mirror of
https://github.com/CovidBraceletPrj/CovidBracelet.git
synced 2024-10-15 02:19:20 +02:00
Add library files
This commit is contained in:
parent
cac96d7990
commit
8b8895b5c2
72
include/mbedtls/aes_alt.h
Normal file
72
include/mbedtls/aes_alt.h
Normal file
@ -0,0 +1,72 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_AES_ALT_H
|
||||
#define MBEDTLS_AES_ALT_H
|
||||
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#if defined(MBEDTLS_AES_ALT)
|
||||
|
||||
|
||||
/* padlock.c and aesni.c rely on these values! */
|
||||
#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */
|
||||
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
|
||||
|
||||
/* Error codes in range 0x0020-0x0022 */
|
||||
#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
|
||||
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
|
||||
|
||||
/* Error codes in range 0x0023-0x0025 */
|
||||
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */
|
||||
#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */
|
||||
|
||||
|
||||
/* The Size of the AES context.*/
|
||||
#define MBEDTLS_AES_CONTEXT_SIZE_IN_WORDS (29)
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief AES context structure
|
||||
*
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint32_t buf[MBEDTLS_AES_CONTEXT_SIZE_IN_WORDS];
|
||||
} mbedtls_aes_context;
|
||||
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_XTS)
|
||||
/**
|
||||
* \brief The AES XTS context-type definition.
|
||||
*/
|
||||
typedef struct mbedtls_aes_xts_context
|
||||
{
|
||||
mbedtls_aes_context crypt; /*!< The AES context to use for AES block
|
||||
encryption or decryption. */
|
||||
mbedtls_aes_context tweak; /*!< The AES context used for tweak
|
||||
computation. */
|
||||
} mbedtls_aes_xts_context;
|
||||
#endif /* MBEDTLS_CIPHER_MODE_XTS */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_AES_ALT */
|
||||
|
||||
#endif /* MBEDTLS_AES_ALT_H */
|
403
include/mbedtls/cc3xx_kmu.h
Normal file
403
include/mbedtls/cc3xx_kmu.h
Normal file
@ -0,0 +1,403 @@
|
||||
/*
|
||||
* Copyright (c) 2020 Nordic Semiconductor ASA
|
||||
*
|
||||
* SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
|
||||
*/
|
||||
|
||||
/**@file
|
||||
* @defgroup nrf_cc3xx_mbedcrypto nrf_cc3xx_mbedcrypto APIs
|
||||
* @{
|
||||
* @brief nrf_cc3xx_mbedcrypto nrf_cc3xx_mbedcrypto library containing cc3xx
|
||||
* APIs for the KMU or KDR peripherals. Further documentation can be found on : https://tls.mbed.org
|
||||
* @}
|
||||
*
|
||||
* @defgroup nrf_cc3xx_mbedcrypto_kmu nrf_cc3xx_mbedcrypto KMU APIs
|
||||
* @ingroup nrf_cc3xx_mbedcrypto
|
||||
* @{
|
||||
* @brief The nrf_cc3xx_mbedcrypto_kmu APIs can be utilized to directly use or derive keys
|
||||
* from KMU or KDR in ARM CryptoCell devices
|
||||
*/
|
||||
#ifndef CC3XX_KMU_H__
|
||||
#define CC3XX_KMU_H__
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "nrf_cc3xx_platform_defines.h"
|
||||
|
||||
|
||||
#define MBEDTLS_SHADOW_KEY_KDF_MAX_LABEL_SIZE_IN_BYTES (64) //!< KDF input "label" can be 0 to 64 bytes.
|
||||
#define MBEDTLS_SHADOW_KEY_KDF_MAX_CONTEXT_SIZE_IN_BYTES (64) //!< KDF input "context" can be 0 to 64 bytes.
|
||||
#define MBEDTLS_SHADOW_KEY_KDF_MAX_DERIVED_SIZE_IN_BYTES (4080) //!< KDF max length for derived material.
|
||||
|
||||
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_KEY_OK (0) //!< The shadow key operation was succesful.
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_INVALID_SLOT (-1) //!< The shadow key operation used an invalid slot.
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_INVALID_SIZE (-2) //!< The shadow key was of invalid size.
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_LABEL (-3) //!< The KDF input label is invalid
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_CONTEXT (-4) //!< The KDF input context is invalid
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_INPUT (-5) //!< The KDF input is invalid
|
||||
#define MBEDTLS_ERR_SHADOW_KEY_INTERNAL_ERROR (-6) //!< KMU/KDF internal error.
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/** @brief Function to configure AES to use one or more KMU key slot for
|
||||
* encryption
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_aes_setkey_enc.
|
||||
*
|
||||
* @note Using this API enforces raw key usage of keys in the KMU slots.
|
||||
* If derived key usage is intended, please use the API
|
||||
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
|
||||
*
|
||||
* @param ctx AES context to set the key by KMU slot
|
||||
* @param slot_id Identifier of the key slot (0 - 127)
|
||||
* @param keybits Key size in bits
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_aes_setkey_enc_shadow_key(
|
||||
mbedtls_aes_context * const ctx,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits);
|
||||
|
||||
|
||||
/** @brief Function to configure AES to use one or more KMU key slot for
|
||||
* decryption
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_aes_setkey_dec.
|
||||
*
|
||||
* @note Using this API enforces raw key usage of keys in the KMU slots.
|
||||
* If derived key usage is intended, please use the API
|
||||
* nrf_cc3xx_platform_kmu_aes_setkey_dec_shadow_key_derived.
|
||||
*
|
||||
* @param ctx AES context to set the key by KMU slot.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_aes_setkey_dec_shadow_key(
|
||||
mbedtls_aes_context * const ctx,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits);
|
||||
|
||||
|
||||
/** @brief Function to configure AES to use a key derived from one or more
|
||||
* slots in KMU for encryption.
|
||||
*
|
||||
* @details See mbedtls_derive_kmu_key for details on the KDF function.
|
||||
*
|
||||
* @note Replaces the API mbedtls_aes_setkey_dec.
|
||||
*
|
||||
* @note The key derivation is executed before each requests to encrypt.
|
||||
* this function only configures the context to use a derived key.
|
||||
*
|
||||
* @note When deriving the key from KMU registers, the derived keys exist
|
||||
* in SRAM for a brief period of time, before being loaded into the
|
||||
* write-only CryptoCell HW registers for AES keys before encryption.
|
||||
*
|
||||
* @param ctx AES context to set the decryption key by KMU slot.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
* @param label Label to use for KDF.
|
||||
* @param label_size Size of the label to use for KDF.
|
||||
* @param context Context info to use for KDF.
|
||||
* @param context_size Context info size to use for KDF.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_aes_setkey_enc_shadow_key_derived(
|
||||
mbedtls_aes_context * const ctx,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits,
|
||||
uint8_t const * label,
|
||||
size_t label_size,
|
||||
uint8_t const * context,
|
||||
size_t context_size);
|
||||
|
||||
|
||||
/** @brief Function to configure AES to use a key derived from one or more
|
||||
* slots in KMU for decryption.
|
||||
*
|
||||
* @details See mbedtls_derive_kmu_key for details on the KDF function.
