covid19/CovidBracelet
covid19
/
CovidBracelet
mirror of https://github.com/CovidBraceletPrj/CovidBracelet.git
1
0
Fork 0
Code Releases Activity

Add library files

This commit is contained in:
Patrick Rathje 2023-02-16 17:31:27 +01:00
parent cac96d7990
commit 8b8895b5c2
38 changed files with 7845 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
include/mbedtls/aes_alt.h Normal file
View File

@ -0,0 +1,72 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_AES_ALT_H
#define MBEDTLS_AES_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
#if defined(MBEDTLS_AES_ALT)
/* padlock.c and aesni.c rely on these values! */
#define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
/* Error codes in range 0x0020-0x0022 */
#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
/* Error codes in range 0x0023-0x0025 */
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */
#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */
/* The Size of the AES context.*/
#define MBEDTLS_AES_CONTEXT_SIZE_IN_WORDS (29)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief AES context structure
*
*/
typedef struct
{
uint32_t buf[MBEDTLS_AES_CONTEXT_SIZE_IN_WORDS];
} mbedtls_aes_context;
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
* \brief The AES XTS context-type definition.
*/
typedef struct mbedtls_aes_xts_context
{
mbedtls_aes_context crypt; /*!< The AES context to use for AES block
encryption or decryption. */
mbedtls_aes_context tweak; /*!< The AES context used for tweak
computation. */
} mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_AES_ALT */
#endif /* MBEDTLS_AES_ALT_H */

403
include/mbedtls/cc3xx_kmu.h Normal file
View File

@ -0,0 +1,403 @@
/*
* Copyright (c) 2020 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
*/
/**@file
* @defgroup nrf_cc3xx_mbedcrypto nrf_cc3xx_mbedcrypto APIs
* @{
* @brief nrf_cc3xx_mbedcrypto nrf_cc3xx_mbedcrypto library containing cc3xx
* APIs for the KMU or KDR peripherals. Further documentation can be found on : https://tls.mbed.org
* @}
*
* @defgroup nrf_cc3xx_mbedcrypto_kmu nrf_cc3xx_mbedcrypto KMU APIs
* @ingroup nrf_cc3xx_mbedcrypto
* @{
* @brief The nrf_cc3xx_mbedcrypto_kmu APIs can be utilized to directly use or derive keys
* from KMU or KDR in ARM CryptoCell devices
*/
#ifndef CC3XX_KMU_H__
#define CC3XX_KMU_H__
#include <stdint.h>
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include "nrf_cc3xx_platform_defines.h"
#define MBEDTLS_SHADOW_KEY_KDF_MAX_LABEL_SIZE_IN_BYTES (64) //!< KDF input "label" can be 0 to 64 bytes.
#define MBEDTLS_SHADOW_KEY_KDF_MAX_CONTEXT_SIZE_IN_BYTES (64) //!< KDF input "context" can be 0 to 64 bytes.
#define MBEDTLS_SHADOW_KEY_KDF_MAX_DERIVED_SIZE_IN_BYTES (4080) //!< KDF max length for derived material.
#define MBEDTLS_ERR_SHADOW_KEY_KEY_OK (0) //!< The shadow key operation was succesful.
#define MBEDTLS_ERR_SHADOW_KEY_INVALID_SLOT (-1) //!< The shadow key operation used an invalid slot.
#define MBEDTLS_ERR_SHADOW_KEY_INVALID_SIZE (-2) //!< The shadow key was of invalid size.
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_LABEL (-3) //!< The KDF input label is invalid
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_CONTEXT (-4) //!< The KDF input context is invalid
#define MBEDTLS_ERR_SHADOW_KEY_KDF_INVALID_INPUT (-5) //!< The KDF input is invalid
#define MBEDTLS_ERR_SHADOW_KEY_INTERNAL_ERROR (-6) //!< KMU/KDF internal error.
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#ifdef __cplusplus
extern "C"
{
#endif
/** @brief Function to configure AES to use one or more KMU key slot for
* encryption
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_aes_setkey_enc.
*
* @note Using this API enforces raw key usage of keys in the KMU slots.
* If derived key usage is intended, please use the API
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
*
* @param ctx AES context to set the key by KMU slot
* @param slot_id Identifier of the key slot (0 - 127)
* @param keybits Key size in bits
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_aes_setkey_enc_shadow_key(
mbedtls_aes_context * const ctx,
uint32_t slot_id,
unsigned int keybits);
/** @brief Function to configure AES to use one or more KMU key slot for
* decryption
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_aes_setkey_dec.
*
* @note Using this API enforces raw key usage of keys in the KMU slots.
* If derived key usage is intended, please use the API
* nrf_cc3xx_platform_kmu_aes_setkey_dec_shadow_key_derived.
*
* @param ctx AES context to set the key by KMU slot.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_aes_setkey_dec_shadow_key(
mbedtls_aes_context * const ctx,
uint32_t slot_id,
unsigned int keybits);
/** @brief Function to configure AES to use a key derived from one or more
* slots in KMU for encryption.
*
* @details See mbedtls_derive_kmu_key for details on the KDF function.
*
* @note Replaces the API mbedtls_aes_setkey_dec.
*
* @note The key derivation is executed before each requests to encrypt.
* this function only configures the context to use a derived key.
*
* @note When deriving the key from KMU registers, the derived keys exist
* in SRAM for a brief period of time, before being loaded into the
* write-only CryptoCell HW registers for AES keys before encryption.
*
* @param ctx AES context to set the decryption key by KMU slot.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
* @param label Label to use for KDF.
* @param label_size Size of the label to use for KDF.
* @param context Context info to use for KDF.
* @param context_size Context info size to use for KDF.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_aes_setkey_enc_shadow_key_derived(
mbedtls_aes_context * const ctx,
uint32_t slot_id,
unsigned int keybits,
uint8_t const * label,
size_t label_size,
uint8_t const * context,
size_t context_size);
/** @brief Function to configure AES to use a key derived from one or more
* slots in KMU for decryption.
*
* @details See mbedtls_derive_kmu_key for details on the KDF function.
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
* @note Replaces the API mbedtls_aes_setkey_enc.
*
* @note The key derivation is executed before each requests to decrypt.
* This function only configures the context to use a derived key.
*
* @note When deriving the key from KMU registers, the derived keys exist
* in SRAM for a brief period of time, before being loaded into the
* write-only CryptoCell HW registers for AES keys before decryption.
*
* @param ctx AES context to set the decryption key by KMU slot.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
* @param label Label to use for KDF.
* @param label_size Size of the label to use for KDF.
* @param context Context info to use for KDF.
* @param context_size Context info size to use for KDF.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_aes_setkey_dec_shadow_key_derived(
mbedtls_aes_context * const ctx,
uint32_t slot_id,
unsigned int keybits,
uint8_t const * label,
size_t label_size,
uint8_t const * context,
size_t context_size);
#ifdef __cplusplus
}
#endif
#endif /* defined(MBEDTLS_AES_C) */
#if defined(MBEDTLS_CCM_C)
#include "mbedtls/ccm.h"
#ifdef __cplusplus
extern "C"
{
#endif
/** @brief Function to configure AES CCM to use one or more KMU key slot as
* encryption key.
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_ccm_setkey.
*
* @note Using this API enforces raw key usage of keys in the KMU slots.
* If derived key usage is intended, please use the API
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
*
* @param ctx AES context to set the key by KMU slot.
* @param cipher Cipher id to use.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_ccm_setkey_shadow_key(
mbedtls_ccm_context * const ctx,
mbedtls_cipher_id_t cipher,
uint32_t slot_id,
unsigned int keybits
);
/** @brief Function to configure AES CCM to use a key derived from one or more
* slots in KMU for encryption.
*
* @details See mbedtls_derive_kmu_key for details on the KDF function.
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_ccm_setkey.
*
* @note The key derivation is executed before each requests to decrypt.
* This function only configures the context to use a derived key.
*
* @note When deriving the key from KMU registers, the derived keys exist
* in SRAM for a brief period of time, before being loaded into the
* write-only CryptoCell HW registers for AES keys before decryption.
*
* @param ctx AES context to set the decryption key by KMU slot.
* @param cipher Cipher id to use.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
* @param label Label to use for KDF.
* @param label_size Size of the label to use for KDF.
* @param context Context info to use for KDF.
* @param context_size Context info size to use for KDF.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_ccm_setkey_shadow_key_derived(
mbedtls_ccm_context * const ctx,
mbedtls_cipher_id_t cipher,
uint32_t slot_id,
unsigned int keybits,
uint8_t const * label,
size_t label_size,
uint8_t const * context,
size_t context_size
);
#ifdef __cplusplus
}
#endif
#endif /* defined(MBEDTLS_CCM_C) */
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
#ifdef __cplusplus
extern "C"
{
#endif
/** @brief Function to configure AES GCM to use one or more KMU key slot as
* encryption key.
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_gcm_setkey.
*
* @note Using this API enforces raw key usage of keys in the KMU slots.
* If derived key usage is intended, please use the API
* nrf_cc3xx_platform_kmu_aes_setkey_enc_shadow_key_derived.
*
* @param ctx AES context to set the key by KMU slot.
* @param cipher Cipher id to use.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_gcm_setkey_shadow_key(
mbedtls_gcm_context * const ctx,
mbedtls_cipher_id_t cipher,
uint32_t slot_id,
unsigned int keybits
);
/** @brief Function to configure AES GCM to use a key derived from one or more
* slots in KMU for encryption.
*
* @details See mbedtls_derive_kmu_key for details on the KDF function.
*
* @note A shadow key is not directly accessible, only reference information
* is stored in the context type
*
* @note Replaces the API mbedtls_gcm_setkey.
*
* @note The key derivation is executed before each requests to decrypt.
* this function only configures the context to use a derived key.
*
* @note When deriving the key from KMU registers, the derived keys exist
* in SRAM for a brief period of time, before being loaded into the
* write-only CryptoCell HW registers for AES keys before decryption.
*
* @param ctx AES context to set the decryption key by KMU slot.
* @param cipher Cipher id to use.
* @param slot_id Identifier of the key slot (0 - 127).
* @param keybits Key size in bits.
* @param label Label to use for KDF.
* @param label_size Size of the label to use for KDF.
* @param context Context info to use for KDF.
* @param context_size Context info size to use for KDF.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_gcm_setkey_shadow_key_derived(
mbedtls_gcm_context * const ctx,
mbedtls_cipher_id_t cipher,
uint32_t slot_id,
unsigned int keybits,
uint8_t const * label,
size_t label_size,
uint8_t const * context,
size_t context_size
);
#ifdef __cplusplus
}
#endif
#endif // defined(MBEDTLS_GCM_C)
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#ifdef __cplusplus
extern "C"
{
#endif
/** @brief Function to use CMAC to derive a key stored in KMU/Kdr
*
* @details The KDF is using a PRF function described in the Special publication
* 800-108: Recommendation for Key Derivation Using Pseudorandom Functions
* https://csrc.nist.gov/publications/detail/sp/800-108/final.
*
* This algorithm is described in chapter 5.1 - KDF in Counter Mode
*
* The format of the PRF (the input) is as follows:
* PRF (KI, i || Label || 0x00 || Context || L)
*
* KI: The Key derivation key
* i : The counter value for each iteration of the PRF represented
* as one byte.
* label: A string identifying the purpose of the derived key
* that is up to 64 bytes long.
* 0x00: a single byte delimiter.
* Context: Fixed information about the derived keying material
* that is up to 64 bytes long.
* L : The length of derived key material in bits represented as two
* bytes.
*
* @note On nRF52840 only slot_id == 0 is valid, pointing to the
* Kdr key (also known as a HUK key) loaded into the CryptoCell.
*
* @param slot_id Identifier of the key slot.
* @param keybits Key size in bits.
* @param label Label to use for KDF.
* @param label_size Size of the label to use for KDF.
* @param context Context info to use for KDF.
* @param context_size Context info size to use for KDF.
* @param output Output buffer.
* @param output_size Size of output buffer in bytes.
*
* @returns 0 on success, otherwise a negative number.
*/
int mbedtls_shadow_key_derive(uint32_t slot_id,
unsigned int keybits,
uint8_t const * label,
size_t label_size,
uint8_t const * context,
size_t context_size,
uint8_t * output,
size_t output_size);
#ifdef __cplusplus
}
#endif
#endif // defined(MBEDTLS_AES_C)
#endif /* CC3XX_KMU_H__ */
/** @} */

45
include/mbedtls/ccm_alt.h Normal file
View File

@ -0,0 +1,45 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_CCM_ALT_H
#define MBEDTLS_CCM_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
#include "mbedtls/cipher.h"
#if defined (MBEDTLS_CCM_ALT)
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
/* The Size of the CCM context.*/
#define MBEDTLS_CCM_CONTEXT_SIZE_IN_WORDS (33)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief The CCM context-type definition. The CCM context is passed
* to the APIs called.
*/
typedef struct {
uint32_t buf[MBEDTLS_CCM_CONTEXT_SIZE_IN_WORDS];
}
mbedtls_ccm_context;
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_CCM_ALT */
#endif /* MBEDTLS_CCM_ALT_H */

58
include/mbedtls/chacha20_alt.h Normal file
View File

@ -0,0 +1,58 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_CHACHA20_ALT_H
#define MBEDTLS_CHACHA20_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the ChaCha user-context in words. */
#define MBEDTLS_CHACHA_USER_CTX_SIZE_IN_WORDS 41
/*! The size of the ChaCha block in Bytes. */
#define MBEDTLS_CHACHA_BLOCK_SIZE_BYTES 64
/*! The size of the ChaCha block in Bytes. As defined in rfc7539 */
#define MBEDTLS_CHACHA_NONCE_SIZE_BYTES 12
/*! The size of the ChaCha key in Bytes. */
#define MBEDTLS_CHACHA_KEY_SIZE_BYTES 32
/*! Internal type to identify 12 byte nonce */
#define MBEDTLS_CHACHA_NONCE_SIZE_12BYTE_TYPE 1
/*! The definition of the 12-Byte array of the nonce buffer. */
typedef uint8_t mbedtls_chacha_nonce[MBEDTLS_CHACHA_NONCE_SIZE_BYTES];
/*! The definition of the key buffer of the ChaCha engine. */
typedef uint8_t mbedtls_chacha_key[MBEDTLS_CHACHA_KEY_SIZE_BYTES];
#if defined(MBEDTLS_CHACHA20_ALT)
typedef struct
{
uint32_t buf[MBEDTLS_CHACHA_USER_CTX_SIZE_IN_WORDS];
}
mbedtls_chacha20_context;
#endif
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_CHACHA20_ALT_H */

43
include/mbedtls/chachapoly_alt.h Normal file
View File

@ -0,0 +1,43 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_CHACHAPOLY_ALT_H
#define MBEDTLS_CHACHAPOLY_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include "chacha20_alt.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
#define CHACHAPOLY_TAG_SIZE_BYTES 16
#if defined(MBEDTLS_CHACHAPOLY_ALT)
typedef struct
{
mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */
}mbedtls_chachapoly_context;
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_CHACHAPOLY_ALT_H */

43
include/mbedtls/cmac_alt.h Normal file
View File

@ -0,0 +1,43 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_CMAC_ALT_H
#define MBEDTLS_CMAC_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
#if defined(MBEDTLS_CMAC_ALT)
/* hide internal implementation of the struct. Allocate enough space for it.*/
#define MBEDTLS_CMAC_CONTEXT_SIZE_IN_WORDS 38
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CMAC cipher context structure
*/
struct mbedtls_cmac_context_t{
/*! Internal buffer */
uint32_t buf[MBEDTLS_CMAC_CONTEXT_SIZE_IN_WORDS];
};
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_CMAC_ALT */
#endif /* MBEDTLS_CMAC_ALT_H */

63
include/mbedtls/dhm_alt.h Normal file
View File

@ -0,0 +1,63 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_DHM_ALT_H
#define MBEDTLS_DHM_ALT_H
#if defined(MBEDTLS_DHM_ALT)
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
/*
* DHM Error codes
*/
#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief The DHM context structure.
*/
typedef struct
{
size_t len; /*!< The size of \p P in Bytes. */
mbedtls_mpi P; /*!< The prime modulus. */
mbedtls_mpi G; /*!< The generator. */
mbedtls_mpi X; /*!< Our secret value. */
mbedtls_mpi GX; /*!< Our public key = \c G^X mod \c P. */
mbedtls_mpi GY; /*!< The public key of the peer = \c G^Y mod \c P. */
mbedtls_mpi K; /*!< The shared secret = \c G^(XY) mod \c P. */
mbedtls_mpi RP; /*!< The cached value = \c R^2 mod \c P. */
mbedtls_mpi Vi; /*!< The blinding value. */
mbedtls_mpi Vf; /*!< The unblinding value. */
mbedtls_mpi pX; /*!< The previous \c X. */
}
mbedtls_dhm_context;
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_DHM_ALT - use alternative code */
#endif /* MBEDTLS_DHM_ALT_H - include only once */

