[FL-1490] FuriHal: crypto api. Crypto cli tool. (#702)

* FuriHal: crypto layer
* Furi: add crash routine.
* FuriHal: crypto api. Crypto: cli command to manipulate secure enclave and encrypt/decrypt plain text.
* DeviceInfo: secure enclave verification.
* Rename original to enclave_valid
* Update expected enclave signature to match production keys
* F7: remove unused files

applications/cli/cli_commands.c

@@ -7,6 +7,15 @@
 #include <notification/notification-messages.h>
 #include <shci.h>
 
+#define ENCLAVE_SIGNATURE_KEY_SLOT 1
+#define ENCLAVE_SIGNATURE_SIZE 16
+static const uint8_t enclave_signature_iv[16] =
+    {0x32, 0xe6, 0xa7, 0x85, 0x20, 0xae, 0x0b, 0xf0, 0x00, 0xb6, 0x30, 0x9b, 0xd5, 0x42, 0x9e, 0xa6};
+static const uint8_t enclave_signature_input[ENCLAVE_SIGNATURE_SIZE] =
+    {0xdc, 0x76, 0x15, 0x1e, 0x69, 0xe8, 0xdc, 0xd3, 0x4a, 0x71, 0x0b, 0x42, 0x71, 0xe0, 0xa9, 0x78};
+static const uint8_t enclave_signature_expected[ENCLAVE_SIGNATURE_SIZE] =
+    {0x6b, 0x31, 0xc, 0xac, 0x3f, 0x68, 0x79, 0x76, 0x43, 0xc4, 0xfe, 0xe0, 0x25, 0x53, 0x64, 0xc7};
+
 /* 
  * Device Info Command
  * This command is intended to be used by humans and machines
@@ -85,6 +94,18 @@ void cli_command_device_info(Cli* cli, string_t args, void* context) {
             printf("%02X", ble_mac[i]);
         }
         printf("\r\n");
+
+        // Signature verification
+        uint8_t buffer[ENCLAVE_SIGNATURE_SIZE];
+        bool enclave_valid = false;
+        if(furi_hal_crypto_store_load_key(ENCLAVE_SIGNATURE_KEY_SLOT, enclave_signature_iv)) {
+            if(furi_hal_crypto_encrypt(enclave_signature_input, buffer, ENCLAVE_SIGNATURE_SIZE)) {
+                enclave_valid =
+                    memcmp(buffer, enclave_signature_expected, ENCLAVE_SIGNATURE_SIZE) == 0;
+            }
+            furi_hal_crypto_store_unload_key(ENCLAVE_SIGNATURE_KEY_SLOT);
+        }
+        printf("enclave_valid       : %s\r\n", enclave_valid ? "true" : "false");
     } else {
         printf("radio_alive         : false\r\n");
     }