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
* @note Replaces the API mbedtls_aes_setkey_enc.
|
||||
*
|
||||
* @note The key derivation is executed before each requests to decrypt.
|
||||
* This function only configures the context to use a derived key.
|
||||
*
|
||||
* @note When deriving the key from KMU registers, the derived keys exist
|
||||
* in SRAM for a brief period of time, before being loaded into the
|
||||
* write-only CryptoCell HW registers for AES keys before decryption.
|
||||
*
|
||||
* @param ctx AES context to set the decryption key by KMU slot.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
* @param label Label to use for KDF.
|
||||
* @param label_size Size of the label to use for KDF.
|
||||
* @param context Context info to use for KDF.
|
||||
* @param context_size Context info size to use for KDF.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_aes_setkey_dec_shadow_key_derived(
|
||||
mbedtls_aes_context * const ctx,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits,
|
||||
uint8_t const * label,
|
||||
size_t label_size,
|
||||
uint8_t const * context,
|
||||
size_t context_size);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* defined(MBEDTLS_AES_C) */
|
||||
|
||||
|
||||
#if defined(MBEDTLS_CCM_C)
|
||||
|
||||
#include "mbedtls/ccm.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/** @brief Function to configure AES CCM to use one or more KMU key slot as
|
||||
* encryption key.
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_ccm_setkey.
|
||||
*
|
||||
* @note Using this API enforces raw key usage of keys in the KMU slots.
|
||||
* If derived key usage is intended, please use the API
|
||||
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
|
||||
*
|
||||
* @param ctx AES context to set the key by KMU slot.
|
||||
* @param cipher Cipher id to use.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_ccm_setkey_shadow_key(
|
||||
mbedtls_ccm_context * const ctx,
|
||||
mbedtls_cipher_id_t cipher,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits
|
||||
);
|
||||
|
||||
/** @brief Function to configure AES CCM to use a key derived from one or more
|
||||
* slots in KMU for encryption.
|
||||
*
|
||||
* @details See mbedtls_derive_kmu_key for details on the KDF function.
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_ccm_setkey.
|
||||
*
|
||||
* @note The key derivation is executed before each requests to decrypt.
|
||||
* This function only configures the context to use a derived key.
|
||||
*
|
||||
* @note When deriving the key from KMU registers, the derived keys exist
|
||||
* in SRAM for a brief period of time, before being loaded into the
|
||||
* write-only CryptoCell HW registers for AES keys before decryption.
|
||||
*
|
||||
* @param ctx AES context to set the decryption key by KMU slot.
|
||||
* @param cipher Cipher id to use.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
* @param label Label to use for KDF.
|
||||
* @param label_size Size of the label to use for KDF.
|
||||
* @param context Context info to use for KDF.
|
||||
* @param context_size Context info size to use for KDF.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_ccm_setkey_shadow_key_derived(
|
||||
mbedtls_ccm_context * const ctx,
|
||||
mbedtls_cipher_id_t cipher,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits,
|
||||
uint8_t const * label,
|
||||
size_t label_size,
|
||||
uint8_t const * context,
|
||||
size_t context_size
|
||||
);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* defined(MBEDTLS_CCM_C) */
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
|
||||
#include "mbedtls/gcm.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/** @brief Function to configure AES GCM to use one or more KMU key slot as
|
||||
* encryption key.
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_gcm_setkey.
|
||||
*
|
||||
* @note Using this API enforces raw key usage of keys in the KMU slots.
|
||||
* If derived key usage is intended, please use the API
|
||||
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
|
||||
*
|
||||
* @param ctx AES context to set the key by KMU slot.
|
||||
* @param cipher Cipher id to use.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_gcm_setkey_shadow_key(
|
||||
mbedtls_gcm_context * const ctx,
|
||||
mbedtls_cipher_id_t cipher,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits
|
||||
);
|
||||
|
||||
/** @brief Function to configure AES GCM to use a key derived from one or more
|
||||
* slots in KMU for encryption.
|
||||
*
|
||||
* @details See mbedtls_derive_kmu_key for details on the KDF function.
|
||||
*
|
||||
* @note A shadow key is not directly accessible, only reference information
|
||||
* is stored in the context type
|
||||
*
|
||||
* @note Replaces the API mbedtls_gcm_setkey.
|
||||
*
|
||||
* @note The key derivation is executed before each requests to decrypt.
|
||||
* this function only configures the context to use a derived key.
|
||||
*
|
||||
* @note When deriving the key from KMU registers, the derived keys exist
|
||||
* in SRAM for a brief period of time, before being loaded into the
|
||||
* write-only CryptoCell HW registers for AES keys before decryption.
|
||||
*
|
||||
* @param ctx AES context to set the decryption key by KMU slot.
|
||||
* @param cipher Cipher id to use.
|
||||
* @param slot_id Identifier of the key slot (0 - 127).
|
||||
* @param keybits Key size in bits.
|
||||
* @param label Label to use for KDF.
|
||||
* @param label_size Size of the label to use for KDF.
|
||||
* @param context Context info to use for KDF.