144
include/mbedtls/ecp_alt.h Normal file
View File

@ -0,0 +1,144 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_ECP_ALT_H
#define MBEDTLS_ECP_ALT_H
#if defined(MBEDTLS_ECP_ALT)
#ifdef __cplusplus
extern "C" {
#endif
/**
* The content of the structure in this ALT implementation is
* exactly the same as ecp.h, but the type must be provided
* here as MBEDTLS_ECP_ALT is set
*/
/**
* \brief The ECP group structure.
*
* We consider two types of curve equations:
* <ul><li>Short Weierstrass: <code>y^2 = x^3 + A x + B mod P</code>
* (SEC1 + RFC-4492)</li>
* <li>Montgomery: <code>y^2 = x^3 + A x^2 + x mod P</code> (Curve25519,
* Curve448)</li></ul>
* In both cases, the generator (\p G) for a prime-order subgroup is fixed.
*
* For Short Weierstrass, this subgroup is the whole curve, and its
* cardinality is denoted by \p N. Our code requires that \p N is an
* odd prime as mbedtls_ecp_mul() requires an odd number, and
* mbedtls_ecdsa_sign() requires that it is prime for blinding purposes.
*
* For Montgomery curves, we do not store \p A, but <code>(A + 2) / 4</code>,
* which is the quantity used in the formulas. Additionally, \p nbits is
* not the size of \p N but the required size for private keys.
*
* If \p modp is NULL, reduction modulo \p P is done using a generic algorithm.
* Otherwise, \p modp must point to a function that takes an \p mbedtls_mpi in the
* range of <code>0..2^(2*pbits)-1</code>, and transforms it in-place to an integer
* which is congruent mod \p P to the given MPI, and is close enough to \p pbits
* in size, so that it may be efficiently brought in the 0..P-1 range by a few
* additions or subtractions. Therefore, it is only an approximative modular
* reduction. It must return 0 on success and non-zero on failure.
*
* \note Alternative implementations must keep the group IDs distinct. If
* two group structures have the same ID, then they must be
* identical.
*
*/
typedef struct mbedtls_ecp_group
{
mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
Montgomery curves: <code>(A + 2) / 4</code>. */
mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation.
For Montgomery curves: unused. */
mbedtls_ecp_point G; /*!< The generator of the subgroup used. */
mbedtls_mpi N; /*!< The order of \p G. */
size_t pbits; /*!< The number of bits in \p P.*/
size_t nbits; /*!< For Short Weierstrass: The number of bits in \p P.
For Montgomery curves: the number of bits in the
private keys. */
unsigned int h; /*!< \internal 1 if the constants are static. */
int (*modp)(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
mod \p P (see above).*/
int (*t_pre)(mbedtls_ecp_point *, void *); /*!< Unused. */
int (*t_post)(mbedtls_ecp_point *, void *); /*!< Unused. */
void *t_data; /*!< Unused. */
mbedtls_ecp_point *T; /*!< Pre-computed points for ecp_mul_comb(). */
size_t T_size; /*!< The number of pre-computed points. */
}
mbedtls_ecp_group;
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h, or define them using the compiler command line.
* \{
*/
#if !defined(MBEDTLS_ECP_MAX_BITS)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
#endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
*
* Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_ECP_ALT */
#endif /* MBEDTLS_ECP_ALT_H */

65
include/mbedtls/platform_alt.h Normal file
View File

@ -0,0 +1,65 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_PLATFORM_ALT_H
#define MBEDTLS_PLATFORM_ALT_H
#include <stddef.h>
#include <stdint.h>
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
#define MBEDTLS_ERR_PLATFORM_SUCCESS (0)
#define MBEDTLS_ERR_PLATFORM_ERROR_PARAM_NULL (-0x7001)
#define MBEDTLS_ERR_PLATFORM_ERROR_INTERNAL (-0x7002)
#define MBEDTLS_ERR_PLATFORM_ERROR_RNG_TEST_FAILED (-0x7003)
#define MBEDTLS_ERR_PLATFORM_ERROR_HW_VERSION_FAILED (-0x7004)
#define MBEDTLS_ERR_PLATFORM_ERROR_PARAM_WRITE_FAILED (-0x7005)
#define MBEDTLS_ERR_PLATFORM_ERROR_MUTEX_NOT_INITIALIZED (-0x7016)
#define MBEDTLS_ERR_PLATFORM_ERROR_MUTEX_FAILED (-0x7017)
#define MBEDTLS_ERR_PLATFORM_ERROR_ENTROPY_NOT_INITIALIZED (-0x7018)
#define MBEDTLS_ERR_PLATFORM_ERROR_ENTROPY_TRNG_TOO_LONG (-0x7019)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief The platform context structure.
*
*/
typedef struct {
char dummy; /**< A placeholder member, as empty structs are not portable. */
}
mbedtls_platform_context;
/** @brief Function to initialize platform without rng support
*
* Call this function instead of mbedtls_platform_setup if RNG is not required.
* e.g. to conserve code size of improve startup time.
*
* @note It is possible to run mbedtls_platform_setup after calling
* this API if RNG is suddenly required. Calling mbedtls_platform_teardown
* is not required to be used, in this case.
*
* @warning Only deterministic cryptographic is supported if this API is used
* to initalize the HW.
*/
int mbedtls_platform_setup_no_rng(void);
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
#endif /* MBEDTLS_PLATFORM_ALT_H */

59
include/mbedtls/poly1305_alt.h Normal file
View File

@ -0,0 +1,59 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_POLY1305_ALT_H
#define MBEDTLS_POLY1305_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#ifdef __cplusplus
extern "C"
{
#endif
#if defined(MBEDTLS_POLY1305_ALT)
/************************ defines ****************************/
/*! The size of the POLY key in words. */
#define MBEDTLS_POLY_KEY_SIZE_WORDS 8
/*! The size of the POLY key in bytes. */
#define MBEDTLS_POLY_KEY_SIZE_BYTES 32
/*! The size of the POLY MAC in words. */
#define MBEDTLS_POLY_MAC_SIZE_WORDS 4
/*! The size of the POLY MAC in bytes. */
#define MBEDTLS_POLY_MAC_SIZE_BYTES 16
/************************ Typedefs ****************************/
/*! The definition of the ChaCha-MAC buffer. */
typedef uint32_t mbedtls_poly_mac[MBEDTLS_POLY_MAC_SIZE_WORDS];
/*! The definition of the ChaCha-key buffer. */
typedef uint32_t mbedtls_poly_key[MBEDTLS_POLY_KEY_SIZE_WORDS];
typedef struct mbedtls_poly1305_context
{
uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */
uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */
uint32_t acc[5]; /** The accumulator number. */
uint8_t queue[16]; /** The current partial block of data. */
size_t queue_len; /** The number of bytes stored in 'queue'. */
}
mbedtls_poly1305_context;
#endif
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_POLY1305_ALT_H */

82
include/mbedtls/rsa_alt.h Normal file
View File

@ -0,0 +1,82 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_RSA_ALT_H
#define MBEDTLS_RSA_ALT_H
#if defined(MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#if defined (MBEDTLS_RSA_ALT)
#include "bignum.h"
#if defined(MBEDTLS_THREADING_C)
#include "threading.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief The RSA context structure.
*
* \note Direct manipulation of the members of this structure
* is deprecated. All manipulation should instead be done through
* the public interface functions.
*/
typedef struct
{
int ver; /*!< always 0 */
size_t len; /*!< size(N) in chars */
mbedtls_mpi N; /*!< public modulus */
mbedtls_mpi E; /*!< public exponent */
mbedtls_mpi D; /*!< private exponent */
mbedtls_mpi P; /*!< 1st prime factor */
mbedtls_mpi Q; /*!< 2nd prime factor */
mbedtls_mpi DP; /*!< D % (P - 1) */
mbedtls_mpi DQ; /*!< D % (Q - 1) */
mbedtls_mpi QP; /*!< 1 / (Q % P) */
mbedtls_mpi RN; /*!< cached R^2 mod N */
mbedtls_mpi RP; /*!< cached R^2 mod P */
mbedtls_mpi RQ; /*!< cached R^2 mod Q */
mbedtls_mpi Vi; /*!< cached blinding value */
mbedtls_mpi Vf; /*!< cached un-blinding value */
int padding; /*!< MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
MBEDTLS_RSA_PKCS_v21 for OAEP/PSS */
int hash_id; /*!< Hash identifier of mbedtls_md_type_t as
specified in the mbedtls_md.h header file
for the EME-OAEP and EMSA-PSS
encoding */
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex */
#else
uint8_t dummy[8]; /*!< Ensuring same size when threading is disabled */
#endif
mbedtls_mpi NP; /*!< Barrett mod N tag NP for N-modulus */
mbedtls_mpi BQP; /*!< Barrett mod Q tag QP for Q-factor */
mbedtls_mpi BPP; /*!< Barrett mod P tag PP for P-factor */
}
mbedtls_rsa_context;
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_RSA_ALT */
#endif /* MBEDTLS_RSA_ALT_H */

40
include/mbedtls/sha1_alt.h Normal file
View File

@ -0,0 +1,40 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_SHA1_ALT_H
#define MBEDTLS_SHA1_ALT_H
#include <stddef.h>
#include <stdint.h>
#if defined (MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#if defined (MBEDTLS_SHA1_ALT)
#define SHA_1_CONTEXT_SIZE_IN_WORDS 60
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-1 context structure
*/
typedef struct mbedtls_sha1_context {
/*! Internal buffer */
uint32_t buff[SHA_1_CONTEXT_SIZE_IN_WORDS]; // defined in cc_hash_defs_proj.h
} mbedtls_sha1_context;
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_SHA1_ALT */
#endif /* MBEDTLS_SHA1_ALT_H */

40
include/mbedtls/sha256_alt.h Normal file
View File

@ -0,0 +1,40 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_SHA256_ALT_H
#define MBEDTLS_SHA256_ALT_H
#include <stddef.h>
#include <stdint.h>
#if defined (MBEDTLS_CONFIG_FILE)
#include MBEDTLS_CONFIG_FILE
#endif
#if defined (MBEDTLS_SHA256_ALT)
#define SHA_256_CONTEXT_SIZE_IN_WORDS 60
#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-256 context structure
*/
typedef struct mbedtls_sha256_context {
uint32_t reserved;
uint32_t buff[SHA_256_CONTEXT_SIZE_IN_WORDS]; // defined in cc_hash_defs.h
} mbedtls_sha256_context;
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_SHA256_ALT */
#endif /* MBEDTLS_SHA256_ALT_H */

21
include/mbedtls/threading_alt.h Normal file
View File

@ -0,0 +1,21 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef MBEDTLS_THREADING_ALT_H
#define MBEDTLS_THREADING_ALT_H
#include <stdint.h>
#include "nrf_cc3xx_platform_mutex.h"
/** @brief Alternate declaration of mbedtls mutex type
*
* The RTOS may require allocation and freeing of resources
* as the inner type of the mutex is represented by an
* RTOS-friendly void pointer.
*/
typedef nrf_cc3xx_platform_mutex_t mbedtls_threading_mutex_t;
#endif /* MBEDTLS_THREADING_ALT_H */

160
include/mbedtls_extra/cc_aes_defs.h Normal file
View File

@ -0,0 +1,160 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_aes_defs
@{
*/
/*!
@file
@brief This file contains the type definitions that are used by the CryptoCell
AES APIs.
*/
#ifndef CC_AES_DEFS_H
#define CC_AES_DEFS_H
#include "cc_pal_types.h"
#include "cc_aes_defs_proj.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the AES block in words. */
#define CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS 4
/*! The size of the AES block in bytes. */
#define CC_AES_BLOCK_SIZE_IN_BYTES (CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS * sizeof(uint32_t))
/*! The size of the IV buffer in words. */
#define CC_AES_IV_SIZE_IN_WORDS CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS
/*! The size of the IV buffer in bytes. */
#define CC_AES_IV_SIZE_IN_BYTES (CC_AES_IV_SIZE_IN_WORDS * sizeof(uint32_t))
/************************ Enums ********************************/
/*! The AES operation:<ul><li>Encrypt</li><li>Decrypt</li></ul>. */
typedef enum {
/*! An AES encrypt operation. */
CC_AES_ENCRYPT = 0,
/*! An AES decrypt operation. */
CC_AES_DECRYPT = 1,
/*! The maximal number of operations. */
CC_AES_NUM_OF_ENCRYPT_MODES,
/*! Reserved. */
CC_AES_ENCRYPT_MODE_LAST = 0x7FFFFFFF
}CCAesEncryptMode_t;
/*! The AES operation mode. */
typedef enum {
/*! ECB mode. */
CC_AES_MODE_ECB = 0,
/*! CBC mode. */
CC_AES_MODE_CBC = 1,
/*! CBC-MAC mode. */
CC_AES_MODE_CBC_MAC = 2,
/*! CTR mode. */
CC_AES_MODE_CTR = 3,
/*! XCBC-MAC mode. */
CC_AES_MODE_XCBC_MAC = 4,
/*! CMAC mode. */
CC_AES_MODE_CMAC = 5,
/*! XTS mode. */
CC_AES_MODE_XTS = 6,
/*! CBC-CTS mode. */
CC_AES_MODE_CBC_CTS = 7,
/*! OFB mode. */
CC_AES_MODE_OFB = 8,
/*! The maximal number of AES modes. */
CC_AES_NUM_OF_OPERATION_MODES,
/*! Reserved. */
CC_AES_OPERATION_MODE_LAST = 0x7FFFFFFF
}CCAesOperationMode_t;
/*! The AES padding type. */
typedef enum {
/*! No padding. */
CC_AES_PADDING_NONE = 0,
/*! PKCS7 padding. */
CC_AES_PADDING_PKCS7 = 1,
/*! The maximal number of AES padding modes. */
CC_AES_NUM_OF_PADDING_TYPES,
/*! Reserved. */
CC_AES_PADDING_TYPE_LAST = 0x7FFFFFFF
}CCAesPaddingType_t;
/*! The AES key type. */
typedef enum {
/*! The user key. */
CC_AES_USER_KEY = 0,
/*! The Kplt hardware key. */
CC_AES_PLATFORM_KEY = 1,
/*! The Kcst hardware key. */
CC_AES_CUSTOMER_KEY = 2,
/*! The maximal number of AES key types. */
CC_AES_NUM_OF_KEY_TYPES,
/*! Reserved. */
CC_AES_KEY_TYPE_LAST = 0x7FFFFFFF
}CCAesKeyType_t;
/************************ Typedefs ****************************/
/*! Defines the IV buffer. A 16-byte array. */
typedef uint8_t CCAesIv_t[CC_AES_IV_SIZE_IN_BYTES];
/*! Defines the AES key data buffer. */
typedef uint8_t CCAesKeyBuffer_t[CC_AES_KEY_MAX_SIZE_IN_BYTES];
/************************ Structs ******************************/
/*!
The context prototype of the user.
The argument type that is passed by the user to the AES APIs. The context
saves the state of the operation, and must be saved by the user until
the end of the API flow.
*/
typedef struct CCAesUserContext_t {
/*! The context buffer for internal usage. */
uint32_t buff[CC_AES_USER_CTX_SIZE_IN_WORDS] ;
}CCAesUserContext_t;
/*! The AES key data of the user. */
typedef struct CCAesUserKeyData_t {
/*! A pointer to the key. */
uint8_t * pKey;
/*! The size of the key in bytes. Valid values for XTS mode, if supported:
32 bytes or 64 bytes, indicating the full size of the double key (2x128 or
2x256 bit). Valid values for XCBC-MAC mode: 16 bytes, as limited by the
standard. Valid values for all other modes: 16 bytes, 24 bytes, or
32 bytes. */
size_t keySize;
}CCAesUserKeyData_t;
/*! The AES HW key Data. */
typedef struct CCAesHwKeyData_t {
/*! Slot number. */
size_t slotNumber;
}CCAesHwKeyData_t;
#endif /* CC_AES_DEFS_H */
#ifdef __cplusplus
}
#endif
/*!
@}
*/

50
include/mbedtls_extra/cc_aes_defs_proj.h Normal file
View File

@ -0,0 +1,50 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_aes_defs_proj
@{
*/
/*!
@file
@brief This file contains project definitions that are used for CryptoCell
AES APIs.
*/
#ifndef CC_AES_DEFS_PROJ_H
#define CC_AES_DEFS_PROJ_H
#include "cc_pal_types.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the context prototype of the user in words.
See ::CCAesUserContext_t.*/
#define CC_AES_USER_CTX_SIZE_IN_WORDS (4+8+8+4)
/*! The maximal size of the AES key in words. */
#define CC_AES_KEY_MAX_SIZE_IN_WORDS 8
/*! The maximal size of the AES key in bytes. */
#define CC_AES_KEY_MAX_SIZE_IN_BYTES (CC_AES_KEY_MAX_SIZE_IN_WORDS * sizeof(uint32_t))
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif /* #ifndef CC_AES_DEFS_PROJ_H */

68
include/mbedtls_extra/cc_bitops.h Normal file
View File

@ -0,0 +1,68 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*! @file
@brief This file defines bit-field operations macros.
*/
#ifndef _CC_BITOPS_H_
#define _CC_BITOPS_H_
/*! Defintion of number of 32bit maximum value. */
#define CC_32BIT_MAX_VALUE (0xFFFFFFFFUL)
/*! Definition for bitmask */
#define BITMASK(mask_size) (((mask_size) < 32) ? \
((1UL << (mask_size)) - 1) : 0xFFFFFFFFUL)
/*! Definition for bitmask in a given offset. */
#define BITMASK_AT(mask_size, mask_offset) (BITMASK(mask_size) << (mask_offset))
/*! Definition for getting bits value from a word. */
#define BITFIELD_GET(word, bit_offset, bit_size) \
(((word) >> (bit_offset)) & BITMASK(bit_size))
/*! Definition for setting bits value from a word. */
#define BITFIELD_SET(word, bit_offset, bit_size, new_val) do { \
word = ((word) & ~BITMASK_AT(bit_size, bit_offset)) | \
(((new_val) & BITMASK(bit_size)) << (bit_offset)); \
} while (0)
/*!Definition for is val aligned to "align" ("align" must be power of 2). */
#ifndef IS_ALIGNED
#define IS_ALIGNED(val, align) \
(((uintptr_t)(val) & ((align) - 1)) == 0)
#endif
/*!Definition swap endianity for 32 bits word. */
#define SWAP_ENDIAN(word) \
(((word) >> 24) | (((word) & 0x00FF0000) >> 8) | \
(((word) & 0x0000FF00) << 8) | (((word) & 0x000000FF) << 24))
#ifdef BIG__ENDIAN
#define SWAP_TO_LE(word) SWAP_ENDIAN(word)
#define SWAP_TO_BE(word) word
#else
/*! Definition for swapping to LE. */
#define SWAP_TO_LE(word) word
/*! Definition for swapping to BE. */
#define SWAP_TO_BE(word) SWAP_ENDIAN(word)
#endif
/*!Align X to uint32_t size. */
#ifndef ALIGN_TO_4BYTES
#define ALIGN_TO_4BYTES(x) (((unsigned long)(x) + (CC_32BIT_WORD_SIZE-1)) & ~(CC_32BIT_WORD_SIZE-1))
#endif
/*! Definition for is val a multiple of "mult" ("mult" must be power of 2). */
#define IS_MULT(val, mult) \
(((val) & ((mult) - 1)) == 0)
/*! Definition for is NULL address. */
#define IS_NULL_ADDR(adr) \
(!(adr))
#endif /*_CC_BITOPS_H_*/

