)
+#else
+    #define CRYPTO_MAX_KEY_SIZE              (24)
+#endif
 #define CRYPTO_MAX_BLOCK_SIZE                (16)
 #define DESFIRE_AES_IV_SIZE                  (CRYPTO_AES_BLOCK_SIZE)
 #define CRYPTO_CHALLENGE_RESPONSE_BYTES      (16)
@@ -105,7 +119,9 @@ typedef enum DESFIRE_FIRMWARE_ENUM_PACKING {
     DESFIRE_AUTH_LEGACY,
     DESFIRE_AUTH_ISO_2KTDEA,
     DESFIRE_AUTH_ISO_3KTDEA,
-    DESFIRE_AUTH_AES,
+    DESFIRE_AUTH_AES128,
+    DESFIRE_AUTH_AES192,
+    DESFIRE_AUTH_AES256
 } DesfireAuthType;
 
 BYTE GetCryptoKeyTypeFromAuthenticateMethod(BYTE authCmdMethod);
@@ -117,8 +133,6 @@ BYTE GetCryptoKeyTypeFromAuthenticateMethod(BYTE authCmdMethod);
  * AES (128) crypto routines:
  *********************************************************/
 
-#include "../CryptoAES128.h"
-
 extern CryptoAESConfig_t AESCryptoContext;
 
 void InitAESCryptoKeyData(void);
@@ -134,9 +148,6 @@ typedef uint8_t (*CryptoTransferReceiveFunc)(uint8_t *, uint8_t);
  * TripleDES crypto routines:
  *********************************************************/
 
-#include "../CryptoTDEA.h"
-#include "../CryptoCMAC.h"
-
 #define DESFIRE_2KTDEA_NONCE_SIZE            (CRYPTO_DES_BLOCK_SIZE)
 #define DESFIRE_DES_IV_SIZE                  (CRYPTO_DES_BLOCK_SIZE)
 #define DESFIRE_MAX_PAYLOAD_TDEA_BLOCKS      (DESFIRE_MAX_PAYLOAD_SIZE / CRYPTO_DES_BLOCK_SIZE)

Firmware/Chameleon-Mini/Application/DESFire/DESFireCrypto.h

@@ -1,4 +1,4 @@
-:1000000000004B2D07070808000004014100900183
+:100000000000572A0707080800000401410090017A
 :1000100000000000000000000000000000000000E0
 :1000200000000000000000000000000000000000D0
 :1000300000000000000000000000000000000000C0