|
||||
* @param context_size Context info size to use for KDF.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_gcm_setkey_shadow_key_derived(
|
||||
mbedtls_gcm_context * const ctx,
|
||||
mbedtls_cipher_id_t cipher,
|
||||
uint32_t slot_id,
|
||||
unsigned int keybits,
|
||||
uint8_t const * label,
|
||||
size_t label_size,
|
||||
uint8_t const * context,
|
||||
size_t context_size
|
||||
);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif // defined(MBEDTLS_GCM_C)
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
|
||||
#include "mbedtls/aes.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
|
||||
/** @brief Function to use CMAC to derive a key stored in KMU/Kdr
|
||||
*
|
||||
* @details The KDF is using a PRF function described in the Special publication
|
||||
* 800-108: Recommendation for Key Derivation Using Pseudorandom Functions
|
||||
* https://csrc.nist.gov/publications/detail/sp/800-108/final.
|
||||
*
|
||||
* This algorithm is described in chapter 5.1 - KDF in Counter Mode
|
||||
*
|
||||
* The format of the PRF (the input) is as follows:
|
||||
* PRF (KI, i || Label || 0x00 || Context || L)
|
||||
*
|
||||
* KI: The Key derivation key
|
||||
* i : The counter value for each iteration of the PRF represented
|
||||
* as one byte.
|
||||
* label: A string identifying the purpose of the derived key
|
||||
* that is up to 64 bytes long.
|
||||
* 0x00: a single byte delimiter.
|
||||
* Context: Fixed information about the derived keying material
|
||||
* that is up to 64 bytes long.
|
||||
* L : The length of derived key material in bits represented as two
|
||||
* bytes.
|
||||
*
|
||||
* @note On nRF52840 only slot_id == 0 is valid, pointing to the
|
||||
* Kdr key (also known as a HUK key) loaded into the CryptoCell.
|
||||
*
|
||||
* @param slot_id Identifier of the key slot.
|
||||
* @param keybits Key size in bits.
|
||||
* @param label Label to use for KDF.
|
||||
* @param label_size Size of the label to use for KDF.
|
||||
* @param context Context info to use for KDF.
|
||||
* @param context_size Context info size to use for KDF.
|
||||
* @param output Output buffer.
|
||||
* @param output_size Size of output buffer in bytes.
|
||||
*
|
||||
* @returns 0 on success, otherwise a negative number.
|
||||
*/
|
||||
int mbedtls_shadow_key_derive(uint32_t slot_id,
|
||||
unsigned int keybits,
|
||||
uint8_t const * label,
|
||||
size_t label_size,
|
||||
uint8_t const * context,
|
||||
size_t context_size,
|
||||
uint8_t * output,
|
||||
size_t output_size);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif // defined(MBEDTLS_AES_C)
|
||||
|
||||
#endif /* CC3XX_KMU_H__ */
|
||||
|
||||
/** @} */
|
45
include/mbedtls/ccm_alt.h
Normal file
45
include/mbedtls/ccm_alt.h
Normal file
@ -0,0 +1,45 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CCM_ALT_H
|
||||
#define MBEDTLS_CCM_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
#include "mbedtls/cipher.h"
|
||||
|
||||
#if defined (MBEDTLS_CCM_ALT)
|
||||
|
||||
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
|
||||
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
|
||||
|
||||
/* The Size of the CCM context.*/
|
||||
#define MBEDTLS_CCM_CONTEXT_SIZE_IN_WORDS (33)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief The CCM context-type definition. The CCM context is passed
|
||||
* to the APIs called.
|
||||
*/
|
||||
typedef struct {
|
||||
uint32_t buf[MBEDTLS_CCM_CONTEXT_SIZE_IN_WORDS];
|
||||
}
|
||||
mbedtls_ccm_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CCM_ALT */
|
||||
|
||||
#endif /* MBEDTLS_CCM_ALT_H */
|
58
include/mbedtls/chacha20_alt.h
Normal file
58
include/mbedtls/chacha20_alt.h
Normal file
@ -0,0 +1,58 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CHACHA20_ALT_H
|
||||
#define MBEDTLS_CHACHA20_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/************************ Defines ******************************/
|
||||
|
||||
/*! The size of the ChaCha user-context in words. */
|
||||
#define MBEDTLS_CHACHA_USER_CTX_SIZE_IN_WORDS 41
|
||||
/*! The size of the ChaCha block in Bytes. */
|
||||
#define MBEDTLS_CHACHA_BLOCK_SIZE_BYTES 64
|
||||
/*! The size of the ChaCha block in Bytes. As defined in rfc7539 */
|
||||
#define MBEDTLS_CHACHA_NONCE_SIZE_BYTES 12
|
||||
/*! The size of the ChaCha key in Bytes. */
|
||||
#define MBEDTLS_CHACHA_KEY_SIZE_BYTES 32
|
||||
/*! Internal type to identify 12 byte nonce */
|
||||
#define MBEDTLS_CHACHA_NONCE_SIZE_12BYTE_TYPE 1
|
||||
|
||||
/*! The definition of the 12-Byte array of the nonce buffer. */
|
||||
typedef uint8_t mbedtls_chacha_nonce[MBEDTLS_CHACHA_NONCE_SIZE_BYTES];
|
||||
|
||||
/*! The definition of the key buffer of the ChaCha engine. */
|
||||
typedef uint8_t mbedtls_chacha_key[MBEDTLS_CHACHA_KEY_SIZE_BYTES];
|
||||
|
||||
#if defined(MBEDTLS_CHACHA20_ALT)
|
||||
|
||||
typedef struct
|
||||
{
|
||||
uint32_t buf[MBEDTLS_CHACHA_USER_CTX_SIZE_IN_WORDS];
|
||||
}
|
||||
mbedtls_chacha20_context;
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* MBEDTLS_CHACHA20_ALT_H */
|
43
include/mbedtls/chachapoly_alt.h
Normal file
43
include/mbedtls/chachapoly_alt.h
Normal file
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CHACHAPOLY_ALT_H
|
||||
#define MBEDTLS_CHACHAPOLY_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include "chacha20_alt.h"
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/************************ Defines ******************************/
|
||||
#define CHACHAPOLY_TAG_SIZE_BYTES 16
|
||||
|
||||
#if defined(MBEDTLS_CHACHAPOLY_ALT)
|
||||
|
||||
typedef struct
|
||||
{
|
||||
mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */
|
||||
}mbedtls_chachapoly_context;
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* MBEDTLS_CHACHAPOLY_ALT_H */
|
43
include/mbedtls/cmac_alt.h
Normal file
43
include/mbedtls/cmac_alt.h
Normal file
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_CMAC_ALT_H
|
||||
#define MBEDTLS_CMAC_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#if defined(MBEDTLS_CMAC_ALT)
|
||||
|
||||
/* hide internal implementation of the struct. Allocate enough space for it.*/
|
||||
#define MBEDTLS_CMAC_CONTEXT_SIZE_IN_WORDS 38
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief CMAC cipher context structure
|
||||
*/
|
||||
struct mbedtls_cmac_context_t{
|
||||
/*! Internal buffer */
|
||||
uint32_t buf[MBEDTLS_CMAC_CONTEXT_SIZE_IN_WORDS];
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_CMAC_ALT */
|
||||
|
||||
#endif /* MBEDTLS_CMAC_ALT_H */
|
63
include/mbedtls/dhm_alt.h
Normal file
63
include/mbedtls/dhm_alt.h
Normal file
@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_DHM_ALT_H
|
||||
#define MBEDTLS_DHM_ALT_H
|
||||
|
||||
|
||||
#if defined(MBEDTLS_DHM_ALT)
|
||||
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
/*
|
||||
* DHM Error codes
|
||||
*/
|
||||
#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
|
||||
#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
|
||||
#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
|
||||
#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
|
||||
#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
|
||||
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
|
||||
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
|
||||
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
|
||||
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
|
||||
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */
|
||||
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief The DHM context structure.