489
include/mbedtls_extra/cc_ecpki_types.h Normal file
View File

@ -0,0 +1,489 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_ecpki_types
@{
*/
/*!
@file
@brief This file contains all the type definitions that are used for the
CryptoCell ECPKI APIs.
*/
#ifndef _CC_ECPKI_TYPES_H
#define _CC_ECPKI_TYPES_H
#include "cc_bitops.h"
#include "cc_pal_types_plat.h"
#include "cc_hash_defs.h"
#include "cc_pka_defs_hw.h"
#include "cc_pal_compiler.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the internal buffer in words. */
#define CC_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS (10 + 3*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)
/**************************************************************************************
* Enumerators
***************************************************************************************/
/*------------------------------------------------------------------*/
/*! @brief EC domain idetifiers.
For more information, see <em>Standards for Efficient Cryptography Group
(SECG): SEC2 Recommended Elliptic Curve Domain Parameters, Version 1.0</em>.
*/
typedef enum
{
/* For prime field */
/*! EC secp192k1. */
CC_ECPKI_DomainID_secp192k1,
/*! EC secp192r1. */
CC_ECPKI_DomainID_secp192r1,
/*! EC secp224k1. */
CC_ECPKI_DomainID_secp224k1,
/*! EC secp224r1. */
CC_ECPKI_DomainID_secp224r1,
/*! EC secp256k1. */
CC_ECPKI_DomainID_secp256k1,
/*! EC secp256r1. */
CC_ECPKI_DomainID_secp256r1,
/*! EC secp384r1. */
CC_ECPKI_DomainID_secp384r1,
/*! EC secp521r1. */
CC_ECPKI_DomainID_secp521r1,
/*! Reserved.*/
CC_ECPKI_DomainID_OffMode,
/*! Reserved.*/
CC_ECPKI_DomainIDLast = 0x7FFFFFFF,
}CCEcpkiDomainID_t;
/*------------------------------------------------------------------*/
/*!
@brief Hash operation mode.
Defines hash modes according to <em>IEEE 1363-2000: IEEE Standard for
Standard Specifications for Public-Key Cryptography</em>.
*/
typedef enum
{
/*! The message data will be hashed with SHA-1. */
CC_ECPKI_HASH_SHA1_mode = 0,
/*! The message data will be hashed with SHA-224. */
CC_ECPKI_HASH_SHA224_mode = 1,
/*! The message data will be hashed with SHA-256. */
CC_ECPKI_HASH_SHA256_mode = 2,
/*! The message data will be hashed with SHA-384. */
CC_ECPKI_HASH_SHA384_mode = 3,
/*! The message data will be hashed with SHA-512. */
CC_ECPKI_HASH_SHA512_mode = 4,
/*! The message data is a digest of SHA-1 and will not be hashed. */
CC_ECPKI_AFTER_HASH_SHA1_mode = 5,
/*! The message data is a digest of SHA-224 and will not be hashed. */
CC_ECPKI_AFTER_HASH_SHA224_mode = 6,
/*! The message data is a digest of SHA-256 and will not be hashed. */
CC_ECPKI_AFTER_HASH_SHA256_mode = 7,
/*! The message data is a digest of SHA-384 and will not be hashed. */
CC_ECPKI_AFTER_HASH_SHA384_mode = 8,
/*! The message data is a digest of SHA-512 and will not be hashed. */
CC_ECPKI_AFTER_HASH_SHA512_mode = 9,
/*! The maximal number of hash modes. */
CC_ECPKI_HASH_NumOfModes,
/*! Reserved. */
CC_ECPKI_HASH_OpModeLast = 0x7FFFFFFF,
}CCEcpkiHashOpMode_t;
/*---------------------------------------------------*/
/*! EC point-compression identifiers.
*/
typedef enum
{
/*! A compressed point. */
CC_EC_PointCompressed = 2,
/*! An uncompressed point. */
CC_EC_PointUncompressed = 4,
/*! An incorrect point-control value. */
CC_EC_PointContWrong = 5,
/*! A hybrid point. */
CC_EC_PointHybrid = 6,
/*! Reserved. */
CC_EC_PointCompresOffMode = 8,
/*! Reserved. */
CC_ECPKI_PointCompressionLast= 0x7FFFFFFF,
}CCEcpkiPointCompression_t;
/*----------------------------------------------------*/
/*! EC key checks. */
typedef enum {
/*! Check only preliminary input parameters. */
CheckPointersAndSizesOnly = 0,
/*! Check preliminary input parameters and verify that the EC public-key
point is on the curve. */
ECpublKeyPartlyCheck = 1,
/*! Check preliminary input parameters, verify that the EC public-key
point is on the curve, and verify that \c EC_GeneratorOrder*PubKey = 0 */
ECpublKeyFullCheck = 2,
/*! Reserved. */
PublKeyChecingOffMode,
/*! Reserved. */
EC_PublKeyCheckModeLast = 0x7FFFFFFF,
}ECPublKeyCheckMode_t;
/*----------------------------------------------------*/
/*! SW SCA protection type. */
typedef enum {
/*! SCA protection inactive. */
SCAP_Inactive,
/*! SCA protection active. */
SCAP_Active,
/*! Reserved. */
SCAP_OFF_MODE,
/*! Reserved. */
SCAP_LAST = 0x7FFFFFFF
}CCEcpkiScaProtection_t;
/**************************************************************************************
* EC Domain structure definition
***************************************************************************************/
/*!
@brief The structure containing the EC domain parameters in little-endian
form.
EC equation: \c Y^2 = \c X^3 + \c A*X + \c B over prime field \p GFp.
*/
typedef struct {
/*! EC modulus: P. */
uint32_t ecP [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC equation parameter A. */
uint32_t ecA [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC equation parameter B. */
uint32_t ecB [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! Order of generator. */
uint32_t ecR [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! EC cofactor EC_Cofactor_K. The coordinates of the EC base point
generator in projective form. */
uint32_t ecGx [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC cofactor EC_Cofactor_K. The coordinates of the EC base point
generator in projective form. */
uint32_t ecGy [CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! EC cofactor EC_Cofactor_K. The coordinates of the EC base point
generator in projective form. */
uint32_t ecH;
/*! Specific fields that are used by the low-level functions.*/
uint32_t llfBuff[CC_PKA_DOMAIN_LLF_BUFF_SIZE_IN_WORDS];
/*! The size of fields in bits. */
uint32_t modSizeInBits;
/*! The size of the order in bits. */
uint32_t ordSizeInBits;
/*! The size of each inserted Barret tag in words. Zero if not inserted.*/
uint32_t barrTagSizeInWords;
/*! The EC Domain identifier. */
CCEcpkiDomainID_t DomainID;
/*! Internal buffer. */
int8_t name[20];
}CCEcpkiDomain_t;
/**************************************************************************************
* EC point structures definitions
***************************************************************************************/
/*! The structure containing the EC point in affine coordinates
and little endian form. */
typedef struct
{
/*! The X coordinate of the point. */
uint32_t x[CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! The Y coordinate of the point. */
uint32_t y[CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
}CCEcpkiPointAffine_t;
/**************************************************************************************
* ECPKI public and private key Structures
***************************************************************************************/
/* --------------------------------------------------------------------- */
/* .................. The public key structures definitions ............ */
/* --------------------------------------------------------------------- */
/*! The structure containing the public key in affine coordinates.*/
typedef struct
{
/*! The X coordinate of the public key.*/
uint32_t x[CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! The Y coordinate of the public key.*/
uint32_t y[CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS];
/*! The EC Domain.*/
CCEcpkiDomain_t domain;
/*! The point type.*/
uint32_t pointType;
} CCEcpkiPublKey_t;
/*!
@brief The user structure prototype of the EC public key.
This structure must be saved by the user. It is used as input to ECC functions,
for example, CC_EcdsaVerify().
*/
typedef struct CCEcpkiUserPublKey_t
{
/*! The validation tag. */
uint32_t valid_tag;
/*! The data of the public key. */
uint32_t PublKeyDbBuff[(sizeof(CCEcpkiPublKey_t)+3)/4];
} CCEcpkiUserPublKey_t;
/* --------------------------------------------------------------------- */
/* .................. The private key structures definitions ........... */
/* --------------------------------------------------------------------- */
/*! The structure containing the data of the private key. */
typedef struct
{
/*! The data of the private key. */
uint32_t PrivKey[CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! The EC domain. */
CCEcpkiDomain_t domain;
/*! The SCA protection mode. */
CCEcpkiScaProtection_t scaProtection;
}CCEcpkiPrivKey_t;
/*!
@brief The user structure prototype of the EC private key.
This structure must be saved by the user. It is used as input to ECC functions,
for example, CC_EcdsaSign().
*/
typedef struct CCEcpkiUserPrivKey_t
{
/*! The validation tag. */
uint32_t valid_tag;
/*! The data of the private key. */
uint32_t PrivKeyDbBuff[(sizeof(CCEcpkiPrivKey_t)+3)/4];
} CCEcpkiUserPrivKey_t;
/*! The type of the ECDH temporary data. */
typedef struct CCEcdhTempData_t
{
/*! Temporary buffers. */
uint32_t ccEcdhIntBuff[CC_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS];
}CCEcdhTempData_t;
/*! EC build temporary data. */
typedef struct CCEcpkiBuildTempData_t
{
/*! Temporary buffers. */
uint32_t ccBuildTmpIntBuff[CC_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS];
}CCEcpkiBuildTempData_t;
/**************************************************************************
* CryptoCell ECDSA context structures
**************************************************************************/
/* --------------------------------------------------------------------- */
/* CryptoCell ECDSA Signing context structure */
/* --------------------------------------------------------------------- */
/*! The internal buffer used in the signing process. */
typedef uint32_t CCEcdsaSignIntBuff_t[CC_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS];
/*! The context definition for the signing operation. */
typedef struct
{
/*! The data of the private key. */
CCEcpkiUserPrivKey_t ECDSA_SignerPrivKey;
CCHashUserContext_t hash_ctx;
/*! The hash result buffer. */
CCHashResultBuf_t hashResult;
/*! The size of the hash result in words. */
uint32_t hashResultSizeWords;
/*! The hash mode. */
CCEcpkiHashOpMode_t hashMode;
/*! Internal buffer. */
CCEcdsaSignIntBuff_t ecdsaSignIntBuff;
}EcdsaSignContext_t;
/* --------------------------------------------------------------------- */
/* ECDSA Signing User context database */
/* --------------------------------------------------------------------- */
/*!
@brief The context definition of the user for the signing operation.
This context saves the state of the operation, and must be saved by the user
until the end of the API flow.
*/
typedef struct CCEcdsaSignUserContext_t
{
/*! The data of the signing process. */
uint32_t context_buff [(sizeof(EcdsaSignContext_t)+3)/4];
/*! The validation tag. */
uint32_t valid_tag;
} CCEcdsaSignUserContext_t;
/****************************************************************************/
/* --------------------------------------------------------------------- */
/* ECDSA Verifying context structure */
/* --------------------------------------------------------------------- */
/*! The internal buffer used in the verification process. */
typedef uint32_t CCEcdsaVerifyIntBuff_t[CC_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS];
/*! The context definition for verification operation. */
typedef struct
{
/*! The data of the public key. */
CCEcpkiUserPublKey_t ECDSA_SignerPublKey;
CCHashUserContext_t hash_ctx;
/*! The hash result. */
CCHashResultBuf_t hashResult;
/*! The size of the hash result in words. */
uint32_t hashResultSizeWords;
/*! The hash mode. */
CCEcpkiHashOpMode_t hashMode;
/*! Internal buffer. */
CCEcdsaVerifyIntBuff_t ccEcdsaVerIntBuff;
}EcdsaVerifyContext_t;
/* --------------------------------------------------------------------- */
/* ECDSA Verifying User context database */
/* --------------------------------------------------------------------- */
/*!
@brief The context definition of the user for the verification operation.
The context saves the state of the operation, and must be saved by the user
until the end of the API flow.
*/
typedef struct CCEcdsaVerifyUserContext_t
{
/*! The data of the verification process. */
uint32_t context_buff[(sizeof(EcdsaVerifyContext_t)+3)/4];
/*! The validation tag. */
uint32_t valid_tag;
}CCEcdsaVerifyUserContext_t;
/* --------------------------------------------------------------------- */
/* .................. key generation temp buffer ........... */
/* --------------------------------------------------------------------- */
/*! The temporary data type of the ECPKI KG. */
typedef struct CCEcpkiKgTempData_t
{
/*! Internal buffer. */
uint32_t ccKGIntBuff[CC_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS];
}CCEcpkiKgTempData_t;
/*! The temporary data definition of the ECIES. */
typedef struct CCEciesTempData_t {
/*! The data of the private key. */
CCEcpkiUserPrivKey_t PrivKey;
/*! The data of the public key. */
CCEcpkiUserPublKey_t PublKey;
/*! The public-key data used by conversion from Mbed TLS to CryptoCell. */
CCEcpkiUserPublKey_t ConvPublKey;
/*! Internal buffer. */
uint32_t zz[3*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1];
/*! Internal buffers. */
union {
CCEcpkiBuildTempData_t buildTempbuff;
CCEcpkiKgTempData_t KgTempBuff;
CCEcdhTempData_t DhTempBuff;
} tmp;
}CCEciesTempData_t;
/* --------------------------------------------------------------------- */
/* .................. defines for FIPS ........... */
/* --------------------------------------------------------------------- */
/*! The order length for FIPS ECC tests. */
#define CC_ECPKI_FIPS_ORDER_LENGTH (256/CC_BITS_IN_BYTE) // the order of secp256r1 in bytes
/*! ECPKI data structures for FIPS certification. */
typedef struct CCEcpkiKgFipsContext_t
{
/*! Signing and verification data. */
union {
CCEcdsaSignUserContext_t signCtx;
CCEcdsaVerifyUserContext_t verifyCtx;
}operationCtx;
/*! Internal buffer. */
uint32_t signBuff[2*CC_ECPKI_ORDER_MAX_LENGTH_IN_WORDS] ;
}CCEcpkiKgFipsContext_t;
/*! ECDSA KAT data structures for FIPS certification.
The ECDSA KAT tests are defined for domain 256r1. */
typedef struct CCEcdsaFipsKatContext_t{
/*! The key data. */
union {
/*! The private key data. */
struct {
CCEcpkiUserPrivKey_t PrivKey;
CCEcdsaSignUserContext_t signCtx;
}userSignData;
/*! The public key data. */
struct {
CCEcpkiUserPublKey_t PublKey;
union {
CCEcdsaVerifyUserContext_t verifyCtx;
CCEcpkiBuildTempData_t tempData;
}buildOrVerify;
}userVerifyData;
}keyContextData;
/*! Internal buffer. */
uint8_t signBuff[2*CC_ECPKI_FIPS_ORDER_LENGTH];
}CCEcdsaFipsKatContext_t;
/*! ECDH KAT data structures for FIPS certification. */
typedef struct CCEcdhFipsKatContext_t{
/*! The public key data. */
CCEcpkiUserPublKey_t pubKey;
/*! The private key data. */
CCEcpkiUserPrivKey_t privKey;
/*! Internal buffers. */
union {
CCEcpkiBuildTempData_t ecpkiTempData;
CCEcdhTempData_t ecdhTempBuff;
}tmpData;
/*! The buffer for the secret key. */
uint8_t secretBuff[CC_ECPKI_FIPS_ORDER_LENGTH];
}CCEcdhFipsKatContext_t;
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif

299
include/mbedtls_extra/cc_error.h Normal file
View File

@ -0,0 +1,299 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_error
@{
*/
/*!
@file
@brief This file defines the error return code types and the numbering spaces
for each module of the layers listed.
*/
#ifndef _CC_ERROR_H
#define _CC_ERROR_H
#include "cc_pal_types.h"
#ifdef __cplusplus
extern "C"
{
#endif
/*! The definitions of the error number-space used for the different modules */
/* ........... Error base numeric mapping definitions ................... */
/* ----------------------------------------------------------------------- */
/*! The error base number for CryptoCell. */
#define CC_ERROR_BASE 0x00F00000UL
/*! The error range number assigned for each layer. */
#define CC_ERROR_LAYER_RANGE 0x00010000UL
/*! The error range number assigned to each module on its specified layer. */
#define CC_ERROR_MODULE_RANGE 0x00000100UL
/* Defines the layer index for the error mapping. */
/*! The CryptoCell error-layer index. */
#define CC_LAYER_ERROR_IDX 0x00UL
/*! The error-layer index for low-level functions. */
#define LLF_LAYER_ERROR_IDX 0x01UL
/*! The generic error-layer index. */
#define GENERIC_ERROR_IDX 0x05UL
/* Defines the module index for error mapping */
/*! The AES error index.*/
#define AES_ERROR_IDX 0x00UL
/*! The DES error index.*/
#define DES_ERROR_IDX 0x01UL
/*! The hash error index.*/
#define HASH_ERROR_IDX 0x02UL
/*! The HMAC error index.*/
#define HMAC_ERROR_IDX 0x03UL
/*! The RSA error index.*/
#define RSA_ERROR_IDX 0x04UL
/*! The DH error index.*/
#define DH_ERROR_IDX 0x05UL
/*! The ECPKI error index.*/
#define ECPKI_ERROR_IDX 0x08UL
/*! The RND error index.*/
#define RND_ERROR_IDX 0x0CUL
/*! The Common error index.*/
#define COMMON_ERROR_IDX 0x0DUL
/*! The KDF error index.*/
#define KDF_ERROR_IDX 0x11UL
/*! The HKDF error index.*/
#define HKDF_ERROR_IDX 0x12UL
/*! The AESCCM error index.*/
#define AESCCM_ERROR_IDX 0x15UL
/*! The FIPS error index.*/
#define FIPS_ERROR_IDX 0x17UL
/*! The PKA error index.*/
#define PKA_MODULE_ERROR_IDX 0x21UL
/*! The ChaCha error index.*/
#define CHACHA_ERROR_IDX 0x22UL
/*! The EC Montgomery and Edwards error index.*/
#define EC_MONT_EDW_ERROR_IDX 0x23UL
/*! The ChaCha-POLY error index.*/
#define CHACHA_POLY_ERROR_IDX 0x24UL
/*! The POLY error index.*/
#define POLY_ERROR_IDX 0x25UL
/*! The SRP error index.*/
#define SRP_ERROR_IDX 0x26UL
/*! The AESGCM error index.*/
#define AESGCM_ERROR_IDX 0x27UL
/*! The AES key-wrap error index.*/
#define AES_KEYWRAP_ERROR_IDX 0x28UL
/*! Management error index.*/
#define MNG_ERROR_IDX 0x29UL
/*! Production error index.*/
#define PROD_ERROR_IDX 0x2AUL
/*! The FFCDH error index. */
#define FFCDH_ERROR_IDX 0x2BUL
/*! The FFC domain error index. */
#define FFC_DOMAIN_ERROR_IDX 0x2CUL
/*! Do not change! Error definition, reserved for Secure Boot ECDSA */
#define SB_ECC_ERROR_IDX_ 0x2DUL
/*! External DMA error index. */
#define EXT_DMA_ERROR_IDX 0x2EUL
/* .......... defining the error spaces for each module on each layer ........... */
/* ------------------------------------------------------------------------------ */
/*! The error base address of the AES module - 0x00F00000. */
#define CC_AES_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * AES_ERROR_IDX ) )
/*! The error base address of the DES module - 0x00F00100. */
#define CC_DES_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * DES_ERROR_IDX ) )
/*! The error base address of the hash module - 0x00F00200. */
#define CC_HASH_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * HASH_ERROR_IDX ) )
/*! The error base address of the HMAC module - 0x00F00300. */
#define CC_HMAC_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * HMAC_ERROR_IDX ) )
/*! The error base address of the RSA module - 0x00F00400. */
#define CC_RSA_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * RSA_ERROR_IDX ) )
/*! The error base address of the DH module - 0x00F00500. */
#define CC_DH_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * DH_ERROR_IDX ) )
/*! The error base address of the ECPKI module - 0x00F00800. */
#define CC_ECPKI_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) )
/*! The error base address of the low-level ECPKI module - 0x00F10800. */
#define LLF_ECPKI_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * ECPKI_ERROR_IDX ) )
/*! The error base address of the RND module - 0x00F00C00. */
#define CC_RND_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * RND_ERROR_IDX ) )
/*! The error base address of the low-level RND module - 0x00F10C00. */
#define LLF_RND_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * LLF_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * RND_ERROR_IDX ) )
/*! The error base address of the common module - 0x00F00D00. */
#define CC_COMMON_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * COMMON_ERROR_IDX ) )
/*! The error base address of the KDF module - 0x00F01100. */
#define CC_KDF_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * KDF_ERROR_IDX ) )
/*! The error base address of the HKDF module - 0x00F01100. */
#define CC_HKDF_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * HKDF_ERROR_IDX ) )
/*! The error base address of the AESCCM module - 0x00F01500. */
#define CC_AESCCM_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * AESCCM_ERROR_IDX ) )
/*! The error base address of the FIPS module - 0x00F01700. */
#define CC_FIPS_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * FIPS_ERROR_IDX ) )
/*! The error base address of the PKA module - 0x00F02100. */
#define PKA_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * PKA_MODULE_ERROR_IDX ) )
/*! The error base address of the ChaCha module - 0x00F02200. */
#define CC_CHACHA_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * CHACHA_ERROR_IDX ) )
/*! The error base address of the EC MONT_EDW module - 0x00F02300. */
#define CC_EC_MONT_EDW_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * EC_MONT_EDW_ERROR_IDX ) )
/*! The error base address of the Chacha-POLY module - 0x00F02400. */
#define CC_CHACHA_POLY_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * CHACHA_POLY_ERROR_IDX ) )
/*! The error base address of the POLY module - 0x00F02500. */
#define CC_POLY_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * POLY_ERROR_IDX ) )
/*! The error base address of the SRP module - 0x00F02600. */
#define CC_SRP_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * SRP_ERROR_IDX ) )
/*! The error base address of the AESGCM module - 0x00F02700. */
#define CC_AESGCM_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * AESGCM_ERROR_IDX ) )
/*! The error base address of the AES key-wrap module - 0x00F02800. */
#define CC_AES_KEYWRAP_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * AES_KEYWRAP_ERROR_IDX ) )
/*! The error base address of the Management module - 0x00F02900. */
#define CC_MNG_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * MNG_ERROR_IDX ) )
/*! The error base address of the production library - 0x00F02A00 */
#define CC_PROD_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * PROD_ERROR_IDX ) )
/*! The error base address of the FFCDH module - 0x00F02B00. */
#define CC_FFCDH_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * FFCDH_ERROR_IDX ) )
/*! The error base address of the FFCDH module - 0x00F02B00. */
#define CC_FFC_DOMAIN_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * FFC_DOMAIN_ERROR_IDX ) )
/*! The error base address of the External DMA module - 0x00F02B00. */
#define CC_EXT_DMA_MODULE_ERROR_BASE (CC_ERROR_BASE + \
(CC_ERROR_LAYER_RANGE * CC_LAYER_ERROR_IDX) + \
(CC_ERROR_MODULE_RANGE * EXT_DMA_ERROR_IDX ) )
/*! The generic error base address of the user - 0x00F50000 */
#define GENERIC_ERROR_BASE ( CC_ERROR_BASE + (CC_ERROR_LAYER_RANGE * GENERIC_ERROR_IDX) )
/*! CryptoCell fatal error. */
#define CC_FATAL_ERROR (GENERIC_ERROR_BASE + 0x00UL)
/*! CryptoCell out of resources error. */
#define CC_OUT_OF_RESOURCE_ERROR (GENERIC_ERROR_BASE + 0x01UL)
/*! CryptoCell illegal resource value error. */
#define CC_ILLEGAL_RESOURCE_VAL_ERROR (GENERIC_ERROR_BASE + 0x02UL)
/* ............ The OK (success) definition ....................... */
/*! A macro that defines the CryptoCell return value. */
#define CC_CRYPTO_RETURN_ERROR(retCode, retcodeInfo, funcHandler) \
((retCode) == 0 ? CC_OK : funcHandler(retCode, retcodeInfo))
/************************ Enums ********************************/
/************************ Typedefs ****************************/
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif

137
include/mbedtls_extra/cc_hash_defs.h Normal file
View File

@ -0,0 +1,137 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_hash_defs
@{
*/
/*!
@file
@brief This file contains definitions of the CryptoCell hash APIs.
*/
#ifndef CC_HASH_DEFS_H
#define CC_HASH_DEFS_H
#ifdef __cplusplus
extern "C"
{
#endif
#include "cc_pal_types.h"
#include "cc_error.h"
#include "cc_hash_defs_proj.h"
/************************ Defines ******************************/
/*! The size of the hash result in words. The maximal size for SHA-512 is
512 bits. */
#define CC_HASH_RESULT_SIZE_IN_WORDS 16
/*! The size of the MD5 digest result in bytes. */
#define CC_HASH_MD5_DIGEST_SIZE_IN_BYTES 16
/*! The size of the MD5 digest result in words. */
#define CC_HASH_MD5_DIGEST_SIZE_IN_WORDS 4
/*! The size of the SHA-1 digest result in bytes. */
#define CC_HASH_SHA1_DIGEST_SIZE_IN_BYTES 20
/*! The size of the SHA-1 digest result in words. */
#define CC_HASH_SHA1_DIGEST_SIZE_IN_WORDS 5
/*! The size of the SHA-224 digest result in words. */
#define CC_HASH_SHA224_DIGEST_SIZE_IN_WORDS 7
/*! The size of the SHA-256 digest result in words. */
#define CC_HASH_SHA256_DIGEST_SIZE_IN_WORDS 8
/*! The size of the SHA-384 digest result in words. */
#define CC_HASH_SHA384_DIGEST_SIZE_IN_WORDS 12
/*! The size of the SHA-512 digest result in words. */
#define CC_HASH_SHA512_DIGEST_SIZE_IN_WORDS 16
/*! The size of the SHA-256 digest result in bytes. */
#define CC_HASH_SHA224_DIGEST_SIZE_IN_BYTES 28
/*! The size of the SHA-256 digest result in bytes. */
#define CC_HASH_SHA256_DIGEST_SIZE_IN_BYTES 32
/*! The size of the SHA-384 digest result in bytes. */
#define CC_HASH_SHA384_DIGEST_SIZE_IN_BYTES 48
/*! The size of the SHA-512 digest result in bytes. */
#define CC_HASH_SHA512_DIGEST_SIZE_IN_BYTES 64
/*! The size of the SHA-1 hash block in words. */
#define CC_HASH_BLOCK_SIZE_IN_WORDS 16
/*! The size of the SHA-1 hash block in bytes. */
#define CC_HASH_BLOCK_SIZE_IN_BYTES 64
/*! The size of the SHA-2 hash block in words. */
#define CC_HASH_SHA512_BLOCK_SIZE_IN_WORDS 32
/*! The size of the SHA-2 hash block in bytes. */
#define CC_HASH_SHA512_BLOCK_SIZE_IN_BYTES 128
/*! The maximal data size for the update operation. */
#define CC_HASH_UPDATE_DATA_MAX_SIZE_IN_BYTES (1 << 29)
/************************ Enums ********************************/
/*! The hash operation mode. */
typedef enum {
/*! SHA-1. */
CC_HASH_SHA1_mode = 0,
/*! SHA-224. */
CC_HASH_SHA224_mode = 1,
/*! SHA-256. */
CC_HASH_SHA256_mode = 2,
/*! SHA-384. */
CC_HASH_SHA384_mode = 3,
/*! SHA-512. */
CC_HASH_SHA512_mode = 4,
/*! MD5. */
CC_HASH_MD5_mode = 5,
/*! The number of hash modes. */
CC_HASH_NumOfModes,
/*! Reserved. */
CC_HASH_OperationModeLast= 0x7FFFFFFF,
}CCHashOperationMode_t;
/************************ Typedefs *****************************/
/*! The hash result buffer. */
typedef uint32_t CCHashResultBuf_t[CC_HASH_RESULT_SIZE_IN_WORDS];
/************************ Structs ******************************/
/*!
The context prototype of the user.
The argument type that is passed by the user to the hash APIs.
The context saves the state of the operation, and must be saved by the user
until the end of the API flow.
*/
typedef struct CCHashUserContext_t {
/*! The internal buffer. */
uint32_t buff[CC_HASH_USER_CTX_SIZE_IN_WORDS];
}CCHashUserContext_t;
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif /* #ifndef CC_HASH_DEFS_H */

41
include/mbedtls_extra/cc_hash_defs_proj.h Normal file
View File

@ -0,0 +1,41 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_hash_defs_proj
@{
*/
/*!
@file
@brief This file contains the project-specific definitions of hash APIs.
*/
#ifndef _CC_HASH_DEFS_PROJ_H
#define _CC_HASH_DEFS_PROJ_H
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the context prototype of the user in words.
See ::CCHashUserContext_t. */
#define CC_HASH_USER_CTX_SIZE_IN_WORDS 108
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif

199
include/mbedtls_extra/cc_kdf.h Normal file
View File

@ -0,0 +1,199 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef _CC_KDF_H
#define _CC_KDF_H
#ifdef __cplusplus
extern "C"
{
#endif
/*!
@file
@brief This file defines the API that supports Key derivation function in modes
as defined in Public-Key Cryptography Standards (PKCS) #3: Diffie-Hellman Key Agreement Standard,
ANSI X9.42-2003: Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography,
and ANSI X9.63-2011: Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve
Cryptography.
@defgroup cc_kdf CryptoCell Key Derivation APIs
@{
@ingroup cryptocell_api
*/
#include "cc_hash_defs.h"
/************************ Defines ******************************/
/*! Shared secret value max size in bytes */
#define CC_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE 1024
/* Count and max. sizeof OtherInfo entries (pointers to data buffers) */
/*! Number of other info entries. */
#define CC_KDF_COUNT_OF_OTHER_INFO_ENTRIES 5
/*! Maximal size of keying data in bytes. */
#define CC_KDF_MAX_SIZE_OF_KEYING_DATA 2048
/*! Size of KDF counter in bytes */
#define CC_KDF_COUNTER_SIZE_IN_BYTES 4
/************************ Enums ********************************/
/*! HASH operation modes */
typedef enum
{
/*! SHA1 mode.*/
CC_KDF_HASH_SHA1_mode = 0,
/*! SHA224 mode.*/
CC_KDF_HASH_SHA224_mode = 1,
/*! SHA256 mode.*/
CC_KDF_HASH_SHA256_mode = 2,
/*! SHA384 mode.*/
CC_KDF_HASH_SHA384_mode = 3,
/*! SHA512 mode.*/
CC_KDF_HASH_SHA512_mode = 4,
/*! Maximal number of HASH modes. */
CC_KDF_HASH_NumOfModes,
/*! Reserved.*/
CC_KDF_HASH_OpModeLast = 0x7FFFFFFF,
}CCKdfHashOpMode_t;
/*! Key derivation modes. */
typedef enum
{
/*! ASN1 key derivation mode.*/
CC_KDF_ASN1_DerivMode = 0,
/*! Concatination key derivation mode.*/
CC_KDF_ConcatDerivMode = 1,
/*! X963 key derivation mode.*/
CC_KDF_X963_DerivMode = CC_KDF_ConcatDerivMode,
/*! ISO 18033 KDF1 key derivation mode.*/
CC_KDF_ISO18033_KDF1_DerivMode = 3,
/*! ISO 18033 KDF2 key derivation mode.*/
CC_KDF_ISO18033_KDF2_DerivMode = 4,
/*! Maximal number of key derivation modes. */
CC_KDF_DerivFunc_NumOfModes = 5,
/*! Reserved.*/
CC_KDF_DerivFuncModeLast= 0x7FFFFFFF,
}CCKdfDerivFuncMode_t;
/*! Enumerator for the additional information given to the KDF. */
typedef enum
{
CC_KDF_ALGORITHM_ID = 0, /*! An identifier (OID), indicating algorithm for which the keying data is used. */
CC_KDF_PARTY_U_INFO = 1, /*! Optional data of party U .*/
CC_KDF_PARTY_V_INFO = 2, /*! Optional data of party V. */
CC_KDF_SUPP_PRIV_INFO = 3, /*! Optional supplied private shared data. */
CC_KDF_SUPP_PUB_INFO = 4, /*! Optional supplied public shared data. */
CC_KDF_MAX_COUNT_OF_ENTRIES, /*! Maximal allowed number of entries in Other Info structure. */
/*! Reserved.*/
CC_KDF_ENTRYS_MAX_VAL = 0x7FFFFFFF,
}CCKdfOtherInfoEntries_t;
/************************ Typedefs ****************************/
/*! KDF structure, containing pointers to OtherInfo data entries and sizes.
The structure contains two arrays: one for data pointers and one for sizes, placed according
to the order given in the the ANSI X9.42-2003: Public Key Cryptography for the Financial Services
Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography standard
and defined in CCKdfOtherInfoEntries_t enumerator.
On KDF ASN1 mode this order is mandatory. On other KDF modes the user may insert
optional OtherInfo simply in one (preferably the first) or in some entries.
If any data entry is not used, then the pointer value and the size must be set to NULL. */
typedef struct
{
/*! Pointers to data entries. */
uint8_t *dataPointers[CC_KDF_MAX_COUNT_OF_ENTRIES];
/*! Sizes of data entries. */
uint32_t dataSizes[CC_KDF_MAX_COUNT_OF_ENTRIES];
}CCKdfOtherInfo_t;
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
/****************************************************************/
/*********************************************************************************************************/
/*!
@brief CC_KdfKeyDerivFunc performs key derivation according to one of the modes defined in standards:
ANSI X9.42-2003: Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography,
ANSI X9.63-2011: Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve Cryptography,
ISO/IEC 18033-2:2006: Information technology -- Security techniques -- Encryption algorithms -- Part 2: Asymmetric ciphers.
The present implementation of the function allows the following operation modes:
<ul><li> CC_KDF_ASN1_DerivMode - mode based on ASN.1 DER encoding; </li>
<li> CC_KDF_ConcatDerivMode - mode based on concatenation;</li>
<li> CC_KDF_X963_DerivMode = CC_KDF_ConcatDerivMode;</li>
<li> CC_KDF_ISO18033_KDF1_DerivMode, CC_KDF_ISO18033_KDF2_DerivMode - specific modes according to
ISO/IEC 18033-2 standard.</li></ul>
The purpose of this function is to derive a keying data from the shared secret value and some
other optional shared information, included in OtherInfo (SharedInfo).
\note All buffers arguments are represented in Big-Endian format.
@return CC_OK on success.
@return A non-zero value on failure as defined cc_kdf_error.h or cc_hash_error.h.
*/
CCError_t CC_KdfKeyDerivFunc(
uint8_t *pZzSecret, /*!< [in] A pointer to shared secret value octet string. */
size_t zzSecretSize, /*!< [in] The size of the shared secret value in bytes.
The maximal size is defined as: ::CC_KDF_MAX_SIZE_OF_SHARED_SECRET_VALUE. */
CCKdfOtherInfo_t *pOtherInfo, /*!< [in] A pointer to the structure, containing pointers to the data, shared by
two entities of agreement, depending on KDF mode:
<ul><li> In KDF ASN1 mode OtherInfo includes ASN1 DER encoding of AlgorithmID (mandatory),
and some optional data entries as described in section 7.7.1 of the ANSI X9.42-2003:
Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using
Discrete Logarithm Cryptography standard.</li>
<li> In both ISO/IEC 18033-2:2006: Information technology -- Security techniques -- Encryption algorithms -- Part 2:
Asymmetric ciphers standard: KDF1 and KDF2 modes this parameter is ignored and may be set to NULL. </li>
<li> In other modes it is optional and may be set to NULL. </li></ul>*/
CCKdfHashOpMode_t kdfHashMode, /*!< [in] The KDF identifier of hash function to be used. The hash function output
must be at least 160 bits. */
CCKdfDerivFuncMode_t derivMode, /*!< [in] The enum value, specifies one of above described derivation modes. */
uint8_t *pKeyingData, /*!< [out] A pointer to the buffer for derived keying data. */
size_t keyingDataSize /*!< [in] The size in bytes of the keying data to be derived.
The maximal size is defined as :: CC_KDF_MAX_SIZE_OF_KEYING_DATA. */ );
/*********************************************************************************************************/
/*!
CC_KdfAsn1KeyDerivFunc is a macro that performs key derivation according to ASN1 DER encoding method defined
in section 7.2.1 of ANSI X9.42-2003: Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography standard.
For a description of the parameters see ::CC_KdfKeyDerivFunc.
*/
#define CC_KdfAsn1KeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,kdfHashMode,KeyingData_ptr,KeyLenInBytes)\
CC_KdfKeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(kdfHashMode),CC_KDF_ASN1_DerivMode,(KeyingData_ptr),(KeyLenInBytes))
/*********************************************************************************************************/
/*!
CC_KdfConcatKeyDerivFunc is a macro that performs key derivation according to concatenation mode defined
in section 7.2.2 of ANSI X9.42-2003: Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography
standard and also meets ANSI X9.63-2011: Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve
Cryptography standard. For a description of the parameters see ::CC_KdfKeyDerivFunc.
*/
#define CC_KdfConcatKeyDerivFunc(ZZSecret_ptr,ZZSecretSize,OtherInfo_ptr,kdfHashMode,KeyingData_ptr,KeyLenInBytes)\
CC_KdfKeyDerivFunc((ZZSecret_ptr),(ZZSecretSize),(OtherInfo_ptr),(kdfHashMode),CC_KDF_ConcatDerivMode,(KeyingData_ptr),(KeyLenInBytes))
#ifdef __cplusplus
}
#endif
/**
@}
*/
#endif