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
size_t len; /*!< The size of \p P in Bytes. */
|
||||
mbedtls_mpi P; /*!< The prime modulus. */
|
||||
mbedtls_mpi G; /*!< The generator. */
|
||||
mbedtls_mpi X; /*!< Our secret value. */
|
||||
mbedtls_mpi GX; /*!< Our public key = \c G^X mod \c P. */
|
||||
mbedtls_mpi GY; /*!< The public key of the peer = \c G^Y mod \c P. */
|
||||
mbedtls_mpi K; /*!< The shared secret = \c G^(XY) mod \c P. */
|
||||
mbedtls_mpi RP; /*!< The cached value = \c R^2 mod \c P. */
|
||||
mbedtls_mpi Vi; /*!< The blinding value. */
|
||||
mbedtls_mpi Vf; /*!< The unblinding value. */
|
||||
mbedtls_mpi pX; /*!< The previous \c X. */
|
||||
}
|
||||
mbedtls_dhm_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_DHM_ALT - use alternative code */
|
||||
#endif /* MBEDTLS_DHM_ALT_H - include only once */
|
144
include/mbedtls/ecp_alt.h
Normal file
144
include/mbedtls/ecp_alt.h
Normal file
@ -0,0 +1,144 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
#ifndef MBEDTLS_ECP_ALT_H
|
||||
#define MBEDTLS_ECP_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_ECP_ALT)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* The content of the structure in this ALT implementation is
|
||||
* exactly the same as ecp.h, but the type must be provided
|
||||
* here as MBEDTLS_ECP_ALT is set
|
||||
*/
|
||||
|
||||
/**
|
||||
* \brief The ECP group structure.
|
||||
*
|
||||
* We consider two types of curve equations:
|
||||
* <ul><li>Short Weierstrass: <code>y^2 = x^3 + A x + B mod P</code>
|
||||
* (SEC1 + RFC-4492)</li>
|
||||
* <li>Montgomery: <code>y^2 = x^3 + A x^2 + x mod P</code> (Curve25519,
|
||||
* Curve448)</li></ul>
|
||||
* In both cases, the generator (\p G) for a prime-order subgroup is fixed.
|
||||
*
|
||||
* For Short Weierstrass, this subgroup is the whole curve, and its
|
||||
* cardinality is denoted by \p N. Our code requires that \p N is an
|
||||
* odd prime as mbedtls_ecp_mul() requires an odd number, and
|
||||
* mbedtls_ecdsa_sign() requires that it is prime for blinding purposes.
|
||||
*
|
||||
* For Montgomery curves, we do not store \p A, but <code>(A + 2) / 4</code>,
|
||||
* which is the quantity used in the formulas. Additionally, \p nbits is
|
||||
* not the size of \p N but the required size for private keys.
|
||||
*
|
||||
* If \p modp is NULL, reduction modulo \p P is done using a generic algorithm.
|
||||
* Otherwise, \p modp must point to a function that takes an \p mbedtls_mpi in the
|
||||
* range of <code>0..2^(2*pbits)-1</code>, and transforms it in-place to an integer
|
||||
* which is congruent mod \p P to the given MPI, and is close enough to \p pbits
|
||||
* in size, so that it may be efficiently brought in the 0..P-1 range by a few
|
||||
* additions or subtractions. Therefore, it is only an approximative modular
|
||||
* reduction. It must return 0 on success and non-zero on failure.
|
||||
*
|
||||
* \note Alternative implementations must keep the group IDs distinct. If
|
||||
* two group structures have the same ID, then they must be
|
||||
* identical.
|
||||
*
|
||||
*/
|
||||
typedef struct mbedtls_ecp_group
|
||||
{
|
||||
mbedtls_ecp_group_id id; /*!< An internal group identifier. */
|
||||
mbedtls_mpi P; /*!< The prime modulus of the base field. */
|
||||
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
|
||||
Montgomery curves: <code>(A + 2) / 4</code>. */
|
||||
mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation.
|
||||
For Montgomery curves: unused. */
|
||||
mbedtls_ecp_point G; /*!< The generator of the subgroup used. */
|
||||
mbedtls_mpi N; /*!< The order of \p G. */
|
||||
size_t pbits; /*!< The number of bits in \p P.*/
|
||||
size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P.
|
||||
For Montgomery curves: the number of bits in the
|
||||
private keys. */
|
||||
unsigned int h; /*!< \internal 1 if the constants are static. */
|
||||
int (*modp)(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
|
||||
mod \p P (see above).*/
|
||||
int (*t_pre)(mbedtls_ecp_point *, void *); /*!< Unused. */
|
||||
int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */
|
||||
void *t_data; /*!< Unused. */
|
||||
mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */
|
||||
size_t T_size; /*!< The number of pre-computed points. */
|
||||
}
|
||||
mbedtls_ecp_group;
|
||||
|
||||
/**
|
||||
* \name SECTION: Module settings
|
||||
*
|
||||
* The configuration options you can set for this module are in this section.