210
include/mbedtls_extra/cc_pal_compiler.h Normal file
View File

@ -0,0 +1,210 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_pal_compiler
@{
*/
/*!
@file
@brief This file contains CryptoCell PAL platform-dependent compiler-related
definitions.
*/
#ifndef __CC_PAL_COMPILER_H__
#define __CC_PAL_COMPILER_H__
#ifdef __GNUC__
/* *********************** Defines ******************************/
/*! Associate a symbol with a link section. */
#define CC_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName)))
/*! Mark symbol as used, that is, prevent the garbage collector from
dropping it. */
#define CC_PAL_COMPILER_KEEP_SYMBOL __attribute__((used))
/*! Align a given data item in bytes. */
#define CC_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement)))
/*! Mark a function that never returns. */
#define CC_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn))
/*! Prevent a function from being inlined. */
#define CC_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline))
/*! Given data type might serve as an alias for another data-type pointer. */
/* (this is used for "superclass" struct casting) */
#define CC_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__))
/*! Get the size of a structure-type member. */
#define CC_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \
sizeof(((type_name *)0)->member_name)
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT_(a, b) a##b
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT(a, b) CC_ASSERT_CONCAT_(a, b)
/*! Definition of assertion. */
#define CC_PAL_COMPILER_ASSERT(cond, message) \
enum { CC_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) }
#elif defined(__ARM_DSM__)
#define inline
/*! Associate a symbol with a link section. */
#define CC_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName)))
/*! Mark a symbol as used, that is, prevent garbage collector from
dropping it. */
#define CC_PAL_COMPILER_KEEP_SYMBOL __attribute__((used))
/*! Align a given data item in bytes. */
#define CC_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement)))
/*! Mark a function that never returns. */
#define CC_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn))
/*! Prevent a function from being inlined. */
#define CC_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline))
/*! Given data type might serve as an alias for another data-type pointer. */
/* (this is used for "superclass" struct casting) */
#define CC_PAL_COMPILER_TYPE_MAY_ALIAS __attribute__((__may_alias__))
/*! Get the size of a structure-type member. */
#define CC_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \
sizeof(((type_name *)0)->member_name)
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT_(a, b) a##b
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT(a, b) CC_ASSERT_CONCAT_(a, b)
/*! Definition of assertion. */
#define CC_PAL_COMPILER_ASSERT(cond, message) \
enum { CC_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) }
#elif defined(__ARM_DS__)
#define inline
/*! Associate a symbol with a link section. */
#define CC_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName)))
/*! Mark a symbol as used, that is, prevent garbage collector from
dropping it. */
#define CC_PAL_COMPILER_KEEP_SYMBOL __attribute__((used))
/*! Align a given data item in bytes. */
#define CC_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement)))
/*! Mark a function that never returns. */
#define CC_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn))
/*! Prevent a function from being inlined. */
#define CC_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline))
/*! Given data type might serve as an alias for another data-type pointer. */
/* (this is used for "superclass" struct casting) */
#define CC_PAL_COMPILER_TYPE_MAY_ALIAS
/*! Get the size of a structure-type member. */
#define CC_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \
sizeof(((type_name *)0)->member_name)
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT_(a, b) a##b
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT(a, b) CC_ASSERT_CONCAT_(a, b)
/*! Definition of assertion. */
#define CC_PAL_COMPILER_ASSERT(cond, message) \
enum { CC_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) }
#elif defined(__ARM_DS5__)
#define inline __inline
/*! Associate a symbol with a link section. */
#define CC_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName)))
/*! Mark a symbol as used, that is, prevent garbage collector from
dropping it. */
#define CC_PAL_COMPILER_KEEP_SYMBOL __attribute__((used))
/*! Align a given data item in bytes. */
#define CC_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement)))
/*! Mark a function that never returns. */
#define CC_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn))
/*! Prevent a function from being inlined. */
#define CC_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline))
/*! Given data type might serve as an alias for another data-type pointer. */
/* (this is used for "superclass" struct casting) */
#define CC_PAL_COMPILER_TYPE_MAY_ALIAS
/*! Get the size of a structure-type member. */
#define CC_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \
sizeof(((type_name *)0)->member_name)
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT_(a, b) a##b
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT(a, b) CC_ASSERT_CONCAT_(a, b)
/*! Definition of assertion. */
#define CC_PAL_COMPILER_ASSERT(cond, message) \
enum { CC_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) }
#elif defined(__ICCARM__)
#define inline __inline
/*! Associate a symbol with a link section. */
#define CC_PAL_COMPILER_SECTION(sectionName) __attribute__((section(sectionName)))
/*! Mark a symbol as used, that is, prevent garbage collector from
dropping it. */
#define CC_PAL_COMPILER_KEEP_SYMBOL __attribute__((used))
/*! Align a given data item in bytes. */
#define CC_PAL_COMPILER_ALIGN(alignement) __attribute__((aligned(alignement)))
/*! Mark a function that never returns. */
#define CC_PAL_COMPILER_FUNC_NEVER_RETURNS __attribute__((noreturn))
/*! Prevent a function from being inlined. */
#define CC_PAL_COMPILER_FUNC_DONT_INLINE __attribute__((noinline))
/*! Given data type might serve as an alias for another data-type pointer. */
/* (this is used for "superclass" struct casting) */
#define CC_PAL_COMPILER_TYPE_MAY_ALIAS
/*! Get the size of a structure-type member. */
#define CC_PAL_COMPILER_SIZEOF_STRUCT_MEMBER(type_name, member_name) \
sizeof(((type_name *)0)->member_name)
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT_(a, b) a##b
/*! Definition of assertion. */
#define CC_ASSERT_CONCAT(a, b) CC_ASSERT_CONCAT_(a, b)
/*! Definition of assertion. */
#define CC_PAL_COMPILER_ASSERT(cond, message) \
enum { CC_ASSERT_CONCAT(assert_line_, __LINE__) = 1/(!!(cond)) }
#else
#error Unsupported compiler.
#endif
/*!
@}
*/
#endif /*__CC_PAL_COMPILER_H__*/

95
include/mbedtls_extra/cc_pal_types.h Normal file
View File

@ -0,0 +1,95 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_pal_types
@{
*/
/*!
@file
@brief This file contains definitions and types of CryptoCell PAL platform-dependent APIs.
*/
#ifndef CC_PAL_TYPES_H
#define CC_PAL_TYPES_H
#include "cc_pal_types_plat.h"
/*! Boolean types.*/
typedef enum {
/*! Boolean false definition.*/
CC_FALSE = 0,
/*! Boolean true definition.*/
CC_TRUE = 1
} CCBool;
/*! Success definition. */
#define CC_SUCCESS 0UL
/*! Failure definition. */
#define CC_FAIL 1UL
/*! Success (OK) definition. */
#define CC_OK 0
/*! Handles unused parameters in the code, to avoid compilation warnings. */
#define CC_UNUSED_PARAM(prm) ((void)prm)
/*! The maximal uint32 value.*/
#define CC_MAX_UINT32_VAL (0xFFFFFFFF)
/* Minimal and Maximal macros */
#ifdef min
/*! Definition for minimal calculation. */
#define CC_MIN(a,b) min( a , b )
#else
/*! Definition for minimal calculation. */
#define CC_MIN( a , b ) ( ( (a) < (b) ) ? (a) : (b) )
#endif
#ifdef max
/*! Definition for maximal calculation. */
#define CC_MAX(a,b) max( a , b )
#else
/*! Definition for maximal calculation.. */
#define CC_MAX( a , b ) ( ( (a) > (b) ) ? (a) : (b) )
#endif
/*! This macro calculates the number of full bytes from bits, where seven bits
are one byte. */
#define CALC_FULL_BYTES(numBits) ((numBits)/CC_BITS_IN_BYTE + (((numBits) & (CC_BITS_IN_BYTE-1)) > 0))
/*! This macro calculates the number of full 32-bit words from bits, where
31 bits are one word. */
#define CALC_FULL_32BIT_WORDS(numBits) ((numBits)/CC_BITS_IN_32BIT_WORD + (((numBits) & (CC_BITS_IN_32BIT_WORD-1)) > 0))
/*! This macro calculates the number of full 32-bit words from bytes, where
three bytes are one word. */
#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) ((sizeBytes)/CC_32BIT_WORD_SIZE + (((sizeBytes) & (CC_32BIT_WORD_SIZE-1)) > 0))
/*! This macro calculates the number of full 32-bit words from 64-bits
dwords. */
#define CALC_32BIT_WORDS_FROM_64BIT_DWORD(sizeWords) (sizeWords * CC_32BIT_WORD_IN_64BIT_DWORD)
/*! This macro rounds up bits to 32-bit words. */
#define ROUNDUP_BITS_TO_32BIT_WORD(numBits) (CALC_FULL_32BIT_WORDS(numBits) * CC_BITS_IN_32BIT_WORD)
/*! This macro rounds up bits to bytes. */
#define ROUNDUP_BITS_TO_BYTES(numBits) (CALC_FULL_BYTES(numBits) * CC_BITS_IN_BYTE)
/*! This macro rounds up bytes to 32-bit words. */
#define ROUNDUP_BYTES_TO_32BIT_WORD(sizeBytes) (CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) * CC_32BIT_WORD_SIZE)
/*! Definition of 1 KB in bytes. */
#define CC_1K_SIZE_IN_BYTES 1024
/*! Definition of number of bits in a byte. */
#define CC_BITS_IN_BYTE 8
/*! Definition of number of bits in a 32-bits word. */
#define CC_BITS_IN_32BIT_WORD 32
/*! Definition of number of bytes in a 32-bits word. */
#define CC_32BIT_WORD_SIZE 4
/*! Definition of number of 32-bits words in a 64-bits dword. */
#define CC_32BIT_WORD_IN_64BIT_DWORD 2
/*!
@}
*/
#endif

35
include/mbedtls_extra/cc_pal_types_plat.h Normal file
View File

@ -0,0 +1,35 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*! @file
@brief This file contains basic platform-dependent type definitions.
*/
#ifndef _CC_PAL_TYPES_PLAT_H
#define _CC_PAL_TYPES_PLAT_H
/* Host specific types for standard (ISO-C99) compliant platforms */
#include <stdint.h>
#include <stddef.h>
#include <stdbool.h>
/*! Type definition for virtual address. */
typedef uintptr_t CCVirtAddr_t;
/*! Type Definition for boolean variable. */
typedef uint32_t CCBool_t;
/*! Type definition for return status. */
typedef uint32_t CCStatus;
/*! Type definition for error return. */
#define CCError_t CCStatus
/*! Defines inifinite value, used to define unlimited time frame. */
#define CC_INFINITE 0xFFFFFFFF
/*! Type definition for C export. */
#define CEXPORT_C
/*! Type definition for C import. */
#define CIMPORT_C
#endif /*_CC_PAL_TYPES_PLAT_H*/

93
include/mbedtls_extra/cc_pka_defs_hw.h Normal file
View File

@ -0,0 +1,93 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_pka_defs_hw
@{
*/
/*!
@file
@brief This file contains all of the enums and definitions that are used in
PKA APIs.
*/
#ifndef _CC_PKA_DEFS_HW_H_
#define _CC_PKA_DEFS_HW_H_
#include "cc_pal_types.h"
#include "cc_pka_hw_plat_defs.h"
/* The valid key sizes in bits for RSA primitives (exponentiation) */
/*! The maximal RSA modulus size. */
#define CC_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS ((CC_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS + CC_PKA_WORD_SIZE_IN_BITS) / CC_BITS_IN_32BIT_WORD )
/*! The maximal EC modulus size. */
#define CC_ECPKI_MODUL_MAX_LENGTH_IN_BITS 521
/*! The size of the buffers for Barrett modulus tag NP, used in PKI
algorithms. */
#define CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS 5
/*! The size of the buffers for Barrett modulus tag NP, used in ECC. */
#define CC_PKA_ECPKI_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS
/*! The actual size of Barrett modulus tag NP in words for current
HW platform. */
#define CC_PKA_BARRETT_MOD_TAG_SIZE_IN_WORDS \
(((CC_PKA_WORD_SIZE_IN_BITS + PKA_EXTRA_BITS - 1) + (CC_BITS_IN_32BIT_WORD - 1)) / CC_BITS_IN_32BIT_WORD )
/*! The maximal size of the PKA modulus. */
#define CC_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS CC_RSA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS
/*! The maximal size of the PKA public-key in words. */
#define CC_PKA_PUB_KEY_BUFF_SIZE_IN_WORDS (2*CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS)
/*! The maximal size of the PKA private-key in words. */
#define CC_PKA_PRIV_KEY_BUFF_SIZE_IN_WORDS (2*CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS)
/*! The maximal size of the PKA KG buffer in words */
#define CC_PKA_KGDATA_BUFF_SIZE_IN_WORDS (3*CC_PKA_MAXIMUM_MOD_BUFFER_SIZE_IN_WORDS + 3*CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS)
/*! The maximal size of the EC modulus in words. */
#define CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS 18 /*!< \internal [(CC_ECPKI_MODUL_MAX_LENGTH_IN_BITS + 31)/(sizeof(uint32_t)) + 1] */
/*! The maximal size of the EC order in words. */
#define CC_ECPKI_ORDER_MAX_LENGTH_IN_WORDS (CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1)
/*! The maximal size of the EC domain in words. */
#define CC_PKA_DOMAIN_BUFF_SIZE_IN_WORDS (2*CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS)
/*! The ECC NAF buffer definitions. */
#define COUNT_NAF_WORDS_PER_KEY_WORD 8 /*!< \internal Change according to NAF representation (? 2)*/
/*! The maximal length of the ECC NAF buffer. */
#define CC_PKA_ECDSA_NAF_BUFF_MAX_LENGTH_IN_WORDS (COUNT_NAF_WORDS_PER_KEY_WORD*CC_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + 1)
#ifndef CC_SUPPORT_ECC_SCA_SW_PROTECT
/* on fast SCA non protected mode required additional buffers for NAF key */
/*! The size of the Scalar buffer in words. */
#define CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS (CC_PKA_ECDSA_NAF_BUFF_MAX_LENGTH_IN_WORDS+CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+2)
#else
/*! The size of the Scalar buffer in words. */
#define CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS 1 /*(4*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)*/
#endif
/*! The size of the ECC temporary buffer in words. */
#define CC_PKA_ECPKI_BUILD_TMP_BUFF_MAX_LENGTH_IN_WORDS (3*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS)
/*! The size of the ECC sign temporary buffer in words. */
#define CC_PKA_ECDSA_SIGN_BUFF_MAX_LENGTH_IN_WORDS (6*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS+CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS)
/*! The size of the ECC ECDH temporary-buffer in words. */
#define CC_PKA_ECDH_BUFF_MAX_LENGTH_IN_WORDS (2*CC_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS)
/*! The size of the PKA KG temporary-buffer in words. */
#define CC_PKA_KG_BUFF_MAX_LENGTH_IN_WORDS (2*CC_ECPKI_ORDER_MAX_LENGTH_IN_WORDS + CC_PKA_ECPKI_SCALAR_MUL_BUFF_MAX_LENGTH_IN_WORDS)
/*! The size of the ECC verify temporary-buffer in words. */
#define CC_PKA_ECDSA_VERIFY_BUFF_MAX_LENGTH_IN_WORDS (3*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS)
/* *************************************************************************** */
/*! The maximal size of the modulus buffers for CC_EC_MONT and EC_EDW in
bytes.*/
#define CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_BYTES 32U /*!< \internal for Curve25519 */
/*! The maximal size of the modulus buffers for CC_EC_MONT and EC_EDW in
words. */
#define CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS 8U /*!< \internal for Curve25519 */
/*! The size of the ECC Montgomery temporary buffer in words. */
#define CC_EC_MONT_TEMP_BUFF_SIZE_IN_32BIT_WORDS (8 * CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS) /*!< \internal Change according to actual requirements */
/*! The size of the ECC Edwards temporary buffer in words. */
#define CC_EC_EDW_TEMP_BUFF_SIZE_IN_31BIT_WORDS (8*CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS + (sizeof(CCHashUserContext_t)+CC_32BIT_WORD_SIZE-1)/CC_32BIT_WORD_SIZE)
/*!
@}
*/
#endif /*_CC_PKA_DEFS_HW_H_*/