|
||||
* Either change them in config.h, or define them using the compiler command line.
|
||||
* \{
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_ECP_MAX_BITS)
|
||||
/**
|
||||
* The maximum size of the groups, that is, of \c N and \c P.
|
||||
*/
|
||||
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
|
||||
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
|
||||
|
||||
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
|
||||
/*
|
||||
* Maximum "window" size used for point multiplication.
|
||||
* Default: 6.
|
||||
* Minimum value: 2. Maximum value: 7.
|
||||
*
|
||||
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
|
||||
* points used for point multiplication. This value is directly tied to EC
|
||||
* peak memory usage, so decreasing it by one should roughly cut memory usage
|
||||
* by two (if large curves are in use).
|
||||
*
|
||||
* Reduction in size may reduce speed, but larger curves are impacted first.
|
||||
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
|
||||
* w-size: 6 5 4 3 2
|
||||
* 521 145 141 135 120 97
|
||||
* 384 214 209 198 177 146
|
||||
* 256 320 320 303 262 226
|
||||
* 224 475 475 453 398 342
|
||||
* 192 640 640 633 587 476
|
||||
*/
|
||||
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
|
||||
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
|
||||
|
||||
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
|
||||
/*
|
||||
* Trade memory for speed on fixed-point multiplication.
|
||||
*
|
||||
* This speeds up repeated multiplication of the generator (that is, the
|
||||
* multiplication in ECDSA signatures, and half of the multiplications in
|
||||
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
|
||||
*
|
||||
* The cost is increasing EC peak memory usage by a factor roughly 2.
|
||||
*
|
||||
* Change this value to 0 to reduce peak memory usage.
|
||||
*/
|
||||
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
|
||||
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
|
||||
|
||||
/* \} name SECTION: Module settings */
|
||||
|
||||
#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_ECP_ALT */
|
||||
|
||||
#endif /* MBEDTLS_ECP_ALT_H */
|
65
include/mbedtls/platform_alt.h
Normal file
65
include/mbedtls/platform_alt.h
Normal file
@ -0,0 +1,65 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_PLATFORM_ALT_H
|
||||
#define MBEDTLS_PLATFORM_ALT_H
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
|
||||
|
||||
#define MBEDTLS_ERR_PLATFORM_SUCCESS (0)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_PARAM_NULL (-0x7001)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_INTERNAL (-0x7002)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_RNG_TEST_FAILED (-0x7003)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_HW_VERSION_FAILED (-0x7004)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_PARAM_WRITE_FAILED (-0x7005)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_MUTEX_NOT_INITIALIZED (-0x7016)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_MUTEX_FAILED (-0x7017)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_ENTROPY_NOT_INITIALIZED (-0x7018)
|
||||
#define MBEDTLS_ERR_PLATFORM_ERROR_ENTROPY_TRNG_TOO_LONG (-0x7019)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief The platform context structure.
|
||||
*
|
||||
*/
|
||||
typedef struct {
|
||||
char dummy; /**< A placeholder member, as empty structs are not portable. */
|
||||
}
|
||||
mbedtls_platform_context;
|
||||
|
||||
|
||||
/** @brief Function to initialize platform without rng support
|
||||
*
|
||||
* Call this function instead of mbedtls_platform_setup if RNG is not required.
|
||||
* e.g. to conserve code size of improve startup time.
|
||||
*
|
||||
* @note It is possible to run mbedtls_platform_setup after calling
|
||||
* this API if RNG is suddenly required. Calling mbedtls_platform_teardown
|
||||
* is not required to be used, in this case.
|
||||
*
|
||||
* @warning Only deterministic cryptographic is supported if this API is used
|
||||
* to initalize the HW.
|
||||
*/
|
||||
int mbedtls_platform_setup_no_rng(void);
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
|
||||
|
||||
#endif /* MBEDTLS_PLATFORM_ALT_H */
|
59
include/mbedtls/poly1305_alt.h
Normal file
59
include/mbedtls/poly1305_alt.h
Normal file
@ -0,0 +1,59 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_POLY1305_ALT_H
|
||||
#define MBEDTLS_POLY1305_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_POLY1305_ALT)
|
||||
|
||||
/************************ defines ****************************/
|
||||
/*! The size of the POLY key in words. */
|
||||
#define MBEDTLS_POLY_KEY_SIZE_WORDS 8
|
||||
|
||||
/*! The size of the POLY key in bytes. */
|
||||
#define MBEDTLS_POLY_KEY_SIZE_BYTES 32
|
||||
|
||||
/*! The size of the POLY MAC in words. */
|
||||
#define MBEDTLS_POLY_MAC_SIZE_WORDS 4
|
||||
|
||||
/*! The size of the POLY MAC in bytes. */
|
||||
#define MBEDTLS_POLY_MAC_SIZE_BYTES 16
|
||||
|
||||
/************************ Typedefs ****************************/
|
||||
/*! The definition of the ChaCha-MAC buffer. */
|
||||
typedef uint32_t mbedtls_poly_mac[MBEDTLS_POLY_MAC_SIZE_WORDS];
|
||||
|
||||
/*! The definition of the ChaCha-key buffer. */
|
||||
typedef uint32_t mbedtls_poly_key[MBEDTLS_POLY_KEY_SIZE_WORDS];
|
||||
|
||||
typedef struct mbedtls_poly1305_context
|
||||
{
|
||||
uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */
|
||||
uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */
|
||||
uint32_t acc[5]; /** The accumulator number. */
|
||||
uint8_t queue[16]; /** The current partial block of data. */
|
||||
size_t queue_len; /** The number of bytes stored in 'queue'. */
|
||||
}
|
||||
mbedtls_poly1305_context;
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* MBEDTLS_POLY1305_ALT_H */
|
82
include/mbedtls/rsa_alt.h
Normal file
82
include/mbedtls/rsa_alt.h
Normal file
@ -0,0 +1,82 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_RSA_ALT_H
|
||||
#define MBEDTLS_RSA_ALT_H
|
||||
|
||||
#if defined(MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined (MBEDTLS_RSA_ALT)
|
||||
|
||||
#include "bignum.h"
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
#include "threading.h"
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief The RSA context structure.
|
||||
*
|
||||
* \note Direct manipulation of the members of this structure
|
||||
* is deprecated. All manipulation should instead be done through
|
||||
* the public interface functions.
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int ver; /*!< always 0 */
|
||||
size_t len; /*!< size(N) in chars */
|
||||
|
||||
mbedtls_mpi N; /*!< public modulus */
|
||||
mbedtls_mpi E; /*!< public exponent */
|
||||
|
||||
mbedtls_mpi D; /*!< private exponent */
|
||||
mbedtls_mpi P; /*!< 1st prime factor */
|
||||
mbedtls_mpi Q; /*!< 2nd prime factor */
|
||||
|
||||
mbedtls_mpi DP; /*!< D % (P - 1) */
|
||||
mbedtls_mpi DQ; /*!< D % (Q - 1) */
|
||||
mbedtls_mpi QP; /*!< 1 / (Q % P) */
|
||||
|
||||
mbedtls_mpi RN; /*!< cached R^2 mod N */
|
||||
|
||||
mbedtls_mpi RP; /*!< cached R^2 mod P */
|
||||
mbedtls_mpi RQ; /*!< cached R^2 mod Q */
|
||||
|
||||
mbedtls_mpi Vi; /*!< cached blinding value */
|
||||
mbedtls_mpi Vf; /*!< cached un-blinding value */
|
||||
|
||||
int padding; /*!< MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
|
||||
MBEDTLS_RSA_PKCS_v21 for OAEP/PSS */
|
||||
int hash_id; /*!< Hash identifier of mbedtls_md_type_t as
|
||||
specified in the mbedtls_md.h header file
|
||||
for the EME-OAEP and EMSA-PSS
|
||||
encoding */
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex */
|
||||
#else
|
||||
uint8_t dummy[8]; /*!< Ensuring same size when threading is disabled */
|
||||
#endif
|
||||
|
||||
mbedtls_mpi NP; /*!< Barrett mod N tag NP for N-modulus */
|
||||
mbedtls_mpi BQP; /*!< Barrett mod Q tag QP for Q-factor */
|
||||
mbedtls_mpi BPP; /*!< Barrett mod P tag PP for P-factor */
|
||||
|
||||
}
|
||||
mbedtls_rsa_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_RSA_ALT */
|
||||
|
||||
#endif /* MBEDTLS_RSA_ALT_H */
|
40
include/mbedtls/sha1_alt.h
Normal file
40
include/mbedtls/sha1_alt.h
Normal file
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_SHA1_ALT_H
|
||||
#define MBEDTLS_SHA1_ALT_H
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#if defined (MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined (MBEDTLS_SHA1_ALT)
|
||||
|
||||
#define SHA_1_CONTEXT_SIZE_IN_WORDS 60
|
||||
|
||||
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief SHA-1 context structure
|
||||
*/
|
||||
typedef struct mbedtls_sha1_context {
|
||||
/*! Internal buffer */
|
||||
uint32_t buff[SHA_1_CONTEXT_SIZE_IN_WORDS]; // defined in cc_hash_defs_proj.h
|
||||
} mbedtls_sha1_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif /* MBEDTLS_SHA1_ALT */
|
||||
|
||||
#endif /* MBEDTLS_SHA1_ALT_H */
|
40
include/mbedtls/sha256_alt.h
Normal file
40
include/mbedtls/sha256_alt.h
Normal file
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_SHA256_ALT_H
|
||||
#define MBEDTLS_SHA256_ALT_H
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#if defined (MBEDTLS_CONFIG_FILE)
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined (MBEDTLS_SHA256_ALT)
|
||||
|
||||
#define SHA_256_CONTEXT_SIZE_IN_WORDS 60
|
||||
|
||||
#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief SHA-256 context structure
|
||||
*/
|
||||
typedef struct mbedtls_sha256_context {
|
||||
uint32_t reserved;
|
||||
uint32_t buff[SHA_256_CONTEXT_SIZE_IN_WORDS]; // defined in cc_hash_defs.h
|
||||
} mbedtls_sha256_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif /* MBEDTLS_SHA256_ALT */
|
||||
|
||||
#endif /* MBEDTLS_SHA256_ALT_H */
|
21
include/mbedtls/threading_alt.h
Normal file
21
include/mbedtls/threading_alt.h
Normal file
@ -0,0 +1,21 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_THREADING_ALT_H
|
||||
#define MBEDTLS_THREADING_ALT_H
|
||||
|
||||
#include <stdint.h>
|
||||
#include "nrf_cc3xx_platform_mutex.h"
|
||||
|
||||
/** @brief Alternate declaration of mbedtls mutex type
|
||||
*
|
||||
* The RTOS may require allocation and freeing of resources
|
||||
* as the inner type of the mutex is represented by an
|
||||
* RTOS-friendly void pointer.
|
||||
*/
|
||||
typedef nrf_cc3xx_platform_mutex_t mbedtls_threading_mutex_t;
|
||||
|
||||
#endif /* MBEDTLS_THREADING_ALT_H */
|
160
include/mbedtls_extra/cc_aes_defs.h
Normal file
160
include/mbedtls_extra/cc_aes_defs.h
Normal file
@ -0,0 +1,160 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*!
|
||||
@addtogroup cc_aes_defs
|
||||
@{
|
||||
*/
|
||||
|
||||
/*!