246
include/mbedtls_extra/cc_rnd_common.h Normal file
View File

@ -0,0 +1,246 @@
/**************************************************************************************
* Copyright (c) 2016-2019, Arm Limited (or its affiliates). All rights reserved *
* *
* This file and the related binary are licensed under the following license: *
* *
* ARM Object Code and Header Files License, v1.0 Redistribution. *
* *
* Redistribution and use of object code, header files, and documentation, without *
* modification, are permitted provided that the following conditions are met: *
* *
* 1) Redistributions must reproduce the above copyright notice and the *
* following disclaimer in the documentation and/or other materials *
* provided with the distribution. *
* *
* 2) Unless to the extent explicitly permitted by law, no reverse *
* engineering, decompilation, or disassembly of is permitted. *
* *
* 3) Redistribution and use is permitted solely for the purpose of *
* developing or executing applications that are targeted for use *
* on an ARM-based product. *
* *
* DISCLAIMER. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND *
* CONTRIBUTORS "AS IS." ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT *
* NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, *
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE *
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, *
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED *
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR *
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF *
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING *
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS *
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. *
**************************************************************************************/
/*!
@addtogroup cc_rnd
@{
*/
/*!
@file
@brief This file contains the CryptoCell random-number generation (RNG) APIs.
The random-number generation module implements <em>NIST Special Publication
800-90A: Recommendation for Random Number Generation Using Deterministic
Random Bit Generators.</em>
*/
#ifndef _CC_RND_COMMON_H
#define _CC_RND_COMMON_H
#include "cc_error.h"
#include "cc_aes_defs.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/* RND seed and additional input sizes */
/*! The maximal size of the random seed in words. */
#define CC_RND_SEED_MAX_SIZE_WORDS 12
#ifndef USE_MBEDTLS_CRYPTOCELL
#ifndef CC_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS
/*! The maximal size of the additional input-data in words. */
#define CC_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS CC_RND_SEED_MAX_SIZE_WORDS
#endif
#endif
/* maximal requested size counter (12 bits active) - maximal count
of generated random 128 bit blocks allowed per one request of
Generate function according NIST 800-90 it is (2^12 - 1) = 0x3FFFF */
/* Max size for one RNG generation (in bits) =
max_num_of_bits_per_request = 2^19 (FIPS 800-90 Tab.3) */
/*! The maximal size of the generated vector in bits. */
#define CC_RND_MAX_GEN_VECTOR_SIZE_BITS 0x7FFFF
/*! The maximal size of the generated random vector in bytes. */
#define CC_RND_MAX_GEN_VECTOR_SIZE_BYTES 0xFFFF
/*! The maximal size of the generated vector in bytes. */
#define CC_RND_REQUESTED_SIZE_COUNTER 0x3FFFF
/* Definitions of temp buffer for RND_DMA */
/*******************************************************************/
/* Definitions of temp buffer for DMA */
/*! The size of the temporary buffer in words. */
#define CC_RND_WORK_BUFFER_SIZE_WORDS 136
/*! The definition of the RAM buffer, for internal use in instantiation or
reseeding operations. */
typedef struct
{
/*! The internal buffer. */
uint32_t ccRndIntWorkBuff[CC_RND_WORK_BUFFER_SIZE_WORDS];
}CCRndWorkBuff_t;
/* RND source buffer inner (entrpopy) offset */
/*! The definition of the internal offset in words. */
#define CC_RND_TRNG_SRC_INNER_OFFSET_WORDS 2
/*! The definition of the internal offset in bytes. */
#define CC_RND_TRNG_SRC_INNER_OFFSET_BYTES (CC_RND_TRNG_SRC_INNER_OFFSET_WORDS*sizeof(uint32_t))
/************************ Enumerators ****************************/
/*! The definition of the random operation modes. */
typedef enum
{
/*! HW entropy estimation: 800-90B or full. */
CC_RND_FE = 1,
/*! Reserved. */
CC_RND_ModeLast = 0x7FFFFFFF,
} CCRndMode_t;
/************************ Structs *****************************/
/* The internal state of DRBG mechanism based on AES CTR and CBC-MAC
algorithms. It is set as global data defined by the following
structure */
/*!
@brief The structure for the RND state.
This includes internal data that must be saved by the user between boots.
*/
typedef struct
{
#ifndef USE_MBEDTLS_CRYPTOCELL
/* Seed buffer, consists from concatenated Key||V: max size 12 words */
/*! The random-seed buffer. */
uint32_t Seed[CC_RND_SEED_MAX_SIZE_WORDS];
/* Previous value for continuous test */
/*! The previous random data, used for continuous test. */
uint32_t PreviousRandValue[CC_AES_CRYPTO_BLOCK_SIZE_IN_WORDS];
/* AdditionalInput buffer max size = seed max size words + 4w for padding*/
/*! The previous additional-input buffer. */
uint32_t PreviousAdditionalInput[CC_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+3];
/*! The additional-input buffer. */
uint32_t AdditionalInput[CC_RND_ADDITINAL_INPUT_MAX_SIZE_WORDS+4];
/*! The size of the additional input in words. */
uint32_t AddInputSizeWords;
/*! The size of the entropy source in words. */
uint32_t EntropySourceSizeWords;
/*! The Reseed counter (32-bit active). Indicates the number of requests
for entropy since instantiation or reseeding. */
uint32_t ReseedCounter;
/*! The key size in words, according to security strength: 128 bits:
4 words. 256 bits: 8 words. */
uint32_t KeySizeWords;
/* State flag (see definition of StateFlag above), containing bit-fields, defining:
- b'0: instantiation steps: 0 - not done, 1 - done;
- 2b'9,8: working or testing mode: 0 - working, 1 - KAT DRBG test, 2 -
KAT TRNG test;
b'16: flag defining is Previous random valid or not:
0 - not valid, 1 - valid */
/*! The state flag used internally in the code. */
uint32_t StateFlag;
/* validation tag */
/*! The validation tag used internally in the code. */
uint32_t ValidTag;
/*! The size of the RND source entropy in bits. */
uint32_t EntropySizeBits;
#endif
/*! The TRNG process state used internally in the code. */
uint32_t TrngProcesState;
} CCRndState_t;
/*! The RND vector-generation function pointer. */
typedef int (*CCRndGenerateVectWorkFunc_t)( \
/*! A pointer to the RND-state context. */
void *rndState_ptr, \
/*! A pointer to the output buffer. */
unsigned char *out_ptr, \
/*! The size of the output in bytes. */
size_t outSizeBytes
);
/*! The definition of the RND context that includes the CryptoCell
RND state structure, and a function pointer for the RND-generation
function. */
typedef struct
{
/*! A pointer to the internal state of the RND.
Note: This pointer should be allocated in a physical and contiguous
memory, that is accessible to the CryptoCell DMA. This pointer should
be allocated and assigned before calling CC_LibInit(). */
void * rndState;
/*! A pointer to the entropy context. Note: This pointer should be
allocated and assigned before calling CC_LibInit(). */
void * entropyCtx;
/*! A pointer to the user-given function for generation a random
vector. */
CCRndGenerateVectWorkFunc_t rndGenerateVectFunc;
} CCRndContext_t;
/*****************************************************************************/
/********************** Public Functions *************************/
/*****************************************************************************/
/****************************************************************************************/
/*!
@brief This function sets the RND vector-generation function into the RND
context.
It is called as part of Arm CryptoCell library initialization, to
set the RND vector generation function into the primary RND context.
@note It must be called before any other API that requires the RND context as
a parameter.
@return \c CC_OK on success.
@return A non-zero value from cc_rnd_error.h on failure.
*/
CCError_t CC_RndSetGenerateVectorFunc(
/*! [in/out] A pointer to the RND context buffer that is allocated
by the user, which is used to maintain the RND state, as well as
pointers to the functions used for random vector generation. */
CCRndContext_t *rndContext_ptr,
/*! [in] A pointer to the \c CC_RndGenerateVector random
vector-generation function. */
CCRndGenerateVectWorkFunc_t rndGenerateVectFunc
);
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif /* #ifndef _CC_RND_COMMON_H */

120
include/mbedtls_extra/cc_rnd_error.h Normal file
View File

@ -0,0 +1,120 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef _CC_RND_ERROR_H
#define _CC_RND_ERROR_H
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/*!
@file
@brief This file contains the definitions of the CryptoCell RND errors.
@defgroup cc_rnd_error CryptoCell RND specific errors
@{
@ingroup cc_rnd
*/
/************************ Defines ******************************/
/*! RND module on the CryptoCell layer base address - 0x00F00C00 */
/*! Illegal output pointer.*/
#define CC_RND_DATA_OUT_POINTER_INVALID_ERROR (CC_RND_MODULE_ERROR_BASE + 0x0UL)
/*! Random generation in range failed .*/
#define CC_RND_CAN_NOT_GENERATE_RAND_IN_RANGE (CC_RND_MODULE_ERROR_BASE + 0x1UL)
/*! CPRNGT test failed.*/
#define CC_RND_CPRNG_TEST_FAIL_ERROR (CC_RND_MODULE_ERROR_BASE + 0x2UL)
/*! Illegal additional data buffer. */
#define CC_RND_ADDITIONAL_INPUT_BUFFER_NULL (CC_RND_MODULE_ERROR_BASE + 0x3UL)
/*! Illegal additional data size. */
#define CC_RND_ADDITIONAL_INPUT_SIZE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x4UL)
/*! Data size overflow. */
#define CC_RND_DATA_SIZE_OVERFLOW_ERROR (CC_RND_MODULE_ERROR_BASE + 0x5UL)
/*! Illegal vector size. */
#define CC_RND_VECTOR_SIZE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x6UL)
/*! Reseed counter overflow - in case this error was returned instantiation or reseeding operation must be called. */
#define CC_RND_RESEED_COUNTER_OVERFLOW_ERROR (CC_RND_MODULE_ERROR_BASE + 0x7UL)
/*! Instantiation was not yet called. */
#define CC_RND_INSTANTIATION_NOT_DONE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x8UL)
/*! TRNG loss of samples. */
#define CC_RND_TRNG_LOSS_SAMPLES_ERROR (CC_RND_MODULE_ERROR_BASE + 0x9UL)
/*! TRNG Time exceeded limitations. */
#define CC_RND_TRNG_TIME_EXCEED_ERROR (CC_RND_MODULE_ERROR_BASE + 0xAUL)
/*! TRNG loss of samples and time exceeded limitations. */
#define CC_RND_TRNG_LOSS_SAMPLES_AND_TIME_EXCEED_ERROR (CC_RND_MODULE_ERROR_BASE + 0xBUL)
/*! RND is in Known Answer Test mode. */
#define CC_RND_IS_KAT_MODE_ERROR (CC_RND_MODULE_ERROR_BASE + 0xCUL)
/*! RND operation not supported. */
#define CC_RND_OPERATION_IS_NOT_SUPPORTED_ERROR (CC_RND_MODULE_ERROR_BASE + 0xDUL)
/*! RND validity check failed. */
#define CC_RND_STATE_VALIDATION_TAG_ERROR (CC_RND_MODULE_ERROR_BASE + 0xEUL)
/*! RND is not supported. */
#define CC_RND_IS_NOT_SUPPORTED (CC_RND_MODULE_ERROR_BASE + 0xFUL)
/*! Illegal generate vector function pointer. */
#define CC_RND_GEN_VECTOR_FUNC_ERROR (CC_RND_MODULE_ERROR_BASE + 0x14UL)
/*! Illegal work buffer pointer. */
#define CC_RND_WORK_BUFFER_PTR_INVALID_ERROR (CC_RND_MODULE_ERROR_BASE + 0x20UL)
/*! Illegal AES key size. */
#define CC_RND_ILLEGAL_AES_KEY_SIZE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x21UL)
/*! Illegal data pointer. */
#define CC_RND_ILLEGAL_DATA_PTR_ERROR (CC_RND_MODULE_ERROR_BASE + 0x22UL)
/*! Illegal data size. */
#define CC_RND_ILLEGAL_DATA_SIZE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x23UL)
/*! Illegal parameter. */
#define CC_RND_ILLEGAL_PARAMETER_ERROR (CC_RND_MODULE_ERROR_BASE + 0x24UL)
/*! Illegal RND state pointer. */
#define CC_RND_STATE_PTR_INVALID_ERROR (CC_RND_MODULE_ERROR_BASE + 0x25UL)
/*! TRNG errors. */
#define CC_RND_TRNG_ERRORS_ERROR (CC_RND_MODULE_ERROR_BASE + 0x26UL)
/*! Illegal context pointer. */
#define CC_RND_CONTEXT_PTR_INVALID_ERROR (CC_RND_MODULE_ERROR_BASE + 0x27UL)
/*! Illegal output vector pointer. */
#define CC_RND_VECTOR_OUT_PTR_ERROR (CC_RND_MODULE_ERROR_BASE + 0x30UL)
/*! Illegal output vector size. */
#define CC_RND_VECTOR_OUT_SIZE_ERROR (CC_RND_MODULE_ERROR_BASE + 0x31UL)
/*! Maximal vector size is too small. */
#define CC_RND_MAX_VECTOR_IS_TOO_SMALL_ERROR (CC_RND_MODULE_ERROR_BASE + 0x32UL)
/*! Illegal Known Answer Tests parameters. */
#define CC_RND_KAT_DATA_PARAMS_ERROR (CC_RND_MODULE_ERROR_BASE + 0x33UL)
/*! TRNG Known Answer Test not supported. */
#define CC_RND_TRNG_KAT_NOT_SUPPORTED_ERROR (CC_RND_MODULE_ERROR_BASE + 0x34UL)
/*! SRAM memory is not defined. */
#define CC_RND_SRAM_NOT_SUPPORTED_ERROR (CC_RND_MODULE_ERROR_BASE + 0x35UL)
/*! AES operation failure. */
#define CC_RND_AES_ERROR (CC_RND_MODULE_ERROR_BASE + 0x36UL)
/*! TRNG mode mismatch between PAL and lib */
#define CC_RND_MODE_MISMATCH_ERROR (CC_RND_MODULE_ERROR_BASE + 0x37UL)
/************************ Enums ********************************/
/************************ Typedefs ****************************/
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
#ifdef __cplusplus
}
#endif
/**
@}
*/
#endif

135
include/mbedtls_extra/mbedtls_cc_aes_key_wrap.h Normal file
View File

@ -0,0 +1,135 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@file
@brief This file contains all of the CryptoCell key-wrapping APIs, their enums and definitions.
The APIs support AES key wrapping as defined in <em>NIST SP 800-38F: Recommendation for
Block Cipher Modes of Operation: Methods for Key Wrapping</em>.
*/
/*!
@defgroup cc_aes_keywrap CryptoCell AES key-wrapping APIs
@brief Contains CryptoCell key-wrapping APIs.
See mbedtls_cc_aes_key_wrap.h.
@{
@ingroup cc_aes
@}
*/
#ifndef _MBEDTLS_CC_AES_KEY_WRAP_H
#define _MBEDTLS_CC_AES_KEY_WRAP_H
#include "cc_pal_types.h"
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/*! The size of the AES key-wrapping semiblock in Bytes. */
#define CC_AES_KEYWRAP_SEMIBLOCK_SIZE_BYTES (CC_AES_BLOCK_SIZE_IN_BYTES >> 1)
/*! The size of the AES key-wrapping semiblock in words. */
#define CC_AES_KEYWRAP_SEMIBLOCK_SIZE_WORDS (CC_AES_KEYWRAP_SEMIBLOCK_SIZE_BYTES >> 2)
/*! The AES key-wrapping semiblock to Bytes shift. */
#define CC_AES_KEYWRAP_SEMIBLOCK_TO_BYTES_SHFT 3
/*! AES key-wrapping with padding (KWP) maximum Bytes of padding. */
#define CC_AES_KEYWRAP_MAX_PAD_LEN 7
/**********************************/
/** ICVs - Integrity Check Value **/
/**********************************/
/*! The 64-bit default ICV for KW mode. */
#define CC_AES_KEYWRAP_ICV1 {0xA6A6A6A6, 0xA6A6A6A6}
/*! The 32-bit default ICV for KWP mode. */
#define CC_AES_KEYWRAP_ICV2 {0xA65959A6, 0x00000000}
/************************ Typedefs ****************************/
/*! Supported modes of the AES key-wrapping operation: KW and KWP, as defined in
<em>NIST SP 800-38F: Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping</em>. */
typedef enum keyWrapMode {
CC_AES_KEYWRAP_KW_MODE = 0, /*!< KW mode. */
CC_AES_KEYWRAP_KWP_MODE = 1, /*!< KWP mode. */
CC_AES_KEYWRAP_NUM_OF_MODES = 2, /*!< Allowed number of AES key-wrapping modes. */
CC_AES_KEYWRAP_RESERVE32B = INT32_MAX /*!< Reserved. */
}mbedtls_keywrap_mode_t;
/******************************************* Public Functions *****************************************/
/******************************************************************************************************/
/******** AES key-wrapping FUNCTION *********/
/******************************************************************************************************/
/*!
@brief This is the AES wrapping or encryption function.
AES key-wrapping specifies a deterministic authenticated-encryption mode of operation of the
AES, according to <em>NIST SP 800-38F: Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping</em>.
Its purpose is to protect cryptographic keys.
It uses units of 8 Bytes called semiblocks. The minimal number of input semiblocks is:
<ul><li>For KW mode: 2 semiblocks.</li>
<li>For KWP mode: 1 semiblock.</li></ul>
The maximal size of the output in Bytes is 64KB. This is a system restriction.
The input to key-wrapping includes the following elements:
<ul><li>Payload - text data that is both authenticated and encrypted.</li>
<li>Key - The encryption key for the AES operation.</li></ul>
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_aes_key_wrap_error.h.
*/
CCError_t mbedtls_aes_key_wrap(
mbedtls_keywrap_mode_t keyWrapFlag, /*!< [in] The key-wrapping mode: KW or KWP. */
uint8_t* keyBuf, /*!< [in] A pointer to AES key-wrapping key. */
size_t keySize, /*!< [in] The size of the key in Bytes. Valid values are:
16 Bytes, 24 Bytes, or 32 Bytes. */
uint8_t* pPlainText, /*!< [in] A pointer to the plain-text data for encryption. The buffer must be contiguous. */
size_t plainTextSize, /*!< [in] The size of the plain-text data in Bytes. */
uint8_t* pCipherText, /*!< [out] A pointer to the cipher-text output data. The buffer must be contiguous. */
size_t* pCipherTextSize /*!< [in/out] Input: A pointer to the size of the cipher-text output data buffer.
Output: The actual size of the cipher-text output data in Bytes. */
);
/*!
@brief This is the AES unwrapping or decryption function.
AES key-wrapping specifies a deterministic authenticated-encryption mode of operation of the
AES, according to <em>NIST SP 800-38F: Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping</em>.
Its purpose is to protect cryptographic keys.
It uses units of 8 Bytes called semiblocks. The minimal number of input semiblocks is:
<ul><li>For KW mode: 2 semiblocks.</li>
<li>For KWP mode: 1 semiblock.</li></ul>
The maximal size of the output in bytes is 64KB. This is a system restriction.
Input to key-wrapping includes the following elements:
<ul><li>Payload - text data that is both authenticated and encrypted.</li>
<li>Key - The encryption key for the AES operation.</li></ul>
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_aes_key_wrap_error.h.
*/
CCError_t mbedtls_aes_key_unwrap(
mbedtls_keywrap_mode_t keyWrapFlag, /*!< [in] The enumerator defining the key-wrapping mode: KW or KWP. */
uint8_t* keyBuf, /*!< [in] A pointer to AES key-wrapping key. */
size_t keySize, /*!< [in] The size of the key in Bytes. Valid values are:
16 Bytes, 24 Bytes, or 32 Bytes. */
uint8_t* pCipherText, /*!< [in] A pointer to the cipher-text data for decryption. The buffer must be contiguous. */
size_t cipherTextSize, /*!< [in] The size of the cipher-text data in Bytes. */
uint8_t* pPlainText, /*!< [out] A pointer to the plain-text output data. The buffer must be contiguous. */
size_t* pPlainTextSize /*!< [in/out] Input: A pointer to the size of the plain-text output data buffer.
Output: The actual size of the plain-text output data in Bytes. */
);
#ifdef __cplusplus
}
#endif
#endif /*#ifndef _MBEDTLS_CC_AES_KEY_WRAP_H*/

78
include/mbedtls_extra/mbedtls_cc_aes_key_wrap_error.h Normal file
View File

@ -0,0 +1,78 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@file mbedtls_cc_aes_key_wrap_error.h
@brief This file contains the error definitions of the CryptoCell AES key-wrapping APIs.
*/
/*!
@defgroup cc_aes_keywrap_error Specific errors of the CryptoCell AES key-wrapping APIs
@brief Contains the CryptoCell AES key-wrapping-API error definitions.
See mbedtls_cc_aes_key_wrap_error.h.
@{
@ingroup cc_aes_keywrap
@}
*/
#ifndef _CC_AES_KEYWRAP_ERROR_H
#define _CC_AES_KEYWRAP_ERROR_H
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/* CryptoCell AES key-wrapping module errors. #CC_AES_KEYWRAP_MODULE_ERROR_BASE = 0x00F02800 */
/*! Invalid data-in text pointer. */
#define CC_AES_KEYWRAP_DATA_IN_POINTER_INVALID_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x00UL)
/*! Invalid data-out text pointer. */
#define CC_AES_KEYWRAP_DATA_OUT_POINTER_INVALID_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x01UL)
/*! Invalid key pointer. */
#define CC_AES_KEYWRAP_INVALID_KEY_POINTER_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x02UL)
/*! Invalid key size. */
#define CC_AES_KEYWRAP_ILLEGAL_KEY_SIZE_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x03UL)
/*! Illegal semiblocks number. */
#define CC_AES_KEYWRAP_SEMIBLOCKS_NUM_ILLEGAL (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x04UL)
/*! Invalid parameter pointer. */
#define CC_AES_KEYWRAP_ILLEGAL_PARAMETER_PTR_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x05UL)
/*! Invalid encryption mode. */
#define CC_AES_KEYWRAP_INVALID_ENCRYPT_MODE_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x06UL)
/*! Illegal data-in size. */
#define CC_AES_KEYWRAP_DATA_IN_SIZE_ILLEGAL (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x07UL)
/*! Illegal data-out size. */
#define CC_AES_KEYWRAP_DATA_OUT_SIZE_ILLEGAL (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x08UL)
/*! Illegal key-wrapping mode. */
#define CC_AES_KEYWRAP_INVALID_KEYWRAP_MODE_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x09UL)
/*! Key Unwrap comparison failure. */
#define CC_AES_KEYWRAP_UNWRAP_COMPARISON_ERROR (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0x0AUL)
/*! Not supported. */
#define CC_AES_KEYWRAP_IS_NOT_SUPPORTED (CC_AES_KEYWRAP_MODULE_ERROR_BASE + 0xFFUL)
/************************ Enums ********************************/
/************************ Typedefs ****************************/
/************************ Structs *****************************/
/************************ Public Variables *********************/
/************************ Public Functions *********************/
#ifdef __cplusplus
}
#endif
#endif /* _CC_AES_KEYWRAP_ERROR_H */

84
include/mbedtls_extra/mbedtls_cc_ec_mont_edw_error.h Normal file
View File

@ -0,0 +1,84 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef _MBEDTLS_CC_EC_MONT_EDW_ERROR_H
#define _MBEDTLS_CC_EC_MONT_EDW_ERROR_H
/*!
@file
@brief This file contains the definitions of the CryptoCell ECC-25519 errors.
@defgroup cc_ecmontedw_error CryptoCell ECC-25519 errors
@{
@ingroup cryptocell_api
*/
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/**********************************************************************************************************
* CryptoCell ECC-25519 MODULE ERRORS base address - 0x00F02100 *
**********************************************************************************************************/
/*! Illegal input pointer */
#define CC_EC_EDW_INVALID_INPUT_POINTER_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x00UL)
/*! Illegal input size */
#define CC_EC_EDW_INVALID_INPUT_SIZE_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x01UL)
/*! Illegal scalar size */
#define CC_EC_EDW_INVALID_SCALAR_SIZE_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x02UL)
/*! Illegal scalar data */
#define CC_EC_EDW_INVALID_SCALAR_DATA_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x03UL)
/*! Invalid RND context pointer */
#define CC_EC_EDW_RND_CONTEXT_PTR_INVALID_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x04UL)
/*! Invalid RND generate vector functions pointer */
#define CC_EC_EDW_RND_GEN_VECTOR_FUNC_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x05UL)
/*! Signing or verification operation failed */
#define CC_EC_EDW_SIGN_VERIFY_FAILED_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x20UL)
/*! Illegal input pointer */
#define CC_EC_MONT_INVALID_INPUT_POINTER_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x30UL)
/*! Illegal input size */
#define CC_EC_MONT_INVALID_INPUT_SIZE_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x31UL)
/*! Illegal domain id */
#define CC_EC_MONT_INVALID_DOMAIN_ID_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x32UL)
/*! Internal PKI error */
#define CC_ECEDW_INTERNAL_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x33UL)
/*! Internal PKI error */
#define CC_ECMONT_INTERNAL_ERROR (CC_EC_MONT_EDW_MODULE_ERROR_BASE + 0x34UL)
/************************************************************************************************************
* NOT SUPPORTED MODULES ERROR IDs *
************************************************************************************************************/
/*! EC montgomery is not supported */
#define CC_EC_MONT_IS_NOT_SUPPORTED (CC_ECPKI_MODULE_ERROR_BASE + 0xFEUL)
/*! EC edwards is not supported */
#define CC_EC_EDW_IS_NOT_SUPPORTED (CC_ECPKI_MODULE_ERROR_BASE + 0xFFUL)
/************************ Enums ********************************/
/************************ Typedefs ****************************/
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
#ifdef __cplusplus
}
#endif
/**
@}
*/
#endif//_MBEDTLS_CC_EC_MONT_EDW_ERROR_H

181
include/mbedtls_extra/mbedtls_cc_ecies.h Normal file
View File

@ -0,0 +1,181 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_ecies
@{
*/
/*!
@file mbedtls_cc_ecies.h
@brief This file contains the CryptoCell Elliptic Curve Integrated Encryption Scheme (ECIES) APIs.
*/
#ifndef _MBEDTLS_CC_ECIES_H
#define _MBEDTLS_CC_ECIES_H
#include "cc_ecpki_types.h"
#include "cc_pal_types_plat.h"
#include "cc_kdf.h"
#include "mbedtls_cc_hkdf.h"
#include "mbedtls/ecp.h"
#ifdef __cplusplus
extern "C"
{
#endif
/*! The maximal length of the ECIES cipher in bytes. */
#define MBEDTLS_ECIES_MAX_CIPHER_LEN_BYTES ((2*CC_ECPKI_MODUL_MAX_LENGTH_IN_WORDS + 1) * sizeof(int))
/*! The minimal length of the ECIES buffer in bytes. */
#define MBEDTLS_ECIES_MIN_BUFF_LEN_BYTES (sizeof(CCEciesTempData_t))
/*!
@brief A macro for creating and encrypting a secret key.
For a description of the parameters see ::mbedtls_ecies_kem_encrypt_full.
*/
#define mbedtls_ecies_kem_encrypt(pGrp, pRecipPublKey, kdfDerivMode, kdfHashMode, \
isSingleHashMode, pSecrKey, secrKeySize, \
pCipherData, pCipherDataSize, pBuff, buffLen, \
f_rng, p_rng) \
mbedtls_ecies_kem_encrypt_full((pGrp), (pRecipPublKey), (kdfDerivMode), (kdfHashMode), \
(isSingleHashMode), NULL, NULL, (pSecrKey), (secrKeySize), \
(pCipherData), (pCipherDataSize), (pBuff), (buffLen), \
f_rng, p_rng)
/*!
@brief This function creates and encrypts (encapsulates) the secret key of
required size, according to <em>ISO/IEC 18033-2:2006: Information technology
-- Security techniques -- Encryption algorithms -- Part 2: Asymmetric
ciphers</em>, ECIES-KEM Encryption.
To call this function in applications, the ::mbedtls_ecies_kem_encrypt macro
definition must be used. The function itself has the additional input of the
external ephemeral key pair, used only for testing purposes.
@note Use KDF2 function mode for compliance with <em>X9.63-2011: Public Key
Cryptography for the Financial Services Industry Key Agreement and Key
Transport Using Elliptic Curve Cryptography</em>. \par
@note The term "sender" indicates an entity that creates and
encapsulates the secret key using this function. The term "recipient"
indicates another entity which receives and decrypts the secret key. \par
@note All public and private keys that are used must relate to the same EC
Domain. \par
@note The user must verify that the public key of the recipient is
on the elliptic curve before it is used in this function.
@return CCError_t \c 0 on success.
*/
CCError_t mbedtls_ecies_kem_encrypt_full(
/*! [in] The ECP group to use. */
mbedtls_ecp_group *pGrp,
/*! [in] A pointer to the public key of the recipient. */
mbedtls_ecp_point *pRecipUzPublKey,
/*! [in] The KDF function mode to use: KDF1 or KDF2. For more
information, see CCKdfDerivFuncMode_t() in cc_kdf.h. */
CCKdfDerivFuncMode_t kdfDerivMode,
/*! [in] The used hash function. */
mbedtls_hkdf_hashmode_t kdfHashMode,
/*! [in] The specific ECIES mode, according to <em>ISO/IEC 18033-2:2006:
Information technology -- Security techniques -- Encryption algorithms
-- Part 2: Asymmetric ciphers</em> - section 10.2: 0: Not-single hash,
or 1: Single hash. */
uint32_t isSingleHashMode,
/*! [in] A pointer to the ephemeral public key related to the private
key. Must be set to NULL if \p pExtEphUzPrivateKey = NULL. */
mbedtls_ecp_point *pExtEphUzPublicKey,
/*! [in] The pointer to the external ephemeral private key. This key
is used only for testing the function. In regular use, the pointer
should be set to NULL and then the random key-pair should be generated
internally. */
mbedtls_mpi *pExtEphUzPrivateKey,
/*! [in] A pointer to the buffer for the secret-key data to be
generated. */
uint8_t *pSecrKey,
/*! [in] The size of the secret-key data in bytes. */
size_t secrKeySize,
/*! [in] A pointer to the encrypted cipher text. */
uint8_t *pCipherData,
/*! [in/out] In: A pointer to the size of the buffer for CipherData
output, or Out: The size of the buffer for CipherData output in
bytes. */
size_t *pCipherDataSize,
/*! [in] A pointer to the temporary buffer. */
void *pBuff,
/*! [in] The size of the buffer pointed by \p pBuff. Must not be less
than #MBEDTLS_ECIES_MIN_BUFF_LEN_BYTES. */
size_t buffLen,
/*! [in] The RNG function required for generating a key pair when
\p pExtEphUzPublicKey and \p pExtEphUzPrivateKey are NULL */
int (*f_rng)(void *, unsigned char *, size_t),
/*! [in] The RNG parameter. */
void *p_rng
);
/*!
@brief This function decrypts the encapsulated secret key passed by the
sender, according to <em>ISO/IEC 18033-2:2006: Information technology --
Security techniques -- Encryption algorithms -- Part 2: Asymmetric
ciphers</em>, sec. 10.2.4 - ECIES-KEM Decryption.
@note The KDF2 function mode must be used for compliance with <em>X9.63-2011:
Public Key Cryptography for the Financial Services Industry Key Agreement
and Key Transport Using Elliptic Curve Cryptograph</em>. \par
@note The term "sender" indicates an entity that creates and
encapsulates the secret key using this function. The term "recipient"
indicates another entity which receives and decrypts the secret key. \par
@note All public and private keys that are used must relate to the same EC
Domain. \par
@return CCError_t \c 0 on success.
*/
CCError_t mbedtls_ecies_kem_decrypt(
/*! [in] The ECP group to use. */
mbedtls_ecp_group *pGrp,
/*! [in] A pointer to the private key of the recipient. */
mbedtls_mpi *pRecipUzPrivKey,
/*! [in] The KDF function mode to use: KDF1 or KDF2. For more
information, see CCKdfDerivFuncMode_t() in cc_kdf.h. */
CCKdfDerivFuncMode_t kdfDerivMode,
/*! [in] The used hash function. */
mbedtls_hkdf_hashmode_t kdfHashMode,
/*! [in] The specific ECIES mode definition: 0,1, according to
<em>ISO/IEC 18033-2:2006: Information technology -- Security techniques
-- Encryption algorithms -- Part 2: Asymmetric ciphers</em> -
section 10.2. */
uint32_t isSingleHashMode,
/*! [in] A pointer to the received encrypted cipher data. */
uint8_t *pCipherData,
/*! [in] The size of the cipher data in bytes. */
size_t cipherDataSize,
/*! [in] A pointer to the buffer for the secret-key data to be
generated. */
uint8_t *pSecrKey,
/*! [in] The size of the secret-key data in bytes. */
size_t secrKeySize,
/*! [in] A pointer to the temporary buffer. */
void *pBuff,
/*! [in] The size of the buffer pointed by \p pBuff. Must not be
less than #MBEDTLS_ECIES_MIN_BUFF_LEN_BYTES. */
size_t buffLen
);
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif

100
include/mbedtls_extra/mbedtls_cc_hkdf.h Normal file
View File

@ -0,0 +1,100 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@file
@brief This file contains the CryptoCell HKDF key-derivation function API.
This function is as defined in
<em>RFC-5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</em>.
*/
/*!
@defgroup cc_hkdf CryptoCell HKDF key-derivation function API
@brief Contains the CryptoCell HMAC key-derivation function API. See mbedtls_cc_hkdf.h.
@{
@ingroup cryptocell_api
@}
*/
#ifndef _MBEDTLS_CC_HKDF_H
#define _MBEDTLS_CC_HKDF_H
#ifdef __cplusplus
extern "C"
{
#endif
#include "cc_pal_types.h"
/*! The maximal size of the HKDF key in words. */
#define CC_HKDF_MAX_HASH_KEY_SIZE_IN_BYTES 512
/*! The maximal size of the HKDF hash-digest in Bytes. */
#define CC_HKDF_MAX_HASH_DIGEST_SIZE_IN_BYTES CC_HASH_SHA512_DIGEST_SIZE_IN_BYTES
/************************ Defines ******************************/
/************************ Enums ********************************/
/*! Supported HKDF hash modes. */
typedef enum
{
/*! SHA-1 mode. */
CC_HKDF_HASH_SHA1_mode = 0,
/*! SHA-224 mode. */
CC_HKDF_HASH_SHA224_mode = 1,
/*! SHA-256 mode. */
CC_HKDF_HASH_SHA256_mode = 2,
/*! SHA-384 mode. */
CC_HKDF_HASH_SHA384_mode = 3,
/*! SHA-512 mode. */
CC_HKDF_HASH_SHA512_mode = 4,
/*! The maximal number of hash modes. */
CC_HKDF_HASH_NumOfModes,
/*! Reserved. */
CC_HKDF_HASH_OpModeLast = 0x7FFFFFFF,
}mbedtls_hkdf_hashmode_t;
/************************ Typedefs ****************************/
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
/****************************************************************/
/*********************************************************************************************************/
/*!
@brief mbedtls_hkdf_key_derivation() performs the HMAC-based key derivation, as define by
<em>RFC-5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</em>.
@return \c CC_OK on success.
@return A non-zero value on failure as defined in cc_kdf_error.h, or in md.h.
*/
CCError_t mbedtls_hkdf_key_derivation(
mbedtls_hkdf_hashmode_t HKDFhashMode, /*!< [in] The HKDF identifier of the hash function to be used. */
uint8_t* Salt_ptr, /*!< [in] A pointer to a non-secret random value. Can be NULL. */
size_t SaltLen, /*!< [in] The size of the \p Salt_ptr. */
uint8_t* Ikm_ptr, /*!< [in] A pointer to an input key message. */
uint32_t IkmLen, /*!< [in] The size of the input key message */
uint8_t* Info, /*!< [in] A pointer to an optional context and application-specific information. Can be NULL */
uint32_t InfoLen, /*!< [in] The size of the application-specific information. */
uint8_t* Okm, /*!< [in] A pointer to an output key material. */
uint32_t OkmLen, /*!< [in] The size of the output key material. */
CCBool IsStrongKey /*!< [in] If TRUE, no need to perform the extraction phase. */
);
#ifdef __cplusplus
}
#endif
#endif