|
||||
@file
|
||||
@brief This file contains the type definitions that are used by the CryptoCell
|
||||
AES APIs.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef CC_AES_DEFS_H
|
||||
#define CC_AES_DEFS_H
|
||||
|
||||
#include "cc_pal_types.h"
|
||||
#include "cc_aes_defs_proj.h"
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
|
||||
/************************ Defines ******************************/
|
||||
/*! The size of the AES block in words. */
|
||||
#define CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS 4
|
||||
/*! The size of the AES block in bytes. */
|
||||
#define CC_AES_BLOCK_SIZE_IN_BYTES (CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t))
|
||||
|
||||
/*! The size of the IV buffer in words. */
|
||||
#define CC_AES_IV_SIZE_IN_WORDS CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS
|
||||
/*! The size of the IV buffer in bytes. */
|
||||
#define CC_AES_IV_SIZE_IN_BYTES (CC_AES_IV_SIZE_IN_WORDS * sizeof(uint32_t))
|
||||
|
||||
|
||||
/************************ Enums ********************************/
|
||||
/*! The AES operation:<ul><li>Encrypt</li><li>Decrypt</li></ul>. */
|
||||
typedef enum {
|
||||
/*! An AES encrypt operation. */
|
||||
CC_AES_ENCRYPT = 0,
|
||||
/*! An AES decrypt operation. */
|
||||
CC_AES_DECRYPT = 1,
|
||||
/*! The maximal number of operations. */
|
||||
CC_AES_NUM_OF_ENCRYPT_MODES,
|
||||
/*! Reserved. */
|
||||
CC_AES_ENCRYPT_MODE_LAST = 0x7FFFFFFF
|
||||
}CCAesEncryptMode_t;
|
||||
|
||||
/*! The AES operation mode. */
|
||||
typedef enum {
|
||||
/*! ECB mode. */
|
||||
CC_AES_MODE_ECB = 0,
|
||||
/*! CBC mode. */
|
||||
CC_AES_MODE_CBC = 1,
|
||||
/*! CBC-MAC mode. */
|
||||
CC_AES_MODE_CBC_MAC = 2,
|
||||
/*! CTR mode. */
|
||||
CC_AES_MODE_CTR = 3,
|
||||
/*! XCBC-MAC mode. */
|
||||
CC_AES_MODE_XCBC_MAC = 4,
|
||||
/*! CMAC mode. */
|
||||
CC_AES_MODE_CMAC = 5,
|
||||
/*! XTS mode. */
|
||||
CC_AES_MODE_XTS = 6,
|
||||
/*! CBC-CTS mode. */
|
||||
CC_AES_MODE_CBC_CTS = 7,
|
||||
/*! OFB mode. */
|
||||
CC_AES_MODE_OFB = 8,
|
||||
|
||||
/*! The maximal number of AES modes. */
|
||||
CC_AES_NUM_OF_OPERATION_MODES,
|
||||
/*! Reserved. */
|
||||
CC_AES_OPERATION_MODE_LAST = 0x7FFFFFFF
|
||||
}CCAesOperationMode_t;
|
||||
|
||||
/*! The AES padding type. */
|
||||
typedef enum {
|
||||
/*! No padding. */
|
||||
CC_AES_PADDING_NONE = 0,
|
||||
/*! PKCS7 padding. */
|
||||
CC_AES_PADDING_PKCS7 = 1,
|
||||
/*! The maximal number of AES padding modes. */
|
||||
CC_AES_NUM_OF_PADDING_TYPES,
|
||||
/*! Reserved. */
|
||||
CC_AES_PADDING_TYPE_LAST = 0x7FFFFFFF
|
||||
}CCAesPaddingType_t;
|
||||
|
||||
/*! The AES key type. */
|
||||
typedef enum {
|
||||
/*! The user key. */
|
||||
CC_AES_USER_KEY = 0,
|
||||
/*! The Kplt hardware key. */
|
||||
CC_AES_PLATFORM_KEY = 1,
|
||||
/*! The Kcst hardware key. */
|
||||
CC_AES_CUSTOMER_KEY = 2,
|
||||
/*! The maximal number of AES key types. */
|
||||
CC_AES_NUM_OF_KEY_TYPES,
|
||||
/*! Reserved. */
|
||||
CC_AES_KEY_TYPE_LAST = 0x7FFFFFFF
|
||||
}CCAesKeyType_t;
|
||||
|
||||
/************************ Typedefs ****************************/
|
||||
|
||||
/*! Defines the IV buffer. A 16-byte array. */
|
||||
typedef uint8_t CCAesIv_t[CC_AES_IV_SIZE_IN_BYTES];
|
||||
|
||||
/*! Defines the AES key data buffer. */
|
||||
typedef uint8_t CCAesKeyBuffer_t[CC_AES_KEY_MAX_SIZE_IN_BYTES];
|
||||
|
||||
/************************ Structs ******************************/
|
||||
|
||||
/*!
|
||||
The context prototype of the user.
|
||||
|
||||
The argument type that is passed by the user to the AES APIs. The context
|
||||
saves the state of the operation, and must be saved by the user until
|
||||
the end of the API flow.
|
||||
*/
|
||||
typedef struct CCAesUserContext_t {
|
||||
/*! The context buffer for internal usage. */
|
||||
uint32_t buff[CC_AES_USER_CTX_SIZE_IN_WORDS] ;
|
||||
}CCAesUserContext_t;
|
||||
|
||||
|
||||
/*! The AES key data of the user. */
|
||||
typedef struct CCAesUserKeyData_t {
|
||||
/*! A pointer to the key. */
|
||||
uint8_t * pKey;
|
||||
/*! The size of the key in bytes. Valid values for XTS mode, if supported:
|
||||
32 bytes or 64 bytes, indicating the full size of the double key (2x128 or
|
||||
2x256 bit). Valid values for XCBC-MAC mode: 16 bytes, as limited by the
|
||||
standard. Valid values for all other modes: 16 bytes, 24 bytes, or
|
||||
32 bytes. */
|
||||
size_t keySize;
|
||||
}CCAesUserKeyData_t;
|
||||
|
||||
/*! The AES HW key Data. */
|
||||
typedef struct CCAesHwKeyData_t {
|
||||
/*! Slot number. */
|
||||
size_t slotNumber;
|
||||
}CCAesHwKeyData_t;
|
||||
|
||||
#endif /* CC_AES_DEFS_H */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*!
|
||||
@}
|
||||
*/
|
50
include/mbedtls_extra/cc_aes_defs_proj.h
Normal file
50
include/mbedtls_extra/cc_aes_defs_proj.h
Normal file
@ -0,0 +1,50 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*!
|
||||
@addtogroup cc_aes_defs_proj
|
||||
@{
|
||||
*/
|
||||
|
||||
/*!
|
||||
@file
|
||||
@brief This file contains project definitions that are used for CryptoCell
|
||||
AES APIs.
|
||||
*/
|
||||
|
||||
#ifndef CC_AES_DEFS_PROJ_H
|
||||
#define CC_AES_DEFS_PROJ_H
|
||||
|
||||
#include "cc_pal_types.h"
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/************************ Defines ******************************/
|
||||
|
||||
/*! The size of the context prototype of the user in words.