60
include/mbedtls_extra/mbedtls_cc_hkdf_error.h Normal file
View File

@ -0,0 +1,60 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@file
@brief This file contains the error definitions of the CryptoCell HKDF APIs.
*/
/*!
@defgroup cc_hkdf_error Specific errors of the HKDF key-derivation APIs
@brief Contains the CryptoCell HKDF-API error definitions. See mbedtls_cc_hkdf_error.h.
@{
@ingroup cc_hkdf
@}
*/
#ifndef _MBEDTLS_CC_HKDF_ERROR_H
#define _MBEDTLS_CC_HKDF_ERROR_H
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines *******************************/
/* The base address for the CryptoCell HKDF module errors - 0x00F01100. */
/*! Invalid argument. */
#define CC_HKDF_INVALID_ARGUMENT_POINTER_ERROR (CC_HKDF_MODULE_ERROR_BASE + 0x0UL)
/*! Invalid argument size. */
#define CC_HKDF_INVALID_ARGUMENT_SIZE_ERROR (CC_HKDF_MODULE_ERROR_BASE + 0x1UL)
/*! Illegal hash mode. */
#define CC_HKDF_INVALID_ARGUMENT_HASH_MODE_ERROR (CC_HKDF_MODULE_ERROR_BASE + 0x3UL)
/*! HKDF not supported. */
#define CC_HKDF_IS_NOT_SUPPORTED (CC_HKDF_MODULE_ERROR_BASE + 0xFFUL)
/************************ Enums *********************************/
/************************ Typedefs *****************************/
/************************ Structs ******************************/
/************************ Public Variables **********************/
/************************ Public Functions **********************/
#ifdef __cplusplus
}
#endif
#endif //_MBEDTLS_CC_HKDF_ERROR_H

397
include/mbedtls_extra/mbedtls_cc_srp.h Normal file
View File

@ -0,0 +1,397 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_srp
@{
*/
/*!
@file
@brief This file contains all of the CryptoCell SRP APIs, their enums and
definitions.
*/
#ifndef _MBEDTLS_CC_SRP_H
#define _MBEDTLS_CC_SRP_H
#include "cc_pal_types.h"
#include "cc_error.h"
#include "cc_pka_defs_hw.h"
#include "cc_hash_defs.h"
#include "cc_rnd_common.h"
#ifdef __cplusplus
extern "C"
{
#endif
/*!\internal The following describes the SRP APIs usage for the Device and the Accessory :*
Device (User) Accessory (Host)
* -------------- -----------------
1. CC_SRP_HK_INIT(CC_SRP_USER, .......) CC_SRP_HK_INIT(CC_SRP_HOST, .....)
2. CC_SrpPwdVerCreate(..)
3. CC_SrpUserPubKeyCreate(..) CC_SrpHostPubKeyCreate(..)
4. CC_SrpUserProofCalc(..)
5. CC_SrpHostProofVerifyAndCalc(..)
6. CC_SrpUserProofVerify(..)
7. CC_SrpClear(..) CC_SrpClear(..)
*/
/************************ Defines ******************************/
/* The SRP modulus sizes. */
/*! SRP modulus size of 1024 bits. */
#define CC_SRP_MODULUS_SIZE_1024_BITS 1024
/*! SRP modulus size of 1536 bits. */
#define CC_SRP_MODULUS_SIZE_1536_BITS 1536
/*! SRP modulus size of 2048 bits. */
#define CC_SRP_MODULUS_SIZE_2048_BITS 2048
/*! SRP modulus size of 3072 bits. */
#define CC_SRP_MODULUS_SIZE_3072_BITS 3072
/*! The maximal size of the SRP modulus in bits. */
#define CC_SRP_MAX_MODULUS_IN_BITS CC_SRP_MODULUS_SIZE_3072_BITS
/*! The maximal size of the SRP modulus in bytes. */
#define CC_SRP_MAX_MODULUS (CC_SRP_MAX_MODULUS_IN_BITS/CC_BITS_IN_BYTE)
/*! The maximal size of the SRP modulus in words. */
#define CC_SRP_MAX_MODULUS_IN_WORDS (CC_SRP_MAX_MODULUS_IN_BITS/CC_BITS_IN_32BIT_WORD)
/* SRP private number size range. */
/*! The minimal size of the SRP private number in bits. */
#define CC_SRP_PRIV_NUM_MIN_SIZE_IN_BITS (256)
/*! The minimal size of the SRP private number in bytes. */
#define CC_SRP_PRIV_NUM_MIN_SIZE (CC_SRP_PRIV_NUM_MIN_SIZE_IN_BITS/CC_BITS_IN_BYTE)
/*! The minimal size of the SRP private number in words. */
#define CC_SRP_PRIV_NUM_MIN_SIZE_IN_WORDS (CC_SRP_PRIV_NUM_MIN_SIZE_IN_BITS/CC_BITS_IN_32BIT_WORD)
/*! The maximal size of the SRP private number in bits. */
#define CC_SRP_PRIV_NUM_MAX_SIZE_IN_BITS (CC_SRP_MAX_MODULUS_IN_BITS)
/*! The maximal size of the SRP private number in bytes. */
#define CC_SRP_PRIV_NUM_MAX_SIZE (CC_SRP_PRIV_NUM_MAX_SIZE_IN_BITS/CC_BITS_IN_BYTE)
/*! The maximal size of the SRP private number in words. */
#define CC_SRP_PRIV_NUM_MAX_SIZE_IN_WORDS (CC_SRP_PRIV_NUM_MAX_SIZE_IN_BITS/CC_BITS_IN_32BIT_WORD)
/*! The maximal size of the SRP hash digest in words. */
#define CC_SRP_MAX_DIGEST_IN_WORDS CC_HASH_RESULT_SIZE_IN_WORDS
/*! The maximal size of the SRP hash digest in bytes. */
#define CC_SRP_MAX_DIGEST (CC_SRP_MAX_DIGEST_IN_WORDS*CC_32BIT_WORD_SIZE)
/*! The minimal size of the salt in bytes. */
#define CC_SRP_MIN_SALT_SIZE (8)
/*! The minimal size of the salt in words. */
#define CC_SRP_MIN_SALT_SIZE_IN_WORDS (CC_SRP_MIN_SALT_SIZE/CC_32BIT_WORD_SIZE)
/*! The maximal size of the salt in bytes. */
#define CC_SRP_MAX_SALT_SIZE (64)
/*! The maximal size of the salt in words. */
#define CC_SRP_MAX_SALT_SIZE_IN_WORDS (CC_SRP_MAX_SALT_SIZE/CC_32BIT_WORD_SIZE)
/************************ Typedefs ****************************/
/*! The definition of the SRP modulus buffer. */
typedef uint8_t mbedtls_srp_modulus[CC_SRP_MAX_MODULUS];
/*! The definition of the SRP digest buffer. */
typedef uint8_t mbedtls_srp_digest[CC_SRP_MAX_DIGEST];
/*! The definition of the SRP session key. */
typedef uint8_t mbedtls_srp_sessionKey[2*CC_SRP_MAX_DIGEST];
/************************ Enums ********************************/
/*! Supported SRP versions. */
typedef enum {
/*! SRP version 3. */
CC_SRP_VER_3 = 0,
/*! SRP version 6. */
CC_SRP_VER_6 = 1,
/*! SRP version 6A. */
CC_SRP_VER_6A = 2,
/*! SRP version HK. */
CC_SRP_VER_HK = 3,
/*! The maximal number of supported versions. */
CC_SRP_NumOfVersions,
/*! Reserved.*/
CC_SRP_VersionLast= 0x7FFFFFFF,
}mbedtls_srp_version_t;
/*! SRP entity types. */
typedef enum {
/*! The host entity, also known as server, verifier, or accessory. */
CC_SRP_HOST = 1,
/*! The user entity, also known as client, or device. */
CC_SRP_USER = 2,
/*! The maximal number of entities types. */
CC_SRP_NumOfEntityType,
/*! Reserved. */
CC_SRP_EntityLast= 0x7FFFFFFF,
}mbedtls_srp_entity_t;
/************************ Structs ******************************/
/*!
@brief Group parameters for the SRP.
Defines the modulus and the generator used.
*/
typedef struct mbedtls_srp_group_param {
/*! The SRP modulus. */
mbedtls_srp_modulus modulus;
/*! The SRP generator. */
uint8_t gen;
/*! The size of the SRP modulus in bits. */
size_t modSizeInBits;
/*! The valid SRP Np. */
uint32_t validNp;
/*! The SRP Np buffer. */
uint32_t Np[CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS];
}mbedtls_srp_group_param;
/************************ context Structs ******************************/
/*! The SRP context prototype */
typedef struct mbedtls_srp_context {
/*! The SRP entitiy type. */
mbedtls_srp_entity_t srpType;
/*! The SRP version. */
mbedtls_srp_version_t srpVer;
/*! The group parameter including the modulus information. */// N, g, Np
mbedtls_srp_group_param groupParam;
/*! The hash mode. */
CCHashOperationMode_t hashMode;
/*! The hash digest size. */
size_t hashDigestSize;
/*! The session key size. */
size_t sessionKeySize;
/*! A pointer to the RND context. */
CCRndContext_t *pRndCtx;
/*! The modulus. */ // a or b
mbedtls_srp_modulus ephemPriv;
/*! The modulus size. */
size_t ephemPrivSize;
/*! The user-name digest. */// M
mbedtls_srp_digest userNameDigest;
/*! The cred digest. */ // p
mbedtls_srp_digest credDigest;
/*! The SRP K multiplier. */ // k multiplier
mbedtls_srp_digest kMult;
}mbedtls_srp_context;
/************************ SRP common Functions **********************/
/*****************************************************************************/
/*!
@brief This function initiates the SRP context.
@return \c CC_OK on success.
@return A non-zero value on failure as defined in mbedtls_cc_srp_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_init(
/*! [in] The SRP entity type. */
mbedtls_srp_entity_t srpType,
/*! [in] The SRP version. */
mbedtls_srp_version_t srpVer,
/*! [in] A pointer to the SRP modulus, BE Byte buffer. */
mbedtls_srp_modulus srpModulus,
/*! [in] The SRP generator param. */
uint8_t srpGen,
/*! [in] The size of the SRP modulus in bits. Valid values are: 1024
bits, 1536 bits, 2048 bits, or 3072 bits. */
size_t modSizeInBits,
/*! [in] The hash mode. */
CCHashOperationMode_t hashMode,
/*! [in] A pointer to the username. */
uint8_t *pUserName,
/*! [in] The size of the username buffer. Must be larger than 0. */
size_t userNameSize,
/*! [in] A pointer to the user password. */
uint8_t *pPwd,
/*! [in] The size of the user-password buffer. Must be larger than 0
if \p pPwd is valid. */
size_t pwdSize,
/*! [in] A pointer to the RND context. */
CCRndContext_t *pRndCtx,
/*! [out] A pointer to the SRP host context. */
mbedtls_srp_context *pCtx
);
/*! Macro definition for a specific SRP-initialization function. */
#define CC_SRP_HK_INIT(srpType, srpModulus, srpGen, modSizeInBits, pUserName, userNameSize, pPwd, pwdSize, pRndCtx, pCtx) \
mbedtls_srp_init(srpType, CC_SRP_VER_HK, srpModulus, srpGen, modSizeInBits, CC_HASH_SHA512_mode, pUserName, userNameSize, pPwd, pwdSize, pRndCtx, pCtx)
/*****************************************************************************/
/*!
@brief This function calculates \p pSalt and \p pwdVerifier.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h,
cc_rnd_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_pwd_ver_create(
/*! [in] The size of the random salt to generate. The range is between
#CC_SRP_MIN_SALT_SIZE and #CC_SRP_MAX_SALT_SIZE. */
size_t saltSize,
/*! [out] A pointer to the \p pSalt number (s). */
uint8_t *pSalt,
/*! [out] A pointer to the password verifier (v). */
mbedtls_srp_modulus pwdVerifier,
/*! [out] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/*****************************************************************************/
/*!
@brief This function clears the SRP context.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_clear(
/*! [in/out] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/************************ SRP Host Functions **********************/
/*****************************************************************************/
/*!
@brief This function generates the public and private host ephemeral keys,
known as B and b in <em>RFC 5054 Using the Secure Remote Password (SRP)
Protocol for TLS Authentication</em>.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h or
cc_rnd_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_host_pub_key_create(
/*! [in] The size of the generated ephemeral private key (b). The range
is between #CC_SRP_PRIV_NUM_MIN_SIZE and #CC_SRP_PRIV_NUM_MAX_SIZE */
size_t ephemPrivSize,
/*! [in] A pointer to the verifier (v). */
mbedtls_srp_modulus pwdVerifier,
/*! [out] A pointer to the host ephemeral public key (B). */
mbedtls_srp_modulus hostPubKeyB,
/*! [in/out] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/*!
@brief This function verifies the user proof, and calculates the host-message
proof.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_host_proof_verify_and_calc(
/*! [in] The size of the random salt. The range is between
#CC_SRP_MIN_SALT_SIZE and #CC_SRP_MAX_SALT_SIZE. */
size_t saltSize,
/*! [in] A pointer to the pSalt number. */
uint8_t *pSalt,
/*! [in] A pointer to the password verifier (v). */
mbedtls_srp_modulus pwdVerifier,
/*! [in] A pointer to the ephemeral public key of the user (A). */
mbedtls_srp_modulus userPubKeyA,
/*! [in] A pointer to the ephemeral public key of the host (B). */
mbedtls_srp_modulus hostPubKeyB,
/*! [in] A pointer to the SRP user-proof buffer (M1). */
mbedtls_srp_digest userProof,
/*! [out] A pointer to the SRP host-proof buffer (M2). */
mbedtls_srp_digest hostProof,
/*! [out] A pointer to the SRP session key (K). */
mbedtls_srp_sessionKey sessionKey,
/*! [in] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/************************ SRP User Functions **********************/
/*****************************************************************************/
/*!
@brief This function generates public and private user ephemeral keys, known
as A and a in <em>RFC 5054 Using the Secure Remote Password (SRP) Protocol
for TLS Authentication</em>.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h or
cc_rnd_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_user_pub_key_create(
/*! [in] The size of the generated ephemeral private key (a). The range
is between #CC_SRP_PRIV_NUM_MIN_SIZE and #CC_SRP_PRIV_NUM_MAX_SIZE.
The size must be 32 bit aligned */
size_t ephemPrivSize,
/*! [out] A pointer to the user ephemeral public key (A). */
mbedtls_srp_modulus userPubKeyA,
/*! [in/out] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/*****************************************************************************/
/*!
@brief This function calculates the user proof.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_user_proof_calc(
/*! [in] The size of the random salt. The range is between
#CC_SRP_MIN_SALT_SIZE and #CC_SRP_MAX_SALT_SIZE. */
size_t saltSize,
/*! [in] A pointer to the pSalt number. */
uint8_t *pSalt,
/*! [in] A pointer to the public ephmeral key of the user (A). */
mbedtls_srp_modulus userPubKeyA,
/*! [in] A pointer to the public ephmeral key of the host (B). */
mbedtls_srp_modulus hostPubKeyB,
/*! [out] A pointer to the SRP user proof buffer (M1). */
mbedtls_srp_digest userProof,
/*! [out] A pointer to the SRP session key (K). */
mbedtls_srp_sessionKey sessionKey,
/*! [out] A pointer to the SRP context. */
mbedtls_srp_context *pCtx
);
/*****************************************************************************/
/*!
@brief This function verifies the host proof.
@return \c CC_OK on success.
@return A non-zero value on failure, as defined in mbedtls_cc_srp_error.h.
*/
CIMPORT_C CCError_t mbedtls_srp_user_proof_verify(
/*! [in] A pointer to the SRP session key (K). */
mbedtls_srp_sessionKey sessionKey,
/*! [in] A pointer to the public ephmeral key of the user (A). */
mbedtls_srp_modulus userPubKeyA,
/*! [in] A pointer to the SRP user proof buffer (M1). */
mbedtls_srp_digest userProof,
/*! [in] A pointer to the SRP host proof buffer (M2). */
mbedtls_srp_digest hostProof,
/*! [out] A pointer to the SRP user context. */
mbedtls_srp_context *pCtx
);
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif /* #ifndef _MBEDTLS_CC_SRP_H */

62
include/mbedtls_extra/mbedtls_cc_srp_error.h Normal file
View File

@ -0,0 +1,62 @@
/*
* Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*!
@addtogroup cc_srp_errors
@{
*/
/*!
@file
@brief This file contains the error definitions of the CryptoCell SRP APIs.
*/
#ifndef _MBEDTLS_CC_SRP_ERROR_H
#define _MBEDTLS_CC_SRP_ERROR_H
#include "cc_error.h"
#ifdef __cplusplus
extern "C"
{
#endif
/************************ Defines ******************************/
/* The base address errors of the CryptoCell SRP module - 0x00F02600 */
/*! Illegal parameter. */
#define CC_SRP_PARAM_INVALID_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x01UL)
/*! Illegal modulus size. */
#define CC_SRP_MOD_SIZE_INVALID_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x02UL)
/*! Illegal state (uninitialized) . */
#define CC_SRP_STATE_UNINITIALIZED_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x03UL)
/*! Result validation error. */
#define CC_SRP_RESULT_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x04UL)
/*! Invalid parameter. */
#define CC_SRP_PARAM_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x05UL)
/*! Internal PKI error. */
#define CC_SRP_INTERNAL_ERROR (CC_SRP_MODULE_ERROR_BASE + 0x06UL)
/************************ Enums ********************************/
/************************ Typedefs ****************************/
/************************ Structs *****************************/
/************************ Public Variables *********************/
/************************ Public Functions *********************/
#ifdef __cplusplus
}
#endif
/*!
@}
*/
#endif //_MBEDTLS_CC_SRP_ERROR_H

3328
include/nrf-config-cc310.h Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
lib/libnrf_cc310_core_0.9.14.a Normal file
View File

Binary file not shown.