|
||||
See ::CCAesUserContext_t.*/
|
||||
#define CC_AES_USER_CTX_SIZE_IN_WORDS (4+8+8+4)
|
||||
|
||||
/*! The maximal size of the AES key in words. */
|
||||
#define CC_AES_KEY_MAX_SIZE_IN_WORDS 8
|
||||
/*! The maximal size of the AES key in bytes. */
|
||||
#define CC_AES_KEY_MAX_SIZE_IN_BYTES (CC_AES_KEY_MAX_SIZE_IN_WORDS * sizeof(uint32_t))
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/*!
|
||||
@}
|
||||
*/
|
||||
|
||||
#endif /* #ifndef CC_AES_DEFS_PROJ_H */
|
68
include/mbedtls_extra/cc_bitops.h
Normal file
68
include/mbedtls_extra/cc_bitops.h
Normal file
@ -0,0 +1,68 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*! @file
|
||||
@brief This file defines bit-field operations macros.
|
||||
*/
|
||||
|
||||
#ifndef _CC_BITOPS_H_
|
||||
#define _CC_BITOPS_H_
|
||||
|
||||
|
||||
/*! Defintion of number of 32bit maximum value. */
|
||||
#define CC_32BIT_MAX_VALUE (0xFFFFFFFFUL)
|
||||
|
||||
/*! Definition for bitmask */
|
||||
#define BITMASK(mask_size) (((mask_size) < 32) ? \
|
||||
((1UL << (mask_size)) - 1) : 0xFFFFFFFFUL)
|
||||
/*! Definition for bitmask in a given offset. */
|
||||
#define BITMASK_AT(mask_size, mask_offset) (BITMASK(mask_size) << (mask_offset))
|
||||
|
||||
/*! Definition for getting bits value from a word. */
|
||||
#define BITFIELD_GET(word, bit_offset, bit_size) \
|
||||
(((word) >> (bit_offset)) & BITMASK(bit_size))
|
||||
/*! Definition for setting bits value from a word. */
|
||||
#define BITFIELD_SET(word, bit_offset, bit_size, new_val) do { \
|
||||
word = ((word) & ~BITMASK_AT(bit_size, bit_offset)) | \
|
||||
(((new_val) & BITMASK(bit_size)) << (bit_offset)); \
|
||||
} while (0)
|
||||
|
||||
/*!Definition for is val aligned to "align" ("align" must be power of 2). */
|
||||
#ifndef IS_ALIGNED
|
||||
#define IS_ALIGNED(val, align) \
|
||||
(((uintptr_t)(val) & ((align) - 1)) == 0)
|
||||
#endif
|
||||
/*!Definition swap endianity for 32 bits word. */
|
||||
#define SWAP_ENDIAN(word) \
|
||||
(((word) >> 24) | (((word) & 0x00FF0000) >> 8) | \
|
||||
(((word) & 0x0000FF00) << 8) | (((word) & 0x000000FF) << 24))
|
||||
|
||||
#ifdef BIG__ENDIAN
|
||||
#define SWAP_TO_LE(word) SWAP_ENDIAN(word)
|
||||
#define SWAP_TO_BE(word) word
|
||||
#else
|
||||
/*! Definition for swapping to LE. */
|
||||
#define SWAP_TO_LE(word) word
|
||||
/*! Definition for swapping to BE. */
|
||||
#define SWAP_TO_BE(word) SWAP_ENDIAN(word)
|
||||
#endif
|
||||
|
||||
/*!Align X to uint32_t size. */
|
||||
#ifndef ALIGN_TO_4BYTES
|
||||
#define ALIGN_TO_4BYTES(x) (((unsigned long)(x) + (CC_32BIT_WORD_SIZE-1)) & ~(CC_32BIT_WORD_SIZE-1))
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
/*! Definition for is val a multiple of "mult" ("mult" must be power of 2). */
|
||||
#define IS_MULT(val, mult) \
|
||||
(((val) & ((mult) - 1)) == 0)
|
||||
|
||||
/*! Definition for is NULL address. */
|
||||
#define IS_NULL_ADDR(adr) \
|
||||
(!(adr))
|
||||
|
||||
#endif /*_CC_BITOPS_H_*/
|
489
include/mbedtls_extra/cc_ecpki_types.h
Normal file
489
include/mbedtls_extra/cc_ecpki_types.h
Normal file
@ -0,0 +1,489 @@
|
||||
/*
|
||||
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*!
|
||||
@addtogroup cc_ecpki_types
|
||||
@{
|
||||
*/
|
||||
|
||||
/*!
|
||||
@file
|
||||
@brief This file contains all the type definitions that are used for the
|
||||
CryptoCell ECPKI APIs.
|
||||
*/
|
||||
|
||||
#ifndef _CC_ECPKI_TYPES_H
|
||||
#define _CC_ECPKI_TYPES_H
|
||||
|
||||
|
||||
#include "cc_bitops.h"
|
||||
#include "cc_pal_types_plat.h"
|
||||
#include "cc_hash_defs.h"
|
||||
#include "cc_pka_defs_hw.h"
|
||||
#include "cc_pal_compiler.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
|
||||
/************************ Defines ******************************/
|
||||
/*! The size of the internal buffer in words. */
|
||||
#define CC_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS (10 + 3*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)
|
||||
|
||||
/**************************************************************************************
|
||||
* Enumerators
|
||||
***************************************************************************************/
|
||||
|
||||
/*------------------------------------------------------------------*/
|
||||
/*! @brief EC domain idetifiers.
|
||||
|
||||
For more information, see <em>Standards for Efficient Cryptography Group
|
||||
(SECG): SEC2 Recommended Elliptic Curve Domain Parameters, Version 1.0</em>.
|
||||
*/
|
||||
typedef enum
|
||||
{
|
||||
/* For prime field */
|
||||
/*! EC secp192k1. */
|
||||
CC_ECPKI_DomainID_secp192k1,
|
||||
/*! EC secp192r1. */
|
||||
CC_ECPKI_DomainID_secp192r1,
|
||||
/*! EC secp224k1. */
|
||||
CC_ECPKI_DomainID_secp224k1,
|
||||
/*! EC secp224r1. */
|
||||
CC_ECPKI_DomainID_secp224r1,
|
||||
/*! EC secp256k1. */
|
||||
CC_ECPKI_DomainID_secp256k1,
|
||||
/*! EC secp256r1. */
|
||||